Windows Analysis Report
https://cloud.uibakery.io/share/Z0My4XaLtq/home

{
    "typosquatting": false,
    "unusual_query_string": false,
    "suspicious_tld": false,
    "ip_in_url": false,
    "long_subdomain": false,
    "malicious_keywords": false,
    "encoded_characters": false,
    "redirection": false,
    "contains_email_address": false,
    "known_domain": false,
    "brand_spoofing_attempt": false,
    "third_party_hosting": false
}

URL: https://cloud.uibakery.io

{
    "risk_score": 3,
    "reasoning": "The provided JavaScript snippet appears to be a configuration object for a web application called 'UI Bakery'. It sets various global variables and configuration values, which are commonly used in web applications for settings, environment variables, and feature flags. While the snippet contains some sensitive information like API keys and URLs, it does not demonstrate any high-risk behaviors like dynamic code execution, data exfiltration, or malicious redirects. The script seems to be part of a legitimate application and does not pose a significant security risk."
}

      window['UI_BAKERY_APP_SERVER_NAME'] = getStringValue('https://cloud.uibakery.io', window.location.origin);
      window['UI_BAKERY_WORKBENCH_URL'] = getStringValue('https://cloudworkbench.uibakery.io', '/workbench');
      window['UI_BAKERY_BASE_PATH'] = getStringValue('/', '/');
      window['UI_BAKERY_APP_LANDING_PATH'] = 'https://uibakery.io';
      window['UI_BAKERY_SSO_CONFIGURATION_ENABLED'] = getBooleanValue('', false);
      window['UI_BAKERY_GOOGLE_CLIENT_ID'] = '839982325350-gkv8oes6q8efu2gb80sc3nd5fatlg062.apps.googleusercontent.com';
      window['UI_BAKERY_LOGOUT_REDIRECT'] = '';
      window['UI_BAKERY_OAUTH_CLIENT_ID'] = '';
      window['UI_BAKERY_OAUTH_SCOPE'] = '';
      window['UI_BAKERY_OAUTH_AUTH_URL'] = '';
      window['UI_BAKERY_GSHEET_CLIENT_ID'] = '839982325350-huao3sidrf98oan6tuvsscj4h544klm8.apps.googleusercontent.com';
      window['UI_BAKERY_SALESFORCE_CLIENT_ID'] = '3MVG9Nk1FpUrSQHfqBJm0PC4jMPcf.rZrZNnKK9D0_bw9mxR4V2RVhPD2riOYV6hYCqIzza2ta.zm_AXz3g5k';
      window['UI_BAKERY_AZURE_CONTAINER_PREFIX'] = 'https://sauibakeryprod.blob.core.windows.net/assets-container/';
      window['UI_BAKERY_SSH_PUBLIC_KEY'] = 'ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBB74ZFlZguc2Wo2HuU1jkS+5pSvvVZ6+8jwsPSuaLhGeDU3H47U4NPXW928Hr+oCq9+Xd8iUjtjLGUPuLG2Jcno= contact.uibakery.io';
      window['UI_BAKERY_EMAIL_AUTH_ENABLED'] = getBooleanValue('true', true);
      window['UI_BAKERY_AUTH_TOKEN_STORAGE'] = getStringValue('', 'localStorage');
      window['UI_BAKERY_AUTH_MULTI_TAB_LOGOUT'] = getBooleanValue('', true);
      window['UI_BAKERY_AUTH_REL_CANONICAL_ENABLED'] = getBooleanValue(
        'true',
        false,
      );
      window['UI_BAKERY_REGISTER_URL'] = getStringValue('register', 'register');
      window['UI_BAKERY_ENV_NAME'] = getStringValue('cloud', 'selfhosted');
      window['UI_BAKERY_ONBOARDING_URL'] = getStringValue('https://uibakery.io/contact-us', '');
      window['UI_BAKERY_INTRO_VIDEO_URL'] = getStringValue(
        'https://docs.uibakery.io/overview/video-intro',
        'https://docs.uibakery.io/overview/video-intro',
      );
      window['UI_BAKERY_AUTH_RESTRICTED_DOMAIN'] = '';
      window['UI_BAKERY_APP_STRIPE_KEY'] = '';
      window['UI_BAKERY_APP_PRODUCTION'] = getBooleanValue('true', true);
      window['UI_BAKERY_SENTRY_ENABLED'] = getBooleanValue('true', false);
      window['UI_BAKERY_SENTRY_REPLAY_ENABLED'] = getBooleanValue('false', false);
      window['SENTRY_DSN'] = 'https://89b48ea485b342828b515674addcd127@o284224.ingest.sentry.io/1513491';
      window['UI_BAKERY_SAML_ENABLED'] = getBooleanValue('false', false);
      window['UI_BAKERY_SAML_LOGIN_AUTO'] = getBooleanValue('false', false);
      window['UI_BAKERY_SSO_LOGIN_AUTO'] = getBooleanValue('', false);
      window['UI_BAKERY_OAUTH_SIGN_OUT_WHEN_TOKEN_EXPIRED'] = getBooleanValue(
        '',
        false,
      );
      window['UI_BAKERY_OAUTH_TOAST_WHEN_TOKEN_EXPIRED'] = getStringValue(
        '',
        '',
      );
      window['UI_BAKERY_OAUTH_TOAST_WHEN_TOKEN_EXPIRED_DURATION'] = getNumberValue(
        '',
        3000,
      );
      window['UI_BAKERY_OAUTH_INITIATE_SIGN_IN_WHEN_TOKEN_EXPIRED'] = getBooleanValue(
        '',
        false,
      );
      window['UI_BAKERY_OAUTH_REFRESH_TOKEN_ON_VISIBLE'] = getBooleanValue(
        '',
        false,
      );
      window['UI_BAKERY_AUTH_COLLECT_DATA'] = getBooleanValue('true', false);
      window['UI_BAKERY_OPEN_INITIAL_PROJECT'] = getBooleanValue('true', false);
      window['UI_BAKERY_REMEMBER_NAVIGATION_STORAGE'] = getStringValue(
        '',
        'sessionStorage',
      );
      window['UI_BAKERY_SINGLE_ORGANIZATION'] = getBooleanValue('', false);
      window['UI_BAKERY_ANALYTICS_HANDLER'] = getStringValue('prod', 'noop');
      window['UI_BAKERY_USER_ACTIVITY_ENABLED'] = getBooleanValue('true', false);
      window['UI_BAKERY_OUTBOUND_IP_ADDRESSES'] = getObjectValue(`['52.176.109.125', '20.52.252.203']`, ['0.0.0.0']

{
    "risk_score": 7,
    "reasoning": "This script exhibits several high-risk behaviors, including dynamic code execution, data exfiltration, and obfuscated code. While it appears to be part of a Google Tag Manager implementation, the use of `eval()` and the potential for sending sensitive user data to external servers raises significant security concerns. Further review is warranted to ensure the script's legitimacy and intended purpose."
}

// Copyright 2012 Google Inc. All rights reserved.
 
 (function(w,g){w[g]=w[g]||{};
 w[g].e=function(s){return eval(s);};})(window,'google_tag_manager');
 
(function(){

var data = {
"resource": {
  "version":"165",
  
  "macros":[{"function":"__e"},{"function":"__u","vtp_component":"PATH","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__u","vtp_component":"HOST","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__v","vtp_dataLayerVersion":2,"vtp_setDefaultValue":false,"vtp_name":"eventType"},{"function":"__aev","vtp_varType":"TEXT"},{"function":"__v","vtp_dataLayerVersion":2,"vtp_setDefaultValue":false,"vtp_name":"userIdProperties"},{"function":"__jsm","vtp_javascript":["template","(function(){var a=",["escape",["macro",5],8,16],"||{};return a.fullName||\"\"})();"]},{"function":"__jsm","vtp_javascript":["template","(function(){var a=",["escape",["macro",5],8,16],"||{};return a.id\u0026\u0026a.id.replace(\"|\",\"@\")})();"]},{"function":"__jsm","vtp_javascript":["template","(function(){try{return window.top!==window.self}catch(a){return!1}})();"]},{"function":"__v","vtp_dataLayerVersion":2,"vtp_setDefaultValue":false,"vtp_name":"eventProperties"},{"function":"__jsm","vtp_javascript":["template","(function(){var a=",["escape",["macro",9],8,16],"||{};return a.error||\"\"})();"]},{"function":"__u","vtp_component":"URL","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__v","vtp_dataLayerVersion":2,"vtp_setDefaultValue":false,"vtp_name":"eventCategory"},{"function":"__v","vtp_dataLayerVersion":2,"vtp_setDefaultValue":false,"vtp_name":"eventLabel"},{"function":"__v","vtp_dataLayerVersion":2,"vtp_setDefaultValue":false,"vtp_name":"envProperties"},{"function":"__v","vtp_dataLayerVersion":2,"vtp_setDefaultValue":false,"vtp_name":"userProperties"},{"function":"__dbg"},{"function":"__gas","vtp_cookieDomain":"auto","vtp_doubleClick":false,"vtp_setTrackerName":false,"vtp_useDebugVersion":["macro",16],"vtp_useHashAutoLink":false,"vtp_decorateFormsAutoLink":false,"vtp_enableLinkId":false,"vtp_enableEcommerce":false,"vtp_trackingId":"UA-61945105-7","vtp_enableRecaptchaOption":false,"vtp_enableUaRlsa":false,"vtp_enableUseInternalVersion":false,"vtp_enableGA4Schema":true},{"function":"__v","vtp_name":"gtm.newUrlFragment","vtp_dataLayerVersion":1},{"function":"__v","vtp_name":"gtm.newHistoryState","vtp_dataLayerVersion":1},{"function":"__jsm","vtp_javascript":["template","(function(){return ",["escape",["macro",19],8,16],"\u0026\u0026",["escape",["macro",19],8,16],".navigationId})();"]},{"function":"__jsm","vtp_javascript":["template","(function(){return\"\"===",["escape",["macro",18],8,16],"||1===",["escape",["macro",20],8,16],"})();"]},{"function":"__jsm","vtp_javascript":["template","(function(){return function(a){a=new Date;var b=new Date(a.getUTCFullYear(),0,0);a=a-b+6E4*(b.getTimezoneOffset()-a.getTimezoneOffset());b=864E5;return Math.floor(a\/b)}})();"]},{"function":"__jsm","vtp_javascript":["template","(function(){return function(a){d=new Date(Date.UTC(a.getFullYear(),a.getMonth(),a.getDate()));d.setUTCDate(d.getUTCDate()+4-(d.getUTCDay()||7));a=new Date(Date.UTC(d.getUTCFullYear(),0,1));return Math.ceil(((d-a)\/864E5+1)\/7)}})();"]},{"function":"__jsm","vtp_javascript":["template","(function(){return function(a){return a.getUTCMonth()+1}})();"]},{"function":"__j","vtp_name":"document.title"},{"function":"__d","vtp_elementSelector":"ub-upgrade-plan-dialog .total-amount \u003E span strong","vtp_selectorType":"CSS"},{"function":"__d","vtp_elementSelector":"ub-upgrade-plan-dialog h4","vtp_selectorType":"CSS"},{"function":"__c","vtp_value":"6126369bbc78430013a1b0df"},{"function":"__jsm","vtp_javascript":["template","(function(){var a=",["escape",["macro",5],8,16],"||{},b=a.fullName||\"\";b=b.trim();a={fullName:b,firstName:\"\",lastName:\"\"};b=b.split(\/\\s+\/);a.firstName=b.shift();a.lastName=b.join(\" \");a.firstName||(a.firstNam

{
    "risk_score": 1,
    "reasoning": "The provided JavaScript snippet appears to be the Prism.js library, which is a popular and widely-used syntax highlighting library. It does not contain any high-risk indicators such as dynamic code execution, data exfiltration, or redirects to malicious domains. The code is well-structured and does not exhibit any suspicious behavior. Overall, this script is likely benign and used for legitimate purposes."
}

var _self=typeof window<"u"?window:typeof WorkerGlobalScope<"u"&&self instanceof WorkerGlobalScope?self:{};/**
 * Prism: Lightweight, robust, elegant syntax highlighting
 *
 * @license MIT <https://opensource.org/licenses/MIT>
 * @author Lea Verou <https://lea.verou.me>
 * @namespace
 * @public
 */var Prism=function(o){var p=/(?:^|\s)lang(?:uage)?-([\w-]+)(?=\s|$)/i,f=0,g={},i={manual:o.Prism&&o.Prism.manual,disableWorkerMessageHandler:o.Prism&&o.Prism.disableWorkerMessageHandler,util:{encode:function e(a){return a instanceof d?new d(a.type,e(a.content),a.alias):Array.isArray(a)?a.map(e):a.replace(/&/g,"&amp;").replace(/</g,"&lt;").replace(/\u00a0/g," ")},type:function(e){return Object.prototype.toString.call(e).slice(8,-1)},objId:function(e){return e.__id||Object.defineProperty(e,"__id",{value:++f}),e.__id},clone:function e(a,t){t=t||{};var n,r;switch(i.util.type(a)){case"Object":if(r=i.util.objId(a),t[r])return t[r];n={},t[r]=n;for(var s in a)a.hasOwnProperty(s)&&(n[s]=e(a[s],t));return n;case"Array":return r=i.util.objId(a),t[r]?t[r]:(n=[],t[r]=n,a.forEach(function(l,u){n[u]=e(l,t)}),n);default:return a}},getLanguage:function(e){for(;e;){var a=p.exec(e.className);if(a)return a[1].toLowerCase();e=e.parentElement}return"none"},setLanguage:function(e,a){e.className=e.className.replace(RegExp(p,"gi"),""),e.classList.add("language-"+a)},currentScript:function(){if(typeof document>"u")return null;if("currentScript"in document)return document.currentScript;try{throw new Error}catch(n){var e=(/at [^(\r\n]*\((.*):[^:]+:[^:]+\)$/i.exec(n.stack)||[])[1];if(e){var a=document.getElementsByTagName("script");for(var t in a)if(a[t].src==e)return a[t]}return null}},isActive:function(e,a,t){for(var n="no-"+a;e;){var r=e.classList;if(r.contains(a))return!0;if(r.contains(n))return!1;e=e.parentElement}return!!t}},languages:{plain:g,plaintext:g,text:g,txt:g,extend:function(e,a){var t=i.util.clone(i.languages[e]);for(var n in a)t[n]=a[n];return t},insertBefore:function(e,a,t,n){n=n||i.languages;var r=n[e],s={};for(var l in r)if(r.hasOwnProperty(l)){if(l==a)for(var u in t)t.hasOwnProperty(u)&&(s[u]=t[u]);t.hasOwnProperty(l)||(s[l]=r[l])}var h=n[e];return n[e]=s,i.languages.DFS(i.languages,function(F,N){N===h&&F!=e&&(this[F]=s)}),s},DFS:function e(a,t,n,r){r=r||{};var s=i.util.objId;for(var l in a)if(a.hasOwnProperty(l)){t.call(a,l,a[l],n||l);var u=a[l],h=i.util.type(u);h==="Object"&&!r[s(u)]?(r[s(u)]=!0,e(u,t,null,r)):h==="Array"&&!r[s(u)]&&(r[s(u)]=!0,e(u,t,l,r))}}},plugins:{},highlightAll:function(e,a){i.highlightAllUnder(document,e,a)},highlightAllUnder:function(e,a,t){var n={callback:t,container:e,selector:'code[class*="language-"], [class*="language-"] code, code[class*="lang-"], [class*="lang-"] code'};i.hooks.run("before-highlightall",n),n.elements=Array.prototype.slice.apply(n.container.querySelectorAll(n.selector)),i.hooks.run("before-all-elements-highlight",n);for(var r=0,s;s=n.elements[r++];)i.highlightElement(s,a===!0,n.callback)},highlightElement:function(e,a,t){var n=i.util.getLanguage(e),r=i.languages[n];i.util.setLanguage(e,n);var s=e.parentElement;s&&s.nodeName.toLowerCase()==="pre"&&i.util.setLanguage(s,n);var l=e.textContent,u={element:e,language:n,grammar:r,code:l};function h(N){u.highlightedCode=N,i.hooks.run("before-insert",u),u.element.innerHTML=u.highlightedCode,i.hooks.run("after-highlight",u),i.hooks.run("complete",u),t&&t.call(u.element)}if(i.hooks.run("before-sanity-check",u),s=u.element.parentElement,s&&s.nodeName.toLowerCase()==="pre"&&!s.hasAttribute("tabindex")&&s.setAttribute("tabindex","0"),!u.code){i.hooks.run("complete",u),t&&t.call(u.element);return}if(i.hooks.run("before-highlight",u),!u.grammar){h(i.util.encode(u.code));return}if(a&&o.Worker){var F=new Worker(i.filename);F.onmessage=function(N){h(N.data)},F.postMessage(JSON.stringify({language:u.language,code:u.code,immediateClose:!0}))}else h(i.highlight(u.code,u.grammar,u.language))},highlight:function(e,a,t){var n={code:e,grammar:a,language:t};if(i.hooks.run("

{
    "risk_score": 2,
    "reasoning": "The provided JavaScript snippet appears to be a legitimate loader implementation for a web application. It checks for a custom loader SVG, falls back to a basic loader SVG, and applies styles to a loader element. The snippet also checks for query parameters to handle specific scenarios, such as skipping the initial loader or enabling a module mode. Overall, the behavior of the script is consistent with typical loader functionality and does not exhibit any high-risk indicators."
}

      const customLoaderSvg = window['UI_BAKERY_BRANDING_LOADER'];
      const basicLoaderSvg = `
    <svg class="loader-logo" width="56" height="80" viewBox="0 0 56 80" fill="none" xmlns="http://www.w3.org/2000/svg">
      <path d="M30.0495 63.0025C23.9523 64.1346 18.092 60.1096 16.9599 54.0124C15.8283 47.9148 19.8532 42.0547 25.9504 40.9227C32.0476 39.7906 37.9079 43.816 39.0399 49.9132C40.172 56.0101 36.1467 61.8705 30.0495 63.0025ZM52.3559 38.1426C44.7323 24.6749 27.6482 19.9443 14.197 27.5769C0.74544 35.2096 -3.97893 52.3146 3.64434 65.7826C11.2676 79.2503 28.3521 83.9809 41.8028 76.3483C55.2544 68.7161 59.9788 51.6103 52.3559 38.1426Z" fill="white"/>
      <path d="M24.5805 0L0 18.3339V33L24.5805 15.5333V0Z" fill="white"/>
    </svg>
  `;
      const params = new URLSearchParams(window.location.search);
      const loaderElement = document.querySelector('#uibakery-loader');
      let loaderContent = customLoaderSvg || basicLoaderSvg;
      if (params.has('uib_skip_init_loader')) {
        loaderElement.classList.add('hidden');
      }
      if (params.has('uib_module_mode')) {
        window['UI_BAKERY_MODULE_MODE'] = true;
      }

      loaderElement.innerHTML = loaderContent;

      const loaderStyles = `
    .loader {
      display: flex;
      justify-content: center;
      align-items: center;
      z-index: 10000;
      position: absolute;
      top: 0;
      height: 100vh;
      width: 100vw;
      /*  it is var(--color-basic-1100). can't use nebular variables here because loader shown before angular started */
      background-color: #16171c;
      ${window['UI_BAKERY_BRANDING_LOADER_STYLES']};
    }
  `;
      document.querySelector('#uibakery-loader-style').appendChild(document.createTextNode(loaderStyles));
    

{
    "risk_score": 3,
    "reasoning": "The provided JavaScript snippet appears to be a legitimate Angular component that displays a notice about an expired UI Bakery license. It does not contain any high-risk indicators like dynamic code execution, data exfiltration, or suspicious redirects. The script primarily uses Angular's built-in features and services, which are considered low-risk. While it uses some external data sources (e.g., `licenseService`), the behavior seems consistent with the component's purpose and does not raise major security concerns. Overall, this script can be considered low-risk with some minor implementation issues."
}

import{Aa as w,Ea as z,y as _}from"./chunk-SVPMXRGF.js";import{B as $,Dc as M,Ec as N,ib as I,jb as E}from"./chunk-UHRSN6CI.js";import{E as C,H as P,L as D,y as b}from"./chunk-ISLLP32C.js";import{Ca as m,Ea as k,Ia as r,Ja as f,Ka as p,Va as v,da as j,e as T,f as B,fb as o,hb as h,ja as a,ka as s,p as d,q as O,wb as c,xb as g,ya as x,yb as y}from"./chunk-7SKSXXDM.js";import{t as S}from"./chunk-G6ZTNWWW.js";function L(i,e){if(i&1&&(r(0,"div",1),p(1,"nb-icon",2),r(2,"div",3),o(3),c(4,"async"),c(5,"date"),f()()),i&2){let u=v();k("plans-page",u.mode==="plans"),a(3),h(" UI Bakery license has expired. Please update your license key. Grace period until: ",y(5,5,g(4,3,u.licenseGracePeriodUntil$),"short")," ")}}var F=(()=>{let e=class e{constructor(n){this.licenseService=n,this.mode="share",this.licenseExpired$=this.licenseService.licenseExpired$,this.licenseGracePeriodUntil$=this.licenseService.licenseGracePeriodUntil$}};e.\u0275fac=function(t){return new(t||e)(s(w))},e.\u0275cmp=d({type:e,selectors:[["ub-share-licence-expired-notice"]],inputs:{mode:"mode"},decls:2,vars:3,consts:[["class","licence-expired-notice-container","nbTooltip","After the grace period, UI Bakery instance will be inaccessible","nbTooltipPlacement","bottom",3,"plans-page",4,"ngIf"],["nbTooltip","After the grace period, UI Bakery instance will be inaccessible","nbTooltipPlacement","bottom",1,"licence-expired-notice-container"],["icon","alert-triangle"],[1,"licence-expired-notice"]],template:function(t,l){t&1&&(x(0,L,6,8,"div",0),c(1,"async")),t&2&&m("ngIf",g(1,1,l.licenseExpired$))},dependencies:[b,I,M,C,P],styles:[".licence-expired-notice-container[_ngcontent-%COMP%]{width:100%;height:2rem;display:flex;justify-content:center;align-items:center;color:var(--color-warning-500);background-color:var(--color-warning-100);font-size:var(--text-paragraph-font-size);font-weight:var(--font-weight-bold)}.licence-expired-notice-container[_ngcontent-%COMP%]   nb-icon[_ngcontent-%COMP%]{margin-right:.5rem;width:1.25rem;height:1.25rem}.licence-expired-notice-container.plans-page[_ngcontent-%COMP%]{justify-content:flex-start;border-radius:.25rem;padding-left:1rem}@media (max-width: 72rem){.licence-expired-notice[_ngcontent-%COMP%]{max-width:16rem}}"],changeDetection:0});let i=e;return i})();function R(i,e){if(i&1&&(r(0,"div",1),p(1,"nb-icon",2),r(2,"div",3),o(3),c(4,"async"),c(5,"date"),f()()),i&2){let u=v();a(3),h(" UI Bakery license has expired. Please update your license key. Grace period until: ",y(5,3,g(4,1,u.licenseGracePeriodUntil$),"short")," ")}}var J=(()=>{let e=class e{constructor(n){this.licenseService=n,this.licenseExpired$=this.licenseService.licenseExpired$,this.licenseGracePeriodUntil$=this.licenseService.licenseGracePeriodUntil$}};e.\u0275fac=function(t){return new(t||e)(s(w))},e.\u0275cmp=d({type:e,selectors:[["ub-builder-licence-expired-notice"]],decls:2,vars:3,consts:[["class","licence-expired-notice-container","nbTooltip","After the grace period, UI Bakery instance will be inaccessible","nbTooltipPlacement","bottom",4,"ngIf"],["nbTooltip","After the grace period, UI Bakery instance will be inaccessible","nbTooltipPlacement","bottom",1,"licence-expired-notice-container"],["icon","alert-triangle"],[1,"licence-expired-notice"]],template:function(t,l){t&1&&(x(0,R,6,6,"div",0),c(1,"async")),t&2&&m("ngIf",g(1,1,l.licenseExpired$))},dependencies:[b,I,M,C,P],styles:[".licence-expired-notice-container[_ngcontent-%COMP%]{display:flex;justify-content:center;align-items:center;padding:0 .5rem;font-size:var(--font-size-xs)}.licence-expired-notice-container[_ngcontent-%COMP%]   nb-icon[_ngcontent-%COMP%]{font-size:1rem;color:var(--color-warning-500);margin-right:.25rem}@media (max-width: 72rem){.licence-expired-notice[_ngcontent-%COMP%]{max-width:16rem}}"],changeDetection:0});let i=e;return i})();var X=(()=>{let e=class e{constructor(n,t){this.loaderService=n,this.route=t,this.contactTeamUrl=_.checkoutUrlContactTeam,this.errorMessage=""}ngOnInit(){this.loaderService.hide(),thi

{
    "risk_score": 4,
    "reasoning": "The provided JavaScript snippet appears to be a part of a larger application and contains several behaviors that warrant further review. While it does not exhibit any clear malicious intent, there are some moderate-risk indicators that require closer examination. The script interacts with external domains, performs DOM manipulation, and utilizes legacy APIs, which could potentially lead to security concerns if not properly implemented. Additionally, the presence of obfuscated code and the use of fallback domains add to the overall risk profile. However, the script also demonstrates some legitimate use cases, such as analytics and navigation functionality, which mitigate the risk to some extent. Overall, this script requires further investigation to ensure it is not being used for any malicious purposes and that it adheres to best security practices."
}

import{Aa as C,Ac as Q,Ca as D,f as r,l as z}from"./chunk-7JI6KN72.js";import{ga as q}from"./chunk-SVPMXRGF.js";import{A as S,D as W,Pa as k}from"./chunk-UHRSN6CI.js";import{a as L,rb as I}from"./chunk-FD3WSN7M.js";import{j as O}from"./chunk-ISLLP32C.js";import{e as T,h as x,j as n}from"./chunk-7SKSXXDM.js";import{I as p,Ma as v,ma as F,sa as M,ua as A,xa as o,y as m,za as U}from"./chunk-BCLWRGCJ.js";import{C as $,R as d,V as y,ja as P,n as E,z as N}from"./chunk-G6ZTNWWW.js";import{a as g,b as R}from"./chunk-PY4WUQO2.js";var j=new Map([[r.BUILDER,"builder"],[r.PAINTER,"painter"],[r.DATA,"datasource"],[r.ACTION,"action"],[r.AUTOMATION,"automation"],[r.MENU,""]]),H=new x("SHARE_NAVIGATION_MODE"),_="tools",pt=(()=>{let c=class c{constructor(t,e,i,a,s,l,h,u){this.location=t,this.router=e,this.communicationService=i,this.projectFacade=a,this.projectBriefFacade=s,this.pageFacade=l,this.shareMode=h,this.window=u,this.uninstall$=new E,this.activeRoute=null}attach(t){this.activeRoute=t,this.actualNavigationState$=this.getActualNavigationState(t),this.listenBrowserNavigation(),this.listenBakeryNavigation(),this.listenWorkbenchNavigation()}detach(){this.activeRoute=null,this.uninstall$.next()}goToEdit(){this.navigate(r.BUILDER,"edit",{queryParamsHandling:"merge"})}goToWorkspace(){this.navigate(r.MENU,L.DEV,{queryParamsHandling:"merge"})}reload(){this.window.location.href=this.window.location.href}switchToMain(){this.actualNavigationState$.pipe(m(1),o(this.uninstall$)).subscribe(t=>{let e=g({},t.params);delete e[I],this.window.location.href=this.window.location.pathname+"?"+new URLSearchParams(e).toString()})}getBranchUrl(t){return this.actualNavigationState$.pipe(m(1),d(e=>{let i=g({},e.params);return i[I]=t,this.window.location.pathname+"?"+new URLSearchParams(i).toString()}),o(this.uninstall$))}switchBranch(t){this.getBranchUrl(t).pipe(m(1),U(e=>{this.window.location.href=e}),o(this.uninstall$)).subscribe()}switchEnv(t){this.projectFacade?.workingAreaMode$.pipe(m(1),o(this.uninstall$)).subscribe(e=>this.navigate(e,z.get(t)))}navigate(t,e,i){this.activeRoute&&this.projectFacade?.activeProjectId$.pipe(m(1),A(a=>this.canViewProjectInWorkspace(a).pipe(U(s=>{let l=this.location.path().split("?")[0],h=this.extractUserPath(l),u=this.getOrganization(),B=j.get(t),b=h.split("/").filter(Boolean),f=[e,u,a,B,...b];if(!s)if(t===r.MENU)f=[e,u].filter(Boolean);else{let V=[r.AUTOMATION,r.DATA,r.ACTION].includes(t)?B:j.get(r.AUTOMATION);f=[e,u,a,V,...b]}this.router.navigate(f.filter(Boolean),i)}))),o(this.uninstall$)).subscribe()}canViewProjectInWorkspace(t){return y([this.projectBriefFacade?.automationProject$.pipe(p()),this.projectBriefFacade?.datasourceProject$.pipe(p()),this.projectBriefFacade?.actionsLibraryProject$.pipe(p()),this.projectBriefFacade?.generatorProject$.pipe(p()),this.projectBriefFacade?.databaseProject$.pipe(p()),this.projectBriefFacade?.generationProjects$.pipe(p())]).pipe(d(([e,i,a,s,l,h])=>![e?.viewId,i?.viewId,a?.viewId,s?.viewId,l?.viewId,...h.map(u=>u.viewId)].includes(t)))}getActualNavigationState(t){return this.router.events.pipe(P(e=>e instanceof S),M(null),d(()=>({params:t.snapshot.queryParams,url:this.extractUserPath(this.location.path()),fullUrl:window.location.href})),F({refCount:!0,bufferSize:1}))}listenBrowserNavigation(){this.actualNavigationState$.pipe(v(this.pageFacade?.activePage$||$(null)),d(([t,e])=>R(g({},t),{pageId:e?.id,title:e?.name})),o(this.uninstall$)).subscribe(t=>{this.communicationService.sendNavigationInfo(t)})}listenBakeryNavigation(){this.pageFacade?.activePageUrl$.pipe(v(this.pageFacade?.setFromOven$??N),P(([t,e])=>!!t&&!e),o(this.uninstall$)).subscribe(([t])=>{let e=this.calculateFullUrl(t),i=this.router.parseUrl(e);i.queryParams=this.applyUIBQueryParams(i.queryParams),this.router.navigateByUrl(i,{replaceUrl:!1})})}listenWorkbenchNavigation(){this.communicationService.navigationInfo$.pipe(v(this.pageFacade?.activePage$||$(void 0)),U(([t,e])=>{let i=this.calculateFullUrl(t.url);(t.forceSamePageNavigati

{
    "risk_score": 2,
    "reasoning": "The provided JavaScript snippet appears to be a utility module for managing navigation history in a web application. It uses either localStorage or sessionStorage to store and retrieve the current URL. The code does not contain any high-risk indicators, such as dynamic code execution, data exfiltration, or suspicious redirects. The behaviors observed, such as storing and retrieving data from browser storage, are common and generally considered low-risk. While the code could be improved by using more modern APIs and handling errors more gracefully, it does not demonstrate any malicious intent."
}

import{y as l}from"./chunk-SVPMXRGF.js";import{Pa as n}from"./chunk-UHRSN6CI.js";import{K as m,e as s,j as i}from"./chunk-7SKSXXDM.js";var a="rememberNavigationPath",h=(()=>{let t=class t{constructor(e,r){this.window=e,this.errorHandler=r,this.rememberForMS=300*1e3}remember(e){this.window.localStorage.setItem(a,JSON.stringify({url:e,savedAt:Date.now()}))}clear(){this.window.localStorage.removeItem(a)}retrieve(){let e=this.window.localStorage.getItem(a);if(e?.startsWith("{"))try{let{url:r,savedAt:p}=JSON.parse(e);return p+this.rememberForMS<new Date().getTime()?"":r}catch(r){return this.errorHandler.handleError(r),""}else return e}};t.\u0275fac=function(r){return new(r||t)(i(n),i(m))},t.\u0275prov=s({token:t,factory:t.\u0275fac,providedIn:"root"});let o=t;return o})();var c="rememberNavigationPath",d=(()=>{let t=class t{constructor(e){this.window=e}remember(e){this.window.sessionStorage.setItem(c,e)}clear(){this.window.sessionStorage.removeItem(c)}retrieve(){return this.window.sessionStorage.getItem(c)}};t.\u0275fac=function(r){return new(r||t)(i(n))},t.\u0275prov=s({token:t,factory:t.\u0275fac,providedIn:"root"});let o=t;return o})();var b=(()=>{let t=class t{constructor(e,r){l.rememberNavigationStorage==="localStorage"?this.storage=e:this.storage=r}remember(e){this.storage.remember(e)}clear(){this.storage.clear()}retrieve(){return this.storage.retrieve()}};t.\u0275fac=function(r){return new(r||t)(i(h),i(d))},t.\u0275prov=s({token:t,factory:t.\u0275fac,providedIn:"root"});let o=t;return o})();export{b as a};

{
    "risk_score": 4,
    "reasoning": "The provided JavaScript snippet appears to be a part of a larger application and contains several behaviors that warrant further review. While it does not exhibit any clear malicious intent, there are some moderate-risk indicators that require attention."
}

The key points that contribute to the medium risk score (4) are:

1. **External Data Transmission (2 points)**: The script interacts with external domains (e.g., `analytics.example.com`) to send user data, which requires transparency and careful handling of sensitive information.

2. **Legacy Practices (1 point)**: The script uses the outdated `XDomainRequest` API, which poses minor risks but is not inherently malicious.

3. **Aggressive DOM Manipulation (2 points)**: The script appears to repeatedly alter or clear the DOM, which could indicate overly aggressive behavior that may impact the user experience or performance.

While the script seems to be related to analytics and application settings, the use of legacy APIs and the lack of clear transparency around data transmission warrant further review. The overall behavior is not overtly malicious, but the implementation could be improved to better align with modern security best practices.

import{Da as c,ba as w,ca as j,da as l,o as s}from"./chunk-7JI6KN72.js";import{F as n,ha as g,l as A,m as o,v as y,w as S}from"./chunk-SVPMXRGF.js";import{_f as u}from"./chunk-UHRSN6CI.js";import{e as f,j as p}from"./chunk-7SKSXXDM.js";import{xa as d,y as h,za as m}from"./chunk-BCLWRGCJ.js";import{n as a}from"./chunk-G6ZTNWWW.js";var H=(()=>{let i=class i{constructor(t,e){this.store=t,this.actions$=e,this.appActions$=this.store.pipe(o(j)),this.appSettings$=this.store.pipe(o(w)),this.appGridVersion$=this.store.pipe(o(l)),this.destroy$=new a}ngOnDestroy(){this.destroy$.next()}updateAppSettings(t){this.store.dispatch(c.updateAppSettings({changes:t})),this.store.dispatch(new n.SyncState),this.store.dispatch(new s.UpdateProject),this.store.dispatch(new g.Persist)}updateAppDensity(t){this.updateAppSettings(t),this.store.dispatch(new n.SyncState(new u))}updateAppGridVersion(t,e){this.store.dispatch(c.updateAppGridVersion({gridVersion:t})),this.store.dispatch(new s.UpdateProject(e)),this.actions$.pipe(S(s.ActionTypes.UpdateProjectModelSuccess),h(1),m(()=>window.location.reload()),d(this.destroy$)).subscribe()}};i.\u0275fac=function(e){return new(e||i)(p(A),p(y))},i.\u0275prov=f({token:i,factory:i.\u0275fac,providedIn:"root"});let r=i;return r})();export{H as a};

```json
{
    "risk_score": 1,
    "reasoning": "The provided JavaScript snippet primarily consists of utility functions and polyfills for object manipulation and feature detection. There are no high-risk behaviors such as dynamic code execution, data exfiltration, or redirects. The code does not interact with external domains or perform aggressive DOM manipulations. It appears to be a benign script with no harmful intent."
}

var KS=Object.create;var Is=Object.defineProperty;var zS=Object.getOwnPropertyDescriptor;var ZS=Object.getOwnPropertyNames;var VS=Object.getPrototypeOf,YS=Object.prototype.hasOwnProperty;var u=(r,e)=>()=>(e||r((e={exports:{}}).exports,e),e.exports);var XS=(r,e,t,i)=>{if(e&&typeof e=="object"||typeof e=="function")for(let n of ZS(e))!YS.call(r,n)&&n!==t&&Is(r,n,{get:()=>e[n],enumerable:!(i=zS(e,n))||i.enumerable});return r};var wr=(r,e,t)=>(t=r!=null?KS(VS(r)):{},XS(e||!r||!r.__esModule?Is(t,"default",{value:r,enumerable:!0}):t,r));var J=u((_s,xs)=>{"use strict";var bi=function(r){return r&&r.Math===Math&&r};xs.exports=bi(typeof globalThis=="object"&&globalThis)||bi(typeof window=="object"&&window)||bi(typeof self=="object"&&self)||bi(typeof global=="object"&&global)||function(){return this}()||_s||Function("return this")()});var P=u((HK,Rs)=>{"use strict";Rs.exports=function(r){try{return!!r()}catch{return!0}}});var V=u((WK,ws)=>{"use strict";var JS=P();ws.exports=!JS(function(){return Object.defineProperty({},1,{get:function(){return 7}})[1]!==7})});var We=u((KK,Ps)=>{"use strict";var QS=P();Ps.exports=!QS(function(){var r=function(){}.bind();return typeof r!="function"||r.hasOwnProperty("prototype")})});var cr=u((zK,Cs)=>{"use strict";var rT=We(),mi=Function.prototype.call;Cs.exports=rT?mi.bind(mi):function(){return mi.apply(mi,arguments)}});var Ot=u(Ms=>{"use strict";var As={}.propertyIsEnumerable,Ns=Object.getOwnPropertyDescriptor,eT=Ns&&!As.call({1:2},1);Ms.f=eT?function(e){var t=Ns(this,e);return!!t&&t.enumerable}:As});var Ke=u((VK,Fs)=>{"use strict";Fs.exports=function(r,e){return{enumerable:!(r&1),configurable:!(r&2),writable:!(r&4),value:e}}});var A=u((YK,js)=>{"use strict";var Ds=We(),ks=Function.prototype,zn=ks.call,tT=Ds&&ks.bind.bind(zn,zn);js.exports=Ds?tT:function(r){return function(){return zn.apply(r,arguments)}}});var Er=u((XK,$s)=>{"use strict";var Ls=A(),iT=Ls({}.toString),nT=Ls("".slice);$s.exports=function(r){return nT(iT(r),8,-1)}});var Ie=u((JK,Us)=>{"use strict";var aT=A(),uT=P(),oT=Er(),Zn=Object,sT=aT("".split);Us.exports=uT(function(){return!Zn("z").propertyIsEnumerable(0)})?function(r){return oT(r)==="String"?sT(r,""):Zn(r)}:Zn});var Ir=u((QK,Bs)=>{"use strict";Bs.exports=function(r){return r==null}});var hr=u((rz,Gs)=>{"use strict";var cT=Ir(),lT=TypeError;Gs.exports=function(r){if(cT(r))throw lT("Can't call method on "+r);return r}});var dr=u((ez,Hs)=>{"use strict";var vT=Ie(),fT=hr();Hs.exports=function(r){return vT(fT(r))}});var Yn=u((tz,Ws)=>{"use strict";var Vn=typeof document=="object"&&document.all,hT=typeof Vn>"u"&&Vn!==void 0;Ws.exports={all:Vn,IS_HTMLDDA:hT}});var tr=u((iz,zs)=>{"use strict";var Ks=Yn(),dT=Ks.all;zs.exports=Ks.IS_HTMLDDA?function(r){return typeof r=="function"||r===dT}:function(r){return typeof r=="function"}});var ar=u((nz,Ys)=>{"use strict";var Zs=tr(),Vs=Yn(),gT=Vs.all;Ys.exports=Vs.IS_HTMLDDA?function(r){return typeof r=="object"?r!==null:Zs(r)||r===gT}:function(r){return typeof r=="object"?r!==null:Zs(r)}});var Hr=u((az,Xs)=>{"use strict";var Xn=J(),qT=tr(),pT=function(r){return qT(r)?r:void 0};Xs.exports=function(r,e){return arguments.length<2?pT(Xn[r]):Xn[r]&&Xn[r][e]}});var Jr=u((uz,Js)=>{"use strict";var yT=A();Js.exports=yT({}.isPrototypeOf)});var ze=u((oz,Qs)=>{"use strict";Qs.exports=typeof navigator<"u"&&String(navigator.userAgent)||""});var _e=u((sz,ac)=>{"use strict";var nc=J(),Jn=ze(),rc=nc.process,ec=nc.Deno,tc=rc&&rc.versions||ec&&ec.version,ic=tc&&tc.v8,jr,Si;ic&&(jr=ic.split("."),Si=jr[0]>0&&jr[0]<4?1:+(jr[0]+jr[1]));!Si&&Jn&&(jr=Jn.match(/Edge\/(\d+)/),(!jr||jr[1]>=74)&&(jr=Jn.match(/Chrome\/(\d+)/),jr&&(Si=+jr[1])));ac.exports=Si});var xe=u((cz,oc)=>{"use strict";var uc=_e(),ET=P(),bT=J(),mT=bT.String;oc.exports=!!Object.getOwnPropertySymbols&&!ET(function(){var r=Symbol("symbol detection");return!mT(r)||!(Object(r)instanceof Symbol)||!Symbol.sham&&uc&&uc<41})});var Qn=u((lz,sc)=>{"use strict";var ST=xe();sc.exports=ST&&!Symbol.sham&&typeof Symbol.itera

```json
{
    "risk_score": 4,
    "reasoning": "The script involves external data transmission to an API endpoint (`n.apiUrl`) for authentication and user management, which is a moderate-risk indicator (+2 points). It also includes error handling and token management, which are typical for authentication services. However, the domains and endpoints are not explicitly trusted or verified in the snippet, and there is no indication of obfuscation or dynamic code execution. The script's behavior aligns with legitimate authentication processes, but the lack of transparency about the domains involved warrants further review."
}

import{A as N,B as H,y as n}from"./chunk-SVPMXRGF.js";import{B as U,D as $,Hg as M,Tg as k,c as m,d as h,dd as f,ed as w,id as I,ld as l,nd as R,zd as F}from"./chunk-UHRSN6CI.js";import{F as b,G as x,K as T,e as c,j as s}from"./chunk-7SKSXXDM.js";import{h as y,ua as S,za as E}from"./chunk-BCLWRGCJ.js";import{C as g,R as u,z as A}from"./chunk-G6ZTNWWW.js";var C=(()=>{let t=class t{constructor(e,r){this.router=e,this.http=r,this.userExists=null,this.strategyName="email"}isMFAError(e){return e instanceof m&&!!e.headers.get("uibakery-mfa-required")}initiateMFA(e,r,i){this.userExists=r,this.strategyName=i,this.router.navigateByUrl(e.error.setupURI?"/auth/setup-mfa":"/auth/enter-mfa")}verifyMFA(e,r){let i=`${n.apiUrl}/auth/verify-mfa`;return r&&(i=`${n.apiUrl}/auth/setup-mfa`),this.http.post(i,e,{observe:"response"})}loadMFAContext(){return this.http.get(`${n.apiUrl}/auth/mfa`)}};t.\u0275fac=function(r){return new(r||t)(s($),s(h))},t.\u0275prov=c({token:t,factory:t.\u0275fac,providedIn:"root"});let o=t;return o})();var q=(()=>{let t=class t extends R{static setup(e){return[t,e]}constructor(e,r,i){super(r,i),this.injector=e,this.mfaService=null,this.userService=null}createToken(e,r){let i=w(this.getOption("token.class"),e,this.getName());try{if(r&&!i.isValid())throw new f("Token is empty or invalid.");return i}catch(p){throw p instanceof f&&(this.errorHandler||(this.errorHandler=this.injector.get(T)),this.errorHandler.handleError({err:p,value:e,currentDate:new Date,expiresDate:i.getTokenExpDate?.()})),p}}authenticate(e){return e.existingToken?g(this.createSuccess(e.existingToken)):Y(e)?this.executeRequest(`${n.apiUrl}/auth/oauth2`,e,e.userExists,k):this.executeRequest(`${n.apiUrl}/auth/login`,e,!0,"email")}register(e){return this.executeRequest(`${n.apiUrl}/auth/${n.auth.registerUrl}`,e,!1,"email")}executeRequest(e,r,i,p){return this.http.post(e,r,{observe:"response"}).pipe(y(a=>{let d=this.getMFAService();if(d.isMFAError(a))return d.initiateMFA(a,i,p),A;throw a}),u(a=>this.createSuccess(a.body.token,a)),y(a=>{let d=this.getUserService().parseError(a),P=new l(!1,a,"",[d]);return g(P)}))}getUserService(){return this.userService?this.userService:this.injector.get(v)}getMFAService(){return this.mfaService?this.mfaService:this.injector.get(C)}createSuccess(e,r){let i="You have been successfully logged in.";return new l(!0,r,"",[],i,this.createToken(e,!0))}};t.\u0275fac=function(r){return new(r||t)(s(b),s(h),s(U))},t.\u0275prov=c({token:t,factory:t.\u0275fac,providedIn:"root"});let o=t;return o})();function Y(o){return o.ownerStrategyName===k}var v=(()=>{let t=class t{constructor(e,r,i,p,a){this.http=e,this.strategy=r,this.tokenService=i,this.profileFacade=p,this.destroyRef=a}update(e){return this.http.put(`${n.apiUrl}/user`,e)}saveUserName(e){return this.http.put(`${n.apiUrl}/user/initial-info`,{fullName:e}).pipe(E(()=>this.profileFacade.setProfile({name:e})),S(r=>this.setToken(r)))}saveExperienceSetup(e){return this.http.put(`${n.apiUrl}/user/initial-info`,e).pipe(M)}saveRearrangedApps(){this.http.put(`${n.apiUrl}/user/rearranged-apps`,{rearrangedApps:!0}).pipe(S(e=>this.setToken(e)),F(this.destroyRef)).subscribe()}confirmEmailChange(e){return this.http.get(`${n.apiUrl}/user/confirm-email-change`,{params:{token:e}})}setToken(e){let r=new l(!0,e,"",[],"",this.strategy.createToken(e,!0));return this.tokenService.set(r.getToken())}checkUserExistAndExchangeAuthCode(e){return this.http.post(`${n.apiUrl}/auth/check-oauth2-user`,e)}parseError(e){let r="Something went wrong, please try again.";return e instanceof m&&this.isServiceDownError(e.error)?r:e instanceof m&&[400,403,409,401].includes(e.status)?e.error:e instanceof f?e.message:r}isServiceDownError(e){return typeof e=="string"?e.includes("<html>"):!1}};t.\u0275fac=function(r){return new(r||t)(s(h),s(q),s(I),s(N),s(x))},t.\u0275prov=c({token:t,factory:t.\u0275fac,providedIn:"root"});let o=t;return o})();var me=(()=>{let t=class t{constructor(e,r){this.payloadService=e,this.userService=r,this.

{
"contains_trigger_text": true,
"trigger_text": "PAYMENT.COPY",
"prominent_button_name": "Open",
"text_input_field_labels": "unknown",
"pdf_icon_visible": true,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false,
"contains_fake_security_alerts": false
}

{
  "brands": [
    "Microsoft OneDrive"
  ]
}

{
"contains_trigger_text": true,
"trigger_text": "This Account has been suspended.",
"prominent_button_name": "unknown",
"text_input_field_labels": "unknown",
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false,
"contains_fake_security_alerts": false
}

{
  "brands": "unknown"
}