amazon-adsystem.com URL in script

[arm32x]

Near the top of the userscript, there is this code:

        const id = "" + Math.random();
        w[id] = resolve;
    
        const stackN = 9;
        let loaderIntro = "";
        for (let i = 0; i < stackN; i++) {
            loaderIntro += `(function ${getRandL()}(){`;
        }
        const loaderOutro = "})()".repeat(stackN);
        const mockUrl = "https://c.amazon-adsystem.com/aax2/apstag.js";
    
        Function(
            `${loaderIntro}const d=new Image();window['${id}'](d);delete window['${id}'];document.body.prepend(d)${loaderOutro}//# sourceURL=${mockUrl}`
        )();

It contains the URL https://c.amazon-adsystem.com/aax2/apstag.js, which is then used as a sourcemap URL. Why is it here, and why this specific URL?

[sealsrock12]

This is to prevent the website from detecting the script, and was added a while ago. I'm not exactly sure how this works, but it is that specific URL for a reason. Here is a portion of an inline script tag on the MuseScore website:

        window.Image = function() {
            var stack = new Error().stack
            var stackChunks = stack.split('\n').slice(2);
            var lastLine = stackChunks.reverse()[0];
            var url = lastLine.split(' ').reverse()[0]
            var urlChunks = url.substr(1, url.length - 2).split(':')
            var resultUrl = urlChunks[0] + ':' + urlChunks[1]

            if (
                getIsUserScript(stack)
                || lastLine.split(' (eval').length >= 3
                || (lastLine.indexOf(' eval ') && resultUrl === location.href)                 || stackChunks.every(function (chunk) { return chunk.indexOf('a (https://c.amazon-adsystem.com/aax2/apstag.js:') > -1 })
            ) {
                disable()
                return null;
            }
            return new Img(arguments[0], arguments[1])
        }
    })();

There is a check which includes that URL.

[Xmader]

The musescore.com website monkey-patches the Image constructor to detect our downloader script by retrieving the error stacks,
see sealsrock12's answer.

Setting a sourcemap URL overrides the caller script name in error stacks.
(The script name would be something like chrome-extension://xxx/userscript.html?name=musescore-downloader.user.js on Chrome Tampermonkey, and it's very easy to detect)

I picked this specific one because it was the only script on the website legitimately using the Image constructor.
(musescore.com loads https://c.amazon-adsystem.com/aax2/apstag.js to display (Amazon) ads on their website.)

---

The stackChunks.every(function (chunk) { return chunk.indexOf('a (https://c.amazon-adsystem.com/aax2/apstag.js:') > -1 } part was added in the inline script tag after I published 18da36a, as it's still easy to detect due to the persistent function name a.
I later committed e5ffc4b to randomize the function names, and finally made musescore-downloader indifferentiable from the real https://c.amazon-adsystem.com/aax2/apstag.js.