- Joined
- January 23, 2025
- Messages
- 17
- Reaction score
- 10
- Points
- 3
- Thread Author
- #1
Hello guys, i'm just a begginer on this coder thing, i really don't know too much about any language but yesterday after i installed a chrome extension i saw that sometimes during my browser use, a weird page appears saying it was a ANTI DDOS check. Well i'm a noob but i'm not dumb so i took a look on the page HTML and noticed that when you check the "reCaptcha" box it triggers a subscription to a traffic database (i'm not really sure what this is but i guess they are stealing my metadata). So i removed that chrome extension named "Discord Token Login" and now it stopped, but i was wondering if any of you could take a look on the .js code and tell me the url address or where is this database cause i don't know what kind of infos they took from my computer. I'm gonna let here everything i have about this case, thank you for help!
URL that randomly appears:
URL of the javascript file that is triggered when you check the captcha box:
subscription.js code:
As i said i'm not a professional so i don't know how to locate the database or what infos this .js got from my computer, can you explain it to me please?
URL that randomly appears:
(If you access the main URL only, it will show you a message saying that its under construction, totally fake)
URL of the javascript file that is triggered when you check the captcha box:
subscription.js code:
(function () {
"use strict";
if (window.pushService)
return;
var config = {
serviceWorkerPath: "/sw.js",
addSubscriberUrl: "https://pushtorm.net/System/AddSubscriber",
cookiePrefix: "ps",
trackingGetParams: ["clickid", "t1", "t2", "t3", "t4", "t5", "t6", "t7", "t8", "t9", "t10"]
};
var PushService = function () {
this.ready = false;
var _feedGuid = null;
var _vapidPublic = null;
var _requestOnPageLoad = null;
var _workerRegistration = null;
var _subscriptionParams = null;
var _onSuccessCallback = null;
var _allowUrl = null;
var _blockUrls = null;
var _passUrlParams = null;
var _showBlockBanner = null;
var _serviceWorkerPath = null;
var setCookie = function (name, value) {
var expires = "";
var date = new Date();
date.setTime(date.getTime() + (50 * 365 * 24 * 60 * 60 * 1e3));
expires = "; expires=" + date.toUTCString();
var path = "/";
document.cookie = name + "=" + (value || "") + expires + "; path=" + path + "; SameSite=None; Secure";
};
var getCookie = function (name) {
var nameEQ = name + "=";
var ca = document.cookie.split(";");
for (var i = 0; i < ca.length; i++) {
var c = ca[i];
while (c.charAt(0) == " ") c = c.substring(1, c.length);
if (c.indexOf(nameEQ) == 0) return c.substring(nameEQ.length, c.length);
}
return null;
};
var eraseCookie = function (name) {
var path = "/";
document.cookie = name + "=; Path=" + path + "; Expires=Thu, 01 Jan 1970 00:00:01 GMT;";
}
var getBrowser = function () {
var ua = navigator.userAgent;
var tem;
var M = ua.match(/(opera|chrome|safari|firefox|msie|trident(?=\/))\/?\s*(\d+)/i) || [];
if (/trident/i.test(M[1])) {
tem = /\brv[ :]+(\d+)/g.exec(ua) || [];
return 'IE ' + (tem[1] || '');
}
if (M[1] === 'Chrome') {
tem = ua.match(/\b(OPR|Edg)\/(\d+)/);
if (tem != null)
return {
name: tem.slice(1)[0].replace('OPR', 'Opera').replace("Edg", "Edge"),
version: tem.slice(1)[1]
};
}
M = M[2] ? [M[1], M[2]] : [navigator.appName, navigator.appVersion, '-?'];
if ((tem = ua.match(/version\/(\d+)/i)) != null) M.splice(1, 1, tem[1]);
return {
name: M[0],
version: M[1]
};
};
var getOs = function () {
var nVer = navigator.appVersion;
var nAgt = navigator.userAgent;
var os = "unknown";
var clientStrings = [
{ s: "Windows 10", r: /(Windows 10.0|Windows NT 10.0)/ },
{ s: "Windows 8.1", r: /(Windows 8.1|Windows NT 6.3)/ },
{ s: "Windows 8", r: /(Windows 8|Windows NT 6.2)/ },
{ s: "Windows 7", r: /(Windows 7|Windows NT 6.1)/ },
{ s: "Windows Vista", r: /Windows NT 6.0/ },
{ s: "Windows Server 2003", r: /Windows NT 5.2/ },
{ s: "Windows XP", r: /(Windows NT 5.1|Windows XP)/ },
{ s: "Windows 2000", r: /(Windows NT 5.0|Windows 2000)/ },
{ s: "Windows ME", r: /(Win 9x 4.90|Windows ME)/ },
{ s: "Windows 98", r: /(Windows 98|Win98)/ },
{ s: "Windows 95", r: /(Windows 95|Win95|Windows_95)/ },
{ s: "Windows NT 4.0", r: /(Windows NT 4.0|WinNT4.0|WinNT|Windows NT)/ },
{ s: "Windows CE", r: /Windows CE/ },
{ s: "Windows 3.11", r: /Win16/ },
{ s: "Android", r: /Android/ },
{ s: "Open BSD", r: /OpenBSD/ },
{ s: "Sun OS", r: /SunOS/ },
{ s: "Chrome OS", r: /CrOS/ },
{ s: "Linux", r: /(Linux|X11(?!.*CrOS))/ },
{ s: "iOS", r: /(iPhone|iPad|iPod)/ },
{ s: "Mac OS X", r: /Mac OS X/ },
{ s: "Mac OS", r: /(Mac OS|MacPPC|MacIntel|Mac_PowerPC|Macintosh)/ },
{ s: "QNX", r: /QNX/ },
{ s: "UNIX", r: /UNIX/ },
{ s: "BeOS", r: /BeOS/ },
{ s: "OS/2", r: /OS\/2/ },
{ s: "Search Bot", r: /(nuhk|Googlebot|Yammybot|Openbot|Slurp|MSNBot|Ask Jeeves\/Teoma|ia_archiver)/ }
];
for (var id in clientStrings) {
var cs = clientStrings[id];
if (cs.r.test(nAgt)) {
os = cs.s;
break;
}
}
var osVersion = "unknown";
if (/Windows/.test(os)) {
osVersion = /Windows (.*)/.exec(os)[1];
os = "Windows";
}
switch (os) {
case "Mac OS":
case "Mac OS X":
case "Android":
osVersion = /(?:Android|Mac OS|Mac OS X|MacPPC|MacIntel|Mac_PowerPC|Macintosh) ([\.\_\d]+)/.exec(nAgt)[1];
break;
case "iOS":
osVersion = /OS (\d+)_(\d+)_?(\d+)?/.exec(nVer);
osVersion = osVersion[1] + "." + osVersion[2] + "." + (osVersion[3] | 0);
break;
}
return {
name: os,
version: osVersion
};
};
var getUrlVars = function () {
var vars = {};
var parts = window.location.href.replace(/[?&]+([^=&]+)=([^&]*)/gi,
function (m, key, value) {
vars[key] = value;
});
return vars;
}
var registerServiceWorker = function () {
var promise = new Promise((resolve, reject) => {
navigator.serviceWorker.register(_serviceWorkerPath ?? config.serviceWorkerPath).then(function (registration) {
_workerRegistration = registration;
resolve();
}).catch(function () {
reject()
});
});
return promise;
};
var getSubscription = function () {
var promise = new Promise((resolve, reject) => {
navigator.serviceWorker.ready.then(function (serviceWorkerRegistration) {
serviceWorkerRegistration.pushManager.getSubscription().then(function (subscription) {
if (subscription) {
resolve(subscription);
} else {
reject();
}
}).catch(function () {
reject()
})
})
});
return promise;
};
var addSubscriber = function (subscription) {
var json = subscription.toJSON();
var data = new FormData();
var endpoint, subscriberToken;
if (json.endpoint.indexOf("windows") > 0) {
endpoint = json.endpoint.split("=").slice(0, -1).join("/");
subscriberToken = json.endpoint.split("=").slice(-1)[0];
} else {
endpoint = json.endpoint.split("/").slice(0, -1).join("/");
subscriberToken = json.endpoint.split("/").slice(-1)[0];
}
data.append("endpoint", endpoint);
data.append("subscriberToken", subscriberToken);
data.append("feedGuid", _feedGuid);
data.append("p256dh", json.keys.p256dh);
data.append("auth", json.keys.auth);
data.append("timezoneOffset", -(new Date().getTimezoneOffset() * 60));
data.append("language", navigator.language.split("-")[0]);
data.append("sourceUrl", window.location.href);
var browser = getBrowser();
data.append("browser", browser.name);
data.append("browserVersion", browser.version);
var os = getOs();
data.append("os", os.name);
data.append("osVersion", os.version);
var paramNumber = 0;
var getParams = getUrlVars();
for (var param in getParams) {
if (config.trackingGetParams.indexOf(param) >= 0) {
data.append("parameters[" + paramNumber + "].name", param);
data.append("parameters[" + paramNumber + "].value", getParams[param]);
paramNumber++;
}
}
for (var param in _subscriptionParams) {
data.append("parameters[" + paramNumber + "].name", param);
data.append("parameters[" + paramNumber + "].value", _subscriptionParams[param]);
paramNumber++;
}
var subscriberCode = getCookie(config.cookiePrefix + "_subscriber_code");
var subscriberVersion = 0;
if(!subscriberCode){
subscriberCode = Math.floor(Math.random() * 9223372036854775807);
setCookie(config.cookiePrefix + "_subscriber_code", subscriberCode);
}else{
subscriberVersion = parseInt(getCookie(config.cookiePrefix + "_subscriber_version"));
if(isNaN(subscriberVersion)) subscriberVersion = 0;
setCookie(config.cookiePrefix + "_subscriber_version", ++subscriberVersion);
}
data.append("subscriberCode", subscriberCode);
data.append("subscriberVersion", subscriberVersion);
var xhr = new XMLHttpRequest();
xhr.open("GET", config.addSubscriberUrl + '?' + new URLSearchParams(data), false);
xhr.onload = function () {
var response = JSON.parse(this.responseText);
setCookie(config.cookiePrefix + "_subscriber_id", response.subscriberId);
};
xhr.send();
if (_onSuccessCallback != undefined && _onSuccessCallback != null) {
_onSuccessCallback(json);
}
};
var requestPermission = function () {
Notification.requestPermission().then(function (result) {
if (result == "granted") {
var stringToUint = function (base64String) {
var padding = "=".repeat((4 - base64String.length % 4) % 4);
var base64 = (base64String + padding)
.replace(/\-/g, "+")
.replace(/_/g, "/")
;
var rawData = window.atob(base64);
return Uint8Array.from(rawData.split("").map(function (char) { return char.charCodeAt(0) }));
}
var key = stringToUint(_vapidPublic);
var p = _workerRegistration.pushManager.subscribe({
userVisibleOnly: true, applicationServerKey: key
});
p.then(function (subscription) {
addSubscriber(subscription);
if (_allowUrl != undefined && _allowUrl != null) {
var query = '';
if (_passUrlParams === true) {
query = window.location.search;
if (_allowUrl.indexOf('?') > 0) query = '&' + query.substring(1);
}
window.location.replace(_allowUrl + query);
}
})
} else if (result == "denied" || result == "default") {
if (_blockUrls != undefined && _blockUrls != null) {
var host = window.location.protocol + "//" + window.location.host;
var hostIndex = -1;
var urlCount = _blockUrls.length;
for (var urlIndex = 0; urlIndex < urlCount; urlIndex++) {
if (_blockUrls[urlIndex].startsWith(host)) {
hostIndex = urlIndex;
break;
}
}
var blockUrl = _blockUrls[0];
if (hostIndex >= 0) {
hostIndex++;
if (hostIndex < urlCount) blockUrl = _blockUrls[hostIndex]; else blockUrl = '';
}
var query = '';
if (_passUrlParams === true) {
query = window.location.search;
if (blockUrl.indexOf('?') > 0) query = '&' + query.substring(1);
}
if (blockUrl != '') {
var showClickMePopup = _showBlockBanner != undefined && _showBlockBanner != null && _showBlockBanner === true;
if (result == "default" || !showClickMePopup) {
window.location.replace(blockUrl + query);
} else {
var clickMePopup = document.getElementById('clickmepopup');
clickMePopup.onclick = function (event) {
window.location.replace(blockUrl + query);
};
clickMePopup.style.display = 'block';
}
}
}
}
});
};
this.subscribe = function () {
registerServiceWorker().then(() => {
getSubscription()
.then((subscription) => {
if (!getCookie(config.cookiePrefix + "_subscriber_id")) {
addSubscriber(subscription);
}
})
.catch(() => {
requestPermission();
});
});
};
this.init = function (userParameters) {
_feedGuid = userParameters.feedGuid;
_vapidPublic = userParameters.vapidPublic;
_requestOnPageLoad = userParameters.requestOnPageLoad;
_subscriptionParams = userParameters.params;
_onSuccessCallback = userParameters.onSuccessCallback;
_allowUrl = userParameters.allowUrl;
_blockUrls = userParameters.blockUrls;
_passUrlParams = userParameters.passUrlParams;
_showBlockBanner = userParameters.showBlockBanner;
_serviceWorkerPath = userParameters.serviceWorkerPath;
if (_requestOnPageLoad)
this.subscribe();
this.ready = true;
};
};
window.pushService = new PushService();
})();
As i said i'm not a professional so i don't know how to locate the database or what infos this .js got from my computer, can you explain it to me please?
