Suspicious links were found:
What about hxtps://region1.google-analytics.com/g/collect?v=2? &tid=G-T915SD7BNP%3Em=45je47o0v9119105494za200&_p=1721857051493&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1402193343.1721857052&ul=en-us&sr=800x600&frm=0&pscdl=noapi&_s=1&sid=1721857051&sct=1&seg=0&dl=https%3A%2F%2Fdte.twp.cl%2F&dt=XML%20a%20PDF%20-%20Archivos%20DTE%20del%20SII%20Chile&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1401 It could be a legit Google tracker
blocked
https://www.clarity.ms/s/0.7.41/clarity.js because of clarity dot ms. uMatrix blocks for me.
This script: htxps://dte.twp.cl/polyfills-LZBJRJJE.js Third-party script injection: Although the script is hosted on a trusted CDN, there's still a risk of malicious actors injecting malicious code into the polyfill script. This could happen if an attacker compromises the CDN or uses a vulnerable version of the script.
Execution context: Since the script is intended to be executed in a web page context, there's a risk of it being used to exploit vulnerabilities in the hosting page or other scripts.
Bypassing browser restrictions: Some polyfills may potentially bypass browser restrictions or security features, such as the Content Security Policy (CSP) or Same-Origin Policy. However, in this case, the script appears to be designed for browser compatibility and doesn't seem to intentionally bypass security controls.
But again, as said many times before, wait for a final verdict by avast's
polonus
