Nobody solved it correctly, this is really a disaster! Guys! Yes, I write for noobs, but can't you try a bit harder?
The solution is: notice a string at the bottom, which in fact, base64 string. These strings has very distinctive 'AAA' substrings, corresponds to strings of zero bytes. All strings are ended with '=' suffix, which is distinctive feature of base64.
Let's try to decode:
echo -ne ABoAAA07AAAAABYAEUjZAAYnvQ6wHKILn4wT93M= | base64 -d | xxd -g1 echo -ne ABoAAAH4AAAAABYADk9lAACGrgJ1Ko0ankqDEGY= | base64 -d | xxd -g1 echo -ne ABoAAAHYAAAAABYADG+jAAPEiQCzHY/HYfugwpU= | base64 -d | xxd -g1 echo -ne ABoAAAKgAAAAABYADnv3AAAM8QAjKo0f72IzSZc= | base64 -d | xxd -g1 echo -ne ABoAAALyAAAAABYAEWNJAAS6xQBRHZAlOlrsHZc= | base64 -d | xxd -g1 echo -ne ABoAAANdAAAAABYAEL3oAAFB+wA6HY/+dOKjkbo= | base64 -d | xxd -g1 echo -ne ABoAAAOzAAAAABYAELgGAAD1XQCqHY/+dn4i9nO= | base64 -d | xxd -g1 echo -ne ABoAAAP5AAAAABYAE2kDAAA7PAAWKop7Sp/gSRU= | base64 -d | xxd -g1 echo -ne ABoAAAPSAAAAABYAE2kDAAA8RgAWKop7SoZ1Ali= | base64 -d | xxd -g1 echo -ne ABoAAAQrAAAAABYAEWl7AAVAtQDhHZAjlK8lhOM= | base64 -d | xxd -g1 echo -ne ABoAAARhAAAAABYAEWI7AAVDOQDiHZAjlFcqkrQ= | base64 -d | xxd -g1 echo -ne ABoAAAS9AAAAABYAE5GaAAANGwALL9UuDNbZfW4= | base64 -d | xxd -g1 echo -ne ABoAAASVAAAAABYAEHziAARNyWjAL9OolRM1eo0= | base64 -d | xxd -g1 echo -ne ABoAAAUiAAAAABYAEWNJAAS3KwBRHZAlOMSBrps= | base64 -d | xxd -g1 echo -ne ABoAAAVOAAAAABYAE2kDAAA2+wAVKop7SpAlDeo= | base64 -d | xxd -g1 echo -ne ABoAAAWKAAAAABYAESzFAADx6gIdL9O5ZcJNuwY= | base64 -d | xxd -g1 echo -ne ABoAAAcDAAAAABYAERCPAAFEVgi3L9O1sHjClto= | base64 -d | xxd -g1 echo -ne ABoAAAczAAAAABYAEJ33AAKX2g2WL90s+Yt+Hsw= | base64 -d | xxd -g1 echo -ne ABoAAAdAAAAAABYAERDcAAFNKAkml902EqIDZXE= | base64 -d | xxd -g1
(Note: some typos are inevitably here.)
Each string contains 29 bytes:
00 1a 00 00 0d 3b 00 00 00 00 16 00 11 48 d9 00 06 27 bd 0e b0 1c a2 0b 9f 8c 13 f7 73
00 1a 00 00 01 d8 00 00 00 00 16 00 0c 6f a3 00 03 c4 89 00 b3 1d 8f c7 61 fb a0 c2 95
00 1a 00 00 01 f8 00 00 00 00 16 00 0e 4f 65 00 00 86 ae 02 75 2a 8d 1a 9e 4a 83 10 66
00 1a 00 00 02 a0 00 00 00 00 16 00 0e 7b f7 00 00 0c f1 00 23 2a 8d 1f ef 62 33 49 97
00 1a 00 00 02 f2 00 00 00 00 16 00 11 63 49 00 04 ba c5 00 51 1d 90 25 3a 5a ec 1d 97
00 1a 00 00 03 5d 00 00 00 00 16 00 10 bd e8 00 01 41 fb 00 3a 1d 8f fe 74 e2 a3 91 ba
00 1a 00 00 03 b3 00 00 00 00 16 00 10 b8 06 00 00 f5 5d 00 aa 1d 8f fe 76 7e 22 f6 73
00 1a 00 00 03 d2 00 00 00 00 16 00 13 69 03 00 00 3c 46 00 16 2a 8a 7b 4a 86 75 02 58
00 1a 00 00 03 f9 00 00 00 00 16 00 13 69 03 00 00 3b 3c 00 16 2a 8a 7b 4a 9f e0 49 15
00 1a 00 00 04 2b 00 00 00 00 16 00 11 69 7b 00 05 40 b5 00 e1 1d 90 23 94 af 25 84 e3
00 1a 00 00 04 61 00 00 00 00 16 00 11 62 3b 00 05 43 39 00 e2 1d 90 23 94 57 2a 92 b4
00 1a 00 00 04 95 00 00 00 00 16 00 10 7c e2 00 04 4d c9 68 c0 2f d3 a8 95 13 35 7a 8d
00 1a 00 00 04 bd 00 00 00 00 16 00 13 91 9a 00 00 0d 1b 00 0b 2f d5 2e 0c d6 d9 7d 6e
00 1a 00 00 05 22 00 00 00 00 16 00 11 63 49 00 04 b7 2b 00 51 1d 90 25 38 c4 81 ae 9b
00 1a 00 00 05 4e 00 00 00 00 16 00 13 69 03 00 00 36 fb 00 15 2a 8a 7b 4a 90 25 0d ea
00 1a 00 00 05 8a 00 00 00 00 16 00 11 2c c5 00 00 f1 ea 02 1d 2f d3 b9 65 c2 4d bb 06
00 1a 00 00 07 03 00 00 00 00 16 00 11 10 8f 00 01 44 56 08 b7 2f d3 b5 b0 78 c2 96 da
00 1a 00 00 07 33 00 00 00 00 16 00 10 9d f7 00 02 97 da 0d 96 2f dd 2c f9 8b 7e 1e cc
00 1a 00 00 07 40 00 00 00 00 16 00 11 10 dc 00 01 4d 28 09 26 97 dd 36 12 a2 03 65 71
------------ 16 or 0x10 bytes -----------------
-------------------------- 26 or 0x1a bytes ---------------------------------
----------------------- 25 or 0x19 bytes ---------------------------------
Clearly, the first low-entropy half (many 'A' in base64 strings) is some kind of header. First 3 bytes (00 1a 00) is possibly length of subsequent block.
Second half is not encrypted, I think, despite the fact that some receipts has the 'MAC=base64' prefix. (Think about it: why I don't believe encryption is used here?)
The answer (or solution) I expected: "each receipt has base64-encoded string of some low-entropy data, unlikely it's encrypted".
A reverse engineer, cryptographer or one of infosec folks should quickly spot these baes64 strings, like I did.
Some time ago (before 24-Mar-2025) there was Disqus JS script for comments. I dropped it --- it was so motley, distracting, animated, with too much ads. I never liked it. Also, comments didn"t appeared correctly (Disqus was buggy). Also, my blog is too chamberlike --- not many people write comments here. So I decided to switch to the model I once had at least in 2020 --- send me your comments by email (don"t forget to include URL to this blog post) and I"ll copy&paste it here manually.
Let"s party like it"s ~1993-1996, in this ultimate, radical and uncompromisingly primitive pre-web1.0-style blog and website.