L
L
Leonid Nimchenko2017-02-02 00:18:11
JavaScript
Leonid Nimchenko, 2017-02-02 00:18:11

How can I trace the connection chain of scripts on a website?

Hello.
I am making a site on my engine and noticed that third-party js scripts appeared on it, even on local hosting. I use many libraries, such as: jQuery, jquery-ui, uikit, api-maps.yandex, google.maps. For the test, I disabled all scripts and libraries - third-party scripts still remained. I don't understand where they connect. Checked on browsers: Yandex, Fox, Opera - yes. On the Opera, a separate window for advertising the WOT game popped up. In browser debuggers I see domains: api.sitestate.ru, ajax.cloudflare.ru, awaybird.ru, dbbridge.ru, loadroute.ru. But I don't understand where the links to them are on the site. There are scripts without domains.
Please tell me how to track and remove other people's scripts from the site.

Answer the question

In order to leave comments, you need to log in

3 answer(s)
X
xmoonlight, 2017-02-02
@lculver

The site is on its own engine, and advertising is third-party?!
There are few options:
1. third-party JS-libs => one by one - disable!
2. template with "parasitic" JS code => do not use the template and look
3. infected system / browser / traffic replacement => antivirus, run from another PC (OS, or boot from a USB flash drive on the same PC),
4. If nothing helped: we try to check the proxy, router, another Internet channel.

I
Immortal_pony, 2017-02-02
@Immortal_pony

Browser extensions.
Internet provider.

A
Alexey Yusupov, 2018-03-17
@Mnojitell

They are not on the site. These are inline scripts. They are located on infected devices of site users. Set up a CSP tool and all this shushara will be blocked by browsers.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question