google-chromexmlhttprequestgoogle-chrome-devtoolsjavascript-injection

how to identify code that triggers external javascript load?


I have a prestashop installation live which has been somehow injected with malitious code, here is my prestashop: https://debou.it

in chrome console I see this external javascript is loaded many times on every page load: https://mc.yandex.ru/metrika/tag.js but I cannot locate the code that triggers it.

I went through all SO questions ad tried locating the code with Chrome DevTools without success, eg: Is possible to debug dynamic loading JavaScript by some debugger like WebKit, FireBug or IE8 Developer Tool? How to find out which Javascript causes a jQuery Ajax request?

I'm working with an installation by an other developer, anyone can point me to the right direction?


Solution

  • For future reference to anyone: it was yandex added to google tag manager. It's scam code, used to send russian spam to new contacts. Removed it from GTM and everything works fine