Recently purchased a plugin for WP via CC and as soon as it was activated I noticed my site start hanging a little when refreshing pages where the plugin was placing its code. Then I notice my browser saying it is waiting on www.scorecardresearch.com while the page is refreshing…
Looking this site up, they collect browsing data using tags placed in websites… Only ever got this after installing a plugin.
Cant find anything in the plugin files that says scorecardresearch what would I be looking for to find this code if it is encrypted?
Dont like the idea (if it is this plugin) of this sort of code getting into my site without my permission!
First – deactivate said plugin and check if your website still wants to connect to the malicious website. If you are sure it’s the plugin, you will probably have to look for base64 encoded things. Once you are sure the plugin inserts malicious code into your website you can contact Envato Support – they will refund you and disable the plugin
Thanks will try to find that. I only noticed it show when I configured the plugin incorrectly while testing it, then it ‘hung’ as it could not get the right data to complete the plugin request. When its configured correctly it refreshes so quick you cant tell… wont be easy to find this if it refreshes so quick! Unless I can find that code in somewhere else on my site!
You can always try using your browser’s developer tools, the info about server requests will be in network tab. Safari and Chrome and recent versions of FireFox have it built in (in Safari developer menu has to be enabled in preferences), and you can use Firebug plugin for FireFox if you have older version.
I think this is some kind of buyers tracking. If you are sure about it first contact author then you may contact Envato support.