How to catch malicious js on the website

There is a site on wp, a lot of js libraries, at a certain point began to pop up a popup window with different URLs in the click event of the mouse.

Pumped site, total'om found not a single Potapova links, even in case of partial entry.

How is it possible in debug mode to trace what is called when you click?

PS. knowledge in js — 0
October 8th 19 at 03:59
9 answers
October 8th 19 at 04:01
Give a link, a couple of people come in, who can tell
October 8th 19 at 04:03
If of no knowledge will have to ask someone who has. for example
October 8th 19 at 04:05
Usually these things sewn up in the topic. Look in the current theme, something like escape (once in plain text, the search returned no results.)
In General, it would be better if you gave a link to the site, this js can be tracked without having access to the source code.
October 8th 19 at 04:07
It is possible to pump clean WP, and compare files by content to begin with.
Well, then, if knowledge in JS is not, at random- "take a bite" those pieces of code that differ from the benchmark and look what happened.
October 8th 19 at 04:09
In addition to the previous comment, if you have access to statistics of visits by server logs (logs awstats, for example) and so on, view abnormally large access to the "strange" files on your hosting, maybe you will find a script to remote control somewhere in the subfolders.
October 8th 19 at 04:11
To WordPress e often seen that all of the "left" is in the template, and encoded in base64. Look this a way.
October 8th 19 at 04:13
in Mozila you can put no scripr they can disable scripts one by one and you can calculate reptile
*script - Kyler71 commented on October 8th 19 at 04:16
October 8th 19 at 04:15
First, try to use online scanners
October 8th 19 at 04:17
You can try siteguard.
And you can write a simple script monitor all changes to static pages and slushy Hello to the soap.

Find more questions by tags viruses