The code appears to be a complex and obfuscated JavaScript...

September 5, 2025 at 01:09 PM

<html lang="en"><head><title>Redirecting...</title></head><body><script>(()=>{"use strict";const t="offset",e="client",o=function(){};let n=!1,r=!1;const i={loopDelay:50,maxLoop:5,complete:o},l=[];let u=null;const s={cssClass:"ad-overlay google-ad-bottom-outer prebid-wrapper .dfp-ad-container"},a={nullProps:[t+"Parent"],zeroProps:[]};a.zeroProps=[t+"Height",t+"Left",t+"Top",t+"Width",t+"Height",e+"Height",e+"Width"];const c={quick:null,remote:null};let d=null;const p={test:0,download:0};function f(t){return"function"==typeof t}function m(t){!0!==d&&(r=!0,y(t),c.quick="testing",p.test=setTimeout((function(){h(t,1)}),5))}function y(t){let e,o,n=document.body,r="width: 1px !important; height: 1px !important; position: absolute !important; left: -10000px !important; top: -1000px !important;";if(null!=t&&"string"!=typeof t){for(null!=t.style&&(r+=t.style),u=function(t,e){let o,n,r=e;if(n=document.createElement(t),r)for(o in r)r.hasOwnProperty(o)&&n.setAttribute(o,r[o]);return n}("div",{class:t.cssClass,style:r}),n.appendChild(u),e=0;e<a.nullProps.length;e++)o=u[a.nullProps[e]];for(e=0;e<a.zeroProps.length;e++)o=u[a.zeroProps[e]]}}function h(t,e){const o=document.body;let c=!1;if(null==u&&y(t||s),"string"!=typeof t){p.test>0&&(clearTimeout(p.test),p.test=0),null!==o.getAttribute("abp")&&(c=!0);for(let t=0;t<a.nullProps.length;t++){if(null==u[a.nullProps[t]]){e>4&&(c=!0);break}if(!0===c)break}for(let t=0;t<a.zeroProps.length&&!0!==c;t++)0===u[a.zeroProps[t]]&&e>4&&(c=!0);if(void 0!==window.getComputedStyle){const t=window.getComputedStyle(u,null);"none"!==t.getPropertyValue("display")&&"hidden"!==t.getPropertyValue("visibility")||e>4&&(c=!0)}n=!0,c||e++>=i.maxLoop?(d=c,function(){let t,e;if(null===d)return;for(t=0;t<l.length;t++){e=l[t];try{null!=e&&f(e["complete"])&&e["complete"](d)}catch(t){return}}}(),g()&&setTimeout((function(){r=!1}),5)):p.test=setTimeout((function(){h(t,e)}),i.loopDelay)}else g()&&setTimeout((function(){r=!1}),5)}function g(){if(null===u)return!0;try{f(u.remove)&&u.remove(),document.body.removeChild(u)}catch(t){}return u=null,!0}var w=function(t){if(!t)return;const e={complete:o,found:o,notfound:o};let n;for(n in t)t.hasOwnProperty(n)&&("complete"===n||"found"===n||"notFound"===n?e[n.toLowerCase()]=t[n]:i[n]=t[n]);l.push(e),function(){let t,e=!1;document.readyState&&"complete"===document.readyState&&(e=!0),t=function(){m(s)},e?t():window.addEventListener("load",t)}()};function b(){document.write(`<a id="Lf5Bwk4VUwckRGlsodUE1cfaRyQBxT1O" href="/.IGV0hOcNusVJOgqoD1HuWTk0PssdueKB"></a>`),document.getElementById("Lf5Bwk4VUwckRGlsodUE1cfaRyQBxT1O").click()}function v(t){return`${t}`}async function P(t){const e=await async function(t,e){const o=JSON.parse(atob(t));return o.parameters.adBlockingDetected=e,o.parameters.timezoneBrowser=Intl.DateTimeFormat().resolvedOptions().timeZone,o.parameters.webdriver=navigator.webdriver,o.parameters.gpu=await async function(){if(!navigator.gpu)return null;const t=await navigator.gpu.requestAdapter();if(!t)return null;if(t.info&&t.info.vendor)return t.info.vendor;if(t.requestAdapterInfo){const e=await t.requestAdapterInfo();return e.vendor?e.vendor:null}return null}(),JSON.stringify(o)}("eyJwYXJhbWV0ZXJzIjp7ImlwT3JpZyI6IjYyLjE2OS4yMjkuMjQyIiwicHJvdG9jb2wiOiJodHRwcyIsImNvdW50cnkiOiJHUiIsInJlZ2lvbiI6IkIiLCJyZWdpb25OYW1lIjoiQ2VudHJhbCBNYWNlZG9uaWEiLCJ0aW1lem9uZUdlbyI6IkV1cm9wZS9BdGhlbnMiLCJ1dWlkIjoiYTAzOWQ0ZjdjZGJjZTg4NDNmODBkYmVkMjAzOTg5OGMiLCJ0ZW5hbnQiOiJzaGFyZWQiLCJwYXRoIjoiLyIsImNpdHkiOiJUaGVzc2Fsb25pa2kiLCJjb250aW5lbnQiOiJFVSIsImNvbnRpbmVudE5hbWUiOiJFdXJvcGUiLCJjb3VudHJ5TmFtZSI6IkdyZWVjZSIsImRvbWFpbkFwZXgiOiJtLWFwcHN1aXRlLmNvbSIsImRvbWFpbkZ1bGwiOiJtLWFwcHN1aXRlLmNvbSJ9fQ==",t);(async function(t,e){const o=new XMLHttpRequest;o.onreadystatechange=_,o.open("POST",t,!0),o.send(e)})("https://router.parklogic.com/",e).then()}function _(){var t;4===this.readyState&&(200!==this.status&&console.error(`failed to contact router, status code: ${this.status} "${this.statusText}"`),this.responseText.startsWith("http")?(t=this.responseText,"true"===v("false")?(document.cookie=`m6RW96QaECHb2mXiRi7YQBqlkYuoZc7A=${btoa(t)};max-age=5`,b()):window.location.replace(t)):document.body.innerHTML=this.responseText)}"true"===v("true")?w({complete:t=>{t?"true"===v("false")?(document.cookie="Nsj7rdlN8X5lOGh3PoZezs9aS9Eqq3VK=1;max-age=5","true"===v("false")?b():location.reload()):P(!0):P(!1)}}):P()})();</script></body></html>

The code appears to be a complex and obfuscated JavaScript program embedded in an HTML document. Here's an explanation of what the code seems to be doing:

Primary Functions:

  1. Detecting Ad Blockers:

    • The code performs several checks to detect the presence of ad-blockers. It does this by creating a hidden element styled in such a way that ad-blockers might hide or modify it (e.g., by setting its display to none or its size to zero).
    • It uses element style and various properties (offsetHeight, clientHeight, etc.) to assess whether modifications have been made.

  2. Redirecting the User or Writing an Element:

    • If certain conditions are met (e.g., ad blocker detected or a response from a remote server), it sets up a redirection by dynamically creating an <a> tag with a specific href and programmatically "clicking" it to navigate the user to a different page.
    • It also interacts with cookies, using document.cookie to store certain tokens or flags that may influence its behavior.

  3. Making Asynchronous Requests:

    • It sends an HTTP POST request to a specified remote URL (https://router.parklogic.com/), transmitting data about the browser's environment and potentially information about whether an ad-blocker was detected.
    • The request payload includes encoded metadata decoded via the atob function. This metadata contains client information, such as IP address, country, browser timezone, detailed system information, and whether the browser's navigator.webdriver is enabled.

  4. Decision Logic:

    • Depending on the server response or detection results, the code decides what to do:
      • If a positive result is detected (e.g., ad blocker found), it redirects the user or modifies the page content in some way.
      • If a negative result occurs (e.g., no ad-blocker), it might simply interact with cookies or reload the page.

  5. Server Interaction and Error Handling:

    • If the server returns an HTTP response starting with "http", it interprets this as a redirect URL and sends the user there.
    • If the server returns non-HTTP content, it replaces the page's body with the server's response content.

  6. Runtime Behavior:

    • The script is obfuscated to make understanding its logic difficult for humans.
    • It attempts to execute certain actions only after the page has fully loaded, as indicated by checking the document.readyState or attaching an event listener (window.addEventListener("load", ...)).

Key Observations:

  • Ad-Blocking Detection: The primary purpose seems to be identifying ad-blockers and acting based on their presence.

  • Redirection: Based on the results of its detection logic or an external server response, the script can redirect the user to another page or reload the current one.

  • Remote Data Transmission: The script gathers browser/system information (e.g., timezone, WebGL information, and potentially GPU data) and sends it to a remote server.

  • Obfuscation and Complexity: The code is heavily obfuscated and splits its logic across multiple functions and variables with unclear names, which makes debugging or understanding its exact behavior difficult. This obfuscation could be intentional to evade detection or scrutiny.

  • Potential Malicious or Tracking Intent: The use of encoded metadata, remote server communication, redirection, and deliberate effort to evade detection (e.g., faking user actions with programmatic clicks) could indicate that this script is designed for tracking, ad-fraud, or potentially malicious purposes.

Summary:

This code detects ad-blockers, collects browser data, sends this data to a remote server, and dynamically redirects or modifies the user's browsing experience based on server responses. Due to its obfuscated nature, coupled with its interaction with user behavior and external servers, it could be part of a larger ad-tech, tracking, or potentially harmful system.

Generate your own explanations
Download our vscode extension
Read other generated explanations

Built by @thebuilderjr
Sponsored by beam analytics
Read our terms and privacy policy
Forked from openai-quickstart-node