If you, like me, use Technorati to find interesting blog entries tagged "javascript", then you've probably noticed in recent days that a site javascript-guide.info (I'm not going to give them a real link; you can type this URL in yourself) has had a lot of posts, but that they titles are kind of gibberish. Looking at the site, it appears to be a fake blog, with content that is some how automatically gleaned from elsewhere on the web. There are lots of ads on each page, so I suspect that this site exists to get Google AdSense clicks...
When I visited, I noticed a persistant "waiting for fueledstudios.com..." message in my browser's status line. So I used view source to find out what it was loading from that site. It turns out that the last think each page of this fake blog does is load a script from fueledstudios.com
This is where the JavaScript Decoding Challenge comes in. Take a look at the script. It is not heavily obfuscated, but whitespace has been stripped out. The name of the script indicates that it is tracking something. A glance at the script shows that it is doing something with the google adsense ads on the page. it also registers event handlers, uses setTimeout() to repeatedly do something, and communicates with its server by dynamically loading images that pass a lot of data in their URL.
This might all be perfectly benign. But I have the feeling that this site is doing something sleazy. It sure would be nice if we could tell Google that this site is violating their AdSense terms-of-service. That might cause the site to shut down and stop spamming Technorati with junk. So, this is the challenge: anyone want to sort out what this script actually does? I'm very curious, but can't spare the time...
Let me know if you figure anything out!
After a quick look, it seems to just gather the info about the page and what ads are on it (up to 3 iframes with google ads in them) and then package up the data and send it to a php script. Things sent are the current page, the referrer, the ad colors and size for some reason, and a timestamp.
Thanks Geoff,
Maybe they're just trying to track the performance of ads based on permutations of colors, sizes and referrers...
I was hoping it was something more sinister...
Maybe they're collecting information in an attempt to "game" the system? I.e. tracking the actual ads Google runs and then perhaps correlating it with the revenue each generates?
Just a thought.
Seems like the "astracker" scripts called from the JS are some sort of AdSense tracking solution, most likely from adsensegold.com. A look at this website should give you an idea what they are trying to do.
Carlo seems to be right. At http://www.related-pages.com/ we find similar information. Searching Google for 'astracker' results in a lot of pages with similar urls
.../astracker/ast.php
all containing the same script david is linking to.