XF 2.1 Additional log-in pop up on every page load

[ibenick]

Out of the blue today, our site has started requesting login credentials through a non-Xenforo login screen on every page load. XF is up to date and patched. The prompt indicates it is for a subdomain that has nothing to do with the subdomain that XF is installed on. It pops up from the top of the browser in the same way that page protected by something like an htaccess file would behave. It doesn't accept any user credentials and the only way to make it go away is to click cancel, but then it happens again on every page load. I've run malware scanners and it appears clean. Any ideas?

 

[Russ]

Have this loading in your <head>

<script>
    var script = document.createElement('script');
    script.src = 'https://scripts.benningtonmarine.com/analytics/club.benningtonmarine.com.js';
    document.head.appendChild(script);
</script>

Remember placing that anywhere?

 

[ibenick]

Have this loading in your <head>

<script>
    var script = document.createElement('script');
    script.src = 'https://scripts.benningtonmarine.com/analytics/club.benningtonmarine.com.js';
    document.head.appendChild(script);
</script>

Remember placing that anywhere?

Definitely not.

 

[ibenick]

All figured out thanks to @Russ!

 

[ibenick]

This thread really had nothing to do with Xenforo, so if anyone wants to delete it, feel free.