UPDATE: Looks like the culprit was http://crazyeddie.info/dealer/dealer.js in the footer.php file of the GlossyBlue 1.4 theme
The official download site http://www.ndesign-studio.com/resources/wp-themes/glossyblue/ doesn’t have this code. I did download it last week… hmmm
Otto42 over on the Wordpress.org forums identified the script as:
It’s a captcha defeating system. It’s not checking if you’re human or not, it’s sending the results back to crazyeddie.info to let the thing bypass the captcha from some other site!
I just went through all the files and verified that the only java script files that are being pulled are official ones. Kudos to Otto42!