Reputation: 31
Random codes found while inspecting my Wordpress website
<style type="text/css">
:root topadblock,
:root script[src^="http://free-shoutbox.net/app/webroot/shoutbox/sb.php?shoutbox="] + #freeshoutbox_content,
:root input[onclick^="window.open('http://www.FriendlyDuck.com/"],
:root img[alt^="Fuckbook"],
:root iframe[src^="http://static.mozo.com.au/strips/"],
:root iframe[id^="google_ads_iframe"],
:root div[jscontroller="U835zd"] + c-wiz[jsrenderer="YnuqN"],
</style>
and more code was there... like these, almost 350 of them. Anyone know why?
Upvotes: 3
Views: 2365
Answers (3)
Reputation: 13
For all of the people who would like an answer to this question, here it is: All of those links are links to sites that most likely download malware on your computer, and that code is there to immediately remove the malicious sites from the page before the site even has the chance to load properly.
Upvotes: 0
Reputation: 105
In my case it was the Opera as mentioned in the answer - whitelisting the site stops adding the unwanted CSS to my site.
Upvotes: -1
Reputation: 2106
In my case I have some code like this:
<style type="text/css">
:root topadblock,
:root script[src^="http://free-shoutbox.net/app/webroot/shoutbox/sb.php?shoutbox="] + #freeshoutbox_content,
:root input[onclick^="window.open('http://www.FriendlyDuck.com/"],
:root img[alt^="Fuckbook"],
:root iframe[src^="http://static.mozo.com.au/strips/"],
:root iframe[id^="google_ads_iframe"],
:root div[jscontroller="U835zd"] + c-wiz[jsrenderer="YnuqN"],
:root a[href^="https://chaturbate.jjgirls.com/"][href*="?tour="],
:root a[href^="https://chaturbate.com/in/?tour="],
:root a[href^="https://chaturbate.com/affiliates/"],
:root .mod > ._jH + .rscontainer, :root a[href^="https://blackorange.go2cloud.org/"],
:root a[href^="http://www.1clickdownloader.com/"],
:root a[href^="https://www.googleadservices.com/pagead/aclk?"],
:root a[href^="https://awentw.com/"],
:root a[href^="http://adultfriendfinder.com/p/register.cgi?pid="],
:root a[href^="https://www.popads.net/users/"],
:root iframe[src^="http://ad.yieldmanager.com/"],
:root a[href^="http://pubads.g.doubleclick.net/"],
:root a[href^="https://sexdatingz.live/"],
:root a[href^="//bwnjijl7w.com/"],
</style>
For whom face this problem I should say it's because of AdBlocker Plugin* in Opera (at least in my case) So don't worry. If you wanna test you can:
- press Ctrl+ Shift+ E and open "Extensions" page.
- Then find "Opera Adblock"
- Click on blue toggle button and Disable it.
Now you can refresh your website and as you can see all code disappeared.
Upvotes: 9
Related Questions
- undesirable php code appeared on some of my scripts
- Wordpress PHP files includes random php codes in the beginning of everyfile. Is it hacked?
- Wordpress - Found malicious PHP code
- Strange code added in all php files
- Suspicious code in WordPress any idea how to remove this?
- My website seems to be hacked? Obscure code on the first line of every PHP file?
- Unusual Code in almost each WordPress PHP File
- Strange code on wordpress website
- What is this Unknown Codes appeared in my WP site footer.php? is this hacking
- In Wordpress, on every page, sometimes multiple times, there's a piece of PHP code showing up