Hey Marcos,
Okay thank you - that gives me a starting point. This could pertain to a number of code lines in our script.
I'll list them below - can you please let me know what you think could be triggering it? Is it possible that I ESET is triggering a false positive?
Quantcast Tag
</script>
<!-- Quantcast Tag -->
<_script type="text/javascript">
window._qevents = window._qevents || [];
(function() {
var elem = document.createElement('script');
elem.src = (document.location.protocol == "https:" ? "https://secure" : "hxxp://edge") + ".quantserve.com/quant.js";
elem.async = true;
elem.type = "text/javascript";
var scpt = document.getElementsByTagName('script')[0];
scpt.parentNode.insertBefore(elem, scpt);
})();
window._qevents.push({
qacct:"p-0yt8t04BdHBHy",
uid:""
});
</script>
Facebook Tag
</style> <!-- Facebook Business Extension for Magento 2 -->
<!-- Facebook Pixel Code -->
<_script>
!function(f,b,e,v,n,t,s){if(f.fbq)return;n=f.fbq=function(){n.callMethod?
n.callMethod.apply(n,arguments):n.queue.push(arguments)};if(!f._fbq)f._fbq=n;
n.push=n;n.loaded=!0;n.version='2.0';n.queue=[];t=b.createElement(e);t.async=!0;
t.src=v;s=b.getElementsByTagName(e)[0];s.parentNode.insertBefore(t,s)}(window,
document,'script','//connect.facebook.net/en_US/fbevents.js');
fbq(
'init',
'260325074565775',
{},
{agent: 'magento2-2.4.2-1.2.5' }
);
fbq('track', 'PageView', {
source: "magento2",
version: "2.4.2",
pluginVersion: "1.2.5"
});
</script>
<noscript>
<img height="1" width="1" style="display:none"
src="https://www.facebook.com/tr?id=260325074565775&ev=PageView&noscript=1&a=magento2-2.4.2-1.2.5" />
</noscript>
<!-- End Facebook Pixel Code -->
Yotpo Tag
<!-- Yotpo - Widget Script -->
<_script>
(function e(){var e=document.createElement("script");e.type="text/javascript",e.async=true,e.src="//staticw2.yotpo.com/MiYqr6pLo4uM7oXnMnqaO13o5qy27pLQHQp9o9zC/widget.js";var t=document.getElementsByTagName("script")[0];t.parentNode.insertBefore(e,t)})();
</script>