generic_javascript_obfuscation5 in www.lisboa.pt

On 2020-05-12T14:59:18.468015+00:00 we found pattern generic_javascript_obfuscation5, type: Suspicious, (JavaScript obfuscation is frequently used to hide malicious code (or with hope to protect intellectual property)) in the page https://www.lisboa.pt/typo3conf/ext/boo… referenced from https://lisboa.pt/ .

Code sample:

b"['auto-start','auto','auto-end','top-start','top','top-end','right-start','right','right-end','bottom-end','bottom','bottom-start','left-end','left','left-start'],ce=he.slice(3),ge={FLIP:'flip',CLOCKWISE:'clockwise',"

This feature is experimental so please feel free to contact us if you feel any of the reported issues is a false positive or you want to suggest a pattern that should be detected (we are using Yara standard).