generic_javascript_obfuscation5 in www.lisboa.pt

On 2020-05-12T14:59:19.132888+00:00 we found pattern generic_javascript_obfuscation5, type: Suspicious, (JavaScript obfuscation is frequently used to hide malicious code (or with hope to protect intellectual property)) in the page https://www.lisboa.pt/typo3conf/ext/rx_… referenced from https://lisboa.pt/ .

Code sample:

b'["{","}","|","\\","^","`"].concat(c),m=["\'"].concat(f),b=["%","/","?",";","#"].concat(m),g=["/","?",'

This feature is experimental so please feel free to contact us if you feel any of the reported issues is a false positive or you want to suggest a pattern that should be detected (we are using Yara standard).