generic_javascript_obfuscation5 in consent.cookiebot.com

On 2020-01-16T17:42:07.448136+00:00 we found pattern generic_javascript_obfuscation5, type: Suspicious, (JavaScript obfuscation is frequently used to hide malicious code (or with hope to protect intellectual property)) in the page https://consent.cookiebot.com/uc.js?cbi… referenced from https://www.cookiebot.com/de/dsgvo-cook… .

Code sample:

b'["at","be","bg","cy","cz","de","dk","es","ee","fi","fr","gb","gr","hr","hu","ie","it","lt","lu","lv","mt","nl","pl","pt","ro","sk","si","se","li","no","is"],ccpa:["us-06"],lgpd:["br"]},this.commonTrackers={domains:[{d:"google-analytics.com",c:[3]},{d:"youtube.com",c:[4]},{d:"youtube-nocookie.com",c:[4]},{d:"googleadservices.com",c:[4]},{d:"googlesyndication.com",c:[4]},{d:"doubleclick.net",c:[4]},{d:"facebook.*",c:[4]},{d:"linkedin.com",c:[4]},{d:"twitter.com",c:[4]},{d:"addthis.com",c:[4]},{d:"bing.com",c:'

This feature is experimental so please feel free to contact us if you feel any of the reported issues is a false positive or you want to suggest a pattern that should be detected (we are using Yara standard).

Fully automated RESTful API is now available. Subscribe for your free trial today!