generic_javascript_obfuscation5 in conosco-wpengine.netdna-ssl.com

On 2020-06-06T19:39:17.533969+00:00 we found pattern generic_javascript_obfuscation5, type: Suspicious, (JavaScript obfuscation is frequently used to hide malicious code (or with hope to protect intellectual property)) in the page https://conosco-wpengine.netdna-ssl.com… referenced from http://conosco.com/ .

Code sample:

b'["paddingLeft","\xc2\xa5\xc2\xa7]\xc2\x8ax\x11\xc2\x8a\x08m","paddingTop","paddingBottom","marginLeft","marginRight","marginTop","\xc2\x99\xc2\xaa\xc3\xa0\xc2\x8aph\xc2\xb6\xc3\x9a&","borderLeftWidth","n\xc2\x8a\xc3\x9dz\xc2\xb4b\xc2\x82\x1bV\xc2\x89\xc3\x9ba","borderTopWidth",' … b'["\xc2\xa2\xc3\xabek\'\xc2\xab/\xc2\xa2\xc3\xabek\'\xc2\xab","get-size/get-size","desandro-matches-selector/matches-selector","fizzy-ui-utils/utils","isotope-layout/js/item","isotope-layout/js/layout-mode","isotope-layout/js/layout-modes/masonry","isotope-layout/js/layout-modes/fit-rows",'

This feature is experimental so please feel free to contact us if you feel any of the reported issues is a false positive or you want to suggest a pattern that should be detected (we are using Yara standard).

Fully automated RESTful API is now available. Subscribe for your free trial today!