generic_javascript_obfuscation5 in www.shoptaxfree.com

On 2020-10-06T20:33:35.490691+00:00 we found pattern generic_javascript_obfuscation5, type: Suspicious, (JavaScript obfuscation is frequently used to hide malicious code (or with hope to protect intellectual property)) in the page https://www.shoptaxfree.com/wp-content/… referenced from https://www.shoptaxfree.com/ .

Code sample:

b'["text","search","url","tel","email","\xc2\xa5\xc2\xab,\xc3\x82\xc2\x8a\xc3\x9d","number","\xc2\xb5\xc3\xacmj\xc2\xb7\xc2\x9a"],T=[27,33,34,35,36,37,38,39,40,8,46],C="#ccc",S="placeholdersjs",'

This feature is experimental so please feel free to contact us if you feel any of the reported issues is a false positive or you want to suggest a pattern that should be detected (we are using Yara standard).