I use ESET security software and every once in a while, a warning message pops up indicating that an SSL connection has been blocked:
Code: Select all
ssl://store.uniblue.com
I have now figured out that this occurs whenever NoScript updates itself to the latest version and takes me to the corresponding webpage on noscript.net , eg: https://noscript.net/?ver=2.6.9.17&prev=2.6.9.16
Within the source code, on that page, is the following:
Obviously, it seems a little unusual that a legitimate web developer would place this line of code 500+ spaces away from the rest of the main body. Looking over to the main body, it is noticeable that this is part of a seemingly redundant...
Code: Select all
<style type="text/css ... />
If you look towards the bottom of the page, there is another "text/css" style type element which appears to have obfuscated code within (lines 309-325). At this time, I don't know what this does or where it points.
It's getting late where I am and I still have the new Top Gear from yesterday to watch, I'll try and do a little more analysis tomorrow. In the meantime, I look forward to hearing your thoughts on the above.
Regards,
@EdmoOnSecurity