{"version":"1.0","provider_name":"Support | Kriesi.at - Premium WordPress Themes","provider_url":"https:\/\/kriesi.at\/support","author_name":"mikestoltz","author_url":"https:\/\/kriesi.at\/support\/author\/mikestoltz\/","title":"Webfonts Cookie Check detected as JS:Trojan.Cryxos - Support | Kriesi.at - Premium WordPress Themes","type":"rich","width":600,"height":338,"html":"<blockquote class=\"wp-embedded-content\" data-secret=\"WxirELrqmQ\"><a href=\"https:\/\/kriesi.at\/support\/topic\/webfonts-cookie-check-detected-as-jstrojan-cryxos\/\">Webfonts Cookie Check detected as JS:Trojan.Cryxos<\/a><\/blockquote><iframe sandbox=\"allow-scripts\" security=\"restricted\" src=\"https:\/\/kriesi.at\/support\/topic\/webfonts-cookie-check-detected-as-jstrojan-cryxos\/embed\/#?secret=WxirELrqmQ\" width=\"600\" height=\"338\" title=\"&#8220;Webfonts Cookie Check detected as JS:Trojan.Cryxos&#8221; &#8212; Support | Kriesi.at - Premium WordPress Themes\" data-secret=\"WxirELrqmQ\" frameborder=\"0\" marginwidth=\"0\" marginheight=\"0\" scrolling=\"no\" class=\"wp-embedded-content\"><\/iframe><script type=\"text\/javascript\">\n\/* <![CDATA[ *\/\n\/*! This file is auto-generated *\/\n!function(d,l){\"use strict\";l.querySelector&&d.addEventListener&&\"undefined\"!=typeof URL&&(d.wp=d.wp||{},d.wp.receiveEmbedMessage||(d.wp.receiveEmbedMessage=function(e){var t=e.data;if((t||t.secret||t.message||t.value)&&!\/[^a-zA-Z0-9]\/.test(t.secret)){for(var s,r,n,a=l.querySelectorAll('iframe[data-secret=\"'+t.secret+'\"]'),o=l.querySelectorAll('blockquote[data-secret=\"'+t.secret+'\"]'),c=new RegExp(\"^https?:$\",\"i\"),i=0;i<o.length;i++)o[i].style.display=\"none\";for(i=0;i<a.length;i++)s=a[i],e.source===s.contentWindow&&(s.removeAttribute(\"style\"),\"height\"===t.message?(1e3<(r=parseInt(t.value,10))?r=1e3:~~r<200&&(r=200),s.height=r):\"link\"===t.message&&(r=new URL(s.getAttribute(\"src\")),n=new URL(t.value),c.test(n.protocol))&&n.host===r.host&&l.activeElement===s&&(d.top.location.href=t.value))}},d.addEventListener(\"message\",d.wp.receiveEmbedMessage,!1),l.addEventListener(\"DOMContentLoaded\",function(){for(var e,t,s=l.querySelectorAll(\"iframe.wp-embedded-content\"),r=0;r<s.length;r++)(t=(e=s[r]).getAttribute(\"data-secret\"))||(t=Math.random().toString(36).substring(2,12),e.src+=\"#?secret=\"+t,e.setAttribute(\"data-secret\",t)),e.contentWindow.postMessage({message:\"ready\",secret:t},\"*\")},!1)))}(window,document);\n\/* ]]> *\/\n<\/script>\n","description":"Our security software &#8220;VIPRE&#8221; has detected the existence of the malware &#8220;JS:Trojan.Cryxos.8975&#8221; within our website. After some investigation, we located the JavaScript code block that triggers the malware detection. We believe this code block is inserted by the Enfold theme to check if WebFonts should be used. Please advise. &lt;script type=&#8217;text\/javascript&#8217;&gt; (function() { \/* check [&hellip;]"}