Windows Analysis Report
https://doc-42.jimdosite.com/

Overview

General Information

Sample URL:	https://doc-42.jimdosite.com/
Analysis ID:	1432320
Infos:

Detection

HTMLPhisher

Score:	60
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus / Scanner detection for submitted sample

Yara detected HtmlPhish29

Phishing site or detected (based on various text indicators)

HTML page contains hidden URLs or javascript code

Classification

Signatures

AV Detection

Antivirus / Scanner detection for submitted sample

Source: https://doc-42.jimdosite.com/

SlashNext: detection malicious, Label: Credential Stealing type: Phishing & Social Engineering

Phishing

Yara detected HtmlPhish29

Source: Yara match	File source: 0.2.pages.csv, type: HTML
Source: Yara match	File source: 0.1.pages.csv, type: HTML

Phishing site or detected (based on various text indicators)

Source: Chrome DOM: 0.1

OCR Text: Doc Home Book Now x Cookie Policy This website uses cookies. You can find Access incoming fax document more information on the types of cookies used as well as enable individual cookies Fax ID: 01721232534562 in their respective categories. You can Types: PDF Reference: Scanned Document Pages: 3 Read more Date: Friday, April 26, 2024 Imprint Privacy Policy O Strictly necessary Click to Review Document Acxept all Reject all Accept only selected JIMDO BUILT WITH

HTML page contains hidden URLs or javascript code

Source: https://pub-915ec07e23184287868b4bc8f1cb3f00.r2.dev/index.html

HTTP Parser: Base64 decoded: https://grupoej.com/zdfaeawees/host%5b24.0%5d/302aa6a.php

Source: https://pub-915ec07e23184287868b4bc8f1cb3f00.r2.dev/index.html

HTTP Parser: No favicon

Source: unknown	HTTPS traffic detected: 23.204.76.112:443 -> 192.168.2.4:49754 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.204.76.112:443 -> 192.168.2.4:49755 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 104.46.162.224
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /renderer/static/a5814dc53c612c628f1a.css HTTP/1.1Host: jimdo-dolphin-static-assets-prod.freetls.fastly.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://doc-42.jimdosite.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /renderer/static/c74cde79ea88fbaee6df.js HTTP/1.1Host: jimdo-dolphin-static-assets-prod.freetls.fastly.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://doc-42.jimdosite.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /image/455980452/9041bab6-4a58-4ffc-8c72-5cb97b13d08f.png?quality=80,90&auto=webp&disable=upscale&width=320&height=320 HTTP/1.1Host: jimdo-storage.freetls.fastly.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://doc-42.jimdosite.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /image/455980452/9041bab6-4a58-4ffc-8c72-5cb97b13d08f.png?quality=80,90&auto=webp&disable=upscale&width=320&height=320 HTTP/1.1Host: jimdo-storage.freetls.fastly.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /renderer/static/default-website-favicon.1a874ea70dbf3a4b0e0e..png HTTP/1.1Host: jimdo-dolphin-static-assets-prod.freetls.fastly.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://doc-42.jimdosite.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /renderer/static/default-website-favicon.1a874ea70dbf3a4b0e0e..png HTTP/1.1Host: jimdo-dolphin-static-assets-prod.freetls.fastly.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /index.html HTTP/1.1Host: pub-915ec07e23184287868b4bc8f1cb3f00.r2.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://pub-915ec07e23184287868b4bc8f1cb3f00.r2.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/b/471dc2adc340/api.js?onload=onloadTurnstileCallback HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://pub-915ec07e23184287868b4bc8f1cb3f00.r2.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: pub-915ec07e23184287868b4bc8f1cb3f00.r2.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pub-915ec07e23184287868b4bc8f1cb3f00.r2.dev/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ui/loader.js HTTP/1.1Host: web.cmp.usercentrics.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.jimdo.com/?utm_source=dol-doc-42%20en-US&utm_medium=footer%20ad&utm_campaign=ownads%20webviewAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ui/v/3.12.2/cmp.a3828959.js HTTP/1.1Host: web.cmp.usercentrics.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.jimdo.com/?utm_source=dol-doc-42%20en-US&utm_medium=footer%20ad&utm_campaign=ownads%20webviewAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /feature-flags?shd=d5f4b0dd-411c-4c16-9ae7-a6ad92d3df1f&custom=%7B%22language%22%3A%22en%22%2C%22isMobileLayout%22%3Afalse%2C%22jimdoApp%22%3A%22lp%22%2C%22isAffiliate%22%3Afalse%7D HTTP/1.1Host: feature-flags-proxy.prod.jimdo.systemsConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.jimdo.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.jimdo.com/?utm_source=dol-doc-42%20en-US&utm_medium=footer%20ad&utm_campaign=ownads%20webviewAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ui/v/3.12.2/BrowserSdk.lib.842d58da.js HTTP/1.1Host: web.cmp.usercentrics.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.jimdo.com/?utm_source=dol-doc-42%20en-US&utm_medium=footer%20ad&utm_campaign=ownads%20webviewAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /app/price/index/country HTTP/1.1Host: a.jimdo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.jimdo.comSec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.jimdo.com/?utm_source=dol-doc-42%20en-US&utm_medium=footer%20ad&utm_campaign=ownads%20webviewAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /feature-flags?shd=d5f4b0dd-411c-4c16-9ae7-a6ad92d3df1f&custom=%7B%22language%22%3A%22en%22%2C%22isMobileLayout%22%3Afalse%2C%22jimdoApp%22%3A%22lp%22%2C%22isAffiliate%22%3Afalse%7D HTTP/1.1Host: feature-flags-proxy.prod.jimdo.systemsConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /openid/authorize?client_id=lc-website&redirect_uri=https://www.jimdo.com/oidc-silent-callback/&response_type=id_token&scope=openid%20email%20profile&state=256b7a98da7746ca9ff5752a1b68e60e&nonce=7640dc06b94045b186e893193bb13880&prompt=none HTTP/1.1Host: account.e.jimdo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: iframeReferer: https://www.jimdo.com/?utm_source=dol-doc-42%20en-US&utm_medium=footer%20ad&utm_campaign=ownads%20webviewAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: shd=d5f4b0dd-411c-4c16-9ae7-a6ad92d3df1f; jLang=en; _dd_s=logs=0&expire=1714159837722&lock=200ff77a-c3b2-4501-860b-e6ebed528232
Source: global traffic	HTTP traffic detected: GET /latest/core/k1JwB2Dk_ HTTP/1.1Host: v1.api.service.cmp.usercentrics.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.jimdo.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.jimdo.com/?utm_source=dol-doc-42%20en-US&utm_medium=footer%20ad&utm_campaign=ownads%20webviewAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /session/1px.png?settingsId=k1JwB2Dk_ HTTP/1.1Host: app.usercentrics.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.jimdo.com/?utm_source=dol-doc-42%20en-US&utm_medium=footer%20ad&utm_campaign=ownads%20webviewAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdcs/v/1.0.0/index.html HTTP/1.1Host: web.cmp.usercentrics.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: iframeReferer: https://www.jimdo.com/?utm_source=dol-doc-42%20en-US&utm_medium=footer%20ad&utm_campaign=ownads%20webviewAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /latest/core/k1JwB2Dk_ HTTP/1.1Host: v1.api.service.cmp.usercentrics.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /app/price/index/country HTTP/1.1Host: a.jimdo.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: shd=d5f4b0dd-411c-4c16-9ae7-a6ad92d3df1f; jLang=en; _dd_s=logs=0&expire=1714159837722&lock=200ff77a-c3b2-4501-860b-e6ebed528232
Source: global traffic	HTTP traffic detected: GET /session/1px.png?settingsId=k1JwB2Dk_ HTTP/1.1Host: app.usercentrics.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /latest/1/cmp/en/GDPR/k1JwB2Dk_/265.83.373/265.83.373?isOutsideEu=true HTTP/1.1Host: v1.api.service.cmp.usercentrics.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.jimdo.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.jimdo.com/?utm_source=dol-doc-42%20en-US&utm_medium=footer%20ad&utm_campaign=ownads%20webviewAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ui/v/3.12.2/GdprCmpController.3f26e812.js HTTP/1.1Host: web.cmp.usercentrics.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.jimdo.com/?utm_source=dol-doc-42%20en-US&utm_medium=footer%20ad&utm_campaign=ownads%20webviewAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /latest/1/cmp/en/GDPR/k1JwB2Dk_/265.83.373/265.83.373?isOutsideEu=true HTTP/1.1Host: v1.api.service.cmp.usercentrics.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /.well-known/web-identity HTTP/1.1Host: google.comConnection: keep-aliveAccept: application/jsonSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: webidentityUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ui/v/3.12.2/UcGdprCmpView.5874706c.js HTTP/1.1Host: web.cmp.usercentrics.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.jimdo.com/?utm_source=dol-doc-42%20en-US&utm_medium=footer%20ad&utm_campaign=ownads%20webviewAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /.well-known/web-identity HTTP/1.1Host: www.google.comConnection: keep-aliveAccept: application/jsonSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: webidentityUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: chromecache_117.2.dr	String found in binary or memory: we make it easy for you. Create your online store with ease - we do not charge fees on your sales. Or get your service running with your booking tool.","title":"The easy way to get your first transaction"},"community":{"linkHref":"https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fgroups%2F551693728784465%2F%3Fref%3Dshare%26paipv%3D0%26eav%3DAfZ416FHK-1vGrRMXO0KFWEc6dIc0LztRgMYPAuusG8HTZr_5dY-ohooTUxZ75VvJkI","linkLabel":"Join the community","text":"The Jimdo Community is a place where you can benefit from the experiences of other entrepreneurs. Get answers to all your questions and take your business to the next level.","title":"Your support from other business owners"},"domains":{"linkHref":"https://www.jimdo.com/website/domain/","linkLabel":"Get your domain now","text":"Your website appears professional and trustworthy: with a domain including HTTPS encryption, hosting, and the added benefit of being more easily found through search engines like Google.","title":"Your own domain in just three clicks"},"website":{"buttonLabel":"Get started","linkHref":"https://www.jimdo.com/website/how-to-create/","linkLabel":"Learn more","text":"Build your professional website with the power of the Jimdo Artificial Intelligence. Whatever you need for your business and website, our AI simplifies it, speeds it up and knows exactly what you need to be successful.","title":"Your website without all the bells and whistles but with everything you need"}},"TeaserSplit":{"shop-teaser":{"buttonHref":"/pricing/onlineshop/","buttonLabel":"Let's get started","imageAlt":"Man prepares a shipment from his online store","linkHref":"/website/online-store/","linkLabel":"How to create an online store","listItems":[{"text":"No transaction fees (your products, your profit)"},{"text":"Offer shipping and local pickup options"},{"text":"Book appointments right on your site"},{"text":"Take payments via PayPal or Stripe"},{"text":"Manage all your orders in one place"},{"text":"Sell on Instagram and Facebook"},{"text":"Boost your store with sales & discounts"}],"text":"Create an independent online store equals www.facebook.com (Facebook)
Source: chromecache_96.2.dr	String found in binary or memory: d like to find out more about the cookies we use and set your individual cookie preferences, please review our [{cookiesPolicyPageName}]({cookiesPolicyLink}).",cmsCookieBannerText2020June:"This website uses cookies. You can find more information on the types of cookies used as well as enable individual cookies in their respective categories. You can adjust your settings at any time through the link in the footer of this website.",cmsCookieBannerTiktokPostCookiePolicyUrl:"https://www.tiktok.com/legal/cookie-policy?lang=en",cmsCookieBannerTiktokPostPrivacyPolicy:"https://www.tiktok.com/legal/privacy-policy-eea?lang=de",cmsCookieBannerTitle:"Cookie Policy",cmsCookieBannerToggleButtonEnableAllText:"Enable all",cmsCookieBannerTumblrCookiePolicyUrl:"https://www.tumblr.com/privacy",cmsCookieBannerTumblrPrivacyPolicy:"https://www.tumblr.com/privacy",cmsCookieBannerTwitchVideoCookiePolicyUrl:"https://www.twitch.tv/p/de-de/legal/cookie-notice/",cmsCookieBannerTwitchVideoPrivacyPolicy:"https://www.twitch.tv/p/de-de/legal/privacy-notice/",cmsCookieBannerTwitterPostCookiePolicyUrl:"https://help.twitter.com/en/rules-and-policies/twitter-cookies",cmsCookieBannerTwitterPostPrivacyPolicy:"https://twitter.com/en/privacy",cmsCookieBannerTypeFormCookiePolicyUrl:"https://admin.typeform.com/to/dwk6gt/?typeform-source=www.typeform.com",cmsCookieBannerTypeFormPrivacyPolicy:"https://admin.typeform.com/to/dwk6gt/?typeform-source=www.typeform.com",cmsCookieBannerVimeoCookiePolicyUrl:"https://vimeo.com/cookie_policy",cmsCookieBannerVimeoDescription:"This cookie is used to unlock and display Vimeo content on this website. \n\nProvider: Vimeo, Inc., 555 West 18th Street, New York, New York 10011 USA\n\nCookie Names and Lifetimes: muxData (Lifetime: 20 years), _ssid (Lifetime: 10 years), language (Lifetime: 10 years), vimeo_gdpr_optin (Lifetime: 10 years), player (Lifetime: 1 year), _qca (Lifetime: 3 months), continuous_play_v3 (Lifetime: 2 months), vuid (Lifetime: 2 years), _derived_epik (Lifetime: 2 months), _ga (Lifetime: 2 years)",cmsCookieBannerVimeoPrivacyPolicyUrl:"https://vimeo.com/privacy",cmsCookieBannerVimeoTitle:"Vimeo",cmsCookieBannerVimeoVideoCookiePolicyUrl:"https://vimeo.com/cookie_policy",cmsCookieBannerVimeoVideoPrivacyPolicy:"https://vimeo.com/privacy",cmsCookieBannerWebStoreStateDescription:"Essential local storage for the correct functioning of this store and for the continued saving of the visitor equals www.twitter.com (Twitter)
Source: chromecache_128.2.dr, chromecache_117.2.dr	String found in binary or memory: ll get access to:","title":"Create your\nJimdo account"},"socialButtonList":{"facebook":{"href":"https://www.facebook.com/Jimdo","label":"Visit Jimdo equals www.facebook.com (Facebook)
Source: chromecache_121.2.dr	String found in binary or memory: return b}yC.J="internal.enableAutoEventOnTimer";var dc=ka(["data-gtm-yt-inspected-"]),AC=["www.youtube.com","www.youtube-nocookie.com"],BC,CC=!1; equals www.youtube.com (Youtube)
Source: chromecache_128.2.dr, chromecache_117.2.dr	String found in binary or memory: s Facebook page"},"instagram":{"href":"https://www.instagram.com/jimdo_global/","label":"Visit Jimdo equals www.facebook.com (Facebook)
Source: chromecache_96.2.dr	String found in binary or memory: s IP address, and operating system info.",cmsCookieBannerIFrameAppTypeFormDescription:"Typeform is for building online forms and surveys. To provide this service, it collects the data that the website visitor enters into the online form or survey, as well as the date and time of their visit, duration, IP address, and email address. Cookie Name(s) and Lifetimes: __cf_bm(lifetime: 30mins), attribution_user_id(lifetime: 1 year)",cmsCookieBannerIFrameAppVimeoVideoDescription:"This cookie is used to unlock and display Vimeo content on this website. Provider: Vimeo, Inc., 555 West 18th Street, New York, New York 10011 USA Cookie Names and Lifetimes: muxData (Lifetime: 20 years), _ssid (Lifetime: 10 years), language (Lifetime: 10 years), vimeo_gdpr_optin (Lifetime: 10 years), player (Lifetime: 1 year), _qca (Lifetime: 3 months), continuous_play_v3 (Lifetime: 2 months), vuid (Lifetime: 2 years), _derived_epik (Lifetime: 2 months), _ga (Lifetime: 2 years)",cmsCookieBannerIFrameAppYoutubeVideoDescription:'These cookies are set via embedded YouTube videos. They register anonymous statistical data, e.g. how often the video is shown and which settings are used for playback. No personal data is collected unless the user logs in to their Google Account. In this case, their selections are associated with their account, such as when they click "Like" on a video. \nCookie Name(s) and Lifetimes: YSC(valid for one session), secure-HSID,(lifetime:2 months) Secure-SSID(lifetime:2 months), Secure-APSID(lifetime:2 months), VISITORINFO1LIVE(lifetime:5 months), SIDCC(lifetime: 1 year), LOGIN_INFO(lifetime: 2 years),PREF(lifetime: 2 years), SID(lifetime: 2 years), _Secure-3PSID(lifetime: 2 years), HSID(lifetime: 2 years), SSID(lifetime: 2 years), APISID(lifetime: 2 years), SAPISID(lifetime: 2 years), _Secure-3PAPISID(lifetime: 2 years), Consent (lifetime: 28 years).',cmsCookieBannerInstagramPostCookiePolicyUrl:"https://help.instagram.com/1896641480634370?ref=ig",cmsCookieBannerInstagramPostPrivacyPolicy:"https://help.instagram.com/519522125107875",cmsCookieBannerItunesCookiePolicyUrl:"https://www.apple.com/legal/privacy/de-ww/cookies/",cmsCookieBannerItunesDescription:"This cookie is used to unlock and display Apple Music content on this website.\n\nProvider: Apple Inc., Infinite Loop, Cupertino, CA 95014 USA.\n\nCookie Names and Lifetime:_lost-sound_session (Lifetime: session), JESSIONID (Lifetime: Session)",cmsCookieBannerItunesPrivacyPolicyUrl:"https://www.apple.com/legal/privacy/",cmsCookieBannerItunesTitle:"iTunes",cmsCookieBannerPaypalCookiePolicyUrl:"https://www.paypal.com/ie/webapps/mpp/ua/cookie-full",cmsCookieBannerPaypalDescription:"This is essential in order to enable payments powered by Paypal via this store. \n\nProvider:PayPal (Europe) S. equals www.youtube.com (Youtube)
Source: chromecache_128.2.dr, chromecache_117.2.dr	String found in binary or memory: s Twitter page"},"youTube":{"href":"https://www.youtube.com/user/jimdo","label":"Visit Jimdo equals www.twitter.com (Twitter)
Source: chromecache_128.2.dr, chromecache_117.2.dr	String found in binary or memory: s Twitter page"},"youTube":{"href":"https://www.youtube.com/user/jimdo","label":"Visit Jimdo equals www.youtube.com (Youtube)
Source: chromecache_96.2.dr	String found in binary or memory: ssig sind, Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland\nCookie-Namen und Lebenszeiten: _fbp (Lebensdauer: 2 Jahre), _fbc(Lebensdauer: 2 Jahre)",cmsCookieBannerFacebookPixelPolicyUrl:"https://www.facebook.com/policies/cookies",cmsCookieBannerFacebookPixelPrivacyPolicy:"https://www.facebook.com/policy.php",cmsCookieBannerFacebookPixelTitle:"Facebook",cmsCookieBannerGADescription:"Diese Cookies sammeln anonymisierte Informationen zu Analysezwecken equals www.facebook.com (Facebook)

Source: global traffic	DNS traffic detected: DNS query: doc-42.jimdosite.com
Source: global traffic	DNS traffic detected: DNS query: jimdo-dolphin-static-assets-prod.freetls.fastly.net
Source: global traffic	DNS traffic detected: DNS query: jimdo-storage.freetls.fastly.net
Source: global traffic	DNS traffic detected: DNS query: fonts.jimstatic.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: at.prod.jimdo.systems
Source: global traffic	DNS traffic detected: DNS query: pub-915ec07e23184287868b4bc8f1cb3f00.r2.dev
Source: global traffic	DNS traffic detected: DNS query: challenges.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: grupoej.com
Source: global traffic	DNS traffic detected: DNS query: www.jimdo.com
Source: global traffic	DNS traffic detected: DNS query: country.jimdo.com
Source: global traffic	DNS traffic detected: DNS query: web.cmp.usercentrics.eu
Source: global traffic	DNS traffic detected: DNS query: feature-flags-proxy.prod.jimdo.systems
Source: global traffic	DNS traffic detected: DNS query: account.e.jimdo.com
Source: global traffic	DNS traffic detected: DNS query: a.jimdo.com
Source: global traffic	DNS traffic detected: DNS query: v1.api.service.cmp.usercentrics.eu
Source: global traffic	DNS traffic detected: DNS query: app.usercentrics.eu
Source: global traffic	DNS traffic detected: DNS query: google.com
Source: global traffic	DNS traffic detected: DNS query: consent-api.service.consent.usercentrics.eu

Source: unknown

HTTP traffic detected: POST /anon HTTP/1.1Host: at.prod.jimdo.systemsConnection: keep-aliveContent-Length: 307sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: text/plain;charset=UTF-8Accept: */*Origin: https://doc-42.jimdosite.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://doc-42.jimdosite.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic

HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 26 Apr 2024 19:15:20 GMTContent-Type: text/htmlContent-Length: 27242Connection: closeServer: cloudflareCF-RAY: 87a8e6a31d607446-MIA

Source: chromecache_96.2.dr	String found in binary or memory: http://tools.google.com/dlpage/gaoptout
Source: chromecache_117.2.dr	String found in binary or memory: https://account.e.jimdo.com/login
Source: chromecache_128.2.dr, chromecache_117.2.dr	String found in binary or memory: https://account.e.jimdo.com/signup/apple
Source: chromecache_128.2.dr, chromecache_117.2.dr	String found in binary or memory: https://account.e.jimdo.com/signup/email
Source: chromecache_128.2.dr, chromecache_117.2.dr	String found in binary or memory: https://account.e.jimdo.com/signup/facebook
Source: chromecache_128.2.dr, chromecache_117.2.dr	String found in binary or memory: https://account.e.jimdo.com/signup/google
Source: chromecache_96.2.dr	String found in binary or memory: https://admin.typeform.com/to/dwk6gt/?typeform-source=www.typeform.com
Source: chromecache_121.2.dr	String found in binary or memory: https://adservice.google.com/pagead/regclk
Source: chromecache_121.2.dr	String found in binary or memory: https://adservice.googlesyndication.com/pagead/regclk
Source: chromecache_96.2.dr	String found in binary or memory: https://bandcamp.com/privacy_shield
Source: chromecache_149.2.dr	String found in binary or memory: https://careers.jimdo.com/
Source: chromecache_121.2.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: chromecache_125.2.dr	String found in binary or memory: https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback
Source: chromecache_121.2.dr	String found in binary or memory: https://connect.facebook.net/en_US/fbevents.js
Source: chromecache_121.2.dr	String found in binary or memory: https://deploy.mopinion.com/js/pastease.js
Source: chromecache_143.2.dr	String found in binary or memory: https://developers.cloudflare.com/r2/data-access/public-buckets/
Source: chromecache_154.2.dr, chromecache_111.2.dr, chromecache_107.2.dr	String found in binary or memory: https://fonts.jimstatic.com/
Source: chromecache_154.2.dr, chromecache_111.2.dr, chromecache_107.2.dr	String found in binary or memory: https://fonts.jimstatic.com/css?display=swap&family=Poppins:600
Source: chromecache_154.2.dr, chromecache_111.2.dr, chromecache_107.2.dr	String found in binary or memory: https://fonts.jimstatic.com/css?display=swap&family=Roboto:400
Source: chromecache_152.2.dr	String found in binary or memory: https://fonts.jimstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1JlFc-K.woff2)
Source: chromecache_152.2.dr	String found in binary or memory: https://fonts.jimstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2)
Source: chromecache_152.2.dr	String found in binary or memory: https://fonts.jimstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1JlFc-K.woff2)
Source: chromecache_152.2.dr	String found in binary or memory: https://fonts.jimstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2)
Source: chromecache_133.2.dr	String found in binary or memory: https://fonts.jimstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2)
Source: chromecache_133.2.dr	String found in binary or memory: https://fonts.jimstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2)
Source: chromecache_133.2.dr	String found in binary or memory: https://fonts.jimstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBxc4EsA.woff2)
Source: chromecache_133.2.dr	String found in binary or memory: https://fonts.jimstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCBc4EsA.woff2)
Source: chromecache_133.2.dr	String found in binary or memory: https://fonts.jimstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCRc4EsA.woff2)
Source: chromecache_133.2.dr	String found in binary or memory: https://fonts.jimstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2)
Source: chromecache_133.2.dr	String found in binary or memory: https://fonts.jimstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2)
Source: chromecache_133.2.dr	String found in binary or memory: https://fonts.jimstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4WxKOzY.woff2)
Source: chromecache_133.2.dr	String found in binary or memory: https://fonts.jimstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2)
Source: chromecache_133.2.dr	String found in binary or memory: https://fonts.jimstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2)
Source: chromecache_133.2.dr	String found in binary or memory: https://fonts.jimstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu72xKOzY.woff2)
Source: chromecache_133.2.dr	String found in binary or memory: https://fonts.jimstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2)
Source: chromecache_133.2.dr	String found in binary or memory: https://fonts.jimstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2)
Source: chromecache_133.2.dr	String found in binary or memory: https://fonts.jimstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7mxKOzY.woff2)
Source: chromecache_149.2.dr	String found in binary or memory: https://forschungswerkstatt.jimdo.com/
Source: chromecache_121.2.dr	String found in binary or memory: https://google.com
Source: chromecache_121.2.dr	String found in binary or memory: https://googleads.g.doubleclick.net
Source: chromecache_125.2.dr	String found in binary or memory: https://grupoej.com/zdfaeawees/host%5b24.0%5d/admin/js/sc.php?r=ZW0sZW1haWwsYWRk
Source: chromecache_149.2.dr	String found in binary or memory: https://help.business.jimdo.com/hc/de
Source: chromecache_96.2.dr	String found in binary or memory: https://help.instagram.com/1896641480634370?ref=ig
Source: chromecache_96.2.dr	String found in binary or memory: https://help.instagram.com/519522125107875
Source: chromecache_96.2.dr	String found in binary or memory: https://help.twitter.com/en/rules-and-policies/twitter-cookies
Source: chromecache_149.2.dr	String found in binary or memory: https://jimdo-community-events.jimdosite.com/events/
Source: chromecache_154.2.dr, chromecache_111.2.dr, chromecache_107.2.dr	String found in binary or memory: https://jimdo-dolphin-static-assets-prod.freetls.fastly.net/renderer/
Source: chromecache_154.2.dr, chromecache_111.2.dr, chromecache_107.2.dr	String found in binary or memory: https://jimdo-dolphin-static-assets-prod.freetls.fastly.net/renderer/static/a5814dc53c612c628f1a.css
Source: chromecache_154.2.dr, chromecache_111.2.dr, chromecache_107.2.dr	String found in binary or memory: https://jimdo-dolphin-static-assets-prod.freetls.fastly.net/renderer/static/c74cde79ea88fbaee6df.js
Source: chromecache_154.2.dr, chromecache_111.2.dr, chromecache_107.2.dr	String found in binary or memory: https://jimdo-dolphin-static-assets-prod.freetls.fastly.net/renderer/static/default-website-favicon.
Source: chromecache_154.2.dr, chromecache_111.2.dr, chromecache_107.2.dr	String found in binary or memory: https://jimdo-storage.freetls.fastly.net/
Source: chromecache_154.2.dr	String found in binary or memory: https://jimdo-storage.freetls.fastly.net/image/455980452/9041bab6-4a58-4ffc-8c72-5cb97b13d08f.png?qu
Source: chromecache_128.2.dr, chromecache_117.2.dr	String found in binary or memory: https://logo.e.jimdo.com/?lng=en
Source: chromecache_121.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: chromecache_121.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: chromecache_96.2.dr	String found in binary or memory: https://policies.google.com/)
Source: chromecache_96.2.dr	String found in binary or memory: https://policies.google.com/privacy?hl=de
Source: chromecache_96.2.dr	String found in binary or memory: https://policies.google.com/privacy?hl=en
Source: chromecache_96.2.dr	String found in binary or memory: https://policies.google.com/privacy?hl=es
Source: chromecache_96.2.dr	String found in binary or memory: https://policies.google.com/privacy?hl=fr
Source: chromecache_96.2.dr	String found in binary or memory: https://policies.google.com/privacy?hl=it
Source: chromecache_96.2.dr	String found in binary or memory: https://policies.google.com/privacy?hl=ja
Source: chromecache_96.2.dr	String found in binary or memory: https://policies.google.com/privacy?hl=nl
Source: chromecache_96.2.dr	String found in binary or memory: https://policy.pinterest.com/en/cookies
Source: chromecache_96.2.dr	String found in binary or memory: https://policy.pinterest.com/en/privacy-policy
Source: chromecache_149.2.dr	String found in binary or memory: https://presse.jimdo.com/
Source: chromecache_154.2.dr	String found in binary or memory: https://pub-915ec07e23184287868b4bc8f1cb3f00.r2.dev/index.html
Source: chromecache_121.2.dr	String found in binary or memory: https://px.ads.linkedin.com/collect?
Source: chromecache_121.2.dr	String found in binary or memory: https://s.pinimg.com/ct/core.js
Source: chromecache_121.2.dr	String found in binary or memory: https://snap.licdn.com/li.lms-analytics/insight.min.js
Source: chromecache_96.2.dr	String found in binary or memory: https://soundcloud.com/pages/privacy
Source: chromecache_121.2.dr	String found in binary or memory: https://static.ads-twitter.com/uwt.js
Source: chromecache_96.2.dr	String found in binary or memory: https://stripe.com/cookies-policy/legal
Source: chromecache_96.2.dr	String found in binary or memory: https://stripe.com/privacy
Source: chromecache_121.2.dr	String found in binary or memory: https://td.doubleclick.net
Source: chromecache_96.2.dr	String found in binary or memory: https://tools.google.com/dlpage/gaoptout)
Source: chromecache_96.2.dr	String found in binary or memory: https://twitter.com/en/privacy
Source: chromecache_128.2.dr, chromecache_117.2.dr	String found in binary or memory: https://twitter.com/jimdo
Source: chromecache_96.2.dr	String found in binary or memory: https://vimeo.com/api/oembed.json?url=
Source: chromecache_96.2.dr	String found in binary or memory: https://vimeo.com/cookie_policy
Source: chromecache_96.2.dr	String found in binary or memory: https://vimeo.com/privacy
Source: chromecache_96.2.dr	String found in binary or memory: https://www.apple.com/de/legal/privacy/
Source: chromecache_96.2.dr	String found in binary or memory: https://www.apple.com/legal/privacy/
Source: chromecache_96.2.dr	String found in binary or memory: https://www.apple.com/legal/privacy/de-ww/cookies/
Source: chromecache_96.2.dr	String found in binary or memory: https://www.apple.com/legal/privacy/es/
Source: chromecache_96.2.dr	String found in binary or memory: https://www.apple.com/legal/privacy/fr-ww/
Source: chromecache_96.2.dr	String found in binary or memory: https://www.apple.com/legal/privacy/it/
Source: chromecache_96.2.dr	String found in binary or memory: https://www.apple.com/legal/privacy/jp/
Source: chromecache_96.2.dr, chromecache_111.2.dr	String found in binary or memory: https://www.cloudflare.com/cookie-policy/
Source: chromecache_143.2.dr	String found in binary or memory: https://www.cloudflare.com/favicon.ico
Source: chromecache_96.2.dr	String found in binary or memory: https://www.cloudflare.com/ja-jp/cookie-policy/
Source: chromecache_96.2.dr	String found in binary or memory: https://www.cloudflare.com/ja-jp/privacypolicy/
Source: chromecache_111.2.dr	String found in binary or memory: https://www.cloudflare.com/privacypolicy/
Source: chromecache_121.2.dr	String found in binary or memory: https://www.google-analytics.com/analytics.js
Source: chromecache_121.2.dr	String found in binary or memory: https://www.google.com
Source: chromecache_96.2.dr	String found in binary or memory: https://www.google.com/analytics/terms)
Source: chromecache_121.2.dr	String found in binary or memory: https://www.googleadservices.com
Source: chromecache_121.2.dr	String found in binary or memory: https://www.googletagmanager.com
Source: chromecache_128.2.dr, chromecache_117.2.dr	String found in binary or memory: https://www.instagram.com/jimdo_global/
Source: chromecache_96.2.dr	String found in binary or memory: https://www.jimdo-status.com/)
Source: chromecache_96.2.dr	String found in binary or memory: https://www.jimdo-status.com/).
Source: chromecache_132.2.dr, chromecache_105.2.dr	String found in binary or memory: https://www.jimdo.com
Source: chromecache_96.2.dr	String found in binary or memory: https://www.jimdo.com/
Source: chromecache_96.2.dr	String found in binary or memory: https://www.jimdo.com/addon/legal-text-generator/)
Source: chromecache_96.2.dr	String found in binary or memory: https://www.jimdo.com/de/
Source: chromecache_96.2.dr	String found in binary or memory: https://www.jimdo.com/de/addon/legal-text-generator)
Source: chromecache_96.2.dr	String found in binary or memory: https://www.jimdo.com/es/
Source: chromecache_96.2.dr	String found in binary or memory: https://www.jimdo.com/es/addon/legal-text-generator/)
Source: chromecache_96.2.dr	String found in binary or memory: https://www.jimdo.com/es/addon/legal-text-generator/).
Source: chromecache_96.2.dr	String found in binary or memory: https://www.jimdo.com/fr/
Source: chromecache_96.2.dr	String found in binary or memory: https://www.jimdo.com/fr/addon/legal-text-generator/)
Source: chromecache_96.2.dr	String found in binary or memory: https://www.jimdo.com/info/privacy/)
Source: chromecache_96.2.dr	String found in binary or memory: https://www.jimdo.com/it/addon/legal-text-generator/)
Source: chromecache_96.2.dr	String found in binary or memory: https://www.jimdo.com/jp/
Source: chromecache_96.2.dr	String found in binary or memory: https://www.jimdo.com/jp/news/)
Source: chromecache_96.2.dr	String found in binary or memory: https://www.jimdo.com/nl/
Source: chromecache_96.2.dr	String found in binary or memory: https://www.jimdo.com/nl/addon/legal-text-generator/)
Source: chromecache_117.2.dr	String found in binary or memory: https://www.jimdo.com/website/how-to-create/
Source: chromecache_128.2.dr, chromecache_117.2.dr	String found in binary or memory: https://www.jimdo.com/website/online-store/
Source: chromecache_128.2.dr, chromecache_117.2.dr	String found in binary or memory: https://www.jimdo.com/website/portfolio/
Source: chromecache_96.2.dr	String found in binary or memory: https://www.kddi-webcommunications.co.jp/privacy)
Source: chromecache_96.2.dr	String found in binary or memory: https://www.paypal.com/ie/webapps/mpp/ua/cookie-full
Source: chromecache_96.2.dr	String found in binary or memory: https://www.paypal.com/ie/webapps/mpp/ua/privacy-full
Source: chromecache_128.2.dr, chromecache_117.2.dr	String found in binary or memory: https://www.pinterest.de/JimdoEN/
Source: chromecache_96.2.dr	String found in binary or memory: https://www.spotify.com/de/legal/privacy-policy/
Source: chromecache_96.2.dr	String found in binary or memory: https://www.spotify.com/es/legal/privacy-policy/
Source: chromecache_96.2.dr	String found in binary or memory: https://www.spotify.com/fr/legal/privacy-policy/
Source: chromecache_96.2.dr	String found in binary or memory: https://www.spotify.com/it/legal/privacy-policy/
Source: chromecache_96.2.dr	String found in binary or memory: https://www.spotify.com/jp/legal/privacy-policy/
Source: chromecache_96.2.dr	String found in binary or memory: https://www.spotify.com/legal/cookies-policy/
Source: chromecache_96.2.dr	String found in binary or memory: https://www.spotify.com/legal/privacy-policy/
Source: chromecache_96.2.dr	String found in binary or memory: https://www.tiktok.com/legal/cookie-policy?lang=en
Source: chromecache_96.2.dr	String found in binary or memory: https://www.tiktok.com/legal/privacy-policy-eea?lang=de
Source: chromecache_96.2.dr	String found in binary or memory: https://www.tumblr.com/privacy
Source: chromecache_96.2.dr	String found in binary or memory: https://www.twitch.tv/p/de-de/legal/cookie-notice/
Source: chromecache_96.2.dr	String found in binary or memory: https://www.twitch.tv/p/de-de/legal/privacy-notice/
Source: chromecache_128.2.dr, chromecache_117.2.dr	String found in binary or memory: https://www.youtube.com/user/jimdo

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49862
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49861
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49860
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49875 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49852 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49881 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49841 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49853
Source: unknown	Network traffic detected: HTTP traffic on port 49866 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49852
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown	Network traffic detected: HTTP traffic on port 49861 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49843
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49841
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49839
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49870 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49853 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 49885 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 49862 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49879 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49851 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 49882 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49885
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49884
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49883
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49882
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49881
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49860 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49883 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49879
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49875
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49874
Source: unknown	Network traffic detected: HTTP traffic on port 49843 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49870
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49874 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49866

Source: unknown	HTTPS traffic detected: 23.204.76.112:443 -> 192.168.2.4:49754 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.204.76.112:443 -> 192.168.2.4:49755 version: TLS 1.2

Source: classification engine

Classification label: mal60.phis.win@21/132@62/13

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2152 --field-trial-handle=2028,i,12123064958446262542,16323001551945797636,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://doc-42.jimdosite.com/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2152 --field-trial-handle=2028,i,12123064958446262542,16323001551945797636,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
192.178.50.36	www.google.com	United States	15169	GOOGLEUS	false
54.72.164.245	a.prod.jimdo.systems	United States	16509	AMAZON-02US	false
104.18.3.35	pub-915ec07e23184287868b4bc8f1cb3f00.r2.dev	United States	13335	CLOUDFLARENETUS	false
104.17.3.184	challenges.cloudflare.com	United States	13335	CLOUDFLARENETUS	false
34.149.254.14	web.cmp.usercentrics.eu	United States	2686	ATGS-MMD-ASUS	false
54.217.4.226	at.prod.jimdo.systems	United States	16509	AMAZON-02US	false
18.200.162.103	feature-flags-proxy.prod.jimdo.systems	United States	16509	AMAZON-02US	false
192.185.144.111	grupoej.com	United States	46606	UNIFIEDLAYER-AS-1US	false
151.101.2.79	jimdo-dolphin-static-assets-prod.freetls.fastly.net	United States	54113	FASTLYUS	false
35.190.14.188	app.usercentrics.eu	United States	15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
34.102.170.124	v1.api.service.cmp.usercentrics.eu	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.4

Contacted Domains

Name	IP	Active
app.usercentrics.eu	35.190.14.188	true
google.com	142.250.217.238	true
at.prod.jimdo.systems	54.217.4.226	true
web.cmp.usercentrics.eu	34.149.254.14	true
feature-flags-proxy.prod.jimdo.systems	18.200.162.103	true
pub-915ec07e23184287868b4bc8f1cb3f00.r2.dev	104.18.3.35	true
account.prod.jimdo.systems	18.200.162.103	true
fp2e7a.wpc.phicdn.net	192.229.211.108	true
jimdo-dolphin-static-assets-prod.freetls.fastly.net	151.101.2.79	true
bg.microsoft.map.fastly.net	199.232.210.172	true
consent-api.service.consent.usercentrics.eu	35.201.111.240	true
jimdo-storage.freetls.fastly.net	151.101.2.79	true
challenges.cloudflare.com	104.17.3.184	true
www.google.com	192.178.50.36	true
grupoej.com	192.185.144.111	true
a.prod.jimdo.systems	54.72.164.245	true
v1.api.service.cmp.usercentrics.eu	34.102.170.124	true
doc-42.jimdosite.com	unknown	unknown
account.e.jimdo.com	unknown	unknown
country.jimdo.com	unknown	unknown
a.jimdo.com	unknown	unknown
fonts.jimstatic.com	unknown	unknown
www.jimdo.com	unknown	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://pub-915ec07e23184287868b4bc8f1cb3f00.r2.dev/favicon.ico	false	Avira URL Cloud: safe	unknown
about:blank	false	Avira URL Cloud: safe	low
https://doc-42.jimdosite.com/cookie-settings/	false		high
https://at.prod.jimdo.systems/anon	false	Avira URL Cloud: safe	unknown
https://a.jimdo.com/app/price/index/country	false		high
https://www.jimdo.com/?utm_source=dol-doc-42%20en-US&utm_medium=footer%20ad&utm_campaign=ownads%20webview	false		high
https://account.e.jimdo.com/openid/authorize?client_id=lc-website&redirect_uri=https://www.jimdo.com/oidc-silent-callback/&response_type=id_token&scope=openid%20email%20profile&state=256b7a98da7746ca9ff5752a1b68e60e&nonce=7640dc06b94045b186e893193bb13880&prompt=none	false		high
https://v1.api.service.cmp.usercentrics.eu/latest/1/cmp/en/GDPR/k1JwB2Dk_/265.83.373/265.83.373?isOutsideEu=true	false	Avira URL Cloud: safe	unknown
https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback	false		high
https://jimdo-dolphin-static-assets-prod.freetls.fastly.net/renderer/static/default-website-favicon.1a874ea70dbf3a4b0e0e..png	false	Avira URL Cloud: safe	unknown
https://jimdo-storage.freetls.fastly.net/image/455980452/9041bab6-4a58-4ffc-8c72-5cb97b13d08f.png?quality=80,90&auto=webp&disable=upscale&width=320&height=320	false	Avira URL Cloud: safe	unknown
https://at.prod.jimdo.systems/cf	false	Avira URL Cloud: safe	unknown
https://web.cmp.usercentrics.eu/ui/loader.js	false	Avira URL Cloud: safe	unknown
https://v1.api.service.cmp.usercentrics.eu/latest/core/k1JwB2Dk_	false	Avira URL Cloud: safe	unknown
https://www.google.com/.well-known/web-identity	false		high
https://www.jimdo.com/oidc-silent-callback/#error=login_required&error_description=The%20Authorization%20Server%20requires%20End-User%20authentication&state=256b7a98da7746ca9ff5752a1b68e60e	false		high
https://web.cmp.usercentrics.eu/ui/v/3.12.2/BrowserSdk.lib.842d58da.js	false	Avira URL Cloud: safe	unknown
https://web.cmp.usercentrics.eu/ui/v/3.12.2/cmp.a3828959.js	false	Avira URL Cloud: safe	unknown
https://web.cmp.usercentrics.eu/ui/v/3.12.2/UcGdprCmpView.5874706c.js	false	Avira URL Cloud: safe	unknown
https://challenges.cloudflare.com/turnstile/v0/b/471dc2adc340/api.js?onload=onloadTurnstileCallback	false		high
https://web.cmp.usercentrics.eu/ui/v/3.12.2/GdprCmpController.3f26e812.js	false	Avira URL Cloud: safe	unknown
https://feature-flags-proxy.prod.jimdo.systems/feature-flags?shd=d5f4b0dd-411c-4c16-9ae7-a6ad92d3df1f&custom=%7B%22language%22%3A%22en%22%2C%22isMobileLayout%22%3Afalse%2C%22jimdoApp%22%3A%22lp%22%2C%22isAffiliate%22%3Afalse%7D	false	Avira URL Cloud: safe	unknown

Name	Type	MD5	SHA1	SHA256
Chrome Cache Entry: 100	HTML document, ASCII text, with very long lines (1388), with no line terminators	D1C7C3666E869C6672CB2D45EAF136D0	04DF26A5D74D95D79E5A7852F58082BEE014B32A	8CC881D11D03882784C5C8AE9B4FFF2D57AA4B9B1BBFC5242B4959A18958839C
Chrome Cache Entry: 101	JSON data	055DE8F64447F10ED2C4C7F78E27B7CD	BBFCC7FBB135D3893E9BD559E44E069F57DFAB31	30C714BF4216E577686D238B98561D093672CB25BF90BAAB50DD956F75CDA4B3
Chrome Cache Entry: 102	JSON data	55E4C0D0395C16156A4948D5CD6A8778	9434FFAEEEECF59ABF528A91AEC1BEE83CD9D926	F5B463A08A35A102557477AA3AA582AF16EF1681280BD76B826EB5619506200B
Chrome Cache Entry: 103	JSON data	DB0F7FDC569AC97D7206C1F92CD80096	40B2CAF97123326E1E0361D0FFB4AA88E419C7FF	9776C70DD1F036990D10B507CD651AC61D36E54690D82CAA1E92F7A933A622CA
Chrome Cache Entry: 104	ASCII text, with very long lines (65536), with no line terminators	A66EEF1C4F83B5EF029E838B09C908F8	9250DA695CA7942DC2DC25BC995AEAE943357928	E57C6ECA30E6A509D063F731C3DFE2F6294F789B326BF9E7A2EC3C7CC810AE72
Chrome Cache Entry: 105	JSON data	7DE7A6E91EF87CC0F63FC72556D03C24	5223C3DE4CAF4924AD7A7466CFAAE37C9A16D1E4	9DC6F295B625EE539B065BF28B826BDF9E00275FB34B4BDC7B2A06E996A27F96
Chrome Cache Entry: 106	RIFF (little-endian) data, Web/P image	239A25DB7098AC7B397A62EA3B965390	7A05D4C25F193B78E506C943C3DC2DB738F30BA1	50CDE646DEACF60216B32AF9610506F6D8D2DED56E38062015941B1380BAF738
Chrome Cache Entry: 107	HTML document, ASCII text, with very long lines (7545)	A8654835B9B9121617B428218C8363A3	BA5F857983534FB055559486FC955D55FFED9247	C949BB3962DBEC8EF93079BFAB70061F0A3A5E9BE26E1C17C70FC1059AB0E65C
Chrome Cache Entry: 108	JSON data	DB0F7FDC569AC97D7206C1F92CD80096	40B2CAF97123326E1E0361D0FFB4AA88E419C7FF	9776C70DD1F036990D10B507CD651AC61D36E54690D82CAA1E92F7A933A622CA
Chrome Cache Entry: 109	Web Open Font Format (Version 2), TrueType, length 15860, version 1.0	E9F5AAF547F165386CD313B995DDDD8E	ACDEF5603C2387B0E5BFFD744B679A24A8BC1968	F5AEBDFEA35D1E7656EF4ACC5DB1F243209755AE3300943EF8FC6280F363C860
Chrome Cache Entry: 110	Web Open Font Format (Version 2), TrueType, length 7816, version 1.0	25B0E113CA7CCE3770D542736DB26368	CB726212D5D525021752A1D8470A0FB593E0C49E	9338E65FC077355C7A87AE0D64CC101E23B9BF8AD78AE65F0F319C857311B526
Chrome Cache Entry: 111	HTML document, Unicode text, UTF-8 text, with very long lines (6523)	9D77A2214A52A8AB29BF78923DEA8FE8	2E375E67374FFBEE0C83F32AEEB507DC8942BA64	5755B0D4AAE4A84CF7C6709502B9BBDAD0F8C041755E5AAE3622E5655C37FE06
Chrome Cache Entry: 112	Web Open Font Format (Version 2), TrueType, length 20388, version 3.66	9B9DF3552C77DDEF2FB87343509DC07A	7585B25DB2661209A1FABC84C995DDCF4068A636	EF1B3D37F5D7790299E1C545372AD6E9F37DFE122813E693DE4C59D05435D07E
Chrome Cache Entry: 113	Web Open Font Format (Version 2), TrueType, length 20256, version 3.66	B681F1F2F342CF9A98D66809730FFAE9	330E6F7F27BA5A8EC68B9BBED666B9AE01F3BFD0	D895B3C064C37E0BC8F945E7AA8E57B1F88651DCCAF3461F8DA034F7EB1C48F4
Chrome Cache Entry: 114	Web Open Font Format (Version 2), TrueType, length 20420, version 3.66	BC8B1118B2B7B6182BBDA8AEFE0B4420	CC9A01497DD11A4435C79F55E09F44F90B14C1CF	9070F3DDF03C3A043CD53C37F2EB62CAF0AE204A2CDEAEF9B7108836FCBADEAA
Chrome Cache Entry: 115	ASCII text, with very long lines (58893)	36A8EB8BD0674AE45FBDD6EB05EBA5E7	826E42A4A4F4E0701A5F27D936E7D7F300BC2B53	B2098B21EB2356097D2D73A0490012CC72B2AC13C6604B77981D0859D221BD9A
Chrome Cache Entry: 116	Web Open Font Format (Version 2), TrueType, length 8000, version 1.0	72993DDDF88A63E8F226656F7DE88E57	179F97EC0275F09603A8DB94D4380EB584D81CD5	F4E80D9DFD374D02989B87A27B5ED4CB78FBB177C27F1478E9A8B0AFB7513149
Chrome Cache Entry: 117	JSON data	43233DC7EE21342925A775E638AFE9DD	AC42835E45D47398E55FE2A1344116D3BC96CDA5	D7B41618729E9604D0B836E992AFDF279B495A26B3E575728F859AF6D7521835
Chrome Cache Entry: 118	HTML document, ASCII text, with no line terminators	0165706FBA2639107844AA7E25A25ABE	207B90EAAD1926C679567E3305BF4D05F871CA65	0BE637F4A23272E396B59734652830545D52A9CC5EA00616428B1800FF3B6116
Chrome Cache Entry: 119	PNG image data, 32 x 32, 8-bit colormap, non-interlaced	FD400ADA20E53B4BB4EFBBEB0C0E16FD	16C4AEFE874E9B5952A1E72528E1011BD38D8772	E29475FE49A5A23D5ECA32E07367AA425D4A1F32D75DFE7E6D8D0398C35802CE
Chrome Cache Entry: 120	JSON data	5103A79CCC256C2191923609EDCD4115	2D3C0DAD6981EC32C054D24EFAD87CA2BA9F87A6	069649AAAA4B9F53BDF2BAC51F448F72497BD7112DE9027B4C3729A6B47FAB9B
Chrome Cache Entry: 121	ASCII text, with very long lines (44439)	0E98E3EBEA18CA2CF5509C2F86DFF90F	380FA52EF26033EC8B7D43CE553D13DCB7B648DE	89B8111FF796ADB075C3FC22A53F80E8A34D60FEF9A37177166C8C76A8105953
Chrome Cache Entry: 122	JSON data	5103A79CCC256C2191923609EDCD4115	2D3C0DAD6981EC32C054D24EFAD87CA2BA9F87A6	069649AAAA4B9F53BDF2BAC51F448F72497BD7112DE9027B4C3729A6B47FAB9B
Chrome Cache Entry: 123	RIFF (little-endian) data, Web/P image	12A82996956DFF406BA1B103C7A995DE	B7271D4C72055F0205DB3A2FC8CF663E86C6B19E	D3428EA4D9A0203D992BAB193BEDDF497095F6613906BAD1CBB1099E8602CFE9
Chrome Cache Entry: 124	gzip compressed data, was "tmpCfWGAE", last modified: Fri May 8 09:06:08 2020, max compression, original size modulo 2^32 489	3702ADA73B8951017B8451CBD6A96523	FBA130B6F83751655F96DF7F947B9591DA67C50B	A714DEF57C786512C5F2BA2CC4DFA9EFE919CD5F2004D05378D5BE2377F627EF
Chrome Cache Entry: 125	HTML document, ASCII text, with very long lines (690), with no line terminators	BFF999F700E42354AE6205DA6E828101	357063BDA028C97DEA0DFB4B3F349681F9337820	A87D8A8D45A4EE9B8095D9FBC0FBFF6CC96A48B2E200F65F292D8A7671E627A2
Chrome Cache Entry: 126	ASCII text, with very long lines (24674)	BA36989A71257AB601C1AA4F6B6F6C67	FE920E008F58B15B74F57F44CD208EB868E717E8	E7FC07F1B8DFC762F557857CDEC407F4711471A49CAF09BC28B5396CE4074327
Chrome Cache Entry: 127	ASCII text, with very long lines (10459)	47AAABEDF50C9E35F273B4703B343D7C	9C17C2B5D51AC998C83D5EA7F0DF0E833135EEF6	749210DE8FAF9466303950A3B28E8B91368C61290BCF298BCB1A542C674E6953
Chrome Cache Entry: 128	JSON data	43233DC7EE21342925A775E638AFE9DD	AC42835E45D47398E55FE2A1344116D3BC96CDA5	D7B41618729E9604D0B836E992AFDF279B495A26B3E575728F859AF6D7521835
Chrome Cache Entry: 129	RIFF (little-endian) data, Web/P image, VP8 encoding, 610x320, Scaling: [none]x[none], YUV color, decoders should clamp	5F37B11D153D267E9253C46229DC0D63	AF8E441558A8D764A2B9EBE309DFF349617E823E	5C3DD3B6B215FB8A8ACE0C4CE9A3824A3978A5D6A1E13EC5891A18F68098F8BE
Chrome Cache Entry: 130	ASCII text, with very long lines (461), with no line terminators	01BEC6FE31FB46322A89D2312E18BF20	F21C9CB85D784BC67246C52558B354C3EDE20D28	3919394A0EBCDE3591EC245803560D701CE60DC705A1D195EA6D68BF3C6132A0
Chrome Cache Entry: 131	ASCII text, with very long lines (65448)	04DF17519A962E487A051016AD0750B9	0E771030E8131728D098824508789E3E96481B4D	48106E672510B3DB090B6829DDACD2ECDCD3893E402945421B9D1C29B9356A0D
Chrome Cache Entry: 132	JSON data	7DE7A6E91EF87CC0F63FC72556D03C24	5223C3DE4CAF4924AD7A7466CFAAE37C9A16D1E4	9DC6F295B625EE539B065BF28B826BDF9E00275FB34B4BDC7B2A06E996A27F96
Chrome Cache Entry: 133	ASCII text	38EC149E411B6E5420E3DB3C60754DFA	BA8A87175CDE23D7E9A01A47131EBFC867D69E30	CE4BC26F52A82BE6E16D41297CE3DC3568DC353F80A416CA8D7444C1F109805B
Chrome Cache Entry: 134	ASCII text, with very long lines (65417)	FC08E37D91C899418BCED443202CED6F	7A301F2EA14287D290B458AEB7CFB64F5D98DB7B	E6DE46EE02E1ECF936A8F0A37DD6C3229047B3E37E31B1DB13297B674F0C5EBD
Chrome Cache Entry: 135	JSON data	055DE8F64447F10ED2C4C7F78E27B7CD	BBFCC7FBB135D3893E9BD559E44E069F57DFAB31	30C714BF4216E577686D238B98561D093672CB25BF90BAAB50DD956F75CDA4B3
Chrome Cache Entry: 136	RIFF (little-endian) data, Web/P image, VP8 encoding, 612x320, Scaling: [none]x[none], YUV color, decoders should clamp	6CD677C4FF07D062F3B72C15FE2A65A5	9B59AEBC0819CF8D993B7E27FBC193C275EA49D6	AE8D06B7514A63C446BEF229C6BA0667EBAEBFCFD7EDCB252711C876E98C9718
Chrome Cache Entry: 137	ASCII text, with very long lines (35231)	9C12E0B39587225DEB2E1A36DA934443	A07888F136B449899CE498FB3E5A1C00DEA3976F	53CCC20BC6BEB0529D52F7B5322BFC97A121DD186D112666D0C958EBA40D9462
Chrome Cache Entry: 138	Unicode text, UTF-8 text, with very long lines (12416)	C450845361C738088D29B5F431BCFA0E	A404B3948C2B00354656DE30DF1BC9B202555217	D7DB23AF7BBE267FF247D91A005675A98F66D5210F372F734B6B0131F01A491C
Chrome Cache Entry: 139	ASCII text, with very long lines (7821), with no line terminators	FC5D1CD4734D0FCB46FDF4D8BB9F2059	A39D7FB96A9DF27CA26A37AC84E79EA411F792FC	86C99D75EEEE1C76A32FAE741C15D0F2B9AF28161AD0599737059DCC6DD5003B
Chrome Cache Entry: 140	ASCII text, with very long lines (5180), with no line terminators	7C22B8C82D9119A597D0B802DD854EC3	60AD3696B7790918200CAAB23B8AC27605B9CAFF	C8348028A13086FB67B64F1DF8D5EB15D978E9357B237091F04E24BA381D7865
Chrome Cache Entry: 141	JSON data	0862D8448AFF54545E8AD53FD33F4C9C	2D58CE28609CCCDC9C90EC41C5807B9C07D99DF0	470E10C92214B9CF20EA5BADDDAE107D0A0E8AF495D55838EB442FC40323A659
Chrome Cache Entry: 142	ASCII text, with very long lines (65536), with no line terminators	139AF8B0D86D10AC970B96F7B7DC5441	86EAD7B19FF9916F12385603169989B0EC9C2679	3A68A0A5B811E638B185A0240C51645BC26FA225373FE62B6DCFAAC93FB694A6
Chrome Cache Entry: 143	HTML document, ASCII text, with very long lines (611)	DF3D48946E8D3F5A83608308EDBB4B86	47B9C40C97ABF2658DF96B1C06109324E15E1A00	570A6631252B8A52DF4DE0E953AE77DBDF524DFC3637CDA2840494A0D2B49499
Chrome Cache Entry: 145	HTML document, ASCII text, with very long lines (65536), with no line terminators	F721BA1A447A7E5B646A1C44FCAA95C3	1B5CF8C86101DFAA4B34CB1F314ACB4BD2DBF871	BB7854C95C14090531C403BB65161DB5BE0E3E3D5E3C8F4DC04BBC9A8ED7D6A6
Chrome Cache Entry: 146	ASCII text, with very long lines (32819)	DAAFB590C41D213D06238E19E9831215	896E8BCAD8BAA35722D64A107C5C12796C5750F8	1CE9592A4531B5C0DE3A31F8E3203F2CD51DC293988DDC71E1FE84745ED574F2
Chrome Cache Entry: 147	ASCII text, with very long lines (42414)	F94A2211CE789A95A7C67E8C660D63E8	F1FC19B6BCB96D0A905BF3192AAFF0885FF9F36F	926DC3302F99EC05E4206E965DDEB7250F5910A8C38E82C7BEAFB724BBAAF37B
Chrome Cache Entry: 148	RIFF (little-endian) data, Web/P image, VP8 encoding, 610x320, Scaling: [none]x[none], YUV color, decoders should clamp	2CAD717D8FC5431C7E7CE5C6DC68FB44	210AD634B7C71874300ACCC3FB94658DE607F864	64A6C1B6F863CAB3A7731040929B95172FD3207A452A60B752716A76FF8D3E18
Chrome Cache Entry: 149	Unicode text, UTF-8 text, with very long lines (65441)	7D26D350EA5DA38AEB9A7611A096267D	A18B0D5E7A7E626D1C655C4B5915E69F32FF116F	E11C2C0C3532BAD481220983EC30649331391482B499007AA07AE8AC6F5A730C
Chrome Cache Entry: 150	PNG image data, 320 x 320, 8-bit/color RGB, non-interlaced	38BA6C90C24B78841E234AD9ABD54AE5	AAA7E7C931B350218A65472E01E297462DD93CC2	F0CC4310CC215CB80143EDCB30A2BA01C2243CA09C791B46C983121748645565
Chrome Cache Entry: 151	RIFF (little-endian) data, Web/P image	C05FB69E91679CE1AFB43DDFAB7643CB	B8267F3E6E1B325DC0D99FFF4D4BD5F7599E6A64	441970FB092259FD670CA8BDB5EACF2E6A5B56A442B31D6E466D5D6EBF0A8A95
Chrome Cache Entry: 152	ASCII text	310575B11C9F03D6689E162D50D97DE6	AA7F1E5ACCC609112C8BC84E48AAB13C4E5A52E2	3BB527511FC1A45E8261987B9EDCBE0EFDF2AD17D707BABE6A429D3B9F33B948
Chrome Cache Entry: 153	JSON data	055DE8F64447F10ED2C4C7F78E27B7CD	BBFCC7FBB135D3893E9BD559E44E069F57DFAB31	30C714BF4216E577686D238B98561D093672CB25BF90BAAB50DD956F75CDA4B3
Chrome Cache Entry: 154	HTML document, Unicode text, UTF-8 text, with very long lines (7699)	650BAC75606CCC1D124CB11DB04514B0	1EAE52E516D62A99F5510EED8D54A0B979D47075	47870C07895759C1142C2E95CB6B843E212016F981E9E4C18DAFD01C8AAF4443
Chrome Cache Entry: 155	Web Open Font Format (Version 2), TrueType, length 15744, version 1.0	15D9F621C3BD1599F0169DCF0BD5E63E	7CA9C5967F3BB8BFFEAB24B639B49C1E7D03FA52	F6734F8177112C0839B961F96D813FCB189D81B60E96C33278C1983B6F419615
Chrome Cache Entry: 156	JSON data	55E4C0D0395C16156A4948D5CD6A8778	9434FFAEEEECF59ABF528A91AEC1BEE83CD9D926	F5B463A08A35A102557477AA3AA582AF16EF1681280BD76B826EB5619506200B
Chrome Cache Entry: 157	RIFF (little-endian) data, Web/P image	D22E3B8BB09D41215CDDA9794CD9296F	7780AA4B7C5503B65933134424EE330FD0964FFA	D9BBA1B3165AAC4425FB6F90259906C04CF6091D94BC2212C3769915D0EA1BBE
Chrome Cache Entry: 158	JSON data	055DE8F64447F10ED2C4C7F78E27B7CD	BBFCC7FBB135D3893E9BD559E44E069F57DFAB31	30C714BF4216E577686D238B98561D093672CB25BF90BAAB50DD956F75CDA4B3
Chrome Cache Entry: 159	RIFF (little-endian) data, Web/P image, VP8 encoding, 612x320, Scaling: [none]x[none], YUV color, decoders should clamp	6CD677C4FF07D062F3B72C15FE2A65A5	9B59AEBC0819CF8D993B7E27FBC193C275EA49D6	AE8D06B7514A63C446BEF229C6BA0667EBAEBFCFD7EDCB252711C876E98C9718
Chrome Cache Entry: 160	RIFF (little-endian) data, Web/P image	C0C9A6B764DCBF9E40B2DD0F297C2E55	FF5331BC7DB0DB58D5D39AB0246382EA0A088995	14BFB1120BE2649307B63D552821942D8443CF413B6AE445C6B04FBF86871A7B
Chrome Cache Entry: 87	ASCII text, with very long lines (36480)	EF0EB90C49489F470167017E2B68872D	B43F13958D1AF336F1A2C6BBD54C8F67548BC15C	B5C0960B0B827F810A9CD5208D6A9290C2ADDE7EA6B382BBC497791605AC5539
Chrome Cache Entry: 88	RIFF (little-endian) data, Web/P image, VP8 encoding, 610x320, Scaling: [none]x[none], YUV color, decoders should clamp	2CAD717D8FC5431C7E7CE5C6DC68FB44	210AD634B7C71874300ACCC3FB94658DE607F864	64A6C1B6F863CAB3A7731040929B95172FD3207A452A60B752716A76FF8D3E18
Chrome Cache Entry: 89	ASCII text, with very long lines (65536), with no line terminators	B3F3A3D12756B542DCBB8B69E617D0B9	0278EBFA75BAE7AB74DA1F5E25D736AF55EB4B42	4663488ED825C77C77B9689A082A74E8145F9A3F3D2D08CD84BCD08BDEB7F66A
Chrome Cache Entry: 90	ASCII text, with very long lines (65454)	479BB39E8E376EC4B892FF8A609ABC92	6A921CE772796F2EF7C547808F4E078D450C5301	97B4088A06D1005FA5B304D0729D2D1AADFD04F5283C1D83D874E64F41816EB3
Chrome Cache Entry: 91	ASCII text, with very long lines (65453)	81B0F217B76B4002A7A1E9B6FE2943F9	1591040C9028077967AEFA5958E05AA288BF62AB	EFE5915E5F226227FA0EA338E51708E122CC21848FC2A8258ACED6C2870A1E30
Chrome Cache Entry: 92	gzip compressed data, was "tmpCfWGAE", last modified: Fri May 8 09:06:08 2020, max compression, original size modulo 2^32 489	3702ADA73B8951017B8451CBD6A96523	FBA130B6F83751655F96DF7F947B9591DA67C50B	A714DEF57C786512C5F2BA2CC4DFA9EFE919CD5F2004D05378D5BE2377F627EF
Chrome Cache Entry: 93	PNG image data, 32 x 32, 8-bit colormap, non-interlaced	FD400ADA20E53B4BB4EFBBEB0C0E16FD	16C4AEFE874E9B5952A1E72528E1011BD38D8772	E29475FE49A5A23D5ECA32E07367AA425D4A1F32D75DFE7E6D8D0398C35802CE
Chrome Cache Entry: 94	Unicode text, UTF-8 text, with very long lines (65253)	E6E1DAB9DA2F21430F9036049020E12E	66C76286019B8BF9A7DDD7B7509308C31564D613	0C5B486367DC6890C7A6F0A26D2C42F050A19BEDC5642130F10C5F183582585E
Chrome Cache Entry: 95	ASCII text, with very long lines (31034), with no line terminators	6C4849A22475DBA6EC03713EBF81C5BC	C623452DFD795AC3D01BDDB7B5B6080AA3AAC041	B896BB94325DEDC7AAAC4CA370E0CEC9B565B73521034ADE2D8861609132C166
Chrome Cache Entry: 96	ASCII text, with very long lines (65458)	B2972624405E1E2B3F97661667B3134C	CAC022271D84385DB25B1DF659123BDB41233484	32F1FD923F5D3645FAEEB28A9018E6874236E5B07438425B5194A3BFF4CDAED6
Chrome Cache Entry: 97	ASCII text, with very long lines (34414)	85F835E57E24C77289323C4DB6029DD8	F32D046D35EDFB7BA37FAD2E11966B72309CA706	FB0F0653DDFC338ECE32CA4B870D83542E3C22E00D49AFBC5D99943408FA7DF3
Chrome Cache Entry: 98	PNG image data, 144 x 144, 8-bit/color RGBA, non-interlaced	D1012459A9AB17223CBEF6C35133724E	7754D5CF1955C22F197454A231394E74A5761D5F	EFCEE45EBC1D1281B43D7FE4590D9158771B0D65D991813844D6E13E0D12B28E
Chrome Cache Entry: 99	PNG image data, 32 x 32, 8-bit colormap, non-interlaced	FD400ADA20E53B4BB4EFBBEB0C0E16FD	16C4AEFE874E9B5952A1E72528E1011BD38D8772	E29475FE49A5A23D5ECA32E07367AA425D4A1F32D75DFE7E6D8D0398C35802CE

AV Detection

Antivirus / Scanner detection for submitted sample

Source: https://doc-42.jimdosite.com/

SlashNext: detection malicious, Label: Credential Stealing type: Phishing & Social Engineering

Phishing

Yara detected HtmlPhish29

Source: Yara match	File source: 0.2.pages.csv, type: HTML
Source: Yara match	File source: 0.1.pages.csv, type: HTML

Phishing site or detected (based on various text indicators)

Source: Chrome DOM: 0.1

HTML page contains hidden URLs or javascript code

Source: https://pub-915ec07e23184287868b4bc8f1cb3f00.r2.dev/index.html

HTTP Parser: Base64 decoded: https://grupoej.com/zdfaeawees/host%5b24.0%5d/302aa6a.php

Source: https://pub-915ec07e23184287868b4bc8f1cb3f00.r2.dev/index.html

HTTP Parser: No favicon

Source: unknown	HTTPS traffic detected: 23.204.76.112:443 -> 192.168.2.4:49754 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.204.76.112:443 -> 192.168.2.4:49755 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 104.46.162.224
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /renderer/static/a5814dc53c612c628f1a.css HTTP/1.1Host: jimdo-dolphin-static-assets-prod.freetls.fastly.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://doc-42.jimdosite.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /renderer/static/c74cde79ea88fbaee6df.js HTTP/1.1Host: jimdo-dolphin-static-assets-prod.freetls.fastly.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://doc-42.jimdosite.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /image/455980452/9041bab6-4a58-4ffc-8c72-5cb97b13d08f.png?quality=80,90&auto=webp&disable=upscale&width=320&height=320 HTTP/1.1Host: jimdo-storage.freetls.fastly.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://doc-42.jimdosite.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /image/455980452/9041bab6-4a58-4ffc-8c72-5cb97b13d08f.png?quality=80,90&auto=webp&disable=upscale&width=320&height=320 HTTP/1.1Host: jimdo-storage.freetls.fastly.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /renderer/static/default-website-favicon.1a874ea70dbf3a4b0e0e..png HTTP/1.1Host: jimdo-dolphin-static-assets-prod.freetls.fastly.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://doc-42.jimdosite.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /renderer/static/default-website-favicon.1a874ea70dbf3a4b0e0e..png HTTP/1.1Host: jimdo-dolphin-static-assets-prod.freetls.fastly.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /index.html HTTP/1.1Host: pub-915ec07e23184287868b4bc8f1cb3f00.r2.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://pub-915ec07e23184287868b4bc8f1cb3f00.r2.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/b/471dc2adc340/api.js?onload=onloadTurnstileCallback HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://pub-915ec07e23184287868b4bc8f1cb3f00.r2.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: pub-915ec07e23184287868b4bc8f1cb3f00.r2.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pub-915ec07e23184287868b4bc8f1cb3f00.r2.dev/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ui/loader.js HTTP/1.1Host: web.cmp.usercentrics.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.jimdo.com/?utm_source=dol-doc-42%20en-US&utm_medium=footer%20ad&utm_campaign=ownads%20webviewAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ui/v/3.12.2/cmp.a3828959.js HTTP/1.1Host: web.cmp.usercentrics.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.jimdo.com/?utm_source=dol-doc-42%20en-US&utm_medium=footer%20ad&utm_campaign=ownads%20webviewAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /feature-flags?shd=d5f4b0dd-411c-4c16-9ae7-a6ad92d3df1f&custom=%7B%22language%22%3A%22en%22%2C%22isMobileLayout%22%3Afalse%2C%22jimdoApp%22%3A%22lp%22%2C%22isAffiliate%22%3Afalse%7D HTTP/1.1Host: feature-flags-proxy.prod.jimdo.systemsConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.jimdo.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.jimdo.com/?utm_source=dol-doc-42%20en-US&utm_medium=footer%20ad&utm_campaign=ownads%20webviewAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ui/v/3.12.2/BrowserSdk.lib.842d58da.js HTTP/1.1Host: web.cmp.usercentrics.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.jimdo.com/?utm_source=dol-doc-42%20en-US&utm_medium=footer%20ad&utm_campaign=ownads%20webviewAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /app/price/index/country HTTP/1.1Host: a.jimdo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.jimdo.comSec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.jimdo.com/?utm_source=dol-doc-42%20en-US&utm_medium=footer%20ad&utm_campaign=ownads%20webviewAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /feature-flags?shd=d5f4b0dd-411c-4c16-9ae7-a6ad92d3df1f&custom=%7B%22language%22%3A%22en%22%2C%22isMobileLayout%22%3Afalse%2C%22jimdoApp%22%3A%22lp%22%2C%22isAffiliate%22%3Afalse%7D HTTP/1.1Host: feature-flags-proxy.prod.jimdo.systemsConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /openid/authorize?client_id=lc-website&redirect_uri=https://www.jimdo.com/oidc-silent-callback/&response_type=id_token&scope=openid%20email%20profile&state=256b7a98da7746ca9ff5752a1b68e60e&nonce=7640dc06b94045b186e893193bb13880&prompt=none HTTP/1.1Host: account.e.jimdo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: iframeReferer: https://www.jimdo.com/?utm_source=dol-doc-42%20en-US&utm_medium=footer%20ad&utm_campaign=ownads%20webviewAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: shd=d5f4b0dd-411c-4c16-9ae7-a6ad92d3df1f; jLang=en; _dd_s=logs=0&expire=1714159837722&lock=200ff77a-c3b2-4501-860b-e6ebed528232
Source: global traffic	HTTP traffic detected: GET /latest/core/k1JwB2Dk_ HTTP/1.1Host: v1.api.service.cmp.usercentrics.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.jimdo.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.jimdo.com/?utm_source=dol-doc-42%20en-US&utm_medium=footer%20ad&utm_campaign=ownads%20webviewAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /session/1px.png?settingsId=k1JwB2Dk_ HTTP/1.1Host: app.usercentrics.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.jimdo.com/?utm_source=dol-doc-42%20en-US&utm_medium=footer%20ad&utm_campaign=ownads%20webviewAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdcs/v/1.0.0/index.html HTTP/1.1Host: web.cmp.usercentrics.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: iframeReferer: https://www.jimdo.com/?utm_source=dol-doc-42%20en-US&utm_medium=footer%20ad&utm_campaign=ownads%20webviewAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /latest/core/k1JwB2Dk_ HTTP/1.1Host: v1.api.service.cmp.usercentrics.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /app/price/index/country HTTP/1.1Host: a.jimdo.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: shd=d5f4b0dd-411c-4c16-9ae7-a6ad92d3df1f; jLang=en; _dd_s=logs=0&expire=1714159837722&lock=200ff77a-c3b2-4501-860b-e6ebed528232
Source: global traffic	HTTP traffic detected: GET /session/1px.png?settingsId=k1JwB2Dk_ HTTP/1.1Host: app.usercentrics.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /latest/1/cmp/en/GDPR/k1JwB2Dk_/265.83.373/265.83.373?isOutsideEu=true HTTP/1.1Host: v1.api.service.cmp.usercentrics.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.jimdo.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.jimdo.com/?utm_source=dol-doc-42%20en-US&utm_medium=footer%20ad&utm_campaign=ownads%20webviewAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ui/v/3.12.2/GdprCmpController.3f26e812.js HTTP/1.1Host: web.cmp.usercentrics.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.jimdo.com/?utm_source=dol-doc-42%20en-US&utm_medium=footer%20ad&utm_campaign=ownads%20webviewAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /latest/1/cmp/en/GDPR/k1JwB2Dk_/265.83.373/265.83.373?isOutsideEu=true HTTP/1.1Host: v1.api.service.cmp.usercentrics.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /.well-known/web-identity HTTP/1.1Host: google.comConnection: keep-aliveAccept: application/jsonSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: webidentityUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ui/v/3.12.2/UcGdprCmpView.5874706c.js HTTP/1.1Host: web.cmp.usercentrics.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.jimdo.com/?utm_source=dol-doc-42%20en-US&utm_medium=footer%20ad&utm_campaign=ownads%20webviewAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /.well-known/web-identity HTTP/1.1Host: www.google.comConnection: keep-aliveAccept: application/jsonSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: webidentityUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: chromecache_117.2.dr	String found in binary or memory: we make it easy for you. Create your online store with ease - we do not charge fees on your sales. Or get your service running with your booking tool.","title":"The easy way to get your first transaction"},"community":{"linkHref":"https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fgroups%2F551693728784465%2F%3Fref%3Dshare%26paipv%3D0%26eav%3DAfZ416FHK-1vGrRMXO0KFWEc6dIc0LztRgMYPAuusG8HTZr_5dY-ohooTUxZ75VvJkI","linkLabel":"Join the community","text":"The Jimdo Community is a place where you can benefit from the experiences of other entrepreneurs. Get answers to all your questions and take your business to the next level.","title":"Your support from other business owners"},"domains":{"linkHref":"https://www.jimdo.com/website/domain/","linkLabel":"Get your domain now","text":"Your website appears professional and trustworthy: with a domain including HTTPS encryption, hosting, and the added benefit of being more easily found through search engines like Google.","title":"Your own domain in just three clicks"},"website":{"buttonLabel":"Get started","linkHref":"https://www.jimdo.com/website/how-to-create/","linkLabel":"Learn more","text":"Build your professional website with the power of the Jimdo Artificial Intelligence. Whatever you need for your business and website, our AI simplifies it, speeds it up and knows exactly what you need to be successful.","title":"Your website without all the bells and whistles but with everything you need"}},"TeaserSplit":{"shop-teaser":{"buttonHref":"/pricing/onlineshop/","buttonLabel":"Let's get started","imageAlt":"Man prepares a shipment from his online store","linkHref":"/website/online-store/","linkLabel":"How to create an online store","listItems":[{"text":"No transaction fees (your products, your profit)"},{"text":"Offer shipping and local pickup options"},{"text":"Book appointments right on your site"},{"text":"Take payments via PayPal or Stripe"},{"text":"Manage all your orders in one place"},{"text":"Sell on Instagram and Facebook"},{"text":"Boost your store with sales & discounts"}],"text":"Create an independent online store equals www.facebook.com (Facebook)
Source: chromecache_96.2.dr	String found in binary or memory: d like to find out more about the cookies we use and set your individual cookie preferences, please review our [{cookiesPolicyPageName}]({cookiesPolicyLink}).",cmsCookieBannerText2020June:"This website uses cookies. You can find more information on the types of cookies used as well as enable individual cookies in their respective categories. You can adjust your settings at any time through the link in the footer of this website.",cmsCookieBannerTiktokPostCookiePolicyUrl:"https://www.tiktok.com/legal/cookie-policy?lang=en",cmsCookieBannerTiktokPostPrivacyPolicy:"https://www.tiktok.com/legal/privacy-policy-eea?lang=de",cmsCookieBannerTitle:"Cookie Policy",cmsCookieBannerToggleButtonEnableAllText:"Enable all",cmsCookieBannerTumblrCookiePolicyUrl:"https://www.tumblr.com/privacy",cmsCookieBannerTumblrPrivacyPolicy:"https://www.tumblr.com/privacy",cmsCookieBannerTwitchVideoCookiePolicyUrl:"https://www.twitch.tv/p/de-de/legal/cookie-notice/",cmsCookieBannerTwitchVideoPrivacyPolicy:"https://www.twitch.tv/p/de-de/legal/privacy-notice/",cmsCookieBannerTwitterPostCookiePolicyUrl:"https://help.twitter.com/en/rules-and-policies/twitter-cookies",cmsCookieBannerTwitterPostPrivacyPolicy:"https://twitter.com/en/privacy",cmsCookieBannerTypeFormCookiePolicyUrl:"https://admin.typeform.com/to/dwk6gt/?typeform-source=www.typeform.com",cmsCookieBannerTypeFormPrivacyPolicy:"https://admin.typeform.com/to/dwk6gt/?typeform-source=www.typeform.com",cmsCookieBannerVimeoCookiePolicyUrl:"https://vimeo.com/cookie_policy",cmsCookieBannerVimeoDescription:"This cookie is used to unlock and display Vimeo content on this website. \n\nProvider: Vimeo, Inc., 555 West 18th Street, New York, New York 10011 USA\n\nCookie Names and Lifetimes: muxData (Lifetime: 20 years), _ssid (Lifetime: 10 years), language (Lifetime: 10 years), vimeo_gdpr_optin (Lifetime: 10 years), player (Lifetime: 1 year), _qca (Lifetime: 3 months), continuous_play_v3 (Lifetime: 2 months), vuid (Lifetime: 2 years), _derived_epik (Lifetime: 2 months), _ga (Lifetime: 2 years)",cmsCookieBannerVimeoPrivacyPolicyUrl:"https://vimeo.com/privacy",cmsCookieBannerVimeoTitle:"Vimeo",cmsCookieBannerVimeoVideoCookiePolicyUrl:"https://vimeo.com/cookie_policy",cmsCookieBannerVimeoVideoPrivacyPolicy:"https://vimeo.com/privacy",cmsCookieBannerWebStoreStateDescription:"Essential local storage for the correct functioning of this store and for the continued saving of the visitor equals www.twitter.com (Twitter)
Source: chromecache_128.2.dr, chromecache_117.2.dr	String found in binary or memory: ll get access to:","title":"Create your\nJimdo account"},"socialButtonList":{"facebook":{"href":"https://www.facebook.com/Jimdo","label":"Visit Jimdo equals www.facebook.com (Facebook)
Source: chromecache_121.2.dr	String found in binary or memory: return b}yC.J="internal.enableAutoEventOnTimer";var dc=ka(["data-gtm-yt-inspected-"]),AC=["www.youtube.com","www.youtube-nocookie.com"],BC,CC=!1; equals www.youtube.com (Youtube)
Source: chromecache_128.2.dr, chromecache_117.2.dr	String found in binary or memory: s Facebook page"},"instagram":{"href":"https://www.instagram.com/jimdo_global/","label":"Visit Jimdo equals www.facebook.com (Facebook)
Source: chromecache_96.2.dr	String found in binary or memory: s IP address, and operating system info.",cmsCookieBannerIFrameAppTypeFormDescription:"Typeform is for building online forms and surveys. To provide this service, it collects the data that the website visitor enters into the online form or survey, as well as the date and time of their visit, duration, IP address, and email address. Cookie Name(s) and Lifetimes: __cf_bm(lifetime: 30mins), attribution_user_id(lifetime: 1 year)",cmsCookieBannerIFrameAppVimeoVideoDescription:"This cookie is used to unlock and display Vimeo content on this website. Provider: Vimeo, Inc., 555 West 18th Street, New York, New York 10011 USA Cookie Names and Lifetimes: muxData (Lifetime: 20 years), _ssid (Lifetime: 10 years), language (Lifetime: 10 years), vimeo_gdpr_optin (Lifetime: 10 years), player (Lifetime: 1 year), _qca (Lifetime: 3 months), continuous_play_v3 (Lifetime: 2 months), vuid (Lifetime: 2 years), _derived_epik (Lifetime: 2 months), _ga (Lifetime: 2 years)",cmsCookieBannerIFrameAppYoutubeVideoDescription:'These cookies are set via embedded YouTube videos. They register anonymous statistical data, e.g. how often the video is shown and which settings are used for playback. No personal data is collected unless the user logs in to their Google Account. In this case, their selections are associated with their account, such as when they click "Like" on a video. \nCookie Name(s) and Lifetimes: YSC(valid for one session), secure-HSID,(lifetime:2 months) Secure-SSID(lifetime:2 months), Secure-APSID(lifetime:2 months), VISITORINFO1LIVE(lifetime:5 months), SIDCC(lifetime: 1 year), LOGIN_INFO(lifetime: 2 years),PREF(lifetime: 2 years), SID(lifetime: 2 years), _Secure-3PSID(lifetime: 2 years), HSID(lifetime: 2 years), SSID(lifetime: 2 years), APISID(lifetime: 2 years), SAPISID(lifetime: 2 years), _Secure-3PAPISID(lifetime: 2 years), Consent (lifetime: 28 years).',cmsCookieBannerInstagramPostCookiePolicyUrl:"https://help.instagram.com/1896641480634370?ref=ig",cmsCookieBannerInstagramPostPrivacyPolicy:"https://help.instagram.com/519522125107875",cmsCookieBannerItunesCookiePolicyUrl:"https://www.apple.com/legal/privacy/de-ww/cookies/",cmsCookieBannerItunesDescription:"This cookie is used to unlock and display Apple Music content on this website.\n\nProvider: Apple Inc., Infinite Loop, Cupertino, CA 95014 USA.\n\nCookie Names and Lifetime:_lost-sound_session (Lifetime: session), JESSIONID (Lifetime: Session)",cmsCookieBannerItunesPrivacyPolicyUrl:"https://www.apple.com/legal/privacy/",cmsCookieBannerItunesTitle:"iTunes",cmsCookieBannerPaypalCookiePolicyUrl:"https://www.paypal.com/ie/webapps/mpp/ua/cookie-full",cmsCookieBannerPaypalDescription:"This is essential in order to enable payments powered by Paypal via this store. \n\nProvider:PayPal (Europe) S. equals www.youtube.com (Youtube)
Source: chromecache_128.2.dr, chromecache_117.2.dr	String found in binary or memory: s Twitter page"},"youTube":{"href":"https://www.youtube.com/user/jimdo","label":"Visit Jimdo equals www.twitter.com (Twitter)
Source: chromecache_128.2.dr, chromecache_117.2.dr	String found in binary or memory: s Twitter page"},"youTube":{"href":"https://www.youtube.com/user/jimdo","label":"Visit Jimdo equals www.youtube.com (Youtube)
Source: chromecache_96.2.dr	String found in binary or memory: ssig sind, Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland\nCookie-Namen und Lebenszeiten: _fbp (Lebensdauer: 2 Jahre), _fbc(Lebensdauer: 2 Jahre)",cmsCookieBannerFacebookPixelPolicyUrl:"https://www.facebook.com/policies/cookies",cmsCookieBannerFacebookPixelPrivacyPolicy:"https://www.facebook.com/policy.php",cmsCookieBannerFacebookPixelTitle:"Facebook",cmsCookieBannerGADescription:"Diese Cookies sammeln anonymisierte Informationen zu Analysezwecken equals www.facebook.com (Facebook)

Source: global traffic	DNS traffic detected: DNS query: doc-42.jimdosite.com
Source: global traffic	DNS traffic detected: DNS query: jimdo-dolphin-static-assets-prod.freetls.fastly.net
Source: global traffic	DNS traffic detected: DNS query: jimdo-storage.freetls.fastly.net
Source: global traffic	DNS traffic detected: DNS query: fonts.jimstatic.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: at.prod.jimdo.systems
Source: global traffic	DNS traffic detected: DNS query: pub-915ec07e23184287868b4bc8f1cb3f00.r2.dev
Source: global traffic	DNS traffic detected: DNS query: challenges.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: grupoej.com
Source: global traffic	DNS traffic detected: DNS query: www.jimdo.com
Source: global traffic	DNS traffic detected: DNS query: country.jimdo.com
Source: global traffic	DNS traffic detected: DNS query: web.cmp.usercentrics.eu
Source: global traffic	DNS traffic detected: DNS query: feature-flags-proxy.prod.jimdo.systems
Source: global traffic	DNS traffic detected: DNS query: account.e.jimdo.com
Source: global traffic	DNS traffic detected: DNS query: a.jimdo.com
Source: global traffic	DNS traffic detected: DNS query: v1.api.service.cmp.usercentrics.eu
Source: global traffic	DNS traffic detected: DNS query: app.usercentrics.eu
Source: global traffic	DNS traffic detected: DNS query: google.com
Source: global traffic	DNS traffic detected: DNS query: consent-api.service.consent.usercentrics.eu

Source: unknown

Source: global traffic

HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 26 Apr 2024 19:15:20 GMTContent-Type: text/htmlContent-Length: 27242Connection: closeServer: cloudflareCF-RAY: 87a8e6a31d607446-MIA

Source: chromecache_96.2.dr	String found in binary or memory: http://tools.google.com/dlpage/gaoptout
Source: chromecache_117.2.dr	String found in binary or memory: https://account.e.jimdo.com/login
Source: chromecache_128.2.dr, chromecache_117.2.dr	String found in binary or memory: https://account.e.jimdo.com/signup/apple
Source: chromecache_128.2.dr, chromecache_117.2.dr	String found in binary or memory: https://account.e.jimdo.com/signup/email
Source: chromecache_128.2.dr, chromecache_117.2.dr	String found in binary or memory: https://account.e.jimdo.com/signup/facebook
Source: chromecache_128.2.dr, chromecache_117.2.dr	String found in binary or memory: https://account.e.jimdo.com/signup/google
Source: chromecache_96.2.dr	String found in binary or memory: https://admin.typeform.com/to/dwk6gt/?typeform-source=www.typeform.com
Source: chromecache_121.2.dr	String found in binary or memory: https://adservice.google.com/pagead/regclk
Source: chromecache_121.2.dr	String found in binary or memory: https://adservice.googlesyndication.com/pagead/regclk
Source: chromecache_96.2.dr	String found in binary or memory: https://bandcamp.com/privacy_shield
Source: chromecache_149.2.dr	String found in binary or memory: https://careers.jimdo.com/
Source: chromecache_121.2.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: chromecache_125.2.dr	String found in binary or memory: https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback
Source: chromecache_121.2.dr	String found in binary or memory: https://connect.facebook.net/en_US/fbevents.js
Source: chromecache_121.2.dr	String found in binary or memory: https://deploy.mopinion.com/js/pastease.js
Source: chromecache_143.2.dr	String found in binary or memory: https://developers.cloudflare.com/r2/data-access/public-buckets/
Source: chromecache_154.2.dr, chromecache_111.2.dr, chromecache_107.2.dr	String found in binary or memory: https://fonts.jimstatic.com/
Source: chromecache_154.2.dr, chromecache_111.2.dr, chromecache_107.2.dr	String found in binary or memory: https://fonts.jimstatic.com/css?display=swap&family=Poppins:600
Source: chromecache_154.2.dr, chromecache_111.2.dr, chromecache_107.2.dr	String found in binary or memory: https://fonts.jimstatic.com/css?display=swap&family=Roboto:400
Source: chromecache_152.2.dr	String found in binary or memory: https://fonts.jimstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1JlFc-K.woff2)
Source: chromecache_152.2.dr	String found in binary or memory: https://fonts.jimstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2)
Source: chromecache_152.2.dr	String found in binary or memory: https://fonts.jimstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1JlFc-K.woff2)
Source: chromecache_152.2.dr	String found in binary or memory: https://fonts.jimstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2)
Source: chromecache_133.2.dr	String found in binary or memory: https://fonts.jimstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2)
Source: chromecache_133.2.dr	String found in binary or memory: https://fonts.jimstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2)
Source: chromecache_133.2.dr	String found in binary or memory: https://fonts.jimstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBxc4EsA.woff2)
Source: chromecache_133.2.dr	String found in binary or memory: https://fonts.jimstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCBc4EsA.woff2)
Source: chromecache_133.2.dr	String found in binary or memory: https://fonts.jimstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCRc4EsA.woff2)
Source: chromecache_133.2.dr	String found in binary or memory: https://fonts.jimstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2)
Source: chromecache_133.2.dr	String found in binary or memory: https://fonts.jimstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2)
Source: chromecache_133.2.dr	String found in binary or memory: https://fonts.jimstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4WxKOzY.woff2)
Source: chromecache_133.2.dr	String found in binary or memory: https://fonts.jimstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2)
Source: chromecache_133.2.dr	String found in binary or memory: https://fonts.jimstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2)
Source: chromecache_133.2.dr	String found in binary or memory: https://fonts.jimstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu72xKOzY.woff2)
Source: chromecache_133.2.dr	String found in binary or memory: https://fonts.jimstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2)
Source: chromecache_133.2.dr	String found in binary or memory: https://fonts.jimstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2)
Source: chromecache_133.2.dr	String found in binary or memory: https://fonts.jimstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7mxKOzY.woff2)
Source: chromecache_149.2.dr	String found in binary or memory: https://forschungswerkstatt.jimdo.com/
Source: chromecache_121.2.dr	String found in binary or memory: https://google.com
Source: chromecache_121.2.dr	String found in binary or memory: https://googleads.g.doubleclick.net
Source: chromecache_125.2.dr	String found in binary or memory: https://grupoej.com/zdfaeawees/host%5b24.0%5d/admin/js/sc.php?r=ZW0sZW1haWwsYWRk
Source: chromecache_149.2.dr	String found in binary or memory: https://help.business.jimdo.com/hc/de
Source: chromecache_96.2.dr	String found in binary or memory: https://help.instagram.com/1896641480634370?ref=ig
Source: chromecache_96.2.dr	String found in binary or memory: https://help.instagram.com/519522125107875
Source: chromecache_96.2.dr	String found in binary or memory: https://help.twitter.com/en/rules-and-policies/twitter-cookies
Source: chromecache_149.2.dr	String found in binary or memory: https://jimdo-community-events.jimdosite.com/events/
Source: chromecache_154.2.dr, chromecache_111.2.dr, chromecache_107.2.dr	String found in binary or memory: https://jimdo-dolphin-static-assets-prod.freetls.fastly.net/renderer/
Source: chromecache_154.2.dr, chromecache_111.2.dr, chromecache_107.2.dr	String found in binary or memory: https://jimdo-dolphin-static-assets-prod.freetls.fastly.net/renderer/static/a5814dc53c612c628f1a.css
Source: chromecache_154.2.dr, chromecache_111.2.dr, chromecache_107.2.dr	String found in binary or memory: https://jimdo-dolphin-static-assets-prod.freetls.fastly.net/renderer/static/c74cde79ea88fbaee6df.js
Source: chromecache_154.2.dr, chromecache_111.2.dr, chromecache_107.2.dr	String found in binary or memory: https://jimdo-dolphin-static-assets-prod.freetls.fastly.net/renderer/static/default-website-favicon.
Source: chromecache_154.2.dr, chromecache_111.2.dr, chromecache_107.2.dr	String found in binary or memory: https://jimdo-storage.freetls.fastly.net/
Source: chromecache_154.2.dr	String found in binary or memory: https://jimdo-storage.freetls.fastly.net/image/455980452/9041bab6-4a58-4ffc-8c72-5cb97b13d08f.png?qu
Source: chromecache_128.2.dr, chromecache_117.2.dr	String found in binary or memory: https://logo.e.jimdo.com/?lng=en
Source: chromecache_121.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: chromecache_121.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: chromecache_96.2.dr	String found in binary or memory: https://policies.google.com/)
Source: chromecache_96.2.dr	String found in binary or memory: https://policies.google.com/privacy?hl=de
Source: chromecache_96.2.dr	String found in binary or memory: https://policies.google.com/privacy?hl=en
Source: chromecache_96.2.dr	String found in binary or memory: https://policies.google.com/privacy?hl=es
Source: chromecache_96.2.dr	String found in binary or memory: https://policies.google.com/privacy?hl=fr
Source: chromecache_96.2.dr	String found in binary or memory: https://policies.google.com/privacy?hl=it
Source: chromecache_96.2.dr	String found in binary or memory: https://policies.google.com/privacy?hl=ja
Source: chromecache_96.2.dr	String found in binary or memory: https://policies.google.com/privacy?hl=nl
Source: chromecache_96.2.dr	String found in binary or memory: https://policy.pinterest.com/en/cookies
Source: chromecache_96.2.dr	String found in binary or memory: https://policy.pinterest.com/en/privacy-policy
Source: chromecache_149.2.dr	String found in binary or memory: https://presse.jimdo.com/
Source: chromecache_154.2.dr	String found in binary or memory: https://pub-915ec07e23184287868b4bc8f1cb3f00.r2.dev/index.html
Source: chromecache_121.2.dr	String found in binary or memory: https://px.ads.linkedin.com/collect?
Source: chromecache_121.2.dr	String found in binary or memory: https://s.pinimg.com/ct/core.js
Source: chromecache_121.2.dr	String found in binary or memory: https://snap.licdn.com/li.lms-analytics/insight.min.js
Source: chromecache_96.2.dr	String found in binary or memory: https://soundcloud.com/pages/privacy
Source: chromecache_121.2.dr	String found in binary or memory: https://static.ads-twitter.com/uwt.js
Source: chromecache_96.2.dr	String found in binary or memory: https://stripe.com/cookies-policy/legal
Source: chromecache_96.2.dr	String found in binary or memory: https://stripe.com/privacy
Source: chromecache_121.2.dr	String found in binary or memory: https://td.doubleclick.net
Source: chromecache_96.2.dr	String found in binary or memory: https://tools.google.com/dlpage/gaoptout)
Source: chromecache_96.2.dr	String found in binary or memory: https://twitter.com/en/privacy
Source: chromecache_128.2.dr, chromecache_117.2.dr	String found in binary or memory: https://twitter.com/jimdo
Source: chromecache_96.2.dr	String found in binary or memory: https://vimeo.com/api/oembed.json?url=
Source: chromecache_96.2.dr	String found in binary or memory: https://vimeo.com/cookie_policy
Source: chromecache_96.2.dr	String found in binary or memory: https://vimeo.com/privacy
Source: chromecache_96.2.dr	String found in binary or memory: https://www.apple.com/de/legal/privacy/
Source: chromecache_96.2.dr	String found in binary or memory: https://www.apple.com/legal/privacy/
Source: chromecache_96.2.dr	String found in binary or memory: https://www.apple.com/legal/privacy/de-ww/cookies/
Source: chromecache_96.2.dr	String found in binary or memory: https://www.apple.com/legal/privacy/es/
Source: chromecache_96.2.dr	String found in binary or memory: https://www.apple.com/legal/privacy/fr-ww/
Source: chromecache_96.2.dr	String found in binary or memory: https://www.apple.com/legal/privacy/it/
Source: chromecache_96.2.dr	String found in binary or memory: https://www.apple.com/legal/privacy/jp/
Source: chromecache_96.2.dr, chromecache_111.2.dr	String found in binary or memory: https://www.cloudflare.com/cookie-policy/
Source: chromecache_143.2.dr	String found in binary or memory: https://www.cloudflare.com/favicon.ico
Source: chromecache_96.2.dr	String found in binary or memory: https://www.cloudflare.com/ja-jp/cookie-policy/
Source: chromecache_96.2.dr	String found in binary or memory: https://www.cloudflare.com/ja-jp/privacypolicy/
Source: chromecache_111.2.dr	String found in binary or memory: https://www.cloudflare.com/privacypolicy/
Source: chromecache_121.2.dr	String found in binary or memory: https://www.google-analytics.com/analytics.js
Source: chromecache_121.2.dr	String found in binary or memory: https://www.google.com
Source: chromecache_96.2.dr	String found in binary or memory: https://www.google.com/analytics/terms)
Source: chromecache_121.2.dr	String found in binary or memory: https://www.googleadservices.com
Source: chromecache_121.2.dr	String found in binary or memory: https://www.googletagmanager.com
Source: chromecache_128.2.dr, chromecache_117.2.dr	String found in binary or memory: https://www.instagram.com/jimdo_global/
Source: chromecache_96.2.dr	String found in binary or memory: https://www.jimdo-status.com/)
Source: chromecache_96.2.dr	String found in binary or memory: https://www.jimdo-status.com/).
Source: chromecache_132.2.dr, chromecache_105.2.dr	String found in binary or memory: https://www.jimdo.com
Source: chromecache_96.2.dr	String found in binary or memory: https://www.jimdo.com/
Source: chromecache_96.2.dr	String found in binary or memory: https://www.jimdo.com/addon/legal-text-generator/)
Source: chromecache_96.2.dr	String found in binary or memory: https://www.jimdo.com/de/
Source: chromecache_96.2.dr	String found in binary or memory: https://www.jimdo.com/de/addon/legal-text-generator)
Source: chromecache_96.2.dr	String found in binary or memory: https://www.jimdo.com/es/
Source: chromecache_96.2.dr	String found in binary or memory: https://www.jimdo.com/es/addon/legal-text-generator/)
Source: chromecache_96.2.dr	String found in binary or memory: https://www.jimdo.com/es/addon/legal-text-generator/).
Source: chromecache_96.2.dr	String found in binary or memory: https://www.jimdo.com/fr/
Source: chromecache_96.2.dr	String found in binary or memory: https://www.jimdo.com/fr/addon/legal-text-generator/)
Source: chromecache_96.2.dr	String found in binary or memory: https://www.jimdo.com/info/privacy/)
Source: chromecache_96.2.dr	String found in binary or memory: https://www.jimdo.com/it/addon/legal-text-generator/)
Source: chromecache_96.2.dr	String found in binary or memory: https://www.jimdo.com/jp/
Source: chromecache_96.2.dr	String found in binary or memory: https://www.jimdo.com/jp/news/)
Source: chromecache_96.2.dr	String found in binary or memory: https://www.jimdo.com/nl/
Source: chromecache_96.2.dr	String found in binary or memory: https://www.jimdo.com/nl/addon/legal-text-generator/)
Source: chromecache_117.2.dr	String found in binary or memory: https://www.jimdo.com/website/how-to-create/
Source: chromecache_128.2.dr, chromecache_117.2.dr	String found in binary or memory: https://www.jimdo.com/website/online-store/
Source: chromecache_128.2.dr, chromecache_117.2.dr	String found in binary or memory: https://www.jimdo.com/website/portfolio/
Source: chromecache_96.2.dr	String found in binary or memory: https://www.kddi-webcommunications.co.jp/privacy)
Source: chromecache_96.2.dr	String found in binary or memory: https://www.paypal.com/ie/webapps/mpp/ua/cookie-full
Source: chromecache_96.2.dr	String found in binary or memory: https://www.paypal.com/ie/webapps/mpp/ua/privacy-full
Source: chromecache_128.2.dr, chromecache_117.2.dr	String found in binary or memory: https://www.pinterest.de/JimdoEN/
Source: chromecache_96.2.dr	String found in binary or memory: https://www.spotify.com/de/legal/privacy-policy/
Source: chromecache_96.2.dr	String found in binary or memory: https://www.spotify.com/es/legal/privacy-policy/
Source: chromecache_96.2.dr	String found in binary or memory: https://www.spotify.com/fr/legal/privacy-policy/
Source: chromecache_96.2.dr	String found in binary or memory: https://www.spotify.com/it/legal/privacy-policy/
Source: chromecache_96.2.dr	String found in binary or memory: https://www.spotify.com/jp/legal/privacy-policy/
Source: chromecache_96.2.dr	String found in binary or memory: https://www.spotify.com/legal/cookies-policy/
Source: chromecache_96.2.dr	String found in binary or memory: https://www.spotify.com/legal/privacy-policy/
Source: chromecache_96.2.dr	String found in binary or memory: https://www.tiktok.com/legal/cookie-policy?lang=en
Source: chromecache_96.2.dr	String found in binary or memory: https://www.tiktok.com/legal/privacy-policy-eea?lang=de
Source: chromecache_96.2.dr	String found in binary or memory: https://www.tumblr.com/privacy
Source: chromecache_96.2.dr	String found in binary or memory: https://www.twitch.tv/p/de-de/legal/cookie-notice/
Source: chromecache_96.2.dr	String found in binary or memory: https://www.twitch.tv/p/de-de/legal/privacy-notice/
Source: chromecache_128.2.dr, chromecache_117.2.dr	String found in binary or memory: https://www.youtube.com/user/jimdo

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49862
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49861
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49860
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49875 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49852 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49881 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49841 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49853
Source: unknown	Network traffic detected: HTTP traffic on port 49866 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49852
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown	Network traffic detected: HTTP traffic on port 49861 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49843
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49841
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49839
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49870 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49853 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 49885 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 49862 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49879 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49851 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 49882 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49885
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49884
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49883
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49882
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49881
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49860 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49883 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49879
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49875
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49874
Source: unknown	Network traffic detected: HTTP traffic on port 49843 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49870
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49874 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49866

Source: unknown	HTTPS traffic detected: 23.204.76.112:443 -> 192.168.2.4:49754 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.204.76.112:443 -> 192.168.2.4:49755 version: TLS 1.2

Source: classification engine

Classification label: mal60.phis.win@21/132@62/13

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2152 --field-trial-handle=2028,i,12123064958446262542,16323001551945797636,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://doc-42.jimdosite.com/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2152 --field-trial-handle=2028,i,12123064958446262542,16323001551945797636,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

ID:	1432320
Product:	CloudBasic
Start time:	21:13:33
Start date:	26.04.2024
Cookbook:	browseurl.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Windows Analysis Report
https://doc-42.jimdosite.com/

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report https://doc-42.jimdosite.com/

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
https://doc-42.jimdosite.com/