Analysis Report http://www.flowvinconsortium.com

Overview

General Information

Sample URL:	http://www.flowvinconsortium.com
Analysis ID:	339454
Most interesting Screenshot:

Detection

Score:	0
Range:	0 - 100
Whitelisted:	false
Confidence:	80%

Signatures

No high impact signatures.

Classification

Signatures

There are no high impact signatures.

Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll

Jump to behavior

Source: unknown	HTTPS traffic detected: 13.224.89.135:443 -> 192.168.2.3:49757 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.89.135:443 -> 192.168.2.3:49758 version: TLS 1.2

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Accept: text/html, application/xhtml+xml, image/jxr, /Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: www.flowvinconsortium.comConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Accept: text/html, application/xhtml+xml, image/jxr, /Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateConnection: Keep-AliveHost: ww38.flowvinconsortium.com
Source: global traffic	HTTP traffic detected: GET /themes/cleanPeppermint_7a82f1f3/style.css HTTP/1.1Accept: text/css, /Referer: http://ww38.flowvinconsortium.com/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: d1lxhc4jvstzrp.cloudfront.netConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /scripts/js3caf.js HTTP/1.1Accept: application/javascript, /;q=0.8Referer: http://ww38.flowvinconsortium.com/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: d1lxhc4jvstzrp.cloudfront.netConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /themes/assets/style.css HTTP/1.1Accept: text/css, /Referer: http://ww38.flowvinconsortium.com/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: d1lxhc4jvstzrp.cloudfront.netConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /scripts/sale_form.js HTTP/1.1Accept: application/javascript, /;q=0.8Referer: http://ww38.flowvinconsortium.com/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: c.parkingcrew.netConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /track.php?domain=flowvinconsortium.com&toggle=browserjs&uid=MTYxMDU5NjkzNi44NjM4OjJlMjliMzNjYzE2ZDNhMTM5ZGFhZWJjMjBlMmIxYmEzYWNlZTk5ZjQyMjgwZmMzNTc3ZTM4MzU2NTQzMDBlZjU6NWZmZmMyNDhkMmU1OA%3D%3D HTTP/1.1Accept: /Referer: http://ww38.flowvinconsortium.com/Accept-Language: en-USAccept-Encoding: gzip, deflateUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: ww38.flowvinconsortium.comConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /themes/cleanPeppermint_7a82f1f3/img/arrows.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/;q=0.8, /*;q=0.5Referer: http://ww38.flowvinconsortium.com/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: d1lxhc4jvstzrp.cloudfront.netConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Accept: /Accept-Encoding: gzip, deflateUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: ww38.flowvinconsortium.comConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /track.php?domain=flowvinconsortium.com&caf=1&toggle=answercheck&answer=yes&uid=MTYxMDU5NjkzNi44NjM4OjJlMjliMzNjYzE2ZDNhMTM5ZGFhZWJjMjBlMmIxYmEzYWNlZTk5ZjQyMjgwZmMzNTc3ZTM4MzU2NTQzMDBlZjU6NWZmZmMyNDhkMmU1OA%3D%3D HTTP/1.1Accept: /Referer: http://ww38.flowvinconsortium.com/Accept-Language: en-USAccept-Encoding: gzip, deflateUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: ww38.flowvinconsortium.comConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1User-Agent: AutoItHost: ww38.flowvinconsortium.com

Source: find[1].htm.2.dr	String found in binary or memory: <span class="location"></span></span></a></li></ul></div></div></div></div></div></div><div class="follow-us"><ul class="list-inline social-media-links"><li><a href="https://www.facebook.com/de.GoDaddy/" title="Facebook" data-eid="uxp.hyd.sales_footer.facebook_icon.link.click"><span class="footer-social-icon footer-social-icon-facebook"><span class="sr-only">Facebook</span><svg role="img" aria-labelledby="Facebook" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><title id="Facebook">Facebook</title><path d="M12 2a10 10 0 0 0-1.56 19.88v-7H7.9V12h2.54V9.8a3.52 3.52 0 0 1 3.77-3.89 15.72 15.72 0 0 1 2.24.19v2.46h-1.26a1.45 1.45 0 0 0-1.63 1.56V12h2.78l-.45 2.89h-2.33v7A10 10 0 0 0 12 2z"></path></svg></span></a></li><li><a href="https://www.instagram.com/godaddyde/" title="Instagram" data-eid="uxp.hyd.sales_footer.instagram_icon.link.click"><span class="footer-social-icon footer-social-icon-instagram"><span class="sr-only">Instagram</span><svg role="img" aria-labelledby="Instagram" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><title id="Instagram">Instagram</title><path d="M22 15.15a9.89 9.89 0 0 1-.41 3.15 5.12 5.12 0 0 1-4 3.47A16.68 16.68 0 0 1 14 22H8.83a9.85 9.85 0 0 1-3.15-.41 5.13 5.13 0 0 1-3.48-4 13.8 13.8 0 0 1-.2-2.76v-6a9.58 9.58 0 0 1 .43-3.13 5.09 5.09 0 0 1 4-3.47A18.12 18.12 0 0 1 10 2h6.09a6.53 6.53 0 0 1 3.56 1.1 5.26 5.26 0 0 1 2.17 3.58A21.15 21.15 0 0 1 22 10v5.15zm-2-8.23A3.42 3.42 0 0 0 17.28 4a13.37 13.37 0 0 0-2.75-.21H9.47A14.51 14.51 0 0 0 6.92 4 3.36 3.36 0 0 0 4.1 6.43 9 9 0 0 0 3.83 9v4.08a30.6 30.6 0 0 0 .14 3.71A3.43 3.43 0 0 0 6.71 20a12.83 12.83 0 0 0 2.77.2h5a14.56 14.56 0 0 0 2.59-.2 3.4 3.4 0 0 0 2.59-1.83 5.23 5.23 0 0 0 .47-2.1c.08-1.36.07-2.73.06-4.09V9.46A18.25 18.25 0 0 0 20 6.92zm-8 10.21a5.14 5.14 0 1 1 5.14-5.08A5.12 5.12 0 0 1 12 17.13zm5.34-9.26a1.22 1.22 0 0 1-1.21-1.21 1.21 1.21 0 0 1 1.21-1.2 1.17 1.17 0 0 1 1.19 1.21 1.2 1.2 0 0 1-1.19 1.2zm-5.34.8A3.33 3.33 0 1 0 15.33 12 3.34 3.34 0 0 0 12 8.67z"></path></svg></span></a></li><li><a href="https://twitter.com/godaddyDE" title="Twitter" data-eid="uxp.hyd.sales_footer.twitter_icon.link.click"><span class="footer-social-icon footer-social-icon-twitter"><span class="sr-only">Twitter</span><svg role="img" aria-labelledby="Twitter" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><title id="Twitter">Twitter</title><path d="M8.3 20.1c7.5 0 11.7-6.3 11.7-11.7v-.5c.8-.6 1.5-1.3 2-2.1-.7.3-1.5.5-2.4.6.9-.5 1.5-1.3 1.8-2.3-.8.5-1.7.8-2.6 1-1.5-1.6-4.1-1.7-5.8-.1-1.1 1-1.5 2.5-1.2 3.9-3.3-.2-6.3-1.7-8.4-4.3-1.1 1.9-.5 4.3 1.3 5.5-.7 0-1.3-.2-1.9-.5v.1c0 2 1.4 3.6 3.3 4-.6.2-1.2.2-1.9.1.5 1.7 2.1 2.8 3.8 2.8-1.5 1.1-3.2 1.8-5.1 1.8-.3 0-.7 0-1-.1 2 1.2 4.2 1.8 6.4 1.8"></path></svg></span></a></li><li><a href="https://www.youtube.com/channel/UCw3ptwBKdmfId7-5reoY8yw" title="YouTube" data-eid="uxp.hyd.sales_footer.you_tube_icon.link.click"><span class="footer-social-icon footer-social-icon-youtube"><span class="sr-only">YouTube</span><svg
Source: find[1].htm.2.dr	String found in binary or memory: <span class="location"></span></span></a></li></ul></div></div></div></div></div></div><div class="follow-us"><ul class="list-inline social-media-links"><li><a href="https://www.facebook.com/de.GoDaddy/" title="Facebook" data-eid="uxp.hyd.sales_footer.facebook_icon.link.click"><span class="footer-social-icon footer-social-icon-facebook"><span class="sr-only">Facebook</span><svg role="img" aria-labelledby="Facebook" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><title id="Facebook">Facebook</title><path d="M12 2a10 10 0 0 0-1.56 19.88v-7H7.9V12h2.54V9.8a3.52 3.52 0 0 1 3.77-3.89 15.72 15.72 0 0 1 2.24.19v2.46h-1.26a1.45 1.45 0 0 0-1.63 1.56V12h2.78l-.45 2.89h-2.33v7A10 10 0 0 0 12 2z"></path></svg></span></a></li><li><a href="https://www.instagram.com/godaddyde/" title="Instagram" data-eid="uxp.hyd.sales_footer.instagram_icon.link.click"><span class="footer-social-icon footer-social-icon-instagram"><span class="sr-only">Instagram</span><svg role="img" aria-labelledby="Instagram" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><title id="Instagram">Instagram</title><path d="M22 15.15a9.89 9.89 0 0 1-.41 3.15 5.12 5.12 0 0 1-4 3.47A16.68 16.68 0 0 1 14 22H8.83a9.85 9.85 0 0 1-3.15-.41 5.13 5.13 0 0 1-3.48-4 13.8 13.8 0 0 1-.2-2.76v-6a9.58 9.58 0 0 1 .43-3.13 5.09 5.09 0 0 1 4-3.47A18.12 18.12 0 0 1 10 2h6.09a6.53 6.53 0 0 1 3.56 1.1 5.26 5.26 0 0 1 2.17 3.58A21.15 21.15 0 0 1 22 10v5.15zm-2-8.23A3.42 3.42 0 0 0 17.28 4a13.37 13.37 0 0 0-2.75-.21H9.47A14.51 14.51 0 0 0 6.92 4 3.36 3.36 0 0 0 4.1 6.43 9 9 0 0 0 3.83 9v4.08a30.6 30.6 0 0 0 .14 3.71A3.43 3.43 0 0 0 6.71 20a12.83 12.83 0 0 0 2.77.2h5a14.56 14.56 0 0 0 2.59-.2 3.4 3.4 0 0 0 2.59-1.83 5.23 5.23 0 0 0 .47-2.1c.08-1.36.07-2.73.06-4.09V9.46A18.25 18.25 0 0 0 20 6.92zm-8 10.21a5.14 5.14 0 1 1 5.14-5.08A5.12 5.12 0 0 1 12 17.13zm5.34-9.26a1.22 1.22 0 0 1-1.21-1.21 1.21 1.21 0 0 1 1.21-1.2 1.17 1.17 0 0 1 1.19 1.21 1.2 1.2 0 0 1-1.19 1.2zm-5.34.8A3.33 3.33 0 1 0 15.33 12 3.34 3.34 0 0 0 12 8.67z"></path></svg></span></a></li><li><a href="https://twitter.com/godaddyDE" title="Twitter" data-eid="uxp.hyd.sales_footer.twitter_icon.link.click"><span class="footer-social-icon footer-social-icon-twitter"><span class="sr-only">Twitter</span><svg role="img" aria-labelledby="Twitter" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><title id="Twitter">Twitter</title><path d="M8.3 20.1c7.5 0 11.7-6.3 11.7-11.7v-.5c.8-.6 1.5-1.3 2-2.1-.7.3-1.5.5-2.4.6.9-.5 1.5-1.3 1.8-2.3-.8.5-1.7.8-2.6 1-1.5-1.6-4.1-1.7-5.8-.1-1.1 1-1.5 2.5-1.2 3.9-3.3-.2-6.3-1.7-8.4-4.3-1.1 1.9-.5 4.3 1.3 5.5-.7 0-1.3-.2-1.9-.5v.1c0 2 1.4 3.6 3.3 4-.6.2-1.2.2-1.9.1.5 1.7 2.1 2.8 3.8 2.8-1.5 1.1-3.2 1.8-5.1 1.8-.3 0-.7 0-1-.1 2 1.2 4.2 1.8 6.4 1.8"></path></svg></span></a></li><li><a href="https://www.youtube.com/channel/UCw3ptwBKdmfId7-5reoY8yw" title="YouTube" data-eid="uxp.hyd.sales_footer.you_tube_icon.link.click"><span class="footer-social-icon footer-social-icon-youtube"><span class="sr-only">YouTube</span><svg
Source: find[1].htm.2.dr	String found in binary or memory: <span class="location"></span></span></a></li></ul></div></div></div></div></div></div><div class="follow-us"><ul class="list-inline social-media-links"><li><a href="https://www.facebook.com/de.GoDaddy/" title="Facebook" data-eid="uxp.hyd.sales_footer.facebook_icon.link.click"><span class="footer-social-icon footer-social-icon-facebook"><span class="sr-only">Facebook</span><svg role="img" aria-labelledby="Facebook" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><title id="Facebook">Facebook</title><path d="M12 2a10 10 0 0 0-1.56 19.88v-7H7.9V12h2.54V9.8a3.52 3.52 0 0 1 3.77-3.89 15.72 15.72 0 0 1 2.24.19v2.46h-1.26a1.45 1.45 0 0 0-1.63 1.56V12h2.78l-.45 2.89h-2.33v7A10 10 0 0 0 12 2z"></path></svg></span></a></li><li><a href="https://www.instagram.com/godaddyde/" title="Instagram" data-eid="uxp.hyd.sales_footer.instagram_icon.link.click"><span class="footer-social-icon footer-social-icon-instagram"><span class="sr-only">Instagram</span><svg role="img" aria-labelledby="Instagram" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><title id="Instagram">Instagram</title><path d="M22 15.15a9.89 9.89 0 0 1-.41 3.15 5.12 5.12 0 0 1-4 3.47A16.68 16.68 0 0 1 14 22H8.83a9.85 9.85 0 0 1-3.15-.41 5.13 5.13 0 0 1-3.48-4 13.8 13.8 0 0 1-.2-2.76v-6a9.58 9.58 0 0 1 .43-3.13 5.09 5.09 0 0 1 4-3.47A18.12 18.12 0 0 1 10 2h6.09a6.53 6.53 0 0 1 3.56 1.1 5.26 5.26 0 0 1 2.17 3.58A21.15 21.15 0 0 1 22 10v5.15zm-2-8.23A3.42 3.42 0 0 0 17.28 4a13.37 13.37 0 0 0-2.75-.21H9.47A14.51 14.51 0 0 0 6.92 4 3.36 3.36 0 0 0 4.1 6.43 9 9 0 0 0 3.83 9v4.08a30.6 30.6 0 0 0 .14 3.71A3.43 3.43 0 0 0 6.71 20a12.83 12.83 0 0 0 2.77.2h5a14.56 14.56 0 0 0 2.59-.2 3.4 3.4 0 0 0 2.59-1.83 5.23 5.23 0 0 0 .47-2.1c.08-1.36.07-2.73.06-4.09V9.46A18.25 18.25 0 0 0 20 6.92zm-8 10.21a5.14 5.14 0 1 1 5.14-5.08A5.12 5.12 0 0 1 12 17.13zm5.34-9.26a1.22 1.22 0 0 1-1.21-1.21 1.21 1.21 0 0 1 1.21-1.2 1.17 1.17 0 0 1 1.19 1.21 1.2 1.2 0 0 1-1.19 1.2zm-5.34.8A3.33 3.33 0 1 0 15.33 12 3.34 3.34 0 0 0 12 8.67z"></path></svg></span></a></li><li><a href="https://twitter.com/godaddyDE" title="Twitter" data-eid="uxp.hyd.sales_footer.twitter_icon.link.click"><span class="footer-social-icon footer-social-icon-twitter"><span class="sr-only">Twitter</span><svg role="img" aria-labelledby="Twitter" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><title id="Twitter">Twitter</title><path d="M8.3 20.1c7.5 0 11.7-6.3 11.7-11.7v-.5c.8-.6 1.5-1.3 2-2.1-.7.3-1.5.5-2.4.6.9-.5 1.5-1.3 1.8-2.3-.8.5-1.7.8-2.6 1-1.5-1.6-4.1-1.7-5.8-.1-1.1 1-1.5 2.5-1.2 3.9-3.3-.2-6.3-1.7-8.4-4.3-1.1 1.9-.5 4.3 1.3 5.5-.7 0-1.3-.2-1.9-.5v.1c0 2 1.4 3.6 3.3 4-.6.2-1.2.2-1.9.1.5 1.7 2.1 2.8 3.8 2.8-1.5 1.1-3.2 1.8-5.1 1.8-.3 0-.7 0-1-.1 2 1.2 4.2 1.8 6.4 1.8"></path></svg></span></a></li><li><a href="https://www.youtube.com/channel/UCw3ptwBKdmfId7-5reoY8yw" title="YouTube" data-eid="uxp.hyd.sales_footer.you_tube_icon.link.click"><span class="footer-social-icon footer-social-icon-youtube"><span class="sr-only">YouTube</span><svg
Source: find[1].htm.2.dr	String found in binary or memory: ngerungen","id":"Sales:Footer:MyAccount:MyRenewals","href":"https://account.godaddy.com/subscriptions"},{"title":"Konto einrichten","href":"https://sso.godaddy.com/account/create?realm=idp&path=%2fproducts&app=account&marketid=de-CH","id":"Sales:Footer:MyAccount:CreateAccount"}]},{"title":"Einkaufen","id":"Sales:Footer:Shopping:Heading","children":[{"title":"Domains","id":"Sales:Footer:Shopping:Domains","href":"https://ch.godaddy.com/domains/domain-name-search"},{"title":"Website","href":"https://ch.godaddy.com/websites","id":"Sales:Footer:Shopping:ShoppingWebsites"},{"title":"WordPress","id":"Sales:Footer:Shopping:ShoppingWordPress","href":"https://ch.godaddy.com/hosting/wordpress-hosting"},{"title":"Hosting","id":"Sales:Footer:Shopping:ShoppingHosting","Tracking Type":[[]],"href":"https://ch.godaddy.com/hosting"},{"title":"Web Security","id":"Sales:Footer:Shopping:ShoppingWebSecurity","href":"https://ch.godaddy.com/web-security"},{"title":"E-Mail und Office","id":"Sales:Footer:Shopping:ShoppingEmailAndOffice","Tracking Type":[[]],"href":"https://ch.godaddy.com/email/professional-business-email"},{"title":"Aktionen","id":"Sales:Footer:Shopping:ShoppingPromosCoupons","href":"https://ch.godaddy.com/promos/coupon-promo-codes"}]},{"id":"Sales:Footer:SocialMedia:Heading","children":[{"title":"Facebook","href":"https://www.facebook.com/de.GoDaddy/","id":"Sales:Footer:SocialMedia:FacebookIcon","options":{"className":"footer-social-icon-facebook","imgPath":"ux/sales-footer/social-media-sprite.png"}},{"title":"Instagram","id":"Sales:Footer:SocialMedia:InstagramIcon","href":"https://www.instagram.com/godaddyde/","options":{"className":"footer-social-icon-instagram","imgPath":"ux/sales-footer/social-media-sprite.png"}},{"title":"Twitter","id":"Sales:Footer:SocialMedia:TwitterIcon","href":"https://twitter.com/godaddyDE","options":{"className":"footer-social-icon-twitter","imgPath":"ux/sales-footer/social-media-sprite.png"}},{"title":"YouTube","id":"Sales:Footer:SocialMedia:YouTubeIcon","href":"https://www.youtube.com/channel/UCw3ptwBKdmfId7-5reoY8yw","options":{"className":"footer-social-icon-youtube","imgPath":"ux/sales-footer/social-media-sprite.png"}}]}],"legal":[{"title":"Die Nutzung dieser Website unterliegt ausdr equals www.facebook.com (Facebook)
Source: find[1].htm.2.dr	String found in binary or memory: ngerungen","id":"Sales:Footer:MyAccount:MyRenewals","href":"https://account.godaddy.com/subscriptions"},{"title":"Konto einrichten","href":"https://sso.godaddy.com/account/create?realm=idp&path=%2fproducts&app=account&marketid=de-CH","id":"Sales:Footer:MyAccount:CreateAccount"}]},{"title":"Einkaufen","id":"Sales:Footer:Shopping:Heading","children":[{"title":"Domains","id":"Sales:Footer:Shopping:Domains","href":"https://ch.godaddy.com/domains/domain-name-search"},{"title":"Website","href":"https://ch.godaddy.com/websites","id":"Sales:Footer:Shopping:ShoppingWebsites"},{"title":"WordPress","id":"Sales:Footer:Shopping:ShoppingWordPress","href":"https://ch.godaddy.com/hosting/wordpress-hosting"},{"title":"Hosting","id":"Sales:Footer:Shopping:ShoppingHosting","Tracking Type":[[]],"href":"https://ch.godaddy.com/hosting"},{"title":"Web Security","id":"Sales:Footer:Shopping:ShoppingWebSecurity","href":"https://ch.godaddy.com/web-security"},{"title":"E-Mail und Office","id":"Sales:Footer:Shopping:ShoppingEmailAndOffice","Tracking Type":[[]],"href":"https://ch.godaddy.com/email/professional-business-email"},{"title":"Aktionen","id":"Sales:Footer:Shopping:ShoppingPromosCoupons","href":"https://ch.godaddy.com/promos/coupon-promo-codes"}]},{"id":"Sales:Footer:SocialMedia:Heading","children":[{"title":"Facebook","href":"https://www.facebook.com/de.GoDaddy/","id":"Sales:Footer:SocialMedia:FacebookIcon","options":{"className":"footer-social-icon-facebook","imgPath":"ux/sales-footer/social-media-sprite.png"}},{"title":"Instagram","id":"Sales:Footer:SocialMedia:InstagramIcon","href":"https://www.instagram.com/godaddyde/","options":{"className":"footer-social-icon-instagram","imgPath":"ux/sales-footer/social-media-sprite.png"}},{"title":"Twitter","id":"Sales:Footer:SocialMedia:TwitterIcon","href":"https://twitter.com/godaddyDE","options":{"className":"footer-social-icon-twitter","imgPath":"ux/sales-footer/social-media-sprite.png"}},{"title":"YouTube","id":"Sales:Footer:SocialMedia:YouTubeIcon","href":"https://www.youtube.com/channel/UCw3ptwBKdmfId7-5reoY8yw","options":{"className":"footer-social-icon-youtube","imgPath":"ux/sales-footer/social-media-sprite.png"}}]}],"legal":[{"title":"Die Nutzung dieser Website unterliegt ausdr equals www.twitter.com (Twitter)
Source: find[1].htm.2.dr	String found in binary or memory: ngerungen","id":"Sales:Footer:MyAccount:MyRenewals","href":"https://account.godaddy.com/subscriptions"},{"title":"Konto einrichten","href":"https://sso.godaddy.com/account/create?realm=idp&path=%2fproducts&app=account&marketid=de-CH","id":"Sales:Footer:MyAccount:CreateAccount"}]},{"title":"Einkaufen","id":"Sales:Footer:Shopping:Heading","children":[{"title":"Domains","id":"Sales:Footer:Shopping:Domains","href":"https://ch.godaddy.com/domains/domain-name-search"},{"title":"Website","href":"https://ch.godaddy.com/websites","id":"Sales:Footer:Shopping:ShoppingWebsites"},{"title":"WordPress","id":"Sales:Footer:Shopping:ShoppingWordPress","href":"https://ch.godaddy.com/hosting/wordpress-hosting"},{"title":"Hosting","id":"Sales:Footer:Shopping:ShoppingHosting","Tracking Type":[[]],"href":"https://ch.godaddy.com/hosting"},{"title":"Web Security","id":"Sales:Footer:Shopping:ShoppingWebSecurity","href":"https://ch.godaddy.com/web-security"},{"title":"E-Mail und Office","id":"Sales:Footer:Shopping:ShoppingEmailAndOffice","Tracking Type":[[]],"href":"https://ch.godaddy.com/email/professional-business-email"},{"title":"Aktionen","id":"Sales:Footer:Shopping:ShoppingPromosCoupons","href":"https://ch.godaddy.com/promos/coupon-promo-codes"}]},{"id":"Sales:Footer:SocialMedia:Heading","children":[{"title":"Facebook","href":"https://www.facebook.com/de.GoDaddy/","id":"Sales:Footer:SocialMedia:FacebookIcon","options":{"className":"footer-social-icon-facebook","imgPath":"ux/sales-footer/social-media-sprite.png"}},{"title":"Instagram","id":"Sales:Footer:SocialMedia:InstagramIcon","href":"https://www.instagram.com/godaddyde/","options":{"className":"footer-social-icon-instagram","imgPath":"ux/sales-footer/social-media-sprite.png"}},{"title":"Twitter","id":"Sales:Footer:SocialMedia:TwitterIcon","href":"https://twitter.com/godaddyDE","options":{"className":"footer-social-icon-twitter","imgPath":"ux/sales-footer/social-media-sprite.png"}},{"title":"YouTube","id":"Sales:Footer:SocialMedia:YouTubeIcon","href":"https://www.youtube.com/channel/UCw3ptwBKdmfId7-5reoY8yw","options":{"className":"footer-social-icon-youtube","imgPath":"ux/sales-footer/social-media-sprite.png"}}]}],"legal":[{"title":"Die Nutzung dieser Website unterliegt ausdr equals www.youtube.com (Youtube)

Source: unknown

DNS traffic detected: queries for: www.flowvinconsortium.com

Source: unknown

HTTP traffic detected: POST /ls.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencoded; charset=UTF-8Referer: http://ww38.flowvinconsortium.com/Accept-Language: en-USAccept-Encoding: gzip, deflateUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: ww38.flowvinconsortium.comContent-Length: 2130Connection: Keep-AliveCache-Control: no-cache

Source: FCO7OGE7.htm.2.dr	String found in binary or memory: http://c.parkingcrew.net/scripts/sale_form.js
Source: FCO7OGE7.htm.2.dr	String found in binary or memory: http://parkingcrew.net/assets
Source: ~DF404FE72635615315.TMP.1.dr	String found in binary or memory: http://ww38.flowvinconsortium.com/
Source: FCO7OGE7.htm.2.dr	String found in binary or memory: http://ww38.flowvinconsortium.com/?ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQxMDZ8fHx8fHw1Zm
Source: {B82B1B74-5668-11EB-90E4-ECF4BB862DED}.dat.1.dr	String found in binary or memory: http://ww38.flowvinconsortium.com/Root
Source: webfont[1].js.2.dr	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
Source: find[1].htm.2.dr	String found in binary or memory: https://account.godaddy.com/products?acctid=44
Source: find[1].htm.2.dr	String found in binary or memory: https://account.godaddy.com/products?go_redirect=disabled
Source: find[1].htm.2.dr	String found in binary or memory: https://account.godaddy.com/subscriptions
Source: find[1].htm.2.dr	String found in binary or memory: https://ae.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://ae.godaddy.com/ar
Source: caf[2].js.2.dr, caf[1].js.2.dr	String found in binary or memory: https://ajax.googleapis.com/ajax
Source: find[1].htm.2.dr	String found in binary or memory: https://ar.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://at.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://au.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://be.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://be.godaddy.com/fr
Source: find[1].htm.2.dr	String found in binary or memory: https://br.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://ca.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://ca.godaddy.com/fr
Source: find[1].htm.2.dr	String found in binary or memory: https://careers.godaddy.com/search-jobs/Germany
Source: find[1].htm.2.dr	String found in binary or memory: https://cart.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://certs.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.auctions.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.auctions.godaddy.com/trpItemBuild.aspx
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.auctions.godaddy.com/trppricing.aspx
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/affiliate-programs
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/business/office-365
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/catalog
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/company/about
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/contact-us
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/domain-value-appraisal
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/domains
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/domains/bulk-domain-search
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/domains/domain-backorder
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/domains/domain-broker
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/domains/domain-investing
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/domains/domain-name-generator
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/domains/domain-name-search
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/domains/domain-transfer
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/domains/gtld-domain-names
Source: ~DF404FE72635615315.TMP.1.dr	String found in binary or memory: https://ch.godaddy.com/domainsearch/find?checkAvail=1&domainToCheck=flowvinconsortium.com
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/email
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/email/professional-business-email
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/fr
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/help
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/hosting
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/hosting/business-hosting
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/hosting/dedicated-server
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/hosting/ecommerce-hosting
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/hosting/vps-hosting
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/hosting/web-hosting
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/hosting/wordpress-hosting
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/hosting/wordpress-hosting?subCategory=Sales%3aProductNav%3aWordPress%3aWordPr
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/it
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/legal/agreements
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/legal/agreements/cookie-policy
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/legal/agreements/privacy-policy
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/legal/agreements/privacy-policy?target=_blank
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/legal/agreements/universal-terms-of-service-agreement
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/offers/ssl-certificate/ssl-selector
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/online-marketing/digital-marketing-suite
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/online-marketing/seo-tools
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/pro
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/promos/coupon-promo-codes
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/promos/hot-deals
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/promos/renewal-codes
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/reseller-program
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/site-map
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/trust-center
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/upgrade-your-browser
Source: ~DF404FE72635615315.TMP.1.dr	String found in binary or memory: https://ch.godaddy.com/upgrade-your-browserckAvail=1&domainToCheck=flowvinconsortium.com
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/web-security
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/web-security/domain-validation-ssl-certificate
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/web-security/ev-ssl-certificate
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/web-security/multi-domain-san-ssl-certificate
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/web-security/ov-ssl-certificate
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/web-security/ssl-certificate
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/web-security/website-backup
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/web-security/website-security
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/web-security/wildcard-ssl-certificate
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/websites
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/websites/website-builder
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/whois
Source: {B82B1B74-5668-11EB-90E4-ECF4BB862DED}.dat.1.dr	String found in binary or memory: https://ch.godaddy.comsortium.com/
Source: find[1].htm.2.dr	String found in binary or memory: https://cl.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://co.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://d3uxovyp91rmcf.cloudfront.net/hivemind-v2.js
Source: find[1].htm.2.dr	String found in binary or memory: https://dcc.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://dcc.godaddy.com/domains
Source: find[1].htm.2.dr	String found in binary or memory: https://dcc.godaddy.com/icann/confirmation?marketid=de-CH
Source: find[1].htm.2.dr	String found in binary or memory: https://de.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://dk.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://email.godaddy.com?_target=blank
Source: find[1].htm.2.dr	String found in binary or memory: https://email.godaddy.com?target=blank
Source: find[1].htm.2.dr	String found in binary or memory: https://es.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://fi.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://find.godaddy.com/v1/jserror?error=add_dpp_cookie_script
Source: find[1].htm.2.dr	String found in binary or memory: https://find.godaddy.com/v1/jserror?error=experiment_cookie
Source: find[1].htm.2.dr	String found in binary or memory: https://find.godaddy.com/v1/jserror?error=preload_loader_img
Source: find[1].htm.2.dr	String found in binary or memory: https://find.godaddy.com/v1/jserror?error=telemetry
Source: caf[2].js.2.dr	String found in binary or memory: https://fonts.googleapis.com/css
Source: FCO7OGE7.htm.2.dr	String found in binary or memory: https://fonts.googleapis.com/css?family=Poppins:300
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLDz8Z1xlEw.woff)
Source: css[1].css0.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfedA.woff)
Source: find[1].htm.2.dr	String found in binary or memory: https://fr.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://gr.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://hk.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://hk.godaddy.com/en
Source: find[1].htm.2.dr	String found in binary or memory: https://id.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://ie.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://il.godaddy.com/en
Source: upgrade-your-browser[1].htm.2.dr	String found in binary or memory: https://img1.wsimg.com/wrhs/browser-deprecation-warning/Chrome.png
Source: upgrade-your-browser[1].htm.2.dr	String found in binary or memory: https://img1.wsimg.com/wrhs/browser-deprecation-warning/Firefox.png
Source: upgrade-your-browser[1].htm.2.dr	String found in binary or memory: https://img1.wsimg.com/wrhs/browser-deprecation-warning/Safari.png
Source: upgrade-your-browser[1].htm.2.dr	String found in binary or memory: https://img1.wsimg.com/wrhs/browser-deprecation-warning/logo.png
Source: upgrade-your-browser[1].htm.2.dr	String found in binary or memory: https://img1.wsimg.com/wrhs/browser-deprecation-warning/style-ltr.css
Source: find[1].htm.2.dr	String found in binary or memory: https://img6.dev-wsimg.com/px/cart/661/js/cart.min.js
Source: find[1].htm.2.dr	String found in binary or memory: https://img6.wsimg.com/
Source: find[1].htm.2.dr	String found in binary or memory: https://img6.wsimg.com/fos/react/domains/bulkavailcheck/32/js/main.min.js
Source: find[1].htm.2.dr	String found in binary or memory: https://img6.wsimg.com/fos/react/domains/contact-validation/149/domain-validation.js
Source: find[1].htm.2.dr	String found in binary or memory: https://img6.wsimg.com/fos/react/domains/domain-configuration/306/domain-configuration.min.js
Source: find[1].htm.2.dr	String found in binary or memory: https://img6.wsimg.com/poly/v3/polyfill.min.js?features=Promise
Source: find[1].htm.2.dr	String found in binary or memory: https://img6.wsimg.com/serp-assets/static/b9221d4/client-search-page.min.css
Source: find[1].htm.2.dr	String found in binary or memory: https://img6.wsimg.com/serp-assets/static/b9221d4/client-search-page.min.js
Source: find[1].htm.2.dr	String found in binary or memory: https://img6.wsimg.com/serp-assets/static/b9221d4/prefetch.min.js
Source: find[1].htm.2.dr	String found in binary or memory: https://img6.wsimg.com/serpimg/img/solutionsimg/serp_animation_loader.gif
Source: find[1].htm.2.dr	String found in binary or memory: https://img6.wsimg.com/serpimg/img/solutionsimg/serp_animation_loader_sm.gif
Source: imagestore.dat.2.dr	String found in binary or memory: https://img6.wsimg.com/ux/favicon/favicon-32x32.png
Source: find[1].htm.2.dr	String found in binary or memory: https://img6.wsimg.com/wrhs/016f5deda0ac62c233959d03597fbb2a/header-cart-loader.js
Source: find[1].htm.2.dr	String found in binary or memory: https://img6.wsimg.com/wrhs/044e80af893940b9c2e2dd4096f44d0f/header-cart.header-chunk.js
Source: find[1].htm.2.dr	String found in binary or memory: https://img6.wsimg.com/wrhs/1d4ea1012b1fc81cb9412dc42a2747dc/salesheader.min.css
Source: find[1].htm.2.dr	String found in binary or memory: https://img6.wsimg.com/wrhs/35c6c2de91e6828c185c6d9613f2ae86/purchase.header-chunk.js
Source: find[1].htm.2.dr	String found in binary or memory: https://img6.wsimg.com/wrhs/385be9005ba2a6b37aa32d160d17cbf8/vendors~browser-deprecation-banner.head
Source: find[1].htm.2.dr	String found in binary or memory: https://img6.wsimg.com/wrhs/52f615aebffce8ed7bc30951896f0286/vendors~purchase.header-chunk.js
Source: find[1].htm.2.dr	String found in binary or memory: https://img6.wsimg.com/wrhs/5f1d295b85aaaba74af4ee02bdc62854/vendor~uxcore2.min.js
Source: find[1].htm.2.dr	String found in binary or memory: https://img6.wsimg.com/wrhs/8423ef1d32036a5af0c0d8b0d1d8e328/uxcore2.min.js
Source: find[1].htm.2.dr	String found in binary or memory: https://img6.wsimg.com/wrhs/9d2d57f6dd630cb051724eacb63d2a91/uxcore2.min.css
Source: find[1].htm.2.dr	String found in binary or memory: https://img6.wsimg.com/wrhs/c7fa7d66354b8b79c171eeb460286ef1/vendors~notifications.header-chunk.min.
Source: find[1].htm.2.dr	String found in binary or memory: https://img6.wsimg.com/wrhs/d4829b8fe08d413dc0c4ea769565a72e/tcc.min.js
Source: find[1].htm.2.dr	String found in binary or memory: https://img6.wsimg.com/wrhs/d6c7b1acb132140b70d61ad9ce6bc527/heartbeat.min.js
Source: find[1].htm.2.dr	String found in binary or memory: https://img6.wsimg.com/wrhs/e215bf73159eb903a5e02d56e64bf46d/salesheader.min.js
Source: find[1].htm.2.dr	String found in binary or memory: https://in.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://in.godaddy.com/hi
Source: find[1].htm.2.dr	String found in binary or memory: https://it.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://jp.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://kr.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://mx.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://my.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://myh.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://nl.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://no.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://nz.godaddy.com
Source: FCO7OGE7.htm.2.dr	String found in binary or memory: https://parking-crew.com/track.
Source: find[1].htm.2.dr	String found in binary or memory: https://pe.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://ph.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://pk.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://pl.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://preferences-mgr.truste.com/?pid=godaddy01&aid=godaddy01&type=godaddy
Source: find[1].htm.2.dr	String found in binary or memory: https://productivity.godaddy.com/emailchooser
Source: find[1].htm.2.dr	String found in binary or memory: https://productivity.godaddy.com?marketid=de-CH
Source: find[1].htm.2.dr	String found in binary or memory: https://pt.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://ru.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://se.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://sg.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://sg.godaddy.com/zh
Source: find[1].htm.2.dr	String found in binary or memory: https://sso.godaddy.com/account/create?realm=idp&path=%2Fproducts&app=account
Source: find[1].htm.2.dr	String found in binary or memory: https://sso.godaddy.com/account/create?realm=idp&path=%2fproducts&app=account&marketid=de-CH
Source: find[1].htm.2.dr	String found in binary or memory: https://sso.godaddy.com/logout?realm=idp
Source: find[1].htm.2.dr	String found in binary or memory: https://sso.godaddy.com?app=o365&realm=pass&marketid=de-CH
Source: find[1].htm.2.dr	String found in binary or memory: https://sso.godaddy.com?app=o365&realm=pass&marketid=de-CH
Source: find[1].htm.2.dr	String found in binary or memory: https://sso.godaddy.com?realm=idp&path=%2Fproducts&app=account
Source: find[1].htm.2.dr	String found in binary or memory: https://sso.godaddy.com?realm=idp&path=%2Fproducts&app=account
Source: find[1].htm.2.dr	String found in binary or memory: https://supportcenter.godaddy.com/AbuseReport
Source: find[1].htm.2.dr	String found in binary or memory: https://tags.tiqcdn.com/utag/godaddy/godaddy/prod/utag.js
Source: find[1].htm.2.dr	String found in binary or memory: https://th.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://tr.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://tw.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://ua.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://uk.godaddy.com
Source: webfont[1].js.2.dr	String found in binary or memory: https://use.typekit.net
Source: find[1].htm.2.dr	String found in binary or memory: https://ve.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://vn.godaddy.com
Source: upgrade-your-browser[1].htm.2.dr, find[1].htm.2.dr	String found in binary or memory: https://www.apple.com/safari/
Source: find[1].htm.2.dr	String found in binary or memory: https://www.godaddy.com
Source: FCO7OGE7.htm.2.dr	String found in binary or memory: https://www.godaddy.com/domainsearch/find?checkAvail=1&domainToCheck=flowvinconsortium.com
Source: find[1].htm.2.dr	String found in binary or memory: https://www.godaddy.com/es
Source: ~DF404FE72635615315.TMP.1.dr	String found in binary or memory: https://www.google.com/
Source: ~DF404FE72635615315.TMP.1.dr	String found in binary or memory: https://www.google.com/afs/ads/i/iframe.html
Source: ~DF404FE72635615315.TMP.1.dr	String found in binary or memory: https://www.google.com/afs/ads/i/iframe.html#slave-1-1
Source: upgrade-your-browser[1].htm.2.dr, find[1].htm.2.dr	String found in binary or memory: https://www.google.com/chrome/
Source: ~DF404FE72635615315.TMP.1.dr	String found in binary or memory: https://www.google.com/dp/ads?max_radlink_len=40&r=m&cpp=0&client=dp-teaminternet09_3ph&channel=0000
Source: caf[2].js.2.dr, caf[1].js.2.dr	String found in binary or memory: https://www.google.com/uds
Source: upgrade-your-browser[1].htm.2.dr, find[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/firefox/new/
Source: find[1].htm.2.dr	String found in binary or memory: https://za.godaddy.com

Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757

Source: unknown	HTTPS traffic detected: 13.224.89.135:443 -> 192.168.2.3:49757 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.89.135:443 -> 192.168.2.3:49758 version: TLS 1.2

Source: classification engine

Classification label: clean0.win@3/37@11/5

Source: C:\Program Files\internet explorer\iexplore.exe

File created: C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High

Jump to behavior

Source: C:\Program Files\internet explorer\iexplore.exe

File created: C:\Users\user\AppData\Local\Temp\~DF0F7B05318EB42C76.TMP

Jump to behavior

Source: C:\Program Files\internet explorer\iexplore.exe

File read: C:\Users\desktop.ini

Jump to behavior

Source: unknown	Process created: C:\Program Files\internet explorer\iexplore.exe 'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding
Source: unknown	Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:4736 CREDAT:17410 /prefetch:2
Source: C:\Program Files\internet explorer\iexplore.exe	Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:4736 CREDAT:17410 /prefetch:2	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll

Jump to behavior

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
13.224.89.16	unknown	United States	16509	AMAZON-02US	false
13.224.89.135	unknown	United States	16509	AMAZON-02US	false
103.224.212.220	unknown	Australia	133618	TRELLIAN-AS-APTrellianPtyLimitedAU	false
76.223.26.96	unknown	United States	16509	AMAZON-02US	false
185.53.178.30	unknown	Germany	61969	TEAMINTERNET-ASDE	false

Contacted Domains

Name	IP	Active
d3uxovyp91rmcf.cloudfront.net	13.224.89.135	true
701602.parkingcrew.net	76.223.26.96	true
www.flowvinconsortium.com	103.224.212.220	true
d1lxhc4jvstzrp.cloudfront.net	13.224.89.16	true
c.parkingcrew.net	185.53.178.30	true
img1.wsimg.com	unknown	unknown
www.godaddy.com	unknown	unknown
ch.godaddy.com	unknown	unknown
img6.wsimg.com	unknown	unknown
ww38.flowvinconsortium.com	unknown	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
http://c.parkingcrew.net/scripts/sale_form.js	false		high
http://d1lxhc4jvstzrp.cloudfront.net/scripts/js3caf.js	false		high
http://d1lxhc4jvstzrp.cloudfront.net/themes/cleanPeppermint_7a82f1f3/style.css	false		high
http://ww38.flowvinconsortium.com/favicon.ico	false	Avira URL Cloud: safe	unknown
http://d1lxhc4jvstzrp.cloudfront.net/themes/assets/style.css	false		high
http://ww38.flowvinconsortium.com/	false		unknown
http://ww38.flowvinconsortium.com/ls.php	false	Avira URL Cloud: safe	unknown
http://ww38.flowvinconsortium.com/track.php?domain=flowvinconsortium.com&caf=1&toggle=answercheck&answer=yes&uid=MTYxMDU5NjkzNi44NjM4OjJlMjliMzNjYzE2ZDNhMTM5ZGFhZWJjMjBlMmIxYmEzYWNlZTk5ZjQyMjgwZmMzNTc3ZTM4MzU2NTQzMDBlZjU6NWZmZmMyNDhkMmU1OA%3D%3D	false	Avira URL Cloud: safe	unknown

Name	Type	MD5	SHA1	SHA256
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{B82B1B72-5668-11EB-90E4-ECF4BB862DED}.dat	Microsoft Word Document	F054EB2CE9F8BABB3343915C41C89067	12B64E9F9FECD0DE554DA060723558727D379CEC	59758BF1430CAAB7CD4E459EF7E8BD7CF710C5EF76583CDED529272A122909A9
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{B82B1B74-5668-11EB-90E4-ECF4BB862DED}.dat	Microsoft Word Document	1FF74E2A1735DD069D9668BC2CF2B250	C5ABB3D481CD2410C888AE4805045843210CBFAB	3C0F1773597B43BA317C72B8353A67C844FEAA4B0955815645117B2F7296382C
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{B82B1B75-5668-11EB-90E4-ECF4BB862DED}.dat	Microsoft Word Document	EAD48F1E130F21446753239B81F9FA42	5F66AFD0E5A40E49F93AD69A03CD29487281BE1A	28058F1DE3E6769EF0D04EFF9A58A27A387FAA4E3CBDE2B5FB33212B5B325D7D
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\ynfz0jx\imagestore.dat	data	C542E3C02FA77C1A8E40F01B06E50E99	16ED714ADE6BCAFFFF6D515528DCA57D0B510E45	FC83916EA8B681A162FEAB3C350B7AEC670FA4541E3631E83050A8D25F4D3563
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\Firefox[1].png	PNG image data, 128 x 128, 8-bit colormap, non-interlaced	1AA50EE8234957E5B50D71E053281A6A	0B2C40A2898618CBD89F91B410C4F5219659E7AD	6DF5062B41E82B1990D96B5AA75906011C9792C1B750BD80C1741AA35B14768A
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\Safari[1].png	PNG image data, 128 x 128, 8-bit colormap, non-interlaced	BDB8B329A8DD71C276215560A8A09B44	1928D7FE2B1A9AAA5CC21C5FB07BDD2291BAA9B7	56FE01D22EC671B3D6E8D6A4E29695A63BEE3FB4299EED4EDDD97C71AA72F07B
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\caf[1].js	ASCII text, with very long lines	64C36C65181412AC819E38ACD66AD6DD	C0BC1843B2E771C5DE55FB9E61C80E3F3B101DAC	6BDEA0F4CC13921A428FD03D1495336CB7D44BFCE797077A8C3A400943A7E79E
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\caf[2].js	ASCII text, with very long lines	04D7A531A9F8A30632BC5050023E12F7	A755A9FEB11FA56292A2E9FF036DCE901BC20840	F56D000A405D06162C55B330BB7908A230D80C13A9A8BDEBD7B14487AC6A67AE
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\iframe[1].htm	HTML document, ASCII text, with very long lines	312F3540D8F0BD79762C2E5E87C294CB	3D2DCE7136637FE76409F03668F64E9A565A28A4	C647877B7AAB52C58CB694A316C20B71A4832A7C310DB9CC15205C6ADEE368D0
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\logo[1].png	PNG image data, 313 x 65, 8-bit colormap, non-interlaced	B09B888933F7EEDA066F8928B10F6E63	572CFDB32915EE6C5A9DAA1116648D2A73078F16	13CFEFAAF8D4DAE3A773FC689147BD33C18B299BC3670F726A62815E338EC10A
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\pxiEyp8kv8JHgFVrJJfedA[1].woff	Web Open Font Format, TrueType, length 10536, version 1.1	4FC29212BD42883C45EDD0BFBD91AD72	6FF25B6FAE5D1C35B9255A483283AA7F698A10E8	12BCAA5F5203A347C58533BE7E0051BB7EA4432D27A472CC36E32C398A585B00
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\style[1].css	ASCII text	96F84D0985AF87B4D4F6AE8816F9C5C5	9CF62A3E426361587207124EB6CAF0AEEB3CB030	93A1109ADA0CD55DEDEAF7E9C4251A7F91AC3C3E1AB85E25E37B6CD4E47D504B
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\upgrade-your-browser[1].htm	HTML document, UTF-8 Unicode text, with very long lines	9971B9DC3ECF388378D7E4BE4353B6E3	164737994D7646F088272D1F67F6E546467FDFAE	0301C15050948DE1BB1920BC05ADE0BFAD45E7030C6536103CC4767A48545DF5
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\webfont[1].js	ASCII text, with very long lines	7C96A5F11D9741541D5E3C42FF6380D7	D3FA2564C021CF730E58FFDDB138CF6B57ED126E	81016AC6BE850B72DF5D4FAA0C3CEC8E2C1B0BA0045712144A6766ADFAD40BEE
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\Chrome[1].png	PNG image data, 128 x 128, 8-bit colormap, non-interlaced	CA085FA787E0582020DCB817E45A8003	FEDF6CDE9ED9047E7899DD3B4E1B2E75EF6248A2	C2691B43E248F35F496574DF9EEA8F64843EB335754FFD2F2E2848A12286B494
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\arrows[1].png	PNG image data, 1500 x 600, 8-bit colormap, non-interlaced	72A92898F1DD7EA307CE6F2890D165F4	CF167FF00875385B08356A9E3B82C8930F019107	8FCEB564C059D6FFAD5C8F3A5E5617A57D501C1E10DE1874357505831E2FDB4C
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\chevron-white[1].png	PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced	B996E37F2AF75DB570F709C413F3251C	E1190674DE55B229F29BA9D61F0ABAB15958A442	771371C2071711E80B64C41D28AB04287CD9DEB5F7CCBE5A1522827E9419DCCE
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\css[1].css	ASCII text	46FFF5C1AE13CAC68764A9BBF1B78C6B	3257E52A6E325355B6F5969304572009884126FD	2CA8E111AAE98F36D0F4671DBB9C6898627637AABA90A7626BDA425C28A4C35A
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\js3caf[1].js	ASCII text, with very long lines	CCE7F943EC8E7B4BA13BE4ABA6B463D9	220F3E8CA723DAA91FD040CF518991A65F2BF110	BA5B7354353B0EEC1637564DAE072FEE662A5B9862F6BF7ED5E60A5A76F2EF44
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\prefetch.min[1].js	ASCII text, with very long lines, with no line terminators	2D35631C192E0E91A3FAB5801C810E63	9B12F867431789C8131BA3DE994184F2D3A41B18	9131432B3DC3364C44F2C45C06F78535A3C03ABA3B59E3CCF444F541F10FD897
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\style-ltr[1].css	ASCII text, with very long lines, with no line terminators	3A39D6FF71EE3EBA907806A4DC3EB268	6253987B587709DE65C8F865D69B6E2E73BCDEC9	1A029C78FCAA00ADD89F713FC8867099CA0028BEA0A925D9DB36D878E6E679F8
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\style[1].css	ASCII text	29952CF23B2A110A8085FBE5C29C14C0	CC0A7F1AD0A5B132821DBED19D593C98361C0CD0	2E3C8229D7851FA3345FA481BA64B70590D92E466CBC4BCC3E9905AC27C80B2F
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\uxcore2.min[1].css	UTF-8 Unicode text, with very long lines, with no line terminators	B6683F140400D49BACF0387C2D4465B1	8F8F2A999861D7B9687CE2C1D3EA1FC406AD299D	314FF74DECDAE2F0E60596988559C63C81A6FD90DFEF9129614BFCE8CD645AE0
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\YaMN4Oy8AhH-iW3da0J-Nuczn6meMMc-yumwdmwIUIQ[1].js	ASCII text, with very long lines, with no line terminators	C3B7FD6FD68E34D3619107F3C29921D8	91E1FB9AF705728CF2B995E7058B5B8D362F27E2	61A30DE0ECBC0211FE896DDD6B427E36E7339FA99E30C73ECAE9B0766C085084
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\YaMN4Oy8AhH-iW3da0J-Nuczn6meMMc-yumwdmwIUIQ[2].js	ASCII text, with very long lines, with no line terminators	C3B7FD6FD68E34D3619107F3C29921D8	91E1FB9AF705728CF2B995E7058B5B8D362F27E2	61A30DE0ECBC0211FE896DDD6B427E36E7339FA99E30C73ECAE9B0766C085084
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\favicon-32x32[1].png	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced	8F5AF0AB459E5D5174640F2374392B4B	3F756A9A7197F6802CE255A552BA122815EEAF9E	C6670425515377D60B8AECE9B9135B29A0BC0F67C11F7B06959D4985DFD24687
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\find[1].htm	HTML document, UTF-8 Unicode text, with very long lines	A04BDBCF8B884E2D173AFD49DDD971A4	C9D7CAA44A0081E2DF93615E230E8DFBEC4B1ABE	7F8757B99AE3B26456C20F71387DF83A7D137647C764D0CF497BF3C4EBE933FF
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\sale_form[1].js	ASCII text	64F809E06446647E192FCE8D1EC34E09	5B7CED07DA42E205067AFA88615317A277A4A82C	F52CBD664986AD7ED6E71C448E2D31D1A16463E4D9B7BCA0C6BE278649CCC4F3
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\Edge[1].png	PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced	D666A5613A6300B940300F93E78A3D62	6ABAF534C46B416F7472B6D4801BF791E7C906FB	1421D289378C5B372D0939645432DB8EA3FD9402D8850A47A68A1BA7F7FAEC77
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\FCO7OGE7.htm	HTML document, ASCII text, with very long lines	4D947CCBE1F0E51BA2B0C23C401B82A0	441EA3948D57DDEB09EE9B8AD038E99465CD4A88	AB57F8F0B8A6E2F4ADB96D8C2581F99DC3495CDAB15EC68344B8A81A666A4B08
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\ads[1].htm	HTML document, ASCII text, with very long lines	BF66B07A84A3D8B49B8B66C98B323A69	389244B14C89A693B3D4B4ACC45F7C4ED67FA679	F9A4A9C94E8190090FEF020E8593825F9C32DECBFE3D7E5E8FAE579E69BBE282
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\client-search-page.min[1].css	ASCII text, with very long lines, with no line terminators	CFF440355801CAFEAEA78090275B5860	8D7BB9DA1DA6C50DE451C2797EF3E4A9B7A87187	C80D272C36AACB232CBE519E7B0381C8E566CC1A1B3C1234BAC1B52B1B9E3F83
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\css[1].css	ASCII text	C8EF962B45D389627349DCA20FF07173	F5C9F3102E8258DB46005D9518E37F41339A1D0B	7CF8B1AFE7BD63D68B7693798541404FC4DD9E962005D24A32F3B33E1EC72288
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\pxiByp8kv8JHgFVrLDz8Z1xlEw[1].woff	Web Open Font Format, TrueType, length 10504, version 1.1	081C758544B2BD948EB5D9CC419A597E	E81D58D009D6B57A3ABC3A8FE9C26845C1F9D54B	8E14553C0CA1D74DCD39B12E0DE5815C599710BEB7E2EAE43BA4FE6B6628D66D
C:\Users\user\AppData\Local\Temp\~DF0F7B05318EB42C76.TMP	data	D32658E008948C680FB7775257AC4F9F	A6A924638560D097911E72E470FCB12ABAC13449	5255511792A4FB881C3FEBF51559B6ECCC8843AA7BFF032F9DC7CCD5648EF1AD
C:\Users\user\AppData\Local\Temp\~DF111C5866DED673E5.TMP	data	AB889A32AB9ACD33E816C2422337C69A	1190C6B34DED2D295827C2A88310D10A8B90B59B	4D6EC54B8D244E63B0F04FBE2B97402A3DF722560AD12F218665BA440F4CEFDA
C:\Users\user\AppData\Local\Temp\~DF404FE72635615315.TMP	data	4CDBD46F5E3BA9B51B0524D6ED48BEDE	A7507F6C328FAD09E99935F83BB5DEAA27F601FC	B114BBE340A9F7F5940AA83F273BFE0F2B49580F7AED28B6FAB6E84A1BA31CF8

There are no high impact signatures.

Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll

Jump to behavior

Source: unknown	HTTPS traffic detected: 13.224.89.135:443 -> 192.168.2.3:49757 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.89.135:443 -> 192.168.2.3:49758 version: TLS 1.2

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Accept: text/html, application/xhtml+xml, image/jxr, /Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: www.flowvinconsortium.comConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Accept: text/html, application/xhtml+xml, image/jxr, /Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateConnection: Keep-AliveHost: ww38.flowvinconsortium.com
Source: global traffic	HTTP traffic detected: GET /themes/cleanPeppermint_7a82f1f3/style.css HTTP/1.1Accept: text/css, /Referer: http://ww38.flowvinconsortium.com/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: d1lxhc4jvstzrp.cloudfront.netConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /scripts/js3caf.js HTTP/1.1Accept: application/javascript, /;q=0.8Referer: http://ww38.flowvinconsortium.com/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: d1lxhc4jvstzrp.cloudfront.netConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /themes/assets/style.css HTTP/1.1Accept: text/css, /Referer: http://ww38.flowvinconsortium.com/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: d1lxhc4jvstzrp.cloudfront.netConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /scripts/sale_form.js HTTP/1.1Accept: application/javascript, /;q=0.8Referer: http://ww38.flowvinconsortium.com/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: c.parkingcrew.netConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /track.php?domain=flowvinconsortium.com&toggle=browserjs&uid=MTYxMDU5NjkzNi44NjM4OjJlMjliMzNjYzE2ZDNhMTM5ZGFhZWJjMjBlMmIxYmEzYWNlZTk5ZjQyMjgwZmMzNTc3ZTM4MzU2NTQzMDBlZjU6NWZmZmMyNDhkMmU1OA%3D%3D HTTP/1.1Accept: /Referer: http://ww38.flowvinconsortium.com/Accept-Language: en-USAccept-Encoding: gzip, deflateUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: ww38.flowvinconsortium.comConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /themes/cleanPeppermint_7a82f1f3/img/arrows.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/;q=0.8, /*;q=0.5Referer: http://ww38.flowvinconsortium.com/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: d1lxhc4jvstzrp.cloudfront.netConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Accept: /Accept-Encoding: gzip, deflateUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: ww38.flowvinconsortium.comConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /track.php?domain=flowvinconsortium.com&caf=1&toggle=answercheck&answer=yes&uid=MTYxMDU5NjkzNi44NjM4OjJlMjliMzNjYzE2ZDNhMTM5ZGFhZWJjMjBlMmIxYmEzYWNlZTk5ZjQyMjgwZmMzNTc3ZTM4MzU2NTQzMDBlZjU6NWZmZmMyNDhkMmU1OA%3D%3D HTTP/1.1Accept: /Referer: http://ww38.flowvinconsortium.com/Accept-Language: en-USAccept-Encoding: gzip, deflateUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: ww38.flowvinconsortium.comConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1User-Agent: AutoItHost: ww38.flowvinconsortium.com

Source: find[1].htm.2.dr	String found in binary or memory: <span class="location"></span></span></a></li></ul></div></div></div></div></div></div><div class="follow-us"><ul class="list-inline social-media-links"><li><a href="https://www.facebook.com/de.GoDaddy/" title="Facebook" data-eid="uxp.hyd.sales_footer.facebook_icon.link.click"><span class="footer-social-icon footer-social-icon-facebook"><span class="sr-only">Facebook</span><svg role="img" aria-labelledby="Facebook" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><title id="Facebook">Facebook</title><path d="M12 2a10 10 0 0 0-1.56 19.88v-7H7.9V12h2.54V9.8a3.52 3.52 0 0 1 3.77-3.89 15.72 15.72 0 0 1 2.24.19v2.46h-1.26a1.45 1.45 0 0 0-1.63 1.56V12h2.78l-.45 2.89h-2.33v7A10 10 0 0 0 12 2z"></path></svg></span></a></li><li><a href="https://www.instagram.com/godaddyde/" title="Instagram" data-eid="uxp.hyd.sales_footer.instagram_icon.link.click"><span class="footer-social-icon footer-social-icon-instagram"><span class="sr-only">Instagram</span><svg role="img" aria-labelledby="Instagram" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><title id="Instagram">Instagram</title><path d="M22 15.15a9.89 9.89 0 0 1-.41 3.15 5.12 5.12 0 0 1-4 3.47A16.68 16.68 0 0 1 14 22H8.83a9.85 9.85 0 0 1-3.15-.41 5.13 5.13 0 0 1-3.48-4 13.8 13.8 0 0 1-.2-2.76v-6a9.58 9.58 0 0 1 .43-3.13 5.09 5.09 0 0 1 4-3.47A18.12 18.12 0 0 1 10 2h6.09a6.53 6.53 0 0 1 3.56 1.1 5.26 5.26 0 0 1 2.17 3.58A21.15 21.15 0 0 1 22 10v5.15zm-2-8.23A3.42 3.42 0 0 0 17.28 4a13.37 13.37 0 0 0-2.75-.21H9.47A14.51 14.51 0 0 0 6.92 4 3.36 3.36 0 0 0 4.1 6.43 9 9 0 0 0 3.83 9v4.08a30.6 30.6 0 0 0 .14 3.71A3.43 3.43 0 0 0 6.71 20a12.83 12.83 0 0 0 2.77.2h5a14.56 14.56 0 0 0 2.59-.2 3.4 3.4 0 0 0 2.59-1.83 5.23 5.23 0 0 0 .47-2.1c.08-1.36.07-2.73.06-4.09V9.46A18.25 18.25 0 0 0 20 6.92zm-8 10.21a5.14 5.14 0 1 1 5.14-5.08A5.12 5.12 0 0 1 12 17.13zm5.34-9.26a1.22 1.22 0 0 1-1.21-1.21 1.21 1.21 0 0 1 1.21-1.2 1.17 1.17 0 0 1 1.19 1.21 1.2 1.2 0 0 1-1.19 1.2zm-5.34.8A3.33 3.33 0 1 0 15.33 12 3.34 3.34 0 0 0 12 8.67z"></path></svg></span></a></li><li><a href="https://twitter.com/godaddyDE" title="Twitter" data-eid="uxp.hyd.sales_footer.twitter_icon.link.click"><span class="footer-social-icon footer-social-icon-twitter"><span class="sr-only">Twitter</span><svg role="img" aria-labelledby="Twitter" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><title id="Twitter">Twitter</title><path d="M8.3 20.1c7.5 0 11.7-6.3 11.7-11.7v-.5c.8-.6 1.5-1.3 2-2.1-.7.3-1.5.5-2.4.6.9-.5 1.5-1.3 1.8-2.3-.8.5-1.7.8-2.6 1-1.5-1.6-4.1-1.7-5.8-.1-1.1 1-1.5 2.5-1.2 3.9-3.3-.2-6.3-1.7-8.4-4.3-1.1 1.9-.5 4.3 1.3 5.5-.7 0-1.3-.2-1.9-.5v.1c0 2 1.4 3.6 3.3 4-.6.2-1.2.2-1.9.1.5 1.7 2.1 2.8 3.8 2.8-1.5 1.1-3.2 1.8-5.1 1.8-.3 0-.7 0-1-.1 2 1.2 4.2 1.8 6.4 1.8"></path></svg></span></a></li><li><a href="https://www.youtube.com/channel/UCw3ptwBKdmfId7-5reoY8yw" title="YouTube" data-eid="uxp.hyd.sales_footer.you_tube_icon.link.click"><span class="footer-social-icon footer-social-icon-youtube"><span class="sr-only">YouTube</span><svg
Source: find[1].htm.2.dr	String found in binary or memory: <span class="location"></span></span></a></li></ul></div></div></div></div></div></div><div class="follow-us"><ul class="list-inline social-media-links"><li><a href="https://www.facebook.com/de.GoDaddy/" title="Facebook" data-eid="uxp.hyd.sales_footer.facebook_icon.link.click"><span class="footer-social-icon footer-social-icon-facebook"><span class="sr-only">Facebook</span><svg role="img" aria-labelledby="Facebook" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><title id="Facebook">Facebook</title><path d="M12 2a10 10 0 0 0-1.56 19.88v-7H7.9V12h2.54V9.8a3.52 3.52 0 0 1 3.77-3.89 15.72 15.72 0 0 1 2.24.19v2.46h-1.26a1.45 1.45 0 0 0-1.63 1.56V12h2.78l-.45 2.89h-2.33v7A10 10 0 0 0 12 2z"></path></svg></span></a></li><li><a href="https://www.instagram.com/godaddyde/" title="Instagram" data-eid="uxp.hyd.sales_footer.instagram_icon.link.click"><span class="footer-social-icon footer-social-icon-instagram"><span class="sr-only">Instagram</span><svg role="img" aria-labelledby="Instagram" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><title id="Instagram">Instagram</title><path d="M22 15.15a9.89 9.89 0 0 1-.41 3.15 5.12 5.12 0 0 1-4 3.47A16.68 16.68 0 0 1 14 22H8.83a9.85 9.85 0 0 1-3.15-.41 5.13 5.13 0 0 1-3.48-4 13.8 13.8 0 0 1-.2-2.76v-6a9.58 9.58 0 0 1 .43-3.13 5.09 5.09 0 0 1 4-3.47A18.12 18.12 0 0 1 10 2h6.09a6.53 6.53 0 0 1 3.56 1.1 5.26 5.26 0 0 1 2.17 3.58A21.15 21.15 0 0 1 22 10v5.15zm-2-8.23A3.42 3.42 0 0 0 17.28 4a13.37 13.37 0 0 0-2.75-.21H9.47A14.51 14.51 0 0 0 6.92 4 3.36 3.36 0 0 0 4.1 6.43 9 9 0 0 0 3.83 9v4.08a30.6 30.6 0 0 0 .14 3.71A3.43 3.43 0 0 0 6.71 20a12.83 12.83 0 0 0 2.77.2h5a14.56 14.56 0 0 0 2.59-.2 3.4 3.4 0 0 0 2.59-1.83 5.23 5.23 0 0 0 .47-2.1c.08-1.36.07-2.73.06-4.09V9.46A18.25 18.25 0 0 0 20 6.92zm-8 10.21a5.14 5.14 0 1 1 5.14-5.08A5.12 5.12 0 0 1 12 17.13zm5.34-9.26a1.22 1.22 0 0 1-1.21-1.21 1.21 1.21 0 0 1 1.21-1.2 1.17 1.17 0 0 1 1.19 1.21 1.2 1.2 0 0 1-1.19 1.2zm-5.34.8A3.33 3.33 0 1 0 15.33 12 3.34 3.34 0 0 0 12 8.67z"></path></svg></span></a></li><li><a href="https://twitter.com/godaddyDE" title="Twitter" data-eid="uxp.hyd.sales_footer.twitter_icon.link.click"><span class="footer-social-icon footer-social-icon-twitter"><span class="sr-only">Twitter</span><svg role="img" aria-labelledby="Twitter" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><title id="Twitter">Twitter</title><path d="M8.3 20.1c7.5 0 11.7-6.3 11.7-11.7v-.5c.8-.6 1.5-1.3 2-2.1-.7.3-1.5.5-2.4.6.9-.5 1.5-1.3 1.8-2.3-.8.5-1.7.8-2.6 1-1.5-1.6-4.1-1.7-5.8-.1-1.1 1-1.5 2.5-1.2 3.9-3.3-.2-6.3-1.7-8.4-4.3-1.1 1.9-.5 4.3 1.3 5.5-.7 0-1.3-.2-1.9-.5v.1c0 2 1.4 3.6 3.3 4-.6.2-1.2.2-1.9.1.5 1.7 2.1 2.8 3.8 2.8-1.5 1.1-3.2 1.8-5.1 1.8-.3 0-.7 0-1-.1 2 1.2 4.2 1.8 6.4 1.8"></path></svg></span></a></li><li><a href="https://www.youtube.com/channel/UCw3ptwBKdmfId7-5reoY8yw" title="YouTube" data-eid="uxp.hyd.sales_footer.you_tube_icon.link.click"><span class="footer-social-icon footer-social-icon-youtube"><span class="sr-only">YouTube</span><svg
Source: find[1].htm.2.dr	String found in binary or memory: <span class="location"></span></span></a></li></ul></div></div></div></div></div></div><div class="follow-us"><ul class="list-inline social-media-links"><li><a href="https://www.facebook.com/de.GoDaddy/" title="Facebook" data-eid="uxp.hyd.sales_footer.facebook_icon.link.click"><span class="footer-social-icon footer-social-icon-facebook"><span class="sr-only">Facebook</span><svg role="img" aria-labelledby="Facebook" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><title id="Facebook">Facebook</title><path d="M12 2a10 10 0 0 0-1.56 19.88v-7H7.9V12h2.54V9.8a3.52 3.52 0 0 1 3.77-3.89 15.72 15.72 0 0 1 2.24.19v2.46h-1.26a1.45 1.45 0 0 0-1.63 1.56V12h2.78l-.45 2.89h-2.33v7A10 10 0 0 0 12 2z"></path></svg></span></a></li><li><a href="https://www.instagram.com/godaddyde/" title="Instagram" data-eid="uxp.hyd.sales_footer.instagram_icon.link.click"><span class="footer-social-icon footer-social-icon-instagram"><span class="sr-only">Instagram</span><svg role="img" aria-labelledby="Instagram" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><title id="Instagram">Instagram</title><path d="M22 15.15a9.89 9.89 0 0 1-.41 3.15 5.12 5.12 0 0 1-4 3.47A16.68 16.68 0 0 1 14 22H8.83a9.85 9.85 0 0 1-3.15-.41 5.13 5.13 0 0 1-3.48-4 13.8 13.8 0 0 1-.2-2.76v-6a9.58 9.58 0 0 1 .43-3.13 5.09 5.09 0 0 1 4-3.47A18.12 18.12 0 0 1 10 2h6.09a6.53 6.53 0 0 1 3.56 1.1 5.26 5.26 0 0 1 2.17 3.58A21.15 21.15 0 0 1 22 10v5.15zm-2-8.23A3.42 3.42 0 0 0 17.28 4a13.37 13.37 0 0 0-2.75-.21H9.47A14.51 14.51 0 0 0 6.92 4 3.36 3.36 0 0 0 4.1 6.43 9 9 0 0 0 3.83 9v4.08a30.6 30.6 0 0 0 .14 3.71A3.43 3.43 0 0 0 6.71 20a12.83 12.83 0 0 0 2.77.2h5a14.56 14.56 0 0 0 2.59-.2 3.4 3.4 0 0 0 2.59-1.83 5.23 5.23 0 0 0 .47-2.1c.08-1.36.07-2.73.06-4.09V9.46A18.25 18.25 0 0 0 20 6.92zm-8 10.21a5.14 5.14 0 1 1 5.14-5.08A5.12 5.12 0 0 1 12 17.13zm5.34-9.26a1.22 1.22 0 0 1-1.21-1.21 1.21 1.21 0 0 1 1.21-1.2 1.17 1.17 0 0 1 1.19 1.21 1.2 1.2 0 0 1-1.19 1.2zm-5.34.8A3.33 3.33 0 1 0 15.33 12 3.34 3.34 0 0 0 12 8.67z"></path></svg></span></a></li><li><a href="https://twitter.com/godaddyDE" title="Twitter" data-eid="uxp.hyd.sales_footer.twitter_icon.link.click"><span class="footer-social-icon footer-social-icon-twitter"><span class="sr-only">Twitter</span><svg role="img" aria-labelledby="Twitter" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><title id="Twitter">Twitter</title><path d="M8.3 20.1c7.5 0 11.7-6.3 11.7-11.7v-.5c.8-.6 1.5-1.3 2-2.1-.7.3-1.5.5-2.4.6.9-.5 1.5-1.3 1.8-2.3-.8.5-1.7.8-2.6 1-1.5-1.6-4.1-1.7-5.8-.1-1.1 1-1.5 2.5-1.2 3.9-3.3-.2-6.3-1.7-8.4-4.3-1.1 1.9-.5 4.3 1.3 5.5-.7 0-1.3-.2-1.9-.5v.1c0 2 1.4 3.6 3.3 4-.6.2-1.2.2-1.9.1.5 1.7 2.1 2.8 3.8 2.8-1.5 1.1-3.2 1.8-5.1 1.8-.3 0-.7 0-1-.1 2 1.2 4.2 1.8 6.4 1.8"></path></svg></span></a></li><li><a href="https://www.youtube.com/channel/UCw3ptwBKdmfId7-5reoY8yw" title="YouTube" data-eid="uxp.hyd.sales_footer.you_tube_icon.link.click"><span class="footer-social-icon footer-social-icon-youtube"><span class="sr-only">YouTube</span><svg
Source: find[1].htm.2.dr	String found in binary or memory: ngerungen","id":"Sales:Footer:MyAccount:MyRenewals","href":"https://account.godaddy.com/subscriptions"},{"title":"Konto einrichten","href":"https://sso.godaddy.com/account/create?realm=idp&path=%2fproducts&app=account&marketid=de-CH","id":"Sales:Footer:MyAccount:CreateAccount"}]},{"title":"Einkaufen","id":"Sales:Footer:Shopping:Heading","children":[{"title":"Domains","id":"Sales:Footer:Shopping:Domains","href":"https://ch.godaddy.com/domains/domain-name-search"},{"title":"Website","href":"https://ch.godaddy.com/websites","id":"Sales:Footer:Shopping:ShoppingWebsites"},{"title":"WordPress","id":"Sales:Footer:Shopping:ShoppingWordPress","href":"https://ch.godaddy.com/hosting/wordpress-hosting"},{"title":"Hosting","id":"Sales:Footer:Shopping:ShoppingHosting","Tracking Type":[[]],"href":"https://ch.godaddy.com/hosting"},{"title":"Web Security","id":"Sales:Footer:Shopping:ShoppingWebSecurity","href":"https://ch.godaddy.com/web-security"},{"title":"E-Mail und Office","id":"Sales:Footer:Shopping:ShoppingEmailAndOffice","Tracking Type":[[]],"href":"https://ch.godaddy.com/email/professional-business-email"},{"title":"Aktionen","id":"Sales:Footer:Shopping:ShoppingPromosCoupons","href":"https://ch.godaddy.com/promos/coupon-promo-codes"}]},{"id":"Sales:Footer:SocialMedia:Heading","children":[{"title":"Facebook","href":"https://www.facebook.com/de.GoDaddy/","id":"Sales:Footer:SocialMedia:FacebookIcon","options":{"className":"footer-social-icon-facebook","imgPath":"ux/sales-footer/social-media-sprite.png"}},{"title":"Instagram","id":"Sales:Footer:SocialMedia:InstagramIcon","href":"https://www.instagram.com/godaddyde/","options":{"className":"footer-social-icon-instagram","imgPath":"ux/sales-footer/social-media-sprite.png"}},{"title":"Twitter","id":"Sales:Footer:SocialMedia:TwitterIcon","href":"https://twitter.com/godaddyDE","options":{"className":"footer-social-icon-twitter","imgPath":"ux/sales-footer/social-media-sprite.png"}},{"title":"YouTube","id":"Sales:Footer:SocialMedia:YouTubeIcon","href":"https://www.youtube.com/channel/UCw3ptwBKdmfId7-5reoY8yw","options":{"className":"footer-social-icon-youtube","imgPath":"ux/sales-footer/social-media-sprite.png"}}]}],"legal":[{"title":"Die Nutzung dieser Website unterliegt ausdr equals www.facebook.com (Facebook)
Source: find[1].htm.2.dr	String found in binary or memory: ngerungen","id":"Sales:Footer:MyAccount:MyRenewals","href":"https://account.godaddy.com/subscriptions"},{"title":"Konto einrichten","href":"https://sso.godaddy.com/account/create?realm=idp&path=%2fproducts&app=account&marketid=de-CH","id":"Sales:Footer:MyAccount:CreateAccount"}]},{"title":"Einkaufen","id":"Sales:Footer:Shopping:Heading","children":[{"title":"Domains","id":"Sales:Footer:Shopping:Domains","href":"https://ch.godaddy.com/domains/domain-name-search"},{"title":"Website","href":"https://ch.godaddy.com/websites","id":"Sales:Footer:Shopping:ShoppingWebsites"},{"title":"WordPress","id":"Sales:Footer:Shopping:ShoppingWordPress","href":"https://ch.godaddy.com/hosting/wordpress-hosting"},{"title":"Hosting","id":"Sales:Footer:Shopping:ShoppingHosting","Tracking Type":[[]],"href":"https://ch.godaddy.com/hosting"},{"title":"Web Security","id":"Sales:Footer:Shopping:ShoppingWebSecurity","href":"https://ch.godaddy.com/web-security"},{"title":"E-Mail und Office","id":"Sales:Footer:Shopping:ShoppingEmailAndOffice","Tracking Type":[[]],"href":"https://ch.godaddy.com/email/professional-business-email"},{"title":"Aktionen","id":"Sales:Footer:Shopping:ShoppingPromosCoupons","href":"https://ch.godaddy.com/promos/coupon-promo-codes"}]},{"id":"Sales:Footer:SocialMedia:Heading","children":[{"title":"Facebook","href":"https://www.facebook.com/de.GoDaddy/","id":"Sales:Footer:SocialMedia:FacebookIcon","options":{"className":"footer-social-icon-facebook","imgPath":"ux/sales-footer/social-media-sprite.png"}},{"title":"Instagram","id":"Sales:Footer:SocialMedia:InstagramIcon","href":"https://www.instagram.com/godaddyde/","options":{"className":"footer-social-icon-instagram","imgPath":"ux/sales-footer/social-media-sprite.png"}},{"title":"Twitter","id":"Sales:Footer:SocialMedia:TwitterIcon","href":"https://twitter.com/godaddyDE","options":{"className":"footer-social-icon-twitter","imgPath":"ux/sales-footer/social-media-sprite.png"}},{"title":"YouTube","id":"Sales:Footer:SocialMedia:YouTubeIcon","href":"https://www.youtube.com/channel/UCw3ptwBKdmfId7-5reoY8yw","options":{"className":"footer-social-icon-youtube","imgPath":"ux/sales-footer/social-media-sprite.png"}}]}],"legal":[{"title":"Die Nutzung dieser Website unterliegt ausdr equals www.twitter.com (Twitter)
Source: find[1].htm.2.dr	String found in binary or memory: ngerungen","id":"Sales:Footer:MyAccount:MyRenewals","href":"https://account.godaddy.com/subscriptions"},{"title":"Konto einrichten","href":"https://sso.godaddy.com/account/create?realm=idp&path=%2fproducts&app=account&marketid=de-CH","id":"Sales:Footer:MyAccount:CreateAccount"}]},{"title":"Einkaufen","id":"Sales:Footer:Shopping:Heading","children":[{"title":"Domains","id":"Sales:Footer:Shopping:Domains","href":"https://ch.godaddy.com/domains/domain-name-search"},{"title":"Website","href":"https://ch.godaddy.com/websites","id":"Sales:Footer:Shopping:ShoppingWebsites"},{"title":"WordPress","id":"Sales:Footer:Shopping:ShoppingWordPress","href":"https://ch.godaddy.com/hosting/wordpress-hosting"},{"title":"Hosting","id":"Sales:Footer:Shopping:ShoppingHosting","Tracking Type":[[]],"href":"https://ch.godaddy.com/hosting"},{"title":"Web Security","id":"Sales:Footer:Shopping:ShoppingWebSecurity","href":"https://ch.godaddy.com/web-security"},{"title":"E-Mail und Office","id":"Sales:Footer:Shopping:ShoppingEmailAndOffice","Tracking Type":[[]],"href":"https://ch.godaddy.com/email/professional-business-email"},{"title":"Aktionen","id":"Sales:Footer:Shopping:ShoppingPromosCoupons","href":"https://ch.godaddy.com/promos/coupon-promo-codes"}]},{"id":"Sales:Footer:SocialMedia:Heading","children":[{"title":"Facebook","href":"https://www.facebook.com/de.GoDaddy/","id":"Sales:Footer:SocialMedia:FacebookIcon","options":{"className":"footer-social-icon-facebook","imgPath":"ux/sales-footer/social-media-sprite.png"}},{"title":"Instagram","id":"Sales:Footer:SocialMedia:InstagramIcon","href":"https://www.instagram.com/godaddyde/","options":{"className":"footer-social-icon-instagram","imgPath":"ux/sales-footer/social-media-sprite.png"}},{"title":"Twitter","id":"Sales:Footer:SocialMedia:TwitterIcon","href":"https://twitter.com/godaddyDE","options":{"className":"footer-social-icon-twitter","imgPath":"ux/sales-footer/social-media-sprite.png"}},{"title":"YouTube","id":"Sales:Footer:SocialMedia:YouTubeIcon","href":"https://www.youtube.com/channel/UCw3ptwBKdmfId7-5reoY8yw","options":{"className":"footer-social-icon-youtube","imgPath":"ux/sales-footer/social-media-sprite.png"}}]}],"legal":[{"title":"Die Nutzung dieser Website unterliegt ausdr equals www.youtube.com (Youtube)

Source: unknown

DNS traffic detected: queries for: www.flowvinconsortium.com

Source: unknown

Source: FCO7OGE7.htm.2.dr	String found in binary or memory: http://c.parkingcrew.net/scripts/sale_form.js
Source: FCO7OGE7.htm.2.dr	String found in binary or memory: http://parkingcrew.net/assets
Source: ~DF404FE72635615315.TMP.1.dr	String found in binary or memory: http://ww38.flowvinconsortium.com/
Source: FCO7OGE7.htm.2.dr	String found in binary or memory: http://ww38.flowvinconsortium.com/?ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQxMDZ8fHx8fHw1Zm
Source: {B82B1B74-5668-11EB-90E4-ECF4BB862DED}.dat.1.dr	String found in binary or memory: http://ww38.flowvinconsortium.com/Root
Source: webfont[1].js.2.dr	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
Source: find[1].htm.2.dr	String found in binary or memory: https://account.godaddy.com/products?acctid=44
Source: find[1].htm.2.dr	String found in binary or memory: https://account.godaddy.com/products?go_redirect=disabled
Source: find[1].htm.2.dr	String found in binary or memory: https://account.godaddy.com/subscriptions
Source: find[1].htm.2.dr	String found in binary or memory: https://ae.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://ae.godaddy.com/ar
Source: caf[2].js.2.dr, caf[1].js.2.dr	String found in binary or memory: https://ajax.googleapis.com/ajax
Source: find[1].htm.2.dr	String found in binary or memory: https://ar.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://at.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://au.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://be.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://be.godaddy.com/fr
Source: find[1].htm.2.dr	String found in binary or memory: https://br.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://ca.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://ca.godaddy.com/fr
Source: find[1].htm.2.dr	String found in binary or memory: https://careers.godaddy.com/search-jobs/Germany
Source: find[1].htm.2.dr	String found in binary or memory: https://cart.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://certs.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.auctions.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.auctions.godaddy.com/trpItemBuild.aspx
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.auctions.godaddy.com/trppricing.aspx
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/affiliate-programs
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/business/office-365
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/catalog
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/company/about
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/contact-us
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/domain-value-appraisal
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/domains
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/domains/bulk-domain-search
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/domains/domain-backorder
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/domains/domain-broker
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/domains/domain-investing
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/domains/domain-name-generator
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/domains/domain-name-search
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/domains/domain-transfer
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/domains/gtld-domain-names
Source: ~DF404FE72635615315.TMP.1.dr	String found in binary or memory: https://ch.godaddy.com/domainsearch/find?checkAvail=1&domainToCheck=flowvinconsortium.com
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/email
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/email/professional-business-email
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/fr
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/help
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/hosting
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/hosting/business-hosting
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/hosting/dedicated-server
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/hosting/ecommerce-hosting
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/hosting/vps-hosting
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/hosting/web-hosting
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/hosting/wordpress-hosting
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/hosting/wordpress-hosting?subCategory=Sales%3aProductNav%3aWordPress%3aWordPr
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/it
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/legal/agreements
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/legal/agreements/cookie-policy
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/legal/agreements/privacy-policy
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/legal/agreements/privacy-policy?target=_blank
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/legal/agreements/universal-terms-of-service-agreement
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/offers/ssl-certificate/ssl-selector
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/online-marketing/digital-marketing-suite
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/online-marketing/seo-tools
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/pro
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/promos/coupon-promo-codes
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/promos/hot-deals
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/promos/renewal-codes
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/reseller-program
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/site-map
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/trust-center
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/upgrade-your-browser
Source: ~DF404FE72635615315.TMP.1.dr	String found in binary or memory: https://ch.godaddy.com/upgrade-your-browserckAvail=1&domainToCheck=flowvinconsortium.com
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/web-security
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/web-security/domain-validation-ssl-certificate
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/web-security/ev-ssl-certificate
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/web-security/multi-domain-san-ssl-certificate
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/web-security/ov-ssl-certificate
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/web-security/ssl-certificate
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/web-security/website-backup
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/web-security/website-security
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/web-security/wildcard-ssl-certificate
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/websites
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/websites/website-builder
Source: find[1].htm.2.dr	String found in binary or memory: https://ch.godaddy.com/whois
Source: {B82B1B74-5668-11EB-90E4-ECF4BB862DED}.dat.1.dr	String found in binary or memory: https://ch.godaddy.comsortium.com/
Source: find[1].htm.2.dr	String found in binary or memory: https://cl.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://co.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://d3uxovyp91rmcf.cloudfront.net/hivemind-v2.js
Source: find[1].htm.2.dr	String found in binary or memory: https://dcc.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://dcc.godaddy.com/domains
Source: find[1].htm.2.dr	String found in binary or memory: https://dcc.godaddy.com/icann/confirmation?marketid=de-CH
Source: find[1].htm.2.dr	String found in binary or memory: https://de.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://dk.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://email.godaddy.com?_target=blank
Source: find[1].htm.2.dr	String found in binary or memory: https://email.godaddy.com?target=blank
Source: find[1].htm.2.dr	String found in binary or memory: https://es.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://fi.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://find.godaddy.com/v1/jserror?error=add_dpp_cookie_script
Source: find[1].htm.2.dr	String found in binary or memory: https://find.godaddy.com/v1/jserror?error=experiment_cookie
Source: find[1].htm.2.dr	String found in binary or memory: https://find.godaddy.com/v1/jserror?error=preload_loader_img
Source: find[1].htm.2.dr	String found in binary or memory: https://find.godaddy.com/v1/jserror?error=telemetry
Source: caf[2].js.2.dr	String found in binary or memory: https://fonts.googleapis.com/css
Source: FCO7OGE7.htm.2.dr	String found in binary or memory: https://fonts.googleapis.com/css?family=Poppins:300
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLDz8Z1xlEw.woff)
Source: css[1].css0.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfedA.woff)
Source: find[1].htm.2.dr	String found in binary or memory: https://fr.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://gr.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://hk.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://hk.godaddy.com/en
Source: find[1].htm.2.dr	String found in binary or memory: https://id.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://ie.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://il.godaddy.com/en
Source: upgrade-your-browser[1].htm.2.dr	String found in binary or memory: https://img1.wsimg.com/wrhs/browser-deprecation-warning/Chrome.png
Source: upgrade-your-browser[1].htm.2.dr	String found in binary or memory: https://img1.wsimg.com/wrhs/browser-deprecation-warning/Firefox.png
Source: upgrade-your-browser[1].htm.2.dr	String found in binary or memory: https://img1.wsimg.com/wrhs/browser-deprecation-warning/Safari.png
Source: upgrade-your-browser[1].htm.2.dr	String found in binary or memory: https://img1.wsimg.com/wrhs/browser-deprecation-warning/logo.png
Source: upgrade-your-browser[1].htm.2.dr	String found in binary or memory: https://img1.wsimg.com/wrhs/browser-deprecation-warning/style-ltr.css
Source: find[1].htm.2.dr	String found in binary or memory: https://img6.dev-wsimg.com/px/cart/661/js/cart.min.js
Source: find[1].htm.2.dr	String found in binary or memory: https://img6.wsimg.com/
Source: find[1].htm.2.dr	String found in binary or memory: https://img6.wsimg.com/fos/react/domains/bulkavailcheck/32/js/main.min.js
Source: find[1].htm.2.dr	String found in binary or memory: https://img6.wsimg.com/fos/react/domains/contact-validation/149/domain-validation.js
Source: find[1].htm.2.dr	String found in binary or memory: https://img6.wsimg.com/fos/react/domains/domain-configuration/306/domain-configuration.min.js
Source: find[1].htm.2.dr	String found in binary or memory: https://img6.wsimg.com/poly/v3/polyfill.min.js?features=Promise
Source: find[1].htm.2.dr	String found in binary or memory: https://img6.wsimg.com/serp-assets/static/b9221d4/client-search-page.min.css
Source: find[1].htm.2.dr	String found in binary or memory: https://img6.wsimg.com/serp-assets/static/b9221d4/client-search-page.min.js
Source: find[1].htm.2.dr	String found in binary or memory: https://img6.wsimg.com/serp-assets/static/b9221d4/prefetch.min.js
Source: find[1].htm.2.dr	String found in binary or memory: https://img6.wsimg.com/serpimg/img/solutionsimg/serp_animation_loader.gif
Source: find[1].htm.2.dr	String found in binary or memory: https://img6.wsimg.com/serpimg/img/solutionsimg/serp_animation_loader_sm.gif
Source: imagestore.dat.2.dr	String found in binary or memory: https://img6.wsimg.com/ux/favicon/favicon-32x32.png
Source: find[1].htm.2.dr	String found in binary or memory: https://img6.wsimg.com/wrhs/016f5deda0ac62c233959d03597fbb2a/header-cart-loader.js
Source: find[1].htm.2.dr	String found in binary or memory: https://img6.wsimg.com/wrhs/044e80af893940b9c2e2dd4096f44d0f/header-cart.header-chunk.js
Source: find[1].htm.2.dr	String found in binary or memory: https://img6.wsimg.com/wrhs/1d4ea1012b1fc81cb9412dc42a2747dc/salesheader.min.css
Source: find[1].htm.2.dr	String found in binary or memory: https://img6.wsimg.com/wrhs/35c6c2de91e6828c185c6d9613f2ae86/purchase.header-chunk.js
Source: find[1].htm.2.dr	String found in binary or memory: https://img6.wsimg.com/wrhs/385be9005ba2a6b37aa32d160d17cbf8/vendors~browser-deprecation-banner.head
Source: find[1].htm.2.dr	String found in binary or memory: https://img6.wsimg.com/wrhs/52f615aebffce8ed7bc30951896f0286/vendors~purchase.header-chunk.js
Source: find[1].htm.2.dr	String found in binary or memory: https://img6.wsimg.com/wrhs/5f1d295b85aaaba74af4ee02bdc62854/vendor~uxcore2.min.js
Source: find[1].htm.2.dr	String found in binary or memory: https://img6.wsimg.com/wrhs/8423ef1d32036a5af0c0d8b0d1d8e328/uxcore2.min.js
Source: find[1].htm.2.dr	String found in binary or memory: https://img6.wsimg.com/wrhs/9d2d57f6dd630cb051724eacb63d2a91/uxcore2.min.css
Source: find[1].htm.2.dr	String found in binary or memory: https://img6.wsimg.com/wrhs/c7fa7d66354b8b79c171eeb460286ef1/vendors~notifications.header-chunk.min.
Source: find[1].htm.2.dr	String found in binary or memory: https://img6.wsimg.com/wrhs/d4829b8fe08d413dc0c4ea769565a72e/tcc.min.js
Source: find[1].htm.2.dr	String found in binary or memory: https://img6.wsimg.com/wrhs/d6c7b1acb132140b70d61ad9ce6bc527/heartbeat.min.js
Source: find[1].htm.2.dr	String found in binary or memory: https://img6.wsimg.com/wrhs/e215bf73159eb903a5e02d56e64bf46d/salesheader.min.js
Source: find[1].htm.2.dr	String found in binary or memory: https://in.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://in.godaddy.com/hi
Source: find[1].htm.2.dr	String found in binary or memory: https://it.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://jp.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://kr.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://mx.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://my.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://myh.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://nl.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://no.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://nz.godaddy.com
Source: FCO7OGE7.htm.2.dr	String found in binary or memory: https://parking-crew.com/track.
Source: find[1].htm.2.dr	String found in binary or memory: https://pe.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://ph.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://pk.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://pl.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://preferences-mgr.truste.com/?pid=godaddy01&aid=godaddy01&type=godaddy
Source: find[1].htm.2.dr	String found in binary or memory: https://productivity.godaddy.com/emailchooser
Source: find[1].htm.2.dr	String found in binary or memory: https://productivity.godaddy.com?marketid=de-CH
Source: find[1].htm.2.dr	String found in binary or memory: https://pt.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://ru.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://se.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://sg.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://sg.godaddy.com/zh
Source: find[1].htm.2.dr	String found in binary or memory: https://sso.godaddy.com/account/create?realm=idp&path=%2Fproducts&app=account
Source: find[1].htm.2.dr	String found in binary or memory: https://sso.godaddy.com/account/create?realm=idp&path=%2fproducts&app=account&marketid=de-CH
Source: find[1].htm.2.dr	String found in binary or memory: https://sso.godaddy.com/logout?realm=idp
Source: find[1].htm.2.dr	String found in binary or memory: https://sso.godaddy.com?app=o365&realm=pass&marketid=de-CH
Source: find[1].htm.2.dr	String found in binary or memory: https://sso.godaddy.com?app=o365&realm=pass&marketid=de-CH
Source: find[1].htm.2.dr	String found in binary or memory: https://sso.godaddy.com?realm=idp&path=%2Fproducts&app=account
Source: find[1].htm.2.dr	String found in binary or memory: https://sso.godaddy.com?realm=idp&path=%2Fproducts&app=account
Source: find[1].htm.2.dr	String found in binary or memory: https://supportcenter.godaddy.com/AbuseReport
Source: find[1].htm.2.dr	String found in binary or memory: https://tags.tiqcdn.com/utag/godaddy/godaddy/prod/utag.js
Source: find[1].htm.2.dr	String found in binary or memory: https://th.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://tr.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://tw.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://ua.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://uk.godaddy.com
Source: webfont[1].js.2.dr	String found in binary or memory: https://use.typekit.net
Source: find[1].htm.2.dr	String found in binary or memory: https://ve.godaddy.com
Source: find[1].htm.2.dr	String found in binary or memory: https://vn.godaddy.com
Source: upgrade-your-browser[1].htm.2.dr, find[1].htm.2.dr	String found in binary or memory: https://www.apple.com/safari/
Source: find[1].htm.2.dr	String found in binary or memory: https://www.godaddy.com
Source: FCO7OGE7.htm.2.dr	String found in binary or memory: https://www.godaddy.com/domainsearch/find?checkAvail=1&domainToCheck=flowvinconsortium.com
Source: find[1].htm.2.dr	String found in binary or memory: https://www.godaddy.com/es
Source: ~DF404FE72635615315.TMP.1.dr	String found in binary or memory: https://www.google.com/
Source: ~DF404FE72635615315.TMP.1.dr	String found in binary or memory: https://www.google.com/afs/ads/i/iframe.html
Source: ~DF404FE72635615315.TMP.1.dr	String found in binary or memory: https://www.google.com/afs/ads/i/iframe.html#slave-1-1
Source: upgrade-your-browser[1].htm.2.dr, find[1].htm.2.dr	String found in binary or memory: https://www.google.com/chrome/
Source: ~DF404FE72635615315.TMP.1.dr	String found in binary or memory: https://www.google.com/dp/ads?max_radlink_len=40&r=m&cpp=0&client=dp-teaminternet09_3ph&channel=0000
Source: caf[2].js.2.dr, caf[1].js.2.dr	String found in binary or memory: https://www.google.com/uds
Source: upgrade-your-browser[1].htm.2.dr, find[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/firefox/new/
Source: find[1].htm.2.dr	String found in binary or memory: https://za.godaddy.com

Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757

Source: unknown	HTTPS traffic detected: 13.224.89.135:443 -> 192.168.2.3:49757 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.89.135:443 -> 192.168.2.3:49758 version: TLS 1.2

Source: classification engine

Classification label: clean0.win@3/37@11/5

Source: C:\Program Files\internet explorer\iexplore.exe

File created: C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High

Jump to behavior

Source: C:\Program Files\internet explorer\iexplore.exe

File created: C:\Users\user\AppData\Local\Temp\~DF0F7B05318EB42C76.TMP

Jump to behavior

Source: C:\Program Files\internet explorer\iexplore.exe

File read: C:\Users\desktop.ini

Jump to behavior

Source: unknown	Process created: C:\Program Files\internet explorer\iexplore.exe 'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding
Source: unknown	Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:4736 CREDAT:17410 /prefetch:2
Source: C:\Program Files\internet explorer\iexplore.exe	Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:4736 CREDAT:17410 /prefetch:2	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll

Jump to behavior

ID:	339454
Product:	CloudBasic
Start time:	05:01:31
Start date:	14.01.2021
Cookbook:	browseurl.jbs
System description:	Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
Architecture:	WINDOWS

Analysis Report http://www.flowvinconsortium.com

Overview

General Information

Detection

Signatures

Classification

Signatures

Compliance:

Networking:

System Summary:

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Contacted Domains

Contacted URLs