automated malware analysis report for

ID: 434444Cookbook: browseurl.jbsTime: 00:28:47Date: 15/06/2021Version: 32.0.0 Black Diamond

233333333333344445566666677777788888899999

42424242424242434444454950505050505050

50505050

50

Table of Contents

Table of ContentsWindows Analysis Report https://bit.ly/3cD5L2Q

OverviewGeneral InformationDetectionSignaturesClassification

Process TreeMalware ConfigurationYara Overview

Dropped FilesSigma OverviewSignature Overview

AV Detection:Spam, unwanted Advertisements and Ransom Demands:

Mitre Att&ck MatrixBehavior GraphScreenshots

ThumbnailsAntivirus, Machine Learning and Genetic Malware Detection

Initial SampleDropped FilesUnpacked PE FilesDomainsURLs

Domains and IPsContacted DomainsContacted URLsURLs from Memory and BinariesContacted IPsPublicPrivate

General InformationSimulations

Behavior and APIsJoe Sandbox View / Context

IPsDomainsASNJA3 FingerprintsDropped Files

Created / dropped FilesStatic File Info

No static file infoNetwork Behavior

Network Port DistributionTCP PacketsUDP PacketsDNS QueriesDNS AnswersHTTP Request Dependency GraphHTTP PacketsHTTPS Packets

Code ManipulationsStatistics

BehaviorSystem Behavior

Analysis Process: iexplore.exe PID: 3396 Parent PID: 792GeneralFile ActivitiesRegistry Activities

Analysis Process: iexplore.exe PID: 5660 Parent PID: 3396GeneralFile ActivitiesRegistry Activities

Disassembly

Copyright Joe Security LLC 2021 of 51

Windows Analysis Report https://bit.ly/3cD5L2Q

Overview

General Information

Sample URL: https://bit.ly/3cD5L2Q

Analysis ID: 434444

Infos:

Most interesting Screenshot:

Detection

GRQ ScamGRQ Scam

Score: 56

Range: 0 - 100

Whitelisted: false

Confidence: 100%

Signatures

Antivirus detection for URL or domain






Antivirus detection for URL or domainAntivirus detection for URL or domain

Yara detected GRQ Scam






Yara detected GRQ ScamYara detected GRQ Scam

Classification

Malware Configuration

Sigma Overview

No Sigma rule has matched

Signature Overview

Ransomware

Spreading

Phishing

Banker

Trojan / Bot

Adware

Spyware

Exploiter

Evader

Miner

clean

clean

clean

clean

clean

clean

clean

suspicious

suspicious

suspicious

suspicious

suspicious

suspicious

suspicious

malicious

malicious

malicious

malicious

malicious

malicious

malicious

System is w10x64

iexplore.exe (PID: 3396 cmdline: 'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding MD5: 6465CB92B25A7BC1DF8E01D8AC5E7596)

iexplore.exe (PID: 5660 cmdline: 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:3396 CREDAT:17410 /prefetch:2 MD5:

071277CC2E3DF41EEEA8013E2AB58D5A)cleanup

No configs have been found

Source Rule Description Author Strings

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\kt-comp-figaro2[1].htm

JoeSecurity_GRQScam Yara detected GRQ Scam

Joe Security

Process Tree

Yara Overview

Dropped Files


Click to jump to signature section

AV Detection:


Spam, unwanted Advertisements and Ransom Demands:


Mitre Att&ck Matrix

InitialAccess Execution Persistence

PrivilegeEscalation

DefenseEvasion

CredentialAccess Discovery

LateralMovement Collection Exfiltration

CommandandControl

NetworkEffects

RemoteServiceEffects Impact

ValidAccounts

WindowsManagementInstrumentation

PathInterception

ProcessInjection 1

Masquerading 1 OSCredentialDumping

File andDirectoryDiscovery 1

RemoteServices

Data fromLocalSystem

ExfiltrationOver OtherNetworkMedium

EncryptedChannel 2

Eavesdrop onInsecureNetworkCommunication

RemotelyTrack DeviceWithoutAuthorization

ModifySystemPartition

DefaultAccounts

ScheduledTask/Job

Boot orLogonInitializationScripts

Boot orLogonInitializationScripts

ProcessInjection 1

LSASSMemory

ApplicationWindowDiscovery

RemoteDesktopProtocol

Data fromRemovableMedia

ExfiltrationOverBluetooth

Non-ApplicationLayerProtocol 2

Exploit SS7 toRedirect PhoneCalls/SMS

RemotelyWipe DataWithoutAuthorization

DeviceLockout

DomainAccounts

At (Linux) Logon Script(Windows)

LogonScript(Windows)

Obfuscated Filesor Information

SecurityAccountManager

QueryRegistry

SMB/WindowsAdmin Shares

Data fromNetworkSharedDrive

AutomatedExfiltration

ApplicationLayerProtocol 3

Exploit SS7 toTrack DeviceLocation

ObtainDeviceCloudBackups

DeleteDeviceData

LocalAccounts

At (Windows) Logon Script(Mac)

LogonScript(Mac)

Binary Padding NTDS SystemNetworkConfigurationDiscovery

DistributedComponentObject Model

InputCapture

ScheduledTransfer

IngressToolTransfer 1

SIM CardSwap

CarrierBillingFraud

Behavior Graph


Behavior GraphID: 434444

URL: https://bit.ly/3cD5L2Q

Startdate: 15/06/2021

Architecture: WINDOWS

Score: 56

thediet4slim.world

Antivirus detectionfor URL or domain Yara detected GRQ Scam

iexplore.exe

2 61

started

iexplore.exe

6 187

started

usage.trackjs.com

158.69.52.117, 443, 49749, 49751

OVHFR

Canada

thediet4slim.world

23.227.194.245, 443, 49719, 49720

HVC-ASUS

United States

11 other IPs or domains

C:\Users\user\...\kt-comp-figaro2[1].htm, HTML

dropped

Legend:

Process

Signature

Created File

DNS/IP Info

Is Dropped

Is Windows Process

Number of created Registry Values

Number of created Files

Visual Basic

Delphi

Java

.Net C# or VB.NET

C, C++ or other language

Is malicious

Internet

Hide Legend

ThumbnailsThis section contains all screenshots as thumbnails, including those not shown in the slideshow.

Screenshots


Source Detection Scanner Label Link

https://bit.ly/3cD5L2Q 1% Virustotal Browse

https://bit.ly/3cD5L2Q 0% Avira URL Cloud safe

No Antivirus matches

No Antivirus matches


www.saildigital.uk 2% Virustotal Browse

thecompleteketo.com 0% Virustotal Browse

thediet4slim.world 2% Virustotal Browse

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs


https://www.virustotal.com/gui/url/1a816ad48a8ea9f1f55691c93f6984f5c8a31b2987b3b88eb93ee03ee3764a9a/detection/u-1a816ad48a8ea9f1f55691c93f6984f5c8a31b2987b3b88eb93ee03ee3764a9a-1623709400

https://www.virustotal.com/gui/url/c0f636f9491cf6a75d472657fe802a849890ea92aaaf0135c336c8ad16a75bfd/detection/u-c0f636f9491cf6a75d472657fe802a849890ea92aaaf0135c336c8ad16a75bfd-1623551569

https://www.virustotal.com/gui/url/c596ceaae9d89069557c188499af035bc3c666c2d42cd4cdc5f6a36695a3c211/detection/u-c596ceaae9d89069557c188499af035bc3c666c2d42cd4cdc5f6a36695a3c211-1538440050

https://www.virustotal.com/gui/url/7b663586d020bf680dd0192c4628771aec88a46e86ee88add499ecf5cd40bd09/detection/u-7b663586d020bf680dd0192c4628771aec88a46e86ee88add499ecf5cd40bd09-1623709545


https://thediet4slim.world/fr/scyo/kt-comp-figaro2?bhu=bHJfQkppmMPUtVV8YqSWiW3dFwqoDsA2Gf

100% SlashNext Internet Scam type: Phishing & Social Engineering

https://www.saildl.uk/dciuoodv/rrmhfcjs.html?ku4tgs6j3vd1.php?ujtzkr18vqrdRoot 0% Avira URL Cloud safe

https://thecompleteketo.com/static/keto_complete/desktop/images/favicon.png 0% Avira URL Cloud safe

https://www.saildigital.uk/favicon.ico 0% Avira URL Cloud safe

https://thediet4slim.w 0% Avira URL Cloud safe

https://www.saildigital.uk/dciuoodv/rrmhfcjs.html?ku4tgs6j3vd1.php?ujtzkr18vqrdRoot 0% Avira URL Cloud safe

https://thediet4slim.world/static/diet/fr/gala/v2/images/favicon.ico 0% Avira URL Cloud safe

https://cct.google/taggy/agent.js 0% URL Reputation safe



https://www.saildigital.uk/dciuoodv/rrmhfcjs.html?ku4tgs6j3vd1.php?ujtzkr18vqrd&Invite 0% Avira URL Cloud safe

https://www.saildigital.uk/dciuoodv/rrmhfcjs.html?ku4tgs6j3vd1.php?ujtzkr18vqrd 0% Avira URL Cloud safe

www.saildigital.uk/dciuoodv/rrmhfcjs.html?ku4tgs6j3vd1.php?ujtzkr18vqrd 0% Avira URL Cloud safe

thediet4slim.world/?a=1nod&c=d&s=1306 0% Avira URL Cloud safe

https://www.google.%/ads/ga-audiences 0% URL Reputation safe



https://www.saildo.com/offer/keto_complete/v3/?uid=701230eb-3994-46a1-baf8-62a139 0% Avira URL Cloud safe

Name IP Active Malicious Antivirus Detection Reputation

www.saildigital.uk 172.67.195.5 true false 2%, Virustotal, Browse unknown

www.google.de 172.217.16.99 true false high

stats.l.doubleclick.net 142.250.102.157 true false high

bit.ly 67.199.248.11 true false high

thecompleteketo.com 178.62.35.58 true false 0%, Virustotal, Browse unknown

thediet4slim.world 23.227.194.245 true false 2%, Virustotal, Browse unknown

polyfill.io 151.101.1.26 true false high

cdn.trackjs.netdna-cdn.com 94.31.29.32 true false high

www.google.ch 172.217.20.3 true false high

usage.trackjs.com 158.69.52.117 true false high

cdn.trackjs.com unknown unknown false high

stats.g.doubleclick.net unknown unknown false high

Name Malicious Antivirus Detection Reputation

https://thecompleteketo.com/offer/keto_complete/v3/?uid=701230eb-3994-46a1-baf8-62a139392e95

true unknown

https://thediet4slim.world/fr/scyo/kt-comp-figaro2?bhu=bHJfQkppmMPUtVV8YqSWiW3dFwqoDsA2Gf

true SlashNext: Internet Scam type: Phishing & Social Engineering

unknown

www.saildigital.uk/dciuoodv/rrmhfcjs.html?ku4tgs6j3vd1.php?ujtzkr18vqrd false Avira URL Cloud: safe unknown

thediet4slim.world/?a=1nod&c=d&s=1306 false Avira URL Cloud: safe unknown

IP Domain Country Flag ASN ASN Name Malicious

172.67.195.5 www.saildigital.uk United States 13335 CLOUDFLARENETUS false

23.227.194.245 thediet4slim.world United States 29802 HVC-ASUS false

94.31.29.32 cdn.trackjs.netdna-cdn.com

United Kingdom 33438 HIGHWINDS2US false

178.62.35.58 thecompleteketo.com European Union 14061 DIGITALOCEAN-ASNUS false

172.217.16.99 www.google.de United States 15169 GOOGLEUS false

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

Contacted IPs

Public


https://www.virustotal.com/gui/url/c0f636f9491cf6a75d472657fe802a849890ea92aaaf0135c336c8ad16a75bfd/detection/u-c0f636f9491cf6a75d472657fe802a849890ea92aaaf0135c336c8ad16a75bfd-1623551569

https://www.virustotal.com/gui/url/c596ceaae9d89069557c188499af035bc3c666c2d42cd4cdc5f6a36695a3c211/detection/u-c596ceaae9d89069557c188499af035bc3c666c2d42cd4cdc5f6a36695a3c211-1538440050

https://www.virustotal.com/gui/url/7b663586d020bf680dd0192c4628771aec88a46e86ee88add499ecf5cd40bd09/detection/u-7b663586d020bf680dd0192c4628771aec88a46e86ee88add499ecf5cd40bd09-1623709545

General Information

Joe Sandbox Version: 32.0.0 Black Diamond

Analysis ID: 434444

Start date: 15.06.2021

Start time: 00:28:47

Joe Sandbox Product: CloudBasic

Overall analysis duration: 0h 3m 30s

Hypervisor based Inspection enabled: false

Report type: light

Cookbook file name: browseurl.jbs

Sample URL: https://bit.ly/3cD5L2Q

Analysis system description: Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211

Number of analysed new started processes analysed:

8

Number of new started drivers analysed: 0

Number of existing processes analysed: 0

Number of existing drivers analysed: 0

Number of injected processes analysed: 0

Technologies: HCA enabledEGA enabledAMSI enabled

Analysis Mode: default

Analysis stop reason: Timeout

Detection: MAL

Classification: mal56.phis.win@3/156@11/11

Cookbook Comments: Adjust boot timeEnable AMSIBrowsing link: https://thediet4slim.world/fr/scyo/go.php?CID=435838&bhu=bHJfQkppmMPUtVV8YqSWiW3dFwqoDsA2Gf

Warnings:

151.101.1.26 polyfill.io United States 54113 FASTLYUS false

142.250.102.157 stats.l.doubleclick.net United States 15169 GOOGLEUS false

172.217.20.3 www.google.ch United States 15169 GOOGLEUS false

158.69.52.117 usage.trackjs.com Canada 16276 OVHFR false

67.199.248.11 bit.ly United States 396982 GOOGLE-PRIVATE-CLOUDUS

false

IP Domain Country Flag ASN ASN Name Malicious

IP

192.168.2.1

No simulations

No context

Private

Show All

Simulations

Behavior and APIs

Joe Sandbox View / Context

IPs


No context

No context

No context

No context

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\QUZI0KQQ\thecompleteketo[1].xmlProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File Type: ASCII text, with no line terminators

Category: dropped

Size (bytes): 96

Entropy (8bit): 4.5734327882404715

Encrypted: false

SSDEEP: 3:D90aK1ryRtFwsTF0QAqVI9suM9qSeXH9LKb:JFK1rUFbAqV6sDleXHwb

MD5: A31AC9B0DA0D888C1B63CDD9E061DC55

SHA1: 2D903D34A7CC9A9258F2DE672F2BA7DC7F60CF6E

SHA-256: 7D598A956D2C7F45595CF719F46EF3A01B2DA5903DCE1B3848B7BBA8BFBF9220

SHA-512: 617850F39D7D79EC55F0D7B1E82F76785CDF4E7AD1124E5539B35E4EBA3D2BBE8C9B81A2736D9F50EB271165142F77892C3D70B2E227D9DED47B2BC858C9736A

Malicious: false

Reputation: low

Preview:<root></root><root><item name="country" value="ch" ltime="1060144288" htime="30892472" /></root>

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{6E5D7854-CDAB-11EB-90E4-ECF4BB862DED}.datProcess: C:\Program Files\internet explorer\iexplore.exe

File Type: Microsoft Word Document

Category: dropped

Size (bytes): 30296

Entropy (8bit): 1.8569825544831133

Encrypted: false

SSDEEP: 48:IwMGcprdGwpLAG/ap8CBGIpcC3KGvnZpvC3AGo3qp9C3nGo4FpmC3WGWBX9C3afq:rQZHZ620WC3tC3fCwFMC0CcCkfC+8X

MD5: 051ED7ECAE733F872F7961A9C713A682

SHA1: C61E253103BA94772179A2D27531FC165EF9255F

SHA-256: 8526787295B3DB2F78F728594E04604A0693539BAC3C8A5051B6932FDB788E75

SHA-512: 605172639A4F3E7A729FE76B01043DF0F955ED91C769F8370C640A44F85128ECF34DE7283DBFB04A6C43EBA032B9446B62B3D28C14DFDC4745484C9CDB300F09

Malicious: false

Reputation: low

Preview:................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{6E5D7856-CDAB-11EB-90E4-ECF4BB862DED}.datProcess: C:\Program Files\internet explorer\iexplore.exe


Category: dropped

Size (bytes): 57462

Entropy (8bit): 2.2963541217407446

Encrypted: false

SSDEEP: 384:rGG4w4I0Zm5k52y5sKBoooJEYoQuoieAJPJCJD7Wt+GzieAJPJCJAMEsV7WJH/R:9i2msKBf+E/mA5oKA5oKNZ

Domains

ASN

JA3 Fingerprints

Dropped Files

Created / dropped Files


MD5: 27AF13021C1CD382EC2EB904AC6023B3

SHA1: 3F3EDEFA2C0488E5BD1A1DE40C055C56A76FA34F

SHA-256: 076D5A858B775B9111FEF3D6A4393D1BEDC86B2D29BD4C2ED8939705BB1E012C

SHA-512: FAD6A5C673A43E58B4E113B6698DE3523950C3A2B00EDA41A5DFCECE32A472AB404747D112DF12EEBB18754CA8F5D5626FAE4323137D161570B88D7F20C39A7D

Malicious: false

Reputation: low


C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{6E5D7856-CDAB-11EB-90E4-ECF4BB862DED}.dat

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{7757D1A2-CDAB-11EB-90E4-ECF4BB862DED}.datProcess: C:\Program Files\internet explorer\iexplore.exe


Category: dropped

Size (bytes): 16984

Entropy (8bit): 1.5625911089163607

Encrypted: false

SSDEEP: 48:IwmGcprnGwpaVG4pQRGrapbSVGQpKPG7HpR2TGIpG:r6ZxQH6hBSfAeTCA

MD5: 6DB8817215DF148BE1CABFCF0F384015

SHA1: 868727A69819F4DBD096C4D1AA3E5B2F43EB3EDB

SHA-256: 7859A6D24F3DE1F05C1236EE00DCA3E7732AAF042168AE82FE685EE8F271ABEE

SHA-512: B1249A9D314D9B6F3F9350AE180C677B29390C3E7ADEE8ED9904072F25F6F927FBB4B769862F9FB597D5F2262427CCF1E60F5FB9389DE8A4E3A1C19CDE8D7606

Malicious: false

Reputation: low


C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\ynfz0jx\imagestore.datProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File Type: data

Category: dropped

Size (bytes): 7156

Entropy (8bit): 7.78033697662041

Encrypted: false

SSDEEP: 96:7aq3bdWfcmTY+aRF1pXWZL2+42HGhIUc8KeLE32Vm/yrpzB8+lKpiHqUlf7i36bJ:bgXTY+as02mOB8XLE/yrT8+lKUK936bJ

MD5: 7980899C845BF5CE3105428DCEBB7CAC

SHA1: C38C244182D10B997FAD1666BE3D789283B9B235

SHA-256: F1B553C1BD892C0E48B676746B64FFD01EC08D0439F3D862D4712B15F8F64421

SHA-512: 8E48173A92282F8DBA61877305A40E80B74C0911A3BE0425C1115FC8EC362DAB2CB6E367FF1DD7FC8C475C51CD8F71AAF72BAA7AEA78C24AB382060BCA829B20

Malicious: false

Reputation: low

Preview:&.h.t.t.p.s.:././.w.w.w...s.a.i.l.d.i.g.i.t.a.l...u.k./.f.a.v.i.c.o.n...i.c.o......PNG........IHDR...P...P............IDATx..].xU...[..V..*).Kk...V.k..J]jKEl?...t...!.{.,[email protected].%.....B...N.y..w.....I{.o...;.s..3...WH......./.zBp.o,XW.......#Z.f...|mvD..9..F........y..o....1^.743l.......v..#.c.E&.e..hU1.{..........._cZ..We.v.....f.w....(..6|.Y.. I:x..-.&.......D........<.6.6.l....T..)...|....#..$g...VN.......!'/6.w..B.h.}....EV.......k.7" f.}.G.~#..M..+....G....iB......]..?+......'.j.GB..P%......\........../..%...&.8E...".........44.J...1.........S...........d.j..]ni%._..9.{.O?.H..6T.|A.GC..g...U.oDEt,?.0....~....q=.y.~.9.Z......c...v.._....$.0.2...F.9a.L..)..l...2...w...I..&....Vg......H.I..r......./....z.`..+...Z.^U.=..5aBpb..0< ../>.9.c....".I..0.3N,}}....|]Fb...Q.......W.....OQ..y;.....|.37..}.....(c.....X..`xX).;......<5S....>.9..G.:..=..0^.......l_<G......H....C.O.*.....Hk{..{....]Nc..B.8..}%>..w....Z...).....\..>....c

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\7-day-bridge-ketosis-bg[1].jpgProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File Type: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1750x1013, frames 3

Category: downloaded

Size (bytes): 81657

Entropy (8bit): 7.941781797321773

Encrypted: false

SSDEEP: 1536:qEkOxM4jh1bzRZZG/Dt67j5j3bIijZte7JjaMrn8Fy3I0:qEkOxMc/jZgtCkZdIFy3x

MD5: 78FF44E47A87FA3C04709DA7F447AB6D

SHA1: 29C3A882E5C919E23E580A7465FB24DDE2D82D48

SHA-256: 7C9FE2E0F0A0F26C69C9F101CFCBA2938225D91CC1B878DD302C71B0D665ED78

SHA-512: 1FC31D2B97DB7CB744533674CAA209027D6726191F07565FC1603FC68EE7A445B873C87D508F0EC6A161CFA3EC53B7542F68A6613F540167C799763644BF6224

Malicious: false

Reputation: low


IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/images/7-day-bridge-ketosis-bg.jpg

Preview:......JFIF...........................................+......+&.%#%.&D5//5DNB>BN_UU_wqw................................+......+&.%#%.&D5//5DNB>BN_UU_wqw.............."..........................................................................................................2.,r.,kW..........................\..<q..............................|..<3................+.[.}#.................>x.Yc.V.....z.......>...=G[.}.3..................9e.8.@,......@..........^...8.}../L.....>.`.........x.e.8..@.......=.........~e.i.e9..G.........zO...........Xg..e.9d..........@....8_..y..u.......x.......~G.\.=....y........q......r.....X.P..........2._.s.......O.....<.i...............[.....+.8.Yc.......`...........~1.x....^G....OE..O)...I.....Z.....8.............q.........,.....{....../...?.}...../..8.j.......p.=....s.......?E...8e.X.YR........................7e..a...^..L.WW..'...8..S....8..R.N.0.g..<x.~/...........,.....=......c..3....g.=WA..=m...}.............G........QX.,q..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\7-day-bridge-ketosis-bg[1].jpg

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\7day-bridge-ketopia-ketosis-bg2[1].jpgProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe



Size (bytes): 292187

Entropy (8bit): 7.975979818595836

Encrypted: false

SSDEEP: 6144:qEMPrRgz479RZqUqhLcnwGa9wlHsnR0LVMdxiZ17doNJp:0Pl6479R8UaQnnrHsnR0G7iZ17d8v

MD5: 56C71170803D8A45EA21B1EE45EDD8F2

SHA1: 57F803389A3787845980D3F7EC2789340B4236A3

SHA-256: DA03ED5CCF7CD07BBD043FCB3AAEB8D61C2D6A2CD8719CD030A39AC9150F58EA

SHA-512: 06C6D6DC78A4B4E54CB6028590E713FC16DA80EC1B0B19F6B9F3F74981DAD68F89A7648A334D1059693736C8B8750426D9F052D043140268DAC196BAF3EC41CD

Malicious: false

Reputation: low

IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/images/7day-bridge-ketopia-ketosis-bg2.jpg

Preview:......JFIF...........................................+......+&.%#%.&D5//5DNB>BN_UU_wqw................................+......+&.%#%.&D5//5DNB>BN_UU_wqw.........O....".......................................................................................................O..2..R..................................................ie....|.>.m...)..y..................................................e.E.U^f.yGa}+..#.....$.................................................{.YY.....e*..i...-.b.;1...=...x~..........................................#.E.pr..G31..K.}F.2.;\..wmm{...p...o..].[).............................................||.r.sh.9..q'.....$.=._.Th..WwX.u..f%..^....v!w........................................z.zx.Jyx.g....vV..u.d...L....tYu..y..9....Zwz...s.g..?+..Z...."......................................~+...Z.BT..A'..4._)%e^.g..........:^ws...yW..;.e..#+Wo.44..J....w....................................!....y.]........~.n..&....?Z....{...].e.._z..].:^Q....wdW..?

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\JTURjIg1_i6t8kCHKm45_aZA7g0[1].woff

Process: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File Type: Web Open Font Format, TrueType, length 66532, version 1.1


Size (bytes): 66532

Entropy (8bit): 7.9921992751304805

Encrypted: true

SSDEEP: 1536:TeEhZuE0S4CraF8aLdxxxhzTnqgFq4bq9k5MVo/s1SU:THArCGCaLPJzTnlbVMO0R

MD5: 030E8B9B5D28B64486D9F855FB74C135

SHA1: 400B6AF08962BDCEF3B58630993C0E8A6B4B4CCC

SHA-256: EE76A91D22C4577D6638DE273E0540E21E05E9C189900F54F8993ED0C0043D7B

SHA-512: EB1CFBC0409E26C2393E6BD2E68E73E0970E9B90E20AFAEE0A8EA0F28E2B9850235B776D4E9A091750B7329B25F69DDFEF55864AC7F4A08A5E04917A322E2C60

Malicious: false

Reputation: low

IE Cache URL: https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_aZA7g0.woff

Preview:wOFF..............-.........................GDEF.......2....X.|GPOS......=....:[email protected]/2..EL...O...`U$.2cmap..E............3cvt ..M....\....-P.mfpgm..N....F...mM$.|gasp..TT............glyf..T\......&..(.lhead...t...6...6.5._hhea...... ...$....hmtx..............F.loca...X...s....~.."maxp....... ... ...Zname............-ZG.post.......L..(....prep...(.........K..x.....XQ...s_m.6..v\.V..V..m.E\.\.......Yi..U.......l+q...Sv...=|`...}./...Y..y.s..5..w.....R\.'._....._..xL.dLS.s.SI,.2XN.*beU.j........6Q.l...J.z`o.....5.'j"N.d..i8K.p...Rm.....wj'.....xP....Q..:..t......]....P...s..........'....U2f(.s.o..P.7...2|...Eu,D..I.LV....-$cj.`/+d.G..4...F.S...x..Wep#I.}3..O...Y..333333.>ffffff.[..cf.e.l....15N.Q]..VK.Z...F. .H|........yo{.0..>...%..a.{.0.8.).c.QE2t..G.s.....!...F.ph...."@.L~..+.....C......~../...)+...K'.>J...#..Gv..;@...)G<.....1...?.wz..".......(..o...[s|.;v.s z.W.h.HFI.n.`s#6.0........m|.Z.R..l.2DZ....[...A@..].r`[email protected]..?z.d..T

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\all-natural-ketopia-bg[1].jpgProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe




Entropy (8bit): 7.953247757750187

Encrypted: false

SSDEEP: 3072:qEw7yDHm8LwsOSDbtmp++vwDmc+eFuwIAmxGhzRKaLsnOV7/tgCha1bQltY:qEwGC8LASDbtq+bmAYm1hLsnOFtja1bF

MD5: 50754C2763FED6E0F5114E56F9B49CCE

SHA1: 2DB5466D2BEE4165186E4E9D94286363D9FF9374

SHA-256: A6409C384B0B21F3D025EB3AE510E2E25CD256B5422A8CD85B79E420FA441297

SHA-512: 06DE8A1B92C8B4BD41283947DAF2C56AE5AD9F129789E2480E532BB706189718CCD6EF9EAF83DD9EEF187E3340943452609C898D8E718F657ACFAAC9566B270A

Malicious: false

Reputation: low

IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/images/all-natural-ketopia-bg.jpg


Preview:......JFIF...........................................+......+&.%#%.&D5//5DNB>BN_UU_wqw................................+......+&.%#%.&D5//5DNB>BN_UU_wqw.........R...."..........................................................................1.3.=`.........................r.eJgJ..`........................g.3.g....$........................2..i.5.:....&R>.......................8.X.x.S6L."I...C....................3.<...s.:..e32.d.f&ff.$}(....................X...H@...... ....RG....................8.yg.d"[email protected]...&[email protected] ...3)M.&@&I..X..>................9.9.8..L.&I$........6..$.%$..S3..P.............c.Y.1.:.T!......B....$I)L.`...7L.D} ............\..,..YR.!.+.. ..X.. ..$$L....&et..0.F...........L..2.y.B....".....%..!(....L.&&R.VL..............gLs.<.$*B.......I B...H,..LL...330...........r.yg.2.@.,...!12. ....%......$.D.."l.M.Z..F........9g.t.Q3+...$... !........H.H.I.......O........yg.1.*g)L.%a10L.I..*..T@&...@.....$.....33.tYP.......s.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\all-natural-ketopia-bg[1].jpg

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\beach-woman[1].jpgProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe




Entropy (8bit): 7.972096469798674

Encrypted: false

SSDEEP: 3072:qEGANAlwCXwyXIPaDRHMei2jN6GBYx3oVTR6gWa5UUJK92:qEzNAl5X3L62Rc3oKo5UUJr

MD5: F0357A29851072E54AA4FBEAAF87ED49

SHA1: BFAAB23D2C9100C36CD3C61B5DF6D56911708C3F

SHA-256: A8445AF3BF426562BB63F11D83D7B4DD3082000E1155FAFDA68F3FE9554E7502

SHA-512: 216420149661F3A46BDA088AA5407209EB53E48072A3C99E7BB56A89B81F78509746F8681157AD255132528020DB8D52CCA5CB22CC79C80DA898A584FD0FC232

Malicious: false

Reputation: low

IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/images/beach-woman.jpg

Preview:......JFIF...........................................+......+&.%#%.&D5//5DNB>BN_UU_wqw................................+......+&.%#%.&D5//5DNB>BN_UU_wqw.............."...................................................S]4.>9... ......._.{~...3...tH....l.Zj.[.........u.z+VT..*[email protected][email protected] .R....YF.)`.........|>[email protected][.....2.........&Hh.I2.D.*.eU....-T*.....a(.n.s.v....J...0..>.Q...k.~..s..[........P.....-.....62.n.[...U....2.d.]]5*."(.*\.3....Y`..0..S.}o..OG....d..H".......+...{~.N..6.~...B....K..Z.vJ.C2d...U...h.%.1..dD...5m..Eh.........`.^>..k>_.}.?...8.tL.........>.......}o}.....La...v..V.Z..P.JFt...t.tR.$bdM......Qn.H..rL.-..4..3F....k.|..>.W..........2.......|..............~W.$A.......]7jH. ..4HT.[.Moe.kH..1R. a.....SH...*).]...YSL.P<?w...|...W.w...:.,..Q..e.....}...}}...~?.%..Z-j.KT...:]I.....t..*..c H..3!([email protected]...}O.......^O...q.BT...?.......zzz.._...X...WE......`.....kw..wut%f#..a.,gFM.r..%f...$+Z..3....Uhe..n>?.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\bg2[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File Type: PNG image data, 288 x 295, 8-bit colormap, non-interlaced


Size (bytes): 13030

Entropy (8bit): 7.877729558005436

Encrypted: false

SSDEEP: 192:OSLzNr8XsFAViFz+/mMBtGteo5OO7ngVBo5NgiZEoDVpVtY5RMAnJquc170OkFyH:xm8gB5o3cVBo52irpVuXDy6Fys4n

MD5: AB8E603A720CD5FA6EA8F7C9DA271EEA

SHA1: 4C0A6F0FF474E9B4E0EF00B43D7F595B9C14E90C

SHA-256: C199663360109C62D6DD435C228AAFD2E5530279670DB2A396A177ECA6BF2F24

SHA-512: 895BF67DD56AF4192A878A90E93F61E8A1E1E8356A1ABA2D3AC686FE760A4394B0690D12CE1F82F30B69455862CC9BA2941FC60AF3E424A507831A1C5C969DB1

Malicious: false

Reputation: low

IE Cache URL: https://thecompleteketo.com/static/keto_complete/v3/desktop/images/bg2.png

Preview:.PNG........IHDR... ...'.....>Xn.....sRGB...,.....pHYs.................PLTE............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................G(....tRNS.............................. !"#$%&'()*+,-./0123456789;:<=>?@ABCDEFGHIJKLMNOQPRSTUVWXYZ[\]^_`abcdefghijklmnopqsrtuvwxyz{|}~..........................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\done-icon2[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe



Size (bytes): 6898

Entropy (8bit): 7.935301902388419

Encrypted: false

SSDEEP: 192:5gSMhd9CYBSvEiDXRHjIZOwx29k5rOyqrCKLSWxLH:5H0dAYBS/DXpMOe5Wr+w7

MD5: A410410D37397704F2E1F92C8B9C6B02

SHA1: FFE44E9E1FE72A4BA1EE8F1E65A2B4F75292BA38

SHA-256: 01EBF38CD11716DA378D4B3ECBE0BA33A68C730022F60E7B563F212D147EE8D0

SHA-512: A512E02FFA8634548C26340CCE036729AF6D6FED980C9C9A4CFFD306702BDD49407C9706E2AC69129864929FAB8295803DEE8F2E3335A654950A1E848AB0EA3D

Malicious: false

Reputation: low

IE Cache URL: https://thecompleteketo.com/static/keto_complete/v3/desktop/images/done-icon2.png


Preview:.PNG........IHDR..............*......sRGB...,.....pHYs................EPLTE.......................................................................<.....tRNS..........................K...#IDATx...8.Ec...a.g..Q..6.p*.L.....T.T'.#K[.y<....................#.0........$q........,...8....P....Y..N.i.y..!..)....H5...".....\=...&P.....=z..*..H.&.8.....S.8.(.B.R..@O..(..^..m.........EY...."M.O7......[..w%..i.=.^.Y.1../(....<&.M.'....X..|...z...(........=x'.p*...z.w....ES.?}g.0..X..\.....]..a...*.5.....](.^.F.a.E...6.9.D.i0.{.R...XDQt..d."..y...9.E.NEQ..3.Ci.E.Q.....bbif..n....D."....a..%Q<'.H........Sz.".......Y.Y..t)H..,..[.....~.LDQ.m.?CNK...b.&.=.6e..lli.A^.V.#..^...d.&..blT.....2...lA..b.I.dr...$...a..~C..SD8.II(.1...t...F.......5..Z......8.EA.....[l.....y.....8.T\.B.....F..D1.1....4B.*..6. ._).5)9Z..;-...+LQ..T..W...%%......=C..^h.V......6....,.FF.z$..e.....~.=).{.._...Q.A..zd...dyK_i...!.8.0.E....s.Sa..e2.".,..B.(.E../?z.[.!y....A.7@...`.GH.....<N5.....C..C11

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\done-icon2[1].png

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\favicon[1].icoProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe



Size (bytes): 2031

Entropy (8bit): 7.422316209983807

Encrypted: false

SSDEEP: 48:hxitNn2VutSJ3glpgm/qE4rpC4XB8+EmKs+B9iGq8RUlu:Q2Vm/yrpzB8+lKpiHqUlu

MD5: 79DFD98BBB75C58A7897E015F0BDEB67

SHA1: 9565DE1A8D4E40008726DAB9F250EF3219E56CDC

SHA-256: 8CAA1FE01DA414276394F74FAFDF7B5BACE2F2CCC0A76E4A5EDBF7557E064E6F

SHA-512: F23204590084BC09538D17029281A231C30DB0052EEC5F398C0B249E6C001D50214AAE3B5BA93FF3B8B72A2A30FE10AB44CD288A74E304FA4F0F6A1A74AFE521

Malicious: false

Reputation: low

IE Cache URL: https://thediet4slim.world/static/diet/fr/gala/v2/images/favicon.ico

Preview:.PNG........IHDR... ... .....D.......tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:DF97E469D81711E5B55CB3DB707F17C9" xmpMM:DocumentID="xmp.did:DF97E46AD81711E5B55CB3DB707F17C9"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:DF97E467D81711E5B55CB3DB707F17C9" stRef:documentID="xmp.did:DF97E468D81711E5B55CB3DB707F17C9"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>.......mPLTE...................up.... ...........gb.............$........"........F@.............'..................._

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\footerbg[1].jpgProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe




Entropy (8bit): 7.9760392523440835

Encrypted: false

SSDEEP: 3072:qEpsnFFKmNk/GYZslfXfyRltGqU8Z34YpOdn:qEpsFFL0spcL3i

MD5: DC3B562BD20A5DA6F70FBAB4C75D1B56

SHA1: 85C18B5755177B79E609F2C4F0CD45926EA219F4

SHA-256: C083A24C184F05F8ECE3F9D82741FC6DBDEF3C8FF12F7F38CF13C593AAC4FFB4

SHA-512: 9498EA20EB2196BE36C1B49C6E5BF23F1897C9845A1EC447B4AF120BB367A7240322E17606E9283016F18E5DDAC65541824BE722C70DE55DF1BBB0CD8296F2AD

Malicious: false

Reputation: low

IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/images/footerbg.jpg

Preview:......JFIF...........................................+......+&.%#%.&D5//5DNB>BN_UU_wqw................................+......+&.%#%.&D5//5DNB>BN_UU_wqw..............".............................................................................\..,~...........................\x..,r...........................g..|9r..$IV..........................9y....>|....3..Y.......................y..xp...\....CFt...i.~..............................p.iJ....{.t.Rd. ....................^n.N>.?......h.5..[tiu...$Al...................q.p...../[email protected]........{.......s?v...................:..i..Z....oM.*..Z.]o}[email protected].?....?@>..<.F..L.Qkv.-..oz.Y[n.U.:o.3..d\................|.<.8y..8r....\y?).n.&q2.(...X....;...inm.W]zs.3.e.................y..<.<.l.]ls..>..z...V..f..l5.....:..w8..R... ..2&?r...........y|../..............{..fK.5\..V.R.T.%H-Z4[zw.a(K........................pD..[.l.n..........P....tT...[.k.. .7..H..d..........<..?................4....E5.....[.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\gtm[1].jsProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File Type: ASCII text, with very long lines



Entropy (8bit): 5.531880750249014

Encrypted: false

SSDEEP: 1536:rQggLAPZRZM3JkRAvO0U+HYvbo1WuQvdfxqWpQhpShJ5CwN1Wz1d99KPjJPIZL3b:cYM3aRAvO0Yb2Wu0Q+h7CSWBK0gh+

MD5: 15B1A675039050F6DE4A34EAF5B310D8

SHA1: A189D111BD632A8D2305F375FA06FF40F9E7D1AB

SHA-256: A84CDBDA714C0BB2E5A8FA02F933B578B1B8998551F95970C4DBFA41A14BC208

SHA-512: EF50DEE62058C50AAD1DDAAF3B8C01E990BE20839163DB87F7C8181BD2D7C09B90C53E0DFF5711E2EDB6FFDEE86A8829EC9DF81EDC77918994DAE1076CBCCDD9

Malicious: false

Reputation: low

IE Cache URL: https://www.googletagmanager.com/gtm.js?id=GTM-K6CHB3B


Preview:.// Copyright 2012 Google Inc. All rights reserved..(function(w,g){w[g]=w[g]||{};w[g].e=function(s){return eval(s);};})(window,'google_tag_manager');(function(){..var data = {."resource": {. "version":"106",. . "macros":[{. "function":"__e". },{. "function":"__u",. "vtp_component":"QUERY",. "vtp_queryKey":"uid",. "vtp_enableMultiQueryKeys":false,. "vtp_enableIgnoreEmptyQueryParam":false. },{. "function":"__u",. "vtp_component":"PATH",. "vtp_enableMultiQueryKeys":false,. "vtp_enableIgnoreEmptyQueryParam":false. },{. "function":"__d",. "vtp_elementSelector":"title",. "vtp_selectorType":"CSS". },{. "function":"__jsm",. "vtp_javascript":["template","(function(){var a=",["escape",["macro",2],8,16],".split(\"\/\")[2];return void 0===a||\"index.php\"===a?",["escape",["macro",3],8,16],"+\" - Not funnel\":upperParam=a[0].toUpperCase()+a.slice(1)})();"]. },{. "function":"__jsm",. "vtp_javascrip

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\gtm[1].js

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\icon-close[1].svgProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File Type: SVG Scalable Vector Graphics image


Size (bytes): 213

Entropy (8bit): 5.047791954992333

Encrypted: false

SSDEEP: 6:tnrCqumc4sldMXlZudGonDRzgQqAroISFoM49fhWR6Vg8:trCquCrGtzsAroIuizVg8

MD5: 1FD1AE61181C4B7CE29FE8EE4D002F05

SHA1: C8950D51F03D69AE7958ED78849AA0C1CD8D0371

SHA-256: 8DE42EAF40B914AFB0760B6D89C0D9F2BAE25DFF582FFE72D667ACE8BC03BD45

SHA-512: F2C0482F9D5A242A7B0CCDEEB6561623F2630C9BBAF354C46FE6A9084332D6AFA87F48095E206FD3E65C235D25ECA4BE984978E622E35130910C15B8339B65E3

Malicious: false

Reputation: low

IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/images/icon-close.svg

Preview:<svg width="17" height="16" fill="none" xmlns="http://www.w3.org/2000/svg"><circle cx="8" cy="8" r="8" transform="translate(.5)" fill="#DB3D24"/><path d="M5 5l7 7m0-7l-7 7" stroke="#fff" stroke-width="1.5"/></svg>

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\icon-exclamation[1].svgProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File Type: SVG Scalable Vector Graphics image


Size (bytes): 462

Entropy (8bit): 4.818678532996627

Encrypted: false

SSDEEP: 6:tnrMn4umc4slAntIYTdGoMJKzgQq93tCIfgDUCtrPs4EQS3gULQ6tsaJ2dPW4Ke:trMn4uutMKzsXCI4TFfUknaJ8eFe

MD5: FC0A591D5236E7FC610FE00C35D69CB1

SHA1: 79D05D0911F4662D90C4ADA2FA61F619108C3696

SHA-256: 5AA1F7FD685E5CB8D63F8FFCDB3F87DA2FFFE98C1B67CBB9353B5D8026D6C56D

SHA-512: 33B3BE41B3A39A66BD8C9B5F1CD3880371ADE5234EF66AF9877CEB78AF17A2B72CB4DFF418CE174BD135799A870D4D9DAE1DF0F1BECC2E3B37EB0BCAA76840B2

Malicious: false

Reputation: low

IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/images/icon-exclamation.svg

Preview:<svg width="33" height="36" fill="none" xmlns="http://www.w3.org/2000/svg"><rect width="32" height="32" rx="3" transform="translate(.5 2)" fill="#DB3D24"/><path d="M17.596 21.716h-3.062l-.337-15.044h3.75l-.351 15.044zm-3.501 4.6c0-.557.18-1.016.542-1.377.361-.372.854-.557 1.48-.557.624 0 1.117.185 1.479.556.361.362.542.82.542 1.377 0 .537-.176.987-.528 1.348-.351.361-.85.542-1.494.542s-1.142-.18-1.494-.542c-.351-.361-.527-.81-.527-1.348z" fill="#fff"/></svg>

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\intlTelInput[1].cssProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File Type: ASCII text, with very long lines, with no line terminators


Size (bytes): 19183

Entropy (8bit): 4.938664589102448

Encrypted: false

SSDEEP: 192:XwR+nXh/TVc6jU+4v7fix43obCfCfIlSc:XwRWXhK6jU+4vTixaACaglSc

MD5: 53AE24A7F46B9EA863A5E389C078E59C

SHA1: 4F08EE130BF521C34E143FA91E12F4135851B02B

SHA-256: 82D7EC24A4FAA5840B7A7CB385312D599A26F4C4DEED45B747ED2B252C48F1A5

SHA-512: 1F9685BE915CF320804D6E5F1CBEC05812271037732B021A1D020CDBD1EDD259B345D50854CE5F5F04B623D24455C163C067676C2D7274E0EB391287D0FD03B6

Malicious: false

Reputation: low

IE Cache URL: https://thecompleteketo.com/static/all/intelInput/css/intlTelInput.css


Preview:.iti{position:relative;display:inline-block;width:100%}.iti *{box-sizing:border-box;-moz-box-sizing:border-box}.iti__hide{display:none}.iti__v-hide{visibility:hidden}.iti input,.iti input[type=tel],.iti input[type=text]{position:relative;z-index:0;margin-top:0!important;margin-bottom:0!important;padding-right:36px;margin-right:0}.iti__flag-container{position:absolute;top:0;bottom:0;right:0;padding:1px}.iti__selected-flag{z-index:1;position:relative;display:flex;align-items:center;height:100%;padding:0 6px 0 8px}.iti__arrow{margin-left:6px;width:0;height:0;border-left:3px solid transparent;border-right:3px solid transparent;border-top:4px solid #555}.iti__arrow--up{border-top:none;border-bottom:4px solid #555}.iti__country-list{position:absolute;z-index:2;list-style:none;text-align:left;padding:0;margin:0 0 0 -1px;box-shadow:1px 1px 4px rgba(0,0,0,.2);background-color:#fff;border:1px solid #ccc;white-space:nowrap;max-height:200px;overflow-y:scroll;-webkit-overflow-scrolling:touch}.iti__

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\intlTelInput[1].css

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\js[1].jsProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe




Entropy (8bit): 5.5009169813989685

Encrypted: false

SSDEEP: 3072:Y+VobJfnC0sU8Awm3g+xW8AwHNO5IqHw46:K5nj3HAY45IqHwf

MD5: 2CC7DCAF7A6DC7689960EAA7F5AD1B03

SHA1: 88A03B8FCD2B257C18DD2E9BAD53169B1863C5D2

SHA-256: C9B8EFD5D20DCD95F2D40C70C806C565A8D3EAB0EF3323DA29DBEBE289DE5E2F

SHA-512: F937821565F38D88280B967B818EE7CDBC6E7F5E859652279315935AF844764A98E68D7344FEF69937BB3E3DE17F962C5C5954CB57499E6AD7F617A1672F95DC

Malicious: false

Reputation: low

IE Cache URL: https://www.googletagmanager.com/gtag/js?id=G-ZTJ64Z90QF&l=dataLayer&cx=c

Preview:.// Copyright 2012 Google Inc. All rights reserved..(function(){..var data = {."resource": {. "version":"1",. . "macros":[{. "function":"__e". },{. "vtp_signal":1,. "function":"__c",. "vtp_value":1. },{. "function":"__c",. "vtp_value":"google.ch". },{. "function":"__c",. "vtp_value":0. },{. "function":"__aev",. "vtp_varType":"URL",. "vtp_component":"IS_OUTBOUND",. "vtp_affiliatedDomains":["list"]. },{. "function":"__v",. "vtp_name":"gtm.triggers",. "vtp_dataLayerVersion":2,. "vtp_setDefaultValue":true,. "vtp_defaultValue":"". },{. "function":"__v",. "vtp_name":"gtm.elementId",. "vtp_dataLayerVersion":1. },{. "function":"__v",. "vtp_name":"gtm.elementClasses",. "vtp_dataLayerVersion":1. },{. "function":"__aev",. "vtp_varType":"URL",. "vtp_component":"URL_NO_FRAGMENT". },{. "function":"__aev",. "vtp_varType":"URL",.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\ketopia-ketosis-7day-bg[1].jpgProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe



Size (bytes): 77178

Entropy (8bit): 7.9564602753951075

Encrypted: false

SSDEEP: 1536:qERki7rHzelojiza0Azb1Pclet9BX0ZwY8f3ufKmobmNQht6ZcCieV9ULWY3J:qERV7OllalbDt9N0Zwt3uilt6HVJY3J

MD5: ED3766E9D143D0C9EFB7060192B0F547

SHA1: 8C57455320A8D2150D28BB0FA0F44578CC863571

SHA-256: C6C394F72B9926807AE5ACA73548531045835830262217376E5A0A4F6AEAE97C

SHA-512: DC86D6EF685F13A77652B6C07F35DCE870105C134B85445BEFFC1CD3D522789716BEFB9E52951D9967AFE839DC214A3D878EF7E09C1E4F4A5EE6080E2CF911FD

Malicious: false

Reputation: low

IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/images/ketopia-ketosis-7day-bg.jpg

Preview:......JFIF...........................................+......+&.%#%.&D5//5DNB>BN_UU_wqw................................+......+&.%#%.&D5//5DNB>BN_UU_wqw.........M...."...........................................................................p....xq{ ........................1..X.....G.........................X...0..<[email protected].\[email protected].\.W.s..Xb....@.........................=o.p1s8..h..okn}_...+...K.........................1.,x.<....O......|...o..}.*W....PD.......................)...+b.........W...x....}.e.% D.........................1.:.Z.TUa.?......??....x^&.&.....e6H...D.{`...............Lt.Jb.:..*..._ek..,\.?...v.....t.......l.............`.qR..\p....P.N..ma....S..~........y...."._p.................(.....*.....2.t5.9>W.~_I........\...................Lt.:c.P......T...4..!.........g......."H.G...........q..LU...`. .........k9.......+....!3..[..9..A. .#.........W.)......bA.......L...w....~u...Z.F.<....F..L.=...x8}9..(

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\logo[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe



Size (bytes): 1006

Entropy (8bit): 7.358916252624177

Encrypted: false

SSDEEP: 24:IsmPyoS0ycGkymu7V7JHfBpCrm3+ma+r97LAT:VWyoWwyb7L6mU+r6

MD5: 6B39C8CE5CFB4EFA11766E5FDF5DFCD0

SHA1: E358F718254DDE3A2647BAECF85E9393D8DC5152

SHA-256: 543A9548DCF94AEA2E4F3BB5623BB575DA7EE2A9F9EB018F26CA9018F31A630E

SHA-512: B08D0AFC4DEC5CF094A03E928423C5F9D230E4FC0C7FDAC63F2A0A07034FAC547EE9466DC5A5F245CA66280C8C9E40F0A7535BD4C772CCB1FD61C49A4CEFB250

Malicious: false

Reputation: low

IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/images/logo.png


Preview:.PNG........IHDR...X...(.....Mi......PLTE...333222444222333)))222444111222000 222111232333333666222333333333333333222222111333333222222111222222111333333000:.C333222333333333555..!...222...333222;.D222...222333...;.D..%;.C333;.C:.D......:.D:.D.........222333...;.D3:4:.B9.?7~<KH/tj*:.B=o9=b75U74E5Lc3NW1..&..#..!.......TN...HtRNS.......0._ ..X..r....wQH.....mfD.......K&....[Q=85,*........|{ta])..A....>IDATH..W..0..G.....uET.....z?`....?.-L0!.!/.r?./&.......l.'t......O...=%...g.b`.....B9......Q....:....#...);..G.J..~.#...+..W.9....m....6..)....Oj............AR<ffW.H;..$.....v.S..l...N.......g..ax..g..QJ.Q0c...E>....{!...q*..md..|..+..d..0.9a..pdQ....bE.v..w..e..uC.....`.....qP....G..#.Ot<...J......./7...,....Ks........'p....%...b`H.9.rbzv....;.9.CY...L..1..c.....P.._yN\'//..ED..@n..\.{8...l...d..n.)...D....&?!k.5.i.D..")...k.^..:...X.._=T.U'....}.4.....M.&Q.[ ...c$%.-r..........sY.6...yh....{>K...b.$' )..X..._......N..\...3...CgP.T.L..`.....@..^......IE

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\logo[1].png

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\maingb[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe




Entropy (8bit): 7.94844476318233

Encrypted: false

SSDEEP: 6144:Jom0y1uk8vQGG6pK8kz23Wn8y3mM1OEuI0vu/0DfMPrIb3bJfrbyRyV3Wa2:JomTop7kbhmGuIau/ekP63bhnyRyVp2

MD5: AF2A27E5AE696FFA8F5074BC2B0A7439

SHA1: FB0EA93F07B67F4D86F9BDE3CD41D4C08B3BDC8E

SHA-256: 3FBC125C2B9D354169C67E06188F6133C88E29417AAE1A1C2BE63B799C252BA9

SHA-512: 03DDF65E170BF1D496347A40064F82505C71FBCFAC04F6A373542641C8E4D9D7679CF2A5B128EC703E68B8A8F45E84D91BCD926EA98C02E92DB0A0B1941CBABE

Malicious: false

Reputation: low

IE Cache URL: https://thecompleteketo.com/static/keto_complete/v3/desktop/images/maingb.png

Preview:.PNG........IHDR...n.................PLTE...............................................i.S<^..4.....................................................................................................................................................................u..............r...................SHI....................................xG=>.....{..................j..........<24.............ya...................y.................z......dVV../'*..................|.......g.....{n........q...pff......oW.......|uurK=_....|XK...cN.c.eW.pc.I..".......&....u...........r.......d.......aA8...f....VC.................&.t:..~...m.........I5#...}[.....J).A..N........D....m...Z_jd..U..MS_T5....y..e........s|denyfgF...wC..C'"}vOa..{...qc.cC...JyeA]Hm...6'........tRNS....0C..U.d..r......s..W8.....IDATx...N.0.D{..I[..C..S.d....v...C...B.*EK...'h...k;..T..*.S.N.y^.L...$..)7,..([email protected]...(0..U..*.nJ...sG....1.L..U..:T..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\mobile-logo[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe



Size (bytes): 2579

Entropy (8bit): 7.901516926371589

Encrypted: false

SSDEEP: 48:Cqf57iuVCUtm1JHjJy113T+CyG8zCT2lXKa6+d59ORrp2WUL:C6xVCU01Jsj+CyGcCT2xK/4ORrpVUL

MD5: 5FD123E451E0BF0FDE3FC416FD18DD10

SHA1: 9B8DFE8EA1F3C8874B9893E9F94DEFB6C8C990EB

SHA-256: 85D4B00D929914C222D1EDC40F169A5886D96ABD96A9154747002E6D0CA07218

SHA-512: 5F7EBADACCB85B9DF225BFF9F97D689A80A7A1FEE64FD970743FB4280F57301016359932A190DEF52E7227CD5E73DA27B13DA4C6A7CF02AB3DCDCA241786BEA7

Malicious: false

Reputation: low

IE Cache URL: https://thediet4slim.world/static/diet/fr/gala/v2/images/mobile-logo.png

Preview:.PNG........IHDR...@...d.............gAMA......a.....sRGB.........PLTE.......+$....)!....$..!........1)....MG.|x.91.......zu..'...b].oj.......&..;4.............hb.......HB....C<.UO.KD....F?.....XR.e_..6/..PJ....wr....mg..>7.....................z....`[email protected].....}.....3,.]W.......ZU...........IDATx..\g[.L..5...*H...R.]/.xm........$!..........f.I$....\.p.....\..kN.suM.+..3EQV..o..|.X7.q...+...p.ll.~...i4.&.>'Z.-.....j7..u......sJ.w...H...t.R.;|.~.'.......r.K.....v..........S|~._1.....)2_.Me..../....i...C.I.{AQwP.y.5....]...i...B7..IY.....G...s..J\B+.."?.^../;.~.Qh.u..Vx.../.'p...............V>v..C...O.y,$#.....2..3...f..:.,.....A.#.w...5.1.&.............`..+.v+.;m8.~=\......ONO..j....*._e..2......."E`..b..e.o..M{......8.8..O.~t5^xmk..v.....8.....Xl.W^..p...e..X...e9..A...R..~yl..%.~...Wg]...o.\....../M...n.\x..c...5...kO......p..W.........2..mM..Jy._..V%;."....kq..>6.#q...gL..`^.V.Ey..J..;.a]..d.A...x....%A..J..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\rrmhfcjs[1].htmProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File Type: HTML document, ASCII text, with CRLF line terminators


Size (bytes): 507

Entropy (8bit): 5.293750060707826

Encrypted: false

SSDEEP: 12:BMQtJOo9qvyJXrYfhB1Q3KSTCB1w+L9b7BDBxGzMf7BDB0:WC6vyJXspjeHmfw+L931IMj1S

MD5: DDA5CF8DEA854406216A52CE7199D4FD

SHA1: 97196B6912091EB0D2792C348E08E88AF961754E

SHA-256: 3029AB4EA4D7AEFF2D0845E59198ABEDA73D68C2B1C2C7793DF7CCA667CB5E27

SHA-512: 52E3018EDFC73329F3FB37BAE6004229D38617B2324AF0780D2473575BDA504B4762E3684D8E5CF60914FAA0E0966CB069BA07A287C8A8FB51CC8A5322877CBF

Malicious: false

Reputation: low

IE Cache URL: https://www.saildigital.uk/dciuoodv/rrmhfcjs.html?ku4tgs6j3vd1.php?ujtzkr18vqrd


Preview:<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">..<html>...<head>....<meta http-equiv="content-type" content="text/html; charset=utf-8">.....<title>Invite Confirmation</title>...</head>...<body>....<p>.....<br>.....Loading........<br>....</p>....<br>....<br>.....<a href="http://thediet4slim.world/?a=1nod&c=d&s=1306">Show me now!</a>....<p>....</p>...</body>..</html>......<meta http-equiv="refresh" content="3; url=http://thediet4slim.world/?a=1nod&c=d&s=1306">..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\rrmhfcjs[1].htm

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\rush-my-order[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe



Size (bytes): 4874

Entropy (8bit): 7.916223406901023

Encrypted: false

SSDEEP: 96:8zRq4W2UP5d1vLaah+dXKc/CKDvPNOCtytxEXqecKg0JksLJ0Hu5:8tq49+LaCufDPLytUqRvX1A

MD5: C1A38F2AE3C2BDA502B4CC276AA9BCF8

SHA1: CB6990C7418207F370E882B8DD8246E9ACE8301C

SHA-256: 3DC4033C7318CAAECACDDA5B1CFC0E99F08AB0B3382379405099F84C1E83A3CA

SHA-512: 724A6FA530D28B5F3ACE7DF4F715A19A7A84E2BFD0A541D8FE475446FFA51217D8F0343E23AE5D424FB9D5BADBD55058B8A40F7C3893DF026094CB33C7DE17EF

Malicious: false

Reputation: low

IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/images/rush-my-order.png

Preview:.PNG........IHDR.......Z......I2....RPLTE.............#.................0&...q...B3C...:/....*".T7?...d:_......'.q.T.$.`...u>...G....P..D......~..`.....U..Y#..*....?......:..-.VVZ.#%.2....{.9=..g.E.&.."..,..4....SST.8.~.y.fh.tw}.Q..............................t.H........................*..............#......................................i.......................:............1........... .......:...(....:Z$.JE.....5+...Mx0.JD0!$.......p.G[.....x...$. 1.b.....LD..N...pk.lk.FD..KD.ED_.;....ml......ZXj.B...._Y..:i.........|.^Y.HD2M ./,..|d.>S.4.]Y.3,.,+.ol.2..}|X.7Gn,)@.k.]o.\.4,.IG..~..W.||EO0>4,}}.rinz.m.=.`...@tRNS..}.......................{.......}..S&....mD...}.............u.......'IDATx...OK.`...9-Z.TEV.0.......m.A.4Y:Z[..L+J..;.\..J.%.K...^r.N.{k........'1.K...o{(%.<.~.C.,******..z.....J....w..Qj#.....b..4m.....#..i..f...6...}.....X.*8}...B..L.^...E.,{R..........b.Z9=.....S....l..N&...........K.....n..pK..v.7-....Iq.C...T*U.^..q..$.5t}...E1..4.%.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\sec[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe



Size (bytes): 1072

Entropy (8bit): 7.569239141049464

Encrypted: false

SSDEEP: 24:nKq5+iLoteeujD7OTV8GTAXalGURPEEAMYxC8fQTjGMxN+O0bP07:nxLoYjDqV8pXfURPX0aTjGM+O0b87

MD5: ADF6BB72192BE5CFB8EC298066AA3997

SHA1: 442FBB5C34CF930147A29D233D7B09BBB1D9BAD8

SHA-256: 068B671260B231764FB737B209A6E50B508FAFA75B89C211E83E34B80877AD23

SHA-512: B63F6532DE373A60C487F0F289F03868ADC8FFA946CF13BF15ED3AEADAC8E01514E139DD21531FDADE6590FC0CD38E914E09EEE714D672E81469E9E83419072B

Malicious: false

Reputation: low

IE Cache URL: https://thediet4slim.world/static/diet/fr/gala/v2/images/sec.png

Preview:.PNG........IHDR..............r.`....PLTE......rrr............{.............................................z.z..w.urr..u..v..su.v..rv.wrr.......yrz.....s...........~r.r......uv..s......................................{.....{..x...v......{..~.......~............................................................v.{..{..{..........v..u..........rr...s...........{...........................rrv..........VIDATx....$1.F+i.mkm....m[..W.....;.K....O...|Q._.....5.k..Kx..Y.I.=)Z...?...W..j=...%..|... ..6....5.x{.....gP...b./....=.&..=;..z.:[email protected]`t....I..d...J.w..(.i@.*K.:6T...'v6...'..Tf.\~8q.&.....2C..MtM.7j+.....b..Dh.][email protected]...(Z......}.....}].ao..@.!......lo.^...qs..^...m7.l.........<w.........*....t.b....%HS.>...2......66..7.j?.x...I......3..zKo${...X./../.~^ki.U.....1.+.hO.......I.6k.:.}..z.}4..a+.<.J.:...YP..p.y.p.2..=....k......B.Sbj.A)..O}...LjU..m.6....A..8...$....t..N...ys

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\style[1].cssProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe



Size (bytes): 46955

Entropy (8bit): 5.146117570670826

Encrypted: false

SSDEEP: 768:OIQjjKPgqtH88KPgkNIptOXnwEAEsKPgYnkLh9r/+:Ds/kLh9r2

MD5: D04BD9F927DEFDD947D4FC1A4447C395

SHA1: ACB856373234B5D22D0E9E000F71B9B164B782FF

SHA-256: 93980FAAAEE0811F19654EE731B468F6C0A141F0F02C411B41C841F62CD90ADB

SHA-512: DDDB7D25C10D5A03DEA7035DDF55EEE736FE6842573A2E14734133AA87DC8976303D8F4232D84A3D4AC9E32CE8B80505DBADFAA72D61420861F6C8997AC16730

Malicious: false

Reputation: low

IE Cache URL: https://thecompleteketo.com/static/all/css-conf/style.css


Preview:body{margin:0}.button{display:block;height:70px;font-family:Montserrat,sans-serif;font-size:34px;font-weight:700;color:#fff;line-height:70px;letter-spacing:-1px;text-align:center;text-decoration:none;text-transform:uppercase;cursor:pointer;padding:0 25px;margin:0;position:relative;border:none;border-radius:15px;background:#f60}@keyframes pulse-black{0%{transform:scale(.95);box-shadow:0 0 0 0 #00c389;opacity:0}70%{transform:scale(1);opacity:1;box-shadow:0 0 0 10px transparent}100%{transform:scale(1);opacity:1;box-shadow:0 0 0 0 transparent}}.anim-1{animation:pulse-black 3s;border-radius:50%;-webkit-transition-timing-function:linear}.valid+.error-message{display:none!important}.get-phones .local-phone{color:#000}.button:hover{background:#d95803}.popup ol strong{display:block}.popup ul li{font-size:16px}.form-error-text{border:2px solid red!important;padding:7px!important;margin-top:10px;font-weight:700;color:red;font-size:18px;text-align:center;display:block;border-radius:5px}.button spa

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\style[1].css

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\t[1].jsProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File Type: ASCII text, with very long lines, with CRLF, LF line terminators


Size (bytes): 29039

Entropy (8bit): 5.33294229348009

Encrypted: false

SSDEEP: 768:9OosLJxQUgn/axavaSjaKdJ0hggTBLn6IVO0v1bK1i7B/2+:sJDwg5TJLOgm+

MD5: 78A85CF53C44CF88AF028ADE91E6799C

SHA1: 6DEB1E2564BA446BCC31D495BB191B800C39007E

SHA-256: 8A9B4B744C0B6A690D310556E8C8BFA0352276889F505BCE2EC77951E9BE3B79

SHA-512: BCAF869E132903B99E22CB4AAED56CE8D6378DBEAF91D938874F3B665B6E07658E85BFA65ACD25383B084AC42BC4843A21795A52EE261E3F6AFDCDE8F4537760

Malicious: false

Reputation: low

IE Cache URL: https://cdn.trackjs.com/agent/v3/latest/t.js

Preview://! TrackJS JavaScript error monitoring agent...//! COPYRIGHT (c) 2021 ALL RIGHTS RESERVED..//! See License at https://trackjs.com/terms/..self.TrackJS=self.trackJs=(function(g,l,p){"use awesome";var u=function(a,b){this.config=a;this.onError=b;a.enabled&&this.watch()};u.prototype={watch:function(){c.forEach(["EventTarget","Node","XMLHttpRequest"],function(a){c.has(g,a+".prototype.addEventListener")&&c.hasOwn(g[a].prototype,"addEventListener")&&this.wrapEventTarget(g[a].prototype)},this);this.wrapTimer("setTimeout");this.wrapTimer("setInterval")},wrap:function(a){function b(){try{return a.apply(this,arguments)}catch(b){throw d.onError("catch",b,{bindTime:e,bindStack:f}),.c.wrapError(b);}}var d=this;try{if(!c.isFunction(a)||c.hasOwn(a,"__trackjs__"))return a;if(c.hasOwn(a,"__trackjs_state__"))return a.__trackjs_state__}catch(n){return a}var e,f;if(d.config.bindStack)try{throw Error();}catch(n){f=n.stack,e=c.isoNow()}for(var h in a)c.hasOwn(a,h)&&(b[h]=a[h]);b.prototype=a.prototype;b.__t

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\usage[1].gifProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File Type: GIF image data, version 89a, 1 x 1


Size (bytes): 43

Entropy (8bit): 3.0950611313667666

Encrypted: false

SSDEEP: 3:CUMllRPQEsJ9pse:Gl3QEsJLse

MD5: AD4B0F606E0F8465BC4C4C170B37E1A3

SHA1: 50B30FD5F87C85FE5CBA2635CB83316CA71250D7

SHA-256: CF4724B2F736ED1A0AE6BC28F1EAD963D9CD2C1FD87B6EF32E7799FC1C5C8BDA

SHA-512: EBFE0C0DF4BCC167D5CB6EBDD379F9083DF62BEF63A23818E1C6ADF0F64B65467EA58B7CD4D03CF0A1B1A2B07FB7B969BF35F25F1F8538CC65CF3EEBDF8A0910

Malicious: false

Reputation: low

IE Cache URL: https://usage.trackjs.com/usage.gif?token=290c8f87dddf45e3a65e0baf08b25d02&correlationId=62624ba1-8bd1-4ea7-917d-2fbd3663d4bb&application=shop-go&x=93fb4e19-0672-4ed5-87cb-1b2ed1ef7d74&

Preview:GIF89a.............!.......,...........L..;

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\utils[1].jsProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe




Entropy (8bit): 4.744455726699706

Encrypted: false

SSDEEP: 3072:yxJ0MDz3ojrs3OwPl0n04Xl31AfO+2x1+w+Whnz6RNC7sSUrVjHoLOTpCAtQ594Z:yxJRDY9lx1+w+WwugJ

MD5: 8F3A2154B225B6257161C4DFC9B89C9C

SHA1: 16B798CBB9E22CD4E1D710A8DE7B12734551CA00

SHA-256: ACAEFECC2A438420AE02BAA357BB498AC4ABEC71C80BA9E3C2B7079CACF256C2

SHA-512: AE1F7CE0811E3EC97105009FEB364B2EBEDB402A63F0F250FB82550A91863E170181283CC867049BE7FF4DF64A6B0DB7719FCD33438E03F7FCCC0E61F9686A10

Malicious: false

Reputation: low

IE Cache URL: https://thecompleteketo.com/static/all/intelInput/js/utils.js


Preview:(function(){var aa=this;function k(a){return"string"==typeof a}function m(a,b){a=a.split(".");var c=aa;a[0]in c||!c.execScript||c.execScript("var "+a[0]);for(var d;a.length&&(d=a.shift());)a.length||void 0===b?c[d]&&c[d]!==Object.prototype[d]?c=c[d]:c=c[d]={}:c[d]=b}.function n(a,b){function c(){}c.prototype=b.prototype;a.o=b.prototype;a.prototype=new c;a.prototype.constructor=a;a.aa=function(a,c,f){for(var d=Array(arguments.length-2),e=2;e<arguments.length;e++)d[e-2]=arguments[e];return b.prototype[c].apply(a,d)}};var p=Array.prototype.indexOf?function(a,b,c){return Array.prototype.indexOf.call(a,b,c)}:function(a,b,c){c=null==c?0:0>c?Math.max(0,a.length+c):c;if(k(a))return k(b)&&1==b.length?a.indexOf(b,c):-1;for(;c<a.length;c++)if(c in a&&a[c]===b)return c;return-1};function q(a,b){a.sort(b||ba)}function ba(a,b){return a>b?1:a<b?-1:0};function ca(a){var b=[],c=0,d;for(d in a)b[c++]=a[d];return b};function da(a,b){this.a=a;this.h=!!b.i;this.c=b.b;this.m=b.type;this.l=!1;switch(this.c){

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\utils[1].js

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\x-icon[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe



Size (bytes): 10872

Entropy (8bit): 7.964288675750523

Encrypted: false

SSDEEP: 192:kSbi6gAI6CW6NPoOkkYfOuWXkrr9v8fEeL/tahbA+9I44ZgH9GTYofIRy9SPLryZ:jTgABPOkJOucQ983/ybjk+hX494vyWOV

MD5: BAD5BBD85F927755469F1F4D125D5548

SHA1: 8A66F76B388D89BFD4AE246BBB9379F6F3D272DD

SHA-256: 3284E5157F9E436A0C69D1A2356F9A1E16E9D6DEE515FED9EEE426D2F8AC72DC

SHA-512: 5B58AB2C2A6AF089CAB6BAB0192D71A980704CAA3036901DEBCA291B4F9E0F8E4F34F8029F23D00560AA010CF5A6FFAE333E2DCD5AE949675DDD64024A05B7FA

Malicious: false

Reputation: low

IE Cache URL: https://thecompleteketo.com/static/keto_complete/v3/desktop/images/x-icon.png

Preview:.PNG........IHDR................i....sRGB...,.....pHYs................<PLTE..............................................................$7....tRNS.........................).IDATx..]...8.4........( .X....z.{.1.zZ#..A .....@ .....@ ...b.Q.....a....G./.a...y} ...o..*....W.W.0..i} ...Z..Q._G.%..iBnn...`h.~..s.!...5}.7.........u..G.s.E^O"m......>.(...=S..y=..l.[p.5...9)...u..]R.Np.&.....y....x.P_...>.....C..[L....?..a......m..d...g1..'....H.r....:......y..n..JU.....TsW.B..r.%..qV...U...O...z.V..>Y......Z~..{Q.H..Ekm..J...~.\..m.N.-.3O.i_....#Z..yz2+.b...*.i..?^.\......7../.-K5`kaH..yL.H.R...z....h..(._..U...R..&t;.d.|...L .R.wk..F..*G..^..z.Z. .|Hi..CF.a..e^>...5.b-v..Sh.g!.:9.V...-..>,...I..4.b.P..*..... ....6....T.q5..4.........i..P|t!|..[..Z..T.:...!..o..i.m..p.X#.........Y.|..P...,......H7.+...}[email protected].&........l.I..H.p....1.........)...........vb....`.o...f.h...a.......W.0 [email protected]...(..u:....9..f..7.[H.BI..*|.:...g...Y........

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\backDay-fr[1].jsProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File Type: UTF-8 Unicode text


Size (bytes): 737

Entropy (8bit): 4.6061762064274205

Encrypted: false

SSDEEP: 12:A8YLIn91M5M8/kDqu88RAh6E8jARx8LgNE8TfwIL+QAUeRALfRzRKR8UqJ966hgL:ELI91M/5Th65AMgNlfzLlAUHf5RKRSry

MD5: 094A47716107CC0F962EB32C4CC1CBC4

SHA1: 660191E75D89F2F13C91FA362BDA48B7C747AD02

SHA-256: 1798079EB2AC2EBCE4B1A95C2648259F9DA714060C45945054208A627F3EB63D

SHA-512: D1C570F48B2FFD1A1FA624F633E00DF582CADA14AABAF6D54D583E3FFE6C36F7B9B085D3C6754D4CEBD43325D5CDFF69DBB417E9AF10E4CEB18890783C69473E

Malicious: false

Reputation: low

IE Cache URL: https://thediet4slim.world/static/lib/backDay-fr.js

Preview:function backDay(backDay) {. var backDay = backDay || 0;. var mydate = new Date();. mydate.setDate(mydate.getDate() - backDay);. var year = mydate.getYear();. if (year < 1000). year += 1900;. var day = mydate.getDay();. var month = mydate.getMonth();. var daym = mydate.getDate();. if (daym < 10). daym = "0" + daym;. var dayarray = new Array("Dimanche", "Lundi", "Mardi", "Mercredi", "Jeudi", "Vendredi", "Samedi");. var montharray = new. Array("Janvier", "F.vrier", "Mars", "Avril", "Mai", "Juin", "Juillet", "Ao.t", "Septembre", "Octobre", "Novembre", "D.cembre");. return document.write("" + dayarray[day] + ", " + montharray[month] + " " + daym + ", " + year + "");.}

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\check[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe



Size (bytes): 1147

Entropy (8bit): 7.602411939286746

Encrypted: false

SSDEEP: 24:pdncYrvnmzSaLqNKwAdrpiMFGz7iGkgOSvEbTsB1:Uavn4OMuMFGzuGkgOSvJf

MD5: 890EC24C39C0C6ACE521E7E583950252

SHA1: 8279A8FBD16BE9A45BC1B25CC22287074BE6C01B

SHA-256: 90931518EB05AC6A92C5B6B4D2C3BF7522664054ACA49D317ABD02436B1BD26F

SHA-512: CC5528FFA5EFEA3D3219A1407BA9602803A4ADFA02CB9E68F32BD3F194842C57B27F4DB5DF72FFE4C15D2F3212B48FBD5EF8C0355041C91649B632916ABE816A

Malicious: false

Reputation: low

IE Cache URL: https://thecompleteketo.com/static/keto_complete/v3/desktop/images/check.png


Preview:.PNG........IHDR...5...?.....w.p$.../PLTE...............................................................#.................................z.....\G.@@@..Q<...***.....&&&###777........;4!...C<(......RRREEE..............DDD.m........___t`#.+!oZ.......zzzyyy.{ .n....73)lllNE&.i#YK#.s".........Y]VB..6B<'hW%bQ............M.....,tRNS.....`.._ @..P0!....o.?....2.......ya`S81/...L.....IDATH..i_.0...-........n2..................I.......L..6qf_k.......+4.zA.I.<M..h...&P.K.&.9M.|4.......O..T..T../..w*#..!....8....M...y.J..5..Lg5m...L......S;n.n.*.Q..T.".....J...:h.|..T....$6.T.R....zTR.*$>..*5.H.>Yeu5.....JC.....W..L.`.5....]]|...t8V..Q...;..J.U....|.r.G.Tw.Q...Sf.R.Q...r.rLMs]...yu""...L......"=.e.............4uD~\.D.:d.....R2"m(.......K...Cu..Z.....:../D..#Dj........4d...!Z...3.@.\S...O?|..5...)r..B~..@$.........#B.C+.....4.....2..m.Ab(..2.C.v...(".l.J..)d..I$m..9tIX..#...\X...l3.....&.v.<...x...a.Dd.!...4 ....g....c.b2;D$.b...-[.J...Z....@]..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\check[1].png

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\countries_states_FR[1].jsProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe




Entropy (8bit): 4.575452616106204

Encrypted: false

SSDEEP: 1536:J+nvQKF/dIZSeSGYRB5wHN4fj3GF4N6bLSaKWbf9P0JocfEdjWrl:nSeSGYcOeb1P2rl

MD5: 0AB90921C588A6D57842BC0AF3E6BA13

SHA1: CBBEEAC2F66014FBE1363E880A974BFC92118C49

SHA-256: A91F395EA289BA245146CDCC44D5EC9D5B73D9108EC27D3829846C3D29C43696

SHA-512: BD3B21EFD5BE53DF26EBF636695C3361C1E295F4CFFDF4E0A6A61CE2AFA2D6CBA64C3D47B045A026C023B62EE158D8B84029C0572BDD09DA41B5F6F219540D5B

Malicious: false

Reputation: low

IE Cache URL: https://thecompleteketo.com/static/all/js/countries_states_FR.js

Preview:/** Version 2 */ var countryList = JSON.parse('{"AF":"Afghanistan","ZA":"Afrique du Sud","AX":"Aland Islands","AL":"Albanie","DZ":"Alg\u00e9rie","DE":"Allemagne","AD":"Andorre","AO":"Angola","AI":"Anguilla","AQ":"Antarctica","AG":"Antigua-et-Barbuda","SA":"Arabie Saoudite","AR":"Argentine","AM":"Arm\u00e9nie","AW":"Aruba","AU":"Australie","AT":"Autriche","AZ":"Azerba\u00efdjan","BS":"Bahamas","BH":"Bahre\u00efn","BD":"Bangladesh","BB":"Barbade","BY":"B\u00e9larus","BE":"Belgique","BZ":"Belize","BJ":"B\u00e9nin","BM":"Bermudes","BT":"Bhoutan","BO":"Bolivie","BA":"Bosnie-Herz\u00e9govine","BW":"Botswana","BV":"Bouvet Island","BR":"Br\u00e9sil","IO":"British Indian Ocean Territory","BN":"Brun\u00e9i Darussalam","BG":"Bulgarie","BF":"Burkina Faso","BI":"Burundi","KH":"Cambodge","CM":"Cameroun","CA":"Canada","CV":"Cap-Vert","CL":"Chili","CN":"Chine","CX":"Christmas Island","CY":"Chypre","CO":"Colombie","KM":"Comores","CG":"Congo-Brazzaville","CD":"Congo-Kinshasa","KP":"Cor\u00e9e du Nord","

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\countries_states_handler_i[1].jsProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File Type: ASCII text


Size (bytes): 1639

Entropy (8bit): 4.676835743793315

Encrypted: false

SSDEEP: 48:tvdRjdfatY8PYYnzGvctYXNmb5iWn0yz4:tvLJfaNmRs74

MD5: 9031AF7FA3FDF55E5D2CD5819D561CE6

SHA1: 555708FB8B38B5907CBE838FD2C4E42E3EF79971

SHA-256: F1C65C9835A468F02FE32A9DAEACC3B3426CA9D5973DEA370CCF09FB3B77650C

SHA-512: 0691BADED97A8C350CD8520BA361E7D34170F18A37C30812AFBFF3FA2818D01DA458235F2FB051A89A41D55D09EA9F2FC64527662B0E510B06C50C0B4E90D840

Malicious: false

Reputation: low

IE Cache URL: https://thecompleteketo.com/static/all/js/countries_states_handler_i.js

Preview:try {. function addCountries(selectObject, defaultValueByCountryCode) {. for (var code in countryList) {. selectObject.append('<option value="' + code + '" class="different option">' + countryList[code] + '</option>');. }. selectObject.find("option[value='" + defaultValueByCountryCode + "']").attr("selected", true);. selectObject.val(defaultValueByCountryCode);. }. function update_country_state(textSelect) {. if (countryStateDict[$('#id_country').val()]) {. $('#state_div').show();. $('#id_state').replaceWith('<select name="state" class="form-control" id="id_state"></select>');. $('#id_state').append('<option value="" disabled selected>' + textSelect + '</option>');. $.each(countryStateDict[$('#id_country').val()], function (index, stateDict) {. $('#id_state').append('<option value="' + stateDict.stateCode + '">' + stateDict.stateName + '</option>');. });.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\custom[1].cssProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe



Size (bytes): 7339

Entropy (8bit): 5.056213905686153

Encrypted: false

SSDEEP: 96:POK+Le267+FpI0FRCUj3nv5EwDCibulvcxhqx8xbK:Ge26KHI0FRCUj3nhEwfIvcjdxu

MD5: 2746B218FA264DE9135D9E17195421C4

SHA1: B45B4020A7162DCD375BCA521F9019CD5E438EF3

SHA-256: 84E1EBC084B306693075EEF8A75019C4B712C89CC4602F30352FD45C81EE3F24

SHA-512: 97485BE1B7962F83D2F9B7A6391DB16D7633830721D6C42B0F1A73700A33ADF77E429E10BCE20E6FAE0CB3F5661E9CCDD045479D0D1B8DF886B9D0026A13E414

Malicious: false

Reputation: low

IE Cache URL: https://thecompleteketo.com/static/keto_complete/v3/desktop/css/custom.css


Preview:.package-info__price span{color:#878784;letter-spacing:-.03em}.popup-pre-loading-wrapper .popup .product-image{background:url(../images/bottle-1.png) no-repeat!important;background-size:contain!important;width:162px!important;height:280px!important;margin:0 auto 6px!important;position:relative!important}.compare .container,.how .container{max-width:1000px}.how{background:url(../images/maingb.png) no-repeat center top;background-size:100%;margin-bottom:90px;position:relative;margin-top:-10px;z-index:2}.how__left,.how__right{width:calc(50% - 91px);float:left;margin-bottom:-70px}.how__left{margin-right:15px}.row:after,.row:before{content:"";display:block;clear:both}.how__right{margin-left:15px}.how__middle{width:152px;float:left;margin-top:41%;text-align:center}.how-title-block{background:url(../images/bg2.png) no-repeat center;background-size:contain;width:241px;height:244px;margin:0 auto -41px auto;text-align:center;position:relative;z-index:3}.how-title-block span{line-height:30px;font

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\custom[1].css

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\desktop[1].jsProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe



Size (bytes): 11718

Entropy (8bit): 4.9013037360944995

Encrypted: false

SSDEEP: 192:sYAEhCSu6nP649Piz/WuVQY4HThK9ay8xhYRNGA8jhRM+KDqzGX0B4Ld3R5l4SKd:sYAie49azZv4K8wl8hKDqzGX0B4x3zlI

MD5: 6D27051C1A67310341BD34FD800FA68A

SHA1: 887D8F41AF52B09266B2DF091460D1B351B9ADA7

SHA-256: 5ED2AE99CB4CFED43F30A62B0CE9B51D1E03F4C610279014785259F04B541926

SHA-512: 9CBC001DE61BE560A8E92086FAA3DFA87F1FDD82C7D23F34E2845EB9FB699C3FBB91179D2A5F88099D958725DB9539330BDFD1CD9C236635CD30DF5578E0C7E6

Malicious: false

Reputation: low

IE Cache URL: https://thecompleteketo.com/static/all/js/desktop.js?hash=1623415244163

Preview:window.dataLayer = window.dataLayer || [];..var selectors = {. shippingForm: '#shipping',. firstName: 'input[name="firstName"]',. lastName: 'input[name="lastName"]',. phone: 'input[name="phone"]',. email: 'input[name="email"]',. address: 'input[name="address"]',. country: '#id_country',. state: '#id_state',. city: 'input[name="city"]',. zipCode: 'input[name="zipCode"]',. loader: '.popup-loading-wrapper',. checkoutForm: '#checkout',. billingForm: '.billing-form',. cardNumber: 'input[name="cardNumber"]',. cardExpMonth: '#cardExpMonth',. cardExpYear: '#cardExpYear',. cvv: 'input[name="cvv"]',. paymentAsShipping: '#payment_as_shipping',. package: '.product',. formError: "#formError".}....var rules = {. expMonth: {. required: true,. },. expYear: {. required: true,. CCExp: true,. },. cardNumber: {. required: true,. creditcard: true,. },. cvv: {. required: true,. digits: true,. minlength: 3,. maxlength: 4,. },. country: "required",. sta

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\fb-logo[1].jpgProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe



Size (bytes): 4229

Entropy (8bit): 7.854989023196204

Encrypted: false

SSDEEP: 96:qEab4BH0zbFpfi/2UKebC36K9Zny//X4enP4zCPVQYwEpkbnvJV:qEx6zTc2UF09Zy//o+LPcA8

MD5: 964F4C3F7870999046854BA22661E9E1

SHA1: F8AB904D6FE4083BB7121B271A509EB996C41490

SHA-256: 09FCBEA7A8C62BAB84015B65E38A452BA9FEF30D1B3C51D5A1F4FAF95AFCA7A3

SHA-512: 4C37949CB5E60B9A1D26CCCA4C950C6E55B931D09D24A74CD18A8F5433F5C41C87A8E54830BA7A6E2F09B2228BC09DB19A3A193070C4F54FD67D2E47556F745E

Malicious: false

Reputation: low

IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/images/fb-logo.jpg

Preview:......JFIF...........................................+......+&.%#%.&D5//5DNB>BN_UU_wqw................................+......+&.%#%.&D5//5DNB>BN_UU_wqw.........x....".......................................................?0.F...;..0.C...X."`...(.@[email protected]./.'...w....9f...3..........}.......o..-.....w;:..V.....'s..P..X*.:[email protected]..].v_?z2.C......r>...f.l.]F....c...Q.....z.-..lX4.....E..3..q~.a.w.....?k.....&0..?........f^...4~.~..$..^Y.e."[email protected]..\.................................................N...j...3...1...@.{y..E..y=..c.<{.Nn..c9[m..?M.1.9.|.Wk....Db..........................................3.g..fL.=^..9`..w...c....v.u.^...N..Db=.......V.m......8...........................1..... !3T#[email protected]"2CQe.............Uxc.5....z..8.{5.w.k=..>..w...:y..7.e...\.$..7.k..8V.!.;...{J=.....w..].]..=.;$..o...f9.."|...~..."KO.\.b...O..{./..].b...{^.}..........?.X.$7.s.:e.(..w;k*........w.{....I...2l.."%.J.....V.g<} ...'?.W.YYEjSoG..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\fbposts1[1].gifProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File Type: PNG image data, 532 x 1134, 8-bit/color RGB, non-interlaced


Size (bytes): 90677

Entropy (8bit): 7.966219946350299

Encrypted: false

SSDEEP: 1536:GNhbvX0I/G5KohpueVnAHOqLHakhGBpZjq8sAxMCEoMgbe5R8qGum5/8qMkhfHoo:G7rX0IO55puGIOqjakapZ+ZAxxEqJum7

MD5: AC25B2CBCDFFD76DA0C5B3B594160B95

SHA1: 41B4E7B3404EA38673D8F8EA1737792B8E4B3BFC

SHA-256: 743349FB9BD5B354C0D8BAE590FE6BA9570151731720D47E233024FFB3273C64

SHA-512: 714862F97B215A585BB132F9B9EA5A1C2DA88E966F9E5162A09E7F5C1FB071AB8B52454503670B087541BD5360ADE8C2D70C432EE56567E9A329BF0D1D519409

Malicious: false

Reputation: low


IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/images/fbposts1.gif

Preview:.PNG........IHDR.......n......q9/..a.IDATx...k.].&.......*Wu.?:nw.uu.....F..{[email protected]....?x....._...X2.. l..*.)..@[email protected].....~.|GCCc.9....s.>....G{.=.\.9.9.k~.t..D..;.D".H../e.$..D".#.H$.I..D".H.H$..D.G".H$.<..D".H.H$..D.G".H$.<..D"..H$..$.....<..g.h..y..w.V.OM.Ex...,.D"..B...q.........}H...37.......7a."..d....m..:..xA.zL0\..FV4pA$.....c..................E....N3.....r.V~.].n?.....+_i..."t".%.|._.!`h..a.B....Z..Q..J[../]k.U*.. ..]Y.)..$..;.!.X8.h..&O..H..../....|E.........+.....a..i..McQ14.....O.*|..|G.j......g ..1v........+.'..<.}..f..I.B3+.Xx=.d...94.}...Bc.z3`..0."..........H..y.......`.#..........?....v...P.D.$.......DbA..0.)..{..g...%.}'.FeM.~~.9.Q.,......A0...!,.,..3GO.@QL.?<......:v.p\2&....m...C.7,p.a......8t..^.9..k..^.V....N3.c...><1.....O|..?|.'..\...?....+......c.x...U#..{.~....|n..,.}.}..n..........(q..g.Ks..A[.....q....G~.....cB..<..Fu...I..9......~..s...3........%.....c.w......^{.C?y...

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\fbposts1[1].gif

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\feature-product-m[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe




Entropy (8bit): 7.945867184603997

Encrypted: false

SSDEEP: 3072:L98y3MWngo1RRs27LvsMMHptke+apFkLpsPUueOvGQqR/NHdcqi0+kk1dJGZe:L9f3MurRHWLeWFk1s+OvGLNibKkfJGZe

MD5: 4190A3D902B53F4610EE0A0F5F465821

SHA1: D961463D9F5BABE4D290C5F3AF80E3A0BF8BD59E

SHA-256: 2AC3AFBF1CEC4F56C6B50625A9D91480081F3E2FCAA02387E52CF7C39A765442

SHA-512: F0D6F2537C49D49F6F469803A57C0FA5EA6E387E8659F385BB6345F8207CBCF7B776B0CEAD781007736D288F4288E4A9BE6E9B87782794A5E93ADB4BB18C4E50

Malicious: false

Reputation: low

IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/images/feature-product-m.png

Preview:.PNG........IHDR.......r.....r.......PLTE..............................: ..........,*)...B$..<.cMJ....bQOA.+655@==......[MK7..QPPYYXijk.9.IGGR-............dVUmSNm......a....g...d__.......e...m......~......Zv..E%.h........k..o`^k{..yJ....t.....;.....Qc3....}.'...[{.....Z.........._.y.b...o...K............L.....}..hn./y.=$...........S;1..9......e{'w=...6..n..H....kB.m....u...Z}...vP..s..O .yz{..6~XJ..#Qj..4.Tj'.....gKd)....s}........jE...H0.c>[email protected]..\...e....N...J...t......u.Q..k{."...F.w0er....K.......x..N1.....t.......I...`..z.8.*3.Y.7..._u...me.B....C........e.1C.#........xf4BN..uT...d.~.?..M\j...Z#]q......(.........W...O.z.....~...#j.......6F...........rA....K.Q+l..._.a_?.H.cw.:\..].6.....IDATx..............................];.Q...0<.F.n^....vN."(.6h.~nmY.....K6.nB.....Cz.t...RC)....j.3KF(f.'....|..5.'...ah.~..Z......Q.v|...P../.|.r}Z..}...Z[.^.... .x..)6..../..u.f

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\feature-product[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe




Entropy (8bit): 7.955889306979783

Encrypted: false

SSDEEP: 3072:9guwrje7aFlx1/4WxbxRmIs3KTV/rUe8MyWJbuNB1UVfa46HhohGLro32VvofdZa:WuwrjeU19xbxRSaZ+yur2FaR+U0MoVtu

MD5: 9262ADD2F43FC919362E1C9103A18574

SHA1: E79C32DF1206B28F115E526C5D57E1418191C353

SHA-256: AB6E2A85AFD815866A5E208687F5841B11AFABD352C71340FC9D31BE0EF8F6FC

SHA-512: DD359DB0B161F55A6E52262108769E63BA847C2CCB8CAA463D1B548D710EC9C33083CEF01881EFE3865203E21080201DD979D6CA279C73FBC6176D105F29E6F9

Malicious: false

Reputation: low

IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/images/feature-product.png

Preview:.PNG........IHDR.......r.....r.......PLTE..............................4..... !".......,,-;........ihi]]]SRRC$.....7.cMJIHH...855@>>..._QOj..@+(...m|.....ggWU.....8.....r.......k..oRL.Y.am.....9".N,....)...>.n_]........`.|.......Z.yJ....j.v...P...Z/....YHE.D.}.&I40....}..............ZJ........th......c....0P!.q...K5..R.iH..7......sK..8_;).........KYs......[.....|K`.......C..l.[8oD0..\x>.w........Q4.`E..b8..tuvr...v......Le.%.7...a...h....... ..l.........4.x.C........6.....er...b=.sP....t...I..y..n.....K............O....>y..iV.[....`...N.j.B..p.....C..,.s........`...%.x..Yn/8....w.Wo~..{h...J .....0>I.....t....m.b....Xl}..a..?.....E.........V..7H..W#........FUc..j......s...E...z......n.U...9..L(.......=...fT.j....k..cu.. F....E?.H.=Z..`.3.......IDATx...KN.0.F.Tw.o.[a+,.a..k.i.......*%.8...%..U...75.............................=Uq..j..`2...w..\.M-..).../....v:..s.eYrn..w...=9.{...%....<*.~........G....0...P?..m.Z2..FR.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\footer-logos-image[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe



Size (bytes): 13311

Entropy (8bit): 7.972219768497237

Encrypted: false

SSDEEP: 384:cItL7MkJzvj9ywbZr7JZxJnAbWshllxdcXN:cIR7MKvb993JnyH3dCN

MD5: 1D5E4B170119A30FC96B3C665A4CCBAB

SHA1: 1E61EF5D56268CD4D983890B252AB701A2780358

SHA-256: 80E1C336CF345C9BCFE89285545117582DD5AA668ED84A65547269736C423F98

SHA-512: CFD12229201C0CF2742416E876A434CF536A77E9047C8B3CFA29FFDA3D52D4D719E31A2FC63161580128B2AFD9CCC630BFB9B73D62F8E4EED78C57146C8FCE4D

Malicious: false

Reputation: low

IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/images/footer-logos-image.png


Preview:.PNG........IHDR.......W.............PLTE...'.6'.6'.6'.6'.6'.6'.6'.6...+8B..I.<A(7;........7.+k...../..V..C....t%[email protected]... *];EJ..E....Zci{..JQQ.,F.....(..@kru.'-....L.......MYg...n.A......4<[..%..%...(:+..#?DK..beim.....&....U...Ga0!%&................8P+........F.....5...... X.....ô.2Jl......-b..K...1....\.....5......../.....XqE...]}1........(..........'0l.*..'.E..........W........SX].......$.P...F..... ..ck.0.(...q....K..r..=..6......#b...vy|..#..S..I..3.9$.........n. ~.4. (';....(q..lP....`..7N{jtI.........>}.hUNf. ......&;..7.d!q..d#Q.........V...0]n..bY}.......;X...-.=&_..]..6F.........w..p....u...o..........2...........`W.I..e.V5....w(....tRNS..R......{...1.IDATx...A..1.F.M..\...X.`6srEpDWe.`.}.n.!..nu......Wo%..PZ..#_ .b....R.~........f...U.X.H..._.).........` ..l.@^.....?` .E.....-.\.K......F..o...x.}.!.`..r...(..../X..>.e/.. ..x.%...W..i.bz2.3..(j..O!.)....T..E...REf.g...Q..l+.......ù....D.f.. #.L..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\footer-logos-image[1].png

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\gala[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe



Size (bytes): 9232

Entropy (8bit): 7.877931946988298

Encrypted: false

SSDEEP: 192:MFQVcetlG4CdREVXhu6HMP8QXx5TU/w3h3VY6hW2hOrL+:fHCvEVRu6Hg33U/IHh9T

MD5: C2E54D08FEE6405AF41CB576965F6821

SHA1: 4B356842B777F199F0C8F364B3500277AFC6BFFC

SHA-256: 19C36AE84B5B40B446C66C3C832314E90D84ABC4CCBE49886E012D3DD2FF6734

SHA-512: EC9E95BAE968FC41729A9387D3E0FD63F1088719505DD1B391F9DF15B009C30D371C2121EAF4463DFD5AD2F9157C2982FB0C723A35155EC9DF5BE879C407069A

Malicious: false

Reputation: low

IE Cache URL: https://thediet4slim.world/static/diet/fr/gala/v2/images/gala.png

Preview:.PNG........IHDR.............d.......gAMA......a.....sRGB.........PLTE....#..".............DDD....!.."..^.$..!.......^..."....`.."..........#..#......^...`......^..............,%....#.....81..........#..|x....E>.>7....OI.2+................`ZQON..................................YS....up................lg.............'...~...FD..#....y...........C.....f`..((.........CA...................................DD............y...DD...Qf........_.....[....x....t..?`.......F...R...U..........\`.....D....5X..'......u...[;(..?....$..j..?............{D....c<...x..D3..a...R...'Ta..@....{)..s...K.S....yKC.T.^...D..(2...=DX.D.............V|.....x.eK P.Tx..DD0Ux...dH.......[........h.f(.c..DDzpy.yxV.E....q.{F.h'+.)..^...+f..'.Pjz.......'w.4E^.~..'....<.}...o.~c.!I.b.......L.[...T.....}t...... .IDATx...\[email protected]..." Z....Z/.z.....U.Y.kk.u......n.....w...^3.I Q@.}....Lf&c...<...............................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\goodnews-ketopia[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe



Size (bytes): 19694

Entropy (8bit): 7.962519159809842

Encrypted: false

SSDEEP: 384:YEFkeL66jhKzOHkXi2oj72XbGxrtatwKV7SlFa0rigTnJy:Ya1m6FKiHO+7bRk5V7SlQ0r9Fy

MD5: C8DF617E119ECFA57202D9CF09528C43

SHA1: B6FFC7AC73EF958513FC4C623F650D73D5D7F1CE

SHA-256: 928BB056C7B913948A89AAE5755C69B03A777EBB93FC3C50622BC4559B9C3411

SHA-512: BD01AFD9F597F9D07CA8D784EC8C770DA7EE7C52484E91921F9767B1E08D7CA4A83116E8AF3B37680F1DC3736CE8061440BDCEA0EF18554616DECF5758502EDD

Malicious: false

Reputation: low

IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/images/goodnews-ketopia.png

Preview:.PNG........IHDR.............z%d....oPLTE...EQWEQWEQWEQWEQWEQWEQWEQWEQWEQWEQWEQWEQWEQWEQWEQWEQWEQWEQWEQWEQWEQWEQWEQWEQWEQWEQWEQWEQWEQWEQWEQWEQWEQWEQWEQW.-;....$tRNS..2..w..fo....C.`..:.PV......,I..%...S..L.IDATx.............................`v.(.U......$4........C<..~...Y?.w..0K..q..q...q.WZ3?.Z...:...3z...I.].....K.Y!.GY^......#\...Q.e,@,.r...G....;|].G.>....Ek.\....0..@dK...`.-G.....Q..z...y..%b'..m....U ....L.!.b.-.v...l..3!GX#..TK.$..6..mB.Q..h9v............2j.(.\.J.V'...Re1...L<.ù9.)9l=...s.]Ip....XP....r4b.DZp9.99.u~..~..D..... . .e1..#....L.Q9.O..C..]Y... . .e1..c...._.r8.r$...<.$..... 3.(.y..!vQ#....rD[yO..*...2....G.._oV.\.gV.......D.V.....L .b.)[email protected]#[email protected]$..."....G.a...,...c=a...c.)......"....G.a?......3#..g......C...DY.#.._.Gbp9..w....A.MD1....|.......;.f..B{...S..SWwg..~.u.|_.C..&f: \r..q..)AS.;r.....t..!.e..,G......r,...,..m...(i{C.E..>f0.Mr.R..a1...~.]../G]..01.Kn.#:.&.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\icon-loading[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe



Size (bytes): 4606

Entropy (8bit): 7.1595828488760525

Encrypted: false

SSDEEP: 96:gQYG5FB13z3f3Bq3/Y31hs7J41TKYG//Li9Yltay:gT+BFF1i1lvTltB

MD5: 054D63D4FA5C35C2C20110835ED7E59A

SHA1: 0963F10C25B6FEFFE2A106A67BA8B95107943FC8

SHA-256: 7FD8C7D595A74C8CC5D5E0F48687D59B4284AB2BA283C9C674C6BC0A914BB104

SHA-512: 75B80614BB391FA2C79ED20E993D0506BEA744B0F11EA23D1C30D9550D5F48994A8C40642D77A19131545CADD0BDA925373943AA3BD4EF08C1F35EFB2B3FDCE7

Malicious: false

Reputation: low

IE Cache URL: https://thecompleteketo.com/static/all/images/icon-loading.png


Preview:.PNG........IHDR...............^.....tEXtSoftware.Adobe ImageReadyq.e<...hiTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.3-c011 66.145661, 2012/02/06-14:56:27 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:9E0C23221B206811822AA8D2D54FFC58" xmpMM:DocumentID="xmp.did:B389CCEE497311E4969F82F96F5940F3" xmpMM:InstanceID="xmp.iid:B389CCED497311E4969F82F96F5940F3" xmp:CreatorTool="Adobe Photoshop CS6 (Macintosh)"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:F5E8826CEE206811822A8F216CD83C14" stRef:documentID="xmp.did:9E0C23221B206811822AA8D2D54FFC58"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>F.......PLTE......................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\icon-loading[1].png

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\index[1].jsProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File Type: Pascal source, UTF-8 Unicode text


Size (bytes): 8720

Entropy (8bit): 4.724135414702377

Encrypted: false

SSDEEP: 192:qY9TO9vSRQazj9FrL2zKyYfqy1rU4iRwRRcqt5oVseWJFffMmz:bNxL2AjC4Nj5GWJhfMmz

MD5: 2B878019170EEFB876BE82DC30FE33FE

SHA1: FA2562404F9057494339B5F6B07BF6F49C169477

SHA-256: 6DFC5D53B786B076F1158B97F2F5B52C66ABA1135911CAFF758F4152D594A120

SHA-512: 665AA9F2610E51288E6EDD8F6780A753909F6C28481949B2D246FCC5AB8987899E7D1D25F4B97AD0BCD6B1DE06900F3A479293423D6C408DC47FD85FBD4C7350

Malicious: false

Reputation: low

IE Cache URL: https://thecompleteketo.com/static/all/js/pages/desktop/index.js?hash=1623415244163

Preview:$(document).ready(function () {. window.offer.getState(function (data) {.. var iso_code = window.country || countryList.hasOwnProperty(window.offer.getCountryIsoCode()) ? window.offer.getCountryIsoCode() : Object.keys(countryList)[0];. var user = data.profile.user;. var shipping = data.profile.shipping;. var selectors = window.offer.getSelectors();. var someText = window.offer.getSomeText(window.lang, iso_code);. var phoneIntl = window.intlTelInput || false;. var phoneIntlAllowDropdown = window.phoneIntlAllowDropdown || false;.. function maskPhone() {. if (phoneIntl) {. var countryIsoCode = iti.j ? (iti.j).toUpperCase() : iso_code;.. if (countryIsoCode === 'US' || countryIsoCode === 'CA') {. $(selectors.phone). .mask('000-000-0000'). .attr("minlength", "10"). .attr("maxlength", "12");. } else {. $(selectors.phone). .mask("00000000000000000000"). .attr("minlength",

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\index[2].jsProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe



Size (bytes): 311

Entropy (8bit): 4.749963343788837

Encrypted: false

SSDEEP: 6:0ULfoKJHoJ7EeDHUlAHtRGXfS/n2eDHNOMbZVEI1:NQzHUlAHHHfF1

MD5: D46F1D77DF906A72D28E9C3AF6254CF6

SHA1: 406B920CAB3A7C7C3246E56DC3E0CAEFCF8160A8

SHA-256: AD65333F6938DCCE9613577493B2602B31B4A62242CEF58002CFA927411A3D51

SHA-512: 81658C1387D41F4977EBEA2564C25DF2AC642E1C54B2832E92B923C0A3FEC74D7C5C30F6A376A617454DA6A51CF3156A50BEA1201C0E8AE07D7C5153A7807DA1

Malicious: false

Reputation: low

IE Cache URL: https://thecompleteketo.com/static/keto_complete/v3/desktop/js/index.js

Preview:$(document).ready(function () {. $(".special"). .delay(1000). .slideDown("slow", function () { });. $(".icon-close").on("click", function () {. $(".special").slideUp("slow", function () { });. });. $(".navbar-toggle").click(function () {. $(".header-main__nav").toggleClass("active");. });..});

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\intlTelInput.min[1].jsProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File Type: UTF-8 Unicode text, with very long lines


Size (bytes): 29098

Entropy (8bit): 5.623361902672609

Encrypted: false

SSDEEP: 768:krqD7GzOml+D45YMJR3kWGYUOesxjTKbjvT4N3RR:NfIkWYOeajTKbQ1

MD5: AF98816DC416CE47A73B1C9B36CD6BFD

SHA1: 39C8234FF2A500A642D5B29D18794A4CEEA39930

SHA-256: 51D702570938A018BDB27854F81D657A9851272854831E9FB7B38FF0AF848A48

SHA-512: 00C291E36C095B6BCBFCA6171F2407738776A0DD1CF31E21F26BCADDBFBC9C1B19805844884C7EA1945F724811599EDA8138276F5ECE7C6B73C3A7A7F1FFC0F4

Malicious: false

Reputation: low

IE Cache URL: https://thecompleteketo.com/static/all/intelInput/js/intlTelInput.min.js


Preview:/*. * International Telephone Input v17.0.0. * https://github.com/jackocnr/intl-tel-input.git. * Licensed under the MIT license. */..!function(a){"object"==typeof module&&module.exports?module.exports=a():window.intlTelInput=a()}(function(a){"use strict";return function(){function b(a,b){if(!(a instanceof b))throw new TypeError("Cannot call a class as a function")}function c(a,b){for(var c=0;c<b.length;c++){var d=b[c];d.enumerable=d.enumerable||!1,d.configurable=!0,"value"in d&&(d.writable=!0),Object.defineProperty(a,d.key,d)}}function d(a,b,d){return b&&c(a.prototype,b),d&&c(a,d),a}for(var e=[["Afghanistan (............)","af","93"],["Albania (Shqip.ri)","al","355"],["Algeria (..........)","dz","213"],["American Samoa","as","1",5,["684"]],["Andorra","ad","376"],["Angola","ao","244"],["Anguilla","ai","1",6,["264"]],["Antigua and Barbuda","ag","1",7,["268"]],["Argentina","ar","54"],["Armenia (........)","am","374"],["Aruba","aw","297"],["Australia","

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\intlTelInput.min[1].js

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\jquery-1.11.3.min[1].jsProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe



Size (bytes): 95992

Entropy (8bit): 5.391333957965341

Encrypted: false

SSDEEP: 1536:OP10iSi65U/dXXeyhzeBuG+HYE0WEeLDFoNqLTW8+S5VRZIVI6xSb8xh2ZbQnRmm:R+41ZqLTW8xRrqSb8qGH77da98Hr3

MD5: F03E5A3BF534F4A738BC350631FD05BD

SHA1: 37B1DB88B57438F1072A8EBC7559C909C9D3A682

SHA-256: AEC3D419D50F05781A96F223E18289AEB52598B5DB39BE82A7B71DC67D6A7947

SHA-512: 8EEEAEFB86CF5F9D09426814F7B60E1805E644CAC3F5AB382C4D393DD0B7AB272C1909A31A57E6D38D5ACF207555F097A64A6DD62F60A97093E97BB184126D2A

Malicious: false

Reputation: low

IE Cache URL: https://thecompleteketo.com/static/all/js/jquery-1.11.3.min.js

Preview:/*! jQuery v1.11.3 | (c) 2005, 2015 jQuery Foundation, Inc. | jquery.org/license */.!function(a,b){"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.document)throw new Error("jQuery requires a window with a document");return b(a)}:b(a)}("undefined"!=typeof window?window:this,function(a,b){var c=[],d=c.slice,e=c.concat,f=c.push,g=c.indexOf,h={},i=h.toString,j=h.hasOwnProperty,k={},l="1.11.3",m=function(a,b){return new m.fn.init(a,b)},n=/^[\s\uFEFF\xA0]+|[\s\uFEFF\xA0]+$/g,o=/^-ms-/,p=/-([\da-z])/gi,q=function(a,b){return b.toUpperCase()};m.fn=m.prototype={jquery:l,constructor:m,selector:"",length:0,toArray:function(){return d.call(this)},get:function(a){return null!=a?0>a?this[a+this.length]:this[a]:d.call(this)},pushStack:function(a){var b=m.merge(this.constructor(),a);return b.prevObject=this,b.context=this.context,b},each:function(a,b){return m.each(this,a,b)},map:function(a){return this.pushStack(m.map(this,function(b,c){ret

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\jquery.mask.min[1].jsProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe



Size (bytes): 7987

Entropy (8bit): 5.3674963962269615

Encrypted: false

SSDEEP: 192:Q3KIpiAIexC4JpS0DbintpGPiEvAheKevbtoNOA:Q3hLj3rS0HitpGPQeKeDtMR

MD5: 27D036BFA66CD0AFE9579905FA9936A1

SHA1: C3317B2646F1BFC656A64F72237509BF922C7BB5

SHA-256: 7F81FD50565C42B28D0C131EE55DCE21472CFE3EF3F5572E04F279B9898149D5

SHA-512: 700AAE6AFE3E63A92EB1D52822E41A738E68620A05397A7A1CC4D0DF76DA324AAE98EBBF691EE88830AC9A0FA1B73B72EBD07776BAE666255AFC98C818972583

Malicious: false

Reputation: low

IE Cache URL: https://thecompleteketo.com/static/all/js/jquery.mask.min.js

Preview:// jQuery Mask Plugin v1.14.11.// github.com/igorescobar/jQuery-Mask-Plugin.var $jscomp={scope:{},findInternal:function(a,l,d){a instanceof String&&(a=String(a));for(var p=a.length,h=0;h<p;h++){var b=a[h];if(l.call(d,b,h,a))return{i:h,v:b}}return{i:-1,v:void 0}}};$jscomp.defineProperty="function"==typeof Object.defineProperties?Object.defineProperty:function(a,l,d){if(d.get||d.set)throw new TypeError("ES3 does not support getters and setters.");a!=Array.prototype&&a!=Object.prototype&&(a[l]=d.value)};.$jscomp.getGlobal=function(a){return"undefined"!=typeof window&&window===a?a:"undefined"!=typeof global&&null!=global?global:a};$jscomp.global=$jscomp.getGlobal(this);$jscomp.polyfill=function(a,l,d,p){if(l){d=$jscomp.global;a=a.split(".");for(p=0;p<a.length-1;p++){var h=a[p];h in d||(d[h]={});d=d[h]}a=a[a.length-1];p=d[a];l=l(p);l!=p&&null!=l&&$jscomp.defineProperty(d,a,{configurable:!0,writable:!0,value:l})}};.$jscomp.polyfill("Array.prototype.find",function(a){return a?a:function(a,d){

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\jquery.modal[1].jsProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File Type: HTML document, ASCII text, with very long lines


Size (bytes): 6372

Entropy (8bit): 4.904330461103445

Encrypted: false

SSDEEP: 192:jK7IJpLwMH4iEtsj86DZSDD8XGy1Oqq/8Y8lgm6:jAIP5Ha8LDsDDYGy1deB

MD5: DB1F5F55CC78B444D1277133CC57B7C2

SHA1: 2A35B409E797DE61107E250DD742B43F85AC4777

SHA-256: 49E6AC88BFAFA2B4DDE6EA864336F9646AA516BFC8762EAE980BB95E33682441

SHA-512: 09A10762DA7E10B626B413FA0708718F80805650766074626E97869E0CB77B1AA7B65C91073421DB278026F9830368D8CCF76E50544C570CF781F013D9619DBE

Malicious: false

Reputation: low


IE Cache URL: https://thecompleteketo.com/static/all/js/jquery.modal.js

Preview:/*. A simple jQuery modal (http://github.com/kylefox/jquery-modal). Version 0.9.1.*/.!function (o) {. "object" == typeof module && "object" == typeof module.exports ? o(require("jquery"), window, document) : o(jQuery, window, document).}(function (o, t, i, e) {. var s = [], l = function () {. return s.length ? s[s.length - 1] : null. }, n = function () {. var o, t = !1;. for (o = s.length - 1; o >= 0; o--) s[o].$blocker && (s[o].$blocker.toggleClass("current", !t).toggleClass("behind", t), t = !0). };. o.modal = function (t, i) {. var e, n;. if (this.$body = o("body"), this.options = o.extend({}, o.modal.defaults, i), this.options.doFade = !isNaN(parseInt(this.options.fadeDuration, 10)), this.$blocker = null, this.options.closeExisting) for (; o.modal.isActive();) o.modal.close();. if (s.push(this), t.is("a")) if (n = t.attr("href"), this.anchor = t, /^#/.test(n)) {. if (this.$elm = o(n), 1 !== this.$elm.length)

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\jquery.modal[1].js

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\jquery.validate[1].jsProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe



Size (bytes): 20913

Entropy (8bit): 5.2568962677086875

Encrypted: false

SSDEEP: 384:4OXyp7Lm+dmr9qhk0XuExz9Bcd1Jny+0xC7WpdOC8PGDm9KLNKI9ci9sk:afXdmr990ekpqJny+UO798NBc8Z

MD5: DFBB7D0FA4E8E236291A04276C684406

SHA1: FF0842CACA8373A6F00B4500BB3B30FD1A4729DB

SHA-256: CD57D694BB7393F778B60A7F4EA3C7D9A7332D5EEE42C9E3196A707F28F0E740

SHA-512: D13D734586AC2EC9803B9AB6C9FF0CF86CA1C5AC839E3F9B432057D76B4D385308455F76EFEC1AFF69C6FB217E899FDCE150D5A5BEA5279E6BAC15950AB76B77

Malicious: false

Reputation: low

IE Cache URL: https://thecompleteketo.com/static/all/js/jquery.validate.js

Preview:(function(t){t.extend(t.fn,{validate:function(e){if(!this.length)return e&&e.debug&&window.console&&console.warn("Nothing selected, can't validate, returning nothing."),void 0;var i=t.data(this[0],"validator");return i?i:(this.attr("novalidate","novalidate"),i=new t.validator(e,this[0]),t.data(this[0],"validator",i),i.settings.onsubmit&&(this.validateDelegate(":submit","click",function(e){i.settings.submitHandler&&(i.submitButton=e.target),t(e.target).hasClass("cancel")&&(i.cancelSubmit=!0),void 0!==t(e.target).attr("formnovalidate")&&(i.cancelSubmit=!0)}),this.submit(function(e){function s(){var s;return i.settings.submitHandler?(i.submitButton&&(s=t("<input type='hidden'/>").attr("name",i.submitButton.name).val(t(i.submitButton).val()).appendTo(i.currentForm)),i.settings.submitHandler.call(i,i.currentForm,e),i.submitButton&&s.remove(),!1):!0}return i.settings.debug&&e.preventDefault(),i.cancelSubmit?(i.cancelSubmit=!1,s()):i.form()?i.pendingRequest?(i.formSubmitted=!0,!1):s():(i.focu

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\keto-bottle[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe




Entropy (8bit): 7.959101624719401

Encrypted: false

SSDEEP: 3072:5iFsqHPUGKx5ney06iLr5kLfAqn2ACOa5dYwJOJV+Lf:5SsYPUj5ne+inOL1TCOmdFme

MD5: 7194FDE50613B5D522950F2125B414C4

SHA1: 4A986FB56A38ABF130A0D9F78BCDBC8A6B83F5EF

SHA-256: 6852776D4AEFA58BF473FB63FE92FF10C83503484C0AC977824C8C9FEB1F683B

SHA-512: 0490622288B4F336EFB405645F13CD165A037894337E4DE8710EAC371A373A8FF822CFCAC2778649BE0DC380CE4DB3D6732BF7965497A2C55DB24A60D9B59633

Malicious: false

Reputation: low

IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/images/keto-bottle.png

Preview:.PNG........IHDR...0..........54.....PLTE.................................cMJhhh%$$6..`OM...633?==HGGfPM:880..MLL8..D$....^MJXWW+**2..DBBB(%\[[*..bSQ7..=#.1..j..RON;..fYXSSSj^]ccc>.,@ ....h..=#.fUS[OM:)(j}.aVUa_^.....kSP...h....]SRlPL.......nno...o{.l..mXUXLJl..pdb...D'................N) .......lw.......D20...G.+K+....j..XRQE76...l..3%"q][...qSL...5...............b,.m......Q/......G!.....hs.#......W).r......N&.....s.yxx...XFDq....o.........wVK...u..r}.l.p..m0....A..Y3....v...........l..WH........h2....d...d..e....n>..Q.).....O61...{F.c9.dm.w<.X2!c ....B...O..\....s..\I.s..G._..[,.P?<..}..S..|]V...fH.|..cUx..aI.....}..Z......t...lG...V#....zB$........ls.......rE.6C..?...fB5...x&....|........<.DDYq:EWe..`......2Og....{..3.;.|<G.OWx..]4....4..o_...{.o....IDATx..Mr.6......v8.O................DM.D.,.1...(.}...[o...[o...[o...[o...[o.....2{,......"...^\...U.+AAD.B.LU7.bbc...IT..X.+.b.o.~E.^[email protected],..P...T}x...

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\keto-logo-lg[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe



Size (bytes): 31913

Entropy (8bit): 7.931664971893634

Encrypted: false

SSDEEP: 768:nriK7Oh6jxK38pdlgSez8Pa5cSy8MblZiRDHr:nOKKh6jxK38DgSegPOMblZi1Hr

MD5: B1A07ED7CCC199CD67CFA5523A1FB5A7

SHA1: 8308FDFB91ABCC4BB6DEB3B42D47DD5338C198EE

SHA-256: 3FDB8F6F8099E8164D7E8AC9614D7BE2CD01C4286457788A17DF2587C43C05CE

SHA-512: 57D07D8D919DDA2E3B1A5383F4E8198D6642351FA8C08D7F90589941C10947FEBB2213E901B3993A747F32F8717B49FC600424C8BFD73F9A0E691B766AB82905

Malicious: false

Reputation: low


IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/images/keto-logo-lg.png

Preview:.PNG........IHDR.......n.....S1p.....PLTE......333222,,,...&&&333333(((+++333333...222333222333...././//..............8...........lll`.d...;[email protected]......:.Dwvv...srs...```...:.CUUU;.C......|{{;.D:.D...PPP......333......;.D.................................7........^NL......eOL1.....@#._RQcWVZYYbLIUSS9877 .$$$fff...<..i\[ROO.....mRLdSQF#.*)*k..../.....`__=;;g....kkklVS@(&YLJ).......k..LKK...l..@??I*.HGF>#.?.-................kx.k..p{...E53.....DCCQ) .........r..\-.ocbG,)T0.8*(zVJ......r]Z...>.....\................f....u....c4.S).m../" .G....t....3..k<.J.....eo....k+..q.b.....u;..w..l....N<5....gH.]I]..$.......qqq....xwwTB>k.....O..cU...........~}}...BQhw..a;).oE8GX......R...._|.../;Hm|....8.@.....=4Q6o...!...>.GUg.6l:..$.u*c\-7.>8.=....qk..d.`.....>tRNS...5...'@.o.....`P^. .c..cZD..*..:....`H.w...k...|......*[email protected]..!(.t.H.$.X. ..B.....s..A..U?R.".iQ.E....8..N?<.1..?..........}......O.K..."F..X...>~.}(

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\keto-logo-lg[1].png

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\ketosis-footer-cta[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe




Entropy (8bit): 7.949578954365861

Encrypted: false

SSDEEP: 3072:7Kp19d+NCKboIIhVSP1sV4vm5Hd1AYcCOHHZQ/SL4WflJ6JedmGAjE:6d+N3UR+a4vm5HXsHHZJNfCUAg

MD5: CFBF248CB80AB8C3F745388126BCD5A6

SHA1: 23C9498E393A1CF9E18A6D884B57EDE00FA344EB

SHA-256: C6BFAE24E18FBB1EB6B18A4BA5DDCF8DC9EC78397A79A7C4895CB88A344AD6C6

SHA-512: EEFF815441CA56383ECC3DB1097B8E0909D4AB5E41DA30EC172000FC01D0B55CBD0CBBC5B2AC7853A7CB136723C0788E76B3AA7DEB83A527A19993F82B55CAB6

Malicious: false

Reputation: low

IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/images/ketosis-footer-cta.png

Preview:.PNG........IHDR...P.........q.p.....PLTE........!...............=PW;J[=PW?OV=PW=PV=PW?NV=PV>PV;LWBPV+<.=PW?OU=OWAPV=NU=PW>NS<NT*:.(8.$2s'7....&5z'7..$R..................USW......*:.)9...=!-i.$TVSWURV.........................................?.lnn......sst.@....>>>.......@..@.///.@..@.,=....=PW.....................666..........p....9...........z....3..B".URTePM^NLiik...'%%...eef`SQ/--9!.YXXcLIONN..._^^=+*........dXWJHHD($...l][l|...;99...DCCF20...kVS@>>...YLJ......*.....oRLk.........ppr......i..~~.......................vvxT+ ...I).s............n..j...............]:pcb...g2 ....V0.~XJT$......x..G..t~...8....kgr.%.........r.g6....w<.S?<f#...s..aH.K.b..._..V..bV.i..j........z....kF...}..{F!.....o.....9.....".....r}...U....Ug..sX..:..uC..t]~.GXm..B7.?..HD.L..&.S...5n9h..1`.....QtRNS...(..2<...p..5..+S.{A..[.eJ.Z..q.:R.2]E..y.GJ.i..i`...{K......~.......G..c)...v.IDATx...1n.Q.EQ...)U.h..b.a/..b.`..<g.W...................;.n....;..m.[...{.~.....n...@G

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\ketosis-ketopia-proof-title[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe



Size (bytes): 5996

Entropy (8bit): 7.952521969258312

Encrypted: false

SSDEEP: 96:lMcM5VdYMF4wLUpxHdssAhGUbfBzOwwnrTeoTk7KNLot551y48fBK7C+8ia5we4:Kbn34l71Uwv/uMEtAM7yif

MD5: C7CD4C340C5BF34742E67D2E767BC2EE

SHA1: ACB51C02AEE3DAC227CD9AB932E0D23B9571CDB7

SHA-256: FA22B68BAFA25604217D36DE658E300BCB2A9BA24856D2308B07945D1A04A9B3

SHA-512: 7B81825A2EB5FFC26EA2C19C23ADB6BB9A83F6EDB9BFF7FD4C113133CCB8838F6983A33A582D7C934A145763A71E48FEBDCB4E6525BA9C2C7CA7964A139914D8

Malicious: false

Reputation: low

IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/images/ketosis-ketopia-proof-title.png

Preview:.PNG........IHDR.......h.....x.R.... PLTE...........................................................................................................................................................................................................................................................................H.f...._tRNS..... dU..D:?&N,#I4Q....)6.0X....[..p.t.......|.h.....j`....z...^..n.....xeS.oND....r..Q.Y....IDATx..\iW.H..hF0....6...17.......`.6......b..c..._>.>.M.Rk.....\...2d...+.0(a....C..<..0..%.......k..Lr....C.tT.jx.'....ZV......>O.Z......L8.;.6...j....,S......e#.0Q....H......Zo.U/..!..!.n..........3...dba.(.J...E].../...&[email protected] jWr.)"........d...T..-....B.1.. ...{....d...ul.. .3N!b.:.Q.m...=....$.r..D.H...5_%#.E......I...-..^.p..#.F~..wurR..$....A.w....^.%c7!......I.}.f"4..\.q.5+.d&.$....r.$"..%..d~2&.Z$.....%.h..8..='.^L.H&..[[email protected].....:..2....!......hf....:...+.,h.....Y1-y..Q..



File Type: HTML document, UTF-8 Unicode text, with very long lines


Size (bytes): 72155

Entropy (8bit): 4.516958888583628

Encrypted: false

SSDEEP: 768:h/H4vUVT4nrUX9bW6Ac1dJ+uIZ07+f7OwjoLeDhpC2ztQnXDUzBIHJNe:h/H4vZrcbWHEXJIZ7VMLe9Q2CDksJI

MD5: 60DD7A071D248908B165CDCB1EDE1070

SHA1: 1A71612293A66B00D6FA99EE91CB3F642DFB1591

SHA-256: 826D34947E076DE761598889223A1466181D239EDF46EB73B1607A1BC0AE5285

SHA-512: A76E0BDE8DE6590AA53E3FA46AD5A9C133B09AD1FCBEC20EADCB18DF489C51296E1AD386808AC8F8BBF8FA4D7DA00EE9F1F008BFC4840A52CD2CFAA7E4683D43

Malicious: true


Yara Hits: Rule: JoeSecurity_GRQScam, Description: Yara detected GRQ Scam, Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\kt-comp-figaro2[1].htm, Author: Joe Security

Reputation: low

IE Cache URL: https://thediet4slim.world/fr/scyo/kt-comp-figaro2?bhu=bHJfQkppmMPUtVV8YqSWiW3dFwqoDsA2Gf

Preview:<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN""http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">.<html xmlns="http://www.w3.org/1999/xhtml">... Added by HTTrack -->.<meta http-equiv="content-type" content="text/html;charset=UTF-8" /> /Added by HTTrack -->..<head>. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">. <title>Gala : La meilleure astuce de Fauve pour la suivie d.un r.gime</title>. <meta http-equiv="Content-Script-Type" content="text/javascript; charset=utf-8">. <meta http-equiv="Pragma" content="no-cache">. <meta http-equiv="CONTENT-LANGUAGE" content="en-CAN">. <meta name="ROBOTS" content="NOINDEX, NOFOLLOW">. <meta name="viewport" content="width=device-width, initial-scale=1.0">. <link rel="stylesheet" href="/static/diet/fr/gala/v2/css/index.css">. <link href="/static/diet/fr/gala/v2/css/ouibounce.min.css" rel="stylesheet">. <link rel="icon" type="image/ico" href="/static/diet/fr/gala/v2/images/favicon.ico">. <


C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\main-grabber-desktop[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe




Entropy (8bit): 7.953782529725965

Encrypted: false

SSDEEP: 6144:3w64H3Zs0Ybr83/B7MEXD9bZX/AWwEDpF:3XLg669bZX/VFDz

MD5: 50C322847AF0F09A8660197CEE002E7C

SHA1: 61617A8E2CDC78BFF05076A54F1D0E103B707633

SHA-256: 9F37073E9E762352C83F846CE33333F08AC06178931DC6AF474E4EC095FEBF55

SHA-512: 9C739C4F529CFF3F230B2FEB05F470D3889BD69F66DDB6715B8DFA0A9E1567B75CD53A1DEBC061C9D717CDCEB561155DC5B36C4129538B2A24403F7644B25671

Malicious: false

Reputation: low

IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/images/main-grabber-desktop.png

Preview:.PNG........IHDR.......p.............PLTE...$,1%598S\...EL\8T\...9T\...8U\7S\8T[......8U\9U\8U\9U\...+<.........................'6}*;.......&5z...............wMr'8.$2s.......,e......(8...................x?m.....-.......5......ht}...bw}....................t...x.....y..j..l.....y..{.}||...,=.....\.....h.....t.............:76...^\\...U.0.........l.|jii%$$...cNK...3..8..C#..-.: ....LJJ^QOxww\LJ...RPO...WVVA,)><<DDDdSQ............*......dXWlQM....A#.8)'i..bbb.....C....k..i]\...r.TH51j....K)......kVSV+ ..q....i..l..lx.........L ....r}.V1.e1...k...7......ocb..............=......q......uUL...r\Y.q.`$..}..S..z..a.....m.p....L.y..=T{C..DKq>.SA=b...YH...m3.}...W).p....eo..g..N;.&l......[..1b.M...qqr.aH.f....cy....bURb..iG.y..[...X...y..|..hF...r..;lu..tE<.D..GXm....kJQ.xqW.u..f...RtRNS......) 43.OA*<.\tiq.Q...D.".v.y.3....&.\..=.g.m.....>ES.^j.Z.v}....&.M..m.....2..[DIDATx......... kX...Ek..............................................................=')...3Hr.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\main-grabber-mobile[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe




Entropy (8bit): 7.95820493542356

Encrypted: false

SSDEEP: 3072:yUs0290nUgrtIj/rl+A7obMOh9OpWKL94/7UbaA5EvpoHUiDfcK:fssUwi96MVpr94/wB/H9

MD5: 97F81F02CBAB7B35C7BE9044DB7A0EA1

SHA1: 0AF33767CECEBC7CB7E6E44A2BFA298775B32B87

SHA-256: 5A955F5BB6C81E5AF562B4B91B1EF38F0D0FD6475A1186A1CCAAE92688342BCD

SHA-512: EC114A483EFF8ADE3B89CC802BDFC8FD68CC43FC78618CCF0ACA6627ACD8349801584E42C525986FC3DC08C990374D6BC5BF1D8C41C33F66EB702B920DE8AE51

Malicious: false

Reputation: low

IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/images/main-grabber-mobile.png

Preview:.PNG........IHDR...(...........|.....PLTE...-3;%28GN`......=T]7R\......7T[...8SZ...9T\8U[9U\+;.........................'6}(8..........'7~..........-:.........*8@#.H......%2u........................*;..9r..................*:.......'6}...'7.j{...........!.j.......Aq.........w.....o]m......III...CCCvww||}...,=..........;87.........^]]T.0.................kjj.......t.wvv2..cMJ...&&&......_QPJIIB"..--9!.XWW^MK...?==fQNlRN544TQQ7..<!.A(%h....DCCfXW......OMMbUTk~.eees.U).....<,*...9...........E1/YLK....k....q|.i^]......k..I)......H%................q.....pZWpbait.S* j..2$".o.r......E..U0.wUK.........o..f....".._,.S%....b.....5......|..L96......[I....\....tA....|[email protected]>..?.L...DS....bV..o....pE.....x..v....To...:..N_......<IYUf.q...XtRNS....... !4**R=4H>.ysj...#Hu...Q....j...`;3.\.[.....+..|[.9AGG.WdDj..%uFW~.,.z.......j.....IDATx...1..0..0L.......Y.w+...........................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\nongmo[1].jpgProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe



Size (bytes): 3032

Entropy (8bit): 7.791641634473387

Encrypted: false

SSDEEP: 48:2RTcRTaNR+OyueW7iU1CHSO4B2ZzhchLiZWGDRRkhgoGO2sirhpp7qUBJX:qEaeue8iUbwcViYUjpoGO2siD4UV

MD5: 26B590DFDACE3E1B4215A66EF354DE26

SHA1: 6F9BCBE84BD332F532F3961A57ECE2AAB1401600

SHA-256: 85F9732D744DECA9931EE17B2ED3BC3501C19A84BCF67699DE9C6DC2358A7B0F


SHA-512: A791569C822E9E8F99C3BA65394CD2E87600DA71292B6BCBA87A5B20F58448C8901CDC687FB15DCF211D54F26D5CB71E6909DAEADBE96DCDD527A37F4F4D1FB8

Malicious: false

Reputation: low

IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/images/nongmo.jpg

Preview:......JFIF...........................................+......+&.%#%.&D5//5DNB>BN_UU_wqw................................+......+&.%#%.&D5//5DNB>BN_UU_wqw.........f.f..".................................................-U.i.EKI.......C.-.AHp@.H=..[m.p[4Z..M-.u$.K.~.f.v.lh=.....y.^..U.1..ctB..m{..#.T.O<.....e.K.....,0..t.....{<.HT.eL.>I$.=eY.'.....................................L.3.......a'.v.s...D.S..o......................................".T.S....Q.E.DY.".s..o...*............................! ."#A2.$13a...........k.1R....g.....i..|.F.w n......Q=.,&......I..kf4H....M_..j|.x..W... ....1..q.3..X.+.;yY.y..p..*~.#;.4N....)j.x.n..fuI..s..j$.t.Y@.?l....I.....{..1.....2]}..j.U.^s{.."J....Z!.u...w...c84......K.6..b.+.O.p..((.m.r.,N.Q.|.}.F..OR......q..B..%..^u...MS.&w...Wb.N....-...Y4..<.4v..\.....XNT(.;V.t...a......6...|L..h"k....@....%f.F.SG..Z.X.S5.#2.......<......r..UE.^V.G#....KV.&..m\........|...Po...`p..J...}1sN<.V..dU.O...E..;.*/WDd....i..{t...jW^.?....m.E

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\nongmo[1].jpg

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\polyfill.min[1].jsProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File Type: data


Size (bytes): 92127

Entropy (8bit): 5.300849513981647

Encrypted: false

SSDEEP: 768:g6e/lTSJfldGfPGqFe1GM/sQz2hoBVDu9s+0oL6vWlOtwdcslPkU7bngLYOYmc3S:eildpqFe1GeskQs+epPJET3RdoSxcxv

MD5: E8F945F27EEB4BF5060A8EE04DB24C3A

SHA1: 4BC6171E1CAB7797FEE43B2964AA03AB478F79B5

SHA-256: 58D0C8F849FB14BA189963158DA26CC23B43A97910C829D9EAAAAEF1659B5974

SHA-512: 2265B81970AC5811E1872657EE2040CB638CB8294121415AF6AFE796022922CD0AD6D78A2ACA64700DAFAA167DBFCED5FA1EF5459EFF8B5E0F58A13434407C3D

Malicious: false

Reputation: low

IE Cache URL: https://polyfill.io/v3/polyfill.min.js?features=default%2Ces2015%2ClocalStorage

Preview:/* Disable minification (remove `.min` from URL path) for more info */..(function(self, undefined) {var _DOMTokenList=function(){var n=!0,t=function(t,e,r,o){Object.defineProperty?Object.defineProperty(t,e,{configurable:!1===n||!!o,get:r}):t.__defineGetter__(e,r)};try{t({},"support")}catch(e){n=!1}return function(n,e){var r=this,o=[],i={},a=0,c=0,f=function(n){t(r,n,function(){return u(),o[n]},!1)},l=function(){if(a>=c)for(;c<a;++c)f(c)},u=function(){var t,r,c=arguments,f=/\s+/;if(c.length)for(r=0;r<c.length;++r)if(f.test(c[r]))throw t=new SyntaxError('String "'+c[r]+'" contains an invalid character'),t.code=5,t.name="InvalidCharacterError",t;for(o="object"==typeof n[e]?(""+n[e].baseVal).replace(/^\s+|\s+$/g,"").split(f):(""+n[e]).replace(/^\s+|\s+$/g,"").split(f),""===o[0]&&(o=[]),i={},r=0;r<o.length;++r)i[o[r]]=!0;a=o.length,l()};return u(),t(r,"length",function(){return u(),a}),r.toLocaleString=r.toString=function(){return u(),o.join(" ")},r.item=function(n){return u(),o[n]},r.conta

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\pre-loading[1].gifProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File Type: GIF image data, version 89a, 204 x 204


Size (bytes): 46935

Entropy (8bit): 7.958343663420937

Encrypted: false

SSDEEP: 768:r4QQZP9DKPUMOSsw6c1iqoRb6n0CH5zspbTYQ2BQar63f6B01yFURBvGLF+wmDPa:r4fnDuqSsncV0bdCHVspbTYQ2BFr63f+

MD5: 437264BB3667972850B0A3C918E71F06

SHA1: E89931F4254FFC2D9802CA8FC2CF846A3E031209

SHA-256: E9284B495A7DF0BC098FB2FDA8CE5BCA68FE946783EB443228BDF7F3C7BCF3BF

SHA-512: F2F47321B5B04DE32BCA683BEFD868E20BB94ECDBB38E15C17FC9F18F0856AD2450D2AE7728BD6A166B134F18A5123580071CD75C7C47CFE1006FBE8A99E056A

Malicious: false

Reputation: low

IE Cache URL: https://thecompleteketo.com/static/all/images/pre-loading.gif

Preview:GIF89a.......................................................!..NETSCAPE2.0.....!.......!..Optimized using ezgif.com.,.............I..8...`(.di.h..l.p,.tm.x..|....pH,...r.l:..tJ.Z..v..z..x<>..h.b....pvz.Z....}....q|......i....p.en...`~...\.....[m...Yl...V....S....P....O........J....K..."f.2...u......+...f....m.'.........................+.a].......0R.s..`....9..2T..P.k..C...Q..].%V...!..0..L........ir&MG+q....%.>.&.:Th.P.LT..iS.].F..4..-.n.:..W.".h......hs.eK..W.q...[..[.y]bY.gYt.....0O{../.:..c...O...rI...n...3R.0..|.t[o.1.^}......y|H.s..C.|vFZo......x...e......A.?..<..qs.K...:(.n.........c...X.E..~z..z.:....a...0..'FyQ1._`..4.....GsGE....l..-7...Zk$wU9..|r.X......4.h.8.H..2..[..(...'. .i$...dlL&..PF...O..."Mb.e3[n..3G(.e..).e.Ie/j.)'..Y.+q.9.zv..J.z..]._~.h..2Gh......Za..8.(..J:...v...Jr...j$....h...j..".j.wV....Q...9............R.....,....g......z.i...l...(-..J..[6..V.)i..../.....B.{o.%.....,....l...'......g..../..zh1,..P.....,.s

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\rrmhfcjs[1].htmlProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File Type: ASCII text, with CRLF line terminators

Category: dropped

Size (bytes): 5

Entropy (8bit): 1.5219280948873621

Encrypted: false

SSDEEP: 3:hn:h

MD5: FDA44910DEB1A460BE4AC5D56D61D837

SHA1: F6D0C643351580307B2EAA6A7560E76965496BC7

SHA-256: 933B971C6388D594A23FA1559825DB5BEC8ADE2DB1240AA8FC9D0C684949E8C9


SHA-512: 57DDA9AA7C29F960CD7948A4E4567844D3289FA729E9E388E7F4EDCBDF16BF6A94536598B4F9FF8942849F1F96BD3C00BC24A75E748A36FBF2A145F63BF904C1

Malicious: false

Reputation: low

Preview:0....

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\rrmhfcjs[1].html

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\scripts[1].jsProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe



Size (bytes): 12024

Entropy (8bit): 4.902860990661882

Encrypted: false

SSDEEP: 192:qHLuc0ntcBUIe9F8PMoshJycBUIe9F8PMosfhpEZUwe9FUPUAE5+LqUJUge9FkPR:LIUP2MrfUP2MrCUXeUT5+XUnukDVKBEU

MD5: 3C87011B2BB544574AA401D2E426E4DB

SHA1: 3EDEF0CF80316123F25F3579BE018AEEFE2BB23A

SHA-256: 80B4F33FFFA894D7F7B9E8981874F2E87C1F941A0AC5D8406EBB65702B048366

SHA-512: 4442E92D76038A0A916A56C548C872A2BD9E65ABCD11A02D92AC45ED2941BD3A06A6E2A4B29139C83264F1A43F2B26450C74262F18B4434B994093BB7B213A33

Malicious: false

Reputation: low

IE Cache URL: https://thecompleteketo.com/static/all/js/scripts.js?hash=1623415244163

Preview: // cvv image. jQuery(function ($) {. $(".cvv-link").click(function () {. $(this).siblings(".cvv-image").slideToggle();. });. });.. // cvv image. jQuery(function ($) {. $(".cvv-link").click(function () {. $(this).parent().siblings(".cvv-image").slideToggle();. });. });. jQuery(function ($) {. $(".cvv-link").click(function () {. $(this).parent().parent().siblings(".cvv-image").slideToggle();. });. });.. // anchor. jQuery(function ($) {. $('a[href^="#"]').click(function () {. var target = $(this).attr("href");. if (target) {. $("html, body").animate({ scrollTop: $(target).offset().top }, 1000);. }. return false;. });. });. // end anchor.. // fades. $(function () {. /*-------------------animation----------------------*/. $("#fades p").hide();. function fades($div, cb) {. $div.fadeIn(2000, function () {. $div.fadeOut(2000, function () {. var $next = $div.next();. if ($next

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\seals-top[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe



Size (bytes): 14520

Entropy (8bit): 7.979464995058973

Encrypted: false

SSDEEP: 384:LOXp/XmoUjjKggAuO4KQmBqB7fF+bdZFG:LmEoU39XuONNBqpfgFG

MD5: A1B716E121F00E70F00F1A894A14582B

SHA1: 9AE0FB8C5E3B59D45B89202A46556AF62E0A0CB1

SHA-256: 650F073FA2CE189E02B32DBB2331F2D9E456C9E057F2C8D462B600492C5FDC4D

SHA-512: 5435E31EB50D916EA7A4352DBBA090C112F9ADF777BD59EB2E4215F86520EC86BCF53FB4DA6555AFED2BDD27C1B3EC86C566E9FCF95FB5CA4EB995A73A563A16

Malicious: false

Reputation: low

IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/images/seals-top.png

Preview:.PNG........IHDR...J...l.....;u......PLTE...................w.`..o.X................m....{~.h....u............B....B.s}.j......7.VD.......I.k`.MC.xB....s..e.fd....=....!.x\..K..?....y..e.gE.y......+.......SN...g.3-.@9..z..l.Q.............i....y..O..........a...........z..Y..W.......u.../..B....z..L...7.........D...%...j....!..1...v..Ka.D...5.....o...*.......5.$........&....x._..Q......s........|d.......:.+.R...:.`..........(..n.{1..o..a.....$...c..I...6&.e#...g07..........L.>....../i0 [email protected](.K..:-.s...j..=..$.]!`......mZ...........m..7.......\..U..B%........iQ1~....xQ6....78.1.q1..!<..}.....~.R.....8.....VP....v.?.G9...|..Z...;..O..x..7Ox.P.A.Y...q.j..Vi..>]...i.z.....Q.G........o.nZSG..<.3.|......FtRNS...G* P.<.\08.\..q.....B].........H....b.=.xY.G..........n.....`.......5KIDATx...Mk.A......n.M.%..F...T..z...4.!Ie...`)........xi/....k..!.'! ^.|..B.~...../...?%..m..x..i..............B&.ym.|>).g..k..i........%

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\secureicons[1].jpgProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe



Size (bytes): 3895

Entropy (8bit): 7.81354639369924

Encrypted: false

SSDEEP: 96:qEaYZkoHzCQaMNwOSQ6dBX9gI2BncRcRa0U0emh4C/v+4D0RO:qErkcsMNt5JBnfRBBORO

MD5: 46CEBC75FA484C520D05784A32C4E280

SHA1: 309C3450908FA1D3313B3A78ED54CB44DB149F5D

SHA-256: 5D7463B04E3FCC4D6343A5AEFAECF2AA920E12D94BF45D62ECB526EFCA3A4DB3

SHA-512: 4E7D4B904F29DA8A0B5E462B298A7AF7AED537E752B5A712BA5FB92F53BC3EB7DC4DFB525C2852C8810AB45A5193CAECB93C3A5C3A9FD8A07D79A4863A054753

Malicious: false

Reputation: low

IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/images/secureicons.jpg


Preview:......JFIF...........................................+......+&.%#%.&D5//5DNB>BN_UU_wqw................................+......+&.%#%.&D5//5DNB>BN_UU_wqw.........3.b..".....................................................D..7`..f\.=.&.5Q.....wQ.V........=.`c.b.@..].gK.v.e..[k..E.[o0..'............VW...%..:..b...'...i.d.vK.Yq...A..6..dSRr..O3..M...i.........|.{./y.'.<[email protected]@................................................Uoa..h..].9y.:C.$..s.<y...Q=........................................,AA%...W7^.....v....g$.a.Z.(......................................! "0EU$PQT5AD............M...I..,.B.YZ.._.u`...._.M.6.Q.....\:[email protected].....[......]...B.%.V%.."A)2E...HBQ.`....\H.<.....Td..3........a.g.iE...+...5...Y.(..n..;..l)%.dW..,.S7.e.!.....E.#J.M:5.w.:...].J.{@..".~R}'9.k....{l.....L...(...u..Ia[Rq&....-`..e.....[]....m.h..>.&q..WM.d......%4..si.5.X...l..Xk+..7V.l+j....Rtb...\h..9..d..Ds)l.. .[.e.>...d....$Aq.I.7.Z.w...r.*&..(!X.q,.......P.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\secureicons[1].jpg

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\style[1].cssProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe



Size (bytes): 31330

Entropy (8bit): 5.099826865752036

Encrypted: false

SSDEEP: 384:qphgWqCx5SvdrVALYto5ScEg5W9yJUXxCLix3pFugYb0Mj5oDmYuaRqAxURaEv:qgvxAlEoWtoLL7Q+5oDmYuaRquURaO

MD5: 073991391762187136CF32379F1B9AA7

SHA1: 174ADA28BB329B39E075B780D7C90C29FDD5BF2F

SHA-256: 68AA7E8D0EF10859D1ED436B1DB8BE1600E6546FE085E6E71F34984831837C09

SHA-512: 1D012F07FA2F9A0D8376EB87EB1E012E3FEF1DAD20271FC9DCE1D6D85B098ED497719EE4B84BD14D8A34167A592E4759E52899335D67ADEF6FC47253387830F1

Malicious: false

Reputation: low

IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/css/style.css

Preview:body{margin:0}main{display:block}h1{font-size:2em;margin:.67em 0}hr{box-sizing:content-box;height:0;overflow:visible}pre{font-family:monospace,monospace;font-size:1em}a{background-color:transparent}abbr[title]{border-bottom:none;text-decoration:underline;text-decoration:underline dotted}b,strong{font-weight:bolder}code,kbd,samp{font-family:monospace,monospace;font-size:1em}.product img{max-width:100%}small{font-size:80%}sub,sup{font-size:75%;line-height:0;position:relative;vertical-align:baseline}sub{bottom:-.25em}sup{top:-.5em}img{border-style:none}button,input,optgroup,select,textarea{font-family:inherit;font-size:100%;line-height:1.15;margin:0}button,input{overflow:visible}button,select{text-transform:none}[type=button],[type=reset],[type=submit],button{-webkit-appearance:button}[type=button]::-moz-focus-inner,[type=reset]::-moz-focus-inner,[type=submit]::-moz-focus-inner,button::-moz-focus-inner{border-style:none;padding:0}[type=button]:-moz-focusring,[type=reset]:-moz-focusring,[t

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\t-b1[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe



Size (bytes): 13027

Entropy (8bit): 7.9643007251178135

Encrypted: false

SSDEEP: 384:IK5q8enBoIM0hKlOlmtxTZluZBgBNeMwq:I/FB7KGAFZluZmN3x

MD5: C7E9CDE1B023229E1394B65E55EE2D3F

SHA1: 2555694B13CFA9D62DF78F3102ADBAEE77CF5778

SHA-256: 87512FFBB262689B9D4B5A400722D262DAD0776AFCFFA8CF5FAD9AD0170F33C5

SHA-512: 3D8E1CB96A627905AD52CD81EA5D95806BC4D7F7BE29ACE54868FCF95A1F8600AE1FE7AF5021AC0BB13800D4756A45B774E594EACB2A6AE0C94F67178CDDA986

Malicious: false

Reputation: low

IE Cache URL: https://thecompleteketo.com/static/keto_complete/v3/desktop/images/t-b1.png

Preview:.PNG........IHDR.............l@......PLTE.............................................kjj......KKK......###...>>>...ccc...jihzyy............>>>...xxwzzz.................................7........cMJ......^MK...0..l|...`QNfPM$$$:!.E#.A%!5..cTR?==<!.fYXRPO...? .YYY...(.....*)*FEEkkkffg///...jUR;88...UTT...mQLi^].....B@@?)'...Q..NLL...g....JIIF(....m......Q*....622.....\RQ]]^YNL.....aaaE31...`WV.....pcb>.-kv.ZIGF,(......4*)......o\Z666b9.i../" ...n..]+.u~.k.....m..r.......xVJO:7...h..j..O'....E87ttt4.................r.....ZH...t.......s<..k.&...h.c..xC....xz|...o....^~..S.h#....rWQk0....eo..dH[,..r..H.>.....F...mF._.U.....Rax.^.z....g4....SCA<H]2=O}....Oh.{^X....|....CSlaB3V4'...|..N ...bU.........Tu...}....w...zu<.D...o.......znj..cq...?...b..s...h..1..wPm7V.yn.m..6..[@...'tRNS.... .;....T...;....c.u&....Z.1.T..~v..~../nIDATx..1k.A..Sz.`..#\uX..f.0L.ad0F..V..([email protected].#(.Y.Y.....e=......N.\...{.m......|>.,\.re6.].3.]!.....b.;[..i5..F..x..




Size (bytes): 18368

Entropy (8bit): 7.967874359338402

Encrypted: false

SSDEEP: 384:4HApO+tbe9ry2C9wR2jUiUB9pAZYCqzAo8eEbENYk2+gkl9YQBzPN:XR52C9wRt72tOB8e8zk2+gkAQzl

MD5: E4A8FB551EBF064B0C52A3ED33CAE888

SHA1: 656DE89F5DA5C157C29D071726E876FBCE1043C6

SHA-256: EDDAB06CE480D2BCE785AB169D225894D1A700FDF26B64B5569F0EF00A500D48

SHA-512: 760BFB1CC02C29C6D6317026884376D38056AA57824DA55CC50B3875339A8254AB1BCA88C0716339B6B89EF454497CF4F5884C6C3B9E471A0EE3F4B1C42CC7C4

Malicious: false

Reputation: low



Preview:[email protected]..~.N......i.G.....c..U..n..=....V..Xh/.........................................................................................................3..B............. i............p......O..R..c...[...[........e.. .Sb......{.....}.$v.......X.....S.{}..........o...V.......v..-..........._....n....j.Gw...L.......B.......z.......o_~.(rG...{.......{..=......g...a....%r.....................x....i..Wx.......V.............y...n...........N.._..&.O.c..Z.o.......Q.d..._.q..m........B~X..1....-..Q6vO...&zJ...:.....|...z..<.b4..6..-.Y.Z.....sG.o.J..x..Ln.}Ip......B...\^.z..o..o..\.-.e.o.M..v.2.....<.b..{.7.o.....~.g..O|[email protected].,[email protected]>..j..!]v.sb...Mz.c8I..c.....6...i.....tRNS....`6........{.......D^IDATx...A..0...^...A.....,..Az....`Q...G.w*.....7X.Q7.~cf.~..T..lv.x.|...N..".r:.|\........r9C..z;...R<.B.<..4.=.2.......A'rn..`..c..H.0...;!.M...

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\t-b2[1].png




Size (bytes): 10565

Entropy (8bit): 7.899435507695424

Encrypted: false

SSDEEP: 192:SgETjNutWwVJXVwTDXL5iCN1otJ4jGCHeugsKSCEZWgqmj:SgETjMtZXWDViCfosGGebcW6

MD5: 1FBE5C8B49135A5A59DAF07319753AE1

SHA1: F820C936923F2A0F7B5F0E445212AE25A137757A

SHA-256: 187613D67B9ED74A0A58C7C8575C1418D4209FFA562760AA2545DE4C250B2DF0

SHA-512: C6AEE9A086F4B040BC9FBCB0081020A6E76A33447EC85AAF177BB0E1DBB3A86652F87EC12F19A2CC79128FE2871B02DA56423CBF0C27B5851AC64D43370CEB8E

Malicious: false

Reputation: low


Preview:.PNG........IHDR.............-n......PLTE...............................................................................................................WMi...................QIe................[Nr...bZtlA.wc....aL....s.]Slo[._.........MD`z{...vb.......`..hR.r..j..t....s.....vt.}i.Q..eQxw...p....m.._t....x..V....X........iV.g..ZF....v..c~.e..p..fl.........^.....c;|WDoK1fTG[i..5&G...^R|...y.bx.r.....js.* :`..b..g..?z......H~.kk.iG.e{x...l}.sk.?r.v.s...V..^c.ro.tD.~h.x.......f..tW....p[.o...y....|..I=U...T....Qv..l.@+Y...e....y...v..l.yv.b..W.....l..aEwZ4p.....Sl..l.ly.?3N.......n...}.{.._...`...sf..|...p........t..f.......D~.y{......z............P:v...{...................Ut.Vx........~]..|d.p[|ruw......X.....K|.............w......_.....I.........S....t.....V..&[email protected]....`....R.X.U.3x.3t.=.h.\.....).....~......$.....!..ScY...H..H.TU.{.fY..C.}e.eEYX.F.:...F.Wa.<w..=..J... $...l......M.-.*57..B...../../..pV2.8.....M..P...




Size (bytes): 3134

Entropy (8bit): 7.78612576235478

Encrypted: false

SSDEEP: 96:qaefLS5MBKkAJUt1CVof1JoubiT6/GTYqoH37:qMMBKkAJmboubiTp437

MD5: 105BB39A9718B5E6C95EF1DE76476C64

SHA1: D8B8E0F26CCD9B0FF32BEBF56CA723C7C87E90E2

SHA-256: B57AF1AC19F731390D47B3D4368BB9E077261B3CDBDD36E4F6CF204FD738677A

SHA-512: 3DA53A00A24F39E348711813825CCA287B12953B44D1B2F839A5C569D1C694AE70C12232D74FB551829EC748577855064C2DD279CD0D1BC9557FF607F2166AA7

Malicious: false

Reputation: low


Preview:.PNG........IHDR...x...x............(PLTE...M...........I................................................................................................................................}}|......N..... Nd-j.J..<..J..I..I..............9..J..J.....M................9...%Wm:..K..ppnF..B..A.....,h.C.... ......?....$.......................I........>..(_x110 ......TTS.$..............'2...7..3z....I....+e..=M.........H.....<..;......n.)bz&[r!Od.J\ZZYEED............D..A.....#Tjbba.3@**). (....../p.-l..EWOON@@?C.......8..']u.BS998---..!6~....ssrllkhhgffe^^].7F."+''&1u.0r.....*5$$$.........JJIN......BtRNS.?.@.?.#....*._...4.T.....{vqE;./.....\..M%..h.....7.....hed`?..'......IDATh...S.1..."REAQQ....{..q...E<..D...)....(..E.{...3.-K.....-.8~?0K..#y.{.....%B....3k.BJ..~d*.\.@..$SGL.u`%.*.......g.xZE.. .n.u[....{.XJ..X.^{.Z...-.L..|...q...k...$...^....;.0...z.?....Z....e...GJ.fE..D..nJ{.N...|&.q...c<k..vt.-.X.x{...~l^mDWa1..M..>`.:.[...1F..)....a.. ........D..[..{.XOL.........L...

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\the-proof-ketopia-ketosis-testimonials[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe




Entropy (8bit): 7.955067592824731

Encrypted: false

SSDEEP: 3072:TxA09X5zPMltilBZlnPgAjEJhCi+8mJfBjovFQ+5d4M:TxA0J5zPMcfxP/jEJo75hQv

MD5: 1869006EEF8CF9347EEB81A87F18705F

SHA1: 2BE99FA30F80518E4DFFBDC0B083C8B765C804A6

SHA-256: 3DC8EC41465F842E33AB23A6CF1258C327C0839EA6DF9240F70E6CF0CAB6827B

SHA-512: 937556E8E553FBAE4E5321A1730FE2F37FD5687D2ADB07F704530A75BC633386A469318CE2888637A2F0ECB5ACA940BA0F625735F9A445AFA836061D7D34A0B0

Malicious: false

Reputation: low

IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/images/the-proof-ketopia-ketosis-testimonials.png


Preview:.PNG........IHDR...).........F.5.....PLTE....................)))..._ODI8....O#.....! 'gVD......872....w[A1*...7*$1.0......cn\M...ZF9Q?5%+6../#.W^e..vdQ...&-...vHEKI^[S-4;h`[GC>N#..mR9=@^enD1.QW]tqjQKCOSO..`;...U.RB7AK...uL?]*"...mic...14GuH,.bR...DM\.kP6..t^|wr....|...l.............S+.....oBsbB...=DT:'...v......FSk..h..Z..}....l\.qM....q-....^......?A5l6+.._..v...YJoz..wcfny...zk...iE"..s.gC..o.......rZ8.\2..y..j../ZB).uf........eYjA9.ZP...hM1....|{i^....kZ.{............c9...swW...............*.....]81."-..^..?.......s.UfkT.|Kz.e~.......~....{R.85..t<...m.......{l.q:.B>.sn.aU.SJRfy.d1:\.....{}.!.\..o_.):.{....l.\..LQ/...Q!.7k!G............BH......(PMo..L......ls..~.y3.O^...Wj..[.Q..).>M.8..s..d..! .....j{.F.........tRNS..[*z...8IDATx...O.e.....[.k...........8...jG.(.H...B..8....,......bQ.&..0..55*.?.X.M...L.........-8M.....z;....y.[n....c`#.C.EA.b....M@<.;.#..KV...)...|....."..#.O...P..pN.MH.=.l\g.)y).O.e...g.y5.l..O.o..Rp

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\the-proof-ketopia-ketosis-testimonials[1].png

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\the-proof-ketosis-call-to-action[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe




Entropy (8bit): 7.901654773591316

Encrypted: false

SSDEEP: 3072:FmFDrpgFBO4QA5yVgqBIFjoRT+7U+GwLe2DVW:FO/iFQ0y+gJV4U+K2BW

MD5: F3629FC6316EB32486047F3EB14A1A8F

SHA1: A132405779A79FE02BEFA1D9A09F047826A17A78

SHA-256: 1B4B046A1C657219469D146FE296AF3BDA86CFDCDBE81327D1CE4BE74B688BDD

SHA-512: E17D65FA136EF6ABBBE53A76DF041A4D1356929B94629EF4199CCE883F6CF9C95FBDDAA3B9C9AD261306EFAA700F6FCE3ADD0E5C16A96F04E00E6638282BC9B4

Malicious: false

Reputation: low

IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/images/the-proof-ketosis-call-to-action.png

Preview:[email protected].................................................................`.///...........qqq...AGB.`....DDD.......L....y.poo....`.....e..............................................................i..........7..............ePM; ._OM&%%bLIC#.3...p....,..[MK-,,_SQ.w.hhhdVU...ZYYj..RPO>;;..........877...h....322@(%......VTT@#.mQLkVSl....IHH@?@NLLEDD...>.-g[Zo.._^^.........m^\.....ccd.........t.......F42.....kw......6)'mmm...K+.G-)....|D......o..s}...pcb.....M'....W0.%..xVK...V*...qh6........y..............x<.5.....C..`/ ..DP........[H...c!....VEBxwx....U..........b...p.......e.W+......m..|....h..].m-..cGQ:5...do..I....z]U..k.K ....r...$}.......C..X..U.kF.p*....y .cU...m>%..0Yn..~...^..C..<..{...q{.....E..]..+.tD<K_G[u_..~qjB.J6.=......_...j....)tRNS...S*=i."....B..!.Cf.^....z..........W".....IDATx..n#7....!....T...<.vSq..$k>..>................>#H....+...0C.w.....................a0.......x..o.A...O...a.....{.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\v3[1].htmProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File Type: HTML document, UTF-8 Unicode text, with very long lines


Size (bytes): 39036

Entropy (8bit): 3.849440134004172

Encrypted: false

SSDEEP: 384:HbpaLYQmo7U4Ycb+HeCMFZqlZpPlTyTSP/7vpL/M:HbpaMQGO++C8wlZpPFyToj9U

MD5: 66E7472426F9F5B446CA1DBB5CEE2F51

SHA1: 5C254DF612A3053AD149D9F7DA27497AC4A9D709

SHA-256: E5B9804C2FD6A5EB04E5CE9D9A74EA4FABA0D5EBF2B3A22FF5CFCBC3FA6AAA22

SHA-512: 3955034F4AC12A09151881098A4C298D4BC5E156C49CF05A2E9C0B55F0C229541C6F5EDF4ADA680A803ED2D8CA5ADBF21CC142401591A56208AFCB4E1FEB147D

Malicious: false

Reputation: low

IE Cache URL: https://thecompleteketo.com/offer/keto_complete/v3/?uid=701230eb-3994-46a1-baf8-62a139392e95

Preview:<!DOCTYPE html>.<html lang="en">..<head>. <meta charset="UTF-8">. <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1.0, user-scalable=0">. <title>KETO Complete</title>. <link. href="https://fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700;800;900&display=swap". rel="stylesheet">. <link href="https://fonts.googleapis.com/css?family=Oswald:400,500,600,700" rel="stylesheet">. <link href="/static/all/css-conf/style.css" rel="stylesheet" />. <link href="/static/keto_complete/desktop/images/favicon.png" rel="icon" type="image/png" />. <link rel="stylesheet" href="/static/keto_complete/desktop/css/style.css">. <link rel="stylesheet" href="/static/keto_complete/v3/desktop/css/custom.css">. <link rel="stylesheet" href="/static/all/intelInput/css/intlTelInput.css">. <script>. (function () {. window.onpageshow = function (event) {. if (event.persisted) {

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\vs[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File Type: PNG image data, 145 x 145, 8-bit/color RGBA, non-interlaced


Size (bytes): 10731

Entropy (8bit): 7.959544581752848

Encrypted: false

SSDEEP: 192:2SxVusOI6Vc6DxbtVVFwMz0ZokmLUNktdtxM1aItwtsRLqCLbyc:Z+XnVc6DxbtLFnz0e3UNkt7y1aItwtsJ

MD5: DACD51F9823B141DF3B45A1142157CF5

SHA1: 497DFEAFD489E22E2C6F075939426FC0B1235843

SHA-256: 176DCBC431F7124D6952E2DB1737296B5AEF51C3256156733F2D24743FA0077C

SHA-512: C72554CE7A2E871C7E709C2915BF637BBAC1396411B12F32F4D29E1868A2C2401AC2F00391823BE9DAA5D8B5960AA1252AE402102E5F00A9537A2A931BD929D9

Malicious: false

Reputation: low

IE Cache URL: https://thecompleteketo.com/static/keto_complete/v3/desktop/images/vs.png


Preview:.PNG........IHDR...............Z#....sRGB...,.....pHYs...............).IDATx.....U..EQ....>.)*...(..D.." [email protected]..@B.$.......J0@.].$..... M... y....wv.=g.:......9w............].h.sWx...8........k,..|...|[email protected]&8...]N.q..'3.<..9}....'.;...qN.8..dU'_.|U~{i'.s2.........u.....2'.8....'.89H...NF:9...:.R'7:...9N~.d.}...N.vr..?.d..s...@.}..w.....l........rr.......p'.8...6'/9YTF.:y....>....8y..w.v2.....N...n..w.f......S...n.n..?......:.F.v........N..F.....l..'N.....l.dW}.H...N.u.........'......&`...E...d.2....T...m..?.d+'g:9.......X......:.(..~3..v.#.;..<...b......L.s....7}.7f.-......K....k.M...?.h....LSGm+.1..5N.h.,....4..l5..s...4.o-'G:9O.vMY.6.....NVt.[..yR.. ..q.;.....Lqr..]..-...........F..W../....|...J..q]......?..w............b3.....0..?vr..y.....m.FWD..2|.:[email protected].._t......y....?!.....?..\...'7.p...giTBb.VC.( .=0......x.e.....u..*t......U.ph$4.9....^.5...V.S..u...0._...D..c....S1x ..q4.E.K..\c}[email protected]:l..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\vs[1].png

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\whatdoyouget[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe




Entropy (8bit): 7.916781664927886

Encrypted: false

SSDEEP: 3072:tRSZR6BvM3QtvXouao6b1JeNUXyw5nN7xRp73KeXYv:/8R6lSajao6b7emXyWnN7xrLBa

MD5: F7395F4F336DB6529B69BD5699F76EC2

SHA1: EB3CD7F6D432C39B85C2AB68ABB11460BF9D354E

SHA-256: D4EBA42BBBDF3E0205DFCE62D9FAD620975E1166194E060F811C88A34E37FE48

SHA-512: BD4BC8E4B1C2E7FE51F8E7BDFC943346ADDD5CE5FA82F123BBBF8471742F072583E1B73FDA89C829FD035DB42F39066991640E43376C8A1EB924D904246E2B95

Malicious: false

Reputation: low

IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/images/whatdoyouget.png

Preview:.PNG........IHDR.............V.......PLTE....................................... . 4..%%&D#.iii7..9!._MJcMJ_PN0..JII?>>>#.0..fPM:88\[[ECC533...>..9..PNN...VVVbab...j..YMKC(%+..j..+*+g..cSRTQQ...dXV.>.-.j}.l..;)'...q..p|.I).kURmQLA%.^TS....$.........O(............h\Z.....H/,...l....D545..m....R/.q..mx........., !....4$%......b.....B.....rqri...r..k....o\Y....r........[)..k`_...G.'...q...|{|[email protected].$c0 .a.y...{\5.qcbM%.........M............v.i..v.......sUM........~.....h...n/ x.....ZI...r.....h5..i{VI.fI...d!..|_.......w.......w<....XGD.bIT.......]dm..eR?=O74.W.Z,..uT....aG}A1.......][email protected]<.u`.p......N4......C1|^W.......~...ob...O@......*0:.oP.........5AR.cV....iNBSg^.....u~...<..`q....La{..{)....8.?..t.y..vr.ddH.T..~....TIDATx..1h.a...x1..(m........v..(...6P.H.8.pP.....jA.7...%.:..Ji{.\...8..I.....9.6j..........|.w.....a.CC.)w.....:?....W*9.<[email protected]

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\JTUQjIg1_i6t8kCHKm45_QphzQ[1].woff




Size (bytes): 64348

Entropy (8bit): 7.993537722902948

Encrypted: true

SSDEEP: 1536:aO0GNmWrknJxbtBY5XrJ+F8+yB09vPfJH4wddZKXs3gAvJ2A11CxbxVQSU:T02mWEtcXsC+j5PhRHZKXs3gW2AqnE

MD5: 1405DDA3ABCCD4D62E6BFD51B1B0195C

SHA1: ACD0C7602DF3A1394E1DB9E0782FFFB7E9FDD75E

SHA-256: 51EDD7F81176C384FDEF0487E8E639285A047592B3DDAB3AA88156D71281AFB3

SHA-512: 2552EE5F87092D6A90CC4029A26763100B42EAF356E5926026CE821AA6A4A445A72D5654467A843DFBEBECB240C5373AA2CE499EB3DEBC4645CD57199726291C

Malicious: false

Reputation: low

IE Cache URL: https://fonts.gstatic.com/s/montserrat/v15/JTUQjIg1_i6t8kCHKm45_QphzQ.woff

Preview:wOFF.......\......,.........................GDEF.......2....X.|GPOS......8....8..<)GSUB..:............OOS/2..?....O...`[email protected] ..H$...\....,...fpgm..H....F...mM$.|gasp..N.............glyf..N....B..+..a.head.......6...6.0.Yhhea...L... ...$....hmtx...l...c...../S.loca.......v......maxp...H... ... ...\name...h........)JD.post...T...L..(....prep.............K..x.....XQ...s_m.6..v\.V..V..m.E\.\.......Yi..U.......l+q...Sv...=|`...}./...Y..y.s..5..w.....R\.'._....._..xL.dLS.s.SI,.2XN.*beU.j........6Q.l...J.z`o.....5.'j"N.d..i8K.p...Rm.....wj'.....xP....Q..:..t......]....P...s..........'....U2f(.s.o..P.7...2|...Eu,D..I.LV....-$cj.`/+d.G..4...F.S...x.V.hTW.=3wf..g..w..l.vXZ ...JAkk..j.+..qI"`e.EP..\.E.R.B...R...%.".....,...a..A...p.3.O&j.........s.R.|....;..Fp..1..=..[...s0.-..w..id.{....(......9:>...........=...`d$.9.....o~7C...%l.|...U.....}l.A....g.. ..p..k..[d....w.n.u..1.j...zkk...;z.h<..l..F.^...*n.!=...llm..K(.'..*...H

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\JTURjIg1_i6t8kCHKm45_ZpC7g0[1].woff




Size (bytes): 67360

Entropy (8bit): 7.991256054146273

Encrypted: true

SSDEEP: 1536:qBiuVt1A78krsF8ljNRptLBgrHKqZPpFEz9ZRcb3l2fJSU:1+168koCBjptL+rvZRuzRcb30

MD5: E8B54199FBD144A34EFD02C31DFD0E66

SHA1: CE483630F953303A4783D7CC9A1563E3015E912C

SHA-256: 58CA60FA247DD7D7CEE0103DCA4B6DFD6D676C03070F861F032BB309F00A6CFD

SHA-512: 252225BCE684E29A97720F2061390BEA22DB7245B7954F0666465617330039832247F5E36EA7E8849BB4DCF0098CFD407C2136898D2CD82E761C55AE258DCA80

Malicious: false

Reputation: low

IE Cache URL: https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_ZpC7g0.woff


Preview:wOFF....... ......-L........................GDEF.......2....X.|GPOS......>J....A[..GSUB..A............OOS/2..F....Q...`V..Ncmap..FX...........3cvt ..Nl...b....0...fpgm..N....F...mM$.|gasp..U.............glyf..U ......%.B...head......6...6.P.xhhea....... ...$....hmtx.............W..loca......i....f.Smaxp....... ... ...Wname...(........*.EIpost.......L..(....prep...d.........K..x.....XQ...s_m.6..v\.V..V..m.E\.\.......Yi..U.......l+q...Sv...=|`...}./...Y..y.s..5..w.....R\.'._....._..xL.dLS.s.SI,.2XN.*beU.j........6Q.l...J.zò.....5.'j"N.d..i8K.p...Rm.....wj'.....xP....Q..:..t......]....P...s..........'....U2f(.s.o..P.7...2|...Eu,D..I.LV....-$cj.`/+d.G..4...F.S...x..V.p+G.}R.....e.G..g..133....133........Oeg#.:.^mm......pO......o..`.x...x...w.+..y.$...(.0..Zh.X...2...6v.{'....cxI........z..c.d.h...!..[.6.....q..<.3B.haue.......V.1......-......l..H....x..B......y~.../.....L.5._.]....Z..>.....z..;n.`....QW...D..$j.X..D.u.......d}............3.Y.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\JTURjIg1_i6t8kCHKm45_ZpC7g0[1].woff

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\JTURjIg1_i6t8kCHKm45_bZF7g0[1].woff




Size (bytes): 67256

Entropy (8bit): 7.993061921886421

Encrypted: true

SSDEEP: 1536:NqJo5xJ07m3VzrGTKroF8W0kkeg3Q7i8ZtqY+qkfjm6+E/TU+m9T37SU:NquJuWUCWkhQxeY+zC6+ErUfV3f

MD5: 3117C2D16F1E8CD7221D7C425A9B8C8E

SHA1: A3609D878A602F65CAEDF4917DFB6B877450CA48

SHA-256: E6EEF844F108468F293ACF079590DD050C8AC756C05463E3BE98CB0D8BF853B0

SHA-512: C3ED06997E0B9A01A06B126FDD63AE9AB212E20E67AB2AA23F66E7DB21AA3AFEBC9BD437D317ACAFBA654BFF7810B3DA120AA265AD080583B473DFD7BD985A3C

Malicious: false

Reputation: low

IE Cache URL: https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_bZF7g0.woff

Preview:wOFF............../.........................GDEF.......2....X.|GPOS......=.......Y.GSUB..?............OOS/2..D....N...`Vr.Zcmap..E............3cvt ..M ...d....2...fpgm..M....F...mM$.|gasp..S.............glyf..S....s..(.Av.2head...H...6...6.Z..hhea...... ...$...)hmtx............K.}loca...,...q....q..Hmaxp....... ... ...Wname............+.FOpost.......L..(....prep.............K..x.....XQ...s_m.6..v\.V..V..m.E\.\.......Yi..U.......l+q...Sv...=|`...}./...Y..y.s..5..w.....R\.'._....._..xL.dLS.s.SI,.2XN.*beU.j........6Q.l...J.zò.....5.'j"N.d..i8K.p...Rm.....wj'.....xP....Q..:..t......]....P...s..........'....U2f(.s.o..P.7...2|...Eu,D..I.LV....-$cj.`/+d.G..4...F.S...x..V..l;.=3=.;.s..au..m.m..m.*}...m..S..?uj.V........$.3.......:.ko.%.=.:...;w;..K"..s0._....{.4.(..c....._w.vp.V.Qwtu`}..h...<...=...hL.....y.e.\._q1..eP.....3iU......l.~...7 .../...7.....=7.MC.}..t....l..Q[. ...X..'...m$n.=.7z.2...X.@3"......W..h.O.....D.~...8 kiX..W..z....UtY...v. ..kv...I.UO

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\JTURjIg1_i6t8kCHKm45_c5H7g0[1].woff




Size (bytes): 67176

Entropy (8bit): 7.993091271279907

Encrypted: true

SSDEEP: 1536:k54j+Ru+kwzuyhrNF8KvsloQRvAJ7VfaPj8pEn8SU:sU+1uipCKvsuuvk7QAw6

MD5: 189BFDC04FD790DD68E1DE69A890C279

SHA1: A1CFDC2F078F8985FD451B1414D11782C7D06D97

SHA-256: 2D2FEA641F7A7E05EFE8AB37C64B922C8D63E398D6C813418A0DCE56E661EF06

SHA-512: D21F380BAAFC5F37F8CFF9C6D5A33250BE66D1AA1379950516B5243A20071516AEBBBB451AD79C21A91ABC312B7C756AE196D4CB5ADB92CE458CC3F6D4C4CD80

Malicious: false

Reputation: low

IE Cache URL: https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_c5H7g0.woff

Preview:wOFF.......h......2.........................GDEF.......2....X.|GPOS......>#[email protected]/2..E....Q...`W?.tcmap..F0...........3cvt ..ND...e....56..fpgm..N....F...mM$.|gasp..T.............glyf..T.......+P..uhead.......6...6.t..hhea...,... ...$...Yhmtx...L........_t..loca.......q......Bwmaxp...H... ... ...Mname...h........+.G.post...`...L..(....prep.............K..x.....XQ...s_m.6..v\.V..V..m.E\.\.......Yi..U.......l+q...Sv...=|`...}./...Y..y.s..5..w.....R\.'._....._..xL.dLS.s.SI,.2XN.*beU.j........6Q.l...J.zò.....5.'j"N.d..i8K.p...Rm.....wj'.....xP....Q..:..t......]....P...s..........'....U2f(.s.o..P.7...2|...Eu,D..I.LV....-$cj.`/+d.G..4...F.S...x..W..k.....nn...iO.3.m....mk....>.m...O}f.^we...sj.O.:..f..R.B.........8.......g.{.[#..;.`.%.)..~.Y.(....Ql.,G.x..v.(.F.p`.......2.5Z.q....SC..........{.R#.F..f.-~..J.O.....?.ZL...V...E4...?.|..+}.G..!....e>...I......}... .B.q{U\/.H...cb..........ZC....L......@<.......].X.~.%P.........._.[o.D<

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\JTURjIg1_i6t8kCHKm45_cJD7g0[1].woff




Size (bytes): 66760

Entropy (8bit): 7.992566869086574

Encrypted: true

SSDEEP: 1536:rFLrJF8VoDzqofN6KN+iS9LtqXwSGs/VwpQSU:h9CVoDzqo16KKRS3d6m

MD5: 605B1955F137C5A0F5C8BB9EF8E159A0

SHA1: 7D18B0663855A3B69CB9C96CB0CD12F8E4B6FA0A

SHA-256: 2CFE51BC6374D398DF02878552212424C127BF52D72E67FB3A1CF637AF984046

SHA-512: D375D1665B2C4CAA0E466B3999A572338F04EF3D61CE4AD9E9BBA451AE0DC1364112A96615514DFB0877245EB58DF5A6A78DA6F0A21DF8CFB17F7EEFAFC0C4E6

Malicious: false

Reputation: low

IE Cache URL: https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_cJD7g0.woff


Preview:wOFF..............+`........................GDEF.......2....X.|GPOS......>O....J.i.GSUB..A............OOS/2..F....Q...Ù?.:cmap..F\...........3cvt ..Np...b.....:.Gfpgm..N....F...mM$.|gasp..U.............glyf..U$...G..#.M.Ahead...l...6...6.<.ehhea...... ...$....hmtx.......~.....V6bloca...D...o.....,.maxp...... ... ...Zname............)!Etpost.......L..(....prep.............K..x.....XQ...s_m.6..v\.V..V..m.E\.\.......Yi..U.......l+q...Sv...=|`...}./...Y..y.s..5..w.....R\.'._....._..xL.dLS.s.SI,.2XN.*beU.j........6Q.l...J.zò.....5.'j"N.d..i8K.p...Rm.....wj'.....xP....Q..:..t......]....P...s..........'....U2f(.s.o..P.7...2|...Eu,D..I.LV....-$cj.`/+d.G..4...F.S...x..W.t#I..mu.v......-33333.........y....,..........z.V..j...UF. ...(.#.;..K......\..1..$w.......lj.A.r.._..1...?u..u...a....2.. O&.F.....S..x...?..w\.k.u.2.(c......(..=.....<[email protected]>.7..7...~._.....o.v.Ob....v.?A.B.-.A=..&.NJy....0.....@.:v.....h...!.d....D.m.b........\.....]..-..V

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\JTURjIg1_i6t8kCHKm45_cJD7g0[1].woff

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\JTURjIg1_i6t8kCHKm45_dJE7g0[1].woff




Size (bytes): 67392

Entropy (8bit): 7.993079288888571

Encrypted: true

SSDEEP: 1536:pinw/aQ+RbgHrzF8pmnFaMb7lkZSVphQsk6PyLUsSU:piwXwgHPCwnHmu4

MD5: 96B1AA0B0A38813B47AB845CD4652B6E

SHA1: AF561251F32CE789B0F8D4AE6C8E7513B72D4133

SHA-256: 525625DF06CFE5F859B78769A26CFB423A9CB5D15104F535EAFAB6697E9EFE09

SHA-512: 81F6BD7330A37BD049E8FB68A6A789EC902A4258031009F0B05BA0D0F390E4F3F6D59B1A490B910C2820C883608A375D565A11FAB12F56469E5F9AB1EA39548F

Malicious: false

Reputation: low

IE Cache URL: https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE7g0.woff

Preview:[email protected].|GPOS......=.....;'[email protected]/2..E....P...`V.Fcmap..F............3cvt ..N....e....3..=fpgm..N....F...mM$.|gasp..T.............glyf..T.......*....head.......6...6.i..hhea....... ...$...Ahmtx...8........8+.loca.......n....&;q_maxp...0... ... ...Mname...P........*SE.post...8...L..(....prep.............K..x.....XQ...s_m.6..v\.V..V..m.E\.\.......Yi..U.......l+q...Sv...=|`...}./...Y..y.s..5..w.....R\.'._....._..xL.dLS.s.SI,.2XN.*beU.j........6Q.l...J.zò.....5.'j"N.d..i8K.p...Rm.....wj'.....xP....Q..:..t......]....P...s..........'....U2f(.s.o..P.7...2|...Eu,D..I.LV....-$cj.`/+d.G..4...F.S...x..W.p...}V.V.."gs1..cfffff4|ffffff.pR.....p..z.e...x......7S.W....$|.v.Q'....W.p.[.\..1...w...f.....q.y..9|...O.....8......q...|0&.....1D.Q..........o~t.c.G...l..Uz;gu!..n..;..U`....1.zPB..:....*..}..?.s.N_..5../.....{}......0j..F..%@..s'[email protected].!..m.gYk..HzR[D_ ..$..0.A_..:...c.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\JTURjIg1_i6t8kCHKm45_epG7g0[1].woff




Size (bytes): 67412

Entropy (8bit): 7.993450426954292

Encrypted: true

SSDEEP: 1536:vpUdhLGRrmF8WfSbBbaWCShX2pjB1AcEZpwpXssK/bg9SU:vgl8KCWfSbBbaWCSh6jB1UZpQc9/w

MD5: 0E813A2AA235DEC42E57B2528E706E6E

SHA1: 2C60C82DD360D8B0ABC0E95235E01054851F3387

SHA-256: C680AD34448FA46EDA0C53281F2CDEC64CB508D636E21608E551B7716C026C7A

SHA-512: DFB17A1FA40C2102F4D9ECEFA98FA85AC1676CEA752726CC6B8EFC44792E29383C14F8437F227859791D72F418D43E71628D1D1E4733021BE76B942D60561A56

Malicious: false

Reputation: low

IE Cache URL: https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_epG7g0.woff

Preview:wOFF.......T......O.........................GDEF.......2....X.|GPOS......7.....L...GSUB..:L...........OOS/2..?P...Q...`W...cmap..?............3cvt ..G....e....6..Xfpgm..H ...F...mM$.|[email protected]%.head.......6...6....hhea...(... ...$...uhmtx...H...r........loca............/.maxp...@... ... ...Pname...`........(.EWpost...L...L..(....prep.............K..x.....XQ...s_m.6..v\.V..V..m.E\.\.......Yi..U.......l+q...Sv...=|`...}./...Y..y.s..5..w.....R\.'._....._..xL.dLS.s.SI,.2XN.*beU.j........6Q.l...J.zò.....5.'j"N.d..i8K.p...Rm.....wj'.....xP....Q..:..t......]....P...s..........'....U2f(.s.o..P.7...2|...Eu,D..I.LV....-$cj.`/+d.G..4...F.S...x..V...Y...;.{..7...........,Km..j....JSU.d%H.J.l.[+X.Z..0.0.L1a.....,......~..7..5.%..y.{...9.........6o........3G..FD.......:C.#Xg.C......'!.9rn.....a....}...d.k..G......C.~7uglt..7...B7.G....V..n..2..t1...M..1..U...5......p~..i.'I5...)[email protected].,.l.V

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\JTUSjIg1_i6t8kCHKm45xW0[1].woff




Size (bytes): 67496

Entropy (8bit): 7.993595810257416

Encrypted: true

SSDEEP: 1536:OG0h7CMbXrJF8cKJjIl5QmNZ/dTt/OvUoSLvwkFlJiSU:OBTbXdCrjwnVtKiXJw

MD5: 7BF99C007ACD1BAA1F21903B6FDA4D65

SHA1: C7B424219F0681A8DD969CF5142DC1D49A96CEC9

SHA-256: C04F4153C1FCA18DFC983F5998F324498A7F36FAB4FD072EC5B956F66D254F61

SHA-512: 4E1F30ECA483CD85D55C79A5711CDB665F6AFE88F008843E82F9450B2384C49E76B389FC56547E522A1082DF29FEA82FC40EF396186F0AFC7D61309AA52CAEFE

Malicious: false

Reputation: low

IE Cache URL: https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm45xW0.woff


Preview:wOFF..............4p........................GDEF.......2....X.|GPOS......><....}[email protected]/2..E....P...`U..Bcmap..FD...........3cvt ..NX...\..../R.Hfpgm..N....F...mM$.|gasp..T.............glyf..U.......-"...head...4...6...6.F.nhhea...l... ...$....hmtx............!.loca.......r......maxp....... ... ...Yname............-5H.post.......L..(....prep.............K..x.....XQ...s_m.6..v\.V..V..m.E\.\.......Yi..U.......l+q...Sv...=|`...}./...Y..y.s..5..w.....R\.'._....._..xL.dLS.s.SI,.2XN.*beU.j........6Q.l...J.z`o.....5.'j"N.d..i8K.p...Rm.....wj'.....xP....Q..:..t......]....P...s..........'....U2f(.s.o..P.7...2|...Eu,D..I.LV....-$cj.`/+d.G..4...F.S...x....$K....h......c.l..7X.u..m<c.6..X...b...:.k..y2+32"*2...I..8..`.....y.S.0k.UO_.T..c..^ZWb.(..j....8.<....9.k..p>'.G .* O&.F.:.R...?~...}.;&..... .Y.>.T.o...-....^.s.?.H.....n.@..|...w.....x.....O....1.U...:.....Nv..@x........$...R ..x`[email protected]`xT.I.....W6...%q..../..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\JTUSjIg1_i6t8kCHKm45xW0[1].woff

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\TK3_WkUHHAIjg75cFRf3bXL8LICs18NvsUZiYw[1].woffProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe



Size (bytes): 20224

Entropy (8bit): 7.9657380550087655

Encrypted: false

SSDEEP: 384:uprxdfS2/VnjJB9sJNPdd9psuG0DBnJy7Or4Xh3l0GoLB/YmHBy6kuSlH:urdf9jJbod8CnJyZh3lju/VhzRSlH

MD5: 0AD98BC7A4E44D268AB5B27DB625E884

SHA1: 98A7B2FCEDE6BDB83C658803DF2FB9AD40779C51

SHA-256: 3BA2C5F6FDAA53EBA8978A0D865A0838B2D32C1FA62922B542126725871DB1E2

SHA-512: 647C3F0A816B9DE369B8DC31215A5863C15A169B45C8A3C28092B59F15737AEE8DFBDE6B38863501BCBDFD7E0E2E2750E150A06ACC958ED4E81396C4C4B387EF

Malicious: false

Reputation: low

IE Cache URL: https://fonts.gstatic.com/s/oswald/v36/TK3_WkUHHAIjg75cFRf3bXL8LICs18NvsUZiYw.woff

Preview:wOFF......O........X........................GDEF.......E...^...nGPOS.......=.....x.GSUB..............rOS/2... ...O...`..>.STAT...p...&...*[email protected] ...<...E.....]..fpgm.............6..gasp...H............glyf...P..8=..c....`head..H....6...6....hhea..H........$....hmtx..H............Jloca..K...........~maxp..L.... ... .<.;name..M....,...`8 [.post..N@....... ...2prep..NT.........<l.x.....@[email protected].$8...h0|...I..R...I_..K......N...r..,..k...x.l...7...._.m...y..5.6..qf....h.>u.|...y{[email protected]...|..t...3..Gl?.h*`%.D*.\.ju.54....`5.}.....]..p.....*....O.W.u............".....T.S8...H..tOz....J.O.7..R...>..@'.Q..KW.2..b...d.d....\.2..T1.Z...:..{...c9...b..lc...U..%Ts...F.E.....)..V..or.Jt...H...<?..v....#..g\.?...>.u?...;Y...w.....0..Q.....\...9m....[..X.[8Xs..MTRAE.TV..+].WC...e{..h..i.&h..h.....h..i.Vh.ViM..*U.Vu.W...uZ...M.-..uh......<...g....w._.Fg....Fi..h..i.&h..h.+.#...?r..u0_....7t....4........=..>&QpVr.W..8X..O#....O.l.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYw[1].woffProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe



Size (bytes): 19740

Entropy (8bit): 7.96718105168869

Encrypted: false

SSDEEP: 384:KkQ/onjJ9IcaAoa5Wk90ezJdiV3jOAGMKsMtVDG8XoUlinz1Itb2:rjJ9Icv5hwdO1M3GBGIoUinzq92

MD5: 0E88EC239D6256E2C889DF2E3F0D51F2

SHA1: 6C1C1638CF7CCF809ADB7E22E3939252259B342D

SHA-256: C2DE2E045916EC52E4C0CEEA38FF283332551D4187262AFE453CA8C7153BAFEC

SHA-512: 1A304DDD9AA90E9E03310754EFE4BCFAB8BE659DC8A724608115FA32EA500C1AC37410062B7EDFBC1581587DA1BE8651310BB14AB3875226313884ACD88AF1F1

Malicious: false

Reputation: low

IE Cache URL: https://fonts.gstatic.com/s/oswald/v36/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYw.woff

Preview:wOFF......M.................................GDEF.......E...^...nGPOS.............v.GSUB..............rOS/2.......O...`.3>.STAT.......&...*[email protected] .......D.....%..fpgm.............6..gasp................glyf......6...b..N(.head..F....6...6....hhea..F........$....hmtx..G....*...... [email protected].... ... .<.;name..K<.......B4.Q.post..L\....... ...2prep..Lp.........<l.x.....@[email protected].$8...h0|...I..R...I_..K......N...r..,..k...x....$I.@_U..k.....m.3.g..]......{..../^f.4.M.dR...K..%w...%....@0e..... $]3.e..5.nA.|J...r.....`...A\............F...,.!.!.-*.5=......Q..ot{.d.|.B.J.V.E.].K.).DH....r,.P.l.R.\*Q.B...>.hJK..$...n.c(. ..l:.@:.\..R..f.y<&W.t%.:.....13....k<..d...%.9.B{ ...........="G..f..F{p.c_q.K<[email protected].)..i.......k%?W.*ZU.iu..5....Z..6.V.i{....vq....z.^.W...y.Z...:BG.(..ct.N....Z.{.q..FF.C&..E..V.*ZU.iu..5.....9~s._.N.f..u`>..|..........[pM....!.<3#u.0^..x..l{....4...}. .

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiYw[1].woffProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe



Size (bytes): 20140

Entropy (8bit): 7.968457390339718

Encrypted: false

SSDEEP: 384:lT1BUIZSm/F1njJCyS32+PJt/HxrT/1O1eSe7RRJXmL5dBPjSoYaG7dv:lT1+IZDjJCBPr/HVdO1gRRM9FYaov

MD5: C8EE6FE62C4BA1B3F6CB790030A7A04A

SHA1: FD714B4271D326C46076FAF4D2D6EDB9423A5CCD

SHA-256: 84E0AF767E6764A06CE933086F62A8A2C6CE7BBC994868720E46E6570D6F71D1

SHA-512: 8A8811EEE65C7A81B411BA27E9CFC9422CA6E9E4CC201D528CF36B7D61C6C7662E7DD98B7CAE2717580F81FF145E2720C2E95CD95365DDE7117B4259F198C8B2

Malicious: false

Reputation: low

IE Cache URL: https://fonts.gstatic.com/s/oswald/v36/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiYw.woff


Preview:[email protected]...^...nGPOS.......5.....b..GSUB..............rOS/2.......O...`._>.STAT...h...&...*[email protected] ...4...E.......Yfpgm...|[email protected]*...head..HX...6...6....hhea..H........$....hmtx..H....%........loca..J............maxp..L.... ... .<.;name..L........*[email protected]........ ...2prep..N..........<l.x.....@[email protected].$8...h0|...I..R...I_..K......N...r..,..k...x....l9...$.{<.m[c.m.Q^.......]x~c.d.J...9.}..In..=.....+..Wr...:..s..H4..9....Q.x.D.J..h.....R3.MC....G....Y....;.^x.n.5......_T.Qn.[mkl.c.mr.MvE........$w.{.}.>w.....5D..Q\V.d.")MY..._.....9F..GS.`M.L..|-..-U..*_....t2.S.J....J.......u(G7.V...T..P.b.'....<.g..z...`.l...._....&.....6......W9M.Yq.........E........N.x./..."..ea.^.9XN.......,8. .qH.t_.....$...1<..q0.&.D...a...MZ.......X..`5..ud......P.EP...9..h8.....x8.N.S.4...u...j.f....t...0...8...`"L..0.f..pF.g4..0.^.w...>.4..)G.*....q.........y

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiYw[1].woff

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\TK3_WkUHHAIjg75cFRf3bXL8LICs1y9osUZiYw[1].woffProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe



Size (bytes): 20248

Entropy (8bit): 7.964171467698386

Encrypted: false

SSDEEP: 384:bGGu/OnjJlrI0myyg1Tfz0jXpxGpG5exBwq9iVYB8wlQiZi3TIgPuZw9+ywWA:bGGjJARg5wjXsVwYB8wfZiS69+vj

MD5: 47FEF7E5CE2663EB933D86AB6C81B2AC

SHA1: 988C697D8562B981F9F11233EEC1507CF53D25B0

SHA-256: 1F2FD1B553543006EBB05CD1E4EB58A0604EA3F343C0F534E88B8542BFE0D4A7

SHA-512: D5EEF37B6C92A6AEEC638249C16554D4D29C3BE1B2B1B41EAA19D61617D55E28D9C8493190F89F06B7AE1AA05C4F551A5D7F0476749A49D6BFC3B578F1E43155

Malicious: false

Reputation: low

IE Cache URL: https://fonts.gstatic.com/s/oswald/v36/TK3_WkUHHAIjg75cFRf3bXL8LICs1y9osUZiYw.woff

Preview:wOFF......O........t........................GDEF.......E...^...nGPOS.......B.....F.1GSUB... ..........rOS/2...$...M...`..>.STAT...t...&...*[email protected] ...@...E.......1fpgm.............6..gasp...L............glyf...T..8L..c$\.a.head..H....6...6....hhea..H........$....hmtx..H....*........loca..K$..........lmaxp..M.... ... .<.;name..M ...7...p9.]@post..NX....... ...2prep..Nl.........<l.x.....@[email protected].$8...h0|...I..R...I_..K......N...r..,..k...x...pnG...={...}......f..=.1...Am.V.F.gv...<...~.~./.I).....*.T...'.....9...;JIb...(.R..n.{+..H....G{.;...4zV=t%.i.7O...k...O..=e....?.?.......^b.}....l....Y..}.o?...f..*....(QR...s..4M.t...."4QK.\...v.4.R\.U.J-..'.......:.m.Yh..Aq...U..P..A...O..}.c\..v..^HP*...."m..v.)P.u..Y...t..HVK....1..X..W......C..0X5.nN..........Y.fF......n...B.. .R\.R!..H...Y.g.....`>,.....Q.*...5....z...a3.....J........`8....j......Nr]T.J....V...G.J.O.<...a..y0...BX..\...79.t...#._.....J.:Y..S9..U%..C.1.[Su..)dW"

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\analytics[1].jsProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe



Size (bytes): 49153

Entropy (8bit): 5.520906949461031

Encrypted: false

SSDEEP: 768:/yR3fYFBLbfs5sP5XqY3TyPnHpl1WY3SoavFVv6PU+CgYUD0lgEw0stZM:/y9gZfl5h3UHpaY3SoRCw0sk

MD5: 6DF1787C4BE82D1BB24F8BFFA10C7738

SHA1: 3634E839429E462E49C5F42B75FBFB4BA318AF6D

SHA-256: 2CB09C7B3E19BFC41743CA3624EF81C3258D56525647FEAC76AA757E0292627A

SHA-512: CB3CE2BCEB61F390298C21E470423CCEB6DD93E648A7DD0467195B11FEF30BF7A086DFF47C4494E2533498D1448C1A22AAB1414C14FD73278F1C92E0F7BC3F94

Malicious: false

Reputation: low

IE Cache URL: https://www.google-analytics.com/analytics.js

Preview:(function(){/*.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0.*/.var n=this||self,p=function(a,b){a=a.split(".");var c=n;a[0]in c||"undefined"==typeof c.execScript||c.execScript("var "+a[0]);for(var d;a.length&&(d=a.shift());)a.length||void 0===b?c=c[d]&&c[d]!==Object.prototype[d]?c[d]:c[d]={}:c[d]=b};var q={},r=function(){q.TAGGING=q.TAGGING||[];q.TAGGING[1]=!0};var t=function(a,b){for(var c in b)b.hasOwnProperty(c)&&(a[c]=b[c])},v=function(a){for(var b in a)if(a.hasOwnProperty(b))return!0;return!1};var x=/^(?:(?:https?|mailto|ftp):|[^:/?#]*(?:[/?#]|$))/i;var y=window,z=document,A=function(a,b){z.addEventListener?z.addEventListener(a,b,!1):z.attachEvent&&z.attachEvent("on"+a,b)};var B=/:[0-9]+$/,C=function(a,b,c){a=a.split("&");for(var d=0;d<a.length;d++){var e=a[d].split("=");if(decodeURIComponent(e[0]).replace(/\+/g," ")===b)return b=e.slice(1).join("="),c?b:decodeURIComponent(b).replace(/\+/g," ")}},F=function(a,b){b&&(b=String(b).toLowerCase());if("p

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\bottle-1[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe



Size (bytes): 44074

Entropy (8bit): 7.959071627408484

Encrypted: false

SSDEEP: 768:+z1eT4C8PvtZQMjr1SvLrsu0PZdxNF+3vI9mC+gc9+GiqmyH:0eT58PXNJC4u0P5+imLgc9+zc

MD5: 4EAD30F2EB68F3BF5C34BC6D60CB6023

SHA1: B28701BB2B3D10D08A92E09F1C8888073511CC3B

SHA-256: 9DEF3225F95DE48A2BCA507FF4D87BF02A16FA47CE00899BA04A1F5B2843809A

SHA-512: 1BFFAA7C88C66EF9147562D053DBB30151BA266D9B047892044806F6DFCAF2BACF5D4142C650B867B5D84C953E4C68EA0AA1F5B0D3B438B0A46755F377037203

Malicious: false

Reputation: low

IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/images/bottle-1.png


Preview:.PNG........IHDR...D...0......o.....PLTE...................................................................666===...rqqVVV???...{zz.........|{{kkk....................................4..cMJ^MKiii%%%aQOfQN...;".8..ZYYaUS<!.><<0..:87533B$ ...GFFBAAVUU@)&dXWSPP+**kURg..OMM..._^_9..mQLB!.YLK[QPKJJ>/-k|...ddd...F31.....p{.....l..h\Z'.....F(.......G$....7)'.......l..i..O-......r.....i..3"....l........Q).F-)...ju........._.....[2....r....uUKO!.j..k`_xA.qdc...p^\.....4.."..o..a..O<:V/#.....o.........pYV...y..m..utt......XI* ....a!.pooj=.....XFC...G..f....dn.l/....v.........d.i4.|zz...C..A..........X.Z(.y..O......f_^.l..]H.dH.s..]..w....hD~..cV....~.........\hu|_V....N%...pF...^..}.......08Fw*.%+1u}.IXqcC5.....>Rj.......=.D...:DW....2fs.3.;.z?G.Q..8..u`../k3.......'tRNS...,.O.8.C..|r`...>.a......R...}..n.T......IDATx...Mn.@......(...r.n....\.t._...*..#9.T....J.YEi..o$$..`}...>.!....X.O..Q_Q../.}%|9........S./|...?......*m S.DV..Y...F.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\bottle-1[1].png

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\css2[1].cssProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe



Size (bytes): 1903

Entropy (8bit): 5.169894884232458

Encrypted: false

SSDEEP: 48:nOOS0ajOO6afuOO1a+94OOEaBOOXa5OOxMamOOparOOwha8OObae:nOOS0ajOO6aGOO1a+94OOEaBOOXa5OOM

MD5: A6319B6B40D79C12A9607278D9D1EA67

SHA1: F20DC75B3B839BB812A69870C6C4AD64E7FE26AB

SHA-256: 0518A2FFFDD5A04E2CAB7E173C46630267A2918BB23615ED6E0A63FF3F5CD873

SHA-512: EB5F20B9FB22A45F9CC5E690C23C71F03C3C06177B9C360C788174AFD23FB819282A5268DC99FAA67DE1BB436403E82D65199F349E2973CC2988D29DAC348EA4

Malicious: false

Reputation: low

IE Cache URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700;800;900&display=swap

Preview:@font-face {. font-family: 'Montserrat';. font-style: normal;. font-weight: 100;. font-display: swap;. src: url(https://fonts.gstatic.com/s/montserrat/v15/JTUQjIg1_i6t8kCHKm45_QphzQ.woff) format('woff');.}.@font-face {. font-family: 'Montserrat';. font-style: normal;. font-weight: 200;. font-display: swap;. src: url(https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_aZA7g0.woff) format('woff');.}.@font-face {. font-family: 'Montserrat';. font-style: normal;. font-weight: 300;. font-display: swap;. src: url(https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_cJD7g0.woff) format('woff');.}.@font-face {. font-family: 'Montserrat';. font-style: normal;. font-weight: 400;. font-display: swap;. src: url(https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm45xW0.woff) format('woff');.}.@font-face {. font-family: 'Montserrat';. font-style: normal;. font-weight: 500;. font-display: swap;. src: url(https://fonts.gstatic.com/s/montserrat/v

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\css[1].cssProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe


Category: dropped

Size (bytes): 772

Entropy (8bit): 5.375180793926211

Encrypted: false

SSDEEP: 12:jFF5O6ZRoT6pTyjknqFF5O6ZX6pTPSnqFF5O6Z0/T6pTHqFF5O6ZN76pTTLY:53OYsXA+3OYX8S+3OYUTp3OYN7n

MD5: BEF5FF0F14140E671FEED4EE951574CB

SHA1: 106B0456B573D94C7F185C9A3DC58E59E1B2B930

SHA-256: B5F6CD1CF637AFBA7F3BD797D330242543510524DFDEDDC73B914EDCB5EC06FE

SHA-512: D3DFC400C9221BD8E81FAA991C5E435E5ECFE90AEDBAFE97E9E3EA9138A6B354F0AFA0025E470377D21EB2633F010A3E43DB83CBF31AF8FAE86CCEE4EA076581

Malicious: false

Reputation: low

Preview:@font-face {. font-family: 'Oswald';. font-style: normal;. font-weight: 400;. src: url(https://fonts.gstatic.com/s/oswald/v36/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYw.woff) format('woff');.}.@font-face {. font-family: 'Oswald';. font-style: normal;. font-weight: 500;. src: url(https://fonts.gstatic.com/s/oswald/v36/TK3_WkUHHAIjg75cFRf3bXL8LICs18NvsUZiYw.woff) format('woff');.}.@font-face {. font-family: 'Oswald';. font-style: normal;. font-weight: 600;. src: url(https://fonts.gstatic.com/s/oswald/v36/TK3_WkUHHAIjg75cFRf3bXL8LICs1y9osUZiYw.woff) format('woff');.}.@font-face {. font-family: 'Oswald';. font-style: normal;. font-weight: 700;. src: url(https://fonts.gstatic.com/s/oswald/v36/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiYw.woff) format('woff');.}.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\doposle1[1].jpgProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe




Entropy (8bit): 7.984153508773495

Encrypted: false

SSDEEP: 6144:lLzyxHhfbpD6mZ6ULdwHcdDjGKj7Zl+EhI9zYhsW/NBv:lLz0HhTZldgsWKhl+1zU9Tv

MD5: 0D36B71EE5E58D4786E66242092B0E8D

SHA1: 19A622B974337A2E70F7BDBBF073F1FDBD511A68

SHA-256: D83BF52D4CF194DE0B13A065A99BAE0A844AFA29CFCF7BD32A72431C4FF5A4B2

SHA-512: 3F93763C67AD3C02F494F17A471F5BE6CFB5BF98B62814AF8A4ED858FB5C2FE5C6BAB4CA34888EFA49A3917366A1CF001E8350D8D3615FFA5D610BA9C5683B4C

Malicious: false

Reputation: low

IE Cache URL: https://thediet4slim.world/static/diet/fr/gala/v2/images/doposle1.jpg


Preview:......JFIF.............C.......................................................................t.U....................................................R.Z.M.r].....}..j~.2X.JuL.+.e.C.[....Q\>.........<.r.h.g1..r0.c....a.WE..|g.....R..;...9..?s.....~.."....e..,...m..._..V.!X.U?.m|.......Z.W..."..2..~s...T.....y.F..k..B.....>.'...X.iq..?..w.w....y.{.-88.F.G...l.(...j..^[[email protected]...).i..x.~....}.w.....U.%.E.gG..[3...%..W./[email protected]....$;.3.p..;o..Xe.8...(....y......D....x..D?w.O...>r<..}..}....P.....^..5X...t;...m.......e....F.3....G.}..ZG.c...}Ks2../'........N.C. .....c.....*.....e.F...O.o;....>..w.}....I(..?\.[..47....V.Rc.<O......k.b.]V....g{/..j...~g5.h;<..pxK>.R-..H..B.....N.35g...1....|C...D.>._s......>..W9Pu.T{\..,...A.V..||.w..O.^.U.S.....}..(..0...m.N.ZvD`....Q....}..q#[x....F.....k.#.s.}..~......#....r-.q....Q.q.....B.<.2s.'.....$.d.^..W.}]!.]..k..._..B...+.....].#V.&....

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\doposle1[1].jpg




Size (bytes): 47828

Entropy (8bit): 7.986020178329024

Encrypted: false

SSDEEP: 768:7w/DBM1Px1n2IZWh7Rxi5RpfPkqRnkizWSyafg8eqI+2sGvsQD5L+/m:7w/DBM1Pb7ZWhV2f8qtk0hyxj+S7V++

MD5: 32624F617BB27F4CA56DA45C991DC868

SHA1: B8102BD6E45AFC01E0FC87AF3B110705956CF876

SHA-256: 31D1299CC6B8567927AC9CF933FE207E952828E45F6EFB31646F025C452C9475

SHA-512: 72B73C7ABAB8E192C65315114B05842CF2E4C287E4ECDDAF95DE19CEE540BD61FA02C70806A12FA780646B9BABFC9E96F0DF0D7EA98DA640D8D661D199D04ABD

Malicious: false

Reputation: low


Preview:......JFIF.............C............................................................................"....................................................Q..3.k.8x8x.6.J.o_e..Zj.e.1.[.>....sF.v..6....U[U.-9.'9.aj.."..G...........N.....H.....eK........u.,..I..).C!...B.w(.%f..E..U........f"..v..).....g.. .d...........K.z.z.Qo...z.l79....96Zs....A...."..yb(9..;.}..d.d..4.......t=[i...*5.-..|....h.........G...9.f.S .T...ge..R.i9..r..+|].K.B....).&..\.x......1..y8...MIz...e+..pb..h....wHe...R.J.m........1l.Zj.g......u.b....?..f..G..[.6......`.'.......pY.R..H^...IwwHe...."&T..x.r..Q|[email protected]]q...4YU..>...>..u.o..C0..b.e8.&..in.+..I.6.......e...A2......&/MHa.1E.......5....w...c.....3$....G..s..nn.....E.h....p.':...*.C.6.2..I.Yr..=.....=.....l......,.=...."cX.1...}..t-h........&9N..V.r"..&..~{...>o.}.a7......q.^X...9...k.*..Y.9`.c=!lx...Y..c...on..T{.e..d.r.Hs<]..d.....B...,....O..D........z.8....DK..V.....[...iX.k.N...;$....




Size (bytes): 50525

Entropy (8bit): 7.987186970324452

Encrypted: false

SSDEEP: 768:78vQDkepBxwWbjOFqjaRMW4A8REbhLpnrLT1ivSR/xb2knd7NKJzm:7VDRDbjDaSW4bShLpnrb2nJS

MD5: AEC7C43C95D0FFB20E315B69B7A04B3A

SHA1: 9494A3B7AE4CD17FA9760F9DBCF3116C7EC69405

SHA-256: 1338733534CCF4A50F66700913AB9937288C065B4830CB7A7378193644C7597F

SHA-512: 97C1DCF5C17E8FFFFA41A813166AA5A676DA894CFBA319D2A8C7F0F9491040CA158FD88EDFECB0FFBADBE65034FDC317977A2DB2DD8EE3E74E290110B97BAD70

Malicious: false

Reputation: low


Preview:......JFIF............................................................#....!!!..$'$ &. ! ........... ... ..........."..................................................!8..`._k....6w..../......^./.(|0.PLc..xM....K...r..p....=....>S.r.E90.[.....3..oC...../...8x8{...F.e."c.DDm.M......_mY| .;....8C...&rD.5y ...y..eu..=O.Yh..p.p.p.w...|9C..&1..!x..e-.+....H...;...8...<.%..7..'=...o....B.6.-w...xC...8>..a...0.........9..&..G9..@.@.!........K.!.}..<..`M6.a/>[email protected].}!...s..q1...5...[.(.J..D.../.....|.b.T.a3.MZ...]z..4.D..xF..=..=..n..C....1.a0...;.l....Z..Ji...p.x. ....%..q.m..z"..g../.5.FFl^F.......C...~....QA9..&..xu.H.^...9Y...p..;..|.bq.t......i.a..+[.A..u./.B.=X......?F`.E.V1.a.o+s.....Z......K..@;....".K7&.\&[...28.-.A..u.!.iOb=I...Z.F.. =.....'.....'...).F.l...-U.h..q..P.;..;...$....z..........(5-.}.......l.........0.k.l....D..\.J..+..j...KF..B)a.T..;..^.Q...P..T.P.eQ'GmT.4......:n.i!...{.).c.....N+;

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\favicon[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe



Size (bytes): 530

Entropy (8bit): 7.35262091254268

Encrypted: false

SSDEEP: 12:6v/7sgZp7UFgqz5pzjirYOf4sda8B3b4ODTHHogx0r:bgZcgqz3zmrYDsdx3ZDogo

MD5: 2FCE3AEAEC6C95DA2BAE980AF8178229

SHA1: 6F948F7365FE80926C77D03A359BD05FAC3AD64F

SHA-256: A09A6DA523B91C5498179ECB6500B8DC2D11A8345BD41E0811BF39CD2D10AB8C

SHA-512: E9F9443ACBF2424AED658B9ACF8F68A34F13D9AD878211D3E6AA1986203ED6D92C40E80B128ED4C6BA0098F102BFF34E73F1BB4C2F6FDF3A92AFDE422BD94F22

Malicious: false

Reputation: low

IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/images/favicon.png


Preview:.PNG........IHDR...(...(...... H_....PLTE...333...III===............MMM......AAA......fffaaa;.D...........yyyttt\\\888.............................~~~oooiiiSSS.............................qh.p..oe.kTTTN^O..NvpFEEE;.A9.@H.<OK/ib+..)..%.s;.....IDAT8....r.0...s$.L(..`;.-........b.,..[hF..F....0.....7.s....$.>[email protected]_............O...aD^C.....9y.}.B&.8...P.a.Y.!9.@.>.p!..pDFP....d..0.O..c..A...'9.P..B.H.G..d.}..^..u..".m"...p.c.]........Z....[..3k..a..y...^~.U..`.|g.....IEND.B`.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\favicon[1].png

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\flags[1].png


File Type: PNG image data, 5652 x 15, 8-bit/color RGBA, non-interlaced


Size (bytes): 70857

Entropy (8bit): 7.993208981606479

Encrypted: true

SSDEEP: 1536:cBBfgWxg7McnRdaRx9krb5LhxHG1gmvlpWUZA1eog3e7xr:Lg+3n3ax9kHV3Wgmdg2A1Y3elr

MD5: 416250F60D785A2E02F17E054D2E4E44

SHA1: 21572C9751E5A3DC20395BEFA0FCB349C32C4811

SHA-256: 0A012CF808A24573168308916092D2D4BD3F2B4AF8E16B59167013CC77ACEE55

SHA-512: CF1E7ACF47464F00D206E9149475E22B8EA5A31727FA16344CD151384D850B83ECE5E9ABE4AC62861DBA0DC3D3410955611D94665B60E2FAA0C3D7A3D7C88404

Malicious: false

Reputation: low

IE Cache URL: https://thecompleteketo.com/static/all/intelInput/img/flags.png

Preview:.PNG........IHDR.....................IDATx..u.]....{.s..{F..!N..K...B...EZ...B...w..!..Ml2...G...3.IF....o.Cg2..}...Yk=[.x.].p.X........... ........;..-.lN..R.H..I..!.@).u.:..>...M...Rx.{8...0.4t.r...2]Q..\6]5.=.@Y.]..............f].g.Wz..Z..E.>-..8*.... !.B$.VIA..+....a)..-v........I..xSk..C..z..g.s'.f.I..t.N..R.u... -K.n.E.ve.;m..7....i.#.....&.._A......f_.]....."n..!..zbn.N>..S..o^...p...'..<...+.....(...b@#.h`...}.1}\.s.}....=.O...K....7..9...m.....d.. $.....).....%I.9....B.......*..._K....P`.7..~=...l.....y..2.(.J..8.+YW.....}.T..wJ.t~9...w...........N...>...dTA.....DL.g=p..}6..6oZ.....w..-8k...8.+....a[p..3y.. ;x.57;.^tT.. .(........v.....u.1#.<..x..`.....&....&{...o.....J[...kJ.i.B...U.H.:.^x....!.~c.J..6.n..~M.|[email protected]....).....&..(.....>^n?...(......U..F...'Vn?.;.[....[........../.^~...T.9zx.w|R...>*.......B.]w..5bk:B%...RC....W..h.!J.%`U..0.....3a2.nvg.].....+....>..b..x.`T..{\i..n..._](L.Y.]....p.cG

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\index[1].cssProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe



Size (bytes): 27658

Entropy (8bit): 5.177111746113662

Encrypted: false

SSDEEP: 384:OFMT8lQOk1a1U0Dt+AALQGAHnA/g2xg3Zp07deObcKIhBbs0R1vO7:6MUk41vyMNHAIlD6dbcJO7

MD5: E5A40E67C21932FC0BC67921162F9976

SHA1: 5945FD45FAEA22EE57F8C1CFE7DECF2C7BD98991

SHA-256: 1B5A85D61EED69451D973836A1943335DF1EBCF2AF2B65036300AB5958B9F7BD

SHA-512: 661A8C08FC501CDC45FB7BC9F10DEBAA435E652A924F9673BD598D1770978CB5C93B473CD84E69ECF724439FDBDBE26434399D04BAA8B92CB06EF38889447A92

Malicious: false

Reputation: low

IE Cache URL: https://thediet4slim.world/static/diet/fr/gala/v2/css/index.css

Preview:* {..margin: 0;..padding: 0.}.a, img {..border: none.}..clr {..clear: both.}.a {..text-decoration: none.}.p {..font-family: Verdana, Geneva, sans-serif;..font-size: 14px;..line-height: 23px;.}.h1 {..color: #333.}.h4 {..color: #666.}..headerInside, .footerInside {..margin: 0 auto.}..headerInside a {..color: #ad208e!important;..font-size: 14px;..font-weight: 600!important.}..headerInside a:hover {..text-decoration: underline.}..pageheader {..font-family: Georgia, "Book Antiqua", Palatino, serif;..font-size: 18px;..font-style: italic;..padding: 5px;..color: #000;..text-align: center;.}..small p {..padding-left: 5px;..line-height: 140%!important;..font-size: 90%.}..subjectheader {..font-size: 26px!important;..margin-top: 1em;..margin-bottom: 1em;..text-align: center.}..pullleft {..float: left.}..news { margin-top: 0 !important; }..news p {..font-size: 95%;..line-height: 140%!important.}..highlight {..float: left;..text-transform: uppercase;..color: #666;..width: 98%;..margin-bottom: 4%;..p

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\index_files_top1dlaxtgy[1].jpgProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe



Size (bytes): 47522

Entropy (8bit): 7.963763221954084

Encrypted: false

SSDEEP: 768:9LVNkvm1Fm3z9bz8LSynvYtPZtxsf8e0Kthl9c/B3goXGaKqJE8Iv3sYDy5Tn+KO:BV++2z9WSu4PfO0w+tjk8YD8rDy

MD5: 779B48401DCAA6A0A129D603C430E5B8

SHA1: 5CE06659D34DE37D751B35E9A392E27B9306F03E

SHA-256: BD22589B43FCDD0A381D113456F0078AB03FDF7BF4292799D88ADE03BBD740BF

SHA-512: DD9B0DFA7F9F191ED59451CB63F86DDD43C75759D1706726B69E97BB1E149BBCB0EECA326E713059B53A3EC12703FA881B42E47DD08D46359F77C64D824C2D84

Malicious: false

Reputation: low

IE Cache URL: https://thediet4slim.world/static/diet/fr/gala/v2/images/index_files_top1dlaxtgy.jpg


Static File Info

No static file info

Network Port Distribution

Preview:......JFIF................................................. $.' ",#..(7),01444.'9=82<.342...........2!.!22222222222222222222222222222222222222222222222222...........".................................................)T...J.J.ZYJ.."$ .(..D.H..."[email protected](.....$DH...$H.R.T...V..R.........=..|[........". B"D...D..."DC...UZU....T...I..~y..;..]Xe.X......!...D."D...$DuR.......j.....F.;...G..Zv.j.....?./......DDI.$I"D...D:.J..V..UUUJP(.Lt.W..}........k..jj.......B$D."I"D..$D:..U..j.ij.ZP.!.|....}.'...|~....k.......g._..( .DD.$I$H."D.....V..j.U*.J..c......./.....o....c=.{...<...........$.$D...J.U.....R....|..:..z8...\...=;..\.....{...s.......I.I$I.D...UV..j.V....(.L?1.5.N~.Ow...............g....._........D.I"I.$....V..V...JQe."|..yyn....}.O...;...^....../W.....7..!..$I$..I.D.#.......Z..J..#.....V...?................}...~..J..B.$.$.1b.1H..UKV........D..>#?3wN[.e.....<.G.?.......??..8q...v.P...$I$I$.F1.D.UZ.m...UTR..e.y....ua;...3...s.{^8............

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\index_files_top1dlaxtgy[1].jpg

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\mic1[1].jpgProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe



Size (bytes): 23082

Entropy (8bit): 7.970024354067792

Encrypted: false

SSDEEP: 384:em6/eL9Uf02r4ux6uSh1FLSSKgAfDtDILlCkZVnaB+lvGhUnzuc3z3:emefNEuw1+1JDKmcUmyc3z

MD5: AD3A6404BFCB77275CA812A0E9FBEEA3

SHA1: 04DD5F6FC94ABA617FE3870F8563F954F0F0A40E

SHA-256: 4B3ED1FF0679965404A6306EBB9F404502A88E12B8459EBAAFFFBB9A353A669F

SHA-512: 09D4C86EB2A8260A3633B636317BBAD777F8D40C6FF7DF16F17CD369A49D0A2B4EB25BCCAE3733387511837D931AF95EA528F55A04E601C09A22A93085945FBE

Malicious: false

Reputation: low

IE Cache URL: https://thediet4slim.world/static/diet/fr/gala/v2/images/mic1.jpg

Preview:......JFIF...................................................( ..%...!1!%)+.....383-7(-.+...........+...--++++++-+-+-+--+--+-++-----------+----8-778-7---+..........."...............................................UUDJ.Eu.,..6.....CH.. ....Mx.N..I.......B{$..]uT....`m....$.I$bL.HI.A...+.........$.U}..*[email protected](...c.$...C..$....&.S...X....m.uB..UU\..DP....,a&C.1...E.`.J.[4....7....qUj.\.e.6*..R...R..(:....s.0...!.I....>..yss....1..*..aT{.hP...UW&.J..uY....2I.i.1 ..".;.{....v>...b.....^l.j.lUUTZ..+A..l.Ba,a%...;334d.S.jk.W#.n6_S..5.{,r..|Y....B*.uW..V....K=.....=.k.A..B....~...y.v.G5}...!aFZm......]U.).......n{...b.a...W......+.......=OE.X.%.R.{m~..TT...Q.&Z.:..m.....b.3."..@U......].....U.g?Oc..Y...."*.%U..$.G[..C.m.k...........T...F.....R...;....!%...m.".%U..F~._.9.{.....b...X...$..._..{...}Y..~o...zb..$.a....]i.-]....:............{...9;..Y.H../..v...<..G.^..?3...&Nj. ......Rs...;x9......8.....g....ti..}..*..._in..p..;.8M....t.~.78.. ...+...c.

Network Behavior

Timestamp Source IP Dest IP Trans ID OP Code Name Type Class

Jun 15, 2021 00:29:36.670751095 CEST 192.168.2.3 8.8.8.8 0x9e1e Standard query (0)

bit.ly A (IP address) IN (0x0001)

Jun 15, 2021 00:29:37.063601971 CEST 192.168.2.3 8.8.8.8 0x22d3 Standard query (0)

www.saildigital.uk A (IP address) IN (0x0001)

Jun 15, 2021 00:29:40.649817944 CEST 192.168.2.3 8.8.8.8 0x7f85 Standard query (0)

thediet4slim.world

A (IP address) IN (0x0001)

Jun 15, 2021 00:29:52.934926033 CEST 192.168.2.3 8.8.8.8 0x6def Standard query (0)

thediet4slim.world


Jun 15, 2021 00:29:56.433249950 CEST 192.168.2.3 8.8.8.8 0x7c25 Standard query (0)

thecompleteketo.com


Jun 15, 2021 00:29:57.240458965 CEST 192.168.2.3 8.8.8.8 0xb41d Standard query (0)

polyfill.io A (IP address) IN (0x0001)

Jun 15, 2021 00:29:57.252991915 CEST 192.168.2.3 8.8.8.8 0xfc50 Standard query (0)

cdn.trackjs.com A (IP address) IN (0x0001)

Jun 15, 2021 00:29:59.044282913 CEST 192.168.2.3 8.8.8.8 0xd377 Standard query (0)

usage.trackjs.com


TCP Packets

UDP Packets

DNS Queries


Jun 15, 2021 00:29:59.594798088 CEST 192.168.2.3 8.8.8.8 0x2a98 Standard query (0)

stats.g.doubleclick.net


Jun 15, 2021 00:29:59.670568943 CEST 192.168.2.3 8.8.8.8 0xf583 Standard query (0)

www.google.ch A (IP address) IN (0x0001)

Jun 15, 2021 00:29:59.994935989 CEST 192.168.2.3 8.8.8.8 0x65f7 Standard query (0)

www.google.de A (IP address) IN (0x0001)

Timestamp Source IP Dest IP Trans ID OP Code Name Type Class

Timestamp Source IP Dest IP Trans ID Reply Code Name CName Address Type Class

Jun 15, 2021 00:29:36.723818064 CEST

8.8.8.8 192.168.2.3 0x9e1e No error (0) bit.ly 67.199.248.11 A (IP address) IN (0x0001)

Jun 15, 2021 00:29:36.723818064 CEST

8.8.8.8 192.168.2.3 0x9e1e No error (0) bit.ly 67.199.248.10 A (IP address) IN (0x0001)

Jun 15, 2021 00:29:37.130062103 CEST

8.8.8.8 192.168.2.3 0x22d3 No error (0) www.saildigital.uk

172.67.195.5 A (IP address) IN (0x0001)

Jun 15, 2021 00:29:37.130062103 CEST

8.8.8.8 192.168.2.3 0x22d3 No error (0) www.saildigital.uk

104.21.68.113 A (IP address) IN (0x0001)

Jun 15, 2021 00:29:40.712404013 CEST

8.8.8.8 192.168.2.3 0x7f85 No error (0) thediet4slim.world

23.227.194.245 A (IP address) IN (0x0001)

Jun 15, 2021 00:29:52.993753910 CEST

8.8.8.8 192.168.2.3 0x6def No error (0) thediet4slim.world

23.227.194.245 A (IP address) IN (0x0001)

Jun 15, 2021 00:29:56.494648933 CEST

8.8.8.8 192.168.2.3 0x7c25 No error (0) thecompleteketo.com

178.62.35.58 A (IP address) IN (0x0001)

Jun 15, 2021 00:29:57.290735960 CEST

8.8.8.8 192.168.2.3 0xb41d No error (0) polyfill.io 151.101.1.26 A (IP address) IN (0x0001)

Jun 15, 2021 00:29:57.290735960 CEST


Jun 15, 2021 00:29:57.290735960 CEST


Jun 15, 2021 00:29:57.290735960 CEST


Jun 15, 2021 00:29:57.316093922 CEST

8.8.8.8 192.168.2.3 0xfc50 No error (0) cdn.trackjs.com cdn.trackjs.netdna-cdn.com

CNAME (Canonical name)

IN (0x0001)

Jun 15, 2021 00:29:57.316093922 CEST

8.8.8.8 192.168.2.3 0xfc50 No error (0) cdn.trackjs.netdna-cdn.com

94.31.29.32 A (IP address) IN (0x0001)

Jun 15, 2021 00:29:59.094544888 CEST

8.8.8.8 192.168.2.3 0xd377 No error (0) usage.trackjs.com

158.69.52.117 A (IP address) IN (0x0001)

Jun 15, 2021 00:29:59.094544888 CEST


167.114.119.127 A (IP address) IN (0x0001)

Jun 15, 2021 00:29:59.094544888 CEST


138.197.155.84 A (IP address) IN (0x0001)

Jun 15, 2021 00:29:59.094544888 CEST


51.89.217.92 A (IP address) IN (0x0001)

Jun 15, 2021 00:29:59.657409906 CEST

8.8.8.8 192.168.2.3 0x2a98 No error (0) stats.g.doubleclick.net

stats.l.doubleclick.net CNAME (Canonical name)

IN (0x0001)

Jun 15, 2021 00:29:59.657409906 CEST

8.8.8.8 192.168.2.3 0x2a98 No error (0) stats.l.doubleclick.net

142.250.102.157 A (IP address) IN (0x0001)

Jun 15, 2021 00:29:59.657409906 CEST


142.250.102.155 A (IP address) IN (0x0001)

Jun 15, 2021 00:29:59.657409906 CEST


142.250.102.154 A (IP address) IN (0x0001)

Jun 15, 2021 00:29:59.657409906 CEST


142.250.102.156 A (IP address) IN (0x0001)

DNS Answers


Jun 15, 2021 00:29:59.738749981 CEST

8.8.8.8 192.168.2.3 0xf583 No error (0) www.google.ch 172.217.20.3 A (IP address) IN (0x0001)

Jun 15, 2021 00:30:00.057742119 CEST

8.8.8.8 192.168.2.3 0x65f7 No error (0) www.google.de 172.217.16.99 A (IP address) IN (0x0001)

Timestamp Source IP Dest IP Trans ID Reply Code Name CName Address Type Class

www.saildigital.uk

thediet4slim.world

Session ID Source IP Source Port Destination IP Destination Port Process

0 192.168.2.3 49714 172.67.195.5 80 C:\Program Files (x86)\Internet Explorer\iexplore.exe

TimestampkBytestransferred Direction Data

Jun 15, 2021 00:29:37.176496029 CEST

1155 OUT GET /dciuoodv/rrmhfcjs.html?ku4tgs6j3vd1.php?ujtzkr18vqrd HTTP/1.1Accept: text/html, application/xhtml+xml, image/jxr, */*Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateConnection: Keep-AliveHost: www.saildigital.uk

Jun 15, 2021 00:29:37.230629921 CEST

1156 IN HTTP/1.1 301 Moved PermanentlyDate: Mon, 14 Jun 2021 22:29:37 GMTTransfer-Encoding: chunkedConnection: keep-aliveCache-Control: max-age=3600Expires: Mon, 14 Jun 2021 23:29:37 GMTLocation: https://www.saildigital.uk/dciuoodv/rrmhfcjs.html?ku4tgs6j3vd1.php?ujtzkr18vqrdcf-request-id: 0aae3e153800004e1940bcf000000001Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=TrCKzIbG2hl5vYDngGX8hKIDbxOol%2FL9vcZSxjTI5Wu%2FHAhukTloEOSK%2B9bcGX2b07dNWQrh%2FpLLwRkLTia9tkTDJAx5XBRRkb9fSrwxs4GhCLyJ%2FOq5%2BTu47wqDzUhj"}],"group":"cf-nel","max_age":604800}NEL: {"report_to":"cf-nel","max_age":604800}Vary: Accept-EncodingServer: cloudflareCF-RAY: 65f6ff9b8c6c4e19-FRAalt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID Source IP Source Port Destination IP Destination Port Process

1 192.168.2.3 49720 23.227.194.245 80 C:\Program Files (x86)\Internet Explorer\iexplore.exe

TimestampkBytestransferred Direction Data

Jun 15, 2021 00:29:40.873816967 CEST

1199 OUT GET /?a=1nod&c=d&s=1306 HTTP/1.1Accept: text/html, application/xhtml+xml, image/jxr, */*Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: thediet4slim.worldConnection: Keep-Alive

Jun 15, 2021 00:29:41.029551983 CEST

1201 IN HTTP/1.1 301 Moved PermanentlyServer: nginx/1.12.2Date: Mon, 14 Jun 2021 22:29:40 GMTContent-Type: text/htmlContent-Length: 185Connection: keep-aliveLocation: https://thediet4slim.world/?a=1nod&c=d&s=1306Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body bgcolor="white"><center><h1>301 Moved Permanently</h1></center><hr><center>nginx/1.12.2</center></body></html>

HTTP Request Dependency Graph

HTTP Packets


Timestamp Source IPSourcePort Dest IP

DestPort Subject Issuer

NotBefore

NotAfter

JA3 SSL ClientFingerprint JA3 SSL Client Digest

Jun 15, 2021 00:29:36.856353045 CEST

67.199.248.11 443 192.168.2.3 49712 CN=bit.ly, O="Bitly, Inc.", L=New York, ST=New York, C=US, SERIALNUMBER=4627013, OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, OID.1.3.6.1.4.1.311.60.2.1.3=US, OID.2.5.4.15=Private Organization CN=DigiCert SHA2 Extended Validation Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US

CN=DigiCert SHA2 Extended Validation Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US

Wed Aug 05 02:00:00 CEST 2020 Tue Oct 22 14:00:00 CEST 2013

Tue Aug 10 14:00:00 CEST 2021 Sun Oct 22 14:00:00 CEST 2028

771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0

9e10692f1b7f78228b2d4e424db3a98c

CN=DigiCert SHA2 Extended Validation Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US

CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US

Tue Oct 22 14:00:00 CEST 2013

Sun Oct 22 14:00:00 CEST 2028

Jun 15, 2021 00:29:36.859894991 CEST

67.199.248.11 443 192.168.2.3 49713 CN=bit.ly, O="Bitly, Inc.", L=New York, ST=New York, C=US, SERIALNUMBER=4627013, OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, OID.1.3.6.1.4.1.311.60.2.1.3=US, OID.2.5.4.15=Private Organization CN=DigiCert SHA2 Extended Validation Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US

CN=DigiCert SHA2 Extended Validation Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US

Wed Aug 05 02:00:00 CEST 2020 Tue Oct 22 14:00:00 CEST 2013

Tue Aug 10 14:00:00 CEST 2021 Sun Oct 22 14:00:00 CEST 2028

771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0

9e10692f1b7f78228b2d4e424db3a98c

CN=DigiCert SHA2 Extended Validation Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US

CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US

Tue Oct 22 14:00:00 CEST 2013

Sun Oct 22 14:00:00 CEST 2028

Jun 15, 2021 00:29:37.331839085 CEST

172.67.195.5 443 192.168.2.3 49716 CN=sni.cloudflaressl.com, O="Cloudflare, Inc.", L=San Francisco, ST=CA, C=US CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US

CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE

Thu Jul 16 02:00:00 CEST 2020 Mon Jan 27 13:48:08 CET 2020

Fri Jul 16 14:00:00 CEST 2021 Wed Jan 01 00:59:59 CET 2025

771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0

9e10692f1b7f78228b2d4e424db3a98c

CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US

CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE

Mon Jan 27 13:48:08 CET 2020

Wed Jan 01 00:59:59 CET 2025

Jun 15, 2021 00:29:41.357834101 CEST

23.227.194.245 443 192.168.2.3 49722 CN=thediet4slim.world CN=R3, O=Let's Encrypt, C=US CN=ISRG Root X1, O=Internet Security Research Group, C=US

CN=R3, O=Let's Encrypt, C=US CN=ISRG Root X1, O=Internet Security Research Group, C=US CN=DST Root CA X3, O=Digital Signature Trust Co.

Mon May 10 15:27:52 CEST 2021 Fri Sep 04 02:00:00 CEST 2020 Wed Jan 20 20:14:03 CET 2021

Sun Aug 08 15:27:52 CEST 2021 Mon Sep 15 18:00:00 CEST 2025 Mon Sep 30 20:14:03 CEST 2024

771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0

9e10692f1b7f78228b2d4e424db3a98c

CN=R3, O=Let's Encrypt, C=US

CN=ISRG Root X1, O=Internet Security Research Group, C=US

Fri Sep 04 02:00:00 CEST 2020

Mon Sep 15 18:00:00 CEST 2025


CN=DST Root CA X3, O=Digital Signature Trust Co.

Wed Jan 20 20:14:03 CET 2021

Mon Sep 30 20:14:03 CEST 2024

HTTPS Packets


Jun 15, 2021 00:29:53.324139118 CEST

23.227.194.245 443 192.168.2.3 49730 CN=thediet4slim.world CN=R3, O=Let's Encrypt, C=US CN=ISRG Root X1, O=Internet Security Research Group, C=US

CN=R3, O=Let's Encrypt, C=US CN=ISRG Root X1, O=Internet Security Research Group, C=US CN=DST Root CA X3, O=Digital Signature Trust Co.

Mon May 10 15:27:52 CEST 2021 Fri Sep 04 02:00:00 CEST 2020 Wed Jan 20 20:14:03 CET 2021

Sun Aug 08 15:27:52 CEST 2021 Mon Sep 15 18:00:00 CEST 2025 Mon Sep 30 20:14:03 CEST 2024

771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,0

37f463bf4616ecd445d4a1937da06e19

CN=R3, O=Let's Encrypt, C=US


Fri Sep 04 02:00:00 CEST 2020

Mon Sep 15 18:00:00 CEST 2025


CN=DST Root CA X3, O=Digital Signature Trust Co.

Wed Jan 20 20:14:03 CET 2021

Mon Sep 30 20:14:03 CEST 2024

Jun 15, 2021 00:29:56.618527889 CEST

178.62.35.58 443 192.168.2.3 49732 CN=thecompleteketo.com CN=Sectigo RSA Domain Validation Secure Server CA, O=Sectigo Limited, L=Salford, ST=Greater Manchester, C=GB CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB

CN=Sectigo RSA Domain Validation Secure Server CA, O=Sectigo Limited, L=Salford, ST=Greater Manchester, C=GB CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB

Thu Mar 04 01:00:00 CET 2021 Fri Nov 02 01:00:00 CET 2018 Tue Mar 12 01:00:00 CET 2019 Thu Jan 01 01:00:00 CET 2004

Thu Feb 24 00:59:59 CET 2022 Wed Jan 01 00:59:59 CET 2031 Mon Jan 01 00:59:59 CET 2029 Mon Jan 01 00:59:59 CET 2029

771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0

9e10692f1b7f78228b2d4e424db3a98c

CN=Sectigo RSA Domain Validation Secure Server CA, O=Sectigo Limited, L=Salford, ST=Greater Manchester, C=GB

CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US

Fri Nov 02 01:00:00 CET 2018

Wed Jan 01 00:59:59 CET 2031


CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB

Tue Mar 12 01:00:00 CET 2019

Mon Jan 01 00:59:59 CET 2029



Thu Jan 01 01:00:00 CET 2004

Mon Jan 01 00:59:59 CET 2029

Jun 15, 2021 00:29:56.620656013 CEST

178.62.35.58 443 192.168.2.3 49733 CN=thecompleteketo.com CN=Sectigo RSA Domain Validation Secure Server CA, O=Sectigo Limited, L=Salford, ST=Greater Manchester, C=GB CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB

CN=Sectigo RSA Domain Validation Secure Server CA, O=Sectigo Limited, L=Salford, ST=Greater Manchester, C=GB CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB

Thu Mar 04 01:00:00 CET 2021 Fri Nov 02 01:00:00 CET 2018 Tue Mar 12 01:00:00 CET 2019 Thu Jan 01 01:00:00 CET 2004

Thu Feb 24 00:59:59 CET 2022 Wed Jan 01 00:59:59 CET 2031 Mon Jan 01 00:59:59 CET 2029 Mon Jan 01 00:59:59 CET 2029

771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0

9e10692f1b7f78228b2d4e424db3a98c



NotBefore

NotAfter



CN=Sectigo RSA Domain Validation Secure Server CA, O=Sectigo Limited, L=Salford, ST=Greater Manchester, C=GB


Fri Nov 02 01:00:00 CET 2018

Wed Jan 01 00:59:59 CET 2031



Tue Mar 12 01:00:00 CET 2019

Mon Jan 01 00:59:59 CET 2029



Thu Jan 01 01:00:00 CET 2004

Mon Jan 01 00:59:59 CET 2029

Jun 15, 2021 00:29:57.392318010 CEST

151.101.1.26 443 192.168.2.3 49734 CN=polyfill.io CN=GlobalSign Atlas R3 DV TLS CA 2020, O=GlobalSign nv-sa, C=BE

CN=GlobalSign Atlas R3 DV TLS CA 2020, O=GlobalSign nv-sa, C=BE CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3

Fri Jun 04 21:31:46 CEST 2021 Tue Jul 28 02:00:00 CEST 2020

Wed Jul 06 21:31:45 CEST 2022 Sun Mar 18 01:00:00 CET 2029

771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0

9e10692f1b7f78228b2d4e424db3a98c

CN=GlobalSign Atlas R3 DV TLS CA 2020, O=GlobalSign nv-sa, C=BE

CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3

Tue Jul 28 02:00:00 CEST 2020

Sun Mar 18 01:00:00 CET 2029

Jun 15, 2021 00:29:57.393436909 CEST

151.101.1.26 443 192.168.2.3 49735 CN=polyfill.io CN=GlobalSign Atlas R3 DV TLS CA 2020, O=GlobalSign nv-sa, C=BE

CN=GlobalSign Atlas R3 DV TLS CA 2020, O=GlobalSign nv-sa, C=BE CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3

Fri Jun 04 21:31:46 CEST 2021 Tue Jul 28 02:00:00 CEST 2020

Wed Jul 06 21:31:45 CEST 2022 Sun Mar 18 01:00:00 CET 2029

771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0

9e10692f1b7f78228b2d4e424db3a98c

CN=GlobalSign Atlas R3 DV TLS CA 2020, O=GlobalSign nv-sa, C=BE


Tue Jul 28 02:00:00 CEST 2020

Sun Mar 18 01:00:00 CET 2029

Jun 15, 2021 00:29:57.419742107 CEST

94.31.29.32 443 192.168.2.3 49738 CN=*.trackjs.com CN=RapidSSL RSA CA 2018, OU=www.digicert.com, O=DigiCert Inc, C=US

CN=RapidSSL RSA CA 2018, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US

Tue Jun 11 02:00:00 CEST 2019 Mon Nov 06 13:23:33 CET 2017

Thu Sep 09 14:00:00 CEST 2021 Sat Nov 06 13:23:33 CET 2027

771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0

9e10692f1b7f78228b2d4e424db3a98c

CN=RapidSSL RSA CA 2018, OU=www.digicert.com, O=DigiCert Inc, C=US

CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US

Mon Nov 06 13:23:33 CET 2017

Sat Nov 06 13:23:33 CET 2027

Jun 15, 2021 00:29:57.419859886 CEST





771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0

9e10692f1b7f78228b2d4e424db3a98c



Mon Nov 06 13:23:33 CET 2017

Sat Nov 06 13:23:33 CET 2027



NotBefore

NotAfter



Jun 15, 2021 00:29:59.714632034 CEST





771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0

9e10692f1b7f78228b2d4e424db3a98c



Mon Nov 06 13:23:33 CET 2017

Sat Nov 06 13:23:33 CET 2027

Jun 15, 2021 00:29:59.715986013 CEST





771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0

9e10692f1b7f78228b2d4e424db3a98c



Mon Nov 06 13:23:33 CET 2017

Sat Nov 06 13:23:33 CET 2027

Jun 15, 2021 00:29:59.786973953 CEST

142.250.102.157 443 192.168.2.3 49755 CN=*.g.doubleclick.net, O=Google LLC, L=Mountain View, ST=California, C=US CN=GTS CA 1O1, O=Google Trust Services, C=US

CN=GTS CA 1O1, O=Google Trust Services, C=US CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2

Mon May 17 03:34:10 CEST 2021 Thu Jun 15 02:00:42 CEST 2017

Mon Aug 09 03:34:09 CEST 2021 Wed Dec 15 01:00:42 CET 2021

771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0

9e10692f1b7f78228b2d4e424db3a98c

CN=GTS CA 1O1, O=Google Trust Services, C=US


Thu Jun 15 02:00:42 CEST 2017

Wed Dec 15 01:00:42 CET 2021

Jun 15, 2021 00:29:59.789201021 CEST

142.250.102.157 443 192.168.2.3 49754 CN=*.g.doubleclick.net, O=Google LLC, L=Mountain View, ST=California, C=US CN=GTS CA 1O1, O=Google Trust Services, C=US

CN=GTS CA 1O1, O=Google Trust Services, C=US CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2

Mon May 17 03:34:10 CEST 2021 Thu Jun 15 02:00:42 CEST 2017

Mon Aug 09 03:34:09 CEST 2021 Wed Dec 15 01:00:42 CET 2021

771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0

9e10692f1b7f78228b2d4e424db3a98c

CN=GTS CA 1O1, O=Google Trust Services, C=US


Thu Jun 15 02:00:42 CEST 2017

Wed Dec 15 01:00:42 CET 2021

Jun 15, 2021 00:29:59.883745909 CEST

172.217.20.3 443 192.168.2.3 49756 CN=*.google.ch CN=GTS CA 1C3, O=Google Trust Services LLC, C=US CN=GTS Root R1, O=Google Trust Services LLC, C=US

CN=GTS CA 1C3, O=Google Trust Services LLC, C=US CN=GTS Root R1, O=Google Trust Services LLC, C=US CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE

Mon May 17 06:37:25 CEST 2021 Thu Aug 13 02:00:42 CEST 2020 Fri Jun 19 02:00:42 CEST 2020

Mon Aug 09 06:37:24 CEST 2021 Thu Sep 30 02:00:42 CEST 2027 Fri Jan 28 01:00:42 CET 2028

771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0

9e10692f1b7f78228b2d4e424db3a98c

CN=GTS CA 1C3, O=Google Trust Services LLC, C=US

CN=GTS Root R1, O=Google Trust Services LLC, C=US

Thu Aug 13 02:00:42 CEST 2020

Thu Sep 30 02:00:42 CEST 2027


CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE

Fri Jun 19 02:00:42 CEST 2020

Fri Jan 28 01:00:42 CET 2028



NotBefore

NotAfter



Code Manipulations

Jun 15, 2021 00:29:59.883919954 CEST

172.217.20.3 443 192.168.2.3 49757 CN=*.google.ch CN=GTS CA 1C3, O=Google Trust Services LLC, C=US CN=GTS Root R1, O=Google Trust Services LLC, C=US




771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0

9e10692f1b7f78228b2d4e424db3a98c



Thu Aug 13 02:00:42 CEST 2020

Thu Sep 30 02:00:42 CEST 2027



Fri Jun 19 02:00:42 CEST 2020

Fri Jan 28 01:00:42 CET 2028

Jun 15, 2021 00:30:00.219239950 CEST

172.217.16.99 443 192.168.2.3 49760 CN=www.google.de CN=GTS CA 1C3, O=Google Trust Services LLC, C=US CN=GTS Root R1, O=Google Trust Services LLC, C=US




771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0

9e10692f1b7f78228b2d4e424db3a98c



Thu Aug 13 02:00:42 CEST 2020

Thu Sep 30 02:00:42 CEST 2027



Fri Jun 19 02:00:42 CEST 2020

Fri Jan 28 01:00:42 CET 2028

Jun 15, 2021 00:30:00.219490051 CEST

172.217.16.99 443 192.168.2.3 49761 CN=www.google.de CN=GTS CA 1C3, O=Google Trust Services LLC, C=US CN=GTS Root R1, O=Google Trust Services LLC, C=US




771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0

9e10692f1b7f78228b2d4e424db3a98c



Thu Aug 13 02:00:42 CEST 2020

Thu Sep 30 02:00:42 CEST 2027



Fri Jun 19 02:00:42 CEST 2020

Fri Jan 28 01:00:42 CET 2028



NotBefore

NotAfter



Statistics

Behavior

Click to jump to process

System Behavior

Disassembly

File ActivitiesFile Activities

Registry ActivitiesRegistry Activities


Start date: 15/06/2021

Path: C:\Program Files\internet explorer\iexplore.exe

Wow64 process (32bit): false

Commandline: 'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding

Imagebase: 0x7ff7d9090000

File size: 823560 bytes

MD5 hash: 6465CB92B25A7BC1DF8E01D8AC5E7596

Has elevated privileges: true

Has administrator privileges: true

Programmed in: C, C++ or other language

Reputation: low

Show Windows behavior


File ActivitiesFile Activities

Registry ActivitiesRegistry Activities


Start date: 15/06/2021

Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe

Wow64 process (32bit): true

Commandline: 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:3396 CREDAT:17410 /prefetch:2

Imagebase: 0xc90000

File size: 822536 bytes

MD5 hash: 071277CC2E3DF41EEEA8013E2AB58D5A

Has elevated privileges: true

Has administrator privileges: true

Programmed in: C, C++ or other language

Reputation: low



Analysis Process: iexplore.exe PID: 3396 Parent PID: 792Analysis Process: iexplore.exe PID: 3396 Parent PID: 792

General

Analysis Process: iexplore.exe PID: 5660 Parent PID: 3396Analysis Process: iexplore.exe PID: 5660 Parent PID: 3396

General


Joe Sandbox Cloud Basic 32.0.0 Black DiamondCopyright Joe Security LLC


http://www.joesecurity.org

automated malware analysis report for

Documents