automated malware analysis report for
TRANSCRIPT
233333333333344445566666677777788888899999
42424242424242434444454950505050505050
50505050
50
Table of Contents
Table of ContentsWindows Analysis Report https://bit.ly/3cD5L2Q
OverviewGeneral InformationDetectionSignaturesClassification
Process TreeMalware ConfigurationYara Overview
Dropped FilesSigma OverviewSignature Overview
AV Detection:Spam, unwanted Advertisements and Ransom Demands:
Mitre Att&ck MatrixBehavior GraphScreenshots
ThumbnailsAntivirus, Machine Learning and Genetic Malware Detection
Initial SampleDropped FilesUnpacked PE FilesDomainsURLs
Domains and IPsContacted DomainsContacted URLsURLs from Memory and BinariesContacted IPsPublicPrivate
General InformationSimulations
Behavior and APIsJoe Sandbox View / Context
IPsDomainsASNJA3 FingerprintsDropped Files
Created / dropped FilesStatic File Info
No static file infoNetwork Behavior
Network Port DistributionTCP PacketsUDP PacketsDNS QueriesDNS AnswersHTTP Request Dependency GraphHTTP PacketsHTTPS Packets
Code ManipulationsStatistics
BehaviorSystem Behavior
Analysis Process: iexplore.exe PID: 3396 Parent PID: 792GeneralFile ActivitiesRegistry Activities
Analysis Process: iexplore.exe PID: 5660 Parent PID: 3396GeneralFile ActivitiesRegistry Activities
Disassembly
Copyright Joe Security LLC 2021 Page 2 of 51
Windows Analysis Report https://bit.ly/3cD5L2Q
Overview
General Information
Sample URL: https://bit.ly/3cD5L2Q
Analysis ID: 434444
Infos:
Most interesting Screenshot:
Detection
GRQ ScamGRQ Scam
Score: 56
Range: 0 - 100
Whitelisted: false
Confidence: 100%
Signatures
Antivirus detection for URL or domain
Antivirus detection for URL or domain
Antivirus detection for URL or domain
Antivirus detection for URL or domain
Antivirus detection for URL or domain
Antivirus detection for URL or domain
Antivirus detection for URL or domainAntivirus detection for URL or domain
Yara detected GRQ Scam
Yara detected GRQ Scam
Yara detected GRQ Scam
Yara detected GRQ Scam
Yara detected GRQ Scam
Yara detected GRQ Scam
Yara detected GRQ ScamYara detected GRQ Scam
Classification
Malware Configuration
Sigma Overview
No Sigma rule has matched
Signature Overview
Ransomware
Spreading
Phishing
Banker
Trojan / Bot
Adware
Spyware
Exploiter
Evader
Miner
clean
clean
clean
clean
clean
clean
clean
suspicious
suspicious
suspicious
suspicious
suspicious
suspicious
suspicious
malicious
malicious
malicious
malicious
malicious
malicious
malicious
System is w10x64
iexplore.exe (PID: 3396 cmdline: 'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding MD5: 6465CB92B25A7BC1DF8E01D8AC5E7596)
iexplore.exe (PID: 5660 cmdline: 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:3396 CREDAT:17410 /prefetch:2 MD5:
071277CC2E3DF41EEEA8013E2AB58D5A)cleanup
No configs have been found
Source Rule Description Author Strings
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\kt-comp-figaro2[1].htm
JoeSecurity_GRQScam Yara detected GRQ Scam
Joe Security
Process Tree
Yara Overview
Dropped Files
Copyright Joe Security LLC 2021 Page 3 of 51
Click to jump to signature section
AV Detection:
Antivirus detection for URL or domain
Spam, unwanted Advertisements and Ransom Demands:
Yara detected GRQ Scam
Mitre Att&ck Matrix
InitialAccess Execution Persistence
PrivilegeEscalation
DefenseEvasion
CredentialAccess Discovery
LateralMovement Collection Exfiltration
CommandandControl
NetworkEffects
RemoteServiceEffects Impact
ValidAccounts
WindowsManagementInstrumentation
PathInterception
ProcessInjection 1
Masquerading 1 OSCredentialDumping
File andDirectoryDiscovery 1
RemoteServices
Data fromLocalSystem
ExfiltrationOver OtherNetworkMedium
EncryptedChannel 2
Eavesdrop onInsecureNetworkCommunication
RemotelyTrack DeviceWithoutAuthorization
ModifySystemPartition
DefaultAccounts
ScheduledTask/Job
Boot orLogonInitializationScripts
Boot orLogonInitializationScripts
ProcessInjection 1
LSASSMemory
ApplicationWindowDiscovery
RemoteDesktopProtocol
Data fromRemovableMedia
ExfiltrationOverBluetooth
Non-ApplicationLayerProtocol 2
Exploit SS7 toRedirect PhoneCalls/SMS
RemotelyWipe DataWithoutAuthorization
DeviceLockout
DomainAccounts
At (Linux) Logon Script(Windows)
LogonScript(Windows)
Obfuscated Filesor Information
SecurityAccountManager
QueryRegistry
SMB/WindowsAdmin Shares
Data fromNetworkSharedDrive
AutomatedExfiltration
ApplicationLayerProtocol 3
Exploit SS7 toTrack DeviceLocation
ObtainDeviceCloudBackups
DeleteDeviceData
LocalAccounts
At (Windows) Logon Script(Mac)
LogonScript(Mac)
Binary Padding NTDS SystemNetworkConfigurationDiscovery
DistributedComponentObject Model
InputCapture
ScheduledTransfer
IngressToolTransfer 1
SIM CardSwap
CarrierBillingFraud
Behavior Graph
Copyright Joe Security LLC 2021 Page 4 of 51
Behavior GraphID: 434444
URL: https://bit.ly/3cD5L2Q
Startdate: 15/06/2021
Architecture: WINDOWS
Score: 56
thediet4slim.world
Antivirus detectionfor URL or domain Yara detected GRQ Scam
iexplore.exe
2 61
started
iexplore.exe
6 187
started
usage.trackjs.com
158.69.52.117, 443, 49749, 49751
OVHFR
Canada
thediet4slim.world
23.227.194.245, 443, 49719, 49720
HVC-ASUS
United States
11 other IPs or domains
C:\Users\user\...\kt-comp-figaro2[1].htm, HTML
dropped
Legend:
Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet
Hide Legend
ThumbnailsThis section contains all screenshots as thumbnails, including those not shown in the slideshow.
Screenshots
Copyright Joe Security LLC 2021 Page 5 of 51
Source Detection Scanner Label Link
https://bit.ly/3cD5L2Q 1% Virustotal Browse
https://bit.ly/3cD5L2Q 0% Avira URL Cloud safe
No Antivirus matches
No Antivirus matches
Source Detection Scanner Label Link
www.saildigital.uk 2% Virustotal Browse
thecompleteketo.com 0% Virustotal Browse
thediet4slim.world 2% Virustotal Browse
Antivirus, Machine Learning and Genetic Malware Detection
Initial Sample
Dropped Files
Unpacked PE Files
Domains
URLs
Copyright Joe Security LLC 2021 Page 6 of 51
Source Detection Scanner Label Link
https://thediet4slim.world/fr/scyo/kt-comp-figaro2?bhu=bHJfQkppmMPUtVV8YqSWiW3dFwqoDsA2Gf
100% SlashNext Internet Scam type: Phishing & Social Engineering
https://www.saildl.uk/dciuoodv/rrmhfcjs.html?ku4tgs6j3vd1.php?ujtzkr18vqrdRoot 0% Avira URL Cloud safe
https://thecompleteketo.com/static/keto_complete/desktop/images/favicon.png 0% Avira URL Cloud safe
https://www.saildigital.uk/favicon.ico 0% Avira URL Cloud safe
https://thediet4slim.w 0% Avira URL Cloud safe
https://www.saildigital.uk/dciuoodv/rrmhfcjs.html?ku4tgs6j3vd1.php?ujtzkr18vqrdRoot 0% Avira URL Cloud safe
https://thediet4slim.world/static/diet/fr/gala/v2/images/favicon.ico 0% Avira URL Cloud safe
https://cct.google/taggy/agent.js 0% URL Reputation safe
https://cct.google/taggy/agent.js 0% URL Reputation safe
https://cct.google/taggy/agent.js 0% URL Reputation safe
https://www.saildigital.uk/dciuoodv/rrmhfcjs.html?ku4tgs6j3vd1.php?ujtzkr18vqrd&Invite 0% Avira URL Cloud safe
https://www.saildigital.uk/dciuoodv/rrmhfcjs.html?ku4tgs6j3vd1.php?ujtzkr18vqrd 0% Avira URL Cloud safe
www.saildigital.uk/dciuoodv/rrmhfcjs.html?ku4tgs6j3vd1.php?ujtzkr18vqrd 0% Avira URL Cloud safe
thediet4slim.world/?a=1nod&c=d&s=1306 0% Avira URL Cloud safe
https://www.google.%/ads/ga-audiences 0% URL Reputation safe
https://www.google.%/ads/ga-audiences 0% URL Reputation safe
https://www.google.%/ads/ga-audiences 0% URL Reputation safe
https://www.saildo.com/offer/keto_complete/v3/?uid=701230eb-3994-46a1-baf8-62a139 0% Avira URL Cloud safe
Name IP Active Malicious Antivirus Detection Reputation
www.saildigital.uk 172.67.195.5 true false 2%, Virustotal, Browse unknown
www.google.de 172.217.16.99 true false high
stats.l.doubleclick.net 142.250.102.157 true false high
bit.ly 67.199.248.11 true false high
thecompleteketo.com 178.62.35.58 true false 0%, Virustotal, Browse unknown
thediet4slim.world 23.227.194.245 true false 2%, Virustotal, Browse unknown
polyfill.io 151.101.1.26 true false high
cdn.trackjs.netdna-cdn.com 94.31.29.32 true false high
www.google.ch 172.217.20.3 true false high
usage.trackjs.com 158.69.52.117 true false high
cdn.trackjs.com unknown unknown false high
stats.g.doubleclick.net unknown unknown false high
Name Malicious Antivirus Detection Reputation
https://thecompleteketo.com/offer/keto_complete/v3/?uid=701230eb-3994-46a1-baf8-62a139392e95
true unknown
https://thediet4slim.world/fr/scyo/kt-comp-figaro2?bhu=bHJfQkppmMPUtVV8YqSWiW3dFwqoDsA2Gf
true SlashNext: Internet Scam type: Phishing & Social Engineering
unknown
www.saildigital.uk/dciuoodv/rrmhfcjs.html?ku4tgs6j3vd1.php?ujtzkr18vqrd false Avira URL Cloud: safe unknown
thediet4slim.world/?a=1nod&c=d&s=1306 false Avira URL Cloud: safe unknown
IP Domain Country Flag ASN ASN Name Malicious
172.67.195.5 www.saildigital.uk United States 13335 CLOUDFLARENETUS false
23.227.194.245 thediet4slim.world United States 29802 HVC-ASUS false
94.31.29.32 cdn.trackjs.netdna-cdn.com
United Kingdom 33438 HIGHWINDS2US false
178.62.35.58 thecompleteketo.com European Union 14061 DIGITALOCEAN-ASNUS false
172.217.16.99 www.google.de United States 15169 GOOGLEUS false
Domains and IPs
Contacted Domains
Contacted URLs
URLs from Memory and Binaries
Contacted IPs
Public
Copyright Joe Security LLC 2021 Page 7 of 51
General Information
Joe Sandbox Version: 32.0.0 Black Diamond
Analysis ID: 434444
Start date: 15.06.2021
Start time: 00:28:47
Joe Sandbox Product: CloudBasic
Overall analysis duration: 0h 3m 30s
Hypervisor based Inspection enabled: false
Report type: light
Cookbook file name: browseurl.jbs
Sample URL: https://bit.ly/3cD5L2Q
Analysis system description: Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
Number of analysed new started processes analysed:
8
Number of new started drivers analysed: 0
Number of existing processes analysed: 0
Number of existing drivers analysed: 0
Number of injected processes analysed: 0
Technologies: HCA enabledEGA enabledAMSI enabled
Analysis Mode: default
Analysis stop reason: Timeout
Detection: MAL
Classification: mal56.phis.win@3/156@11/11
Cookbook Comments: Adjust boot timeEnable AMSIBrowsing link: https://thediet4slim.world/fr/scyo/go.php?CID=435838&bhu=bHJfQkppmMPUtVV8YqSWiW3dFwqoDsA2Gf
Warnings:
151.101.1.26 polyfill.io United States 54113 FASTLYUS false
142.250.102.157 stats.l.doubleclick.net United States 15169 GOOGLEUS false
172.217.20.3 www.google.ch United States 15169 GOOGLEUS false
158.69.52.117 usage.trackjs.com Canada 16276 OVHFR false
67.199.248.11 bit.ly United States 396982 GOOGLE-PRIVATE-CLOUDUS
false
IP Domain Country Flag ASN ASN Name Malicious
IP
192.168.2.1
No simulations
No context
Private
Show All
Simulations
Behavior and APIs
Joe Sandbox View / Context
IPs
Copyright Joe Security LLC 2021 Page 8 of 51
No context
No context
No context
No context
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\QUZI0KQQ\thecompleteketo[1].xmlProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: ASCII text, with no line terminators
Category: dropped
Size (bytes): 96
Entropy (8bit): 4.5734327882404715
Encrypted: false
SSDEEP: 3:D90aK1ryRtFwsTF0QAqVI9suM9qSeXH9LKb:JFK1rUFbAqV6sDleXHwb
MD5: A31AC9B0DA0D888C1B63CDD9E061DC55
SHA1: 2D903D34A7CC9A9258F2DE672F2BA7DC7F60CF6E
SHA-256: 7D598A956D2C7F45595CF719F46EF3A01B2DA5903DCE1B3848B7BBA8BFBF9220
SHA-512: 617850F39D7D79EC55F0D7B1E82F76785CDF4E7AD1124E5539B35E4EBA3D2BBE8C9B81A2736D9F50EB271165142F77892C3D70B2E227D9DED47B2BC858C9736A
Malicious: false
Reputation: low
Preview:<root></root><root><item name="country" value="ch" ltime="1060144288" htime="30892472" /></root>
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{6E5D7854-CDAB-11EB-90E4-ECF4BB862DED}.datProcess: C:\Program Files\internet explorer\iexplore.exe
File Type: Microsoft Word Document
Category: dropped
Size (bytes): 30296
Entropy (8bit): 1.8569825544831133
Encrypted: false
SSDEEP: 48:IwMGcprdGwpLAG/ap8CBGIpcC3KGvnZpvC3AGo3qp9C3nGo4FpmC3WGWBX9C3afq:rQZHZ620WC3tC3fCwFMC0CcCkfC+8X
MD5: 051ED7ECAE733F872F7961A9C713A682
SHA1: C61E253103BA94772179A2D27531FC165EF9255F
SHA-256: 8526787295B3DB2F78F728594E04604A0693539BAC3C8A5051B6932FDB788E75
SHA-512: 605172639A4F3E7A729FE76B01043DF0F955ED91C769F8370C640A44F85128ECF34DE7283DBFB04A6C43EBA032B9446B62B3D28C14DFDC4745484C9CDB300F09
Malicious: false
Reputation: low
Preview:................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{6E5D7856-CDAB-11EB-90E4-ECF4BB862DED}.datProcess: C:\Program Files\internet explorer\iexplore.exe
File Type: Microsoft Word Document
Category: dropped
Size (bytes): 57462
Entropy (8bit): 2.2963541217407446
Encrypted: false
SSDEEP: 384:rGG4w4I0Zm5k52y5sKBoooJEYoQuoieAJPJCJD7Wt+GzieAJPJCJAMEsV7WJH/R:9i2msKBf+E/mA5oKA5oKNZ
Domains
ASN
JA3 Fingerprints
Dropped Files
Created / dropped Files
Copyright Joe Security LLC 2021 Page 9 of 51
MD5: 27AF13021C1CD382EC2EB904AC6023B3
SHA1: 3F3EDEFA2C0488E5BD1A1DE40C055C56A76FA34F
SHA-256: 076D5A858B775B9111FEF3D6A4393D1BEDC86B2D29BD4C2ED8939705BB1E012C
SHA-512: FAD6A5C673A43E58B4E113B6698DE3523950C3A2B00EDA41A5DFCECE32A472AB404747D112DF12EEBB18754CA8F5D5626FAE4323137D161570B88D7F20C39A7D
Malicious: false
Reputation: low
Preview:................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{6E5D7856-CDAB-11EB-90E4-ECF4BB862DED}.dat
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{7757D1A2-CDAB-11EB-90E4-ECF4BB862DED}.datProcess: C:\Program Files\internet explorer\iexplore.exe
File Type: Microsoft Word Document
Category: dropped
Size (bytes): 16984
Entropy (8bit): 1.5625911089163607
Encrypted: false
SSDEEP: 48:IwmGcprnGwpaVG4pQRGrapbSVGQpKPG7HpR2TGIpG:r6ZxQH6hBSfAeTCA
MD5: 6DB8817215DF148BE1CABFCF0F384015
SHA1: 868727A69819F4DBD096C4D1AA3E5B2F43EB3EDB
SHA-256: 7859A6D24F3DE1F05C1236EE00DCA3E7732AAF042168AE82FE685EE8F271ABEE
SHA-512: B1249A9D314D9B6F3F9350AE180C677B29390C3E7ADEE8ED9904072F25F6F927FBB4B769862F9FB597D5F2262427CCF1E60F5FB9389DE8A4E3A1C19CDE8D7606
Malicious: false
Reputation: low
Preview:................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\ynfz0jx\imagestore.datProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: data
Category: dropped
Size (bytes): 7156
Entropy (8bit): 7.78033697662041
Encrypted: false
SSDEEP: 96:7aq3bdWfcmTY+aRF1pXWZL2+42HGhIUc8KeLE32Vm/yrpzB8+lKpiHqUlf7i36bJ:bgXTY+as02mOB8XLE/yrT8+lKUK936bJ
MD5: 7980899C845BF5CE3105428DCEBB7CAC
SHA1: C38C244182D10B997FAD1666BE3D789283B9B235
SHA-256: F1B553C1BD892C0E48B676746B64FFD01EC08D0439F3D862D4712B15F8F64421
SHA-512: 8E48173A92282F8DBA61877305A40E80B74C0911A3BE0425C1115FC8EC362DAB2CB6E367FF1DD7FC8C475C51CD8F71AAF72BAA7AEA78C24AB382060BCA829B20
Malicious: false
Reputation: low
Preview:&.h.t.t.p.s.:././.w.w.w...s.a.i.l.d.i.g.i.t.a.l...u.k./.f.a.v.i.c.o.n...i.c.o......PNG........IHDR...P...P............IDATx..].xU...[..V..*).Kk...V.k..J]jKEl?...t...!.{.,[email protected].%.....B...N.y..w.....I{.o...;.s..3...WH......./.zBp.o,XW.......#Z.f...|mvD..9..F........y..o....1^.743l.......v..#.c.E&.e..hU1.{..........._cZ..We.v.....f.w....(..6|.Y.. I:x..-.&.......D........<.6.6.l....T..)...|....#..$g...VN.......!'/6.w..B.h.}....EV.......k.7" f.}.G.~#..M..+....G....iB......]..?+......'.j.GB..P%......\........../..%...&.8E...".........44.J...1.........S...........d.j..]ni%._..9.{.O?.H..6T.|A.GC..g...U.oDEt,?.0....~....q=.y.~.9.Z......c...v.._....$.0.2...F.9a.L..)..l...2...w...I..&....Vg......H.I..r......./....z.`..+...Z.^U.=..5aBpb..0< ../>.9.c....".I..0.3N,}}....|]Fb...Q.......W.....OQ..y;.....|.37..}.....(c.....X..`xX).;......<5S....>.9..G.:..=..0^.......l_<G......H....C.O.*.....Hk{..{....]Nc..B.8..}%>..w....Z...).....\..>....c
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\7-day-bridge-ketosis-bg[1].jpgProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1750x1013, frames 3
Category: downloaded
Size (bytes): 81657
Entropy (8bit): 7.941781797321773
Encrypted: false
SSDEEP: 1536:qEkOxM4jh1bzRZZG/Dt67j5j3bIijZte7JjaMrn8Fy3I0:qEkOxMc/jZgtCkZdIFy3x
MD5: 78FF44E47A87FA3C04709DA7F447AB6D
SHA1: 29C3A882E5C919E23E580A7465FB24DDE2D82D48
SHA-256: 7C9FE2E0F0A0F26C69C9F101CFCBA2938225D91CC1B878DD302C71B0D665ED78
SHA-512: 1FC31D2B97DB7CB744533674CAA209027D6726191F07565FC1603FC68EE7A445B873C87D508F0EC6A161CFA3EC53B7542F68A6613F540167C799763644BF6224
Malicious: false
Reputation: low
Copyright Joe Security LLC 2021 Page 10 of 51
IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/images/7-day-bridge-ketosis-bg.jpg
Preview:......JFIF...........................................+......+&.%#%.&D5//5DNB>BN_UU_wqw................................+......+&.%#%.&D5//5DNB>BN_UU_wqw.............."..........................................................................................................2.,r.,kW..........................\..<q..............................|..<3................+.[.}#.................>x.Yc.V.....z.......>...=G[.}.3..................9e.8.@,......@..........^...8.}../L.....>.`.........x.e.8..@.......=.........~e.i.e9..G.........zO...........Xg..e.9d..........@....8_..y..u.......x.......~G.\.=....y........q......r.....X.P..........2._.s.......O.....<.i...............[.....+.8.Yc.......`...........~1.x....^G....OE..O)...I.....Z.....8.............q.........,.....{....../...?.}...../..8.j.......p.=....s.......?E...8e.X.YR........................7e..a...^..L.WW..'...8..S....8..R.N.0.g..<x.~/...........,.....=......c..3....g.=WA..=m...}.............G........QX.,q..
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\7-day-bridge-ketosis-bg[1].jpg
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\7day-bridge-ketopia-ketosis-bg2[1].jpgProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1750x847, frames 3
Category: downloaded
Size (bytes): 292187
Entropy (8bit): 7.975979818595836
Encrypted: false
SSDEEP: 6144:qEMPrRgz479RZqUqhLcnwGa9wlHsnR0LVMdxiZ17doNJp:0Pl6479R8UaQnnrHsnR0G7iZ17d8v
MD5: 56C71170803D8A45EA21B1EE45EDD8F2
SHA1: 57F803389A3787845980D3F7EC2789340B4236A3
SHA-256: DA03ED5CCF7CD07BBD043FCB3AAEB8D61C2D6A2CD8719CD030A39AC9150F58EA
SHA-512: 06C6D6DC78A4B4E54CB6028590E713FC16DA80EC1B0B19F6B9F3F74981DAD68F89A7648A334D1059693736C8B8750426D9F052D043140268DAC196BAF3EC41CD
Malicious: false
Reputation: low
IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/images/7day-bridge-ketopia-ketosis-bg2.jpg
Preview:......JFIF...........................................+......+&.%#%.&D5//5DNB>BN_UU_wqw................................+......+&.%#%.&D5//5DNB>BN_UU_wqw.........O....".......................................................................................................O..2..R..................................................ie....|.>.m...)..y..................................................e.E.U^f.yGa}+..#.....$.................................................{.YY.....e*..i...-.b.;1...=...x~..........................................#.E.pr..G31..K.}F.2.;\..wmm{...p...o..].[).............................................||.r.sh.9..q'.....$.=._.Th..WwX.u..f%..^....v!w........................................z.zx.Jyx.g....vV..u.d...L....tYu..y..9....Zwz...s.g..?+..Z...."......................................~+...Z.BT..A'..4._)%e^.g..........:^ws...yW..;.e..#+Wo.44..J....w....................................!....y.]........~.n..&....?Z....{...].e.._z..].:^Q....wdW..?
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\JTURjIg1_i6t8kCHKm45_aZA7g0[1].woff
Process: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: Web Open Font Format, TrueType, length 66532, version 1.1
Category: downloaded
Size (bytes): 66532
Entropy (8bit): 7.9921992751304805
Encrypted: true
SSDEEP: 1536:TeEhZuE0S4CraF8aLdxxxhzTnqgFq4bq9k5MVo/s1SU:THArCGCaLPJzTnlbVMO0R
MD5: 030E8B9B5D28B64486D9F855FB74C135
SHA1: 400B6AF08962BDCEF3B58630993C0E8A6B4B4CCC
SHA-256: EE76A91D22C4577D6638DE273E0540E21E05E9C189900F54F8993ED0C0043D7B
SHA-512: EB1CFBC0409E26C2393E6BD2E68E73E0970E9B90E20AFAEE0A8EA0F28E2B9850235B776D4E9A091750B7329B25F69DDFEF55864AC7F4A08A5E04917A322E2C60
Malicious: false
Reputation: low
IE Cache URL: https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_aZA7g0.woff
Preview:wOFF..............-.........................GDEF.......2....X.|GPOS......=....:[email protected]/2..EL...O...`U$.2cmap..E............3cvt ..M....\....-P.mfpgm..N....F...mM$.|gasp..TT............glyf..T\......&..(.lhead...t...6...6.5._hhea...... ...$....hmtx..............F.loca...X...s....~.."maxp....... ... ...Zname............-ZG.post.......L..(....prep...(.........K..x.....XQ...s_m.6..v\.V..V..m.E\.\.......Yi..U.......l+q...Sv...=|`...}./...Y..y.s..5..w.....R\.'._....._..xL.dLS.s.SI,.2XN.*beU.j........6Q.l...J.z`o.....5.'j"N.d..i8K.p...Rm.....wj'.....xP....Q..:..t......]....P...s..........'....U2f(.s.o..P.7...2|...Eu,D..I.LV....-$cj.`/+d.G..4...F.S...x..Wep#I.}3..O...Y..333333.>ffffff.[..cf.e.l....15N.Q]..VK.Z...F. .H|........yo{.0..>...%..a.{.0.8.).c.QE2t..G.s.....!...F.ph...."@.L~..+.....C......~../...)+...K'.>J...#..Gv..;@...)G<.....1...?.wz..".......(..o...[s|.;v.s z.W.h.HFI.n.`s#6.0........m|.Z.R..l.2DZ....[...A@..].r`[email protected]..?z.d..T
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\all-natural-ketopia-bg[1].jpgProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1750x850, frames 3
Category: downloaded
Size (bytes): 121997
Entropy (8bit): 7.953247757750187
Encrypted: false
SSDEEP: 3072:qEw7yDHm8LwsOSDbtmp++vwDmc+eFuwIAmxGhzRKaLsnOV7/tgCha1bQltY:qEwGC8LASDbtq+bmAYm1hLsnOFtja1bF
MD5: 50754C2763FED6E0F5114E56F9B49CCE
SHA1: 2DB5466D2BEE4165186E4E9D94286363D9FF9374
SHA-256: A6409C384B0B21F3D025EB3AE510E2E25CD256B5422A8CD85B79E420FA441297
SHA-512: 06DE8A1B92C8B4BD41283947DAF2C56AE5AD9F129789E2480E532BB706189718CCD6EF9EAF83DD9EEF187E3340943452609C898D8E718F657ACFAAC9566B270A
Malicious: false
Reputation: low
IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/images/all-natural-ketopia-bg.jpg
Copyright Joe Security LLC 2021 Page 11 of 51
Preview:......JFIF...........................................+......+&.%#%.&D5//5DNB>BN_UU_wqw................................+......+&.%#%.&D5//5DNB>BN_UU_wqw.........R...."..........................................................................1.3.=`.........................r.eJgJ..`........................g.3.g....$........................2..i.5.:....&R>.......................8.X.x.S6L."I...C....................3.<...s.:..e32.d.f&ff.$}(....................X...H@...... ....RG....................8.yg.d"[email protected]...&[email protected] ...3)M.&@&I..X..>................9.9.8..L.&I$........6..$.%$..S3..P.............c.Y.1.:.T!......B....$I)L.`...7L.D} ............\..,..YR.!.+.. ..X.. ..$$L....&et..0.F...........L..2.y.B....".....%..!(....L.&&R.VL..............gLs.<.$*B.......I B...H,..LL...330...........r.yg.2.@.,...!12. ....%......$.D.."l.M.Z..F........9g.t.Q3+...$... !........H.H.I.......O........yg.1.*g)L.%a10L.I..*..T@&...@.....$.....33.tYP.......s.
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\all-natural-ketopia-bg[1].jpg
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\beach-woman[1].jpgProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2200x1018, frames 3
Category: downloaded
Size (bytes): 132629
Entropy (8bit): 7.972096469798674
Encrypted: false
SSDEEP: 3072:qEGANAlwCXwyXIPaDRHMei2jN6GBYx3oVTR6gWa5UUJK92:qEzNAl5X3L62Rc3oKo5UUJr
MD5: F0357A29851072E54AA4FBEAAF87ED49
SHA1: BFAAB23D2C9100C36CD3C61B5DF6D56911708C3F
SHA-256: A8445AF3BF426562BB63F11D83D7B4DD3082000E1155FAFDA68F3FE9554E7502
SHA-512: 216420149661F3A46BDA088AA5407209EB53E48072A3C99E7BB56A89B81F78509746F8681157AD255132528020DB8D52CCA5CB22CC79C80DA898A584FD0FC232
Malicious: false
Reputation: low
IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/images/beach-woman.jpg
Preview:......JFIF...........................................+......+&.%#%.&D5//5DNB>BN_UU_wqw................................+......+&.%#%.&D5//5DNB>BN_UU_wqw.............."...................................................S]4.>9... ......._.{~...3...tH....l.Zj.[.........u.z+VT..*[email protected][email protected] .R....YF.)`.........|>[email protected][.....2.........&Hh.I2.D.*.eU....-T*.....a(.n.s.v....J...0..>.Q...k.~..s..[........P.....-.....62.n.[...U....2.d.]]5*."(.*\.3....Y`..0..S.}o..OG....d..H".......+...{~.N..6.~...B....K..Z.vJ.C2d...U...h.%.1..dD...5m..Eh.........`.^>..k>_.}.?...8.tL.........>.......}o}.....La...v..V.Z..P.JFt...t.tR.$bdM......Qn.H..rL.-..4..3F....k.|..>.W..........2.......|..............~W.$A.......]7jH. ..4HT.[.Moe.kH..1R. a.....SH...*).]...YSL.P<?w...|...W.w...:.,..Q..e.....}...}}...~?.%..Z-j.KT...:]I.....t..*..c H..3!([email protected]...}O.......^O...q.BT...?.......zzz.._...X...WE......`.....kw..wut%f#..a.,gFM.r..%f...$+Z..3....Uhe..n>?.
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\bg2[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 288 x 295, 8-bit colormap, non-interlaced
Category: downloaded
Size (bytes): 13030
Entropy (8bit): 7.877729558005436
Encrypted: false
SSDEEP: 192:OSLzNr8XsFAViFz+/mMBtGteo5OO7ngVBo5NgiZEoDVpVtY5RMAnJquc170OkFyH:xm8gB5o3cVBo52irpVuXDy6Fys4n
MD5: AB8E603A720CD5FA6EA8F7C9DA271EEA
SHA1: 4C0A6F0FF474E9B4E0EF00B43D7F595B9C14E90C
SHA-256: C199663360109C62D6DD435C228AAFD2E5530279670DB2A396A177ECA6BF2F24
SHA-512: 895BF67DD56AF4192A878A90E93F61E8A1E1E8356A1ABA2D3AC686FE760A4394B0690D12CE1F82F30B69455862CC9BA2941FC60AF3E424A507831A1C5C969DB1
Malicious: false
Reputation: low
IE Cache URL: https://thecompleteketo.com/static/keto_complete/v3/desktop/images/bg2.png
Preview:.PNG........IHDR... ...'.....>Xn.....sRGB...,.....pHYs.................PLTE............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................G(....tRNS.............................. !"#$%&'()*+,-./0123456789;:<=>?@ABCDEFGHIJKLMNOQPRSTUVWXYZ[\]^_`abcdefghijklmnopqsrtuvwxyz{|}~..........................
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\done-icon2[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 534 x 418, 8-bit colormap, non-interlaced
Category: downloaded
Size (bytes): 6898
Entropy (8bit): 7.935301902388419
Encrypted: false
SSDEEP: 192:5gSMhd9CYBSvEiDXRHjIZOwx29k5rOyqrCKLSWxLH:5H0dAYBS/DXpMOe5Wr+w7
MD5: A410410D37397704F2E1F92C8B9C6B02
SHA1: FFE44E9E1FE72A4BA1EE8F1E65A2B4F75292BA38
SHA-256: 01EBF38CD11716DA378D4B3ECBE0BA33A68C730022F60E7B563F212D147EE8D0
SHA-512: A512E02FFA8634548C26340CCE036729AF6D6FED980C9C9A4CFFD306702BDD49407C9706E2AC69129864929FAB8295803DEE8F2E3335A654950A1E848AB0EA3D
Malicious: false
Reputation: low
IE Cache URL: https://thecompleteketo.com/static/keto_complete/v3/desktop/images/done-icon2.png
Copyright Joe Security LLC 2021 Page 12 of 51
Preview:.PNG........IHDR..............*......sRGB...,.....pHYs................EPLTE.......................................................................<.....tRNS..........................K...#IDATx...8.Ec...a.g..Q..6.p*.L.....T.T'.#K[.y<....................#.0........$q........,...8....P....Y..N.i.y..!..)....H5...".....\=...&P.....=z..*..H.&.8.....S.8.(.B.R..@O..(..^..m.........EY...."M.O7......[..w%..i.=.^.Y.1../(....<&.M.'....X..|...z...(........=x'.p*...z.w....ES.?}g.0..X..\.....]..a...*.5.....](.^.F.a.E...6.9.D.i0.{.R...XDQt..d."..y...9.E.NEQ..3.Ci.E.Q.....bbif..n....D."....a..%Q<'.H........Sz.".......Y.Y..t)H..,..[.....~.LDQ.m.?CNK...b.&.=.6e..lli.A^.V.#..^...d.&..blT.....2...lA..b.I.dr...$...a..~C..SD8.II(.1...t...F.......5..Z......8.EA.....[l.....y.....8.T\.B.....F..D1.1....4B.*..6. ._).5)9Z..;-...+LQ..T..W...%%......=C..^h.V......6....,.FF.z$..e.....~.=).{.._...Q.A..zd...dyK_i...!.8.0.E....s.Sa..e2.".,..B.(.E../?z.[.!y....A.7@...`.GH.....<N5.....C..C11
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\done-icon2[1].png
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\favicon[1].icoProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 32 x 32, 8-bit colormap, non-interlaced
Category: downloaded
Size (bytes): 2031
Entropy (8bit): 7.422316209983807
Encrypted: false
SSDEEP: 48:hxitNn2VutSJ3glpgm/qE4rpC4XB8+EmKs+B9iGq8RUlu:Q2Vm/yrpzB8+lKpiHqUlu
MD5: 79DFD98BBB75C58A7897E015F0BDEB67
SHA1: 9565DE1A8D4E40008726DAB9F250EF3219E56CDC
SHA-256: 8CAA1FE01DA414276394F74FAFDF7B5BACE2F2CCC0A76E4A5EDBF7557E064E6F
SHA-512: F23204590084BC09538D17029281A231C30DB0052EEC5F398C0B249E6C001D50214AAE3B5BA93FF3B8B72A2A30FE10AB44CD288A74E304FA4F0F6A1A74AFE521
Malicious: false
Reputation: low
IE Cache URL: https://thediet4slim.world/static/diet/fr/gala/v2/images/favicon.ico
Preview:.PNG........IHDR... ... .....D.......tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:DF97E469D81711E5B55CB3DB707F17C9" xmpMM:DocumentID="xmp.did:DF97E46AD81711E5B55CB3DB707F17C9"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:DF97E467D81711E5B55CB3DB707F17C9" stRef:documentID="xmp.did:DF97E468D81711E5B55CB3DB707F17C9"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>.......mPLTE...................up.... ...........gb.............$........"........F@.............'..................._
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\footerbg[1].jpgProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1750x1030, frames 3
Category: downloaded
Size (bytes): 107617
Entropy (8bit): 7.9760392523440835
Encrypted: false
SSDEEP: 3072:qEpsnFFKmNk/GYZslfXfyRltGqU8Z34YpOdn:qEpsFFL0spcL3i
MD5: DC3B562BD20A5DA6F70FBAB4C75D1B56
SHA1: 85C18B5755177B79E609F2C4F0CD45926EA219F4
SHA-256: C083A24C184F05F8ECE3F9D82741FC6DBDEF3C8FF12F7F38CF13C593AAC4FFB4
SHA-512: 9498EA20EB2196BE36C1B49C6E5BF23F1897C9845A1EC447B4AF120BB367A7240322E17606E9283016F18E5DDAC65541824BE722C70DE55DF1BBB0CD8296F2AD
Malicious: false
Reputation: low
IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/images/footerbg.jpg
Preview:......JFIF...........................................+......+&.%#%.&D5//5DNB>BN_UU_wqw................................+......+&.%#%.&D5//5DNB>BN_UU_wqw..............".............................................................................\..,~...........................\x..,r...........................g..|9r..$IV..........................9y....>|....3..Y.......................y..xp...\....CFt...i.~..............................p.iJ....{.t.Rd. ....................^n.N>.?......h.5..[tiu...$Al...................q.p...../[email protected]........{.......s?v...................:..i..Z....oM.*..Z.]o}[email protected].?....?@>..<.F..L.Qkv.-..oz.Y[n.U.:o.3..d\................|.<.8y..8r....\y?).n.&q2.(...X....;...inm.W]zs.3.e.................y..<.<.l.]ls..>..z...V..f..l5.....:..w8..R... ..2&?r...........y|../..............{..fK.5\..V.R.T.%H-Z4[zw.a(K........................pD..[.l.n..........P....tT...[.k.. .7..H..d..........<..?................4....E5.....[.
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\gtm[1].jsProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: ASCII text, with very long lines
Category: downloaded
Size (bytes): 116122
Entropy (8bit): 5.531880750249014
Encrypted: false
SSDEEP: 1536:rQggLAPZRZM3JkRAvO0U+HYvbo1WuQvdfxqWpQhpShJ5CwN1Wz1d99KPjJPIZL3b:cYM3aRAvO0Yb2Wu0Q+h7CSWBK0gh+
MD5: 15B1A675039050F6DE4A34EAF5B310D8
SHA1: A189D111BD632A8D2305F375FA06FF40F9E7D1AB
SHA-256: A84CDBDA714C0BB2E5A8FA02F933B578B1B8998551F95970C4DBFA41A14BC208
SHA-512: EF50DEE62058C50AAD1DDAAF3B8C01E990BE20839163DB87F7C8181BD2D7C09B90C53E0DFF5711E2EDB6FFDEE86A8829EC9DF81EDC77918994DAE1076CBCCDD9
Malicious: false
Reputation: low
IE Cache URL: https://www.googletagmanager.com/gtm.js?id=GTM-K6CHB3B
Copyright Joe Security LLC 2021 Page 13 of 51
Preview:.// Copyright 2012 Google Inc. All rights reserved..(function(w,g){w[g]=w[g]||{};w[g].e=function(s){return eval(s);};})(window,'google_tag_manager');(function(){..var data = {."resource": {. "version":"106",. . "macros":[{. "function":"__e". },{. "function":"__u",. "vtp_component":"QUERY",. "vtp_queryKey":"uid",. "vtp_enableMultiQueryKeys":false,. "vtp_enableIgnoreEmptyQueryParam":false. },{. "function":"__u",. "vtp_component":"PATH",. "vtp_enableMultiQueryKeys":false,. "vtp_enableIgnoreEmptyQueryParam":false. },{. "function":"__d",. "vtp_elementSelector":"title",. "vtp_selectorType":"CSS". },{. "function":"__jsm",. "vtp_javascript":["template","(function(){var a=",["escape",["macro",2],8,16],".split(\"\/\")[2];return void 0===a||\"index.php\"===a?",["escape",["macro",3],8,16],"+\" - Not funnel\":upperParam=a[0].toUpperCase()+a.slice(1)})();"]. },{. "function":"__jsm",. "vtp_javascrip
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\gtm[1].js
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\icon-close[1].svgProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: SVG Scalable Vector Graphics image
Category: downloaded
Size (bytes): 213
Entropy (8bit): 5.047791954992333
Encrypted: false
SSDEEP: 6:tnrCqumc4sldMXlZudGonDRzgQqAroISFoM49fhWR6Vg8:trCquCrGtzsAroIuizVg8
MD5: 1FD1AE61181C4B7CE29FE8EE4D002F05
SHA1: C8950D51F03D69AE7958ED78849AA0C1CD8D0371
SHA-256: 8DE42EAF40B914AFB0760B6D89C0D9F2BAE25DFF582FFE72D667ACE8BC03BD45
SHA-512: F2C0482F9D5A242A7B0CCDEEB6561623F2630C9BBAF354C46FE6A9084332D6AFA87F48095E206FD3E65C235D25ECA4BE984978E622E35130910C15B8339B65E3
Malicious: false
Reputation: low
IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/images/icon-close.svg
Preview:<svg width="17" height="16" fill="none" xmlns="http://www.w3.org/2000/svg"><circle cx="8" cy="8" r="8" transform="translate(.5)" fill="#DB3D24"/><path d="M5 5l7 7m0-7l-7 7" stroke="#fff" stroke-width="1.5"/></svg>
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\icon-exclamation[1].svgProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: SVG Scalable Vector Graphics image
Category: downloaded
Size (bytes): 462
Entropy (8bit): 4.818678532996627
Encrypted: false
SSDEEP: 6:tnrMn4umc4slAntIYTdGoMJKzgQq93tCIfgDUCtrPs4EQS3gULQ6tsaJ2dPW4Ke:trMn4uutMKzsXCI4TFfUknaJ8eFe
MD5: FC0A591D5236E7FC610FE00C35D69CB1
SHA1: 79D05D0911F4662D90C4ADA2FA61F619108C3696
SHA-256: 5AA1F7FD685E5CB8D63F8FFCDB3F87DA2FFFE98C1B67CBB9353B5D8026D6C56D
SHA-512: 33B3BE41B3A39A66BD8C9B5F1CD3880371ADE5234EF66AF9877CEB78AF17A2B72CB4DFF418CE174BD135799A870D4D9DAE1DF0F1BECC2E3B37EB0BCAA76840B2
Malicious: false
Reputation: low
IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/images/icon-exclamation.svg
Preview:<svg width="33" height="36" fill="none" xmlns="http://www.w3.org/2000/svg"><rect width="32" height="32" rx="3" transform="translate(.5 2)" fill="#DB3D24"/><path d="M17.596 21.716h-3.062l-.337-15.044h3.75l-.351 15.044zm-3.501 4.6c0-.557.18-1.016.542-1.377.361-.372.854-.557 1.48-.557.624 0 1.117.185 1.479.556.361.362.542.82.542 1.377 0 .537-.176.987-.528 1.348-.351.361-.85.542-1.494.542s-1.142-.18-1.494-.542c-.351-.361-.527-.81-.527-1.348z" fill="#fff"/></svg>
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\intlTelInput[1].cssProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: ASCII text, with very long lines, with no line terminators
Category: downloaded
Size (bytes): 19183
Entropy (8bit): 4.938664589102448
Encrypted: false
SSDEEP: 192:XwR+nXh/TVc6jU+4v7fix43obCfCfIlSc:XwRWXhK6jU+4vTixaACaglSc
MD5: 53AE24A7F46B9EA863A5E389C078E59C
SHA1: 4F08EE130BF521C34E143FA91E12F4135851B02B
SHA-256: 82D7EC24A4FAA5840B7A7CB385312D599A26F4C4DEED45B747ED2B252C48F1A5
SHA-512: 1F9685BE915CF320804D6E5F1CBEC05812271037732B021A1D020CDBD1EDD259B345D50854CE5F5F04B623D24455C163C067676C2D7274E0EB391287D0FD03B6
Malicious: false
Reputation: low
IE Cache URL: https://thecompleteketo.com/static/all/intelInput/css/intlTelInput.css
Copyright Joe Security LLC 2021 Page 14 of 51
Preview:.iti{position:relative;display:inline-block;width:100%}.iti *{box-sizing:border-box;-moz-box-sizing:border-box}.iti__hide{display:none}.iti__v-hide{visibility:hidden}.iti input,.iti input[type=tel],.iti input[type=text]{position:relative;z-index:0;margin-top:0!important;margin-bottom:0!important;padding-right:36px;margin-right:0}.iti__flag-container{position:absolute;top:0;bottom:0;right:0;padding:1px}.iti__selected-flag{z-index:1;position:relative;display:flex;align-items:center;height:100%;padding:0 6px 0 8px}.iti__arrow{margin-left:6px;width:0;height:0;border-left:3px solid transparent;border-right:3px solid transparent;border-top:4px solid #555}.iti__arrow--up{border-top:none;border-bottom:4px solid #555}.iti__country-list{position:absolute;z-index:2;list-style:none;text-align:left;padding:0;margin:0 0 0 -1px;box-shadow:1px 1px 4px rgba(0,0,0,.2);background-color:#fff;border:1px solid #ccc;white-space:nowrap;max-height:200px;overflow-y:scroll;-webkit-overflow-scrolling:touch}.iti__
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\intlTelInput[1].css
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\js[1].jsProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: ASCII text, with very long lines
Category: downloaded
Size (bytes): 155530
Entropy (8bit): 5.5009169813989685
Encrypted: false
SSDEEP: 3072:Y+VobJfnC0sU8Awm3g+xW8AwHNO5IqHw46:K5nj3HAY45IqHwf
MD5: 2CC7DCAF7A6DC7689960EAA7F5AD1B03
SHA1: 88A03B8FCD2B257C18DD2E9BAD53169B1863C5D2
SHA-256: C9B8EFD5D20DCD95F2D40C70C806C565A8D3EAB0EF3323DA29DBEBE289DE5E2F
SHA-512: F937821565F38D88280B967B818EE7CDBC6E7F5E859652279315935AF844764A98E68D7344FEF69937BB3E3DE17F962C5C5954CB57499E6AD7F617A1672F95DC
Malicious: false
Reputation: low
IE Cache URL: https://www.googletagmanager.com/gtag/js?id=G-ZTJ64Z90QF&l=dataLayer&cx=c
Preview:.// Copyright 2012 Google Inc. All rights reserved..(function(){..var data = {."resource": {. "version":"1",. . "macros":[{. "function":"__e". },{. "vtp_signal":1,. "function":"__c",. "vtp_value":1. },{. "function":"__c",. "vtp_value":"google.ch". },{. "function":"__c",. "vtp_value":0. },{. "function":"__aev",. "vtp_varType":"URL",. "vtp_component":"IS_OUTBOUND",. "vtp_affiliatedDomains":["list"]. },{. "function":"__v",. "vtp_name":"gtm.triggers",. "vtp_dataLayerVersion":2,. "vtp_setDefaultValue":true,. "vtp_defaultValue":"". },{. "function":"__v",. "vtp_name":"gtm.elementId",. "vtp_dataLayerVersion":1. },{. "function":"__v",. "vtp_name":"gtm.elementClasses",. "vtp_dataLayerVersion":1. },{. "function":"__aev",. "vtp_varType":"URL",. "vtp_component":"URL_NO_FRAGMENT". },{. "function":"__aev",. "vtp_varType":"URL",.
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\ketopia-ketosis-7day-bg[1].jpgProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1750x845, frames 3
Category: downloaded
Size (bytes): 77178
Entropy (8bit): 7.9564602753951075
Encrypted: false
SSDEEP: 1536:qERki7rHzelojiza0Azb1Pclet9BX0ZwY8f3ufKmobmNQht6ZcCieV9ULWY3J:qERV7OllalbDt9N0Zwt3uilt6HVJY3J
MD5: ED3766E9D143D0C9EFB7060192B0F547
SHA1: 8C57455320A8D2150D28BB0FA0F44578CC863571
SHA-256: C6C394F72B9926807AE5ACA73548531045835830262217376E5A0A4F6AEAE97C
SHA-512: DC86D6EF685F13A77652B6C07F35DCE870105C134B85445BEFFC1CD3D522789716BEFB9E52951D9967AFE839DC214A3D878EF7E09C1E4F4A5EE6080E2CF911FD
Malicious: false
Reputation: low
IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/images/ketopia-ketosis-7day-bg.jpg
Preview:......JFIF...........................................+......+&.%#%.&D5//5DNB>BN_UU_wqw................................+......+&.%#%.&D5//5DNB>BN_UU_wqw.........M...."...........................................................................p....xq{ ........................1..X.....G.........................X...0..<[email protected].\[email protected].\.W.s..Xb....@.........................=o.p1s8..h..okn}_...+...K.........................1.,x.<....O......|...o..}.*W....PD.......................)...+b.........W...x....}.e.% D.........................1.:.Z.TUa.?......??....x^&.&.....e6H...D.{`...............Lt.Jb.:..*..._ek..,\.?...v.....t.......l.............`.qR..\p....P.N..ma....S..~........y...."._p.................(.....*.....2.t5.9>W.~_I........\...................Lt.:c.P......T...4..!.........g......."H.G...........q..LU...`. .........k9.......+....!3..[..9..A. .#.........W.)......bA.......L...w....~u...Z.F.<....F..L.=...x8}9..(
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\logo[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 88 x 40, 8-bit colormap, non-interlaced
Category: downloaded
Size (bytes): 1006
Entropy (8bit): 7.358916252624177
Encrypted: false
SSDEEP: 24:IsmPyoS0ycGkymu7V7JHfBpCrm3+ma+r97LAT:VWyoWwyb7L6mU+r6
MD5: 6B39C8CE5CFB4EFA11766E5FDF5DFCD0
SHA1: E358F718254DDE3A2647BAECF85E9393D8DC5152
SHA-256: 543A9548DCF94AEA2E4F3BB5623BB575DA7EE2A9F9EB018F26CA9018F31A630E
SHA-512: B08D0AFC4DEC5CF094A03E928423C5F9D230E4FC0C7FDAC63F2A0A07034FAC547EE9466DC5A5F245CA66280C8C9E40F0A7535BD4C772CCB1FD61C49A4CEFB250
Malicious: false
Reputation: low
IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/images/logo.png
Copyright Joe Security LLC 2021 Page 15 of 51
Preview:.PNG........IHDR...X...(.....Mi......PLTE...333222444222333)))222444111222000 222111232333333666222333333333333333222222111333333222222111222222111333333000:.C333222333333333555..!...222...333222;.D222...222333...;.D..%;.C333;.C:.D......:.D:.D.........222333...;.D3:4:.B9.?7~<KH/tj*:.B=o9=b75U74E5Lc3NW1..&..#..!.......TN...HtRNS.......0._ ..X..r....wQH.....mfD.......K&....[Q=85,*........|{ta])..A....>IDATH..W..0..G.....uET.....z?`....?.-L0!.!/.r?./&.......l.'t......O...=%...g.b`.....B9......Q....:....#...);..G.J..~.#...+..W.9....m....6..)....Oj............AR<ffW.H;..$.....v.S..l...N.......g..ax..g..QJ.Q0c...E>....{!...q*..md..|..+..d..0.9a..pdQ....bE.v..w..e..uC.....`.....qP....G..#.Ot<...J......./7...,....Ks........'p....%...b`H.9.rbzv....;.9.CY...L..1..c.....P.._yN\'//..ED..@n..\.{8...l...d..n.)...D....&?!k.5.i.D..")...k.^..:...X.._=T.U'....}.4.....M.&Q.[ ...c$%.-r..........sY.6...yh....{>K...b.$' )..X..._......N..\...3...CgP.T.L..`.....@..^......IE
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\logo[1].png
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\maingb[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 1902 x 946, 8-bit colormap, non-interlaced
Category: downloaded
Size (bytes): 390455
Entropy (8bit): 7.94844476318233
Encrypted: false
SSDEEP: 6144:Jom0y1uk8vQGG6pK8kz23Wn8y3mM1OEuI0vu/0DfMPrIb3bJfrbyRyV3Wa2:JomTop7kbhmGuIau/ekP63bhnyRyVp2
MD5: AF2A27E5AE696FFA8F5074BC2B0A7439
SHA1: FB0EA93F07B67F4D86F9BDE3CD41D4C08B3BDC8E
SHA-256: 3FBC125C2B9D354169C67E06188F6133C88E29417AAE1A1C2BE63B799C252BA9
SHA-512: 03DDF65E170BF1D496347A40064F82505C71FBCFAC04F6A373542641C8E4D9D7679CF2A5B128EC703E68B8A8F45E84D91BCD926EA98C02E92DB0A0B1941CBABE
Malicious: false
Reputation: low
IE Cache URL: https://thecompleteketo.com/static/keto_complete/v3/desktop/images/maingb.png
Preview:.PNG........IHDR...n.................PLTE...............................................i.S<^..4.....................................................................................................................................................................u..............r...................SHI....................................xG=>.....{..................j..........<24.............ya...................y.................z......dVV../'*..................|.......g.....{n........q...pff......oW.......|uurK=_....|XK...cN.c.eW.pc.I..".......&....u...........r.......d.......aA8...f....VC.................&.t:..~...m.........I5#...}[.....J).A..N........D....m...Z_jd..U..MS_T5....y..e........s|denyfgF...wC..C'"}vOa..{...qc.cC...JyeA]Hm...6'........tRNS....0C..U.d..r......s..W8.....IDATx...N.0.D{..I[..C..S.d....v...C...B.*EK...'h...k;..T..*.S.N.y^.L...$..)7,..([email protected]...(0..U..*.nJ...sG....1.L..U..:T..
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\mobile-logo[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 320 x 100, 8-bit colormap, non-interlaced
Category: downloaded
Size (bytes): 2579
Entropy (8bit): 7.901516926371589
Encrypted: false
SSDEEP: 48:Cqf57iuVCUtm1JHjJy113T+CyG8zCT2lXKa6+d59ORrp2WUL:C6xVCU01Jsj+CyGcCT2xK/4ORrpVUL
MD5: 5FD123E451E0BF0FDE3FC416FD18DD10
SHA1: 9B8DFE8EA1F3C8874B9893E9F94DEFB6C8C990EB
SHA-256: 85D4B00D929914C222D1EDC40F169A5886D96ABD96A9154747002E6D0CA07218
SHA-512: 5F7EBADACCB85B9DF225BFF9F97D689A80A7A1FEE64FD970743FB4280F57301016359932A190DEF52E7227CD5E73DA27B13DA4C6A7CF02AB3DCDCA241786BEA7
Malicious: false
Reputation: low
IE Cache URL: https://thediet4slim.world/static/diet/fr/gala/v2/images/mobile-logo.png
Preview:.PNG........IHDR...@...d.............gAMA......a.....sRGB.........PLTE.......+$....)!....$..!........1)....MG.|x.91.......zu..'...b].oj.......&..;4.............hb.......HB....C<.UO.KD....F?.....XR.e_..6/..PJ....wr....mg..>7.....................z....`[email protected].....}.....3,.]W.......ZU...........IDATx..\g[.L..5...*H...R.]/.xm........$!..........f.I$....\.p.....\..kN.suM.+..3EQV..o..|.X7.q...+...p.ll.~...i4.&.>'Z.-.....j7..u......sJ.w...H...t.R.;|.~.'.......r.K.....v..........S|~._1.....)2_.Me..../....i...C.I.{AQwP.y.5....]...i...B7..IY.....G...s..J\B+.."?.^../;.~.Qh.u..Vx.../.'p...............V>v..C...O.y,$#.....2..3...f..:.,.....A.#.w...5.1.&.............`..+.v+.;m8.~=\......ONO..j....*._e..2......."E`..b..e.o..M{......8.8..O.~t5^xmk..v.....8.....Xl.W^..p...e..X...e9..A...R..~yl..%.~...Wg]...o.\....../M...n.\x..c...5...kO......p..W.........2..mM..Jy._..V%;."....kq..>6.#q...gL..`^.V.Ey..J..;.a]..d.A...x....%A..J..
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\rrmhfcjs[1].htmProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: HTML document, ASCII text, with CRLF line terminators
Category: downloaded
Size (bytes): 507
Entropy (8bit): 5.293750060707826
Encrypted: false
SSDEEP: 12:BMQtJOo9qvyJXrYfhB1Q3KSTCB1w+L9b7BDBxGzMf7BDB0:WC6vyJXspjeHmfw+L931IMj1S
MD5: DDA5CF8DEA854406216A52CE7199D4FD
SHA1: 97196B6912091EB0D2792C348E08E88AF961754E
SHA-256: 3029AB4EA4D7AEFF2D0845E59198ABEDA73D68C2B1C2C7793DF7CCA667CB5E27
SHA-512: 52E3018EDFC73329F3FB37BAE6004229D38617B2324AF0780D2473575BDA504B4762E3684D8E5CF60914FAA0E0966CB069BA07A287C8A8FB51CC8A5322877CBF
Malicious: false
Reputation: low
IE Cache URL: https://www.saildigital.uk/dciuoodv/rrmhfcjs.html?ku4tgs6j3vd1.php?ujtzkr18vqrd
Copyright Joe Security LLC 2021 Page 16 of 51
Preview:<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">..<html>...<head>....<meta http-equiv="content-type" content="text/html; charset=utf-8">.....<title>Invite Confirmation</title>...</head>...<body>....<p>.....<br>.....Loading........<br>....</p>....<br>....<br>.....<a href="http://thediet4slim.world/?a=1nod&c=d&s=1306">Show me now!</a>....<p>....</p>...</body>..</html>......<meta http-equiv="refresh" content="3; url=http://thediet4slim.world/?a=1nod&c=d&s=1306">..
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\rrmhfcjs[1].htm
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\rush-my-order[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 277 x 90, 8-bit colormap, non-interlaced
Category: downloaded
Size (bytes): 4874
Entropy (8bit): 7.916223406901023
Encrypted: false
SSDEEP: 96:8zRq4W2UP5d1vLaah+dXKc/CKDvPNOCtytxEXqecKg0JksLJ0Hu5:8tq49+LaCufDPLytUqRvX1A
MD5: C1A38F2AE3C2BDA502B4CC276AA9BCF8
SHA1: CB6990C7418207F370E882B8DD8246E9ACE8301C
SHA-256: 3DC4033C7318CAAECACDDA5B1CFC0E99F08AB0B3382379405099F84C1E83A3CA
SHA-512: 724A6FA530D28B5F3ACE7DF4F715A19A7A84E2BFD0A541D8FE475446FFA51217D8F0343E23AE5D424FB9D5BADBD55058B8A40F7C3893DF026094CB33C7DE17EF
Malicious: false
Reputation: low
IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/images/rush-my-order.png
Preview:.PNG........IHDR.......Z......I2....RPLTE.............#.................0&...q...B3C...:/....*".T7?...d:_......'.q.T.$.`...u>...G....P..D......~..`.....U..Y#..*....?......:..-.VVZ.#%.2....{.9=..g.E.&.."..,..4....SST.8.~.y.fh.tw}.Q..............................t.H........................*..............#......................................i.......................:............1........... .......:...(....:Z$.JE.....5+...Mx0.JD0!$.......p.G[.....x...$. 1.b.....LD..N...pk.lk.FD..KD.ED_.;....ml......ZXj.B...._Y..:i.........|.^Y.HD2M ./,..|d.>S.4.]Y.3,.,+.ol.2..}|X.7Gn,)@.k.]o.\.4,.IG..~..W.||EO0>4,}}.rinz.m.=.`...@tRNS..}.......................{.......}..S&....mD...}.............u.......'IDATx...OK.`...9-Z.TEV.0.......m.A.4Y:Z[..L+J..;.\..J.%.K...^r.N.{k........'1.K...o{(%.<.~.C.,******..z.....J....w..Qj#.....b..4m.....#..i..f...6...}.....X.*8}...B..L.^...E.,{R..........b.Z9=.....S....l..N&...........K.....n..pK..v.7-....Iq.C...T*U.^..q..$.5t}...E1..4.%.
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\sec[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 165 x 15, 8-bit colormap, non-interlaced
Category: downloaded
Size (bytes): 1072
Entropy (8bit): 7.569239141049464
Encrypted: false
SSDEEP: 24:nKq5+iLoteeujD7OTV8GTAXalGURPEEAMYxC8fQTjGMxN+O0bP07:nxLoYjDqV8pXfURPX0aTjGM+O0b87
MD5: ADF6BB72192BE5CFB8EC298066AA3997
SHA1: 442FBB5C34CF930147A29D233D7B09BBB1D9BAD8
SHA-256: 068B671260B231764FB737B209A6E50B508FAFA75B89C211E83E34B80877AD23
SHA-512: B63F6532DE373A60C487F0F289F03868ADC8FFA946CF13BF15ED3AEADAC8E01514E139DD21531FDADE6590FC0CD38E914E09EEE714D672E81469E9E83419072B
Malicious: false
Reputation: low
IE Cache URL: https://thediet4slim.world/static/diet/fr/gala/v2/images/sec.png
Preview:.PNG........IHDR..............r.`....PLTE......rrr............{.............................................z.z..w.urr..u..v..su.v..rv.wrr.......yrz.....s...........~r.r......uv..s......................................{.....{..x...v......{..~.......~............................................................v.{..{..{..........v..u..........rr...s...........{...........................rrv..........VIDATx....$1.F+i.mkm....m[..W.....;.K....O...|Q._.....5.k..Kx..Y.I.=)Z...?...W..j=...%..|... ..6....5.x{.....gP...b./....=.&..=;..z.:[email protected]`t....I..d...J.w..(.i@.*K.:6T...'v6...'..Tf.\~8q.&.....2C..MtM.7j+.....b..Dh.][email protected]...(Z......}.....}].ao..@.!......lo.^...qs..^...m7.l.........<w.........*....t.b....%HS.>...2......66..7.j?.x...I......3..zKo${...X./../.~^ki.U.....1.+.hO.......I.6k.:.}..z.}4..a+.<.J.:...YP..p.y.p.2..=....k......B.Sbj.A)..O}...LjU..m.6....A..8...$....t..N...ys
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\style[1].cssProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: ASCII text, with very long lines, with no line terminators
Category: downloaded
Size (bytes): 46955
Entropy (8bit): 5.146117570670826
Encrypted: false
SSDEEP: 768:OIQjjKPgqtH88KPgkNIptOXnwEAEsKPgYnkLh9r/+:Ds/kLh9r2
MD5: D04BD9F927DEFDD947D4FC1A4447C395
SHA1: ACB856373234B5D22D0E9E000F71B9B164B782FF
SHA-256: 93980FAAAEE0811F19654EE731B468F6C0A141F0F02C411B41C841F62CD90ADB
SHA-512: DDDB7D25C10D5A03DEA7035DDF55EEE736FE6842573A2E14734133AA87DC8976303D8F4232D84A3D4AC9E32CE8B80505DBADFAA72D61420861F6C8997AC16730
Malicious: false
Reputation: low
IE Cache URL: https://thecompleteketo.com/static/all/css-conf/style.css
Copyright Joe Security LLC 2021 Page 17 of 51
Preview:body{margin:0}.button{display:block;height:70px;font-family:Montserrat,sans-serif;font-size:34px;font-weight:700;color:#fff;line-height:70px;letter-spacing:-1px;text-align:center;text-decoration:none;text-transform:uppercase;cursor:pointer;padding:0 25px;margin:0;position:relative;border:none;border-radius:15px;background:#f60}@keyframes pulse-black{0%{transform:scale(.95);box-shadow:0 0 0 0 #00c389;opacity:0}70%{transform:scale(1);opacity:1;box-shadow:0 0 0 10px transparent}100%{transform:scale(1);opacity:1;box-shadow:0 0 0 0 transparent}}.anim-1{animation:pulse-black 3s;border-radius:50%;-webkit-transition-timing-function:linear}.valid+.error-message{display:none!important}.get-phones .local-phone{color:#000}.button:hover{background:#d95803}.popup ol strong{display:block}.popup ul li{font-size:16px}.form-error-text{border:2px solid red!important;padding:7px!important;margin-top:10px;font-weight:700;color:red;font-size:18px;text-align:center;display:block;border-radius:5px}.button spa
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\style[1].css
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\t[1].jsProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: ASCII text, with very long lines, with CRLF, LF line terminators
Category: downloaded
Size (bytes): 29039
Entropy (8bit): 5.33294229348009
Encrypted: false
SSDEEP: 768:9OosLJxQUgn/axavaSjaKdJ0hggTBLn6IVO0v1bK1i7B/2+:sJDwg5TJLOgm+
MD5: 78A85CF53C44CF88AF028ADE91E6799C
SHA1: 6DEB1E2564BA446BCC31D495BB191B800C39007E
SHA-256: 8A9B4B744C0B6A690D310556E8C8BFA0352276889F505BCE2EC77951E9BE3B79
SHA-512: BCAF869E132903B99E22CB4AAED56CE8D6378DBEAF91D938874F3B665B6E07658E85BFA65ACD25383B084AC42BC4843A21795A52EE261E3F6AFDCDE8F4537760
Malicious: false
Reputation: low
IE Cache URL: https://cdn.trackjs.com/agent/v3/latest/t.js
Preview://! TrackJS JavaScript error monitoring agent...//! COPYRIGHT (c) 2021 ALL RIGHTS RESERVED..//! See License at https://trackjs.com/terms/..self.TrackJS=self.trackJs=(function(g,l,p){"use awesome";var u=function(a,b){this.config=a;this.onError=b;a.enabled&&this.watch()};u.prototype={watch:function(){c.forEach(["EventTarget","Node","XMLHttpRequest"],function(a){c.has(g,a+".prototype.addEventListener")&&c.hasOwn(g[a].prototype,"addEventListener")&&this.wrapEventTarget(g[a].prototype)},this);this.wrapTimer("setTimeout");this.wrapTimer("setInterval")},wrap:function(a){function b(){try{return a.apply(this,arguments)}catch(b){throw d.onError("catch",b,{bindTime:e,bindStack:f}),.c.wrapError(b);}}var d=this;try{if(!c.isFunction(a)||c.hasOwn(a,"__trackjs__"))return a;if(c.hasOwn(a,"__trackjs_state__"))return a.__trackjs_state__}catch(n){return a}var e,f;if(d.config.bindStack)try{throw Error();}catch(n){f=n.stack,e=c.isoNow()}for(var h in a)c.hasOwn(a,h)&&(b[h]=a[h]);b.prototype=a.prototype;b.__t
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\usage[1].gifProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: GIF image data, version 89a, 1 x 1
Category: downloaded
Size (bytes): 43
Entropy (8bit): 3.0950611313667666
Encrypted: false
SSDEEP: 3:CUMllRPQEsJ9pse:Gl3QEsJLse
MD5: AD4B0F606E0F8465BC4C4C170B37E1A3
SHA1: 50B30FD5F87C85FE5CBA2635CB83316CA71250D7
SHA-256: CF4724B2F736ED1A0AE6BC28F1EAD963D9CD2C1FD87B6EF32E7799FC1C5C8BDA
SHA-512: EBFE0C0DF4BCC167D5CB6EBDD379F9083DF62BEF63A23818E1C6ADF0F64B65467EA58B7CD4D03CF0A1B1A2B07FB7B969BF35F25F1F8538CC65CF3EEBDF8A0910
Malicious: false
Reputation: low
IE Cache URL: https://usage.trackjs.com/usage.gif?token=290c8f87dddf45e3a65e0baf08b25d02&correlationId=62624ba1-8bd1-4ea7-917d-2fbd3663d4bb&application=shop-go&x=93fb4e19-0672-4ed5-87cb-1b2ed1ef7d74&
Preview:GIF89a.............!.......,...........L..;
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\utils[1].jsProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: ASCII text, with very long lines
Category: downloaded
Size (bytes): 245184
Entropy (8bit): 4.744455726699706
Encrypted: false
SSDEEP: 3072:yxJ0MDz3ojrs3OwPl0n04Xl31AfO+2x1+w+Whnz6RNC7sSUrVjHoLOTpCAtQ594Z:yxJRDY9lx1+w+WwugJ
MD5: 8F3A2154B225B6257161C4DFC9B89C9C
SHA1: 16B798CBB9E22CD4E1D710A8DE7B12734551CA00
SHA-256: ACAEFECC2A438420AE02BAA357BB498AC4ABEC71C80BA9E3C2B7079CACF256C2
SHA-512: AE1F7CE0811E3EC97105009FEB364B2EBEDB402A63F0F250FB82550A91863E170181283CC867049BE7FF4DF64A6B0DB7719FCD33438E03F7FCCC0E61F9686A10
Malicious: false
Reputation: low
IE Cache URL: https://thecompleteketo.com/static/all/intelInput/js/utils.js
Copyright Joe Security LLC 2021 Page 18 of 51
Preview:(function(){var aa=this;function k(a){return"string"==typeof a}function m(a,b){a=a.split(".");var c=aa;a[0]in c||!c.execScript||c.execScript("var "+a[0]);for(var d;a.length&&(d=a.shift());)a.length||void 0===b?c[d]&&c[d]!==Object.prototype[d]?c=c[d]:c=c[d]={}:c[d]=b}.function n(a,b){function c(){}c.prototype=b.prototype;a.o=b.prototype;a.prototype=new c;a.prototype.constructor=a;a.aa=function(a,c,f){for(var d=Array(arguments.length-2),e=2;e<arguments.length;e++)d[e-2]=arguments[e];return b.prototype[c].apply(a,d)}};var p=Array.prototype.indexOf?function(a,b,c){return Array.prototype.indexOf.call(a,b,c)}:function(a,b,c){c=null==c?0:0>c?Math.max(0,a.length+c):c;if(k(a))return k(b)&&1==b.length?a.indexOf(b,c):-1;for(;c<a.length;c++)if(c in a&&a[c]===b)return c;return-1};function q(a,b){a.sort(b||ba)}function ba(a,b){return a>b?1:a<b?-1:0};function ca(a){var b=[],c=0,d;for(d in a)b[c++]=a[d];return b};function da(a,b){this.a=a;this.h=!!b.i;this.c=b.b;this.m=b.type;this.l=!1;switch(this.c){
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\utils[1].js
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\x-icon[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 470 x 515, 8-bit colormap, non-interlaced
Category: downloaded
Size (bytes): 10872
Entropy (8bit): 7.964288675750523
Encrypted: false
SSDEEP: 192:kSbi6gAI6CW6NPoOkkYfOuWXkrr9v8fEeL/tahbA+9I44ZgH9GTYofIRy9SPLryZ:jTgABPOkJOucQ983/ybjk+hX494vyWOV
MD5: BAD5BBD85F927755469F1F4D125D5548
SHA1: 8A66F76B388D89BFD4AE246BBB9379F6F3D272DD
SHA-256: 3284E5157F9E436A0C69D1A2356F9A1E16E9D6DEE515FED9EEE426D2F8AC72DC
SHA-512: 5B58AB2C2A6AF089CAB6BAB0192D71A980704CAA3036901DEBCA291B4F9E0F8E4F34F8029F23D00560AA010CF5A6FFAE333E2DCD5AE949675DDD64024A05B7FA
Malicious: false
Reputation: low
IE Cache URL: https://thecompleteketo.com/static/keto_complete/v3/desktop/images/x-icon.png
Preview:.PNG........IHDR................i....sRGB...,.....pHYs................<PLTE..............................................................$7....tRNS.........................).IDATx..]...8.4........( .X....z.{.1.zZ#..A .....@ .....@ ...b.Q.....a....G./.a...y} ...o..*....W.W.0..i} ...Z..Q._G.%..iBnn...`h.~..s.!...5}.7.........u..G.s.E^O"m......>.(...=S..y=..l.[p.5...9)...u..]R.Np.&.....y....x.P_...>.....C..[L....?..a......m..d...g1..'....H.r....:......y..n..JU.....TsW.B..r.%..qV...U...O...z.V..>Y......Z~..{Q.H..Ekm..J...~.\..m.N.-.3O.i_....#Z..yz2+.b...*.i..?^.\......7../.-K5`kaH..yL.H.R...z....h..(._..U...R..&t;.d.|...L .R.wk..F..*G..^..z.Z. .|Hi..CF.a..e^>...5.b-v..Sh.g!.:9.V...-..>,...I..4.b.P..*..... ....6....T.q5..4.........i..P|t!|..[..Z..T.:...!..o..i.m..p.X#.........Y.|..P...,......H7.+...}[email protected].&........l.I..H.p....1.........)...........vb....`.o...f.h...a.......W.0 [email protected]...(..u:....9..f..7.[H.BI..*|.:...g...Y........
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\backDay-fr[1].jsProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: UTF-8 Unicode text
Category: downloaded
Size (bytes): 737
Entropy (8bit): 4.6061762064274205
Encrypted: false
SSDEEP: 12:A8YLIn91M5M8/kDqu88RAh6E8jARx8LgNE8TfwIL+QAUeRALfRzRKR8UqJ966hgL:ELI91M/5Th65AMgNlfzLlAUHf5RKRSry
MD5: 094A47716107CC0F962EB32C4CC1CBC4
SHA1: 660191E75D89F2F13C91FA362BDA48B7C747AD02
SHA-256: 1798079EB2AC2EBCE4B1A95C2648259F9DA714060C45945054208A627F3EB63D
SHA-512: D1C570F48B2FFD1A1FA624F633E00DF582CADA14AABAF6D54D583E3FFE6C36F7B9B085D3C6754D4CEBD43325D5CDFF69DBB417E9AF10E4CEB18890783C69473E
Malicious: false
Reputation: low
IE Cache URL: https://thediet4slim.world/static/lib/backDay-fr.js
Preview:function backDay(backDay) {. var backDay = backDay || 0;. var mydate = new Date();. mydate.setDate(mydate.getDate() - backDay);. var year = mydate.getYear();. if (year < 1000). year += 1900;. var day = mydate.getDay();. var month = mydate.getMonth();. var daym = mydate.getDate();. if (daym < 10). daym = "0" + daym;. var dayarray = new Array("Dimanche", "Lundi", "Mardi", "Mercredi", "Jeudi", "Vendredi", "Samedi");. var montharray = new. Array("Janvier", "F.vrier", "Mars", "Avril", "Mai", "Juin", "Juillet", "Ao.t", "Septembre", "Octobre", "Novembre", "D.cembre");. return document.write("" + dayarray[day] + ", " + montharray[month] + " " + daym + ", " + year + "");.}
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\check[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 53 x 63, 8-bit colormap, non-interlaced
Category: downloaded
Size (bytes): 1147
Entropy (8bit): 7.602411939286746
Encrypted: false
SSDEEP: 24:pdncYrvnmzSaLqNKwAdrpiMFGz7iGkgOSvEbTsB1:Uavn4OMuMFGzuGkgOSvJf
MD5: 890EC24C39C0C6ACE521E7E583950252
SHA1: 8279A8FBD16BE9A45BC1B25CC22287074BE6C01B
SHA-256: 90931518EB05AC6A92C5B6B4D2C3BF7522664054ACA49D317ABD02436B1BD26F
SHA-512: CC5528FFA5EFEA3D3219A1407BA9602803A4ADFA02CB9E68F32BD3F194842C57B27F4DB5DF72FFE4C15D2F3212B48FBD5EF8C0355041C91649B632916ABE816A
Malicious: false
Reputation: low
IE Cache URL: https://thecompleteketo.com/static/keto_complete/v3/desktop/images/check.png
Copyright Joe Security LLC 2021 Page 19 of 51
Preview:.PNG........IHDR...5...?.....w.p$.../PLTE...............................................................#.................................z.....\G.@@@..Q<...***.....&&&###777........;4!...C<(......RRREEE..............DDD.m........___t`#.+!oZ.......zzzyyy.{ .n....73)lllNE&.i#YK#.s".........Y]VB..6B<'hW%bQ............M.....,tRNS.....`.._ @..P0!....o.?....2.......ya`S81/...L.....IDATH..i_.0...-........n2..................I.......L..6qf_k.......+4.zA.I.<M..h...&P.K.&.9M.|4.......O..T..T../..w*#..!....8....M...y.J..5..Lg5m...L......S;n.n.*.Q..T.".....J...:h.|..T....$6.T.R....zTR.*$>..*5.H.>Yeu5.....JC.....W..L.`.5....]]|...t8V..Q...;..J.U....|.r.G.Tw.Q...Sf.R.Q...r.rLMs]...yu""...L......"=.e.............4uD~\.D.:d.....R2"m(.......K...Cu..Z.....:../D..#Dj........4d...!Z...3.@.\S...O?|..5...)r..B~..@$.........#B.C+.....4.....2..m.Ab(..2.C.v...(".l.J..)d..I$m..9tIX..#...\X...l3.....&.v.<...x...a.Dd.!...4 ....g....c.b2;D$.b...-[.J...Z....@]..
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\check[1].png
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\countries_states_FR[1].jsProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: ASCII text, with very long lines
Category: downloaded
Size (bytes): 157517
Entropy (8bit): 4.575452616106204
Encrypted: false
SSDEEP: 1536:J+nvQKF/dIZSeSGYRB5wHN4fj3GF4N6bLSaKWbf9P0JocfEdjWrl:nSeSGYcOeb1P2rl
MD5: 0AB90921C588A6D57842BC0AF3E6BA13
SHA1: CBBEEAC2F66014FBE1363E880A974BFC92118C49
SHA-256: A91F395EA289BA245146CDCC44D5EC9D5B73D9108EC27D3829846C3D29C43696
SHA-512: BD3B21EFD5BE53DF26EBF636695C3361C1E295F4CFFDF4E0A6A61CE2AFA2D6CBA64C3D47B045A026C023B62EE158D8B84029C0572BDD09DA41B5F6F219540D5B
Malicious: false
Reputation: low
IE Cache URL: https://thecompleteketo.com/static/all/js/countries_states_FR.js
Preview:/** Version 2 */ var countryList = JSON.parse('{"AF":"Afghanistan","ZA":"Afrique du Sud","AX":"Aland Islands","AL":"Albanie","DZ":"Alg\u00e9rie","DE":"Allemagne","AD":"Andorre","AO":"Angola","AI":"Anguilla","AQ":"Antarctica","AG":"Antigua-et-Barbuda","SA":"Arabie Saoudite","AR":"Argentine","AM":"Arm\u00e9nie","AW":"Aruba","AU":"Australie","AT":"Autriche","AZ":"Azerba\u00efdjan","BS":"Bahamas","BH":"Bahre\u00efn","BD":"Bangladesh","BB":"Barbade","BY":"B\u00e9larus","BE":"Belgique","BZ":"Belize","BJ":"B\u00e9nin","BM":"Bermudes","BT":"Bhoutan","BO":"Bolivie","BA":"Bosnie-Herz\u00e9govine","BW":"Botswana","BV":"Bouvet Island","BR":"Br\u00e9sil","IO":"British Indian Ocean Territory","BN":"Brun\u00e9i Darussalam","BG":"Bulgarie","BF":"Burkina Faso","BI":"Burundi","KH":"Cambodge","CM":"Cameroun","CA":"Canada","CV":"Cap-Vert","CL":"Chili","CN":"Chine","CX":"Christmas Island","CY":"Chypre","CO":"Colombie","KM":"Comores","CG":"Congo-Brazzaville","CD":"Congo-Kinshasa","KP":"Cor\u00e9e du Nord","
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\countries_states_handler_i[1].jsProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: ASCII text
Category: downloaded
Size (bytes): 1639
Entropy (8bit): 4.676835743793315
Encrypted: false
SSDEEP: 48:tvdRjdfatY8PYYnzGvctYXNmb5iWn0yz4:tvLJfaNmRs74
MD5: 9031AF7FA3FDF55E5D2CD5819D561CE6
SHA1: 555708FB8B38B5907CBE838FD2C4E42E3EF79971
SHA-256: F1C65C9835A468F02FE32A9DAEACC3B3426CA9D5973DEA370CCF09FB3B77650C
SHA-512: 0691BADED97A8C350CD8520BA361E7D34170F18A37C30812AFBFF3FA2818D01DA458235F2FB051A89A41D55D09EA9F2FC64527662B0E510B06C50C0B4E90D840
Malicious: false
Reputation: low
IE Cache URL: https://thecompleteketo.com/static/all/js/countries_states_handler_i.js
Preview:try {. function addCountries(selectObject, defaultValueByCountryCode) {. for (var code in countryList) {. selectObject.append('<option value="' + code + '" class="different option">' + countryList[code] + '</option>');. }. selectObject.find("option[value='" + defaultValueByCountryCode + "']").attr("selected", true);. selectObject.val(defaultValueByCountryCode);. }. function update_country_state(textSelect) {. if (countryStateDict[$('#id_country').val()]) {. $('#state_div').show();. $('#id_state').replaceWith('<select name="state" class="form-control" id="id_state"></select>');. $('#id_state').append('<option value="" disabled selected>' + textSelect + '</option>');. $.each(countryStateDict[$('#id_country').val()], function (index, stateDict) {. $('#id_state').append('<option value="' + stateDict.stateCode + '">' + stateDict.stateName + '</option>');. });.
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\custom[1].cssProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: ASCII text, with very long lines, with no line terminators
Category: downloaded
Size (bytes): 7339
Entropy (8bit): 5.056213905686153
Encrypted: false
SSDEEP: 96:POK+Le267+FpI0FRCUj3nv5EwDCibulvcxhqx8xbK:Ge26KHI0FRCUj3nhEwfIvcjdxu
MD5: 2746B218FA264DE9135D9E17195421C4
SHA1: B45B4020A7162DCD375BCA521F9019CD5E438EF3
SHA-256: 84E1EBC084B306693075EEF8A75019C4B712C89CC4602F30352FD45C81EE3F24
SHA-512: 97485BE1B7962F83D2F9B7A6391DB16D7633830721D6C42B0F1A73700A33ADF77E429E10BCE20E6FAE0CB3F5661E9CCDD045479D0D1B8DF886B9D0026A13E414
Malicious: false
Reputation: low
IE Cache URL: https://thecompleteketo.com/static/keto_complete/v3/desktop/css/custom.css
Copyright Joe Security LLC 2021 Page 20 of 51
Preview:.package-info__price span{color:#878784;letter-spacing:-.03em}.popup-pre-loading-wrapper .popup .product-image{background:url(../images/bottle-1.png) no-repeat!important;background-size:contain!important;width:162px!important;height:280px!important;margin:0 auto 6px!important;position:relative!important}.compare .container,.how .container{max-width:1000px}.how{background:url(../images/maingb.png) no-repeat center top;background-size:100%;margin-bottom:90px;position:relative;margin-top:-10px;z-index:2}.how__left,.how__right{width:calc(50% - 91px);float:left;margin-bottom:-70px}.how__left{margin-right:15px}.row:after,.row:before{content:"";display:block;clear:both}.how__right{margin-left:15px}.how__middle{width:152px;float:left;margin-top:41%;text-align:center}.how-title-block{background:url(../images/bg2.png) no-repeat center;background-size:contain;width:241px;height:244px;margin:0 auto -41px auto;text-align:center;position:relative;z-index:3}.how-title-block span{line-height:30px;font
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\custom[1].css
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\desktop[1].jsProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: UTF-8 Unicode text
Category: downloaded
Size (bytes): 11718
Entropy (8bit): 4.9013037360944995
Encrypted: false
SSDEEP: 192:sYAEhCSu6nP649Piz/WuVQY4HThK9ay8xhYRNGA8jhRM+KDqzGX0B4Ld3R5l4SKd:sYAie49azZv4K8wl8hKDqzGX0B4x3zlI
MD5: 6D27051C1A67310341BD34FD800FA68A
SHA1: 887D8F41AF52B09266B2DF091460D1B351B9ADA7
SHA-256: 5ED2AE99CB4CFED43F30A62B0CE9B51D1E03F4C610279014785259F04B541926
SHA-512: 9CBC001DE61BE560A8E92086FAA3DFA87F1FDD82C7D23F34E2845EB9FB699C3FBB91179D2A5F88099D958725DB9539330BDFD1CD9C236635CD30DF5578E0C7E6
Malicious: false
Reputation: low
IE Cache URL: https://thecompleteketo.com/static/all/js/desktop.js?hash=1623415244163
Preview:window.dataLayer = window.dataLayer || [];..var selectors = {. shippingForm: '#shipping',. firstName: 'input[name="firstName"]',. lastName: 'input[name="lastName"]',. phone: 'input[name="phone"]',. email: 'input[name="email"]',. address: 'input[name="address"]',. country: '#id_country',. state: '#id_state',. city: 'input[name="city"]',. zipCode: 'input[name="zipCode"]',. loader: '.popup-loading-wrapper',. checkoutForm: '#checkout',. billingForm: '.billing-form',. cardNumber: 'input[name="cardNumber"]',. cardExpMonth: '#cardExpMonth',. cardExpYear: '#cardExpYear',. cvv: 'input[name="cvv"]',. paymentAsShipping: '#payment_as_shipping',. package: '.product',. formError: "#formError".}....var rules = {. expMonth: {. required: true,. },. expYear: {. required: true,. CCExp: true,. },. cardNumber: {. required: true,. creditcard: true,. },. cvv: {. required: true,. digits: true,. minlength: 3,. maxlength: 4,. },. country: "required",. sta
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\fb-logo[1].jpgProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 263x120, frames 3
Category: downloaded
Size (bytes): 4229
Entropy (8bit): 7.854989023196204
Encrypted: false
SSDEEP: 96:qEab4BH0zbFpfi/2UKebC36K9Zny//X4enP4zCPVQYwEpkbnvJV:qEx6zTc2UF09Zy//o+LPcA8
MD5: 964F4C3F7870999046854BA22661E9E1
SHA1: F8AB904D6FE4083BB7121B271A509EB996C41490
SHA-256: 09FCBEA7A8C62BAB84015B65E38A452BA9FEF30D1B3C51D5A1F4FAF95AFCA7A3
SHA-512: 4C37949CB5E60B9A1D26CCCA4C950C6E55B931D09D24A74CD18A8F5433F5C41C87A8E54830BA7A6E2F09B2228BC09DB19A3A193070C4F54FD67D2E47556F745E
Malicious: false
Reputation: low
IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/images/fb-logo.jpg
Preview:......JFIF...........................................+......+&.%#%.&D5//5DNB>BN_UU_wqw................................+......+&.%#%.&D5//5DNB>BN_UU_wqw.........x....".......................................................?0.F...;..0.C...X."`...(.@[email protected]./.'...w....9f...3..........}.......o..-.....w;:..V.....'s..P..X*.:[email protected]..].v_?z2.C......r>...f.l.]F....c...Q.....z.-..lX4.....E..3..q~.a.w.....?k.....&0..?........f^...4~.~..$..^Y.e."[email protected]..\.................................................N...j...3...1...@.{y..E..y=..c.<{.Nn..c9[m..?M.1.9.|.Wk....Db..........................................3.g..fL.=^..9`..w...c....v.u.^...N..Db=.......V.m......8...........................1..... !3T#[email protected]"2CQe.............Uxc.5....z..8.{5.w.k=..>..w...:y..7.e...\.$..7.k..8V.!.;...{J=.....w..].]..=.;$..o...f9.."|...~..."KO.\.b...O..{./..].b...{^.}..........?.X.$7.s.:e.(..w;k*........w.{....I...2l.."%.J.....V.g<} ...'?.W.YYEjSoG..
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\fbposts1[1].gifProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 532 x 1134, 8-bit/color RGB, non-interlaced
Category: downloaded
Size (bytes): 90677
Entropy (8bit): 7.966219946350299
Encrypted: false
SSDEEP: 1536:GNhbvX0I/G5KohpueVnAHOqLHakhGBpZjq8sAxMCEoMgbe5R8qGum5/8qMkhfHoo:G7rX0IO55puGIOqjakapZ+ZAxxEqJum7
MD5: AC25B2CBCDFFD76DA0C5B3B594160B95
SHA1: 41B4E7B3404EA38673D8F8EA1737792B8E4B3BFC
SHA-256: 743349FB9BD5B354C0D8BAE590FE6BA9570151731720D47E233024FFB3273C64
SHA-512: 714862F97B215A585BB132F9B9EA5A1C2DA88E966F9E5162A09E7F5C1FB071AB8B52454503670B087541BD5360ADE8C2D70C432EE56567E9A329BF0D1D519409
Malicious: false
Reputation: low
Copyright Joe Security LLC 2021 Page 21 of 51
IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/images/fbposts1.gif
Preview:.PNG........IHDR.......n......q9/..a.IDATx...k.].&.......*Wu.?:nw.uu.....F..{[email protected]....?x....._...X2.. l..*.)..@[email protected].....~.|GCCc.9....s.>....G{.=.\.9.9.k~.t..D..;.D".H../e.$..D".#.H$.I..D".H.H$..D.G".H$.<..D".H.H$..D.G".H$.<..D"..H$..$.....<..g.h..y..w.V.OM.Ex...,.D"..B...q.........}H...37.......7a."..d....m..:..xA.zL0\..FV4pA$.....c..................E....N3.....r.V~.].n?.....+_i..."t".%.|._.!`h..a.B....Z..Q..J[../]k.U*.. ..]Y.)..$..;.!.X8.h..&O..H..../....|E.........+.....a..i..McQ14.....O.*|..|G.j......g ..1v........+.'..<.}..f..I.B3+.Xx=.d...94.}...Bc.z3`..0."..........H..y.......`.#..........?....v...P.D.$.......DbA..0.)..{..g...%.}'.FeM.~~.9.Q.,......A0...!,.,..3GO.@QL.?<......:v.p\2&....m...C.7,p.a......8t..^.9..k..^.V....N3.c...><1.....O|..?|.'..\...?....+......c.x...U#..{.~....|n..,.}.}..n..........(q..g.Ks..A[.....q....G~.....cB..<..Fu...I..9......~..s...3........%.....c.w......^{.C?y...
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\fbposts1[1].gif
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\feature-product-m[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 958 x 882, 8-bit colormap, non-interlaced
Category: downloaded
Size (bytes): 194531
Entropy (8bit): 7.945867184603997
Encrypted: false
SSDEEP: 3072:L98y3MWngo1RRs27LvsMMHptke+apFkLpsPUueOvGQqR/NHdcqi0+kk1dJGZe:L9f3MurRHWLeWFk1s+OvGLNibKkfJGZe
MD5: 4190A3D902B53F4610EE0A0F5F465821
SHA1: D961463D9F5BABE4D290C5F3AF80E3A0BF8BD59E
SHA-256: 2AC3AFBF1CEC4F56C6B50625A9D91480081F3E2FCAA02387E52CF7C39A765442
SHA-512: F0D6F2537C49D49F6F469803A57C0FA5EA6E387E8659F385BB6345F8207CBCF7B776B0CEAD781007736D288F4288E4A9BE6E9B87782794A5E93ADB4BB18C4E50
Malicious: false
Reputation: low
IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/images/feature-product-m.png
Preview:.PNG........IHDR.......r.....r.......PLTE..............................: ..........,*)...B$..<.cMJ....bQOA.+655@==......[MK7..QPPYYXijk.9.IGGR-............dVUmSNm......a....g...d__.......e...m......~......Zv..E%.h........k..o`^k{..yJ....t.....;.....Qc3....}.'...[{.....Z.........._.y.b...o...K............L.....}..hn./y.=$...........S;1..9......e{'w=...6..n..H....kB.m....u...Z}...vP..s..O .yz{..6~XJ..#Qj..4.Tj'.....gKd)....s}........jE...H0.c>[email protected]..\...e....N...J...t......u.Q..k{."...F.w0er....K.......x..N1.....t.......I...`..z.8.*3.Y.7..._u...me.B....C........e.1C.#........xf4BN..uT...d.~.?..M\j...Z#]q......(.........W...O.z.....~...#j.......6F...........rA....K.Q+l..._.a_?.H.cw.:\..].6.....IDATx..............................];.Q...0<.F.n^....vN."(.6h.~nmY.....K6.nB.....Cz.t...RC)....j.3KF(f.'....|..5.'...ah.~..Z......Q.v|...P../.|.r}Z..}...Z[.^.... .x..)6..../..u.f
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\feature-product[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 958 x 882, 8-bit colormap, non-interlaced
Category: downloaded
Size (bytes): 187641
Entropy (8bit): 7.955889306979783
Encrypted: false
SSDEEP: 3072:9guwrje7aFlx1/4WxbxRmIs3KTV/rUe8MyWJbuNB1UVfa46HhohGLro32VvofdZa:WuwrjeU19xbxRSaZ+yur2FaR+U0MoVtu
MD5: 9262ADD2F43FC919362E1C9103A18574
SHA1: E79C32DF1206B28F115E526C5D57E1418191C353
SHA-256: AB6E2A85AFD815866A5E208687F5841B11AFABD352C71340FC9D31BE0EF8F6FC
SHA-512: DD359DB0B161F55A6E52262108769E63BA847C2CCB8CAA463D1B548D710EC9C33083CEF01881EFE3865203E21080201DD979D6CA279C73FBC6176D105F29E6F9
Malicious: false
Reputation: low
IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/images/feature-product.png
Preview:.PNG........IHDR.......r.....r.......PLTE..............................4..... !".......,,-;........ihi]]]SRRC$.....7.cMJIHH...855@>>..._QOj..@+(...m|.....ggWU.....8.....r.......k..oRL.Y.am.....9".N,....)...>.n_]........`.|.......Z.yJ....j.v...P...Z/....YHE.D.}.&I40....}..............ZJ........th......c....0P!.q...K5..R.iH..7......sK..8_;).........KYs......[.....|K`.......C..l.[8oD0..\x>.w........Q4.`E..b8..tuvr...v......Le.%.7...a...h....... ..l.........4.x.C........6.....er...b=.sP....t...I..y..n.....K............O....>y..iV.[....`...N.j.B..p.....C..,.s........`...%.x..Yn/8....w.Wo~..{h...J .....0>I.....t....m.b....Xl}..a..?.....E.........V..7H..W#........FUc..j......s...E...z......n.U...9..L(.......=...fT.j....k..cu.. F....E?.H.=Z..`.3.......IDATx...KN.0.F.Tw.o.[a+,.a..k.i.......*%.8...%..U...75.............................=Uq..j..`2...w..\.M-..).../....v:..s.eYrn..w...=9.{...%....<*.~........G....0...P?..m.Z2..FR.
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\footer-logos-image[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 960 x 87, 8-bit colormap, non-interlaced
Category: downloaded
Size (bytes): 13311
Entropy (8bit): 7.972219768497237
Encrypted: false
SSDEEP: 384:cItL7MkJzvj9ywbZr7JZxJnAbWshllxdcXN:cIR7MKvb993JnyH3dCN
MD5: 1D5E4B170119A30FC96B3C665A4CCBAB
SHA1: 1E61EF5D56268CD4D983890B252AB701A2780358
SHA-256: 80E1C336CF345C9BCFE89285545117582DD5AA668ED84A65547269736C423F98
SHA-512: CFD12229201C0CF2742416E876A434CF536A77E9047C8B3CFA29FFDA3D52D4D719E31A2FC63161580128B2AFD9CCC630BFB9B73D62F8E4EED78C57146C8FCE4D
Malicious: false
Reputation: low
IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/images/footer-logos-image.png
Copyright Joe Security LLC 2021 Page 22 of 51
Preview:.PNG........IHDR.......W.............PLTE...'.6'.6'.6'.6'.6'.6'.6'.6...+8B..I.<A(7;........7.+k...../..V..C....t%[email protected]... *];EJ..E....Zci{..JQQ.,F.....(..@kru.'-....L.......MYg...n.A......4<[..%..%...(:+..#?DK..beim.....&....U...Ga0!%&................8P+........F.....5...... X.....^o.2Jl......-b..K...1....\.....5......../.....XqE...]}1........(..........'0l.*..'.E..........W........SX].......$.P...F..... ..ck.0.(...q....K..r..=..6......#b...vy|..#..S..I..3.9$.........n. ~.4. (';....(q..lP....`..7N{jtI.........>}.hUNf. ......&;..7.d!q..d#Q.........V...0]n..bY}.......;X...-.=&_..]..6F.........w..p....u...o..........2...........`W.I..e.V5....w(....tRNS..R......{...1.IDATx...A..1.F.M..\...X.`6srEpDWe.`.}.n.!..nu......Wo%..PZ..#_ .b....R.~........f...U.X.H..._.).........` ..l.@^.....?` .E.....-.\.K......F..o...x.}.!.`..r...(..../X..>.e/.. ..x.%...W..i.bz2.3..(j..O!.)....T..E...REf.g...Q..l+.......`u....D.f.. #.L..
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\footer-logos-image[1].png
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\gala[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 1180 x 135, 8-bit colormap, non-interlaced
Category: downloaded
Size (bytes): 9232
Entropy (8bit): 7.877931946988298
Encrypted: false
SSDEEP: 192:MFQVcetlG4CdREVXhu6HMP8QXx5TU/w3h3VY6hW2hOrL+:fHCvEVRu6Hg33U/IHh9T
MD5: C2E54D08FEE6405AF41CB576965F6821
SHA1: 4B356842B777F199F0C8F364B3500277AFC6BFFC
SHA-256: 19C36AE84B5B40B446C66C3C832314E90D84ABC4CCBE49886E012D3DD2FF6734
SHA-512: EC9E95BAE968FC41729A9387D3E0FD63F1088719505DD1B391F9DF15B009C30D371C2121EAF4463DFD5AD2F9157C2982FB0C723A35155EC9DF5BE879C407069A
Malicious: false
Reputation: low
IE Cache URL: https://thediet4slim.world/static/diet/fr/gala/v2/images/gala.png
Preview:.PNG........IHDR.............d.......gAMA......a.....sRGB.........PLTE....#..".............DDD....!.."..^.$..!.......^..."....`.."..........#..#......^...`......^..............,%....#.....81..........#..|x....E>.>7....OI.2+................`ZQON..................................YS....up................lg.............'...~...FD..#....y...........C.....f`..((.........CA...................................DD............y...DD...Qf........_.....[....x....t..?`.......F...R...U..........\`.....D....5X..'......u...[;(..?....$..j..?............{D....c<...x..D3..a...R...'Ta..@....{)..s...K.S....yKC.T.^...D..(2...=DX.D.............V|.....x.eK P.Tx..DD0Ux...dH.......[........h.f(.c..DDzpy.yxV.E....q.{F.h'+.)..^...+f..'.Pjz.......'w.4E^.~..'....<.}...o.~c.!I.b.......L.[...T.....}t...... .IDATx...\[email protected]..." Z....Z/.z.....U.Y.kk.u......n.....w...^3.I Q@.}....Lf&c...<...............................................
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\goodnews-ketopia[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 796 x 395, 8-bit colormap, non-interlaced
Category: downloaded
Size (bytes): 19694
Entropy (8bit): 7.962519159809842
Encrypted: false
SSDEEP: 384:YEFkeL66jhKzOHkXi2oj72XbGxrtatwKV7SlFa0rigTnJy:Ya1m6FKiHO+7bRk5V7SlQ0r9Fy
MD5: C8DF617E119ECFA57202D9CF09528C43
SHA1: B6FFC7AC73EF958513FC4C623F650D73D5D7F1CE
SHA-256: 928BB056C7B913948A89AAE5755C69B03A777EBB93FC3C50622BC4559B9C3411
SHA-512: BD01AFD9F597F9D07CA8D784EC8C770DA7EE7C52484E91921F9767B1E08D7CA4A83116E8AF3B37680F1DC3736CE8061440BDCEA0EF18554616DECF5758502EDD
Malicious: false
Reputation: low
IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/images/goodnews-ketopia.png
Preview:.PNG........IHDR.............z%d....oPLTE...EQWEQWEQWEQWEQWEQWEQWEQWEQWEQWEQWEQWEQWEQWEQWEQWEQWEQWEQWEQWEQWEQWEQWEQWEQWEQWEQWEQWEQWEQWEQWEQWEQWEQWEQWEQW.-;....$tRNS..2..w..fo....C.`..:.PV......,I..%...S..L.IDATx.............................`v.(.U......$4........C<..~...Y?.w..0K..q..q...q.WZ3?.Z...:...3z...I.].....K.Y!.GY^......#\...Q.e,@,.r...G....;|].G.>....Ek.\....0..@dK...`.-G.....Q..z...y..%b'..m....U ....L.!.b.-.v...l..3!GX#..TK.$..6..mB.Q..h9v............2j.(.\.J.V'...Re1...L<.`u9.)9l=...s.]Ip....XP....r4b.DZp9.99.u~..~..D..... . .e1..#....L.Q9.O..C..]Y... . .e1..c...._.r8.r$...<.$..... 3.(.y..!vQ#....rD[yO..*...2....G.._oV.\.gV.......D.V.....L .b.)[email protected]#[email protected]$..."....G.a...,...c=a...c.)......"....G.a?......3#..g......C...DY.#.._.Gbp9..w....A.MD1....|.......;.f..B{...S..SWwg..~.u.|_.C..&f: \r..q..)AS.;r.....t..!.e..,G......r,...,..m...(i{C.E..>f0.Mr.R..a1...~.]../G]..01.Kn.#:.&.
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\icon-loading[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 200 x 200, 8-bit colormap, non-interlaced
Category: downloaded
Size (bytes): 4606
Entropy (8bit): 7.1595828488760525
Encrypted: false
SSDEEP: 96:gQYG5FB13z3f3Bq3/Y31hs7J41TKYG//Li9Yltay:gT+BFF1i1lvTltB
MD5: 054D63D4FA5C35C2C20110835ED7E59A
SHA1: 0963F10C25B6FEFFE2A106A67BA8B95107943FC8
SHA-256: 7FD8C7D595A74C8CC5D5E0F48687D59B4284AB2BA283C9C674C6BC0A914BB104
SHA-512: 75B80614BB391FA2C79ED20E993D0506BEA744B0F11EA23D1C30D9550D5F48994A8C40642D77A19131545CADD0BDA925373943AA3BD4EF08C1F35EFB2B3FDCE7
Malicious: false
Reputation: low
IE Cache URL: https://thecompleteketo.com/static/all/images/icon-loading.png
Copyright Joe Security LLC 2021 Page 23 of 51
Preview:.PNG........IHDR...............^.....tEXtSoftware.Adobe ImageReadyq.e<...hiTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.3-c011 66.145661, 2012/02/06-14:56:27 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:9E0C23221B206811822AA8D2D54FFC58" xmpMM:DocumentID="xmp.did:B389CCEE497311E4969F82F96F5940F3" xmpMM:InstanceID="xmp.iid:B389CCED497311E4969F82F96F5940F3" xmp:CreatorTool="Adobe Photoshop CS6 (Macintosh)"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:F5E8826CEE206811822A8F216CD83C14" stRef:documentID="xmp.did:9E0C23221B206811822AA8D2D54FFC58"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>F.......PLTE......................................
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\icon-loading[1].png
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\index[1].jsProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: Pascal source, UTF-8 Unicode text
Category: downloaded
Size (bytes): 8720
Entropy (8bit): 4.724135414702377
Encrypted: false
SSDEEP: 192:qY9TO9vSRQazj9FrL2zKyYfqy1rU4iRwRRcqt5oVseWJFffMmz:bNxL2AjC4Nj5GWJhfMmz
MD5: 2B878019170EEFB876BE82DC30FE33FE
SHA1: FA2562404F9057494339B5F6B07BF6F49C169477
SHA-256: 6DFC5D53B786B076F1158B97F2F5B52C66ABA1135911CAFF758F4152D594A120
SHA-512: 665AA9F2610E51288E6EDD8F6780A753909F6C28481949B2D246FCC5AB8987899E7D1D25F4B97AD0BCD6B1DE06900F3A479293423D6C408DC47FD85FBD4C7350
Malicious: false
Reputation: low
IE Cache URL: https://thecompleteketo.com/static/all/js/pages/desktop/index.js?hash=1623415244163
Preview:$(document).ready(function () {. window.offer.getState(function (data) {.. var iso_code = window.country || countryList.hasOwnProperty(window.offer.getCountryIsoCode()) ? window.offer.getCountryIsoCode() : Object.keys(countryList)[0];. var user = data.profile.user;. var shipping = data.profile.shipping;. var selectors = window.offer.getSelectors();. var someText = window.offer.getSomeText(window.lang, iso_code);. var phoneIntl = window.intlTelInput || false;. var phoneIntlAllowDropdown = window.phoneIntlAllowDropdown || false;.. function maskPhone() {. if (phoneIntl) {. var countryIsoCode = iti.j ? (iti.j).toUpperCase() : iso_code;.. if (countryIsoCode === 'US' || countryIsoCode === 'CA') {. $(selectors.phone). .mask('000-000-0000'). .attr("minlength", "10"). .attr("maxlength", "12");. } else {. $(selectors.phone). .mask("00000000000000000000"). .attr("minlength",
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\index[2].jsProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: ASCII text
Category: downloaded
Size (bytes): 311
Entropy (8bit): 4.749963343788837
Encrypted: false
SSDEEP: 6:0ULfoKJHoJ7EeDHUlAHtRGXfS/n2eDHNOMbZVEI1:NQzHUlAHHHfF1
MD5: D46F1D77DF906A72D28E9C3AF6254CF6
SHA1: 406B920CAB3A7C7C3246E56DC3E0CAEFCF8160A8
SHA-256: AD65333F6938DCCE9613577493B2602B31B4A62242CEF58002CFA927411A3D51
SHA-512: 81658C1387D41F4977EBEA2564C25DF2AC642E1C54B2832E92B923C0A3FEC74D7C5C30F6A376A617454DA6A51CF3156A50BEA1201C0E8AE07D7C5153A7807DA1
Malicious: false
Reputation: low
IE Cache URL: https://thecompleteketo.com/static/keto_complete/v3/desktop/js/index.js
Preview:$(document).ready(function () {. $(".special"). .delay(1000). .slideDown("slow", function () { });. $(".icon-close").on("click", function () {. $(".special").slideUp("slow", function () { });. });. $(".navbar-toggle").click(function () {. $(".header-main__nav").toggleClass("active");. });..});
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\intlTelInput.min[1].jsProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: UTF-8 Unicode text, with very long lines
Category: downloaded
Size (bytes): 29098
Entropy (8bit): 5.623361902672609
Encrypted: false
SSDEEP: 768:krqD7GzOml+D45YMJR3kWGYUOesxjTKbjvT4N3RR:NfIkWYOeajTKbQ1
MD5: AF98816DC416CE47A73B1C9B36CD6BFD
SHA1: 39C8234FF2A500A642D5B29D18794A4CEEA39930
SHA-256: 51D702570938A018BDB27854F81D657A9851272854831E9FB7B38FF0AF848A48
SHA-512: 00C291E36C095B6BCBFCA6171F2407738776A0DD1CF31E21F26BCADDBFBC9C1B19805844884C7EA1945F724811599EDA8138276F5ECE7C6B73C3A7A7F1FFC0F4
Malicious: false
Reputation: low
IE Cache URL: https://thecompleteketo.com/static/all/intelInput/js/intlTelInput.min.js
Copyright Joe Security LLC 2021 Page 24 of 51
Preview:/*. * International Telephone Input v17.0.0. * https://github.com/jackocnr/intl-tel-input.git. * Licensed under the MIT license. */..!function(a){"object"==typeof module&&module.exports?module.exports=a():window.intlTelInput=a()}(function(a){"use strict";return function(){function b(a,b){if(!(a instanceof b))throw new TypeError("Cannot call a class as a function")}function c(a,b){for(var c=0;c<b.length;c++){var d=b[c];d.enumerable=d.enumerable||!1,d.configurable=!0,"value"in d&&(d.writable=!0),Object.defineProperty(a,d.key,d)}}function d(a,b,d){return b&&c(a.prototype,b),d&&c(a,d),a}for(var e=[["Afghanistan (............)","af","93"],["Albania (Shqip.ri)","al","355"],["Algeria (..........)","dz","213"],["American Samoa","as","1",5,["684"]],["Andorra","ad","376"],["Angola","ao","244"],["Anguilla","ai","1",6,["264"]],["Antigua and Barbuda","ag","1",7,["268"]],["Argentina","ar","54"],["Armenia (........)","am","374"],["Aruba","aw","297"],["Australia","
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\intlTelInput.min[1].js
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\jquery-1.11.3.min[1].jsProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: ASCII text, with very long lines
Category: downloaded
Size (bytes): 95992
Entropy (8bit): 5.391333957965341
Encrypted: false
SSDEEP: 1536:OP10iSi65U/dXXeyhzeBuG+HYE0WEeLDFoNqLTW8+S5VRZIVI6xSb8xh2ZbQnRmm:R+41ZqLTW8xRrqSb8qGH77da98Hr3
MD5: F03E5A3BF534F4A738BC350631FD05BD
SHA1: 37B1DB88B57438F1072A8EBC7559C909C9D3A682
SHA-256: AEC3D419D50F05781A96F223E18289AEB52598B5DB39BE82A7B71DC67D6A7947
SHA-512: 8EEEAEFB86CF5F9D09426814F7B60E1805E644CAC3F5AB382C4D393DD0B7AB272C1909A31A57E6D38D5ACF207555F097A64A6DD62F60A97093E97BB184126D2A
Malicious: false
Reputation: low
IE Cache URL: https://thecompleteketo.com/static/all/js/jquery-1.11.3.min.js
Preview:/*! jQuery v1.11.3 | (c) 2005, 2015 jQuery Foundation, Inc. | jquery.org/license */.!function(a,b){"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.document)throw new Error("jQuery requires a window with a document");return b(a)}:b(a)}("undefined"!=typeof window?window:this,function(a,b){var c=[],d=c.slice,e=c.concat,f=c.push,g=c.indexOf,h={},i=h.toString,j=h.hasOwnProperty,k={},l="1.11.3",m=function(a,b){return new m.fn.init(a,b)},n=/^[\s\uFEFF\xA0]+|[\s\uFEFF\xA0]+$/g,o=/^-ms-/,p=/-([\da-z])/gi,q=function(a,b){return b.toUpperCase()};m.fn=m.prototype={jquery:l,constructor:m,selector:"",length:0,toArray:function(){return d.call(this)},get:function(a){return null!=a?0>a?this[a+this.length]:this[a]:d.call(this)},pushStack:function(a){var b=m.merge(this.constructor(),a);return b.prevObject=this,b.context=this.context,b},each:function(a,b){return m.each(this,a,b)},map:function(a){return this.pushStack(m.map(this,function(b,c){ret
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\jquery.mask.min[1].jsProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: ASCII text, with very long lines
Category: downloaded
Size (bytes): 7987
Entropy (8bit): 5.3674963962269615
Encrypted: false
SSDEEP: 192:Q3KIpiAIexC4JpS0DbintpGPiEvAheKevbtoNOA:Q3hLj3rS0HitpGPQeKeDtMR
MD5: 27D036BFA66CD0AFE9579905FA9936A1
SHA1: C3317B2646F1BFC656A64F72237509BF922C7BB5
SHA-256: 7F81FD50565C42B28D0C131EE55DCE21472CFE3EF3F5572E04F279B9898149D5
SHA-512: 700AAE6AFE3E63A92EB1D52822E41A738E68620A05397A7A1CC4D0DF76DA324AAE98EBBF691EE88830AC9A0FA1B73B72EBD07776BAE666255AFC98C818972583
Malicious: false
Reputation: low
IE Cache URL: https://thecompleteketo.com/static/all/js/jquery.mask.min.js
Preview:// jQuery Mask Plugin v1.14.11.// github.com/igorescobar/jQuery-Mask-Plugin.var $jscomp={scope:{},findInternal:function(a,l,d){a instanceof String&&(a=String(a));for(var p=a.length,h=0;h<p;h++){var b=a[h];if(l.call(d,b,h,a))return{i:h,v:b}}return{i:-1,v:void 0}}};$jscomp.defineProperty="function"==typeof Object.defineProperties?Object.defineProperty:function(a,l,d){if(d.get||d.set)throw new TypeError("ES3 does not support getters and setters.");a!=Array.prototype&&a!=Object.prototype&&(a[l]=d.value)};.$jscomp.getGlobal=function(a){return"undefined"!=typeof window&&window===a?a:"undefined"!=typeof global&&null!=global?global:a};$jscomp.global=$jscomp.getGlobal(this);$jscomp.polyfill=function(a,l,d,p){if(l){d=$jscomp.global;a=a.split(".");for(p=0;p<a.length-1;p++){var h=a[p];h in d||(d[h]={});d=d[h]}a=a[a.length-1];p=d[a];l=l(p);l!=p&&null!=l&&$jscomp.defineProperty(d,a,{configurable:!0,writable:!0,value:l})}};.$jscomp.polyfill("Array.prototype.find",function(a){return a?a:function(a,d){
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\jquery.modal[1].jsProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: HTML document, ASCII text, with very long lines
Category: downloaded
Size (bytes): 6372
Entropy (8bit): 4.904330461103445
Encrypted: false
SSDEEP: 192:jK7IJpLwMH4iEtsj86DZSDD8XGy1Oqq/8Y8lgm6:jAIP5Ha8LDsDDYGy1deB
MD5: DB1F5F55CC78B444D1277133CC57B7C2
SHA1: 2A35B409E797DE61107E250DD742B43F85AC4777
SHA-256: 49E6AC88BFAFA2B4DDE6EA864336F9646AA516BFC8762EAE980BB95E33682441
SHA-512: 09A10762DA7E10B626B413FA0708718F80805650766074626E97869E0CB77B1AA7B65C91073421DB278026F9830368D8CCF76E50544C570CF781F013D9619DBE
Malicious: false
Reputation: low
Copyright Joe Security LLC 2021 Page 25 of 51
IE Cache URL: https://thecompleteketo.com/static/all/js/jquery.modal.js
Preview:/*. A simple jQuery modal (http://github.com/kylefox/jquery-modal). Version 0.9.1.*/.!function (o) {. "object" == typeof module && "object" == typeof module.exports ? o(require("jquery"), window, document) : o(jQuery, window, document).}(function (o, t, i, e) {. var s = [], l = function () {. return s.length ? s[s.length - 1] : null. }, n = function () {. var o, t = !1;. for (o = s.length - 1; o >= 0; o--) s[o].$blocker && (s[o].$blocker.toggleClass("current", !t).toggleClass("behind", t), t = !0). };. o.modal = function (t, i) {. var e, n;. if (this.$body = o("body"), this.options = o.extend({}, o.modal.defaults, i), this.options.doFade = !isNaN(parseInt(this.options.fadeDuration, 10)), this.$blocker = null, this.options.closeExisting) for (; o.modal.isActive();) o.modal.close();. if (s.push(this), t.is("a")) if (n = t.attr("href"), this.anchor = t, /^#/.test(n)) {. if (this.$elm = o(n), 1 !== this.$elm.length)
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\jquery.modal[1].js
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\jquery.validate[1].jsProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: ASCII text, with very long lines, with no line terminators
Category: downloaded
Size (bytes): 20913
Entropy (8bit): 5.2568962677086875
Encrypted: false
SSDEEP: 384:4OXyp7Lm+dmr9qhk0XuExz9Bcd1Jny+0xC7WpdOC8PGDm9KLNKI9ci9sk:afXdmr990ekpqJny+UO798NBc8Z
MD5: DFBB7D0FA4E8E236291A04276C684406
SHA1: FF0842CACA8373A6F00B4500BB3B30FD1A4729DB
SHA-256: CD57D694BB7393F778B60A7F4EA3C7D9A7332D5EEE42C9E3196A707F28F0E740
SHA-512: D13D734586AC2EC9803B9AB6C9FF0CF86CA1C5AC839E3F9B432057D76B4D385308455F76EFEC1AFF69C6FB217E899FDCE150D5A5BEA5279E6BAC15950AB76B77
Malicious: false
Reputation: low
IE Cache URL: https://thecompleteketo.com/static/all/js/jquery.validate.js
Preview:(function(t){t.extend(t.fn,{validate:function(e){if(!this.length)return e&&e.debug&&window.console&&console.warn("Nothing selected, can't validate, returning nothing."),void 0;var i=t.data(this[0],"validator");return i?i:(this.attr("novalidate","novalidate"),i=new t.validator(e,this[0]),t.data(this[0],"validator",i),i.settings.onsubmit&&(this.validateDelegate(":submit","click",function(e){i.settings.submitHandler&&(i.submitButton=e.target),t(e.target).hasClass("cancel")&&(i.cancelSubmit=!0),void 0!==t(e.target).attr("formnovalidate")&&(i.cancelSubmit=!0)}),this.submit(function(e){function s(){var s;return i.settings.submitHandler?(i.submitButton&&(s=t("<input type='hidden'/>").attr("name",i.submitButton.name).val(t(i.submitButton).val()).appendTo(i.currentForm)),i.settings.submitHandler.call(i,i.currentForm,e),i.submitButton&&s.remove(),!1):!0}return i.settings.debug&&e.preventDefault(),i.cancelSubmit?(i.cancelSubmit=!1,s()):i.form()?i.pendingRequest?(i.formSubmitted=!0,!1):s():(i.focu
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\keto-bottle[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 560 x 1000, 8-bit colormap, non-interlaced
Category: downloaded
Size (bytes): 119362
Entropy (8bit): 7.959101624719401
Encrypted: false
SSDEEP: 3072:5iFsqHPUGKx5ney06iLr5kLfAqn2ACOa5dYwJOJV+Lf:5SsYPUj5ne+inOL1TCOmdFme
MD5: 7194FDE50613B5D522950F2125B414C4
SHA1: 4A986FB56A38ABF130A0D9F78BCDBC8A6B83F5EF
SHA-256: 6852776D4AEFA58BF473FB63FE92FF10C83503484C0AC977824C8C9FEB1F683B
SHA-512: 0490622288B4F336EFB405645F13CD165A037894337E4DE8710EAC371A373A8FF822CFCAC2778649BE0DC380CE4DB3D6732BF7965497A2C55DB24A60D9B59633
Malicious: false
Reputation: low
IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/images/keto-bottle.png
Preview:.PNG........IHDR...0..........54.....PLTE.................................cMJhhh%$$6..`OM...633?==HGGfPM:880..MLL8..D$....^MJXWW+**2..DBBB(%\[[*..bSQ7..=#.1..j..RON;..fYXSSSj^]ccc>.,@ ....h..=#.fUS[OM:)(j}.aVUa_^.....kSP...h....]SRlPL.......nno...o{.l..mXUXLJl..pdb...D'................N) .......lw.......D20...G.+K+....j..XRQE76...l..3%"q][...qSL...5...............b,.m......Q/......G!.....hs.#......W).r......N&.....s.yxx...XFDq....o.........wVK...u..r}.l.p..m0....A..Y3....v...........l..WH........h2....d...d..e....n>..Q.).....O61...{F.c9.dm.w<.X2!c ....B...O..\....s..\I.s..G._..[,.P?<..}..S..|]V...fH.|..cUx..aI.....}..Z......t...lG...V#....zB$........ls.......rE.6C..?...fB5...x&....|........<.DDYq:EWe..`......2Og....{..3.;.|<G.OWx..]4....4..o_...{.o....IDATx..Mr.6......v8.O................DM.D.,.1...(.}...[o...[o...[o...[o...[o.....2{,......"...^\...U.+AAD.B.LU7.bbc...IT..X.+.b.o.~E.^[email protected],..P...T}x...
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\keto-logo-lg[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 982 x 366, 8-bit colormap, non-interlaced
Category: downloaded
Size (bytes): 31913
Entropy (8bit): 7.931664971893634
Encrypted: false
SSDEEP: 768:nriK7Oh6jxK38pdlgSez8Pa5cSy8MblZiRDHr:nOKKh6jxK38DgSegPOMblZi1Hr
MD5: B1A07ED7CCC199CD67CFA5523A1FB5A7
SHA1: 8308FDFB91ABCC4BB6DEB3B42D47DD5338C198EE
SHA-256: 3FDB8F6F8099E8164D7E8AC9614D7BE2CD01C4286457788A17DF2587C43C05CE
SHA-512: 57D07D8D919DDA2E3B1A5383F4E8198D6642351FA8C08D7F90589941C10947FEBB2213E901B3993A747F32F8717B49FC600424C8BFD73F9A0E691B766AB82905
Malicious: false
Reputation: low
Copyright Joe Security LLC 2021 Page 26 of 51
IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/images/keto-logo-lg.png
Preview:.PNG........IHDR.......n.....S1p.....PLTE......333222,,,...&&&333333(((+++333333...222333222333...././//..............8...........lll`.d...;[email protected]......:.Dwvv...srs...```...:.CUUU;.C......|{{;.D:.D...PPP......333......;.D.................................7........^NL......eOL1.....@#._RQcWVZYYbLIUSS9877 .$$$fff...<..i\[ROO.....mRLdSQF#.*)*k..../.....`__=;;g....kkklVS@(&YLJ).......k..LKK...l..@??I*.HGF>#.?.-................kx.k..p{...E53.....DCCQ) .........r..\-.ocbG,)T0.8*(zVJ......r]Z...>.....\................f....u....c4.S).m../" .G....t....3..k<.J.....eo....k+..q.b.....u;..w..l....N<5....gH.]I]..$.......qqq....xwwTB>k.....O..cU...........~}}...BQhw..a;).oE8GX......R...._|.../;Hm|....8.@.....=4Q6o...!...>.GUg.6l:..$.u*c\-7.>8.=....qk..d.`.....>tRNS...5...'@.o.....`P^. .c..cZD..*..:....`H.w...k...|......*[email protected]..!(.t.H.$.X. ..B.....s..A..U?R.".iQ.E....8..N?<.1..?..........}......O.K..."F..X...>~.}(
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\keto-logo-lg[1].png
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\ketosis-footer-cta[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 1360 x 1542, 8-bit colormap, non-interlaced
Category: downloaded
Size (bytes): 162399
Entropy (8bit): 7.949578954365861
Encrypted: false
SSDEEP: 3072:7Kp19d+NCKboIIhVSP1sV4vm5Hd1AYcCOHHZQ/SL4WflJ6JedmGAjE:6d+N3UR+a4vm5HXsHHZJNfCUAg
MD5: CFBF248CB80AB8C3F745388126BCD5A6
SHA1: 23C9498E393A1CF9E18A6D884B57EDE00FA344EB
SHA-256: C6BFAE24E18FBB1EB6B18A4BA5DDCF8DC9EC78397A79A7C4895CB88A344AD6C6
SHA-512: EEFF815441CA56383ECC3DB1097B8E0909D4AB5E41DA30EC172000FC01D0B55CBD0CBBC5B2AC7853A7CB136723C0788E76B3AA7DEB83A527A19993F82B55CAB6
Malicious: false
Reputation: low
IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/images/ketosis-footer-cta.png
Preview:.PNG........IHDR...P.........q.p.....PLTE........!...............=PW;J[=PW?OV=PW=PV=PW?NV=PV>PV;LWBPV+<.=PW?OU=OWAPV=NU=PW>NS<NT*:.(8.$2s'7....&5z'7..$R..................USW......*:.)9...=!-i.$TVSWURV.........................................?.lnn......sst.@....>>>.......@..@.///.@..@.,=....=PW.....................666..........p....9...........z....3..B".URTePM^NLiik...'%%...eef`SQ/--9!.YXXcLIONN..._^^=+*........dXWJHHD($...l][l|...;99...DCCF20...kVS@>>...YLJ......*.....oRLk.........ppr......i..~~.......................vvxT+ ...I).s............n..j...............]:pcb...g2 ....V0.~XJT$......x..G..t~...8....kgr.%.........r.g6....w<.S?<f#...s..aH.K.b..._..V..bV.i..j........z....kF...}..{F!.....o.....9.....".....r}...U....Ug..sX..:..uC..t]~.GXm..B7.?..HD.L..&.S...5n9h..1`.....QtRNS...(..2<...p..5..+S.{A..[.eJ.Z..q.:R.2]E..y.GJ.i..i`...{K......~.......G..c)...v.IDATx...1n.Q.EQ...)U.h..b.a/..b.`..<g.W...................;.n....;..m.[...{.~.....n...@G
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\ketosis-ketopia-proof-title[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 529 x 104, 8-bit colormap, non-interlaced
Category: downloaded
Size (bytes): 5996
Entropy (8bit): 7.952521969258312
Encrypted: false
SSDEEP: 96:lMcM5VdYMF4wLUpxHdssAhGUbfBzOwwnrTeoTk7KNLot551y48fBK7C+8ia5we4:Kbn34l71Uwv/uMEtAM7yif
MD5: C7CD4C340C5BF34742E67D2E767BC2EE
SHA1: ACB51C02AEE3DAC227CD9AB932E0D23B9571CDB7
SHA-256: FA22B68BAFA25604217D36DE658E300BCB2A9BA24856D2308B07945D1A04A9B3
SHA-512: 7B81825A2EB5FFC26EA2C19C23ADB6BB9A83F6EDB9BFF7FD4C113133CCB8838F6983A33A582D7C934A145763A71E48FEBDCB4E6525BA9C2C7CA7964A139914D8
Malicious: false
Reputation: low
IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/images/ketosis-ketopia-proof-title.png
Preview:.PNG........IHDR.......h.....x.R.... PLTE...........................................................................................................................................................................................................................................................................H.f...._tRNS..... dU..D:?&N,#I4Q....)6.0X....[..p.t.......|.h.....j`....z...^..n.....xeS.oND....r..Q.Y....IDATx..\iW.H..hF0....6...17.......`.6......b..c..._>.>.M.Rk.....\...2d...+.0(a....C..<..0..%.......k..Lr....C.tT.jx.'....ZV......>O.Z......L8.;.6...j....,S......e#.0Q....H......Zo.U/..!..!.n..........3...dba.(.J...E].../...&[email protected] jWr.)"........d...T..-....B.1.. ...{....d...ul.. .3N!b.:.Q.m...=....$.r..D.H...5_%#.E......I...-..^.p..#.F~..wurR..$....A.w....^.%c7!......I.}.f"4..\.q.5+.d&.$....r.$"..%..d~2&.Z$.....%.h..8..='.^L.H&..[[email protected].....:..2....!......hf....:...+.,h.....Y1-y..Q..
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\kt-comp-figaro2[1].htm
Process: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: HTML document, UTF-8 Unicode text, with very long lines
Category: downloaded
Size (bytes): 72155
Entropy (8bit): 4.516958888583628
Encrypted: false
SSDEEP: 768:h/H4vUVT4nrUX9bW6Ac1dJ+uIZ07+f7OwjoLeDhpC2ztQnXDUzBIHJNe:h/H4vZrcbWHEXJIZ7VMLe9Q2CDksJI
MD5: 60DD7A071D248908B165CDCB1EDE1070
SHA1: 1A71612293A66B00D6FA99EE91CB3F642DFB1591
SHA-256: 826D34947E076DE761598889223A1466181D239EDF46EB73B1607A1BC0AE5285
SHA-512: A76E0BDE8DE6590AA53E3FA46AD5A9C133B09AD1FCBEC20EADCB18DF489C51296E1AD386808AC8F8BBF8FA4D7DA00EE9F1F008BFC4840A52CD2CFAA7E4683D43
Malicious: true
Copyright Joe Security LLC 2021 Page 27 of 51
Yara Hits: Rule: JoeSecurity_GRQScam, Description: Yara detected GRQ Scam, Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\kt-comp-figaro2[1].htm, Author: Joe Security
Reputation: low
IE Cache URL: https://thediet4slim.world/fr/scyo/kt-comp-figaro2?bhu=bHJfQkppmMPUtVV8YqSWiW3dFwqoDsA2Gf
Preview:<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN""http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">.<html xmlns="http://www.w3.org/1999/xhtml">... Added by HTTrack -->.<meta http-equiv="content-type" content="text/html;charset=UTF-8" /> /Added by HTTrack -->..<head>. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">. <title>Gala : La meilleure astuce de Fauve pour la suivie d.un r.gime</title>. <meta http-equiv="Content-Script-Type" content="text/javascript; charset=utf-8">. <meta http-equiv="Pragma" content="no-cache">. <meta http-equiv="CONTENT-LANGUAGE" content="en-CAN">. <meta name="ROBOTS" content="NOINDEX, NOFOLLOW">. <meta name="viewport" content="width=device-width, initial-scale=1.0">. <link rel="stylesheet" href="/static/diet/fr/gala/v2/css/index.css">. <link href="/static/diet/fr/gala/v2/css/ouibounce.min.css" rel="stylesheet">. <link rel="icon" type="image/ico" href="/static/diet/fr/gala/v2/images/favicon.ico">. <
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\kt-comp-figaro2[1].htm
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\main-grabber-desktop[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 1408 x 1648, 8-bit colormap, non-interlaced
Category: downloaded
Size (bytes): 220897
Entropy (8bit): 7.953782529725965
Encrypted: false
SSDEEP: 6144:3w64H3Zs0Ybr83/B7MEXD9bZX/AWwEDpF:3XLg669bZX/VFDz
MD5: 50C322847AF0F09A8660197CEE002E7C
SHA1: 61617A8E2CDC78BFF05076A54F1D0E103B707633
SHA-256: 9F37073E9E762352C83F846CE33333F08AC06178931DC6AF474E4EC095FEBF55
SHA-512: 9C739C4F529CFF3F230B2FEB05F470D3889BD69F66DDB6715B8DFA0A9E1567B75CD53A1DEBC061C9D717CDCEB561155DC5B36C4129538B2A24403F7644B25671
Malicious: false
Reputation: low
IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/images/main-grabber-desktop.png
Preview:.PNG........IHDR.......p.............PLTE...$,1%598S\...EL\8T\...9T\...8U\7S\8T[......8U\9U\8U\9U\...+<.........................'6}*;.......&5z...............wMr'8.$2s.......,e......(8...................x?m.....-.......5......ht}...bw}....................t...x.....y..j..l.....y..{.}||...,=.....\.....h.....t.............:76...^\\...U.0.........l.|jii%$$...cNK...3..8..C#..-.: ....LJJ^QOxww\LJ...RPO...WVVA,)><<DDDdSQ............*......dXWlQM....A#.8)'i..bbb.....C....k..i]\...r.TH51j....K)......kVSV+ ..q....i..l..lx.........L ....r}.V1.e1...k...7......ocb..............=......q......uUL...r\Y.q.`$..}..S..z..a.....m.p....L.y..=T{C..DKq>.SA=b...YH...m3.}...W).p....eo..g..N;.&l......[..1b.M...qqr.aH.f....cy....bURb..iG.y..[...X...y..|..hF...r..;lu..tE<.D..GXm....kJQ.xqW.u..f...RtRNS......) 43.OA*<.\tiq.Q...D.".v.y.3....&.\..=.g.m.....>ES.^j.Z.v}....&.M..m.....2..[DIDATx......... kX...Ek..............................................................=')...3Hr.
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\main-grabber-mobile[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 1320 x 1466, 8-bit colormap, non-interlaced
Category: downloaded
Size (bytes): 183467
Entropy (8bit): 7.95820493542356
Encrypted: false
SSDEEP: 3072:yUs0290nUgrtIj/rl+A7obMOh9OpWKL94/7UbaA5EvpoHUiDfcK:fssUwi96MVpr94/wB/H9
MD5: 97F81F02CBAB7B35C7BE9044DB7A0EA1
SHA1: 0AF33767CECEBC7CB7E6E44A2BFA298775B32B87
SHA-256: 5A955F5BB6C81E5AF562B4B91B1EF38F0D0FD6475A1186A1CCAAE92688342BCD
SHA-512: EC114A483EFF8ADE3B89CC802BDFC8FD68CC43FC78618CCF0ACA6627ACD8349801584E42C525986FC3DC08C990374D6BC5BF1D8C41C33F66EB702B920DE8AE51
Malicious: false
Reputation: low
IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/images/main-grabber-mobile.png
Preview:.PNG........IHDR...(...........|.....PLTE...-3;%28GN`......=T]7R\......7T[...8SZ...9T\8U[9U\+;.........................'6}(8..........'7~..........-:.........*8@#.H......%2u........................*;..9r..................*:.......'6}...'7.j{...........!.j.......Aq.........w.....o]m......III...CCCvww||}...,=..........;87.........^]]T.0.................kjj.......t.wvv2..cMJ...&&&......_QPJIIB"..--9!.XWW^MK...?==fQNlRN544TQQ7..<!.A(%h....DCCfXW......OMMbUTk~.eees.U).....<,*...9...........E1/YLK....k....q|.i^]......k..I)......H%................q.....pZWpbait.S* j..2$".o.r......E..U0.wUK.........o..f....".._,.S%....b.....5......|..L96......[I....\....tA....|[email protected]>..?.L...DS....bV..o....pE.....x..v....To...:..N_......<IYUf.q...XtRNS....... !4**R=4H>.ysj...#Hu...Q....j...`;3.\.[.....+..|[.9AGG.WdDj..%uFW~.,.z.......j.....IDATx...1..0..0L.......Y.w+...........................................................
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\nongmo[1].jpgProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 102x102, frames 3
Category: downloaded
Size (bytes): 3032
Entropy (8bit): 7.791641634473387
Encrypted: false
SSDEEP: 48:2RTcRTaNR+OyueW7iU1CHSO4B2ZzhchLiZWGDRRkhgoGO2sirhpp7qUBJX:qEaeue8iUbwcViYUjpoGO2siD4UV
MD5: 26B590DFDACE3E1B4215A66EF354DE26
SHA1: 6F9BCBE84BD332F532F3961A57ECE2AAB1401600
SHA-256: 85F9732D744DECA9931EE17B2ED3BC3501C19A84BCF67699DE9C6DC2358A7B0F
Copyright Joe Security LLC 2021 Page 28 of 51
SHA-512: A791569C822E9E8F99C3BA65394CD2E87600DA71292B6BCBA87A5B20F58448C8901CDC687FB15DCF211D54F26D5CB71E6909DAEADBE96DCDD527A37F4F4D1FB8
Malicious: false
Reputation: low
IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/images/nongmo.jpg
Preview:......JFIF...........................................+......+&.%#%.&D5//5DNB>BN_UU_wqw................................+......+&.%#%.&D5//5DNB>BN_UU_wqw.........f.f..".................................................-U.i.EKI.......C.-.AHp@.H=..[m.p[4Z..M-.u$.K.~.f.v.lh=.....y.^..U.1..ctB..m{..#.T.O<.....e.K.....,0..t.....{<.HT.eL.>I$.=eY.'.....................................L.3.......a'.v.s...D.S..o......................................".T.S....Q.E.DY.".s..o...*............................! ."#A2.$13a...........k.1R....g.....i..|.F.w n......Q=.,&......I..kf4H....M_..j|.x..W... ....1..q.3..X.+.;yY.y..p..*~.#;.4N....)j.x.n..fuI..s..j$.t.Y@.?l....I.....{..1.....2]}..j.U.^s{.."J....Z!.u...w...c84......K.6..b.+.O.p..((.m.r.,N.Q.|.}.F..OR......q..B..%..^u...MS.&w...Wb.N....-...Y4..<.4v..\.....XNT(.;V.t...a......6...|L..h"k....@....%f.F.SG..Z.X.S5.#2.......<......r..UE.^V.G#....KV.&..m\........|...Po...`p..J...}1sN<.V..dU.O...E..;.*/WDd....i..{t...jW^.?....m.E
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\nongmo[1].jpg
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\polyfill.min[1].jsProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: data
Category: downloaded
Size (bytes): 92127
Entropy (8bit): 5.300849513981647
Encrypted: false
SSDEEP: 768:g6e/lTSJfldGfPGqFe1GM/sQz2hoBVDu9s+0oL6vWlOtwdcslPkU7bngLYOYmc3S:eildpqFe1GeskQs+epPJET3RdoSxcxv
MD5: E8F945F27EEB4BF5060A8EE04DB24C3A
SHA1: 4BC6171E1CAB7797FEE43B2964AA03AB478F79B5
SHA-256: 58D0C8F849FB14BA189963158DA26CC23B43A97910C829D9EAAAAEF1659B5974
SHA-512: 2265B81970AC5811E1872657EE2040CB638CB8294121415AF6AFE796022922CD0AD6D78A2ACA64700DAFAA167DBFCED5FA1EF5459EFF8B5E0F58A13434407C3D
Malicious: false
Reputation: low
IE Cache URL: https://polyfill.io/v3/polyfill.min.js?features=default%2Ces2015%2ClocalStorage
Preview:/* Disable minification (remove `.min` from URL path) for more info */..(function(self, undefined) {var _DOMTokenList=function(){var n=!0,t=function(t,e,r,o){Object.defineProperty?Object.defineProperty(t,e,{configurable:!1===n||!!o,get:r}):t.__defineGetter__(e,r)};try{t({},"support")}catch(e){n=!1}return function(n,e){var r=this,o=[],i={},a=0,c=0,f=function(n){t(r,n,function(){return u(),o[n]},!1)},l=function(){if(a>=c)for(;c<a;++c)f(c)},u=function(){var t,r,c=arguments,f=/\s+/;if(c.length)for(r=0;r<c.length;++r)if(f.test(c[r]))throw t=new SyntaxError('String "'+c[r]+'" contains an invalid character'),t.code=5,t.name="InvalidCharacterError",t;for(o="object"==typeof n[e]?(""+n[e].baseVal).replace(/^\s+|\s+$/g,"").split(f):(""+n[e]).replace(/^\s+|\s+$/g,"").split(f),""===o[0]&&(o=[]),i={},r=0;r<o.length;++r)i[o[r]]=!0;a=o.length,l()};return u(),t(r,"length",function(){return u(),a}),r.toLocaleString=r.toString=function(){return u(),o.join(" ")},r.item=function(n){return u(),o[n]},r.conta
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\pre-loading[1].gifProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: GIF image data, version 89a, 204 x 204
Category: downloaded
Size (bytes): 46935
Entropy (8bit): 7.958343663420937
Encrypted: false
SSDEEP: 768:r4QQZP9DKPUMOSsw6c1iqoRb6n0CH5zspbTYQ2BQar63f6B01yFURBvGLF+wmDPa:r4fnDuqSsncV0bdCHVspbTYQ2BFr63f+
MD5: 437264BB3667972850B0A3C918E71F06
SHA1: E89931F4254FFC2D9802CA8FC2CF846A3E031209
SHA-256: E9284B495A7DF0BC098FB2FDA8CE5BCA68FE946783EB443228BDF7F3C7BCF3BF
SHA-512: F2F47321B5B04DE32BCA683BEFD868E20BB94ECDBB38E15C17FC9F18F0856AD2450D2AE7728BD6A166B134F18A5123580071CD75C7C47CFE1006FBE8A99E056A
Malicious: false
Reputation: low
IE Cache URL: https://thecompleteketo.com/static/all/images/pre-loading.gif
Preview:GIF89a.......................................................!..NETSCAPE2.0.....!.......!..Optimized using ezgif.com.,.............I..8...`(.di.h..l.p,.tm.x..|....pH,...r.l:..tJ.Z..v..z..x<>..h.b....pvz.Z....}....q|......i....p.en...`~...\.....[m...Yl...V....S....P....O........J....K..."f.2...u......+...f....m.'.........................+.a].......0R.s..`....9..2T..P.k..C...Q..].%V...!..0..L........ir&MG+q....%.>.&.:Th.P.LT..iS.].F..4..-.n.:..W.".h......hs.eK..W.q...[..[.y]bY.gYt.....0O{../.:..c...O...rI...n...3R.0..|.t[o.1.^}......y|H.s..C.|vFZo......x...e......A.?..<..qs.K...:(.n.........c...X.E..~z..z.:....a...0..'FyQ1._`..4.....GsGE....l..-7...Zk$wU9..|r.X......4.h.8.H..2..[..(...'. .i$...dlL&..PF...O..."Mb.e3[n..3G(.e..).e.Ie/j.)'..Y.+q.9.zv..J.z..]._~.h..2Gh......Za..8.(..J:...v...Jr...j$....h...j..".j.wV....Q...9............R.....,....g......z.i...l...(-..J..[6..V.)i..../.....B.{o.%.....,....l...'......g..../..zh1,..P.....,.s
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\rrmhfcjs[1].htmlProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: ASCII text, with CRLF line terminators
Category: dropped
Size (bytes): 5
Entropy (8bit): 1.5219280948873621
Encrypted: false
SSDEEP: 3:hn:h
MD5: FDA44910DEB1A460BE4AC5D56D61D837
SHA1: F6D0C643351580307B2EAA6A7560E76965496BC7
SHA-256: 933B971C6388D594A23FA1559825DB5BEC8ADE2DB1240AA8FC9D0C684949E8C9
Copyright Joe Security LLC 2021 Page 29 of 51
SHA-512: 57DDA9AA7C29F960CD7948A4E4567844D3289FA729E9E388E7F4EDCBDF16BF6A94536598B4F9FF8942849F1F96BD3C00BC24A75E748A36FBF2A145F63BF904C1
Malicious: false
Reputation: low
Preview:0....
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\rrmhfcjs[1].html
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\scripts[1].jsProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: UTF-8 Unicode text
Category: downloaded
Size (bytes): 12024
Entropy (8bit): 4.902860990661882
Encrypted: false
SSDEEP: 192:qHLuc0ntcBUIe9F8PMoshJycBUIe9F8PMosfhpEZUwe9FUPUAE5+LqUJUge9FkPR:LIUP2MrfUP2MrCUXeUT5+XUnukDVKBEU
MD5: 3C87011B2BB544574AA401D2E426E4DB
SHA1: 3EDEF0CF80316123F25F3579BE018AEEFE2BB23A
SHA-256: 80B4F33FFFA894D7F7B9E8981874F2E87C1F941A0AC5D8406EBB65702B048366
SHA-512: 4442E92D76038A0A916A56C548C872A2BD9E65ABCD11A02D92AC45ED2941BD3A06A6E2A4B29139C83264F1A43F2B26450C74262F18B4434B994093BB7B213A33
Malicious: false
Reputation: low
IE Cache URL: https://thecompleteketo.com/static/all/js/scripts.js?hash=1623415244163
Preview: // cvv image. jQuery(function ($) {. $(".cvv-link").click(function () {. $(this).siblings(".cvv-image").slideToggle();. });. });.. // cvv image. jQuery(function ($) {. $(".cvv-link").click(function () {. $(this).parent().siblings(".cvv-image").slideToggle();. });. });. jQuery(function ($) {. $(".cvv-link").click(function () {. $(this).parent().parent().siblings(".cvv-image").slideToggle();. });. });.. // anchor. jQuery(function ($) {. $('a[href^="#"]').click(function () {. var target = $(this).attr("href");. if (target) {. $("html, body").animate({ scrollTop: $(target).offset().top }, 1000);. }. return false;. });. });. // end anchor.. // fades. $(function () {. /*-------------------animation----------------------*/. $("#fades p").hide();. function fades($div, cb) {. $div.fadeIn(2000, function () {. $div.fadeOut(2000, function () {. var $next = $div.next();. if ($next
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\seals-top[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 330 x 108, 8-bit colormap, non-interlaced
Category: downloaded
Size (bytes): 14520
Entropy (8bit): 7.979464995058973
Encrypted: false
SSDEEP: 384:LOXp/XmoUjjKggAuO4KQmBqB7fF+bdZFG:LmEoU39XuONNBqpfgFG
MD5: A1B716E121F00E70F00F1A894A14582B
SHA1: 9AE0FB8C5E3B59D45B89202A46556AF62E0A0CB1
SHA-256: 650F073FA2CE189E02B32DBB2331F2D9E456C9E057F2C8D462B600492C5FDC4D
SHA-512: 5435E31EB50D916EA7A4352DBBA090C112F9ADF777BD59EB2E4215F86520EC86BCF53FB4DA6555AFED2BDD27C1B3EC86C566E9FCF95FB5CA4EB995A73A563A16
Malicious: false
Reputation: low
IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/images/seals-top.png
Preview:.PNG........IHDR...J...l.....;u......PLTE...................w.`..o.X................m....{~.h....u............B....B.s}.j......7.VD.......I.k`.MC.xB....s..e.fd....=....!.x\..K..?....y..e.gE.y......+.......SN...g.3-.@9..z..l.Q.............i....y..O..........a...........z..Y..W.......u.../..B....z..L...7.........D...%...j....!..1...v..Ka.D...5.....o...*.......5.$........&....x._..Q......s........|d.......:.+.R...:.`..........(..n.{1..o..a.....$...c..I...6&.e#...g07..........L.>....../i0 [email protected](.K..:-.s...j..=..$.]!`......mZ...........m..7.......\..U..B%........iQ1~....xQ6....78.1.q1..!<..}.....~.R.....8.....VP....v.?.G9...|..Z...;..O..x..7Ox.P.A.Y...q.j..Vi..>]...i.z.....Q.G........o.nZSG..<.3.|......FtRNS...G* P.<.\08.\..q.....B].........H....b.=.xY.G..........n.....`.......5KIDATx...Mk.A......n.M.%..F...T..z...4.!Ie...`)........xi/....k..!.'! ^.|..B.~...../...?%..m..x..i..............B&.ym.|>).g..k..i........%
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\secureicons[1].jpgProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 354x51, frames 3
Category: downloaded
Size (bytes): 3895
Entropy (8bit): 7.81354639369924
Encrypted: false
SSDEEP: 96:qEaYZkoHzCQaMNwOSQ6dBX9gI2BncRcRa0U0emh4C/v+4D0RO:qErkcsMNt5JBnfRBBORO
MD5: 46CEBC75FA484C520D05784A32C4E280
SHA1: 309C3450908FA1D3313B3A78ED54CB44DB149F5D
SHA-256: 5D7463B04E3FCC4D6343A5AEFAECF2AA920E12D94BF45D62ECB526EFCA3A4DB3
SHA-512: 4E7D4B904F29DA8A0B5E462B298A7AF7AED537E752B5A712BA5FB92F53BC3EB7DC4DFB525C2852C8810AB45A5193CAECB93C3A5C3A9FD8A07D79A4863A054753
Malicious: false
Reputation: low
IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/images/secureicons.jpg
Copyright Joe Security LLC 2021 Page 30 of 51
Preview:......JFIF...........................................+......+&.%#%.&D5//5DNB>BN_UU_wqw................................+......+&.%#%.&D5//5DNB>BN_UU_wqw.........3.b..".....................................................D..7`..f\.=.&.5Q.....wQ.V........=.`c.b.@..].gK.v.e..[k..E.[o0..'............VW...%..:..b...'...i.d.vK.Yq...A..6..dSRr..O3..M...i.........|.{./y.'.<[email protected]@................................................Uoa..h..].9y.:C.$..s.<y...Q=........................................,AA%...W7^.....v....g$.a.Z.(......................................! "0EU$PQT5AD............M...I..,.B.YZ.._.u`...._.M.6.Q.....\:[email protected].....[......]...B.%.V%.."A)2E...HBQ.`....\H.<.....Td..3........a.g.iE...+...5...Y.(..n..;..l)%.dW..,.S7.e.!.....E.#J.M:5.w.:...].J.{@..".~R}'9.k....{l.....L...(...u..Ia[Rq&....-`..e.....[]....m.h..>.&q..WM.d......%4..si.5.X...l..Xk+..7V.l+j....Rtb...\h..9..d..Ds)l.. .[.e.>...d....$Aq.I.7.Z.w...r.*&..(!X.q,.......P.
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\secureicons[1].jpg
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\style[1].cssProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: ASCII text, with very long lines, with no line terminators
Category: downloaded
Size (bytes): 31330
Entropy (8bit): 5.099826865752036
Encrypted: false
SSDEEP: 384:qphgWqCx5SvdrVALYto5ScEg5W9yJUXxCLix3pFugYb0Mj5oDmYuaRqAxURaEv:qgvxAlEoWtoLL7Q+5oDmYuaRquURaO
MD5: 073991391762187136CF32379F1B9AA7
SHA1: 174ADA28BB329B39E075B780D7C90C29FDD5BF2F
SHA-256: 68AA7E8D0EF10859D1ED436B1DB8BE1600E6546FE085E6E71F34984831837C09
SHA-512: 1D012F07FA2F9A0D8376EB87EB1E012E3FEF1DAD20271FC9DCE1D6D85B098ED497719EE4B84BD14D8A34167A592E4759E52899335D67ADEF6FC47253387830F1
Malicious: false
Reputation: low
IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/css/style.css
Preview:body{margin:0}main{display:block}h1{font-size:2em;margin:.67em 0}hr{box-sizing:content-box;height:0;overflow:visible}pre{font-family:monospace,monospace;font-size:1em}a{background-color:transparent}abbr[title]{border-bottom:none;text-decoration:underline;text-decoration:underline dotted}b,strong{font-weight:bolder}code,kbd,samp{font-family:monospace,monospace;font-size:1em}.product img{max-width:100%}small{font-size:80%}sub,sup{font-size:75%;line-height:0;position:relative;vertical-align:baseline}sub{bottom:-.25em}sup{top:-.5em}img{border-style:none}button,input,optgroup,select,textarea{font-family:inherit;font-size:100%;line-height:1.15;margin:0}button,input{overflow:visible}button,select{text-transform:none}[type=button],[type=reset],[type=submit],button{-webkit-appearance:button}[type=button]::-moz-focus-inner,[type=reset]::-moz-focus-inner,[type=submit]::-moz-focus-inner,button::-moz-focus-inner{border-style:none;padding:0}[type=button]:-moz-focusring,[type=reset]:-moz-focusring,[t
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\t-b1[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 186 x 248, 8-bit colormap, non-interlaced
Category: downloaded
Size (bytes): 13027
Entropy (8bit): 7.9643007251178135
Encrypted: false
SSDEEP: 384:IK5q8enBoIM0hKlOlmtxTZluZBgBNeMwq:I/FB7KGAFZluZmN3x
MD5: C7E9CDE1B023229E1394B65E55EE2D3F
SHA1: 2555694B13CFA9D62DF78F3102ADBAEE77CF5778
SHA-256: 87512FFBB262689B9D4B5A400722D262DAD0776AFCFFA8CF5FAD9AD0170F33C5
SHA-512: 3D8E1CB96A627905AD52CD81EA5D95806BC4D7F7BE29ACE54868FCF95A1F8600AE1FE7AF5021AC0BB13800D4756A45B774E594EACB2A6AE0C94F67178CDDA986
Malicious: false
Reputation: low
IE Cache URL: https://thecompleteketo.com/static/keto_complete/v3/desktop/images/t-b1.png
Preview:.PNG........IHDR.............l@......PLTE.............................................kjj......KKK......###...>>>...ccc...jihzyy............>>>...xxwzzz.................................7........cMJ......^MK...0..l|...`QNfPM$$$:!.E#.A%!5..cTR?==<!.fYXRPO...? .YYY...(.....*)*FEEkkkffg///...jUR;88...UTT...mQLi^].....B@@?)'...Q..NLL...g....JIIF(....m......Q*....622.....\RQ]]^YNL.....aaaE31...`WV.....pcb>.-kv.ZIGF,(......4*)......o\Z666b9.i../" ...n..]+.u~.k.....m..r.......xVJO:7...h..j..O'....E87ttt4.................r.....ZH...t.......s<..k.&...h.c..xC....xz|...o....^~..S.h#....rWQk0....eo..dH[,..r..H.>.....F...mF._.U.....Rax.^.z....g4....SCA<H]2=O}....Oh.{^X....|....CSlaB3V4'...|..N ...bU.........Tu...}....w...zu<.D...o.......znj..cq...?...b..s...h..1..wPm7V.yn.m..6..[@...'tRNS.... .;....T...;....c.u&....Z.1.T..~v..~../nIDATx..1k.A..Sz.`..#\uX..f.0L.ad0F..V..([email protected].#(.Y.Y.....e=......N.\...{.m......|>.,\.re6.].3.]!.....b.;[..i5..F..x..
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\t-b2[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 320 x 246, 8-bit colormap, non-interlaced
Category: downloaded
Size (bytes): 18368
Entropy (8bit): 7.967874359338402
Encrypted: false
SSDEEP: 384:4HApO+tbe9ry2C9wR2jUiUB9pAZYCqzAo8eEbENYk2+gkl9YQBzPN:XR52C9wRt72tOB8e8zk2+gkAQzl
MD5: E4A8FB551EBF064B0C52A3ED33CAE888
SHA1: 656DE89F5DA5C157C29D071726E876FBCE1043C6
SHA-256: EDDAB06CE480D2BCE785AB169D225894D1A700FDF26B64B5569F0EF00A500D48
SHA-512: 760BFB1CC02C29C6D6317026884376D38056AA57824DA55CC50B3875339A8254AB1BCA88C0716339B6B89EF454497CF4F5884C6C3B9E471A0EE3F4B1C42CC7C4
Malicious: false
Reputation: low
IE Cache URL: https://thecompleteketo.com/static/keto_complete/v3/desktop/images/t-b2.png
Copyright Joe Security LLC 2021 Page 31 of 51
Preview:[email protected]..~.N......i.G.....c..U..n..=....V..Xh/.........................................................................................................3..B............. i............p......O..R..c...[...[........e.. .Sb......{.....}.$v.......X.....S.{}..........o...V.......v..-..........._....n....j.Gw...L.......B.......z.......o_~.(rG...{.......{..=......g...a....%r.....................x....i..Wx.......V.............y...n...........N.._..&.O.c..Z.o.......Q.d..._.q..m........B~X..1....-..Q6vO...&zJ...:.....|...z..<.b4..6..-.Y.Z.....sG.o.J..x..Ln.}Ip......B...\^.z..o..o..\.-.e.o.M..v.2.....<.b..{.7.o.....~.g..O|[email protected].,[email protected]>..j..!]v.sb...Mz.c8I..c.....6...i.....tRNS....`6........{.......D^IDATx...A..0...^...A.....,..Az....`Q...G.w*.....7X.Q7.~cf.~..T..lv.x.|...N..".r:.|\........r9C..z;...R<.B.<..4.=.2.......A'rn..`..c..H.0...;!.M...
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\t-b2[1].png
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\t-b3[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 130 x 246, 8-bit colormap, non-interlaced
Category: downloaded
Size (bytes): 10565
Entropy (8bit): 7.899435507695424
Encrypted: false
SSDEEP: 192:SgETjNutWwVJXVwTDXL5iCN1otJ4jGCHeugsKSCEZWgqmj:SgETjMtZXWDViCfosGGebcW6
MD5: 1FBE5C8B49135A5A59DAF07319753AE1
SHA1: F820C936923F2A0F7B5F0E445212AE25A137757A
SHA-256: 187613D67B9ED74A0A58C7C8575C1418D4209FFA562760AA2545DE4C250B2DF0
SHA-512: C6AEE9A086F4B040BC9FBCB0081020A6E76A33447EC85AAF177BB0E1DBB3A86652F87EC12F19A2CC79128FE2871B02DA56423CBF0C27B5851AC64D43370CEB8E
Malicious: false
Reputation: low
IE Cache URL: https://thecompleteketo.com/static/keto_complete/v3/desktop/images/t-b3.png
Preview:.PNG........IHDR.............-n......PLTE...............................................................................................................WMi...................QIe................[Nr...bZtlA.wc....aL....s.]Slo[._.........MD`z{...vb.......`..hR.r..j..t....s.....vt.}i.Q..eQxw...p....m.._t....x..V....X........iV.g..ZF....v..c~.e..p..fl.........^.....c;|WDoK1fTG[i..5&G...^R|...y.bx.r.....js.* :`..b..g..?z......H~.kk.iG.e{x...l}.sk.?r.v.s...V..^c.ro.tD.~h.x.......f..tW....p[.o...y....|..I=U...T....Qv..l.@+Y...e....y...v..l.yv.b..W.....l..aEwZ4p.....Sl..l.ly.?3N.......n...}.{.._...`...sf..|...p........t..f.......D~.y{......z............P:v...{...................Ut.Vx........~]..|d.p[|ruw......X.....K|.............w......_.....I.........S....t.....V..&[email protected]....`....R.X.U.3x.3t.=.h.\.....).....~......$.....!..ScY...H..H.TU.{.fY..C.}e.eEYX.F.:...F.Wa.<w..=..J... $...l......M.-.*57..B...../../..pV2.8.....M..P...
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\t-b4[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 120 x 120, 8-bit colormap, non-interlaced
Category: downloaded
Size (bytes): 3134
Entropy (8bit): 7.78612576235478
Encrypted: false
SSDEEP: 96:qaefLS5MBKkAJUt1CVof1JoubiT6/GTYqoH37:qMMBKkAJmboubiTp437
MD5: 105BB39A9718B5E6C95EF1DE76476C64
SHA1: D8B8E0F26CCD9B0FF32BEBF56CA723C7C87E90E2
SHA-256: B57AF1AC19F731390D47B3D4368BB9E077261B3CDBDD36E4F6CF204FD738677A
SHA-512: 3DA53A00A24F39E348711813825CCA287B12953B44D1B2F839A5C569D1C694AE70C12232D74FB551829EC748577855064C2DD279CD0D1BC9557FF607F2166AA7
Malicious: false
Reputation: low
IE Cache URL: https://thecompleteketo.com/static/keto_complete/v3/desktop/images/t-b4.png
Preview:.PNG........IHDR...x...x............(PLTE...M...........I................................................................................................................................}}|......N..... Nd-j.J..<..J..I..I..............9..J..J.....M................9...%Wm:..K..ppnF..B..A.....,h.C.... ......?....$.......................I........>..(_x110 ......TTS.$..............'2...7..3z....I....+e..=M.........H.....<..;......n.)bz&[r!Od.J\ZZYEED............D..A.....#Tjbba.3@**). (....../p.-l..EWOON@@?C.......8..']u.BS998---..!6~....ssrllkhhgffe^^].7F."+''&1u.0r.....*5$$$.........JJIN......BtRNS.?.@.?.#....*._...4.T.....{vqE;./.....\..M%..h.....7.....hed`?..'......IDATh...S.1..."REAQQ....{..q...E<..D...)....(..E.{...3.-K.....-.8~?0K..#y.{.....%B....3k.BJ..~d*.\.@..$SGL.u`%.*.......g.xZE.. .n.u[....{.XJ..X.^{.Z...-.L..|...q...k...$...^....;.0...z.?....Z....e...GJ.fE..D..nJ{.N...|&.q...c<k..vt.-.X.x{...~l^mDWa1..M..>`.:.[...1F..)....a.. ........D..[..{.XOL.........L...
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\the-proof-ketopia-ketosis-testimonials[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 553 x 439, 8-bit colormap, non-interlaced
Category: downloaded
Size (bytes): 115811
Entropy (8bit): 7.955067592824731
Encrypted: false
SSDEEP: 3072:TxA09X5zPMltilBZlnPgAjEJhCi+8mJfBjovFQ+5d4M:TxA0J5zPMcfxP/jEJo75hQv
MD5: 1869006EEF8CF9347EEB81A87F18705F
SHA1: 2BE99FA30F80518E4DFFBDC0B083C8B765C804A6
SHA-256: 3DC8EC41465F842E33AB23A6CF1258C327C0839EA6DF9240F70E6CF0CAB6827B
SHA-512: 937556E8E553FBAE4E5321A1730FE2F37FD5687D2ADB07F704530A75BC633386A469318CE2888637A2F0ECB5ACA940BA0F625735F9A445AFA836061D7D34A0B0
Malicious: false
Reputation: low
IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/images/the-proof-ketopia-ketosis-testimonials.png
Copyright Joe Security LLC 2021 Page 32 of 51
Preview:.PNG........IHDR...).........F.5.....PLTE....................)))..._ODI8....O#.....! 'gVD......872....w[A1*...7*$1.0......cn\M...ZF9Q?5%+6../#.W^e..vdQ...&-...vHEKI^[S-4;h`[GC>N#..mR9=@^enD1.QW]tqjQKCOSO..`;...U.RB7AK...uL?]*"...mic...14GuH,.bR...DM\.kP6..t^|wr....|...l.............S+.....oBsbB...=DT:'...v......FSk..h..Z..}....l\.qM....q-....^......?A5l6+.._..v...YJoz..wcfny...zk...iE"..s.gC..o.......rZ8.\2..y..j../ZB).uf........eYjA9.ZP...hM1....|{i^....kZ.{............c9...swW...............*.....]81."-..^..?.......s.UfkT.|Kz.e~.......~....{R.85..t<...m.......{l.q:.B>.sn.aU.SJRfy.d1:\.....{}.!.\..o_.):.{....l.\..LQ/...Q!.7k!G............BH......(PMo..L......ls..~.y3.O^...Wj..[.Q..).>M.8..s..d..! .....j{.F.........tRNS..[*z...8IDATx...O.e.....[.k...........8...jG.(.H...B..8....,......bQ.&..0..55*.?.X.M...L.........-8M.....z;....y.[n....c`#.C.EA.b....M@<.;.#..KV...)...|....."..#.O...P..pN.MH.=.l\g.)y).O.e...g.y5.l..O.o..Rp
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\the-proof-ketopia-ketosis-testimonials[1].png
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\the-proof-ketosis-call-to-action[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 2112 x 562, 8-bit colormap, non-interlaced
Category: downloaded
Size (bytes): 118632
Entropy (8bit): 7.901654773591316
Encrypted: false
SSDEEP: 3072:FmFDrpgFBO4QA5yVgqBIFjoRT+7U+GwLe2DVW:FO/iFQ0y+gJV4U+K2BW
MD5: F3629FC6316EB32486047F3EB14A1A8F
SHA1: A132405779A79FE02BEFA1D9A09F047826A17A78
SHA-256: 1B4B046A1C657219469D146FE296AF3BDA86CFDCDBE81327D1CE4BE74B688BDD
SHA-512: E17D65FA136EF6ABBBE53A76DF041A4D1356929B94629EF4199CCE883F6CF9C95FBDDAA3B9C9AD261306EFAA700F6FCE3ADD0E5C16A96F04E00E6638282BC9B4
Malicious: false
Reputation: low
IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/images/the-proof-ketosis-call-to-action.png
Preview:[email protected].................................................................`.///...........qqq...AGB.`....DDD.......L....y.poo....`.....e..............................................................i..........7..............ePM; ._OM&%%bLIC#.3...p....,..[MK-,,_SQ.w.hhhdVU...ZYYj..RPO>;;..........877...h....322@(%......VTT@#.mQLkVSl....IHH@?@NLLEDD...>.-g[Zo.._^^.........m^\.....ccd.........t.......F42.....kw......6)'mmm...K+.G-)....|D......o..s}...pcb.....M'....W0.%..xVK...V*...qh6........y..............x<.5.....C..`/ ..DP........[H...c!....VEBxwx....U..........b...p.......e.W+......m..|....h..].m-..cGQ:5...do..I....z]U..k.K ....r...$}.......C..X..U.kF.p*....y .cU...m>%..0Yn..~...^..C..<..{...q{.....E..]..+.tD<K_G[u_..~qjB.J6.=......_...j....)tRNS...S*=i."....B..!.Cf.^....z..........W".....IDATx..n#7....!....T...<.vSq..$k>..>................>#H....+...0C.w.....................a0.......x..o.A...O...a.....{.
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\v3[1].htmProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: HTML document, UTF-8 Unicode text, with very long lines
Category: downloaded
Size (bytes): 39036
Entropy (8bit): 3.849440134004172
Encrypted: false
SSDEEP: 384:HbpaLYQmo7U4Ycb+HeCMFZqlZpPlTyTSP/7vpL/M:HbpaMQGO++C8wlZpPFyToj9U
MD5: 66E7472426F9F5B446CA1DBB5CEE2F51
SHA1: 5C254DF612A3053AD149D9F7DA27497AC4A9D709
SHA-256: E5B9804C2FD6A5EB04E5CE9D9A74EA4FABA0D5EBF2B3A22FF5CFCBC3FA6AAA22
SHA-512: 3955034F4AC12A09151881098A4C298D4BC5E156C49CF05A2E9C0B55F0C229541C6F5EDF4ADA680A803ED2D8CA5ADBF21CC142401591A56208AFCB4E1FEB147D
Malicious: false
Reputation: low
IE Cache URL: https://thecompleteketo.com/offer/keto_complete/v3/?uid=701230eb-3994-46a1-baf8-62a139392e95
Preview:<!DOCTYPE html>.<html lang="en">..<head>. <meta charset="UTF-8">. <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1.0, user-scalable=0">. <title>KETO Complete</title>. <link. href="https://fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700;800;900&display=swap". rel="stylesheet">. <link href="https://fonts.googleapis.com/css?family=Oswald:400,500,600,700" rel="stylesheet">. <link href="/static/all/css-conf/style.css" rel="stylesheet" />. <link href="/static/keto_complete/desktop/images/favicon.png" rel="icon" type="image/png" />. <link rel="stylesheet" href="/static/keto_complete/desktop/css/style.css">. <link rel="stylesheet" href="/static/keto_complete/v3/desktop/css/custom.css">. <link rel="stylesheet" href="/static/all/intelInput/css/intlTelInput.css">. <script>. (function () {. window.onpageshow = function (event) {. if (event.persisted) {
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\vs[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 145 x 145, 8-bit/color RGBA, non-interlaced
Category: downloaded
Size (bytes): 10731
Entropy (8bit): 7.959544581752848
Encrypted: false
SSDEEP: 192:2SxVusOI6Vc6DxbtVVFwMz0ZokmLUNktdtxM1aItwtsRLqCLbyc:Z+XnVc6DxbtLFnz0e3UNkt7y1aItwtsJ
MD5: DACD51F9823B141DF3B45A1142157CF5
SHA1: 497DFEAFD489E22E2C6F075939426FC0B1235843
SHA-256: 176DCBC431F7124D6952E2DB1737296B5AEF51C3256156733F2D24743FA0077C
SHA-512: C72554CE7A2E871C7E709C2915BF637BBAC1396411B12F32F4D29E1868A2C2401AC2F00391823BE9DAA5D8B5960AA1252AE402102E5F00A9537A2A931BD929D9
Malicious: false
Reputation: low
IE Cache URL: https://thecompleteketo.com/static/keto_complete/v3/desktop/images/vs.png
Copyright Joe Security LLC 2021 Page 33 of 51
Preview:.PNG........IHDR...............Z#....sRGB...,.....pHYs...............).IDATx.....U..EQ....>.)*...(..D.." [email protected]..@B.$.......J0@.].$..... M... y....wv.=g.:......9w............].h.sWx...8........k,..|...|[email protected]&8...]N.q..'3.<..9}....'.;...qN.8..dU'_.|U~{i'.s2.........u.....2'.8....'.89H...NF:9...:.R'7:...9N~.d.}...N.vr..?.d..s...@.}..w.....l........rr.......p'.8...6'/9YTF.:y....>....8y..w.v2.....N...n..w.f......S...n.n..?......:.F.v........N..F.....l..'N.....l.dW}.H...N.u.........'......&`...E...d.2....T...m..?.d+'g:9.......X......:.(..~3..v.#.;..<...b......L.s....7}.7f.-......K....k.M...?.h....LSGm+.1..5N.h.,....4..l5..s...4.o-'G:9O.vMY.6.....NVt.[..yR.. ..q.;.....Lqr..]..-...........F..W../....|...J..q]......?..w............b3.....0..?vr..y.....m.FWD..2|.:[email protected].._t......y....?!.....?..\...'7.p...giTBb.VC.( .=0......x.e.....u..*t......U.ph$4.9....^.5...V.S..u...0._...D..c....S1x ..q4.E.K..\c}[email protected]:l..
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\vs[1].png
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\whatdoyouget[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 766 x 814, 8-bit colormap, non-interlaced
Category: downloaded
Size (bytes): 137113
Entropy (8bit): 7.916781664927886
Encrypted: false
SSDEEP: 3072:tRSZR6BvM3QtvXouao6b1JeNUXyw5nN7xRp73KeXYv:/8R6lSajao6b7emXyWnN7xrLBa
MD5: F7395F4F336DB6529B69BD5699F76EC2
SHA1: EB3CD7F6D432C39B85C2AB68ABB11460BF9D354E
SHA-256: D4EBA42BBBDF3E0205DFCE62D9FAD620975E1166194E060F811C88A34E37FE48
SHA-512: BD4BC8E4B1C2E7FE51F8E7BDFC943346ADDD5CE5FA82F123BBBF8471742F072583E1B73FDA89C829FD035DB42F39066991640E43376C8A1EB924D904246E2B95
Malicious: false
Reputation: low
IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/images/whatdoyouget.png
Preview:.PNG........IHDR.............V.......PLTE....................................... . 4..%%&D#.iii7..9!._MJcMJ_PN0..JII?>>>#.0..fPM:88\[[ECC533...>..9..PNN...VVVbab...j..YMKC(%+..j..+*+g..cSRTQQ...dXV.>.-.j}.l..;)'...q..p|.I).kURmQLA%.^TS....$.........O(............h\Z.....H/,...l....D545..m....R/.q..mx........., !....4$%......b.....B.....rqri...r..k....o\Y....r........[)..k`_...G.'...q...|{|[email protected].$c0 .a.y...{\5.qcbM%.........M............v.i..v.......sUM........~.....h...n/ x.....ZI...r.....h5..i{VI.fI...d!..|_.......w.......w<....XGD.bIT.......]dm..eR?=O74.W.Z,..uT....aG}A1.......][email protected]<.u`.p......N4......C1|^W.......~...ob...O@......*0:.oP.........5AR.cV....iNBSg^.....u~...<..`q....La{..{)....8.?..t.y..vr.ddH.T..~....TIDATx..1h.a...x1..(m........v..(...6P.H.8.pP.....jA.7...%.:..Ji{.\...8..I.....9.6j..........|.w.....a.CC.)w.....:?....W*9.<[email protected]
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\JTUQjIg1_i6t8kCHKm45_QphzQ[1].woff
Process: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: Web Open Font Format, TrueType, length 64348, version 1.1
Category: downloaded
Size (bytes): 64348
Entropy (8bit): 7.993537722902948
Encrypted: true
SSDEEP: 1536:aO0GNmWrknJxbtBY5XrJ+F8+yB09vPfJH4wddZKXs3gAvJ2A11CxbxVQSU:T02mWEtcXsC+j5PhRHZKXs3gW2AqnE
MD5: 1405DDA3ABCCD4D62E6BFD51B1B0195C
SHA1: ACD0C7602DF3A1394E1DB9E0782FFFB7E9FDD75E
SHA-256: 51EDD7F81176C384FDEF0487E8E639285A047592B3DDAB3AA88156D71281AFB3
SHA-512: 2552EE5F87092D6A90CC4029A26763100B42EAF356E5926026CE821AA6A4A445A72D5654467A843DFBEBECB240C5373AA2CE499EB3DEBC4645CD57199726291C
Malicious: false
Reputation: low
IE Cache URL: https://fonts.gstatic.com/s/montserrat/v15/JTUQjIg1_i6t8kCHKm45_QphzQ.woff
Preview:wOFF.......\......,.........................GDEF.......2....X.|GPOS......8....8..<)GSUB..:............OOS/2..?....O...`[email protected] ..H$...\....,...fpgm..H....F...mM$.|gasp..N.............glyf..N....B..+..a.head.......6...6.0.Yhhea...L... ...$....hmtx...l...c...../S.loca.......v......maxp...H... ... ...\name...h........)JD.post...T...L..(....prep.............K..x.....XQ...s_m.6..v\.V..V..m.E\.\.......Yi..U.......l+q...Sv...=|`...}./...Y..y.s..5..w.....R\.'._....._..xL.dLS.s.SI,.2XN.*beU.j........6Q.l...J.z`o.....5.'j"N.d..i8K.p...Rm.....wj'.....xP....Q..:..t......]....P...s..........'....U2f(.s.o..P.7...2|...Eu,D..I.LV....-$cj.`/+d.G..4...F.S...x.V.hTW.=3wf..g..w..l.vXZ ...JAkk..j.+..qI"`e.EP..\.E.R.B...R...%.".....,...a..A...p.3.O&j.........s.R.|....;..Fp..1..=..[...s0.-..w..id.{....(......9:>...........=...`d$.9.....o~7C...%l.|...U.....}l.A....g.. ..p..k..[d....w.n.u..1.j...zkk...;z.h<..l..F.^...*n.!=...llm..K(.'..*...H
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\JTURjIg1_i6t8kCHKm45_ZpC7g0[1].woff
Process: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: Web Open Font Format, TrueType, length 67360, version 1.1
Category: downloaded
Size (bytes): 67360
Entropy (8bit): 7.991256054146273
Encrypted: true
SSDEEP: 1536:qBiuVt1A78krsF8ljNRptLBgrHKqZPpFEz9ZRcb3l2fJSU:1+168koCBjptL+rvZRuzRcb30
MD5: E8B54199FBD144A34EFD02C31DFD0E66
SHA1: CE483630F953303A4783D7CC9A1563E3015E912C
SHA-256: 58CA60FA247DD7D7CEE0103DCA4B6DFD6D676C03070F861F032BB309F00A6CFD
SHA-512: 252225BCE684E29A97720F2061390BEA22DB7245B7954F0666465617330039832247F5E36EA7E8849BB4DCF0098CFD407C2136898D2CD82E761C55AE258DCA80
Malicious: false
Reputation: low
IE Cache URL: https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_ZpC7g0.woff
Copyright Joe Security LLC 2021 Page 34 of 51
Preview:wOFF....... ......-L........................GDEF.......2....X.|GPOS......>J....A[..GSUB..A............OOS/2..F....Q...`V..Ncmap..FX...........3cvt ..Nl...b....0...fpgm..N....F...mM$.|gasp..U.............glyf..U ......%.B...head......6...6.P.xhhea....... ...$....hmtx.............W..loca......i....f.Smaxp....... ... ...Wname...(........*.EIpost.......L..(....prep...d.........K..x.....XQ...s_m.6..v\.V..V..m.E\.\.......Yi..U.......l+q...Sv...=|`...}./...Y..y.s..5..w.....R\.'._....._..xL.dLS.s.SI,.2XN.*beU.j........6Q.l...J.z`o.....5.'j"N.d..i8K.p...Rm.....wj'.....xP....Q..:..t......]....P...s..........'....U2f(.s.o..P.7...2|...Eu,D..I.LV....-$cj.`/+d.G..4...F.S...x..V.p+G.}R.....e.G..g..133....133........Oeg#.:.^mm......pO......o..`.x...x...w.+..y.$...(.0..Zh.X...2...6v.{'....cxI........z..c.d.h...!..[.6.....q..<.3B.haue.......V.1......-......l..H....x..B......y~.../.....L.5._.]....Z..>.....z..;n.`....QW...D..$j.X..D.u.......d}............3.Y.
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\JTURjIg1_i6t8kCHKm45_ZpC7g0[1].woff
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\JTURjIg1_i6t8kCHKm45_bZF7g0[1].woff
Process: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: Web Open Font Format, TrueType, length 67256, version 1.1
Category: downloaded
Size (bytes): 67256
Entropy (8bit): 7.993061921886421
Encrypted: true
SSDEEP: 1536:NqJo5xJ07m3VzrGTKroF8W0kkeg3Q7i8ZtqY+qkfjm6+E/TU+m9T37SU:NquJuWUCWkhQxeY+zC6+ErUfV3f
MD5: 3117C2D16F1E8CD7221D7C425A9B8C8E
SHA1: A3609D878A602F65CAEDF4917DFB6B877450CA48
SHA-256: E6EEF844F108468F293ACF079590DD050C8AC756C05463E3BE98CB0D8BF853B0
SHA-512: C3ED06997E0B9A01A06B126FDD63AE9AB212E20E67AB2AA23F66E7DB21AA3AFEBC9BD437D317ACAFBA654BFF7810B3DA120AA265AD080583B473DFD7BD985A3C
Malicious: false
Reputation: low
IE Cache URL: https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_bZF7g0.woff
Preview:wOFF............../.........................GDEF.......2....X.|GPOS......=.......Y.GSUB..?............OOS/2..D....N...`Vr.Zcmap..E............3cvt ..M ...d....2...fpgm..M....F...mM$.|gasp..S.............glyf..S....s..(.Av.2head...H...6...6.Z..hhea...... ...$...)hmtx............K.}loca...,...q....q..Hmaxp....... ... ...Wname............+.FOpost.......L..(....prep.............K..x.....XQ...s_m.6..v\.V..V..m.E\.\.......Yi..U.......l+q...Sv...=|`...}./...Y..y.s..5..w.....R\.'._....._..xL.dLS.s.SI,.2XN.*beU.j........6Q.l...J.z`o.....5.'j"N.d..i8K.p...Rm.....wj'.....xP....Q..:..t......]....P...s..........'....U2f(.s.o..P.7...2|...Eu,D..I.LV....-$cj.`/+d.G..4...F.S...x..V..l;.=3=.;.s..au..m.m..m.*}...m..S..?uj.V........$.3.......:.ko.%.=.:...;w;..K"..s0._....{.4.(..c....._w.vp.V.Qwtu`}..h...<...=...hL.....y.e.\._q1..eP.....3iU......l.~...7 .../...7.....=7.MC.}..t....l..Q[. ...X..'...m$n.=.7z.2...X.@3"......W..h.O.....D.~...8 kiX..W..z....UtY...v. ..kv...I.UO
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\JTURjIg1_i6t8kCHKm45_c5H7g0[1].woff
Process: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: Web Open Font Format, TrueType, length 67176, version 1.1
Category: downloaded
Size (bytes): 67176
Entropy (8bit): 7.993091271279907
Encrypted: true
SSDEEP: 1536:k54j+Ru+kwzuyhrNF8KvsloQRvAJ7VfaPj8pEn8SU:sU+1uipCKvsuuvk7QAw6
MD5: 189BFDC04FD790DD68E1DE69A890C279
SHA1: A1CFDC2F078F8985FD451B1414D11782C7D06D97
SHA-256: 2D2FEA641F7A7E05EFE8AB37C64B922C8D63E398D6C813418A0DCE56E661EF06
SHA-512: D21F380BAAFC5F37F8CFF9C6D5A33250BE66D1AA1379950516B5243A20071516AEBBBB451AD79C21A91ABC312B7C756AE196D4CB5ADB92CE458CC3F6D4C4CD80
Malicious: false
Reputation: low
IE Cache URL: https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_c5H7g0.woff
Preview:wOFF.......h......2.........................GDEF.......2....X.|GPOS......>#[email protected]/2..E....Q...`W?.tcmap..F0...........3cvt ..ND...e....56..fpgm..N....F...mM$.|gasp..T.............glyf..T.......+P..uhead.......6...6.t..hhea...,... ...$...Yhmtx...L........_t..loca.......q......Bwmaxp...H... ... ...Mname...h........+.G.post...`...L..(....prep.............K..x.....XQ...s_m.6..v\.V..V..m.E\.\.......Yi..U.......l+q...Sv...=|`...}./...Y..y.s..5..w.....R\.'._....._..xL.dLS.s.SI,.2XN.*beU.j........6Q.l...J.z`o.....5.'j"N.d..i8K.p...Rm.....wj'.....xP....Q..:..t......]....P...s..........'....U2f(.s.o..P.7...2|...Eu,D..I.LV....-$cj.`/+d.G..4...F.S...x..W..k.....nn...iO.3.m....mk....>.m...O}f.^we...sj.O.:..f..R.B.........8.......g.{.[#..;.`.%.)..~.Y.(....Ql.,G.x..v.(.F.p`.......2.5Z.q....SC..........{.R#.F..f.-~..J.O.....?.ZL...V...E4...?.|..+}.G..!....e>...I......}... .B.q{U\/.H...cb..........ZC....L......@<.......].X.~.%P.........._.[o.D<
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\JTURjIg1_i6t8kCHKm45_cJD7g0[1].woff
Process: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: Web Open Font Format, TrueType, length 66760, version 1.1
Category: downloaded
Size (bytes): 66760
Entropy (8bit): 7.992566869086574
Encrypted: true
SSDEEP: 1536:rFLrJF8VoDzqofN6KN+iS9LtqXwSGs/VwpQSU:h9CVoDzqo16KKRS3d6m
MD5: 605B1955F137C5A0F5C8BB9EF8E159A0
SHA1: 7D18B0663855A3B69CB9C96CB0CD12F8E4B6FA0A
SHA-256: 2CFE51BC6374D398DF02878552212424C127BF52D72E67FB3A1CF637AF984046
SHA-512: D375D1665B2C4CAA0E466B3999A572338F04EF3D61CE4AD9E9BBA451AE0DC1364112A96615514DFB0877245EB58DF5A6A78DA6F0A21DF8CFB17F7EEFAFC0C4E6
Malicious: false
Reputation: low
IE Cache URL: https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_cJD7g0.woff
Copyright Joe Security LLC 2021 Page 35 of 51
Preview:wOFF..............+`........................GDEF.......2....X.|GPOS......>O....J.i.GSUB..A............OOS/2..F....Q...`U?.:cmap..F\...........3cvt ..Np...b.....:.Gfpgm..N....F...mM$.|gasp..U.............glyf..U$...G..#.M.Ahead...l...6...6.<.ehhea...... ...$....hmtx.......~.....V6bloca...D...o.....,.maxp...... ... ...Zname............)!Etpost.......L..(....prep.............K..x.....XQ...s_m.6..v\.V..V..m.E\.\.......Yi..U.......l+q...Sv...=|`...}./...Y..y.s..5..w.....R\.'._....._..xL.dLS.s.SI,.2XN.*beU.j........6Q.l...J.z`o.....5.'j"N.d..i8K.p...Rm.....wj'.....xP....Q..:..t......]....P...s..........'....U2f(.s.o..P.7...2|...Eu,D..I.LV....-$cj.`/+d.G..4...F.S...x..W.t#I..mu.v......-33333.........y....,..........z.V..j...UF. ...(.#.;..K......\..1..$w.......lj.A.r.._..1...?u..u...a....2.. O&.F.....S..x...?..w\.k.u.2.(c......(..=.....<[email protected]>.7..7...~._.....o.v.Ob....v.?A.B.-.A=..&.NJy....0.....@.:v.....h...!.d....D.m.b........\.....]..-..V
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\JTURjIg1_i6t8kCHKm45_cJD7g0[1].woff
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\JTURjIg1_i6t8kCHKm45_dJE7g0[1].woff
Process: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: Web Open Font Format, TrueType, length 67392, version 1.1
Category: downloaded
Size (bytes): 67392
Entropy (8bit): 7.993079288888571
Encrypted: true
SSDEEP: 1536:pinw/aQ+RbgHrzF8pmnFaMb7lkZSVphQsk6PyLUsSU:piwXwgHPCwnHmu4
MD5: 96B1AA0B0A38813B47AB845CD4652B6E
SHA1: AF561251F32CE789B0F8D4AE6C8E7513B72D4133
SHA-256: 525625DF06CFE5F859B78769A26CFB423A9CB5D15104F535EAFAB6697E9EFE09
SHA-512: 81F6BD7330A37BD049E8FB68A6A789EC902A4258031009F0B05BA0D0F390E4F3F6D59B1A490B910C2820C883608A375D565A11FAB12F56469E5F9AB1EA39548F
Malicious: false
Reputation: low
IE Cache URL: https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE7g0.woff
Preview:[email protected].|GPOS......=.....;'[email protected]/2..E....P...`V.Fcmap..F............3cvt ..N....e....3..=fpgm..N....F...mM$.|gasp..T.............glyf..T.......*....head.......6...6.i..hhea....... ...$...Ahmtx...8........8+.loca.......n....&;q_maxp...0... ... ...Mname...P........*SE.post...8...L..(....prep.............K..x.....XQ...s_m.6..v\.V..V..m.E\.\.......Yi..U.......l+q...Sv...=|`...}./...Y..y.s..5..w.....R\.'._....._..xL.dLS.s.SI,.2XN.*beU.j........6Q.l...J.z`o.....5.'j"N.d..i8K.p...Rm.....wj'.....xP....Q..:..t......]....P...s..........'....U2f(.s.o..P.7...2|...Eu,D..I.LV....-$cj.`/+d.G..4...F.S...x..W.p...}V.V.."gs1..cfffff4|ffffff.pR.....p..z.e...x......7S.W....$|.v.Q'....W.p.[.\..1...w...f.....q.y..9|...O.....8......q...|0&.....1D.Q..........o~t.c.G...l..Uz;gu!..n..;..U`....1.zPB..:....*..}..?.s.N_..5../.....{}......0j..F..%@..s'[email protected].!..m.gYk..HzR[D_ ..$..0.A_..:...c.
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\JTURjIg1_i6t8kCHKm45_epG7g0[1].woff
Process: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: Web Open Font Format, TrueType, length 67412, version 1.1
Category: downloaded
Size (bytes): 67412
Entropy (8bit): 7.993450426954292
Encrypted: true
SSDEEP: 1536:vpUdhLGRrmF8WfSbBbaWCShX2pjB1AcEZpwpXssK/bg9SU:vgl8KCWfSbBbaWCSh6jB1UZpQc9/w
MD5: 0E813A2AA235DEC42E57B2528E706E6E
SHA1: 2C60C82DD360D8B0ABC0E95235E01054851F3387
SHA-256: C680AD34448FA46EDA0C53281F2CDEC64CB508D636E21608E551B7716C026C7A
SHA-512: DFB17A1FA40C2102F4D9ECEFA98FA85AC1676CEA752726CC6B8EFC44792E29383C14F8437F227859791D72F418D43E71628D1D1E4733021BE76B942D60561A56
Malicious: false
Reputation: low
IE Cache URL: https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_epG7g0.woff
Preview:wOFF.......T......O.........................GDEF.......2....X.|GPOS......7.....L...GSUB..:L...........OOS/2..?P...Q...`W...cmap..?............3cvt ..G....e....6..Xfpgm..H ...F...mM$.|[email protected]%.head.......6...6....hhea...(... ...$...uhmtx...H...r........loca............/.maxp...@... ... ...Pname...`........(.EWpost...L...L..(....prep.............K..x.....XQ...s_m.6..v\.V..V..m.E\.\.......Yi..U.......l+q...Sv...=|`...}./...Y..y.s..5..w.....R\.'._....._..xL.dLS.s.SI,.2XN.*beU.j........6Q.l...J.z`o.....5.'j"N.d..i8K.p...Rm.....wj'.....xP....Q..:..t......]....P...s..........'....U2f(.s.o..P.7...2|...Eu,D..I.LV....-$cj.`/+d.G..4...F.S...x..V...Y...;.{..7...........,Km..j....JSU.d%H.J.l.[+X.Z..0.0.L1a.....,......~..7..5.%..y.{...9.........6o........3G..FD.......:C.#Xg.C......'!.9rn.....a....}...d.k..G......C.~7uglt..7...B7.G....V..n..2..t1...M..1..U...5......p~..i.'I5...)[email protected].,.l.V
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\JTUSjIg1_i6t8kCHKm45xW0[1].woff
Process: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: Web Open Font Format, TrueType, length 67496, version 1.1
Category: downloaded
Size (bytes): 67496
Entropy (8bit): 7.993595810257416
Encrypted: true
SSDEEP: 1536:OG0h7CMbXrJF8cKJjIl5QmNZ/dTt/OvUoSLvwkFlJiSU:OBTbXdCrjwnVtKiXJw
MD5: 7BF99C007ACD1BAA1F21903B6FDA4D65
SHA1: C7B424219F0681A8DD969CF5142DC1D49A96CEC9
SHA-256: C04F4153C1FCA18DFC983F5998F324498A7F36FAB4FD072EC5B956F66D254F61
SHA-512: 4E1F30ECA483CD85D55C79A5711CDB665F6AFE88F008843E82F9450B2384C49E76B389FC56547E522A1082DF29FEA82FC40EF396186F0AFC7D61309AA52CAEFE
Malicious: false
Reputation: low
IE Cache URL: https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm45xW0.woff
Copyright Joe Security LLC 2021 Page 36 of 51
Preview:wOFF..............4p........................GDEF.......2....X.|GPOS......><....}[email protected]/2..E....P...`U..Bcmap..FD...........3cvt ..NX...\..../R.Hfpgm..N....F...mM$.|gasp..T.............glyf..U.......-"...head...4...6...6.F.nhhea...l... ...$....hmtx............!.loca.......r......maxp....... ... ...Yname............-5H.post.......L..(....prep.............K..x.....XQ...s_m.6..v\.V..V..m.E\.\.......Yi..U.......l+q...Sv...=|`...}./...Y..y.s..5..w.....R\.'._....._..xL.dLS.s.SI,.2XN.*beU.j........6Q.l...J.z`o.....5.'j"N.d..i8K.p...Rm.....wj'.....xP....Q..:..t......]....P...s..........'....U2f(.s.o..P.7...2|...Eu,D..I.LV....-$cj.`/+d.G..4...F.S...x....$K....h......c.l..7X.u..m<c.6..X...b...:.k..y2+32"*2...I..8..`.....y.S.0k.UO_.T..c..^ZWb.(..j....8.<....9.k..p>'.G .* O&.F.:.R...?~...}.;&..... .Y.>.T.o...-....^.s.?.H.....n.@..|...w.....x.....O....1.U...:.....Nv..@x........$...R ..x`[email protected]`xT.I.....W6...%q..../..
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\JTUSjIg1_i6t8kCHKm45xW0[1].woff
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\TK3_WkUHHAIjg75cFRf3bXL8LICs18NvsUZiYw[1].woffProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: Web Open Font Format, TrueType, length 20224, version 1.1
Category: downloaded
Size (bytes): 20224
Entropy (8bit): 7.9657380550087655
Encrypted: false
SSDEEP: 384:uprxdfS2/VnjJB9sJNPdd9psuG0DBnJy7Or4Xh3l0GoLB/YmHBy6kuSlH:urdf9jJbod8CnJyZh3lju/VhzRSlH
MD5: 0AD98BC7A4E44D268AB5B27DB625E884
SHA1: 98A7B2FCEDE6BDB83C658803DF2FB9AD40779C51
SHA-256: 3BA2C5F6FDAA53EBA8978A0D865A0838B2D32C1FA62922B542126725871DB1E2
SHA-512: 647C3F0A816B9DE369B8DC31215A5863C15A169B45C8A3C28092B59F15737AEE8DFBDE6B38863501BCBDFD7E0E2E2750E150A06ACC958ED4E81396C4C4B387EF
Malicious: false
Reputation: low
IE Cache URL: https://fonts.gstatic.com/s/oswald/v36/TK3_WkUHHAIjg75cFRf3bXL8LICs18NvsUZiYw.woff
Preview:wOFF......O........X........................GDEF.......E...^...nGPOS.......=.....x.GSUB..............rOS/2... ...O...`..>.STAT...p...&...*[email protected] ...<...E.....]..fpgm.............6..gasp...H............glyf...P..8=..c....`head..H....6...6....hhea..H........$....hmtx..H............Jloca..K...........~maxp..L.... ... .<.;name..M....,...`8 [.post..N@....... ...2prep..NT.........<l.x.....@[email protected].$8...h0|...I..R...I_..K......N...r..,..k...x.l...7...._.m...y..5.6..qf....h.>u.|...y{[email protected]...|..t...3..Gl?.h*`%.D*.\.ju.54....`5.}.....]..p.....*....O.W.u............".....T.S8...H..tOz....J.O.7..R...>..@'.Q..KW.2..b...d.d....\.2..T1.Z...:..{...c9...b..lc...U..%Ts...F.E.....)..V..or.Jt...H...<?..v....#..g\.?...>.u?...;Y...w.....0..Q.....\...9m....[..X.[8Xs..MTRAE.TV..+].WC...e{..h..i.&h..h.....h..i.Vh.ViM..*U.Vu.W...uZ...M.-..uh......<...g....w._.Fg....Fi..h..i.&h..h.+.#...?r..u0_....7t....4........=..>&QpVr.W..8X..O#....O.l.
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYw[1].woffProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: Web Open Font Format, TrueType, length 19740, version 1.1
Category: downloaded
Size (bytes): 19740
Entropy (8bit): 7.96718105168869
Encrypted: false
SSDEEP: 384:KkQ/onjJ9IcaAoa5Wk90ezJdiV3jOAGMKsMtVDG8XoUlinz1Itb2:rjJ9Icv5hwdO1M3GBGIoUinzq92
MD5: 0E88EC239D6256E2C889DF2E3F0D51F2
SHA1: 6C1C1638CF7CCF809ADB7E22E3939252259B342D
SHA-256: C2DE2E045916EC52E4C0CEEA38FF283332551D4187262AFE453CA8C7153BAFEC
SHA-512: 1A304DDD9AA90E9E03310754EFE4BCFAB8BE659DC8A724608115FA32EA500C1AC37410062B7EDFBC1581587DA1BE8651310BB14AB3875226313884ACD88AF1F1
Malicious: false
Reputation: low
IE Cache URL: https://fonts.gstatic.com/s/oswald/v36/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYw.woff
Preview:wOFF......M.................................GDEF.......E...^...nGPOS.............v.GSUB..............rOS/2.......O...`.3>.STAT.......&...*[email protected] .......D.....%..fpgm.............6..gasp................glyf......6...b..N(.head..F....6...6....hhea..F........$....hmtx..G....*...... [email protected].... ... .<.;name..K<.......B4.Q.post..L\....... ...2prep..Lp.........<l.x.....@[email protected].$8...h0|...I..R...I_..K......N...r..,..k...x....$I.@_U..k.....m.3.g..]......{..../^f.4.M.dR...K..%w...%....@0e..... $]3.e..5.nA.|J...r.....`...A\............F...,.!.!.-*.5=......Q..ot{.d.|.B.J.V.E.].K.).DH....r,.P.l.R.\*Q.B...>.hJK..$...n.c(. ..l:.@:.\..R..f.y<&W.t%.:.....13....k<..d...%.9.B{ ...........="G..f..F{p.c_q.K<[email protected].)..i.......k%?W.*ZU.iu..5....Z..6.V.i{....vq....z.^.W...y.Z...:BG.(..ct.N....Z.{.q..FF.C&..E..V.*ZU.iu..5.....9~s._.N.f..u`>..|..........[pM....!.<3#u.0^..x..l{....4...}. .
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiYw[1].woffProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: Web Open Font Format, TrueType, length 20140, version 1.1
Category: downloaded
Size (bytes): 20140
Entropy (8bit): 7.968457390339718
Encrypted: false
SSDEEP: 384:lT1BUIZSm/F1njJCyS32+PJt/HxrT/1O1eSe7RRJXmL5dBPjSoYaG7dv:lT1+IZDjJCBPr/HVdO1gRRM9FYaov
MD5: C8EE6FE62C4BA1B3F6CB790030A7A04A
SHA1: FD714B4271D326C46076FAF4D2D6EDB9423A5CCD
SHA-256: 84E0AF767E6764A06CE933086F62A8A2C6CE7BBC994868720E46E6570D6F71D1
SHA-512: 8A8811EEE65C7A81B411BA27E9CFC9422CA6E9E4CC201D528CF36B7D61C6C7662E7DD98B7CAE2717580F81FF145E2720C2E95CD95365DDE7117B4259F198C8B2
Malicious: false
Reputation: low
IE Cache URL: https://fonts.gstatic.com/s/oswald/v36/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiYw.woff
Copyright Joe Security LLC 2021 Page 37 of 51
Preview:[email protected]...^...nGPOS.......5.....b..GSUB..............rOS/2.......O...`._>.STAT...h...&...*[email protected] ...4...E.......Yfpgm...|[email protected]*...head..HX...6...6....hhea..H........$....hmtx..H....%........loca..J............maxp..L.... ... .<.;name..L........*[email protected]........ ...2prep..N..........<l.x.....@[email protected].$8...h0|...I..R...I_..K......N...r..,..k...x....l9...$.{<.m[c.m.Q^.......]x~c.d.J...9.}..In..=.....+..Wr...:..s..H4..9....Q.x.D.J..h.....R3.MC....G....Y....;.^x.n.5......_T.Qn.[mkl.c.mr.MvE........$w.{.}.>w.....5D..Q\V.d.")MY..._.....9F..GS.`M.L..|-..-U..*_....t2.S.J....J.......u(G7.V...T..P.b.'....<.g..z...`.l...._....&.....6......W9M.Yq.........E........N.x./..."..ea.^.9XN.......,8. .qH.t_.....$...1<..q0.&.D...a...MZ.......X..`5..ud......P.EP...9..h8.....x8.N.S.4...u...j.f....t...0...8...`"L..0.f..pF.g4..0.^.w...>.4..)G.*....q.........y
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiYw[1].woff
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\TK3_WkUHHAIjg75cFRf3bXL8LICs1y9osUZiYw[1].woffProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: Web Open Font Format, TrueType, length 20248, version 1.1
Category: downloaded
Size (bytes): 20248
Entropy (8bit): 7.964171467698386
Encrypted: false
SSDEEP: 384:bGGu/OnjJlrI0myyg1Tfz0jXpxGpG5exBwq9iVYB8wlQiZi3TIgPuZw9+ywWA:bGGjJARg5wjXsVwYB8wfZiS69+vj
MD5: 47FEF7E5CE2663EB933D86AB6C81B2AC
SHA1: 988C697D8562B981F9F11233EEC1507CF53D25B0
SHA-256: 1F2FD1B553543006EBB05CD1E4EB58A0604EA3F343C0F534E88B8542BFE0D4A7
SHA-512: D5EEF37B6C92A6AEEC638249C16554D4D29C3BE1B2B1B41EAA19D61617D55E28D9C8493190F89F06B7AE1AA05C4F551A5D7F0476749A49D6BFC3B578F1E43155
Malicious: false
Reputation: low
IE Cache URL: https://fonts.gstatic.com/s/oswald/v36/TK3_WkUHHAIjg75cFRf3bXL8LICs1y9osUZiYw.woff
Preview:wOFF......O........t........................GDEF.......E...^...nGPOS.......B.....F.1GSUB... ..........rOS/2...$...M...`..>.STAT...t...&...*[email protected] ...@...E.......1fpgm.............6..gasp...L............glyf...T..8L..c$\.a.head..H....6...6....hhea..H........$....hmtx..H....*........loca..K$..........lmaxp..M.... ... .<.;name..M ...7...p9.]@post..NX....... ...2prep..Nl.........<l.x.....@[email protected].$8...h0|...I..R...I_..K......N...r..,..k...x...pnG...={...}......f..=.1...Am.V.F.gv...<...~.~./.I).....*.T...'.....9...;JIb...(.R..n.{+..H....G{.;...4zV=t%.i.7O...k...O..=e....?.?.......^b.}....l....Y..}.o?...f..*....(QR...s..4M.t...."4QK.\...v.4.R\.U.J-..'.......:.m.Yh..Aq...U..P..A...O..}.c\..v..^HP*...."m..v.)P.u..Y...t..HVK....1..X..W......C..0X5.nN..........Y.fF......n...B.. .R\.R!..H...Y.g.....`>,.....Q.*...5....z...a3.....J........`8....j......Nr]T.J....V...G.J.O.<...a..y0...BX..\...79.t...#._.....J.:Y..S9..U%..C.1.[Su..)dW"
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\analytics[1].jsProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: ASCII text, with very long lines
Category: downloaded
Size (bytes): 49153
Entropy (8bit): 5.520906949461031
Encrypted: false
SSDEEP: 768:/yR3fYFBLbfs5sP5XqY3TyPnHpl1WY3SoavFVv6PU+CgYUD0lgEw0stZM:/y9gZfl5h3UHpaY3SoRCw0sk
MD5: 6DF1787C4BE82D1BB24F8BFFA10C7738
SHA1: 3634E839429E462E49C5F42B75FBFB4BA318AF6D
SHA-256: 2CB09C7B3E19BFC41743CA3624EF81C3258D56525647FEAC76AA757E0292627A
SHA-512: CB3CE2BCEB61F390298C21E470423CCEB6DD93E648A7DD0467195B11FEF30BF7A086DFF47C4494E2533498D1448C1A22AAB1414C14FD73278F1C92E0F7BC3F94
Malicious: false
Reputation: low
IE Cache URL: https://www.google-analytics.com/analytics.js
Preview:(function(){/*.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0.*/.var n=this||self,p=function(a,b){a=a.split(".");var c=n;a[0]in c||"undefined"==typeof c.execScript||c.execScript("var "+a[0]);for(var d;a.length&&(d=a.shift());)a.length||void 0===b?c=c[d]&&c[d]!==Object.prototype[d]?c[d]:c[d]={}:c[d]=b};var q={},r=function(){q.TAGGING=q.TAGGING||[];q.TAGGING[1]=!0};var t=function(a,b){for(var c in b)b.hasOwnProperty(c)&&(a[c]=b[c])},v=function(a){for(var b in a)if(a.hasOwnProperty(b))return!0;return!1};var x=/^(?:(?:https?|mailto|ftp):|[^:/?#]*(?:[/?#]|$))/i;var y=window,z=document,A=function(a,b){z.addEventListener?z.addEventListener(a,b,!1):z.attachEvent&&z.attachEvent("on"+a,b)};var B=/:[0-9]+$/,C=function(a,b,c){a=a.split("&");for(var d=0;d<a.length;d++){var e=a[d].split("=");if(decodeURIComponent(e[0]).replace(/\+/g," ")===b)return b=e.slice(1).join("="),c?b:decodeURIComponent(b).replace(/\+/g," ")}},F=function(a,b){b&&(b=String(b).toLowerCase());if("p
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\bottle-1[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 324 x 560, 8-bit colormap, non-interlaced
Category: downloaded
Size (bytes): 44074
Entropy (8bit): 7.959071627408484
Encrypted: false
SSDEEP: 768:+z1eT4C8PvtZQMjr1SvLrsu0PZdxNF+3vI9mC+gc9+GiqmyH:0eT58PXNJC4u0P5+imLgc9+zc
MD5: 4EAD30F2EB68F3BF5C34BC6D60CB6023
SHA1: B28701BB2B3D10D08A92E09F1C8888073511CC3B
SHA-256: 9DEF3225F95DE48A2BCA507FF4D87BF02A16FA47CE00899BA04A1F5B2843809A
SHA-512: 1BFFAA7C88C66EF9147562D053DBB30151BA266D9B047892044806F6DFCAF2BACF5D4142C650B867B5D84C953E4C68EA0AA1F5B0D3B438B0A46755F377037203
Malicious: false
Reputation: low
IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/images/bottle-1.png
Copyright Joe Security LLC 2021 Page 38 of 51
Preview:.PNG........IHDR...D...0......o.....PLTE...................................................................666===...rqqVVV???...{zz.........|{{kkk....................................4..cMJ^MKiii%%%aQOfQN...;".8..ZYYaUS<!.><<0..:87533B$ ...GFFBAAVUU@)&dXWSPP+**kURg..OMM..._^_9..mQLB!.YLK[QPKJJ>/-k|...ddd...F31.....p{.....l..h\Z'.....F(.......G$....7)'.......l..i..O-......r.....i..3"....l........Q).F-)...ju........._.....[2....r....uUKO!.j..k`_xA.qdc...p^\.....4.."..o..a..O<:V/#.....o.........pYV...y..m..utt......XI* ....a!.pooj=.....XFC...G..f....dn.l/....v.........d.i4.|zz...C..A..........X.Z(.y..O......f_^.l..]H.dH.s..]..w....hD~..cV....~.........\hu|_V....N%...pF...^..}.......08Fw*.%+1u}.IXqcC5.....>Rj.......=.D...:DW....2fs.3.;.z?G.Q..8..u`../k3.......'tRNS...,.O.8.C..|r`...>.a......R...}..n.T......IDATx...Mn.@......(...r.n....\.t._...*..#9.T....J.YEi..o$$..`}...>.!....X.O..Q_Q../.}%|9........S./|...?......*m S.DV..Y...F.
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\bottle-1[1].png
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\css2[1].cssProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: ASCII text
Category: downloaded
Size (bytes): 1903
Entropy (8bit): 5.169894884232458
Encrypted: false
SSDEEP: 48:nOOS0ajOO6afuOO1a+94OOEaBOOXa5OOxMamOOparOOwha8OObae:nOOS0ajOO6aGOO1a+94OOEaBOOXa5OOM
MD5: A6319B6B40D79C12A9607278D9D1EA67
SHA1: F20DC75B3B839BB812A69870C6C4AD64E7FE26AB
SHA-256: 0518A2FFFDD5A04E2CAB7E173C46630267A2918BB23615ED6E0A63FF3F5CD873
SHA-512: EB5F20B9FB22A45F9CC5E690C23C71F03C3C06177B9C360C788174AFD23FB819282A5268DC99FAA67DE1BB436403E82D65199F349E2973CC2988D29DAC348EA4
Malicious: false
Reputation: low
IE Cache URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700;800;900&display=swap
Preview:@font-face {. font-family: 'Montserrat';. font-style: normal;. font-weight: 100;. font-display: swap;. src: url(https://fonts.gstatic.com/s/montserrat/v15/JTUQjIg1_i6t8kCHKm45_QphzQ.woff) format('woff');.}.@font-face {. font-family: 'Montserrat';. font-style: normal;. font-weight: 200;. font-display: swap;. src: url(https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_aZA7g0.woff) format('woff');.}.@font-face {. font-family: 'Montserrat';. font-style: normal;. font-weight: 300;. font-display: swap;. src: url(https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_cJD7g0.woff) format('woff');.}.@font-face {. font-family: 'Montserrat';. font-style: normal;. font-weight: 400;. font-display: swap;. src: url(https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm45xW0.woff) format('woff');.}.@font-face {. font-family: 'Montserrat';. font-style: normal;. font-weight: 500;. font-display: swap;. src: url(https://fonts.gstatic.com/s/montserrat/v
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\css[1].cssProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: ASCII text
Category: dropped
Size (bytes): 772
Entropy (8bit): 5.375180793926211
Encrypted: false
SSDEEP: 12:jFF5O6ZRoT6pTyjknqFF5O6ZX6pTPSnqFF5O6Z0/T6pTHqFF5O6ZN76pTTLY:53OYsXA+3OYX8S+3OYUTp3OYN7n
MD5: BEF5FF0F14140E671FEED4EE951574CB
SHA1: 106B0456B573D94C7F185C9A3DC58E59E1B2B930
SHA-256: B5F6CD1CF637AFBA7F3BD797D330242543510524DFDEDDC73B914EDCB5EC06FE
SHA-512: D3DFC400C9221BD8E81FAA991C5E435E5ECFE90AEDBAFE97E9E3EA9138A6B354F0AFA0025E470377D21EB2633F010A3E43DB83CBF31AF8FAE86CCEE4EA076581
Malicious: false
Reputation: low
Preview:@font-face {. font-family: 'Oswald';. font-style: normal;. font-weight: 400;. src: url(https://fonts.gstatic.com/s/oswald/v36/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYw.woff) format('woff');.}.@font-face {. font-family: 'Oswald';. font-style: normal;. font-weight: 500;. src: url(https://fonts.gstatic.com/s/oswald/v36/TK3_WkUHHAIjg75cFRf3bXL8LICs18NvsUZiYw.woff) format('woff');.}.@font-face {. font-family: 'Oswald';. font-style: normal;. font-weight: 600;. src: url(https://fonts.gstatic.com/s/oswald/v36/TK3_WkUHHAIjg75cFRf3bXL8LICs1y9osUZiYw.woff) format('woff');.}.@font-face {. font-family: 'Oswald';. font-style: normal;. font-weight: 700;. src: url(https://fonts.gstatic.com/s/oswald/v36/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiYw.woff) format('woff');.}.
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\doposle1[1].jpgProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1109x628, frames 3
Category: downloaded
Size (bytes): 239126
Entropy (8bit): 7.984153508773495
Encrypted: false
SSDEEP: 6144:lLzyxHhfbpD6mZ6ULdwHcdDjGKj7Zl+EhI9zYhsW/NBv:lLz0HhTZldgsWKhl+1zU9Tv
MD5: 0D36B71EE5E58D4786E66242092B0E8D
SHA1: 19A622B974337A2E70F7BDBBF073F1FDBD511A68
SHA-256: D83BF52D4CF194DE0B13A065A99BAE0A844AFA29CFCF7BD32A72431C4FF5A4B2
SHA-512: 3F93763C67AD3C02F494F17A471F5BE6CFB5BF98B62814AF8A4ED858FB5C2FE5C6BAB4CA34888EFA49A3917366A1CF001E8350D8D3615FFA5D610BA9C5683B4C
Malicious: false
Reputation: low
IE Cache URL: https://thediet4slim.world/static/diet/fr/gala/v2/images/doposle1.jpg
Copyright Joe Security LLC 2021 Page 39 of 51
Preview:......JFIF.............C.......................................................................t.U....................................................R.Z.M.r].....}..j~.2X.JuL.+.e.C.[....Q\>.........<.r.h.g1..r0.c....a.WE..|g.....R..;...9..?s.....~.."....e..,...m..._..V.!X.U?.m|.......Z.W..."..2..~s...T.....y.F..k..B.....>.'...X.iq..?..w.w....y.{.-88.F.G...l.(...j..^[[email protected]...).i..x.~....}.w.....U.%.E.gG..[3...%..W./[email protected]....$;.3.p..;o..Xe.8...(....y......D....x..D?w.O...>r<..}..}....P.....^..5X...t;...m.......e....F.3....G.}..ZG.c...}Ks2../'........N.C. .....c.....*.....e.F...O.o;....>..w.}....I(..?\.[..47....V.Rc.<O......k.b.]V....g{/..j...~g5.h;<..pxK>.R-..H..B.....N.35g...1....|C...D.>._s......>..W9Pu.T{\..,...A.V..||.w..O.^.U.S.....}..(..0...m.N.ZvD`....Q....}..q#[x....F.....k.#.s.}..~......#....r-.q....Q.q.....B.<.2s.'.....$.d.^..W.}]!.]..k..._..B...+.....].#V.&....
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\doposle1[1].jpg
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\doposle2[1].jpgProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x410, frames 3
Category: downloaded
Size (bytes): 47828
Entropy (8bit): 7.986020178329024
Encrypted: false
SSDEEP: 768:7w/DBM1Px1n2IZWh7Rxi5RpfPkqRnkizWSyafg8eqI+2sGvsQD5L+/m:7w/DBM1Pb7ZWhV2f8qtk0hyxj+S7V++
MD5: 32624F617BB27F4CA56DA45C991DC868
SHA1: B8102BD6E45AFC01E0FC87AF3B110705956CF876
SHA-256: 31D1299CC6B8567927AC9CF933FE207E952828E45F6EFB31646F025C452C9475
SHA-512: 72B73C7ABAB8E192C65315114B05842CF2E4C287E4ECDDAF95DE19CEE540BD61FA02C70806A12FA780646B9BABFC9E96F0DF0D7EA98DA640D8D661D199D04ABD
Malicious: false
Reputation: low
IE Cache URL: https://thediet4slim.world/static/diet/fr/gala/v2/images/doposle2.jpg
Preview:......JFIF.............C............................................................................"....................................................Q..3.k.8x8x.6.J.o_e..Zj.e.1.[.>....sF.v..6....U[U.-9.'9.aj.."..G...........N.....H.....eK........u.,..I..).C!...B.w(.%f..E..U........f"..v..).....g.. .d...........K.z.z.Qo...z.l79....96Zs....A...."..yb(9..;.}..d.d..4.......t=[i...*5.-..|....h.........G...9.f.S .T...ge..R.i9..r..+|].K.B....).&..\.x......1..y8...MIz...e+..pb..h....wHe...R.J.m........1l.Zj.g......u.b....?..f..G..[.6......`.'.......pY.R..H^...IwwHe...."&T..x.r..Q|[email protected]]q...4YU..>...>..u.o..C0..b.e8.&..in.+..I.6.......e...A2......&/MHa.1E.......5....w...c.....3$....G..s..nn.....E.h....p.':...*.C.6.2..I.Yr..=.....=.....l......,.=...."cX.1...}..t-h........&9N..V.r"..&..~{...>o.}.a7......q.^X...9...k.*..Y.9`.c=!lx...Y..c...on..T{.e..d.r.Hs<]..d.....B...,....O..D........z.8....DK..V.....[...iX.k.N...;$....
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\doposle3[1].jpgProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x410, frames 3
Category: downloaded
Size (bytes): 50525
Entropy (8bit): 7.987186970324452
Encrypted: false
SSDEEP: 768:78vQDkepBxwWbjOFqjaRMW4A8REbhLpnrLT1ivSR/xb2knd7NKJzm:7VDRDbjDaSW4bShLpnrb2nJS
MD5: AEC7C43C95D0FFB20E315B69B7A04B3A
SHA1: 9494A3B7AE4CD17FA9760F9DBCF3116C7EC69405
SHA-256: 1338733534CCF4A50F66700913AB9937288C065B4830CB7A7378193644C7597F
SHA-512: 97C1DCF5C17E8FFFFA41A813166AA5A676DA894CFBA319D2A8C7F0F9491040CA158FD88EDFECB0FFBADBE65034FDC317977A2DB2DD8EE3E74E290110B97BAD70
Malicious: false
Reputation: low
IE Cache URL: https://thediet4slim.world/static/diet/fr/gala/v2/images/doposle3.jpg
Preview:......JFIF............................................................#....!!!..$'$ &. ! ........... ... ..........."..................................................!8..`._k....6w..../......^./.(|0.PLc..xM....K...r..p....=....>S.r.E90.[.....3..oC...../...8x8{...F.e."c.DDm.M......_mY| .;....8C...&rD.5y ...y..eu..=O.Yh..p.p.p.w...|9C..&1..!x..e-.+....H...;...8...<.%..7..'=...o....B.6.-w...xC...8>..a...0.........9..&..G9..@.@.!........K.!.}..<..`M6.a/>[email protected].}!...s..q1...5...[.(.J..D.../.....|.b.T.a3.MZ...]z..4.D..xF..=..=..n..C....1.a0...;.l....Z..Ji...p.x. ....%..q.m..z"..g../.5.FFl^F.......C...~....QA9..&..xu.H.^...9Y...p..;..|.bq.t......i.a..+[.A..u./.B.=X......?F`.E.V1.a.o+s.....Z......K..@;....".K7&.\&[...28.-.A..u.!.iOb=I...Z.F.. =.....'.....'...).F.l...-U.h..q..P.;..;...$....z..........(5-.}.......l.........0.k.l....D..\.J..+..j...KF..B)a.T..;..^.Q...P..T.P.eQ'GmT.4......:n.i!...{.).c.....N+;
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\favicon[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 40 x 40, 8-bit colormap, non-interlaced
Category: downloaded
Size (bytes): 530
Entropy (8bit): 7.35262091254268
Encrypted: false
SSDEEP: 12:6v/7sgZp7UFgqz5pzjirYOf4sda8B3b4ODTHHogx0r:bgZcgqz3zmrYDsdx3ZDogo
MD5: 2FCE3AEAEC6C95DA2BAE980AF8178229
SHA1: 6F948F7365FE80926C77D03A359BD05FAC3AD64F
SHA-256: A09A6DA523B91C5498179ECB6500B8DC2D11A8345BD41E0811BF39CD2D10AB8C
SHA-512: E9F9443ACBF2424AED658B9ACF8F68A34F13D9AD878211D3E6AA1986203ED6D92C40E80B128ED4C6BA0098F102BFF34E73F1BB4C2F6FDF3A92AFDE422BD94F22
Malicious: false
Reputation: low
IE Cache URL: https://thecompleteketo.com/static/keto_complete/desktop/images/favicon.png
Copyright Joe Security LLC 2021 Page 40 of 51
Preview:.PNG........IHDR...(...(...... H_....PLTE...333...III===............MMM......AAA......fffaaa;.D...........yyyttt\\\888.............................~~~oooiiiSSS.............................qh.p..oe.kTTTN^O..NvpFEEE;.A9.@H.<OK/ib+..)..%.s;.....IDAT8....r.0...s$.L(..`;.-........b.,..[hF..F....0.....7.s....$.>[email protected]_............O...aD^C.....9y.}.B&.8...P.a.Y.!9.@.>.p!..pDFP....d..0.O..c..A...'9.P..B.H.G..d.}..^..u..".m"...p.c.]........Z....[..3k..a..y...^~.U..`.|g.....IEND.B`.
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\favicon[1].png
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\flags[1].png
Process: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 5652 x 15, 8-bit/color RGBA, non-interlaced
Category: downloaded
Size (bytes): 70857
Entropy (8bit): 7.993208981606479
Encrypted: true
SSDEEP: 1536:cBBfgWxg7McnRdaRx9krb5LhxHG1gmvlpWUZA1eog3e7xr:Lg+3n3ax9kHV3Wgmdg2A1Y3elr
MD5: 416250F60D785A2E02F17E054D2E4E44
SHA1: 21572C9751E5A3DC20395BEFA0FCB349C32C4811
SHA-256: 0A012CF808A24573168308916092D2D4BD3F2B4AF8E16B59167013CC77ACEE55
SHA-512: CF1E7ACF47464F00D206E9149475E22B8EA5A31727FA16344CD151384D850B83ECE5E9ABE4AC62861DBA0DC3D3410955611D94665B60E2FAA0C3D7A3D7C88404
Malicious: false
Reputation: low
IE Cache URL: https://thecompleteketo.com/static/all/intelInput/img/flags.png
Preview:.PNG........IHDR.....................IDATx..u.]....{.s..{F..!N..K...B...EZ...B...w..!..Ml2...G...3.IF....o.Cg2..}...Yk=[.x.].p.X........... ........;..-.lN..R.H..I..!.@).u.:..>...M...Rx.{8...0.4t.r...2]Q..\6]5.=.@Y.]..............f].g.Wz..Z..E.>-..8*.... !.B$.VIA..+....a)..-v........I..xSk..C..z..g.s'.f.I..t.N..R.u... -K.n.E.ve.;m..7....i.#.....&.._A......f_.]....."n..!..zbn.N>..S..o^...p...'..<...+.....(...b@#.h`...}.1}\.s.}....=.O...K....7..9...m.....d.. $.....).....%I.9....B.......*..._K....P`.7..~=...l.....y..2.(.J..8.+YW.....}.T..wJ.t~9...w...........N...>...dTA.....DL.g=p..}6..6oZ.....w..-8k...8.+....a[p..3y.. ;x.57;.^tT.. .(........v.....u.1#.<..x..`.....&....&{...o.....J[...kJ.i.B...U.H.:.^x....!.~c.J..6.n..~M.|[email protected]....).....&..(.....>^n?...(......U..F...'Vn?.;.[....[........../.^~...T.9zx.w|R...>*.......B.]w..5bk:B%...RC....W..h.!J.%`U..0.....3a2.nvg.].....+....>..b..x.`T..{\i..n..._](L.Y.]....p.cG
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\index[1].cssProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: ASCII text, with very long lines
Category: downloaded
Size (bytes): 27658
Entropy (8bit): 5.177111746113662
Encrypted: false
SSDEEP: 384:OFMT8lQOk1a1U0Dt+AALQGAHnA/g2xg3Zp07deObcKIhBbs0R1vO7:6MUk41vyMNHAIlD6dbcJO7
MD5: E5A40E67C21932FC0BC67921162F9976
SHA1: 5945FD45FAEA22EE57F8C1CFE7DECF2C7BD98991
SHA-256: 1B5A85D61EED69451D973836A1943335DF1EBCF2AF2B65036300AB5958B9F7BD
SHA-512: 661A8C08FC501CDC45FB7BC9F10DEBAA435E652A924F9673BD598D1770978CB5C93B473CD84E69ECF724439FDBDBE26434399D04BAA8B92CB06EF38889447A92
Malicious: false
Reputation: low
IE Cache URL: https://thediet4slim.world/static/diet/fr/gala/v2/css/index.css
Preview:* {..margin: 0;..padding: 0.}.a, img {..border: none.}..clr {..clear: both.}.a {..text-decoration: none.}.p {..font-family: Verdana, Geneva, sans-serif;..font-size: 14px;..line-height: 23px;.}.h1 {..color: #333.}.h4 {..color: #666.}..headerInside, .footerInside {..margin: 0 auto.}..headerInside a {..color: #ad208e!important;..font-size: 14px;..font-weight: 600!important.}..headerInside a:hover {..text-decoration: underline.}..pageheader {..font-family: Georgia, "Book Antiqua", Palatino, serif;..font-size: 18px;..font-style: italic;..padding: 5px;..color: #000;..text-align: center;.}..small p {..padding-left: 5px;..line-height: 140%!important;..font-size: 90%.}..subjectheader {..font-size: 26px!important;..margin-top: 1em;..margin-bottom: 1em;..text-align: center.}..pullleft {..float: left.}..news { margin-top: 0 !important; }..news p {..font-size: 95%;..line-height: 140%!important.}..highlight {..float: left;..text-transform: uppercase;..color: #666;..width: 98%;..margin-bottom: 4%;..p
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\index_files_top1dlaxtgy[1].jpgProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1180x680, frames 3
Category: downloaded
Size (bytes): 47522
Entropy (8bit): 7.963763221954084
Encrypted: false
SSDEEP: 768:9LVNkvm1Fm3z9bz8LSynvYtPZtxsf8e0Kthl9c/B3goXGaKqJE8Iv3sYDy5Tn+KO:BV++2z9WSu4PfO0w+tjk8YD8rDy
MD5: 779B48401DCAA6A0A129D603C430E5B8
SHA1: 5CE06659D34DE37D751B35E9A392E27B9306F03E
SHA-256: BD22589B43FCDD0A381D113456F0078AB03FDF7BF4292799D88ADE03BBD740BF
SHA-512: DD9B0DFA7F9F191ED59451CB63F86DDD43C75759D1706726B69E97BB1E149BBCB0EECA326E713059B53A3EC12703FA881B42E47DD08D46359F77C64D824C2D84
Malicious: false
Reputation: low
IE Cache URL: https://thediet4slim.world/static/diet/fr/gala/v2/images/index_files_top1dlaxtgy.jpg
Copyright Joe Security LLC 2021 Page 41 of 51
Static File Info
No static file info
Network Port Distribution
Preview:......JFIF................................................. $.' ",#..(7),01444.'9=82<.342...........2!.!22222222222222222222222222222222222222222222222222...........".................................................)T...J.J.ZYJ.."$ .(..D.H..."[email protected](.....$DH...$H.R.T...V..R.........=..|[........". B"D...D..."DC...UZU....T...I..~y..;..]Xe.X......!...D."D...$DuR.......j.....F.;...G..Zv.j.....?./......DDI.$I"D...D:.J..V..UUUJP(.Lt.W..}........k..jj.......B$D."I"D..$D:..U..j.ij.ZP.!.|....}.'...|~....k.......g._..( .DD.$I$H."D.....V..j.U*.J..c......./.....o....c=.{...<...........$.$D...J.U.....R....|..:..z8...\...=;..\.....{...s.......I.I$I.D...UV..j.V....(.L?1.5.N~.Ow...............g....._........D.I"I.$....V..V...JQe."|..yyn....}.O...;...^....../W.....7..!..$I$..I.D.#.......Z..J..#.....V...?................}...~..J..B.$.$.1b.1H..UKV........D..>#?3wN[.e.....<.G.?.......??..8q...v.P...$I$I$.F1.D.UZ.m...UTR..e.y....ua;...3...s.{^8............
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\index_files_top1dlaxtgy[1].jpg
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\mic1[1].jpgProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 715x429, frames 3
Category: downloaded
Size (bytes): 23082
Entropy (8bit): 7.970024354067792
Encrypted: false
SSDEEP: 384:em6/eL9Uf02r4ux6uSh1FLSSKgAfDtDILlCkZVnaB+lvGhUnzuc3z3:emefNEuw1+1JDKmcUmyc3z
MD5: AD3A6404BFCB77275CA812A0E9FBEEA3
SHA1: 04DD5F6FC94ABA617FE3870F8563F954F0F0A40E
SHA-256: 4B3ED1FF0679965404A6306EBB9F404502A88E12B8459EBAAFFFBB9A353A669F
SHA-512: 09D4C86EB2A8260A3633B636317BBAD777F8D40C6FF7DF16F17CD369A49D0A2B4EB25BCCAE3733387511837D931AF95EA528F55A04E601C09A22A93085945FBE
Malicious: false
Reputation: low
IE Cache URL: https://thediet4slim.world/static/diet/fr/gala/v2/images/mic1.jpg
Preview:......JFIF...................................................( ..%...!1!%)+.....383-7(-.+...........+...--++++++-+-+-+--+--+-++-----------+----8-778-7---+..........."...............................................UUDJ.Eu.,..6.....CH.. ....Mx.N..I.......B{$..]uT....`m....$.I$bL.HI.A...+.........$.U}..*[email protected](...c.$...C..$....&.S...X....m.uB..UU\..DP....,a&C.1...E.`.J.[4....7....qUj.\.e.6*..R...R..(:....s.0...!.I....>..yss....1..*..aT{.hP...UW&.J..uY....2I.i.1 ..".;.{....v>...b.....^l.j.lUUTZ..+A..l.Ba,a%...;334d.S.jk.W#.n6_S..5.{,r..|Y....B*.uW..V....K=.....=.k.A..B....~...y.v.G5}...!aFZm......]U.).......n{...b.a...W......+.......=OE.X.%.R.{m~..TT...Q.&Z.:..m.....b.3."..@U......].....U.g?Oc..Y...."*.%U..$.G[..C.m.k...........T...F.....R...;....!%...m.".%U..F~._.9.{.....b...X...$..._..{...}Y..~o...zb..$.a....]i.-]....:............{...9;..Y.H../..v...<..G.^..?3...&Nj. ......Rs...;x9......8.....g....ti..}..*..._in..p..;.8M....t.~.78.. ...+...c.
Network Behavior
Timestamp Source IP Dest IP Trans ID OP Code Name Type Class
Jun 15, 2021 00:29:36.670751095 CEST 192.168.2.3 8.8.8.8 0x9e1e Standard query (0)
bit.ly A (IP address) IN (0x0001)
Jun 15, 2021 00:29:37.063601971 CEST 192.168.2.3 8.8.8.8 0x22d3 Standard query (0)
www.saildigital.uk A (IP address) IN (0x0001)
Jun 15, 2021 00:29:40.649817944 CEST 192.168.2.3 8.8.8.8 0x7f85 Standard query (0)
thediet4slim.world
A (IP address) IN (0x0001)
Jun 15, 2021 00:29:52.934926033 CEST 192.168.2.3 8.8.8.8 0x6def Standard query (0)
thediet4slim.world
A (IP address) IN (0x0001)
Jun 15, 2021 00:29:56.433249950 CEST 192.168.2.3 8.8.8.8 0x7c25 Standard query (0)
thecompleteketo.com
A (IP address) IN (0x0001)
Jun 15, 2021 00:29:57.240458965 CEST 192.168.2.3 8.8.8.8 0xb41d Standard query (0)
polyfill.io A (IP address) IN (0x0001)
Jun 15, 2021 00:29:57.252991915 CEST 192.168.2.3 8.8.8.8 0xfc50 Standard query (0)
cdn.trackjs.com A (IP address) IN (0x0001)
Jun 15, 2021 00:29:59.044282913 CEST 192.168.2.3 8.8.8.8 0xd377 Standard query (0)
usage.trackjs.com
A (IP address) IN (0x0001)
TCP Packets
UDP Packets
DNS Queries
Copyright Joe Security LLC 2021 Page 42 of 51
Jun 15, 2021 00:29:59.594798088 CEST 192.168.2.3 8.8.8.8 0x2a98 Standard query (0)
stats.g.doubleclick.net
A (IP address) IN (0x0001)
Jun 15, 2021 00:29:59.670568943 CEST 192.168.2.3 8.8.8.8 0xf583 Standard query (0)
www.google.ch A (IP address) IN (0x0001)
Jun 15, 2021 00:29:59.994935989 CEST 192.168.2.3 8.8.8.8 0x65f7 Standard query (0)
www.google.de A (IP address) IN (0x0001)
Timestamp Source IP Dest IP Trans ID OP Code Name Type Class
Timestamp Source IP Dest IP Trans ID Reply Code Name CName Address Type Class
Jun 15, 2021 00:29:36.723818064 CEST
8.8.8.8 192.168.2.3 0x9e1e No error (0) bit.ly 67.199.248.11 A (IP address) IN (0x0001)
Jun 15, 2021 00:29:36.723818064 CEST
8.8.8.8 192.168.2.3 0x9e1e No error (0) bit.ly 67.199.248.10 A (IP address) IN (0x0001)
Jun 15, 2021 00:29:37.130062103 CEST
8.8.8.8 192.168.2.3 0x22d3 No error (0) www.saildigital.uk
172.67.195.5 A (IP address) IN (0x0001)
Jun 15, 2021 00:29:37.130062103 CEST
8.8.8.8 192.168.2.3 0x22d3 No error (0) www.saildigital.uk
104.21.68.113 A (IP address) IN (0x0001)
Jun 15, 2021 00:29:40.712404013 CEST
8.8.8.8 192.168.2.3 0x7f85 No error (0) thediet4slim.world
23.227.194.245 A (IP address) IN (0x0001)
Jun 15, 2021 00:29:52.993753910 CEST
8.8.8.8 192.168.2.3 0x6def No error (0) thediet4slim.world
23.227.194.245 A (IP address) IN (0x0001)
Jun 15, 2021 00:29:56.494648933 CEST
8.8.8.8 192.168.2.3 0x7c25 No error (0) thecompleteketo.com
178.62.35.58 A (IP address) IN (0x0001)
Jun 15, 2021 00:29:57.290735960 CEST
8.8.8.8 192.168.2.3 0xb41d No error (0) polyfill.io 151.101.1.26 A (IP address) IN (0x0001)
Jun 15, 2021 00:29:57.290735960 CEST
8.8.8.8 192.168.2.3 0xb41d No error (0) polyfill.io 151.101.65.26 A (IP address) IN (0x0001)
Jun 15, 2021 00:29:57.290735960 CEST
8.8.8.8 192.168.2.3 0xb41d No error (0) polyfill.io 151.101.129.26 A (IP address) IN (0x0001)
Jun 15, 2021 00:29:57.290735960 CEST
8.8.8.8 192.168.2.3 0xb41d No error (0) polyfill.io 151.101.193.26 A (IP address) IN (0x0001)
Jun 15, 2021 00:29:57.316093922 CEST
8.8.8.8 192.168.2.3 0xfc50 No error (0) cdn.trackjs.com cdn.trackjs.netdna-cdn.com
CNAME (Canonical name)
IN (0x0001)
Jun 15, 2021 00:29:57.316093922 CEST
8.8.8.8 192.168.2.3 0xfc50 No error (0) cdn.trackjs.netdna-cdn.com
94.31.29.32 A (IP address) IN (0x0001)
Jun 15, 2021 00:29:59.094544888 CEST
8.8.8.8 192.168.2.3 0xd377 No error (0) usage.trackjs.com
158.69.52.117 A (IP address) IN (0x0001)
Jun 15, 2021 00:29:59.094544888 CEST
8.8.8.8 192.168.2.3 0xd377 No error (0) usage.trackjs.com
167.114.119.127 A (IP address) IN (0x0001)
Jun 15, 2021 00:29:59.094544888 CEST
8.8.8.8 192.168.2.3 0xd377 No error (0) usage.trackjs.com
138.197.155.84 A (IP address) IN (0x0001)
Jun 15, 2021 00:29:59.094544888 CEST
8.8.8.8 192.168.2.3 0xd377 No error (0) usage.trackjs.com
51.89.217.92 A (IP address) IN (0x0001)
Jun 15, 2021 00:29:59.657409906 CEST
8.8.8.8 192.168.2.3 0x2a98 No error (0) stats.g.doubleclick.net
stats.l.doubleclick.net CNAME (Canonical name)
IN (0x0001)
Jun 15, 2021 00:29:59.657409906 CEST
8.8.8.8 192.168.2.3 0x2a98 No error (0) stats.l.doubleclick.net
142.250.102.157 A (IP address) IN (0x0001)
Jun 15, 2021 00:29:59.657409906 CEST
8.8.8.8 192.168.2.3 0x2a98 No error (0) stats.l.doubleclick.net
142.250.102.155 A (IP address) IN (0x0001)
Jun 15, 2021 00:29:59.657409906 CEST
8.8.8.8 192.168.2.3 0x2a98 No error (0) stats.l.doubleclick.net
142.250.102.154 A (IP address) IN (0x0001)
Jun 15, 2021 00:29:59.657409906 CEST
8.8.8.8 192.168.2.3 0x2a98 No error (0) stats.l.doubleclick.net
142.250.102.156 A (IP address) IN (0x0001)
DNS Answers
Copyright Joe Security LLC 2021 Page 43 of 51
Jun 15, 2021 00:29:59.738749981 CEST
8.8.8.8 192.168.2.3 0xf583 No error (0) www.google.ch 172.217.20.3 A (IP address) IN (0x0001)
Jun 15, 2021 00:30:00.057742119 CEST
8.8.8.8 192.168.2.3 0x65f7 No error (0) www.google.de 172.217.16.99 A (IP address) IN (0x0001)
Timestamp Source IP Dest IP Trans ID Reply Code Name CName Address Type Class
www.saildigital.uk
thediet4slim.world
Session ID Source IP Source Port Destination IP Destination Port Process
0 192.168.2.3 49714 172.67.195.5 80 C:\Program Files (x86)\Internet Explorer\iexplore.exe
TimestampkBytestransferred Direction Data
Jun 15, 2021 00:29:37.176496029 CEST
1155 OUT GET /dciuoodv/rrmhfcjs.html?ku4tgs6j3vd1.php?ujtzkr18vqrd HTTP/1.1Accept: text/html, application/xhtml+xml, image/jxr, */*Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateConnection: Keep-AliveHost: www.saildigital.uk
Jun 15, 2021 00:29:37.230629921 CEST
1156 IN HTTP/1.1 301 Moved PermanentlyDate: Mon, 14 Jun 2021 22:29:37 GMTTransfer-Encoding: chunkedConnection: keep-aliveCache-Control: max-age=3600Expires: Mon, 14 Jun 2021 23:29:37 GMTLocation: https://www.saildigital.uk/dciuoodv/rrmhfcjs.html?ku4tgs6j3vd1.php?ujtzkr18vqrdcf-request-id: 0aae3e153800004e1940bcf000000001Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=TrCKzIbG2hl5vYDngGX8hKIDbxOol%2FL9vcZSxjTI5Wu%2FHAhukTloEOSK%2B9bcGX2b07dNWQrh%2FpLLwRkLTia9tkTDJAx5XBRRkb9fSrwxs4GhCLyJ%2FOq5%2BTu47wqDzUhj"}],"group":"cf-nel","max_age":604800}NEL: {"report_to":"cf-nel","max_age":604800}Vary: Accept-EncodingServer: cloudflareCF-RAY: 65f6ff9b8c6c4e19-FRAalt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400Data Raw: 30 0d 0a 0d 0a Data Ascii: 0
Session ID Source IP Source Port Destination IP Destination Port Process
1 192.168.2.3 49720 23.227.194.245 80 C:\Program Files (x86)\Internet Explorer\iexplore.exe
TimestampkBytestransferred Direction Data
Jun 15, 2021 00:29:40.873816967 CEST
1199 OUT GET /?a=1nod&c=d&s=1306 HTTP/1.1Accept: text/html, application/xhtml+xml, image/jxr, */*Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: thediet4slim.worldConnection: Keep-Alive
Jun 15, 2021 00:29:41.029551983 CEST
1201 IN HTTP/1.1 301 Moved PermanentlyServer: nginx/1.12.2Date: Mon, 14 Jun 2021 22:29:40 GMTContent-Type: text/htmlContent-Length: 185Connection: keep-aliveLocation: https://thediet4slim.world/?a=1nod&c=d&s=1306Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body bgcolor="white"><center><h1>301 Moved Permanently</h1></center><hr><center>nginx/1.12.2</center></body></html>
HTTP Request Dependency Graph
HTTP Packets
Copyright Joe Security LLC 2021 Page 44 of 51
Timestamp Source IPSourcePort Dest IP
DestPort Subject Issuer
NotBefore
NotAfter
JA3 SSL ClientFingerprint JA3 SSL Client Digest
Jun 15, 2021 00:29:36.856353045 CEST
67.199.248.11 443 192.168.2.3 49712 CN=bit.ly, O="Bitly, Inc.", L=New York, ST=New York, C=US, SERIALNUMBER=4627013, OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, OID.1.3.6.1.4.1.311.60.2.1.3=US, OID.2.5.4.15=Private Organization CN=DigiCert SHA2 Extended Validation Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US
CN=DigiCert SHA2 Extended Validation Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Wed Aug 05 02:00:00 CEST 2020 Tue Oct 22 14:00:00 CEST 2013
Tue Aug 10 14:00:00 CEST 2021 Sun Oct 22 14:00:00 CEST 2028
771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0
9e10692f1b7f78228b2d4e424db3a98c
CN=DigiCert SHA2 Extended Validation Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US
CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Tue Oct 22 14:00:00 CEST 2013
Sun Oct 22 14:00:00 CEST 2028
Jun 15, 2021 00:29:36.859894991 CEST
67.199.248.11 443 192.168.2.3 49713 CN=bit.ly, O="Bitly, Inc.", L=New York, ST=New York, C=US, SERIALNUMBER=4627013, OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, OID.1.3.6.1.4.1.311.60.2.1.3=US, OID.2.5.4.15=Private Organization CN=DigiCert SHA2 Extended Validation Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US
CN=DigiCert SHA2 Extended Validation Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Wed Aug 05 02:00:00 CEST 2020 Tue Oct 22 14:00:00 CEST 2013
Tue Aug 10 14:00:00 CEST 2021 Sun Oct 22 14:00:00 CEST 2028
771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0
9e10692f1b7f78228b2d4e424db3a98c
CN=DigiCert SHA2 Extended Validation Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US
CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Tue Oct 22 14:00:00 CEST 2013
Sun Oct 22 14:00:00 CEST 2028
Jun 15, 2021 00:29:37.331839085 CEST
172.67.195.5 443 192.168.2.3 49716 CN=sni.cloudflaressl.com, O="Cloudflare, Inc.", L=San Francisco, ST=CA, C=US CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US
CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE
Thu Jul 16 02:00:00 CEST 2020 Mon Jan 27 13:48:08 CET 2020
Fri Jul 16 14:00:00 CEST 2021 Wed Jan 01 00:59:59 CET 2025
771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0
9e10692f1b7f78228b2d4e424db3a98c
CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US
CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE
Mon Jan 27 13:48:08 CET 2020
Wed Jan 01 00:59:59 CET 2025
Jun 15, 2021 00:29:41.357834101 CEST
23.227.194.245 443 192.168.2.3 49722 CN=thediet4slim.world CN=R3, O=Let's Encrypt, C=US CN=ISRG Root X1, O=Internet Security Research Group, C=US
CN=R3, O=Let's Encrypt, C=US CN=ISRG Root X1, O=Internet Security Research Group, C=US CN=DST Root CA X3, O=Digital Signature Trust Co.
Mon May 10 15:27:52 CEST 2021 Fri Sep 04 02:00:00 CEST 2020 Wed Jan 20 20:14:03 CET 2021
Sun Aug 08 15:27:52 CEST 2021 Mon Sep 15 18:00:00 CEST 2025 Mon Sep 30 20:14:03 CEST 2024
771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0
9e10692f1b7f78228b2d4e424db3a98c
CN=R3, O=Let's Encrypt, C=US
CN=ISRG Root X1, O=Internet Security Research Group, C=US
Fri Sep 04 02:00:00 CEST 2020
Mon Sep 15 18:00:00 CEST 2025
CN=ISRG Root X1, O=Internet Security Research Group, C=US
CN=DST Root CA X3, O=Digital Signature Trust Co.
Wed Jan 20 20:14:03 CET 2021
Mon Sep 30 20:14:03 CEST 2024
HTTPS Packets
Copyright Joe Security LLC 2021 Page 45 of 51
Jun 15, 2021 00:29:53.324139118 CEST
23.227.194.245 443 192.168.2.3 49730 CN=thediet4slim.world CN=R3, O=Let's Encrypt, C=US CN=ISRG Root X1, O=Internet Security Research Group, C=US
CN=R3, O=Let's Encrypt, C=US CN=ISRG Root X1, O=Internet Security Research Group, C=US CN=DST Root CA X3, O=Digital Signature Trust Co.
Mon May 10 15:27:52 CEST 2021 Fri Sep 04 02:00:00 CEST 2020 Wed Jan 20 20:14:03 CET 2021
Sun Aug 08 15:27:52 CEST 2021 Mon Sep 15 18:00:00 CEST 2025 Mon Sep 30 20:14:03 CEST 2024
771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,0
37f463bf4616ecd445d4a1937da06e19
CN=R3, O=Let's Encrypt, C=US
CN=ISRG Root X1, O=Internet Security Research Group, C=US
Fri Sep 04 02:00:00 CEST 2020
Mon Sep 15 18:00:00 CEST 2025
CN=ISRG Root X1, O=Internet Security Research Group, C=US
CN=DST Root CA X3, O=Digital Signature Trust Co.
Wed Jan 20 20:14:03 CET 2021
Mon Sep 30 20:14:03 CEST 2024
Jun 15, 2021 00:29:56.618527889 CEST
178.62.35.58 443 192.168.2.3 49732 CN=thecompleteketo.com CN=Sectigo RSA Domain Validation Secure Server CA, O=Sectigo Limited, L=Salford, ST=Greater Manchester, C=GB CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB
CN=Sectigo RSA Domain Validation Secure Server CA, O=Sectigo Limited, L=Salford, ST=Greater Manchester, C=GB CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB
Thu Mar 04 01:00:00 CET 2021 Fri Nov 02 01:00:00 CET 2018 Tue Mar 12 01:00:00 CET 2019 Thu Jan 01 01:00:00 CET 2004
Thu Feb 24 00:59:59 CET 2022 Wed Jan 01 00:59:59 CET 2031 Mon Jan 01 00:59:59 CET 2029 Mon Jan 01 00:59:59 CET 2029
771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0
9e10692f1b7f78228b2d4e424db3a98c
CN=Sectigo RSA Domain Validation Secure Server CA, O=Sectigo Limited, L=Salford, ST=Greater Manchester, C=GB
CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US
Fri Nov 02 01:00:00 CET 2018
Wed Jan 01 00:59:59 CET 2031
CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US
CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB
Tue Mar 12 01:00:00 CET 2019
Mon Jan 01 00:59:59 CET 2029
CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB
CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB
Thu Jan 01 01:00:00 CET 2004
Mon Jan 01 00:59:59 CET 2029
Jun 15, 2021 00:29:56.620656013 CEST
178.62.35.58 443 192.168.2.3 49733 CN=thecompleteketo.com CN=Sectigo RSA Domain Validation Secure Server CA, O=Sectigo Limited, L=Salford, ST=Greater Manchester, C=GB CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB
CN=Sectigo RSA Domain Validation Secure Server CA, O=Sectigo Limited, L=Salford, ST=Greater Manchester, C=GB CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB
Thu Mar 04 01:00:00 CET 2021 Fri Nov 02 01:00:00 CET 2018 Tue Mar 12 01:00:00 CET 2019 Thu Jan 01 01:00:00 CET 2004
Thu Feb 24 00:59:59 CET 2022 Wed Jan 01 00:59:59 CET 2031 Mon Jan 01 00:59:59 CET 2029 Mon Jan 01 00:59:59 CET 2029
771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0
9e10692f1b7f78228b2d4e424db3a98c
Timestamp Source IPSourcePort Dest IP
DestPort Subject Issuer
NotBefore
NotAfter
JA3 SSL ClientFingerprint JA3 SSL Client Digest
Copyright Joe Security LLC 2021 Page 46 of 51
CN=Sectigo RSA Domain Validation Secure Server CA, O=Sectigo Limited, L=Salford, ST=Greater Manchester, C=GB
CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US
Fri Nov 02 01:00:00 CET 2018
Wed Jan 01 00:59:59 CET 2031
CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US
CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB
Tue Mar 12 01:00:00 CET 2019
Mon Jan 01 00:59:59 CET 2029
CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB
CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB
Thu Jan 01 01:00:00 CET 2004
Mon Jan 01 00:59:59 CET 2029
Jun 15, 2021 00:29:57.392318010 CEST
151.101.1.26 443 192.168.2.3 49734 CN=polyfill.io CN=GlobalSign Atlas R3 DV TLS CA 2020, O=GlobalSign nv-sa, C=BE
CN=GlobalSign Atlas R3 DV TLS CA 2020, O=GlobalSign nv-sa, C=BE CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3
Fri Jun 04 21:31:46 CEST 2021 Tue Jul 28 02:00:00 CEST 2020
Wed Jul 06 21:31:45 CEST 2022 Sun Mar 18 01:00:00 CET 2029
771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0
9e10692f1b7f78228b2d4e424db3a98c
CN=GlobalSign Atlas R3 DV TLS CA 2020, O=GlobalSign nv-sa, C=BE
CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3
Tue Jul 28 02:00:00 CEST 2020
Sun Mar 18 01:00:00 CET 2029
Jun 15, 2021 00:29:57.393436909 CEST
151.101.1.26 443 192.168.2.3 49735 CN=polyfill.io CN=GlobalSign Atlas R3 DV TLS CA 2020, O=GlobalSign nv-sa, C=BE
CN=GlobalSign Atlas R3 DV TLS CA 2020, O=GlobalSign nv-sa, C=BE CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3
Fri Jun 04 21:31:46 CEST 2021 Tue Jul 28 02:00:00 CEST 2020
Wed Jul 06 21:31:45 CEST 2022 Sun Mar 18 01:00:00 CET 2029
771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0
9e10692f1b7f78228b2d4e424db3a98c
CN=GlobalSign Atlas R3 DV TLS CA 2020, O=GlobalSign nv-sa, C=BE
CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3
Tue Jul 28 02:00:00 CEST 2020
Sun Mar 18 01:00:00 CET 2029
Jun 15, 2021 00:29:57.419742107 CEST
94.31.29.32 443 192.168.2.3 49738 CN=*.trackjs.com CN=RapidSSL RSA CA 2018, OU=www.digicert.com, O=DigiCert Inc, C=US
CN=RapidSSL RSA CA 2018, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Tue Jun 11 02:00:00 CEST 2019 Mon Nov 06 13:23:33 CET 2017
Thu Sep 09 14:00:00 CEST 2021 Sat Nov 06 13:23:33 CET 2027
771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0
9e10692f1b7f78228b2d4e424db3a98c
CN=RapidSSL RSA CA 2018, OU=www.digicert.com, O=DigiCert Inc, C=US
CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Mon Nov 06 13:23:33 CET 2017
Sat Nov 06 13:23:33 CET 2027
Jun 15, 2021 00:29:57.419859886 CEST
94.31.29.32 443 192.168.2.3 49739 CN=*.trackjs.com CN=RapidSSL RSA CA 2018, OU=www.digicert.com, O=DigiCert Inc, C=US
CN=RapidSSL RSA CA 2018, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Tue Jun 11 02:00:00 CEST 2019 Mon Nov 06 13:23:33 CET 2017
Thu Sep 09 14:00:00 CEST 2021 Sat Nov 06 13:23:33 CET 2027
771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0
9e10692f1b7f78228b2d4e424db3a98c
CN=RapidSSL RSA CA 2018, OU=www.digicert.com, O=DigiCert Inc, C=US
CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Mon Nov 06 13:23:33 CET 2017
Sat Nov 06 13:23:33 CET 2027
Timestamp Source IPSourcePort Dest IP
DestPort Subject Issuer
NotBefore
NotAfter
JA3 SSL ClientFingerprint JA3 SSL Client Digest
Copyright Joe Security LLC 2021 Page 47 of 51
Jun 15, 2021 00:29:59.714632034 CEST
158.69.52.117 443 192.168.2.3 49749 CN=*.trackjs.com CN=RapidSSL RSA CA 2018, OU=www.digicert.com, O=DigiCert Inc, C=US
CN=RapidSSL RSA CA 2018, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Tue Jun 11 02:00:00 CEST 2019 Mon Nov 06 13:23:33 CET 2017
Thu Sep 09 14:00:00 CEST 2021 Sat Nov 06 13:23:33 CET 2027
771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0
9e10692f1b7f78228b2d4e424db3a98c
CN=RapidSSL RSA CA 2018, OU=www.digicert.com, O=DigiCert Inc, C=US
CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Mon Nov 06 13:23:33 CET 2017
Sat Nov 06 13:23:33 CET 2027
Jun 15, 2021 00:29:59.715986013 CEST
158.69.52.117 443 192.168.2.3 49751 CN=*.trackjs.com CN=RapidSSL RSA CA 2018, OU=www.digicert.com, O=DigiCert Inc, C=US
CN=RapidSSL RSA CA 2018, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Tue Jun 11 02:00:00 CEST 2019 Mon Nov 06 13:23:33 CET 2017
Thu Sep 09 14:00:00 CEST 2021 Sat Nov 06 13:23:33 CET 2027
771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0
9e10692f1b7f78228b2d4e424db3a98c
CN=RapidSSL RSA CA 2018, OU=www.digicert.com, O=DigiCert Inc, C=US
CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Mon Nov 06 13:23:33 CET 2017
Sat Nov 06 13:23:33 CET 2027
Jun 15, 2021 00:29:59.786973953 CEST
142.250.102.157 443 192.168.2.3 49755 CN=*.g.doubleclick.net, O=Google LLC, L=Mountain View, ST=California, C=US CN=GTS CA 1O1, O=Google Trust Services, C=US
CN=GTS CA 1O1, O=Google Trust Services, C=US CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2
Mon May 17 03:34:10 CEST 2021 Thu Jun 15 02:00:42 CEST 2017
Mon Aug 09 03:34:09 CEST 2021 Wed Dec 15 01:00:42 CET 2021
771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0
9e10692f1b7f78228b2d4e424db3a98c
CN=GTS CA 1O1, O=Google Trust Services, C=US
CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2
Thu Jun 15 02:00:42 CEST 2017
Wed Dec 15 01:00:42 CET 2021
Jun 15, 2021 00:29:59.789201021 CEST
142.250.102.157 443 192.168.2.3 49754 CN=*.g.doubleclick.net, O=Google LLC, L=Mountain View, ST=California, C=US CN=GTS CA 1O1, O=Google Trust Services, C=US
CN=GTS CA 1O1, O=Google Trust Services, C=US CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2
Mon May 17 03:34:10 CEST 2021 Thu Jun 15 02:00:42 CEST 2017
Mon Aug 09 03:34:09 CEST 2021 Wed Dec 15 01:00:42 CET 2021
771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0
9e10692f1b7f78228b2d4e424db3a98c
CN=GTS CA 1O1, O=Google Trust Services, C=US
CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2
Thu Jun 15 02:00:42 CEST 2017
Wed Dec 15 01:00:42 CET 2021
Jun 15, 2021 00:29:59.883745909 CEST
172.217.20.3 443 192.168.2.3 49756 CN=*.google.ch CN=GTS CA 1C3, O=Google Trust Services LLC, C=US CN=GTS Root R1, O=Google Trust Services LLC, C=US
CN=GTS CA 1C3, O=Google Trust Services LLC, C=US CN=GTS Root R1, O=Google Trust Services LLC, C=US CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE
Mon May 17 06:37:25 CEST 2021 Thu Aug 13 02:00:42 CEST 2020 Fri Jun 19 02:00:42 CEST 2020
Mon Aug 09 06:37:24 CEST 2021 Thu Sep 30 02:00:42 CEST 2027 Fri Jan 28 01:00:42 CET 2028
771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0
9e10692f1b7f78228b2d4e424db3a98c
CN=GTS CA 1C3, O=Google Trust Services LLC, C=US
CN=GTS Root R1, O=Google Trust Services LLC, C=US
Thu Aug 13 02:00:42 CEST 2020
Thu Sep 30 02:00:42 CEST 2027
CN=GTS Root R1, O=Google Trust Services LLC, C=US
CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE
Fri Jun 19 02:00:42 CEST 2020
Fri Jan 28 01:00:42 CET 2028
Timestamp Source IPSourcePort Dest IP
DestPort Subject Issuer
NotBefore
NotAfter
JA3 SSL ClientFingerprint JA3 SSL Client Digest
Copyright Joe Security LLC 2021 Page 48 of 51
Code Manipulations
Jun 15, 2021 00:29:59.883919954 CEST
172.217.20.3 443 192.168.2.3 49757 CN=*.google.ch CN=GTS CA 1C3, O=Google Trust Services LLC, C=US CN=GTS Root R1, O=Google Trust Services LLC, C=US
CN=GTS CA 1C3, O=Google Trust Services LLC, C=US CN=GTS Root R1, O=Google Trust Services LLC, C=US CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE
Mon May 17 06:37:25 CEST 2021 Thu Aug 13 02:00:42 CEST 2020 Fri Jun 19 02:00:42 CEST 2020
Mon Aug 09 06:37:24 CEST 2021 Thu Sep 30 02:00:42 CEST 2027 Fri Jan 28 01:00:42 CET 2028
771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0
9e10692f1b7f78228b2d4e424db3a98c
CN=GTS CA 1C3, O=Google Trust Services LLC, C=US
CN=GTS Root R1, O=Google Trust Services LLC, C=US
Thu Aug 13 02:00:42 CEST 2020
Thu Sep 30 02:00:42 CEST 2027
CN=GTS Root R1, O=Google Trust Services LLC, C=US
CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE
Fri Jun 19 02:00:42 CEST 2020
Fri Jan 28 01:00:42 CET 2028
Jun 15, 2021 00:30:00.219239950 CEST
172.217.16.99 443 192.168.2.3 49760 CN=www.google.de CN=GTS CA 1C3, O=Google Trust Services LLC, C=US CN=GTS Root R1, O=Google Trust Services LLC, C=US
CN=GTS CA 1C3, O=Google Trust Services LLC, C=US CN=GTS Root R1, O=Google Trust Services LLC, C=US CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE
Mon May 17 05:22:24 CEST 2021 Thu Aug 13 02:00:42 CEST 2020 Fri Jun 19 02:00:42 CEST 2020
Mon Aug 09 05:22:23 CEST 2021 Thu Sep 30 02:00:42 CEST 2027 Fri Jan 28 01:00:42 CET 2028
771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0
9e10692f1b7f78228b2d4e424db3a98c
CN=GTS CA 1C3, O=Google Trust Services LLC, C=US
CN=GTS Root R1, O=Google Trust Services LLC, C=US
Thu Aug 13 02:00:42 CEST 2020
Thu Sep 30 02:00:42 CEST 2027
CN=GTS Root R1, O=Google Trust Services LLC, C=US
CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE
Fri Jun 19 02:00:42 CEST 2020
Fri Jan 28 01:00:42 CET 2028
Jun 15, 2021 00:30:00.219490051 CEST
172.217.16.99 443 192.168.2.3 49761 CN=www.google.de CN=GTS CA 1C3, O=Google Trust Services LLC, C=US CN=GTS Root R1, O=Google Trust Services LLC, C=US
CN=GTS CA 1C3, O=Google Trust Services LLC, C=US CN=GTS Root R1, O=Google Trust Services LLC, C=US CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE
Mon May 17 05:22:24 CEST 2021 Thu Aug 13 02:00:42 CEST 2020 Fri Jun 19 02:00:42 CEST 2020
Mon Aug 09 05:22:23 CEST 2021 Thu Sep 30 02:00:42 CEST 2027 Fri Jan 28 01:00:42 CET 2028
771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0
9e10692f1b7f78228b2d4e424db3a98c
CN=GTS CA 1C3, O=Google Trust Services LLC, C=US
CN=GTS Root R1, O=Google Trust Services LLC, C=US
Thu Aug 13 02:00:42 CEST 2020
Thu Sep 30 02:00:42 CEST 2027
CN=GTS Root R1, O=Google Trust Services LLC, C=US
CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE
Fri Jun 19 02:00:42 CEST 2020
Fri Jan 28 01:00:42 CET 2028
Timestamp Source IPSourcePort Dest IP
DestPort Subject Issuer
NotBefore
NotAfter
JA3 SSL ClientFingerprint JA3 SSL Client Digest
Copyright Joe Security LLC 2021 Page 49 of 51
Statistics
Behavior
Click to jump to process
System Behavior
Disassembly
File ActivitiesFile Activities
Registry ActivitiesRegistry Activities
Start time: 00:29:34
Start date: 15/06/2021
Path: C:\Program Files\internet explorer\iexplore.exe
Wow64 process (32bit): false
Commandline: 'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding
Imagebase: 0x7ff7d9090000
File size: 823560 bytes
MD5 hash: 6465CB92B25A7BC1DF8E01D8AC5E7596
Has elevated privileges: true
Has administrator privileges: true
Programmed in: C, C++ or other language
Reputation: low
Show Windows behavior
Show Windows behavior
File ActivitiesFile Activities
Registry ActivitiesRegistry Activities
Start time: 00:29:35
Start date: 15/06/2021
Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe
Wow64 process (32bit): true
Commandline: 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:3396 CREDAT:17410 /prefetch:2
Imagebase: 0xc90000
File size: 822536 bytes
MD5 hash: 071277CC2E3DF41EEEA8013E2AB58D5A
Has elevated privileges: true
Has administrator privileges: true
Programmed in: C, C++ or other language
Reputation: low
Show Windows behavior
Show Windows behavior
Analysis Process: iexplore.exe PID: 3396 Parent PID: 792Analysis Process: iexplore.exe PID: 3396 Parent PID: 792
General
Analysis Process: iexplore.exe PID: 5660 Parent PID: 3396Analysis Process: iexplore.exe PID: 5660 Parent PID: 3396
General
Copyright Joe Security LLC 2021 Page 50 of 51
Joe Sandbox Cloud Basic 32.0.0 Black DiamondCopyright Joe Security LLC
Copyright Joe Security LLC 2021 Page 51 of 51