Joe Sandbox Cloud Basic Analysis Report
Edit tour

Windows Analysis Report
Invoice Number INV132146-1.pdf

Overview

General Information

Sample name:Invoice Number INV132146-1.pdf
Analysis ID:1648015
MD5:786bb21da0bc0a7a90278e99818d59a9
SHA1:1b63a43223fa7a5d275d0b3631bee54fe8ca181c
SHA256:3f193b89c9274026c94b4da74272c7160f1c6f76d5a64594ebb66b103d1e38d2
Infos:

Detection

Score:60
Range:0 - 100
Confidence:100%

Signatures

Antivirus detection for URL or domain
Multi AV Scanner detection for submitted file
AI detected landing page (webpage, office document or email)

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious

Process Tree

  • System is w10x64_ra
  • Acrobat.exe (PID: 6368 cmdline: "C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Desktop\Invoice Number INV132146-1.pdf" MD5: 24EAD1C46A47022347DC0F05F6EFBB8C)
    • AcroCEF.exe (PID: 6544 cmdline: "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE)
      • AcroCEF.exe (PID: 6772 cmdline: "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=1660 --field-trial-handle=1568,i,13601352295905747693,11957149661643920561,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE)
    • chrome.exe (PID: 2240 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://therapyforhappiness.co.uk/ra3.pdf MD5: E81F54E6C1129887AEA47E7D092680BF)
      • chrome.exe (PID: 7204 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1836,i,13471987997976031956,7984213507058439231,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2188 /prefetch:3 MD5: E81F54E6C1129887AEA47E7D092680BF)
  • cleanup

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

  • AV Detection
  • Phishing
  • Compliance
  • Software Vulnerabilities
  • Networking
  • System Summary
  • Hooking and other Techniques for Hiding and Protection
  • Malware Analysis System Evasion

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Source: https://therapyforhappiness.co.uk/ra3.pdfAvira URL Cloud: Label: malware
Source: Invoice Number INV132146-1.pdfVirustotal: Detection: 15%Perma Link
Source: Invoice Number INV132146-1.pdfReversingLabs: Detection: 25%

Phishing

barindex
Source: PDF documentJoe Sandbox AI: Page contains button: 'Open' Source: 'PDF document'
Source: PDF documentJoe Sandbox AI: PDF document contains prominent button: 'open'
Source: unknownHTTPS traffic detected: 185.199.220.71:443 -> 192.168.2.16:49718 version: TLS 1.2
Source: unknownHTTPS traffic detected: 185.199.220.71:443 -> 192.168.2.16:49717 version: TLS 1.2
Source: unknownHTTPS traffic detected: 185.199.220.71:443 -> 192.168.2.16:49719 version: TLS 1.2
Source: unknownHTTPS traffic detected: 185.199.220.71:443 -> 192.168.2.16:49720 version: TLS 1.2
Source: unknownHTTPS traffic detected: 142.251.40.196:443 -> 192.168.2.16:49745 version: TLS 1.2
Source: unknownHTTPS traffic detected: 185.199.220.71:443 -> 192.168.2.16:49756 version: TLS 1.2
Source: unknownHTTPS traffic detected: 108.138.106.34:443 -> 192.168.2.16:49765 version: TLS 1.2
Source: unknownHTTPS traffic detected: 185.199.220.71:443 -> 192.168.2.16:49773 version: TLS 1.2
Source: chrome.exeMemory has grown: Private usage: 1MB later: 31MB
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.80.67
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.80.67
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Microsoft-CryptoAPI/10.0Host: x1.i.lencr.org
Source: global trafficHTTP traffic detected: GET /ra3.pdf HTTP/1.1Host: therapyforhappiness.co.ukConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: hypnotherapyforhappiness.co.ukConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/formidable/css/formidableforms.css?ver=3171529 HTTP/1.1Host: hypnotherapyforhappiness.co.ukConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://hypnotherapyforhappiness.co.uk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-includes/css/dist/block-library/style.min.css?ver=6.7.2 HTTP/1.1Host: hypnotherapyforhappiness.co.ukConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://hypnotherapyforhappiness.co.uk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/animate-it/assets/css/block-style.css?ver=1719478577 HTTP/1.1Host: hypnotherapyforhappiness.co.ukConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://hypnotherapyforhappiness.co.uk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/animate-it/assets/css/animate-animo.css?ver=6.7.2 HTTP/1.1Host: hypnotherapyforhappiness.co.ukConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://hypnotherapyforhappiness.co.uk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/chaty/css/chaty-front.min.css?ver=3.3.81700739748 HTTP/1.1Host: hypnotherapyforhappiness.co.ukConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://hypnotherapyforhappiness.co.uk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-includes/css/dashicons.min.css?ver=6.7.2 HTTP/1.1Host: hypnotherapyforhappiness.co.ukConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://hypnotherapyforhappiness.co.uk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/to-top/public/css/to-top-public.css?ver=2.5.4 HTTP/1.1Host: hypnotherapyforhappiness.co.ukConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://hypnotherapyforhappiness.co.uk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/simply-schedule-appointments/assets/css/upcoming-appointments.css?ver=1.6.8.11 HTTP/1.1Host: hypnotherapyforhappiness.co.ukConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://hypnotherapyforhappiness.co.uk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/simply-schedule-appointments/assets/css/ssa-styles.css?ver=1.6.8.11 HTTP/1.1Host: hypnotherapyforhappiness.co.ukConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://hypnotherapyforhappiness.co.uk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/ultimate-addons-for-gutenberg/assets/css/spectra-block-positioning.min.css?ver=2.19.4 HTTP/1.1Host: hypnotherapyforhappiness.co.ukConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://hypnotherapyforhappiness.co.uk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/uag-plugin/assets/0/uag-css-51.css?ver=1742831628 HTTP/1.1Host: hypnotherapyforhappiness.co.ukConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://hypnotherapyforhappiness.co.uk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/mai-engine/assets/css/main.min.css?ver=2.35.1.2720251604 HTTP/1.1Host: hypnotherapyforhappiness.co.ukConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://hypnotherapyforhappiness.co.uk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/mai-engine/assets/css/header.min.css?ver=2.35.1.2720251604 HTTP/1.1Host: hypnotherapyforhappiness.co.ukConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://hypnotherapyforhappiness.co.uk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/mai-engine/assets/css/blocks.min.css?ver=2.35.1.2720251604 HTTP/1.1Host: hypnotherapyforhappiness.co.ukConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://hypnotherapyforhappiness.co.uk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/mai-engine/assets/css/utilities.min.css?ver=2.35.1.2720251604 HTTP/1.1Host: hypnotherapyforhappiness.co.ukConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://hypnotherapyforhappiness.co.uk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/mai-engine/assets/css/themes/success.min.css?ver=2.35.1.2720251604 HTTP/1.1Host: hypnotherapyforhappiness.co.ukConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://hypnotherapyforhappiness.co.uk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/mai-engine/assets/css/desktop.min.css?ver=2.35.1.2720251604 HTTP/1.1Host: hypnotherapyforhappiness.co.ukConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://hypnotherapyforhappiness.co.uk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/site-reviews/assets/styles/default.css?ver=7.2.6 HTTP/1.1Host: hypnotherapyforhappiness.co.ukConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://hypnotherapyforhappiness.co.uk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/fonts/hind/5aU69_a8oxmIdGl4BA.woff2 HTTP/1.1Host: hypnotherapyforhappiness.co.ukConnection: keep-aliveOrigin: https://hypnotherapyforhappiness.co.uksec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://hypnotherapyforhappiness.co.uk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/fonts/montserrat/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXo.woff2 HTTP/1.1Host: hypnotherapyforhappiness.co.ukConnection: keep-aliveOrigin: https://hypnotherapyforhappiness.co.uksec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://hypnotherapyforhappiness.co.uk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/cookie-law-info/lite/frontend/js/script.min.js?ver=3.2.8 HTTP/1.1Host: hypnotherapyforhappiness.co.ukConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://hypnotherapyforhappiness.co.uk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1Host: hypnotherapyforhappiness.co.ukConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://hypnotherapyforhappiness.co.uk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/2023/08/Screenshot-2023-08-24-at-08.58.04-768x278.png HTTP/1.1Host: hypnotherapyforhappiness.co.ukConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://hypnotherapyforhappiness.co.uk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/2023/08/sunflower-1.png HTTP/1.1Host: hypnotherapyforhappiness.co.ukConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://hypnotherapyforhappiness.co.uk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/mai-engine/assets/css/footer.min.css?ver=2.35.1.2720251604 HTTP/1.1Host: hypnotherapyforhappiness.co.ukConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://hypnotherapyforhappiness.co.uk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/2023/08/Screenshot-2023-08-24-at-08.58.04-768x278.png HTTP/1.1Host: hypnotherapyforhappiness.co.ukConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/themes/mai-success/style.css?ver=2.0.0.62720240856 HTTP/1.1Host: hypnotherapyforhappiness.co.ukConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://hypnotherapyforhappiness.co.uk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /loader.js HTTP/1.1Host: cdn.trustindex.ioConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://hypnotherapyforhappiness.co.uk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/2023/08/Malvern-Hills.png HTTP/1.1Host: hypnotherapyforhappiness.co.ukConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://hypnotherapyforhappiness.co.uk/wp-content/plugins/mai-engine/assets/css/blocks.min.css?ver=2.35.1.2720251604Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/animate-it/assets/js/animo.min.js?ver=1.0.3 HTTP/1.1Host: hypnotherapyforhappiness.co.ukConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://hypnotherapyforhappiness.co.uk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/animate-it/assets/js/jquery.ba-throttle-debounce.min.js?ver=1.1 HTTP/1.1Host: hypnotherapyforhappiness.co.ukConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://hypnotherapyforhappiness.co.uk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/animate-it/assets/js/viewportchecker.js?ver=1.4.4 HTTP/1.1Host: hypnotherapyforhappiness.co.ukConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://hypnotherapyforhappiness.co.uk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/animate-it/assets/js/edsanimate.js?ver=1.4.4 HTTP/1.1Host: hypnotherapyforhappiness.co.ukConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://hypnotherapyforhappiness.co.uk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/2023/08/sunflower-1.png HTTP/1.1Host: hypnotherapyforhappiness.co.ukConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/animate-it/assets/js/edsanimate.site.js?ver=1.4.5 HTTP/1.1Host: hypnotherapyforhappiness.co.ukConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://hypnotherapyforhappiness.co.uk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/chaty/admin/assets/js/picmo-umd.min.js?ver=3.3.8 HTTP/1.1Host: hypnotherapyforhappiness.co.ukConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://hypnotherapyforhappiness.co.uk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/chaty/admin/assets/js/picmo-latest-umd.min.js?ver=3.3.8 HTTP/1.1Host: hypnotherapyforhappiness.co.ukConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://hypnotherapyforhappiness.co.uk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/page-scroll-to-id/js/page-scroll-to-id.min.js?ver=1.7.9 HTTP/1.1Host: hypnotherapyforhappiness.co.ukConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://hypnotherapyforhappiness.co.uk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/ultimate-addons-for-gutenberg/assets/js/spectra-block-positioning.min.js?ver=2.19.4 HTTP/1.1Host: hypnotherapyforhappiness.co.ukConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://hypnotherapyforhappiness.co.uk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/themes/genesis/lib/js/skip-links.min.js?ver=3.6.0 HTTP/1.1Host: hypnotherapyforhappiness.co.ukConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://hypnotherapyforhappiness.co.uk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/2023/08/Screenshot-2023-08-24-at-08.58.04.png HTTP/1.1Host: hypnotherapyforhappiness.co.ukConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://hypnotherapyforhappiness.co.uk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/to-top/public/js/to-top-public.js?ver=2.5.4 HTTP/1.1Host: hypnotherapyforhappiness.co.ukConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://hypnotherapyforhappiness.co.uk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/chaty/js/cht-front-script.min.js?ver=3.3.81700739748 HTTP/1.1Host: hypnotherapyforhappiness.co.ukConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://hypnotherapyforhappiness.co.uk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/site-reviews/assets/scripts/site-reviews.js?ver=7.2.6 HTTP/1.1Host: hypnotherapyforhappiness.co.ukConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://hypnotherapyforhappiness.co.uk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/mai-engine/assets/js/min/global.min.js?ver=2.35.1.2720251604 HTTP/1.1Host: hypnotherapyforhappiness.co.ukConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://hypnotherapyforhappiness.co.uk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/mai-engine/assets/js/min/menus.min.js?ver=2.35.1.2720251604 HTTP/1.1Host: hypnotherapyforhappiness.co.ukConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://hypnotherapyforhappiness.co.uk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/2023/08/Screenshot-2023-08-24-at-08.58.04.png HTTP/1.1Host: hypnotherapyforhappiness.co.ukConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/fonts/hind/5aU19_a8oxmIfNJdERySjQ.woff2 HTTP/1.1Host: hypnotherapyforhappiness.co.ukConnection: keep-aliveOrigin: https://hypnotherapyforhappiness.co.uksec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://hypnotherapyforhappiness.co.uk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: cookieyes-consent=consentid:SGJVV0xQaDF4bERLQVF0Um81RWVNbElneUdrZ0RrRzk,consent:no,action:,necessary:yes,functional:no,analytics:no,performance:no,advertisement:no
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/chaty/images/whatsapp.png HTTP/1.1Host: hypnotherapyforhappiness.co.ukConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://hypnotherapyforhappiness.co.uk/wp-content/plugins/chaty/css/chaty-front.min.css?ver=3.3.81700739748Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: cookieyes-consent=consentid:SGJVV0xQaDF4bERLQVF0Um81RWVNbElneUdrZ0RrRzk,consent:no,action:,necessary:yes,functional:no,analytics:no,performance:no,advertisement:no
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/cookie-law-info/lite/frontend/images/close.svg HTTP/1.1Host: hypnotherapyforhappiness.co.ukConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://hypnotherapyforhappiness.co.uk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: cookieyes-consent=consentid:SGJVV0xQaDF4bERLQVF0Um81RWVNbElneUdrZ0RrRzk,consent:no,action:,necessary:yes,functional:no,analytics:no,performance:no,advertisement:no
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/cookie-law-info/lite/frontend/images/close.svg HTTP/1.1Host: hypnotherapyforhappiness.co.ukConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: cookieyes-consent=consentid:SGJVV0xQaDF4bERLQVF0Um81RWVNbElneUdrZ0RrRzk,consent:no,action:,necessary:yes,functional:no,analytics:no,performance:no,advertisement:no
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/chaty/images/whatsapp.png HTTP/1.1Host: hypnotherapyforhappiness.co.ukConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: cookieyes-consent=consentid:SGJVV0xQaDF4bERLQVF0Um81RWVNbElneUdrZ0RrRzk,consent:no,action:,necessary:yes,functional:no,analytics:no,performance:no,advertisement:no
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/2023/08/Malvern-Hills.png HTTP/1.1Host: hypnotherapyforhappiness.co.ukConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: cookieyes-consent=consentid:SGJVV0xQaDF4bERLQVF0Um81RWVNbElneUdrZ0RrRzk,consent:no,action:,necessary:yes,functional:no,analytics:no,performance:no,advertisement:no
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/2023/08/cropped-favicon-32x32.png HTTP/1.1Host: hypnotherapyforhappiness.co.ukConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://hypnotherapyforhappiness.co.uk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: cookieyes-consent=consentid:SGJVV0xQaDF4bERLQVF0Um81RWVNbElneUdrZ0RrRzk,consent:no,action:,necessary:yes,functional:no,analytics:no,performance:no,advertisement:no
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/2023/08/cropped-favicon-32x32.png HTTP/1.1Host: hypnotherapyforhappiness.co.ukConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: cookieyes-consent=consentid:SGJVV0xQaDF4bERLQVF0Um81RWVNbElneUdrZ0RrRzk,consent:no,action:,necessary:yes,functional:no,analytics:no,performance:no,advertisement:no
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/2023/08/butterfly-1536x576.png HTTP/1.1Host: hypnotherapyforhappiness.co.ukConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://hypnotherapyforhappiness.co.uk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: cookieyes-consent=consentid:SGJVV0xQaDF4bERLQVF0Um81RWVNbElneUdrZ0RrRzk,consent:no,action:,necessary:yes,functional:no,analytics:no,performance:no,advertisement:no
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/2023/08/Hypnotherapy-for-Happiness-Logo-2-2-300x80.png HTTP/1.1Host: hypnotherapyforhappiness.co.ukConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://hypnotherapyforhappiness.co.uk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: cookieyes-consent=consentid:SGJVV0xQaDF4bERLQVF0Um81RWVNbElneUdrZ0RrRzk,consent:no,action:,necessary:yes,functional:no,analytics:no,performance:no,advertisement:no; chatyWidget_0=[{"k":"v-widget","v":"2025-03-25T12:34:08.845Z"}]; activechatyWidgets=0
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/2023/08/butterfly-1536x576.png HTTP/1.1Host: hypnotherapyforhappiness.co.ukConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: cookieyes-consent=consentid:SGJVV0xQaDF4bERLQVF0Um81RWVNbElneUdrZ0RrRzk,consent:no,action:,necessary:yes,functional:no,analytics:no,performance:no,advertisement:no; chatyWidget_0=[{"k":"v-widget","v":"2025-03-25T12:34:08.845Z"}]; activechatyWidgets=0
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/2023/08/Hypnotherapy-for-Happiness-Logo-2-2-300x80.png HTTP/1.1Host: hypnotherapyforhappiness.co.ukConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: cookieyes-consent=consentid:SGJVV0xQaDF4bERLQVF0Um81RWVNbElneUdrZ0RrRzk,consent:no,action:,necessary:yes,functional:no,analytics:no,performance:no,advertisement:no; chatyWidget_0=[{"k":"v-widget","v":"2025-03-25T12:34:08.845Z"}]; activechatyWidgets=0
Source: global trafficDNS traffic detected: DNS query: x1.i.lencr.org
Source: global trafficDNS traffic detected: DNS query: hypnotherapyforhappiness.co.uk
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: global trafficDNS traffic detected: DNS query: cdn.trustindex.io
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
Source: unknownNetwork traffic detected: HTTP traffic on port 49789 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49781 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
Source: unknownNetwork traffic detected: HTTP traffic on port 49784 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
Source: unknownNetwork traffic detected: HTTP traffic on port 49777 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49787 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49793 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
Source: unknownNetwork traffic detected: HTTP traffic on port 49774 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49782 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49794
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49793
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49792
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49791
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49790
Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49771 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49789
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49788
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49787
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49786
Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49784
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49783
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49781
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49780
Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49791 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49778
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49775
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49773
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49771
Source: unknownNetwork traffic detected: HTTP traffic on port 49679 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
Source: unknownNetwork traffic detected: HTTP traffic on port 49788 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49671 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49780 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49794 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49773 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
Source: unknownNetwork traffic detected: HTTP traffic on port 49783 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
Source: unknownNetwork traffic detected: HTTP traffic on port 49778 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
Source: unknownNetwork traffic detected: HTTP traffic on port 49786 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49775 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
Source: unknownNetwork traffic detected: HTTP traffic on port 49792 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
Source: unknownHTTPS traffic detected: 185.199.220.71:443 -> 192.168.2.16:49718 version: TLS 1.2
Source: unknownHTTPS traffic detected: 185.199.220.71:443 -> 192.168.2.16:49717 version: TLS 1.2
Source: unknownHTTPS traffic detected: 185.199.220.71:443 -> 192.168.2.16:49719 version: TLS 1.2
Source: unknownHTTPS traffic detected: 185.199.220.71:443 -> 192.168.2.16:49720 version: TLS 1.2
Source: unknownHTTPS traffic detected: 142.251.40.196:443 -> 192.168.2.16:49745 version: TLS 1.2
Source: unknownHTTPS traffic detected: 185.199.220.71:443 -> 192.168.2.16:49756 version: TLS 1.2
Source: unknownHTTPS traffic detected: 108.138.106.34:443 -> 192.168.2.16:49765 version: TLS 1.2
Source: unknownHTTPS traffic detected: 185.199.220.71:443 -> 192.168.2.16:49773 version: TLS 1.2
Source: classification engineClassification label: mal60.winPDF@38/98@9/68
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeFile created: C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeFnt23.lst.6460
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeFile created: C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2025-03-25 08-33-26-473.log
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\CA
Source: Invoice Number INV132146-1.pdfVirustotal: Detection: 15%
Source: Invoice Number INV132146-1.pdfReversingLabs: Detection: 25%
Source: unknownProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Desktop\Invoice Number INV132146-1.pdf"
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=1660 --field-trial-handle=1568,i,13601352295905747693,11957149661643920561,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8
Source: unknownProcess created: C:\Windows\System32\msiexec.exe C:\Windows\system32\msiexec.exe /V
Source: C:\Windows\System32\msiexec.exeProcess created: C:\Windows\System32\msiexec.exe C:\Windows\System32\MsiExec.exe -Embedding 27E5C6A196026016721A73474D569713
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=1660 --field-trial-handle=1568,i,13601352295905747693,11957149661643920561,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://therapyforhappiness.co.uk/ra3.pdf
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1836,i,13471987997976031956,7984213507058439231,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2188 /prefetch:3
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://therapyforhappiness.co.uk/ra3.pdf
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1836,i,13471987997976031956,7984213507058439231,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2188 /prefetch:3
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: Invoice Number INV132146-1.pdfInitial sample: PDF keyword /JS count = 0
Source: Invoice Number INV132146-1.pdfInitial sample: PDF keyword /JavaScript count = 0
Source: Invoice Number INV132146-1.pdfInitial sample: PDF keyword /EmbeddedFile count = 0
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information queried: ProcessInformation

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
Browser Extensions		1
Process Injection		1
Masquerading		OS Credential Dumping1
Process Discovery		Remote ServicesData from Local System1
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
Extra Window Memory Injection		1
Process Injection		LSASS Memory1
System Information Discovery		Remote Desktop ProtocolData from Removable Media2
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)1
Extra Window Memory Injection		Security Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive3
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture1
Ingress Tool Transfer		Traffic DuplicationData Destruction

Screenshots

Download Video

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
Invoice Number INV132146-1.pdf16%VirustotalBrowse
Invoice Number INV132146-1.pdf25%ReversingLabsDocument-PDF.Trojan.ScamX

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
https://hypnotherapyforhappiness.co.uk/wp-content/plugins/mai-engine/assets/css/header.min.css?ver=2.35.1.27202516040%Avira URL Cloudsafe
https://hypnotherapyforhappiness.co.uk/wp-content/plugins/animate-it/assets/js/viewportchecker.js?ver=1.4.40%Avira URL Cloudsafe
https://hypnotherapyforhappiness.co.uk/wp-content/plugins/chaty/admin/assets/js/picmo-latest-umd.min.js?ver=3.3.80%Avira URL Cloudsafe
https://hypnotherapyforhappiness.co.uk/wp-content/themes/genesis/lib/js/skip-links.min.js?ver=3.6.00%Avira URL Cloudsafe
https://hypnotherapyforhappiness.co.uk/wp-content/uploads/2023/08/Malvern-Hills.png0%Avira URL Cloudsafe
https://hypnotherapyforhappiness.co.uk/wp-content/plugins/animate-it/assets/js/jquery.ba-throttle-debounce.min.js?ver=1.10%Avira URL Cloudsafe
https://hypnotherapyforhappiness.co.uk/wp-content/plugins/ultimate-addons-for-gutenberg/assets/js/spectra-block-positioning.min.js?ver=2.19.40%Avira URL Cloudsafe
https://hypnotherapyforhappiness.co.uk/wp-content/fonts/hind/5aU69_a8oxmIdGl4BA.woff20%Avira URL Cloudsafe
https://hypnotherapyforhappiness.co.uk/wp-content/plugins/site-reviews/assets/styles/default.css?ver=7.2.60%Avira URL Cloudsafe
https://therapyforhappiness.co.uk/ra3.pdf100%Avira URL Cloudmalware
https://hypnotherapyforhappiness.co.uk/wp-content/plugins/chaty/js/cht-front-script.min.js?ver=3.3.817007397480%Avira URL Cloudsafe
https://hypnotherapyforhappiness.co.uk/wp-content/plugins/ultimate-addons-for-gutenberg/assets/css/spectra-block-positioning.min.css?ver=2.19.40%Avira URL Cloudsafe
https://hypnotherapyforhappiness.co.uk/wp-content/plugins/animate-it/assets/js/animo.min.js?ver=1.0.30%Avira URL Cloudsafe
https://hypnotherapyforhappiness.co.uk/wp-content/plugins/chaty/admin/assets/js/picmo-umd.min.js?ver=3.3.80%Avira URL Cloudsafe
https://hypnotherapyforhappiness.co.uk/wp-content/plugins/mai-engine/assets/css/desktop.min.css?ver=2.35.1.27202516040%Avira URL Cloudsafe
https://hypnotherapyforhappiness.co.uk/wp-content/plugins/mai-engine/assets/css/utilities.min.css?ver=2.35.1.27202516040%Avira URL Cloudsafe
https://hypnotherapyforhappiness.co.uk/wp-content/plugins/chaty/css/chaty-front.min.css?ver=3.3.817007397480%Avira URL Cloudsafe
https://hypnotherapyforhappiness.co.uk/0%Avira URL Cloudsafe
https://hypnotherapyforhappiness.co.uk/wp-content/plugins/mai-engine/assets/css/main.min.css?ver=2.35.1.27202516040%Avira URL Cloudsafe
https://hypnotherapyforhappiness.co.uk/wp-content/uploads/2023/08/sunflower-1.png0%Avira URL Cloudsafe
https://hypnotherapyforhappiness.co.uk/wp-content/plugins/simply-schedule-appointments/assets/css/upcoming-appointments.css?ver=1.6.8.110%Avira URL Cloudsafe
https://hypnotherapyforhappiness.co.uk/wp-content/uploads/2023/08/Screenshot-2023-08-24-at-08.58.04.png0%Avira URL Cloudsafe
https://hypnotherapyforhappiness.co.uk/wp-content/plugins/mai-engine/assets/js/min/menus.min.js?ver=2.35.1.27202516040%Avira URL Cloudsafe
https://hypnotherapyforhappiness.co.uk/wp-content/themes/mai-success/style.css?ver=2.0.0.627202408560%Avira URL Cloudsafe
https://hypnotherapyforhappiness.co.uk/wp-content/plugins/animate-it/assets/js/edsanimate.js?ver=1.4.40%Avira URL Cloudsafe
https://hypnotherapyforhappiness.co.uk/wp-includes/css/dist/block-library/style.min.css?ver=6.7.20%Avira URL Cloudsafe
https://hypnotherapyforhappiness.co.uk/wp-content/plugins/cookie-law-info/lite/frontend/js/script.min.js?ver=3.2.80%Avira URL Cloudsafe
https://hypnotherapyforhappiness.co.uk/wp-content/plugins/site-reviews/assets/scripts/site-reviews.js?ver=7.2.60%Avira URL Cloudsafe
https://hypnotherapyforhappiness.co.uk/wp-content/plugins/animate-it/assets/css/animate-animo.css?ver=6.7.20%Avira URL Cloudsafe
https://hypnotherapyforhappiness.co.uk/wp-content/plugins/to-top/public/js/to-top-public.js?ver=2.5.40%Avira URL Cloudsafe
https://hypnotherapyforhappiness.co.uk/wp-content/uploads/2023/08/Screenshot-2023-08-24-at-08.58.04-768x278.png0%Avira URL Cloudsafe
https://hypnotherapyforhappiness.co.uk/wp-content/plugins/animate-it/assets/js/edsanimate.site.js?ver=1.4.50%Avira URL Cloudsafe
https://cdn.trustindex.io/loader.js0%Avira URL Cloudsafe
https://hypnotherapyforhappiness.co.uk/wp-content/plugins/mai-engine/assets/js/min/global.min.js?ver=2.35.1.27202516040%Avira URL Cloudsafe
https://hypnotherapyforhappiness.co.uk/wp-content/plugins/formidable/css/formidableforms.css?ver=31715290%Avira URL Cloudsafe
https://hypnotherapyforhappiness.co.uk/wp-content/plugins/page-scroll-to-id/js/page-scroll-to-id.min.js?ver=1.7.90%Avira URL Cloudsafe
https://hypnotherapyforhappiness.co.uk/wp-content/plugins/to-top/public/css/to-top-public.css?ver=2.5.40%Avira URL Cloudsafe
https://hypnotherapyforhappiness.co.uk/wp-content/plugins/mai-engine/assets/css/themes/success.min.css?ver=2.35.1.27202516040%Avira URL Cloudsafe
https://hypnotherapyforhappiness.co.uk/wp-content/plugins/mai-engine/assets/css/footer.min.css?ver=2.35.1.27202516040%Avira URL Cloudsafe
https://hypnotherapyforhappiness.co.uk/wp-content/plugins/mai-engine/assets/css/blocks.min.css?ver=2.35.1.27202516040%Avira URL Cloudsafe
https://hypnotherapyforhappiness.co.uk/wp-content/plugins/simply-schedule-appointments/assets/css/ssa-styles.css?ver=1.6.8.110%Avira URL Cloudsafe
https://hypnotherapyforhappiness.co.uk/wp-content/plugins/animate-it/assets/css/block-style.css?ver=17194785770%Avira URL Cloudsafe
https://hypnotherapyforhappiness.co.uk/wp-includes/js/jquery/jquery.min.js?ver=3.7.10%Avira URL Cloudsafe
https://hypnotherapyforhappiness.co.uk/wp-content/uploads/uag-plugin/assets/0/uag-css-51.css?ver=17428316280%Avira URL Cloudsafe
https://hypnotherapyforhappiness.co.uk/wp-content/fonts/montserrat/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXo.woff20%Avira URL Cloudsafe
https://hypnotherapyforhappiness.co.uk/wp-includes/css/dashicons.min.css?ver=6.7.20%Avira URL Cloudsafe
https://hypnotherapyforhappiness.co.uk/wp-content/uploads/2023/08/butterfly-1536x576.png0%Avira URL Cloudsafe
https://hypnotherapyforhappiness.co.uk/wp-content/plugins/chaty/images/whatsapp.png0%Avira URL Cloudsafe
https://hypnotherapyforhappiness.co.uk/wp-content/uploads/2023/08/cropped-favicon-32x32.png0%Avira URL Cloudsafe
https://hypnotherapyforhappiness.co.uk/wp-content/uploads/2023/08/Hypnotherapy-for-Happiness-Logo-2-2-300x80.png0%Avira URL Cloudsafe
https://hypnotherapyforhappiness.co.uk/wp-content/fonts/hind/5aU19_a8oxmIfNJdERySjQ.woff20%Avira URL Cloudsafe
https://hypnotherapyforhappiness.co.uk/wp-content/plugins/cookie-law-info/lite/frontend/images/close.svg0%Avira URL Cloudsafe

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
bg.microsoft.map.fastly.net
199.232.214.172
truefalse
    		high
    hypnotherapyforhappiness.co.uk
    		185.199.220.71
    		truefalse
      		unknown
      e8652.dscx.akamaiedge.net
      		23.39.37.95
      		truefalse
        		high
        www.google.com
        		142.251.40.196
        		truefalse
          		high
          dhtt2nmvztmk3.cloudfront.net
          		108.138.106.34
          		truefalse
            		unknown
            x1.i.lencr.org
            		unknown
            		unknownfalse
              		high
              cdn.trustindex.io
              		unknown
              		unknownfalse
                		high

                Contacted URLs

                NameMaliciousAntivirus DetectionReputation
                https://hypnotherapyforhappiness.co.uk/wp-content/plugins/animate-it/assets/js/viewportchecker.js?ver=1.4.4false
                • Avira URL Cloud: safe
                		unknown
                https://hypnotherapyforhappiness.co.uk/wp-content/uploads/2023/08/Malvern-Hills.pngfalse
                • Avira URL Cloud: safe
                		unknown
                https://hypnotherapyforhappiness.co.uk/wp-content/plugins/site-reviews/assets/styles/default.css?ver=7.2.6false
                • Avira URL Cloud: safe
                		unknown
                https://hypnotherapyforhappiness.co.uk/wp-content/plugins/animate-it/assets/js/jquery.ba-throttle-debounce.min.js?ver=1.1false
                • Avira URL Cloud: safe
                		unknown
                https://hypnotherapyforhappiness.co.uk/wp-content/plugins/mai-engine/assets/css/desktop.min.css?ver=2.35.1.2720251604false
                • Avira URL Cloud: safe
                		unknown
                https://hypnotherapyforhappiness.co.uk/wp-content/uploads/2023/08/sunflower-1.pngfalse
                • Avira URL Cloud: safe
                		unknown
                https://hypnotherapyforhappiness.co.uk/wp-content/plugins/ultimate-addons-for-gutenberg/assets/css/spectra-block-positioning.min.css?ver=2.19.4false
                • Avira URL Cloud: safe
                		unknown
                https://hypnotherapyforhappiness.co.uk/false
                • Avira URL Cloud: safe
                		unknown
                https://hypnotherapyforhappiness.co.uk/wp-content/plugins/mai-engine/assets/css/main.min.css?ver=2.35.1.2720251604false
                • Avira URL Cloud: safe
                		unknown
                https://hypnotherapyforhappiness.co.uk/wp-content/plugins/cookie-law-info/lite/frontend/js/script.min.js?ver=3.2.8false
                • Avira URL Cloud: safe
                		unknown
                https://hypnotherapyforhappiness.co.uk/wp-content/plugins/simply-schedule-appointments/assets/css/upcoming-appointments.css?ver=1.6.8.11false
                • Avira URL Cloud: safe
                		unknown
                https://hypnotherapyforhappiness.co.uk/wp-content/plugins/animate-it/assets/css/animate-animo.css?ver=6.7.2false
                • Avira URL Cloud: safe
                		unknown
                https://hypnotherapyforhappiness.co.uk/wp-content/plugins/animate-it/assets/js/edsanimate.js?ver=1.4.4false
                • Avira URL Cloud: safe
                		unknown
                https://hypnotherapyforhappiness.co.uk/wp-content/plugins/mai-engine/assets/js/min/global.min.js?ver=2.35.1.2720251604false
                • Avira URL Cloud: safe
                		unknown
                https://hypnotherapyforhappiness.co.uk/wp-content/plugins/formidable/css/formidableforms.css?ver=3171529false
                • Avira URL Cloud: safe
                		unknown
                https://hypnotherapyforhappiness.co.uk/wp-content/plugins/mai-engine/assets/css/blocks.min.css?ver=2.35.1.2720251604false
                • Avira URL Cloud: safe
                		unknown
                https://hypnotherapyforhappiness.co.uk/wp-content/plugins/to-top/public/css/to-top-public.css?ver=2.5.4false
                • Avira URL Cloud: safe
                		unknown
                https://hypnotherapyforhappiness.co.uk/wp-content/uploads/uag-plugin/assets/0/uag-css-51.css?ver=1742831628false
                • Avira URL Cloud: safe
                		unknown
                https://hypnotherapyforhappiness.co.uk/wp-content/plugins/animate-it/assets/css/block-style.css?ver=1719478577false
                • Avira URL Cloud: safe
                		unknown
                https://hypnotherapyforhappiness.co.uk/wp-includes/css/dashicons.min.css?ver=6.7.2false
                • Avira URL Cloud: safe
                		unknown
                https://hypnotherapyforhappiness.co.uk/wp-content/fonts/montserrat/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXo.woff2false
                • Avira URL Cloud: safe
                		unknown
                https://therapyforhappiness.co.uk/ra3.pdftrue
                • Avira URL Cloud: malware
                		unknown
                https://hypnotherapyforhappiness.co.uk/wp-content/fonts/hind/5aU69_a8oxmIdGl4BA.woff2false
                • Avira URL Cloud: safe
                		unknown
                https://hypnotherapyforhappiness.co.uk/wp-content/plugins/chaty/admin/assets/js/picmo-latest-umd.min.js?ver=3.3.8false
                • Avira URL Cloud: safe
                		unknown
                https://hypnotherapyforhappiness.co.uk/wp-content/plugins/mai-engine/assets/css/header.min.css?ver=2.35.1.2720251604false
                • Avira URL Cloud: safe
                		unknown
                https://hypnotherapyforhappiness.co.uk/wp-content/plugins/ultimate-addons-for-gutenberg/assets/js/spectra-block-positioning.min.js?ver=2.19.4false
                • Avira URL Cloud: safe
                		unknown
                https://hypnotherapyforhappiness.co.uk/wp-content/themes/genesis/lib/js/skip-links.min.js?ver=3.6.0false
                • Avira URL Cloud: safe
                		unknown
                https://hypnotherapyforhappiness.co.uk/wp-content/uploads/2023/08/butterfly-1536x576.pngfalse
                • Avira URL Cloud: safe
                		unknown
                https://hypnotherapyforhappiness.co.uk/wp-content/plugins/chaty/js/cht-front-script.min.js?ver=3.3.81700739748false
                • Avira URL Cloud: safe
                		unknown
                https://hypnotherapyforhappiness.co.uk/wp-content/plugins/animate-it/assets/js/animo.min.js?ver=1.0.3false
                • Avira URL Cloud: safe
                		unknown
                https://hypnotherapyforhappiness.co.uk/wp-content/plugins/chaty/css/chaty-front.min.css?ver=3.3.81700739748false
                • Avira URL Cloud: safe
                		unknown
                https://hypnotherapyforhappiness.co.uk/wp-content/plugins/chaty/admin/assets/js/picmo-umd.min.js?ver=3.3.8false
                • Avira URL Cloud: safe
                		unknown
                https://hypnotherapyforhappiness.co.uk/wp-content/uploads/2023/08/cropped-favicon-32x32.pngfalse
                • Avira URL Cloud: safe
                		unknown
                https://hypnotherapyforhappiness.co.uk/wp-content/uploads/2023/08/Hypnotherapy-for-Happiness-Logo-2-2-300x80.pngfalse
                • Avira URL Cloud: safe
                		unknown
                https://hypnotherapyforhappiness.co.uk/wp-content/plugins/mai-engine/assets/css/utilities.min.css?ver=2.35.1.2720251604false
                • Avira URL Cloud: safe
                		unknown
                https://hypnotherapyforhappiness.co.uk/wp-includes/css/dist/block-library/style.min.css?ver=6.7.2false
                • Avira URL Cloud: safe
                		unknown
                https://hypnotherapyforhappiness.co.uk/wp-content/plugins/mai-engine/assets/js/min/menus.min.js?ver=2.35.1.2720251604false
                • Avira URL Cloud: safe
                		unknown
                https://hypnotherapyforhappiness.co.uk/wp-content/uploads/2023/08/Screenshot-2023-08-24-at-08.58.04.pngfalse
                • Avira URL Cloud: safe
                		unknown
                https://hypnotherapyforhappiness.co.uk/wp-content/plugins/to-top/public/js/to-top-public.js?ver=2.5.4false
                • Avira URL Cloud: safe
                		unknown
                https://hypnotherapyforhappiness.co.uk/wp-content/themes/mai-success/style.css?ver=2.0.0.62720240856false
                • Avira URL Cloud: safe
                		unknown
                https://hypnotherapyforhappiness.co.uk/wp-content/plugins/site-reviews/assets/scripts/site-reviews.js?ver=7.2.6false
                • Avira URL Cloud: safe
                		unknown
                https://hypnotherapyforhappiness.co.uk/wp-content/uploads/2023/08/Screenshot-2023-08-24-at-08.58.04-768x278.pngfalse
                • Avira URL Cloud: safe
                		unknown
                https://cdn.trustindex.io/loader.jsfalse
                • Avira URL Cloud: safe
                		unknown
                https://hypnotherapyforhappiness.co.uk/wp-content/fonts/hind/5aU19_a8oxmIfNJdERySjQ.woff2false
                • Avira URL Cloud: safe
                		unknown
                https://hypnotherapyforhappiness.co.uk/wp-content/plugins/animate-it/assets/js/edsanimate.site.js?ver=1.4.5false
                • Avira URL Cloud: safe
                		unknown
                https://hypnotherapyforhappiness.co.uk/wp-content/plugins/mai-engine/assets/css/themes/success.min.css?ver=2.35.1.2720251604false
                • Avira URL Cloud: safe
                		unknown
                https://hypnotherapyforhappiness.co.uk/wp-content/plugins/page-scroll-to-id/js/page-scroll-to-id.min.js?ver=1.7.9false
                • Avira URL Cloud: safe
                		unknown
                https://hypnotherapyforhappiness.co.uk/wp-content/plugins/mai-engine/assets/css/footer.min.css?ver=2.35.1.2720251604false
                • Avira URL Cloud: safe
                		unknown
                https://hypnotherapyforhappiness.co.uk/wp-content/plugins/simply-schedule-appointments/assets/css/ssa-styles.css?ver=1.6.8.11false
                • Avira URL Cloud: safe
                		unknown
                https://hypnotherapyforhappiness.co.uk/wp-includes/js/jquery/jquery.min.js?ver=3.7.1false
                • Avira URL Cloud: safe
                		unknown
                https://hypnotherapyforhappiness.co.uk/wp-content/plugins/chaty/images/whatsapp.pngfalse
                • Avira URL Cloud: safe
                		unknown
                https://hypnotherapyforhappiness.co.uk/wp-content/plugins/cookie-law-info/lite/frontend/images/close.svgfalse
                • Avira URL Cloud: safe
                		unknown

                World Map of Contacted IPs

                • No. of IPs < 25%
                • 25% < No. of IPs < 50%
                • 50% < No. of IPs < 75%
                • 75% < No. of IPs

                Public IPs

                IPDomainCountryFlagASNASN NameMalicious
                108.138.106.34
                		dhtt2nmvztmk3.cloudfront.netUnited States
                		16509AMAZON-02USfalse
                54.224.241.105
                		unknownUnited States
                		14618AMAZON-AESUSfalse
                64.233.180.84
                		unknownUnited States
                		15169GOOGLEUSfalse
                1.1.1.1
                		unknownAustralia
                		13335CLOUDFLARENETUSfalse
                142.251.35.170
                		unknownUnited States
                		15169GOOGLEUSfalse
                142.250.80.110
                		unknownUnited States
                		15169GOOGLEUSfalse
                185.199.220.71
                		hypnotherapyforhappiness.co.ukUnited Kingdom
                		12488KRYSTALGRfalse
                142.251.40.238
                		unknownUnited States
                		15169GOOGLEUSfalse
                142.250.80.42
                		unknownUnited States
                		15169GOOGLEUSfalse
                23.56.162.204
                		unknownUnited States
                		16625AKAMAI-ASUSfalse
                23.51.56.185
                		unknownUnited States
                		4788TMNET-AS-APTMNetInternetServiceProviderMYfalse
                23.39.37.95
                		e8652.dscx.akamaiedge.netUnited States
                		16625AKAMAI-ASUSfalse
                142.251.40.196
                		www.google.comUnited States
                		15169GOOGLEUSfalse
                199.232.214.172
                		bg.microsoft.map.fastly.netUnited States
                		54113FASTLYUSfalse
                142.250.176.195
                		unknownUnited States
                		15169GOOGLEUSfalse
                142.251.41.3
                		unknownUnited States
                		15169GOOGLEUSfalse
                172.64.41.3
                		unknownUnited States
                		13335CLOUDFLARENETUSfalse

                Private

                IP
                192.168.2.16
                192.168.2.15

                General Information

                Joe Sandbox version:42.0.0 Malachite
                Analysis ID:1648015
                Start date and time:2025-03-25 13:32:51 +01:00
                Joe Sandbox product:CloudBasic
                Overall analysis duration:
                Hypervisor based Inspection enabled:false
                Report type:full
                Cookbook file name:defaultwindowsinteractivecookbook.jbs
                Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                Number of analysed new started processes analysed:16
                Number of new started drivers analysed:0
                Number of existing processes analysed:0
                Number of existing drivers analysed:0
                Number of injected processes analysed:0
                Technologies:
                • EGA enabled
                Analysis Mode:stream
                Analysis stop reason:Timeout
                Sample name:Invoice Number INV132146-1.pdf
                Detection:MAL
                Classification:mal60.winPDF@38/98@9/68
                Cookbook Comments:
                • Found application associated with file extension: .pdf
                • Exclude process from analysis (whitelisted): SIHClient.exe
                • Excluded IPs from analysis (whitelisted): 23.51.56.185, 54.224.241.105, 50.16.47.176, 34.237.241.83, 18.213.11.84, 172.64.41.3, 162.159.61.3
                • Excluded domains from analysis (whitelisted): e4578.dscg.akamaiedge.net, chrome.cloudflare-dns.com, ssl-delivery.adobe.com.edgekey.net, p13n.adobe.io, geo2.adobe.com
                • Not all processes where analyzed, report is missing behavior information
                • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                • VT rate limit hit for: hypnotherapyforhappiness.co.uk

                Created / dropped Files

                C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG

                Download File
                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                File Type:ASCII text
                Category:dropped
                Size (bytes):290
                Entropy (8bit):5.162861310557505
                Encrypted:false
                SSDEEP:
                MD5:DBC6F5047437249174D6E5794B8CBF54
                SHA1:8FB9D92D5B5B1F72B4CC4D6BC909CB3E39C28DA8
                SHA-256:91E5F727199D9E6C942317CA4D2C33B6F1C138F9A1E0D70B2EC2FB8FC4419406
                SHA-512:B1234467E81413239664F2150ED8A91942912FC58BCB53EA9B0D717D0297D75F7B927D18F1408267DC4BAAB8FD0C6B5BFC9FD1614C3C141BC24A0535ECB2F327
                Malicious:false
                Reputation:unknown
                Preview:2025/03/25-08:33:25.016 19b0 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/MANIFEST-000001.2025/03/25-08:33:25.018 19b0 Recovering log #3.2025/03/25-08:33:25.018 19b0 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/000003.log .

                C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG

                Download File
                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                File Type:ASCII text
                Category:dropped
                Size (bytes):334
                Entropy (8bit):5.1523315383321275
                Encrypted:false
                SSDEEP:
                MD5:0704776C72E377EC7D786E13DAA89791
                SHA1:A8686F813AF76DB7E213FF99A683AD96A8398EED
                SHA-256:9A89B434A4B3B0F139DC712FE17F52B9CAA38E6D9CB1BF8293311502A541A321
                SHA-512:B770D05E1D8B6516CE3D316418E5E3A48A54D1B187F419650D40FD21B10025E1AFA400CFB574E743F10549A476001C926F36ADE0E37F11FC3480396303ED4247
                Malicious:false
                Reputation:unknown
                Preview:2025/03/25-08:33:24.901 1a9c Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb/MANIFEST-000001.2025/03/25-08:33:24.909 1a9c Recovering log #3.2025/03/25-08:33:24.910 1a9c Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb/000003.log .

                C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State (copy)

                Download File
                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                File Type:JSON data
                Category:dropped
                Size (bytes):0
                Entropy (8bit):0.0
                Encrypted:false
                SSDEEP:
                MD5:4C313FE514B5F4E7E89329630909F8DC
                SHA1:916EED77EC8C9DC90C64FF1E5CC9D04D4674EE56
                SHA-256:1EE7C151EF264F91FCDCCB6644F62DC33E27A4E829DAAB748DA1DE4426400873
                SHA-512:1726CAFCBA0121691DFA87A7298E6610BC4C7FD900867FD1B1710811E764918585E56788E08B7CA2CEE001F5DFD110E1BE6F6BBD7C2A7B7E2FC87D3DED210205
                Malicious:false
                Reputation:unknown
                Preview:{"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13341145152835463","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":144284},"server":"https://chrome.cloudflare-dns.com","supports_spdy":true}],"supports_quic":{"address":"192.168.2.16","used_quic":true},"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"4G"}}}

                C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\d43f18f7-57e3-4be6-8145-60066da763c3.tmp

                Download File
                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                File Type:JSON data
                Category:modified
                Size (bytes):403
                Entropy (8bit):4.953858338552356
                Encrypted:false
                SSDEEP:
                MD5:4C313FE514B5F4E7E89329630909F8DC
                SHA1:916EED77EC8C9DC90C64FF1E5CC9D04D4674EE56
                SHA-256:1EE7C151EF264F91FCDCCB6644F62DC33E27A4E829DAAB748DA1DE4426400873
                SHA-512:1726CAFCBA0121691DFA87A7298E6610BC4C7FD900867FD1B1710811E764918585E56788E08B7CA2CEE001F5DFD110E1BE6F6BBD7C2A7B7E2FC87D3DED210205
                Malicious:false
                Reputation:unknown
                Preview:{"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13341145152835463","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":144284},"server":"https://chrome.cloudflare-dns.com","supports_spdy":true}],"supports_quic":{"address":"192.168.2.16","used_quic":true},"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"4G"}}}

                C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\000003.log

                Download File
                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                File Type:data
                Category:dropped
                Size (bytes):4099
                Entropy (8bit):5.233191603227838
                Encrypted:false
                SSDEEP:
                MD5:53FDEC261489B391158F44D12CD653D1
                SHA1:BF5D149CA8B7A2189C44C788EA13BEC8EB188A99
                SHA-256:D15539BE86B1D2FF5D9715F2ADA63E1489862D21FB7ECED57485AEB4A7B38D4D
                SHA-512:4FE52DE35EB0DA9B640020ECECE3F550A90E363446B5A1A606900A1B7B81D8F804A3E50AF106A354F5302A398A90EE80E9A092D9410E6613C3F4F52A74C82393
                Malicious:false
                Reputation:unknown
                Preview:*...#................version.1..namespace-e...o................next-map-id.1.Pnamespace-1d95df23_a38f_44a8_b732_4e62dd896a16-https://rna-resource.acrobat.com/.0y.S_r................next-map-id.2.Snamespace-2a884c18_b39c_4e3d_942f_252e530ca4bd-https://rna-v2-resource.acrobat.com/.16.X:r................next-map-id.3.Snamespace-2e78bfda_7188_4688_a4aa_1ff81b6e5eaa-https://rna-v2-resource.acrobat.com/.2.P.@o................next-map-id.4.Pnamespace-09c119c2_97bc_4467_8f67_f92472c9e5dc-https://rna-resource.acrobat.com/.346.+^...............Pnamespace-1d95df23_a38f_44a8_b732_4e62dd896a16-https://rna-resource.acrobat.com/....^...............Pnamespace-09c119c2_97bc_4467_8f67_f92472c9e5dc-https://rna-resource.acrobat.com/..?&a...............Snamespace-2a884c18_b39c_4e3d_942f_252e530ca4bd-https://rna-v2-resource.acrobat.com/_...a...............Snamespace-2e78bfda_7188_4688_a4aa_1ff81b6e5eaa-https://rna-v2-resource.acrobat.com/...o................next-map-id.5.Pnamespace-07af9ee9_2076_4f12_94b5_

                C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG

                Download File
                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                File Type:ASCII text
                Category:dropped
                Size (bytes):322
                Entropy (8bit):5.164833040562038
                Encrypted:false
                SSDEEP:
                MD5:24659B4D99DB4E9419597375DE16DDAE
                SHA1:1CE3155D7E4529FF3D89CFFDBDAF349C9BECE7AB
                SHA-256:529337DCCC3155935AB42024A930A21D32A5A174C77806939EE1141D2997988A
                SHA-512:C06E9165AE4C1BEAA164A6F9136DF6B8E77972EF0F625E4611636B4128E301C3B11DC04B4A92F53AA300414CD54E065086DD43EBFF9CA2B7EE6BDD79CD94CE20
                Malicious:false
                Reputation:unknown
                Preview:2025/03/25-08:33:25.072 1a9c Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage/MANIFEST-000001.2025/03/25-08:33:25.073 1a9c Recovering log #3.2025/03/25-08:33:25.076 1a9c Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage/000003.log .

                C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-250325123328Z-163.bmp

                Download File
                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                File Type:PC bitmap, Windows 3.x format, 164 x -126 x 32, cbSize 82710, bits offset 54
                Category:dropped
                Size (bytes):82710
                Entropy (8bit):1.2272662388702138
                Encrypted:false
                SSDEEP:
                MD5:98F06D06F95BE5918A05315393F18BDF
                SHA1:37E3683B0A201DB8E67E2341002E04152E145A9C
                SHA-256:DEBA64094F095542C8C7D2FD63C311A724D644802201B8CF3660B531CFCAE3F2
                SHA-512:80A45505F1B613B6172A32F52BC8C8AFE3DF8412499AD08116B356B8E081AA70F41A39144F4B91C10A5CD14F26943C34DF48E22A19AE1D0A6FEC63B42B255C01
                Malicious:false
                Reputation:unknown
                Preview:BM.C......6...(............. ...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages

                Download File
                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                File Type:SQLite 3.x database, last written using SQLite version 3040000, file counter 2, database pages 14, cookie 0x5, schema 4, UTF-8, version-valid-for 2
                Category:dropped
                Size (bytes):57344
                Entropy (8bit):3.291927920232006
                Encrypted:false
                SSDEEP:
                MD5:A4D5FECEFE05F21D6F81ACF4D9A788CF
                SHA1:1A9AC236C80F2A2809F7DE374072E2FCCA5A775C
                SHA-256:83BE4623D80FFB402FBDEC4125671DF532845A3828A1B378D99BD243A4FD8FF2
                SHA-512:FF106C6B9E1EA4B1F3E3AB01FAEA21BA24A885E63DDF0C36EB0A8C3C89A9430FE676039C076C50D7C46DC4E809F6A7E35A4BFED64D9033FEBD6121AC547AA5E9
                Malicious:false
                Reputation:unknown
                Preview:SQLite format 3......@ ..........................................................................c.......1........T...U.1.D............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages-journal

                Download File
                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                File Type:SQLite Rollback Journal
                Category:dropped
                Size (bytes):16928
                Entropy (8bit):1.214360858136635
                Encrypted:false
                SSDEEP:
                MD5:04CC677FDE639B0B0E49A1E81F9C179A
                SHA1:075DFBC79988C58C8D2710ACE0C63DD2EAF7F83C
                SHA-256:B8D31179CFE37A20A66E40288E5F7CC59C7C431F215A53851333E532461DE48D
                SHA-512:9631C4F94EDD60C847A413C87BA3768DC0C40B6341E50C0DFAE4981962111A76E41505DBAD117573273DEB04A4DA9F834DD188F4D9752C834B09DEC0699A51C4
                Malicious:false
                Reputation:unknown
                Preview:.... .c.......K#........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\2D85F72862B55C4EADD9E66E06947F3D

                Download File
                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                File Type:Certificate, Version=3
                Category:dropped
                Size (bytes):1391
                Entropy (8bit):7.705940075877404
                Encrypted:false
                SSDEEP:
                MD5:0CD2F9E0DA1773E9ED864DA5E370E74E
                SHA1:CABD2A79A1076A31F21D253635CB039D4329A5E8
                SHA-256:96BCEC06264976F37460779ACF28C5A7CFE8A3C0AAE11A8FFCEE05C0BDDF08C6
                SHA-512:3B40F27E828323F5B91F8909883A78A21C86551761F27B38029FAAEC14AF5B7AA96FB9F9CC93EE201B5EB1D0FEF17B290747E8B839D2E49A8F36C5EBF3C7C910
                Malicious:false
                Reputation:unknown
                Preview:0..k0..S............@.YDc.c...0...*.H........0O1.0...U....US1)0'..U... Internet Security Research Group1.0...U....ISRG Root X10...150604110438Z..350604110438Z0O1.0...U....US1)0'..U... Internet Security Research Group1.0...U....ISRG Root X10.."0...*.H.............0..........$s..7.+W(.....8..n<.W.x.u...jn..O(..h.lD...c...k....1.!~.3<.H..y.....!.K...qiJffl.~<p..)"......K...~....G.|.H#S.8.O.o...IW..t../.8.{.p!.u.0<.....c...O..K~.....w...{J.L.%.p..)..S$........J.?..aQ.....cq...o[...\4ylv.;.by.../&.....................6....7..6u...r......I.....*.A..v........5/(.l....dwnG7..Y^h..r...A)>Y>.&.$...Z.L@.F....:Qn.;.}r...xY.>Qx....../..>{J.Ks......P.|C.t..t.....0.[q6....00\H..;..}`...).........A.......|.;F.H*..v.v..j.=...8.d..+..(.....B.".'].y...p..N..:..'Qn..d.3CO......B0@0...U...........0...U.......0....0...U......y.Y.{....s.....X..n0...*.H.............U.X....P.....i ')..au\.n...i/..VK..s.Y.!.~.Lq...`.9....!V..P.Y...Y.............b.E.f..|o..;.....'...}~.."......

                C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506

                Download File
                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 73305 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks, 0x1 compression
                Category:dropped
                Size (bytes):73305
                Entropy (8bit):7.996028107841645
                Encrypted:true
                SSDEEP:
                MD5:83142242E97B8953C386F988AA694E4A
                SHA1:833ED12FC15B356136DCDD27C61A50F59C5C7D50
                SHA-256:D72761E1A334A754CE8250E3AF7EA4BF25301040929FD88CF9E50B4A9197D755
                SHA-512:BB6DA177BD16D163F377D9B4C63F6D535804137887684C113CC2F643CEAB4F34338C06B5A29213C23D375E95D22EF417EAC928822DFB3688CE9E2DE9D5242D10
                Malicious:false
                Reputation:unknown
                Preview:MSCF....Y.......,...................I.................;Za. .authroot.stl.98.?.6..CK..<Tk......4..c... .Ec...U.d.d.E&I.DH*..M.KB."..rK.RQ*..}f..f...}..1....9...........$.8q..fa...7.o.1.0...bfsM4.........u..l..0..4.a.t....0.....6#....n. :... ....%.,CQ5uU..(.3.<7#.0..JN.$...=j|w..*.#.oU..Eq[..P..^..~.V...;..m...I|...l..@-W..=.QQ.._./.M.nZ..(.........`.$Z.9wW:W.]..8*E.......I.D{..n...K:.m..^.(.S.......c..s.y..<...2.%o.o.....H.B.R.....11.|!.(...........h.SZ........<...^....Z>.Pp?... .pT@p.#.&..........#VEV=.....p........y..."T=l.n..egf.w..X.Y..-G...........KQ.]...pM..[m..-6.wd:........T...:.P5Zs....c.oT`..F1#......EuD.......7....V ..-....!.N..%S...k...S. ...@.J..../..b!B.(=\../.l......`.\...q9..>4!b..8EH.....zdy.....#...X>%0w...i.,>c.z.g"p.S..2W.+mMs.....5Def.....#._D.4....>}...i...\.&`D.......z;..ZY.3.+t.`....z_.q'w.z.)..j3.+.co.s..:.........qK...{...E....uPO...#vs.XxH.B!..(t. 8k+.....G\..?..GF8....'..w.>.ms..\ve.nFN..W)....xi..u..5.f.l....

                C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\2D85F72862B55C4EADD9E66E06947F3D

                Download File
                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                File Type:data
                Category:dropped
                Size (bytes):192
                Entropy (8bit):2.7673182398396405
                Encrypted:false
                SSDEEP:
                MD5:CB2889E0B07FC7E51A96FAC4224DFF81
                SHA1:543F1C7C9C281E8B5537A1A8C7A65FA2A496E07C
                SHA-256:1F428B8DB5EDFDE4EF9F65BCFFD0E8DD44ED43F91CC0B130AE07CF67AFE3486F
                SHA-512:1C3C0596C92627333451DDAC845871407BEEBF98C4194A982777FC7AECCF14B8F1B8A64AF97400DCF067119785C0B6F73975A0052AABDCB5965880473937E72B
                Malicious:false
                Reputation:unknown
                Preview:p...... ...........!....(....................................................... ..........W....................o...h.t.t.p.:././.x.1...i...l.e.n.c.r...o.r.g./...".6.4.c.d.6.6.5.4.-.5.6.f."...

                C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506

                Download File
                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                File Type:data
                Category:modified
                Size (bytes):330
                Entropy (8bit):3.2727275427488585
                Encrypted:false
                SSDEEP:
                MD5:51057C79DB71AB065139427E0BB1F216
                SHA1:791320E6CE5E915022722EB4F378D5BDDE4C77D3
                SHA-256:7243831093E2F1BEEC3BA341379778FF6E150D4C01E814591084E4E9090731C8
                SHA-512:57E6A211A8A09CDB6B41DB4F3E8D9028A011C09A9AD0BD793954BE2EB1245FB68A5BD91CAC7739AD0C6A9D58CF54517273F1C2B296EFB3412628173C2FB75977
                Malicious:false
                Reputation:unknown
                Preview:p...... ..........33....(....................................................... ..................(....c*.....Y...h.t.t.p.:././.c.t.l.d.l...w.i.n.d.o.w.s.u.p.d.a.t.e...c.o.m./.m.s.d.o.w.n.l.o.a.d./.u.p.d.a.t.e./.v.3./.s.t.a.t.i.c./.t.r.u.s.t.e.d.r./.e.n./.a.u.t.h.r.o.o.t.s.t.l...c.a.b...".6.4.2.7.f.6.c.2.b.7.8.7.d.b.1.:.0."...

                C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeFnt23.lst.6460

                Download File
                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                File Type:PostScript document text
                Category:dropped
                Size (bytes):185099
                Entropy (8bit):5.182478651346149
                Encrypted:false
                SSDEEP:
                MD5:94185C5850C26B3C6FC24ABC385CDA58
                SHA1:42F042285037B0C35BC4226D387F88C770AB5CAA
                SHA-256:1D9979A98F7C4B3073BC03EE9D974CCE9FE265A1E2F8E9EE26A4A5528419E808
                SHA-512:652657C00DD6AED1A132E1DFD0B97B8DF233CDC257DA8F75AC9F2428F2F7715186EA8B3B24F8350D409CC3D49AFDD36E904B077E28B4AD3E4D08B4DBD5714344
                Malicious:false
                Reputation:unknown
                Preview:%!Adobe-FontList 1.23.%Locale:0x809..%BeginFont.Handler:WinTTHandler.FontType:TrueType.FontName:AgencyFB-Reg.FamilyName:Agency FB.StyleName:Regular.MenuName:Agency FB.StyleBits:0.WeightClass:400.WidthClass:3.AngleClass:0.FullName:Agency FB.WritingScript:Roman.hasSVG:no.hasCOLR:no.VariableFontType:NonVariableFont.WinName:Agency FB.FileLength:58920.NameArray:0,Win,1,Agency FB.NameArray:0,Mac,4,Agency FB.NameArray:0,Win,1,Agency FB.%EndFont..%BeginFont.Handler:WinTTHandler.FontType:TrueType.FontName:AgencyFB-Bold.FamilyName:Agency FB.StyleName:Bold.MenuName:Agency FB.StyleBits:2.WeightClass:700.WidthClass:3.AngleClass:0.FullName:Agency FB Bold.WritingScript:Roman.hasSVG:no.hasCOLR:no.VariableFontType:NonVariableFont.WinName:Agency FB Bold.FileLength:60656.NameArray:0,Win,1,Agency FB.NameArray:0,Mac,4,Agency FB Bold.NameArray:0,Win,1,Agency FB.%EndFont..%BeginFont.Handler:WinTTHandler.FontType:TrueType.FontName:Algerian.FamilyName:Algerian.StyleName:Regular.MenuName:Algerian.StyleBits:0.We

                C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeSysFnt23.lst (copy)

                Download File
                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                File Type:PostScript document text
                Category:dropped
                Size (bytes):0
                Entropy (8bit):0.0
                Encrypted:false
                SSDEEP:
                MD5:94185C5850C26B3C6FC24ABC385CDA58
                SHA1:42F042285037B0C35BC4226D387F88C770AB5CAA
                SHA-256:1D9979A98F7C4B3073BC03EE9D974CCE9FE265A1E2F8E9EE26A4A5528419E808
                SHA-512:652657C00DD6AED1A132E1DFD0B97B8DF233CDC257DA8F75AC9F2428F2F7715186EA8B3B24F8350D409CC3D49AFDD36E904B077E28B4AD3E4D08B4DBD5714344
                Malicious:false
                Reputation:unknown
                Preview:%!Adobe-FontList 1.23.%Locale:0x809..%BeginFont.Handler:WinTTHandler.FontType:TrueType.FontName:AgencyFB-Reg.FamilyName:Agency FB.StyleName:Regular.MenuName:Agency FB.StyleBits:0.WeightClass:400.WidthClass:3.AngleClass:0.FullName:Agency FB.WritingScript:Roman.hasSVG:no.hasCOLR:no.VariableFontType:NonVariableFont.WinName:Agency FB.FileLength:58920.NameArray:0,Win,1,Agency FB.NameArray:0,Mac,4,Agency FB.NameArray:0,Win,1,Agency FB.%EndFont..%BeginFont.Handler:WinTTHandler.FontType:TrueType.FontName:AgencyFB-Bold.FamilyName:Agency FB.StyleName:Bold.MenuName:Agency FB.StyleBits:2.WeightClass:700.WidthClass:3.AngleClass:0.FullName:Agency FB Bold.WritingScript:Roman.hasSVG:no.hasCOLR:no.VariableFontType:NonVariableFont.WinName:Agency FB Bold.FileLength:60656.NameArray:0,Win,1,Agency FB.NameArray:0,Mac,4,Agency FB Bold.NameArray:0,Win,1,Agency FB.%EndFont..%BeginFont.Handler:WinTTHandler.FontType:TrueType.FontName:Algerian.FamilyName:Algerian.StyleName:Regular.MenuName:Algerian.StyleBits:0.We

                C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\ACROBAT_READER_MASTER_SURFACEID

                Download File
                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                File Type:JSON data
                Category:dropped
                Size (bytes):295
                Entropy (8bit):5.370584200726583
                Encrypted:false
                SSDEEP:
                MD5:0611B7BB672EEB387E3A020E3DA0C8BD
                SHA1:3D523BE283879C5C0E6FFC4569BB8498CA556252
                SHA-256:59CD0CB1A23F972527E697E1D493F98A48C72361E7B09A0F32DF3040890CDAA6
                SHA-512:0E6DF68052EE03FDFE650059F88021CE70C011034873B9EF0AEA86C0FFC713A0EF650E8DD22900A1AB4906C93794F47FF70627E76ABBB5FB88AFFD68907A131F
                Malicious:false
                Reputation:unknown
                Preview:{"analyticsData":{"responseGUID":"cc68fbf9-3135-4ca4-9c3f-b79e6c1d7c2f","sophiaUUID":"5E8BF9F5-1E3B-447C-A619-6054B1C06D0A"},"encodingScheme":true,"expirationDTS":1743081434367,"statusCode":200,"surfaceID":"ACROBAT_READER_MASTER_SURFACEID","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Home_View_Surface

                Download File
                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                File Type:JSON data
                Category:dropped
                Size (bytes):294
                Entropy (8bit):5.316540343421474
                Encrypted:false
                SSDEEP:
                MD5:A494F447DA8568E0FC6B4DBE6AAE4B76
                SHA1:03A9D5E25D4B7990DC74F327FB6DB1D553319FC9
                SHA-256:31D96DF53A9DCB9502DABC06AD4532CAF9E5F4A90B85FF4DE3CD7BBA39D26442
                SHA-512:48E4F4F4E96D1DCE37C96E0490446A75F87C3FE62FA7939AE3E8B01A0DF5C1D0C302736E188F52A23A497B1CD54B15C6614C232869277E7B80F7535A36A4FB20
                Malicious:false
                Reputation:unknown
                Preview:{"analyticsData":{"responseGUID":"cc68fbf9-3135-4ca4-9c3f-b79e6c1d7c2f","sophiaUUID":"5E8BF9F5-1E3B-447C-A619-6054B1C06D0A"},"encodingScheme":true,"expirationDTS":1743081434367,"statusCode":200,"surfaceID":"DC_FirstMile_Home_View_Surface","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Right_Sec_Surface

                Download File
                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                File Type:JSON data
                Category:dropped
                Size (bytes):294
                Entropy (8bit):5.293334400472381
                Encrypted:false
                SSDEEP:
                MD5:529AA381AE005C1A7AEEB5383B0A0591
                SHA1:18BF5EE8A7DCC7CBBD8DA05D7D270768FC25AE4E
                SHA-256:B8B22CEEA2B6D30D0B00EEB89DDE2F91C7094BD6BA406916616E0EA3B540A733
                SHA-512:979DD0C93C4C948719F33CB6C37FF6A61706D0059D0122BC440F1C535970B30E297C90DFC10E94912BDEF812CCAACB216BC655E0755AEA40795415A94D89B50D
                Malicious:false
                Reputation:unknown
                Preview:{"analyticsData":{"responseGUID":"cc68fbf9-3135-4ca4-9c3f-b79e6c1d7c2f","sophiaUUID":"5E8BF9F5-1E3B-447C-A619-6054B1C06D0A"},"encodingScheme":true,"expirationDTS":1743081434367,"statusCode":200,"surfaceID":"DC_FirstMile_Right_Sec_Surface","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_READER_LAUNCH_CARD

                Download File
                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                File Type:JSON data
                Category:dropped
                Size (bytes):285
                Entropy (8bit):5.359217751376679
                Encrypted:false
                SSDEEP:
                MD5:7BBB2B5476E54ACDAE00791E7F6E6B85
                SHA1:F2C913A1205513364B97199959D9C3FE2C1A7ABB
                SHA-256:5EF15D81C0BDB13D7A08BC728C7A9EC6A225CD0034C7BDA8C0B92AA5976B8816
                SHA-512:2777AFD55E3C7FA0628DD18AB7484AE91114360FBD054F0641329A027543A382828D9A458A78B6FBB7F44EAD11AE52AD4E143D50A11F0A62ADEA80FBB3DE86B1
                Malicious:false
                Reputation:unknown
                Preview:{"analyticsData":{"responseGUID":"cc68fbf9-3135-4ca4-9c3f-b79e6c1d7c2f","sophiaUUID":"5E8BF9F5-1E3B-447C-A619-6054B1C06D0A"},"encodingScheme":true,"expirationDTS":1743081434367,"statusCode":200,"surfaceID":"DC_READER_LAUNCH_CARD","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Convert_LHP_Banner

                Download File
                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                File Type:JSON data
                Category:dropped
                Size (bytes):2129
                Entropy (8bit):5.837153651371965
                Encrypted:false
                SSDEEP:
                MD5:F18850F5E4245D863796CC186734733A
                SHA1:2AC4337C3E1A09C907D320ED07DF2709A8E26D54
                SHA-256:F45AD7C2FD46D44EA944E2FFA214AEC17E3912298F4BFF7E647DEF5888AD9AF2
                SHA-512:D32102D2C2AF6D647E874C479F8A743C0311BB3CB0198B3273773DBAE3153ED6005747D56DDAA2C9DD0F1781C6447D67F4906F5F416693924ACB1A5248C3A1A6
                Malicious:false
                Reputation:unknown
                Preview:{"analyticsData":{"responseGUID":"cc68fbf9-3135-4ca4-9c3f-b79e6c1d7c2f","sophiaUUID":"5E8BF9F5-1E3B-447C-A619-6054B1C06D0A"},"encodingScheme":true,"expirationDTS":1743081434367,"statusCode":200,"surfaceID":"DC_Reader_Convert_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"DC_Reader_Convert_LHP_Banner"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"102656_316349ActionBlock_1","campaignId":102656,"containerId":"1","controlGroupId":"","treatmentId":"5a9d1955-ab74-4b89-837a-074b702313c0","variationId":"316349"},"containerId":1,"containerLabel":"JSON for DC_Reader_Convert_LHP_Banner","content":{"data":"eyJkYXRhIjp7ImxocFYyQnlQYXRoIjp7Iml0ZW0iOnsiX3BhdGgiOiIvY29udGVudC9kYW0vYWNyb2JhdGRlc2t0b3AvZ3Jvd3RoL3JlYWRlci9lbi11cy9saHAtYmFubmVyL3YyL2NvbnZlcnQiLCJfdmFyaWF0aW9uIjoicmdzMDM2MS0wIiwidGl0bGUiOm51bGwsImRlc2NyaXB0aW9uIjoiRXhwb3J0IFBERnMgdG8gTWljcm9zb2Z0IFdvcmQgYW5kIEV4Y2VsLiIsImN0YUxhYmVsIjpudWxsLCJjdGFCZWhhdmlvciI6bnVsbCwiY3RhVXJsIjpudWxsLCJjdGFVcmxUeXBlIjpudWxsLC

                C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Banner

                Download File
                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                File Type:JSON data
                Category:dropped
                Size (bytes):289
                Entropy (8bit):5.307400597098752
                Encrypted:false
                SSDEEP:
                MD5:1A27336FE34AECD51AA4C13EDD98AEEF
                SHA1:8CC164CA684AA0046126A5C66C2685B4C8BC4B06
                SHA-256:2363B91DC7465292C3D2C424445EDB72EA1F88EB386B16C8E80200A503B5931B
                SHA-512:2DD6E6723B510642C73807B0BEDDB500286B069DF178863244AC8F3C489EFAE87B3FDFEF9CCF13C88CA044AFA55CBC28D2808105EE62C370B1DDBB0C1B00AC5E
                Malicious:false
                Reputation:unknown
                Preview:{"analyticsData":{"responseGUID":"cc68fbf9-3135-4ca4-9c3f-b79e6c1d7c2f","sophiaUUID":"5E8BF9F5-1E3B-447C-A619-6054B1C06D0A"},"encodingScheme":true,"expirationDTS":1743081434367,"statusCode":200,"surfaceID":"DC_Reader_Disc_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Retention

                Download File
                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                File Type:JSON data
                Category:dropped
                Size (bytes):292
                Entropy (8bit):5.309958617723668
                Encrypted:false
                SSDEEP:
                MD5:B30A8C70EE86F93FB0A358852CCBF2A1
                SHA1:768523A1532FC4839FD89D3F3D60FCFD51070526
                SHA-256:4CA2988A469E297456EBB68B94F772C477B5226E19237D4840A0CCC79D95EF0A
                SHA-512:56503FBA224A106B0DE754E1562C241D5289649AFFF7638C8A32930D5DB253E41A32FA891A631E9F7C75D0ED732F24A514DE85F3BDACE958C816247EDA4BC649
                Malicious:false
                Reputation:unknown
                Preview:{"analyticsData":{"responseGUID":"cc68fbf9-3135-4ca4-9c3f-b79e6c1d7c2f","sophiaUUID":"5E8BF9F5-1E3B-447C-A619-6054B1C06D0A"},"encodingScheme":true,"expirationDTS":1743081434367,"statusCode":200,"surfaceID":"DC_Reader_Disc_LHP_Retention","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Edit_LHP_Banner

                Download File
                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                File Type:JSON data
                Category:dropped
                Size (bytes):2080
                Entropy (8bit):5.822774000951981
                Encrypted:false
                SSDEEP:
                MD5:EED9D3AE16FE465C15061E770C5964AA
                SHA1:E964E95F3DC3A0AC7D04CABC0774F3066AF2F54E
                SHA-256:113172E33948879840416E68D3EDACDF46524558EE74E9F54968C65836F5BD00
                SHA-512:248E5ECFE7C1CAE9A6F63AF5220A4C7401797A99233A23357234ACE287A087C1D6D47BD2A8D53DCA99BEEBA8DC9FB41EA44773652901C2D08023F7CC56FD1166
                Malicious:false
                Reputation:unknown
                Preview:{"analyticsData":{"responseGUID":"cc68fbf9-3135-4ca4-9c3f-b79e6c1d7c2f","sophiaUUID":"5E8BF9F5-1E3B-447C-A619-6054B1C06D0A"},"encodingScheme":true,"expirationDTS":1743081434367,"statusCode":200,"surfaceID":"DC_Reader_Edit_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"DC_Reader_Edit_LHP_Banner"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"102656_316349ActionBlock_2","campaignId":102656,"containerId":"1","controlGroupId":"","treatmentId":"164bf29d-ee04-491c-adf2-c0bfeedb2d1b","variationId":"316349"},"containerId":1,"containerLabel":"JSON for DC_Reader_Edit_LHP_Banner","content":{"data":"eyJkYXRhIjp7ImxocFYyQnlQYXRoIjp7Iml0ZW0iOnsiX3BhdGgiOiIvY29udGVudC9kYW0vYWNyb2JhdGRlc2t0b3AvZ3Jvd3RoL3JlYWRlci9lbi11cy9saHAtYmFubmVyL3YyL2VkaXQiLCJfdmFyaWF0aW9uIjoicmdzMDM2MS0wIiwidGl0bGUiOm51bGwsImRlc2NyaXB0aW9uIjpudWxsLCJjdGFMYWJlbCI6bnVsbCwiY3RhQmVoYXZpb3IiOm51bGwsImN0YVVybCI6bnVsbCwiY3RhVXJsVHlwZSI6bnVsbCwidHJhY2tpbmdJZCI6bnVsbCwiX21ldGFkYXRhIjp7InN0cmluZ01ldGFkYXRhIjp

                C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Home_LHP_Trial_Banner

                Download File
                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                File Type:JSON data
                Category:dropped
                Size (bytes):295
                Entropy (8bit):5.334924303098604
                Encrypted:false
                SSDEEP:
                MD5:6B252EBD29D9A182A6E2A3D734250D19
                SHA1:5BF2FC03BCDBE8389AAD733FEC9B67C3B62A81B4
                SHA-256:EED8F3B60ED40858832C61CB0C9E23D2CFA1A4DC49EF936825F28D59ABD6A934
                SHA-512:601FF927E2BE526D9B127065D038F1CA9DF2D9CA8A22C10CEF3F8A2EE4637DB3FDC88DD4E6473F8D49A9C9686DC5CCE23719745CFA8040A1298356E60CA4CEF4
                Malicious:false
                Reputation:unknown
                Preview:{"analyticsData":{"responseGUID":"cc68fbf9-3135-4ca4-9c3f-b79e6c1d7c2f","sophiaUUID":"5E8BF9F5-1E3B-447C-A619-6054B1C06D0A"},"encodingScheme":true,"expirationDTS":1743081434367,"statusCode":200,"surfaceID":"DC_Reader_Home_LHP_Trial_Banner","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_More_LHP_Banner

                Download File
                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                File Type:JSON data
                Category:dropped
                Size (bytes):289
                Entropy (8bit):5.315597286943676
                Encrypted:false
                SSDEEP:
                MD5:E34CCA6F3387008B75C8253AEA2CBDF8
                SHA1:AF92D5F49F1E0D337539246E4B511BD09D4E8558
                SHA-256:AC3DCEF21673D6B5BFEF621195E52A21314D1AF872D5A41A690BA816E6848332
                SHA-512:8956740EE0A41D451B4676382B3D0740E2F7760D8521767E5B9BD897CFD48D75EC29794740DE037CB35F35D045168604961D9865645A4C7736BF196E3FB0AAE6
                Malicious:false
                Reputation:unknown
                Preview:{"analyticsData":{"responseGUID":"cc68fbf9-3135-4ca4-9c3f-b79e6c1d7c2f","sophiaUUID":"5E8BF9F5-1E3B-447C-A619-6054B1C06D0A"},"encodingScheme":true,"expirationDTS":1743081434367,"statusCode":200,"surfaceID":"DC_Reader_More_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Banner

                Download File
                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                File Type:JSON data
                Category:dropped
                Size (bytes):284
                Entropy (8bit):5.301922259888797
                Encrypted:false
                SSDEEP:
                MD5:1D7EA15164B74F70169498D04D2CBCAF
                SHA1:9B1062D401968728F017764FCA853189A553FF1D
                SHA-256:140B07D4401B464C97D044DB16A091EAE626BCCA2F5122B9D20D80BCC0C6DC3E
                SHA-512:5B86AA575BCEBF89581B330A062ECF98504F5C91A485CC826E3BDC0872AC9677A807BC43B909A39AA81CEE2007A3FD46590DD1C252079F8FBF2AA4EEE0EFAAC0
                Malicious:false
                Reputation:unknown
                Preview:{"analyticsData":{"responseGUID":"cc68fbf9-3135-4ca4-9c3f-b79e6c1d7c2f","sophiaUUID":"5E8BF9F5-1E3B-447C-A619-6054B1C06D0A"},"encodingScheme":true,"expirationDTS":1743081434367,"statusCode":200,"surfaceID":"DC_Reader_RHP_Banner","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Intent_Banner

                Download File
                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                File Type:JSON data
                Category:dropped
                Size (bytes):291
                Entropy (8bit):5.299037186769129
                Encrypted:false
                SSDEEP:
                MD5:1D3D9EF6C66C5BDD827369410ACE38DD
                SHA1:9D10BC048C4A33244A912B16AF95DDF52458A58E
                SHA-256:FE91751D637985AF7F2BE74BE00F74F3065E966F7CA6DC89FBB41218978B0082
                SHA-512:0907F1918526BB7832C98261015EBF928B47CFA8144D4F046922E1504BF0DD7FC158171C77376C3A6962A643A4176A7111595D65E022A56D0B3CA5E0D05D8F21
                Malicious:false
                Reputation:unknown
                Preview:{"analyticsData":{"responseGUID":"cc68fbf9-3135-4ca4-9c3f-b79e6c1d7c2f","sophiaUUID":"5E8BF9F5-1E3B-447C-A619-6054B1C06D0A"},"encodingScheme":true,"expirationDTS":1743081434367,"statusCode":200,"surfaceID":"DC_Reader_RHP_Intent_Banner","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Retention

                Download File
                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                File Type:JSON data
                Category:dropped
                Size (bytes):287
                Entropy (8bit):5.3023200162151
                Encrypted:false
                SSDEEP:
                MD5:15EBF4B7A71CB58B3E843461CA5B0B3E
                SHA1:7110E20AA0295C6BFD2DD18B4A1B4C574AC0A97D
                SHA-256:E13A6473C04E8D8D614A7DB5BD5792CE992EFDC0B42D91B484D96F44403491FC
                SHA-512:086F955A7803AE7522108D9234090EEC219FFFFDDCB3B76967F634D9C6DA480CEC1518C70B3575CED568E89F2D7FD632E5CDB11145F9BC97661B996C83587EA6
                Malicious:false
                Reputation:unknown
                Preview:{"analyticsData":{"responseGUID":"cc68fbf9-3135-4ca4-9c3f-b79e6c1d7c2f","sophiaUUID":"5E8BF9F5-1E3B-447C-A619-6054B1C06D0A"},"encodingScheme":true,"expirationDTS":1743081434367,"statusCode":200,"surfaceID":"DC_Reader_RHP_Retention","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Sign_LHP_Banner

                Download File
                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                File Type:JSON data
                Category:dropped
                Size (bytes):2028
                Entropy (8bit):5.837726730497051
                Encrypted:false
                SSDEEP:
                MD5:A46BB71BFF0F2F059B62310874045F7E
                SHA1:59AFB5157DCBBD5770101E2D5F19C82C7FFBF7AE
                SHA-256:61227E1617E29426117C6643F456E58FE87D67665430173A65B71CA046B427CD
                SHA-512:835FCA21331C7B0C3074A8285A52A114D283223BA55EFF236FFB0B0598AE2521B6BAC79013D84E20BA629C70B3744CCF3B47025A7DB78A3141C4C08A293FF194
                Malicious:false
                Reputation:unknown
                Preview:{"analyticsData":{"responseGUID":"cc68fbf9-3135-4ca4-9c3f-b79e6c1d7c2f","sophiaUUID":"5E8BF9F5-1E3B-447C-A619-6054B1C06D0A"},"encodingScheme":true,"expirationDTS":1743081434367,"statusCode":200,"surfaceID":"DC_Reader_Sign_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"DC_Reader_Sign_LHP_Banner"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"102656_316349ActionBlock_0","campaignId":102656,"containerId":"1","controlGroupId":"","treatmentId":"339c0ba6-2e61-4622-82f6-f07787d206b8","variationId":"316349"},"containerId":1,"containerLabel":"JSON for DC_Reader_Sign_LHP_Banner","content":{"data":"eyJkYXRhIjp7ImxocFYyQnlQYXRoIjp7Iml0ZW0iOnsiX3BhdGgiOiIvY29udGVudC9kYW0vYWNyb2JhdGRlc2t0b3AvZ3Jvd3RoL3JlYWRlci9lbi11cy9saHAtYmFubmVyL3YyL3NpZ24iLCJfdmFyaWF0aW9uIjoicmdzMDM2MS0wIiwidGl0bGUiOm51bGwsImRlc2NyaXB0aW9uIjoiRWFzaWx5IGZpbGwgYW5kIHNpZ24gUERGcy4iLCJjdGFMYWJlbCI6bnVsbCwiY3RhQmVoYXZpb3IiOm51bGwsImN0YVVybCI6bnVsbCwiY3RhVXJsVHlwZSI6bnVsbCwidHJhY2tpbmdJZCI6bnVsbCwiX21ldGF

                C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Upsell_Cards

                Download File
                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                File Type:JSON data
                Category:dropped
                Size (bytes):286
                Entropy (8bit):5.279045031193149
                Encrypted:false
                SSDEEP:
                MD5:746F784494E1D6BC5CF3772EBCB8482A
                SHA1:8FB34956134F6EE7C31DFA534E26A678A47D2F62
                SHA-256:93384DFED77958FA15EDAE8EBA5E5E16A65EED85599CF7285B8C70754E7B4566
                SHA-512:DF7F4CAB99F08044179D6BF9AC7A4D569ABA8DB2EFB0B16976E475FEA1937ACD7BCBC38828E47AE4DA518AD865DF1CD770FD742F401EB90B612E4995F5ED0767
                Malicious:false
                Reputation:unknown
                Preview:{"analyticsData":{"responseGUID":"cc68fbf9-3135-4ca4-9c3f-b79e6c1d7c2f","sophiaUUID":"5E8BF9F5-1E3B-447C-A619-6054B1C06D0A"},"encodingScheme":true,"expirationDTS":1743081434367,"statusCode":200,"surfaceID":"DC_Reader_Upsell_Cards","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\Edit_InApp_Aug2020

                Download File
                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                File Type:JSON data
                Category:dropped
                Size (bytes):282
                Entropy (8bit):5.292497965895567
                Encrypted:false
                SSDEEP:
                MD5:C70B2B5C2C19C13D14241AE3BCEB7448
                SHA1:7D30C13876629DCF3BFA977E71D2E29F5892198E
                SHA-256:0E5479B2DB3AE9D34BF1AEBA306F959036503F8BC05558F6134D95FF8F842D24
                SHA-512:5275861068929FE2418DE92D7F0B321DAD8F64B32E7F9F3331AD265666124579A9E17CA8B1399A8A3668CD1D166C1D4F82CC7FDB0F104135F0DA09B2430BE212
                Malicious:false
                Reputation:unknown
                Preview:{"analyticsData":{"responseGUID":"cc68fbf9-3135-4ca4-9c3f-b79e6c1d7c2f","sophiaUUID":"5E8BF9F5-1E3B-447C-A619-6054B1C06D0A"},"encodingScheme":true,"expirationDTS":1743081434367,"statusCode":200,"surfaceID":"Edit_InApp_Aug2020","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\TESTING

                Download File
                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                File Type:data
                Category:dropped
                Size (bytes):4
                Entropy (8bit):0.8112781244591328
                Encrypted:false
                SSDEEP:
                MD5:DC84B0D741E5BEAE8070013ADDCC8C28
                SHA1:802F4A6A20CBF157AAF6C4E07E4301578D5936A2
                SHA-256:81FF65EFC4487853BDB4625559E69AB44F19E0F5EFBD6D5B2AF5E3AB267C8E06
                SHA-512:65D5F2A173A43ED2089E3934EB48EA02DD9CCE160D539A47D33A616F29554DBD7AF5D62672DA1637E0466333A78AAA023CBD95846A50AC994947DC888AB6AB71
                Malicious:false
                Reputation:unknown
                Preview:....

                C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\SOPHIA.json

                Download File
                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                File Type:JSON data
                Category:dropped
                Size (bytes):2815
                Entropy (8bit):5.125173049521733
                Encrypted:false
                SSDEEP:
                MD5:654C9B9060B3A5095C15CBF01CF31E11
                SHA1:E8D584AE92108EB6A3DD57BF1A7EA5D3CEEB9142
                SHA-256:3460A2281358D35982A62A806FFE5DDB07E140C7937AEDEB226070C179B40551
                SHA-512:F12612220ABAB145040E54AF8708E98C613A58595A8C95601A447E5D2D91397032B120C97A9D7352D9205DF48EE4F9A52D010D4F9C1F72C63DB0A618CEE3A870
                Malicious:false
                Reputation:unknown
                Preview:{"all":[{"id":"DC_Reader_Disc_LHP_Banner","info":{"dg":"6a55aef0cb9033c53136e8fbea00060d","sid":"DC_Reader_Disc_LHP_Banner"},"mimeType":"file","size":289,"ts":1742906008000},{"id":"DC_Reader_Sign_LHP_Banner","info":{"dg":"a305502afc9f5135e87fc8454a18eb61","sid":"DC_Reader_Sign_LHP_Banner"},"mimeType":"file","size":2028,"ts":1742906008000},{"id":"DC_Reader_Convert_LHP_Banner","info":{"dg":"024806489c4f8da91384912316b63f8c","sid":"DC_Reader_Convert_LHP_Banner"},"mimeType":"file","size":2129,"ts":1742906008000},{"id":"DC_Reader_Edit_LHP_Banner","info":{"dg":"4d898b3995553d09d1929065b1e11fe4","sid":"DC_Reader_Edit_LHP_Banner"},"mimeType":"file","size":2080,"ts":1742906008000},{"id":"DC_Reader_Home_LHP_Trial_Banner","info":{"dg":"bbfdfe43590c56fa5f8235c7da22368d","sid":"DC_Reader_Home_LHP_Trial_Banner"},"mimeType":"file","size":295,"ts":1742906008000},{"id":"DC_Reader_Disc_LHP_Retention","info":{"dg":"8d8fe5b252ae2b98a82c4b56e3b92eb4","sid":"DC_Reader_Disc_LHP_Retention"},"mimeType":"file",

                C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents

                Download File
                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                File Type:SQLite 3.x database, last written using SQLite version 3040000, file counter 19, database pages 3, cookie 0x2, schema 4, UTF-8, version-valid-for 19
                Category:dropped
                Size (bytes):12288
                Entropy (8bit):0.9892029574390246
                Encrypted:false
                SSDEEP:
                MD5:5482A7B2B07D6499B0C2C183A85D7BDD
                SHA1:6A59D31C413B88616E1BCBAD2E283963942BA071
                SHA-256:753B700250B1978CD2421F712D14B6D2EC6AD5CD925D0887448708101E174AC9
                SHA-512:DE53F0DE27B4FA42E911BE7B3AD97B8742E25A48F2FEB3651D05156756DEABCB545A64756C741D126DD473A73038C6A344E9B8840ACAE65A4386295A6284FAE3
                Malicious:false
                Reputation:unknown
                Preview:SQLite format 3......@ ..........................................................................c.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents-journal

                Download File
                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                File Type:SQLite Rollback Journal
                Category:dropped
                Size (bytes):8720
                Entropy (8bit):1.3450850969286607
                Encrypted:false
                SSDEEP:
                MD5:F57253D3BCCED0CF7A434FC46D3B1889
                SHA1:4095340EF1840A15BC79F29B8B3CD4B19FD1F7F3
                SHA-256:4B3E23AC4E70176F39B14EA6820082DCD635F00E27907D186C6E69EE9780BC5C
                SHA-512:0E8E8BD181E679B87042D3306C25C9F872724278EBB1ACBA74C76C15B3734815DF073AEC84A16415C1032FF19F6FFCB18B7F6C3088F8F79C1A47B06C52CAFE8B
                Malicious:false
                Reputation:unknown
                Preview:.... .c......'......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................j...#..#.#.#.#.#.#.#.#.7.7........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                C:\Users\user\AppData\Local\Temp\MSIef4f5.LOG

                Download File
                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
                Category:dropped
                Size (bytes):246
                Entropy (8bit):3.5197430193686525
                Encrypted:false
                SSDEEP:
                MD5:206B957A2239744A4706773BA87D3E1C
                SHA1:785013247216A8D8F6D2887B55CAF7939B3EC9A1
                SHA-256:659D05BDDF64A335A1FC11A1468C9AB523F6DFB4FE7E443527BD241CDD8D365F
                SHA-512:7DF109A714733897DEDC73FAD22C3E4DBAF6C1225D41A858B63E31A304365133246715391B5753F7B17A8DAD4D9806CD921E937782BCAC78C706496C50A007F3
                Malicious:false
                Reputation:unknown
                Preview:..E.r.r.o.r. .2.7.1.1...T.h.e. .s.p.e.c.i.f.i.e.d. .F.e.a.t.u.r.e. .n.a.m.e. .(.'.A.R.M.'.). .n.o.t. .f.o.u.n.d. .i.n. .F.e.a.t.u.r.e. .t.a.b.l.e.......=.=.=. .L.o.g.g.i.n.g. .s.t.o.p.p.e.d.:. .2.5./.0.3./.2.0.2.5. . .0.8.:.3.3.:.3.1. .=.=.=.....

                C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2025-03-25 08-33-26-473.log

                Download File
                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                File Type:ASCII text, with very long lines (393)
                Category:dropped
                Size (bytes):16525
                Entropy (8bit):5.353642815103214
                Encrypted:false
                SSDEEP:
                MD5:91F06491552FC977E9E8AF47786EE7C1
                SHA1:8FEB27904897FFCC2BE1A985D479D7F75F11CEFC
                SHA-256:06582F9F48220653B0CB355A53A9B145DA049C536D00095C57FCB3E941BA90BB
                SHA-512:A63E6E0D25B88EBB6602885AB8E91167D37267B24516A11F7492F48876D3DDCAE44FFC386E146F3CF6EB4FA6AF251602143F254687B17FCFE6F00783095C5082
                Malicious:false
                Reputation:unknown
                Preview:SessionID=ec4bacf2-5410-40d4-850b-5ac338f864f3.1696585143072 Timestamp=2023-10-06T11:39:03:072+0200 ThreadID=6404 Component=ngl-lib_NglAppLib Description="-------- Initializing session logs --------".SessionID=ec4bacf2-5410-40d4-850b-5ac338f864f3.1696585143072 Timestamp=2023-10-06T11:39:03:072+0200 ThreadID=6404 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: No operating configs found".SessionID=ec4bacf2-5410-40d4-850b-5ac338f864f3.1696585143072 Timestamp=2023-10-06T11:39:03:072+0200 ThreadID=6404 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: Fallback to NAMED_USER_ONLINE!!".SessionID=ec4bacf2-5410-40d4-850b-5ac338f864f3.1696585143072 Timestamp=2023-10-06T11:39:03:073+0200 ThreadID=6404 Component=ngl-lib_NglAppLib Description="SetConfig: OS Name=WINDOWS_64, OS Version=10.0.19045.1".SessionID=ec4bacf2-5410-40d4-850b-5ac338f864f3.1696585143072 Timestamp=2023-10-06T11:39:03:073+0200 ThreadID=6404 Component=ngl-lib_NglAppLib Description="SetConfig:

                C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6.log

                Download File
                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                File Type:ASCII text, with very long lines (393), with CRLF line terminators
                Category:dropped
                Size (bytes):15114
                Entropy (8bit):5.356411656385572
                Encrypted:false
                SSDEEP:
                MD5:D1F1251A17F1EA7C6DA8DF2636C1F088
                SHA1:E9F6F62E03BD01EFC2FE57DB96221084DF13BD50
                SHA-256:B203A7414C8134F7A4F6A1CFAFA07A489BB12E43399490F70744EA9292ABC1B9
                SHA-512:707BE6E0E858F2906A592B5D06CA9F06C6827073D85F2D07A84D3555E7B09A2F7994ED410825C5720910667E843D0F83FC486C964E7DD5E0260176FB726C4365
                Malicious:false
                Reputation:unknown
                Preview:SessionID=008ffce7-e96f-4a59-909d-74b4d2186caa.1742906006487 Timestamp=2025-03-25T08:33:26:487-0400 ThreadID=2888 Component=ngl-lib_NglAppLib Description="-------- Initializing session logs --------"..SessionID=008ffce7-e96f-4a59-909d-74b4d2186caa.1742906006487 Timestamp=2025-03-25T08:33:26:489-0400 ThreadID=2888 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: No operating configs found"..SessionID=008ffce7-e96f-4a59-909d-74b4d2186caa.1742906006487 Timestamp=2025-03-25T08:33:26:489-0400 ThreadID=2888 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: Fallback to NAMED_USER_ONLINE!!"..SessionID=008ffce7-e96f-4a59-909d-74b4d2186caa.1742906006487 Timestamp=2025-03-25T08:33:26:489-0400 ThreadID=2888 Component=ngl-lib_NglAppLib Description="SetConfig: OS Name=WINDOWS_64, OS Version=10.0.19045.1"..SessionID=008ffce7-e96f-4a59-909d-74b4d2186caa.1742906006487 Timestamp=2025-03-25T08:33:26:489-0400 ThreadID=2888 Component=ngl-lib_NglAppLib Description="SetConf

                C:\Users\user\AppData\Local\Temp\acrobat_sbx\acroNGLLog.txt

                Download File
                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                File Type:ASCII text, with CRLF line terminators
                Category:dropped
                Size (bytes):29752
                Entropy (8bit):5.422992188267926
                Encrypted:false
                SSDEEP:
                MD5:F3D290A361A98CDCFDC52E02123A3861
                SHA1:092BBFD00B573541E083D908C2C3AFE00C3CCBAC
                SHA-256:7BF8480AB013E3A5D02B0D95329ABC0CBAFE6205DE35DEEEB1B0A09083F0ABF4
                SHA-512:F46FB3986476F44BAB5C08B7CF5C1C8794D517DBABB425F89594281EBA3DFED5870F7C05BDE27FC683169EC230CDAFBBD3C6C3949EB5927E6125F09D948D9AF8
                Malicious:false
                Reputation:unknown
                Preview:06-10-2023 10:08:42:.---2---..06-10-2023 10:08:42:.AcroNGL Integ ADC-4240758 : ***************************************..06-10-2023 10:08:42:.AcroNGL Integ ADC-4240758 : ***************************************..06-10-2023 10:08:42:.AcroNGL Integ ADC-4240758 : ******** Starting new session ********..06-10-2023 10:08:42:.AcroNGL Integ ADC-4240758 : Starting NGL..06-10-2023 10:08:42:.AcroNGL Integ ADC-4240758 : Setting synchronous launch...06-10-2023 10:08:42:.AcroNGL Integ ADC-4240758 ::::: Configuring as AcrobatReader1..06-10-2023 10:08:42:.AcroNGL Integ ADC-4240758 : NGLAppVersion 23.6.20320.6..06-10-2023 10:08:42:.AcroNGL Integ ADC-4240758 : NGLAppMode NGL_INIT..06-10-2023 10:08:42:.AcroNGL Integ ADC-4240758 : AcroCEFPath, NGLCEFWorkflowModulePath - C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1 C:\Program Files\Adobe\Acrobat DC\Acrobat\NGL\cefWorkflow..06-10-2023 10:08:42:.AcroNGL Integ ADC-4240758 : isNGLExternalBrowserDisabled - No..06-10-2023 10:08:42:.Closing File..06-10-

                C:\Users\user\AppData\Local\Temp\acrocef_low\21974700-a6b4-45e2-b905-f68c3a252089.tmp

                Download File
                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 5111142
                Category:dropped
                Size (bytes):1419751
                Entropy (8bit):7.976496077007677
                Encrypted:false
                SSDEEP:
                MD5:13F55292D0735B9ABD4259B225D210FC
                SHA1:810CC5D545BFA11D2825F6E1DFA69176794DA7EC
                SHA-256:8C3FFEA68963D108599E8C5AE20DE6E9C473BF33197A03A9A7DDCD0F25A6C7F6
                SHA-512:4F54EDA9EB61172A5243DAA718CFF42A0BF079CC0FA7BE3553CC8B79772763B49F530DD6B54A9D595C4F46B8416ADF7D5C8DAD58FC43A5C651258E669DC375DA
                Malicious:false
                Reputation:unknown
                Preview:...........[.s.8..}.....!#..gw.n.`uNl.f6.3....d%EK.D["...#.......!)...r.$.G.......Z..u.._>.~....^e..<..u..........._D.r.Z..M.:...$.I..N.....\`.B.wj...:...E|.P..$ni.{.....T.^~<m-..J....RQk..*..f.....q.......V.rC.M.b.DiL\.....wq.*...$&j....O.........~.U.+..So.]..n..#OJ..p./..-......<...5..WB.O....i....<./T.P.L.;.....h.ik..D*T...<...j..o..fz~..~."...w&.fB...4..@[.g.......Y.>/M.".....-..N.{.2.....\....h..ER..._..(.-..o97..[.t:..>..W*..0.....u...?.%...1u..fg..`.Z.....m ~.GKG.q{.vU.nr..W.%.W..#z..l.T......1.....}.6......D.O...:....PX.......*..R.....j.WD).M..9.Fw...W.-a..z.l\..u*.^....*L..^.`.T...l.^.B.DMc.d....i...o.|M.uF|.nQ.L.E,.b!..NG.....<...J......g.o....;&5..'a.M...l..1.V.iB2.T._I....".+.W.yA ._.......<.O......O$."C....n!H.L`..q.....5..~./.._t.......A....S..3........Q[..+..e..P;...O...x~<B........'.)...n.$e.m.:...m.....&..Y.".H.s....5.9..A5)....s&.k0,.g4.V.K.,*.e....5...X.}6.P....y\.s|..Si..BB..y...~.....D^g...*7'T-.5*.!K.$\...2.

                C:\Users\user\AppData\Local\Temp\acrocef_low\b1f2ef58-f490-438f-a93a-6c74e0cb98fa.tmp

                Download File
                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 299538
                Category:dropped
                Size (bytes):758601
                Entropy (8bit):7.98639316555857
                Encrypted:false
                SSDEEP:
                MD5:3A49135134665364308390AC398006F1
                SHA1:28EF4CE5690BF8A9E048AF7D30688120DAC6F126
                SHA-256:D1858851B2DC86BA23C0710FE8526292F0F69E100CEBFA7F260890BD41F5F42B
                SHA-512:BE2C3C39CA57425B28DC36E669DA33B5FF6C7184509756B62832B5E2BFBCE46C9E62EAA88274187F7EE45474DCA98CD8084257EA2EBE6AB36932E28B857743E5
                Malicious:false
                Reputation:unknown
                Preview:...........kWT..0...W`.........b..@..nn........5.._..I.R3I..9g.x....s.\+.J......F...P......V]u......t....jK...C.fD..]..K....;......y._.U..}......S.........7...Q.............W.D..S.....y......%..=.....e..^.RG......L..].T.9.y.zqm.Q]..y..(......Q]..~~..}..q...@.T..xI.B.L.a.6...{..W..}.mK?u...5.#.{...n...........z....m^.6!.`.....u...eFa........N....o..hA-..s.N..B.q..{..z.{=..va4_`5Z........3.uG.n...+...t...z.M."2..x.-...DF..VtK.....o]b.Fp.>........c....,..t..an[............5.1.(}..q.q......K3.....[>..;e..f.Y.........mV.cL...]eF..7.e.<.._.o\.S..Z...`..}......>@......|.......ox.........h.......o....-Yj=.s.g.Cc\.i..\..A.B>.X..8`...P......[..O...-.g...r..u\...k..7..#E....N}...8.....(..0....w....j.......>.L....H.....y.x3...[>..t......0..z.qw..]X..i8..w.b..?0.wp..XH.A.[.....S..g.g..I.A.15.0?._n.Q.]..r8.....l..18...(.].m...!|G.1...... .3.`./....`~......G.............|..pS.e.C....:o.u_..oi.:..|....joi...eM.m.K...2%...Z..j...VUh..9.}.....

                C:\Users\user\AppData\Local\Temp\acrocef_low\d3f0092f-96a8-402d-b244-5da7262ebcd6.tmp

                Download File
                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1311022
                Category:dropped
                Size (bytes):386528
                Entropy (8bit):7.9736851559892425
                Encrypted:false
                SSDEEP:
                MD5:5C48B0AD2FEF800949466AE872E1F1E2
                SHA1:337D617AE142815EDDACB48484628C1F16692A2F
                SHA-256:F40E3C96D4ED2F7A299027B37B2C0C03EAEEE22CF79C6B300E5F23ACB1EB31FE
                SHA-512:44210CE41F6365298BFBB14F6D850E59841FF555EBA00B51C6B024A12F458E91E43FDA3FA1A10AAC857D4BA7CA6992CCD891C02678DCA33FA1F409DE08859324
                Malicious:false
                Reputation:unknown
                Preview:...........]s[G. Z...{....;...J$%K&..%.[..k...S....$,.`. )Z..m........a.......o..7.VfV...S..HY}Ba.<.NUVVV~W.].;qG4..b,N..#1.=1.#1..o.Fb.........IC.....Z...g_~.OO.l..g.uO...bY.,[..o.s.D<..W....w....?$4..+..%.[.?..h.w<.T.9.vM.!..h0......}..H..$[...lq,....>..K.)=..s.{.g.O...S9".....Q...#...+..)>=.....|6......<4W.'.U.j$....+..=9...l.....S..<.\.k.'....{.1<.?..<..uk.v;.7n.!...g....."P..4.U........c.KC..w._G..u..g./.g....{'^.-|..h#.g.\.PO.|...]x..Kf4..s..............+.Y.....@.K....zI..X......6e?[..u.g"{..h.vKbM<.?i6{%.q)i...v..<P8P3.......CW.fwd...{:@h...;........5..@.C.j.....a.. U.5...].$.L..wW....z...v.......".M.?c.......o..}.a.9..A..%V..o.d....'..|m.WC.....|.....e.[W.p.8...rm....^..x'......5!...|......z..#......X_..Gl..c..R..`...*.s-1f..]x......f...g...k........g....... ).3.B..{"4...!r....v+As...Zn.]K{.8[..M.r.Y..........+%...]...J}f]~}_..K....;.Z.[..V.&..g...>...{F..{I..@~.^.|P..G.R>....U..../HY...(.z.<.~.9OW.Sxo.Y

                C:\Users\user\AppData\Local\Temp\acrocef_low\f032e167-3dd6-4d92-8d64-5835c4186804.tmp

                Download File
                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 33081
                Category:dropped
                Size (bytes):1407294
                Entropy (8bit):7.97605879016224
                Encrypted:false
                SSDEEP:
                MD5:011E40C772A8CE55D3C4190BA8DB32BE
                SHA1:0C6B2B5DD7593EC18D433272E864C2746B69C1AC
                SHA-256:99EB0D330ECCE9CF2BE7E143322267A6C839CECA4A37184852F4C418FB4D9E7F
                SHA-512:4F341C14A4480C22CC24DDF5C758C0D43308F2082C77E3812515C0CA98CA1560CE76D4032DDF3A1C6DE73AF31379DBF3B4537DB35FD6C363412FDB6213602170
                Malicious:false
                Reputation:unknown
                Preview:...........[.s.8..}.....!#..gw.n.`uNl.f6.3....d%EK.D["...#.......!)...r.$.G.......Z..u.._>.~....^e..<..u..........._D.r.Z..M.:...$.I..N.....\`.B.wj...:...E|.P..$ni.{.....T.^~<m-..J....RQk..*..f.....q.......V.rC.M.b.DiL\.....wq.*...$&j....O.........~.U.+..So.]..n..#OJ..p./..-......<...5..WB.O....i....<./T.P.L.;.....h.ik..D*T...<...j..o..fz~..~."...w&.fB...4..@[.g.......Y.>/M.".....-..N.{.2.....\....h..ER..._..(.-..o97..[.t:..>..W*..0.....u...?.%...1u..fg..`.Z.....m ~.GKG.q{.vU.nr..W.%.W..#z..l.T......1.....}.6......D.O...:....PX.......*..R.....j.WD).M..9.Fw...W.-a..z.l\..u*.^....*L..^.`.T...l.^.B.DMc.d....i...o.|M.uF|.nQ.L.E,.b!..NG.....<...J......g.o....;&5..'a.M...l..1.V.iB2.T._I....".+.W.yA ._.......<.O......O$."C....n!H.L`..q.....5..~./.._t.......A....S..3........Q[..+..e..P;...O...x~<B........'.)...n.$e.m.:...m.....&..Y.".H.s....5.9..A5)....s&.k0,.g4.V.K.,*.e....5...X.}6.P....y\.s|..Si..BB..y...~.....D^g...*7'T-.5*.!K.$\...2.

                Chrome Cache Entry: 182

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:Unicode text, UTF-8 text, with very long lines (30348)
                Category:downloaded
                Size (bytes):30353
                Entropy (8bit):5.018444558435311
                Encrypted:false
                SSDEEP:
                MD5:CADCD88C2B50719913DC9399B152246B
                SHA1:36D8E2583525E1EA387EF87559EEE2D6E6C70BF2
                SHA-256:9BABACB0D4D96F6A146103EC93214179C5F3A5FEDB9FD4ABD4F69BF023862977
                SHA-512:FBCB648B7D62AF2A6F9C2A062B9415D76464722598DC1557A1092957493C5CC8A7D2E6733968E31456CA6CAF883F58C9D0471D71F4BFA0E301535840D3B2DEB1
                Malicious:false
                Reputation:unknown
                URL:https://hypnotherapyforhappiness.co.uk/wp-content/plugins/site-reviews/assets/styles/default.css?ver=7.2.6
                Preview:body{--glsr-white:#fff;--glsr-gray-100:#f5f5f5;--glsr-gray-200:#e5e5e5;--glsr-gray-300:#d4d4d4;--glsr-gray-400:#a3a3a3;--glsr-gray-500:#737373;--glsr-gray-600:#525252;--glsr-gray-700:#404040;--glsr-gray-800:#262626;--glsr-gray-900:#171717;--glsr-black:#000;--glsr-blue:#1c64f2;--glsr-green:#057a55;--glsr-red:#e02424;--glsr-yellow:#faca15;--glsr-duration-slow:0.3s;--glsr-duration-fast:0.15s;--glsr-gap-xs:0.25em;--glsr-gap-sm:0.5em;--glsr-gap-md:0.75em;--glsr-gap-lg:1em;--glsr-gap-xl:2em;--glsr-leading:1.5;--glsr-px:1.25em;--glsr-py:1.25em;--glsr-radius:3px;--glsr-text-base:1em;--glsr-text-sm:0.875em;--glsr-text-md:1em;--glsr-text-lg:1.25em;--glsr-review-star:1.25em;--glsr-review-verified:var(--glsr-green);--glsr-tag-label-weight:600;--glsr-bar-bg:var(--glsr-yellow);--glsr-bar-leading:1.5;--glsr-bar-opacity:0.1;--glsr-max-w:48ch;--glsr-summary-star:1.5em;--glsr-summary-text:var(--glsr-text-sm);--glsr-choice-h:1.125em;--glsr-choice-w:1.125em;--glsr-description-text:var(--glsr-text-sm);--gl

                Chrome Cache Entry: 183

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:PNG image data, 600 x 800, 8-bit colormap, non-interlaced
                Category:downloaded
                Size (bytes):186789
                Entropy (8bit):7.985911904255114
                Encrypted:false
                SSDEEP:
                MD5:B2FB407E442AD3B711F13D572EA23911
                SHA1:45FFCB816F74EE384F48C04A71C3E0CF712C8F59
                SHA-256:62CE56A3775142F745566464FD6EB245D13B265CA7C9439B9A3236840B0BB4D8
                SHA-512:AE6FEF042E52FDB26F736B1F9A0FEC0C1EC67A2C6F416A22B2845CB7E9C94F69DFBEA41859AC32C9EE1992E378462A42935A306A496B681F0F20AA9C384F30BA
                Malicious:false
                Reputation:unknown
                URL:https://hypnotherapyforhappiness.co.uk/wp-content/uploads/2023/08/sunflower-1.png
                Preview:.PNG........IHDR...X... ............iTXtXML:com.adobe.xmp.....<x:xmpmeta xmlns:x='adobe:ns:meta/'>. <rdf:RDF xmlns:rdf='http://www.w3.org/1999/02/22-rdf-syntax-ns#'>.. <rdf:Description rdf:about=''. xmlns:dc='http://purl.org/dc/elements/1.1/'>. <dc:title>. <rdf:Alt>. <rdf:li xml:lang='x-default'>sunflower - 1</rdf:li>. </rdf:Alt>. </dc:title>. </rdf:Description>.. <rdf:Description rdf:about=''. xmlns:Attrib='http://ns.attribution.com/ads/1.0/'>. <Attrib:Ads>. <rdf:Seq>. <rdf:li rdf:parseType='Resource'>. <Attrib:Created>2023-08-14</Attrib:Created>. <Attrib:ExtId>2390ca93-1c58-4cfc-b1cc-3a0223098922</Attrib:ExtId>. <Attrib:FbId>525265914179580</Attrib:FbId>. <Attrib:TouchType>2</Attrib:TouchType>. </rdf:li>. </rdf:Seq>. </Attrib:Ads>. </rdf:Description>.. <rdf:Description rdf:about=''. xmlns:pdf='http://ns.adobe.com/pdf/

                Chrome Cache Entry: 184

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (11295), with no line terminators
                Category:downloaded
                Size (bytes):11295
                Entropy (8bit):4.831468128385282
                Encrypted:false
                SSDEEP:
                MD5:7DC0EDBC8A00CC01362F9AEA2D56FE39
                SHA1:776FC63A1082C7B8C9BA9E582B44ADEEE2356E2D
                SHA-256:F6DA0C75217CFEC8BE731D494C6EE94FCD2AD5A2993345F9170AE01392F85F8D
                SHA-512:00AD2AACAC1B6A88681D0831F3EA0C3BC391B051B3C1C776E69E714CD7075B632ECE03243C110F3C4BF2771F9B14531D3F2938A047FE71BCF2FA7965110B0BCF
                Malicious:false
                Reputation:unknown
                URL:https://hypnotherapyforhappiness.co.uk/wp-content/plugins/mai-engine/assets/css/blocks.min.css?ver=2.35.1.2720251604
                Preview:.wp-block-audio figcaption{color:var(--caption-color,var(--color-body));font-size:var(--caption-font-size,var(--font-size-xs));text-align:var(--caption-text-align,center)}.wp-block-buttons{--row-gap:var(--spacing-xxs);--column-gap:var(--spacing-xxs);gap:var(--row-gap) var(--column-gap);padding-top:var(--spacing-xs)}.wp-block-buttons:has(.alignleft){justify-content:start}.wp-block-buttons:has(.aligncenter){justify-content:center}.wp-block-buttons:has(.alignright){justify-content:end}.wp-block-buttons-is-layout-flex{align-items:normal}.wp-block-code{border:var(--border);border-radius:var(--border-radius);color:var(--color-heading);font-family:var(--code-font-family);font-size:var(--font-size-sm);padding:.8em 1em}.wp-block-columns{--row-gap:var(--spacing-lg);--column-gap:var(--spacing-lg);gap:var(--row-gap) var(--column-gap);margin-bottom:0!important}.wp-block-cover{display:flex;justify-content:var(--cover-block-justify-content,center);min-height:0;overflow:initial;padding:var(--cover-blo

                Chrome Cache Entry: 185

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (65435)
                Category:downloaded
                Size (bytes):131865
                Entropy (8bit):5.0413135350960925
                Encrypted:false
                SSDEEP:
                MD5:DAC2A752ACA42F8EC15088AFFF17CCB8
                SHA1:F385166F33F46B311ACA9441A28F0D306C2F80A4
                SHA-256:DF8621EFAAB16CE4AAFB3D8E41D32F392D36B54CB4989941F9466B7B4B00153B
                SHA-512:73F931033D060E71F85499175C54BBAF45198BD1AA4A480A7012F6D89B56BDE94FC93A6CC66084C107FDCC6DC6242013F4DF4BC3D8DB7E4E7D4C9DCC5746BF29
                Malicious:false
                Reputation:unknown
                URL:https://hypnotherapyforhappiness.co.uk/wp-content/plugins/formidable/css/formidableforms.css?ver=3171529
                Preview:/* WARNING: Any changes made to this file will be lost when your Formidable settings are updated. */..with_frm_style{--form-width:10014ca13fd237eed5db7b33e0e1b6e178f3433e19d520d3752eed03dd3a552581a;--form-align:left;--direction:ltr;--fieldset:0px;--fieldset-color:#000000;--fieldset-padding:0 0 15px 0;--fieldset-bg-color:transparent;--title-size:40px;--title-color:#444444;--title-margin-top:10px;--title-margin-bottom:60px;--form-desc-size:14px;--form-desc-color:#666666;--form-desc-margin-top:10px;--form-desc-margin-bottom:25px;--form-desc-padding:0;--font-size:15px;--label-color:#3f4b5b;--weight:normal;--position:none;--align:left;--width:150px;--required-color:#B94A48;--required-weight:bold;--label-padding:0 0 3px 0;--description-font-size:12px;--description-color:#666666;--description-weight:normal;--description-style:normal;--description-align:left;--description-margin:0;--field-font-size:14px;--field-height:32px;--line-height:32px;--field-width:10014ca13fd237eed5db7b33e0e1b6e178f343

                Chrome Cache Entry: 186

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text
                Category:downloaded
                Size (bytes):321
                Entropy (8bit):4.991161709092051
                Encrypted:false
                SSDEEP:
                MD5:BCFFB89FB8660F064D68E249AD7631A9
                SHA1:CE2AB0CAC473E2D4E4B44A88DDE7D35D96BF3F53
                SHA-256:3D83AF4E1707C4B98D80D559AF75845FE699A05D867BCC438CAEAAFA97534735
                SHA-512:A25F7DCDF9218EB4A6BECD0C0A55EE84ADCBB19DE43AE747C55F47B710E88EDCF218C0090CC6283ABE65DE629C0C2E82885677E529CC8108B17614801B603E7F
                Malicious:false
                Reputation:unknown
                URL:https://hypnotherapyforhappiness.co.uk/wp-content/plugins/simply-schedule-appointments/assets/css/ssa-styles.css?ver=1.6.8.11
                Preview:iframe.ssa_booking_iframe {..border: 0 none;..height: 600px;..max-height: none !important; /* Stop responsive iframe scripts from setting an aspect ratio */..min-width: 100%;..width: 1px;.}...ssa-admin-warning {..background-color: #fff9c4;..border-left: 4px solid #fdd835;..color: #c6a700; ..margin: 0;..padding: 16px;.}

                Chrome Cache Entry: 187

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:PNG image data, 1600 x 600, 8-bit/color RGBA, non-interlaced
                Category:downloaded
                Size (bytes):1487361
                Entropy (8bit):7.991018829076211
                Encrypted:true
                SSDEEP:
                MD5:A46A3452B7BC03B9CE30D403241AEC5B
                SHA1:F16A1556DFED7419FA2A714CBFD50B48F013C4C3
                SHA-256:FBD57E0B2BF92D4D37DD7DFD0D58B47333BF8A7C9B957295E61E722A817659A9
                SHA-512:1BC2C2CA8EF6DA6E6E46AE9EB52544D8DBA6440A1D8962DB504B07F3A5F70CDD3AA056B1BB946C5E4025CDDA37B3682EF3D5F6C7E8E5E1C8F7056C108CF47941
                Malicious:false
                Reputation:unknown
                URL:https://hypnotherapyforhappiness.co.uk/wp-content/uploads/2023/08/Malvern-Hills.png
                Preview:.PNG........IHDR...@...X.....:.*B....pHYs..........+.....;tEXtComment.xr:d:DAFqSnjoY5U:3,j:8905140707062786990,t:23080110I?Gt....iTXtXML:com.adobe.xmp.....<x:xmpmeta xmlns:x='adobe:ns:meta/'>. <rdf:RDF xmlns:rdf='http://www.w3.org/1999/02/22-rdf-syntax-ns#'>.. <rdf:Description rdf:about=''. xmlns:dc='http://purl.org/dc/elements/1.1/'>. <dc:title>. <rdf:Alt>. <rdf:li xml:lang='x-default'>Untitled design - 1</rdf:li>. </rdf:Alt>. </dc:title>. </rdf:Description>.. <rdf:Description rdf:about=''. xmlns:Attrib='http://ns.attribution.com/ads/1.0/'>. <Attrib:Ads>. <rdf:Seq>. <rdf:li rdf:parseType='Resource'>. <Attrib:Created>2023-08-01</Attrib:Created>. <Attrib:ExtId>14a7c9fb-48d6-42f3-89ab-7f096edd02bd</Attrib:ExtId>. <Attrib:FbId>525265914179580</Attrib:FbId>. <Attrib:TouchType>2</Attrib:TouchType>. </rdf:li>. </rdf:Seq>. </Attrib:Ads>. </r

                Chrome Cache Entry: 188

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (65447)
                Category:downloaded
                Size (bytes):87553
                Entropy (8bit):5.262620498676155
                Encrypted:false
                SSDEEP:
                MD5:826EB77E86B02AB7724FE3D0141FF87C
                SHA1:79CD3587D565AFE290076A8D36C31C305A573D18
                SHA-256:CB6F2D32C49D1C2B25E9FFC9AAAFA3F83075346C01BCD4AE6EB187392A4292CF
                SHA-512:FC79FDB76763025DC39FAC045A215FF155EF2F492A0E9640079D6F089FA6218AF2B3AB7C6EAF636827DEE9294E6939A95AB24554E870C976679C25567AD6374C
                Malicious:false
                Reputation:unknown
                URL:https://hypnotherapyforhappiness.co.uk/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
                Preview:/*! jQuery v3.7.1 | (c) OpenJS Foundation and other contributors | jquery.org/license */.!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(ie,e){"use strict";var oe=[],r=Object.getPrototypeOf,ae=oe.slice,g=oe.flat?function(e){return oe.flat.call(e)}:function(e){return oe.concat.apply([],e)},s=oe.push,se=oe.indexOf,n={},i=n.toString,ue=n.hasOwnProperty,o=ue.toString,a=o.call(Object),le={},v=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType&&"function"!=typeof e.item},y=function(e){return null!=e&&e===e.window},C=ie.document,u={type:!0,src:!0,nonce:!0,noModule:!0};function m(e,t,n){var r,i,o=(n=n||C).createElement("script");if(o.text=e,t)for(r in u)(i=t[r]||t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.remove

                Chrome Cache Entry: 190

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:PNG image data, 300 x 80, 8-bit/color RGBA, non-interlaced
                Category:dropped
                Size (bytes):23173
                Entropy (8bit):7.986372430363305
                Encrypted:false
                SSDEEP:
                MD5:58A27B58111F654861743CADADE626E5
                SHA1:BD26AB7448649639CDCA796F02F8EF9CC65EABA8
                SHA-256:12808D30C0B4BE5D676B90FE2830363681F2E1D45501D85F8578517B9B5B0C00
                SHA-512:1B25451FEBCFF3381280D4258DECB7A6AE0126303AE588BFF066C6B5B3BE409A7C4339EE32EC41B52F90DFC55FAD139ACC275C9A76A69321831F7F65503C4E9F
                Malicious:false
                Reputation:unknown
                Preview:.PNG........IHDR...,...P.......H{....pHYs..........+.... .IDATx..w.%Gu....9L..9.$..*#..B.9.......{6...x6....I.A.!!...IHH..Zm.6.......sSw........vW...g.>Ws.oW.SU.N.Sb...%..<....?...n...y8..a.p.a...p.......%......A...~...y..;....L.BJ. ..... !].p2..I...-.!.{.=...<...gX...\[..3*..kH!....-...y.=......7...<..7..[.K..pem...SE.P..@xZ.-a.x.=.....X.....%....D(%J...O.{.........H)SJ..H[..S..H).ZfD.....t....d.-...h...#h0.....[.P.a..$...h).0.....p...D....;.....keX.JQ....p.IQ.{r...o...2._#'.p.q,(.n.t.\...F"..L....H3z.KX.!aJ......j...W..$d.no.#(..q....[.\....TT..H........6.....U..!.J.q..W....k...BH......*.brS.....H`.........g..T.fh..9./.... ..(..Q...DC.MgG..Tf8W@"...T..E.I...]..F..p..DR_U.9S..,G....)..=Ikk.......[H*...k+&..)..w..$..u...z....%.Nu1..*g...|A?RJ:.I...fSU...2>...%.3..N...."A?....}.9YB....w.....s.Ds[..PE(.t.COO?}}..3*....!i..$....Y.eY$....%..Dh.3..].4......E..A.:-...V...H4.@b0...~.va....e.....nm....Q.F..I.&..5FY.=....-.g...,....4K.....d

                Chrome Cache Entry: 191

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text
                Category:downloaded
                Size (bytes):5362
                Entropy (8bit):4.613136195566531
                Encrypted:false
                SSDEEP:
                MD5:7910FF8D8529C81384D761DDAAE5F232
                SHA1:AB2D5AC6231662E1CA8B1113BC77960D60569E42
                SHA-256:AE3E48E29EB72FA80029C19F95875A4FE3217A20D516D9250F3325349956FBCF
                SHA-512:99CDF9B582DAE3C30D7B987207DB6081142C513E15CEDDE98B48F9D9373466A95FAAB367A26EC10AA5D82308E3B56BFFA614639BFE53951700FA7044D4F34DC6
                Malicious:false
                Reputation:unknown
                URL:https://hypnotherapyforhappiness.co.uk/wp-content/plugins/simply-schedule-appointments/assets/css/upcoming-appointments.css?ver=1.6.8.11
                Preview:.ssa-upcoming-appointments{. height: 100%;. width: 100%;. display: flex;. flex-direction: column;. gap: 1rem;. margin-bottom: 1rem;.}...ssa-upcoming-appointments .appointment-card{. display: flex;. flex-direction: column;. color: #858585;. background-color: white;. border-radius: 4px;.}...ssa-upcoming-appointments .appointment-card-header{. display: flex;. flex-wrap: wrap;. gap: 1rem;. padding: 1.5rem 1.5rem 0 1.5rem;.}...wp-container-core-group-layout-6 .ssa-upcoming-appointments .appointment-card-header{. justify-content: center;.}...wp-container-core-columns-layout-1 .ssa-upcoming-appointments .appointment-card-header{. justify-content: center;.}..wp-container-core-columns-layout-2 .ssa-upcoming-appointments .appointment-card-header{. justify-content: center;.}...wp-container-core-group-layout-6 .ssa-upcoming-appointments .appointment-card .appointment-card-header .member-avatar img{. object-fit: contain;.}...wp-container-core

                Chrome Cache Entry: 193

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (60474)
                Category:downloaded
                Size (bytes):60509
                Entropy (8bit):5.2142521583932195
                Encrypted:false
                SSDEEP:
                MD5:9D0186557BFEB9695C8009B63E51E510
                SHA1:2BF3E1123D03A8E87D05FDF81B0FF586E3656C51
                SHA-256:DD15570784A2937B19B6E2F0C24909C0ECCB7FCAF31281FC28D032CC85FEA43E
                SHA-512:25EFE3A71A621917859FBB0D62018693383405A8F9BA1E1EE10D4A40CD1E3BF25395CE602D21B82231B146A2E4B67B02F9E57A8684F60206B67C91428A6F7F63
                Malicious:false
                Reputation:unknown
                URL:https://cdn.trustindex.io/loader.js
                Preview:(()=>{"use strict";class t{static setCommonConstants(){this.script=document.currentScript,this.loadedCss=[],this.loadedJs=[]}static addCSS(t,e,i=!1,s=null){if(void 0===this.loadedCss&&(this.loadedCss=[]),!t||-1!==this.loadedCss.indexOf(t))return e?e():null;let r=document.createElement("link");return r.type="text/css",r.rel="stylesheet",r.href=t,i&&window!==window.parent&&this.isCrossDomainIframe()?window.parent.document.head.appendChild(r):document.head.appendChild(r),document.head.appendChild(r),"function"==typeof e&&r.addEventListener("load",e),"function"==typeof s&&r.addEventListener("error",s),this.loadedCss.push(t)}static addJS(t,e,i=!1){if(void 0===this.loadedJs&&(this.loadedJs=[]),!t||-1!==this.loadedJs.indexOf(t))return e?e():null;let s=document.createElement("script");return s.type="text/javascript",s.src=t,i&&window!==window.parent&&this.isCrossDomainIframe()?window.parent.document.head.appendChild(s):document.head.appendChild(s),e&&s.addEventListener("load",e),this.loadedJs.

                Chrome Cache Entry: 194

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (8035)
                Category:downloaded
                Size (bytes):13199
                Entropy (8bit):4.97539785360052
                Encrypted:false
                SSDEEP:
                MD5:A63840048FE22E7D0ABFBE96A2C88E4B
                SHA1:5B2F00AD0EC27F6B31B9DE37A1A08767CBA3CCAC
                SHA-256:A114F3FF0882C5E46BCA9EADC734011FA8943A4CDDD9F20173C281CFA1388E43
                SHA-512:4DF1D09A8A7F3DE0B9C4DD1B26AAB3C65E2420B7F205B8A31CC1F58C71A930FFFA8FFAA2186508593FDD0FD878FA9D1813B0B48830E51923B6AD18BB0FD2357B
                Malicious:false
                Reputation:unknown
                URL:https://hypnotherapyforhappiness.co.uk/wp-content/uploads/uag-plugin/assets/0/uag-css-51.css?ver=1742831628
                Preview:.wp-block-uagb-container{display:flex;position:relative;box-sizing:border-box;transition-property:box-shadow;transition-duration:0.2s;transition-timing-function:ease}.wp-block-uagb-container .spectra-container-link-overlay{bottom:0;left:0;position:absolute;right:0;top:0;z-index:10}.wp-block-uagb-container.uagb-is-root-container{margin-left:auto;margin-right:auto}.wp-block-uagb-container.alignfull.uagb-is-root-container .uagb-container-inner-blocks-wrap{display:flex;position:relative;box-sizing:border-box;margin-left:auto !important;margin-right:auto !important}.wp-block-uagb-container .wp-block-uagb-blockquote,.wp-block-uagb-container .wp-block-spectra-pro-login,.wp-block-uagb-container .wp-block-spectra-pro-register{margin:unset}.wp-block-uagb-container .uagb-container__video-wrap{height:100%;width:100%;top:0;left:0;position:absolute;overflow:hidden;-webkit-transition:opacity 1s;-o-transition:opacity 1s;transition:opacity 1s}.wp-block-uagb-container .uagb-container__video-wrap video{m

                Chrome Cache Entry: 195

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (1488)
                Category:downloaded
                Size (bytes):4894
                Entropy (8bit):5.128098640126687
                Encrypted:false
                SSDEEP:
                MD5:5A6B0FC4405A22EFED2220C9EBDBCEBE
                SHA1:18CBD790091C344FB9CCE4233CD0C9B3A36B08EB
                SHA-256:BE80F16154C0732E45558A559875EA30DE0EE12766A6BF8FEF48DE3C3423E64F
                SHA-512:F94C7C651EFC66CE7DF2F38D7A6C329B9B778E91639789A110F379DF31DD82282224BA28E080F336A4917471D7393317C3C26B50E2B4EDEF977AD7D512B24086
                Malicious:false
                Reputation:unknown
                URL:https://hypnotherapyforhappiness.co.uk/wp-content/plugins/animate-it/assets/js/edsanimate.js?ver=1.4.4
                Preview:(function($) {..$(document).ready(function(){...var animationStyleClasses = ["animated","infinite", "bounce", "flash", "pulse", "rubberBand", "shake", "swing", "tada", "wobble", "bounceIn", "bounceInDown", "bounceInLeft", "bounceInRight", "bounceInUp", "bounceOut", "bounceOutDown", "bounceOutLeft", "bounceOutRight", "bounceOutUp", "fadeIn", "fadeInDown", "fadeInDownBig", "fadeInLeft", "fadeInLeftBig", "fadeInRight", "fadeInRightBig", "fadeInUp", "fadeInUpBig", "fadeOut", "fadeOutDown", "fadeOutDownBig", "fadeOutLeft", "fadeOutLeftBig", "fadeOutRight", "fadeOutRightBig", "fadeOutUp", "fadeOutUpBig", "flip", "flipInX", "flipInY", "flipOutX", "flipOutY", "lightSpeedIn", "lightSpeedOut", "rotateIn", "rotateInDownLeft", "rotateInDownRight", "rotateInUpLeft", "rotateInUpRight", "rotateOut", "rotateOutDownLeft", "rotateOutDownRight", "rotateOutUpLeft", "rotateOutUpRight", "slideInUp", "slideInDown", "slideInLeft", "slideInRight", "slideOutUp", "slideOutDown", "slideOutLeft", "slideOutRight",

                Chrome Cache Entry: 196

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (58981)
                Category:downloaded
                Size (bytes):59016
                Entropy (8bit):6.036924444025019
                Encrypted:false
                SSDEEP:
                MD5:D68D6BF519169D86E155BAD0BED833F8
                SHA1:27BA9C67D0E775FC4E6DD62011DAF4C3902698FC
                SHA-256:C21E5A2B32C47BC5F9D9EFC97BC0E29FD081946D1D3EBFFC5621CFAFB1D3960E
                SHA-512:FD0956D1A7165E61348FDA53D859493A094D5A669AA0BA648BE3381B02ED170EFD776704AF6965F1E31143F510172EE941D4F2FC32C4751D9B8763B66301486D
                Malicious:false
                Reputation:unknown
                URL:https://hypnotherapyforhappiness.co.uk/wp-includes/css/dashicons.min.css?ver=6.7.2
                Preview:/*! This file is auto-generated */.@font-face{font-family:dashicons;src:url("../fonts/dashicons.eot?99ac726223c749443b642ce33df8b800");src:url("../fonts/dashicons.eot?99ac726223c749443b642ce33df8b800#iefix") format("embedded-opentype"),url("data:application/x-font-woff;charset=utf-8;base64,d09GRgABAAAAAHvwAAsAAAAA3EgAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAABHU1VCAAABCAAAADMAAABCsP6z7U9TLzIAAAE8AAAAQAAAAFZAuk8lY21hcAAAAXwAAAk/AAAU9l+BPsxnbHlmAAAKvAAAYwIAAKlAcWTMRWhlYWQAAG3AAAAALwAAADYXkmaRaGhlYQAAbfAAAAAfAAAAJAQ3A0hobXR4AABuEAAAACUAAAVQpgT/9mxvY2EAAG44AAACqgAAAqps5EEYbWF4cAAAcOQAAAAfAAAAIAJvAKBuYW1lAABxBAAAATAAAAIiwytf8nBvc3QAAHI0AAAJvAAAEhojMlz2eJxjYGRgYOBikGPQYWB0cfMJYeBgYGGAAJAMY05meiJQDMoDyrGAaQ4gZoOIAgCKIwNPAHicY2Bk/Mc4gYGVgYOBhzGNgYHBHUp/ZZBkaGFgYGJgZWbACgLSXFMYHD4yfHVnAnH1mBgZGIE0CDMAAI/zCGl4nN3Y93/eVRnG8c/9JE2bstLdQIF0N8x0t8w0pSMt0BZKS5ml7F32lrL3hlKmCxEQtzjAhQMRRcEJijhQQWV4vgNBGV4nl3+B/mbTd8+reeVJvuc859znvgL0A5pkO2nW3xcJ8qee02ej7/NNDOz7fHPTw/r/LnTo60ale4ooWov2orOYXXQXPWVr2V52lrPL3qq3Wlmtq

                Chrome Cache Entry: 197

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:HTML document, ASCII text, with very long lines (19850), with no line terminators
                Category:downloaded
                Size (bytes):19850
                Entropy (8bit):5.228286964896505
                Encrypted:false
                SSDEEP:
                MD5:3207EA82A0C13B00995056B249BABE73
                SHA1:554D4B53B7C61CB6BB9CFBB74805D4828D87453E
                SHA-256:468E962041A07362B5532BC98239F286726A585D48EC672098732032BACE9897
                SHA-512:D503A39AA10140E4D96172A8A93090DE8C365023251CA864797DF734CB516ECEF3C9A3C75BD0688D959346627A2DBAE2B55F317199A57B7081A6F5500B649EAF
                Malicious:false
                Reputation:unknown
                URL:https://hypnotherapyforhappiness.co.uk/wp-content/plugins/cookie-law-info/lite/frontend/js/script.min.js?ver=3.2.8
                Preview:!function(e){var t={};function n(o){if(t[o])return t[o].exports;var c=t[o]={i:o,l:!1,exports:{}};return e[o].call(c.exports,c,c.exports,n),c.l=!0,c.exports}n.m=e,n.c=t,n.d=function(e,t,o){n.o(e,t)||Object.defineProperty(e,t,{enumerable:!0,get:o})},n.r=function(e){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},n.t=function(e,t){if(1&t&&(e=n(e)),8&t)return e;if(4&t&&"object"==typeof e&&e&&e.__esModule)return e;var o=Object.create(null);if(n.r(o),Object.defineProperty(o,"default",{enumerable:!0,value:e}),2&t&&"string"!=typeof e)for(var c in e)n.d(o,c,function(t){return e[t]}.bind(null,c));return o},n.n=function(e){var t=e&&e.__esModule?function(){return e.default}:function(){return e};return n.d(t,"a",t),t},n.o=function(e,t){return Object.prototype.hasOwnProperty.call(e,t)},n.p="",n(n.s=0)}([function(e,t){const n=window._ckyConfig,o=window._ckyStyles;n._backupNodes=[],n._resetCo

                Chrome Cache Entry: 198

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (460)
                Category:downloaded
                Size (bytes):112429
                Entropy (8bit):5.094858366006171
                Encrypted:false
                SSDEEP:
                MD5:B1F6E18313D5D60BF9B3140153513BDB
                SHA1:2C4C8FA9FDE58A2A94AD140D36560CC01631D300
                SHA-256:CD0399977B416C5A727572C4A5A1453709176B6113B98219B15BA1C7A0A70C8E
                SHA-512:FD7A57AAD1FA6BFD5FD4725181F304988B4B3527A95332B729189935344EB4B227B988A2D21C9FF85E28E9E20FA3EE3E09872F96C329DC5FE656263AB8B80AD2
                Malicious:false
                Reputation:unknown
                URL:https://hypnotherapyforhappiness.co.uk/wp-content/plugins/animate-it/assets/css/animate-animo.css?ver=6.7.2
                Preview:@charset "UTF-8";./*.Animate.css - http://daneden.me/animate.Licensed under the MIT license..Copyright (c) 2013 Daniel Eden..Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:..The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software...THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER

                Chrome Cache Entry: 199

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:Web Open Font Format (Version 2), TrueType, length 18684, version 1.0
                Category:downloaded
                Size (bytes):18684
                Entropy (8bit):7.986563869059254
                Encrypted:false
                SSDEEP:
                MD5:5C43EF701A5404B9AC81708CD6F6E979
                SHA1:14EF8BF8FB3C47DCCC93CAF17F573C82C1487220
                SHA-256:8ADB87CA2EC37AF37DFB66AACC7F841B279B0420299491F5371225A4DC8FB3BA
                SHA-512:F3597A3EA4ED5B09D0E24AE460E83C211184B7C6726E84FF8A3BA314EA9C00A962F885489EAA869710909A7CC088E3A0A0530BFCFA3A7EBC66AC2B798067A716
                Malicious:false
                Reputation:unknown
                URL:https://hypnotherapyforhappiness.co.uk/wp-content/fonts/montserrat/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXo.woff2
                Preview:wOF2......H........4..H...........................:...`..$.`?STATD..L.|........8.J.....6.$.... ..,..3..(...5l.F..<.u~...#..[..I..G".....}O......../..MM..e[.8*...N.......f.r..b.i.+V@8.4.Jo....&N...H.d2.y$..kl..d+..OF......_.|1..@...#!!*.*.....d...E`..G..'....V....qrH..lC1"3...y....].*X..,@..`Z....V.iE.Z..&.Q5VQf.t.L.<......~........f.o..(....9o.........1!n...@I.I..x../Zh}R.ygV..2..{..&...... b..].Z....<...ch.,.-........?>.,F.S[93..O...... K..~B..9X.)7.)}s.|...M.7.v.x.........M...w)...)f2.....IN...l.[.......s..<.(.-..!3.&Q&V.....X.K9-..$.".h..!j}...7..C...../.Y...=.J.VuX.....d....L[{...;..SPs.%....:..2.....CR3.E.......o..g.....;......#.R.b...Y..?...(p..B......]....J.<.....*.T.T..s.;..J..+..\.wS.4E..g-.@...P...O..{3..8S.}'w1...\]U...H`f.......R..&BK...D.K].t.\:...J..+....\....&.7..r.,..!...~.}.;2...-...8'J...r-w..}'....~....UQ.QQ.#F..cD......&..!.%...;.\a..[.e......-&050.p>.LD....@H(Q`......7.2N*$]..B....3....Q.q..)T0K].^....?.B.......e.+.C...3K

                Chrome Cache Entry: 200

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:HTML document, ASCII text, with very long lines (19949), with CRLF, LF line terminators
                Category:downloaded
                Size (bytes):179944
                Entropy (8bit):5.426833022977651
                Encrypted:false
                SSDEEP:
                MD5:FF6478E0D5C68CFD0A9C64B1953D1F74
                SHA1:D3577B0E18F4FE625EA2A765A083D41DE6F8326E
                SHA-256:C3221888BE874407C1DE2A390C4A3F518C63F8741D8FFDB2B5D88CFD0EE5AB7E
                SHA-512:EB3BCCD4810F3EDBA76F34ADA4611C6920EB02F68EB5ED67BB901B59F223B7750B69C8B8711CB03917FA2CA28AF37EE8CFDAB6AFCAE72D2D3F9A231C79CF1FA8
                Malicious:false
                Reputation:unknown
                URL:https://hypnotherapyforhappiness.co.uk/
                Preview:<!DOCTYPE html>.<html dir="ltr" lang="en-GB" prefix="og: https://ogp.me/ns#">.<head itemscope itemtype="https://schema.org/WebSite">.<meta charset="UTF-8" />.<meta name="viewport" content="width=device-width, initial-scale=1" />.<title>Hypnotherapy in Malvern Worcestershire | Hypnotherapy for Happiness</title>..<style>img:is([sizes="auto" i], [sizes^="auto," i]) { contain-intrinsic-size: 3000px 1500px }</style>..... All in One SEO 4.8.1 - aioseo.com -->..<meta name="description" content="If you are suffering from stress, anxiety or confidence issues, hypnotherapy can help. Christina Emmerton offers Hypnotherapy in Malvern, Worcester and online." />..<meta name="robots" content="max-image-preview:large" />..<link rel="canonical" href="https://hypnotherapyforhappiness.co.uk/" />..<meta name="generator" content="All in One SEO (AIOSEO) 4.8.1" />...<meta property="og:locale" content="en_GB" />...<meta property="og:site_name" content="Hypnotherapy for Happiness | Hypnotherapy for anxiet

                Chrome Cache Entry: 201

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text
                Category:downloaded
                Size (bytes):1997
                Entropy (8bit):4.163786489359277
                Encrypted:false
                SSDEEP:
                MD5:6A3CF7CC51317FC9E5110C4E384F88E2
                SHA1:0097BC69FD0027651BA3970DA08CB0393AAB0C62
                SHA-256:595A17A7850DA5BA2F3AE112C9678EE84E05A3CFD4CBC05EA9AEF21109B6A399
                SHA-512:263408B736CA88094D827786F01453D29FCE068B7932B47323F82D5D5360479164A99229A75522ACADE71D4235178BE3A86E2741A82381C1E46E430BE1D8D489
                Malicious:false
                Reputation:unknown
                URL:https://hypnotherapyforhappiness.co.uk/wp-content/plugins/animate-it/assets/js/viewportchecker.js?ver=1.4.4
                Preview:(function($){. $.fn.edsViewportChecker = function(useroptions){. . var options = {. .classToRemove: 'eds-scroll-hidden',. classToAdd: 'eds-scroll-visible',. offset: 75,. callbackFunction: function(elem){}. };. $.extend(options, useroptions);. . var $elem = this; .. this.checkElements = function(){. . var.windowHeight = $(window).height(),. viewportTop = $(document).scrollTop(),. viewportBottom = (viewportTop + windowHeight);.. $elem.each(function(){. var $obj = $(this);. var scroll_offset = $obj.attr('eds_scroll_offset');. . if ($obj.hasClass(options.classToAdd)){. return;. }.. var elemTop = '';. if(scroll_offset != null && scroll_offset != ''){. .elemTop = Math.round( $obj.offset().top )

                Chrome Cache Entry: 202

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text
                Category:downloaded
                Size (bytes):149
                Entropy (8bit):4.146880331379183
                Encrypted:false
                SSDEEP:
                MD5:1EB205CB9C0ED52294EB43E5E91B57DB
                SHA1:4FE366653E26EBF6002B9421E1C27ECBC0537AED
                SHA-256:65813A49FEC46DAC01AE0504E4A0D6D7F59EAA27462D413BEFDA35C5288FD685
                SHA-512:C13791653988229BE2FC3BBBAEFE42164ABD4465D5EA50622876295F55BF2A1E99AA777AF4A90D6B44D65BD1AC001EC6FADF0EB311CDD4CD893C61ADA7465B80
                Malicious:false
                Reputation:unknown
                URL:https://hypnotherapyforhappiness.co.uk/wp-content/plugins/animate-it/assets/css/block-style.css?ver=1719478577
                Preview:/**. * Note that these styles are loaded *before* editor styles, so that. * editor-specific styles using the same selectors will take precedence.. */

                Chrome Cache Entry: 205

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text
                Category:downloaded
                Size (bytes):2318
                Entropy (8bit):4.046315663744514
                Encrypted:false
                SSDEEP:
                MD5:3412A76D1309925E4C16893C6446EF4B
                SHA1:F8DFD0D9131393F999D11D8D95C7B55553C4B38D
                SHA-256:BB44226B5403B6DF28BC66E0075D515156BFA7CA25DBF613C9E00758E035B8DC
                SHA-512:1F71F2054B9B469D23A57DD171FAD730F507F7D13C34DC2B2071E8484421C736D9805D78C321419B5EA0DB5D9FDD5C723B6E6BBD243B8B3C514504188E2D5CA0
                Malicious:false
                Reputation:unknown
                URL:https://hypnotherapyforhappiness.co.uk/wp-content/plugins/to-top/public/js/to-top-public.js?ver=2.5.4
                Preview:(function($) {. "use strict";. $(function() {. var container = $("#to_top_scrollup").css({. 'opacity': 0. });. var data = to_top_options;.. var mouse_over = false;. var hideEventID = 0;.. var fnHide = function() {. clearTimeout(hideEventID);. if (container.is(":visible")) {. container.stop().fadeTo(200, 0, function() {. container.hide();. mouse_over = false;. });. }. };.. var fnHideEvent = function() {. if (!mouse_over && data.enable_autohide == 1 ) {. clearTimeout(hideEventID);. hideEventID = setTimeout(function() {. fnHide();. }, data.autohide_time * 1000);. }. };.. var scrollHandled = false;. var fnScroll = function() {. if (scrollHandled). return;.. scrollHandled = true

                Chrome Cache Entry: 206

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:Web Open Font Format (Version 2), TrueType, length 16292, version 1.0
                Category:downloaded
                Size (bytes):16292
                Entropy (8bit):7.985605962902917
                Encrypted:false
                SSDEEP:
                MD5:CE485A2BDEE361BB271BD6D3CE1EE5CD
                SHA1:4F9A446275D160CCCD6666ADDEE65F849C9C5A50
                SHA-256:923963E0A56B84C4438F2359121E855E147A01A78A2591C471179CFC9BF0E784
                SHA-512:1BF2959F7A4673E53317367BCDE7FC06C53D8C25AC5055CF988266C256B24DC4EA306DD3B0585685FEA84FBF821B2A9A988D86BCB67E3FF88B87523D974D9BF7
                Malicious:false
                Reputation:unknown
                URL:https://fonts.gstatic.com/s/nunito/v26/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2
                Preview:wOF2......?...........??..........................>..n....`?STATH..2........?..L..6.$.... .....%...6....K........L.N..d.......d.V|...&.Ay..dU...(.......%.Sy U...w.....4-.F4..j....(,..L0.x.}...~.}.g`...$....w.......d5...A..PV.>..9....8Br.B.m.(....Z..S!U.....(Pw.:5.E~...S1..z.l..a0`..bcDm0B.U............2._?.........&.K..0..&.@=..O.G.}...... .zJ+.".RU*.Y.`.....{....~.=..t.!... ..$.Pl..1.......~.....Dy.>./..C.....[..l.....Z.(.1..dX}..-..._S...cU..e..."...N...;?..P..v...?..@....M....{,yP.!...E...).6<.V..Vw.n..R...8.C.....d]u........*....x.. ...b.l.......0.8.0<..nz..Jz.......A-i.'..o....\. .!H...~.V_.Bg..d....f.dk...8"..".WC.q=F3P....>c.o}.....hEA.TP.....f.X.:...c@+.B....f./)...T.B...B!@...f.)....y.8.HH..)..%.IgF..E.#.*..0.E.W.G8.U}..zc@...E?M..}+..B.qha>.x [q 0...|..9...i|.Z.!.LQC.hV..Z..HE #J.\..dRQ....&(.C..CT......cG*....z..0_.k&.8.........} .n.)..n.U..*%T...V.....%.@...........5L..HS.L..o....pK/zn...x.W~..;....ROs./..8.../...5.M......uO?.n..y

                Chrome Cache Entry: 207

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (50911), with no line terminators
                Category:downloaded
                Size (bytes):50911
                Entropy (8bit):4.810918252828168
                Encrypted:false
                SSDEEP:
                MD5:FDB8A63DB4C4ACADCCD9CD3B61B092FC
                SHA1:DFA89E618ED395FEBA1E0E9767A477CF6F82448A
                SHA-256:942EE38141ED8990491D5D09A889577FFAED929FA2F7585A58E0661AA30E738D
                SHA-512:2DC948531C882DB42D37A0610BCFF73A0B2A9025ABEF59AA2007D8447F70B77A8295E446CD382154FFE9882F0BBBF9757DC108C83485CC6DA92A86E2BAC4DBAF
                Malicious:false
                Reputation:unknown
                URL:https://hypnotherapyforhappiness.co.uk/wp-content/plugins/mai-engine/assets/css/main.min.css?ver=2.35.1.2720251604
                Preview::root{--color-success:#32cd32;--color-danger:#ff4500;--color-warning:gold;--color-info:#1e90ff;--color-border:rgba(10,20,30,.05);--color-shadow:rgba(10,20,30,.1);--system-font-family:-apple-system,blinkmacsystemfont,"Segoe UI",roboto,oxygen-sans,ubuntu,cantarell,"Helvetica Neue",sans-serif;--code-font-family:consolas,monaco,monospace;--font-size-base:16px;--font-scale-responsive:0.15vw;--font-size-xs:calc(var(--font-size-sm)/var(--font-scale));--font-size-sm:calc(var(--font-size-md)/var(--font-scale));--font-size-md:calc(var(--font-size-base) + var(--font-scale-responsive));--font-size-lg:calc(var(--font-size-md)*var(--font-scale));--font-size-xl:calc(var(--font-size-lg)*var(--font-scale));--font-size-xxl:calc(var(--font-size-xl)*var(--font-scale));--font-size-xxxl:calc(var(--font-size-xxl)*var(--font-scale));--font-size-xxxxl:calc(var(--font-size-xxxl)*var(--font-scale));--line-height-scale:1.125;--line-height-1:1;--line-height-xs:calc(var(--line-height-1)*var(--line-height-scale));--

                Chrome Cache Entry: 208

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:PNG image data, 768 x 278, 8-bit colormap, non-interlaced
                Category:dropped
                Size (bytes):23727
                Entropy (8bit):7.941705792748012
                Encrypted:false
                SSDEEP:
                MD5:04FD39273F0AE6D8633993CB7ACC4534
                SHA1:4AF715CEDAEA3DD8A78BB0AC1E251FF012B68DC1
                SHA-256:E22FAE736B513D6EDD430B94C5254BC831DDABAF62C4FE2114FD7C065586FA9D
                SHA-512:A9AE6CC59213B267EF9674EB34D71DA12C7C96CAFDDD61ADB93B223006EA528852C6A1E4572FE66BEC71154CEE9A2A8C230C4B59B013F3B7D04D06FA580D20D4
                Malicious:false
                Reputation:unknown
                Preview:.PNG........IHDR..............O......pHYs..........+......PLTE....I........N.>.+U.is.sf..+T..+UI...*U....js.......rf..ir.>.>........O.J.....sf.9Di......... -V...,8_..."/X.........(4\%2Z...........FPr............w~.JTt.../;a.........S]|.........<Fj......nu.............fn.............OXx..............>Il...Xa.......ks.2=c6Af.lv.w.|..BLo...............rz..............................qz..N.........bj................~....]f......f.....D...................P....................................._hp............R.........................................................~...............}q.............I......X.............m......mM..}~...................n................Y.......w........~......{...b.....v...`............t.........Z.z... .IDATx..MO.I....H.V........c@.,.36.. a2..d@h....#E...2'4..4s"...Q.D.R..."r..!."...^...$#.Z...K.P..TW...r......................................................

                Chrome Cache Entry: 209

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with no line terminators
                Category:downloaded
                Size (bytes):16
                Entropy (8bit):3.875
                Encrypted:false
                SSDEEP:
                MD5:7D0BE47218A164E9EDFE3A0FD45BF9CD
                SHA1:CC4DB87063A91F77A894C3B37CA4EBD4E4F63DF4
                SHA-256:F34E84CD80D444C972B52CCDF1D6A681A5BD3C4B7343679AF28B52D0B5C399AD
                SHA-512:7B5F82B3FD8BA986CC4105434DF40075D515E60CBF4E9006B5A7060EA2AB7823A45ABC82F85FE61724D29BCF8639F7E89DDD1AFD7A677307586FF78508369FDD
                Malicious:false
                Reputation:unknown
                URL:https://content-autofill.googleapis.com/v1/pages/ChRDaHJvbWUvMTM0LjAuNjk5OC4zNhIZCd6WKTVnJdi0EgUNfWn3pyGnQEwqxI-Twg==?alt=proto
                Preview:CgkKBw19afenGgA=

                Chrome Cache Entry: 210

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text
                Category:downloaded
                Size (bytes):471
                Entropy (8bit):4.5458997655914795
                Encrypted:false
                SSDEEP:
                MD5:625D528052DE5240AD746A4AB50AE381
                SHA1:783FB38D942F1867B53CB33AB686C8E7A78D1CA7
                SHA-256:5B7D697A8EA949D3F368CB3129E764DC4875B1809CC393B3558FED7A3BA38DB0
                SHA-512:2507BD6CC4672C72AC572AD95D3CE0CB4CDCBAEBA7E56C84CF4B3FEA652BF492DAD26A805DCC2754BE46418F732771593B05B1D92F076812CE68AB30D5557FA9
                Malicious:false
                Reputation:unknown
                URL:https://hypnotherapyforhappiness.co.uk/wp-content/themes/mai-success/style.css?ver=2.0.0.62720240856
                Preview:/**. * Theme Name: Mai Success. * Theme URI: https://bizbudding.com/themes/mai-success/. * Description: Mai Success child theme for the Genesis Framework.. * Author: BizBudding. * Author URI: https://bizbudding.com/. * Version: 2.0.0. * Text Domain: mai-success. * Template: genesis. * Template Version: 3.3.2. * License: GPL-2.0-or-later. * License URI: http://www.gnu.org/licenses/gpl-2.0.html. */..

                Chrome Cache Entry: 211

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (33789), with no line terminators
                Category:downloaded
                Size (bytes):33789
                Entropy (8bit):4.996771602187443
                Encrypted:false
                SSDEEP:
                MD5:6EC7FB89709B1E9917F280103A0BDE64
                SHA1:9CF30F3B1FFD686B01932D6AC39478ED370C3126
                SHA-256:19D2832A89AB8DBFCB577B9D7FFE57D01A81817431BB347D352027534817EB29
                SHA-512:62AE71B044F1640EA6370095826EC930B29E41BE6A52E1405FABD55FCB1A061673937D7E726C2351911B95A88A331572F3F62ACA8D5CF5053A2D310F623E6D1B
                Malicious:false
                Reputation:unknown
                URL:https://hypnotherapyforhappiness.co.uk/wp-content/plugins/chaty/css/chaty-front.min.css?ver=3.3.81700739748
                Preview:.chaty *,.chaty-chat-view *,.chaty-outer-forms *{box-sizing:border-box}.chaty-agent-data,.chaty-whatsapp-field input[type=text],.chaty-whatsapp-message,.chaty-whatsapp-message p{font-family:Segoe UI,Helvetica Neue,Helvetica,Lucida Grande,Arial,Ubuntu,Cantarell,Fira Sans,sans-serif}.chaty-agent-header,.chaty-channel,.chaty-channels,.chaty-form-body,.chaty-tooltip{position:relative}.chaty-tooltip .on-hover-text,.chaty-tooltip .on-hover-text:before,.chaty-tooltip:after,.chaty-tooltip:before{text-transform:none;font-size:.9em;line-height:1;user-select:none;pointer-events:none;position:absolute;display:none;opacity:0}.on-hover-text{display:none;white-space:pre}.chaty-tooltip .on-hover-text:before,.chaty-tooltip:before{content:"";border:5px solid transparent;z-index:1001}.chaty-tooltip:after{content:attr(data-hover)}.chaty-tooltip .on-hover-text,.chaty-tooltip:after{text-align:center;min-width:1em;max-width:21em;white-space:nowrap;overflow:hidden;text-overflow:ellipsis;padding:5px 15px;borde

                Chrome Cache Entry: 213

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (59458)
                Category:downloaded
                Size (bytes):114706
                Entropy (8bit):4.924852554644207
                Encrypted:false
                SSDEEP:
                MD5:8C9F31823282E4E056EB0AA7FAC262A9
                SHA1:DC3B1A37381E079FDA8DB59C1A9469852CD18B80
                SHA-256:3BB38D0F302677FF4104564454F60F495133579D6E6DFB722B3DE850DF596502
                SHA-512:39F239C875550BF9A31254EED1F0358EA3C6309D9FCBF6005D8852843EAF60BC20B8626D169F810A6C71B7DCDB769B8512314B89BA1FDEEA2CB3089BE9D21AE0
                Malicious:false
                Reputation:unknown
                URL:https://hypnotherapyforhappiness.co.uk/wp-includes/css/dist/block-library/style.min.css?ver=6.7.2
                Preview:@charset "UTF-8";.wp-block-archives{box-sizing:border-box}.wp-block-archives-dropdown label{display:block}.wp-block-avatar{line-height:0}.wp-block-avatar,.wp-block-avatar img{box-sizing:border-box}.wp-block-avatar.aligncenter{text-align:center}.wp-block-audio{box-sizing:border-box}.wp-block-audio :where(figcaption){margin-bottom:1em;margin-top:.5em}.wp-block-audio audio{min-width:300px;width:100%}.wp-block-button__link{box-sizing:border-box;cursor:pointer;display:inline-block;text-align:center;word-break:break-word}.wp-block-button__link.aligncenter{text-align:center}.wp-block-button__link.alignright{text-align:right}:where(.wp-block-button__link){border-radius:9999px;box-shadow:none;padding:calc(.667em + 2px) calc(1.333em + 2px);text-decoration:none}.wp-block-button[style*=text-decoration] .wp-block-button__link{text-decoration:inherit}.wp-block-buttons>.wp-block-button.has-custom-width{max-width:none}.wp-block-buttons>.wp-block-button.has-custom-width .wp-block-button__link{width:100

                Chrome Cache Entry: 214

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text
                Category:downloaded
                Size (bytes):978
                Entropy (8bit):4.7077737454386925
                Encrypted:false
                SSDEEP:
                MD5:658ED7C8D9872EB232101D85F58C8CC5
                SHA1:8BCED14987DEA1D915C41A32A667D5A37891F2AE
                SHA-256:876822AC9010888CDD45FC9F3C4888616364D6F481F1F4CAACAEFF1A3192E62D
                SHA-512:BA8DF2217E87C0230CD8AC135275F881FD4D0B1F24115D30AA2B4552C8262216A0AB1A838E196623C731B04215FE6C0B167DC11DBA9F5FD1AB47E6DCAB48D092
                Malicious:false
                Reputation:unknown
                URL:https://hypnotherapyforhappiness.co.uk/wp-content/plugins/to-top/public/css/to-top-public.css?ver=2.5.4
                Preview:/**. * All of the CSS for your public-facing functionality should be. * included in this file.. */..#to_top_scrollup {. background-color: #000;. -webkit-border-radius: 5%;. -moz-border-radius: 5%;. border-radius: 5%;. box-sizing: content-box;. bottom: 20px;. color: #fff;. cursor: pointer;. display: none;. font-size: 32px;. font-weight: normal;. height: 32px;. opacity: 0.5;. padding: 5px;. position: fixed;. right: 20px;. text-align: center;. text-decoration: none;. vertical-align: middle;. width: 32px;. z-index: 9999;.}..#to_top_scrollup img {. width: 100%;.}../* Accessibility - Text meant only for screen readers */..screen-reader-text {. clip: rect(1px, 1px, 1px, 1px);. height: 1px;. overflow: hidden;. position: absolute !important;. width: 1px;. /* many screen reader and browser combinations announce broken words as they would appear visually */. word-wrap: normal !important;.}

                Chrome Cache Entry: 215

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (1572)
                Category:downloaded
                Size (bytes):13858
                Entropy (8bit):5.510043259614912
                Encrypted:false
                SSDEEP:
                MD5:D83B22706D44926C571F0C29FD244FDB
                SHA1:80DA4003374FAB8719F5D2964AF916825F430ADA
                SHA-256:825A1A7AB81971D7CFB10DBA86F3BB9BEB3EA2C21593AA9159DE1AAB81E61D1D
                SHA-512:556F202C1C194E04CBF70696ECD1307801C2EBDEE6F027616CD65858D843489A9A361125652EBD0BF4C0E008A81AB685C93DA63A3D8FF8462DC8D638776609B7
                Malicious:false
                Reputation:unknown
                URL:https://fonts.googleapis.com/css2?display=swap&family=Open+Sans:wght@600&family=Noto+Sans&family=Nunito&family=Hind&family=Dancing+Script
                Preview:/* vietnamese */.@font-face {. font-family: 'Dancing Script';. font-style: normal;. font-weight: 400;. font-display: swap;. src: url(https://fonts.gstatic.com/s/dancingscript/v25/If2cXTr6YS-zF4S-kcSWSVi_sxjsohD9F50Ruu7BMSo3Rep8ltA.woff2) format('woff2');. unicode-range: U+0102-0103, U+0110-0111, U+0128-0129, U+0168-0169, U+01A0-01A1, U+01AF-01B0, U+0300-0301, U+0303-0304, U+0308-0309, U+0323, U+0329, U+1EA0-1EF9, U+20AB;.}./* latin-ext */.@font-face {. font-family: 'Dancing Script';. font-style: normal;. font-weight: 400;. font-display: swap;. src: url(https://fonts.gstatic.com/s/dancingscript/v25/If2cXTr6YS-zF4S-kcSWSVi_sxjsohD9F50Ruu7BMSo3ROp8ltA.woff2) format('woff2');. unicode-range: U+0100-02BA, U+02BD-02C5, U+02C7-02CC, U+02CE-02D7, U+02DD-02FF, U+0304, U+0308, U+0329, U+1D00-1DBF, U+1E00-1E9F, U+1EF2-1EFF, U+2020, U+20A0-20AB, U+20AD-20C0, U+2113, U+2C60-2C7F, U+A720-A7FF;.}./* latin */.@font-face {. font-family: 'Dancing Script';. font-style: normal;. font-weight

                Chrome Cache Entry: 216

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:PNG image data, 1016 x 368, 8-bit colormap, non-interlaced
                Category:dropped
                Size (bytes):33668
                Entropy (8bit):7.928422666615187
                Encrypted:false
                SSDEEP:
                MD5:9E125BD408E3AC25B60A6BBE6716A860
                SHA1:3FB9BAEE1ADADAA781F9B1A3F13F7E171CEA3FE1
                SHA-256:1F82C9AFA355AE414F42E498CD8451BA47B4B30F6A3A0217A17E4D20520936D4
                SHA-512:BEDC0006066A70ABADA5013B484624EC14BD2C0209CB2F09792577640DAB0319BB915AEBCD1608AC81B1352D6783FD7DE425918A4783B480AE1ED2A1C36CD03A
                Malicious:false
                Reputation:unknown
                Preview:.PNG........IHDR.......p.....;y 9....iTXtXML:com.adobe.xmp.....<x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="XMP Core 6.0.0">. <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">. <rdf:Description rdf:about="". xmlns:exif="http://ns.adobe.com/exif/1.0/">. <exif:PixelYDimension>368</exif:PixelYDimension>. <exif:PixelXDimension>1016</exif:PixelXDimension>. <exif:UserComment>Screenshot</exif:UserComment>. </rdf:Description>. </rdf:RDF>.</x:xmpmeta>.........pHYs...%...%.IR$.....PLTE....>.+T.+U......+U.is.N...I..sf..+U.*U....irI....js...I....>.>.........O.+T.+T...rf....se.sf.J...is....?....N.*T.*U..........ah.0;a..I........jr.............ah....I...>AKlQZx....~..rf.............?...ov..............J...........*T...............0;`ai....js.................s|.t........AKm...ag...........................{....................~..................................................

                Chrome Cache Entry: 217

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:PNG image data, 1536 x 576, 8-bit colormap, non-interlaced
                Category:dropped
                Size (bytes):363060
                Entropy (8bit):7.890423014467008
                Encrypted:false
                SSDEEP:
                MD5:CFD8E048422D7015854B75D54BD0670C
                SHA1:A5B82ED85797E208CBE0FDD23D32E4CE68AE85B0
                SHA-256:B36A53A0B32905F3019078AD6662E54D69A548FD37F47E1F9C9C7C76161CFEE0
                SHA-512:E5DD7EF60E25591A442C9AEB11AA08BEE5CA205B0075A8DB8A36C8C3FC95659BEB30D248D69840F0E6ECFFF5C42B32619A2261C940A3D14A52D51FF931B769A2
                Malicious:false
                Reputation:unknown
                Preview:.PNG........IHDR.......@.....|']&....pHYs..........+......PLTEmu.js}nu.mv.kv.lu.iptet.hu.kv.ov.ks.cs.To.lrvmu....lu.Yo.`q.nv.Ss.\q.pw.mt.lt.mu.Wt.nv.du.hx.hq.iw.lszow.nv.cq.`u.Rrzjs.nw.]s.Rm.lv.iqxin.qy.gr.eq~fk}\w._r.Vq.co.Wr~Qjxox.ai{ds.ew.Yiygu._w.gt....Yw.gx....aw.qy..L.15.7.aJ>.5-..X.JK.H4..9.Sqt\l~...'g.C"tnx.sn.Zh.L-.).NN\....Q-.5A.^H.vj.ba.Znllk.AQ.[;.....]&clbw..RV.jp.t`.`9.....*$P~.fbV..D*ec........$...#23V......=5c.e.;u.....Q.h9...{v.M....wA=E...2H.0.z..a....L=2u,bX.UI.gx.I6r..p.L..\Z.vz....yl.wP..-./rM)3CD.A*%1qH...zQH....._..5_....5...eU....\twMNl*WR...8...........e.ZSLS....v.q....~......v.K.'......DF..B\.3,-x=bd...A.\.....l..Pn_V...=-%.............r.oq.4.Pt....U....y..D`.V...Bk..........jP.....sk.{Oc.S..Y:#eN;...].w.~5pn.|s..S*..........i.......?wq......'.h1....?q......b.c...<E.q... .IDATx...n"I.....8..%.j..jp3..@X...P.........<..l#.8df.....f%y,.w...G5.h._..4.Y.2n.n..y.Q..h..f..>I..>.j+.d.\..^...m.,..._m7...#.o=>b..QN..1.Fo.R..p.3.?m

                Chrome Cache Entry: 218

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (5082), with no line terminators
                Category:downloaded
                Size (bytes):5082
                Entropy (8bit):5.007945788482163
                Encrypted:false
                SSDEEP:
                MD5:556660E5FB066E62C0A5BCAF1D200C67
                SHA1:2931C27B8B23C8642F41806D70B7E943C819F7C4
                SHA-256:A8B0DA8FC1941CC270E48602027F84698F19512C7028183C0A2C7BB77DEAC051
                SHA-512:4AC359583C7BAD9B1726C4854C2A0EC36374322FB5EA92231A22280252CD74CF7F565E8AA7348C922A201E761EAA1D4718A12EB61049034A8A38FDF69B26292C
                Malicious:false
                Reputation:unknown
                URL:https://hypnotherapyforhappiness.co.uk/wp-content/plugins/animate-it/assets/js/animo.min.js?ver=1.0.3
                Preview:(function($,window,document,undefined){function animo(element,options,callback,other_cb){var defaults={duration:1,animation:null,iterate:1,delay:0,timing:"linear",keep:false};this.prefixes=["","-moz-","-o-animation-","-webkit-"];this.element=$(element);this.bare=element;this.queue=[];this.listening=false;var cb=(typeof callback=="function"?callback:other_cb);switch(options){case"blur":defaults={amount:3,duration:0.5,focusAfter:null};this.options=$.extend(defaults,callback);this._blur(cb);break;case"focus":this._focus();break;case"rotate":defaults={degrees:15,duration:0.5};this.options=$.extend(defaults,callback);this._rotate(cb);break;case"cleanse":this.cleanse();break;default:this.options=$.extend(defaults,options);this.init(cb);break}}animo.prototype={init:function(callback){var $me=this;if(Object.prototype.toString.call($me.options.animation)==="[object Array]"){$.merge($me.queue,$me.options.animation)}else{$me.queue.push($me.options.animation)}$me.cleanse();$me.animate(callback)},a

                Chrome Cache Entry: 219

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:Web Open Font Format (Version 2), TrueType, length 16268, version 1.0
                Category:downloaded
                Size (bytes):16268
                Entropy (8bit):7.98483338261156
                Encrypted:false
                SSDEEP:
                MD5:376D4202F0309C9A844661C230736CCB
                SHA1:10731308876EF0B8B9763815352D6B18020026E0
                SHA-256:5AED4A8F357D7EDC1AC50EB4DE07867C83E69A10A1711E10053BDDCE99294B7E
                SHA-512:6CA93AB5BAB4098924FC472EE40554C6B13BDA05F19575F250E921FE9D33C0F599F668D349D4A7316683AB5990F0ED59673374AF735C89F7408A4C645D70058D
                Malicious:false
                Reputation:unknown
                URL:https://hypnotherapyforhappiness.co.uk/wp-content/fonts/hind/5aU19_a8oxmIfNJdERySjQ.woff2
                Preview:wOF2......?........d..?)................................`..\.h..m.....4..;..F..6.$.... .....@....}.e.......Q....j....`...1U....G.......r....Y...P!u.@Pa...|..!.%4g..'...](..h.Y|[...*h..,j\)<b.d.6......k.......e>.}5......~es@.s..bAV!|...6.'9y.....s.{+1.`..0n..n...>.|.`.b....(...3..lPl.D.G.I....n.t...U.E.e...5E..|..ei..]v..3.....:.d.0..F.!K.....Iw.)..(.K^....:.=W..[....Ab;.U@...JS..K..u.:....T...y..{...8$...~P..mQ.(3.'.6..-=.>]..7@U..s.{.d.....$}.s.#...s....eS......M.o..q......k..sH...7.......do....P.8.......*..!..7.=...%<..k.P...i..U..%..<,iH........zY....#..&...T.....$]..y.s.ur.):U.r.\^..3.f....`Z.".$..D..0.G..]...=..}.9W...TH.(..+....jWn*...v.,l|......rG...X5.....<.Xk@!...0d[.U..L.d.v.d.yw......Y.t}.+........}...Z..;_......p.h..o.Gw..}..`%.*}.:R.h.W..2q....2f.7..3...H..X0..@......3.8......+.|.......[.4..,xhyg...r...]...u[..oJ.......1:.i......H...[6...akS...|Tf/.3...}...{.u...&....?..@o4N\Y.h.....#.wl..k........<..y......E-.......P)."..v+......T.;...E..?

                Chrome Cache Entry: 220

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (26160)
                Category:downloaded
                Size (bytes):26200
                Entropy (8bit):5.37932786053828
                Encrypted:false
                SSDEEP:
                MD5:A16497DBDF081C2BFFE0645B52275FA4
                SHA1:589D0BD2EA7EE7E2A5B0968A3BAE300FC345423D
                SHA-256:683194A1CCDBFF2CCB1D049DBEAD875F871F0916266D3CB01E92023303ABA203
                SHA-512:F600E51DCC3857EDF2247C36953C9C05AD59DB836E2513FCF88DABA4B02E74070412FF571D417E7A8355252EE4568DE3F3B6F359A94F0E55D6BB16D4CC543D51
                Malicious:false
                Reputation:unknown
                URL:https://hypnotherapyforhappiness.co.uk/wp-content/plugins/page-scroll-to-id/js/page-scroll-to-id.min.js?ver=1.7.9
                Preview:/* Page scroll to id - version 1.7.8 */.!function(O,x,c,e){var n,M,s,i,l,a,o,r,u,h,t,d,p="mPageScroll2id",b="mPS2id",g={scrollSpeed:1e3,autoScrollSpeed:!0,scrollEasing:"easeInOutQuint",scrollingEasing:"easeOutQuint",pageEndSmoothScroll:!0,layout:"vertical",offset:0,highlightSelector:!1,clickedClass:b+"-clicked",targetClass:b+"-target",highlightClass:b+"-highlight",forceSingleHighlight:!1,keepHighlightUntilNext:!1,highlightByNextTarget:!1,disablePluginBelow:!1,clickEvents:!0,appendHash:!1,onStart:function(){},onComplete:function(){},defaultSelector:!1,live:!0,liveSelector:!1,excludeSelectors:!1,encodeLinks:!1,inIframe:!1},f=0,_=/[ `!@#$%^&*()_+\-=\[\]{};':"\\|,.<>\/?~]/,w={init:function(e){e=O.extend(!0,{},g,e);if(O(c).data(b,e),M=O(c).data(b),!this.selector){var t="__"+b;this.each(function(){var e=O(this);e.hasClass(t)||e.addClass(t)}),this.selector="."+t}M.liveSelector&&(this.selector+=","+M.liveSelector),n=n?n+","+this.selector:this.selector,M.defaultSelector&&("object"==typeof O(n)&

                Chrome Cache Entry: 222

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:Web Open Font Format (Version 2), TrueType, length 13104, version 1.0
                Category:downloaded
                Size (bytes):13104
                Entropy (8bit):7.983500894518121
                Encrypted:false
                SSDEEP:
                MD5:B35FAC17D24450C3C7E27A11CE54CFF9
                SHA1:CB817504B4BCDFB22C72138409DDF39CD22C8912
                SHA-256:0D352D8A993D3F79D860E44D74EE3E132649253F2AF24CAAD088C3AED6EC08C8
                SHA-512:EE6BDB5F7F58DE399EF62E08A71EE9C9610DCF6876F4E35546FA3EE9F0EBD34829C85AE9BBBE652AC7A8446C50383E7C1BA973D4F5BF6680899F9CEEB49F6C95
                Malicious:false
                Reputation:unknown
                URL:https://fonts.gstatic.com/s/notosans/v39/o-0mIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjcz6L1SoM-jCpoiyD9A-9a6VI.woff2
                Preview:wOF2......30......m...2...........................D..T..J.`?STAT^..,.....4....4..6.$..d. ..x..6....[....^. .`..2..!.JN....@...S..)...FV.....i....!=.....H...HD...}...X..."...Q9B.S.....O.k.7o.O:...w..!..3.3.....OH.(I...B.K...4.`R.$X?..T..Q.....F.R.e.+6c.......s.._aY.Yj.Z...7.gHR....*..I.w.s-....y".~R.K.....|.....y.X.....3.;;.=......*6h..!..Q.ux.....s....P...}...AC].2........s.6.......e...QU....y?KYN.X.......*.."..N.....l@..;.8....q......3+....$....L...RHQ.}.$..>Dh*..k....n.t....U...f..V.6.6..?.qY6,...,....a.s\.....\..~.29..Q=.F.3.3...P4GJ..0..@...%.BB..q......I1..42....m.;..]*..B...../P.I... ..........!D. ......D..}.0E.=..1.C....}...Su.q.;\.Z...k...I........tt!.'...)k.[.!z.....]..$...Y....3.%..Yc`......7.....L?Z...M.. ...).....@CEI..A.%4.W...'<....VtG..k?ma(.\7Q....H0...wCd..{6..*.4.8.....H.T.....aA-t.P..0....B....Pm.2.9..O.....h....H...%y..AC./...+.Q.0...[.M.O..M....'...M.1.......z..........N..u../...5[...]SkrY..J..r.\.Y%...aA.N=.T.MO.

                Chrome Cache Entry: 223

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (1151), with no line terminators
                Category:downloaded
                Size (bytes):1151
                Entropy (8bit):4.994690518721122
                Encrypted:false
                SSDEEP:
                MD5:269513237E5E8C8134F99042CFFEA7BB
                SHA1:D052525CDEAE6F6E7E55B07F8D3B84D3E649E6C1
                SHA-256:5171798B43F28844503BAF788C228F08BA652A24DFECEB441190C5B8332350A5
                SHA-512:727720FDB3860CE1F00349EBE6A7ADD5F044FE2A60FFB8E0F5C901AD0E281BEE244F80F4163824D385947BBE87887598FD98750C0F67683F4ECEA1A4649C88B2
                Malicious:false
                Reputation:unknown
                URL:https://hypnotherapyforhappiness.co.uk/wp-content/plugins/mai-engine/assets/js/min/global.min.js?ver=2.35.1.2720251604
                Preview:function maiToggleAriaValues(e){var t="false"===e.getAttribute("aria-expanded")?"true":"false";return e.setAttribute("aria-expanded",t),e.setAttribute("aria-pressed",t),e}!function(){var e=document.documentElement,t=document.getElementsByTagName("body")[0],r=window.innerWidth-document.documentElement.clientWidth,c=document.querySelectorAll(".search-toggle");r>0&&r<=20&&e.style.setProperty("--scrollbar-width",r+"px");var n=function(e){var t=e.target.closest(".search-icon-form");t&&o(t)},o=function(e){var r=e.closest(".search-icon-form");if(r){var c=r.querySelector(".search-form");maiToggleAriaValues(r.querySelector(".search-toggle")),c.classList.toggle("search-form-visible"),c.classList.contains("search-form-visible")?(t.addEventListener("keydown",s,!1),t.addEventListener("click",s,!1),c.querySelector(".search-form-input").focus()):(t.removeEventListener("keydown",s,!1),t.removeEventListener("click",s,!1))}},s=function(e){e.target.closest(".search-icon-form")&&!["Escape","Esc"].includes

                Chrome Cache Entry: 224

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (2912), with no line terminators
                Category:downloaded
                Size (bytes):2912
                Entropy (8bit):4.989103900687935
                Encrypted:false
                SSDEEP:
                MD5:0DEFBF656291CE0AD96CD9B2B602A78D
                SHA1:801CEAAB01EB83E2ECC17BE33B5963884C6690DB
                SHA-256:FC95AA1D518907D03BD5ABC610363655E5556978CA7FC8B9ECA0A33A7872E822
                SHA-512:4981181ABE71811677DB6A85612003C2E8ADF1C5C185E72DB6A59A01F083F8BA811A1A5B07682D76C33613182185D45BF544E064E875C19F8CD43B6C088CEBA0
                Malicious:false
                Reputation:unknown
                URL:https://hypnotherapyforhappiness.co.uk/wp-content/plugins/mai-engine/assets/js/min/menus.min.js?ver=2.35.1.2720251604
                Preview:!function(){var e="undefined"==typeof maiMenuVars?{}:maiMenuVars,t=document.getElementsByTagName("body")[0],n=document.querySelector(".site-header-wrap"),s=[document.getElementsByClassName("nav-header-left")[0],document.getElementsByClassName("nav-header-right")[0],document.getElementsByClassName("nav-after-header")[0]],a=document.querySelector(".mobile-menu"),i=document.querySelector(".mobile-menu .wrap"),l=document.querySelector(".mobile-menu .menu"),r=document.querySelector(".mobile-menu .widget"),o=document.getElementsByClassName("menu-toggle")[0];if(n){var u=function(e){o&&(maiToggleAriaValues(o),t.classList.toggle("mobile-menu-visible"),t.classList.contains("mobile-menu-visible")?(t.addEventListener("keydown",c,!1),t.addEventListener("click",c,!1)):(t.removeEventListener("keydown",c,!1),t.removeEventListener("click",c,!1)))},c=function(e){e.target.closest(".menu-toggle, .mobile-menu")&&!["Escape","Esc"].includes(e.key)||u()};a||((a=document.createElement("div")).setAttribute("cla

                Chrome Cache Entry: 225

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (42591)
                Category:downloaded
                Size (bytes):42592
                Entropy (8bit):5.206387834036055
                Encrypted:false
                SSDEEP:
                MD5:966EEE900D7086888C6BD24E345EF1AC
                SHA1:491665F686C464CD80B35807C865DD9BA9586C44
                SHA-256:BC595C8641415C3D16715855939A7A0EDFC323ACCA2A3C6869EFFA7548E05156
                SHA-512:5D7152D312CA977277AD81DC638C392FE60616E426DD3867BCE3D001DFB541689374D17CE16D39EA3A126FF84B1E2059EC8C028AFDE62A69481988846792DFA1
                Malicious:false
                Reputation:unknown
                URL:https://hypnotherapyforhappiness.co.uk/wp-content/plugins/site-reviews/assets/scripts/site-reviews.js?ver=7.2.6
                Preview:!function(){"use strict";let e;const t=function(e){return"json"===this.responseType||!0===this.json?e({message:this.statusText},!1):"text"===this.responseType?e(this.statusText):void console.error(this)},i=function(e){if(0===this.status||this.status>=200&&this.status<300||304===this.status){if("json"===this.responseType)return e(this.response.data,this.response.success);if("text"===this.responseType)return e(this.responseText);if(!0===this.json){const t=JSON.parse(this.response);return e(t.data,t.success)}}else t.bind(this,e)},s=e=>{let t=new FormData;const i=Object.prototype.toString.call(e);return"[object FormData]"===i&&(t=e),"[object HTMLFormElement]"===i&&(t=new FormData(e)),"[object Object]"===i&&Object.keys(e).forEach((i=>t.append(i,e[i]))),t.append("action",GLSR.action),t.append("_ajax_request",!0),t},n=s=>{e=new XMLHttpRequest,e.addEventListener("load",i.bind(e,s)),e.addEventListener("error",t.bind(e,s))},r=t=>{(t=t||{})["X-Requested-With"]="XMLHttpRequest";for(let i in t)t.ha

                Chrome Cache Entry: 226

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (19213), with no line terminators
                Category:downloaded
                Size (bytes):19213
                Entropy (8bit):4.777373596574489
                Encrypted:false
                SSDEEP:
                MD5:CC9B0165EAD85DA0ADEF986FFD6DFBD4
                SHA1:F0116E823DED7C4580863E698F4864A87D2FD47A
                SHA-256:C068D30A82C4D609E53E03271C68FFB1858CB53870515BE6E0E4DA927B081AFE
                SHA-512:825531CD5632426BEB4C7DCD95046FE5917A0F041315436969FF32B560D2EA277D2A50E997C81FD74F89F66E227F415E0AF7EB905500BC25CE0316BE33033D32
                Malicious:false
                Reputation:unknown
                URL:https://hypnotherapyforhappiness.co.uk/wp-content/plugins/mai-engine/assets/css/utilities.min.css?ver=2.35.1.2720251604
                Preview:.screen-reader-shortcut,.screen-reader-text,.screen-reader-text span{border:0;clip:rect(1px,1px,1px,1px);clip-path:inset(100%);height:1px;overflow:hidden;padding:0;position:absolute;white-space:nowrap;width:1px}.screen-reader-shortcut:active,.screen-reader-shortcut:focus-visible,.screen-reader-text span:active,.screen-reader-text span:focus-visible,.screen-reader-text:active,.screen-reader-text:focus-visible{clip:auto;background-color:var(--color-black);clip-path:none;color:var(--color-white);height:auto;overflow:visible;padding:var(--spacing-md) var(--spacing-lg);position:static;position:absolute;text-decoration:none;white-space:inherit;width:auto;z-index:100000}.genesis-skip-link{margin:0}.genesis-skip-link li{background:var(--color-white);height:0;list-style:none;width:0}:focus{outline:none}:focus-visible{outline:var(--focus-outline,var(--border))}.is-layout-flex{display:flex;flex-wrap:wrap;gap:var(--row-gap) var(--column-gap)}.alignwide{--alignwide-max-side-spacing:max(0px,calc((va

                Chrome Cache Entry: 227

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (7938), with no line terminators
                Category:downloaded
                Size (bytes):7938
                Entropy (8bit):4.79610590204633
                Encrypted:false
                SSDEEP:
                MD5:F44AF4C2D3A8BEC0EC2FD1DD147B7F9F
                SHA1:87DC5CFC94A0B1694B3E0F49ED498100F54F9E91
                SHA-256:DA228F8822466AB6A2701ABA8BFF214102C414436DB62F0855B6D6ED9D4D9ECC
                SHA-512:B662B15BDD9C10968B6AEB0BDFCA0058E7C5E6A7732669E8C4D7647385B2E77636E237F4B65BC425158D37A9582EA792693022E4215B5988FAD751C52C66FB4C
                Malicious:false
                Reputation:unknown
                URL:https://hypnotherapyforhappiness.co.uk/wp-content/plugins/mai-engine/assets/css/footer.min.css?ver=2.35.1.2720251604
                Preview:.adjacent-entry-pagination{--image-border-radius:var(--border-radius);--link-color:var(--color-heading);display:grid;grid-gap:var(--spacing-md);grid-template-columns:repeat(auto-fit,minmax(256px,1fr));margin-bottom:var(--spacing-xxl)}.adjacent-entry-pagination .pagination-previous{--adjacent-entry-link-inner-justify-content:start;--adjacent-entry-link-text-align:start}.adjacent-entry-pagination .pagination-next{--adjacent-entry-link-inner-justify-content:end;--adjacent-entry-link-text-align:end}.adjacent-entry-link{--link-text-decoration:none;--link-text-decoration-hover:none}.adjacent-entry-link-inner{align-items:center;background:var(--adjacent-entry-link-inner-background,none);border:var(--adjacent-entry-link-inner-border,var(--border));border-radius:var(--adjacent-entry-link-inner-border-radius,var(--border-radius));box-shadow:var(--adjacent-entry-link-inner-box-shadow,var(--shadow));display:flex;gap:var(--spacing-md);height:100%;justify-content:var(--adjacent-entry-link-inner-just

                Chrome Cache Entry: 228

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (574), with no line terminators
                Category:downloaded
                Size (bytes):574
                Entropy (8bit):4.546651643467996
                Encrypted:false
                SSDEEP:
                MD5:E6113D4AE772602D35B8D6B16ACDE3F9
                SHA1:D08E8CD86111DA1C7387D0822CD30B7DA6E11D80
                SHA-256:5BD6A24EEB46AF10E3F7CD1D3A3932CC9E4A20033A7C344238463138BD21A107
                SHA-512:2197B386FF8488B0E50F948885E7076EBD45D7741713F989DAAE71573336542E851E73C5CB914B83E634D122A2E04364606797FD95A10F6744B6F4130E43C352
                Malicious:false
                Reputation:unknown
                URL:https://hypnotherapyforhappiness.co.uk/wp-content/plugins/mai-engine/assets/css/themes/success.min.css?ver=2.35.1.2720251604
                Preview::root{--border-width:2px;--blockquote-border-left:0;--site-title-font-size:var(--font-size-md);--menu-font-family:var(--heading-font-family);--menu-font-weight:var(--heading-font-weight-light);--menu-font-size:var(--font-size-sm);--button-font-family:var(--heading-font-family);--button-font-weight:var(--heading-font-weight-light)}.has-boxed{--entry-border:0}.has-heading-background-color{--link-color:currentColor;--heading-color:var(--color-body);--input-background-color:transparent;--input-placeholder-color:var(--color-body);--input-border:2px solid var(--color-body)}

                Chrome Cache Entry: 229

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (65536), with no line terminators
                Category:downloaded
                Size (bytes):93953
                Entropy (8bit):5.450289019331584
                Encrypted:false
                SSDEEP:
                MD5:75B747912712B95F004DA1DCF7BA5D47
                SHA1:4153BDB5AD135856EA2C80ED0DD02E26D2ECEB26
                SHA-256:1120A58D468619E0009F0C924ACB0F381DC9E9197EB9F9CD06CBC2C2D961A3F5
                SHA-512:153D864742CE56E5C007860C8D42D3342A851CDDB527CF0498C354FE0489F29B234C266662273A561ED42D4A1EB831C51A66139832D31FE7E67CEB27A3AA2D48
                Malicious:false
                Reputation:unknown
                URL:https://hypnotherapyforhappiness.co.uk/wp-content/plugins/chaty/js/cht-front-script.min.js?ver=3.3.81700739748
                Preview:function launch_chaty(t){null!=t&&"widget_index"!=t||(t=0),jQuery("#chaty-widget-"+t).length&&jQuery("#chaty-widget-"+t+" .chaty-cta-button .open-chaty").trigger("click"),jQuery("#chaty-widget-_"+t).length&&jQuery("#chaty-widget-_"+t+" .chaty-cta-button .open-chaty").trigger("click")}!function(t){"use strict";"function"==typeof define&&define.amd?define(["jquery"],t):"undefined"!=typeof module&&module.exports?module.exports=t(require("jquery")):t(jQuery)}((function(t,e){var a,c,n=[],i="",s=/(android|bb\d+|meego).+mobile|avantgo|bada\/|blackberry|blazer|compal|elaine|fennec|hiptop|iemobile|ip(hone|od)|ipad|iris|kindle|Android|Silk|lge |maemo|midp|mmp|netfront|opera m(ob|in)i|palm( os)?|phone|p(ixi|re)\/|plucker|pocket|psp|series(4|6)0|symbian|treo|up\.(browser|link)|vodafone|wap|windows (ce|phone)|xda|xiino/i.test(navigator.userAgent)||/1207|6310|6590|3gso|4thp|50[1-6]i|770s|802s|a wa|abac|ac(er|oo|s\-)|ai(ko|rn)|al(av|ca|co)|amoi|an(ex|ny|yw)|aptu|ar(ch|go)|as(te|us)|attw|au(di|\-m|r |

                Chrome Cache Entry: 231

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (19255)
                Category:downloaded
                Size (bytes):19519
                Entropy (8bit):5.310093565262629
                Encrypted:false
                SSDEEP:
                MD5:CE29AEBB6E46A09D510F10CF0C6837C4
                SHA1:E823CCB8E59A3DE6332620397B01D6531A7D615D
                SHA-256:5A1F160F084E3DF2204C807C3ACD90031588164BC6056AD20D9B65D6463330DE
                SHA-512:C1ECDFDE323F67063D559A1579361DA9D2D8114C6C88AADED7A9229CB8CF47B70D93B849242A614F544BA34EBFB570B6410E01F6C713E4559DF7F19042867EB6
                Malicious:false
                Reputation:unknown
                URL:https://hypnotherapyforhappiness.co.uk/wp-content/plugins/chaty/admin/assets/js/picmo-latest-umd.min.js?ver=3.3.8
                Preview:(function(T,b){typeof exports=="object"&&typeof module<"u"?b(exports,require("picmo")):typeof define=="function"&&define.amd?define(["exports","picmo"],b):(T=typeof globalThis<"u"?globalThis:T||self,b(T.picmoPopup={},T.picmo))})(this,function(T,b){"use strict";function _(t){return t.split("-")[0]}function F(t){return t.split("-")[1]}function H(t){return["top","bottom"].includes(_(t))?"x":"y"}function et(t){return t==="y"?"height":"width"}function nt(t,e,n){let{reference:i,floating:o}=t;const c=i.x+i.width/2-o.width/2,r=i.y+i.height/2-o.height/2,s=H(e),l=et(s),a=i[l]/2-o[l]/2,d=_(e),f=s==="x";let u;switch(d){case"top":u={x:c,y:i.y-o.height};break;case"bottom":u={x:c,y:i.y+i.height};break;case"right":u={x:i.x+i.width,y:r};break;case"left":u={x:i.x-o.width,y:r};break;default:u={x:i.x,y:i.y}}switch(F(e)){case"start":u[s]-=a*(n&&f?-1:1);break;case"end":u[s]+=a*(n&&f?-1:1);break}return u}const vt=async(t,e,n)=>{const{placement:i="bottom",strategy:o="absolute",middleware:c=[],platform:r}=n,s=

                Chrome Cache Entry: 232

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:Web Open Font Format (Version 2), TrueType, length 24016, version 1.0
                Category:downloaded
                Size (bytes):24016
                Entropy (8bit):7.991051678216668
                Encrypted:true
                SSDEEP:
                MD5:85F00D66C5F31D58833ABF1CFBE1496E
                SHA1:D504A89747D1258A4C4FAFF0EBC6F63853B570D6
                SHA-256:3270680FC889EABFB9C410EE690161071F237679A90171A0A67B09142B8D382C
                SHA-512:FE38F685B8A78875403B482EC93A9F66B1EE729FAEFE8BCCEF1FE47E85F5D43FFA3AEE0AB6D6DFCEEB20D7C5555CA9EA69FDD985C3DB680F60D8CBA5C6C798C5
                Malicious:false
                Reputation:unknown
                URL:https://fonts.gstatic.com/s/dancingscript/v25/If2cXTr6YS-zF4S-kcSWSVi_sxjsohD9F50Ruu7BMSo3Sup8.woff2
                Preview:wOF2......]..........]l.........................|...j..J.`?STAT...:.....|..Z..v..6.$..h. .........p...Vl...jV.?..l..n...`O.D.....|v......^.n.Xb+JW"{Uo/4\U.Fw..d.{q..t?.6..*6..ZU...p...0.b)Jc0.$G.4nEbA.H..8r.-..>......T(j..E`..G...9}.,.%.Q.G.`.........5...Q1..Sc...M."..p..!.Z..!.ZH...x..MEm....hg...Y.y..~.D.c...e.?.t....C..P..^)..!....S...I.p.....D.)Cl..|o..'...}\..s.D"i?.[...M.....i~S..J+1....d..1 @B.!.R....M.{..k0. ..(X.S5s.........M.U+....?(@.5b....U..+Z.b...S....Qb.J+2m...2H..Zr.....w...A.h...3...O....O.U....].a.$...b..Z........3...qf.`M.hS...T~cZ..w....D]..<...J.{ju.......... .Vi..k.6d......z.6..."M...).q.h.Q.....@f...j.....;.T.Xt.k......@`..$4.v.....|6Iq...@.A.z...&:..b.'J.1.!..E..\....z..t.....]S...........K...7%J.a...w...m% .&..-..i.#.B....>PBp"".....n..A...l.. 2..w....\...}k..Z......kc..A.(...w.c.5E3G.......C??....2E....W.|M.5...cM.......p.DX...At...K4........e*=..R....Q.c..zQ..z.3n...m..P..G.........J.@5%.A@....$\.SWN.Z}c.}:-..'P3.Y..O..f

                Chrome Cache Entry: 233

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:Web Open Font Format (Version 2), TrueType, length 16216, version 1.0
                Category:downloaded
                Size (bytes):16216
                Entropy (8bit):7.987705252722774
                Encrypted:false
                SSDEEP:
                MD5:4C5BC71B3CF6F2584725C0BB3E25D391
                SHA1:F051F482061DC48D09C328C45459DD04DB5B5547
                SHA-256:ACA5DEC430A7470FF1D8A16F9E7BB3CA30F2FF58F3BD60432CF1DDDFA30C9D71
                SHA-512:E280E96E0EF736D1255DF532BFECCE67E670004CC971BB4518DC906F6D76F88508CE139190814782374E31DF15732731D676962AE2A6863CDCCA53DB4E676158
                Malicious:false
                Reputation:unknown
                URL:https://hypnotherapyforhappiness.co.uk/wp-content/fonts/hind/5aU69_a8oxmIdGl4BA.woff2
                Preview:wOF2......?X..........>.................................`..\.h..m.....P..`..F..6.$.... .....@....:.U.b.8.`..1*J*............z-.....Q.....X.!....;. .6.a.X........wo6k....4M........2.rt...l.5.....G...O....3.i....t..~....t...4Wz.!...2....D..mv.%=x.J%Dm.V.g(.,B.$..l.J..<..b..R.2.kY....s.{.m.{~........L....CZ:...t..NQ.........os.K.!... %.....-.....Q.Z...nw...-X4. r....b....?V.7..~....*i..........u..S.......E.....5..J...@..&...Lv.....n[x.u......R.*.M.<..`.....p.....h..;..Q...o.,cm@...V..Zw...........T"....h.C.3.tQK\J...N.VJ @..."...UnV....=.$....6.....P..Y......A....g.8......9.....7.......5NHE.Q.....J........|..5..".u.8....y...8j.%....%..(......<d.>[....`.A4JN... ...W.0...]...w._.Dh.....4..z...Qy$...K.n.W..X.[.].`.=.......o.G.d.....3...U...2.P..C..*..6..4...'m........;.R_....+..H.L.... ....L...W.. ....D1M"..". ... .x.75..c..;..d..'.$.d...5.H.O.....#..]...$.$.+...i~...#s.t...._........:.c.mD.?...E......1......'.........@.m...9...^..x......

                Chrome Cache Entry: 234

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (335), with no line terminators
                Category:downloaded
                Size (bytes):335
                Entropy (8bit):4.544032639198574
                Encrypted:false
                SSDEEP:
                MD5:7B197104AFDF6F3F918FD92A5AA1C657
                SHA1:F40AEF07A4AFCBE679AAFF6F3A8CEF6A20CB1FE6
                SHA-256:EDBA0FCBA74296C16B2CE9016B6FB6F20C7CF68F3D48665C6D5FD3947824B449
                SHA-512:24DD57053C08B906A9EBB9CA256B09FDD6CE2CD6E62B1A923FB163D5B992B5EDF99717F05BFFC820E3FE5ABB6D420420D971EB44094773C64FB802B7B3C18304
                Malicious:false
                Reputation:unknown
                URL:https://hypnotherapyforhappiness.co.uk/wp-content/plugins/ultimate-addons-for-gutenberg/assets/css/spectra-block-positioning.min.css?ver=2.19.4
                Preview:body .wp-block-uagb-container.uagb-position__sticky{transition-property:top,bottom;transition-duration:250ms;transition-timing-function:ease}body .wp-block-uagb-container.uagb-position__sticky--stuck{position:fixed;margin:0!important}body .wp-block-uagb-container.uagb-position__sticky--restricted{position:absolute;margin:0!important}

                Chrome Cache Entry: 235

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (65536), with no line terminators
                Category:downloaded
                Size (bytes):93882
                Entropy (8bit):5.4349640329020765
                Encrypted:false
                SSDEEP:
                MD5:59F770D84CE947FA7C86440DEB133A0A
                SHA1:5370CFE90A8EED3F302B58873434FD63EAB6F7C8
                SHA-256:F161391EBFBA43D58BD4747588D9680CCFC6ACB317A24CF2C49CCE9A5E3275E3
                SHA-512:DEBBD5EF778AB5A51B4CB0938112C1E8B0CC319CDF90BFCDE355B8C5501F97CDE5E206199F6BA3850381347B9C7D49FE71658D2E5041148144332F2CDF2ED104
                Malicious:false
                Reputation:unknown
                URL:https://hypnotherapyforhappiness.co.uk/wp-content/plugins/chaty/admin/assets/js/picmo-umd.min.js?ver=3.3.8
                Preview:var ye=(e,t,o)=>{if(!t.has(e))throw TypeError("Cannot "+o)},w=(e,t,o)=>(ye(e,t,"read from private field"),o?o.call(e):t.get(e)),b=(e,t,o)=>{if(t.has(e))throw TypeError("Cannot add the same private member more than once");t instanceof WeakSet?t.add(e):t.set(e,o)},J=(e,t,o,i)=>(ye(e,t,"write to private field"),i?i.call(e,o):t.set(e,o),o),v=(e,t,o)=>(ye(e,t,"access private method"),o);!function(e,t){"object"==typeof exports&&typeof module<"u"?t(exports):"function"==typeof define&&define.amd?define(["exports"],t):t((e=typeof globalThis<"u"?globalThis:e||self).picmo={})}(this,(function(e){var t,o,i,s,r,a,n,c,l,h,d,m,u,p;async function g(e,t={}){const{local:o=!1,version:i="latest",cdnUrl:s,...r}=t,a=function(e,t,o){let i=`https://cdn.jsdelivr.net/npm/emojibase-data@${t}/${e}`;return"function"==typeof o?i=o(e,t):"string"==typeof o&&(i=`${o}/${e}`),i}(e,i,s),n=o?localStorage:sessionStorage,c=`emojibase/${i}/${e}`,l=n.getItem(c);if(l)return Promise.resolve(JSON.parse(l));const h=await fetch(a,{

                Chrome Cache Entry: 236

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text
                Category:downloaded
                Size (bytes):4484
                Entropy (8bit):4.926546567941967
                Encrypted:false
                SSDEEP:
                MD5:3B2A03824EA375238C0DD844520C70CF
                SHA1:C3B063DC0B36BF760FEB3B72FD325A7ED5F03F4F
                SHA-256:E220711C19A54165D6819AD034FEF35D5F4C94F4EB3F9C521F000917C8442303
                SHA-512:CBADC5CAEA7BBD3E69ED5B5776E914E445484580163F893B9C63B153E49DF364CAB7FA0D27BC0D166749C5D79E82EE23144DC197A1164124EE91643FBE7FDB1A
                Malicious:false
                Reputation:unknown
                URL:https://hypnotherapyforhappiness.co.uk/wp-content/plugins/animate-it/assets/js/edsanimate.site.js?ver=1.4.5
                Preview:( function( $, document, window){....var edsWObj = $(window);..$.fn.initEDSAnimateBlock = function() {......var obj = this.length > 1 ? this.eq(0) : this;........this.edsTotalRepeatCount = 1;...this.edsAnimateInfinite = false;...this.edsAnimations = [];.....this.edsKeepValue = false;...this.edsScrollOffset = 0;.....this.edsElemAnimating = false;......this.checkPosition = function() {...........var windowHeight = edsWObj.height(),. viewportTop = $(document).scrollTop(),. viewportBottom = (viewportTop + windowHeight),.......elemTop = '';..... if( obj.edsScrollOffset != null && obj.edsScrollOffset != ''){. .elemTop = Math.round( obj.offset().top ) + Math.round(Number(obj.edsScrollOffset) * obj.height() * 0.01),. .elemBottom = elemTop + (obj.height());. }else{. .elemTop = Math.round( obj.offset().top ) + Math.round(options.offset * obj.height() * 0.01),. .elemBottom = elemTop + (obj.height());.

                Chrome Cache Entry: 237

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:Web Open Font Format (Version 2), TrueType, length 18596, version 1.0
                Category:downloaded
                Size (bytes):18596
                Entropy (8bit):7.98958587920964
                Encrypted:false
                SSDEEP:
                MD5:C1422F94EA801088E9B159A80AFD514B
                SHA1:B49D3CB83589976DDE1166AA38DCB553620A0498
                SHA-256:7F7FCDA5F37C18DEF2314B911B02417B773C4F459DF0D25931FFA7389B872B89
                SHA-512:C28C40D0905971427101D8C2B6925A69E978034C5C8C0B90DA5A20FE863480DB3E85E003EF6FC793F3172766E1B02A4F22AFE9A5411F8EF37BFF691D48A6E63A
                Malicious:false
                Reputation:unknown
                URL:https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
                Preview:wOF2......H...........H;.........................|..N..h.`?STATZ..0..|........t.."..2..6.$..`. ..&........z..!.<.!..T.y.5X.g.j.CD)..d..MNd...._.B....:..n>..'H.,....V"7.u......C....a..q?...b..~.T.*W...4...I+..@..b!R.......W...?.j....8....I..I...z...`w...D..e.V+.d...b...T.. .."!KH$.. .a'....s.].lw.NO[..j.....W].[.m..u8...9.. .......b%..-..%.J.PI{..C....K#....K......F....-=x(L....L......h.t...{1...........L.b;K....)......%.su..s.....&..] ...[.-.u.../..}.6)....8.g..^%.i.......wF`...?...].&o..:..H.F.uv...d_...u.7H..e. :.J*.....~...W'....,...x.xF......o.....r.;z..t$.6.Q.Mo.1...E.j.{..........b...%&\..$.........*......'.BH.c.Ty\..E.hr,.>.}s...o....g.K,,.LO.LefS.d.I1.......W.......5..rh....y..!..o#.........,..b.`._..2..z......%l..l3kE.x...*.qr#/...W....)y...\.. ...".a. l .2..J.....z...V.W#y.v.7.......N.I......{.ho.`O.Y\..3..........(.X?.@.{|....t..4.2).XXY!.&.R.D..j."...O..;.`. ....gc.....e|..:M.7...<@..]...H..C;....j..4b...@....(N..&.!X.2.7Cn..S$.E...

                Chrome Cache Entry: 238

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (479)
                Category:downloaded
                Size (bytes):731
                Entropy (8bit):5.325658977004964
                Encrypted:false
                SSDEEP:
                MD5:97669983F6540F2BADEEF6AB07E5B637
                SHA1:B6F0084F6747DA64CF24334B2C0027E57CBF7F23
                SHA-256:FA7B84BB6E37FBA06F79793937E55BAF6EBC1BEE051E350E11C7CA681A9F3DB7
                SHA-512:2594A8D21E5338D1589B22CCAA9F24E283E1BA8EB2364F661CCF85639D1A063A72A5FA1FAAD116B008110D09BDE0898B0B349A1DEA8DBD8B83F77F360849F6CF
                Malicious:false
                Reputation:unknown
                URL:https://hypnotherapyforhappiness.co.uk/wp-content/plugins/animate-it/assets/js/jquery.ba-throttle-debounce.min.js?ver=1.1
                Preview:/*. * jQuery throttle / debounce - v1.1 - 3/7/2010. * http://benalman.com/projects/jquery-throttle-debounce-plugin/. * . * Copyright (c) 2010 "Cowboy" Ben Alman. * Dual licensed under the MIT and GPL licenses.. * http://benalman.com/about/license/. */.(function(b,c){var $=b.jQuery||b.Cowboy||(b.Cowboy={}),a;$.throttle=a=function(e,f,j,i){var h,d=0;if(typeof f!=="boolean"){i=j;j=f;f=c}function g(){var o=this,m=+new Date()-d,n=arguments;function l(){d=+new Date();j.apply(o,n)}function k(){h=c}if(i&&!h){l()}h&&clearTimeout(h);if(i===c&&m>e){l()}else{if(f!==true){h=setTimeout(i?k:l,i===c?e-m:e)}}}if($.guid){g.guid=j.guid=j.guid||$.guid++}return g};$.debounce=function(d,e,f){return f===c?a(d,e,false):a(d,f,e!==false)}})(this);

                Chrome Cache Entry: 239

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (627), with no line terminators
                Category:downloaded
                Size (bytes):627
                Entropy (8bit):4.416206185633794
                Encrypted:false
                SSDEEP:
                MD5:8FDB07BDC0E41C712E88B7AAB393E020
                SHA1:13D5DEA987B1F56D0DED0598F3EE54F094672AD7
                SHA-256:6C00E3FB1E0E1E76460D147CE8C9AB6EF1D0BA783078232F9A4AF3AD95A4EF64
                SHA-512:10B1E5380C798BA8A7ECCA630D11E123C928345BF5316B0989B79BA05808850B85EA7A724001A23397B891F816F9526EC561D421C0D952C28EA756B8E9811825
                Malicious:false
                Reputation:unknown
                URL:https://hypnotherapyforhappiness.co.uk/wp-content/plugins/mai-engine/assets/css/desktop.min.css?ver=2.35.1.2720251604
                Preview::root{--site-header-wrap-justify-content:var(--site-header-wrap-justify-content-desktop,space-between);--header-section-order:0;--title-area-padding:var(--title-area-padding-desktop) 0;--nav-header-width:auto;--nav-header-margin:0;--nav-header-padding:0;--nav-header-background-color:transparent;--nav-after-header-display:flex;--header-section-display:flex;--header-section-mobile-display:none}.mobile-menu-visible{--mobile-menu-display:none}.has-logo-center{--site-header-wrap-justify-content:var(--site-header-wrap-justify-content-desktop,space-around);--title-area-margin:0 var(--spacing-lg);--title-area-text-align:center}

                Chrome Cache Entry: 240

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (4450), with no line terminators
                Category:downloaded
                Size (bytes):4450
                Entropy (8bit):5.1824205338724445
                Encrypted:false
                SSDEEP:
                MD5:EB5D7EFB1BC838480F4CA0D67C124249
                SHA1:0292349BA263236243A33FB7FDDED5527E17BF6A
                SHA-256:BAC6ADD1BF7EC50484CC9C7336DB1C6333B0F911675EB2A95C6AF5D28B15ADAB
                SHA-512:4C7A0A52D7917F8387FEFA7E266A9FD195FA28D077BCFB767BD985D197A32A09068CC58101D275D921D954B3F2EDD390BBA382EF8662FF27A6FDC3FC007DA1DB
                Malicious:false
                Reputation:unknown
                URL:https://hypnotherapyforhappiness.co.uk/wp-content/plugins/ultimate-addons-for-gutenberg/assets/js/spectra-block-positioning.min.js?ver=2.19.4
                Preview:const UAGBBlockPositioning={init(t,e){const s=document.querySelector(e);s?.classList.contains("uagb-position__sticky")&&UAGBBlockPositioning.handleSticky(s,t)},handleSticky(t,e){var s=()=>{return document.querySelector("#wpadminbar")?.offsetHeight||0},p=()=>{"undefined"!=typeof AOS&&e?.UAGAnimationType&&(t.dataset.aos=e?.UAGAnimationType,t.dataset.aosDuration=e?.UAGAnimationTime,t.dataset.aosDelay=e?.UAGAnimationDelay,t.dataset.aosEasing=e?.UAGAnimationEasing,t.dataset.aosOnce=!0,setTimeout(()=>{AOS.refreshHard()},100))};const o=t.getBoundingClientRect(),y=e?.isBlockRootParent?null:t.parentElement,i=((t,e,s)=>{const o=document.createElement("div"),i=(o.style.height=e.height+"px",o.style.boxSizing="border-box",window.getComputedStyle(t));return s?(o.style.width="100%",o.style.maxWidth=i.getPropertyValue("max-width")||e.width+"px",o.style.padding=i.getPropertyValue("padding")||0,o.style.margin=i.getPropertyValue("margin")||0,o.style.border=i.getPropertyValue("border")||0,o.style.borderCo

                Chrome Cache Entry: 241

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (7974), with no line terminators
                Category:downloaded
                Size (bytes):7974
                Entropy (8bit):4.652318399677789
                Encrypted:false
                SSDEEP:
                MD5:DC320FC3BF262EED7091F1DF19F933C1
                SHA1:D00F7046004DE2697B5AC8CB808C9FC6986356E2
                SHA-256:E36A0675BE1940C2E45A19E065226685CAD65F7A5E50F15DB6CD48CD69D18A1C
                SHA-512:2A2207041B39B7CFACE8178A283AD63CE2E13513483D43F7B2D4BC29219CA24E530CD2FF4391219F9C049596F43A5E18749D9F2FD94E8EF9EEF45ADA3DE92450
                Malicious:false
                Reputation:unknown
                URL:https://hypnotherapyforhappiness.co.uk/wp-content/plugins/mai-engine/assets/css/header.min.css?ver=2.35.1.2720251604
                Preview:.before-header{z-index:14}.site-header{background:var(--site-header-background,var(--color-header));border-bottom:var(--site-header-border-bottom,var(--border));box-shadow:var(--site-header-box-shadow,none);color:var(--site-header-color,var(--color-body));position:var(--site-header-position,relative);top:var(--site-header-top,auto);transition:var(--transition);width:100%;z-index:12}.site-header-wrap{align-items:var(--site-header-wrap-align-items,center);display:var(--site-header-wrap-display,flex);flex-wrap:var(--site-header-wrap-flex-wrap,nowrap);gap:var(--site-header-wrap-gap,var(--spacing-lg));justify-content:var(--site-header-wrap-justify-content,var(--site-header-wrap-justify-content-mobile,unset));margin-left:auto;margin-right:auto;max-width:var(--site-header-wrap-max-width,var(--wrap-max-width));width:var(--site-header-wrap-width,calc(100% - var(--side-spacing)*2))}.header-spacer{display:block;height:var(--header-spacer-height,0);transition:var(--title-area-transition,var(--tran

                Chrome Cache Entry: 242

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:SVG Scalable Vector Graphics image
                Category:dropped
                Size (bytes):1345
                Entropy (8bit):4.076100760801318
                Encrypted:false
                SSDEEP:
                MD5:463A29230026F25D47804E96C507F787
                SHA1:F50E0EAC87BB8F5CFF8F7D8CCB5D72AEDDA7E78D
                SHA-256:A049E1ABE441835A2BCF35258936072189A0A52D0000C4ED2094E59D2AFD189B
                SHA-512:83F065B7B10E906EF8BF40DD907DA4F0EB0F4C28EE2D8B44E418B15F1C06884A579957B2BC27418FAC5759825D394819FF0AC48D784B9F05564B8EDAB25D9426
                Malicious:false
                Reputation:unknown
                Preview:<svg width="10" height="10" viewBox="0 0 10 10" fill="none" xmlns="http://www.w3.org/2000/svg">.<path d="M0.572899 0.00327209C0.459691 0.00320032 0.349006 0.036716 0.254854 0.0995771C0.160701 0.162438 0.0873146 0.251818 0.0439819 0.356405C0.000649228 0.460992 -0.0106814 0.576084 0.0114242 0.687113C0.0335299 0.798142 0.0880779 0.900118 0.168164 0.980132L4.18928 5L0.168164 9.01987C0.0604905 9.12754 0 9.27358 0 9.42585C0 9.57812 0.0604905 9.72416 0.168164 9.83184C0.275838 9.93951 0.421875 10 0.574148 10C0.726422 10 0.872459 9.93951 0.980133 9.83184L5.00125 5.81197L9.02237 9.83184C9.13023 9.93836 9.2755 9.99844 9.4271 9.99923C9.5023 9.99958 9.57681 9.98497 9.6463 9.95623C9.71579 9.92749 9.77886 9.8852 9.83184 9.83184C9.93924 9.72402 9.99955 9.57804 9.99955 9.42585C9.99955 9.27367 9.93924 9.12768 9.83184 9.01987L5.81072 5L9.83184 0.980132C9.88515 0.926818 9.92744 0.863524 9.9563 0.793865C9.98515 0.724206 10 0.649547 10 0.574148C10 0.49875 9.98515 0.42409 9.9563 0.354431C9.92744 0.284772 9.8

                Chrome Cache Entry: 243

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (371), with no line terminators
                Category:downloaded
                Size (bytes):371
                Entropy (8bit):5.048502401620077
                Encrypted:false
                SSDEEP:
                MD5:FB15EAA075318B3B0F17CB7A42920492
                SHA1:06FFFB9183F11B49154DD145C3C02D577AC45A77
                SHA-256:C810F9EB5D42E701BD08FF11DDCDE25B90410BE300630683FE356EEBF0884199
                SHA-512:B84452078FC060A9E83BEB70804E421B8F283F735008C98F4E611493CDE38881AF724498A93070323B94EE03764747207EEC46630441B7DD7A2297D14091EB19
                Malicious:false
                Reputation:unknown
                URL:https://hypnotherapyforhappiness.co.uk/wp-content/themes/genesis/lib/js/skip-links.min.js?ver=3.6.0
                Preview:function ga_skiplinks(){var fragmentID=location.hash.substring(1);fragmentID&&(fragmentID=document.getElementById(fragmentID))&&(!1===/^(?:a|select|input|button|textarea)$/i.test(fragmentID.tagName)&&(fragmentID.tabIndex=-1),fragmentID.focus())}window.addEventListener?window.addEventListener("hashchange",ga_skiplinks,!1):window.attachEvent("onhashchange",ga_skiplinks);

                Chrome Cache Entry: 245

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:PNG image data, 360 x 654, 8-bit colormap, non-interlaced
                Category:dropped
                Size (bytes):74181
                Entropy (8bit):7.995748792773218
                Encrypted:true
                SSDEEP:
                MD5:BD1257F091A4B09497901A529D18457A
                SHA1:0D394E7B73551ED05355A1A5447C7C041B538183
                SHA-256:D5A96F58ACA901B02D4D1A9A7A4A4561015D06BBCC248F7B812F4DC7AD460F70
                SHA-512:62E4B29F966235D638DD3C4F47096190DB86A723D759FA0D4089A2E97C73D947D46F003DC038D3EDB3A1E986657C0A1587FE2CD2E51C07350653D6CF2D318FD2
                Malicious:false
                Reputation:unknown
                Preview:.PNG........IHDR...h...........s....WPLTE..........................................................................................m....tRNS....7._.kCO.&..u...W.........RT....!.IDATx.Z..(.E...s...w.`...L..d.....n......%h..1&..e5g..AZ{......b....8.2..R2+.}.. ..F....r{J..z#c...{...q..~..N.....T.;...K.........4.....y...C...l.......5=D.......1.....S"......l...0i.%.C.&h0...=..Y.r..I..C].J..gLm...UE.L..&..h..<.F...B00...=<..=..yh..........c..<.......d....+.hX.)..ui....d...*........K..~{%.f.....K.i+..td>z...r.q...SX.8'Z\....x-.c.dx..dT...aj.....a......^.feH._.........8.nQR..P^....t.....K...7mO2. *..+.;..Cq..T..k...yu...Q..F......<._../.rJ..$.&3^.v.i|........T..#..Q.K........<<.w*_..&..-.?.!Y..@v..7...%R.[...J..h.1..Gw..A.l.#.nKjN5......J.R4.{4.|...FG`..~*.v.fB=.#"...dJST..7A...L.n....)v.p..u..!~.a..Du.-D...1...:.%...?.]_.?../M.f......%yxAwq}...)`...2O.A..~.R..e.....E..!.^o10r.!...I#..A..B..y;<)..p.e0.@.O...AK...R.$.o....UE..e....0n...I..v.fsZ4....)?<.C..

                Chrome Cache Entry: 246

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
                Category:dropped
                Size (bytes):1826
                Entropy (8bit):7.816178775749803
                Encrypted:false
                SSDEEP:
                MD5:5DCE7CEA41DDD54C097EFA545641AC97
                SHA1:767AE58AA81D4B1CBF11B4DBB86C6100FC23CE8D
                SHA-256:FC840169FDF1A41BBE84E5336BD66A9BD1986D6184E39BD748B881675FC6938A
                SHA-512:6E5D08FA970F3EDAAC9B99EB6A9325885B339AD93AE6EA5018A398841E9ABF602E43B2B5A398BAAC3777604CF428B8F69A1A144FDC222E831FB3A701D71DC86F
                Malicious:false
                Reputation:unknown
                Preview:.PNG........IHDR... ... .....szz.....pHYs..........+......IDATX..klT....g.v.k.....1....K.4...4mRp..I..4MR*..JHi.'..Tj.JUZ...&A.T.<p..E..R.(!i..9..`.y....{.9...}...U.K{..f.9....bf...B.U<.... .=Fa..3k...'.....N.|[,s...f.mP.."EG..o_:..O.....d.../....A....v"qO..g.dl..Q. .Rj.&.L..i....xg.Q...!V.E{...x^....".DA2..O......a.....0.............`..C_9.......<....>...[$.....&d<.......~....d.V. .....x...M9...^....,..y....#.`h0...w....L...{M.oZ...<n&G..g~)8..E.`q.....e..a...u.D.....T......r....%....).:.4{..F.bL.....bq..[&....;.c.O.t.............U._.BI..I.J.7K.w..Wh"..b@.1.....m.....i...D.]............s..3.t..!..D..3...\.i..!......U...3Wt...9p.F..]GjFF.uZ.U.2.`.dP^.s....}...UU.K...3.F.K.........mZ..._.....[....TG:.Eb..n..l.W.i..<..1.|.1.|_..}....D..._l....w.4.t....H.>.I>..^..2..F_.VR..G.......>8......&....2.2.gZr....i....G...p.L^.n.T1..TdV...........2.....P3...&.."...7.UMyqm.<@>....jF...Z..0@. .V...j....../YJ.fv`..Gc....lb....H..}..Wz.c...b.l........#..R)..

                Static File Info

                General

                File type:PDF document, version 1.6
                Entropy (8bit):7.929661539673598
                TrID:
                • Adobe Portable Document Format (5005/1) 100.00%
                File name:Invoice Number INV132146-1.pdf
                File size:52'893 bytes
                MD5:786bb21da0bc0a7a90278e99818d59a9
                SHA1:1b63a43223fa7a5d275d0b3631bee54fe8ca181c
                SHA256:3f193b89c9274026c94b4da74272c7160f1c6f76d5a64594ebb66b103d1e38d2
                SHA512:5a2eef7c1a61b777c644b15e38070b3ffe358e69785a235b9cfa440ddc403bd509c786c843eb0d60063d14d2a560badd8df12c9cd9c060891766a444d2a46649
                SSDEEP:1536:oaZC54j2Aup+lgekiqCAltX3/MCgPnTn9d6:HZCSaAusSi+XvjETn9d6
                TLSH:DB3302BCA895CC9DDEA459F62440438E42DFAC379FD617312ECBE3419E8930AF584DA4
                File Content Preview:%PDF-1.6.%.....2 0 obj.<<./Lang <FEFF0045004E002D00550053>./MarkInfo 4 0 R./Metadata 5 0 R./PageLayout /OneColumn./Pages 6 0 R./StructTreeRoot 7 0 R./Type /Catalog./AcroForm 8 0 R.>>.endobj.5 0 obj.<<./Subtype /XML./Type /Metadata./Filter /FlateDecode./Le

                File Icon

                Icon Hash:62cc8caeb29e8ae0

                Static PDF Info

                General

                Header:%PDF-1.6
                Total Entropy:7.929662
                Total Bytes:52893
                Stream Entropy:7.929453
                Stream Bytes:51803
                Entropy outside Streams:5.201380
                Bytes outside Streams:1090
                Number of EOF found:1
                Bytes after EOF:
                NameCount
                obj9
                endobj9
                stream7
                endstream7
                xref0
                trailer0
                startxref1
                /Page0
                /Encrypt0
                /ObjStm1
                /URI0
                /JS0
                /JavaScript0
                /AA0
                /OpenAction0
                /AcroForm1
                /JBIG2Decode0
                /RichMedia0
                /Launch0
                /EmbeddedFile0
                IDDHASHMD5Preview
                3211313038394f373699a66323ff5e1bcbb778db6bfb3b60cf