Edit tour

Windows Analysis Report
Payment_Notification-Sep27.html

Overview

General Information

Sample name:	Payment_Notification-Sep27.html
Analysis ID:	1522748
MD5:	71ecb5ff5839de39cc4ce50cda586345
SHA1:	3580e7d3b14337db371415bbf1ff2d03df8c1ea9
SHA256:	7dba99e088dcab65eed9c900431a6220822e7528e3c78efc447fcd8452a4dfa5

Detection

HTMLPhisher

Score:	72
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Yara detected HtmlPhish10

Detected javascript redirector / loader

HTML Script injector detected

HTML document with suspicious name

HTML document with suspicious title

HTML file submission containing password form

Suspicious Javascript code found in HTML file

HTML body contains low number of good links

HTML body contains password input but no form action

HTML page contains hidden javascript code

HTML title does not match URL

None HTTPS page querying sensitive user data (password, username or email)

Stores files to the Windows start menu directory

Classification

Process Tree

System is w10x64_ra

chrome.exe (PID: 372 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument C:\Users\user\Desktop\Payment_Notification-Sep27.html MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)

chrome.exe (PID: 2128 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 --field-trial-handle=1804,i,9054044733732504561,14351467490391047325,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)

cleanup

Yara Signatures

HTML

Source	Rule	Description	Author	Strings
0.0.pages.csv	JoeSecurity_HtmlPhish_10	Yara detected HtmlPhish_10	Joe Security

Sigma Signatures

⊘No Sigma rule has matched

Suricata Signatures

⊘No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

Phishing

Yara detected HtmlPhish10

Source: Yara match

File source: 0.0.pages.csv, type: HTML

Detected javascript redirector / loader

Source: Payment_Notification-Sep27.html

HTTP Parser: Low number of body elements: 0

HTML Script injector detected

Source: file:///C:/Users/user/Desktop/Payment_Notification-Sep27.html	HTTP Parser: New script tag found
Source: file:///C:/Users/user/Desktop/Payment_Notification-Sep27.html	HTTP Parser: New script tag found
Source: file:///C:/Users/user/Desktop/Payment_Notification-Sep27.html	HTTP Parser: New script tag found

HTML document with suspicious title

Source: file:///C:/Users/user/Desktop/Payment_Notification-Sep27.html

Tab title: Proof of Payment

Suspicious Javascript code found in HTML file

Source: Payment_Notification-Sep27.html

HTTP Parser: document.write

Source: file:///C:/Users/user/Desktop/Payment_Notification-Sep27.html

HTTP Parser: Number of links: 0

Source: file:///C:/Users/user/Desktop/Payment_Notification-Sep27.html

HTTP Parser: <input type="password" .../> found but no <form action="...

Source: https://hatmed.co.za/

HTTP Parser: Base64 decoded: https://hatmed.co.za:443

Source: file:///C:/Users/user/Desktop/Payment_Notification-Sep27.html

HTTP Parser: Title: Proof of Payment does not match URL

Source: file:///C:/Users/user/Desktop/Payment_Notification-Sep27.html

HTTP Parser: Has password / email / username input fields

Source: file:///C:/Users/user/Desktop/Payment_Notification-Sep27.html

HTTP Parser: <input type="password" .../> found

Source: file:///C:/Users/user/Desktop/Payment_Notification-Sep27.html	HTTP Parser: No favicon
Source: file:///C:/Users/user/Desktop/Payment_Notification-Sep27.html	HTTP Parser: No favicon
Source: file:///C:/Users/user/Desktop/Payment_Notification-Sep27.html	HTTP Parser: No favicon
Source: https://hatmed.co.za/	HTTP Parser: No favicon

Source: file:///C:/Users/user/Desktop/Payment_Notification-Sep27.html	HTTP Parser: No <meta name="author".. found
Source: file:///C:/Users/user/Desktop/Payment_Notification-Sep27.html	HTTP Parser: No <meta name="author".. found
Source: file:///C:/Users/user/Desktop/Payment_Notification-Sep27.html	HTTP Parser: No <meta name="author".. found
Source: https://hatmed.co.za/	HTTP Parser: No <meta name="author".. found
Source: https://hatmed.co.za/	HTTP Parser: No <meta name="author".. found

Source: file:///C:/Users/user/Desktop/Payment_Notification-Sep27.html	HTTP Parser: No <meta name="copyright".. found
Source: file:///C:/Users/user/Desktop/Payment_Notification-Sep27.html	HTTP Parser: No <meta name="copyright".. found
Source: file:///C:/Users/user/Desktop/Payment_Notification-Sep27.html	HTTP Parser: No <meta name="copyright".. found
Source: https://hatmed.co.za/	HTTP Parser: No <meta name="copyright".. found
Source: https://hatmed.co.za/	HTTP Parser: No <meta name="copyright".. found

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries

Source: unknown	HTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.17:49721 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:49727 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:49728 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.190.159.73:443 -> 192.168.2.17:49730 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.5.88:443 -> 192.168.2.17:49731 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.190.159.73:443 -> 192.168.2.17:49732 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 2.23.209.154:443 -> 192.168.2.17:49736 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.17:49737 version: TLS 1.2

Source: chrome.exe

Memory has grown: Private usage: 1MB later: 40MB

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.hatmed.co.zaConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.hatmed.co.zaConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.hatmed.co.zaConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: code.jquery.com
Source: global traffic	DNS traffic detected: DNS query: maxcdn.bootstrapcdn.com
Source: global traffic	DNS traffic detected: DNS query: use.fontawesome.com
Source: global traffic	DNS traffic detected: DNS query: cdnjs.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: stackpath.bootstrapcdn.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: macfinmail.com
Source: global traffic	DNS traffic detected: DNS query: www.hatmed.co.za
Source: global traffic	DNS traffic detected: DNS query: hatmed.co.za

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49865
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49860
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49875 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49852 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49858
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49856
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 49841 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49854
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49853
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49852
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49858 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49847
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49846
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49844
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49843
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49841
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49840
Source: unknown	Network traffic detected: HTTP traffic on port 49834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 49680 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49837
Source: unknown	Network traffic detected: HTTP traffic on port 49847 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49836
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49834
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49833
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49832
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49853 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49707
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49706
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49705
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49702
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49701
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49676 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49701 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 49707 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49851 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49702 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49875
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49874
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49873
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49872
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49871
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49874 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 49846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49867
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49837 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49690
Source: unknown	Network traffic detected: HTTP traffic on port 49872 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49706 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49844 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49873 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49856 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49867 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 49865 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 49842 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49871 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49833 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49854 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49690 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49860 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49705 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49843 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49832 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443

Source: unknown	HTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.17:49721 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:49727 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:49728 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.190.159.73:443 -> 192.168.2.17:49730 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.5.88:443 -> 192.168.2.17:49731 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.190.159.73:443 -> 192.168.2.17:49732 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 2.23.209.154:443 -> 192.168.2.17:49736 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.17:49737 version: TLS 1.2

System Summary

HTML document with suspicious name

Source: Name includes: Payment_Notification-Sep27.html

Initial sample: payment

Source: classification engine

Classification label: mal72.phis.winHTML@16/108@37/223

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Program Files\Google\Chrome\Application\Dictionaries

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument C:\Users\user\Desktop\Payment_Notification-Sep27.html
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 --field-trial-handle=1804,i,9054044733732504561,14351467490391047325,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 --field-trial-handle=1804,i,9054044733732504561,14351467490391047325,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries

Source: Payment_Notification-Sep27.html

Static file information: File size 1705536 > 1048576

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Stealing of Sensitive Information

HTML file submission containing password form

Source: file:///C:/Users/user/Desktop/Payment_Notification-Sep27.html

HTTP Parser: file:///C:/Users/user/Desktop/Payment_Notification-Sep27.html

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	1 Registry Run Keys / Startup Folder	1 Process Injection	3 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	2 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	2 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	1 Extra Window Memory Injection	1 Extra Window Memory Injection	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	3 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	1 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

⊘No Antivirus matches

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

⊘No Antivirus matches

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
stackpath.bootstrapcdn.com	104.18.11.207	true	false	unknown
code.jquery.com	151.101.2.137	true	false	unknown
hatmed.co.za	41.77.101.238	true	false	unknown
cdnjs.cloudflare.com	104.17.25.14	true	false	unknown
maxcdn.bootstrapcdn.com	104.18.11.207	true	false	unknown
www.google.com	216.58.206.36	true	false	unknown
macfinmail.com	23.254.227.214	true	false	unknown
www.hatmed.co.za	41.77.101.238	true	false	unknown
use.fontawesome.com	unknown	unknown	false	unknown

Contacted URLs

Name	Malicious	Reputation
http://www.hatmed.co.za/	false	unknown
https://hatmed.co.za/	false	unknown
file:///C:/Users/user/Desktop/Payment_Notification-Sep27.html	true	unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
142.250.186.67	unknown	United States	15169	GOOGLEUS	false
104.18.10.207	unknown	United States	13335	CLOUDFLARENETUS	false
216.58.206.74	unknown	United States	15169	GOOGLEUS	false
172.67.142.245	unknown	United States	13335	CLOUDFLARENETUS	false
142.250.181.234	unknown	United States	15169	GOOGLEUS	false
142.250.185.227	unknown	United States	15169	GOOGLEUS	false
216.58.206.36	www.google.com	United States	15169	GOOGLEUS	false
142.250.185.142	unknown	United States	15169	GOOGLEUS	false
142.250.186.131	unknown	United States	15169	GOOGLEUS	false
151.101.194.137	unknown	United States	54113	FASTLYUS	false
142.250.184.228	unknown	United States	15169	GOOGLEUS	false
142.250.186.138	unknown	United States	15169	GOOGLEUS	false
142.250.184.195	unknown	United States	15169	GOOGLEUS	false
104.17.24.14	unknown	United States	13335	CLOUDFLARENETUS	false
1.1.1.1	unknown	Australia	13335	CLOUDFLARENETUS	false
216.58.212.131	unknown	United States	15169	GOOGLEUS	false
74.125.71.84	unknown	United States	15169	GOOGLEUS	false
216.58.206.42	unknown	United States	15169	GOOGLEUS	false
23.254.227.214	macfinmail.com	United States	54290	HOSTWINDSUS	false
151.101.2.137	code.jquery.com	United States	54113	FASTLYUS	false
104.18.11.207	stackpath.bootstrapcdn.com	United States	13335	CLOUDFLARENETUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
142.250.181.228	unknown	United States	15169	GOOGLEUS	false
41.77.101.238	hatmed.co.za	South Africa	37515	iCONNECTZA	false
142.250.186.100	unknown	United States	15169	GOOGLEUS	false
142.250.184.238	unknown	United States	15169	GOOGLEUS	false
142.250.186.42	unknown	United States	15169	GOOGLEUS	false
172.217.16.195	unknown	United States	15169	GOOGLEUS	false
104.17.25.14	cdnjs.cloudflare.com	United States	13335	CLOUDFLARENETUS	false

Private

IP
192.168.2.17

General Information

Joe Sandbox version:	41.0.0 Charoite
Analysis ID:	1522748
Start date and time:	2024-09-30 15:55:12 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	defaultwindowsinteractivecookbook.jbs
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	21
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	EGA enabled
Analysis Mode:	stream
Analysis stop reason:	Timeout
Sample name:	Payment_Notification-Sep27.html
Detection:	MAL
Classification:	mal72.phis.winHTML@16/108@37/223
Cookbook Comments:	Found application associated with file extension: .html

Warnings

Exclude process from analysis (whitelisted): dllhost.exe
Excluded IPs from analysis (whitelisted): 142.250.184.195, 74.125.71.84, 142.250.185.142, 142.250.186.42, 172.67.142.245, 104.21.27.152, 216.58.206.42, 34.104.35.123, 142.250.186.131, 142.250.181.234
Excluded domains from analysis (whitelisted): fonts.googleapis.com, clients2.google.com, accounts.google.com, edgedl.me.gvt1.com, ajax.googleapis.com, fonts.gstatic.com, clientservices.googleapis.com, clients.l.google.com, use.fontawesome.com.cdn.cloudflare.net
Not all processes where analyzed, report is missing behavior information
VT rate limit hit for: Payment_Notification-Sep27.html

LLM Input / Output

Input	Output
URL: file:///C:/Users/user/Desktop/Payment_Notification-Sep27.html Model: jbxai	{ "Status":"Unavailable"}
	{ "Status":"Unavailable"}
URL: file:///C:/Users/user/Desktop/Payment_Notification-Sep27.html Model: jbxai	{ "Status":"Unavailable"}
	{ "Status":"Unavailable"}
URL: file:///C:/Users/user/Desktop/Payment_Notification-Sep27.html Model: jbxai	{ "Status":"Unavailable"}
	{ "Status":"Unavailable"}
URL: https://hatmed.co.za/ Model: jbxai	{ "brand":["Hatmed"], "contains_trigger_text":false, "trigger_text":"", "prominent_button_name":"DISCOVER MORE", "text_input_field_labels":["unknown"], "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

URL: https://hatmed.co.za/ Model: jbxai	{ "brand":["Hatmed"], "contains_trigger_text":false, "trigger_text":"", "prominent_button_name":"unknown", "text_input_field_labels":"unknown", "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

URL: https://hatmed.co.za/ Model: jbxai	{ "brand":["Hatmed"], "contains_trigger_text":false, "trigger_text":"", "prominent_button_name":"CONTACT US", "text_input_field_labels":["unknown"], "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Sep 30 12:56:16 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.9811966712348728
Encrypted:	false
SSDEEP:
MD5:	4A410B2740F23A114C8881A04C39DE6E
SHA1:	1FEC96372C721DB6858B1ABF1331D33C619F9A94
SHA-256:	A64A2FC6741DBBADCD77898EA4A6F305486B0FF2E83273D3FD8EFE86B27736C3
SHA-512:	F700B5A94CD51CD53E92E0F64CD7F4D011239BE92C34D09DAAFF1779C8552A48F88A772D50C7386522B7FC409136100FD399A3CD25E84D6C882BD7CF3138E693
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,....p..@.......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.I>Y.o....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V>Y.o....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.V>Y.o....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.V>Y.o...........................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.V>Y.o...........................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........&q......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Sep 30 12:56:16 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2679
Entropy (8bit):	4.000011072035809
Encrypted:	false
SSDEEP:
MD5:	0BE64CB38B695E064B0424E17376A520
SHA1:	1910A93749ADB6A9E778FEEBBE48FD8F723C7A73
SHA-256:	6386478A2D663D1B014FC20846395A92CAA60A69E8679FBB2552D94379DB9ECE
SHA-512:	B2C9769939588D9E34676233464954BE46D75A6EBDB09AF3E043B677913F08959FF97A84CF2FAF238970E3BCE4DAA6B6516C40A77C7371137321749B56B85759
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,........@.......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.I>Y.o....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V>Y.o....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.V>Y.o....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.V>Y.o...........................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.V>Y.o...........................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........&q......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:54:41 2023, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2693
Entropy (8bit):	4.009845038983428
Encrypted:	false
SSDEEP:
MD5:	13B035DD0C3A5B4936BA4D5DDD9FF424
SHA1:	31B2BDF471C7394AEB3E935E389254DB239964F9
SHA-256:	3D8D92B6DFF9070D117542B85FC2B4BED75961FE8F998F953390E3E694F8D10C
SHA-512:	DBE45657644161A93E86A74AD4510386335A58AD87E6EF61D9E1D5B3EEC95DE701385C939E1A6BC2D069D90F1545EA5016DCC23BB02BB525DA2600765B90BEF2
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.....v. ;.......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.I>Y.o....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V>Y.o....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.V>Y.o....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.V>Y.o...........................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VFW.N...........................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........&q......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Sep 30 12:56:16 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2681
Entropy (8bit):	3.9938136478784996
Encrypted:	false
SSDEEP:
MD5:	A0D15BACAC4CC6C11B8C5C5A8E18A07D
SHA1:	745C7B10D57A8831CCECFA680B81B7B4B8CBCA31
SHA-256:	7D771C7BDF72FE767624624889A46971108F7E0ADC6A52E43EE1BE59AD9FEDC8
SHA-512:	F13987BDACB0DB70C088F0709BB784F8C8FD657E8B492626888EFE95E96A4A3546F45028A7013BC737E92A452736957AF9F784CB3FECC07399B8782481863F82
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,....f-..@.......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.I>Y.o....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V>Y.o....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.V>Y.o....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.V>Y.o...........................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.V>Y.o...........................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........&q......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Sep 30 12:56:16 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2681
Entropy (8bit):	3.985959708729123
Encrypted:	false
SSDEEP:
MD5:	F2ECCC9DDA92E1D98CC68B03AA773225
SHA1:	4335467E01F86AB89543CCBB9A8AFA2445923330
SHA-256:	3E61BE4B89509A8271FD41A9DE35B7913CD27B9E78DFE4D807A732C2AA939A8B
SHA-512:	441C8829A6451CEF5DECE4F65887E1192AD4C4319FE1F64EA0B20034A0F0F10EDC4A6ACECC5E2563BD46A770278314A2FA8593A6928CF2F82D1251F469144FE4
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.......@.......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.I>Y.o....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V>Y.o....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.V>Y.o....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.V>Y.o...........................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.V>Y.o...........................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........&q......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Sep 30 12:56:16 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2683
Entropy (8bit):	3.9975052637407447
Encrypted:	false
SSDEEP:
MD5:	589BE67E160B889D3921AC6DB3DC2743
SHA1:	12D1C7D0C55B9B357F3E939523710D36C1E68402
SHA-256:	DC5F572D6BD12DA70AEC574F7E258E83545730E9A2E80FDF11770A60F2FBDEC1
SHA-512:	451F68777353280BA20086199902A27B9A72CD3B2D5503E08E8D92F484324A87944326236E05B797215EA33BC9FF7CCF2ADB7773CC45FDE6A664933F5A3FF5E6
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,....M...@.......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.I>Y.o....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V>Y.o....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.V>Y.o....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.V>Y.o...........................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.V>Y.o...........................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........&q......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

Chrome Cache Entry: 140

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (19296)
Category:	downloaded
Size (bytes):	19340
Entropy (8bit):	5.0308468554240315
Encrypted:	false
SSDEEP:
MD5:	992FB6338C3AEE1AFA27AE8E2025F478
SHA1:	C493187B5746C68B7819C642ACAD020DB8DF4750
SHA-256:	2F9BC543721529C944B930524F8F77B95D41511E94891FBA29F49F6D4BE47883
SHA-512:	EDF29DCF97CADCC2629A4B37192D9DCD02B974748C2116789F1E567E68F72054CC06A52B4DDD215EB8518F01D256F89C54AF41E88B8AD963CBB99C97C49406E0
Malicious:	false
Reputation:	unknown
URL:	https://hatmed.co.za/wp-content/plugins/elementor-pro/assets/js/form.a8f0864f4b4fda696ad1.bundle.min.js
Preview:	/! elementor-pro - v3.24.0 - 12-09-2024 /."use strict";(self.webpackChunkelementor_pro=self.webpackChunkelementor_pro\|\|[]).push([[325],{1553:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.default=void 0;class DataTimeFieldBase extends elementorModules.frontend.handlers.Base{getDefaultSettings(){return{selectors:{fields:this.getFieldsSelector()},classes:{useNative:"elementor-use-native"}}}getDefaultElements(){const{selectors:e}=this.getDefaultSettings();return{$fields:this.$element.find(e.fields)}}addPicker(e){const{classes:t}=this.getDefaultSettings();jQuery(e).hasClass(t.useNative)\|\|e.flatpickr(this.getPickerOptions(e))}onInit(){super.onInit(...arguments),this.elements.$fields.each(((e,t)=>this.addPicker(t)))}}t.default=DataTimeFieldBase},2478:(e,t,s)=>{var r=s(6784);Object.defineProperty(t,"__esModule",{value:!0}),t.default=void 0;var i=r(s(1553));class DateField extends i.default{getFieldsSelector(){return".elementor-date-field"}getPickerOptions(e){const t=jQuery(e);re

Chrome Cache Entry: 141

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (560)
Category:	downloaded
Size (bytes):	600
Entropy (8bit):	4.474534319962468
Encrypted:	false
SSDEEP:
MD5:	F5F5DADED944A88A90162F3C7D3A4AE8
SHA1:	B80058290D3D5744D6A692CAF7BA9AFB46B87542
SHA-256:	4DDDDD757708DCDA6E9C7383F8762DBE97636F5B2BDF3FDB26AD1E284CF156C9
SHA-512:	D061D6D19910539B16B94CAFEE8317CB6BC5659F293B265101922C3431749159666F4D509D178FDE165FE43DDC27727A8A7ADFD3E9B67A9CF28419A56FB48EE4
Malicious:	false
Reputation:	unknown
URL:	https://hatmed.co.za/wp-content/plugins/elementor/assets/css/widget-heading.min.css?ver=3.24.2
Preview:	/! elementor - v3.24.0 - 13-09-2024 /..elementor-widget-heading .elementor-heading-title[class*=elementor-size-]>a{color:inherit;font-size:inherit;line-height:inherit}.elementor-widget-heading .elementor-heading-title.elementor-size-small{font-size:15px}.elementor-widget-heading .elementor-heading-title.elementor-size-medium{font-size:19px}.elementor-widget-heading .elementor-heading-title.elementor-size-large{font-size:29px}.elementor-widget-heading .elementor-heading-title.elementor-size-xl{font-size:39px}.elementor-widget-heading .elementor-heading-title.elementor-size-xxl{font-size:59px}

Chrome Cache Entry: 142

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (7210), with no line terminators
Category:	downloaded
Size (bytes):	7212
Entropy (8bit):	4.784577148886251
Encrypted:	false
SSDEEP:
MD5:	9B0437E1B02FED93929ED0BA63FA068C
SHA1:	CA045D4EE136C522F7C17C4FB856EAC38F068A40
SHA-256:	E4C904CA22994ACA271B12B0715582029CA1B4339C85722D89E008B568FABFB8
SHA-512:	64D41D65DD7E64F1F89682C4B2437ADCE3306C8E02A38F647006F7D13EA9A5F4D10D3540420E70E7BD233FCCD6C10753E402E4FEE6A18FB0E2FD8B63829CC62A
Malicious:	false
Reputation:	unknown
URL:	https://hatmed.co.za/wp-content/themes/hello-elementor/header-footer.min.css?ver=3.1.1
Preview:	@charset "UTF-8";.site-header{display:flex;flex-wrap:wrap;justify-content:space-between;padding-block-start:1rem;padding-block-end:1rem;position:relative}.site-header .site-title{font-size:2.5rem;font-weight:500;line-height:1.2}.site-header .site-branding{display:flex;flex-direction:column;justify-content:center;gap:.5rem}.site-header .header-inner{display:flex;flex-wrap:wrap;justify-content:space-between}.site-header .header-inner .custom-logo-link{display:block}.site-header .header-inner .site-branding .site-description,.site-header .header-inner .site-branding .site-title{margin:0}.site-header .header-inner .site-branding .site-logo img{display:block}.site-header .header-inner .site-branding.show-logo .site-title,.site-header .header-inner .site-branding.show-title .site-logo{display:none!important}.site-header.header-inverted .header-inner{flex-direction:row-reverse}.site-header.header-inverted .header-inner .site-branding{text-align:end}.site-header.header-stacked .header-inner{al

Chrome Cache Entry: 144

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
Category:	downloaded
Size (bytes):	15344
Entropy (8bit):	7.984625225844861
Encrypted:	false
SSDEEP:
MD5:	5D4AEB4E5F5EF754E307D7FFAEF688BD
SHA1:	06DB651CDF354C64A7383EA9C77024EF4FB4CEF8
SHA-256:	3E253B66056519AA065B00A453BAC37AC5ED8F3E6FE7B542E93A9DCDCC11D0BC
SHA-512:	7EB7C301DF79D35A6A521FAE9D3DCCC0A695D3480B4D34C7D262DD0C67ABEC8437ED40E2920625E98AAEAFBA1D908DEC69C3B07494EC7C29307DE49E91C2EF48
Malicious:	false
Reputation:	unknown
URL:	https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Preview:	wOF2......;........H..;..........................d..@..J.`..L.T..<.....x.....^...x.6.$..6. ..t. ..I.h\|.l....A....b6........(......@e.]...:..-.0..r.)..hS..h...N.).D.........b.].......^..t?.m{...."84...9......c...?..r3o....}...S]....zbO.../z..{.....~cc....I...#.G.D....#e.A..b...b`a5P.4........M....v4..fI#X.z,.,...=avy..F.a.\9.P\|.[....r.Q@M.I.._.9..V..Q..]......[ {u..L@...]..K......]C....l$.Z.Z...Zs.4........ x.........F.?.7N..].\|.wb\....Z{1L#..t....0.dM...$JV...{..oX...i....6.v.~......)\|.TtAP&).KQ.]y........'...:.d..+..d..."C.h..p.2.M..e,.UP..@.q..7..D.@...,......B.n. r&.......F!.....\...;R.?-.i...,7..cb../I...Eg...!X.)5.Aj7...Ok..l7.j.A@B`".}.w.m..R.9..T.X.X.d....S..`XI..1... .$C.H.,.\. ..A(.AZ.................`Wr.0]y..-..K.1.............1.tBs..n.0...9.F[b.3x...$....T..PM.Z-.N.rS?I.<8eR'.3..27..?;..OLf.Rj.@.o.W...........j~ATA....vX.N:.3dM.r.)Q.B...4i.f..K.l..s....e.U.2...k..a.GO.}..../.'..%$..ed..'..qP....M..j....../.z&.=...q<....-..?.A.%..K..

Chrome Cache Entry: 146

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 90 x 90, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	13120
Entropy (8bit):	7.962293886781998
Encrypted:	false
SSDEEP:
MD5:	3D550C70638DF6E36ABC1B5A0E63ADA8
SHA1:	48C25D76545F7E9BDC9F76D7648874808457C446
SHA-256:	D8D41A66A0097A4C54FDDA5DCA2A89DE17E6F92A62C2590F0F27B6E4B9995828
SHA-512:	7E8C6A3F11E56757138C2B2E4F6CA182FBBD62B44EF2CFCBB94170A71FB854E9C497644748370E73AE146C653A37C09815CCE5DCFDBB8F017F2D6C8C84E1AE29
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR...Z...Z.....8.A.....sBIT....\|.d...._zTXtRaw profile type APP1.....JO.K-.LV((.O..I.R..c...K.K.D......04006..F@.9T(..........Y..)....O..h.-... .IDATx..y..U...R..{:........ 1...(. \@.w?...L0xQ...^....#.E...B.H...!!+![w.]./.Wu.......T.88..\|...w9.w....)..f....}.i.kkk...g...f..Y.r.....i.5...d..B".L....`$...............B'..c17./.........=....s.V..0...".R.a.d2...".T....PWW......PWW.a.(.B6..X,2>>.....u...wttl...8..._...g..t...-Z.>.....E.+..S(..Z...E....};.T.x<...`hh..........MMM...0s.L,.....X,.t].b.`.X...G..}.......................^......E..\|.EQ(....A.P@Q...<CCC...`0....r9.E!....d...#..a...u....1"..\|..s....4.M.PU.UU...{......;./`.W.......^.n.....X.V.`...+.B&....#.`..0.D"x.^FGGI.R.R)jjj...tttP__.a.d.Y.v;...........g.O\|...)..P..T*5....m..s6.M.9q....(..~...>...}S.4+0.X3....a..<y._..W.......4...Z......$.L.p8.x<.B!,..n..D"A.X.f.I.SUU..n'..R]]..^..(....WU.l6..e...n...?....k....n...K.Z.3.!.U..B...i..A.z.!..Cuu56..D".....b.p8,....8.l

Chrome Cache Entry: 147

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (5501), with no line terminators
Category:	downloaded
Size (bytes):	5501
Entropy (8bit):	5.090803383040294
Encrypted:	false
SSDEEP:
MD5:	EAEAE7B3B8219794ADC896DC35FC7138
SHA1:	C9E6CEEF8E90D062D419F997AD35181712FFCB58
SHA-256:	0F3D863879EF08A122AC5540FCE116B6644FC764BAA5C3D626844A1916F9916C
SHA-512:	47034ECCCDCA4CFCF7F03890E9195E3E8BCBF59C657A5A93E897ADD39DE35104ED70585A81684E72EBB9130E4B8095D38816E804D043A62DFDF67BDB53336E40
Malicious:	false
Reputation:	unknown
URL:	https://hatmed.co.za/wp-content/themes/hello-elementor/style.min.css?ver=3.1.1
Preview:	html{line-height:1.15;-webkit-text-size-adjust:100%}*,:after,:before{box-sizing:border-box}body{margin:0;font-family:-apple-system,BlinkMacSystemFont,Segoe UI,Roboto,Helvetica Neue,Arial,Noto Sans,sans-serif,Apple Color Emoji,Segoe UI Emoji,Segoe UI Symbol,Noto Color Emoji;font-size:1rem;font-weight:400;line-height:1.5;color:#333;background-color:#fff;-webkit-font-smoothing:antialiased;-moz-osx-font-smoothing:grayscale}h1,h2,h3,h4,h5,h6{margin-block-start:.5rem;margin-block-end:1rem;font-family:inherit;font-weight:500;line-height:1.2;color:inherit}h1{font-size:2.5rem}h2{font-size:2rem}h3{font-size:1.75rem}h4{font-size:1.5rem}h5{font-size:1.25rem}h6{font-size:1rem}p{margin-block-start:0;margin-block-end:.9rem}hr{box-sizing:content-box;height:0;overflow:visible}pre{font-family:monospace,monospace;font-size:1em;white-space:pre-wrap}a{background-color:transparent;text-decoration:none;color:#c36}a:active,a:hover{color:#336}a:not([href]):not([tabindex]),a:not([href]):not([tabindex]):focus,a:

Chrome Cache Entry: 148

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (6169)
Category:	dropped
Size (bytes):	6213
Entropy (8bit):	5.470851630417323
Encrypted:	false
SSDEEP:
MD5:	A4D829008D7CB508FC7F35BC1DE74391
SHA1:	6B1A01216E77B5C53C9944C68F9D2B27162E0138
SHA-256:	BBB7374F83FEB0DE5F0813B64E33EF900F690754F3A5B7E7BDF3D80192E4855A
SHA-512:	768CE3D7B6AB851C3064730FA421F8DA599A5D5678236198CFD78F4F3965A79E40C095CD13E5BD57DDCD441F9DFF969BEEEF75C394950F341352BF7B762C0056
Malicious:	false
Reputation:	unknown
Preview:	/! elementor-pro - v3.24.0 - 12-09-2024 /.(()=>{"use strict";var e,r,a,n={},c={};function __webpack_require__(e){var r=c[e];if(void 0!==r)return r.exports;var a=c[e]={exports:{}};return n[e].call(a.exports,a,a.exports,__webpack_require__),a.exports}__webpack_require__.m=n,e=[],__webpack_require__.O=(r,a,n,c)=>{if(!a){var i=1/0;for(o=0;o<e.length;o++){for(var[a,n,c]=e[o],t=!0,b=0;b<a.length;b++)(!1&c\|\|i>=c)&&Object.keys(__webpack_require__.O).every((e=>__webpack_require__.O[e](a[b])))?a.splice(b--,1):(t=!1,c<i&&(i=c));if(t){e.splice(o--,1);var _=n();void 0!==_&&(r=_)}}return r}c=c\|\|0;for(var o=e.length;o>0&&e[o-1][2]>c;o--)e[o]=e[o-1];e[o]=[a,n,c]},__webpack_require__.f={},__webpack_require__.e=e=>Promise.all(Object.keys(__webpack_require__.f).reduce(((r,a)=>(__webpack_require__.f[a](e,r),r)),[])),__webpack_require__.u=e=>635===e?"code-highlight.d86022c8668c4b072592.bundle.min.js":519===e?"video-playlist.af20fd9fd8778929829e.bundle.min.js":375===e?"paypal-button.f4f64e46173f50701949.b

Chrome Cache Entry: 151

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (54456)
Category:	downloaded
Size (bytes):	54641
Entropy (8bit):	4.712564291864468
Encrypted:	false
SSDEEP:
MD5:	251D28BD755F5269A4531DF8A81D5664
SHA1:	C0F035B41B23C6E8FAB735F618AA3CFF0897B4F9
SHA-256:	AFDC6BF2DE981FFD7D370B76F44E7580572F197EFBE214B9CFA4005D189D8EAE
SHA-512:	8111F411C21C6011644139DBA4EF24D1696C0F6D31E55CE384E0353A0F3E65402170C502BDDF803C3DF9149C371B31C03F77BE98FDBC61C0C9C55AFBE399681F
Malicious:	false
Reputation:	unknown
URL:	https://use.fontawesome.com/releases/v5.7.0/css/all.css
Preview:	/!. Font Awesome Free 5.7.0 by @fontawesome - https://fontawesome.com. * License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License). */..fa,.fab,.fal,.far,.fas{-moz-osx-font-smoothing:grayscale;-webkit-font-smoothing:antialiased;display:inline-block;font-style:normal;font-variant:normal;text-rendering:auto;line-height:1}.fa-lg{font-size:1.33333em;line-height:.75em;vertical-align:-.0667em}.fa-xs{font-size:.75em}.fa-sm{font-size:.875em}.fa-1x{font-size:1em}.fa-2x{font-size:2em}.fa-3x{font-size:3em}.fa-4x{font-size:4em}.fa-5x{font-size:5em}.fa-6x{font-size:6em}.fa-7x{font-size:7em}.fa-8x{font-size:8em}.fa-9x{font-size:9em}.fa-10x{font-size:10em}.fa-fw{text-align:center;width:1.25em}.fa-ul{list-style-type:none;margin-left:2.5em;padding-left:0}.fa-ul>li{position:relative}.fa-li{left:-2em;position:absolute;text-align:center;width:2em;line-height:inherit}.fa-border{border:.08em solid #eee;border-radius:.1em;padding:.2em .25em .15em}.fa-pull-lef

Chrome Cache Entry: 154

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (12214)
Category:	downloaded
Size (bytes):	12264
Entropy (8bit):	4.629013592005974
Encrypted:	false
SSDEEP:
MD5:	F5FD82D852F5358334C2D05430AF9CB4
SHA1:	D84D2E9FEA0450A411DF650D1DD6438FBD61FEDF
SHA-256:	E6754BE5D177D5CA389048BAF9F3794A0891D7EF86BED4AE99E764F9D37E3269
SHA-512:	6C6067F0D9F8170B87EA28D8A2F77A2218B54EDF01B5BC822D2B69B2274F96E6C49BA7643F97F7A61B9D7CCC92AF613286F0D0CB44A0191283B4666A38A41A33
Malicious:	false
Reputation:	unknown
URL:	https://hatmed.co.za/wp-content/uploads/elementor/css/post-39.css?ver=1726231693
Preview:	.elementor-39 .elementor-element.elementor-element-6c83785e{--display:flex;--flex-direction:column;--container-widget-width:100%;--container-widget-height:initial;--container-widget-flex-grow:0;--container-widget-align-self:initial;--flex-wrap-mobile:wrap;--gap:0px 0px;--background-transition:0.3s;--padding-top:3em;--padding-bottom:0em;--padding-left:0em;--padding-right:0em;}.elementor-39 .elementor-element.elementor-element-6c83785e:not(.elementor-motion-effects-element-type-background), .elementor-39 .elementor-element.elementor-element-6c83785e > .elementor-motion-effects-container > .elementor-motion-effects-layer{background-color:var( --e-global-color-638d055 );}.elementor-39 .elementor-element.elementor-element-6c83785e, .elementor-39 .elementor-element.elementor-element-6c83785e::before{--border-transition:0.3s;}.elementor-39 .elementor-element.elementor-element-10536731{--display:flex;--flex-direction:row;--container-widget-width:initial;--container-widget-height:100%;--contain

Chrome Cache Entry: 155

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	downloaded
Size (bytes):	78840
Entropy (8bit):	6.022413301778022
Encrypted:	false
SSDEEP:
MD5:	0CA290F7801B0434CFE66A0F300A324C
SHA1:	0891B431E5F2671A211DDD8F03ACF1D07792F076
SHA-256:	0C613DC5F9E10DFF735C7A102433381C97B89C4A26CE26C78D9FFAD1ADDDC528
SHA-512:	AF70C75F30B08D731042C45091681B55E398EA6E6D96189BC9935CE25584A57240C678FF44C0C0428F93BF1F6A504E0558BC63F233D66D1B9A5B477BA1EF1533
Malicious:	false
Reputation:	unknown
URL:	https://www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/styles__ltr.css
Preview:	.goog-inline-block{position:relative;display:-moz-inline-box;display:inline-block}* html .goog-inline-block{display:inline}*:first-child+html .goog-inline-block{display:inline}.recaptcha-checkbox{border:none;font-size:1px;height:28px;margin:4px;width:28px;overflow:visible;outline:0;vertical-align:text-bottom}.recaptcha-checkbox-border{-webkit-border-radius:2px;-moz-border-radius:2px;border-radius:2px;background-color:#fff;border:2px solid #c1c1c1;font-size:1px;height:24px;position:absolute;width:24px;z-index:1}.recaptcha-checkbox-borderAnimation{background-image:url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAFQAAANICAYAAABZl8i8AAAAIGNIUk0AAHomAACAhAAA+gAAAIDoAAB1MAAA6mAAADqYAAAXcJy6UTwAAAAGYktHRAD/AP8A/6C9p5MAAHq9SURBVHja7Z15fFTl9f/fd9ZM9n1PgCyEXSSRNYKCgAuiIipuVSuudavV1tq6W/WrtnWrrZbWDZUqUqUoCoIEQhBI2JesELKvM9mTWe7c3x83d5xAlkky8fv92ft5vfKC19znOWfuZ571POc5B1SoUKFChQoVKlSoUKFChQoVKlSoUKFChQoVKlSoUKFChQoVKlSoUKFChQoVKlSoUKFChQoVKlSoUKHifwGCRqsTNFrdj6VPq9XqtNofT9+wvutQyEyad8t9IaPPntFUd

Chrome Cache Entry: 157

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 15552, version 1.0
Category:	downloaded
Size (bytes):	15552
Entropy (8bit):	7.983966851275127
Encrypted:	false
SSDEEP:
MD5:	285467176F7FE6BB6A9C6873B3DAD2CC
SHA1:	EA04E4FF5142DDD69307C183DEF721A160E0A64E
SHA-256:	5A8C1E7681318CAA29E9F44E8A6E271F6A4067A2703E9916DFD4FE9099241DB7
SHA-512:	5F9BB763406EA8CE978EC675BD51A0263E9547021EA71188DBD62F0212EB00C1421B750D3B94550B50425BEBFF5F881C41299F6A33BBFA12FB1FF18C12BC7FF1
Malicious:	false
Reputation:	unknown
URL:	https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Preview:	wOF2......<...........<Z.........................d..z..J.`..L.\..<.....<.....^...x.6.$..6. .... ..S..}%.......\|....x..[j.E...d..-A...]=sjf$X.o.5......V....i?}.\...;...V......5..mO=,[.B..d'..=..M...q...8..U'..N..G...[..8....Jp..xP...'.?....}.-.1F.C.....%z..#...Q...~.~..3.............r.Xk..v..7t.+bw...f..b...q.W..'E.....O..a..HI.....Y.B..i.K.0.:.d.E.Lw....Q..~.6.}B...bT.F.,<./....Qu....\|...H....Fk.-..H..p4.$......{.2.....".T'..........Va.6+.9uv....RW..U$8...p...........H5...B..N..V...{.1....5}p.q6..T...U.P.N...U...!.w..?..mI..8q.}.... >.Z.K.....tq..}.><Ok..w.. ..v....W...{....o...."+#+,..vdt...p.WKK:.p1...3`. 3.......Q.].V.$}.......:.S..bb!I...c.of.2uq.n.MaJ..Cf.......w.$.9C...sj.=...=.Z7...h.w M.D..A.t.....]..GVpL...U(.+.)m..e)..H.}i.o.L...S.r..m..Ko....i..M..J..84.=............S..@......Z.V.E..b...0.....@h>...."$.?....../..?.....?.J.a,..\|..d...\|`.m5..b..LWc...L...?.G.].i...Q..1.:..LJV.J...bU.2.:\.kt.......t.....k....B..i.z+...........A.....

Chrome Cache Entry: 158

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (4970)
Category:	dropped
Size (bytes):	5014
Entropy (8bit):	5.080721494493874
Encrypted:	false
SSDEEP:
MD5:	F6C8BC5DECE28BCBCCEC100BC91C0901
SHA1:	BBA6BE4A795075FFB07CF8ED7369948461AD20C6
SHA-256:	D792222784E11DB3310D614287FD2500A930811ACCB9A24F7B4513DE2ED6661C
SHA-512:	1795B7D6BF79478097AD49793D66EEDE13E711F44E62A6888BE0010DBD8CA9DFAFD4015DC1501FD75506D8F148759258E399E85BE8254264FC4B48ABD6B43FB2
Malicious:	false
Reputation:	unknown
Preview:	/! elementor-pro - v3.24.0 - 12-09-2024 /."use strict";(self.webpackChunkelementor_pro=self.webpackChunkelementor_pro\|\|[]).push([[897],{5456:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.default=void 0;class CarouselBase extends elementorModules.frontend.handlers.SwiperBase{getDefaultSettings(){return{selectors:{swiperContainer:".elementor-main-swiper",swiperSlide:".swiper-slide"},slidesPerView:{widescreen:3,desktop:3,laptop:3,tablet_extra:3,tablet:2,mobile_extra:2,mobile:1}}}getDefaultElements(){const e=this.getSettings("selectors"),t={$swiperContainer:this.$element.find(e.swiperContainer)};return t.$slides=t.$swiperContainer.find(e.swiperSlide),t}getEffect(){return this.getElementSettings("effect")}getDeviceSlidesPerView(e){const t="slides_per_view"+("desktop"===e?"":"_"+e);return Math.min(this.getSlidesCount(),+this.getElementSettings(t)\|\|this.getSettings("slidesPerView")[e])}getSlidesPerView(e){return"slide"===this.getEffect()?this.getDeviceSlidesPerView(e):1}getDevi

Chrome Cache Entry: 159

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (8189), with CRLF line terminators
Category:	dropped
Size (bytes):	21579
Entropy (8bit):	5.323131183419749
Encrypted:	false
SSDEEP:
MD5:	26295C001AB41986A3A8DBE8A52620D9
SHA1:	A59A6227F56B602B6E331EA8CA8670F5BCBDCDD3
SHA-256:	13EBDA7B46659AF816450C10AD391F5E8CC201455FA008FCD1AF50FCA9C02D61
SHA-512:	598351335EF41DFA34081D5E7DAB497BFE14CB43B66F475098F06EC5D1D3AD5FCA329F3335652ACD19DF74F4BC50C13F742A6DA4FC7E5384EB6DA2CA608F5633
Malicious:	false
Reputation:	unknown
Preview:	/! jQuery UI - v1.13.3 - 2024-04-26.. https://jqueryui.com..* Includes: widget.js, position.js, data.js, disable-selection.js, effect.js, effects/effect-blind.js, effects/effect-bounce.js, effects/effect-clip.js, effects/effect-drop.js, effects/effect-explode.js, effects/effect-fade.js, effects/effect-fold.js, effects/effect-highlight.js, effects/effect-puff.js, effects/effect-pulsate.js, effects/effect-scale.js, effects/effect-shake.js, effects/effect-size.js, effects/effect-slide.js, effects/effect-transfer.js, focusable.js, form-reset-mixin.js, jquery-patch.js, keycode.js, labels.js, scroll-parent.js, tabbable.js, unique-id.js, widgets/accordion.js, widgets/autocomplete.js, widgets/button.js, widgets/checkboxradio.js, widgets/controlgroup.js, widgets/datepicker.js, widgets/dialog.js, widgets/draggable.js, widgets/droppable.js, widgets/menu.js, widgets/mouse.js, widgets/progressbar.js, widgets/resizable.js, widgets/selectable.js, widgets/selectmenu.js, widgets/slider.js, widgets/so

Chrome Cache Entry: 162

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	24812
Entropy (8bit):	7.962537388982004
Encrypted:	false
SSDEEP:
MD5:	6E11C82BF94FEB5E2DFC7BDDADAD826B
SHA1:	31993A9FA0FECE4AD51BA0CFEFCC97F1D0BDD5BE
SHA-256:	4CE4D52281130890CF443FDEB41BEDEC7EB2B4F9CBE203FC8F55C7BADA26C047
SHA-512:	7CA2DFE4037EC6D3A3ED0B21957F05B8C31880504922CEB67CB84C9F9156ECC6C5F311EF9B09EB6EB3610BC2599AA6B540108AF0806B8ABCC9FDF4F8D780AA0A
Malicious:	false
Reputation:	unknown
URL:	https://hatmed.co.za/wp-content/uploads/2024/07/halftone-pattern-on-a-white-background.jpg
Preview:	RIFF.`..WEBPVP8X.... ......4..ICCP0......0ADBE....mntrRGB XYZ ............acspAPPL....none...........................-ADBE................................................cprt.......2desc...0...kwtpt........bkpt........rTRC........gTRC........bTRC........rXYZ........gXYZ........bXYZ........text....Copyright 1999 Adobe Systems Incorporated...desc........Adobe RGB (1998)................................................................................XYZ .......Q........XYZ ................curv.........3..curv.........3..curv.........3..XYZ ..........O.....XYZ ......4....,....XYZ ......&1.../....VP8 .^..P......5.>Q(.F....!Wh@p..in.....'.....~..0ugB.../.B.........?..7........a\.#........<../.OWt........).N....K.3...H.k}.F...U..9.31_<......Y.{.oW.~....>...b...W.Z....(..2.0.8:.uX.K.9.9.p..&...L(.jKO(+3C......U.....^[.b).p.....`vI........, ...)......M`..9Q_...^..ZV?.f...B..9....Z..`..G..Rr.i...{....Q.X.$..........cjv...\|...oI.r.P)U...r>...P..9b8..hH<.L9Bd...._..!B..y.k.T..6KS f.g

Chrome Cache Entry: 163

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (21759), with no line terminators
Category:	downloaded
Size (bytes):	21759
Entropy (8bit):	4.743570914028555
Encrypted:	false
SSDEEP:
MD5:	F64F96D948DC4FCF14F4583F0F2853CA
SHA1:	F6E40776FFBCE163FD868C472225441917859B14
SHA-256:	58DC36CB315906FB9A6528EE6C6AE4082DCC4B3CCD466B72B79C6E020CD89293
SHA-512:	3C5355ACD328D5598AD6FBAB7EAE8952C5B38CB3307FE500A48A2EE4C22DD337A3683A53C894C617A3AEBCF0C2ED59D49072CFB980A2B91E1E2B9D853723D92A
Malicious:	false
Reputation:	unknown
URL:	https://hatmed.co.za/wp-content/plugins/skyboot-custom-icons-for-elementor/assets/css/elegant.css?ver=1.0.8
Preview:	@font-face{font-family:ElegantIcons;src:url(../fonts/ElegantIcons.eot);src:url(../fonts/ElegantIcons.eot?#iefix) format('embedded-opentype'),url(../fonts/ElegantIcons.woff) format('woff'),url(../fonts/ElegantIcons.ttf) format('truetype'),url(../fonts/ElegantIcons.svg#ElegantIcons) format('svg');font-weight:400;font-style:normal}[data-icon]:before{font-family:ElegantIcons;content:attr(data-icon);speak:none;font-weight:400;font-variant:normal;text-transform:none;line-height:1;-webkit-font-smoothing:antialiased;-moz-osx-font-smoothing:grayscale}.arrow-up-down,.arrow_back,.arrow_carrot-2down,.arrow_carrot-2down_alt2,.arrow_carrot-2dwnn_alt,.arrow_carrot-2left,.arrow_carrot-2left_alt,.arrow_carrot-2left_alt2,.arrow_carrot-2right,.arrow_carrot-2right_alt,.arrow_carrot-2right_alt2,.arrow_carrot-2up,.arrow_carrot-2up_alt,.arrow_carrot-2up_alt2,.arrow_carrot-down,.arrow_carrot-down_alt,.arrow_carrot-down_alt2,.arrow_carrot-left,.arrow_carrot-left_alt,.arrow_carrot-left_alt2,.arrow_carrot-right,

Chrome Cache Entry: 164

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	2817
Entropy (8bit):	4.905396042358212
Encrypted:	false
SSDEEP:
MD5:	D43CDC61576820C4A42E2BD035C9D40C
SHA1:	9D82E0F68919702294AD6F242E8FEF39F48B45B2
SHA-256:	E739C3104407BBC15C167DB377FFE8265A9A06A67D282EACC01435E0A64A6872
SHA-512:	B5DF7205FF35993ACB3C47B80011BE99191D1CCDDC6EE25B593818241AF527CDC76BB65BF323CF6F37139F994F9126B879EEE4D65BBCE7D968ECCF647734D66E
Malicious:	false
Reputation:	unknown
Preview:	/****/ (() => { // webpackBootstrap../****/ ."use strict";..var __webpack_exports__ = {};......class elementorHelloThemeHandler {.. constructor() {.. this.initSettings();.. this.initElements();.. this.bindEvents();.. }.. initSettings() {.. this.settings = {.. selectors: {.. menuToggle: '.site-header .site-navigation-toggle',.. menuToggleHolder: '.site-header .site-navigation-toggle-holder',.. dropdownMenu: '.site-header .site-navigation-dropdown'.. }.. };.. }.. initElements() {.. this.elements = {.. window,.. menuToggle: document.querySelector(this.settings.selectors.menuToggle),.. menuToggleHolder: document.querySelector(this.settings.selectors.menuToggleHolder),.. dropdownMenu: document.querySelector(this.settings.selectors.dropdownMenu).. };.. }.. bindEvents() {.. var _this$elements$menuTo;.. if (!this.elements.menuToggleHolder \|\| (_this$elements$menuTo = this.elements.menuToggleHolder) !== null

Chrome Cache Entry: 165

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (9272), with no line terminators
Category:	downloaded
Size (bytes):	9272
Entropy (8bit):	4.344588241338445
Encrypted:	false
SSDEEP:
MD5:	08A7AFA8D795720AA24E66FCA2FC72E7
SHA1:	2D677B44BDF86C2C618D74AF82BE4C8FFFE7BC2E
SHA-256:	94A79AFC674594CBD2A3755595CEBD13D9247B2D21EC057451FFB79F1F924B27
SHA-512:	5DC6F56185C0302F5D39245F0C43995A87E069F23BCFBB626C0A293B93E11BBA757F50458539C855D770968BF8D7F95EA909A77789B945BF9B856E7C71B4A386
Malicious:	false
Reputation:	unknown
URL:	https://hatmed.co.za/wp-content/uploads/elementor/css/custom-pro-frontend.min.css?ver=1726231692
Preview:	.elementor-animated-content{--translate:0,0}.elementor-animated-content:focus .elementor-animated-item--grow,.elementor-animated-content:hover .elementor-animated-item--grow{transform:scale(1.1)}.elementor-animated-content:focus .elementor-animated-item--shrink,.elementor-animated-content:hover .elementor-animated-item--shrink{transform:scale(.85)}.elementor-animated-content:focus .elementor-animated-item--shrink-contained,.elementor-animated-content:hover .elementor-animated-item--shrink-contained{transform:scale(1)}.elementor-animated-content:focus .elementor-animated-item--enter-zoom-in,.elementor-animated-content:focus .elementor-animated-item--enter-zoom-out,.elementor-animated-content:focus .elementor-animated-item--fade-in,.elementor-animated-content:hover .elementor-animated-item--enter-zoom-in,.elementor-animated-content:hover .elementor-animated-item--enter-zoom-out,.elementor-animated-content:hover .elementor-animated-item--fade-in{opacity:1;transform:scale(1)}.elementor-ani

Chrome Cache Entry: 166

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 48444, version 1.0
Category:	downloaded
Size (bytes):	48444
Entropy (8bit):	7.995593685409469
Encrypted:	true
SSDEEP:
MD5:	8E433C0592F77BEB6DC527D7B90BE120
SHA1:	D7402416753AE1BB4CBD4B10D33A0C10517838BD
SHA-256:	F052EE44C3728DFD23ABA8A4567150BC314D23903026FBB6AD089422C2DF56AF
SHA-512:	5E90F48B923BB95AEB49691D03DADE8825C119B2FA28977EA170C41548900F4E0165E2869F97C7A9380D7FF8FF331A1DA855500E5F7B0DFD2B9ABD77A386BBF3
Malicious:	false
Reputation:	unknown
URL:	https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
Preview:	wOF2.......<.......l..............................`...\..p?HVAR.m?MVAR^.`?STAT.N'&..>/l........>....0....6.$.... ........[..A.2v.6......$..e...w"../.L.p:......Tpc..8@.[5......d#d.xw..o.O3-.....%..>...%..)~p.K.J.H..S...s..z..Wa.. 0\..J.....BL;V..-.L...j....^.9..HO l..,..6.v....?....x.....m..;....a![zif...Ur...Q..P.&.I1..:n.p...j~..h...9.!....@.<.bl\|.Y?h..B.j/..rH.S%/~.^D...6..D.4G...y....Y.....=/o..W..5ryo.d?.gA]..?...1V..S......7ZJ...f....mBG[0eW....y..%B}..]? ...,sR<.y~.~.}.%.!..,X.....`...R..^....S.....u.?k.v.k..U.u..M..`!...b!..X)P...y{.........n..T+6...R......L...x}...g...].g"WT.b..h ....X...=;{w...QO.s..w..@.(,..........{.........1..@...(...\.......9..2.h9P.G........K.Dp...F..4W..ui.u...G...s..x7.?..tg..D..O.sA..t.t.4..~..e\...X.....T..kf.qfX..=^_....g"....De...x[J..A..).G.YUhR.....0.l..#&3.'.K.............$I.Pp.../.s.<@...r=..S......d..P.S.B.w.~X..ZK....h J.`A.bv,=.....>1.Ev.^..U.A. ....EU..].........dw..!$.A`..B.._.....Z~..!..J..l]r.m}m..

Chrome Cache Entry: 168

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (48664)
Category:	downloaded
Size (bytes):	48944
Entropy (8bit):	5.272507874206726
Encrypted:	false
SSDEEP:
MD5:	14D449EB8876FA55E1EF3C2CC52B0C17
SHA1:	A9545831803B1359CFEED47E3B4D6BAE68E40E99
SHA-256:	E7ED36CEEE5450B4243BBC35188AFABDFB4280C7C57597001DE0ED167299B01B
SHA-512:	00D9069B9BD29AD0DAA0503F341D67549CCE28E888E1AFFD1A2A45B64A4C1BC460D81CFC4751857F991F2F4FB3D2572FD97FCA651BA0C2B0255530209B182F22
Malicious:	false
Reputation:	unknown
URL:	https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
Preview:	/!. Bootstrap v4.0.0 (https://getbootstrap.com). * Copyright 2011-2018 The Bootstrap Authors (https://github.com/twbs/bootstrap/graphs/contributors). * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE). */.!function(t,e){"object"==typeof exports&&"undefined"!=typeof module?e(exports,require("jquery"),require("popper.js")):"function"==typeof define&&define.amd?define(["exports","jquery","popper.js"],e):e(t.bootstrap={},t.jQuery,t.Popper)}(this,function(t,e,n){"use strict";function i(t,e){for(var n=0;n<e.length;n++){var i=e[n];i.enumerable=i.enumerable\|\|!1,i.configurable=!0,"value"in i&&(i.writable=!0),Object.defineProperty(t,i.key,i)}}function s(t,e,n){return e&&i(t.prototype,e),n&&i(t,n),t}function r(){return(r=Object.assign\|\|function(t){for(var e=1;e<arguments.length;e++){var n=arguments[e];for(var i in n)Object.prototype.hasOwnProperty.call(n,i)&&(t[i]=n[i])}return t}).apply(this,arguments)}e=e&&e.hasOwnProperty("default")?e.default:e,n=n&&n.hasOwnProp

Chrome Cache Entry: 169

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65446), with CRLF line terminators
Category:	dropped
Size (bytes):	87555
Entropy (8bit):	5.262885428377782
Encrypted:	false
SSDEEP:
MD5:	9FE59B8C3200F735E62F0DEE50221870
SHA1:	F1283D45DC3E33B703B48C9A9D9495B3B49FD2A1
SHA-256:	8691C19F329F1B848D226D5322B09DC8EA1B6861F83A93E141D95AD4379A8120
SHA-512:	B0F29B3FFF77E1D46CE9315DBB9617FA3A8D0DC912F09FF89B64B8BEB37E89FFB47CFF89F09EFFA2726E8348F552E22B0228A8903468E6B34375DABF0ADE3D1D
Malicious:	false
Reputation:	unknown
Preview:	/! jQuery v3.7.1 \| (c) OpenJS Foundation and other contributors \| jquery.org/license /..!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(ie,e){"use strict";var oe=[],r=Object.getPrototypeOf,ae=oe.slice,g=oe.flat?function(e){return oe.flat.call(e)}:function(e){return oe.concat.apply([],e)},s=oe.push,se=oe.indexOf,n={},i=n.toString,ue=n.hasOwnProperty,o=ue.toString,a=o.call(Object),le={},v=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType&&"function"!=typeof e.item},y=function(e){return null!=e&&e===e.window},C=ie.document,u={type:!0,src:!0,nonce:!0,noModule:!0};function m(e,t,n){var r,i,o=(n=n\|\|C).createElement("script");if(o.text=e,t)for(r in u)(i=t[r]\|\|t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.remov

Chrome Cache Entry: 170

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (24021)
Category:	downloaded
Size (bytes):	24109
Entropy (8bit):	5.254879761454111
Encrypted:	false
SSDEEP:
MD5:	9E7C898D1649315173DB5D2D8730FB75
SHA1:	364A6836A90B28329404B7D7F58A524861EF63F5
SHA-256:	F9B60AE2F2938C589960EF00D9B9A644F0847F7183F597CDC3FBF8CFE904C552
SHA-512:	4ED0541755C25DD9AFBF9DA3B64AC082A2F7119720E4B8A21FBC7CB302278AA2D2E15D0E3F735F14A9913A38508C85C45B3DF22922609ADFE551541396881601
Malicious:	false
Reputation:	unknown
URL:	https://hatmed.co.za/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.2.1
Preview:	/! SmartMenus jQuery Plugin - v1.2.1 - November 3, 2022. http://www.smartmenus.org/. * Copyright Vasil Dinkov, Vadikom Web Ltd. http://vadikom.com; Licensed MIT */!function(a){"function"==typeof define&&define.amd?define(["jquery"],a):"object"==typeof module&&"object"==typeof module.exports?module.exports=a(require("jquery")):a(jQuery)}(function(a){function b(b){var i=".smartmenus_mouse";if(h\|\|b)h&&b&&(a(document).off(i),h=!1);else{var j=!0,k=null,l={mousemove:function(b){var c={x:b.pageX,y:b.pageY,timeStamp:(new Date).getTime()};if(k){var d=Math.abs(k.x-c.x),g=Math.abs(k.y-c.y);if((d>0\|\|g>0)&&d<=4&&g<=4&&c.timeStamp-k.timeStamp<=300&&(f=!0,j)){var h=a(b.target).closest("a");h.is("a")&&a.each(e,function(){if(a.contains(this.$root[0],h[0]))return this.itemEnter({currentTarget:h[0]}),!1}),j=!1}}k=c}};l[g?"touchstart":"pointerover pointermove pointerout MSPointerOver MSPointerMove MSPointerOut"]=function(a){c(a.originalEvent)&&(f=!1)},a(document).on(d(l,i)),h=!0}}function c(a){return!/

Chrome Cache Entry: 171

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 18604, version 1.0
Category:	downloaded
Size (bytes):	18604
Entropy (8bit):	7.988490724108331
Encrypted:	false
SSDEEP:
MD5:	4B6914A69E6A586FBE253F73D19D90B0
SHA1:	1F965709606B88830826C45EF0EBCFE3484AA674
SHA-256:	25F33E61CF995ABD6BE62931CF03BF427286259177B43618CC410EE0157CFD30
SHA-512:	C279D8584561068CCF6908F37EA6AB33A981B7646D037108A30B3C886C5DD4E53A4107CBE129D430C6230E1528A466A61C3CB3017DF15AA50421C5E0BE4C166E
Malicious:	false
Reputation:	unknown
URL:	https://fonts.gstatic.com/s/archivoblack/v21/HTxqL289NzCGg4MzN6KJ7eW6CYyF_g.woff2
Preview:	wOF2......H...........HI.........................X..>....`..l.....m.....0..t..P..6.$.... ....!..#.V.e..l.`............o.p.a...-n..'$'c..3......vP.!tY&....04LiM......N..q.X.&<B.{.E+0.@tEoe.......th.....B.7)^.<\|.)t...jf.G... .6..g...Q.k..Z\|...6.'9y...K..B.@F.Z.........[[.ds..>..v.w[..'..p.@\|.e.....!(2.E7b(...w....W.%f...Es..]...~u....iu.O..'..{......KE....e..$..............B.J.u.N.Xk...8.....z.C.'.D...K..n....mp....<.Uy.GC2.ue...;..>.....[..&.v..\|/.... ...g.~.....c....N4.0...~,...S.e=\|....8..}...oeN.R.VAs.h._..\...d...Y?.}...O..W.;....;.....NW.,nU.2Kp.....8..~..af5Kh&)./)..]....G..#......"...F-...Q5Y.i{.@90.3...W...K..N..n.....<.k.}.;G......a..$....?...x(lmOX...C9...P..J.I..&T.6BeE..........T?..@R....._.kS...C:=?)..:.......`...!..R.......EJ...H#I..$..2......1......O.l\......{....&V..&)....D.w<U'.._.px\.-k.j......g..,........c...;..2..._..8"R...0.........w5["XR-..A.w.~.@.CT..l..)`.e._..R....FV.(.0Y.`r.0e..T...@".XV......Zn]%...@...J......_g.P..3

Chrome Cache Entry: 172

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (41132)
Category:	downloaded
Size (bytes):	41172
Entropy (8bit):	5.277157922739132
Encrypted:	false
SSDEEP:
MD5:	02635C1A5107AA1C1E4B058BB0A879EB
SHA1:	9F7E2F1BA079782A1C4CF5E42E7AA9A7F4DEF479
SHA-256:	B69833ADBCD31FEF439ADE18C814AFF5598AD00E59F6F57F260DE25981BDEC1E
SHA-512:	02EEE8BFD498AC5ED4A7304991C35447F4A179CBBB9E415BE2B94FD378D142621D79B06D416F6A93EA607011A77F753BE13ADFD3BFEDB43C36E8AEAACD502E33
Malicious:	false
Reputation:	unknown
URL:	https://hatmed.co.za/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.24.2
Preview:	/! elementor - v3.24.0 - 13-09-2024 /."use strict";(self.webpackChunkelementor=self.webpackChunkelementor\|\|[]).push([[819],{9220:(e,t,n)=>{var o=n(3203);Object.defineProperty(t,"__esModule",{value:!0}),t.default=void 0;var s=o(n(8135));class _default extends elementorModules.ViewModule{constructor(){super(...arguments),this.documents={},this.initDocumentClasses(),this.attachDocumentsClasses()}getDefaultSettings(){return{selectors:{document:".elementor"}}}getDefaultElements(){const e=this.getSettings("selectors");return{$documents:jQuery(e.document)}}initDocumentClasses(){this.documentClasses={base:s.default},elementorFrontend.hooks.doAction("elementor/frontend/documents-manager/init-classes",this)}addDocumentClass(e,t){this.documentClasses[e]=t}attachDocumentsClasses(){this.elements.$documents.each(((e,t)=>this.attachDocumentClass(jQuery(t))))}attachDocumentClass(e){const t=e.data(),n=t.elementorId,o=t.elementorType,s=this.documentClasses[o]\|\|this.documentClasses.base;this.documents[

Chrome Cache Entry: 173

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	254
Entropy (8bit):	4.794963389321437
Encrypted:	false
SSDEEP:
MD5:	9B412BA783951EC5B45F1B1179FAD815
SHA1:	7F8C2C208977BDA9D269D66568E59C097A4D3E55
SHA-256:	81DEBC1F16E76946A6D4C903F67EF094A88F413A2603FC9420CBE8DA57D264FC
SHA-512:	8C6952335CDDCCEA56450C3D3E3A770476B55257117863252E1325FAA8DD8E807745820E6A3D74227E47C1D6BCF40669B216A3ED773C9689759E1176F13D7C8B
Malicious:	false
Reputation:	unknown
URL:	https://hatmed.co.za/wp-content/plugins/elementor/assets/css/widget-image.min.css?ver=3.24.2
Preview:	/! elementor - v3.24.0 - 13-09-2024 /..elementor-widget-image{text-align:center}.elementor-widget-image a{display:inline-block}.elementor-widget-image a img[src$=".svg"]{width:48px}.elementor-widget-image img{vertical-align:middle;display:inline-block}

Chrome Cache Entry: 174

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (38397)
Category:	downloaded
Size (bytes):	73520
Entropy (8bit):	4.71601125853273
Encrypted:	false
SSDEEP:
MD5:	C9E3AC7D9D073E8C14E8EB874FD23BB6
SHA1:	B1B8343B6A06770DDC2FD9397A4C2D2C5F169D56
SHA-256:	81409AF554D31C191CBA2CDFD9AB91003002905FE815D58604F77588971FE62C
SHA-512:	37CE8310AAB591409C0A415EB5B1E26887E4CEAFE4A8A4ACA866527ADBE8D7469113EB25CD3954AEEA040BBD8654BD2722581460B59DB4E9102139E42E9EA837
Malicious:	false
Reputation:	unknown
URL:	https://hatmed.co.za/wp-content/uploads/elementor/css/post-115.css?ver=1726231822
Preview:	.elementor-115 .elementor-element.elementor-element-6a632bbb{--display:flex;--flex-direction:row;--container-widget-width:initial;--container-widget-height:100%;--container-widget-flex-grow:1;--container-widget-align-self:stretch;--flex-wrap-mobile:wrap;--justify-content:flex-end;--gap:0px 0px;--flex-wrap:wrap;--background-transition:0.3s;--overlay-opacity:1;--padding-top:0px;--padding-bottom:0px;--padding-left:0px;--padding-right:0px;}.elementor-115 .elementor-element.elementor-element-6a632bbb:not(.elementor-motion-effects-element-type-background), .elementor-115 .elementor-element.elementor-element-6a632bbb > .elementor-motion-effects-container > .elementor-motion-effects-layer{background-image:url("https://hatmed.co.za/wp-content/uploads/2024/07/halftone-pattern-on-a-white-background.jpg");background-position:bottom center;background-repeat:no-repeat;background-size:cover;}.elementor-115 .elementor-element.elementor-element-6a632bbb::before, .elementor-115 .elementor-element.elemen

Chrome Cache Entry: 176

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	640
Entropy (8bit):	4.82074467061792
Encrypted:	false
SSDEEP:
MD5:	8DC00E5BA0A969CB87F475E88787C91B
SHA1:	0E12558CF753E0573B4684E5B82B8F1A2E4A1096
SHA-256:	F27F1B1C88747ED6BBD6B4510AC70CC8D4B5764C7F0A8EA1DD07DD70505E58CB
SHA-512:	6E39EA0DC3FF8416F5D617545C1B47EAC03C2D16D03B826FE7DD94E8785E56671056CAA49FAEC61F83E7515104ECCA5764F07D7EA4E6B86358D27CA94D9E1BCF
Malicious:	false
Reputation:	unknown
URL:	https://hatmed.co.za/wp-content/themes/hello-theme-child-master/style.css?ver=1.0.0
Preview:	/* ..Theme Name: Hello Elementor Child..Theme URI: https://github.com/elementor/hello-theme/..Description: Hello Elementor Child is a child theme of Hello Elementor, created by Elementor team..Author: Elementor Team..Author URI: https://elementor.com/..Template: hello-elementor..Version: 1.0.1..Text Domain: hello-elementor-child..License: GNU General Public License v3 or later...License URI: https://www.gnu.org/licenses/gpl-3.0.html..Tags: flexible-header, custom-colors, custom-menu, custom-logo, editor-style, featured-images, rtl-language-support, threaded-comments, translation-ready../..../.. Add your custom styles here..*/..

Chrome Cache Entry: 177

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (16214)
Category:	downloaded
Size (bytes):	16471
Entropy (8bit):	5.214012011088674
Encrypted:	false
SSDEEP:
MD5:	A2431BC290CF34E330E11EC4CFCE1247
SHA1:	32A53342901FEF5F4F4DBB26A555E730F84437A4
SHA-256:	C57E64FCB72BDDAFA9C38DE574441C3E69AC6C961DF96B0CAD34DA83658BD196
SHA-512:	87AEF045472DB25020FAEAD697EC02813BA38D4E313CAF437B4CA5CADBB7A7495805AC0B74E5DE60CD84CCECAB290B76D003EB1FADFCDAA70E650A597658ADA9
Malicious:	false
Reputation:	unknown
URL:	https://hatmed.co.za/wp-content/plugins/elementor/assets/lib/swiper/v8/css/swiper.min.css?ver=8.4.5
Preview:	/*. Swiper 8.4.5. * Most modern mobile touch slider and framework with hardware accelerated transitions. * https://swiperjs.com. . Copyright 2014-2022 Vladimir Kharlampidi. . Released under the MIT License. . Released on: November 21, 2022. */.. @font-face{font-family:swiper-icons;src:url('data:application/font-woff;charset=utf-8;base64, d09GRgABAAAAAAZgABAAAAAADAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABGRlRNAAAGRAAAABoAAAAci6qHkUdERUYAAAWgAAAAIwAAACQAYABXR1BPUwAABhQAAAAuAAAANuAY7+xHU1VCAAAFxAAAAFAAAABm2fPczU9TLzIAAAHcAAAASgAAAGBP9V5RY21hcAAAAkQAAACIAAABYt6F0cBjdnQgAAACzAAAAAQAAAAEABEBRGdhc3AAAAWYAAAACAAAAAj//wADZ2x5ZgAAAywAAADMAAAD2MHtryVoZWFkAAABbAAAADAAAAA2E2+eoWhoZWEAAAGcAAAAHwAAACQC9gDzaG10eAAAAigAAAAZAAAArgJkABFsb2NhAAAC0AAAAFoAAABaFQAUGG1heHAAAAG8AAAAHwAAACAAcABAbmFtZQAAA/gAAAE5AAACXvFdBwlwb3N0AAAFNAAAAGIAAACE5s74hXjaY2BkYGAAYpf5Hu/j+W2+MnAzMYDAzaX6QjD6/4//Bxj5GA8AuRwMYGkAPywL13jaY2BkYGA88P8Agx4j+/8fQDYfA1AEBWgDAIB2BOoAeNpjYGRgYNBh4GdgYgABEMnIABJzYNADCQAACWgAsQB42mNgYfzCOIGB

Chrome Cache Entry: 179

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	14746
Entropy (8bit):	7.983741395941368
Encrypted:	false
SSDEEP:
MD5:	536F329C3B227E89E8F1D5C39E82BD64
SHA1:	13B9F099BBDFA27EDF97F2BF1E832D545F13CF98
SHA-256:	DB329ABCBB4023EB10BCEA76CBB29E463B4CE53BEA8BE3CC25D10564BCC14DEB
SHA-512:	3869FFEA50C0D96D6AEC6BD0149AEA2A0CA1513D11470AAF217ACEEC00586ED8B8F4F4B4F4965A0FC1145AF64C4AC24808BF6682F25747986A5F9EA14ADCADEB
Malicious:	false
Reputation:	unknown
URL:	https://hatmed.co.za/wp-content/uploads/2024/07/hatmed-logo-transparent.png
Preview:	RIFF.9..WEBPVP8X..............ALPH.......l..fn..D...%...B0..Q...h..5.C.L\.0..@ .A.DP5".....L.q1.4AA....QA..""..p1qp01...b.b.......S....8O.......$+Q...8r.<v................f.....^=?#G...c.Yi.H..mz..z$K"....z.....H..$.V..L.....G..........G6I.iC..p#... q..R..1..E..8J.D/<Ul......&j.8..'.z..a. M...vTp...u..>.Q.x....n{.C.kn$.H.VW..D....k.o...m..x.#.u=......D#..ER.......@K.f.##.n.P..,G..n...Ge[.O.J.I.X........wt....Z.Gvz,..<...p.,...+..<p..^....b..bM7.....}..g..bK?%.z...K....j......M.R..26.3........Vm....a~..`...C.l9..U.]........oXY.4.{...!.HMmm..u....h..YPt.d.:.....>gpu..zn.((Uu...~.m....iP7..b.J..:..-.V9D....(k.....R.M..n....4...5{4w.h.&.D.n.S.R...6...TS...e: G.2.G.:....5.nc..t.....)Ib.wO.W.q...{..u4y..u..=.o......(.n2.i4NT..P...(..s.'OW5v.Z..(.n.6.u....[...T..9N\..i...jz.V.I(@..(.:...3\|..HT.Pdu...z.............j..Q\|.Ua.\....-%..%...#q..."....Q.........#}......i....m.q..QF=...A)[......3....r.A..t..-.4.f.g.....(......d4......C.

Chrome Cache Entry: 181

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (15752), with CRLF line terminators
Category:	downloaded
Size (bytes):	18730
Entropy (8bit):	4.758005598630001
Encrypted:	false
SSDEEP:
MD5:	715DB51824A450B3C0FA58DDE2D263C1
SHA1:	631298ED44A999E465B30DD173B6833514AA9F6D
SHA-256:	F37B97810D88A4E67A208BFFBE59616F4203031E8F8984E283E0C2D674B2217C
SHA-512:	3FFEBC5E26D5CBE8A6AE7B8594B25C6AC56411CC1B810C04ADAD8F8050FAACA286D353DDCBFC1419E765932D824570E483B60FA63B6D6E987F110AF358E62447
Malicious:	false
Reputation:	unknown
URL:	https://hatmed.co.za/wp-includes/js/wp-emoji-release.min.js?ver=6.6.2
Preview:	/! This file is auto-generated /..// Source: wp-includes/js/twemoji.min.js..var twemoji=function(){"use strict";var h={base:"https://cdn.jsdelivr.net/gh/jdecked/twemoji@15.0.3/assets/",ext:".png",size:"72x72",className:"emoji",convert:{fromCodePoint:function(d){d="string"==typeof d?parseInt(d,16):d;if(d<65536)return e(d);return e(55296+((d-=65536)>>10),56320+(1023&d))},toCodePoint:o},onerror:function(){this.parentNode&&this.parentNode.replaceChild(x(this.alt,!1),this)},parse:function(d,u){u&&"function"!=typeof u\|\|(u={callback:u});return h.doNotParse=u.doNotParse,("string"==typeof d?function(d,a){return n(d,function(d){var u,f,c=d,e=N(d),b=a.callback(e,a);if(e&&b){for(f in c="<img ".concat('class="',a.className,'" ','draggable="false" ','alt="',d,'"',' src="',b,'"'),u=a.attributes(d,e))u.hasOwnProperty(f)&&0!==f.indexOf("on")&&-1===c.indexOf(" "+f+"=")&&(c=c.concat(" ",f,'="',u[f].replace(t,r),'"'));c=c.concat("/>")}return c})}:function(d,u){var f,c,e,b,a,t,r,n,o,s,i,l=function d(u,f)

Chrome Cache Entry: 182

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (60800), with no line terminators
Category:	downloaded
Size (bytes):	60800
Entropy (8bit):	4.739454973636703
Encrypted:	false
SSDEEP:
MD5:	16B4FEE5F0398026DF63B05EE93B1BD1
SHA1:	8F72223B9EB61BFA93BEBE982B79C2B5829948B4
SHA-256:	1C967E0AB53DE53FCA2D038085C35882F79367EE16BF0FEDFE81E5A3682C1B03
SHA-512:	5DCED08BBB293A6A48AC1E295A7B5502FA8FCA0DEFE119B93139DA764294F5A7B8BD067E73C596ACBC2385BED12D29964F3E921D23CC7F8D44D545C87F9FE8D9
Malicious:	false
Reputation:	unknown
URL:	https://hatmed.co.za/wp-content/uploads/elementor/css/custom-frontend.min.css?ver=1726231692
Preview:	.elementor-hidden{display:none}.elementor-visibility-hidden{visibility:hidden}.elementor-screen-only,.screen-reader-text,.screen-reader-text span,.ui-helper-hidden-accessible{position:absolute;top:-10000em;width:1px;height:1px;margin:-1px;padding:0;overflow:hidden;clip:rect(0,0,0,0);border:0}.elementor-clearfix:after{content:"";display:block;clear:both;width:0;height:0}.e-logo-wrapper{background:var(--e-a-bg-logo);display:inline-block;padding:.75em;border-radius:50%;line-height:1}.e-logo-wrapper i{color:var(--e-a-color-logo);font-size:1em}.elementor *,.elementor :after,.elementor :before{box-sizing:border-box}.elementor a{box-shadow:none;text-decoration:none}.elementor hr{margin:0;background-color:transparent}.elementor img{height:auto;max-width:100%;border:none;border-radius:0;box-shadow:none}.elementor .elementor-widget:not(.elementor-widget-text-editor):not(.elementor-widget-theme-post-content) figure{margin:0}.elementor embed,.elementor iframe,.elementor object,.elementor video{max

Chrome Cache Entry: 183

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	3412
Entropy (8bit):	7.928794041541981
Encrypted:	false
SSDEEP:
MD5:	6D562BE092859EAD5568D50A68C55EA4
SHA1:	7AC750725FF6A5B79B33D5264F099F7F68754164
SHA-256:	33E2EE5811F7022F89381E1BB840EBE5041EB9327C595C11E7196018363CE2B8
SHA-512:	FD80590D548CB46E69767657B33AECAA1A580FFB8CACD59EE9634E5177BFE01A64A5241439F2148364F922FD9619AEC09EDDD0BBA6FC0F84FED9D359105A32D6
Malicious:	false
Reputation:	unknown
URL:	https://hatmed.co.za/wp-content/uploads/2024/07/unnamed.png
Preview:	RIFFL...WEBPVP8X........Y..Y..ALPHC.....lk.7w........6G.m..06F.m...<..~.....D.$...I....[..'.H..n...>.. ......F..E}VG.2B...l....O..ZSu.3...>64.+FJ.X.4...b...fM.)F.8...b..MM}.'.J.k.Q..n.....kx..X.IKO....v.r....wq.k.X.kK......Ww'V(.p....B.hG..x$7r.$D]s...QZU.....&d..hZ.&..j..VQ..O.b..6...........?'8..'..[....N.FV..8V.@..$t..O.5r;..7y...+.#..i.>..J........O.....e.U.gB..y.!^%.Wv......x..Se.]._.`).U.W^..{.(2\..%~.&..WO..MVO?.]...y.;e....~.=.#.X2i...d?q:.r..t..$8.^.S]...s.cX....r......(m..Z..7........b.;..;r....x...g.=X..,...4..wO.........j...guD..K...=.Tk....EE......u...R......_/./....&..VP8 .....1...Z.Z.>Q..D......88....p_ .....d..1....`...Q..]@<.n.~...~...y`~.\|..........U.;....].......y..'..p....OP/.?..~.....^.}/.W..Z..?U?.z..+.k.}.?..\|.....[....k?..........o.....{~(..~.{.~...X.%..O.587Y.x...t..E]>...f YY.u...b{{.bd.^...#.8....<..ys..\|.g.....~.F~...p"NmR'4.Ur..x...0....&....d..n\._o+`N...A........p.^.(.2E....1.a........R...KN...E...mR....#R6..

Chrome Cache Entry: 184

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (45047)
Category:	dropped
Size (bytes):	137541
Entropy (8bit):	5.214552493031786
Encrypted:	false
SSDEEP:
MD5:	3266C8F80B985A3BE04473BCEAEE5F0B
SHA1:	2EAFE5FFDECBCF187C57F70CF7E8E96E466392E0
SHA-256:	25C1BA620B1FD2E9000735C704677C7D618AF09C6B82CB206346DF3CEFFDD495
SHA-512:	C22BE749D1A855BF319FF1D5C63DAA7389B28F9F1BC5429117A7301DDA6AF706777B4AA64753DDBF1A5EBFA2F9071A88B9A0A8EA44B46B964A5C6B689031B600
Malicious:	false
Reputation:	unknown
Preview:	!function(){var t={160:function(){var t=function(t,e){if(window.google){var i=e("#"+t.find(".ekit-google-map").attr("id")),n=i.data("id"),o=i.data("api_key"),s=i.data("map_type"),r=i.data("map_address_type"),a=i.data("map_lat")\|\|23.7808875,h=i.data("map_lng")\|\|90.2792373,l=i.data("map_addr"),c=i.data("map_basic_marker_title"),u=i.data("map_basic_marker_content"),d=i.data("map_basic_marker_icon_enable"),f=i.data("map_basic_marker_icon"),p=i.data("map_basic_marker_icon_width"),m=i.data("map_basic_marker_icon_height"),g=i.data("map_zoom")\|\|14,v=i.data("map_markers"),y=i.data("map_static_width"),_=i.data("map_static_height"),w=i.data("map_polylines"),b=i.data("map_stroke_color"),x=i.data("map_stroke_opacity"),E=i.data("map_stroke_weight"),C=i.data("map_stroke_fill_color"),S=i.data("map_stroke_fill_opacity"),I=i.data("map_overlay_content"),T=i.data("map_routes_origin_lat"),k=i.data("map_routes_origin_lng"),z=i.data("map_routes_dest_lat"),L=i.data("map_routes_dest_lng"),O=i.data("map_routes_

Chrome Cache Entry: 185

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	102
Entropy (8bit):	4.921030304008144
Encrypted:	false
SSDEEP:
MD5:	59EE3965FCB16F88E9BDC20B9CD8612E
SHA1:	3D93A27E4DAC9DDA01DC5BBCCA9E1F53E827DAF2
SHA-256:	020A92F2FB27981D1398F916AE17400F8F11473962EBD858B7BF6901814EDD7B
SHA-512:	3E4C07D9CE3DEDE2998A59C32A3FE12D781AAE33C4AFE8D2B9B0D12C18EB96257373098497B5F3C909EC1EDE64FEB4B4074DBDB9678B4D6B019CD64360222849
Malicious:	false
Reputation:	unknown
URL:	https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=xds0rzGrktR88uEZ2JUvdgOY
Preview:	importScripts('https://www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__en.js');

Chrome Cache Entry: 187

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (664)
Category:	downloaded
Size (bytes):	704
Entropy (8bit):	4.638410477285861
Encrypted:	false
SSDEEP:
MD5:	8C861C79DA636AF197C911B30E0E006C
SHA1:	83C3E9021557AC78D7494B32742CCD47852C6541
SHA-256:	B59C613E0647C40AADFA18D4FF5D5C3F345BDC2E135A4C5DBB90C69C7EEAA620
SHA-512:	7814707A5CFF447D9E8FA8B0884480C11016E60CC618EAF6C0A50A7E8319D67C0915C25C966AEEBE52D731D36446884CBE1A4F9E073F5E91FD25549AE41AEB28
Malicious:	false
Reputation:	unknown
URL:	https://hatmed.co.za/wp-content/plugins/elementor/assets/css/widget-text-editor.min.css?ver=3.24.2
Preview:	/! elementor - v3.24.0 - 13-09-2024 /..elementor-widget-text-editor.elementor-drop-cap-view-stacked .elementor-drop-cap{background-color:#69727d;color:#fff}.elementor-widget-text-editor.elementor-drop-cap-view-framed .elementor-drop-cap{color:#69727d;border:3px solid;background-color:transparent}.elementor-widget-text-editor:not(.elementor-drop-cap-view-default) .elementor-drop-cap{margin-top:8px}.elementor-widget-text-editor:not(.elementor-drop-cap-view-default) .elementor-drop-cap-letter{width:1em;height:1em}.elementor-widget-text-editor .elementor-drop-cap{float:left;text-align:center;line-height:1;font-size:50px}.elementor-widget-text-editor .elementor-drop-cap-letter{display:inline-block}

Chrome Cache Entry: 188

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (13479), with CRLF line terminators
Category:	downloaded
Size (bytes):	13579
Entropy (8bit):	5.27337657330958
Encrypted:	false
SSDEEP:
MD5:	2779F5D2F1F22353C726240E530016CC
SHA1:	2B3F380F212C8C64E79DB1F47FA25C114AFE6FBB
SHA-256:	16496529F57AC8915F194E00479B04AF942C33D7897BCFD9A55DD072BBEC1411
SHA-512:	14F4E6DB8D21EFA0A01DFE6AC5C6941807B3DA8875864D736476D480167A9C7B02E60E8BE19CC2F9526B3027684661F5B11D36D3A9D44096DF86B120AF8904E6
Malicious:	false
Reputation:	unknown
URL:	https://hatmed.co.za/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Preview:	/! jQuery Migrate v3.4.1 \| (c) OpenJS Foundation and other contributors \| jquery.org/license /.."undefined"==typeof jQuery.migrateMute&&(jQuery.migrateMute=!0),function(t){"use strict";"function"==typeof define&&define.amd?define(["jquery"],function(e){return t(e,window)}):"object"==typeof module&&module.exports?module.exports=t(require("jquery"),window):t(jQuery,window)}(function(s,n){"use strict";function e(e){return 0<=function(e,t){for(var r=/^(\d+)\.(\d+)\.(\d+)/,n=r.exec(e)\|\|[],o=r.exec(t)\|\|[],a=1;a<=3;a++){if(+o[a]<+n[a])return 1;if(+n[a]<+o[a])return-1}return 0}(s.fn.jquery,e)}s.migrateVersion="3.4.1";var t=Object.create(null);s.migrateDisablePatches=function(){for(var e=0;e<arguments.length;e++)t[arguments[e]]=!0},s.migrateEnablePatches=function(){for(var e=0;e<arguments.length;e++)delete t[arguments[e]]},s.migrateIsPatchEnabled=function(e){return!t[e]},n.console&&n.console.log&&(s&&e("3.0.0")&&!e("5.0.0")\|\|n.console.log("JQMIGRATE: jQuery 3.x-4.x REQUIRED"),s.migrateWarning

Chrome Cache Entry: 189

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 35272, version 1.0
Category:	downloaded
Size (bytes):	35272
Entropy (8bit):	7.994578759910523
Encrypted:	true
SSDEEP:
MD5:	AA1941D5B024B0CAF9827A10A1223D21
SHA1:	73677337831880C6657227D751661332775BFDEE
SHA-256:	7C59B09511F172D20FBF5FEAF7AFF9E844460CDB286D8930A1F546B39ED1A5E1
SHA-512:	C42B816D490805ACB36FB87857238437EBADAA7BAC9ADF7838A907F7598A9C2CE671AC0EB34A15B648E951B84E0066C2ED5EA883FE813C2EB5702FA084A6A332
Malicious:	false
Reputation:	unknown
URL:	https://fonts.gstatic.com/s/archivo/v19/k3kPo8UDI-1M0wlSV9XAw6lQkqWY8Q82sLydOxI.woff2
Preview:	wOF2..............`....S..........................X..n...?HVAR...`?STAT.N'...6/~........x..`.0..>.6.$..<. ..<.....[2DQ#..[.8z.I...f.G...C.w..........a.....(..OK:dh.=..u.:?.B4.....J.lU.Eu....hUXQU.z...5jG.jNt.\.A...h..l..i$y:..9.b...Xo..O$..)............-o ~.}.2a...X.../.q.c._tN......\2..a..B.CoH.-.y.2..".O.C........;.....U....R...I......2y..C..W.........9wy..c...@.0..-..& .H...#.(..<..9.<J$Lll..c5"..an.c2z0b...dc..0`.`...)..k.S....R.....}..8.U.U.(.^:z 4sdG..#G'.bG..'..]...........&..Ht.T.P.E4$.!.).J.1..:...(.B....l.4.\..1....#.(...0...&3.N{_....}.j.....]._....x..$v.(.$...(.IG9.I2.=?....`%...N.....w.K....y..V..:@.:-K.`...q......v:...n....@.8.Ch[..........W<..4.TR....u.u..4..!w.-..2.D.....}..x ...t7.!..[.j...C:.Fd......!Pu_}...Q....h...[. @..c. 3#m ..i..n.~.Ds...../<.SjM..=k.qK2..!N7A...\.....o.Y.z^:..I.m....~Fl..b...[...]C`.........Y/.,.r{@...c...R{/?S.......p!a..........) .I..\..[!+4+_.u.......C..!r...~...........%.F..y..?h...D.?..y3..c.......;.

Chrome Cache Entry: 190

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (32012)
Category:	downloaded
Size (bytes):	69597
Entropy (8bit):	5.369216080582935
Encrypted:	false
SSDEEP:
MD5:	5F48FC77CAC90C4778FA24EC9C57F37D
SHA1:	9E89D1515BC4C371B86F4CB1002FD8E377C1829F
SHA-256:	9365920887B11B33A3DC4BA28A0F93951F200341263E3B9CEFD384798E4BE398
SHA-512:	CAB8C4AFA1D8E3A8B7856EE29AE92566D44CEEAD70C8D533F2C98A976D77D0E1D314719B5C6A473789D8C6B21EBB4B89A6B0EC2E1C9C618FB1437EBC77D3A269
Malicious:	false
Reputation:	unknown
URL:	https://code.jquery.com/jquery-3.2.1.slim.min.js
Preview:	/! jQuery v3.2.1 -ajax,-ajax/jsonp,-ajax/load,-ajax/parseXML,-ajax/script,-ajax/var/location,-ajax/var/nonce,-ajax/var/rquery,-ajax/xhr,-manipulation/_evalUrl,-event/ajax,-effects,-effects/Tween,-effects/animatedSelector \| (c) JS Foundation and other contributors \| jquery.org/license /.!function(a,b){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.document)throw new Error("jQuery requires a window with a document");return b(a)}:b(a)}("undefined"!=typeof window?window:this,function(a,b){"use strict";var c=[],d=a.document,e=Object.getPrototypeOf,f=c.slice,g=c.concat,h=c.push,i=c.indexOf,j={},k=j.toString,l=j.hasOwnProperty,m=l.toString,n=m.call(Object),o={};function p(a,b){b=b\|\|d;var c=b.createElement("script");c.text=a,b.head.appendChild(c).parentNode.removeChild(c)}var q="3.2.1 -ajax,-ajax/jsonp,-ajax/load,-ajax/parseXML,-ajax/script,-ajax/var/location,-ajax/var/nonce,-ajax/var/rquery,-ajax/xhr,-manipulation/_e

Chrome Cache Entry: 192

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	88
Entropy (8bit):	4.66266215475162
Encrypted:	false
SSDEEP:
MD5:	D477DF174182A0470F9AFAEC5C290AD8
SHA1:	CAF8503A920F7A1B0D6AE494203E5C84662310E0
SHA-256:	B73BF16ACB17649488318053002969001C6D12A95B100C67986A6C2B6702DA79
SHA-512:	C9CFA5238C9DD34C898C42E629CA339110C68CA2F908C8165F6AE0EF8E1D927B1DE2FE62C39E74B69CD5319415353E457771865D0F07F7F23CD343FE6FDC521F
Malicious:	false
Reputation:	unknown
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xNDkSOglOu2g3gYb-TxIFDfZbc9ISBQ0Q17E-EgUNi6_LqxIFDUN7Hc0SBQ2AwQOeEgUNuxLf5hIFDTtGmwc=?alt=proto
Preview:	Cj8KBw32W3PSGgAKBw0Q17E+GgAKBw2Lr8urGgAKBw1Dex3NGgAKBw2AwQOeGgAKBw27Et/mGgAKBw07RpsHGgA=

Chrome Cache Entry: 193

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	100
Entropy (8bit):	4.705329814320398
Encrypted:	false
SSDEEP:
MD5:	D4247C28D200F20FBD63F8A9140E2FED
SHA1:	650E6663B6C7D47A7678C3395B91BF6B84DCCD57
SHA-256:	834A67919AAFFC5EFCB8EC05A3C22ADB5681DAD8B736F0D1B7860D78F0FC29DD
SHA-512:	95413C07A4F053D16CBDDBE3D17601A2397A340815F815DA429238D6C456EFD592D54A5713857880125FB7B6C29BF15590E5550BFABAE3AD255CCAB4DC8882CC
Malicious:	false
Reputation:	unknown
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xNDkSQQl5kOK_Ehz-OhIFDfZbc9ISBQ0Q17E-EgUNi6_LqxIFDUN7Hc0SBQ2AwQOeEgUNuxLf5hIFDTtGmwcSBQ1TWkfF?alt=proto
Preview:	CkgKBw32W3PSGgAKBw0Q17E+GgAKBw2Lr8urGgAKBw1Dex3NGgAKBw2AwQOeGgAKBw27Et/mGgAKBw07RpsHGgAKBw1TWkfFGgA=

Chrome Cache Entry: 195

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	139
Entropy (8bit):	4.7040406498955765
Encrypted:	false
SSDEEP:
MD5:	3275F888E6B23C5A6E2B79DC95663AE2
SHA1:	429EC7DB5D25B8312BD88150C638293B1B3FD309
SHA-256:	80A88126612557F5C61F6CC39CA0F8770127D55B477ED38933EBBB2F385EA214
SHA-512:	EE49ABBE2E237946F865047D31C2D02B67BD02A65A6AFA3BA23A9C9263FCDDF05C4384C2B71DDF4B154BB03DE05F162C51691309E1BA05EF00D1D4E4A8CF98F8
Malicious:	false
Reputation:	unknown
URL:	https://hatmed.co.za/wp-content/plugins/elementor/assets/lib/animations/styles/fadeInRight.min.css?ver=3.24.2
Preview:	@keyframes fadeInRight{from{opacity:0;transform:translate3d(100%,0,0)}to{opacity:1;transform:none}}.fadeInRight{animation-name:fadeInRight}

Chrome Cache Entry: 197

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (5142), with no line terminators
Category:	downloaded
Size (bytes):	5146
Entropy (8bit):	4.947566349402679
Encrypted:	false
SSDEEP:
MD5:	871F63506A4DB528B45F2800932601E1
SHA1:	F891843BEB5A53C58C0F20878C7825702EF5AE49
SHA-256:	99D5027485EA4CC43F6B2A648B1A67213FABEFFAEA5F1F0B5A1D6FE9C1BADF13
SHA-512:	3A6608470403363D5A8F6F8D2BFAB8AA297DABC835C356F35BD2BC8D0319F5CC0EA437BE72D39D2B7917A932C8ADD874771B69EE2925845F4305016A620D1A50
Malicious:	false
Reputation:	unknown
URL:	https://hatmed.co.za/wp-content/themes/hello-elementor/theme.min.css?ver=3.1.1
Preview:	@charset "UTF-8";.comments-area a,.page-content a{text-decoration:underline}.alignright{float:right;margin-left:1rem}.alignleft{float:left;margin-right:1rem}.aligncenter{clear:both;display:block;margin-left:auto;margin-right:auto}.alignwide{margin-left:-80px;margin-right:-80px}.alignfull{margin-left:calc(50% - 50vw);margin-right:calc(50% - 50vw);max-width:100vw}.alignfull,.alignfull img{width:100vw}.wp-caption{margin-block-end:1.25rem;max-width:100%}.wp-caption.alignleft{margin:5px 20px 20px 0}.wp-caption.alignright{margin:5px 0 20px 20px}.wp-caption img{display:block;margin-left:auto;margin-right:auto}.wp-caption-text{margin:0}.gallery-caption{display:block;font-size:.8125rem;line-height:1.5;margin:0;padding:.75rem}.pagination{display:flex;justify-content:space-between;margin:20px auto}.sticky{position:relative;display:block}.bypostauthor{font-size:inherit}.hide{display:none!important}.post-password-form p{width:100%;display:flex;align-items:flex-end}.post-password-form [type=submit]{

Chrome Cache Entry: 198

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	169618
Entropy (8bit):	7.996679091415808
Encrypted:	true
SSDEEP:
MD5:	EA9C8C865D18968B0BFB6A64D7B2F34D
SHA1:	CAB8D1673DC1FAC9746B794D62E8E4B67B08F5B3
SHA-256:	28AD5E8BCA115ADE6769FC21403851A9EC3DBF8668FB97807F4D800A6B385788
SHA-512:	8D40CB234655DD52CB86027EC59CD5342FE982E857E05474927599776D14F7250F70E90188CB06FD3774A024B1772A12F54706056830FD96A1DFEB3C69676B13
Malicious:	false
Reputation:	unknown
URL:	https://hatmed.co.za/wp-content/uploads/2024/07/Hatmed-April-202420240418_0016-1536x1022.jpg
Preview:	RIFF....WEBPVP8X.... .........ICCPH......HLino....mntrRGB XYZ .........1..acspMSFT....IEC sRGB.......................-HP ................................................cprt...P...3desc.......lwtpt........bkpt........rXYZ........gXYZ...,....bXYZ...@....dmnd...T...pdmdd........vued...L....view.......$lumi........meas.......$tech...0....rTRC...<....gTRC...<....bTRC...<....text....Copyright (c) 1998 Hewlett-Packard Company..desc........sRGB IEC61966-2.1............sRGB IEC61966-2.1..................................................XYZ .......Q........XYZ ................XYZ ......o...8.....XYZ ......b.........XYZ ......$.........desc........IEC http://www.iec.ch............IEC http://www.iec.ch..............................................desc........IEC 61966-2.1 Default RGB colour space - sRGB............IEC 61966-2.1 Default RGB colour space - sRGB......................desc.......,Reference Viewing Condition in IEC61966-2.1...........,Reference Viewing Condition in IEC61966-2.1........

Chrome Cache Entry: 199

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 90 x 90, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	3091
Entropy (8bit):	7.924508282812185
Encrypted:	false
SSDEEP:
MD5:	6F0BBF678D50F376FBFA6451342384A0
SHA1:	5C079F4D74BBABB5395DD75B73250F1635602EFA
SHA-256:	21196B0CBB498CE03FCAEE712E74B5B14EE4747F65901C7205F8B07AA8985FB0
SHA-512:	62B64A0A24AF26DD6E60ABC23EF587D4CA88A96FF699C4F5CA38935AED02D75E5EE852C61F57159F2E89016870E424CDDAB8C393CE73BBC16BF99B590505C28C
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR...Z...Z.....8.A.....sBIT....\|.d.....bKGD.{....X.L(....IDATx..yp......C.d.,..!\|..c..@.'..d. .MCH2MKK.&M....i'm&..R.wz%..t.Ih($!.m0.18.......lI.V.............}.....{o.....Q..KQ$.3.x."...Qi..... .G8..06...v....,.Ic$..:R=..+.g..).H..>........R.9..pK.3..u.......^3i.....Y.....S...P..(..:.SP.._..._.p.....kj...=...;.-G'l..#q.D..(`.J.}....3+"u]w.[./^3\|.N...?..#.....y.PZ-..b..~.....}=.0...E...t.....!.....YH]....m.9.....V..Y.\|.....^..5.b.2....%._.c...?\....M.._.2}.^..................P..i:...4..?o.tS..3d.....1aw....BU'..H.....0T...E%.....}.;....b......`......X:..l}A....d;d?9Q"\.X.B...nam2;....z........-..Jw._.4..[.h.w.R<.(.W...r...2i..# C...V=&...H...!I).Wn..t~n.tJ.....F.......".I!.r[...i.....~.Z....F....Dy.......<F._...Q.#.}..P.,0.....e?........z..-z......{...{.0I..O/.4...O.~(.bA......x..c.A.....\.v.....FZ..-\."F;...No.>.%.,wc...J.=6&.n.!.Doe...>...8......"@.I..?~.[....r..=5q[~.zY.I.;.\E..O..].m................:.~Q._.9\|.b.>J$.V.

Chrome Cache Entry: 200

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (32965)
Category:	downloaded
Size (bytes):	33009
Entropy (8bit):	4.420322096266409
Encrypted:	false
SSDEEP:
MD5:	B8FC3D25FADC2F54729E1D43B06C7B09
SHA1:	AC065E26562FEF0E3209DDE301DF1101909BDE12
SHA-256:	6BC90FA2450396B8A680192125F96B120C779183E6E80926CADABF76440B9468
SHA-512:	6A96356B81D07628FE314F59E2B659B2D957979D130776874048BDC060934B34371AAE191D69121B3292FC0E5DFEC0C78217E738DA726AEC4D945071881C1095
Malicious:	false
Reputation:	unknown
URL:	https://hatmed.co.za/wp-content/plugins/elementor-pro/assets/css/widget-carousel.min.css?ver=3.24.1
Preview:	/! elementor-pro - v3.24.0 - 12-09-2024 /..elementor-skin-carousel .elementor-main-swiper,.elementor-skin-coverflow .elementor-main-swiper{height:230px}.elementor-skin-slideshow .elementor-main-swiper{height:450px;position:relative}.elementor-skin-slideshow .elementor-thumbnails-swiper .elementor-custom-embed-play i{font-size:50px}.elementor-skin-slideshow .elementor-thumbnails-swiper .swiper-slide{cursor:pointer}.elementor-skin-slideshow .elementor-thumbnails-swiper .swiper-slide:not(.swiper-slide-active):after{background-color:rgba(0,0,0,.3);bottom:0;content:"";left:0;position:absolute;right:0;top:0}.elementor-carousel-image{background:no-repeat 50%;background-size:cover;height:100%;position:relative}.elementor-carousel-image-overlay{align-items:center;background-color:hsla(213,9%,45%,.8);color:var(--e-carousel-image-overlay-color,#fff);display:flex;height:100%;justify-content:center;left:0;padding:20px;position:absolute;text-align:center;top:0;transition:transform .5s,opacity .5s;

Chrome Cache Entry: 204

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (4783)
Category:	downloaded
Size (bytes):	4827
Entropy (8bit):	5.078946498536547
Encrypted:	false
SSDEEP:
MD5:	C2B90D624042C3129197549FB013E583
SHA1:	8184282325D816BCD18A92181A42F693DCB02A08
SHA-256:	B983A57BC24D834B113F1A76818E03D2B336F1812389F3443C7366C8D09720EB
SHA-512:	585CE426E71EF8B30302EF96AB7DF4E0AAD0AFD05BE00803E5B048DB3CBF28D943C34DD32D9292CE2C910F55016F081E96FC58CA60166F1B4143DD6AFF56C87F
Malicious:	false
Reputation:	unknown
URL:	https://hatmed.co.za/wp-content/plugins/elementor-pro/assets/js/nav-menu.997320c05a0d163c76e8.bundle.min.js
Preview:	/! elementor-pro - v3.24.0 - 12-09-2024 /."use strict";(self.webpackChunkelementor_pro=self.webpackChunkelementor_pro\|\|[]).push([[334],{3556:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.default=void 0;t.default=class AnchorLinks{followMenuAnchors(e,t){e.each(((e,n)=>{location.pathname===n.pathname&&""!==n.hash&&this.followMenuAnchor(jQuery(n),t)}))}followMenuAnchor(e,t){const n=e[0].hash,o=t.activeAnchorItem,s=t.anchorItem,i=e.hasClass(s)?e:e.closest(`.${s}`);let r,l="300px 0px -50% 0px";try{r=jQuery(decodeURIComponent(n))}catch(e){return}if(!r.length)return;r.hasClass("elementor-menu-anchor")\|\|(l=this.calculateRootMargin(r));const h={root:null,rootMargin:l,threshold:this.buildThreshold(r)};this.createObserver(i,o,e,h).observe(r[0])}calculateRootMargin(e){const t=jQuery(window).height(),n=e.outerHeight();let o;if(n>t)o=0;else{o=(t-n)/2}return`${o}px`}buildThreshold(e){const t=jQuery(window).height(),n=e.outerHeight();let o=.5;if(n>t){o=t/2/n}return o}createObserver(e,t,

Chrome Cache Entry: 207

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	3190
Entropy (8bit):	7.932816968107493
Encrypted:	false
SSDEEP:
MD5:	08AC006C5D9934DFFFBF39850C564BA1
SHA1:	22C93BE6D29350C7A0C1ECF40485B338E9E6E692
SHA-256:	1E3B88011671361913C0249D94A4B955D50392B609E777812E722C9F04F13844
SHA-512:	D77DABF34E3727643EF1EC474DC68AA657475E964E8FBDA37AC3BB7E10733330CDD5555902A8CE4E3A76D2D007A5DC629CAF52B6630EE830D142A4B862F49A0B
Malicious:	false
Reputation:	unknown
URL:	https://hatmed.co.za/wp-content/uploads/2024/07/unnamed-3.png
Preview:	RIFFn...WEBPVP8X........Y..Y..ALPH.......m.iW#f....H...m...Ve....8k.._@D@r$I.d>.xk.\|....\....u--u_._.5..M.e.>....wjz......7..xM\|....!`E#..w..4...,V.lYU.Y..N9aGX..!R.mb.~;Ele.V....j..5.....n$....>..Y..}M.,....>.....].k.1DG-.. ....a..(.......g....=.l.......1X3.....Pk...C....9.T.l.`O.]...!K.......0=.W..%.-D5..2.#Dm.~P..Z..\|9..q...k\...z..G.....@.....\|.".U...go.+..U...\|7.\|..\|.\|..\|w.<. O1....<..O..........y........o .....^..../...dR..M.....z...q[..&...4.v.LaG...!..>.z.$.\...i.M...h..w.?).5.[.\H.......u.[....F.S....8.=..\|.ki.....y.h...VP8 4....+...Z.Z.>Q .D..!..^88....ZQ...Qw..1..7.OK;p\|.~.z..P.G......Y_.......w........>}\|.....F.w.o).}...'....m.?....>..o.y.g....D.../../...............W.`..^..?......~....'...fO9.^...*).1.j\b$Qx7lL.L..).2.....f>z....6i..}.l..X#................r._.'j!!....p .xUm...+m......!~.%i...PK.....t...6D.Sk...TH8./{...V....#........z/..N1......<.\|k(...[.....p....Z~.]+ev...wr.]`.......`7r.i..RI..8.?....T4.......`c,.Y.....t.

Chrome Cache Entry: 208

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (4272), with CRLF line terminators
Category:	downloaded
Size (bytes):	4308
Entropy (8bit):	5.148044204707682
Encrypted:	false
SSDEEP:
MD5:	AC4896325757808F81B8B69A1CC7EB11
SHA1:	098BDCEBBA4204F965DDF06090E67AE6684FB033
SHA-256:	214821A1133310FDD077E38F9F72C8AFFAA538CA03E14C9971D80F40586D81B6
SHA-512:	E17E388D0BAC2A1A93E30852AC51946C0749B85FBBF258996A3511DE562E98CAC8491090BA37D825B65B004A75F216E049CDFB2530FC9A7EB8CFD4C1EC02ADA9
Malicious:	false
Reputation:	unknown
URL:	https://hatmed.co.za/wp-includes/js/dist/hooks.min.js?ver=2810c76e705dd1a53b18
Preview:	/! This file is auto-generated /..(()=>{"use strict";var t={d:(e,n)=>{for(var r in n)t.o(n,r)&&!t.o(e,r)&&Object.defineProperty(e,r,{enumerable:!0,get:n[r]})},o:(t,e)=>Object.prototype.hasOwnProperty.call(t,e),r:t=>{"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(t,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(t,"__esModule",{value:!0})}},e={};t.r(e),t.d(e,{actions:()=>S,addAction:()=>m,addFilter:()=>p,applyFilters:()=>k,createHooks:()=>h,currentAction:()=>w,currentFilter:()=>I,defaultHooks:()=>f,didAction:()=>O,didFilter:()=>j,doAction:()=>b,doingAction:()=>x,doingFilter:()=>T,filters:()=>z,hasAction:()=>v,hasFilter:()=>y,removeAction:()=>A,removeAllActions:()=>F,removeAllFilters:()=>g,removeFilter:()=>_});const n=function(t){return"string"!=typeof t\|\|""===t?(console.error("The namespace must be a non-empty string."),!1):!!/^[a-zA-Z][a-zA-Z0-9_.\-\/]*$/.test(t)\|\|(console.error("The namespace can only contain numbers, letters, dashes, periods, under

Chrome Cache Entry: 209

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	1293
Entropy (8bit):	5.448893852817212
Encrypted:	false
SSDEEP:
MD5:	CBA4ED6C809962AC6C2A26842183B67A
SHA1:	3F8E077AFC8EF5BAB7FA626EA782DAE34D419BBE
SHA-256:	AAE65C231008861C6430EBE296C926E728C4D2CCB1492F86E42D760E9B67D9A5
SHA-512:	84894B90DDA3CA3487F3E4F87F8244C78BA726331AC3EA290F6BD64830B0A21856A42333CC4EDBBF23DC2F063C53AD71B3F41864275D874AEBD37C198AE1CBE0
Malicious:	false
Reputation:	unknown
URL:	https://fonts.googleapis.com/css?family=Archivo+Narrow&display=swap
Preview:	/* vietnamese /.@font-face {. font-family: 'Archivo Narrow';. font-style: normal;. font-weight: 400;. font-display: swap;. src: url(https://fonts.gstatic.com/s/archivonarrow/v30/tss5ApVBdCYD5Q7hcxTE1ArZ0Zz8oY2KRmwvKhhvLFG6rHmsJCQ.woff2) format('woff2');. unicode-range: U+0102-0103, U+0110-0111, U+0128-0129, U+0168-0169, U+01A0-01A1, U+01AF-01B0, U+0300-0301, U+0303-0304, U+0308-0309, U+0323, U+0329, U+1EA0-1EF9, U+20AB;.}./ latin-ext /.@font-face {. font-family: 'Archivo Narrow';. font-style: normal;. font-weight: 400;. font-display: swap;. src: url(https://fonts.gstatic.com/s/archivonarrow/v30/tss5ApVBdCYD5Q7hcxTE1ArZ0Zz8oY2KRmwvKhhvLFG6rXmsJCQ.woff2) format('woff2');. unicode-range: U+0100-02AF, U+0304, U+0308, U+0329, U+1E00-1E9F, U+1EF2-1EFF, U+2020, U+20A0-20AB, U+20AD-20C0, U+2113, U+2C60-2C7F, U+A720-A7FF;.}./ latin */.@font-face {. font-family: 'Archivo Narrow';. font-style: normal;. font-weight: 400;. font-display: swap;. src: url(https://fonts.gstatic.com

Chrome Cache Entry: 212

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	103778
Entropy (8bit):	7.993231347831261
Encrypted:	true
SSDEEP:
MD5:	6BEF1CAA2ABB33B7687E2FDA17D35E84
SHA1:	1009C26181CC4EBA6B88D661CE28907595789F7A
SHA-256:	2A8BB38F965967EEFBEDD624B84C48B899528C1331DD2FFB1FBCBCC8807FCA98
SHA-512:	5A5A1C1CE1C253729807326BED15DFC7897879C47D6333E5C53FEE74F5BD57BC6E3C7C2B272894C467BBD47214831EACC5C082E2668183A1DEA85FF25D57A6C2
Malicious:	false
Reputation:	unknown
URL:	https://hatmed.co.za/wp-content/uploads/2024/07/Hatmed-April-202420240313_0120-1536x1022.jpg
Preview:	RIFFZ...WEBPVP8X.... .........ICCPH......HLino....mntrRGB XYZ .........1..acspMSFT....IEC sRGB.......................-HP ................................................cprt...P...3desc.......lwtpt........bkpt........rXYZ........gXYZ...,....bXYZ...@....dmnd...T...pdmdd........vued...L....view.......$lumi........meas.......$tech...0....rTRC...<....gTRC...<....bTRC...<....text....Copyright (c) 1998 Hewlett-Packard Company..desc........sRGB IEC61966-2.1............sRGB IEC61966-2.1..................................................XYZ .......Q........XYZ ................XYZ ......o...8.....XYZ ......b.........XYZ ......$.........desc........IEC http://www.iec.ch............IEC http://www.iec.ch..............................................desc........IEC 61966-2.1 Default RGB colour space - sRGB............IEC 61966-2.1 Default RGB colour space - sRGB......................desc.......,Reference Viewing Condition in IEC61966-2.1...........,Reference Viewing Condition in IEC61966-2.1........

Chrome Cache Entry: 213

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (9893), with no line terminators
Category:	downloaded
Size (bytes):	9893
Entropy (8bit):	4.304837454943227
Encrypted:	false
SSDEEP:
MD5:	779852CE2900DDD3284C525F958734AA
SHA1:	7AE68825DC0B2B4B718288370EC4483F3FFF5C5C
SHA-256:	441E31C68446EC31BAB4431235061C12DE3D15433ADB04B129D30580D0049473
SHA-512:	458586B04A582B16295175810407E825B248105C3E528F2EC1DFF70CC4AA9A1850D2B667C7D83E72429DE9ED7EC10CD6E810354E7E2531216A66382AE72FD313
Malicious:	false
Reputation:	unknown
URL:	https://hatmed.co.za/wp-content/uploads/elementor/css/custom-widget-icon-list.min.css?ver=1726231692
Preview:	.elementor-widget.elementor-icon-list--layout-inline .elementor-widget-container{overflow:hidden}.elementor-widget .elementor-icon-list-items.elementor-inline-items{margin-right:-8px;margin-left:-8px}.elementor-widget .elementor-icon-list-items.elementor-inline-items .elementor-icon-list-item{margin-right:8px;margin-left:8px}.elementor-widget .elementor-icon-list-items.elementor-inline-items .elementor-icon-list-item:after{width:auto;left:auto;right:auto;position:relative;height:100%;border-top:0;border-bottom:0;border-right:0;border-left-width:1px;border-style:solid;right:-8px}.elementor-widget .elementor-icon-list-items{list-style-type:none;margin:0;padding:0}.elementor-widget .elementor-icon-list-item{margin:0;padding:0;position:relative}.elementor-widget .elementor-icon-list-item:after{position:absolute;bottom:0;width:100%}.elementor-widget .elementor-icon-list-item,.elementor-widget .elementor-icon-list-item a{display:flex;font-size:inherit;align-items:var(--icon-vertical-align,ce

Chrome Cache Entry: 214

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (7025), with no line terminators
Category:	downloaded
Size (bytes):	7025
Entropy (8bit):	4.442441384316686
Encrypted:	false
SSDEEP:
MD5:	CFA1B0CC3BEF2A255824F5F474878213
SHA1:	C43E45C2A62517008FAFA19D67D7AE243FC8CC0E
SHA-256:	3913695714C66C8475F8A3E3AF033AD1772CAB8F14D028FBC84012D8F9FB7472
SHA-512:	F1F2F55B3ABCDB23267658A68D35CEDDE7DA70F81595D9BC421257C049CA6D32C35248F57C435A9CF2B5CDB55EE27A00233EBD74CEC8C989AB2DE031728B9F09
Malicious:	false
Reputation:	unknown
URL:	https://hatmed.co.za/wp-content/plugins/elementor/assets/css/conditionals/apple-webkit.min.css?ver=3.24.2
Preview:	.e--ua-appleWebkit.rtl{--flex-right:flex-start}.e--ua-appleWebkit .elementor-share-buttons--align-right,.e--ua-appleWebkit .elementor-widget-social-icons.e-grid-align-right{--justify-content:var(--flex-right,flex-end)}.e--ua-appleWebkit .elementor-share-buttons--align-center,.e--ua-appleWebkit .elementor-widget-social-icons.e-grid-align-center{--justify-content:center}.e--ua-appleWebkit .elementor-grid-0.elementor-share-buttons--align-center .elementor-grid,.e--ua-appleWebkit .elementor-grid-0.elementor-share-buttons--align-justify .elementor-grid,.e--ua-appleWebkit .elementor-grid-0.elementor-share-buttons--align-right .elementor-grid,.e--ua-appleWebkit .elementor-grid-0.elementor-widget-social-icons.e-grid-align-center .elementor-grid,.e--ua-appleWebkit .elementor-grid-0.elementor-widget-social-icons.e-grid-align-right .elementor-grid{width:auto;display:flex;flex-wrap:wrap;justify-content:var(--justify-content,space-between);margin-left:calc(-.5 * var(--grid-column-gap));margin-right

Chrome Cache Entry: 215

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 90 x 90, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	14983
Entropy (8bit):	7.976115736999143
Encrypted:	false
SSDEEP:
MD5:	20FE56A782FF946B8D1C5389C8668B2A
SHA1:	A30A70D00AE9CDF16AE20DDC261E62D580F53C2F
SHA-256:	6F5C49B92528B37610CB058C388D103B14E81BBCEF11FAF821FF00817D99BD2C
SHA-512:	1ED9C5ACDFF143A05BF8293B565BD8A1AF2FDB615BA1D92C6FB20D871862DD8E1E3F1EEC1EF04CAD0749D232B468D6AB99890F345FE7730F915157331250B4D7
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR...Z...Z.....8.A.....sBIT....\|.d...._zTXtRaw profile type APP1.....JO.K-.LV((.O..I.R..c...K.K.D......04006..F@.9T(..........Y..)....O..h.-... .IDATx..w.eWu..]{..nz..^.T.R..BH(..B.#...d......m.i>v..i.?.....p.c.'0..X.I.A..B(".......s....>..W@...[.[..{7....k..o.......V..;I/.Nr.f..S......j:G.4. 8B9 t......E.y.3'..~....'...e.M...`......p..u...p..2.>............S.u...D..,=C..'...u....z.....o.".>?.....^.=..........J..v....v...{.S.w.h..;M.f......T..A.G....c,.<.;...?D.d@.hv1.{.......G.Q...}..l.6.......o.A..9.M...../...~.W.....y.....B...\..q.E..8..J..(.Y...P.D....VO.s..G8.......D.+vr.w.t.....7......}7t...L....6e.]........W_O....G.>.. .........#..._....@D..M.F.`.G......._...3.i.~......*.....o..P72../g....]..\.r.....yW\.S-BU.. ....8...#....2?...C.Y[.......9.V..M...033C..@TtS.... FC..Wz<q..\|....+O.I.I.&.>..?.......^@..._..+..t...7p./.{v<.2.....j...Wb......~..GO.G..K_..'.x...T.'..Ji....m.s$.fjr.m.r..gs...w.^:3.....B...yO..!h..}.....

Chrome Cache Entry: 216

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (7993)
Category:	downloaded
Size (bytes):	12704
Entropy (8bit):	4.667444768904626
Encrypted:	false
SSDEEP:
MD5:	197055446F00FB3A8E46686A284F83CF
SHA1:	5DA240D5538A509D5AEE5B5D4A0FCA99E879165A
SHA-256:	22C0BBAE23F1D10433AA489B2EDA9CB9B4EABE1581FF511B3FAA102FD4DF22B1
SHA-512:	DBB86F3CEE71852A739BE69D1FCE3F45CECA3DD109820199AF6F9E9E50FDFD9E06B79178D48BC6843F55CF6C86AD0FC3E293ADD830C27D0712CB7683FD0B1E32
Malicious:	false
Reputation:	unknown
URL:	https://hatmed.co.za/wp-content/uploads/elementor/css/post-30.css?ver=1726231693
Preview:	.elementor-30 .elementor-element.elementor-element-123bcfad{--display:flex;--flex-direction:row;--container-widget-width:initial;--container-widget-height:100%;--container-widget-flex-grow:1;--container-widget-align-self:stretch;--flex-wrap-mobile:wrap;--justify-content:space-between;--gap:0px 0px;--flex-wrap:wrap;--background-transition:0.3s;box-shadow:0px 3px 20px 0px rgba(0, 0, 0, 0.2);--padding-top:0em;--padding-bottom:0em;--padding-left:0em;--padding-right:0em;--z-index:99;}.elementor-30 .elementor-element.elementor-element-123bcfad:not(.elementor-motion-effects-element-type-background), .elementor-30 .elementor-element.elementor-element-123bcfad > .elementor-motion-effects-container > .elementor-motion-effects-layer{background-color:var( --e-global-color-text );}.elementor-30 .elementor-element.elementor-element-123bcfad, .elementor-30 .elementor-element.elementor-element-123bcfad::before{--border-transition:0.3s;}.elementor-30 .elementor-element.elementor-element-35bc124a{--disp

Chrome Cache Entry: 217

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (4957)
Category:	dropped
Size (bytes):	4997
Entropy (8bit):	5.398115433358944
Encrypted:	false
SSDEEP:
MD5:	B609EEB25056BA6F30A9F7455183F8A3
SHA1:	AF5F01DB81474C545BD0BF902AAB89B9F7CB54A2
SHA-256:	41A40B4593DDE60ED6AB70B6CC1073FF34AC7B7B7668897B738BAA0989DD7B1F
SHA-512:	BA9061847BFE4E5A9474209994D0085569AAE9BFF6A545B6D7337174ACC1DAEC84448B7EB373994174E603E493ED5335CCE65FCBA0534F93C18AF6ACB017EFCF
Malicious:	false
Reputation:	unknown
Preview:	/! elementor - v3.24.0 - 13-09-2024 /.(()=>{"use strict";var e,r,_,t,a,i={},n={};function __webpack_require__(e){var r=n[e];if(void 0!==r)return r.exports;var _=n[e]={exports:{}};return i[e].call(_.exports,_,_.exports,__webpack_require__),_.exports}__webpack_require__.m=i,e=[],__webpack_require__.O=(r,_,t,a)=>{if(!_){var i=1/0;for(u=0;u<e.length;u++){for(var[_,t,a]=e[u],n=!0,c=0;c<_.length;c++)(!1&a\|\|i>=a)&&Object.keys(__webpack_require__.O).every((e=>__webpack_require__.O[e](_[c])))?_.splice(c--,1):(n=!1,a<i&&(i=a));if(n){e.splice(u--,1);var o=t();void 0!==o&&(r=o)}}return r}a=a\|\|0;for(var u=e.length;u>0&&e[u-1][2]>a;u--)e[u]=e[u-1];e[u]=[_,t,a]},_=Object.getPrototypeOf?e=>Object.getPrototypeOf(e):e=>e.__proto__,__webpack_require__.t=function(e,t){if(1&t&&(e=this(e)),8&t)return e;if("object"==typeof e&&e){if(4&t&&e.__esModule)return e;if(16&t&&"function"==typeof e.then)return e}var a=Object.create(null);__webpack_require__.r(a);var i={};r=r\|\|[null,_({}),_([]),_(_)];for(var n=2&t&&e;

Chrome Cache Entry: 219

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (42747)
Category:	dropped
Size (bytes):	42791
Entropy (8bit):	5.2017457997717935
Encrypted:	false
SSDEEP:
MD5:	6E4AF03A0AC58A64C2D7E4FA820608F3
SHA1:	03A7324585C04FBDC12D9C43923E068A209119F9
SHA-256:	CC4558E6D16A0BFA5D945BA904869E8F2C974E2C8220B308A2582B577C87625A
SHA-512:	5BFA8A763AB2CB3A26AB6B5EEC5330E14F37AAF8315548CF06C24C1BE323C595050E15A0B789A289253DB62C67824F4B01EA1B54736A2154F71B55E0C7A03815
Malicious:	false
Reputation:	unknown
Preview:	/! elementor-pro - v3.24.0 - 12-09-2024 /."use strict";(self.webpackChunkelementor_pro=self.webpackChunkelementor_pro\|\|[]).push([[624],{2371:(e,t,n)=>{var s=n(6784),o=s(n(6137)),r=s(n(7371)),l=s(n(3746)),i=s(n(6238)),a=s(n(4286)),d=s(n(4043)),u=s(n(1750)),c=s(n(4486)),m=s(n(1459)),h=s(n(8534)),g=s(n(6034)),f=s(n(6075)),p=s(n(570)),_=s(n(9302)),v=s(n(6302)),b=s(n(7492)),y=s(n(8241)),F=s(n(325)),M=s(n(7467)),w=s(n(1953)),S=s(n(282)),H=s(n(2969)),O=s(n(5355)),E=s(n(8945));const extendDefaultHandlers=e=>({...e,...{animatedText:o.default,carousel:r.default,countdown:l.default,hotspot:i.default,form:a.default,gallery:d.default,lottie:u.default,nav_menu:c.default,popup:m.default,posts:h.default,share_buttons:g.default,slides:f.default,social:p.default,themeBuilder:v.default,themeElements:b.default,woocommerce:y.default,tableOfContents:_.default,loopBuilder:F.default,megaMenu:M.default,nestedCarousel:w.default,taxonomyFilter:S.default,offCanvas:H.default,contactButtons:O.default,search:E.def

Chrome Cache Entry: 220

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (17560), with no line terminators
Category:	downloaded
Size (bytes):	17560
Entropy (8bit):	4.880757859529701
Encrypted:	false
SSDEEP:
MD5:	3296EB1FF9C17D861F52A7399AED8C50
SHA1:	44F6821F66A96684AF3EA21DD8FEE85D9422E5F7
SHA-256:	3839D7ED736CBC5807E6AD8C1791F930ACBE1EC84B77E4816794F1B84DB40F81
SHA-512:	3E5B5C789786F43355B166D14D71DC6A5810EE0C0064F7D5AC0E501D719E968AFCE6A00D8625A8F13B9BEEBE3EB6465807E76F02243B0275214085F21E5D3426
Malicious:	false
Reputation:	unknown
URL:	https://hatmed.co.za/wp-content/uploads/elementor/css/post-14.css?ver=1726231692
Preview:	.elementor-kit-14{--e-global-color-secondary:#323746;--e-global-color-primary:#6C717F;--e-global-color-text:#FFFFFF;--e-global-color-accent:#FFFFFF2B;--e-global-color-d49ac81:#D0292A;--e-global-color-332724a:#902829;--e-global-color-4d462f5:#DCDCDE;--e-global-color-cfa1f76:#F3F3F4;--e-global-color-7fbea4f:#FFEEEE;--e-global-color-c94d9ab:#FFCACB;--e-global-color-044b931:#323746;--e-global-color-638d055:#323746;--e-global-color-a2c0d56:#D0292A;--e-global-color-ec3c7a7:#902829;--e-global-typography-primary-font-family:"Comfortaa";--e-global-typography-primary-font-size:48px;--e-global-typography-primary-font-weight:700;--e-global-typography-primary-line-height:1.2em;--e-global-typography-primary-letter-spacing:-1px;--e-global-typography-secondary-font-family:"Comfortaa";--e-global-typography-secondary-font-size:39px;--e-global-typography-secondary-font-weight:700;--e-global-typography-secondary-line-height:1.2em;--e-global-typography-secondary-letter-spacing:-0.5px;--e-global-typography-

Chrome Cache Entry: 222

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	9142
Entropy (8bit):	5.298544767363396
Encrypted:	false
SSDEEP:
MD5:	741738B3052208C2ECF925C164295E77
SHA1:	2DDAAB766AF85575DDC6AF68C0F721119A7C68A1
SHA-256:	6AD85642C1DBB98C5ABBB13506184CAF82659D62D43D01CAF7189AC012C31AF8
SHA-512:	836A8A5645126D7215D7B6AFA55D087D3B1C6269BC316AD9A6D9E0EEBEF121BF9B0BEC70B8826A2F6CDB303C7880DEF76DA5BFC8E681A6438A64193C3984D83A
Malicious:	false
Reputation:	unknown
Preview:	/! This file is auto-generated /..(()=>{var t={2058:(t,e,r)=>{var n;!function(){"use strict";var i={not_string:/[^s]/,not_bool:/[^t]/,not_type:/[^T]/,not_primitive:/[^v]/,number:/[diefg]/,numeric_arg:/[bcdiefguxX]/,json:/[j]/,not_json:/[^j]/,text:/^[^\x25]+/,modulo:/^\x25{2}/,placeholder:/^\x25(?:([1-9]\d)\$\|$([^)]+)$)?(\+)?(0\|'[^$])?(-)?(\d+)?(?:\.(\d+))?([b-gijostTuvxX])/,key:/^([a-z_][a-z_\d])/i,key_access:/^\.([a-z_][a-z_\d]*)/i,index_access:/^\[(\d+)\]/,sign:/^[+-]/};function a(t){return function(t,e){var r,n,o,s,l,u,p,c,f,d=1,h=t.length,g="";for(n=0;n<h;n++)if("string"==typeof t[n])g+=t[n];else if("object"==typeof t[n]){if((s=t[n]).keys)for(r=e[d],o=0;o<s.keys.length;o++){if(null==r)throw new Error(a('[sprintf] Cannot access property "%s" of undefined value "%s"',s.keys[o],s.keys[o-1]));r=r[s.keys[o]]}else r=s.param_no?e[s.param_no]:e[d++];if(i.not_type.test(s.type)&&i.not_primitive.test(s.type)&&r instanceof Function&&(r=r()),i.numeric_arg.test(s.type)&&"number"!=typeof r&

Chrome Cache Entry: 225

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65325)
Category:	downloaded
Size (bytes):	144877
Entropy (8bit):	5.049937202697915
Encrypted:	false
SSDEEP:
MD5:	450FC463B8B1A349DF717056FBB3E078
SHA1:	895125A4522A3B10EE7ADA06EE6503587CBF95C5
SHA-256:	2C0F3DCFE93D7E380C290FE4AB838ED8CADFF1596D62697F5444BE460D1F876D
SHA-512:	93BF1ED5F6D8B34F53413A86EFD4A925D578C97ABC757EA871F3F46F340745E4126C48219D2E8040713605B64A9ECF7AD986AA8102F5EA5ECF9228801D962F5D
Malicious:	false
Reputation:	unknown
URL:	https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
Preview:	/!. Bootstrap v4.0.0 (https://getbootstrap.com). * Copyright 2011-2018 The Bootstrap Authors. * Copyright 2011-2018 Twitter, Inc.. * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE). /:root{--blue:#007bff;--indigo:#6610f2;--purple:#6f42c1;--pink:#e83e8c;--red:#dc3545;--orange:#fd7e14;--yellow:#ffc107;--green:#28a745;--teal:#20c997;--cyan:#17a2b8;--white:#fff;--gray:#6c757d;--gray-dark:#343a40;--primary:#007bff;--secondary:#6c757d;--success:#28a745;--info:#17a2b8;--warning:#ffc107;--danger:#dc3545;--light:#f8f9fa;--dark:#343a40;--breakpoint-xs:0;--breakpoint-sm:576px;--breakpoint-md:768px;--breakpoint-lg:992px;--breakpoint-xl:1200px;--font-family-sans-serif:-apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,"Helvetica Neue",Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";--font-family-monospace:SFMono-Regular,Menlo,Monaco,Consolas,"Liberation Mono","Courier New",monospace},::after,::before{box-sizing:border-box}html{font-family:sans

Chrome Cache Entry: 227

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1436), with no line terminators
Category:	downloaded
Size (bytes):	1436
Entropy (8bit):	5.7817331466703425
Encrypted:	false
SSDEEP:
MD5:	121BB7925F663EB77693E01DC0A697FF
SHA1:	AA0735608173176E8BF8A56ED64DD0EDEB9A1731
SHA-256:	682B88F0F1FD5BF42172003133508163FF6E590471E29E305417FF645123B95B
SHA-512:	F950105656DA1BA0FFE02D6AB7E4970C7ED090C4F3FC3C38735B7282C28E45BD5FD72F71494AA5F8BAB797752126E7E2CE87AA0844C6BF093201569DAF79C361
Malicious:	false
Reputation:	unknown
URL:	https://www.google.com/recaptcha/api.js?render=explicit&ver=3.24.1
Preview:	/* PLEASE DO NOT COPY AND PASTE THIS CODE. */(function(){var w=window,C='___grecaptcha_cfg',cfg=w[C]=w[C]\|\|{},N='grecaptcha';var gr=w[N]=w[N]\|\|{};gr.ready=gr.ready\|\|function(f){(cfg['fns']=cfg['fns']\|\|[]).push(f);};w['__recaptcha_api']='https://www.google.com/recaptcha/api2/';(cfg['render']=cfg['render']\|\|[]).push('explicit');w['__google_recaptcha_client']=true;var d=document,po=d.createElement('script');po.type='text/javascript';po.async=true; po.charset='utf-8';var v=w.navigator,m=d.createElement('meta');m.httpEquiv='origin-trial';m.content='A/kargTFyk8MR5ueravczef/wIlTkbVk1qXQesp39nV+xNECPdLBVeYffxrM8TmZT6RArWGQVCJ0LRivD7glcAUAAACQeyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IkRpc2FibGVUaGlyZFBhcnR5U3RvcmFnZVBhcnRpdGlvbmluZzIiLCJleHBpcnkiOjE3NDIzNDIzOTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9';if(v&&v.cookieDeprecationLabel){v.cookieDeprecationLabel.getValue().then(function(l){if(l!=='treatment_1.1'&&l!=='treatment_1.2'&&l!=='control_1.1'){d.head.prepend(

Chrome Cache Entry: 228

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 2000x1333, components 3
Category:	dropped
Size (bytes):	75773
Entropy (8bit):	7.508919190379391
Encrypted:	false
SSDEEP:
MD5:	45413A08138573E4EB841EE191101103
SHA1:	FD4188B07232A794607AB41766E2C2B38D1D2EFD
SHA-256:	DD95910C3C7B1AB2CBEC54DEB1C975D8182864D9E37B12FBFEEDB413E1DDD2D9
SHA-512:	7C40F693B335AB61B03055ABE5933355BCA92D8C049FFEB46F7CF31CAB7D1895931D5C69F3E0F4DE586475791D0DD63FD74F18A431DC2305401716CA793D309B
Malicious:	false
Reputation:	unknown
Preview:	......JFIF.....H.H.....@ICC_PROFILE......0ADBE....mntrRGB XYZ ............acspAPPL....none...........................-ADBE................................................cprt.......2desc...0...kwtpt........bkpt........rTRC........gTRC........bTRC........rXYZ........gXYZ........bXYZ........text....Copyright 1999 Adobe Systems Incorporated...desc........Adobe RGB (1998)................................................................................XYZ .......Q........XYZ ................curv.........3..curv.........3..curv.........3..XYZ ..........O.....XYZ ......4....,....XYZ ......&1.../.......C....................................................................C.......................................................................5...."...........................................................................B,5.lM`..k".iL...`gY..II.d.....Q(..k#I.#T.p...4. ...,.X4..@.BM.....(.......6....gx .t".g.2.gC7C.;.0.jt..<{p0.o4..T... k#.........k...y...g...d.z..>........O....3.{N=...\

Chrome Cache Entry: 229

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (26748), with no line terminators
Category:	downloaded
Size (bytes):	26749
Entropy (8bit):	4.562182384000658
Encrypted:	false
SSDEEP:
MD5:	33E3EB7CC181A6EC9D28FFDE46BF8E7D
SHA1:	1070A7B6996CF8B629E3926C1200B4FD589D4C0C
SHA-256:	226AA1765F58C4E6DD4ED9485F452750B2B639AA8EA89DD29BF9E46D00801B09
SHA-512:	094CD1688225C0E57D97254413A53E3032B258282714A0CEA4D317CD90CA1B067F41A5B90DDE885F5995BE8AC70C27E0B437101D149FD46F56811988DC1AF53D
Malicious:	false
Reputation:	unknown
URL:	https://hatmed.co.za/wp-content/uploads/elementor/css/custom-pro-widget-nav-menu.min.css?ver=1726231692
Preview:	@charset "UTF-8";.site-main .menu-navigation-container{overflow:visible}.elementor-item:after,.elementor-item:before{display:block;position:absolute;transition:.3s;transition-timing-function:cubic-bezier(.58,.3,.005,1)}.elementor-item:not(:hover):not(:focus):not(.elementor-item-active):not(.highlighted):after,.elementor-item:not(:hover):not(:focus):not(.elementor-item-active):not(.highlighted):before{opacity:0}.elementor-item-active:after,.elementor-item-active:before,.elementor-item.highlighted:after,.elementor-item.highlighted:before,.elementor-item:focus:after,.elementor-item:focus:before,.elementor-item:hover:after,.elementor-item:hover:before{transform:scale(1)}.e--pointer-double-line .elementor-item:after,.e--pointer-double-line .elementor-item:before,.e--pointer-overline .elementor-item:after,.e--pointer-overline .elementor-item:before,.e--pointer-underline .elementor-item:after,.e--pointer-underline .elementor-item:before{background-color:#3f444b;height:3px;left:0;width:100%;z-

Chrome Cache Entry: 230

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (11550), with no line terminators
Category:	downloaded
Size (bytes):	11550
Entropy (8bit):	4.560146796050053
Encrypted:	false
SSDEEP:
MD5:	43296839B6DEC778C11BDFF5CF62DEC5
SHA1:	A0923658AE3450B13535B5DCC336390C0AE6A156
SHA-256:	D260F414E86DFE7E4FD68368C803B3968A84DEE12A6C9D625040A55152918930
SHA-512:	B7386EDB7AB78200AA8EFC0556E64973E29A6C850284EDFF94D886B550C38B0864CD3062D8899ECF7808A63E53BF37C4079C267589F3D10A8A7D068AE66AB97D
Malicious:	false
Reputation:	unknown
URL:	https://hatmed.co.za/wp-content/uploads/elementor/css/custom-pro-widget-call-to-action.min.css?ver=1726231692
Preview:	.elementor-cta,.elementor-widget-call-to-action .elementor-widget-container{overflow:hidden}.elementor-cta{display:flex;position:relative;transition:.5s}.elementor-cta--skin-classic .elementor-cta{flex-wrap:wrap}.elementor-cta--skin-classic .elementor-cta__bg-wrapper{min-height:200px;position:relative;width:100%}.elementor-cta--skin-classic .elementor-cta__content{background-color:#f9fafa;transition:all .4s;width:100%}.elementor-cta--skin-classic .elementor-cta__content-item,.elementor-cta--skin-classic .elementor-cta__content-item .elementor-icon{border-color:#3f444b;color:#3f444b;fill:#3f444b}.elementor-cta--skin-classic .elementor-cta__button.elementor-button{border-color:#3f444b;color:#3f444b}.elementor-cta--skin-cover .elementor-cta{display:block}.elementor-cta--skin-cover .elementor-cta__bg-wrapper{bottom:0;left:0;position:absolute;right:0;top:0;transition:all .4s;width:100%}.elementor-cta--skin-cover .elementor-cta__content{min-height:280px}.elementor-cta--skin-cover .elementor-

Chrome Cache Entry: 231

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	271751
Entropy (8bit):	5.0685414131801165
Encrypted:	false
SSDEEP:
MD5:	6A07DA9FAE934BAF3F749E876BBFDD96
SHA1:	46A436EBA01C79ACDB225757ED80BF54BAD6416B
SHA-256:	D8AA24ECC6CECB1A60515BC093F1C9DA38A0392612D9AB8AE0F7F36E6EEE1FAD
SHA-512:	E525248B09A6FB4022244682892E67BBF64A3E875EB889DB43B0A24AB4A75077B5D5D26943CA382750D4FEBC3883193F3BE581A4660065B6FC7B5EC20C4A044B
Malicious:	false
Reputation:	unknown
Preview:	/!. jQuery JavaScript Library v3.3.1. * https://jquery.com/. . Includes Sizzle.js. * https://sizzlejs.com/. . Copyright JS Foundation and other contributors. * Released under the MIT license. * https://jquery.org/license. . Date: 2018-01-20T17:24Z. */.( function( global, factory ) {..."use strict";...if ( typeof module === "object" && typeof module.exports === "object" ) {....// For CommonJS and CommonJS-like environments where a proper `window`...// is present, execute the factory and get jQuery....// For environments that do not have a `window` with a `document`...// (such as Node.js), expose a factory as module.exports....// This accentuates the need for the creation of a real `window`....// e.g. var jQuery = require("jquery")(window);...// See ticket #14549 for more info....module.exports = global.document ?....factory( global, true ) :....function( w ) {.....if ( !w.document ) {......throw new Error( "jQuery requires a window with a document" );.....}.....return factor

Chrome Cache Entry: 233

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	downloaded
Size (bytes):	124837
Entropy (8bit):	4.4798601298691025
Encrypted:	false
SSDEEP:
MD5:	9323FD320E12C4D0D865A254138147D4
SHA1:	93218FBF674488BE2FECCEBF36055C6FC1D8A1EE
SHA-256:	49EBAF0BFAD5AAF0C66DE0BB84A2C7D1E32F33ADD8D6CB75897AE56CB07BCDA9
SHA-512:	CB338E09174455CEA49D9967CC4D7CE230AE0D9D6D9F5484D630C3FA5C315D8F8E1104A8CFC9A1181A5974CFE6C01E2A7A0EC1DADA425C480200841F77F6E241
Malicious:	false
Reputation:	unknown
URL:	https://hatmed.co.za/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/css/ekiticons.css?ver=3.2.7
Preview:	@font-face{font-family:elementskit;src:url(../fonts/elementskit.woff?y24e1e) format("woff");font-weight:400;font-style:normal;font-display:swap}.ekit-wid-con .fasicon,.ekit-wid-con .icon,.ekit-wid-con .icon::before,.fasicon,.icon,.icon::before{font-family:elementskit!important;speak:none;font-style:normal;font-weight:400;font-variant:normal;text-transform:none;line-height:1;-webkit-font-smoothing:antialiased;-moz-osx-font-smoothing:grayscale}.ekit-wid-con .fasicon.icon-home::before,.ekit-wid-con .icon.icon-home::before,.icon.icon-home::before{content:"\e800"}.ekit-wid-con .fasicon.icon-advanced-slider::before,.ekit-wid-con .icon.icon-advanced-slider::before,.icon.icon-advanced-slider::before{content:"\e9c8"}.ekit-wid-con .fasicon.icon-image-box::before,.ekit-wid-con .icon.icon-image-box::before,.icon.icon-image-box::before{content:"\ebd1"}.ekit-wid-con .fasicon.icon-image-swap::before,.ekit-wid-con .icon.icon-image-swap::before,.icon.icon-image-swap::before{content:"\eba4"}.ekit-wid-co

Chrome Cache Entry: 235

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	250
Entropy (8bit):	4.473306926218394
Encrypted:	false
SSDEEP:
MD5:	628C7A04E1F47D023E7AC10C1F40D803
SHA1:	5CC0A8273B011CF7D3B6597DD6203167C6EC67B2
SHA-256:	ACEE794E6DFAEED4916CBF31F5C8FC2FE5C4F5142E7A41255CBCDE5A4657AD98
SHA-512:	4886B21ED1ED2EB9839D6B73B27E25D5D169253A5B0CA80F7FB51AFEDA20E1FA3848677A702BE3C36C89E2AAFB0B968BF3AEB61A4B3D1A1BCFB9E076048740CE
Malicious:	false
Reputation:	unknown
URL:	https://hatmed.co.za/wp-content/plugins/elementor/assets/lib/animations/styles/e-animation-bounce-in.min.css?ver=3.24.2
Preview:	.elementor-animation-bounce-in{transition-duration:.5s}.elementor-animation-bounce-in:active,.elementor-animation-bounce-in:focus,.elementor-animation-bounce-in:hover{transform:scale(1.2);transition-timing-function:cubic-bezier(0.47,2.02,0.31,-0.36)}

Chrome Cache Entry: 236

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=10, manufacturer=NIKON CORPORATION, model=NIKON D4, xresolution=162, yresolution=170, resolutionunit=2, software=Adobe Photoshop Camera Raw 16.2.1 (Macintosh), datetime=2024:04:24 12:59:26], baseline, precision 8, 1536x1022, components 3
Category:	dropped
Size (bytes):	290759
Entropy (8bit):	7.940298142373961
Encrypted:	false
SSDEEP:
MD5:	602DF3FE354A022A09E5316C8F821C02
SHA1:	242AF179C6339CEE048DDE87009141077F451773
SHA-256:	0730F2ABAE9E8F665A6CB6F93E8763FDE5DD7D8BFF29DD1462FD55D67D0C283D
SHA-512:	4E373AEEF07383C618075961790FFB2912699793BF8DF9E016475544F06ECEC668E7B98DBC9A7629F72B6DE1A058AB129FE73ABB0FD2B88EE667929F76E9F22C
Malicious:	false
Reputation:	unknown
Preview:	......JFIF.....,.,....;.Exif..II.......................................................(...........1...........2...........;.......................i.......(.......NIKON CORPORATION.NIKON D4..,.......,.......Adobe Photoshop Camera Raw 16.2.1 (Macintosh).2024:04:24 12:59:26.Martin Short Photography..Martin Short Photography..)....................."..."...........'.......2...0...................0231...................>...........R...........Z...........b...........j...........r...............................................z...........501.........501.....................................................................................................................................................................................................................................1...........2...........4...............................2024:04:18 06:35:13.2024:04:18 06:35:13.+02:00..H.2.@B...................................q.......q......................2042886.................................

Chrome Cache Entry: 237

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 90 x 90, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	2162
Entropy (8bit):	7.859088913837317
Encrypted:	false
SSDEEP:
MD5:	33AF7E07BB116A71950354372C26EFFE
SHA1:	05C5D38C96458EDAF667066225D2FEF1C7CCC83F
SHA-256:	3C58868E340FE9698D9A5A9A1277C2EAFFCD1054B95CEBD81793A9FC7B686BE1
SHA-512:	3F9CD4781BD673198406DF18477093E04D88252C57EFC48E1AE52E431791108FCCF629EFAB568F95E2ABF247C40243C856DF69C3F497522C6A8975ACCE5DC27D
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR...Z...Z.....8.A.....sBIT....\|.d.....bKGD...M.@...\|....IDATx..}l.g......oq.w.yi.,.2...h.4.$.J...?F...P.......4..B.MC. &...T....Z$...[.m..Y...q.7v.r....?...I..\|.s...{~.......9....Pj..m0..`6...o.^...Fm.M.A...@2.#..C...x...4..8.[.F....V./.@...X..p...a{......fI.....e...b......I.D......9.T..A.X.1#.O...{.........M...V..\.G`5=Z.q.....i....-.T1...h..V.q4...Zm.}.\|..EL..Og~.D",.Pr.Mag.k....(..q...C.=....k.y.n.~.m.C.k.%.\D.1.x.s..K.ZZ...&t.....C..-6...ap..xa^.....P.<.....Q..J..>....Tg7-E.tn.........\|P...U}.4e....B..vF3.'v.....T.BJ....>.>.D...B..fc'.;..dxHt...R.:..}......Y.bO.9h....[.6:.....E....6.^...'4jk.}I ..a...E...F.5.....t.{`M.....{:?.^.O..f4U..8..M..a.7....(J.k..~...L............yn..;.A}.s.E........r.....#x..uI..H....E..f..5.~.a.`..A.t.s....{.{.....I.9.c....9.e...D.&.O...#.....E....Px.a..z_..F.T....0.ik.......j.d.D*....D......j...T.=n.T.....C...p...dl..f....M.........4..Mh.?Z4Q.......e.....i]......Bc...3.4.PTA.\|...`G

Chrome Cache Entry: 239

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (50758)
Category:	downloaded
Size (bytes):	51039
Entropy (8bit):	5.247253437401007
Encrypted:	false
SSDEEP:
MD5:	67176C242E1BDC20603C878DEE836DF3
SHA1:	27A71B00383D61EF3C489326B3564D698FC1227C
SHA-256:	56C12A125B021D21A69E61D7190CEFA168D6C28CE715265CEA1B3B0112D169C4
SHA-512:	9FA75814E1B9F7DB38FE61A503A13E60B82D83DB8F4CE30351BD08A6B48C0D854BAF472D891AF23C443C8293380C2325C7B3361B708AF9971AA0EA09A25CDD0A
Malicious:	false
Reputation:	unknown
URL:	https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
Preview:	/!. Bootstrap v4.1.3 (https://getbootstrap.com/). * Copyright 2011-2018 The Bootstrap Authors (https://github.com/twbs/bootstrap/graphs/contributors). * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE). */.!function(t,e){"object"==typeof exports&&"undefined"!=typeof module?e(exports,require("jquery"),require("popper.js")):"function"==typeof define&&define.amd?define(["exports","jquery","popper.js"],e):e(t.bootstrap={},t.jQuery,t.Popper)}(this,function(t,e,h){"use strict";function i(t,e){for(var n=0;n<e.length;n++){var i=e[n];i.enumerable=i.enumerable\|\|!1,i.configurable=!0,"value"in i&&(i.writable=!0),Object.defineProperty(t,i.key,i)}}function s(t,e,n){return e&&i(t.prototype,e),n&&i(t,n),t}function l(r){for(var t=1;t<arguments.length;t++){var o=null!=arguments[t]?arguments[t]:{},e=Object.keys(o);"function"==typeof Object.getOwnPropertySymbols&&(e=e.concat(Object.getOwnPropertySymbols(o).filter(function(t){return Object.getOwnPropertyDescriptor(o,t).enum

Chrome Cache Entry: 240

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	78437
Entropy (8bit):	5.487830108756168
Encrypted:	false
SSDEEP:
MD5:	9B4D85341FEDC49ACEEE15B767CE5081
SHA1:	7B320713082A4C780E9D12F2063D160AB0B55B61
SHA-256:	F1C521740F081B9B3FEAFCF361B22A25E9274A5842CC77B07B04F3D9D56DD9EA
SHA-512:	7D44D1F68F4243DB6E93D3B75E40B5912E3032887C164F2A0657AB300D379D1C5A2A787DDA708B1E5BD487F356E65C477511EE62826AA7853FBB1C89B46F8D0E
Malicious:	false
Reputation:	unknown
URL:	https://fonts.googleapis.com/css?family=Comfortaa%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CInter%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CArchivo%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CArchivo+Black%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.6.2
Preview:	/* vietnamese /.@font-face {. font-family: 'Archivo';. font-style: italic;. font-weight: 100;. font-stretch: 100%;. font-display: swap;. src: url(https://fonts.gstatic.com/s/archivo/v19/k3kBo8UDI-1M0wlSfdzyIEkpwTM29hr-8mTYCx-muLRm.woff2) format('woff2');. unicode-range: U+0102-0103, U+0110-0111, U+0128-0129, U+0168-0169, U+01A0-01A1, U+01AF-01B0, U+0300-0301, U+0303-0304, U+0308-0309, U+0323, U+0329, U+1EA0-1EF9, U+20AB;.}./ latin-ext /.@font-face {. font-family: 'Archivo';. font-style: italic;. font-weight: 100;. font-stretch: 100%;. font-display: swap;. src: url(https://fonts.gstatic.com/s/archivo/v19/k3kBo8UDI-1M0wlSfdzyIEkpwTM29hr-8mTYCx6muLRm.woff2) format('woff2');. unicode-range: U+0100-02AF, U+0304, U+0308, U+0329, U+1E00-1E9F, U+1EF2-1EFF, U+2020, U+20A0-20AB, U+20AD-20C0, U+2113, U+2C60-2C7F, U+A720-A7FF;.}./ latin */.@font-face {. font-family: 'Archivo';. font-style: italic;. font-weight: 100;. font-stretch: 100%;. font-display: swap;. src: url(https:

Chrome Cache Entry: 242

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1320)
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	5.131719403602016
Encrypted:	false
SSDEEP:
MD5:	5196B646C935D061E252682E2F0EA638
SHA1:	C2E7870A2F51DB70290ABFD2691A976451AAA4C9
SHA-256:	496E400CBDA2B6BE16176AECA23901FEE57E92C35F6C87C1A96BDFADA3EAAD9E
SHA-512:	E0790BE7D110F77F9099AE17FC8AD90F0BF2750BF9E02CCEF1FD19BA5D0E117F0EE949BFB43DA6A6FE112422A585DAF6A6F70477B5FCD67FEC03C02FD379DE4B
Malicious:	false
Reputation:	unknown
Preview:	/! elementor - v3.24.0 - 13-09-2024 /."use strict";(self.webpackChunkelementor=self.webpackChunkelementor\|\|[]).push([[357],{1327:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.default=void 0;class TextEditor extends elementorModules.frontend.handlers.Base{getDefaultSettings(){return{selectors:{paragraph:"p:first"},classes:{dropCap:"elementor-drop-cap",dropCapLetter:"elementor-drop-cap-letter"}}}getDefaultElements(){const e=this.getSettings("selectors"),t=this.getSettings("classes"),r=jQuery("<span>",{class:t.dropCap}),p=jQuery("<span>",{class:t.dropCapLetter});return r.append(p),{$paragraph:this.$element.find(e.paragraph),$dropCap:r,$dropCapLetter:p}}wrapDropCap(){if(!this.getElementSettings("drop_cap"))return void(this.dropCapLetter&&(this.elements.$dropCap.remove(),this.elements.$paragraph.prepend(this.dropCapLetter),this.dropCapLetter=""));const e=this.elements.$paragraph;if(!e.length)return;const t=e.html().replace(/ /g," "),r=t.match(/^ *([^ ] ?)/);if(!r)return;

Chrome Cache Entry: 244

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65496)
Category:	downloaded
Size (bytes):	80657
Entropy (8bit):	5.1739093011687975
Encrypted:	false
SSDEEP:
MD5:	BEB30A2A6F87E03765E5D6461813186B
SHA1:	A8F00078843FE588F6BE66401B0CEE25376A7477
SHA-256:	8A324461EC9ED5E56135BC7763F906C38DDA65AA7ABE1D2DDFFD291CFCC19EEF
SHA-512:	6B31FF64A2F9C6BFE448035920F653E440B86AF2E8851F4E105AACDB82DE711CC48C58E0B7CED00D0453F72E0B6007741EFB90BCCE1C14C3F6D6E7E0723EB1D2
Malicious:	false
Reputation:	unknown
URL:	https://hatmed.co.za/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.24.2
Preview:	/! elementor - v3.24.0 - 13-09-2024 /.(self.webpackChunkelementor=self.webpackChunkelementor\|\|[]).push([[354],{381:(e,t)=>{"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=void 0;t.default=(e,t)=>{t=Array.isArray(t)?t:[t];for(const n of t)if(e.constructor.name===n.prototype[Symbol.toStringTag])return!0;return!1}},8135:(e,t)=>{"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=void 0;class _default extends elementorModules.ViewModule{getDefaultSettings(){return{selectors:{elements:".elementor-element",nestedDocumentElements:".elementor .elementor-element"},classes:{editMode:"elementor-edit-mode"}}}getDefaultElements(){const e=this.getSettings("selectors");return{$elements:this.$element.find(e.elements).not(this.$element.find(e.nestedDocumentElements))}}getDocumentSettings(e){let t;if(this.isEdit){t={};const e=elementor.settings.page.model;jQuery.each(e.getActiveControls(),(n=>{t[n]=e.attributes[n]}))}else t=this.$element.data("elementor-sett

Chrome Cache Entry: 245

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (19015)
Category:	downloaded
Size (bytes):	19188
Entropy (8bit):	5.212814407014048
Encrypted:	false
SSDEEP:
MD5:	70D3FDA195602FE8B75E0097EED74DDE
SHA1:	C3B977AA4B8DFB69D651E07015031D385DED964B
SHA-256:	A52F7AA54D7BCAAFA056EE0A050262DFC5694AE28DEE8B4CAC3429AF37FF0D66
SHA-512:	51AFFB5A8CFD2F93B473007F6987B19A0A1A0FB970DDD59EF45BD77A355D82ABBBD60468837A09823496411E797F05B1F962AE93C725ED4C00D514BA40269D14
Malicious:	false
Reputation:	unknown
URL:	https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
Preview:	/. Copyright (C) Federico Zivolo 2017. Distributed under the MIT License (license terms are at http://opensource.org/licenses/MIT).. /(function(e,t){'object'==typeof exports&&'undefined'!=typeof module?module.exports=t():'function'==typeof define&&define.amd?define(t):e.Popper=t()})(this,function(){'use strict';function e(e){return e&&'[object Function]'==={}.toString.call(e)}function t(e,t){if(1!==e.nodeType)return[];var o=getComputedStyle(e,null);return t?o[t]:o}function o(e){return'HTML'===e.nodeName?e:e.parentNode\|\|e.host}function n(e){if(!e)return document.body;switch(e.nodeName){case'HTML':case'BODY':return e.ownerDocument.body;case'#document':return e.body;}var i=t(e),r=i.overflow,p=i.overflowX,s=i.overflowY;return /(auto\|scroll)/.test(r+s+p)?e:n(o(e))}function r(e){var o=e&&e.offsetParent,i=o&&o.nodeName;return i&&'BODY'!==i&&'HTML'!==i?-1!==['TD','TABLE'].indexOf(o.nodeName)&&'static'===t(o,'position')?r(o):o:e?e.ownerDocument.documentElement:document.documentElement}functio

Chrome Cache Entry: 248

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (6835)
Category:	downloaded
Size (bytes):	6879
Entropy (8bit):	4.8764504133808115
Encrypted:	false
SSDEEP:
MD5:	FB4063422929E05EE084884D52643194
SHA1:	F937EBB80EB511F838BDEF15895A4EAC76AFB786
SHA-256:	EF6FF57E45B18178B3DE18842C8EED31271DCE347D8F0E79767833CB9FBBD847
SHA-512:	604FAA6C75C5C6251C8BF8228EDC157E9242671F5A9639B9A501D478E012DD8F7E569203FB456CBBF0DF7B43D40A835D92DCCB0AA7178FA10BF4CBE3CE6292D9
Malicious:	false
Reputation:	unknown
URL:	https://hatmed.co.za/wp-content/plugins/elementor-pro/assets/css/widget-forms.min.css?ver=3.24.1
Preview:	/! elementor-pro - v3.24.0 - 12-09-2024 /..elementor-button.elementor-hidden,.elementor-hidden{display:none}.e-form__step{width:100%}.e-form__step:not(.elementor-hidden){display:flex;flex-wrap:wrap}.e-form__buttons{flex-wrap:wrap}.e-form__buttons,.e-form__buttons__wrapper{display:flex}.e-form__indicators{align-items:center;display:flex;flex-wrap:nowrap;font-size:13px;justify-content:space-between;margin-bottom:var(--e-form-steps-indicators-spacing)}.e-form__indicators__indicator{align-items:center;display:flex;flex-basis:0;flex-direction:column;justify-content:center;padding:0 var(--e-form-steps-divider-gap)}.e-form__indicators__indicator__progress{background-color:var(--e-form-steps-indicator-progress-background-color);border-radius:var(--e-form-steps-indicator-progress-border-radius);overflow:hidden;position:relative;width:100%}.e-form__indicators__indicator__progress__meter{background-color:var(--e-form-steps-indicator-progress-color);border-radius:var(--e-form-steps-indicator-pro

Chrome Cache Entry: 249

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (681), with no line terminators
Category:	dropped
Size (bytes):	681
Entropy (8bit):	5.202494651221147
Encrypted:	false
SSDEEP:
MD5:	F5945DB2F3337FD9F1CBEF5B07B2A493
SHA1:	8A11439D56AF9FB27836BB5F2A30AEB35B93BB5A
SHA-256:	A8642BCD147BA3528345F5BD17F788CD524931E093255B2C1C8344677A1AB505
SHA-512:	DDFAE8040510DCA2E41C5F745B2EC8E349053A02409C41CBC3CBF8DF1561B7C586F93090974EE6821FC27E19ABA68CC6C95FABE9D9321934FB185D20A8DA7A12
Malicious:	false
Reputation:	unknown
Preview:	function animateCircle({percentage:e=100,onScroll:t=!1,speed:i=1,element:n,size:o=50,backgroundClr:r="white",color:l="blue",strokeWidth:a=5}){let c=Math.ceil(document.body.scrollHeight-window.innerHeight);if(!n)return void console.error("Invalid element:",n);let d=n,h=d.getContext("2d"),s=2o+a,g=s,m=s/2,u=g/2;d.width=s,d.height=g;let k=()=>{let n=t?Math.floor(window.pageYOffset/c100):e>100?100:e+i;h.clearRect(0,0,s,g),h.beginPath(),h.lineWidth=a,h.arc(m,u,o,0,2Math.PI),h.strokeStyle=r,h.stroke(),(e=>{h.beginPath(),h.lineWidth=a,h.strokeStyle=l,h.arc(m,u,o,0,2Math.PI*e/100),h.stroke()})(n),(!t\|\|n<e)&&requestAnimationFrame(k)};t?document.addEventListener("scroll",k):k()}

Chrome Cache Entry: 250

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format, TrueType, length 459244, version 1.0
Category:	downloaded
Size (bytes):	459244
Entropy (8bit):	6.340058734612562
Encrypted:	false
SSDEEP:
MD5:	407C921B145401549A255EAFB621F326
SHA1:	6FC4E9882755A810A985EF82E93CED29AA881CD3
SHA-256:	C1A14078BE47BD4E4CF5BA42F7EBC1000A6AE1BFC084F1C7E6132F49823ED038
SHA-512:	A27A43AE51502AC652DB8C1C19AEF1507B9BC110E6C6EFC66611A2C86DD98AE91076CE0755D63F4B7C8954C1D93D317A21A2601BCAF5AA2C3A06FC2AA63021ED
Malicious:	false
Reputation:	unknown
URL:	https://hatmed.co.za/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/fonts/elementskit.woff?y24e1e
Preview:	wOFF........................................OS/2.......`...`...Jcmap...h...\|...\|....gasp................glyf.............phead...\|...6...6-O.hhea......$...$...vhmtx.............di.loca..............a\|maxp...<... ... ....name...\...p...p.:~.post....... ... ...............................3...................................@.........@...@............... .................................`............. .E............... ...G.......................................................................79..................79..................79.............].%./.K......#8.1"........326?....3!265....7>.'.#546;.2.....+.54&+."...#"&5..>.32.......<.......<.........m-..4.-m.......m..........- . -....$.......$.Q...............x.f -- ..x..................--.......B.......-.............................#.'.+./.3.7.;.?.C.G.K.O.S.W.[._.........3.#.3.#.3.#.3.#.3.#53.#.3.#.3.#.3.#.3.#.3.#53.#.3.#.3.#.3.#.3.#.3.#53.#.3.#.3.#.3.#.3.#.3.#53.#.#.4&/.54&'........#"....3!2654&#.....!..%467%.!...33333333333

Chrome Cache Entry: 251

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 1005 x 273, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	89212
Entropy (8bit):	7.97441954118047
Encrypted:	false
SSDEEP:
MD5:	8626DC52BB707FB25C37200A303B6963
SHA1:	A7947E7A48C1003BCFE9BE1027BB2F0D5AD19EFD
SHA-256:	18A985F6C997AD62D8E47B3F70D2E091877721CFF4DF2FBE792D55F2F7F8FA37
SHA-512:	3F6497BA405C32D42A246E400DDFD01AB518A24EDA94F35C42F0AD66A227911607668B010AD36C23F85ABBA208B3A3CF24B59213F3EAB56E1B1533F0BFEC14B8
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR...............FX....pHYs..........+.....qiTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 9.1-c002 79.a6a6396, 2024/03/12-07:48:23 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:Attrib="http://ns.attribution.com/ads/1.0/" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:photoshop="http://ns.adobe.com/photoshop/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stEvt="http://ns.adobe.com/xap/1.0/sType/ResourceEvent#" dc:format="image/png" xmp:CreatorTool="Canva (Renderer)" xmp:CreateDate="2024-07-09T13:47:00+02:00" xmp:ModifyDate="2024-07-10T13:35:58+02:00" xmp:MetadataDate="2024-07-10T13:35:58+02:00" photoshop:ColorMode="3" xmpMM:InstanceID="xmp.iid:2ad4ae5f-d5a9-4146-845c-881da08a9413" xmpMM:DocumentID="adobe:docid:photoshop:0698bb36-835e-164a-84cd-9015c9fa4b65" xmpM

Chrome Cache Entry: 252

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	17642
Entropy (8bit):	4.863441996439266
Encrypted:	false
SSDEEP:
MD5:	B59DA869639626C1BF92EBD918DB7867
SHA1:	2A539120E08CA9359B93FDC940068ACDDA3D294B
SHA-256:	D4F7FD6FFC599951EBFC7F4B49F59C9385C144CEBDA7320EA0368F7C4847365C
SHA-512:	6A7AFCF8A5902AF008D11EBB89143C1008FC29E215E74D7E97A89605B9524E1BAA308A62C995B04B8E6CE75BC82FC39F2C2820729EA8417447DC5AD1F4646A2E
Malicious:	false
Reputation:	unknown
URL:	https://hatmed.co.za/wp-content/plugins/skyboot-custom-icons-for-elementor/assets/css/themify.css?ver=1.0.8
Preview:	/--------------------------.. icon themify .. https://themify.me/themify-icons..-------------------------- /......@font-face {...font-family:'themify';...src:url('../fonts/themify.eot?-fvbane');...src:url('.../fonts/themify.eot?#iefix-fvbane') format('embedded-opentype'),url('../fonts/themify.woff?-fvbane') format('woff'),url('../fonts/themify.ttf?-fvbane') format('truetype'),url('../fonts/themify.svg?-fvbane#themify') format('svg');...font-weight: normal;...font-style: normal;..}....[class^="ti-"], [class=" ti-"] {...font-family:'themify';...speak: none;...font-style: normal;...font-weight: normal;...font-variant: normal;...text-transform: none;...line-height: 1;...../ Better Font Rendering =========== */...-webkit-font-smoothing: antialiased;...-moz-osx-font-smoothing: grayscale;..}.....ti-wand:before {...content: "\e600";..}...ti-volume:before {...content: "\e601";..}...ti-user:before {...content: "\e602";..}...ti-unlock:before {...content: "\e603";..}...ti-unlink:before {

Chrome Cache Entry: 253

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (10260), with no line terminators
Category:	downloaded
Size (bytes):	10260
Entropy (8bit):	4.345053278095821
Encrypted:	false
SSDEEP:
MD5:	F9A4D42BF66491DD2E49CD5A425BFC4E
SHA1:	3CFE595AB53EDF4AD7BA7B66BE50442521F78DD6
SHA-256:	9BC52B3C4E9973D64BAA482F332ED895F80D0CD2BE37E6A49BF1A2E831EB5AC9
SHA-512:	92781FB595E1E551DC4425744692B61A1624CCFDD1C668842CDDBA252303A9D97F713B4CCAA828E196ADD56D10D912871B43AEF3228A574EEF4140E96858A0AC
Malicious:	false
Reputation:	unknown
URL:	https://hatmed.co.za/wp-content/plugins/elementor/assets/css/conditionals/e-swiper.min.css?ver=3.24.2
Preview:	.elementor-element,.elementor-lightbox{--swiper-theme-color:#000;--swiper-navigation-size:44px;--swiper-pagination-bullet-size:6px;--swiper-pagination-bullet-horizontal-gap:6px}.elementor-element .swiper-container .swiper-slide figure,.elementor-element .swiper .swiper-slide figure,.elementor-lightbox .swiper-container .swiper-slide figure,.elementor-lightbox .swiper .swiper-slide figure{line-height:0}.elementor-element .swiper-container .elementor-lightbox-content-source,.elementor-element .swiper .elementor-lightbox-content-source,.elementor-lightbox .swiper-container .elementor-lightbox-content-source,.elementor-lightbox .swiper .elementor-lightbox-content-source{display:none}.elementor-element .swiper-container .elementor-swiper-button,.elementor-element .swiper-container~.elementor-swiper-button,.elementor-element .swiper .elementor-swiper-button,.elementor-element .swiper~.elementor-swiper-button,.elementor-lightbox .swiper-container .elementor-swiper-button,.elementor-lightbox .

Chrome Cache Entry: 254

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (25006)
Category:	dropped
Size (bytes):	25050
Entropy (8bit):	5.132050222992573
Encrypted:	false
SSDEEP:
MD5:	1141F190078B51730F41DDF48BF466BF
SHA1:	128649B773305BF92EEF3193DC80D78D616A6E8F
SHA-256:	A6F24CA21B269AB6CB853E662D36D0B1926B411C420AE34598AAE984250596B6
SHA-512:	AF6320C08583DF89069B1A2913A61D3A802407C72C1B0667BE8B0B726CF23277911AD641CFFA4746B98857F3BD8614F673A0A34A7091C3DC243D2244AE491A0B
Malicious:	false
Reputation:	unknown
Preview:	/! elementor-pro - v3.24.0 - 12-09-2024 /.(self.webpackChunkelementor_pro=self.webpackChunkelementor_pro\|\|[]).push([[313],{3e3:(e,t,n)=>{"use strict";var s=n(6784);n(2258);var i=s(n(4906)),o=s(n(2450)),r=s(n(4409)),a=s(n(7937)),l=s(n(8098)),c=s(n(6275)),d=s(n(3268)),u=s(n(4992));class ElementorProFrontend extends elementorModules.ViewModule{onInit(){super.onInit(),this.config=ElementorProFrontendConfig,this.modules={},this.initOnReadyComponents()}bindEvents(){jQuery(window).on("elementor/frontend/init",this.onElementorFrontendInit.bind(this))}initModules(){let e={motionFX:i.default,sticky:o.default,codeHighlight:r.default,videoPlaylist:a.default,payments:l.default,progressTracker:c.default};elementorProFrontend.trigger("elementor-pro/modules/init:before"),elementorProFrontend.trigger("elementor-pro/modules/init/before"),e=elementorFrontend.hooks.applyFilters("elementor-pro/frontend/handlers",e),jQuery.each(e,((e,t)=>{this.modules[e]=new t})),this.modules.linkActions={addAction:functi

Chrome Cache Entry: 255

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (30299), with no line terminators
Category:	downloaded
Size (bytes):	30299
Entropy (8bit):	4.712196414781506
Encrypted:	false
SSDEEP:
MD5:	317FBC87772718EB181EC7FEBA35E148
SHA1:	E08708D82FBA6BDB5D2A6826CC5099662F7DAAB1
SHA-256:	12C3F7BC60C99D1B6B634D6CD16FBB0E26AE75DDDA15D7A6E5106CD5DAD83F14
SHA-512:	12F3E8E96F53D74B1A93F80D1B3F5174879B29588F74C1EAE3E67C6BFC76AFC0613D4392B3B46B488B5557BF1DCD1752B4FE27E26ACFBAC2B2F88BF8AED1796A
Malicious:	false
Reputation:	unknown
URL:	https://hatmed.co.za/wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css?ver=3.2.7
Preview:	@media (max-width:480px){.ekit-wid-con .hotspot-following-line-style .ekit-hotspot-horizontal-line{width:50px}.ekit-wid-con .ekit-location_inner{left:0;right:auto}}@media (max-width:767px){.ekit-wid-con .elementskit-image-accordion-wraper{-ms-flex-wrap:wrap;flex-wrap:wrap}}@media screen and (min-width:1025px){.ekit-image-accordion-vertical .ekit-image-accordion{-webkit-box-orient:vertical;-webkit-box-direction:normal;-ms-flex-direction:column;flex-direction:column}.ekit-image-accordion-vertical .ekit-image-accordion-item{min-height:0!important}}@media screen and (min-width:768px) and (max-width:1024px){.ekit-image-accordion-tablet-vertical .ekit-image-accordion,.ekit-image-accordion-vertical:not(.ekit-image-accordion-tablet-horizontal) .ekit-image-accordion{-webkit-box-orient:vertical;-webkit-box-direction:normal;-ms-flex-direction:column;flex-direction:column}.ekit-image-accordion-tablet-vertical .ekit-image-accordion-item,.ekit-image-accordion-vertical:not(.ekit-image-accordion-table

Chrome Cache Entry: 256

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (18005)
Category:	downloaded
Size (bytes):	18625
Entropy (8bit):	5.68128755496098
Encrypted:	false
SSDEEP:
MD5:	8C81F651F7EF773443B3729FF378AA6B
SHA1:	E55C3C8766BA6F875B905A5F5FAEAD610476BD4B
SHA-256:	448DCF93641F56B693A9442F98435803021245AA4F1FC2F1DD9A16F2E0A4407E
SHA-512:	B6B63933326A71A17265E2CAB8E36431E2B9BF55BDF6519A4C0B8E440DC11B2342D31EF6C0C1DE14ED998C33D7ECDF1BA2942B460EF7927968728C82506B0D96
Malicious:	false
Reputation:	unknown
URL:	https://www.google.com/js/bg/RI3Pk2QfVraTqUQvmENYAwISRapPH8Lx3ZoW8uCkQH4.js
Preview:	/* Anti-spam. Want to say hello? Contact (base64) Ym90Z3VhcmQtY29udGFjdEBnb29nbGUuY29t / (function(){var v=this\|\|self,S=function(X){return X},m=function(X,w){if(!(X=(w=null,v).trustedTypes,X)\|\|!X.createPolicy)return w;try{w=X.createPolicy("bg",{createHTML:S,createScript:S,createScriptURL:S})}catch(D){v.console&&v.console.error(D.message)}return w};(0,eval)(function(X,w){return(w=m())&&X.eval(w.createScript("1"))===1?function(D){return w.createScript(D)}:function(D){return""+D}}(v)(Array(Math.random()7824\|0).join("\n")+['(function(){/',.'',.' Copyright Google LLC',.' SPDX-License-Identifier: Apache-2.0',.'/',.'var O=function(X,w,S,v){for(v=((S=[],X)\|0)-1;v>=0;v--)S[(X\|0)-1-(v\|0)]=w>>v*8&255;return S},p=function(X,w,S){if(w==130\|\|w==214)X.X[w]?X.X[w].concat(S):X.X[w]=XQ(S,X);else{if(X.TX&&w!=36)return;w==351\|\|w==190\|\|w==42\|\|w==60\|\|w==417\|\|w==388\|\|w==242\|\|w==492\|\|w==467\|\|w==377?X.X[w]\|\|(X.X[w]=wh(46,S,w,X)):X.X[w]=wh(137,S,w,X)}w==36&&(X.N=u(32,false,X),X.j=void 0)},Do=function(X,w){(

Chrome Cache Entry: 257

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 51924, version 1.0
Category:	downloaded
Size (bytes):	51924
Entropy (8bit):	7.995827812248121
Encrypted:	true
SSDEEP:
MD5:	14A99C00E5ECB66E11959D748EBC690F
SHA1:	D3A7BE201EB9242D6FEFC44DBF20F6893E97BE29
SHA-256:	ECBF4BCC5F73605021F6892FCEE473CD0F43F47B82BA048D5B426CECFAB475E2
SHA-512:	4D2BF97D14DA13C9654F1FDD55C2CB6037B3F7576363231F2E5E7D791BCFB879EC7E1FC6175B865041031D56E60A09177C14A78C9AD8B885BF7C0E24B6A4C7D9
Malicious:	false
Reputation:	unknown
URL:	https://fonts.gstatic.com/s/inter/v18/UcC53FwrK3iLTcvneQg7Ca725JhhKnNqk6L5UUM.woff2
Preview:	wOF2...............P...X..........................`......p?HVAR..?MVAR^.`?STAT.J'&..>/l.....h..6....0...6.$.... ..H.....[".A.r..X..m.....W.......2q..6....<^T........5V6......C....Jm..t.....yD.dz.Z.Z..-3...g3..'.y.......t.0@..0/0...:..^.a.............C...t..F...}[}.U;]......N..l.".>.<PP.."\|..&.(.!..m.D..T.a2.<W..?.e..-L.0...Z...")L. Va ..4R.........l..>........Do..k.?....w.;.I..u....7....6i....(.A-..3U.A.M.\|L9_.m....#..g.I.5..1....A....9.=O.6...e.K....%...'.3.;....%c..0...).B.8.nQ`."1#.F@./Q...DDE.Z.........C\..9)..:...>..k..)e.;d.%.e....#..........&..0=.R..uj.. ..._....C...)bD0.#d....M..EsI..U<U=..........,.......A...4ms!..U..~{b.......k7...s.]}b.'.......3.5.w.T..h.`!...H...)bmax...&..#..Bp)..v..w'j..}......v.RF..m]...-.h.9.....Dp....TT.(.1[.0.Lkke}.........1}x.....J..X.....B..!%G.".\.....U.V.U.LbM.5x3...s..~.._.....7[.Jr/...`....$.....v.U.\|.....t.....d.J..m^..tK.....MT..s.~......9J..^....}/..&.l.zB.HT.j....ni.........l.....Zs.V..*..7

Chrome Cache Entry: 258

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	4022
Entropy (8bit):	7.918647339259681
Encrypted:	false
SSDEEP:
MD5:	22DE274A31A4706CB459A9ADB70169AD
SHA1:	91AF5183A02C05D46E4E685B0580BFB5E409F381
SHA-256:	8B59DCDC9336D94434D193091BDE5C1D1B05C21EE86E1BB15F8B70D9A50A10AB
SHA-512:	BD249E6F3628E4FA9CBC06AA5EDAD6BB5486CC30C03563BF8A7996EED0915F6419974E85D471815C2418F8A85061411033FD36CE1FBA0B435DB1167EF2FA879C
Malicious:	false
Reputation:	unknown
URL:	https://hatmed.co.za/wp-content/uploads/2024/07/hatmed-icon-150x150.png
Preview:	RIFF....WEBPVP8X..............ALPH.......m..I...zZ..m.m.....m..L#5h...U..g....w.#b.....s......'.c.mo..u...Kf%...^..9..^.bE.C.+..0(R..f..I.}...k..^......ZZ]9...X.....8J..R.k....D.=......Q.K.9.....^.XP.l..@.u6.5Hu.%.....'._u..Ai+...A..r.F.[.../...O......J_.....v...G.......}b.T&.]...0..at..J\|t.9..@.0.x......dq..l..Ba_sXc.....R..@..5..p'..l....F.....g.SDw.#.`.+.....zU.J.:....(..I....88..b\|..zp.7.......o..E2!8..K..... ...W\...........n..>z.....s.M>.ek6...."....\|.J........w^F$.g.[cG...r.....p.y....O...0...@.o%).I.....=C...-..H'OM....@j.V.0x.$.d.b3.....j.~.J...4'...{J..U..V..m..".`...5I_z....;."....A.<;.Nj........'2I..EQ.0...H...J....../._......l9..a.Gr...N.....7X&-.]Q..X."..Y.e.,.E.e."...".l.e..[r>!'/.B.,.#.4Qy.J.."....d..".`.S.ieX.UY....>4B.]..ig...:N..k.F.ed[..`..F.q&'..+..#.#..xN.a...X.....<...h.tA...&...`...D#..b.....>..8.GL.0.n..... ..#....!.x...%....c$.g.P.x\|.w.e...j..* z/.N.....!..U.$...I.T!.-'!..@Lj'.I.,!...^..bab..*&c.!.%$$^'.$.........

Chrome Cache Entry: 260

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	137
Entropy (8bit):	4.641725455804965
Encrypted:	false
SSDEEP:
MD5:	213B8C4EB2B35897BCE80CD293410B73
SHA1:	A01463905EAEC1255620662679DFE847A44B2F74
SHA-256:	13037A61480CEE3D2149C59C4F6DDDDCE6CEC4653016CB189BC6BEDD42ACA2FD
SHA-512:	6E103FED608BA80069D3E490B359210FB659377C06081294A17A8DB778AAA8B2CF1598FD5A301C1BAEB01935EFD296CA2EA11F9247766C0CD0D0C1C7131E4026
Malicious:	false
Reputation:	unknown
URL:	https://hatmed.co.za/wp-content/plugins/elementor/assets/lib/animations/styles/fadeInDown.min.css?ver=3.24.2
Preview:	@keyframes fadeInDown{from{opacity:0;transform:translate3d(0,-100%,0)}to{opacity:1;transform:none}}.fadeInDown{animation-name:fadeInDown}

Chrome Cache Entry: 261

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65279)
Category:	downloaded
Size (bytes):	143709
Entropy (8bit):	5.24920092406455
Encrypted:	false
SSDEEP:
MD5:	83E9B29F0086BBA50D653F1CB8DEDC3C
SHA1:	F8F89387C9ACA9D524BB638EAE457D4659EFCA52
SHA-256:	2AC3AF00C283C0B2AE6108FA83A2053E51274A2A812FB063916CBE19BC4F96B5
SHA-512:	C8018876EE96B4600AE32342EC6D21B452AD4109D605FB838F146B734DE274EF5E37179567A2C67EC828DC1B673364637FC82E7DFE8F7ADBB18E20555577160C
Malicious:	false
Reputation:	unknown
URL:	https://hatmed.co.za/wp-content/plugins/elementor/assets/lib/swiper/v8/swiper.min.js?ver=8.4.5
Preview:	/*. Swiper 8.4.5. * Most modern mobile touch slider and framework with hardware accelerated transitions. * https://swiperjs.com. . Copyright 2014-2022 Vladimir Kharlampidi. . Released under the MIT License. . Released on: November 21, 2022. */.. !function(e,t){"object"==typeof exports&&"undefined"!=typeof module?module.exports=t():"function"==typeof define&&define.amd?define(t):(e="undefined"!=typeof globalThis?globalThis:e\|\|self).Swiper=t()}(this,(function(){"use strict";function e(e){return null!==e&&"object"==typeof e&&"constructor"in e&&e.constructor===Object}function t(s,a){void 0===s&&(s={}),void 0===a&&(a={}),Object.keys(a).forEach((i=>{void 0===s[i]?s[i]=a[i]:e(a[i])&&e(s[i])&&Object.keys(a[i]).length>0&&t(s[i],a[i])}))}const s={body:{},addEventListener(){},removeEventListener(){},activeElement:{blur(){},nodeName:""},querySelector:()=>null,querySelectorAll:()=>[],getElementById:()=>null,createEvent:()=>({initEvent(){}}),createElement:()=>({children:[],childNodes:[],

Chrome Cache Entry: 262

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 text, with very long lines (8856), with CRLF, LF line terminators
Category:	downloaded
Size (bytes):	82530
Entropy (8bit):	5.277253755418061
Encrypted:	false
SSDEEP:
MD5:	4EA891C85AEA05752A0EAB67E1E5387F
SHA1:	E20A52588E0AEF3E98C77C75A178B9FE1152E5A1
SHA-256:	AA72A6C2CEC9E5F38D3CF6A709DB5236FC22CD3CE8F903ECF64AAE4DE384629F
SHA-512:	A3CB19954D125C48B88D68C6F0F266DFF56731DBC6D8A3AAA0BC53AA7487F61015C262AB368CBC41C7663B41D394AB4D36859D1ABD6E37406A3076B7D02BBDD3
Malicious:	false
Reputation:	unknown
URL:	https://hatmed.co.za/
Preview:	<!doctype html>..<html lang="en-US">..<head>...<meta charset="UTF-8">...<meta name="viewport" content="width=device-width, initial-scale=1">...<link rel="profile" href="https://gmpg.org/xfn/11">...<title>Hatmed</title>.<meta name='robots' content='max-image-preview:large' />.<link rel="alternate" type="application/rss+xml" title="Hatmed » Feed" href="https://hatmed.co.za/feed/" />.<link rel="alternate" type="application/rss+xml" title="Hatmed » Comments Feed" href="https://hatmed.co.za/comments/feed/" />.<script>.window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/svg\/","svgExt":".svg","source":{"concatemoji":"https:\/\/hatmed.co.za\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.6.2"}};./! This file is auto-generated /..!function(i,n){var o,s,e;function c(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessionStorage.setItem(o,JSON.stringify(t))

Chrome Cache Entry: 263

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (724)
Category:	downloaded
Size (bytes):	551834
Entropy (8bit):	5.646059185430787
Encrypted:	false
SSDEEP:
MD5:	33AFF52B82A1DF246136E75500D93220
SHA1:	4675754451AF81F996EAB925923C31EF5115A9F4
SHA-256:	B5E8EC5D4DCC080657DEB2D004F65D974BF4EC9E9AA5D621E10749182FFF8731
SHA-512:	2E1BAAE95052737BDB3613A6165589643516A1F4811D19C2F037D426265AA5ADF3C70334C1106B1B0EEF779244389F0D7C8C52B4CD55FCE9BAB2E4FCB0642720
Malicious:	false
Reputation:	unknown
URL:	https://www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__en.js
Preview:	(function(){/.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0././.. Copyright 2005, 2007 Bob Ippolito. All Rights Reserved.. Copyright The Closure Library Authors.. SPDX-License-Identifier: MIT././.. Copyright Google LLC. SPDX-License-Identifier: Apache-2.0././. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0./.var z=function(){return[function(v,p,K,u,W,n){if(!((v>>2&(n=[6,"Unknown format requested type for int64",9],n[0])\|\|!U[22](11,this.U(),p)&&this.dispatchEvent("enter")&&this.isEnabled()&&R[23](n[2],this,2)&&R[3](n[0],2,!0,this),v-1)<20&&(v>>1&7)>=4&&(u=new vf,W=R[41](1,p,u,kV,K==p?K:P[8](37,K),5)),v<<1&11))throw Error(n[1]);return W},function(v,p,K,u,W){return((W=[17,7,46],v)<<2&W[1]\|\|(p=function(n){return K.call(p.src,p.listener,n)},K=UJ,u=p),(v-1\|12)<v&&(v-9\|59)>=v)&&(u=M[W[2]](15,p)&&!M[W[2]](13,."iPod")&&!M[W[2]](W[0],K)),((v\|8)&W[1])==1&&(u=p.Y?p.Y:p.I?"application/x-protobuffer":""),u},function(v,p,K,u,W){retu

Chrome Cache Entry: 264

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (18937), with no line terminators
Category:	downloaded
Size (bytes):	18937
Entropy (8bit):	5.105166492816116
Encrypted:	false
SSDEEP:
MD5:	C29833D7BAD8CFFD99091925620FB6B0
SHA1:	026C7D06D98E5B11EF0F24C51BDE41B81ED73B4D
SHA-256:	DC7D6EA0D78EA5B97AAB704AF2471E031F4A53560835A922F4FEAE55D48E77EB
SHA-512:	A19C672C76DB019914D77D64570889396F45F90C6336670D81413F04FA7D911A8A25185B2C78D463A6CA2DB8ECA367C91D328844EF33737B3B378063BFEA3EED
Malicious:	false
Reputation:	unknown
URL:	https://hatmed.co.za/wp-content/plugins/elementskit-lite/widgets/init/assets/js/elementor.js?ver=3.2.7
Preview:	!function(e,t){"use strict";window.ElementsKit_Helper={},ElementsKit_Helper.setURLHash=function(t,n,i){if(void 0===t\|\|!("ekit_hash_change"in t))return;void 0===i&&(i="ekit-handler-id");let s="#"+e(n).data(i);window.location.hash=s},ElementsKit_Helper.ajaxLoading=function(n,i){if(n.hasClass("ekit-template-ajax--yes")){var s=i.find("[data-ajax-post-id]");s.hasClass("is--loaded")\|\|e.ajax({type:"POST",url:ekit_config.ajaxurl,data:{action:"ekit_widgetarea_content",nonce:ekit_config.nonce,post_id:s.data("ajax-post-id")},success:function(n){s.addClass("is--loaded").html(n),s.find("[data-widget_type]").each((function(){var n=e(this);t.hooks.doAction("frontend/element_ready/"+n.data("widget_type"),n)}))}})}},ElementsKit_Helper.triggerClickOnEvent=function(t,n){"click"!==t&&n.on(t,(function(){e(this).trigger("click")}))},ElementsKit_Helper.megaMenuAjaxLoad=function(t){let n=t.find(".elementskit-submenu-indicator, .ekit-submenu-indicator-icon"),i=t.find(".megamenu-ajax-load"),s=t.closest(".ekit-w

Chrome Cache Entry: 266

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (11819)
Category:	downloaded
Size (bytes):	16167
Entropy (8bit):	5.05798162634469
Encrypted:	false
SSDEEP:
MD5:	6D2170BD0C545974954F21D0551291DE
SHA1:	5532DC7B582004089698F004AF4E1648FB4EB37C
SHA-256:	847E19BF7D5529FD8A30E26F214A6120C1CC8578DF4CEA7AE5405BE87E76B101
SHA-512:	531D2E2E64BCDBA4C2F6861FE37CB9DFCDB89288EE290771724CC948D7A3004E5192DE3D9FFE5735C51D1985BEE701A3CA0509C61DBB18FA78991BF5BCF092F3
Malicious:	false
Reputation:	unknown
URL:	https://hatmed.co.za/wp-content/plugins/elementor/assets/lib/flatpickr/flatpickr.min.css?ver=4.1.4
Preview:	.flatpickr-calendar{background:transparent;opacity:0;display:none;text-align:center;visibility:hidden;padding:0;-webkit-animation:none;animation:none;direction:ltr;border:0;font-size:14px;line-height:24px;border-radius:5px;position:absolute;width:307.875px;-webkit-box-sizing:border-box;box-sizing:border-box;-ms-touch-action:manipulation;touch-action:manipulation;background:#fff;-webkit-box-shadow:1px 0 0 #e6e6e6,-1px 0 0 #e6e6e6,0 1px 0 #e6e6e6,0 -1px 0 #e6e6e6,0 3px 13px rgba(0,0,0,0.08);box-shadow:1px 0 0 #e6e6e6,-1px 0 0 #e6e6e6,0 1px 0 #e6e6e6,0 -1px 0 #e6e6e6,0 3px 13px rgba(0,0,0,0.08)}.flatpickr-calendar.open,.flatpickr-calendar.inline{opacity:1;max-height:640px;visibility:visible}.flatpickr-calendar.open{display:inline-block;z-index:99999}.flatpickr-calendar.animate.open{-webkit-animation:fpFadeInDown 300ms cubic-bezier(.23,1,.32,1);animation:fpFadeInDown 300ms cubic-bezier(.23,1,.32,1)}.flatpickr-calendar.inline{display:block;position:relative;top:2px}.flatpickr-calendar.stati

Chrome Cache Entry: 267

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	40
Entropy (8bit):	4.184183719779189
Encrypted:	false
SSDEEP:
MD5:	94D041D462DB321CDB888066586F2068
SHA1:	717D2F9DA7FB9F9E2BF2058A8177A0344F8A8647
SHA-256:	B8166C5475DF6A64AB2456E95F64564164ED697D258E8BFED8CEBCA40EFD6FA5
SHA-512:	9A320FBC1DBEDA1700F54140F814A285D1CDADF947F927DB7E1D70A686D15FC74D69530BD13AB7CF9C3A2009791F2AC8F358CD9F748B1C2995EB9712B68DC574
Malicious:	false
Reputation:	unknown
URL:	https://hatmed.co.za/wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js?ver=3.2.7
Preview:	jQuery(document).ready((function(e){}));

Chrome Cache Entry: 268

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format, CFF, length 56108, version 1.0
Category:	downloaded
Size (bytes):	56108
Entropy (8bit):	6.26938440516179
Encrypted:	false
SSDEEP:
MD5:	A1ECC3B826D01251EDDDF29C3E4E1E97
SHA1:	9394F35BD2ADDD24666B79BFC36D4F9D247CB01D
SHA-256:	0DB5C5A1475EB7A3E5028983EA1E642D1B2C00FAFF6A250A37502B0F3832A4A7
SHA-512:	2329063D667B5480A2862FE4E11154B4DABF3B8782FD67BE79EBFE55BFDA96E28E70F8F438F73C7EF9901AFCB16370897C3022C8B649A33CB74459C610CCA00A
Malicious:	false
Reputation:	unknown
URL:	https://hatmed.co.za/wp-content/plugins/skyboot-custom-icons-for-elementor/assets/fonts/themify.woff?-fvbane
Preview:	wOFFOTTO...,................................CFF .......4...4-+a^OS/2...(...`...`."..cmap......L...L.U.gasp................head.......6...6.i..hhea.......$...$...<hmtx...8..........'Tmaxp.............dP.name.......9...9U...post....... ... .............themify......:.............S.......S......g...z......................+..e................ .%../.4.9.>.C.H.M.R.W.\.a.f.k.p.u.z...................................................................$.)...3.8.=.B.G.L.Q.V.[.`.e.j.o.t.y.~.................................................................#.(.-.2.7.<.A.F.K.P.U.Z._.d.i.n.s.x.}.................................................................".'.,.1.6.;.@.E.J.O.T.Y.^.c.h.m.r.w.\|.................................................................!.&.+.0.5.:.?.D.I.N.S.X.].b.g.l.q.v.{................................................................. .%../.4.9.>.C.H.M.R.W.\.a.f.k.p.u.z...................................................................$.)...3.8.=.B.G.L.Q.V.[.`.e.j.o.t.y.~.....

Chrome Cache Entry: 269

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (4358), with CRLF line terminators
Category:	downloaded
Size (bytes):	5532
Entropy (8bit):	5.090080231857825
Encrypted:	false
SSDEEP:
MD5:	40D96F28AA15A687142B9FADC5519B10
SHA1:	E16D7BDB038913411A470CBCA7B368FD8E57285E
SHA-256:	A1B23AEACED700039BB79D39466019B0D6DF1E6C24B3D3B453DA17573B8023C7
SHA-512:	5CA257EA17BA424D8663A3FF2D2E7589512B6B6F69E88B737EB5D9FFDF940CFA200E5EE42D98926F8D4789D0084035859051DFBA32F57082A67F1311BB654ADC
Malicious:	false
Reputation:	unknown
URL:	https://hatmed.co.za/wp-includes/js/imagesloaded.min.js?ver=5.0.0
Preview:	/! This file is auto-generated /../!.. imagesLoaded PACKAGED v5.0.0.. * JavaScript is all like "You images are done yet or what?".. * MIT License.. */..!function(t,e){"object"==typeof module&&module.exports?module.exports=e():t.EvEmitter=e()}("undefined"!=typeof window?window:this,(function(){function t(){}let e=t.prototype;return e.on=function(t,e){if(!t\|\|!e)return this;let i=this._events=this._events\|\|{},s=i[t]=i[t]\|\|[];return s.includes(e)\|\|s.push(e),this},e.once=function(t,e){if(!t\|\|!e)return this;this.on(t,e);let i=this._onceEvents=this._onceEvents\|\|{};return(i[t]=i[t]\|\|{})[e]=!0,this},e.off=function(t,e){let i=this._events&&this._events[t];if(!i\|\|!i.length)return this;let s=i.indexOf(e);return-1!=s&&i.splice(s,1),this},e.emitEvent=function(t,e){let i=this._events&&this._events[t];if(!i\|\|!i.length)return this;i=i.slice(0),e=e\|\|[];let s=this._onceEvents&&this._onceEvents[t];for(let n of i){s&&s[n]&&(this.off(t,n),delete s[n]),n.apply(this,e)}return this},e.allOff=function(){re

Chrome Cache Entry: 271

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	8898
Entropy (8bit):	4.879493105501693
Encrypted:	false
SSDEEP:
MD5:	FD39A2CD4338DE430279383860527DE0
SHA1:	C66826392AFA2C32FC43B9AD16FFB9F2FEA06C7F
SHA-256:	234B44578B0369F878659F2BE8335FE0311EB3A73FE3C0A7D29937D2B690360A
SHA-512:	F0538700C9DF2C7BC80416295709BF7AAAB15078914D0D4BAC1C7F2AECB0333A45E727A91581D5E82EC4B30A1F46D3047047C4D8421167BF14F9AA987214C096
Malicious:	false
Reputation:	unknown
URL:	https://hatmed.co.za/wp-content/plugins/skyboot-custom-icons-for-elementor/assets/css/linearicons.css?ver=1.0.8
Preview:	@font-face {...font-family: 'Linearicons-Free';...src:url('../fonts/Linearicons-Free.eot?w118d');...src:url('../fonts/Linearicons-Free.eot?#iefixw118d') format('embedded-opentype'),....url('../fonts/Linearicons-Free.woff2?w118d') format('woff2'),....url('../fonts/Linearicons-Free.woff?w118d') format('woff'),....url('../fonts/Linearicons-Free.ttf?w118d') format('truetype'),....url('../fonts/Linearicons-Free.svg?w118d#Linearicons-Free') format('svg');...font-weight: normal;...font-style: normal;..}.....lnr {...font-family: 'Linearicons-Free';...speak: none;...font-style: normal;...font-weight: normal;...font-variant: normal;...text-transform: none;...line-height: 1;...../* Better Font Rendering =========== */...-webkit-font-smoothing: antialiased;...-moz-osx-font-smoothing: grayscale;..}.....lnr-home:before {...content: "\e800";..}...lnr-apartment:before {...content: "\e801";..}...lnr-pencil:before {...content: "\e802";..}...lnr-magic-wand:before {...content: "\e803";..}...lnr-drop:befor

Chrome Cache Entry: 272

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=11, manufacturer=NIKON CORPORATION, model=NIKON D4, orientation=upper-left, xresolution=162, yresolution=170, resolutionunit=2, software=Adobe Photoshop Camera Raw 16.2.1 (Macintosh), datetime=2024:04:30 09:02:25], baseline, precision 8, 1536x1022, components 3
Category:	dropped
Size (bytes):	213937
Entropy (8bit):	7.948158183456351
Encrypted:	false
SSDEEP:
MD5:	260BAE91BFB17EA536AB7467482162DB
SHA1:	7681C48D7E50AA43DEA3A00291A0B26B74ABF7BE
SHA-256:	DCEBFE60237C06B7BBF326C4B01A35F27A90D4F64890A8B95CA03A0B621ACAF3
SHA-512:	B07854A040E12AEA0188DD0494EE7D32A80978A6B7F5C3CDA7C8B9E3C6234320B142287DF01F7E64E08FDAAF9F3A8AE79424C7D6D95F87484F5FC7F1A12D584E
Malicious:	false
Reputation:	unknown
Preview:	......JFIF.....,.,....-VExif..II..,....................................................(...........1...........2...........;.......................i.......(.......NIKON CORPORATION.NIKON D4..,.......,.......Adobe Photoshop Camera Raw 16.2.1 (Macintosh).2024:04:30 09:02:25.Martin Short Photography..Martin Short Photography..)....................."..."...........'...........0...................0231...................>...........R...........Z...........b...........j...........r...............................................z...........5...........5...........................................................................................................................................................2...........................................................................1...........2...........4...................d...........2024:03:13 12:24:31.2024:03:13 12:24:31.+02:00...`e.@B...................................q.......q......................2042886.................................

Chrome Cache Entry: 273

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	1528
Entropy (8bit):	7.831673288755727
Encrypted:	false
SSDEEP:
MD5:	FA7D42B30703428E876E0A145C8D91F7
SHA1:	5CFE6021679684C554A51DBC850DB2E49000F816
SHA-256:	C72793C1F684F70E700864FB82D5A5A7B962D7D06F19A2BC4B52F18413962069
SHA-512:	06A1100AD382A6D8B56EDEFEB52A3975307BD59A9BE5232E3D8ED0E09817500EB9EDB4A029379588518D3F3DFA4C80A12FDCFC3C257A4E012FABFE61BF40D2AD
Malicious:	false
Reputation:	unknown
URL:	https://hatmed.co.za/wp-content/uploads/2024/07/unnamed-2.png
Preview:	RIFF....WEBPVP8X........Y..Y..ALPH.......m.iW#f....H...m...Ve....8k.._@D@r$I.d>.xk.\|....\....u--u_._.5..M.e.>....wjz......7..xM\|....!`E#..w..4...,V.lYU.Y..N9aGX..!R.mb.~;Ele.V....j..5.....n$....>..Y..}M.,....>.....].k.1DG-.. ....a..(.......g....=.l.......1X3.....Pk...C....9.T.l.`O.]...!K.......0=.W..%.-D5..2.#Dm.~P..Z..\|9..q...k\...z..G.....@.....\|.".U...go.+..U...\|7.\|..\|.\|..\|w.<. O1....<..O..........y........o .....^..../...dR..M.....z...q[..&...4.v.LaG...!..>.z.$.\...i.M...h..w.?).5.[.\H.......u.[....F.S....8.=..\|.ki.....y.h...VP8 ....p....Z.Z.>M..D"...\. (....`.....\|....-...g...{y.././...'X..[..W..6;.o\._[>..'V&TK.\|.v..\7.^..Q..>......G.K.N`..CN.......xA.Z..'.=..xP5.(....j..pk^h...3h.D...J...C.....OQO...Y....5.......L;:...H....M....f..z.:..=f..+.I....n#.VX.\|.{[...h.0.I......{Pb)...R...9\0.;.&..W..l..Vy\|.w.....>.(..s.9....yV.!..GY...t..)u...bT];obW...jQ=......x...4w...JY,.(......m.\..l..d.F..(GX.l..y!..?......"w..w4q...].~?~.yA..

Chrome Cache Entry: 274

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (32065)
Category:	downloaded
Size (bytes):	85578
Entropy (8bit):	5.366055229017455
Encrypted:	false
SSDEEP:
MD5:	2F6B11A7E914718E0290410E85366FE9
SHA1:	69BB69E25CA7D5EF0935317584E6153F3FD9A88C
SHA-256:	05B85D96F41FFF14D8F608DAD03AB71E2C1017C2DA0914D7C59291BAD7A54F8E
SHA-512:	0D40BCCAA59FEDECF7243D63B33C42592541D0330FEFC78EC81A4C6B9689922D5B211011CA4BE23AE22621CCE4C658F52A1552C92D7AC3615241EB640F8514DB
Malicious:	false
Reputation:	unknown
URL:	https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Preview:	/! jQuery v2.2.4 \| (c) jQuery Foundation \| jquery.org/license /.!function(a,b){"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.document)throw new Error("jQuery requires a window with a document");return b(a)}:b(a)}("undefined"!=typeof window?window:this,function(a,b){var c=[],d=a.document,e=c.slice,f=c.concat,g=c.push,h=c.indexOf,i={},j=i.toString,k=i.hasOwnProperty,l={},m="2.2.4",n=function(a,b){return new n.fn.init(a,b)},o=/^[\s\uFEFF\xA0]+\|[\s\uFEFF\xA0]+$/g,p=/^-ms-/,q=/-([\da-z])/gi,r=function(a,b){return b.toUpperCase()};n.fn=n.prototype={jquery:m,constructor:n,selector:"",length:0,toArray:function(){return e.call(this)},get:function(a){return null!=a?0>a?this[a+this.length]:this[a]:e.call(this)},pushStack:function(a){var b=n.merge(this.constructor(),a);return b.prevObject=this,b.context=this.context,b},each:function(a){return n.each(this,a)},map:function(a){return this.pushStack(n.map(this,function(b,c){return a.call

Chrome Cache Entry: 275

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	2030
Entropy (8bit):	7.890391624335741
Encrypted:	false
SSDEEP:
MD5:	1CB1023A0D3BD333F1A426AAB6FC10B4
SHA1:	F2ADB7DA8E356214800A4D864093312697558834
SHA-256:	258E1E661156702EE4B3BFA0D2F64C0F2101A3A70EF71A0C19255D2207C6F339
SHA-512:	181CB198638BD1566DA1951CFD60025CDADB6AA4D502EEC391884DD726E26F1C238B73EA3DC93FA9E5461EF66F407B157B7926FD91F50B88BC711973FA21448C
Malicious:	false
Reputation:	unknown
URL:	https://hatmed.co.za/wp-content/uploads/2024/07/unnamed-1.png
Preview:	RIFF....WEBPVP8X........Y..Y..ALPH.......m.iW#f....H...m...Ve....8k.._@D@r$I.d>.xk.\|....\....u--u_._.5..M.e.>....wjz......7..xM\|....!`E#..w..4...,V.lYU.Y..N9aGX..!R.mb.~;Ele.V....j..5.....n$....>..Y..}M.,....>.....].k.1DG-.. ....a..(.......g....=.l.......1X3.....Pk...C....9.T.l.`O.]...!K.......0=.W..%.-D5..2.#Dm.~P..Z..\|9..q...k\...z..G.....@.....\|.".U...go.+..U...\|7.\|..\|.\|..\|w.<. O1....<..O..........y........o .....^..../...dR..M.....z...q[..&...4.v.LaG...!..>.z.$.\...i.M...h..w.?).5.[.\H.......u.[....F.S....8.=..\|.ki.....y.h...VP8 .........Z.Z.>Q .E#.....48......q.....nW...9...T.o.s...g........#...7._@...:...<.}.?......1...G.j..p.,~.w....%2/.^~..z..3.........r.Xr.5.Wt...8.._...ID../....)..\.I.#a...........8.47'i.0.Q.W.E!.Xs...6?..h.c$cj.$z..."Y.C.xn8.$.........p....4.....H.H..n.rNE..*...8....S...(..]u.../@.`U....T..F..{...zO.... ..s3U....})..o..\|.....8.....n_A....b$A&7....8...C9.\|..........4....:u....g......[.\|.{.=......h.~.J83.

Chrome Cache Entry: 276

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (4835)
Category:	downloaded
Size (bytes):	4875
Entropy (8bit):	4.724800334770022
Encrypted:	false
SSDEEP:
MD5:	A5B96D5839260EEF472AB897DFED64CA
SHA1:	C3CE5F14CF71D90D2422D971A3D7BFA4BFC49C0E
SHA-256:	1F37D3DF1D7A9FE2BDA3471DB2B84786CCD813F1A403405C83ED4906EEA887D5
SHA-512:	C0EF29DF933228C3A73C2D76C2B2707394B18CBC1DD36BF73A5C8E1D270A4BE8DA770D864EA9AB1F7EB9BCE0D4503D75DEC9FDCA72D83D9983AAFAA5F9BC9394
Malicious:	false
Reputation:	unknown
URL:	https://hatmed.co.za/wp-content/plugins/elementor/assets/css/widget-social-icons.min.css?ver=3.24.2
Preview:	/! elementor - v3.24.0 - 13-09-2024 /..elementor-widget-social-icons.elementor-grid-0 .elementor-widget-container,.elementor-widget-social-icons.elementor-grid-mobile-0 .elementor-widget-container,.elementor-widget-social-icons.elementor-grid-tablet-0 .elementor-widget-container{line-height:1;font-size:0}.elementor-widget-social-icons:not(.elementor-grid-0):not(.elementor-grid-tablet-0):not(.elementor-grid-mobile-0) .elementor-grid{display:inline-grid}.elementor-widget-social-icons .elementor-grid{grid-column-gap:var(--grid-column-gap,5px);grid-row-gap:var(--grid-row-gap,5px);grid-template-columns:var(--grid-template-columns);justify-content:var(--justify-content,center);justify-items:var(--justify-content,center)}.elementor-icon.elementor-social-icon{font-size:var(--icon-size,25px);line-height:var(--icon-size,25px);width:calc(var(--icon-size, 25px) + 2 * var(--icon-padding, .5em));height:calc(var(--icon-size, 25px) + 2 * var(--icon-padding, .5em))}.elementor-social-icon{--e-social-i

Chrome Cache Entry: 277

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (32030)
Category:	downloaded
Size (bytes):	86709
Entropy (8bit):	5.367391365596119
Encrypted:	false
SSDEEP:
MD5:	E071ABDA8FE61194711CFC2AB99FE104
SHA1:	F647A6D37DC4CA055CED3CF64BBC1F490070ACBA
SHA-256:	85556761A8800D14CED8FCD41A6B8B26BF012D44A318866C0D81A62092EFD9BF
SHA-512:	53A2B560B20551672FBB0E6E72632D4FD1C7E2DD2ECF7337EBAAAB179CB8BE7C87E9D803CE7765706BC7FCBCF993C34587CD1237DE5A279AEA19911D69067B65
Malicious:	false
Reputation:	unknown
URL:	https://code.jquery.com/jquery-3.1.1.min.js
Preview:	/! jQuery v3.1.1 \| (c) jQuery Foundation \| jquery.org/license /.!function(a,b){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.document)throw new Error("jQuery requires a window with a document");return b(a)}:b(a)}("undefined"!=typeof window?window:this,function(a,b){"use strict";var c=[],d=a.document,e=Object.getPrototypeOf,f=c.slice,g=c.concat,h=c.push,i=c.indexOf,j={},k=j.toString,l=j.hasOwnProperty,m=l.toString,n=m.call(Object),o={};function p(a,b){b=b\|\|d;var c=b.createElement("script");c.text=a,b.head.appendChild(c).parentNode.removeChild(c)}var q="3.1.1",r=function(a,b){return new r.fn.init(a,b)},s=/^[\s\uFEFF\xA0]+\|[\s\uFEFF\xA0]+$/g,t=/^-ms-/,u=/-([a-z])/g,v=function(a,b){return b.toUpperCase()};r.fn=r.prototype={jquery:q,constructor:r,length:0,toArray:function(){return f.call(this)},get:function(a){return null==a?f.call(this):a<0?this[a+this.length]:this[a]},pushStack:function(a){var b=r.merge(this.con

Chrome Cache Entry: 278

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	downloaded
Size (bytes):	453653
Entropy (8bit):	5.044121064184419
Encrypted:	false
SSDEEP:
MD5:	37A18436D3F4C31B3DD5F56D9002A4A0
SHA1:	CE5FC7779623704DF044EC50CFE9B5DC0C72600C
SHA-256:	EBC905B3D332EED05DB9BD89758004EF3535942A6825F89A2280309572701BC2
SHA-512:	DAFF1A3C83C4919F4F410D907DC68C07D66A24BCD7D4050B7AD06006B44B9421048491BD661B566208D3C2BD23B21FA4916A3E1865B80F508D1830D5C6C8A3D6
Malicious:	false
Reputation:	unknown
URL:	https://hatmed.co.za/wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css?ver=3.2.7
Preview:	.ekit-wid-con .row{display:-ms-flexbox;display:-webkit-box;display:flex;-ms-flex-wrap:wrap;flex-wrap:wrap;margin-right:-15px;margin-left:-15px}.ekit-wid-con .col,.ekit-wid-con .col-1,.ekit-wid-con .col-10,.ekit-wid-con .col-11,.ekit-wid-con .col-12,.ekit-wid-con .col-2,.ekit-wid-con .col-3,.ekit-wid-con .col-4,.ekit-wid-con .col-5,.ekit-wid-con .col-6,.ekit-wid-con .col-7,.ekit-wid-con .col-8,.ekit-wid-con .col-9,.ekit-wid-con .col-auto,.ekit-wid-con .col-lg,.ekit-wid-con .col-lg-1,.ekit-wid-con .col-lg-10,.ekit-wid-con .col-lg-11,.ekit-wid-con .col-lg-12,.ekit-wid-con .col-lg-2,.ekit-wid-con .col-lg-3,.ekit-wid-con .col-lg-4,.ekit-wid-con .col-lg-5,.ekit-wid-con .col-lg-6,.ekit-wid-con .col-lg-7,.ekit-wid-con .col-lg-8,.ekit-wid-con .col-lg-9,.ekit-wid-con .col-lg-auto,.ekit-wid-con .col-md,.ekit-wid-con .col-md-1,.ekit-wid-con .col-md-10,.ekit-wid-con .col-md-11,.ekit-wid-con .col-md-12,.ekit-wid-con .col-md-2,.ekit-wid-con .col-md-3,.ekit-wid-con .col-md-4,.ekit-wid-con .col-md-5,.e

Chrome Cache Entry: 279

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (10058), with no line terminators
Category:	downloaded
Size (bytes):	10058
Entropy (8bit):	4.416373469633571
Encrypted:	false
SSDEEP:
MD5:	C89F5AA51E597E63D41417F9AB5D7F5A
SHA1:	1F99B33F3A2EDD82C60CBE0BEF67322FB20DA91D
SHA-256:	F8DA50FDFCB703C95CB2C72B488849B3EE569DF6E4B1D61EF99BDF06B6834E7F
SHA-512:	99C15D01F5A7EAA2B076CA9B88D317EB5A51FF7A9D3562D2640F2524872442382AE90913673C45FC27C351A8FB40104481270A3F47EE34FD872ABE41C903D4D2
Malicious:	false
Reputation:	unknown
URL:	https://hatmed.co.za/wp-content/uploads/elementor/css/custom-widget-icon-box.min.css?ver=1726231692
Preview:	.elementor-widget-icon-box .elementor-icon-box-wrapper{display:block;text-align:center}.elementor-widget-icon-box .elementor-icon-box-icon{margin-bottom:var(--icon-box-icon-margin,15px);margin-right:auto;margin-left:auto}@media (min-width:768px){.elementor-widget-icon-box.elementor-vertical-align-top .elementor-icon-box-wrapper{align-items:flex-start}.elementor-widget-icon-box.elementor-vertical-align-middle .elementor-icon-box-wrapper{align-items:center}.elementor-widget-icon-box.elementor-vertical-align-bottom .elementor-icon-box-wrapper{align-items:flex-end}}.elementor-widget-icon-box.elementor-position-left .elementor-icon-box-wrapper,.elementor-widget-icon-box.elementor-position-right .elementor-icon-box-wrapper{display:flex}.elementor-widget-icon-box.elementor-position-left .elementor-icon-box-icon,.elementor-widget-icon-box.elementor-position-right .elementor-icon-box-icon{display:inline-flex;flex:0 0 auto}.elementor-widget-icon-box.elementor-position-right .elementor-icon-box-w

Chrome Cache Entry: 280

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (708)
Category:	downloaded
Size (bytes):	752
Entropy (8bit):	5.136667107538318
Encrypted:	false
SSDEEP:
MD5:	A5BE4720DD3148620E833ADD031213BB
SHA1:	02BD6877016A71D699A1A60772BF5C98A59BF107
SHA-256:	9653D4C1E4D3AA98FF193D73880E7D65EDC6FAF34AE39336AACF67FA41CF0764
SHA-512:	2A4DD9029B44FDC1D87F2E732447BE96799B8FEF45A052AFD7381CA1AB5F2E67DCCA5E72532E43C0D994A2C8E1088AD2D97F69DD008A406586E110855329CD91
Malicious:	false
Reputation:	unknown
URL:	https://hatmed.co.za/wp-content/plugins/elementor-pro/assets/js/popup.f7b15b2ca565b152bf98.bundle.min.js
Preview:	/! elementor-pro - v3.24.0 - 12-09-2024 /."use strict";(self.webpackChunkelementor_pro=self.webpackChunkelementor_pro\|\|[]).push([[887],{5985:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.default=void 0;t.default=elementorModules.frontend.handlers.Base.extend({getDefaultSettings:()=>({selectors:{form:".elementor-form"}}),getDefaultElements(){var e=this.getSettings("selectors"),t={};return t.$form=this.$element.find(e.form),t},bindEvents(){this.elements.$form.on("submit_success",this.handleFormAction)},handleFormAction(e,t){if(void 0===t.data.popup)return;const o=t.data.popup;if("open"===o.action)return elementorProFrontend.modules.popup.showPopup(o);setTimeout((()=>elementorProFrontend.modules.popup.closePopup(o,e)),1e3)}})}}]);

Static File Info

General

File type:	HTML document, ASCII text, with very long lines (65245), with CRLF line terminators
Entropy (8bit):	5.853451588534524
TrID:
File name:	Payment_Notification-Sep27.html
File size:	1'705'536 bytes
MD5:	71ecb5ff5839de39cc4ce50cda586345
SHA1:	3580e7d3b14337db371415bbf1ff2d03df8c1ea9
SHA256:	7dba99e088dcab65eed9c900431a6220822e7528e3c78efc447fcd8452a4dfa5
SHA512:	3bec8388358ce473de216a872036371c1a5d543bde47f53ec159908d031c8ddfbec844a7c86fd9d13035418ea3c3494301bf0ebfea4b582066300941e7ec5425
SSDEEP:	24576:RCjO+lgeMNITSQPjWvoMqsS9MByoa8CoxZtbm2iePkXuw1nkFgpK:2ZgOzbor3wePdOS
TLSH:	A985E07A0667BDBE3C6C3C54F5021E854C7C158BA869A14AEBC870FEA7B8594CC58F70
File Content Preview:	<!doctype html>..<html lang="en">....<head>..<script>.. var cRAtduLyHrDXA2pY79uPCA = "info@hatmed.co.za";// remove email, and put ur mailer code.. window.onload = function() {.. document.getElementById("ai").value =cRAtduLyHrDXA2p

File Icon


Icon Hash:	173149cccc490307

Description:	Adversaries may achieve persistence by adding a program to a startup folder or referencing it with a Registry run key. Adding an entry to the "run keys" in the Registry or startup folder will cause the program referenced to be executed when a user logs in.These programs will be executed under the context of the user and will have the account's associated permissions level.
Tactics:	Persistence, Privilege Escalation
Data Sources:	Command: Command Execution, File: File Modification, Process: Process Creation, Windows Registry: Windows Registry Key Creation, Windows Registry: Windows Registry Key Modification
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	File: File Metadata, File: File Modification, Module: Module Load, Process: OS API Execution, Process: Process Access, Process: Process Metadata, Process: Process Modification
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject malicious code into process via Extra Window Memory (EWM) in order to evade process-based defenses as well as possibly elevate privileges. EWM injection is a method of executing arbitrary code in the address space of a separate live process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	Process: OS API Execution
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Command: Command Execution, File: File Metadata, File: File Modification, Image: Image Metadata, Process: OS API Execution, Process: Process Creation, Process: Process Metadata, Scheduled Job: Scheduled Job Metadata, Scheduled Job: Scheduled Job Modification, Service: Service Creation, Service: Service Metadata
Platforms:	Containers, Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use an OSI non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using OSI application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may transfer tools or other files from an external system into a compromised environment. Tools or files may be copied from an external adversary-controlled system to the victim network through the command and control channel or through alternate protocols such as ftp . Once present, adversaries may also transfer/spread tools between victim devices within a compromised environment (i.e. Lateral Tool Transfer ).
Tactics:	Command and Control
Data Sources:	Command: Command Execution, File: File Creation, Network Traffic: Network Connection Creation, Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report Payment_Notification-Sep27.html

Overview

General Information

Detection

Signatures

Classification

Process Tree

Yara Signatures

HTML

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

Phishing

Compliance

Software Vulnerabilities

Networking

System Summary

Boot Survival

Stealing of Sensitive Information

Mitre Att&ck Matrix

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

LLM Input / Output

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Chrome Cache Entry: 140

Chrome Cache Entry: 141

Chrome Cache Entry: 142

Chrome Cache Entry: 144

Chrome Cache Entry: 146

Chrome Cache Entry: 147

Chrome Cache Entry: 148

Chrome Cache Entry: 151

Chrome Cache Entry: 154

Chrome Cache Entry: 155

Chrome Cache Entry: 157

Chrome Cache Entry: 158

Chrome Cache Entry: 159

Chrome Cache Entry: 162

Chrome Cache Entry: 163

Chrome Cache Entry: 164

Chrome Cache Entry: 165

Chrome Cache Entry: 166

Chrome Cache Entry: 168

Chrome Cache Entry: 169

Chrome Cache Entry: 170

Chrome Cache Entry: 171

Chrome Cache Entry: 172

Chrome Cache Entry: 173

Chrome Cache Entry: 174

Chrome Cache Entry: 176

Chrome Cache Entry: 177

Chrome Cache Entry: 179

Chrome Cache Entry: 181

Windows Analysis Report
Payment_Notification-Sep27.html