Loading ...

Play interactive tourEdit tour

Analysis Report https://florida-east-s-school.thinkific.com/courses/your-first-course

Overview

General Information

Sample URL:https://florida-east-s-school.thinkific.com/courses/your-first-course
Analysis ID:405160
Infos:

Most interesting Screenshot:

Detection

HTMLPhisher
Score:84
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Antivirus detection for URL or domain
Phishing site detected (based on shot template match)
Yara detected HtmlPhish10
Yara detected HtmlPhish7
Phishing site detected (based on logo template match)
Found iframes
HTML body contains low number of good links
HTML title does not match URL

Classification

Startup

  • System is w10x64
  • iexplore.exe (PID: 1972 cmdline: 'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding MD5: 6465CB92B25A7BC1DF8E01D8AC5E7596)
    • iexplore.exe (PID: 1236 cmdline: 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:1972 CREDAT:17410 /prefetch:2 MD5: 071277CC2E3DF41EEEA8013E2AB58D5A)
  • cleanup

Malware Configuration

No configs have been found

Yara Overview

Dropped Files

SourceRuleDescriptionAuthorStrings
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9QTQHWWN\EastCoast[1].htmJoeSecurity_HtmlPhish_10Yara detected HtmlPhish_10Joe Security
    C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9QTQHWWN\EastCoast[1].htmJoeSecurity_HtmlPhish_7Yara detected HtmlPhish_7Joe Security

      Sigma Overview

      No Sigma rule has matched

      Signature Overview

      Click to jump to signature section

      Show All Signature Results

      AV Detection:

      barindex
      Antivirus / Scanner detection for submitted sampleShow sources
      Source: https://florida-east-s-school.thinkific.com/courses/your-first-courseSlashNext: detection malicious, Label: Fake Login Page type: Phishing & Social usering
      Antivirus detection for URL or domainShow sources
      Source: https://m-himeya.top/Florida/EastCoast/SlashNext: Label: Fake Login Page type: Phishing & Social usering
      Source: https://florida-east-s-school.thinkific.com/courses/your-first-course#main-contentSlashNext: Label: Fake Login Page type: Phishing & Social usering

      Phishing:

      barindex
      Phishing site detected (based on shot template match)Show sources
      Source: https://m-himeya.top/Florida/EastCoast/Matcher: Template: office matched
      Yara detected HtmlPhish10Show sources
      Source: Yara matchFile source: 445817.4.links.csv, type: HTML
      Source: Yara matchFile source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9QTQHWWN\EastCoast[1].htm, type: DROPPED
      Yara detected HtmlPhish7Show sources
      Source: Yara matchFile source: 445817.4.links.csv, type: HTML
      Source: Yara matchFile source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9QTQHWWN\EastCoast[1].htm, type: DROPPED
      Phishing site detected (based on logo template match)Show sources
      Source: https://m-himeya.top/Florida/EastCoast/Matcher: Template: onedrive matched
      Source: https://florida-east-s-school.thinkific.com/users/sign_inHTTP Parser: Iframe src: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcC9KkZAAAAACd6VfH-PeYxGEshd5o9aqBRkoKm&co=aHR0cHM6Ly9mbG9yaWRhLWVhc3Qtcy1zY2hvb2wudGhpbmtpZmljLmNvbTo0NDM.&hl=en&v=9qx0v7NiOAe_XnW_ULNZm9e3&size=invisible&cb=f3qvlpogsn5y
      Source: https://florida-east-s-school.thinkific.com/users/sign_inHTTP Parser: Iframe src: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcC9KkZAAAAACd6VfH-PeYxGEshd5o9aqBRkoKm&co=aHR0cHM6Ly9mbG9yaWRhLWVhc3Qtcy1zY2hvb2wudGhpbmtpZmljLmNvbTo0NDM.&hl=en&v=9qx0v7NiOAe_XnW_ULNZm9e3&size=invisible&cb=f3qvlpogsn5y
      Source: https://m-himeya.top/Florida/EastCoast/HTTP Parser: Number of links: 0
      Source: https://m-himeya.top/Florida/EastCoast/HTTP Parser: Number of links: 0
      Source: https://m-himeya.top/Florida/EastCoast/HTTP Parser: Title: OneDrive | Login does not match URL
      Source: https://m-himeya.top/Florida/EastCoast/HTTP Parser: Title: OneDrive | Login does not match URL
      Source: https://m-himeya.top/Florida/EastCoast/HTTP Parser: No <meta name="author".. found
      Source: https://m-himeya.top/Florida/EastCoast/HTTP Parser: No <meta name="author".. found
      Source: https://florida-east-s-school.thinkific.com/users/sign_inHTTP Parser: No <meta name="author".. found
      Source: https://florida-east-s-school.thinkific.com/users/sign_inHTTP Parser: No <meta name="author".. found
      Source: https://m-himeya.top/Florida/EastCoast/HTTP Parser: No <meta name="copyright".. found
      Source: https://m-himeya.top/Florida/EastCoast/HTTP Parser: No <meta name="copyright".. found
      Source: https://florida-east-s-school.thinkific.com/users/sign_inHTTP Parser: No <meta name="copyright".. found
      Source: https://florida-east-s-school.thinkific.com/users/sign_inHTTP Parser: No <meta name="copyright".. found
      Source: C:\Program Files (x86)\Internet Explorer\iexplore.exeFile opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dllJump to behavior
      Source: unknownHTTPS traffic detected: 35.174.177.71:443 -> 192.168.2.6:49719 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 35.174.177.71:443 -> 192.168.2.6:49720 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 99.86.2.50:443 -> 192.168.2.6:49723 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 99.86.2.50:443 -> 192.168.2.6:49722 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 104.18.10.207:443 -> 192.168.2.6:49731 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 104.18.10.207:443 -> 192.168.2.6:49732 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 35.186.235.23:443 -> 192.168.2.6:49735 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 35.186.235.23:443 -> 192.168.2.6:49737 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 93.184.220.66:443 -> 192.168.2.6:49742 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 31.13.92.14:443 -> 192.168.2.6:49743 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 31.13.92.14:443 -> 192.168.2.6:49744 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 93.184.220.66:443 -> 192.168.2.6:49741 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 35.186.241.51:443 -> 192.168.2.6:49755 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 35.186.241.51:443 -> 192.168.2.6:49756 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 31.13.92.36:443 -> 192.168.2.6:49759 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 31.13.92.36:443 -> 192.168.2.6:49760 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 128.199.224.192:443 -> 192.168.2.6:49775 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 128.199.224.192:443 -> 192.168.2.6:49776 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 104.16.18.94:443 -> 192.168.2.6:49789 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 104.16.18.94:443 -> 192.168.2.6:49788 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 104.18.10.207:443 -> 192.168.2.6:49793 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 104.18.10.207:443 -> 192.168.2.6:49792 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 200.52.78.10:443 -> 192.168.2.6:49796 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 200.52.78.10:443 -> 192.168.2.6:49797 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 200.52.78.10:443 -> 192.168.2.6:49799 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 200.52.78.10:443 -> 192.168.2.6:49798 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 52.45.98.102:443 -> 192.168.2.6:49804 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 52.45.98.102:443 -> 192.168.2.6:49807 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 52.45.98.102:443 -> 192.168.2.6:49805 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 52.45.98.102:443 -> 192.168.2.6:49806 version: TLS 1.2
      Source: scripts[1].js.2.drString found in binary or memory: src: '//www.youtube.com/embed/%id%?autoplay=1&rel=0' equals www.youtube.com (Youtube)
      Source: all[1].js0.2.drString found in binary or memory: } }).call(global);})(window.inDapIF ? parent.window : window, window);} catch (e) {new Image().src="https:\/\/www.facebook.com\/" + 'common/scribe_endpoint.php?c=jssdk_error&m='+encodeURIComponent('{"error":"LOAD", "extra": {"name":"'+e.name+'","line":"'+(e.lineNumber||e.line)+'","script":"'+(e.fileName||e.sourceURL||e.script)+'","stack":"'+(e.stackTrace||e.stack)+'","revision":"1003737819","namespace":"FB","message":"'+e.message+'"}}');} equals www.facebook.com (Facebook)
      Source: all[1].js0.2.drString found in binary or memory: * License: https://www.facebook.com/legal/license/MDzNl_j9yvg/ equals www.facebook.com (Facebook)
      Source: application-themes-v2-4a0162cd3655e852c6f624172c2c2b1e79f18803ef21f638a9adfaa3758dcfd4[1].js.2.drString found in binary or memory: /* -------- LOAD YOUTUBE -------- */function loadYoutube(){var e=T.split("/"),t=e[e.length-1];if(t.indexOf("=")>-1){var a=t.split("=");t=a[1]}C.html('<iframe class="venoframe" allowfullscreen src="//www.youtube.com/embed/'+t+'"></iframe>'),updateoverlay()} equals www.youtube.com (Youtube)
      Source: mixpanel-2.2.min[1].js.2.drString found in binary or memory: 7)&&(c=a="");a='<div id="takeover">'+this.fd+'<div id="mainbox"><div id="cancel"><div id="cancel-icon"></div></div><div id="content">'+this.Ec+'<div id="title">'+this.title+'</div><div id="body">'+this.body+'</div><div id="tagline"><a href="http://mixpanel.com?from=inapp" target="_blank">POWERED BY MIXPANEL</a></div></div><div id="button">'+a+'<a id="button-link" href="'+this.ca+'">'+this.Wd+"</a>"+c+"</div></div></div>"}this.sd?(b=this.Ya+"www.youtube.com/embed/"+this.sd+"?wmode=transparent&showinfo=0&modestbranding=0&rel=0&autoplay=1&loop=0&vq=hd1080", equals www.youtube.com (Youtube)
      Source: all[1].js0.2.drString found in binary or memory: __d("FBPixelEndpoint",["invariant","FBEventsParamList","FBEventsUtils"],(function(a,b,c,d,e,f,g){"use strict";f.sendEvent=a;var h="https://www.facebook.com/tr/",i=location.href,j=window.top!==window,k=document.referrer;function l(a,c,d,e){e===void 0&&(e={});var f=new(b("FBEventsParamList"))();f.append("id",a);f.append("ev",c);f.append("dl",i);f.append("rl",k);f.append("if",j);f.append("ts",new Date().valueOf());f.append("cd",d);f.append("sw",window.screen.width);f.append("sh",window.screen.height);for(var g in e)f.append(g,e[g]);return f}function a(a,b,c,d){a=l(a,b,c,d);b=a.toQueryString();2048>(h+"?"+b).length?m(h,b):n(h,a)}function m(a,b){var c=new Image();c.src=a+"?"+b}function n(a,c){var d="fb"+Math.random().toString().replace(".",""),e=document.createElement("form");e.method="post";e.action=a;e.target=d;e.acceptCharset="utf-8";e.style.display="none";a=!!(window.attachEvent&&!window.addEventListener);a=a?'<iframe name="'+d+'">':"iframe";var f=document.createElement(a);f instanceof HTMLIFrameElement||g(0,20659);f.src="javascript:false";f.id=d;f.name=d;e.appendChild(f);b("FBEventsUtils").listenOnce(f,"load",function(){c.each(function(a,b){var c=document.createElement("input");c.name=a;c.value=b;e.appendChild(c)}),b("FBEventsUtils").listenOnce(f,"load",function(){var a;(a=e.parentNode)==null?void 0:a.removeChild(e)}),e.submit()});(a=document.body)==null?void 0:a.appendChild(e)}}),null); equals www.facebook.com (Facebook)
      Source: mixpanel-2.2.min[1].js.2.drString found in binary or memory: b.src=a.Ya+"www.youtube.com/iframe_api",d=document.getElementsByTagName("script")[0],d.parentNode.insertBefore(b,d)}else if(d)a.fa=p,a.rd=d[1];if(a.$("ie",7)||a.$("firefox",3))a.fa=F,a.Na=p}});f.prototype.fc=c.o(function(){function a(a,b){var d={};if(document.defaultView&&document.defaultView.getComputedStyle)d=document.defaultView.getComputedStyle(a,w);else if(a.currentStyle)d=a.currentStyle;return d[b]}var b=this;c.ea(b.k("bg"),"click",function(){b.Cb()});if(this.K){var d=this.k("overlay");d&&"hidden"!== equals www.youtube.com (Youtube)
      Source: unknownDNS traffic detected: queries for: florida-east-s-school.thinkific.com
      Source: core.min[1].js.2.drString found in binary or memory: http://api.jqueryui.com/position/
      Source: IMG_6053[1].jpg.2.drString found in binary or memory: http://cipa.jp/exif/1.0/
      Source: application-themes-v2-4a0162cd3655e852c6f624172c2c2b1e79f18803ef21f638a9adfaa3758dcfd4[1].js.2.drString found in binary or memory: http://creativecommons.org/licenses/by/3.0/
      Source: cb=gapi[1].js.2.drString found in binary or memory: http://csi.gstatic.com/csi
      Source: plugins[1].js.2.drString found in binary or memory: http://dimsemenov.com/plugins/magnific-popup/
      Source: fontawesome-webfont[1].eot.2.dr, font-awesome.min[1].css.2.drString found in binary or memory: http://fontawesome.io
      Source: font-awesome.min[1].css.2.drString found in binary or memory: http://fontawesome.io/license
      Source: fontawesome-webfont[1].eot.2.drString found in binary or memory: http://fontawesome.io/license/
      Source: fontawesome-webfont[1].eot.2.drString found in binary or memory: http://fontawesome.iohttp://fontawesome.iohttp://fontawesome.io/license/http://fontawesome.io/licens
      Source: EastCoast[1].htm0.2.drString found in binary or memory: http://gmail.com/
      Source: hover[1].css.2.drString found in binary or memory: http://ianlunn.co.uk/
      Source: hover[1].css.2.drString found in binary or memory: http://ianlunn.github.io/Hover/)
      Source: plugins[1].js.2.drString found in binary or memory: http://imagesloaded.desandro.com/
      Source: mouse.min[1].js.2.drString found in binary or memory: http://jquery.org/license
      Source: mouse.min[1].js.2.dr, core.min[1].js.2.drString found in binary or memory: http://jqueryui.com
      Source: plugins[1].js.2.drString found in binary or memory: http://kenwheeler.github.io
      Source: application-themes-v2-4a0162cd3655e852c6f624172c2c2b1e79f18803ef21f638a9adfaa3758dcfd4[1].js.2.drString found in binary or memory: http://lab.veno.it/venobox/
      Source: rbtools.min[1].js.2.drString found in binary or memory: http://labs.rampinteractive.co.uk/touchSwipe/
      Source: mixpanel-2.2.min[1].js.2.drString found in binary or memory: http://mixpanel.com?from=inapp
      Source: plugins[1].js.2.drString found in binary or memory: http://nicescroll.areaaperta.com
      Source: popper.min[1].js.2.drString found in binary or memory: http://opensource.org/licenses/MIT).
      Source: rbtools.min[1].js.2.drString found in binary or memory: http://plugins.jquery.com/project/touchSwipe
      Source: KFOlCnqEu92Fr1MmYUtfBBc9[1].ttf.2.drString found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
      Source: rbtools.min[1].js.2.drString found in binary or memory: http://www.github.com/mattbryson
      Source: rs6[1].css.2.drString found in binary or memory: http://www.themepunch.com
      Source: plugins[1].js.2.drString found in binary or memory: http://zurb.com/playground/twentytwenty
      Source: cb=gapi[1].js.2.drString found in binary or memory: https://accounts.google.com/o/oauth2/auth
      Source: cb=gapi[1].js.2.drString found in binary or memory: https://accounts.google.com/o/oauth2/postmessageRelay
      Source: EastCoast[1].htm0.2.drString found in binary or memory: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
      Source: analytics[1].js.2.drString found in binary or memory: https://ampcid.google.com/v1/publisher:getClientId
      Source: mixpanel-2.2.min[1].js.2.drString found in binary or memory: https://api-js.mixpanel.com
      Source: cb=gapi[1].js.2.drString found in binary or memory: https://apis.google.com
      Source: your-first-course[1].htm.2.drString found in binary or memory: https://apis.google.com/js/plusone.js
      Source: OJAP4AJ7.htm.2.drString found in binary or memory: https://assets.thinkific.com/assets/application-themes-v2-4a0162cd3655e852c6f624172c2c2b1e79f18803ef
      Source: OJAP4AJ7.htm.2.drString found in binary or memory: https://assets.thinkific.com/assets/custom_site_theme_required-d0f3f7d5ce9767b60db7e3952835cac107d14
      Source: your-first-course[1].htm.2.drString found in binary or memory: https://assets.thinkific.com/assets/defaults/default-product-card.png
      Source: OJAP4AJ7.htm.2.drString found in binary or memory: https://cdn-themes.thinkific.com/1/358479/script.min-1617124086.js
      Source: mixpanel-2.2.min[1].js.2.drString found in binary or memory: https://cdn.mxpnl.com
      Source: imagestore.dat.2.drString found in binary or memory: https://cdn.thinkific.com/51/20180809/f1a1de9d3260c96d3a81ee781bc9808e.ico
      Source: OJAP4AJ7.htm.2.drString found in binary or memory: https://cdn.thinkific.com/7/20190201/2ea7efcd7309d70ff840fd6ebe9af7bb.png?width=1920
      Source: OJAP4AJ7.htm.2.drString found in binary or memory: https://cdn.thinkific.com/assets/jquery-ujs/1.2.2/rails.min.js
      Source: OJAP4AJ7.htm.2.drString found in binary or memory: https://cdn.thinkific.com/assets/jquery/1.12.4/jquery.min.js
      Source: OJAP4AJ7.htm.2.drString found in binary or memory: https://cdn.thinkific.com/assets/toga-css/0.43.5/fonts/toga-icons.css
      Source: EastCoast[1].htm0.2.drString found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
      Source: cb=gapi[1].js.2.drString found in binary or memory: https://clients6.google.com
      Source: EastCoast[1].htm0.2.drString found in binary or memory: https://code.jquery.com/jquery-3.1.1.min.js
      Source: EastCoast[1].htm0.2.drString found in binary or memory: https://code.jquery.com/jquery-3.2.1.slim.min.js
      Source: EastCoast[1].htm0.2.drString found in binary or memory: https://code.jquery.com/jquery-3.3.1.js
      Source: cb=gapi[1].js.2.drString found in binary or memory: https://content.googleapis.com
      Source: cb=gapi[1].js.2.drString found in binary or memory: https://csi.gstatic.com/csi
      Source: recaptcha__en[1].js.2.drString found in binary or memory: https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca
      Source: recaptcha__en[1].js.2.drString found in binary or memory: https://developers.google.com/recaptcha/docs/faq#localhost_support
      Source: recaptcha__en[1].js.2.drString found in binary or memory: https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que
      Source: cb=gapi[1].js.2.drString found in binary or memory: https://domains.google.com/suggest/flow
      Source: {83E58096-AE21-11EB-90E5-ECF4BB2D2496}.dat.1.drString found in binary or memory: https://fecrwy.com/
      Source: {83E58096-AE21-11EB-90E5-ECF4BB2D2496}.dat.1.drString found in binary or memory: https://fecrwy.com//F
      Source: your-first-course[1].htm.2.drString found in binary or memory: https://files.cdn.thinkific.com/file_uploads/482650/images/564/786/20b/download_p.png
      Source: {83E58096-AE21-11EB-90E5-ECF4BB2D2496}.dat.1.drString found in binary or memory: https://florida-e-school.thinkific.com/collectionsRoot
      Source: {83E58096-AE21-11EB-90E5-ECF4BB2D2496}.dat.1.drString found in binary or memory: https://florida-e-school.thinkific.com/courses/your-first-course#main-contentRoot
      Source: {83E58096-AE21-11EB-90E5-ECF4BB2D2496}.dat.1.drString found in binary or memory: https://florida-e-school.thinkific.com/urses/your-first-course#main-contentRoot
      Source: {83E58096-AE21-11EB-90E5-ECF4BB2D2496}.dat.1.drString found in binary or memory: https://florida-e-school.thinkific.com/users/sign_inRoot
      Source: {83E58096-AE21-11EB-90E5-ECF4BB2D2496}.dat.1.drString found in binary or memory: https://florida-east-s-school.thinkific.com/
      Source: {83E58096-AE21-11EB-90E5-ECF4BB2D2496}.dat.1.drString found in binary or memory: https://florida-east-s-school.thinkific.com/collections
      Source: your-first-course[1].htm.2.drString found in binary or memory: https://florida-east-s-school.thinkific.com/courses/your-first-course
      Source: {83E58096-AE21-11EB-90E5-ECF4BB2D2496}.dat.1.drString found in binary or memory: https://florida-east-s-school.thinkific.com/courses/your-first-course#main-content
      Source: florida-east-s-school.thinkific[1].xml.2.drString found in binary or memory: https://florida-east-s-school.thinkific.com/courses/your-first-course&quot;
      Source: {83E58096-AE21-11EB-90E5-ECF4BB2D2496}.dat.1.drString found in binary or memory: https://florida-east-s-school.thinkific.com/courses/your-first-course(
      Source: {83E58096-AE21-11EB-90E5-ECF4BB2D2496}.dat.1.drString found in binary or memory: https://florida-east-s-school.thinkific.com/courses/your-first-courseRoot
      Source: {83E58096-AE21-11EB-90E5-ECF4BB2D2496}.dat.1.drString found in binary or memory: https://florida-east-s-school.thinkific.com/users/sign_in
      Source: free.min[1].css.2.dr, free-fa-solid-900[1].eot.2.drString found in binary or memory: https://fontawesome.com
      Source: free.min[1].css.2.drString found in binary or memory: https://fontawesome.com/license/free
      Source: free-fa-solid-900[1].eot.2.dr, free-fa-regular-400[1].eot.2.drString found in binary or memory: https://fontawesome.comhttps://fontawesome.comFont
      Source: EastCoast[1].htm0.2.drString found in binary or memory: https://fonts.googleapis.com/css?family=Archivo
      Source: OJAP4AJ7.htm.2.drString found in binary or memory: https://fonts.googleapis.com/css?family=Roboto:100
      Source: css[1].css0.2.drString found in binary or memory: https://fonts.gstatic.com/s/archivonarrow/v12/tss0ApVBdCYD5Q7hcxTE1ArZ0bbwiXo.woff)
      Source: css[1].css1.2.drString found in binary or memory: https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlEw.woff)
      Source: css[1].css1.2.drString found in binary or memory: https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLDz8Z1xlEw.woff)
      Source: css[1].css1.2.drString found in binary or memory: https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLEj6Z1xlEw.woff)
      Source: css[1].css1.2.drString found in binary or memory: https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLGT9Z1xlEw.woff)
      Source: css[1].css1.2.drString found in binary or memory: https://fonts.gstatic.com/s/poppins/v15/pxiDyp8kv8JHgFVrJJLmy15VF9eI.woff)
      Source: css[1].css1.2.drString found in binary or memory: https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfedA.woff)
      Source: css[1].css1.2.drString found in binary or memory: https://fonts.gstatic.com/s/poppins/v15/pxiGyp8kv8JHgFVrJJLucHtG.woff)
      Source: css[1].css1.2.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v27/KFOiCnqEu92Fr1Mu51QrEzAdKQ.woff)
      Source: css[1].css1.2.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v27/KFOjCnqEu92Fr1Mu51S7ACc6CsI.woff)
      Source: css[1].css1.2.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v27/KFOjCnqEu92Fr1Mu51TLBCc6CsI.woff)
      Source: css[1].css1.2.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v27/KFOjCnqEu92Fr1Mu51TjASc6CsI.woff)
      Source: css[1].css1.2.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v27/KFOjCnqEu92Fr1Mu51TzBic6CsI.woff)
      Source: css[1].css1.2.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v27/KFOkCnqEu92Fr1MmgVxIIzQ.woff)
      Source: css[1].css1.2.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v27/KFOkCnqEu92Fr1Mu51xIIzQ.woff)
      Source: css[1].css1.2.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc-.woff)
      Source: css[1].css1.2.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc-.woff)
      Source: css[1].css1.2.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc-.woff)
      Source: css[1].css1.2.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmYUtfBBc-.woff)
      Source: css[1].css1.2.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxM.woff)
      Source: css[1].css1.2.drString found in binary or memory: https://fonts.gstatic.com/s/robotoslab/v13/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjo0oSmb2Rl.woff)
      Source: css[1].css1.2.drString found in binary or memory: https://fonts.gstatic.com/s/robotoslab/v13/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjoDIOmb2Rl.woff)
      Source: css[1].css1.2.drString found in binary or memory: https://fonts.gstatic.com/s/robotoslab/v13/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjoDISmb2Rl.woff)
      Source: css[1].css1.2.drString found in binary or memory: https://fonts.gstatic.com/s/robotoslab/v13/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjoJYOmb2Rl.woff)
      Source: css[1].css1.2.drString found in binary or memory: https://fonts.gstatic.com/s/robotoslab/v13/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjoUoOmb2Rl.woff)
      Source: css[1].css1.2.drString found in binary or memory: https://fonts.gstatic.com/s/robotoslab/v13/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjoa4Omb2Rl.woff)
      Source: css[1].css1.2.drString found in binary or memory: https://fonts.gstatic.com/s/robotoslab/v13/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2Rl.woff)
      Source: css[1].css1.2.drString found in binary or memory: https://fonts.gstatic.com/s/robotoslab/v13/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojIWmb2Rl.woff)
      Source: css[1].css1.2.drString found in binary or memory: https://fonts.gstatic.com/s/robotoslab/v13/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjovoSmb2Rl.woff)
      Source: bootstrap.min[1].js.2.dr, bootstrap.min[1].css.2.drString found in binary or memory: https://getbootstrap.com)
      Source: hover[1].css.2.drString found in binary or memory: https://github.com/IanLunn/Hover
      Source: plugins[1].js.2.drString found in binary or memory: https://github.com/abouolia/sticky-sidebar
      Source: plugins[1].js.2.drString found in binary or memory: https://github.com/imakewebthings/waypoints
      Source: plugins[1].js.2.drString found in binary or memory: https://github.com/louisremi/jquery-smartresize
      Source: rbtools.min[1].js.2.drString found in binary or memory: https://github.com/mattbryson/TouchSwipe-Jquery-Plugin
      Source: plugins[1].js.2.drString found in binary or memory: https://github.com/mmkjony/enllax.js
      Source: plugins[1].js.2.drString found in binary or memory: https://github.com/teamdf/jquery-visible/
      Source: bootstrap.min[1].js.2.dr, bootstrap.min[1].css.2.drString found in binary or memory: https://github.com/twbs/bootstrap/blob/master/LICENSE)
      Source: bootstrap.min[1].js.2.drString found in binary or memory: https://github.com/twbs/bootstrap/graphs/contributors)
      Source: rbtools.min[1].js.2.drString found in binary or memory: https://greensock.com
      Source: rbtools.min[1].js.2.drString found in binary or memory: https://greensock.com/standard-license
      Source: plugins[1].js.2.drString found in binary or memory: https://isotope.metafizzy.co
      Source: all[1].js0.2.drString found in binary or memory: https://itunes.apple.com/us/app/messenger/id454638411
      Source: 585b051251[1].js.2.drString found in binary or memory: https://ka-f.fontawesome.com
      Source: 585b051251[1].js.2.drString found in binary or memory: https://kit.fontawesome.com
      Source: EastCoast[1].htm0.2.drString found in binary or memory: https://kit.fontawesome.com/585b051251.js
      Source: {83E58096-AE21-11EB-90E5-ECF4BB2D2496}.dat.1.drString found in binary or memory: https://m-himeya.top/F
      Source: your-first-course[1].htm.2.drString found in binary or memory: https://m-himeya.top/Florida/EastCoast
      Source: {83E58096-AE21-11EB-90E5-ECF4BB2D2496}.dat.1.drString found in binary or memory: https://m-himeya.top/Florida/EastCoast/
      Source: EastCoast[1].htm0.2.drString found in binary or memory: https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
      Source: EastCoast[1].htm0.2.drString found in binary or memory: https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
      Source: OJAP4AJ7.htm.2.drString found in binary or memory: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
      Source: mixpanel-2.2.min[1].js.2.drString found in binary or memory: https://mixpanel.com
      Source: style[1].css.2.drString found in binary or memory: https://muffingroup.com/
      Source: recaptcha__en[1].js.2.drString found in binary or memory: https://play.google.com/log?format=json&hasfast=true
      Source: all[1].js0.2.drString found in binary or memory: https://play.google.com/store/apps/details?id=com.facebook.orca
      Source: cb=gapi[1].js.2.drString found in binary or memory: https://plus.google.com
      Source: cb=gapi[1].js.2.drString found in binary or memory: https://plus.googleapis.com
      Source: widgets[1].js.2.drString found in binary or memory: https://raw.githubusercontent.com/stefanpenner/es6-promise/master/LICENSE
      Source: cb=gapi[1].js.2.drString found in binary or memory: https://ssl.gstatic.com/gb/js/
      Source: EastCoast[1].htm0.2.drString found in binary or memory: https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
      Source: analytics[1].js.2.drString found in binary or memory: https://stats.g.doubleclick.net/j/collect
      Source: recaptcha__en[1].js.2.drString found in binary or memory: https://support.google.com/recaptcha
      Source: recaptcha__en[1].js.2.drString found in binary or memory: https://support.google.com/recaptcha#6262736
      Source: recaptcha__en[1].js.2.drString found in binary or memory: https://support.google.com/recaptcha/#6175971
      Source: recaptcha__en[1].js.2.drString found in binary or memory: https://support.google.com/recaptcha/?hl=en#6223828
      Source: analytics[1].js.2.drString found in binary or memory: https://tagassistant.google.com/
      Source: style[1].css.2.drString found in binary or memory: https://themeforest.net/licenses/standard
      Source: style[1].css.2.drString found in binary or memory: https://themes.muffingroup.com/betheme/
      Source: rs6[1].css.2.drString found in binary or memory: https://una.im/CSSgram/
      Source: cb=gapi[1].js.2.drString found in binary or memory: https://workspace.google.com/:session_prefix:marketplace/appfinder?usegapi=1
      Source: analytics[1].js.2.drString found in binary or memory: https://www.google-analytics.com/debug/bootstrap
      Source: analytics[1].js.2.drString found in binary or memory: https://www.google-analytics.com/gtm/js?id=
      Source: analytics[1].js.2.drString found in binary or memory: https://www.google.%/ads/ga-audiences
      Source: recaptcha__en[1].js.2.drString found in binary or memory: https://www.google.com/log?format=json&hasfast=true
      Source: OJAP4AJ7.htm.2.drString found in binary or memory: https://www.google.com/recaptcha/api.js
      Source: api[1].js1.2.dr, recaptcha__en[1].js.2.dr, bframe[1].htm.2.drString found in binary or memory: https://www.google.com/recaptcha/api2/
      Source: {83E58096-AE21-11EB-90E5-ECF4BB2D2496}.dat.1.drString found in binary or memory: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcC9KkZAAAAACd6VfH-PeYxGEshd5o9aqBRkoKm&co=aHR0
      Source: {83E58096-AE21-11EB-90E5-ECF4BB2D2496}.dat.1.drString found in binary or memory: https://www.google.com/recaptcha/api2/bframe?hl=en&v=9qx0v7NiOAe_XnW_ULNZm9e3&k=6LcC9KkZAAAAACd6VfH-
      Source: cb=gapi[1].js.2.drString found in binary or memory: https://www.googleapis.com/auth/plus.me
      Source: cb=gapi[1].js.2.drString found in binary or memory: https://www.googleapis.com/auth/plus.people.recommended
      Source: analytics[1].js.2.drString found in binary or memory: https://www.googletagmanager.com/gtag/js?id=
      Source: api[1].js1.2.dr, webworker[1].js.2.dr, bframe[1].htm.2.drString found in binary or memory: https://www.gstatic.com/recaptcha/releases/9qx0v7NiOAe_XnW_ULNZm9e3/recaptcha__en.js
      Source: bframe[1].htm.2.drString found in binary or memory: https://www.gstatic.com/recaptcha/releases/9qx0v7NiOAe_XnW_ULNZm9e3/styles__ltr.css
      Source: all[1].js0.2.drString found in binary or memory: https://www.internalfb.com/intern/invariant/
      Source: rs6.min[1].js.2.drString found in binary or memory: https://www.themepunch.com/links/slider_revolution_wordpress_regular_license
      Source: rs6.min[1].js.2.drString found in binary or memory: https://www.themepunch.com/support-center
      Source: {83E58096-AE21-11EB-90E5-ECF4BB2D2496}.dat.1.drString found in binary or memory: https://www.thinkific.
      Source: OJAP4AJ7.htm.2.drString found in binary or memory: https://www.thinkific.com
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49788
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49783
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49781
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49780
      Source: unknownNetwork traffic detected: HTTP traffic on port 49789 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49800 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49781 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49803 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49807 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49799 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
      Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49775
      Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49788 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49780 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49802 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49806 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49807
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49806
      Source: unknownNetwork traffic detected: HTTP traffic on port 49798 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49805
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49804
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49803
      Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49802
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49801
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
      Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49800
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
      Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49783 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
      Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
      Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49793 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49797 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49801 -> 443
      Source: unknown