r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9166
Expires: Tue, 07 Feb 2023 19:14:44 GMT
Date: Tue, 07 Feb 2023 16:41:58 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 507011ccb9124dcd57e84a90a0965cc4
1a6575d0ac979c7184490cc9836ac4812ad2afd1
01626c18e1e68507aa33ef7448dbc3311901ab6f29adc2f51d449409b0680dce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01626C18E1E68507AA33EF7448DBC3311901AB6F29ADC2F51D449409B0680DCE"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7959
Expires: Tue, 07 Feb 2023 18:54:37 GMT
Date: Tue, 07 Feb 2023 16:41:58 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 07 Feb 2023 16:36:31 GMT
content-type: application/json
age: 327
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3757
Expires: Tue, 07 Feb 2023 17:44:35 GMT
Date: Tue, 07 Feb 2023 16:41:58 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: hMQWBSJznUTQxb9ltL14Dt6Py5gc7+4NLM2ql5VMy2vUg/L3r4lI4/Jb4/E8UmGvuDXC8PUQrLA=
x-amz-request-id: KQG6T6BDHJZ63ZED
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 07 Feb 2023 16:35:35 GMT
age: 383
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 07 Feb 2023 16:41:58 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Content-Type, Pragma, ETag, Retry-After, Backoff, Expires, Alert, Cache-Control, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 07 Feb 2023 15:51:19 GMT
age: 3039
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5593
Expires: Tue, 07 Feb 2023 18:15:11 GMT
Date: Tue, 07 Feb 2023 16:41:58 GMT
Connection: keep-alive
push.services.mozilla.com/
34.211.127.63101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.211.127.63:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 0aWCJBCoGT1TbkP378t0jQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 3TW7hZyYpXqnVkXFHv0+uyIozJs=
rhythmndance.org/wp-admin/maint/file/login.php
192.124.249.158200 OK 21 kB URL HTTP/1.1 rhythmndance.org/wp-admin/maint/file/login.php
IP 192.124.249.158:0
File type HTML document, ASCII text, with very long lines (10685), with CRLF, LF line terminators
Hash f15907d2b61d9abeb9643bd4941ec6a3
30b47c706d47be76d311ef3bae046d888ad7f229
5469932350bc25b41175d0d64c0b1bce3b2435ea3312b51de846f2f68d8525ff
Analyzer Verdict Alert urlquery suspicious Suspicious - Suspicious JS code
fortinet Malware
GET /wp-admin/maint/file/login.php HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:41:59 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 21368
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Set-Cookie: apbct_timestamp=1675788118; path=/; SameSite=Lax
apbct_site_landing_ts=1675788118; path=/; HttpOnly; SameSite=Lax
apbct_page_hits=1; path=/; HttpOnly; SameSite=Lax
apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; path=/; HttpOnly; SameSite=Lax
apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; expires=Fri, 10-Feb-2023 16:41:58 GMT; Max-Age=259200; path=/; domain=rhythmndance.org; HttpOnly; SameSite=Lax
apbct_site_referer=UNKNOWN; expires=Fri, 10-Feb-2023 16:41:58 GMT; Max-Age=259200; path=/; domain=rhythmndance.org; HttpOnly; SameSite=Lax
ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0; expires=Thu, 09-Mar-2023 16:41:58 GMT; Max-Age=2592000; path=/; SameSite=Lax
Vary: Accept-Encoding
Content-Encoding: gzip
X-Sucuri-Cache: BYPASS
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15568
Expires: Tue, 07 Feb 2023 21:01:28 GMT
Date: Tue, 07 Feb 2023 16:42:00 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15568
Expires: Tue, 07 Feb 2023 21:01:28 GMT
Date: Tue, 07 Feb 2023 16:42:00 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15568
Expires: Tue, 07 Feb 2023 21:01:28 GMT
Date: Tue, 07 Feb 2023 16:42:00 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15568
Expires: Tue, 07 Feb 2023 21:01:28 GMT
Date: Tue, 07 Feb 2023 16:42:00 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ada2635-3335-4f49-9e7f-22d2ae016030.jpeg
34.120.237.76200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ada2635-3335-4f49-9e7f-22d2ae016030.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eedb4de12585c70ddb5b8f94fe6a59e2
83c9437e71a0a03b3e8ff652155a85eafa76cdda
d4493a30f62e9ad224b3595ba3af8a322e2d4a3d9238a1847973f962bdcc0c82
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ada2635-3335-4f49-9e7f-22d2ae016030.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4227
x-amzn-requestid: b45f2ab7-0102-4542-9514-54fb93a0e27f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f77sTH4jIAMFnsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e1731b-4a24bcb1102e58543cd81343;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 21:37:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: V_4NzIAVBOZMjf_YIM3bowFdlP1y4peI5JI-jO105s3NVjmyYnC0Tg==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 21:48:48 GMT
age: 67992
etag: "83c9437e71a0a03b3e8ff652155a85eafa76cdda"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15568
Expires: Tue, 07 Feb 2023 21:01:28 GMT
Date: Tue, 07 Feb 2023 16:42:00 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c86a61b-07c3-45f6-b564-e556eb788d04.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c86a61b-07c3-45f6-b564-e556eb788d04.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 59419fb1cf4689bed183d0e9a6aed782
47d4a4bb26fafff0c6aebfe3dc7ddfa4970f8e9a
e6009407bd61bee1ae16ec30ea5914be77c56ee65dfb30595b10a1cedc6798c9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c86a61b-07c3-45f6-b564-e556eb788d04.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12682
x-amzn-requestid: d858d90a-b1ca-401c-8e00-8ccd9c0a7504
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f78mUEsfIAMFreg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e1748e-2783de3e3de9c520246bf06e;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 21:43:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: eq8Kle9uYWJ3vmaJD50r-oaTb_O2ObQgLNlTcYn9XQoHCyAO3isqyQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 21:44:49 GMT
age: 68231
etag: "47d4a4bb26fafff0c6aebfe3dc7ddfa4970f8e9a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c8328b9-b592-4c76-9101-54f0b2e220d0.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c8328b9-b592-4c76-9101-54f0b2e220d0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 284a62b098827c448218892eb5a732f9
6679d1ff8f2986b6103e94a54632892e2280b149
17332bece792a4e8d571b5161145ef2105abc513e140c738885899401b9c8d14
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c8328b9-b592-4c76-9101-54f0b2e220d0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14943
x-amzn-requestid: 1145ff12-5237-426c-8efc-c25c1061bcce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f2GpMFTEIAMFxgQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63df1e3a-528eb972059e86c33334fedd;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 03:10:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: l4_Oe4gR-lLAFdTXTUvw2TCtg5D6X2P1ELocQ53QHK9s3vj30oacAA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 04:02:48 GMT
age: 45552
etag: "6679d1ff8f2986b6103e94a54632892e2280b149"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd09b3928-4257-4aee-9978-7c13c20b5a23.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd09b3928-4257-4aee-9978-7c13c20b5a23.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92008e687831334af1cdbf4b8a57579f
e6ff750f12836637adf5b253d64c2102fdf3c180
39af3e630e0271b54139849c1b596efbdc69a23ce943e5330341d49f77798c7c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd09b3928-4257-4aee-9978-7c13c20b5a23.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7183
x-amzn-requestid: 02695a8d-2ab8-4d77-bfbe-f99418d8ef00
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f78YOGsyoAMF5wA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e17434-2614cef4059e7fd5009cb46d;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 21:42:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5wy_7Z30HRIcZufSPCTKu9UoJD1o_NDlhuyL5bvidDwbqC_3p99yYA==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 21:44:57 GMT
age: 68223
etag: "e6ff750f12836637adf5b253d64c2102fdf3c180"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3c48c35-4645-41c0-a6fa-b700208324c7.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3c48c35-4645-41c0-a6fa-b700208324c7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 75b0935816ca54d5d20a9fffa5531e0d
bd8374980c16b7d5a28e55b8bef2215713b1ebb2
4ab6f49d22d029681754b617001f93467d63035acdaf12905c2314cab77991af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3c48c35-4645-41c0-a6fa-b700208324c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13390
x-amzn-requestid: 0664e077-13a4-4a97-afc2-3969cee56958
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f2pu6Fb7oAMF_0g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63df565f-057ee8fa26aa83d21f875d73;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 07:10:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cAwOWu-_JYTMa0l-1A07FxgOGtG7P59D7XlovXByRA9dQxfsS2An7w==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 18:44:40 GMT
age: 79040
etag: "bd8374980c16b7d5a28e55b8bef2215713b1ebb2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe56753b9-ced9-4038-88f6-9ea3a7bc9f04.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe56753b9-ced9-4038-88f6-9ea3a7bc9f04.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa6c416b3a87ded887c9dcf7c51e5dd0
45f4ef9e68591c00669043abe96959bead8f17ae
9e10394b387916e40c44d4e02fbc1ea72214d870df189ce16d24015de00682bf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe56753b9-ced9-4038-88f6-9ea3a7bc9f04.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11205
x-amzn-requestid: abdf9c40-a2b7-49ae-bea1-ff5abfcea781
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fvszZFOZoAMFkNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc8e7b-6e508da05ff6f33e691de130;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 04:33:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hLrbI5Acy2RBlg7VqGE2b83zuqgt-bx0kD0nlH8uYaJ8tii2FqMLfw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 14:35:27 GMT
age: 7593
etag: "45f4ef9e68591c00669043abe96959bead8f17ae"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
rhythmndance.org/wp-content/plugins/booking-calendar/css/jquery-ui.css?ver=10.12
192.124.249.158200 OK 5.8 kB URL HTTP/1.1 rhythmndance.org/wp-content/plugins/booking-calendar/css/jquery-ui.css?ver=10.12
IP 192.124.249.158:0
File type ASCII text, with very long lines (551)
Hash f35c1251f9063d75d5a4e9b60a0427f9
34facbf629e4fadf9ab23e27fc4c81e8c4364938
248eff43009448fc878bfd95f773bbe1a47eb49417e10b83ff26969aa07e83e5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/booking-calendar/css/jquery-ui.css?ver=10.12 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:41:59 GMT
Content-Type: text/css
Content-Length: 5825
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Sun, 15 Jan 2023 16:55:39 GMT
ETag: "6ac0474-7a70-5f25056140dfa-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: EXPIRED
Accept-Ranges: bytes
rhythmndance.org/wp-content/plugins/booking-calendar/css/effects.css?ver=10.12
192.124.249.158200 OK 3.5 kB URL HTTP/1.1 rhythmndance.org/wp-content/plugins/booking-calendar/css/effects.css?ver=10.12
IP 192.124.249.158:0
File type ASCII text, with CRLF line terminators
Hash ffa3614c896e6075e7548d7453ec3887
2c8f836f7afc5bb8bafde026f0f3642978c51cf9
cd27ba5a0d7c4dbee877694ef1b325a95431ab1355ad71d82463ac17af2c8da5
GET /wp-content/plugins/booking-calendar/css/effects.css?ver=10.12 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:41:59 GMT
Content-Type: text/css
Content-Length: 3490
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Sun, 15 Jan 2023 16:55:37 GMT
ETag: "6ac046e-cff5-5f25055febce9-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: EXPIRED
Accept-Ranges: bytes
rhythmndance.org/wp-content/plugins/booking-calendar/css/style.css?ver=10.12
192.124.249.158200 OK 1.3 kB URL HTTP/1.1 rhythmndance.org/wp-content/plugins/booking-calendar/css/style.css?ver=10.12
IP 192.124.249.158:0
File type ASCII text, with CRLF line terminators
Hash 43f79c71e79a1de1fc8a81e88cfe9842
045ef8d59e77b80a39be930ceeed6d42de6deadd
3c134c295a408df275a7e409f5e49d9f435aae6032e0cc357f9194baa86da871
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/booking-calendar/css/style.css?ver=10.12 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:00 GMT
Content-Type: text/css
Content-Length: 1275
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Sun, 15 Jan 2023 16:55:39 GMT
ETag: "6ac0472-146b-5f25056140a12-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: EXPIRED
Accept-Ranges: bytes
rhythmndance.org/wp-content/plugins/LayerSlider/assets/static/layerslider/css/layerslider.css?ver=6.11.1
192.124.249.158200 OK 4.0 kB URL HTTP/1.1 rhythmndance.org/wp-content/plugins/LayerSlider/assets/static/layerslider/css/layerslider.css?ver=6.11.1
IP 192.124.249.158:0
Hash 1f1b98afe3b250f3f41c2ad82a285887
6d99305f10923c2e2d726bf21f38e21d1e44d2f4
4ead643f65cbafc7f3f2ed4c4e94dac776013906a7353b67f8f117af1387872d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/LayerSlider/assets/static/layerslider/css/layerslider.css?ver=6.11.1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:00 GMT
Content-Type: text/css
Content-Length: 3999
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 03 Jul 2020 23:11:08 GMT
ETag: "6a80a77-5503-5a991a3e7cddb-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: EXPIRED
Accept-Ranges: bytes
rhythmndance.org/wp-content/plugins/booking-calendar/css/font-awesome/font-awesome.css?ver=10.12
192.124.249.158200 OK 6.6 kB URL HTTP/1.1 rhythmndance.org/wp-content/plugins/booking-calendar/css/font-awesome/font-awesome.css?ver=10.12
IP 192.124.249.158:0
File type troff or preprocessor input, ASCII text, with very long lines (357)
Hash 0ad91448d38055037ce4905334e93adc
75c9bc94d18ffcaa9147ce157f83449bdfea3c6d
843c077a92ffaab094d1712eb5d36eb02b4bc36da640d3f78b5fe869e100a7cd
GET /wp-content/plugins/booking-calendar/css/font-awesome/font-awesome.css?ver=10.12 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:00 GMT
Content-Type: text/css
Content-Length: 6584
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Sun, 15 Jan 2023 16:55:37 GMT
ETag: "6be0465-81bf-5f25055feff51-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: EXPIRED
Accept-Ranges: bytes
rhythmndance.org/wp-content/plugins/booking-calendar/css/booking.css?ver=10.12
192.124.249.158200 OK 4.0 kB URL HTTP/1.1 rhythmndance.org/wp-content/plugins/booking-calendar/css/booking.css?ver=10.12
IP 192.124.249.158:0
File type ASCII text, with CRLF line terminators
Hash 1a275b8213c28341c43302e23eb83695
10bad554a9f224c56a7ae82ca8cf465c1764595e
eba075a7932da5b5bc456b4df55b30fb688bed0b48907c2e74fc11d19355e34a
GET /wp-content/plugins/booking-calendar/css/booking.css?ver=10.12 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:00 GMT
Content-Type: text/css
Content-Length: 4021
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Sun, 15 Jan 2023 16:55:39 GMT
ETag: "6ac0471-5137-5f25056140a12-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: EXPIRED
Accept-Ranges: bytes
rhythmndance.org/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
192.124.249.158200 OK 12 kB URL HTTP/1.1 rhythmndance.org/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP 192.124.249.158:0
File type ASCII text, with very long lines (43771)
Hash e5548800176e913a9084f47a3e1e04f6
eff4604acc5c26ae82a19188de2f98bf5b79d80c
a2569c768eaca09f2483b971fcebb97badd57c9a16b5ae3e16b8cdcd8c688b07
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:00 GMT
Content-Type: text/css
Content-Length: 11681
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 13 Jul 2022 04:42:03 GMT
ETag: "6a40255-15b64-5e3a868098eb4-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: EXPIRED
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 5bcb9125c18e4ed3562ceb950dc6eaad
a6c6944804b772de3a487723e3e866c0219de230
94947430d745a6648a2e87f163bf474b4fd4513519360bf4bfecfabc141e5ff1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 16:42:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?onload=wpdevartRecaptchaInit&render=explicit&ver=10.12
216.58.211.4200 OK 579 B URL HTTP/2 www.google.com/recaptcha/api.js?onload=wpdevartRecaptchaInit&render=explicit&ver=10.12
IP 216.58.211.4:0
File type ASCII text, with very long lines (916), with no line terminators
Hash ea9e60a8548f50de30afb09420f3844b
06d57127c7ecfe991393bd276191b749ce2f0078
4505f3711d7b499d161a096ede0940b0282dc7ddcf05c21c866d7e31b295b1ab
GET /recaptcha/api.js?onload=wpdevartRecaptchaInit&render=explicit&ver=10.12 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rhythmndance.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Tue, 07 Feb 2023 16:42:00 GMT
date: Tue, 07 Feb 2023 16:42:00 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 579
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
rhythmndance.org/wp-content/plugins/bbpress/templates/default/css/bbpress.min.css?ver=2.6.9
192.124.249.158200 OK 5.3 kB URL HTTP/1.1 rhythmndance.org/wp-content/plugins/bbpress/templates/default/css/bbpress.min.css?ver=2.6.9
IP 192.124.249.158:0
File type ASCII text, with very long lines (30236), with no line terminators
Hash f30e48d4dc3d105b6e49061965784693
4e03b9fcfc49a54adced29cdd43cf85403e505e4
4727227de1d7d5d1c849cd2c67d17b6463422c47f25655dc9d4e60db44814f04
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/bbpress/templates/default/css/bbpress.min.css?ver=2.6.9 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:00 GMT
Content-Type: text/css
Content-Length: 5283
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Mon, 29 Nov 2021 17:04:19 GMT
ETag: "6a81ee8-761c-5d1f06e7fe8f2-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: EXPIRED
Accept-Ranges: bytes
rhythmndance.org/wp-content/plugins/recent-tweets-widget/tp_twitter_plugin.css?ver=1.0
192.124.249.158200 OK 280 B URL HTTP/1.1 rhythmndance.org/wp-content/plugins/recent-tweets-widget/tp_twitter_plugin.css?ver=1.0
IP 192.124.249.158:0
File type ASCII text, with CRLF line terminators
Hash d28d324a2488dedaff9bf551cf1c1d9f
d02f66126cf1224f1e2b080539068eea2121c278
c6d7e2762ab644374666b8ad7e209c5f0748ec3d53f45b83d2182444dbd6254a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/recent-tweets-widget/tp_twitter_plugin.css?ver=1.0 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:00 GMT
Content-Type: text/css
Content-Length: 280
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 17 Jan 2018 02:10:48 GMT
ETag: "6a80917-211-562ef5b0f7a00-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: EXPIRED
Accept-Ranges: bytes
rhythmndance.org/wp-content/plugins/facebook-photo-fetcher/style.css?ver=3.0.4
192.124.249.158200 OK 442 B URL HTTP/1.1 rhythmndance.org/wp-content/plugins/facebook-photo-fetcher/style.css?ver=3.0.4
IP 192.124.249.158:0
File type ASCII text, with CRLF line terminators
Hash 9c6078db224231f9f1e0b1fe2387523d
123e7eb7cbf0029ef8259bc77b78c40bb3093588
e48049c199081199cfd884f9cdd5979f639058b5e490138afc31a753768a4189
GET /wp-content/plugins/facebook-photo-fetcher/style.css?ver=3.0.4 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:00 GMT
Content-Type: text/css
Content-Length: 442
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 24 Mar 2021 05:05:55 GMT
ETag: "6a416c6-442-5be4140f0d512-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: EXPIRED
Accept-Ranges: bytes
rhythmndance.org/wp-content/plugins/cleantalk-spam-protect/css/cleantalk-public.min.css?ver=6.3.1
192.124.249.158200 OK 548 B URL HTTP/1.1 rhythmndance.org/wp-content/plugins/cleantalk-spam-protect/css/cleantalk-public.min.css?ver=6.3.1
IP 192.124.249.158:0
File type ASCII text, with very long lines (1268), with no line terminators
Hash eee97d3b975719eba52253a1a0cb70c0
e83442f555d64c283c021111d50652fe29443739
76277c9423c8ac0ab0da78610a32ed677234d59afefa8ee44f39cec757e0e941
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/cleantalk-spam-protect/css/cleantalk-public.min.css?ver=6.3.1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:00 GMT
Content-Type: text/css
Content-Length: 548
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Mon, 06 Feb 2023 17:14:39 GMT
ETag: "6a41e9f-4f4-5f40b2a8e3424-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/plugins/facebook-photo-fetcher/fancybox/jquery.fancybox.min.css?ver=2.1.7
192.124.249.158200 OK 3.1 kB URL HTTP/1.1 rhythmndance.org/wp-content/plugins/facebook-photo-fetcher/fancybox/jquery.fancybox.min.css?ver=2.1.7
IP 192.124.249.158:0
File type ASCII text, with very long lines (12795), with no line terminators
Hash 18b46dae08e98971b16123ea48913d23
e0a1aa82445a38538413b488924613c44861c59d
62c06f2ea24cfdf0003164fca05560cc8b5333f6ef312016458e05ecbb7c8f62
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/facebook-photo-fetcher/fancybox/jquery.fancybox.min.css?ver=2.1.7 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:00 GMT
Content-Type: text/css
Content-Length: 3096
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 24 Mar 2021 05:05:55 GMT
ETag: "6a42897-31fb-5be4140f0dce2-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: EXPIRED
Accept-Ranges: bytes
rhythmndance.org/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.15
192.124.249.158200 OK 13 kB URL HTTP/1.1 rhythmndance.org/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.15
IP 192.124.249.158:0
File type Unicode text, UTF-8 text, with very long lines (12602), with CRLF line terminators
Hash 4ccba4b3bd04d2efe57ab601306282e1
63d79ba81e4f5a11e032a78d594a7d7530235e03
9ec6427755de75bae04f95ec32b6888645a7f7074d9351683d29d6d07c57b77c
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.15 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:00 GMT
Content-Type: text/css
Content-Length: 12614
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 03 Jul 2020 23:12:14 GMT
ETag: "6a81041-ea2a-5a991a7d62466-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: EXPIRED
Accept-Ranges: bytes
rhythmndance.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
192.124.249.158200 OK 4.2 kB URL HTTP/1.1 rhythmndance.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 192.124.249.158:0
File type ASCII text, with very long lines (11126)
Hash 5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:00 GMT
Content-Type: application/javascript
Content-Length: 4169
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 08 Sep 2021 03:34:08 GMT
ETag: "6a40841-2bd8-5cb738e0ec947-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/assets/css/style.min.css?ver=6.2.1
192.124.249.158200 OK 30 kB URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/assets/css/style.min.css?ver=6.2.1
IP 192.124.249.158:0
File type ASCII text, with very long lines (1197), with CRLF, CR line terminators
Hash 2b8973c1a214176ab9a3aeefe75511e5
c3c243c1053769baa608f574faf61591af1faf85
ac4cf3a5740703989f96d8ed1cd4f7ffa0ab089ddfac4c248d908a4d1d3c06e7
GET /wp-content/themes/Avada/assets/css/style.min.css?ver=6.2.1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:00 GMT
Content-Type: text/css
Content-Length: 29929
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Mon, 22 Jun 2020 15:06:22 GMT
ETag: "6a62c04-34c50-5a8ad95f19780-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: EXPIRED
Accept-Ranges: bytes
rhythmndance.org/wp-content/plugins/booking-calendar/js/script.js?ver=10.12
192.124.249.158200 OK 430 B URL HTTP/1.1 rhythmndance.org/wp-content/plugins/booking-calendar/js/script.js?ver=10.12
IP 192.124.249.158:0
File type ASCII text, with CRLF line terminators
Hash 4734fcbff19557a4993fa731f971dd0b
fa79528e5a868ac200b235f77a026086381e6d9d
d327612ab62f6f8db24b8c63e7143d5a54c146533df7bc5fe5fbcfcc404ad501
GET /wp-content/plugins/booking-calendar/js/script.js?ver=10.12 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:00 GMT
Content-Type: application/javascript
Content-Length: 430
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Sun, 15 Jan 2023 16:55:33 GMT
ETag: "6ac0159-437-5f25055c53258-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/plugins/booking-calendar/js/booking.js?ver=10.12
192.124.249.158200 OK 10 kB URL HTTP/1.1 rhythmndance.org/wp-content/plugins/booking-calendar/js/booking.js?ver=10.12
IP 192.124.249.158:0
File type ASCII text, with very long lines (515), with CRLF line terminators
Hash 5f62728022948402cab0c5c0eb84a1e0
91c29c17333ffb8e85db77f9094684fc510b1b5d
02b338409ffa02ab8d7c79a36dba09ba89ddf61579e60eeb806086b0724f2258
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/booking-calendar/js/booking.js?ver=10.12 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:00 GMT
Content-Type: application/javascript
Content-Length: 10034
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Sun, 15 Jan 2023 16:55:33 GMT
ETag: "6ac015c-f652-5f25055c53640-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
192.124.249.158200 OK 31 kB URL HTTP/1.1 rhythmndance.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 192.124.249.158:0
File type ASCII text, with very long lines (65447)
Hash 9640915738503451aa21181699feab5b
c053eaf36ef0da96619706b3abda326305063bd6
f8834e669ad1f4039442c26aaa373ec39c35a233b9786d374fc3f670f16b0adc
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:00 GMT
Content-Type: application/javascript
Content-Length: 30908
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 08 Sep 2021 03:34:11 GMT
ETag: "6a404e5-15db1-5cb738e3e9b84-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/plugins/booking-calendar/js/jquery.scrollTo-min.js?ver=10.12
192.124.249.158200 OK 1.3 kB URL HTTP/1.1 rhythmndance.org/wp-content/plugins/booking-calendar/js/jquery.scrollTo-min.js?ver=10.12
IP 192.124.249.158:0
File type Unicode text, UTF-8 text, with very long lines (2272)
Hash 4538ecd007bc60205de613b9e55f1e90
63c7c8f183b0ef12c55ff157ba0564bb9d1a8286
0f9ef7835dc2bf1b0f504dad83ea12443a2212f34887f233698501b9d6c6a1d2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/booking-calendar/js/jquery.scrollTo-min.js?ver=10.12 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:00 GMT
Content-Type: application/javascript
Content-Length: 1305
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Sun, 15 Jan 2023 16:55:33 GMT
ETag: "6ac015a-988-5f25055c53640-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.transitions.js?ver=6.11.1
192.124.249.158200 OK 3.4 kB URL HTTP/1.1 rhythmndance.org/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.transitions.js?ver=6.11.1
IP 192.124.249.158:0
File type Unicode text, UTF-8 text, with very long lines (21440)
Hash 6cc185714c6c96032e28eec6a00ab132
012aa8b49e9a04689498630e0a57f6f3b12ccc6c
41dd6065ca4d7e967f5eab1f3ee18232f9519ae6a947c5029b9ee1e3ffd30808
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.transitions.js?ver=6.11.1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:00 GMT
Content-Type: application/javascript
Content-Length: 3377
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 03 Jul 2020 23:11:08 GMT
ETag: "6a80a57-5513-5a991a3e6c823-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.11.1
192.124.249.158200 OK 47 kB URL HTTP/1.1 rhythmndance.org/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.11.1
IP 192.124.249.158:0
File type ASCII text, with very long lines (65322)
Hash 98ef1ad263e64f11717e2d40f3d920b9
93106092071e4550c714e178a710c31d23e09e37
6eb8668862dde5d75bd26dc485a021d31b39f27daa0a9a9611b6430fc1acfa2d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.11.1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:00 GMT
Content-Type: application/javascript
Content-Length: 47240
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 03 Jul 2020 23:11:08 GMT
ETag: "6a80a56-1f855-5a991a3e69943-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/plugins/cleantalk-spam-protect/js/apbct-public-bundle.min.js?ver=6.3.1
192.124.249.158200 OK 14 kB URL HTTP/1.1 rhythmndance.org/wp-content/plugins/cleantalk-spam-protect/js/apbct-public-bundle.min.js?ver=6.3.1
IP 192.124.249.158:0
File type ASCII text, with very long lines (53517), with no line terminators
Hash 769fd8c7c446ffae90b361ce68558e97
353c1c5e730f6c4231b4e94d61dbe98be4432d46
291cd38793edb82ac93ebe26c5b65fac671f712baea44d226a22cd6684400084
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/cleantalk-spam-protect/js/apbct-public-bundle.min.js?ver=6.3.1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:00 GMT
Content-Type: application/javascript
Content-Length: 14092
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Mon, 06 Feb 2023 17:14:39 GMT
ETag: "6a41e7c-d10d-5f40b2a8e2484-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.utils.js?ver=6.11.1
192.124.249.158200 OK 42 kB URL HTTP/1.1 rhythmndance.org/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.utils.js?ver=6.11.1
IP 192.124.249.158:0
File type ASCII text, with very long lines (65315)
Hash 37785123f7b52fcef8d74be4c2fd05b3
03de8cdad5a939ecb6a578f261a1820ca1093a08
cea70c98b3d81cac62fac209c5dc13b8819aa4e7850334b0c1a1eac73ba4c00f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.utils.js?ver=6.11.1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:00 GMT
Content-Type: application/javascript
Content-Length: 41976
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 03 Jul 2020 23:11:08 GMT
ETag: "6a80a54-1e026-5a991a3e66293-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/plugins/security-malware-firewall/js/spbc-cookie.min.js?ver=2.87.1
192.124.249.158200 OK 654 B URL HTTP/1.1 rhythmndance.org/wp-content/plugins/security-malware-firewall/js/spbc-cookie.min.js?ver=2.87.1
IP 192.124.249.158:0
File type ASCII text, with very long lines (1150)
Hash 78df694440a73a5ff0e0ef79fe1baedf
e4f327e3c161019143f18208d60c5a73ea703b56
b39c714a07ec01b0530d484b3800821bc1aaf1c9b43851571d51766f6bed900d
GET /wp-content/plugins/security-malware-firewall/js/spbc-cookie.min.js?ver=2.87.1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:00 GMT
Content-Type: application/javascript
Content-Length: 654
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Thu, 02 Jun 2022 15:55:17 GMT
ETag: "6aa202c-4ab-5e0790841dfe4-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
192.124.249.158200 OK 6.9 kB URL HTTP/1.1 rhythmndance.org/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
IP 192.124.249.158:0
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 7e2b78a6e8a9b90385330755ee1cf3e5
684c325f39d45e42ae44a9e42f5e9fe4fb0b909c
43f124dabb4bc663cc1cc8d3161c1e6365cf8445d873ed5d69bbfdb507cf24a9
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:00 GMT
Content-Type: application/javascript
Content-Length: 6914
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Thu, 02 Jun 2022 15:51:52 GMT
ETag: "6a40859-50eb-5e078fc015036-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
192.124.249.158200 OK 5.0 kB URL HTTP/1.1 rhythmndance.org/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
IP 192.124.249.158:0
File type ASCII text, with very long lines (15660)
Hash e6624e0b978e6ddba476be41aaaa82df
822e920d8233072110ed7c8a7f379e5b13209b18
dac86a9ce08e4d8cded47b4fa900a664b0c997d8910c2a1be54a423678925a41
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:00 GMT
Content-Type: application/javascript
Content-Length: 5009
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Thu, 02 Jun 2022 15:51:56 GMT
ETag: "6a41306-48b9-5e078fc3dd08b-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.1
192.124.249.158200 OK 11 kB URL HTTP/1.1 rhythmndance.org/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.1
IP 192.124.249.158:0
File type ASCII text, with very long lines (36560)
Hash 01c8b2443d039a1bfcd1636ba1a4ed1e
aa8f6ae060067210f9172204c244e48d925fd7c0
3ead9dd682f597ca6ad784b9c990ee20c6524b267ef54d4bd232ad5eb733a7d5
GET /wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:00 GMT
Content-Type: application/javascript
Content-Length: 10897
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Thu, 02 Jun 2022 15:51:52 GMT
ETag: "6a412b8-8f87-5e078fc01541e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.15
192.124.249.158200 OK 83 kB URL HTTP/1.1 rhythmndance.org/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.15
IP 192.124.249.158:0
File type ASCII text, with very long lines (56675)
Hash 32334a8c45dfcc48f0f0df65418b5bae
f537d5aebc1e579fdbc3e84d8a01917ff0ac0438
d8c150f3d1289fd90dfe1a790551acf210c2ce51d6a1f1b6a5c17ca10ecc3345
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.15 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:00 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 03 Jul 2020 23:12:14 GMT
ETag: "6a8103a-4eb5e-5a991a7d53236-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.3
192.124.249.158200 OK 3.0 kB URL HTTP/1.1 rhythmndance.org/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.3
IP 192.124.249.158:0
File type ASCII text, with very long lines (10565), with no line terminators
Hash 20d191fbcefaf143ff6d9f0234b3afd4
85c302c0f4d2393bd1c3fb724a03741a14860b3a
0398c654fccf925b52ce33037cf350414bc27efc9da7db916ee7dbe646541f7a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.3 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:00 GMT
Content-Type: application/javascript
Content-Length: 3040
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Thu, 26 Jan 2023 16:41:33 GMT
ETag: "6a60ab6-2945-5f32d6bf48e05-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.3
192.124.249.158200 OK 4.1 kB URL HTTP/1.1 rhythmndance.org/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.3
IP 192.124.249.158:0
File type HTML document, ASCII text, with very long lines (12761), with no line terminators
Hash 08d54a01c1e30726b24a1232b1342a35
e18007fdfdb7cd4f395894d75c952a99f6928628
3aae006ed148ced5daa1e75e7a23918d7b566b8d77b070a14df6ad546f689877
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.3 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:00 GMT
Content-Type: application/javascript
Content-Length: 4141
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Thu, 26 Jan 2023 16:41:33 GMT
ETag: "6a60ac2-31d9-5f32d6bf495d5-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/plugins/facebook-photo-fetcher/fancybox/jquery.fancybox.min.js?ver=2.1.7
192.124.249.158200 OK 22 kB URL HTTP/1.1 rhythmndance.org/wp-content/plugins/facebook-photo-fetcher/fancybox/jquery.fancybox.min.js?ver=2.1.7
IP 192.124.249.158:0
File type HTML document, ASCII text, with very long lines (31972)
Hash 54062b7f23dde09e4de95aee3a8fab5e
460a0f90c61c6adbf38d29d93b4207cca2ab10af
8852310f2bc8b3732157e24dee8b67b7d52b33ed2bad2380b84d57717ea9cbc4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/facebook-photo-fetcher/fancybox/jquery.fancybox.min.js?ver=2.1.7 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:00 GMT
Content-Type: application/javascript
Content-Length: 22013
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 24 Mar 2021 05:05:55 GMT
ETag: "6a42898-10a9d-5be4140f0dce2-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.infinitescroll.js?ver=2.1
192.124.249.158200 OK 12 kB URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.infinitescroll.js?ver=2.1
IP 192.124.249.158:0
File type ASCII text, with very long lines (21001), with no line terminators
Hash 66749203f06dff9006fb4f94fc3f62f9
76d713b454c77cc9ab51cd0ffcaccde64abb6107
5abb314ae7457229346adba76ca6539481d9fca19809777d449e4e682980150d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.infinitescroll.js?ver=2.1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:00 GMT
Content-Type: application/javascript
Content-Length: 11989
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a62519-5209-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/isotope.js?ver=3.0.4
192.124.249.158200 OK 9.6 kB URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/isotope.js?ver=3.0.4
IP 192.124.249.158:0
File type ASCII text, with very long lines (34773), with no line terminators
Hash d786294b466e80ea34a60068379abcd9
815c44cb540efb5ebe66dd345b61fbb4f1c12859
238c1ebae671faf078c795440464377b2c7f81e2386f3507fd0dd5857cd14f03
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/isotope.js?ver=3.0.4 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:00 GMT
Content-Type: application/javascript
Content-Length: 9619
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a62540-87d5-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/plugins/fusion-core/js/min/avada-faqs.js?ver=1
192.124.249.158200 OK 451 B URL HTTP/1.1 rhythmndance.org/wp-content/plugins/fusion-core/js/min/avada-faqs.js?ver=1
IP 192.124.249.158:0
File type ASCII text, with very long lines (1131), with no line terminators
Hash 076cb8a61715451db70a481a19f57691
2139e3594ffb5444a2b96cf3e1cbc2872e1a1c79
612408242d82701405ff7c7c18a650d8da54e31074e5e7dc76153cd86f266e32
GET /wp-content/plugins/fusion-core/js/min/avada-faqs.js?ver=1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:00 GMT
Content-Type: application/javascript
Content-Length: 451
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 19 Jun 2020 11:05:21 GMT
ETag: "6a8166b-46b-5a86dde7a1e40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
www.google-analytics.com/ga.js
216.239.34.178200 OK 17 kB URL HTTP/1.1 www.google-analytics.com/ga.js
IP 216.239.34.178:0
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 17168
Date: Tue, 07 Feb 2023 15:34:29 GMT
Expires: Tue, 07 Feb 2023 17:34:29 GMT
Cache-Control: public, max-age=7200
Age: 4052
Last-Modified: Tue, 10 Jan 2023 21:29:14 GMT
Content-Type: text/javascript
rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/modernizr.js?ver=3.3.1
192.124.249.158200 OK 5.1 kB URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/modernizr.js?ver=3.3.1
IP 192.124.249.158:0
File type ASCII text, with very long lines (12991), with no line terminators
Hash a0d8e61a86acfd34c823df6c4badc5a3
fb00037bab11581b913967e55d28ae943f507d61
c95bdcc03231c08f282387f7616ba2975ce8294c06bea93aa3d756397b2cc2e5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/modernizr.js?ver=3.3.1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:00 GMT
Content-Type: application/javascript
Content-Length: 5086
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a624d3-32bf-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/fusion-video-general.js?ver=1
192.124.249.158200 OK 2.0 kB URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/fusion-video-general.js?ver=1
IP 192.124.249.158:0
File type ASCII text, with very long lines (6803), with no line terminators
Hash 447896c8db1d6562ecb0bb525fa9e146
1b196c21513102aac759de7eb419a6dc194fe514
0d8a121b88f25f73506c24a106f1be124fc72eab1b3eba13b9b8f5f87e39c47f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/fusion-video-general.js?ver=1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:00 GMT
Content-Type: application/javascript
Content-Length: 1972
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a62530-1a93-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.fitvids.js?ver=1.1
192.124.249.158200 OK 788 B URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.fitvids.js?ver=1.1
IP 192.124.249.158:0
File type HTML document, ASCII text, with very long lines (1767), with no line terminators
Hash 61e085fb4a40dda6cda2cd15601ef142
7f7c36950941466dbc383f212c6b24a93c6018e2
54f1cab04979429b6eaa68c9cdfaad72ab3a876c726093ff69b441e7d4f72504
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.fitvids.js?ver=1.1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:00 GMT
Content-Type: application/javascript
Content-Length: 788
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a62528-6e7-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.mousewheel.js?ver=3.0.6
192.124.249.158200 OK 1.1 kB URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.mousewheel.js?ver=3.0.6
IP 192.124.249.158:0
File type ASCII text, with very long lines (2604), with no line terminators
Hash 5ae90f2b135740cf6a0b1815059797b5
3bba4fb3bb2fd84eae701ade789253b1168146dc
7f51931d14697dc28a2457d8c8c356f15784804abb4d06b3f287b5ff271c54b7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.mousewheel.js?ver=3.0.6 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:00 GMT
Content-Type: application/javascript
Content-Length: 1128
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a60d49-a2c-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.ilightbox.js?ver=2.2.3
192.124.249.158200 OK 25 kB URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.ilightbox.js?ver=2.2.3
IP 192.124.249.158:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 5f70d1c3613767bafe3b65b53a14bb01
ed873d33a77e49022130124ca3df94b1e9b88448
1ac0ad142765230caac639ad1b2dd89b25f8ff447f5d299f3b70425dcfac345b
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.ilightbox.js?ver=2.2.3 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:00 GMT
Content-Type: application/javascript
Content-Length: 25133
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 25 Jun 2021 19:54:50 GMT
ETag: "6a6251b-140cd-5c59c833a83ad-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-lightbox.js?ver=1
192.124.249.158200 OK 1.9 kB URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-lightbox.js?ver=1
IP 192.124.249.158:0
File type ASCII text, with very long lines (6649), with no line terminators
Hash a90abc9adb3bc198e53069c8e4bb2b8f
937e6c0a21cf7e49fd47ca4aea67cc446ad2f802
2f98ad6dd6c920450182801a9111b616e4b58f094b31b7c9cdb333886b2d3e34
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-lightbox.js?ver=1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:00 GMT
Content-Type: application/javascript
Content-Length: 1876
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a601c8-19f9-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/imagesLoaded.js?ver=3.1.8
192.124.249.158200 OK 2.2 kB URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/imagesLoaded.js?ver=3.1.8
IP 192.124.249.158:0
File type ASCII text, with very long lines (6785), with no line terminators
Hash 5e1c080a1516f44b73b474d3f1315040
d517bbe1df2a3ed633ad5d03adda7b4638596b58
4457b905261c66e7cbfbc89e6d25a435ade8b103ebc2e53453155e3df9544b2a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/imagesLoaded.js?ver=3.1.8 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:00 GMT
Content-Type: application/javascript
Content-Length: 2221
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a62523-1a81-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/packery.js?ver=2.0.0
192.124.249.158200 OK 4.1 kB URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/packery.js?ver=2.0.0
IP 192.124.249.158:0
File type ASCII text, with very long lines (13723), with no line terminators
Hash 3e390e9e9125b1813278f3664c417caa
f5a36c8af53cc055321e44032e311d4685866672
8ac747a3636de6d1fe854767f0890551a4054f221c23c383aff3d2b916011324
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/packery.js?ver=2.0.0 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:00 GMT
Content-Type: application/javascript
Content-Length: 4124
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a61c1a-359b-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/plugins/fusion-core/js/min/avada-portfolio.js?ver=1
192.124.249.158200 OK 3.1 kB URL HTTP/1.1 rhythmndance.org/wp-content/plugins/fusion-core/js/min/avada-portfolio.js?ver=1
IP 192.124.249.158:0
File type ASCII text, with very long lines (13618), with no line terminators
Hash f6ed30ff743043f0918cc9ec4d351991
6f4972248d4f07d83ce926715b63b8f68e09383a
a576abc51b332e036d67c0cfff6c180db92961f674bba8d6115aa0c8c90e4330
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/fusion-core/js/min/avada-portfolio.js?ver=1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:00 GMT
Content-Type: application/javascript
Content-Length: 3089
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 19 Jun 2020 11:05:21 GMT
ETag: "6a8166d-3532-5a86dde7a1e40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-chart.js?ver=1
192.124.249.158200 OK 1.7 kB URL HTTP/1.1 rhythmndance.org/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-chart.js?ver=1
IP 192.124.249.158:0
File type ASCII text, with very long lines (5217), with no line terminators
Hash 52a3daee8e797ac987f177abd97d132e
2be77094569f76602f6221bf8ae49fc1747c2634
cca95f70ba057379065f90440b01ea7e6ea481228f507381fae0bc76a1f96bbb
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/fusion-builder/assets/js/min/general/fusion-chart.js?ver=1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:00 GMT
Content-Type: application/javascript
Content-Length: 1709
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 19 Jun 2020 11:06:36 GMT
ETag: "6a81d3d-1461-5a86de2f28700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/plugins/fusion-builder/assets/js/min/library/Chart.js?ver=2.7.1
192.124.249.158200 OK 46 kB URL HTTP/1.1 rhythmndance.org/wp-content/plugins/fusion-builder/assets/js/min/library/Chart.js?ver=2.7.1
IP 192.124.249.158:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash c34c06a16a33ee7ce4b1e361a9613577
fd75fa054c12deee7f749594c91a41cf9cb88ce6
5d7ef7cf38f692828fa4adb3608d9d8f10ede96370541acd7061d8dc9c088f35
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/fusion-builder/assets/js/min/library/Chart.js?ver=2.7.1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:00 GMT
Content-Type: application/javascript
Content-Length: 46152
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 19 Jun 2020 11:06:36 GMT
ETag: "6a81d46-26441-5a86de2f28700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-column-bg-image.js?ver=1
192.124.249.158200 OK 589 B URL HTTP/1.1 rhythmndance.org/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-column-bg-image.js?ver=1
IP 192.124.249.158:0
File type ASCII text, with very long lines (1729), with no line terminators
Hash 0da4110bf680bf40b3326b592e7997a1
c09a10e29ab2cfbef44c8c5829b6533528589927
baf1d376ab099d4b957652ec29566de8d5574fa41976c61f16eef056e877bd19
GET /wp-content/plugins/fusion-builder/assets/js/min/general/fusion-column-bg-image.js?ver=1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:00 GMT
Content-Type: application/javascript
Content-Length: 589
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 19 Jun 2020 11:06:36 GMT
ETag: "6a81d34-6c1-5a86de2f28700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/cssua.js?ver=2.1.28
192.124.249.158200 OK 1.5 kB URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/cssua.js?ver=2.1.28
IP 192.124.249.158:0
File type ASCII text, with very long lines (3344), with no line terminators
Hash 37fc75887c0fa5d78ce3b556e51120bf
a44495eb12fd0b174282a810266fc92075fbe1a8
68ed74321bad917a33ef6e0c273d716a023f02b300a7d34bcaa67765df812104
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/cssua.js?ver=2.1.28 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:01 GMT
Content-Type: application/javascript
Content-Length: 1498
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a623d5-d10-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-waypoints.js?ver=1
192.124.249.158200 OK 271 B URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-waypoints.js?ver=1
IP 192.124.249.158:0
File type ASCII text, with very long lines (479), with no line terminators
Hash f3e94f8fba3206554d0687716e311abd
6f0f5318efc05a0d9d224925ca37427c4f7fd40a
4b4bf1a3a692fa61c7f8c88ebf6d2326356193b6ce6f50a8efeb24b4e378b02e
GET /wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-waypoints.js?ver=1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:01 GMT
Content-Type: application/javascript
Content-Length: 271
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a6019f-1df-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.waypoints.js?ver=2.0.3
192.124.249.158200 OK 2.4 kB URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.waypoints.js?ver=2.0.3
IP 192.124.249.158:0
File type ASCII text, with very long lines (7507), with no line terminators
Hash 21049717104827d183542224fab03748
e6b76653ec055da050fa1f10f54de07dc9ed19bf
918705597e0ebb0497a323b1490a4da6d28cd5a92c75bb2e640fc18651ecc0a8
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.waypoints.js?ver=2.0.3 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:01 GMT
Content-Type: application/javascript
Content-Length: 2418
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a61c37-1d53-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-animations.js?ver=1
192.124.249.158200 OK 624 B URL HTTP/1.1 rhythmndance.org/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-animations.js?ver=1
IP 192.124.249.158:0
File type ASCII text, with very long lines (1710), with no line terminators
Hash 8a10f27cc91b64dcc87db0b266360a8f
3e6f1d05038016cd22742ed0449c1aaa1ce9abf3
d869cd72bdb2ab40d25b7602320ddc6e82809f21fec24e6abf76fab7534e3ff5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/fusion-builder/assets/js/min/general/fusion-animations.js?ver=1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:01 GMT
Content-Type: application/javascript
Content-Length: 624
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 19 Jun 2020 11:06:36 GMT
ETag: "6a81d3c-6ae-5a86de2f28700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-equal-heights.js?ver=1
192.124.249.158200 OK 621 B URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-equal-heights.js?ver=1
IP 192.124.249.158:0
File type ASCII text, with very long lines (1417), with no line terminators
Hash 9aef2dd466ce9c265becfbae916a8ad7
dfdd83790d7c5b4ef1c360c5f54c0aeaacdbcf04
c204e8c09a4e032a99a422a93040537397a4e3f1f690b1eee1dbd5bcb647be55
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-equal-heights.js?ver=1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:01 GMT
Content-Type: application/javascript
Content-Length: 621
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a6016e-589-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-column.js?ver=1
192.124.249.158200 OK 922 B URL HTTP/1.1 rhythmndance.org/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-column.js?ver=1
IP 192.124.249.158:0
File type ASCII text, with very long lines (5069), with no line terminators
Hash 513b2d008c2cc515e44aff388b9ee54a
35f480533c38a900008022500acc875b399afcac
16eabd4930502fa03ec878df81979d8f9aac532291b82841eb859c2effa51fc4
GET /wp-content/plugins/fusion-builder/assets/js/min/general/fusion-column.js?ver=1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:01 GMT
Content-Type: application/javascript
Content-Length: 922
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 19 Jun 2020 11:06:36 GMT
ETag: "6a81d3b-13cd-5a86de2f28700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.fade.js?ver=1
192.124.249.158200 OK 437 B URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.fade.js?ver=1
IP 192.124.249.158:0
File type ASCII text, with very long lines (1162), with no line terminators
Hash 51e57fabc7b182d7ec3fef8f4f57404e
8d8018b572928c522b6c9a665ad347f35f693d62
6f8638903f64d7b007e657b7b3319ca1017d864aa5ce24c19d75f37608b617e7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.fade.js?ver=1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:01 GMT
Content-Type: application/javascript
Content-Length: 437
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a61c1c-48a-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/fusion-parallax.js?ver=1
192.124.249.158200 OK 2.9 kB URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/fusion-parallax.js?ver=1
IP 192.124.249.158:0
File type ASCII text, with very long lines (12004), with no line terminators
Hash 5ab8fec1c642294561065f8cca8bc958
5c0c905aecacede9298e394d78012bb60ac01d1f
d82d3ac4e58879dd9301f655215636ea38139461bd0fb5047d089912c5fd259c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/fusion-parallax.js?ver=1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:01 GMT
Content-Type: application/javascript
Content-Length: 2855
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a6254f-2ee4-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.requestAnimationFrame.js?ver=1
192.124.249.158200 OK 337 B URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.requestAnimationFrame.js?ver=1
IP 192.124.249.158:0
File type ASCII text, with very long lines (695), with no line terminators
Hash 0921c87a11483e7ea5c29d7adeb6575e
7f4edddc51e12385b8ee8c859abbadaae5f2f899
dee531dca244cc30d1bd9e80253cf7362928cc9dfbbf58b3ea020edfdbc6fcbd
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.requestAnimationFrame.js?ver=1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:01 GMT
Content-Type: application/javascript
Content-Length: 337
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a60ab1-2b7-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/fusion-video-bg.js?ver=1
192.124.249.158200 OK 1.9 kB URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/fusion-video-bg.js?ver=1
IP 192.124.249.158:0
File type ASCII text, with very long lines (5277), with no line terminators
Hash 6fdf839ce593e2b2f83033ada6039735
47dd84f7a3535b5f8aa749260bc3ea0d6019db5f
11717cd0e79418966e730663ccd6c90d4f19520e318a81ae75657989d10eefa2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/fusion-video-bg.js?ver=1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:01 GMT
Content-Type: application/javascript
Content-Length: 1939
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a62534-149d-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-container.js?ver=1
192.124.249.158200 OK 2.3 kB URL HTTP/1.1 rhythmndance.org/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-container.js?ver=1
IP 192.124.249.158:0
File type ASCII text, with very long lines (11912), with no line terminators
Hash d6e15e2cb132c24def012e9a1d2c94b1
b500ecac6fd40957ceb08e81b63adb1a1f0605a6
8e7c897338cdbffe55c26f584307a24f27d8918a47ae3615858525c13cef196e
GET /wp-content/plugins/fusion-builder/assets/js/min/general/fusion-container.js?ver=1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:01 GMT
Content-Type: application/javascript
Content-Length: 2267
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 19 Jun 2020 11:06:36 GMT
ETag: "6a81d2a-2e88-5a86de2f28700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-content-boxes.js?ver=1
192.124.249.158200 OK 903 B URL HTTP/1.1 rhythmndance.org/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-content-boxes.js?ver=1
IP 192.124.249.158:0
File type ASCII text, with very long lines (4175), with no line terminators
Hash 4f43f0f0f3879adc91047ee345935287
832186e9249dad9471588214774e88a5578bcd88
6e51197c29f8ce66c522b9fc1086336c037d0fe8dd756a63ffbaf29115ceeb12
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/fusion-builder/assets/js/min/general/fusion-content-boxes.js?ver=1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:01 GMT
Content-Type: application/javascript
Content-Length: 903
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 19 Jun 2020 11:06:36 GMT
ETag: "6a81d3a-104f-5a86de2f28700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-countdown.js?ver=1
192.124.249.158200 OK 329 B URL HTTP/1.1 rhythmndance.org/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-countdown.js?ver=1
IP 192.124.249.158:0
File type ASCII text, with very long lines (522), with no line terminators
Hash fed87aeee911ffd0e37289d7b95221f8
18c75a93ebd981354df7809a60fd6250e6977fc6
956db31bb259e866379bd531cd3e063472a971449b0d95b24d6e1d3a02b3b67e
GET /wp-content/plugins/fusion-builder/assets/js/min/general/fusion-countdown.js?ver=1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:01 GMT
Content-Type: application/javascript
Content-Length: 329
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 19 Jun 2020 11:06:36 GMT
ETag: "6a81d2c-20a-5a86de2f28700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/plugins/fusion-builder/assets/js/min/library/jquery.countdown.js?ver=1.0
192.124.249.158200 OK 1.1 kB URL HTTP/1.1 rhythmndance.org/wp-content/plugins/fusion-builder/assets/js/min/library/jquery.countdown.js?ver=1.0
IP 192.124.249.158:0
File type ASCII text, with very long lines (2876), with no line terminators
Hash 67f03d78758b724b48ccc0df1f77df12
a15eedc5f7b785c71156033658ee7e8ef4b79e3c
a58160a7b0ee6b4cc75c1853dd6d108f6bd596dc1f6e7776b46129ef7d4aaece
GET /wp-content/plugins/fusion-builder/assets/js/min/library/jquery.countdown.js?ver=1.0 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:01 GMT
Content-Type: application/javascript
Content-Length: 1055
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 19 Jun 2020 11:06:36 GMT
ETag: "6a81d47-b3c-5a86de2f28700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/plugins/fusion-builder/assets/js/min/library/jquery.countTo.js?ver=1
192.124.249.158200 OK 430 B URL HTTP/1.1 rhythmndance.org/wp-content/plugins/fusion-builder/assets/js/min/library/jquery.countTo.js?ver=1
IP 192.124.249.158:0
File type ASCII text, with very long lines (945), with no line terminators
Hash fba7a7fe877c30b28aac94da6ab21f05
4449a8cb948839e3679388160107daf9afbbf57f
cd512f9a349ed6e18864ce7472063481a7ad5d07c062bfedf664556d8eaff491
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/fusion-builder/assets/js/min/library/jquery.countTo.js?ver=1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:01 GMT
Content-Type: application/javascript
Content-Length: 430
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 19 Jun 2020 11:06:36 GMT
ETag: "6a81d45-3b1-5a86de2f28700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.appear.js?ver=1
192.124.249.158200 OK 1.3 kB URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.appear.js?ver=1
IP 192.124.249.158:0
File type ASCII text, with very long lines (2985), with no line terminators
Hash 0e96f12ea7c5291158123d70d9885c78
5a3985d5c1da4564375fcefc9885504e8074b127
b5c1bf80f671c9aa808cbd3ac774f0d8f741d8b4d89f2a298cf4d37dd2fbf132
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.appear.js?ver=1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:01 GMT
Content-Type: application/javascript
Content-Length: 1324
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a624a8-ba9-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-counters-box.js?ver=1
192.124.249.158200 OK 516 B URL HTTP/1.1 rhythmndance.org/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-counters-box.js?ver=1
IP 192.124.249.158:0
File type ASCII text, with very long lines (1274), with no line terminators
Hash 2cc8adac496174b64d28eb9ab960a503
0c3396918686b6827aa7e5ad0d4045ff41a404b6
668c26a3f9a1dfe8f3e50b98d3e4c383b00a7fbc35ebdcaca35b50cbd368d6c6
GET /wp-content/plugins/fusion-builder/assets/js/min/general/fusion-counters-box.js?ver=1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:01 GMT
Content-Type: application/javascript
Content-Length: 516
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 19 Jun 2020 11:06:36 GMT
ETag: "6a81d3f-4fa-5a86de2f28700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.easyPieChart.js?ver=2.1.7
192.124.249.158200 OK 1.5 kB URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.easyPieChart.js?ver=2.1.7
IP 192.124.249.158:0
File type ASCII text, with very long lines (3555), with no line terminators
Hash 07d18995331a5304db928fbfdf20fe6c
bd9d5398d57ad83b2e48295ca42d047bc6b66348
1aa9a514e3b6c21570822dadd8213bf61124bda880310f62b089e593e65cb6ea
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.easyPieChart.js?ver=2.1.7 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:01 GMT
Content-Type: application/javascript
Content-Length: 1451
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a62548-de3-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-counters-circle.js?ver=1
192.124.249.158200 OK 954 B URL HTTP/1.1 rhythmndance.org/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-counters-circle.js?ver=1
IP 192.124.249.158:0
File type ASCII text, with very long lines (3393), with no line terminators
Hash 81c15382a606b2b80eded15dfaee10e1
e778b0df3edfbbd0eaeb0b84e4ed04e191512f39
e476f21d7aa6e7b8ab7a5195d8db698c2d2eaa408e59b9fd3a7818e2d5b926d5
GET /wp-content/plugins/fusion-builder/assets/js/min/general/fusion-counters-circle.js?ver=1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:01 GMT
Content-Type: application/javascript
Content-Length: 954
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 19 Jun 2020 11:06:36 GMT
ETag: "6a81d40-d41-5a86de2f28700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-events.js?ver=1
192.124.249.158200 OK 1.3 kB URL HTTP/1.1 rhythmndance.org/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-events.js?ver=1
IP 192.124.249.158:0
File type ASCII text, with very long lines (3761), with no line terminators
Hash fb85ebb89601890397b4c752c91a82dd
7229621ec8a955e98213f04d0dfa83a4d4a68a84
ae69c5dccd22ce643d09d9863f9e077f6fb4c7f56ce4a3e90ddcad685c41f798
GET /wp-content/plugins/fusion-builder/assets/js/min/general/fusion-events.js?ver=1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:01 GMT
Content-Type: application/javascript
Content-Length: 1260
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 19 Jun 2020 11:06:36 GMT
ETag: "6a81d31-eb1-5a86de2f28700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-flip-boxes.js?ver=1
192.124.249.158200 OK 652 B URL HTTP/1.1 rhythmndance.org/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-flip-boxes.js?ver=1
IP 192.124.249.158:0
File type ASCII text, with very long lines (2740), with no line terminators
Hash 1c14a3c5aeee208c113929c8fe460c75
763f043031eae2c87613935e1c837984c1ad995e
fa1536df9104ad52ed2cb4e3f772dd9124840c961f365af0cd7b1210504969d1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/fusion-builder/assets/js/min/general/fusion-flip-boxes.js?ver=1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:01 GMT
Content-Type: application/javascript
Content-Length: 652
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 19 Jun 2020 11:06:36 GMT
ETag: "6a81d2f-ab4-5a86de2f28700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-gallery.js?ver=1
192.124.249.158200 OK 712 B URL HTTP/1.1 rhythmndance.org/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-gallery.js?ver=1
IP 192.124.249.158:0
File type ASCII text, with very long lines (1900), with no line terminators
Hash bae6c74c83af7b978e73ba22d4b1731f
566c2d6529e48fd4e746d33893fa0f525a681510
9edc0e06f7adaabd0265f92006d8fd9282a6e830abbf94eeb7f36c8f157f6969
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/fusion-builder/assets/js/min/general/fusion-gallery.js?ver=1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:01 GMT
Content-Type: application/javascript
Content-Length: 712
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 19 Jun 2020 11:06:36 GMT
ETag: "6a81d41-76c-5a86de2f28700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.fusion_maps.js?ver=2.2.2
192.124.249.158200 OK 1.9 kB URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.fusion_maps.js?ver=2.2.2
IP 192.124.249.158:0
File type ASCII text, with very long lines (5699), with no line terminators
Hash fd02753adb5d13628ab06a5c928a3e16
3eee85f879ae10fa8fad8d2fa7e84c0ab79b6dc4
be0afd43e4d6ec71f0bfe5973a91bdcb178743159e8a72d1ee71b1942e84e0dd
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.fusion_maps.js?ver=2.2.2 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:01 GMT
Content-Type: application/javascript
Content-Length: 1932
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a60b77-1643-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-google-map.js?ver=1
192.124.249.158200 OK 302 B URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-google-map.js?ver=1
IP 192.124.249.158:0
File type ASCII text, with very long lines (499), with no line terminators
Hash 96384af790f02ac5f134d8bb2112e74d
e9e34685a85a9984bcee642fd58117b8dfec56c0
52c2d9f15d7e9c34aedd1f48c6d9429e1d0f07f47cecee2fe91e5b21698910bd
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-google-map.js?ver=1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:01 GMT
Content-Type: application/javascript
Content-Length: 302
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a601d0-1f3-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ed3f32fef9b843f5511bb882c0a38358
a1a60921f7cb6ab14b645c77bb7d77c20b8201ef
9a4b9e269aa66258c1d9b10fb1af899a3e669de3e244dcfd843a0bce87646f8e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 16:42:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rhythmndance.org/wp-content/plugins/fusion-builder/assets/js/min/library/jquery.event.move.js?ver=2.0
192.124.249.158200 OK 2.0 kB URL HTTP/1.1 rhythmndance.org/wp-content/plugins/fusion-builder/assets/js/min/library/jquery.event.move.js?ver=2.0
IP 192.124.249.158:0
File type ASCII text, with very long lines (5443), with no line terminators
Hash 8c22b8efa3df9595a73d66ba4c5d0430
3ac9ffe5223acc00672a70bc8e5860f67ce190e9
804c5ab63fde82689d2beedb4c2e90a748019170e5f2ab83fddc07b2562f8528
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/fusion-builder/assets/js/min/library/jquery.event.move.js?ver=2.0 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:01 GMT
Content-Type: application/javascript
Content-Length: 1996
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 19 Jun 2020 11:06:36 GMT
ETag: "6a81d44-1543-5a86de2f28700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-image-before-after.js?ver=1.0
192.124.249.158200 OK 1.1 kB URL HTTP/1.1 rhythmndance.org/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-image-before-after.js?ver=1.0
IP 192.124.249.158:0
File type ASCII text, with very long lines (3090), with no line terminators
Hash 5149d088bcb67e0b9c0ba90750961bcd
11fe8487d2def2765649f24c36918b92bff2401e
8c067d712cdb56f9e73ed0f8494d20122bf3eb4cac0107a96bb8d6559f84c5e2
GET /wp-content/plugins/fusion-builder/assets/js/min/general/fusion-image-before-after.js?ver=1.0 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:01 GMT
Content-Type: application/javascript
Content-Length: 1080
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 19 Jun 2020 11:06:36 GMT
ETag: "6a81d2e-c12-5a86de2f28700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/bootstrap.modal.js?ver=3.1.1
192.124.249.158200 OK 1.3 kB URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/bootstrap.modal.js?ver=3.1.1
IP 192.124.249.158:0
File type ASCII text, with very long lines (3974), with no line terminators
Hash 52e58daefa8fe0da3a9b0d8b5c5e48a6
99ac0fc4eb6166ba94a7f9a883ffe88844d82230
3fb8e180b9ea5f72a2a0819092d731c5fb92f6cf986b98fb83f68e63175ed0d2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/bootstrap.modal.js?ver=3.1.1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:01 GMT
Content-Type: application/javascript
Content-Length: 1301
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a6254b-f86-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-modal.js?ver=1
192.124.249.158200 OK 852 B URL HTTP/1.1 rhythmndance.org/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-modal.js?ver=1
IP 192.124.249.158:0
File type ASCII text, with very long lines (2434), with no line terminators
Hash ec4fe607ca87e6ff9aa75e5fe2bbabcb
72056ec76484a1bc2847c342974c4cf60c88989e
c89b757bcbe5ab4f90e9034f11c9a8831afa62e3a817f3d094fe5a765863a0b2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/fusion-builder/assets/js/min/general/fusion-modal.js?ver=1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:01 GMT
Content-Type: application/javascript
Content-Length: 852
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 19 Jun 2020 11:06:36 GMT
ETag: "6a81d32-982-5a86de2f28700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-progress.js?ver=1
192.124.249.158200 OK 341 B URL HTTP/1.1 rhythmndance.org/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-progress.js?ver=1
IP 192.124.249.158:0
File type ASCII text, with very long lines (768), with no line terminators
Hash df87567cabc52ace83c919ce177d250e
d3e47a19eb848058a61ab63aa5c6d7e1d42a73b4
0d4c4fcda482525550273834a736a3d9f2ffaf1c5ce3606b0707bf76d293303c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/fusion-builder/assets/js/min/general/fusion-progress.js?ver=1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:01 GMT
Content-Type: application/javascript
Content-Length: 341
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 19 Jun 2020 11:06:36 GMT
ETag: "6a81d3e-300-5a86de2f28700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3f3962ef574ee0069c41f7cbcabd1ef3
c4b6aefa8563432c5e5901488c38ae7da3c83fd7
9518b917cc6f0b1724d687d6aac4d8c1851d46949eeb4926acdb26a84728fdc0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 16:42:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXw.woff
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXw.woff
IP 142.250.74.35:0
File type Web Open Font Format, TrueType, length 15932, version 1.1\012- data
Hash 0c0bf37fdadb3c0fc240ecd46deb5ec5
22927507788da5b9fd5ef9b02bf6cc543f3226f5
ef642789da49d91210c420b158e3a09d401474a3185045f50af4fc01954fe821
GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXw.woff HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://rhythmndance.org
Connection: keep-alive
Referer: http://rhythmndance.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15932
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 05 Feb 2023 22:02:50 GMT
expires: Mon, 05 Feb 2024 22:02:50 GMT
cache-control: public, max-age=31536000
age: 153551
last-modified: Mon, 11 Jul 2022 18:56:01 GMT
content-type: font/woff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3f3962ef574ee0069c41f7cbcabd1ef3
c4b6aefa8563432c5e5901488c38ae7da3c83fd7
9518b917cc6f0b1724d687d6aac4d8c1851d46949eeb4926acdb26a84728fdc0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 16:42:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVQ.woff
142.250.74.35200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVQ.woff
IP 142.250.74.35:0
File type Web Open Font Format, TrueType, length 20712, version 1.1\012- data
Hash 600270a4cedf2a102a1d49e5148e6622
a5e4c1b17ab38d08e408937a5e5699d65c5a9f2b
22459e1de13b29a9997c47434287b7b07bcd58013dc71c6fa14637b0d46d469c
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVQ.woff HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://rhythmndance.org
Connection: keep-alive
Referer: http://rhythmndance.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20712
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 Feb 2023 21:46:45 GMT
expires: Tue, 06 Feb 2024 21:46:45 GMT
cache-control: public, max-age=31536000
age: 68116
last-modified: Mon, 15 Aug 2022 18:14:42 GMT
content-type: font/woff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXw.woff
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXw.woff
IP 142.250.74.35:0
File type Web Open Font Format, TrueType, length 16048, version 1.1\012- data
Hash 6324dc98542bbc4c2f500f1032fc644e
ab2190b1fa3b637e5efa594327eab5e3e0ba1f88
4dd777ebcfc61b7ff1165418b02265bfdf311b4f50ad0bd3f9c40972c33f882f
GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXw.woff HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://rhythmndance.org
Connection: keep-alive
Referer: http://rhythmndance.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16048
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 05 Feb 2023 16:03:30 GMT
expires: Mon, 05 Feb 2024 16:03:30 GMT
cache-control: public, max-age=31536000
age: 175111
last-modified: Mon, 11 Jul 2022 18:56:00 GMT
content-type: font/woff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
rhythmndance.org/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-recent-posts.js?ver=1
192.124.249.158200 OK 820 B URL HTTP/1.1 rhythmndance.org/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-recent-posts.js?ver=1
IP 192.124.249.158:0
File type ASCII text, with very long lines (1965), with no line terminators
Hash bbefbbedb7b3a4db8f6feb4a642812bf
dfa7eedbe1c7aaa24f61238ab12ada06082fea8f
5e60ae5a2e9be17fb3a7356c707c371bbd32378dc039c972769c881e56527235
GET /wp-content/plugins/fusion-builder/assets/js/min/general/fusion-recent-posts.js?ver=1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:01 GMT
Content-Type: application/javascript
Content-Length: 820
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 19 Jun 2020 11:06:36 GMT
ETag: "6a81d2d-7ad-5a86de2f28700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
fonts.gstatic.com/s/zillaslab/v11/dFa6ZfeM_74wlPZtksIFajo6-w.woff
142.250.74.35200 OK 33 kB URL HTTP/2 fonts.gstatic.com/s/zillaslab/v11/dFa6ZfeM_74wlPZtksIFajo6-w.woff
IP 142.250.74.35:0
File type Web Open Font Format, TrueType, length 32904, version 1.1\012- data
Hash a347e8106c9173c76d65ff16b1fe29b7
98d83aef46af84aa35072dd60863179ddcb2313f
3e242a7b625f57e17b4a090a71e9720a2e38f1028e361ac5d6f91c88082458e8
GET /s/zillaslab/v11/dFa6ZfeM_74wlPZtksIFajo6-w.woff HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://rhythmndance.org
Connection: keep-alive
Referer: http://rhythmndance.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 32904
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 04:54:53 GMT
expires: Thu, 01 Feb 2024 04:54:53 GMT
cache-control: public, max-age=31536000
age: 560828
last-modified: Wed, 27 Apr 2022 16:09:11 GMT
content-type: font/woff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3f3962ef574ee0069c41f7cbcabd1ef3
c4b6aefa8563432c5e5901488c38ae7da3c83fd7
9518b917cc6f0b1724d687d6aac4d8c1851d46949eeb4926acdb26a84728fdc0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 16:42:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3f3962ef574ee0069c41f7cbcabd1ef3
c4b6aefa8563432c5e5901488c38ae7da3c83fd7
9518b917cc6f0b1724d687d6aac4d8c1851d46949eeb4926acdb26a84728fdc0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 16:42:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3f3962ef574ee0069c41f7cbcabd1ef3
c4b6aefa8563432c5e5901488c38ae7da3c83fd7
9518b917cc6f0b1724d687d6aac4d8c1851d46949eeb4926acdb26a84728fdc0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 16:42:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/bootstrap.tab.js?ver=3.1.1
192.124.249.158200 OK 767 B URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/bootstrap.tab.js?ver=3.1.1
IP 192.124.249.158:0
File type ASCII text, with very long lines (1685), with no line terminators
Hash 6a1e2df4a70966d170b35ee4cd44a8df
97e09dc339d7231570d590a8c413743c146d06e9
6e3205d1e185815966a4929a8b6685b5111d83fe7f803ca1995980fe9c8b97a1
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/bootstrap.tab.js?ver=3.1.1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:01 GMT
Content-Type: application/javascript
Content-Length: 767
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a6249d-695-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-syntax-highlighter.js?ver=1
192.124.249.158200 OK 731 B URL HTTP/1.1 rhythmndance.org/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-syntax-highlighter.js?ver=1
IP 192.124.249.158:0
File type ASCII text, with very long lines (1961), with no line terminators
Hash b01da39c395b525b7a752e109314c0f2
7a653995ae9ae20cd8f098460210dbb15c87ca3a
b9f3d6a0da19e20406efe3daed359ca6df27e8cc6c75e7da1a7987675e1db421
GET /wp-content/plugins/fusion-builder/assets/js/min/general/fusion-syntax-highlighter.js?ver=1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:01 GMT
Content-Type: application/javascript
Content-Length: 731
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 19 Jun 2020 11:06:36 GMT
ETag: "6a81d2b-7a9-5a86de2f28700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/bootstrap.transition.js?ver=3.3.6
192.124.249.158200 OK 373 B URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/bootstrap.transition.js?ver=3.3.6
IP 192.124.249.158:0
File type ASCII text, with very long lines (741), with no line terminators
Hash 0287f860a8c842bd15caea306aeae882
78fd117d49d7ee7aa8f57809902a190b16fe6040
b59b5dbbb13c25fbd8177298e3960a218c5034c076d4f840958540947896ae22
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/bootstrap.transition.js?ver=3.3.6 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:01 GMT
Content-Type: application/javascript
Content-Length: 373
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a623c7-2e5-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-tabs.js?ver=1
192.124.249.158200 OK 964 B URL HTTP/1.1 rhythmndance.org/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-tabs.js?ver=1
IP 192.124.249.158:0
File type ASCII text, with very long lines (3378), with no line terminators
Hash b12e5c83f507f2be5a2f054f7253c47a
eb3912cfda6aa6d7178ad75dc8c1ca22984e8794
184fce754142fc4feec33e5a7d708c2f71096a83455ace479867c15a6df03e7a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/fusion-builder/assets/js/min/general/fusion-tabs.js?ver=1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:01 GMT
Content-Type: application/javascript
Content-Length: 964
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 19 Jun 2020 11:06:36 GMT
ETag: "6a81d37-d32-5a86de2f28700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 9f281e740b07154679c9bd8181fca958
2109831ce530524bf40a8c338ff5675e0583603e
07dd2aab5afbc19dc954d1a5415aad0d694d7cbc135bb2d5f75d4e12cc5bcbaf
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:01 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 06 Feb 2023 22:22:58 GMT
Expires: Tue, 07 Feb 2023 22:22:58 GMT
ETag: "2109831ce530524bf40a8c338ff5675e0583603e"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.cycle.js?ver=3.0.3
192.124.249.158200 OK 7.1 kB URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.cycle.js?ver=3.0.3
IP 192.124.249.158:0
File type ASCII text, with very long lines (25337), with no line terminators
Hash 0c4d60f71114d6226c079070e2a9c669
00ccde099c61a625659889571e7c41003ae63977
6f8aef7b7819a909c5df66378899a93a91a9c4ce7973bcb7c2cdbb7c131c89f1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.cycle.js?ver=3.0.3 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:01 GMT
Content-Type: application/javascript
Content-Length: 7126
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a60d01-62f9-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-testimonials.js?ver=1
192.124.249.158200 OK 575 B URL HTTP/1.1 rhythmndance.org/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-testimonials.js?ver=1
IP 192.124.249.158:0
File type ASCII text, with very long lines (1634), with no line terminators
Hash f4833eaa847b9d8d1bcb5d903cc81e43
461585913be587c686fa9db23f3d425134db8df0
c5d437df74f93575a8c795be13100f4b8824f3e85b7b1f78fd4df2e06f1568d3
GET /wp-content/plugins/fusion-builder/assets/js/min/general/fusion-testimonials.js?ver=1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:01 GMT
Content-Type: application/javascript
Content-Length: 575
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 19 Jun 2020 11:06:36 GMT
ETag: "6a81d36-662-5a86de2f28700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-title.js?ver=1
192.124.249.158200 OK 1.6 kB URL HTTP/1.1 rhythmndance.org/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-title.js?ver=1
IP 192.124.249.158:0
File type ASCII text, with very long lines (3822), with no line terminators
Hash d03b66128ef2db5b8c5d125a2958d3b4
b2bb8d726f1b3cbb5576f7f1d2d0ef29f62baa78
703622a04b632531dd8f47a47ce2f7cdfdfd632cfcfa45b89db4882b21d5a057
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/fusion-builder/assets/js/min/general/fusion-title.js?ver=1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:01 GMT
Content-Type: application/javascript
Content-Length: 1557
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 19 Jun 2020 11:06:36 GMT
ETag: "6a81d35-eee-5a86de2f28700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/plugins/fusion-builder/assets/js/min/library/jquery.textillate.js?ver=2.0
192.124.249.158200 OK 2.1 kB URL HTTP/1.1 rhythmndance.org/wp-content/plugins/fusion-builder/assets/js/min/library/jquery.textillate.js?ver=2.0
IP 192.124.249.158:0
File type ASCII text, with very long lines (5763), with no line terminators
Hash 4c6257a07995a9366a3de85790a49a61
0164ed7e33c5f1ac38dd00d95aee7ab26f3a8728
2b3d05816eb84d50676a569fbb44096f1dfa7d0a91eb50b6b02732edb5c78ac1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/fusion-builder/assets/js/min/library/jquery.textillate.js?ver=2.0 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:01 GMT
Content-Type: application/javascript
Content-Length: 2129
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 19 Jun 2020 11:06:36 GMT
ETag: "6a81d43-1683-5a86de2f28700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/bootstrap.collapse.js?ver=3.1.1
192.124.249.158200 OK 1.2 kB URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/bootstrap.collapse.js?ver=3.1.1
IP 192.124.249.158:0
File type ASCII text, with very long lines (3487), with no line terminators
Hash 66e0ecd5e9dfd415b3476ddd7fc349bb
331e450dac4f4ba7dd36caf469f5bc2e5bf69c6e
d236e306003e0b301c6951aed5c1af0c748a2798cd820b7787605dd726354a53
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/bootstrap.collapse.js?ver=3.1.1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:01 GMT
Content-Type: application/javascript
Content-Length: 1173
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a6251a-d9f-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-toggles.js?ver=1
192.124.249.158200 OK 620 B URL HTTP/1.1 rhythmndance.org/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-toggles.js?ver=1
IP 192.124.249.158:0
File type ASCII text, with very long lines (1781), with no line terminators
Hash 6c35b8e152f2592ad1b8a877dbc3c818
850d5c1e50ed36833a818897df7a35914be85802
79cbfb14e6b4fb132725c8f90948e1837e6552e7df281d26982cd3c25a8e7a64
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/fusion-builder/assets/js/min/general/fusion-toggles.js?ver=1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:01 GMT
Content-Type: application/javascript
Content-Length: 620
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 19 Jun 2020 11:06:36 GMT
ETag: "6a81d38-6f5-5a86de2f28700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/vimeoPlayer.js?ver=2.2.1
192.124.249.158200 OK 5.3 kB URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/vimeoPlayer.js?ver=2.2.1
IP 192.124.249.158:0
File type Unicode text, UTF-8 text, with very long lines (16292)
Hash 1afce9330bd32008d443e1e6e75c2b8f
b5fb6d07870e9f11950adb3a0d651044a90b68a1
70f2980f14fec6a9bbf9c6e29ae1b255843fa12e3d5e51b64421fe0a7a92891b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/vimeoPlayer.js?ver=2.2.1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:01 GMT
Content-Type: application/javascript
Content-Length: 5319
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a61f10-40bd-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-video.js?ver=1
192.124.249.158200 OK 656 B URL HTTP/1.1 rhythmndance.org/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-video.js?ver=1
IP 192.124.249.158:0
File type ASCII text, with very long lines (2034), with no line terminators
Hash 91f304d92936f3a63d09c1f6fff48656
3a80c9dbbbd6792dd4acdc55da88ace6a04772bf
8ecf3514621599a62f1d6306a8728c09267b1ad4404530a4803ff41667cde0e6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/fusion-builder/assets/js/min/general/fusion-video.js?ver=1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:01 GMT
Content-Type: application/javascript
Content-Length: 656
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 19 Jun 2020 11:06:36 GMT
ETag: "6a81d39-7f2-5a86de2f28700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.hoverintent.js?ver=1
192.124.249.158200 OK 455 B URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.hoverintent.js?ver=1
IP 192.124.249.158:0
File type ASCII text, with very long lines (1098), with no line terminators
Hash 97be25d41a014510ed835c93ae9bf00c
241fe04678061088d24d67750824982cbc403d04
ca8aae7fae9d35c489bd8311931bdab26df4d83e0990b08b6409be8e7dcfd2a0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.hoverintent.js?ver=1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:01 GMT
Content-Type: application/javascript
Content-Length: 455
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a601d8-44a-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/lazysizes.js?ver=4.1.5
192.124.249.158200 OK 3.2 kB URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/lazysizes.js?ver=4.1.5
IP 192.124.249.158:0
File type ASCII text, with very long lines (7142), with no line terminators
Hash ffcce041f3445c151a6a9753d25f04eb
a4c0f01ac4ea1a35ccbaa4f3a51b18c099175717
47c5d94c4ce6bd1b134be8443f3b9ee61675c3be1f9ee22e98f74a93bbd2c3f9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/lazysizes.js?ver=4.1.5 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:01 GMT
Content-Type: application/javascript
Content-Length: 3228
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a6249a-1be6-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/plugins/fusion-core/js/min/fusion-vertical-menu-widget.js?ver=1
192.124.249.158200 OK 461 B URL HTTP/1.1 rhythmndance.org/wp-content/plugins/fusion-core/js/min/fusion-vertical-menu-widget.js?ver=1
IP 192.124.249.158:0
File type ASCII text, with very long lines (1887), with no line terminators
Hash e39f73028d8b42546a39e09fb689cd71
5e1e9e16e238d8941b3f001f0156d391b17f8038
e76df096368f42cf9d950655d483f527fd034188f2288a5fb877205595484653
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/fusion-core/js/min/fusion-vertical-menu-widget.js?ver=1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:01 GMT
Content-Type: application/javascript
Content-Length: 461
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 19 Jun 2020 11:05:21 GMT
ETag: "6a8166a-75f-5a86dde7a1e40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/bootstrap.tooltip.js?ver=3.3.5
192.124.249.158200 OK 3.8 kB URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/bootstrap.tooltip.js?ver=3.3.5
IP 192.124.249.158:0
File type ASCII text, with very long lines (10837), with no line terminators
Hash 91561c368b31bcc1c645611e4516ff77
ed09c00f1590698e837611cd23c283927d59bc38
7816d096f1ed92c1efafeb056fe4281d33c625ec400b773500c9bd2aeb0ea5c9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/bootstrap.tooltip.js?ver=3.3.5 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:01 GMT
Content-Type: application/javascript
Content-Length: 3824
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a61e28-2a55-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/bootstrap.popover.js?ver=3.3.5
192.124.249.158200 OK 732 B URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/bootstrap.popover.js?ver=3.3.5
IP 192.124.249.158:0
File type ASCII text, with very long lines (1748), with no line terminators
Hash c6140db01cd277ac8c90799913a56651
b739e76f6610edca6a7783c222c2d758fca198d4
285fbb50001cb3b9578e046547931f59211ed8c49c5444e406c18b21740836de
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/bootstrap.popover.js?ver=3.3.5 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:01 GMT
Content-Type: application/javascript
Content-Length: 732
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a62541-6d4-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.carouFredSel.js?ver=6.2.1
192.124.249.158200 OK 14 kB URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.carouFredSel.js?ver=6.2.1
IP 192.124.249.158:0
File type ASCII text, with very long lines (54352), with no line terminators
Hash ac44ff186ceefffe8be62989328e0d90
f813444a1ac341b87f8938647bec6bb58c8937cb
a44cf25efeba3f81c881543775dd888306a1be116b8e410a903a411f9ba26181
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.carouFredSel.js?ver=6.2.1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:01 GMT
Content-Type: application/javascript
Content-Length: 13468
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a623e7-d450-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.easing.js?ver=1.3
192.124.249.158200 OK 800 B URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.easing.js?ver=1.3
IP 192.124.249.158:0
File type ASCII text, with very long lines (3308), with no line terminators
Hash 69946cadfc1fc8fbaa2087d902c5ef96
2bc009090d7a7f041a30ac46d7d1a1c7634f99ac
6299a8d0806bf81f05fce54421a484e5705deb494c917d51eea450a92f4d55a0
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.easing.js?ver=1.3 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:01 GMT
Content-Type: application/javascript
Content-Length: 800
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a6243d-cec-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.hoverflow.js?ver=1
192.124.249.158200 OK 334 B URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.hoverflow.js?ver=1
IP 192.124.249.158:0
File type ASCII text, with very long lines (647), with no line terminators
Hash d149404863e3dff58424f3f020ae6ace
869cc5667a9c403ceca871820efb16bd194251d6
bbf79d290f98746420dc076d71132d409a2f9dc4132f7d06669b615097fcfb8f
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.hoverflow.js?ver=1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:01 GMT
Content-Type: application/javascript
Content-Length: 334
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a6244c-287-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.flexslider.js?ver=2.2.2
192.124.249.158200 OK 6.5 kB URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.flexslider.js?ver=2.2.2
IP 192.124.249.158:0
File type ASCII text, with very long lines (23008), with no line terminators
Hash ae0c4f091e3000758acb36b5cab3ff5d
2b56c58423b52c9252aa218a35ae11d814ede505
cf2053da12aca1126b2ef1cf98037e3c6150352ddeb877fcf1dc5c41dd1ee0c3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.flexslider.js?ver=2.2.2 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:01 GMT
Content-Type: application/javascript
Content-Length: 6514
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a60ce0-59e0-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/plugins/the-events-calendar/vendor/jquery-placeholder/jquery.placeholder.min.js?ver=6.0.8
192.124.249.158200 OK 1.3 kB URL HTTP/1.1 rhythmndance.org/wp-content/plugins/the-events-calendar/vendor/jquery-placeholder/jquery.placeholder.min.js?ver=6.0.8
IP 192.124.249.158:0
File type ASCII text, with very long lines (3172)
Hash 155f209ff787198f50a584e0faad095c
5bcbf41e935935b2a15fd235dcbff6a1d80d2ca6
9f9b00e54d7389721d579c757e30645ab7f27ec49035dd73ca7b52896d16859a
GET /wp-content/plugins/the-events-calendar/vendor/jquery-placeholder/jquery.placeholder.min.js?ver=6.0.8 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:01 GMT
Content-Type: application/javascript
Content-Length: 1298
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 27 Jan 2023 04:59:59 GMT
ETag: "6aa1de6-cc6-5f337bcc01559-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.touchSwipe.js?ver=1.6.6
192.124.249.158200 OK 3.5 kB URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.touchSwipe.js?ver=1.6.6
IP 192.124.249.158:0
File type ASCII text, with very long lines (9399), with no line terminators
Hash 3c13947e52a25a81e04399732416198b
3c204fb156fd79a18f3f37911876eb67f5f31015
778b0a2e5b615f1a252004c6e81a597855c973136941a16becb1b800fa2ffeaa
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.touchSwipe.js?ver=1.6.6 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:01 GMT
Content-Type: application/javascript
Content-Length: 3541
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a6253c-24b7-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-alert.js?ver=1
192.124.249.158200 OK 195 B URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-alert.js?ver=1
IP 192.124.249.158:0
File type ASCII text, with no line terminators
Hash 035163682275e8f6a212787443a5bec6
030d18ea4df0e92fc24075a087a5d9348ac9ec05
a8c8562166bc6c2f9865bcd3ce89dd0e9d5e49cb6583bcb7d4579e173a882f60
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-alert.js?ver=1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:01 GMT
Content-Type: application/javascript
Content-Length: 195
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a601a1-104-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-carousel.js?ver=1
192.124.249.158200 OK 1.3 kB URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-carousel.js?ver=1
IP 192.124.249.158:0
File type ASCII text, with very long lines (4419), with no line terminators
Hash 1483e36e976d48101f9cd84d04a921c5
eb4924e77ea2ff500298c9f0913f35cc9b83b437
29f755b5efe328a1cfac857a57cb749664662f6082d575bece6c797a81060e08
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-carousel.js?ver=1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:02 GMT
Content-Type: application/javascript
Content-Length: 1334
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a601cb-1143-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-flexslider.js?ver=1
192.124.249.158200 OK 1.3 kB URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-flexslider.js?ver=1
IP 192.124.249.158:0
File type ASCII text, with very long lines (5875), with no line terminators
Hash df41b485392da7d83738c72b24d30e22
e9cc512e0b2921220e42ad96398c25acdf5e07c9
2356e6482f19c1bac47abfab51c5a6f5b4574f6458c9c72910dcba9b9bc90d8c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-flexslider.js?ver=1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:02 GMT
Content-Type: application/javascript
Content-Length: 1315
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a601d3-16f3-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-popover.js?ver=1
192.124.249.158200 OK 305 B URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-popover.js?ver=1
IP 192.124.249.158:0
File type ASCII text, with very long lines (698), with no line terminators
Hash 8ee3b4e7eacb6fc3749ecc6ff5bd2223
06f0ea0e8e4a97683c8d96337a8008ba2a268c64
c8b00948f734aae808a6f0e0d303152a8acf4c64ba385c1a40b07f7c9ca9eabd
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-popover.js?ver=1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:02 GMT
Content-Type: application/javascript
Content-Length: 305
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a60198-2ba-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-tooltip.js?ver=1
192.124.249.158200 OK 493 B URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-tooltip.js?ver=1
IP 192.124.249.158:0
File type ASCII text, with very long lines (1707), with no line terminators
Hash 57c3257ed4c7382068ceb34eebc35c2d
22f175f1dbd120faff6b32e352fb27d69ca0d82d
882c93c126056b11b0e6521ee9ef2d595138b6a504888a0d06d0a8f9a331c64a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-tooltip.js?ver=1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:02 GMT
Content-Type: application/javascript
Content-Length: 493
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a601cf-6ab-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/uploads/2017/09/rnd-retina-color-300x61.png
192.124.249.158200 OK 13 kB URL HTTP/2 rhythmndance.org/wp-content/uploads/2017/09/rnd-retina-color-300x61.png
IP 192.124.249.158:0
File type PNG image data, 300 x 61, 8-bit/color RGBA, non-interlaced\012- data
Hash 9257fcc5a7c44c7034203d72f960592e
03523d973f11ae602c4a693505919f680c16d85b
5491022116ed8befbb5d958bef92dbd3ca913b492fdc451e24a3e6baed126504
GET /wp-content/uploads/2017/09/rnd-retina-color-300x61.png HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rhythmndance.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 Feb 2023 16:42:02 GMT
content-type: image/png
content-length: 13101
x-sucuri-id: 19008
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 13 Sep 2017 20:14:26 GMT
etag: "6aa0d7f-332d-55917ce6e2c80"
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-sharing-box.js?ver=1
192.124.249.158200 OK 339 B URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-sharing-box.js?ver=1
IP 192.124.249.158:0
File type ASCII text, with very long lines (888), with no line terminators
Hash 046f411390a97a03d9218b2bd6c64dba
34f2a8696c779c841c3d021289753cd73d0dd8b2
04e39cb212ecc51faacac3d4ef2cebebd33398b4a83ff34eb69150ab5eeea16f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-sharing-box.js?ver=1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:02 GMT
Content-Type: application/javascript
Content-Length: 339
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a601cc-378-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-blog.js?ver=1
192.124.249.158200 OK 2.0 kB URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-blog.js?ver=1
IP 192.124.249.158:0
File type ASCII text, with very long lines (7515), with no line terminators
Hash 7d35d28fc17e49cdc314104322784790
fc39fb5ef2389f5ba0bda0a7216029993d0ad55e
1a521f272cdb747e8e6b6595dd8de5232055013f5d84d32af043147062a54f93
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-blog.js?ver=1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:02 GMT
Content-Type: application/javascript
Content-Length: 2041
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a6016a-1d5b-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-button.js?ver=1
192.124.249.158200 OK 174 B URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-button.js?ver=1
IP 192.124.249.158:0
File type ASCII text, with no line terminators
Hash 1484db10cddde999b798bd7c603eff96
26a39f2ff3b0e16aef731ef3b17f761959678e19
bf3d923f5f52fb47ebd84f4eac24b5800a2bc7a7e5f7403757fc514fe656e54a
GET /wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-button.js?ver=1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:02 GMT
Content-Type: application/javascript
Content-Length: 174
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a601a6-ec-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-general-global.js?ver=1
192.124.249.158200 OK 245 B URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-general-global.js?ver=1
IP 192.124.249.158:0
File type ASCII text, with very long lines (483), with no line terminators
Hash 4001b77cd3b0c975837e565ac678502a
044aa2eddb3c3f51fb12a4d2a28e251c80878202
040c6f4cd99e486f79e06fffdc110d3a554dd72a8d76ac025cf9a6c7110518ca
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-general-global.js?ver=1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:02 GMT
Content-Type: application/javascript
Content-Length: 245
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a6019c-1e3-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion.js?ver=2.2.1
192.124.249.158200 OK 976 B URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion.js?ver=2.2.1
IP 192.124.249.158:0
File type ASCII text, with very long lines (2411), with no line terminators
Hash 78542e705b879d56eb15ace8463d1987
75d4080c4798f8dd768caacd615535bd8de56d7d
71594034883973063967d6e3cc1916778ac0d54ce26cd95ff098021e46c02b6b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion.js?ver=2.2.1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:02 GMT
Content-Type: application/javascript
Content-Length: 976
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a6019a-96b-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/assets/min/js/general/avada-header.js?ver=6.2.1
192.124.249.158200 OK 4.1 kB URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/assets/min/js/general/avada-header.js?ver=6.2.1
IP 192.124.249.158:0
File type ASCII text, with very long lines (31862)
Hash 97b9eedc4320b81e82f13043e66e0ac8
c1301067cae296382d42cbb3bdd803709f9082e1
033171f35f0f8cbb83ba59b4cfe19ce24ed474eab8a758b5fad585f2fdf658c2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Avada/assets/min/js/general/avada-header.js?ver=6.2.1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:02 GMT
Content-Type: application/javascript
Content-Length: 4114
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a62ca7-818d-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/assets/min/js/general/avada-menu.js?ver=6.2.1
192.124.249.158200 OK 6.8 kB URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/assets/min/js/general/avada-menu.js?ver=6.2.1
IP 192.124.249.158:0
File type ASCII text, with very long lines (31981)
Hash 16ae1f31190db8aad4d61b954ab606bd
b71567aa81f18643e2079e451914ce70ca9480fc
dcc3696a1bb87e2177afdab72b3ef78977d9de1ee7d39c6cc656d4c187861d48
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Avada/assets/min/js/general/avada-menu.js?ver=6.2.1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:02 GMT
Content-Type: application/javascript
Content-Length: 6819
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a62ca6-9b4d-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-scroll-to-anchor.js?ver=1
192.124.249.158200 OK 1.4 kB URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-scroll-to-anchor.js?ver=1
IP 192.124.249.158:0
File type ASCII text, with very long lines (4600), with no line terminators
Hash be47fc6ea50a69d5ac242764dfd3739d
f00af602531cbf515ca5729bd4175081ebf61e38
490f9fefc0d5889da354a7ea337984b8ee09b3ff32852e7c82b16ce4857fe473
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-scroll-to-anchor.js?ver=1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:02 GMT
Content-Type: application/javascript
Content-Length: 1445
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a601cd-11f8-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-responsive-typography.js?ver=1
192.124.249.158200 OK 1.0 kB URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-responsive-typography.js?ver=1
IP 192.124.249.158:0
File type ASCII text, with very long lines (3464), with no line terminators
Hash ba9adb69e0cea0992e265fbecd768fc8
6ef4b5505ea82af6fe06349d2aabea009a165de5
d187c68d5d260a641667c2021eb284621bea32a0ca14130ade2d40ff6334e48b
GET /wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-responsive-typography.js?ver=1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:02 GMT
Content-Type: application/javascript
Content-Length: 1011
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a601d2-d88-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/assets/min/js/library/bootstrap.scrollspy.js?ver=3.3.2
192.124.249.158200 OK 1.1 kB URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/assets/min/js/library/bootstrap.scrollspy.js?ver=3.3.2
IP 192.124.249.158:0
File type ASCII text, with very long lines (2679), with no line terminators
Hash e34220815f68e9b70170d4c3b4cde30f
9c1b72ba926c885592985a941b3a1b44f1bf9e17
ba6c1c55980ab0efa3dd6196fde678d8ca81210d4736ac8b0f31f1629544aeaf
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Avada/assets/min/js/library/bootstrap.scrollspy.js?ver=3.3.2 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:02 GMT
Content-Type: application/javascript
Content-Length: 1060
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a62cc3-a77-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/assets/min/js/general/avada-skip-link-focus-fix.js?ver=6.2.1
192.124.249.158200 OK 250 B URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/assets/min/js/general/avada-skip-link-focus-fix.js?ver=6.2.1
IP 192.124.249.158:0
File type ASCII text, with very long lines (340), with no line terminators
Hash 1a3757e2b161b85ec97d872161c6ad9a
1a2e29a7ea018ff34428b0bb11a6b5ed9055018e
ef6019a85746f612113813610dab90644041878e0978138458c2c9c5a2fa2529
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Avada/assets/min/js/general/avada-skip-link-focus-fix.js?ver=6.2.1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:02 GMT
Content-Type: application/javascript
Content-Length: 250
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a62ca2-154-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/assets/min/js/general/avada-comments.js?ver=6.2.1
192.124.249.158200 OK 479 B URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/assets/min/js/general/avada-comments.js?ver=6.2.1
IP 192.124.249.158:0
File type ASCII text, with very long lines (1244), with no line terminators
Hash 256b2f948a85bd3318d331025d7b8a53
d46ea8b360589727723c6da489ea50a3ff3fc463
ff2ef087dbec343ae0d2552ebd30141fe67d46dae6ff06faee387d2febecdb75
GET /wp-content/themes/Avada/assets/min/js/general/avada-comments.js?ver=6.2.1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:02 GMT
Content-Type: application/javascript
Content-Length: 479
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a62cae-4dc-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/assets/min/js/general/avada-general-footer.js?ver=6.2.1
192.124.249.158200 OK 364 B URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/assets/min/js/general/avada-general-footer.js?ver=6.2.1
IP 192.124.249.158:0
File type ASCII text, with very long lines (992), with no line terminators
Hash 51255dd1d96326c875cd329e5d9ea0a3
7c4778d261658c141845b1727cea3ee376cabddf
74194539dfa912c50860b50494649c6d2ee97b3531092894d7d88d6b9d8bafc2
GET /wp-content/themes/Avada/assets/min/js/general/avada-general-footer.js?ver=6.2.1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:02 GMT
Content-Type: application/javascript
Content-Length: 364
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a62cbb-3e0-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/assets/min/js/general/avada-quantity.js?ver=6.2.1
192.124.249.158200 OK 741 B URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/assets/min/js/general/avada-quantity.js?ver=6.2.1
IP 192.124.249.158:0
File type ASCII text, with very long lines (1807), with no line terminators
Hash 7247f4deeb75bce80c2d75d1dd591a5e
9e05d5ef33cf6cbfc90f9a7d5fe71f3ff539d18e
dc851c0316e2b20890ed4d1a2fcaeb1ff4ff197d1cc0aaa517c74df732348846
GET /wp-content/themes/Avada/assets/min/js/general/avada-quantity.js?ver=6.2.1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:02 GMT
Content-Type: application/javascript
Content-Length: 741
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a62cbd-70f-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/assets/min/js/general/avada-scrollspy.js?ver=6.2.1
192.124.249.158200 OK 225 B URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/assets/min/js/general/avada-scrollspy.js?ver=6.2.1
IP 192.124.249.158:0
File type ASCII text, with very long lines (486), with no line terminators
Hash e4a7a1811f1fa1da5582e15c030f072a
94b36a9087d705935c402d0d4d1b101494258c68
4ca94cea251c2fc1bc16b0ec9488770086ca388fb32256819cf5c7dd1b35d512
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Avada/assets/min/js/general/avada-scrollspy.js?ver=6.2.1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:02 GMT
Content-Type: application/javascript
Content-Length: 225
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a62cb0-1e6-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/assets/min/js/general/avada-select.js?ver=6.2.1
192.124.249.158200 OK 293 B URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/assets/min/js/general/avada-select.js?ver=6.2.1
IP 192.124.249.158:0
File type ASCII text, with very long lines (641), with no line terminators
Hash fe8fc369115b1369e40ce4b72a7d4e3c
47086cb82575afe45c3e336ac28484a48d65a0e0
7daa22f5045de9663443eefe773ccb0580c1d14a468c189a2877c4a41bee3905
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Avada/assets/min/js/general/avada-select.js?ver=6.2.1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:02 GMT
Content-Type: application/javascript
Content-Length: 293
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a62cb9-281-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/assets/min/js/general/avada-sidebars.js?ver=6.2.1
192.124.249.158200 OK 782 B URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/assets/min/js/general/avada-sidebars.js?ver=6.2.1
IP 192.124.249.158:0
File type ASCII text, with very long lines (3418), with no line terminators
Hash 5175fd14a896da09909aaa3a5039a6cf
41a47daf46437695cac139edfad65965a04ed9c9
be7d86e1eeae350dcf10db6792849f3de401a475e2c1605fc21d5e42780f68d4
GET /wp-content/themes/Avada/assets/min/js/general/avada-sidebars.js?ver=6.2.1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:02 GMT
Content-Type: application/javascript
Content-Length: 782
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a62cbe-d5a-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/assets/min/js/library/jquery.sticky-kit.js?ver=6.2.1
192.124.249.158200 OK 1.2 kB URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/assets/min/js/library/jquery.sticky-kit.js?ver=6.2.1
IP 192.124.249.158:0
File type ASCII text, with very long lines (2746), with no line terminators
Hash 9308faa7e9efd7cbde04136a02f28d9d
4968530e1fff37f7eb4a07001a038867bfbcde51
2eb4c4e016370f1007f9513fba462c547bff72ee782086d02ab60e4b8a4e5551
GET /wp-content/themes/Avada/assets/min/js/library/jquery.sticky-kit.js?ver=6.2.1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:02 GMT
Content-Type: application/javascript
Content-Length: 1208
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a62cc6-aba-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/assets/min/js/general/avada-tabs-widget.js?ver=6.2.1
192.124.249.158200 OK 258 B URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/assets/min/js/general/avada-tabs-widget.js?ver=6.2.1
IP 192.124.249.158:0
File type ASCII text, with very long lines (498), with no line terminators
Hash b236c130d4545b79b03102da6d99eb40
6a7fba26eb3a051040a13a495133dd2871c25a77
786baa95fa16fc05a8f246c86dd70a9beb6528920d482118e1b678a5e9f2b814
GET /wp-content/themes/Avada/assets/min/js/general/avada-tabs-widget.js?ver=6.2.1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:02 GMT
Content-Type: application/javascript
Content-Length: 258
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a62ca5-1f2-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/assets/min/js/library/jquery.toTop.js?ver=1.2
192.124.249.158200 OK 582 B URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/assets/min/js/library/jquery.toTop.js?ver=1.2
IP 192.124.249.158:0
File type HTML document, ASCII text, with very long lines (1182), with no line terminators
Hash 1269f54ae3d5a1df8bcddc65cc4c7e1f
fcdae20da6a2109146107452c1c767f6212ec4c6
268847f5080afc4a2a3e28728b4c666cf32f0fde2268dd23a99aa8ee3b08399e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Avada/assets/min/js/library/jquery.toTop.js?ver=1.2 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:02 GMT
Content-Type: application/javascript
Content-Length: 582
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a62cc7-49e-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/assets/min/js/general/avada-to-top.js?ver=6.2.1
192.124.249.158200 OK 321 B URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/assets/min/js/general/avada-to-top.js?ver=6.2.1
IP 192.124.249.158:0
File type ASCII text, with very long lines (775), with no line terminators
Hash 8224d0060c542714af72d969fcbae73c
3cfb6572a3d8d8fe425973f4fc5cea2c7ece4bdd
306b876215afde6f7728443124749e3fd757f845727f48af2a6e07af8cec97a3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Avada/assets/min/js/general/avada-to-top.js?ver=6.2.1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:02 GMT
Content-Type: application/javascript
Content-Length: 321
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a62cbf-307-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/assets/min/js/general/avada-drop-down.js?ver=6.2.1
192.124.249.158200 OK 1.1 kB URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/assets/min/js/general/avada-drop-down.js?ver=6.2.1
IP 192.124.249.158:0
File type ASCII text, with very long lines (5774), with no line terminators
Hash 3b178d5b7d9a2bb36729943235b3dda7
fc4ce7c146ae36b79a22a4875daa2a7f18e5b903
c3ffe0315f172101cfcaf2f8c4efa086033c4bcccfb9e106348c3c043098ea91
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Avada/assets/min/js/general/avada-drop-down.js?ver=6.2.1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:02 GMT
Content-Type: application/javascript
Content-Length: 1070
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a62ca9-168e-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/assets/min/js/general/avada-rev-styles.js?ver=6.2.1
192.124.249.158200 OK 614 B URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/assets/min/js/general/avada-rev-styles.js?ver=6.2.1
IP 192.124.249.158:0
File type HTML document, ASCII text, with very long lines (2774), with no line terminators
Hash 19b2051892d183c4827cb50fd5148e9d
35d2c1e2cefe409155bf97a4db7a9b55be5f42ee
004938d2550c4ca55704ba12f711ade22e979c167571906cb42b516a5206c932
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Avada/assets/min/js/general/avada-rev-styles.js?ver=6.2.1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:02 GMT
Content-Type: application/javascript
Content-Length: 614
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a62caa-ad6-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/assets/min/js/general/avada-contact-form-7.js?ver=6.2.1
192.124.249.158200 OK 550 B URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/assets/min/js/general/avada-contact-form-7.js?ver=6.2.1
IP 192.124.249.158:0
File type ASCII text, with very long lines (2126), with no line terminators
Hash 6a29049da6e5f067228d08e8dd36847f
0e46c187096f33af5f4ba076df96d3709eb0a157
b630584533165b7064747dee5f44bbe3867581ed83014a78cc07d0c6ec14a0dd
GET /wp-content/themes/Avada/assets/min/js/general/avada-contact-form-7.js?ver=6.2.1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:02 GMT
Content-Type: application/javascript
Content-Length: 550
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a62ca4-84e-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/assets/min/js/library/jquery.elasticslider.js?ver=6.2.1
192.124.249.158200 OK 1.6 kB URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/assets/min/js/library/jquery.elasticslider.js?ver=6.2.1
IP 192.124.249.158:0
File type ASCII text, with very long lines (4570), with no line terminators
Hash f9516ebfcd3b912290ce9d5e07eba2a4
4b76003bec2460d26e7022af3bf67637c7298180
617e93b7138a60278782cf16c141c7488b61369e09b426887705828b4c52e7d7
GET /wp-content/themes/Avada/assets/min/js/library/jquery.elasticslider.js?ver=6.2.1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:02 GMT
Content-Type: application/javascript
Content-Length: 1622
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a62cc4-11da-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/assets/min/js/general/avada-elastic-slider.js?ver=6.2.1
192.124.249.158200 OK 233 B URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/assets/min/js/general/avada-elastic-slider.js?ver=6.2.1
IP 192.124.249.158:0
File type ASCII text, with very long lines (565), with no line terminators
Hash f39dd41bde45ff29bd8ce208c94482ca
82c273265b6ed4d17be7f2cd63d105892cc6fd77
ede9659bfe70a2ce8c8e5a06b443c7e70c93d0b83f930c7b5e6010674a4be1f5
GET /wp-content/themes/Avada/assets/min/js/general/avada-elastic-slider.js?ver=6.2.1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:02 GMT
Content-Type: application/javascript
Content-Length: 233
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a62cb6-235-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/assets/min/js/general/avada-bbpress.js?ver=6.2.1
192.124.249.158200 OK 536 B URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/assets/min/js/general/avada-bbpress.js?ver=6.2.1
IP 192.124.249.158:0
File type ASCII text, with very long lines (1340), with no line terminators
Hash 054c25a6d6761331d8533dde0621ebd0
fe3cb44fd0bb4be8692f40f2b99c74d31bc946e2
e7815732adc1722d2c705f3c1b7c1a929230dad90e9d7df965bfe157b6f0ec4d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Avada/assets/min/js/general/avada-bbpress.js?ver=6.2.1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:02 GMT
Content-Type: application/javascript
Content-Length: 536
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a62cad-53c-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/assets/min/js/general/avada-events.js?ver=6.2.1
192.124.249.158200 OK 842 B URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/assets/min/js/general/avada-events.js?ver=6.2.1
IP 192.124.249.158:0
File type ASCII text, with very long lines (2679), with no line terminators
Hash 1763d94debff8377ed238522d9dbd887
5dc4dae7a2ab044c15c276436baaa13541e86a12
a80dd3b78a5a38f9b754c87c292877b4bf476861cecc1873eb5d7baf6bb609b2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Avada/assets/min/js/general/avada-events.js?ver=6.2.1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:02 GMT
Content-Type: application/javascript
Content-Length: 842
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a62cb1-a77-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/assets/min/js/general/avada-live-search.js?ver=6.2.1
192.124.249.158200 OK 942 B URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/assets/min/js/general/avada-live-search.js?ver=6.2.1
IP 192.124.249.158:0
File type ASCII text, with very long lines (2548), with no line terminators
Hash 54709621a047c21b21e2b538c2240af4
c9acf7e03a47d3bb22bfa8712ccdfe2bfda94e62
fdc6f6d0d3be807a0e831d9ac862b05503bbdcb6998be85267146c166cbf733b
GET /wp-content/themes/Avada/assets/min/js/general/avada-live-search.js?ver=6.2.1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:02 GMT
Content-Type: application/javascript
Content-Length: 942
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a62cb7-9f4-59eeb8508c180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/plugins/fusion-core/js/min/avada-fusion-slider.js?ver=1
192.124.249.158200 OK 4.1 kB URL HTTP/1.1 rhythmndance.org/wp-content/plugins/fusion-core/js/min/avada-fusion-slider.js?ver=1
IP 192.124.249.158:0
File type ASCII text, with very long lines (28424), with no line terminators
Hash 9c57196d9445d6ec7768069caba390c7
ab418cd1f3c8759c0d652ff37fbbfe79344f8725
a018ddaa6325e555cca35ee1d2ed1808ecd0042fbb8947f858918d699d764dd3
GET /wp-content/plugins/fusion-core/js/min/avada-fusion-slider.js?ver=1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:02 GMT
Content-Type: application/javascript
Content-Length: 4060
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 19 Jun 2020 11:05:21 GMT
ETag: "6a81669-6f08-5a86dde7a1e40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/icomoon.woff
192.124.249.158200 OK 20 kB URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/icomoon.woff
IP 192.124.249.158:0
File type Web Open Font Format, TrueType, length 19560, version 1.0\012- data
Hash 058faad55edf033eda55a2e719963f7b
131adbcab0318d115d8bc24baa7851ba3291bc49
be9cbd5f07dd141bdd7c3d8c09b52c6e283506072e37539d05dc4b9dcbb68e5b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/icomoon.woff HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://rhythmndance.org/wp-content/uploads/fusion-styles/84d20aa67fccd999a592a5feac8b16b1.min.css?ver=2.2.1
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:02 GMT
Content-Type: font/woff
Content-Length: 19560
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a62591-4c68-59eeb8508c180"
Accept-Ranges: bytes
Vary: Accept-Encoding
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/uploads/2017/09/rnd-retina-color.png
192.124.249.158200 OK 10 kB URL HTTP/1.1 rhythmndance.org/wp-content/uploads/2017/09/rnd-retina-color.png
IP 192.124.249.158:0
File type PNG image data, 690 x 140, 8-bit colormap, non-interlaced\012- data
Hash fa3f12b4257dc1efcc7dffa2c680a527
2a01bfa31b419f93c561bb598c508c589a67a1c7
c05cd5db4bb19edc6ef30e3a3a768e21b2507e7fd2bf757b313270391061e6a9
GET /wp-content/uploads/2017/09/rnd-retina-color.png HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:02 GMT
Content-Type: image/png
Content-Length: 10430
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 13 Sep 2017 20:14:26 GMT
ETag: "6aa0c74-28be-55917ce6e2c80"
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/uploads/2017/09/rnd-mobile-logo-retina.png
192.124.249.158200 OK 8.4 kB URL HTTP/1.1 rhythmndance.org/wp-content/uploads/2017/09/rnd-mobile-logo-retina.png
IP 192.124.249.158:0
File type PNG image data, 420 x 86, 8-bit colormap, non-interlaced\012- data
Hash 66fce13b8c7de284db83cbebc5a8139c
f87d51b2820bd29814f8fda99d0e691119b7c326
f119d394d5b3fc373d2904a610abb28679c4c12f00057a57ecc93485cd0a2cb0
GET /wp-content/uploads/2017/09/rnd-mobile-logo-retina.png HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:02 GMT
Content-Type: image/png
Content-Length: 8391
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 13 Sep 2017 20:17:28 GMT
ETag: "6aa0d35-20c7-55917d9474600"
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-solid-900.woff2
192.124.249.158200 OK 76 kB URL HTTP/1.1 rhythmndance.org/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-solid-900.woff2
IP 192.124.249.158:0
File type Web Open Font Format (Version 2), TrueType, length 76100, version 330.-16253\012- data
Hash 7e3189cd01270f2d9b04d944021567dd
ac1c6bf03fc51c21226e60d35b96c77ddbc5e142
435b0f7d4b66f276c41a294d64e682a92224ef796e3ae0b723cf23ffaa64c0d6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://rhythmndance.org/wp-content/uploads/fusion-styles/84d20aa67fccd999a592a5feac8b16b1.min.css?ver=2.2.1
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:02 GMT
Content-Type: font/woff2
Content-Length: 76100
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Feb 2020 10:47:50 GMT
ETag: "6a6269a-12944-59eeb8508c180"
Accept-Ranges: bytes
Vary: Accept-Encoding
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS
www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2039531001&utmhn=rhythmndance.org&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Page%20not%20found%20%E2%80%93%20Rhythm%20N%20Dance&utmhid=668333871&utmr=-&utmp=%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php&utmht=1675788171704&utmac=UA-4256245-7&utmcc=__utma%3D206154448.1500251870.1675788172.1675788172.1675788172.1%3B%2B__utmz%3D206154448.1675788172.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=968849293&utmredir=1&utmu=HAAAAAAAAAAAAAAAAAAAAAAE~
216.239.34.178200 OK 35 B URL HTTP/1.1 www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2039531001&utmhn=rhythmndance.org&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Page%20not%20found%20%E2%80%93%20Rhythm%20N%20Dance&utmhid=668333871&utmr=-&utmp=%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php&utmht=1675788171704&utmac=UA-4256245-7&utmcc=__utma%3D206154448.1500251870.1675788172.1675788172.1675788172.1%3B%2B__utmz%3D206154448.1675788172.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=968849293&utmredir=1&utmu=HAAAAAAAAAAAAAAAAAAAAAAE~
IP 216.239.34.178:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2039531001&utmhn=rhythmndance.org&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Page%20not%20found%20%E2%80%93%20Rhythm%20N%20Dance&utmhid=668333871&utmr=-&utmp=%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php&utmht=1675788171704&utmac=UA-4256245-7&utmcc=__utma%3D206154448.1500251870.1675788172.1675788172.1675788172.1%3B%2B__utmz%3D206154448.1675788172.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=968849293&utmredir=1&utmu=HAAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Date: Tue, 07 Feb 2023 16:42:03 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js
142.250.74.35200 OK 164 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (633)
Size 164 kB (163841 bytes)
Hash fe98364486b3206867b17008f995646f
35a5e9aa210970f7abd718d99e629c6982a3cc02
1fd703cb16e3f6f3f7192109d19c69d6e5ac1cfa0feb5b105a86564b7970d28a
GET /recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://rhythmndance.org
Connection: keep-alive
Referer: http://rhythmndance.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163841
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 Feb 2023 08:53:11 GMT
expires: Wed, 07 Feb 2024 08:53:11 GMT
cache-control: public, max-age=31536000
age: 28132
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
rhythmndance.org/wp-content/uploads/2017/07/cropped-rndlogo_512-192x192.png
192.124.249.158200 OK 32 kB URL HTTP/2 rhythmndance.org/wp-content/uploads/2017/07/cropped-rndlogo_512-192x192.png
IP 192.124.249.158:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash b98e70e6aaf8121f45a3055ab3ba3d19
862c08d26db903ca61ce3f9f75b34a388d2cb02b
910d07376ae2a9d8ccd2dcc2e1a6078442de6d6e2f7f9c08ebd41e9e86db2a80
GET /wp-content/uploads/2017/07/cropped-rndlogo_512-192x192.png HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rhythmndance.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 Feb 2023 16:42:02 GMT
content-type: image/png
content-length: 31676
x-sucuri-id: 19008
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 11 Sep 2017 15:25:20 GMT
etag: "6aa0ba8-7bbc-558eb88d87800"
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
rhythmndance.org/wp-content/uploads/2017/07/cropped-rndlogo_512-32x32.png
192.124.249.158200 OK 2.7 kB URL HTTP/2 rhythmndance.org/wp-content/uploads/2017/07/cropped-rndlogo_512-32x32.png
IP 192.124.249.158:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash a8637e51074c160bd3d0868fe7e78b69
58eb1354fb9487bd05385defe71bbd00f18ba559
d13d4b267b32f5c9fe5996cffe1ac740fce9f0ce4d7bbcec39eaa848f39fb834
GET /wp-content/uploads/2017/07/cropped-rndlogo_512-32x32.png HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rhythmndance.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 Feb 2023 16:42:03 GMT
content-type: image/png
content-length: 2698
x-sucuri-id: 19008
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 11 Sep 2017 15:25:30 GMT
etag: "6aa0b5a-a8a-558eb89710e80"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
rhythmndance.org/wp-content/uploads/fusion-styles/84d20aa67fccd999a592a5feac8b16b1.min.css?ver=2.2.1
192.124.249.158200 OK 0 B URL HTTP/1.1 rhythmndance.org/wp-content/uploads/fusion-styles/84d20aa67fccd999a592a5feac8b16b1.min.css?ver=2.2.1
IP 192.124.249.158:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/fusion-styles/84d20aa67fccd999a592a5feac8b16b1.min.css?ver=2.2.1 HTTP/1.1
Host: rhythmndance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rhythmndance.org/wp-admin/maint/file/login.php
Cookie: apbct_timestamp=1675788118; apbct_site_landing_ts=1675788118; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b5a4c2a530b6fbd0e0137238c90d6d7f%2522%257D; apbct_urls=%7B%22rhythmndance.org%2Fwp-admin%2Fmaint%2Ffile%2Flogin.php%22%3A%5B1675788118%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=8da4109331d9d3892118db8bab39c25e0
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 16:42:00 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
X-Sucuri-ID: 19008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Sep 2022 08:14:56 GMT
ETag: "6a60137-109042-5e7ad5348bd1f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Sucuri-Cache: MISS