{"report_id":"aa310b59-3b19-4169-8874-8c47c15691ca","version":6,"status":"done","tags":[],"date":"2025-12-01T20:45:35Z","url":{"schema":"http","addr":"newsy.elsob7.com/news/coconut-biscuits/","fqdn":"newsy.elsob7.com","domain":"elsob7.com","tld":"com"},"ip":{"addr":"172.67.72.186","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"newsy.elsob7.com/news/coconut-biscuits/","fqdn":"newsy.elsob7.com","domain":"elsob7.com","tld":"com"},"title":"طريقة بسكويت جوز الهند المقرمش السريع بعجينة هشة وبمكونات اقتصادية متوفرة - بوابة الصبح","dom":{"size":119529,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (8860)","md5":"251ac7f5f881605287d177952f797473","sha1":"3135b8256863a2e188dbdc1a982125a1dda751e7","sha256":"6375bea897a7274e7b4daaa062b2f3ea9383494c0c83f0709c72c89f672d9a14","sha512":"6b03c4a3f5da364f9cd9fa4cf9c1b140fe314bbb91da09980e5701a796fb04ab09b0921381691e15e8e4340bddae8be8b75e6c40b6080e56a107767fee12c705","ssdeep":"1536:p7vqapRGLNbaU+ggDlKHKJ8eeFSMMB1clxOpS7m1+1QhIGKYSimP:p7v9eLN7g08pSlcte","tlshash":"ddc3e7f2536450be5307dbcad262b71da367e41eda82a8a0b3bc07544393ca3f5571ac","dom_hash":"domhash4ba0f481a339b45cc0f747c523df8661","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"newsy.elsob7.com/news/coconut-biscuits/","fqdn":"newsy.elsob7.com","domain":"elsob7.com","tld":"com"},"ip":{"addr":"172.67.72.186","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-01-05T20:45:35Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-01","alert":"Sinkholed","trigger":"newsy.elsob7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"cdn.larapush.com","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2021-01-24","domain_rank":520841,"first_seen":"2023-07-15T08:17:57Z","last_seen":"2025-11-27T09:26:14.36371Z","alert_count":0,"request_count":1,"received_data":67781,"sent_data":432,"comment":"","tags":null,"fingerprints":[{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"static.cloudflareinsights.com","ip":{"addr":"104.16.80.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2019-08-30","domain_rank":4073,"first_seen":"2019-09-24T14:34:56Z","last_seen":"2025-11-30T22:18:20.15509Z","alert_count":0,"request_count":2,"received_data":40688,"sent_data":1020,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"secure.gravatar.com","ip":{"addr":"192.0.73.2","port":443,"asn":2635,"as":"AUTOMATTIC","country":"United States","country_code":"US"},"domain_registered":"2004-07-15","domain_rank":16323,"first_seen":"2012-05-22T05:36:38Z","last_seen":"2025-12-01T00:53:49.560722Z","alert_count":0,"request_count":1,"received_data":15889,"sent_data":516,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2025-11-30T22:16:05.472311Z","alert_count":0,"request_count":2,"received_data":838726,"sent_data":890,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"newsy.elsob7.com","ip":{"addr":"104.26.13.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2015-01-14","domain_rank":0,"first_seen":"2023-09-13T17:45:43Z","last_seen":"2025-11-29T11:11:25.678832Z","alert_count":13,"request_count":13,"received_data":707515,"sent_data":6743,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Engintron","description":"Engintron is a plugin that integrates Nginx to cPanel/WHM server.","website":"https://github.com/engintron/engintron","common_platform_enumeration":"","icon":"engintron.png","categories":["Web server extensions"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"WordPress","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Gravatar","description":"Gravatar is a service for providing globally unique avatars.","website":"https://gravatar.com","common_platform_enumeration":"","icon":"Gravatar.png","categories":["Miscellaneous"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-11-30T22:14:19.793229Z","alert_count":0,"request_count":1,"received_data":10441,"sent_data":523,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2025-11-30T22:18:20.693037Z","alert_count":0,"request_count":1,"received_data":88015,"sent_data":495,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"216.58.207.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-11-30T22:13:37.547558Z","alert_count":0,"request_count":2,"received_data":27098,"sent_data":1155,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"newsy.elsob7.com/news/coconut-biscuits/","fqdn":"newsy.elsob7.com","domain":"elsob7.com","tld":"com"},"ip":{"addr":"104.26.13.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"14b53d167e3f82902e194ab49414d1bd","sha1":"7faa8954e73a245b12453276fc465db547c28a13","sha256":"895d1ab6be3baca363a34fc31f32c3e4d8d65ddac89936533113b870fdf08fd7","sha512":"f385d7eac3c3ad36c3fe6720b16010e74cae0d1135e28cd413d5d10a7e842ed508ff106988e6dd083c199a33dd3090433d06982f3078578b0699f4d3c185745d","ssdeep":"","tlshash":"e2a022382c00b2200cfb088c30eb83a83a320800f8022000c03e88880c33fc88b02bc8","size":75,"data":"","first_seen":"2023-05-19T22:14:34Z","last_seen":"2026-03-19T06:52:16.013579Z","times_seen":74,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.larapush.com/scripts/popup-4.0.0.min.js","fqdn":"cdn.larapush.com","domain":"larapush.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c2d42a307eee2e383469f5674afd30e2","sha1":"98e1175d6584e7d46c884b0696aa06fae52524af","sha256":"5761a9d236040d1d17eeab713a9109ef796df4665ddf5cfba088b12509206db0","sha512":"ca60e7fe18dd9a0b19f3ec6f6739043454988ef3df49c5c4af415b3983dd097f642d81d0c173cbc66e65355bbdd36eeba4a442ff2793536c320d35624a1d27c2","ssdeep":"768:iMC61bOjFMNiK+fcKRG7K9FjzalotlgBrh1GLSNpqStUPfEdTcqQFqfxNiTkisj/:mQm9y8Fjzmo7E91WgAI","tlshash":"df63c5016fe03dac2342593f731bf6e9e929085dd246898ef18cfe14d6c9717a5aa331","size":66719,"data":"","first_seen":"2024-10-13T12:30:02.25738Z","last_seen":"2026-04-03T18:32:51.681057Z","times_seen":375,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015","fqdn":"static.cloudflareinsights.com","domain":"cloudflareinsights.com","tld":"com"},"ip":{"addr":"104.16.80.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ec18af6d41f6f278b6aed3bdabffa7bc","sha1":"62c9e2cab76b888829f3c5335e91c320b22329ae","sha256":"8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f","sha512":"669b0e9a545057acbdd3b4c8d1d2811eaf4c776f679da1083e591ff38ae7684467abacef5af3d4aabd9fb7c335692dbca0def63ddac2cd28d8e14e95680c3511","ssdeep":"384:XriNpnjyMkg8XMtExRN1w29JIOzahXtO2nJ65:GijgSWuanfJ65","tlshash":"8d92d7def645723613f76076913f220b733b35a528068459812adbc22c3d98f6267f6e","size":19948,"data":"","first_seen":"2024-06-07T09:21:23Z","last_seen":"2026-04-03T18:21:36.937712Z","times_seen":330011,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-6WRH8PVCBS","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"6b1a253ca27531022123bef17524d0d7","sha1":"27ae333c1a98ceb946483833edcedacaf2e722b3","sha256":"db43ce8edcb07f725e7ab5bc93b9757a4e9919b637ac409e9f42310b97bb68ea","sha512":"c4dcea239569575b42a1cc27d3c3004e2611a263f85cc0fc34ef617c1ad2aed7375da42887d737b5fa1d0042a98cc63f8072ffe2b1963db1e6187723579ce495","ssdeep":"6144:FlBUK5tJeUI2XVUULUVWo6O7GQEO7f2xVFBoOr+3j:FnD52UnVUUtO7F","tlshash":"ee8419ce73d6742653d6f478402f018ba57b28a2b44cc899f1c9c9e52e70a9a4277f7c","size":406342,"data":"","first_seen":"2025-12-01T20:45:38.94207Z","last_seen":"2025-12-01T20:45:38.94207Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"newsy.elsob7.com/wp-includes/js/wp-emoji-release.min.js?ver=6.8.3","fqdn":"newsy.elsob7.com","domain":"elsob7.com","tld":"com"},"ip":{"addr":"104.26.13.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c4b50535f3e989a77d537d5486342d47","sha1":"2a1cc988298c022def9376bd54f608f44154071a","sha256":"db8ee8be2b2456c191fc0739f34f6ac675af8ba4782380cf233024498e0eb968","sha512":"be3b974332c4dadc30025aa911fde008442c9f4966ade014a7b8f05926688e30b9fdc32ebdbdd53fe32fc3f4d9c6ac2310b98dc6602843f2d8f00b1ded4e9b83","ssdeep":"384:WAevzW+ZTbXUH3o//bEPhXgA5H1efAJmpr:WF6UXUH3o//YpXgAGfACr","tlshash":"d782fa9bb33a4e8f343e3bd7cd968f4dc9da555321c0e078dbeeb68169a00568274c90","size":19251,"data":"","first_seen":"2025-05-09T23:23:48.206606Z","last_seen":"2026-04-03T18:27:34.228753Z","times_seen":195718,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"newsy.elsob7.com/news/coconut-biscuits/","fqdn":"newsy.elsob7.com","domain":"elsob7.com","tld":"com"},"ip":{"addr":"104.26.13.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"f447152e5be944969702f37a30870055","sha1":"3295ed6bb5aa06beae650adfa00b3d9e66c3d324","sha256":"bcde5663b9adc89eb66a0c7511a1ffe7a2ba1b3c36f2273c5a90fd9ef5656cca","sha512":"e3cf203f699b4d59d58820739943faa7e1eabe98c2dba8a915d4e1908e03d91df8a069f9d6d7e90b7447b3f244fe769380b54a9e973755224448804859575643","ssdeep":"","tlshash":"fb2165a2084477dcd25a39942d1b90d956672fc724af4a4527cb5acfa20024fe4d6f3e","size":1256,"data":"","first_seen":"2025-11-22T00:40:13.463378Z","last_seen":"2025-12-02T17:38:11.562627Z","times_seen":29,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"newsy.elsob7.com/wp-content/themes/rocket/style.js?ver=56","fqdn":"newsy.elsob7.com","domain":"elsob7.com","tld":"com"},"ip":{"addr":"104.26.13.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"80d36c28b1b89437d31b54969e339388","sha1":"5ffdaf518794015a4119b2c9882eb6e6eae7c0a3","sha256":"f94ecb607893ab655e0ebd6359bc22131ed495d7fb0ee39aeaed30e8a037d122","sha512":"8f2cf0c09f2b21dc5f5c373d4154693885c9b24e5786659743a464c4ff4a9f78ed66431fe11d40267574399c425ac5ebf27fb081c07654d365a32c2df0d0fe8b","ssdeep":"384:mOXqssOxrNuSX5REolpfW82otCA2XOixhAAzTuC4Gp/td6WafZEATTFzXrbStjgA:cGpuQ52ollWjotCyAd6bog1UdV","tlshash":"e703964c6265227640b773be8fb75348fb3a406b60024b5dbe2d89492fb285551f2fec","size":38671,"data":"","first_seen":"2025-04-27T12:01:02.451034Z","last_seen":"2026-03-19T06:52:15.934654Z","times_seen":38,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015","fqdn":"static.cloudflareinsights.com","domain":"cloudflareinsights.com","tld":"com"},"ip":{"addr":"104.16.80.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ec18af6d41f6f278b6aed3bdabffa7bc","sha1":"62c9e2cab76b888829f3c5335e91c320b22329ae","sha256":"8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f","sha512":"669b0e9a545057acbdd3b4c8d1d2811eaf4c776f679da1083e591ff38ae7684467abacef5af3d4aabd9fb7c335692dbca0def63ddac2cd28d8e14e95680c3511","ssdeep":"384:XriNpnjyMkg8XMtExRN1w29JIOzahXtO2nJ65:GijgSWuanfJ65","tlshash":"8d92d7def645723613f76076913f220b733b35a528068459812adbc22c3d98f6267f6e","size":19948,"data":"","first_seen":"2024-06-07T09:21:23Z","last_seen":"2026-04-03T18:21:36.937712Z","times_seen":330011,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-61WVLMJY44\u0026cx=c\u0026gtm=4e5bi1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"17fa9d80000de11d66e3fc9838085baf","sha1":"3bf862678cf7e8c119d8401ae5b1f5653248cfd0","sha256":"ecdfa5f83178d8701a2ae79d182d88749a8bf03f0021c77a059ef8304b3cf695","sha512":"73270cc0e9b80cc2c779acddfc0f4d22f54a4ce4216377ef6502bb05e462375e70a0517645d0b17dc6a642ff7c57904571022b59c34899293ea82773e4e2c318","ssdeep":"6144:vqJcBUKitJeUI2XVUULUVWo6O7GQEO7QZ2ElVFBoOr+Lu:vcgDi2UnVUUtO7QZ/","tlshash":"e5941ace73d674225396f078502f018ba57b28a2b45cc896f1c9cde42e74a9a4277f7c","size":431196,"data":"","first_seen":"2025-12-01T20:45:38.939594Z","last_seen":"2025-12-01T20:45:38.939594Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"newsy.elsob7.com/wp-content/themes/rocket/assets/css/bootstrap.rtl.min.css?ver=6.8.3","fqdn":"newsy.elsob7.com","domain":"elsob7.com","tld":"com"},"ip":{"addr":"104.26.13.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://newsy.elsob7.com/news/coconut-biscuits/","date":"2025-12-01T20:45:11.867Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"elsob7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 20 Nov 2025 01:43:51 GMT","end":"Wed, 18 Feb 2026 02:41:17 GMT"},"fingerprint":{"sha1":"12:3A:19:6A:23:B3:A4:0D:A3:BE:DB:C0:4F:73:A7:16:D3:76:2C:7D","sha256":"2E:D5:8A:DF:92:4F:17:7B:27:88:39:EB:C9:7B:BE:42:A2:6F:29:57:87:BE:AC:FC:02:91:3D:45:28:BB:28:F1"}}},"request":{"raw":"GET /wp-content/themes/rocket/assets/css/bootstrap.rtl.min.css?ver=6.8.3 HTTP/1.1\r\nHost: newsy.elsob7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://newsy.elsob7.com/news/coconut-biscuits/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 01 Dec 2025 20:45:11 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nlast-modified: Thu, 06 Nov 2025 03:22:35 GMT\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ezkal6ItBC7Eitsqt9jaUMu%2F6He%2Freh4McgqwHG6ZVm%2B8T%2FX8p8ATZ7xiKUETEnq7SaA10QdWmc2aL%2FikEBQEbvlsgsfxlsVE6qILPNnDU4kDr3ACH2Y5%2FpW0Vg%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nexpires: Wed, 31 Dec 2025 20:12:21 GMT\r\ncache-control: max-age=2592000\r\nx-xss-protection: 1; mode=block\r\nx-nginx-upstream-cache-status: MISS\r\nx-server-powered-by: Engintron\r\npriority: u=2,i=?0\r\ncf-ray: 9a756d44f9502678-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Engintron","description":"Engintron is a plugin that integrates Nginx to cPanel/WHM server.","website":"https://github.com/engintron/engintron","common_platform_enumeration":"","icon":"engintron.png","categories":["Web server extensions"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":232126,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65342)","md5":"d3d3d6b180a5e55fc03c2de7ee6c18c1","sha1":"543b288dba1f2188d479959e5533d546783f23f8","sha256":"80fe49db626c56ef97f2bccc121d4ac7e943f3d1c5dc35b861458f894f6e7547","sha512":"c990bad546810141886ecfd80efa775cb66c876f6d686d5bad0ac51498823c7bfe06803aa044d6d19b9cd710ca6075bf537c99affaeaa22519646fa254e981ef","ssdeep":"1536:v9Un3CL9DflCpvqXKjxt5eZge9iOV98QsYRUlMdEWpjy02B2Ir:in3+9DfTV98C3dEWpjy02B2Ir","tlshash":"503482d6f190317d9ca7814a9691fefd896fa985cb124da6f003772807cabd30962dcc","first_seen":"2025-08-24T15:43:58.509847Z","last_seen":"2026-03-19T06:52:15.952989Z","times_seen":38,"resource_available":false,"data":null}},"time_used":57,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":48,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-01","alert":"Sinkholed","trigger":"newsy.elsob7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"newsy.elsob7.com/wp-content/plugins/phone-specs-table/phone-specs-style.css?ver=6.8.3","fqdn":"newsy.elsob7.com","domain":"elsob7.com","tld":"com"},"ip":{"addr":"104.26.13.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://newsy.elsob7.com/news/coconut-biscuits/","date":"2025-12-01T20:45:11.858Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"elsob7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 20 Nov 2025 01:43:51 GMT","end":"Wed, 18 Feb 2026 02:41:17 GMT"},"fingerprint":{"sha1":"12:3A:19:6A:23:B3:A4:0D:A3:BE:DB:C0:4F:73:A7:16:D3:76:2C:7D","sha256":"2E:D5:8A:DF:92:4F:17:7B:27:88:39:EB:C9:7B:BE:42:A2:6F:29:57:87:BE:AC:FC:02:91:3D:45:28:BB:28:F1"}}},"request":{"raw":"GET /wp-content/plugins/phone-specs-table/phone-specs-style.css?ver=6.8.3 HTTP/1.1\r\nHost: newsy.elsob7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://newsy.elsob7.com/news/coconut-biscuits/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 01 Dec 2025 20:45:11 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nlast-modified: Wed, 19 Nov 2025 18:40:01 GMT\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RAQTVayV%2FzZtAKqyjFzpdn0QSzwcHZUOKOrXGEZ9AgSY9Q89yqw3EWVm0h0aBY4TuM1YOgqSAXzcTOi6x6mIJO6xb%2F8l1RzVKrzKe6ES5Nt839hH0k2i2dJopUY%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nexpires: Wed, 31 Dec 2025 20:12:21 GMT\r\ncache-control: max-age=2592000\r\nx-xss-protection: 1; mode=block\r\nx-nginx-upstream-cache-status: MISS\r\nx-server-powered-by: Engintron\r\npriority: u=2,i=?0\r\ncf-ray: 9a756d44f94f2678-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Engintron","description":"Engintron is a plugin that integrates Nginx to cPanel/WHM server.","website":"https://github.com/engintron/engintron","common_platform_enumeration":"","icon":"engintron.png","categories":["Web server extensions"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2062,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"77f98375e2b08d869993c3ea32415491","sha1":"c8f7512035ed235ab0ab788c7869f4ba415d6eb0","sha256":"adfab5f4e5ab2b8da067a526aaf09f16e052b2865537b649616db20b7096904a","sha512":"18cf66e99dc841a31f2ead86769c2f157156ef0f4a9a97c790e56a31cc0129d8b7f64c89968403151471a66caaf58b039c5f7bfc7f2e610114dce72cb74cff63","ssdeep":"","tlshash":"c0415b07ebf21405605f682d839ae3393179494b654adf3b3e5a63652f092b3c862bc8","first_seen":"2025-11-22T00:40:13.443499Z","last_seen":"2025-12-07T11:03:08.662942Z","times_seen":26,"resource_available":false,"data":null}},"time_used":64,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":64,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-01","alert":"Sinkholed","trigger":"newsy.elsob7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Readex+Pro:wght@500\u0026family=Noto+Kufi+Arabic:wght@500\u0026family=Rubik:wght@500\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://newsy.elsob7.com/news/coconut-biscuits/","date":"2025-12-01T20:45:11.878Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:34:58 GMT","end":"Mon, 19 Jan 2026 08:34:57 GMT"},"fingerprint":{"sha1":"56:14:7E:EF:FA:D2:CF:DD:3B:30:9C:AE:7A:C9:AD:9E:A7:87:3D:E9","sha256":"72:DD:0F:82:4D:8A:09:2D:BB:5B:E6:1B:6F:09:F8:1E:BD:BD:D3:3E:B8:A4:8C:B9:49:13:4D:DC:D7:EF:EA:77"}}},"request":{"raw":"GET /css2?family=Readex+Pro:wght@500\u0026family=Noto+Kufi+Arabic:wght@500\u0026family=Rubik:wght@500\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://newsy.elsob7.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Mon, 01 Dec 2025 20:45:12 GMT\r\ndate: Mon, 01 Dec 2025 20:45:12 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9755,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"cd9d7eae7542e396694df805a30a6cbc","sha1":"b0d55ce10e86586af51e79b1ea19549afc46fbfc","sha256":"78fbae7327e0fbe1bf1274727831a8d6611dd8252f37b1096b6a3fcc05856b49","sha512":"c804f9f32f4c564619a06ac72bd4ca77c6e2f1e7b7299162c5765ee85a5f6cd18403310d447fe7a9928b4d12647bfb49bb375f60ddce40e075bbdc4b871b5780","ssdeep":"192:WTcClUTaTqgTkbqGIwVqThfTb4TCl0v4y4Ge4Q1ClDebrudtcB:kVlmaGS4qY4dcWl0gD+FlCh","tlshash":"2912fee0481f4044bb471cd223ce6e2bee4e9294748494399bfc5b8bed9bc66736439d","first_seen":"2025-09-26T06:59:11.460332Z","last_seen":"2026-03-19T06:52:15.950343Z","times_seen":29,"resource_available":false,"data":null}},"time_used":339,"timings":{"blocked":147,"dns":1,"connect":12,"send":0,"wait":19,"receive":0,"ssl":157},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"newsy.elsob7.com/wp-includes/js/wp-emoji-release.min.js?ver=6.8.3","fqdn":"newsy.elsob7.com","domain":"elsob7.com","tld":"com"},"ip":{"addr":"104.26.13.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://newsy.elsob7.com/news/coconut-biscuits/","date":"2025-12-01T20:45:12.246Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"elsob7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 20 Nov 2025 01:43:51 GMT","end":"Wed, 18 Feb 2026 02:41:17 GMT"},"fingerprint":{"sha1":"12:3A:19:6A:23:B3:A4:0D:A3:BE:DB:C0:4F:73:A7:16:D3:76:2C:7D","sha256":"2E:D5:8A:DF:92:4F:17:7B:27:88:39:EB:C9:7B:BE:42:A2:6F:29:57:87:BE:AC:FC:02:91:3D:45:28:BB:28:F1"}}},"request":{"raw":"GET /wp-includes/js/wp-emoji-release.min.js?ver=6.8.3 HTTP/1.1\r\nHost: newsy.elsob7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://newsy.elsob7.com/news/coconut-biscuits/\r\nCookie: posts_viewed=49687\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 01 Dec 2025 20:45:12 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nlast-modified: Wed, 18 Jun 2025 01:53:34 GMT\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hOyz1b289a%2F%2FnWESMUsuwJkw%2BMfzfx98WU59YtXzIPIqBfjG5RtVFmm5IJOl8iH7zC1TzzqGS5b1QAlyd%2BHh3UbHZ9Y3gPiPZ7WxqWj3JzQ%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nexpires: Wed, 31 Dec 2025 20:12:22 GMT\r\ncache-control: max-age=2592000\r\nx-xss-protection: 1; mode=block\r\nx-nginx-upstream-cache-status: MISS\r\nx-server-powered-by: Engintron\r\npriority: u=3,i=?0\r\ncf-ray: 9a756d4789972678-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Engintron","description":"Engintron is a plugin that integrates Nginx to cPanel/WHM server.","website":"https://github.com/engintron/engintron","common_platform_enumeration":"","icon":"engintron.png","categories":["Web server extensions"]}],"data":{"size":19251,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (16277)","md5":"c4b50535f3e989a77d537d5486342d47","sha1":"2a1cc988298c022def9376bd54f608f44154071a","sha256":"db8ee8be2b2456c191fc0739f34f6ac675af8ba4782380cf233024498e0eb968","sha512":"be3b974332c4dadc30025aa911fde008442c9f4966ade014a7b8f05926688e30b9fdc32ebdbdd53fe32fc3f4d9c6ac2310b98dc6602843f2d8f00b1ded4e9b83","ssdeep":"384:WAevzW+ZTbXUH3o//bEPhXgA5H1efAJmpr:WF6UXUH3o//YpXgAGfACr","tlshash":"d782fa9bb33a4e8f343e3bd7cd968f4dc9da555321c0e078dbeeb68169a00568274c90","first_seen":"2025-05-09T23:23:48.206606Z","last_seen":"2026-04-03T18:27:34.228753Z","times_seen":195718,"resource_available":true,"data":null}},"time_used":53,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":53,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-01","alert":"Sinkholed","trigger":"newsy.elsob7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"newsy.elsob7.com/wp-content/uploads/2025/09/cropped-journal-192x192.png","fqdn":"newsy.elsob7.com","domain":"elsob7.com","tld":"com"},"ip":{"addr":"104.26.13.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://newsy.elsob7.com/news/coconut-biscuits/","date":"2025-12-01T20:45:12.378Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"elsob7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 20 Nov 2025 01:43:51 GMT","end":"Wed, 18 Feb 2026 02:41:17 GMT"},"fingerprint":{"sha1":"12:3A:19:6A:23:B3:A4:0D:A3:BE:DB:C0:4F:73:A7:16:D3:76:2C:7D","sha256":"2E:D5:8A:DF:92:4F:17:7B:27:88:39:EB:C9:7B:BE:42:A2:6F:29:57:87:BE:AC:FC:02:91:3D:45:28:BB:28:F1"}}},"request":{"raw":"GET /wp-content/uploads/2025/09/cropped-journal-192x192.png HTTP/1.1\r\nHost: newsy.elsob7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://newsy.elsob7.com/news/coconut-biscuits/\r\nCookie: posts_viewed=49687\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 01 Dec 2025 20:45:12 GMT\r\ncontent-type: image/png\r\ncontent-length: 1827\r\nlast-modified: Tue, 30 Sep 2025 05:42:14 GMT\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=riSXlfku9KjxSVLoatnfubbFFonrUQ3P1GmnkthSaqu572t%2FkGup2IkbRqbeJh%2B8Lc6wp8zMGlhQ8%2BxuraC3Sqw3NNaIWa7%2BNmVGaCWQDlQ%3D\"}]}\r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\nexpires: Fri, 30 Jan 2026 20:12:21 GMT\r\ncache-control: max-age=5184000\r\nx-xss-protection: 1; mode=block\r\nx-nginx-upstream-cache-status: MISS\r\nx-server-powered-by: Engintron\r\npriority: u=6,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9a756d4859b42678-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Engintron","description":"Engintron is a plugin that integrates Nginx to cPanel/WHM server.","website":"https://github.com/engintron/engintron","common_platform_enumeration":"","icon":"engintron.png","categories":["Web server extensions"]}],"data":{"size":1827,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 8-bit colormap, non-interlaced","md5":"5d3f1d49c5ec294d4819a14fbe5e3cbb","sha1":"47196489fcf946175a3614f87fe64d316c928ccf","sha256":"aed3a000e458f0d8de58e427c2f0cebb7b8d9983022e8c8b8fe885317f7ca396","sha512":"91e192663af14ced4daa87568072ced9fc19403f2debb4c9dd1bdf3ac7a220c1b47ee2bd84abd5b0fb4f72dc68820d42150e9a9a6815eab25716565be31bfe59","ssdeep":"","tlshash":"fb31e9f3e992095cc5e1a3a54002d80741f2d8a746bf65a4481e59abaf99bcc0e5d147","first_seen":"2025-11-22T00:40:13.45712Z","last_seen":"2025-12-07T11:03:08.654877Z","times_seen":30,"resource_available":false,"data":null}},"time_used":150,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":149,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-01","alert":"Sinkholed","trigger":"newsy.elsob7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"newsy.elsob7.com/wp-content/uploads/2025/09/cropped-journal-32x32.png","fqdn":"newsy.elsob7.com","domain":"elsob7.com","tld":"com"},"ip":{"addr":"104.26.13.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://newsy.elsob7.com/news/coconut-biscuits/","date":"2025-12-01T20:45:12.379Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"elsob7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 20 Nov 2025 01:43:51 GMT","end":"Wed, 18 Feb 2026 02:41:17 GMT"},"fingerprint":{"sha1":"12:3A:19:6A:23:B3:A4:0D:A3:BE:DB:C0:4F:73:A7:16:D3:76:2C:7D","sha256":"2E:D5:8A:DF:92:4F:17:7B:27:88:39:EB:C9:7B:BE:42:A2:6F:29:57:87:BE:AC:FC:02:91:3D:45:28:BB:28:F1"}}},"request":{"raw":"GET /wp-content/uploads/2025/09/cropped-journal-32x32.png HTTP/1.1\r\nHost: newsy.elsob7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://newsy.elsob7.com/news/coconut-biscuits/\r\nCookie: posts_viewed=49687\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 01 Dec 2025 20:45:12 GMT\r\ncontent-type: image/png\r\ncontent-length: 870\r\nlast-modified: Tue, 30 Sep 2025 05:42:14 GMT\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=btFEKc%2FWCckqkujRoo%2BRD%2BBdQr5cFTIpPRVHA2g3JcN0nf8%2F7g7i8BZBgrD8b8a9yT4c3X11j1cwfUbSsioyQjsDHfPtBC9v0zcQn2yqzBU%3D\"}]}\r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\nexpires: Fri, 30 Jan 2026 20:12:28 GMT\r\ncache-control: max-age=5184000\r\nx-xss-protection: 1; mode=block\r\nx-nginx-upstream-cache-status: STALE\r\nx-server-powered-by: Engintron\r\npriority: u=6,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9a756d4859b52678-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Engintron","description":"Engintron is a plugin that integrates Nginx to cPanel/WHM server.","website":"https://github.com/engintron/engintron","common_platform_enumeration":"","icon":"engintron.png","categories":["Web server extensions"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":870,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit colormap, non-interlaced","md5":"5eb82d50145f994252233242d3a96dae","sha1":"5615205fd5e497a6e3da1b2fa34d1d239f23bf88","sha256":"8b65af864480e6c29a1e0b6c4d0777a2763aa41f09e31b8651b0c05f97881a9e","sha512":"06c0faccc8caa6370726e2a58ca9cf7a849268524f9a76acfd035dc05f2803d16b3707a042d2bf75d18b41226a23675f04583d9719dc0016b44dadc9bcbbedb3","ssdeep":"","tlshash":"ff1196e7c94004d7ea43a3b104371c6edae7159a0926b718002ff25c1e0278d84b9151","first_seen":"2025-11-22T00:40:13.460554Z","last_seen":"2025-12-02T17:38:11.552246Z","times_seen":28,"resource_available":false,"data":null}},"time_used":77,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":77,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-01","alert":"Sinkholed","trigger":"newsy.elsob7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"newsy.elsob7.com/wp-content/uploads/2025/11/Coconut-biscuits.jpg.webp","fqdn":"newsy.elsob7.com","domain":"elsob7.com","tld":"com"},"ip":{"addr":"104.26.13.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://newsy.elsob7.com/news/coconut-biscuits/","date":"2025-12-01T20:45:11.891Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"elsob7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 20 Nov 2025 01:43:51 GMT","end":"Wed, 18 Feb 2026 02:41:17 GMT"},"fingerprint":{"sha1":"12:3A:19:6A:23:B3:A4:0D:A3:BE:DB:C0:4F:73:A7:16:D3:76:2C:7D","sha256":"2E:D5:8A:DF:92:4F:17:7B:27:88:39:EB:C9:7B:BE:42:A2:6F:29:57:87:BE:AC:FC:02:91:3D:45:28:BB:28:F1"}}},"request":{"raw":"GET /wp-content/uploads/2025/11/Coconut-biscuits.jpg.webp HTTP/1.1\r\nHost: newsy.elsob7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://newsy.elsob7.com/news/coconut-biscuits/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 01 Dec 2025 20:45:12 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sun, 30 Nov 2025 18:37:21 GMT\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OQhI0yvospgdHfk9d28ZH5eJafe11UEeAL%2BwqQp%2F8I8h%2Bby7aCo86k%2B4UH58VWdIyKQFkTmeg4mFnXz8yyDQ%2BqXG4HCdtt4jhxnX4arbTgA%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nx-server-powered-by: Engintron\r\nalt-svc: h3=\":443\"; ma=86400\r\nexpires: Fri, 30 Jan 2026 20:38:35 GMT\r\ncache-control: max-age=5184000\r\nx-xss-protection: 1; mode=block\r\nx-nginx-upstream-cache-status: MISS\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\ncf-ray: 9a756d45195a2678-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Engintron","description":"Engintron is a plugin that integrates Nginx to cPanel/WHM server.","website":"https://github.com/engintron/engintron","common_platform_enumeration":"","icon":"engintron.png","categories":["Web server extensions"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":47216,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"26729d0aeca79c515193ebaa6476f059","sha1":"db5515bc8a4977e69534c7bf285576fc52c31e88","sha256":"d5211e2142e00a5ed8f02901f2987fad85ea9bda016d8bd352c0a8346d2019f1","sha512":"845006bb987ba78ab083aed2aff46b9b8655b5af6fd35f0ac26e3f0cb573b74c47850eb0df37d83817c009c70b33fabffefd3700ceddaf6e1ac36c295b79cb89","ssdeep":"768:MbnLZWTY4s2P5SuJnf528hzYAO0QeTei1k/BkXDQofmyHkGHhu30cyYLr:MbnMUSP5SuJnR2d0tTeiiollBsr","tlshash":"5e230236e5ceed7f699e46ff5725828e2c37f1068910936beb043e91570893233e8625","first_seen":"2025-12-01T20:45:38.935762Z","last_seen":"2025-12-01T20:45:38.935762Z","times_seen":1,"resource_available":false,"data":null}},"time_used":515,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":513,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-01","alert":"Sinkholed","trigger":"newsy.elsob7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015","fqdn":"static.cloudflareinsights.com","domain":"cloudflareinsights.com","tld":"com"},"ip":{"addr":"104.16.80.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://newsy.elsob7.com/news/coconut-biscuits/","date":"2025-12-01T20:45:11.896Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cloudflareinsights.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 22 Oct 2025 06:18:58 GMT","end":"Tue, 20 Jan 2026 07:18:54 GMT"},"fingerprint":{"sha1":"C7:F8:82:22:3E:BC:9D:F4:7B:0A:EF:A0:EE:C2:C2:D1:34:7E:55:1D","sha256":"EA:85:37:F0:6A:CB:4D:61:4B:3D:2C:58:4B:FF:E5:CE:3C:33:94:71:D8:11:77:5A:C1:99:2F:94:1F:D2:FD:F1"}}},"request":{"raw":"GET /beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 HTTP/1.1\r\nHost: static.cloudflareinsights.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://newsy.elsob7.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://newsy.elsob7.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 01 Dec 2025 20:45:11 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=86400\r\netag: W/\"2024.6.1\"\r\nlast-modified: Thu, 06 Jun 2024 15:52:56 GMT\r\ncross-origin-resource-policy: cross-origin\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 9a756d455ca60731-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19948,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (19948), with no line terminators","md5":"ec18af6d41f6f278b6aed3bdabffa7bc","sha1":"62c9e2cab76b888829f3c5335e91c320b22329ae","sha256":"8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f","sha512":"669b0e9a545057acbdd3b4c8d1d2811eaf4c776f679da1083e591ff38ae7684467abacef5af3d4aabd9fb7c335692dbca0def63ddac2cd28d8e14e95680c3511","ssdeep":"384:XriNpnjyMkg8XMtExRN1w29JIOzahXtO2nJ65:GijgSWuanfJ65","tlshash":"8d92d7def645723613f76076913f220b733b35a528068459812adbc22c3d98f6267f6e","first_seen":"2024-06-07T09:21:23Z","last_seen":"2026-04-03T18:21:36.937712Z","times_seen":330011,"resource_available":true,"data":null}},"time_used":67,"timings":{"blocked":3,"dns":0,"connect":1,"send":0,"wait":24,"receive":0,"ssl":33},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015","fqdn":"static.cloudflareinsights.com","domain":"cloudflareinsights.com","tld":"com"},"ip":{"addr":"104.16.80.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://newsy.elsob7.com/news/coconut-biscuits/","date":"2025-12-01T20:45:12.122Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cloudflareinsights.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 22 Oct 2025 06:18:58 GMT","end":"Tue, 20 Jan 2026 07:18:54 GMT"},"fingerprint":{"sha1":"C7:F8:82:22:3E:BC:9D:F4:7B:0A:EF:A0:EE:C2:C2:D1:34:7E:55:1D","sha256":"EA:85:37:F0:6A:CB:4D:61:4B:3D:2C:58:4B:FF:E5:CE:3C:33:94:71:D8:11:77:5A:C1:99:2F:94:1F:D2:FD:F1"}}},"request":{"raw":"GET /beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 HTTP/1.1\r\nHost: static.cloudflareinsights.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://newsy.elsob7.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://newsy.elsob7.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 01 Dec 2025 20:45:12 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=86400\r\netag: W/\"2024.6.1\"\r\nlast-modified: Thu, 06 Jun 2024 15:52:56 GMT\r\ncross-origin-resource-policy: cross-origin\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 9a756d46c9040731-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19948,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (19948), with no line terminators","md5":"ec18af6d41f6f278b6aed3bdabffa7bc","sha1":"62c9e2cab76b888829f3c5335e91c320b22329ae","sha256":"8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f","sha512":"669b0e9a545057acbdd3b4c8d1d2811eaf4c776f679da1083e591ff38ae7684467abacef5af3d4aabd9fb7c335692dbca0def63ddac2cd28d8e14e95680c3511","ssdeep":"384:XriNpnjyMkg8XMtExRN1w29JIOzahXtO2nJ65:GijgSWuanfJ65","tlshash":"8d92d7def645723613f76076913f220b733b35a528068459812adbc22c3d98f6267f6e","first_seen":"2024-06-07T09:21:23Z","last_seen":"2026-04-03T18:21:36.937712Z","times_seen":330011,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"secure.gravatar.com/avatar/39a9e902811ae19e9612adb87f3c8315531bf7c955e8802fead7507e45c1a842?s=100\u0026d=mm\u0026r=g","fqdn":"secure.gravatar.com","domain":"gravatar.com","tld":"com"},"ip":{"addr":"192.0.73.2","port":443,"asn":2635,"as":"AUTOMATTIC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://newsy.elsob7.com/news/coconut-biscuits/","date":"2025-12-01T20:45:12.375Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gravatar.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Oct 2025 19:44:01 GMT","end":"Sat, 10 Jan 2026 19:44:00 GMT"},"fingerprint":{"sha1":"9A:AD:B4:0D:78:72:BD:79:3B:85:71:6E:98:21:AA:57:5D:FE:A1:D8","sha256":"23:BF:7F:44:90:FB:07:43:D0:6E:80:2E:C0:31:09:27:0E:4B:CA:85:DA:67:94:AE:FF:06:30:93:B6:78:DB:53"}}},"request":{"raw":"GET /avatar/39a9e902811ae19e9612adb87f3c8315531bf7c955e8802fead7507e45c1a842?s=100\u0026d=mm\u0026r=g HTTP/1.1\r\nHost: secure.gravatar.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://newsy.elsob7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 01 Dec 2025 20:45:12 GMT\r\ncontent-type: image/png\r\ncontent-length: 15231\r\nlast-modified: Fri, 09 Aug 2024 00:52:23 GMT\r\nlink: \u003chttps://gravatar.com/avatar/39a9e902811ae19e9612adb87f3c8315531bf7c955e8802fead7507e45c1a842?s=100\u0026d=mm\u0026r=g\u003e; rel=\"canonical\"\r\ncontent-disposition: inline; filename=\"39a9e902811ae19e9612adb87f3c8315531bf7c955e8802fead7507e45c1a842.png\"\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nexpires: Mon, 01 Dec 2025 20:50:12 GMT\r\ncache-control: max-age=300\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-nc: HIT arn 28\r\nserver-timing: a8c-cdn, dc;desc=arn, cache;desc=HIT;dur=1.0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15231,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"2c73b3b6c452197195f90aa614d95481","sha1":"0a794b0d1861ccdb5da5acdc9584f44429a7b75e","sha256":"41938d2dade23f3ba35accd25af468a657424ad585ae3d0580e99dc1d61225bf","sha512":"8279006c8bd4825d490395f1857f0992d3b1778f6a633a45689fbc18ae0255870b8b11de17b17cd401a9fb3155fd84c0c1d29e93e4549ca9d4c2602be5cf42a8","ssdeep":"384:GYT0OCCewwfAnxrpj9vgzYMU0YnSOUbb3eGpdqtWTWf9dr5v:h0YG//sSOKeGpdyWCdlv","tlshash":"0962bfc8831185b9c914526a813bb477ca3baadf68d730170bdc8c6f3c534aea18d75a","first_seen":"2025-12-01T20:45:38.938184Z","last_seen":"2025-12-01T20:45:38.938184Z","times_seen":1,"resource_available":false,"data":null}},"time_used":123,"timings":{"blocked":29,"dns":48,"connect":7,"send":0,"wait":8,"receive":8,"ssl":19},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-61WVLMJY44\u0026cx=c\u0026gtm=4e5bi1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://newsy.elsob7.com/news/coconut-biscuits/","date":"2025-12-01T20:45:12.496Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:33:43 GMT","end":"Mon, 19 Jan 2026 08:33:42 GMT"},"fingerprint":{"sha1":"4E:9E:D1:61:E4:7D:C2:8A:B6:AD:D2:31:C7:07:01:E4:DB:A0:A7:A9","sha256":"C5:DD:D4:CA:97:B7:B5:8C:B4:99:E8:56:30:AC:1B:F0:FD:7C:5A:FD:19:ED:13:D0:27:D6:0B:76:C7:C7:A0:66"}}},"request":{"raw":"GET /gtag/js?id=G-61WVLMJY44\u0026cx=c\u0026gtm=4e5bi1 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://newsy.elsob7.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Mon, 01 Dec 2025 20:45:12 GMT\r\nexpires: Mon, 01 Dec 2025 20:45:12 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 143107\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":431196,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6031)","md5":"17fa9d80000de11d66e3fc9838085baf","sha1":"3bf862678cf7e8c119d8401ae5b1f5653248cfd0","sha256":"ecdfa5f83178d8701a2ae79d182d88749a8bf03f0021c77a059ef8304b3cf695","sha512":"73270cc0e9b80cc2c779acddfc0f4d22f54a4ce4216377ef6502bb05e462375e70a0517645d0b17dc6a642ff7c57904571022b59c34899293ea82773e4e2c318","ssdeep":"6144:vqJcBUKitJeUI2XVUULUVWo6O7GQEO7QZ2ElVFBoOr+Lu:vcgDi2UnVUUtO7QZ/","tlshash":"e5941ace73d674225396f078502f018ba57b28a2b45cc896f1c9cde42e74a9a4277f7c","first_seen":"2025-12-01T20:45:38.939594Z","last_seen":"2025-12-01T20:45:38.939594Z","times_seen":1,"resource_available":true,"data":null}},"time_used":100,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":51,"receive":49,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"newsy.elsob7.com/cdn-cgi/rum?","fqdn":"newsy.elsob7.com","domain":"elsob7.com","tld":"com"},"ip":{"addr":"104.26.13.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://newsy.elsob7.com/news/coconut-biscuits/","date":"2025-12-01T20:45:12.791Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"elsob7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 20 Nov 2025 01:43:51 GMT","end":"Wed, 18 Feb 2026 02:41:17 GMT"},"fingerprint":{"sha1":"12:3A:19:6A:23:B3:A4:0D:A3:BE:DB:C0:4F:73:A7:16:D3:76:2C:7D","sha256":"2E:D5:8A:DF:92:4F:17:7B:27:88:39:EB:C9:7B:BE:42:A2:6F:29:57:87:BE:AC:FC:02:91:3D:45:28:BB:28:F1"}}},"request":{"raw":"POST /cdn-cgi/rum? HTTP/1.1\r\nHost: newsy.elsob7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ncontent-type: application/json\r\nContent-Length: 1062\r\nOrigin: https://newsy.elsob7.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://newsy.elsob7.com/news/coconut-biscuits/\r\nCookie: posts_viewed=49687; _ga_6WRH8PVCBS=GS2.1.s1764621912$o1$g0$t1764621912$j60$l0$h0; _ga=GA1.1.2086934256.1764621912; _ga_61WVLMJY44=GS2.1.s1764621912$o1$g0$t1764621912$j60$l0$h0\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 204 No Content\r\naccess-control-allow-origin: https://newsy.elsob7.com\r\naccess-control-allow-methods: POST,OPTIONS\r\naccess-control-max-age: 86400\r\nvary: Origin, accept-encoding\r\naccess-control-allow-credentials: true\r\ncontent-type: text/plain\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oV5xHkz89%2FhmpTq6lvUoNSVOjRLYMotxfcr81N7ngOr5AZhoUL2aCd5Xu0HVy1kp6X%2FLwrc98s2VM1oVu%2FUzqpqKKktziyOJt0U9UpzfTYg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ndate: Mon, 01 Dec 2025 20:45:12 GMT\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\ncf-ray: 9a756d4af9c32678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T18:31:03.533086Z","times_seen":13299059,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-01","alert":"Sinkholed","trigger":"newsy.elsob7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"newsy.elsob7.com/wp-content/uploads/2025/10/logo.png","fqdn":"newsy.elsob7.com","domain":"elsob7.com","tld":"com"},"ip":{"addr":"104.26.13.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://newsy.elsob7.com/news/coconut-biscuits/","date":"2025-12-01T20:45:11.889Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"elsob7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 20 Nov 2025 01:43:51 GMT","end":"Wed, 18 Feb 2026 02:41:17 GMT"},"fingerprint":{"sha1":"12:3A:19:6A:23:B3:A4:0D:A3:BE:DB:C0:4F:73:A7:16:D3:76:2C:7D","sha256":"2E:D5:8A:DF:92:4F:17:7B:27:88:39:EB:C9:7B:BE:42:A2:6F:29:57:87:BE:AC:FC:02:91:3D:45:28:BB:28:F1"}}},"request":{"raw":"GET /wp-content/uploads/2025/10/logo.png HTTP/1.1\r\nHost: newsy.elsob7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://newsy.elsob7.com/news/coconut-biscuits/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 01 Dec 2025 20:45:12 GMT\r\ncontent-type: image/png\r\ncontent-length: 26592\r\nlast-modified: Sun, 05 Oct 2025 05:18:15 GMT\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TeOAiLUPdgkIaG0D1%2Bpq%2F9momAcf7Ej9767FdykG1bkNQqweA6QR%2FNh57KsHMcjEq7lbPF9TJW5YnbWG4SmIouZNclA3QrzSmwogpsXlV3edHFNU3eduPpaVOXg%3D\"}]}\r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\nexpires: Fri, 30 Jan 2026 20:12:21 GMT\r\ncache-control: max-age=5184000\r\nx-xss-protection: 1; mode=block\r\nx-nginx-upstream-cache-status: MISS\r\nx-server-powered-by: Engintron\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9a756d4519582678-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Engintron","description":"Engintron is a plugin that integrates Nginx to cPanel/WHM server.","website":"https://github.com/engintron/engintron","common_platform_enumeration":"","icon":"engintron.png","categories":["Web server extensions"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":26592,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 911 x 234, 8-bit/color RGBA, non-interlaced","md5":"5fdf67c216ccfe2f04efc9308ba67e63","sha1":"c7e6b9c18eeca9a3d436c7e16a1d73b9dc67d16f","sha256":"e6ea9bd2910a1bde0c344afdb6b8399259b71ff684ccda9ee9ed88e54bc6ef52","sha512":"fc512224a66f8653560b5fabd357246042fcecf6bf6d5203405f269e85bf737e292defbef2d5dcf812cfb7372edfa2f3ed2a5ed6acd6b9717bf093862fbe0412","ssdeep":"768:QJ6k93eYjyp+zplRKbxPzOhEvdFviBxbQ0/:IdeYjhzpjG5uIdFvi7bN/","tlshash":"31c2f1c9e1ae2c9be18386a5b7b92623946310794fdca24ce78353e13cca10161e7cd6","first_seen":"2025-11-22T00:40:13.444304Z","last_seen":"2025-12-02T17:38:11.550584Z","times_seen":26,"resource_available":false,"data":null}},"time_used":288,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":287,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-01","alert":"Sinkholed","trigger":"newsy.elsob7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-6WRH8PVCBS","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://newsy.elsob7.com/news/coconut-biscuits/","date":"2025-12-01T20:45:11.894Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:33:43 GMT","end":"Mon, 19 Jan 2026 08:33:42 GMT"},"fingerprint":{"sha1":"4E:9E:D1:61:E4:7D:C2:8A:B6:AD:D2:31:C7:07:01:E4:DB:A0:A7:A9","sha256":"C5:DD:D4:CA:97:B7:B5:8C:B4:99:E8:56:30:AC:1B:F0:FD:7C:5A:FD:19:ED:13:D0:27:D6:0B:76:C7:C7:A0:66"}}},"request":{"raw":"GET /gtag/js?id=G-6WRH8PVCBS HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://newsy.elsob7.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Mon, 01 Dec 2025 20:45:12 GMT\r\nexpires: Mon, 01 Dec 2025 20:45:12 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 137626\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":406342,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5911)","md5":"6b1a253ca27531022123bef17524d0d7","sha1":"27ae333c1a98ceb946483833edcedacaf2e722b3","sha256":"db43ce8edcb07f725e7ab5bc93b9757a4e9919b637ac409e9f42310b97bb68ea","sha512":"c4dcea239569575b42a1cc27d3c3004e2611a263f85cc0fc34ef617c1ad2aed7375da42887d737b5fa1d0042a98cc63f8072ffe2b1963db1e6187723579ce495","ssdeep":"6144:FlBUK5tJeUI2XVUULUVWo6O7GQEO7f2xVFBoOr+3j:FnD52UnVUUtO7F","tlshash":"ee8419ce73d6742653d6f478402f018ba57b28a2b44cc899f1c9c9e52e70a9a4277f7c","first_seen":"2025-12-01T20:45:38.94207Z","last_seen":"2025-12-01T20:45:38.94207Z","times_seen":1,"resource_available":true,"data":null}},"time_used":530,"timings":{"blocked":195,"dns":1,"connect":22,"send":0,"wait":44,"receive":58,"ssl":207},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"newsy.elsob7.com/news/coconut-biscuits/","fqdn":"newsy.elsob7.com","domain":"elsob7.com","tld":"com"},"ip":{"addr":"104.26.13.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-01T20:45:11.330Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"elsob7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 20 Nov 2025 01:43:51 GMT","end":"Wed, 18 Feb 2026 02:41:17 GMT"},"fingerprint":{"sha1":"12:3A:19:6A:23:B3:A4:0D:A3:BE:DB:C0:4F:73:A7:16:D3:76:2C:7D","sha256":"2E:D5:8A:DF:92:4F:17:7B:27:88:39:EB:C9:7B:BE:42:A2:6F:29:57:87:BE:AC:FC:02:91:3D:45:28:BB:28:F1"}}},"request":{"raw":"GET /news/coconut-biscuits/ HTTP/1.1\r\nHost: newsy.elsob7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 01 Dec 2025 20:45:11 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\ncf-edge-cache: cache,platform=wordpress\r\nlink: \u003chttps://newsy.elsob7.com/wp-json/\u003e; rel=\"https://api.w.org/\", \u003chttps://newsy.elsob7.com/wp-json/wp/v2/posts/49687\u003e; rel=\"alternate\"; title=\"JSON\"; type=\"application/json\", \u003chttps://newsy.elsob7.com/?p=49687\u003e; rel=shortlink\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jSE5r8qYcbArgEzwEnyAtZfl6%2Bl3Rr5RXNLSTSj0syrjUYiD9x5ucQTDLC4kRZsqgrXyWczgZ07enGmbrlRPmmIeJL6FT2dyg8WqlkPByQJCwvfHJ69YTTm6Yn0%3D\"}]}\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver-timing: cfCacheStatus;desc=\"DYNAMIC\", cfEdge;dur=5,cfOrigin;dur=66, cfCacheStatus;desc=\"BYPASS\", cfEdge;dur=63,cfOrigin;dur=161\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-xss-protection: 1; mode=block\r\nx-nginx-upstream-cache-status: EXPIRED\r\nx-server-powered-by: Engintron\r\ncontent-encoding: br\r\ncf-ray: 9a756d4218ec56c0-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"WordPress","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Engintron","description":"Engintron is a plugin that integrates Nginx to cPanel/WHM server.","website":"https://github.com/engintron/engintron","common_platform_enumeration":"","icon":"engintron.png","categories":["Web server extensions"]},{"name":"Gravatar","description":"Gravatar is a service for providing globally unique avatars.","website":"https://gravatar.com","common_platform_enumeration":"","icon":"Gravatar.png","categories":["Miscellaneous"]}],"data":{"size":119028,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (8856), with CRLF, LF line terminators","md5":"0b16e94f487d9554e680711eef70414b","sha1":"38ee740914a35f655b940db9df08fb0fa9e1aea6","sha256":"ce9822bd34d8392f718e94b1b65e13ece672b2093c9e80ea604f1ab3d6f00bce","sha512":"93df98ae5dc39f53159654e0276dc73a2b38b9bf41c9b858653b80fe1c894853c6c373e47de905e24f850d7ba69a34c0f6abf9cd3e2c699744028f8b74074631","ssdeep":"1536:RDvC3apVGSN9aU+RivPrlyrhYeeUhhlBhyExjGDDvBDbPhIGsB6zC:RDvCqySNYcsjGD9TO","tlshash":"dfc3e6f2535450be5313cbcad272b71de367e41ada82a4a0b3bc535443a3ca3e6571ac","first_seen":"2025-12-01T20:45:38.943331Z","last_seen":"2025-12-01T20:45:38.943331Z","times_seen":1,"resource_available":false,"data":null}},"time_used":321,"timings":{"blocked":43,"dns":23,"connect":1,"send":0,"wait":234,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-01","alert":"Sinkholed","trigger":"newsy.elsob7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"newsy.elsob7.com/wp-includes/css/dist/block-library/style-rtl.min.css?ver=6.8.3","fqdn":"newsy.elsob7.com","domain":"elsob7.com","tld":"com"},"ip":{"addr":"104.26.13.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://newsy.elsob7.com/news/coconut-biscuits/","date":"2025-12-01T20:45:11.854Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"elsob7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 20 Nov 2025 01:43:51 GMT","end":"Wed, 18 Feb 2026 02:41:17 GMT"},"fingerprint":{"sha1":"12:3A:19:6A:23:B3:A4:0D:A3:BE:DB:C0:4F:73:A7:16:D3:76:2C:7D","sha256":"2E:D5:8A:DF:92:4F:17:7B:27:88:39:EB:C9:7B:BE:42:A2:6F:29:57:87:BE:AC:FC:02:91:3D:45:28:BB:28:F1"}}},"request":{"raw":"GET /wp-includes/css/dist/block-library/style-rtl.min.css?ver=6.8.3 HTTP/1.1\r\nHost: newsy.elsob7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://newsy.elsob7.com/news/coconut-biscuits/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 01 Dec 2025 20:45:11 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 08 Jul 2025 13:02:48 GMT\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OuCA1j5%2BXbeqvYteamhyifG8pWvwfeYKgWRp07jh7eHv%2FhPzDtRjAzznRZ6Sn6jxg0rlcbS5Tsb%2BrY6PN4VaLAODyOejspF9OQIbPOeW6xQ%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nexpires: Wed, 31 Dec 2025 20:12:21 GMT\r\ncache-control: max-age=2592000\r\nx-xss-protection: 1; mode=block\r\nx-nginx-upstream-cache-status: MISS\r\nx-server-powered-by: Engintron\r\npriority: u=2,i=?0\r\ncf-ray: 9a756d44f94d2678-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Engintron","description":"Engintron is a plugin that integrates Nginx to cPanel/WHM server.","website":"https://github.com/engintron/engintron","common_platform_enumeration":"","icon":"engintron.png","categories":["Web server extensions"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":116125,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"54c9de0fe3fb411ac77c80177553c945","sha1":"c709822381b2ec257c32c710a0aa491cae71805e","sha256":"b72af2a99da29d8b24b03e515699082cd259309c94be19052cd125e548f44eac","sha512":"5ab5e4842e1173a7d36c4d69fbbaaf088a08b1c5a26d755853b9cb79bd5c64b8b5055017e9c48e44ca57c6c4e714b1bd9851d18a25f335d99b3dacb2ce0a5fa2","ssdeep":"3072:xGeJdDuQg5Mujx+qehvP0x2+dHftj03sq:hDuQg5Mujx+qehvP0x2+dHfF0B","tlshash":"34b3621417b4dcf935ffa73a5e4ee258a503aa41c68a57ebe066d190618ca490cf3f0f","first_seen":"2025-07-16T01:17:46.855772Z","last_seen":"2026-04-03T11:05:14.867765Z","times_seen":1205,"resource_available":false,"data":null}},"time_used":67,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":64,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-01","alert":"Sinkholed","trigger":"newsy.elsob7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"newsy.elsob7.com/wp-content/themes/rocket/style.css?ver=56","fqdn":"newsy.elsob7.com","domain":"elsob7.com","tld":"com"},"ip":{"addr":"104.26.13.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://newsy.elsob7.com/news/coconut-biscuits/","date":"2025-12-01T20:45:11.870Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"elsob7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 20 Nov 2025 01:43:51 GMT","end":"Wed, 18 Feb 2026 02:41:17 GMT"},"fingerprint":{"sha1":"12:3A:19:6A:23:B3:A4:0D:A3:BE:DB:C0:4F:73:A7:16:D3:76:2C:7D","sha256":"2E:D5:8A:DF:92:4F:17:7B:27:88:39:EB:C9:7B:BE:42:A2:6F:29:57:87:BE:AC:FC:02:91:3D:45:28:BB:28:F1"}}},"request":{"raw":"GET /wp-content/themes/rocket/style.css?ver=56 HTTP/1.1\r\nHost: newsy.elsob7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://newsy.elsob7.com/news/coconut-biscuits/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 01 Dec 2025 20:45:11 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nlast-modified: Thu, 06 Nov 2025 03:22:35 GMT\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6zd3f9EJ9nx%2Bm3Xm3TCcjvnVbn7RBX%2Ft10WVYdxiAaoFCPo43LBZLLQcFO%2BUPA983%2BnsueNvY8b1tyrWw%2FSX1KRFkWPpgpzSFLg6WECYfkqj8mdXmqCPz1s6mjU%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nexpires: Wed, 31 Dec 2025 20:12:21 GMT\r\ncache-control: max-age=2592000\r\nx-xss-protection: 1; mode=block\r\nx-nginx-upstream-cache-status: MISS\r\nx-server-powered-by: Engintron\r\npriority: u=2,i=?0\r\ncf-ray: 9a756d4509512678-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Engintron","description":"Engintron is a plugin that integrates Nginx to cPanel/WHM server.","website":"https://github.com/engintron/engintron","common_platform_enumeration":"","icon":"engintron.png","categories":["Web server extensions"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":79924,"size_decoded":0,"mime_type":"text/css","magic":"assembler source, ASCII text, with CRLF line terminators","md5":"a629e31ae3d0775f837c20804a542ada","sha1":"dcbe188dac3e2c02a622e30994ae54c19242f204","sha256":"60cd1e6357b516184b25d2397f36cbeb56998bf528e62cb3adb91c36ea245bc4","sha512":"8ce2b5a85cd2546ac367fd71b76d2c3df98e5beec7f0b8a20402ca015a486299a4cdec7f7cbf8ed72ac4c8b6ed203070e90a9f2adc772de528a9260c7201a455","ssdeep":"768:1yJIxIZHRmrh+z14nrCji1XYEpc0RNbv8pKPKj:4KIZHqGj","tlshash":"72736388e5922d73473367385baa46c8f7a460a7ce4257a5bedc71064ffd2b84090f9c","first_seen":"2025-11-22T00:40:13.457947Z","last_seen":"2025-12-02T17:38:11.555834Z","times_seen":25,"resource_available":false,"data":null}},"time_used":62,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":55,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-01","alert":"Sinkholed","trigger":"newsy.elsob7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/bootstrap-icons/1.13.1/font/bootstrap-icons.min.css?ver=6.8.3","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://newsy.elsob7.com/news/coconut-biscuits/","date":"2025-12-01T20:45:11.872Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 15 Nov 2025 20:49:06 GMT","end":"Fri, 13 Feb 2026 21:49:04 GMT"},"fingerprint":{"sha1":"9A:71:C8:6F:E2:4B:9A:91:7D:C8:4A:1D:79:98:2F:97:C1:85:D8:79","sha256":"4E:C5:BB:7A:81:A0:D9:00:73:8D:D5:57:59:3D:A0:C3:D3:BE:62:18:4E:6F:6D:98:DA:F0:90:94:5E:E0:0B:63"}}},"request":{"raw":"GET /ajax/libs/bootstrap-icons/1.13.1/font/bootstrap-icons.min.css?ver=6.8.3 HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://newsy.elsob7.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 01 Dec 2025 20:45:11 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 10524\r\ncf-ray: 9a756d453fc7b28a-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"6852442b-291c\"\r\nlast-modified: Wed, 18 Jun 2025 04:44:27 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 927958\r\nexpires: Sat, 21 Nov 2026 20:45:11 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=rzerVdtF0mJlEuXVKzdKrrT9ZQ7mWgz3wpkpcF%2BW0RVrXSO%2FRJoxlZTS1oemxLlVAGDubIg6Xkl8KRvFEOob%2BcLD12AxKCmKSvvKmdksdVs6%2BSB0mD9Afm0xKvgoA2ECg6kv%2Fhmp\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":87008,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (65354)","md5":"c88a56421d181b3808a23a69d9ef9560","sha1":"ae9fe9e833daf68c237945e9adee5b7f35478d19","sha256":"a5d6387a32ca3baec4d02336b5b3edab50c9dd518355576a011ea3dd9c1d884e","sha512":"b7b15ec3dc6575d12681dde829941a864348e1d4ba97cd3e7861331508aab7255876f7121b60f722e6fbed1db405da2d7d13c0f5c69a464835b7268988f98ed2","ssdeep":"768:tPcr8JUkZrpULKt4bDcf3oQpeqfZs0BWeUz5+XIHx5qkgwTZ:VrpEKt4moUeqfZbc5+XIHZZ","tlshash":"1283fbe8e58d05e8f372c48fbf42675e31aafa3cd5811c68f14a112d5ac16650ac7fb8","first_seen":"2025-05-16T19:02:39.078687Z","last_seen":"2026-04-03T14:29:29.046906Z","times_seen":972,"resource_available":false,"data":null}},"time_used":50,"timings":{"blocked":1,"dns":1,"connect":1,"send":0,"wait":17,"receive":1,"ssl":26},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"newsy.elsob7.com/wp-content/uploads/2025/09/logo-elsob7.png","fqdn":"newsy.elsob7.com","domain":"elsob7.com","tld":"com"},"ip":{"addr":"104.26.13.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://newsy.elsob7.com/news/coconut-biscuits/","date":"2025-12-01T20:45:11.887Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"elsob7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 20 Nov 2025 01:43:51 GMT","end":"Wed, 18 Feb 2026 02:41:17 GMT"},"fingerprint":{"sha1":"12:3A:19:6A:23:B3:A4:0D:A3:BE:DB:C0:4F:73:A7:16:D3:76:2C:7D","sha256":"2E:D5:8A:DF:92:4F:17:7B:27:88:39:EB:C9:7B:BE:42:A2:6F:29:57:87:BE:AC:FC:02:91:3D:45:28:BB:28:F1"}}},"request":{"raw":"GET /wp-content/uploads/2025/09/logo-elsob7.png HTTP/1.1\r\nHost: newsy.elsob7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://newsy.elsob7.com/news/coconut-biscuits/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 01 Dec 2025 20:45:11 GMT\r\ncontent-type: image/png\r\ncontent-length: 11790\r\nlast-modified: Tue, 30 Sep 2025 05:51:58 GMT\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=68p5KHpRw7teO7OPlnG18kV9ak6QK8EL8BYudoqSaZOOill2reK2PVaqFDfxzoLqMhLUvi7khtBELfuVOt3TnLh1nQ46pFKOo46tpjnzyfA%3D\"}]}\r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\nexpires: Fri, 30 Jan 2026 20:12:21 GMT\r\ncache-control: max-age=5184000\r\nx-xss-protection: 1; mode=block\r\nx-nginx-upstream-cache-status: STALE\r\nx-server-powered-by: Engintron\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9a756d4519592678-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Engintron","description":"Engintron is a plugin that integrates Nginx to cPanel/WHM server.","website":"https://github.com/engintron/engintron","common_platform_enumeration":"","icon":"engintron.png","categories":["Web server extensions"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11790,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 400 x 101, 8-bit/color RGBA, non-interlaced","md5":"5b7768abfe3461e07e39570ad28866bb","sha1":"4ba8c45f97706efabbd32c39d355b89507cd548a","sha256":"57210a6ecb09d45c218dc690352f3a10b1fe2116a105580dac815114fdb55285","sha512":"0fc3e16a0891d62be4219d5b124f707011c1753a80a2ad1f673db21ac293d671a999c33cfd062e1b45474155eb2c479272ccbfc826897ddaefc276be7db87e89","ssdeep":"192:XttRrALAGa6mQ9jBdmjdwei4/SoFiWz1SbnZZPXu9s/gabbW+Ea86KpiCmftK/24:XP2XmQJmjdbi4/QWh4nZ5Xu9TagaLKHl","tlshash":"8132c0c2b3c0a804c8ebfaf27c3f5d4ed951a85d901f42aca1aa8db15561bba0e48481","first_seen":"2024-12-27T22:04:53.403313Z","last_seen":"2025-12-07T11:03:08.720378Z","times_seen":31,"resource_available":false,"data":null}},"time_used":62,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":61,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-01","alert":"Sinkholed","trigger":"newsy.elsob7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/readexpro/v27/SLXnc1bJ7HE5YDoGPuzj_dh8uc7wUy8ZQQyX2KY8TL0kGZN6blTC00SWhWEh.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"216.58.207.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://newsy.elsob7.com/news/coconut-biscuits/","date":"2025-12-01T20:45:12.217Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:34:57 GMT","end":"Mon, 19 Jan 2026 08:34:56 GMT"},"fingerprint":{"sha1":"A9:72:6E:D8:AB:26:CE:26:35:A4:39:55:24:08:04:0F:24:56:E8:8C","sha256":"65:84:7B:FE:24:02:CE:3E:DB:6E:1C:6B:B8:FC:99:F5:A5:65:83:F1:66:75:ED:20:20:63:06:ED:27:8A:82:FE"}}},"request":{"raw":"GET /s/readexpro/v27/SLXnc1bJ7HE5YDoGPuzj_dh8uc7wUy8ZQQyX2KY8TL0kGZN6blTC00SWhWEh.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://newsy.elsob7.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 14976\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 27 Nov 2025 10:28:42 GMT\r\nexpires: Fri, 27 Nov 2026 10:28:42 GMT\r\ncache-control: public, max-age=31536000\r\nage: 382590\r\nlast-modified: Tue, 09 Sep 2025 18:30:38 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14976,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 14976, version 1.0","md5":"1983a51eceb5cbc83030035875d1e7c3","sha1":"1ef477132bad0dacb28dc3578bf8fa352ce77b6e","sha256":"c555ffb8c674e5919b3fc2be46724fca0da8036e4b5b08245089b2ba1d7db2ef","sha512":"5d29dae4a17174cccae2851c7596fd303cbbc8612849fcea3b6a0d27bd573f17784b6e3afc3b4bbe0a244c44866af556700d50eb1d8bad608643b9a39e7b1e57","ssdeep":"384:AIECCR3D+LFwLmB91vPKQSqmWkFiD1mfZerF+SEWL1zk9y/M7KgyquIf:AIG+M0K4ksAYrJEWL1z2yEKgOIf","tlshash":"ce62c076b0e006d9ca411df33036f2ca6aeb054ca91554b0251ee2a12dfc69bdf6ed33","first_seen":"2025-09-26T06:59:11.464797Z","last_seen":"2026-03-21T06:40:03.074075Z","times_seen":34,"resource_available":false,"data":null}},"time_used":162,"timings":{"blocked":56,"dns":1,"connect":13,"send":0,"wait":9,"receive":1,"ssl":74},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"newsy.elsob7.com/wp-content/themes/rocket/style.js?ver=56","fqdn":"newsy.elsob7.com","domain":"elsob7.com","tld":"com"},"ip":{"addr":"104.26.13.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://newsy.elsob7.com/news/coconut-biscuits/","date":"2025-12-01T20:45:11.874Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"elsob7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 20 Nov 2025 01:43:51 GMT","end":"Wed, 18 Feb 2026 02:41:17 GMT"},"fingerprint":{"sha1":"12:3A:19:6A:23:B3:A4:0D:A3:BE:DB:C0:4F:73:A7:16:D3:76:2C:7D","sha256":"2E:D5:8A:DF:92:4F:17:7B:27:88:39:EB:C9:7B:BE:42:A2:6F:29:57:87:BE:AC:FC:02:91:3D:45:28:BB:28:F1"}}},"request":{"raw":"GET /wp-content/themes/rocket/style.js?ver=56 HTTP/1.1\r\nHost: newsy.elsob7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://newsy.elsob7.com/news/coconut-biscuits/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 01 Dec 2025 20:45:11 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nlast-modified: Thu, 06 Nov 2025 03:22:35 GMT\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Mns2zr2ufvMkIek0KtgOBbLbgZ0wJ9mtpF9e5j6It7jXLMynp2XfELx8XC3bpfi777Yip9Ct5xelttzE6c8%2FHy%2F1iMJaG7aEWjkoelwSteo%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nexpires: Wed, 31 Dec 2025 20:12:21 GMT\r\ncache-control: max-age=2592000\r\nx-xss-protection: 1; mode=block\r\nx-nginx-upstream-cache-status: MISS\r\nx-server-powered-by: Engintron\r\npriority: u=2,i=?0\r\ncf-ray: 9a756d4509532678-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Engintron","description":"Engintron is a plugin that integrates Nginx to cPanel/WHM server.","website":"https://github.com/engintron/engintron","common_platform_enumeration":"","icon":"engintron.png","categories":["Web server extensions"]}],"data":{"size":38671,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (1650), with CRLF line terminators","md5":"80d36c28b1b89437d31b54969e339388","sha1":"5ffdaf518794015a4119b2c9882eb6e6eae7c0a3","sha256":"f94ecb607893ab655e0ebd6359bc22131ed495d7fb0ee39aeaed30e8a037d122","sha512":"8f2cf0c09f2b21dc5f5c373d4154693885c9b24e5786659743a464c4ff4a9f78ed66431fe11d40267574399c425ac5ebf27fb081c07654d365a32c2df0d0fe8b","ssdeep":"384:mOXqssOxrNuSX5REolpfW82otCA2XOixhAAzTuC4Gp/td6WafZEATTFzXrbStjgA:cGpuQ52ollWjotCyAd6bog1UdV","tlshash":"e703964c6265227640b773be8fb75348fb3a406b60024b5dbe2d89492fb285551f2fec","first_seen":"2025-04-27T12:01:02.451034Z","last_seen":"2026-03-19T06:52:15.934654Z","times_seen":38,"resource_available":true,"data":null}},"time_used":61,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":59,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-01","alert":"Sinkholed","trigger":"newsy.elsob7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.larapush.com/scripts/popup-4.0.0.min.js","fqdn":"cdn.larapush.com","domain":"larapush.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://newsy.elsob7.com/news/coconut-biscuits/","date":"2025-12-01T20:45:11.876Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"larapush.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 06 Oct 2025 04:35:28 GMT","end":"Sun, 04 Jan 2026 05:34:07 GMT"},"fingerprint":{"sha1":"02:45:3C:2F:8F:87:E0:8B:E6:4A:FA:19:BA:79:61:41:62:9C:41:FF","sha256":"66:BA:80:98:D1:BC:C1:39:6A:4B:E4:4D:2B:AA:4D:95:8F:A0:16:BF:ED:D7:F5:12:14:2D:4A:4F:6C:98:94:D1"}}},"request":{"raw":"GET /scripts/popup-4.0.0.min.js HTTP/1.1\r\nHost: cdn.larapush.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://newsy.elsob7.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 01 Dec 2025 20:45:11 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 18438\r\nserver: cloudflare\r\nlast-modified: Sat, 29 Nov 2025 07:27:53 GMT\r\naccess-control-allow-origin: *\r\netag: W/\"692aa079-1049f\"\r\nexpires: Mon, 01 Dec 2025 20:43:57 GMT\r\ncache-control: max-age=7200\r\ncontent-encoding: gzip\r\nx-proxy-cache: MISS\r\nx-github-request-id: AA88:3B2A9A:1BBF12:1F4482:692AA2BA\r\naccept-ranges: bytes\r\nage: 674\r\nvia: 1.1 varnish\r\nx-served-by: cache-bma-essb1270034-BMA\r\nx-cache: HIT\r\nx-cache-hits: 0\r\nx-timer: S1764404790.234382,VS0,VE109\r\nvary: Accept-Encoding\r\nx-fastly-request-id: 99be9d84090cd0ae97dd8b76007badc74256233a\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=x2m3pqz0t2TuKpjBOvjwqBeFZuhaeOzSphX6HDL7yx46knPXfT60djiCNcJOc18UisjOqm97qtEHp%2B0HGXRUHKmy4OdRbMWUZoXUf9y7\"}]}\r\ncf-ray: 9a756d456cd20afa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":66719,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"c2d42a307eee2e383469f5674afd30e2","sha1":"98e1175d6584e7d46c884b0696aa06fae52524af","sha256":"5761a9d236040d1d17eeab713a9109ef796df4665ddf5cfba088b12509206db0","sha512":"ca60e7fe18dd9a0b19f3ec6f6739043454988ef3df49c5c4af415b3983dd097f642d81d0c173cbc66e65355bbdd36eeba4a442ff2793536c320d35624a1d27c2","ssdeep":"768:iMC61bOjFMNiK+fcKRG7K9FjzalotlgBrh1GLSNpqStUPfEdTcqQFqfxNiTkisj/:mQm9y8Fjzmo7E91WgAI","tlshash":"df63c5016fe03dac2342593f731bf6e9e929085dd246898ef18cfe14d6c9717a5aa331","first_seen":"2024-10-13T12:30:02.25738Z","last_seen":"2026-04-03T18:32:51.681057Z","times_seen":375,"resource_available":true,"data":null}},"time_used":103,"timings":{"blocked":33,"dns":22,"connect":1,"send":0,"wait":11,"receive":1,"ssl":31},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/readexpro/v27/SLXnc1bJ7HE5YDoGPuzj_dh8uc7wUy8ZQQyX2KY8TL0kGZN6blTC00SWgGEhpvg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"216.58.207.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://newsy.elsob7.com/news/coconut-biscuits/","date":"2025-12-01T20:45:12.221Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:34:57 GMT","end":"Mon, 19 Jan 2026 08:34:56 GMT"},"fingerprint":{"sha1":"A9:72:6E:D8:AB:26:CE:26:35:A4:39:55:24:08:04:0F:24:56:E8:8C","sha256":"65:84:7B:FE:24:02:CE:3E:DB:6E:1C:6B:B8:FC:99:F5:A5:65:83:F1:66:75:ED:20:20:63:06:ED:27:8A:82:FE"}}},"request":{"raw":"GET /s/readexpro/v27/SLXnc1bJ7HE5YDoGPuzj_dh8uc7wUy8ZQQyX2KY8TL0kGZN6blTC00SWgGEhpvg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://newsy.elsob7.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 10452\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 26 Nov 2025 19:52:55 GMT\r\nexpires: Thu, 26 Nov 2026 19:52:55 GMT\r\ncache-control: public, max-age=31536000\r\nage: 435137\r\nlast-modified: Tue, 09 Sep 2025 18:29:12 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10452,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 10452, version 1.0","md5":"23c223b860c959b7ec30b8627e60143e","sha1":"a8acfe227436a481f9f2420871777a2472160f4c","sha256":"5e3d5d429fd4f903a6ffa88f7183d6643b9122fff439a7181c52f2e8216b4807","sha512":"bd9f7feb1b76b629f0def0bf27c70d837c9b44a24b5e854fef5ece74e145ff2c0f505a6f672af17c953f035eaa5a4ed8bb77a7b9521a7196c8bb7e3075c25944","ssdeep":"192:hBP5F225pTE2Jl9PvGeiquOHxz2zTwOx9RbSIimIV467Kojo2:rP5NBPvGJPOH+TNvRbviJHjo2","tlshash":"fe22bfa2c86580d84e2f54be6180812f7d852587c89bc3d06df3af4ae4e9ef667c4721","first_seen":"2025-09-26T06:59:11.462601Z","last_seen":"2025-12-02T17:38:11.560787Z","times_seen":27,"resource_available":false,"data":null}},"time_used":167,"timings":{"blocked":57,"dns":1,"connect":12,"send":0,"wait":8,"receive":2,"ssl":83},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}