{"report_id":"e1d1d0c8-9c57-430d-978a-3e55d18eea82","version":0,"status":"done","tags":[],"date":"2026-06-17T16:04:28Z","url":{"schema":"http","addr":"jdcarnes.davidsabido.com/wp-content/2026","fqdn":"jdcarnes.davidsabido.com","domain":"davidsabido.com","tld":"com"},"ip":{"addr":"173.231.196.133","port":0,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"final":{"url":{"schema":"http","addr":"jdcarnes.davidsabido.com/wp-content/2026","fqdn":"jdcarnes.davidsabido.com","domain":"davidsabido.com","tld":"com"},"title":"Page not found – JD CARNES","dom":{"size":104012,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (9139)","md5":"3300ca145fbe71b5303776722ea5bef9","sha1":"5ec4dd57cc23529fd927913ff3b5a38e265c2551","sha256":"0518c15ca3946e79003d6081efa88c8adf407b17230b3a594b479990eb5a2ca3","sha512":"75c7e3ead1ccb2dc5be45eee11084c8f43e5596878049952637d6c4a4a8e0f85f266480adff309b461ed5f4c9d4e5127467489e894ff21e0e3f45eb5f070951d","ssdeep":"1536:SwypZ79OtMnn/fviTt/uHdw5I48YVNjNkO:Sxf5UzHI48YVNjNkO","tlshash":"52a3a9b2aa4c0459936be295f0d1f334a34ce132ee464df8f5a2646c5bc1be612f275c","dom_hash":"domhash1a95e5f4bfaac004124472eb29972278","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"jdcarnes.davidsabido.com/wp-content/2026","fqdn":"jdcarnes.davidsabido.com","domain":"davidsabido.com","tld":"com"},"ip":{"addr":"173.231.196.133","port":0,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-22T16:04:28Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"jdcarnes.davidsabido.com","ip":{"addr":"173.231.196.133","port":443,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"domain_registered":"2016-01-20","domain_rank":0,"first_seen":"2026-06-16T01:45:42.512158Z","last_seen":"2026-06-16T01:45:42.512158Z","alert_count":63,"request_count":21,"received_data":1907352,"sent_data":10106,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery Migrate:3.4.1","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Semplice","description":"Semplice is a Wordpress-based website builder made by designers for designers.","website":"https://www.semplice.com","common_platform_enumeration":"","icon":"Semplice.svg","categories":["WordPress themes","Page builders"]},{"name":"WordPress:7.0","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-06-14T22:22:05.140579Z","alert_count":0,"request_count":1,"received_data":41874,"sent_data":549,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"http","addr":"jdcarnes.davidsabido.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1","fqdn":"jdcarnes.davidsabido.com","domain":"davidsabido.com","tld":"com"},"ip":{"addr":"173.231.196.133","port":443,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"826eb77e86b02ab7724fe3d0141ff87c","sha1":"79cd3587d565afe290076a8d36c31c305a573d18","sha256":"cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf","sha512":"fc79fdb76763025dc39fac045a215ff155ef2f492a0e9640079d6f089fa6218af2b3ab7c6eaf636827dee9294e6939a95ab24554e870c976679c25567ad6374c","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKO:sHNwcv9VBQpLl88SMBQ47GKO","tlshash":"7483f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","size":87553,"data":"","first_seen":"2023-11-03T09:26:43Z","last_seen":"2026-06-21T18:30:21.13542Z","times_seen":920416,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"jdcarnes.davidsabido.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1","fqdn":"jdcarnes.davidsabido.com","domain":"davidsabido.com","tld":"com"},"ip":{"addr":"173.231.196.133","port":443,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"9ffeb32e2d9efbf8f70caabded242267","sha1":"3ad0c10e501ac2a9bfa18f9cd7e700219b378738","sha256":"5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89","sha512":"8d6be545508a1c38278b8ad780c3758ae48a25e4e12eee443375aa56031d9b356f8c90f22d4f251140fa3f65603af40523165e33cae2e2d62fc78ec106e3d731","ssdeep":"192:5rprDN+sag6ifKIUpQI99P1tLm9kdgyq1+J3aCJQ+h4MPLORq:5rprxaefKI0LP19m4q1WW+h4Mjp","tlshash":"9952c8adb56679724eb721b8f03bd24f71b205de560d8940d19cc4f6282dc6e812bf78","size":13577,"data":"","first_seen":"2023-05-09T19:21:05Z","last_seen":"2026-06-21T18:31:26.246288Z","times_seen":847144,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"jdcarnes.davidsabido.com/wp-content/themes/semplice7/assets/js/frontend.scripts.js?ver=7.0.7","fqdn":"jdcarnes.davidsabido.com","domain":"davidsabido.com","tld":"com"},"ip":{"addr":"173.231.196.133","port":443,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"720800daaa49d9c321c5475fda6b5f45","sha1":"0190216b8bf72bd8ae18234cdfcf2c16d73deb63","sha256":"617c9ce737a7685244a31a88a5f16ba2cc165dfd8fef75b47a179630b1472f07","sha512":"a50db9f8d5b14198911e1063896cba005bcefda4d695a2d5501c2aeeffeb7b833ab4307f477e271267b43a1713c2c22ce2b022f6647d43d7a73b8ed6c70885df","ssdeep":"768:/xMt5KgSFGMOx7PP/3HcXwesZ1QsLwtCITdEzcZK7dSSPFCY:SSbOBH3HcXwesZ1QsYCITdEzX7ASPFd","tlshash":"fa334bdc719136ab43d7a176107fe50e323319a6680aa0447939c8f67cb8e5d523fe6c","size":51849,"data":"","first_seen":"2025-06-23T17:25:33.794236Z","last_seen":"2026-06-17T16:04:33.80228Z","times_seen":41,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"jdcarnes.davidsabido.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.17","fqdn":"jdcarnes.davidsabido.com","domain":"davidsabido.com","tld":"com"},"ip":{"addr":"173.231.196.133","port":443,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"e53ec3d6e21be78115810135f5e956fe","sha1":"523892839b88351523e0498ba881c4431197b54e","sha256":"b15c3ea03d50c2430490e7416733a254feea4237bb60b54181bd3473ebe4149f","sha512":"84b080eaaa043928f038421ceb18bba7483afee5b6480a92ee01992317cde2361a6dd255b16ec036e51e8a1fef46b5379c6a5ff5c9ec69d682f96deaa03a8842","ssdeep":"3072:cWdIxUMz/tGzT3+XtHi2iX6JPMupdggt1YHWyFxAcDHzEJLDnWTnWNBEBysX6qMa:dwhggc1l7","tlshash":"14f31849718473b246c720ee653f1b0e7137ce69d009d060a936faf61eb8f8a512bf65","size":158005,"data":"","first_seen":"2023-03-08T14:26:25Z","last_seen":"2026-06-21T18:03:21.826019Z","times_seen":52265,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"jdcarnes.davidsabido.com/wp-content/semplice-frontend-js-js-extra","fqdn":"jdcarnes.davidsabido.com","domain":"davidsabido.com","tld":"com"},"ip":{"addr":"173.231.196.133","port":443,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"dc80cbdc640908e1824cf4e9b8eb8ddf","sha1":"5620f87124a61ddd193ebf813a5e868627170c57","sha256":"47dcc2fe16a8154bb1cb4379d3cbee6a77da0c085667cc209e6559923cb0fec9","sha512":"5a3cd2c7dd453c062fe44797aeb5849866e33a96a46f82292b35d6aa798472cde9e2f4706ba4690fca72b7f5d252b0871e0f62c588c7147eb680d60fe82d0578","ssdeep":"","tlshash":"8221217dca4c6f89c246d5f40989e8edd6c94026d5c0bc88d39ccd0f20f55fb715419a","size":1414,"data":"","first_seen":"2026-06-17T16:04:33.804813Z","last_seen":"2026-06-17T16:04:33.804813Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"jdcarnes.davidsabido.com/wp-content/themes/semplice7/assets/js/frontend.js?ver=7.0.7","fqdn":"jdcarnes.davidsabido.com","domain":"davidsabido.com","tld":"com"},"ip":{"addr":"173.231.196.133","port":443,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"27295cf48b6d099d6055e9f57c168a11","sha1":"1efab5de7527cba61945fed4e58ac59e1234aea9","sha256":"a2bc3fb6f54f98909de7a6f5c0cbe732f6b5b344c921c45ea85f8d5bbd34b6d7","sha512":"aad8289cfdc0e18ad1a353800a5c4c752096a82fdf50a03f1341eed75403bac8ee791bd865161856a0f0faa0d77064665e4c545b8011966361ea30a962e0b257","ssdeep":"1536:9h5mEUhEkOp3+OkgKB6uTZP2QXIDiZ7zCXs44QPiFypkzpM3RP8JX0f:9h5mEUCp3+Okj8udPvQiZ7zCcTQPiFyb","tlshash":"22730a59b39134fe01ff66b5544f200a2931a9a1ea0380887626d0b65cfdfad1367fed","size":73563,"data":"","first_seen":"2026-06-16T07:03:02.738661Z","last_seen":"2026-06-17T16:04:33.799726Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"jdcarnes.davidsabido.com/wp-includes/js/wp-emoji-loader.min.js","fqdn":"jdcarnes.davidsabido.com","domain":"davidsabido.com","tld":"com"},"ip":{"addr":"173.231.196.133","port":443,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8325c48d3580a11c017cbd542c815ab5","sha1":"4fc2bb3e0663c3dfec14ceadb7160cd13f4e568f","sha256":"a6201bef9a938aca92f29f719dfb388a88d73cb0eed8a8296396b6ba3bf09493","sha512":"99f08eb60af2070a7a13d23fe2f7e8852bc55a35443690418037a85b526da0873cf521af9bd23b7a535cadf266959cb9a611e5ab1a15eb0bc483cf05dbab15da","ssdeep":"","tlshash":"e381969ae77a3cdbb2f900f2697a0d47eb614435d6c8d438c9bea3141cb5893c274b46","size":3845,"data":"","first_seen":"2026-06-17T16:04:33.805723Z","last_seen":"2026-06-17T16:04:33.805723Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"jdcarnes.davidsabido.com/wp-content/themes/semplice7/assets/js/shared.scripts.js?ver=7.0.7","fqdn":"jdcarnes.davidsabido.com","domain":"davidsabido.com","tld":"com"},"ip":{"addr":"173.231.196.133","port":443,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"1c6bc80c17b9a8a600b30b12c1022b28","sha1":"0eaefd6b61278fc22b6c754fc96e1558ae3f10ec","sha256":"2a75048e7abd1b1825b67efba0eb88bfa7a37477f1d6be5c80cf90a4637c7d54","sha512":"f2dba6c8aa6d25c340f603bf7887b01f9f6d1e083fcf4f06302a27e1910e17e1925968486b4769e3577b2ee37f75e01dd8b99c5372efbddefe79169f74e0a867","ssdeep":"12288:O2JY8kVQFzIcJZMO1Y765/rDP+wqGwnD5oZUn1F3j:zm8kVAz4O1Y765/rDP+wqGMDSZU1Fj","tlshash":"69e41a8d7150743502d651aa916f0607b336256d740a84acb27ce8ef6cbcd8d22bffb9","size":689719,"data":"","first_seen":"2025-06-23T17:25:33.83001Z","last_seen":"2026-06-17T16:04:33.798625Z","times_seen":28,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"jdcarnes.davidsabido.com/wp-content/mediaelement-core-js-before","fqdn":"jdcarnes.davidsabido.com","domain":"davidsabido.com","tld":"com"},"ip":{"addr":"173.231.196.133","port":443,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"744d4e592b045d36a8b5ec733336a68d","sha1":"84a0e710627bbbeebc3e8fd1d132128482214fdf","sha256":"1bbaa76fd4b8477cda79e9e8681793ca4d356aeee66654a264cc14e0cbd0c82c","sha512":"f6f0ac986fb7ed7d265cf7afb98c7820c9b94d46c86963407fe9de2df622000f3495025cd9e3e0c4822f303e6d5530d60b13ffcd46cb1ebe9e32199a31d84e5d","ssdeep":"","tlshash":"de61cb1ac002383b07284376bc8a47e685fdcb93d1814843a9ff4da9b2d7c386137654","size":3243,"data":"","first_seen":"2026-01-07T21:51:34.008261Z","last_seen":"2026-06-17T16:04:33.807071Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"jdcarnes.davidsabido.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=7.0","fqdn":"jdcarnes.davidsabido.com","domain":"davidsabido.com","tld":"com"},"ip":{"addr":"173.231.196.133","port":443,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"51300497928562f8c86c7aaba99237cd","sha1":"e5826832b85c6afc6502b74cbb8ac5394b04c363","sha256":"6d161e98e47ae150b51211443eef37040fb6269dcf85ad2048548066dca99e6f","sha512":"04bfdf1a41712238902bc6a0e07efaf356217e98560c52fa5d175c29191617c35853382ce2f69966bdd5e1b40114b872d962a5fad26a9e0b7d4fc016a6dcb833","ssdeep":"","tlshash":"c72121daa848111a51c7246c70e7131c32bdd354d0108528b92ee9df29f5bc9647eb70","size":1191,"data":"","first_seen":"2023-03-07T01:06:59Z","last_seen":"2026-06-21T18:03:21.837723Z","times_seen":52598,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"jdcarnes.davidsabido.com/wp-content/mediaelement-js-extra","fqdn":"jdcarnes.davidsabido.com","domain":"davidsabido.com","tld":"com"},"ip":{"addr":"173.231.196.133","port":443,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"4a5316b3808b9cd19b5633f582af5591","sha1":"c7174ebcde21c16133438237442a56222b3f2484","sha256":"1e67118d7e97a79fee6860ed6c718580b3ba37ed9d5f5991f514f1732b92f3c4","sha512":"b5d957229d18b350d0abc515c924e4db7cd79a21e65fb19bed1ab81bf534278234f9db208ec23f491225737a21f5c18093c90865ca6c6f40f0ed4c5888ed1e03","ssdeep":"","tlshash":"2011a7d8fb29031403db893d051a422d854e4fb7c1029d3faebc786a09bfd846152e21","size":1090,"data":"","first_seen":"2026-05-31T11:30:18.844682Z","last_seen":"2026-06-17T16:04:33.821805Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"jdcarnes.davidsabido.com/wp-includes/js/wp-emoji-release.min.js?ver=7.0","fqdn":"jdcarnes.davidsabido.com","domain":"davidsabido.com","tld":"com"},"ip":{"addr":"173.231.196.133","port":443,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"f0cc9ba5cf46af0cd73d521803e3b07e","sha1":"7d2a74f87dc70a39eccce3bae1d4cc404cb134f4","sha256":"fd59b0ebf6282ed71647bf2f6e0d1925bbfd1f270865a832079ebb60259aabca","sha512":"7ec44f08676c195547a623504c7105ef3d0acea5839675599598043f3e0b5a3386452e3db6fbea90722f7be9e6effdae1b89c49e2b05b22b8c415616e07d471d","ssdeep":"384:WzevzApRZTbXU/3o//bEPhXgA5POkpJTX:Wsk9XU/3o//YpXgAs+hX","tlshash":"7fa2959ba33a4e8f343e3bd78d968f4dc9da555321c0e079dbefb6c169a00568274c80","size":22762,"data":"","first_seen":"2025-11-10T19:52:32.864936Z","last_seen":"2026-06-21T18:32:10.617963Z","times_seen":278077,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":[{"level":"log","text":"JQMIGRATE: Migrate is installed, version 3.4.1","filename":"http://jdcarnes.davidsabido.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1","line_number":0,"column_number":0}]},"http":[{"url":{"schema":"https","addr":"jdcarnes.davidsabido.com/wp-content/uploads/2025/05/Logo_BW.svg","fqdn":"jdcarnes.davidsabido.com","domain":"davidsabido.com","tld":"com"},"ip":{"addr":"173.231.196.133","port":443,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://jdcarnes.davidsabido.com/wp-content/2026","date":"2026-06-17T16:04:07.951Z","timestamp":1781712247951,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.bonanza2.davidsabido.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 May 2026 23:17:55 GMT","end":"Sun, 02 Aug 2026 23:17:54 GMT"},"fingerprint":{"sha1":"A6:EF:8E:4D:5B:C8:E6:58:13:57:DD:34:65:04:32:0B:89:5F:8E:BE","sha256":"08:6C:95:87:30:D4:90:B0:9B:89:32:F6:D3:0B:6B:B3:6A:EC:40:25:CE:59:09:ED:65:E9:8A:9A:5D:C4:8B:DA"}}},"request":{"raw":"GET /wp-content/uploads/2025/05/Logo_BW.svg HTTP/1.1\r\nHost: jdcarnes.davidsabido.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://jdcarnes.davidsabido.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nlast-modified: Thu, 08 May 2025 18:28:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 5908\r\ncontent-type: image/svg+xml\r\ndate: Wed, 17 Jun 2026 16:04:09 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":5908,"size_decoded":6115,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"9a13fbe8508ff18cc2147a69a66cea2b","sha1":"2e3bffdae586727b8300f242ff9efaf9310639f4","sha256":"34795ee30fca47c6a4baac50cfcc277fa7cc9a8b7ed25bc8010c51e9fcbcc630","sha512":"78f9836d5cc0bd6a01659606123974b94fb3ef22486f009845dcf03cdd69368df70876e5b5d24deacb68889ad9fc903543ea75fe833f9c1a3718a27799d87ecf","ssdeep":"96:Oxs3HefaC9NRgF8/jGw5xZ0NeeDIu2fEw2adWB8CzImOlIQopa5SXO3:os3+CC9UF8yw5H0Nee81WBtzlOl2pa53","tlshash":"2cc1c9ca777c93fcf441e3f0da179825a72764f62e32cb5887943985a68042d4c99dc3","first_seen":"2026-06-16T07:03:02.775124Z","last_seen":"2026-06-17T16:04:33.7856Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1437,"timings":{"blocked":817,"dns":0,"connect":159,"send":0,"wait":300,"receive":0,"ssl":160},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"jdcarnes.davidsabido.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.17","fqdn":"jdcarnes.davidsabido.com","domain":"davidsabido.com","tld":"com"},"ip":{"addr":"173.231.196.133","port":80,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://jdcarnes.davidsabido.com/wp-content/2026","date":"2026-06-17T16:04:08.110Z","timestamp":1781712248110,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.17 HTTP/1.1\r\nHost: jdcarnes.davidsabido.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://jdcarnes.davidsabido.com/wp-content/2026\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 17 Jun 2026 16:04:08 GMT\r\nServer: Apache\r\nUpgrade: h2,h2c\r\nConnection: Upgrade, Keep-Alive\r\nLast-Modified: Thu, 29 Sep 2022 21:21:12 GMT\r\nAccept-Ranges: bytes\r\nContent-Length: 158005\r\nKeep-Alive: timeout=5, max=100\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":158005,"size_decoded":158289,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65266)","md5":"e53ec3d6e21be78115810135f5e956fe","sha1":"523892839b88351523e0498ba881c4431197b54e","sha256":"b15c3ea03d50c2430490e7416733a254feea4237bb60b54181bd3473ebe4149f","sha512":"84b080eaaa043928f038421ceb18bba7483afee5b6480a92ee01992317cde2361a6dd255b16ec036e51e8a1fef46b5379c6a5ff5c9ec69d682f96deaa03a8842","ssdeep":"3072:cWdIxUMz/tGzT3+XtHi2iX6JPMupdggt1YHWyFxAcDHzEJLDnWTnWNBEBysX6qMa:dwhggc1l7","tlshash":"14f31849718473b246c720ee653f1b0e7137ce69d009d060a936faf61eb8f8a512bf65","first_seen":"2023-03-08T14:26:25Z","last_seen":"2026-06-21T18:03:21.826019Z","times_seen":52265,"resource_available":true,"data":null}},"time_used":816,"timings":{"blocked":-1,"dns":0,"connect":156,"send":0,"wait":156,"receive":504,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"jdcarnes.davidsabido.com/wp-content/uploads/2025/05/IBMPlexMono-Medium.ttf","fqdn":"jdcarnes.davidsabido.com","domain":"davidsabido.com","tld":"com"},"ip":{"addr":"173.231.196.133","port":443,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://jdcarnes.davidsabido.com/wp-content/2026","date":"2026-06-17T16:04:08.880Z","timestamp":1781712248880,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.bonanza2.davidsabido.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 May 2026 23:17:55 GMT","end":"Sun, 02 Aug 2026 23:17:54 GMT"},"fingerprint":{"sha1":"A6:EF:8E:4D:5B:C8:E6:58:13:57:DD:34:65:04:32:0B:89:5F:8E:BE","sha256":"08:6C:95:87:30:D4:90:B0:9B:89:32:F6:D3:0B:6B:B3:6A:EC:40:25:CE:59:09:ED:65:E9:8A:9A:5D:C4:8B:DA"}}},"request":{"raw":"GET /wp-content/uploads/2025/05/IBMPlexMono-Medium.ttf HTTP/1.1\r\nHost: jdcarnes.davidsabido.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: http://jdcarnes.davidsabido.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://jdcarnes.davidsabido.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nlast-modified: Tue, 06 May 2025 22:23:39 GMT\r\naccept-ranges: bytes\r\ncontent-length: 134880\r\ncontent-type: font/ttf\r\ndate: Wed, 17 Jun 2026 16:04:09 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":32704,"size_decoded":32908,"mime_type":"font/ttf","magic":"TrueType Font data, 17 tables, 1st \"GDEF\", 22 names, Microsoft, language 0x409","md5":"757289a9a224a3cd5b151338ed6d768a","sha1":"4fafa6efd20c9a591ad84ebf2154e6c5ae1b7b4b","sha256":"e9f290efbc431a700611f7ddd82459da9e25fe8b74e24cc19948479792100964","sha512":"957d0f8fb826041116c567779bc999e41a2bde495b8efb9ea81c17ed1055ad751aaa37f7ed63cfdf0c2f1345fa11ca1a30dd417dcb8b504528ec2060be6d44ca","ssdeep":"768:Di1qYSm8HsGx83Kwf5XXJe0+wpKwDNd3gI2U7bY/zF1bAL:CBQ83KyH+wjKIK/za","tlshash":"33e2914bcfeb9366f75a5eb04be6b7b42724bb03ab34620da841c444c4cb19d096f785","first_seen":"2026-06-17T16:04:33.787529Z","last_seen":"2026-06-17T16:04:33.787529Z","times_seen":1,"resource_available":false,"data":null}},"time_used":940,"timings":{"blocked":-1,"dns":0,"connect":159,"send":0,"wait":612,"receive":3,"ssl":164},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"jdcarnes.davidsabido.com/wp-content/uploads/2025/05/IBMPlexMono-SemiBold.ttf","fqdn":"jdcarnes.davidsabido.com","domain":"davidsabido.com","tld":"com"},"ip":{"addr":"173.231.196.133","port":443,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://jdcarnes.davidsabido.com/wp-content/2026","date":"2026-06-17T16:04:08.888Z","timestamp":1781712248888,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.bonanza2.davidsabido.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 May 2026 23:17:55 GMT","end":"Sun, 02 Aug 2026 23:17:54 GMT"},"fingerprint":{"sha1":"A6:EF:8E:4D:5B:C8:E6:58:13:57:DD:34:65:04:32:0B:89:5F:8E:BE","sha256":"08:6C:95:87:30:D4:90:B0:9B:89:32:F6:D3:0B:6B:B3:6A:EC:40:25:CE:59:09:ED:65:E9:8A:9A:5D:C4:8B:DA"}}},"request":{"raw":"GET /wp-content/uploads/2025/05/IBMPlexMono-SemiBold.ttf HTTP/1.1\r\nHost: jdcarnes.davidsabido.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: http://jdcarnes.davidsabido.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://jdcarnes.davidsabido.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nlast-modified: Tue, 06 May 2025 22:23:39 GMT\r\naccept-ranges: bytes\r\ncontent-length: 138372\r\ncontent-type: font/ttf\r\ndate: Wed, 17 Jun 2026 16:04:09 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":16352,"size_decoded":16556,"mime_type":"font/ttf","magic":"TrueType Font data, 18 tables, 1st \"GDEF\", 22 names, Microsoft, language 0x409","md5":"14a9f96ade8584365f13e7f151b09763","sha1":"63250dc16dd90ba5338a18e39bec1416da4c5edb","sha256":"8e5a1c0a58878394ea798f6c18c3fe9a69a6cde7b8568531fe8ce46ed02d0c56","sha512":"1e8d679d1ea9bbcb5d2c397ebc911f4225f9edf39c05586f9e5278f37915583393b151ddb2f8d2dbda90847974d0359e136f370309995db579c62f66838997b3","ssdeep":"384:kiSv8y3k45/TuTMsiopaWA0Wd3Wd3rc1gM1:ki1y04x+MsxAf1N","tlshash":"b972e822eba39f05e2920f7158b273355b72bf03a738879d518ac915dc824dd8cdd3a2","first_seen":"2026-06-17T16:04:33.788626Z","last_seen":"2026-06-17T16:04:33.788626Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1088,"timings":{"blocked":-1,"dns":0,"connect":156,"send":0,"wait":769,"receive":2,"ssl":160},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"jdcarnes.davidsabido.com/wp-includes/js/wp-emoji-release.min.js?ver=7.0","fqdn":"jdcarnes.davidsabido.com","domain":"davidsabido.com","tld":"com"},"ip":{"addr":"173.231.196.133","port":80,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://jdcarnes.davidsabido.com/wp-content/2026","date":"2026-06-17T16:04:09.141Z","timestamp":1781712249141,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /wp-includes/js/wp-emoji-release.min.js?ver=7.0 HTTP/1.1\r\nHost: jdcarnes.davidsabido.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://jdcarnes.davidsabido.com/wp-content/2026\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 17 Jun 2026 16:04:09 GMT\r\nServer: Apache\r\nLast-Modified: Wed, 03 Dec 2025 13:52:58 GMT\r\nAccept-Ranges: bytes\r\nContent-Length: 22762\r\nKeep-Alive: timeout=5, max=97\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":22762,"size_decoded":23018,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (19823)","md5":"f0cc9ba5cf46af0cd73d521803e3b07e","sha1":"7d2a74f87dc70a39eccce3bae1d4cc404cb134f4","sha256":"fd59b0ebf6282ed71647bf2f6e0d1925bbfd1f270865a832079ebb60259aabca","sha512":"7ec44f08676c195547a623504c7105ef3d0acea5839675599598043f3e0b5a3386452e3db6fbea90722f7be9e6effdae1b89c49e2b05b22b8c415616e07d471d","ssdeep":"384:WzevzApRZTbXU/3o//bEPhXgA5POkpJTX:Wsk9XU/3o//YpXgAs+hX","tlshash":"7fa2959ba33a4e8f343e3bd78d968f4dc9da555321c0e079dbefb6c169a00568274c80","first_seen":"2025-11-10T19:52:32.864936Z","last_seen":"2026-06-21T18:32:10.617963Z","times_seen":278077,"resource_available":true,"data":null}},"time_used":153,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"jdcarnes.davidsabido.com/wp-content/2026","fqdn":"jdcarnes.davidsabido.com","domain":"davidsabido.com","tld":"com"},"ip":{"addr":"173.231.196.133","port":80,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-17T16:04:06.727Z","timestamp":1781712246727,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /wp-content/2026 HTTP/1.1\r\nHost: jdcarnes.davidsabido.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Wed, 17 Jun 2026 16:04:06 GMT\r\nServer: Apache\r\nExpires: Wed, 11 Jan 1984 05:00:00 GMT\r\nCache-Control: no-cache, must-revalidate, max-age=0, no-store, private\r\nLink: \u003chttps://jdcarnes.davidsabido.com/wp-json/\u003e; rel=\"https://api.w.org/\"\r\nUpgrade: h2,h2c\r\nConnection: Upgrade, Keep-Alive\r\nKeep-Alive: timeout=5, max=100\r\nTransfer-Encoding: chunked\r\nContent-Type: text/html; charset=UTF-8\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery Migrate:3.4.1","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Semplice","description":"Semplice is a Wordpress-based website builder made by designers for designers.","website":"https://www.semplice.com","common_platform_enumeration":"","icon":"Semplice.svg","categories":["WordPress themes","Page builders"]},{"name":"WordPress:7.0","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]}],"data":{"size":103144,"size_decoded":103562,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (9139), with CRLF, LF line terminators","md5":"daab76847845082a0b4bf07fd5859313","sha1":"8173ff5dabe87ccf075723b7574a78ccb908caae","sha256":"942436f7aabd4a8852c103158b4cdcc07a360f85c0f8f6aa659faa48be1018f7","sha512":"abd07d7b303548a30e5b669c0aca12018cce3059d40193f353169fd2d44fd5d0826a860f83bb9ff1bf9970f68cda34996838f67dc6f49881eef010cd0d43576c","ssdeep":"768:aW8Zdyp6OzbuuEhig1LtB2nHVDNBZfvPL7itlwugacOPiI4Tu/DYVNYGNkuo0sCE:anypdQHK9N/fvPKtlwjHOaI48YVNjNkN","tlshash":"eaa397b2ba4c04599367e295f0b1f334e74ce131ee4649b8f1a1646da7c1be112f2b6c","first_seen":"2026-06-17T16:04:33.790287Z","last_seen":"2026-06-17T16:04:33.790287Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1368,"timings":{"blocked":-1,"dns":3,"connect":152,"send":0,"wait":756,"receive":457,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"jdcarnes.davidsabido.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1","fqdn":"jdcarnes.davidsabido.com","domain":"davidsabido.com","tld":"com"},"ip":{"addr":"173.231.196.133","port":80,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://jdcarnes.davidsabido.com/wp-content/2026","date":"2026-06-17T16:04:07.803Z","timestamp":1781712247803,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1\r\nHost: jdcarnes.davidsabido.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://jdcarnes.davidsabido.com/wp-content/2026\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 17 Jun 2026 16:04:08 GMT\r\nServer: Apache\r\nUpgrade: h2,h2c\r\nConnection: Upgrade, Keep-Alive\r\nLast-Modified: Tue, 29 Aug 2023 00:14:24 GMT\r\nAccept-Ranges: bytes\r\nContent-Length: 87553\r\nKeep-Alive: timeout=5, max=100\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":87553,"size_decoded":87836,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"826eb77e86b02ab7724fe3d0141ff87c","sha1":"79cd3587d565afe290076a8d36c31c305a573d18","sha256":"cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf","sha512":"fc79fdb76763025dc39fac045a215ff155ef2f492a0e9640079d6f089fa6218af2b3ab7c6eaf636827dee9294e6939a95ab24554e870c976679c25567ad6374c","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKO:sHNwcv9VBQpLl88SMBQ47GKO","tlshash":"7483f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","first_seen":"2023-11-03T09:26:43Z","last_seen":"2026-06-21T18:30:21.13542Z","times_seen":920416,"resource_available":true,"data":null}},"time_used":731,"timings":{"blocked":-1,"dns":0,"connect":146,"send":0,"wait":148,"receive":437,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Open+Sans:400,400i,700,700i|Lora:400,400i,700,700i","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://jdcarnes.davidsabido.com/wp-content/2026","date":"2026-06-17T16:04:07.810Z","timestamp":1781712247810,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:38:19 GMT","end":"Mon, 17 Aug 2026 08:38:18 GMT"},"fingerprint":{"sha1":"4D:E0:8E:62:2F:B2:3D:28:5D:7D:B5:8D:C5:3A:72:E4:EE:AB:7D:93","sha256":"AE:0B:4F:B5:B7:41:E5:0C:70:C0:E1:2A:F9:DB:AD:A8:64:94:F3:70:6D:38:1C:8A:8A:CA:52:96:5C:D8:5C:87"}}},"request":{"raw":"GET /css?family=Open+Sans:400,400i,700,700i|Lora:400,400i,700,700i HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://jdcarnes.davidsabido.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Wed, 17 Jun 2026 16:04:07 GMT\r\ndate: Wed, 17 Jun 2026 16:04:07 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":41190,"size_decoded":2963,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"9082879449780bbd9770d7af69dcd52a","sha1":"75341c4e7685e8272717cdf4064f052490bd5f9a","sha256":"379e02fe069cfc4e556fbbd7e07fbedb9ed5d459a98e0462587a20b0153b6c1e","sha512":"c3a4672dbf3b406b7c7e0598d83e517a2655e61fbc1b4457337982f35650ca6cdbbf962c0ddd6abfed777c537c85963181607392e63f7aa5e1a2b14061b6e60d","ssdeep":"384:3mnHbQ8qY42HAQ3nKYQdqY42ydVQgqY4isLqY47bOjI8t7KvGqY49xn+v6OiFLt0:Ihz4Lw2PsiCYHLXLdc2","tlshash":"f50351a100175444674319e223de7e35ee0fa3547144d036abfe9b8beecada6a3b435c","first_seen":"2025-09-28T01:03:43.017953Z","last_seen":"2026-06-19T15:13:43.038809Z","times_seen":67,"resource_available":false,"data":null}},"time_used":87,"timings":{"blocked":-1,"dns":2,"connect":15,"send":0,"wait":34,"receive":0,"ssl":36},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"jdcarnes.davidsabido.com/wp-content/themes/semplice7/assets/fonts/satoshi.woff2","fqdn":"jdcarnes.davidsabido.com","domain":"davidsabido.com","tld":"com"},"ip":{"addr":"173.231.196.133","port":80,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://jdcarnes.davidsabido.com/wp-content/2026","date":"2026-06-17T16:04:08.878Z","timestamp":1781712248878,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /wp-content/themes/semplice7/assets/fonts/satoshi.woff2 HTTP/1.1\r\nHost: jdcarnes.davidsabido.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://jdcarnes.davidsabido.com/wp-content/2026\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 17 Jun 2026 16:04:08 GMT\r\nServer: Apache\r\nLast-Modified: Tue, 06 May 2025 19:07:26 GMT\r\nAccept-Ranges: bytes\r\nContent-Length: 42588\r\nKeep-Alive: timeout=5, max=98\r\nConnection: Keep-Alive\r\nContent-Type: font/woff2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":42588,"size_decoded":42832,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 42588, version 1.0","md5":"70880e42f07b0386e261974cd14820a1","sha1":"2d34d398b398a7fd88d21fae7642cdca908bf3ee","sha256":"e739aff9b4d02c264341d6d4872edcda28e79373aeda936f659566a1cd3eb47f","sha512":"6a5cb0cbee5f49a4b96df82bc37f3f2aa7abbc8fdb304962a3f492c7f63772b81e753a86e01da2a7a74785cf3196795408065e0bf30695166311e324d813d83c","ssdeep":"768:LRuvvUK4d5TnqQ8Wd3PDjhbDERazTlYv2zypgb0Sj0a7OpBUroBTy1gvK2jbx:9ukK4rzn3PPeRElO6ZVj0a7O/3g1IZx","tlshash":"d313013c8972d7b2bddb203b7cc0b6652494576962b0b2bec096093c80a467db18f733","first_seen":"2023-06-27T05:49:32Z","last_seen":"2026-06-21T17:03:54.907844Z","times_seen":2233,"resource_available":false,"data":null}},"time_used":155,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":154,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"jdcarnes.davidsabido.com/wp-content/uploads/2025/05/IBMPlexMono-Regular.ttf","fqdn":"jdcarnes.davidsabido.com","domain":"davidsabido.com","tld":"com"},"ip":{"addr":"173.231.196.133","port":443,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://jdcarnes.davidsabido.com/wp-content/2026","date":"2026-06-17T16:04:08.884Z","timestamp":1781712248884,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.bonanza2.davidsabido.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 May 2026 23:17:55 GMT","end":"Sun, 02 Aug 2026 23:17:54 GMT"},"fingerprint":{"sha1":"A6:EF:8E:4D:5B:C8:E6:58:13:57:DD:34:65:04:32:0B:89:5F:8E:BE","sha256":"08:6C:95:87:30:D4:90:B0:9B:89:32:F6:D3:0B:6B:B3:6A:EC:40:25:CE:59:09:ED:65:E9:8A:9A:5D:C4:8B:DA"}}},"request":{"raw":"GET /wp-content/uploads/2025/05/IBMPlexMono-Regular.ttf HTTP/1.1\r\nHost: jdcarnes.davidsabido.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: http://jdcarnes.davidsabido.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://jdcarnes.davidsabido.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nlast-modified: Tue, 06 May 2025 22:23:39 GMT\r\naccept-ranges: bytes\r\ncontent-length: 133720\r\ncontent-type: font/ttf\r\ndate: Wed, 17 Jun 2026 16:04:09 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":32727,"size_decoded":32931,"mime_type":"font/ttf","magic":"TrueType Font data, 17 tables, 1st \"GDEF\", 20 names, Microsoft, language 0x409","md5":"de8c45cac1f55070ba59db6761e9da07","sha1":"75df203633cff570d60f0340001effb157e49d8b","sha256":"50d4fe67519f3f23911ee001bca6603f2b95bda26b01f799d386cbaf8309a107","sha512":"d2d0a8e3b3762fa7953ce5500bec108ce3eabf354a25fcf6d95c2e220049b5362386c0c52ed8847fac6af196d21ae7a96bf0dc0a39aa9a9d573c695cb2ec0e78","ssdeep":"768:Mi1FsmcifxkvViZfBR/X0+wpKwDNd3MRSz57PRAu81WgQ+X:fFsmDpMcT/k+wju8Au81WgN","tlshash":"ade2a14b8fb7976bf75a4db04beab7792718bf039f20621c8c118144c89f19d486f6a4","first_seen":"2026-06-17T16:04:33.792975Z","last_seen":"2026-06-17T16:04:33.792975Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1240,"timings":{"blocked":-1,"dns":0,"connect":161,"send":0,"wait":909,"receive":3,"ssl":166},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"jdcarnes.davidsabido.com/wp-content/2026","fqdn":"jdcarnes.davidsabido.com","domain":"davidsabido.com","tld":"com"},"ip":{"addr":"173.231.196.133","port":443,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-17T16:04:00.397Z","timestamp":1781712240397,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.bonanza2.davidsabido.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 May 2026 23:17:55 GMT","end":"Sun, 02 Aug 2026 23:17:54 GMT"},"fingerprint":{"sha1":"A6:EF:8E:4D:5B:C8:E6:58:13:57:DD:34:65:04:32:0B:89:5F:8E:BE","sha256":"08:6C:95:87:30:D4:90:B0:9B:89:32:F6:D3:0B:6B:B3:6A:EC:40:25:CE:59:09:ED:65:E9:8A:9A:5D:C4:8B:DA"}}},"request":{"raw":"GET /wp-content/2026 HTTP/1.1\r\nHost: jdcarnes.davidsabido.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 \r\nexpires: Wed, 11 Jan 1984 05:00:00 GMT\r\ncache-control: no-cache, must-revalidate, max-age=0, no-store, private\r\nlink: \u003chttps://jdcarnes.davidsabido.com/wp-json/\u003e; rel=\"https://api.w.org/\"\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Wed, 17 Jun 2026 16:04:05 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery Migrate:3.4.1","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Semplice","description":"Semplice is a Wordpress-based website builder made by designers for designers.","website":"https://www.semplice.com","common_platform_enumeration":"","icon":"Semplice.svg","categories":["WordPress themes","Page builders"]},{"name":"WordPress:7.0","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":103161,"size_decoded":103478,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (9139), with CRLF, LF line terminators","md5":"c698230960adc9273a4818449a5f0fe5","sha1":"3dd2301bfcc4523877b9b4fbe4c9a944f0ada0b0","sha256":"fcad728103f095b3f402dcd829b2ed106fa80ca5a65e5198a8db689e1d1fde0f","sha512":"6894628f346afa45722909c892be64de835d21c5eb5e70d86e80f4eb9f9422d6d9c353df6de4204f552d1267cee69f84e0946e666f2b78dd6831677afdc81274","ssdeep":"768:aW8Zdyp6NabuuEhig1LNB2nvSMNBZfvPL7cTxRuiar/hidPTu/Dv+NYGM5uo0sCB:anypM5vKXN/fvPkTxRB8/4dP8v+NjM5q","tlshash":"97a3c8b3794c04599367e295f0b1f338e74ce132ee4649b8f1a2646d97c1ba112f2b6c","first_seen":"2026-06-17T16:04:33.793961Z","last_seen":"2026-06-17T16:04:33.793961Z","times_seen":1,"resource_available":true,"data":null}},"time_used":6124,"timings":{"blocked":-1,"dns":4206,"connect":160,"send":0,"wait":773,"receive":0,"ssl":985},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"jdcarnes.davidsabido.com/wp-content/themes/semplice7/style.css?ver=7.0.7","fqdn":"jdcarnes.davidsabido.com","domain":"davidsabido.com","tld":"com"},"ip":{"addr":"173.231.196.133","port":80,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://jdcarnes.davidsabido.com/wp-content/2026","date":"2026-06-17T16:04:07.797Z","timestamp":1781712247797,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /wp-content/themes/semplice7/style.css?ver=7.0.7 HTTP/1.1\r\nHost: jdcarnes.davidsabido.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://jdcarnes.davidsabido.com/wp-content/2026\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 17 Jun 2026 16:04:08 GMT\r\nServer: Apache\r\nUpgrade: h2,h2c\r\nConnection: Upgrade, Keep-Alive\r\nLast-Modified: Tue, 06 May 2025 19:07:27 GMT\r\nAccept-Ranges: bytes\r\nContent-Length: 1127\r\nKeep-Alive: timeout=5, max=100\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":1127,"size_decoded":1395,"mime_type":"text/css","magic":"HTML document, ASCII text, with very long lines (408), with CRLF line terminators","md5":"6da642c7d4e97756d77e8f2d0c11d009","sha1":"56831ad379a3324434b06020f997a9cb07dc232d","sha256":"20caf76eef34c9472237e635d18d9890b5cb280135ec673c4a1f6c7f3adf26ff","sha512":"4bd741c824c0d13cbe3a44e91cbfbe27b4b1f117d1897020578e1befbb32bc60d8a19e65d17797d5530b9ccd6029b680960b74a96020a056284f277b432afe91","ssdeep":"","tlshash":"412121d20c02e2fd3663c72170bba698e95fd2c2aed4b897d846ca08400453253af3cd","first_seen":"2026-06-16T07:03:02.754402Z","last_seen":"2026-06-17T16:04:33.795323Z","times_seen":2,"resource_available":false,"data":null}},"time_used":305,"timings":{"blocked":-1,"dns":0,"connect":152,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"jdcarnes.davidsabido.com/wp-content/themes/semplice7/assets/css/frontend.css?ver=7.0.7","fqdn":"jdcarnes.davidsabido.com","domain":"davidsabido.com","tld":"com"},"ip":{"addr":"173.231.196.133","port":80,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://jdcarnes.davidsabido.com/wp-content/2026","date":"2026-06-17T16:04:07.799Z","timestamp":1781712247799,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /wp-content/themes/semplice7/assets/css/frontend.css?ver=7.0.7 HTTP/1.1\r\nHost: jdcarnes.davidsabido.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://jdcarnes.davidsabido.com/wp-content/2026\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 17 Jun 2026 16:04:08 GMT\r\nServer: Apache\r\nUpgrade: h2,h2c\r\nConnection: Upgrade, Keep-Alive\r\nLast-Modified: Tue, 06 May 2025 19:07:26 GMT\r\nAccept-Ranges: bytes\r\nContent-Length: 215759\r\nKeep-Alive: timeout=5, max=100\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":215759,"size_decoded":216029,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"db422625c03874eec45d7183f3ad0dfa","sha1":"50986eafcb852dd6c09264e33e3cecdca093f5b0","sha256":"417eef8aa263ed33fcd065dbdd692081c451b79b04c9d2a7dda063d133c899c1","sha512":"8f994dd9e5e11f1bd2bfd0e6d17ef16772ef83c62e129306de0e4d3a17c3dcdacf937f7c3c81e8d7e9f1b70158d3b401c4b312555f88d100cd00310d5f7a43cc","ssdeep":"6144:jAgFPZCH3ZUjSm2m0vLI8i+tz+gqyqEodY0C2wVARpxA7qAkjcs7soped1k/t+7S:jyAbDu2","tlshash":"1c240b75765d301cd23fd326bc84b36c1b29e001e74314f5d1d6a5a88bcabe226b6b8d","first_seen":"2025-06-23T17:25:33.858707Z","last_seen":"2026-06-17T16:04:33.796493Z","times_seen":9,"resource_available":false,"data":null}},"time_used":970,"timings":{"blocked":-1,"dns":0,"connect":155,"send":0,"wait":158,"receive":657,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"jdcarnes.davidsabido.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1","fqdn":"jdcarnes.davidsabido.com","domain":"davidsabido.com","tld":"com"},"ip":{"addr":"173.231.196.133","port":80,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://jdcarnes.davidsabido.com/wp-content/2026","date":"2026-06-17T16:04:07.807Z","timestamp":1781712247807,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1\r\nHost: jdcarnes.davidsabido.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://jdcarnes.davidsabido.com/wp-content/2026\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 17 Jun 2026 16:04:08 GMT\r\nServer: Apache\r\nUpgrade: h2,h2c\r\nConnection: Upgrade, Keep-Alive\r\nLast-Modified: Fri, 09 Jun 2023 12:49:24 GMT\r\nAccept-Ranges: bytes\r\nContent-Length: 13577\r\nKeep-Alive: timeout=5, max=100\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":13577,"size_decoded":13860,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (13479)","md5":"9ffeb32e2d9efbf8f70caabded242267","sha1":"3ad0c10e501ac2a9bfa18f9cd7e700219b378738","sha256":"5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89","sha512":"8d6be545508a1c38278b8ad780c3758ae48a25e4e12eee443375aa56031d9b356f8c90f22d4f251140fa3f65603af40523165e33cae2e2d62fc78ec106e3d731","ssdeep":"192:5rprDN+sag6ifKIUpQI99P1tLm9kdgyq1+J3aCJQ+h4MPLORq:5rprxaefKI0LP19m4q1WW+h4Mjp","tlshash":"9952c8adb56679724eb721b8f03bd24f71b205de560d8940d19cc4f6282dc6e812bf78","first_seen":"2023-05-09T19:21:05Z","last_seen":"2026-06-21T18:31:26.246288Z","times_seen":847144,"resource_available":true,"data":null}},"time_used":503,"timings":{"blocked":-1,"dns":0,"connect":168,"send":0,"wait":168,"receive":167,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"jdcarnes.davidsabido.com/wp-content/themes/semplice7/assets/js/shared.scripts.js?ver=7.0.7","fqdn":"jdcarnes.davidsabido.com","domain":"davidsabido.com","tld":"com"},"ip":{"addr":"173.231.196.133","port":80,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://jdcarnes.davidsabido.com/wp-content/2026","date":"2026-06-17T16:04:08.105Z","timestamp":1781712248105,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /wp-content/themes/semplice7/assets/js/shared.scripts.js?ver=7.0.7 HTTP/1.1\r\nHost: jdcarnes.davidsabido.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://jdcarnes.davidsabido.com/wp-content/2026\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 17 Jun 2026 16:04:08 GMT\r\nServer: Apache\r\nLast-Modified: Tue, 06 May 2025 19:07:27 GMT\r\nAccept-Ranges: bytes\r\nContent-Length: 689719\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":689719,"size_decoded":689976,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (33118)","md5":"1c6bc80c17b9a8a600b30b12c1022b28","sha1":"0eaefd6b61278fc22b6c754fc96e1558ae3f10ec","sha256":"2a75048e7abd1b1825b67efba0eb88bfa7a37477f1d6be5c80cf90a4637c7d54","sha512":"f2dba6c8aa6d25c340f603bf7887b01f9f6d1e083fcf4f06302a27e1910e17e1925968486b4769e3577b2ee37f75e01dd8b99c5372efbddefe79169f74e0a867","ssdeep":"12288:O2JY8kVQFzIcJZMO1Y765/rDP+wqGwnD5oZUn1F3j:zm8kVAz4O1Y765/rDP+wqGMDSZU1Fj","tlshash":"69e41a8d7150743502d651aa916f0607b336256d740a84acb27ce8ef6cbcd8d22bffb9","first_seen":"2025-06-23T17:25:33.83001Z","last_seen":"2026-06-17T16:04:33.798625Z","times_seen":28,"resource_available":true,"data":null}},"time_used":475,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":154,"receive":321,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"jdcarnes.davidsabido.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=7.0","fqdn":"jdcarnes.davidsabido.com","domain":"davidsabido.com","tld":"com"},"ip":{"addr":"173.231.196.133","port":80,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://jdcarnes.davidsabido.com/wp-content/2026","date":"2026-06-17T16:04:08.111Z","timestamp":1781712248111,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=7.0 HTTP/1.1\r\nHost: jdcarnes.davidsabido.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://jdcarnes.davidsabido.com/wp-content/2026\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 17 Jun 2026 16:04:08 GMT\r\nServer: Apache\r\nLast-Modified: Fri, 07 Feb 2025 01:27:26 GMT\r\nAccept-Ranges: bytes\r\nContent-Length: 1191\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":1191,"size_decoded":1446,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (1191), with no line terminators","md5":"51300497928562f8c86c7aaba99237cd","sha1":"e5826832b85c6afc6502b74cbb8ac5394b04c363","sha256":"6d161e98e47ae150b51211443eef37040fb6269dcf85ad2048548066dca99e6f","sha512":"04bfdf1a41712238902bc6a0e07efaf356217e98560c52fa5d175c29191617c35853382ce2f69966bdd5e1b40114b872d962a5fad26a9e0b7d4fc016a6dcb833","ssdeep":"","tlshash":"c72121daa848111a51c7246c70e7131c32bdd354d0108528b92ee9df29f5bc9647eb70","first_seen":"2023-03-07T01:06:59Z","last_seen":"2026-06-21T18:03:21.837723Z","times_seen":52598,"resource_available":true,"data":null}},"time_used":364,"timings":{"blocked":195,"dns":0,"connect":0,"send":0,"wait":169,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"jdcarnes.davidsabido.com/wp-content/themes/semplice7/assets/js/frontend.js?ver=7.0.7","fqdn":"jdcarnes.davidsabido.com","domain":"davidsabido.com","tld":"com"},"ip":{"addr":"173.231.196.133","port":80,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://jdcarnes.davidsabido.com/wp-content/2026","date":"2026-06-17T16:04:08.113Z","timestamp":1781712248113,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /wp-content/themes/semplice7/assets/js/frontend.js?ver=7.0.7 HTTP/1.1\r\nHost: jdcarnes.davidsabido.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://jdcarnes.davidsabido.com/wp-content/2026\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 17 Jun 2026 16:04:08 GMT\r\nServer: Apache\r\nLast-Modified: Tue, 06 May 2025 19:07:26 GMT\r\nAccept-Ranges: bytes\r\nContent-Length: 73563\r\nKeep-Alive: timeout=5, max=98\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":73563,"size_decoded":73819,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"27295cf48b6d099d6055e9f57c168a11","sha1":"1efab5de7527cba61945fed4e58ac59e1234aea9","sha256":"a2bc3fb6f54f98909de7a6f5c0cbe732f6b5b344c921c45ea85f8d5bbd34b6d7","sha512":"aad8289cfdc0e18ad1a353800a5c4c752096a82fdf50a03f1341eed75403bac8ee791bd865161856a0f0faa0d77064665e4c545b8011966361ea30a962e0b257","ssdeep":"1536:9h5mEUhEkOp3+OkgKB6uTZP2QXIDiZ7zCXs44QPiFypkzpM3RP8JX0f:9h5mEUCp3+Okj8udPvQiZ7zCcTQPiFyb","tlshash":"22730a59b39134fe01ff66b5544f200a2931a9a1ea0380887626d0b65cfdfad1367fed","first_seen":"2026-06-16T07:03:02.738661Z","last_seen":"2026-06-17T16:04:33.799726Z","times_seen":2,"resource_available":true,"data":null}},"time_used":714,"timings":{"blocked":363,"dns":0,"connect":0,"send":0,"wait":176,"receive":175,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"jdcarnes.davidsabido.com/wp-content/themes/semplice7/assets/fonts/inter.woff2","fqdn":"jdcarnes.davidsabido.com","domain":"davidsabido.com","tld":"com"},"ip":{"addr":"173.231.196.133","port":80,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://jdcarnes.davidsabido.com/wp-content/2026","date":"2026-06-17T16:04:08.883Z","timestamp":1781712248883,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /wp-content/themes/semplice7/assets/fonts/inter.woff2 HTTP/1.1\r\nHost: jdcarnes.davidsabido.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://jdcarnes.davidsabido.com/wp-content/2026\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 17 Jun 2026 16:04:08 GMT\r\nServer: Apache\r\nLast-Modified: Tue, 06 May 2025 19:07:26 GMT\r\nAccept-Ranges: bytes\r\nContent-Length: 224744\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: font/woff2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":224744,"size_decoded":224989,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 224744, version 1.0","md5":"57fa490cecd74c7c8cab3d5e4b895e64","sha1":"b6db24116bed3d9d7949d4b216ddbd8bdb978155","sha256":"ed38b29cfa2fc0d12d0ed4ed265228de9bd4c733d1ce007b54b4655928697420","sha512":"43e379f9e81e21759667631dca9e2e17f6ce502adef1914e73edf49743a86db5b6b188485f0b9c039896c84d3e1ec4e410480d27c79385124561e9e0aa75899b","ssdeep":"6144:bwXjCKhm1m3W91qoVEy2gF9Z4TPT9oTnACZHZFz3FvV39:bwXjllG91qqRbZ4TPh+nAYZ3","tlshash":"632423af9a7d78dcb7758dd9f4ecd682d1e00e2de8b6211a22b11da12f70d180d1f160","first_seen":"2023-05-02T22:09:26Z","last_seen":"2026-06-17T16:04:33.800943Z","times_seen":240,"resource_available":false,"data":null}},"time_used":314,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":157,"receive":157,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"jdcarnes.davidsabido.com/wp-content/uploads/2025/05/Logo_CLaro.png","fqdn":"jdcarnes.davidsabido.com","domain":"davidsabido.com","tld":"com"},"ip":{"addr":"173.231.196.133","port":443,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://jdcarnes.davidsabido.com/wp-content/2026","date":"2026-06-17T16:04:07.949Z","timestamp":1781712247949,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.bonanza2.davidsabido.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 May 2026 23:17:55 GMT","end":"Sun, 02 Aug 2026 23:17:54 GMT"},"fingerprint":{"sha1":"A6:EF:8E:4D:5B:C8:E6:58:13:57:DD:34:65:04:32:0B:89:5F:8E:BE","sha256":"08:6C:95:87:30:D4:90:B0:9B:89:32:F6:D3:0B:6B:B3:6A:EC:40:25:CE:59:09:ED:65:E9:8A:9A:5D:C4:8B:DA"}}},"request":{"raw":"GET /wp-content/uploads/2025/05/Logo_CLaro.png HTTP/1.1\r\nHost: jdcarnes.davidsabido.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://jdcarnes.davidsabido.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nlast-modified: Tue, 06 May 2025 21:36:27 GMT\r\naccept-ranges: bytes\r\ncontent-length: 8010\r\ncontent-type: image/png\r\ndate: Wed, 17 Jun 2026 16:04:09 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":8010,"size_decoded":8213,"mime_type":"image/png","magic":"PNG image data, 495 x 105, 8-bit/color RGBA, non-interlaced","md5":"b5ad5d55a994016ed1bc32334c8413e0","sha1":"035610ab9f6d053430f406aa7f4672871e6aa50d","sha256":"49b0687f309fb8d3d0b115fb655c9161d4f8b62c07482eff35d9b8bb755eec74","sha512":"8c6f5f9ace5e2f7261c02a8682e86b57efa849a5520bc91c8d10ea679dbd924b1196442b0525c3912ac0d129e8da7bdd0898a545e24dd72b501753e670d1797b","ssdeep":"96:ZO7d/yvnhFg84d4kawbSSkXRjZRPwC0hnroKdSBXDoewySMu3qo9+0ZEoItr06Ze:ytkBHpUKMM0qo9r5IiMvpXvxN2jv3oM","tlshash":"d7f1bedd7423340bf64f00a4092675ddb098de6119bb89c2c36ff2ba1e5ab1895ca2b4","first_seen":"2026-06-17T16:04:33.801435Z","last_seen":"2026-06-17T16:04:33.801435Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1436,"timings":{"blocked":817,"dns":0,"connect":156,"send":0,"wait":304,"receive":0,"ssl":159},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"jdcarnes.davidsabido.com/wp-content/themes/semplice7/assets/js/frontend.scripts.js?ver=7.0.7","fqdn":"jdcarnes.davidsabido.com","domain":"davidsabido.com","tld":"com"},"ip":{"addr":"173.231.196.133","port":80,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://jdcarnes.davidsabido.com/wp-content/2026","date":"2026-06-17T16:04:08.107Z","timestamp":1781712248107,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /wp-content/themes/semplice7/assets/js/frontend.scripts.js?ver=7.0.7 HTTP/1.1\r\nHost: jdcarnes.davidsabido.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://jdcarnes.davidsabido.com/wp-content/2026\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 17 Jun 2026 16:04:08 GMT\r\nServer: Apache\r\nLast-Modified: Tue, 06 May 2025 19:07:26 GMT\r\nAccept-Ranges: bytes\r\nContent-Length: 51849\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":51849,"size_decoded":52105,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (30511)","md5":"720800daaa49d9c321c5475fda6b5f45","sha1":"0190216b8bf72bd8ae18234cdfcf2c16d73deb63","sha256":"617c9ce737a7685244a31a88a5f16ba2cc165dfd8fef75b47a179630b1472f07","sha512":"a50db9f8d5b14198911e1063896cba005bcefda4d695a2d5501c2aeeffeb7b833ab4307f477e271267b43a1713c2c22ce2b022f6647d43d7a73b8ed6c70885df","ssdeep":"768:/xMt5KgSFGMOx7PP/3HcXwesZ1QsLwtCITdEzcZK7dSSPFCY:SSbOBH3HcXwesZ1QsYCITdEzX7ASPFd","tlshash":"fa334bdc719136ab43d7a176107fe50e323319a6680aa0447939c8f67cb8e5d523fe6c","first_seen":"2025-06-23T17:25:33.794236Z","last_seen":"2026-06-17T16:04:33.80228Z","times_seen":41,"resource_available":true,"data":null}},"time_used":468,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":154,"receive":314,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"jdcarnes.davidsabido.com/wp-content/uploads/2025/05/IBMPlexMono-Light.ttf","fqdn":"jdcarnes.davidsabido.com","domain":"davidsabido.com","tld":"com"},"ip":{"addr":"173.231.196.133","port":443,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://jdcarnes.davidsabido.com/wp-content/2026","date":"2026-06-17T16:04:08.887Z","timestamp":1781712248887,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.bonanza2.davidsabido.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 May 2026 23:17:55 GMT","end":"Sun, 02 Aug 2026 23:17:54 GMT"},"fingerprint":{"sha1":"A6:EF:8E:4D:5B:C8:E6:58:13:57:DD:34:65:04:32:0B:89:5F:8E:BE","sha256":"08:6C:95:87:30:D4:90:B0:9B:89:32:F6:D3:0B:6B:B3:6A:EC:40:25:CE:59:09:ED:65:E9:8A:9A:5D:C4:8B:DA"}}},"request":{"raw":"GET /wp-content/uploads/2025/05/IBMPlexMono-Light.ttf HTTP/1.1\r\nHost: jdcarnes.davidsabido.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: http://jdcarnes.davidsabido.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://jdcarnes.davidsabido.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nlast-modified: Tue, 06 May 2025 22:23:38 GMT\r\naccept-ranges: bytes\r\ncontent-length: 133392\r\ncontent-type: font/ttf\r\ndate: Wed, 17 Jun 2026 16:04:09 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":16285,"size_decoded":16489,"mime_type":"font/ttf","magic":"TrueType Font data, 17 tables, 1st \"GDEF\", 22 names, Microsoft, language 0x409","md5":"8bf7a529ed2e8a4fe57950f29e2cbf36","sha1":"c138441b475adce4b2e6333173694b4dbe0fb6ab","sha256":"4a210e9e19c0a590251e913370d1bdc9f47a35319e25d29f610bf401cf341de1","sha512":"d6fc29073e026e6b45a7eeadbc0b84f0bdae2e470a04610edbb9bda4dfee1037291acdcc89e1ec4dae13302541773f2d10b547a676e83929c36591d86f61207f","ssdeep":"384:lliSv8FuY6pJv5/TuL0yS4d901dMoboooRlpIM:lli1ZMvxM9Sy9Dl+M","tlshash":"6172a653ae96a755f0a22e3155b1fb726729a31b5f35c34e701ec80cacd28dc8ced261","first_seen":"2026-06-17T16:04:33.802872Z","last_seen":"2026-06-17T16:04:33.802872Z","times_seen":1,"resource_available":false,"data":null}},"time_used":629,"timings":{"blocked":-1,"dns":0,"connect":153,"send":0,"wait":305,"receive":12,"ssl":157},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"jdcarnes.davidsabido.com/wp-content/uploads/2025/05/JD-Favicon-1.png","fqdn":"jdcarnes.davidsabido.com","domain":"davidsabido.com","tld":"com"},"ip":{"addr":"173.231.196.133","port":443,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://jdcarnes.davidsabido.com/wp-content/2026","date":"2026-06-17T16:04:09.817Z","timestamp":1781712249817,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.bonanza2.davidsabido.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 May 2026 23:17:55 GMT","end":"Sun, 02 Aug 2026 23:17:54 GMT"},"fingerprint":{"sha1":"A6:EF:8E:4D:5B:C8:E6:58:13:57:DD:34:65:04:32:0B:89:5F:8E:BE","sha256":"08:6C:95:87:30:D4:90:B0:9B:89:32:F6:D3:0B:6B:B3:6A:EC:40:25:CE:59:09:ED:65:E9:8A:9A:5D:C4:8B:DA"}}},"request":{"raw":"GET /wp-content/uploads/2025/05/JD-Favicon-1.png HTTP/1.1\r\nHost: jdcarnes.davidsabido.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://jdcarnes.davidsabido.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nlast-modified: Mon, 12 May 2025 20:01:45 GMT\r\naccept-ranges: bytes\r\ncontent-length: 1303\r\ncontent-type: image/png\r\ndate: Wed, 17 Jun 2026 16:04:09 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":1303,"size_decoded":1506,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"097f70b1e9a6fd5d0af5382fe173044a","sha1":"3dc1a2626ec1e68dc91a6735bda57169901cf3c7","sha256":"acd6c4ab8ce460f2405c33ebabe2b2bf8063dfe82280bb3a66caeddb05f1e36a","sha512":"00a22f24c4a67c612cbdd9c21d1e571681f7d790785cb56d6f256bd38883de8d8b318d5f037432262d16cb8724208bb0b589d3a4363cd2dee955b5c0d47f87d4","ssdeep":"","tlshash":"db21f8e2f206c514d30a2b2983066722a972b83819fc43a87120b6f70750eba0b0ad1e","first_seen":"2026-06-16T07:03:02.769872Z","last_seen":"2026-06-17T16:04:33.803859Z","times_seen":2,"resource_available":false,"data":null}},"time_used":162,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":162,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"jdcarnes.davidsabido.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}