Do you really want to trust getting your "news" from a website that still uses PHP 5.x?
You aren't even using an intermediate CDN caching layer.
Amateur hour over at OANN.
Conversation
I'm more concerned that they haven't configured their server to hide versions than that specific version. This tells me that they are likely using 100% default installations and that means default vulnerabilities.
1
3
EOL for PHP 5.6 was 2018. And there is a list of known vulnerabilities.
1
3
And they're using Wordpress if I'm not mistaken. They are vulnerable to some pretty serious stuff if they haven't done a spectacular job back porting and locking down their network. This is like finding a Windows Server 2003 machine running a website in IIS 6. 😬
1
2