{"report_id":"67b09f9c-4718-4c1c-a9b7-1936b851c39d","version":6,"status":"done","tags":[],"date":"2026-01-02T19:01:19Z","url":{"schema":"http","addr":"a.sia-kora.live/premium-1/","fqdn":"a.sia-kora.live","domain":"sia-kora.live","tld":"live"},"ip":{"addr":"104.21.59.127","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"a.sia-kora.live/premium-1/","fqdn":"a.sia-kora.live","domain":"sia-kora.live","tld":"live"},"title":"قناة بي ان سبورت بريميوم الاولى beIN Premium 1HD – sai","dom":{"size":4141,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1132)","md5":"eb60cd1629ce367deab15ccab123cc4f","sha1":"a67558132944fdf98efcbe1f6f9b370f6cb4166a","sha256":"a920465235a71078da6ac54661a45d7ba85d4a30578aa64c19fee6952f16604c","sha512":"99ab468c68ff53013ecff3a6285c8f14264852e6bd096e4261f9c28f4eadf16df1c41351fe9788da0be275b709e6813615bb02f6a8fbfcf9634b36c313a40803","ssdeep":"96:PTbbsDL2pc8Wv8o+vgiFJHBIcAiyUhC4dSYrb0SPRWzjJkZ3EHNgU:PTb4f18W87BBGiywC4dSAb0YR2FkZ3E5","tlshash":"7d8195338de0a9322712c649a129348d70b75c2b9d52c70db9ff9259d78ced8039eda7","dom_hash":"domhash865b231cc36e7f498595c7d68693e82f","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"a.sia-kora.live/premium-1/","fqdn":"a.sia-kora.live","domain":"sia-kora.live","tld":"live"},"ip":{"addr":"104.21.59.127","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-06T19:01:19Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"a.sia.watch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"a.sia-kora.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.251.38.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2025-12-28T22:17:36.419718Z","alert_count":0,"request_count":1,"received_data":433917,"sent_data":436,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"a.sia.watch","ip":{"addr":"172.67.202.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-12-09","domain_rank":0,"first_seen":"2025-12-25T19:17:24.097001Z","last_seen":"2025-12-25T19:17:24.097001Z","alert_count":1,"request_count":1,"received_data":233339,"sent_data":469,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Engintron","description":"Engintron is a plugin that integrates Nginx to cPanel/WHM server.","website":"https://github.com/engintron/engintron","common_platform_enumeration":"","icon":"engintron.png","categories":["Web server extensions"]}]},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2025-12-28T22:20:33.111263Z","alert_count":0,"request_count":1,"received_data":214576,"sent_data":440,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"a.sia-kora.live","ip":{"addr":"104.21.59.127","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-01-02T19:01:20.47623Z","last_seen":"2026-01-02T19:01:20.47623Z","alert_count":1,"request_count":1,"received_data":60204,"sent_data":494,"comment":"","tags":null,"fingerprints":[{"name":"Engintron","description":"Engintron is a plugin that integrates Nginx to cPanel/WHM server.","website":"https://github.com/engintron/engintron","common_platform_enumeration":"","icon":"engintron.png","categories":["Web server extensions"]},{"name":"WordPress Super Cache","description":"WordPress Super Cache is a static caching plugin for WordPress.","website":"https://z9.io/wp-super-cache/","common_platform_enumeration":"","icon":"wp_super_cache.png","categories":["Caching","WordPress plugins"]},{"name":"Yoast SEO:26.6","description":"Yoast SEO is a search engine optimisation plugin for WordPress and other platforms.","website":"https://yoast.com/wordpress/plugins/seo/","common_platform_enumeration":"","icon":"Yoast SEO.png","categories":["SEO","WordPress plugins"]},{"name":"WordPress","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"www.kooralive.fans","ip":{"addr":"172.67.212.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-11-08","domain_rank":0,"first_seen":"2026-01-02T19:01:20.478826Z","last_seen":"2026-01-02T19:01:20.478826Z","alert_count":0,"request_count":1,"received_data":14588,"sent_data":469,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Engintron","description":"Engintron is a plugin that integrates Nginx to cPanel/WHM server.","website":"https://github.com/engintron/engintron","common_platform_enumeration":"","icon":"engintron.png","categories":["Web server extensions"]}]},{"fqdn":"ipapi.co","ip":{"addr":"104.26.8.44","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2016-04-19","domain_rank":7936,"first_seen":"2017-01-31T09:07:01Z","last_seen":"2025-12-30T12:31:20.408834Z","alert_count":0,"request_count":1,"received_data":2474,"sent_data":431,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"c.sia-kora.live","ip":{"addr":"104.21.59.127","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":3,"received_data":61007,"sent_data":1542,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Engintron","description":"Engintron is a plugin that integrates Nginx to cPanel/WHM server.","website":"https://github.com/engintron/engintron","common_platform_enumeration":"","icon":"engintron.png","categories":["Web server extensions"]}]},{"fqdn":"d.sia.watch","ip":{"addr":"172.67.202.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-12-09","domain_rank":0,"first_seen":"2026-01-02T19:01:20.473265Z","last_seen":"2026-01-02T19:01:20.473265Z","alert_count":0,"request_count":1,"received_data":4816,"sent_data":533,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"e.sia.watch","ip":{"addr":"172.67.202.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-12-09","domain_rank":0,"first_seen":"2026-01-02T19:01:20.478833Z","last_seen":"2026-01-02T19:01:20.478833Z","alert_count":0,"request_count":3,"received_data":36965,"sent_data":1493,"comment":"","tags":null,"fingerprints":[{"name":"Engintron","description":"Engintron is a plugin that integrates Nginx to cPanel/WHM server.","website":"https://github.com/engintron/engintron","common_platform_enumeration":"","icon":"engintron.png","categories":["Web server extensions"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"WordPress Super Cache","description":"WordPress Super Cache is a static caching plugin for WordPress.","website":"https://z9.io/wp-super-cache/","common_platform_enumeration":"","icon":"wp_super_cache.png","categories":["Caching","WordPress plugins"]},{"name":"WordPress","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]}]},{"fqdn":"13.syria-live.space","ip":{"addr":"52.84.50.91","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2025-12-03","domain_rank":0,"first_seen":"2026-01-02T19:01:20.47417Z","last_seen":"2026-01-02T19:01:20.47417Z","alert_count":0,"request_count":1,"received_data":616,"sent_data":442,"comment":"","tags":null,"fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"a.sia-kora.live/premium-1/","fqdn":"a.sia-kora.live","domain":"sia-kora.live","tld":"live"},"ip":{"addr":"104.21.59.127","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"8b9cef20f52d7bb4e2e38aa560fe4dde","sha1":"da04df47f45eb28f8ad0cb8c0a71040d4746a449","sha256":"90f4f1801f41515b91d9d440a25bb5958e929ddc450119a10712d820da4492c6","sha512":"acd968435af1bfc114ab4fe72c2657f8edfcce9749f6ae83146e484fa2c3061a0405309dda731d6c059222943793c287d4b2b445f7adf6c29689cff6c0f85b85","ssdeep":"","tlshash":"b3c08c3400104e3509ea08cef1b0e3ec3eb80800a80a2471407e84982720ecdc120ac9","size":152,"data":"","first_seen":"2025-01-29T13:48:30.498039Z","last_seen":"2026-03-22T20:47:49.819157Z","times_seen":85,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.sia-kora.live/premium-1/","fqdn":"a.sia-kora.live","domain":"sia-kora.live","tld":"live"},"ip":{"addr":"104.21.59.127","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"ec2fe65ea61a60365a48b780eecd88aa","sha1":"8ec01c4cbcf78d25db9605bfaac6b98ab0f91b73","sha256":"64d7a48607b633097fbcb28b12569409f371c3b5d4b0857b78e80a445221c614","sha512":"b161f70b750620140a78b26f856de730278124a786d6dd7f5420ecac238949324812e14a24235ac4b25190e52f1db1838c42847d5fb11d27ef96707b3bb4614d","ssdeep":"","tlshash":"00c02b8c261b4c70d2f727008b3fb700f002321494e16931490d63044d30e07d744820","size":153,"data":"","first_seen":"2026-01-02T19:01:26.051869Z","last_seen":"2026-01-02T19:01:26.051869Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.sia-kora.live/premium-1/","fqdn":"a.sia-kora.live","domain":"sia-kora.live","tld":"live"},"ip":{"addr":"104.21.59.127","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"b085263f39dc36148c4c788464b31f3d","sha1":"d7d8cb60cc9ffa6caebc4b4b62e4e492342ab68b","sha256":"d28f75b0f7d0af626508146178b166466752f9b1d18892108f7012d656960683","sha512":"2a5665d6bb032b1c2ca897f2a0de48c6fe189f47cfef7751402197f2a7c6667a2bf46105c99c54d225e7dc7545fe9e07290c2ec988e7f44627cb499dfe23cbd2","ssdeep":"","tlshash":"fbe02ba106e501561b37d0aae1bffa12e0736e2bc688c3593ce205680f425d0b8485f1","size":296,"data":"","first_seen":"2026-01-02T19:01:26.053853Z","last_seen":"2026-01-02T19:01:26.053853Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-GDP6F72XMD","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.38.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"dc9329222d2f560522f8001bbbe125ed","sha1":"c595d948748ae043dbbec9ec29d16f696381b128","sha256":"69e0d4b3676bd40f9e096a960914fd00db13ab8177808187d15fb10de7d31ca5","sha512":"6ff88c418c95fc1f83ba376947d9e95f8d4229d10db48b24a932f4692e8fffcbc2d12de133d5bead7e447c39b8033ed06ec5428efb582f904d81de41b9f60940","ssdeep":"6144:HI37nTmlObujKYz1U95efDHHYOyQFzvnsdRiCjFW5ajaJddpC1xY:HiTpbuNz1cEVnsdrpWjNpb","tlshash":"a9941ace73c674269396e078503f118ba57b29e2b45cc896f189cce01e74a9a4277f7c","size":433313,"data":"","first_seen":"2026-01-02T19:01:26.029424Z","last_seen":"2026-01-02T19:01:26.029424Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"e.sia.watch/wp-content/plugins/AlbaPlayer//assets/js/albaplayer.js","fqdn":"e.sia.watch","domain":"sia.watch","tld":"watch"},"ip":{"addr":"172.67.202.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"4edd87322f246f6c5c0b3d2fb0d204ae","sha1":"12e92acb11f80b8b409c8a24893a0907dbcbed78","sha256":"587cee8a94747a6aae8d17ac1b5bb2823588ba299564aa894b5c1f3b28c1d573","sha512":"232fdf5402df0c6adfd3be02bf8a55a712a58c42dded40e70a86d6e9edce1bd52775125c2a723024b5f8a979de6ccfe64a87ffa939e474744930680571eed861","ssdeep":"384:Xe/3v6xxfdMsqMd/2nf+4VzUOaH1taYo3Ge0gbzJK:Xe/3vCxfdTqMh2nxVzUOaH1toWe0gbzc","tlshash":"1072b5319fa4347767131afb766a90c0e75e580e79046c8ef58abc0e5ee6625c2c0a37","size":17120,"data":"","first_seen":"2024-05-24T19:02:40Z","last_seen":"2026-03-21T01:57:55.562536Z","times_seen":177,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.sia-kora.live/premium-1/","fqdn":"a.sia-kora.live","domain":"sia-kora.live","tld":"live"},"ip":{"addr":"104.21.59.127","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"e33d513e2083b46d0c25a11891aa7597","sha1":"5cfe28b202d785efc947f25faf0037600459bacb","sha256":"b4b49d4d31bafde40cecd2f1810924311d1c8e3809fbaaddc3a1578c3e18b34e","sha512":"b8eaa67c571f07d22bff4ba0eb8c68013e61f72995ea9feffff0af1692880759196cfdf8a7fc939da31a74b2614008253fd8a5afe5f0d5b5de722af7ca79cf2c","ssdeep":"192:Pv8ln2QiPEMOUEYUDQGAnEYNsGIux/aIZmy1rSxUW:PMnbiPEMOUEYU0GnYNs5ulaIZH1rEUW","tlshash":"0be1c51d7186b2bab6e762bc820f460a71326156e085d494e03ad4d6dcf4edbb123e3c","size":7327,"data":"","first_seen":"2024-06-29T17:18:17Z","last_seen":"2026-04-01T02:27:18.802859Z","times_seen":123,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.sia-kora.live/premium-1/","fqdn":"a.sia-kora.live","domain":"sia-kora.live","tld":"live"},"ip":{"addr":"104.21.59.127","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"f435c476cf254f16e64ee6a2f7efa0cd","sha1":"da0ae528690512ae44cede2e123a9933034a08a4","sha256":"e3001f5c68fc830b595130579d4d75a2ae2e0b8e2081bcb24fba434454ca68a6","sha512":"e00f66c7cc485ec44edd39a2b2c7877405f854dafce2333b152336bf570e392a204f55ff84b31956c2ee7c45f483706ac68bcefb5e136597296116042271c777","ssdeep":"","tlshash":"9ae04f7570206f3541ed48eef3e297e87a341404654915b0612fd85d2ab8a8d0261edf","size":326,"data":"","first_seen":"2025-01-19T14:49:21.584865Z","last_seen":"2026-04-01T02:27:18.804753Z","times_seen":101,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.sia-kora.live/premium-1/","fqdn":"a.sia-kora.live","domain":"sia-kora.live","tld":"live"},"ip":{"addr":"104.21.59.127","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d1e965a16d45471bb22b5735d0133499","sha1":"31560d03a457629d3920d5eeb4029064b634546e","sha256":"d123253ec721c84d8779d6a57a6e50cfac6967185553703d681a6098433aa228","sha512":"01c5689b52d3a9771f43a05212069308b78fddb85b1efc6e84d527df2a205c7bc63c771dbb41bed4c0fd44bfc1d77317d1518bbfefdb6df56cc2626a34bb0531","ssdeep":"192:AiD+YrzC5jCRAktB+mGUO5oyprIGAUQmubDjKtYdA3k9Z:AibrzCE/ghIGAUkHKtYdA3I","tlshash":"fdd1612867e13881569a9feb31277494d12ec84f3d780c45e6a47dc83c9471aebddb34","size":6305,"data":"","first_seen":"2025-01-29T13:48:30.504604Z","last_seen":"2026-04-01T02:27:18.811011Z","times_seen":56,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.sia-kora.live/premium-1/","fqdn":"a.sia-kora.live","domain":"sia-kora.live","tld":"live"},"ip":{"addr":"104.21.59.127","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"ca41ab134540a73aeeabed0ddaea13cb","sha1":"2aafe587ddfa7af9e93ea119dde5a3560e02c778","sha256":"b6f79ad10c57509c1a58359271dffd023e5333f770e67e93bb6e1627d699b22c","sha512":"7aebf99a145b155fa3c68cf1625363885a699ae6851f360ee925aff8534c8a49a015c99416c747c2253934af830d60ebef94a6ef3af5a9c5bb17b61ee1ee3f75","ssdeep":"","tlshash":"91a012451391148089068c24010f9008102131571483c90b230d65409e8d65c021746d","size":80,"data":"","first_seen":"2026-01-02T19:01:26.060686Z","last_seen":"2026-01-05T17:37:55.60629Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"e.sia.watch/albaplayer/pemium-1/","fqdn":"e.sia.watch","domain":"sia.watch","tld":"watch"},"ip":{"addr":"172.67.202.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"71426359114394d66e13aa7d6d2de8a4","sha1":"477170d045b25dda08bac7ab5b9afe0b23a8ea10","sha256":"a610e81aed78a468ab033c7e7520a47ab8d41f4538fe4e6f9b18e80815dd2013","sha512":"7daf871fad5b0fae9f23fa883cdf7fb56c34361a395e992ee8ffd2688e5f5436a392a758a4a2c05725874754a82816fc39f6fd2d65df87e9d15788fbd8bc1056","ssdeep":"","tlshash":"09c08c3340d89404124ac885800b2889b5261c2677448be4ea19e00ca1cfa2d0144468","size":145,"data":"","first_seen":"2025-12-25T19:17:31.023956Z","last_seen":"2026-01-11T20:00:26.25247Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"e.sia.watch/albaplayer/pemium-1/","fqdn":"e.sia.watch","domain":"sia.watch","tld":"watch"},"ip":{"addr":"172.67.202.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"3130bb1aceebe2ee71d6ac0e2af60470","sha1":"74fe071d4e04956de66cfca30198dac1126b62f3","sha256":"3ef5dc60899fc6e9025351be9c60fe01c2720780949d3e814ec1e067eab9edf2","sha512":"980e80d7d336634c2d61920937bb9075c83ac507b6bb1148712041f521f3c92e2768fd22a3189a6e48a87660969c98f22ea71aa63f62bea551ef2e17ba853a8c","ssdeep":"","tlshash":"19a012156cb42a51642a505aa48105b4650425350cd0026b86c3f80a11c97380043538","size":84,"data":"","first_seen":"2026-01-02T19:01:26.063471Z","last_seen":"2026-01-03T16:00:05.695727Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"e.sia.watch/albaplayer/pemium-1/","fqdn":"e.sia.watch","domain":"sia.watch","tld":"watch"},"ip":{"addr":"172.67.202.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"4ee97f2871ba08bfb34478b418cd220d","sha1":"3bd09f460a3c0bd442387716bc362e908fc20629","sha256":"81d2c836583d2893e7d98a6cf2c9f6a4861e87b4941186137d546b6a3494fc6f","sha512":"70be9080b536b7a6d48e57b32b29b82a7ae76b4857d0284e3ca724b2ed828f37d7f94a142fdd8db91b2c05dde76f4b958c32626d90f3a9c187359bc0093416b5","ssdeep":"","tlshash":"3ba012341a1085700295611b23cea900063240457440110000040c440c9484c3181a27","size":78,"data":"","first_seen":"2024-08-19T21:54:42.11135Z","last_seen":"2026-03-21T23:48:16.28677Z","times_seen":83,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/hls.js/8.0.0-beta.3/hls.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e1983d10d9d03c12e99550b2bceef13a","sha1":"286c1382b0805e3bc08fae96d27737f8ac45e1bf","sha256":"8df32db012dbcdb5c730495789f026e3eb2f331376eecde77c7eb692708ddc0b","sha512":"f63a09abb849d1a6bd41408d3ff55e7f42e0f54fd9d17a75b55df9e30b8bff94a79f3f66192623e105191ee9eaac26b2e2453c629c8a4b136c5a9e621cf5501c","ssdeep":"3072:DQL+5S5hpbNn5EvvDHvJtiFPlyYtoLZeo:DQn5hpx5EvvFtixQSo","tlshash":"e3241a99b7b560654283a1a5503f060a7236b81eb405c0fcfb6bdaf75cb484e643bf78","size":213559,"data":"","first_seen":"2023-03-08T20:09:01Z","last_seen":"2026-03-26T18:00:19.558563Z","times_seen":522,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"c.sia-kora.live/wp-content/uploads/2025/11/cropped-tv-koora.live-4-scaled-1-192x192.png","fqdn":"c.sia-kora.live","domain":"sia-kora.live","tld":"live"},"ip":{"addr":"104.21.59.127","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://a.sia-kora.live/premium-1/","date":"2026-01-02T19:00:57.245Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sia-kora.live","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Dec 2025 18:34:25 GMT","end":"Fri, 20 Mar 2026 19:33:09 GMT"},"fingerprint":{"sha1":"2E:3A:37:D9:31:CF:56:C1:F7:ED:BC:2A:F4:F1:A7:4B:10:19:1E:8B","sha256":"DB:8F:50:6D:78:00:C4:F4:5B:01:4C:7C:F4:43:B1:97:D7:7A:27:EF:FE:88:EF:3F:31:05:A0:9E:8B:A6:EF:CA"}}},"request":{"raw":"GET /wp-content/uploads/2025/11/cropped-tv-koora.live-4-scaled-1-192x192.png HTTP/1.1\r\nHost: c.sia-kora.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://a.sia-kora.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 02 Jan 2026 19:00:57 GMT\r\ncontent-type: image/png\r\ncontent-length: 17729\r\nlast-modified: Wed, 24 Dec 2025 20:29:39 GMT\r\nexpires: Sun, 01 Mar 2026 15:06:57 GMT\r\ncache-control: max-age=5184000\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-nginx-upstream-cache-status: STALE\r\nx-server-powered-by: Engintron\r\naccept-ranges: bytes\r\nage: 186840\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9NL2PyNGRSBmA8nmx26ts6ysN23EsyG470JRGOb9ERRCn72igSgjkFoMxDEjbyOcld263WCocd04jnKqJjG0eFvLhg0JmZ8aPLB78F8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=6,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9b7c8091bb2c5687-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Engintron","description":"Engintron is a plugin that integrates Nginx to cPanel/WHM server.","website":"https://github.com/engintron/engintron","common_platform_enumeration":"","icon":"engintron.png","categories":["Web server extensions"]}],"data":{"size":17729,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced","md5":"0fcfd911b7d630c40028ef30c16a24ec","sha1":"8e6a4614f31da1b51490f784d47836125e46006a","sha256":"5e1e1cb7352a7a28e8f3578ccefb92fdbd51c23484af1e05c9ef256b3b2023a3","sha512":"a2559ade289ecfa7e4e59c822a0ab0dc922c1656c6fd988f83c8b6741c020a6692d8934c72b07317114b00b6a9b7ca6654a865d9f5b40f2e8260890d66844bc0","ssdeep":"384:fMm5vlBbKAm0qiLkburIyDNBLC1ajo3C1bu+ZjhlvxCoKcmDL:920qigbur9vLRjo3C5tVABDL","tlshash":"e682d1dc8cd6b6fc266562bd51d42974c2f0bf5cc0b2cba4deeba831cd291d21518245","first_seen":"2026-01-02T19:01:26.028346Z","last_seen":"2026-01-02T19:01:26.028346Z","times_seen":1,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-GDP6F72XMD","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.38.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://a.sia-kora.live/premium-1/","date":"2026-01-02T19:00:56.864Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:49:27 GMT","end":"Wed, 25 Feb 2026 15:49:26 GMT"},"fingerprint":{"sha1":"2C:B9:1B:62:2A:F9:04:B9:16:E2:30:B0:A8:B2:85:0C:68:BC:79:25","sha256":"AE:CB:A0:2C:92:1E:CB:D2:CB:6C:0D:37:5E:A2:4E:27:AE:4E:CA:0C:EC:53:D5:50:E6:C1:3D:EB:17:C1:F2:C9"}}},"request":{"raw":"GET /gtag/js?id=G-GDP6F72XMD HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://a.sia-kora.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Fri, 02 Jan 2026 19:00:57 GMT\r\nexpires: Fri, 02 Jan 2026 19:00:57 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 143150\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":433313,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6031)","md5":"dc9329222d2f560522f8001bbbe125ed","sha1":"c595d948748ae043dbbec9ec29d16f696381b128","sha256":"69e0d4b3676bd40f9e096a960914fd00db13ab8177808187d15fb10de7d31ca5","sha512":"6ff88c418c95fc1f83ba376947d9e95f8d4229d10db48b24a932f4692e8fffcbc2d12de133d5bead7e447c39b8033ed06ec5428efb582f904d81de41b9f60940","ssdeep":"6144:HI37nTmlObujKYz1U95efDHHYOyQFzvnsdRiCjFW5ajaJddpC1xY:HiTpbuNz1cEVnsdrpWjNpb","tlshash":"a9941ace73c674269396e078503f118ba57b29e2b45cc896f189cce01e74a9a4277f7c","first_seen":"2026-01-02T19:01:26.029424Z","last_seen":"2026-01-02T19:01:26.029424Z","times_seen":1,"resource_available":true,"data":null}},"time_used":419,"timings":{"blocked":174,"dns":1,"connect":7,"send":0,"wait":31,"receive":36,"ssl":167},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"d.sia.watch/albaplayer/pemium-1/","fqdn":"d.sia.watch","domain":"sia.watch","tld":"watch"},"ip":{"addr":"172.67.202.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://a.sia-kora.live/premium-1/","date":"2026-01-02T19:00:56.875Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sia.watch","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 09 Dec 2025 19:14:04 GMT","end":"Mon, 09 Mar 2026 20:10:24 GMT"},"fingerprint":{"sha1":"19:1C:4C:6B:FA:DA:7A:71:07:9A:F3:2B:1B:6E:4A:5E:39:33:BD:87","sha256":"19:E5:EC:C3:36:E5:B2:1E:0C:8A:8A:4F:61:E2:4E:83:60:D8:4C:47:A2:2C:0B:18:59:E8:21:86:AA:19:36:9E"}}},"request":{"raw":"GET /albaplayer/pemium-1/ HTTP/1.1\r\nHost: d.sia.watch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://a.sia-kora.live/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\ndate: Fri, 02 Jan 2026 19:00:56 GMT\r\ncontent-length: 0\r\nlocation: https://e.sia.watch/albaplayer/pemium-1/\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=seVxDCioK08ve4XsVyr4iKLGm%2FKcBH%2Fo1Qj5QfJaGNSS9mvPmOndoVf3BdKSgnxHsWIiRqQf8Owbu%2ByiHf5JLeLX9daMoUEaDQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 9b7c808fcb235695-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4260,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T18:31:03.533086Z","times_seen":13299059,"resource_available":true,"data":null}},"time_used":111,"timings":{"blocked":53,"dns":7,"connect":1,"send":0,"wait":4,"receive":0,"ssl":43},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"e.sia.watch/wp-content/plugins/AlbaPlayer//assets/js/albaplayer.js","fqdn":"e.sia.watch","domain":"sia.watch","tld":"watch"},"ip":{"addr":"172.67.202.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://e.sia.watch/albaplayer/pemium-1/","date":"2026-01-02T19:00:57.240Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sia.watch","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 09 Dec 2025 19:14:04 GMT","end":"Mon, 09 Mar 2026 20:10:24 GMT"},"fingerprint":{"sha1":"19:1C:4C:6B:FA:DA:7A:71:07:9A:F3:2B:1B:6E:4A:5E:39:33:BD:87","sha256":"19:E5:EC:C3:36:E5:B2:1E:0C:8A:8A:4F:61:E2:4E:83:60:D8:4C:47:A2:2C:0B:18:59:E8:21:86:AA:19:36:9E"}}},"request":{"raw":"GET /wp-content/plugins/AlbaPlayer//assets/js/albaplayer.js HTTP/1.1\r\nHost: e.sia.watch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://e.sia.watch/albaplayer/pemium-1/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 02 Jan 2026 19:00:57 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nlast-modified: Sun, 29 Jun 2025 02:04:08 GMT\r\nexpires: Fri, 30 Jan 2026 12:17:31 GMT\r\ncache-control: max-age=2592000\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-nginx-upstream-cache-status: STALE\r\nx-server-powered-by: Engintron\r\ncontent-encoding: gzip\r\nage: 197005\r\npriority: u=2,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=glNcEG%2FPCvRTAwwhrADpwx%2Bm%2FfkFZLD%2B2rmxv52PLcH5mjtMYlNCZQwgJKe6tvKKHbbfPmE5TXtVDAKvRhsWtI5tQ8naXPVvFw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b7c8091b8c05691-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Engintron","description":"Engintron is a plugin that integrates Nginx to cPanel/WHM server.","website":"https://github.com/engintron/engintron","common_platform_enumeration":"","icon":"engintron.png","categories":["Web server extensions"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":17120,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (17120), with no line terminators","md5":"4edd87322f246f6c5c0b3d2fb0d204ae","sha1":"12e92acb11f80b8b409c8a24893a0907dbcbed78","sha256":"587cee8a94747a6aae8d17ac1b5bb2823588ba299564aa894b5c1f3b28c1d573","sha512":"232fdf5402df0c6adfd3be02bf8a55a712a58c42dded40e70a86d6e9edce1bd52775125c2a723024b5f8a979de6ccfe64a87ffa939e474744930680571eed861","ssdeep":"384:Xe/3v6xxfdMsqMd/2nf+4VzUOaH1taYo3Ge0gbzJK:Xe/3vCxfdTqMh2nxVzUOaH1toWe0gbzc","tlshash":"1072b5319fa4347767131afb766a90c0e75e580e79046c8ef58abc0e5ee6625c2c0a37","first_seen":"2024-05-24T19:02:40Z","last_seen":"2026-03-21T01:57:55.562536Z","times_seen":177,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.sia.watch/wp-content/uploads/2025/11/tv-koora.live-4-scaled.png","fqdn":"a.sia.watch","domain":"sia.watch","tld":"watch"},"ip":{"addr":"172.67.202.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://e.sia.watch/albaplayer/pemium-1/","date":"2026-01-02T19:00:57.241Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sia.watch","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 09 Dec 2025 19:14:04 GMT","end":"Mon, 09 Mar 2026 20:10:24 GMT"},"fingerprint":{"sha1":"19:1C:4C:6B:FA:DA:7A:71:07:9A:F3:2B:1B:6E:4A:5E:39:33:BD:87","sha256":"19:E5:EC:C3:36:E5:B2:1E:0C:8A:8A:4F:61:E2:4E:83:60:D8:4C:47:A2:2C:0B:18:59:E8:21:86:AA:19:36:9E"}}},"request":{"raw":"GET /wp-content/uploads/2025/11/tv-koora.live-4-scaled.png HTTP/1.1\r\nHost: a.sia.watch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://e.sia.watch/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 02 Jan 2026 19:00:57 GMT\r\ncontent-type: image/png\r\ncontent-length: 232482\r\nlast-modified: Mon, 03 Nov 2025 00:31:30 GMT\r\nexpires: Sun, 01 Mar 2026 12:17:31 GMT\r\ncache-control: max-age=5184000\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-nginx-upstream-cache-status: STALE\r\nx-server-powered-by: Engintron\r\naccept-ranges: bytes\r\nage: 197005\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qdhL7cWGBnocneMQzmdMqx3Fargf9eWK%2FPZUETDgnvitg%2F0ahr3znX5BKUITslnUrDJIo3ZtXUF%2FCbeTqF%2B0J26TAGPTHijhNg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9b7c8091c8c15691-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Engintron","description":"Engintron is a plugin that integrates Nginx to cPanel/WHM server.","website":"https://github.com/engintron/engintron","common_platform_enumeration":"","icon":"engintron.png","categories":["Web server extensions"]}],"data":{"size":232482,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 2560 x 1280, 8-bit/color RGBA, non-interlaced","md5":"ff4af335aaae6064ae05c39cc60f27ee","sha1":"b5076c42ae714d4f53a200f7cba43bfe560a0ef4","sha256":"2c17bd5396b46b5e25ba63ddffb0b7d6fc04ddc0883357d1c552a37e8727e5f7","sha512":"2587ebbd9670086ccda61ac426dba5dd250692112aad7164dbf9285f6ca722ced4f2e60725ec12ea9727a14e186b289557ff68477a79fde0261af4fde820753b","ssdeep":"3072:GDJRWxKXrMfL2YlNCbQ8JAa/rdupgE46eoU8P5uhwdirI5Lful6U6aJ1khaZDW5C:CfiffLN2QA/5upgq6wirI0lF1kYDZ","tlshash":"1f34120ce0f42a18ef88e2b51aa8de601fbe78a711ed513c316933255e557be4350bdb","first_seen":"2025-10-02T11:37:06.987382Z","last_seen":"2026-01-05T17:37:55.579592Z","times_seen":10,"resource_available":false,"data":null}},"time_used":52,"timings":{"blocked":3,"dns":0,"connect":0,"send":0,"wait":8,"receive":41,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"a.sia.watch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/hls.js/8.0.0-beta.3/hls.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://e.sia.watch/albaplayer/pemium-1/","date":"2026-01-02T19:00:57.243Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 15 Nov 2025 20:49:06 GMT","end":"Fri, 13 Feb 2026 21:49:04 GMT"},"fingerprint":{"sha1":"9A:71:C8:6F:E2:4B:9A:91:7D:C8:4A:1D:79:98:2F:97:C1:85:D8:79","sha256":"4E:C5:BB:7A:81:A0:D9:00:73:8D:D5:57:59:3D:A0:C3:D3:BE:62:18:4E:6F:6D:98:DA:F0:90:94:5E:E0:0B:63"}}},"request":{"raw":"GET /ajax/libs/hls.js/8.0.0-beta.3/hls.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://e.sia.watch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 02 Jan 2026 19:00:57 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 50712\r\ncf-ray: 9b7c8091fbe0b4fd-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03e7d-34237\"\r\nlast-modified: Mon, 04 May 2020 16:10:37 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 2491650\r\nexpires: Wed, 23 Dec 2026 19:00:57 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=cHJdpEFgWVQg9Z%2Fn8HD7qj2Cm9sxk8k8mbahOPfGGA8sAgCclbHmgeG4FSKMEtAgXpZ94TWIZLJVnB6o7Bmb99siH9iwKqHVDXntVurCFfUzm%2FLX1oZD2lh76Go8pxBJz6MFRV5h\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":213559,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"e1983d10d9d03c12e99550b2bceef13a","sha1":"286c1382b0805e3bc08fae96d27737f8ac45e1bf","sha256":"8df32db012dbcdb5c730495789f026e3eb2f331376eecde77c7eb692708ddc0b","sha512":"f63a09abb849d1a6bd41408d3ff55e7f42e0f54fd9d17a75b55df9e30b8bff94a79f3f66192623e105191ee9eaac26b2e2453c629c8a4b136c5a9e621cf5501c","ssdeep":"3072:DQL+5S5hpbNn5EvvDHvJtiFPlyYtoLZeo:DQn5hpx5EvvFtixQSo","tlshash":"e3241a99b7b560654283a1a5503f060a7236b81eb405c0fcfb6bdaf75cb484e643bf78","first_seen":"2023-03-08T20:09:01Z","last_seen":"2026-03-26T18:00:19.558563Z","times_seen":522,"resource_available":true,"data":null}},"time_used":97,"timings":{"blocked":34,"dns":1,"connect":2,"send":0,"wait":20,"receive":2,"ssl":35},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"e.sia.watch/wp-content/plugins/AlbaPlayer//assets/css/style.css?v=11.1","fqdn":"e.sia.watch","domain":"sia.watch","tld":"watch"},"ip":{"addr":"172.67.202.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://e.sia.watch/albaplayer/pemium-1/","date":"2026-01-02T19:00:57.238Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sia.watch","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 09 Dec 2025 19:14:04 GMT","end":"Mon, 09 Mar 2026 20:10:24 GMT"},"fingerprint":{"sha1":"19:1C:4C:6B:FA:DA:7A:71:07:9A:F3:2B:1B:6E:4A:5E:39:33:BD:87","sha256":"19:E5:EC:C3:36:E5:B2:1E:0C:8A:8A:4F:61:E2:4E:83:60:D8:4C:47:A2:2C:0B:18:59:E8:21:86:AA:19:36:9E"}}},"request":{"raw":"GET /wp-content/plugins/AlbaPlayer//assets/css/style.css?v=11.1 HTTP/1.1\r\nHost: e.sia.watch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://e.sia.watch/albaplayer/pemium-1/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 02 Jan 2026 19:00:57 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nlast-modified: Sun, 29 Jun 2025 02:04:08 GMT\r\nexpires: Fri, 30 Jan 2026 12:17:31 GMT\r\ncache-control: max-age=2592000\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-nginx-upstream-cache-status: STALE\r\nx-server-powered-by: Engintron\r\ncontent-encoding: gzip\r\nage: 197005\r\npriority: u=2,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BFtDruDN0bOWIBGo3IlyQCLabrfgxvzY9jy1rPjZKMgCSxupDRcP3vuGmDJusndKh3j7jIdJR99ql%2Bfn%2FLsVwroouMG8115h8Q%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b7c8091b8bc5691-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Engintron","description":"Engintron is a plugin that integrates Nginx to cPanel/WHM server.","website":"https://github.com/engintron/engintron","common_platform_enumeration":"","icon":"engintron.png","categories":["Web server extensions"]}],"data":{"size":13175,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (13175), with no line terminators","md5":"e9db16bb849107eb004b009f260dccd6","sha1":"163592714dcee8286a6447ef54263e4e5e9e2776","sha256":"4ee01e78ab6cadd86f788733494642492a7c72f6dce53d6eb022a847472ff7a9","sha512":"748597eb0f882b4d525a6cf91956c5d900d7775842c83664b0b3c96f02860a6b7d54066a02b498deba0e77f5502f2efe75d6d8fdebd2dd561bd7d430f17e0cc1","ssdeep":"192:MYy+gUq+qjAKUWgIALLQrj8nZsWVxkgBelk3DDapTSJ22li/E:MYy+gf4WgTL686WXkECp2J22U/E","tlshash":"a5429515fce03268bb27e039e682577f30788022e6531f9ee597b3a847db1d612d3649","first_seen":"2024-06-29T21:02:06Z","last_seen":"2026-04-01T02:27:18.779442Z","times_seen":179,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"c.sia-kora.live/wp-content/uploads/2025/11/cropped-tv-koora.live-4-scaled-1-32x32.png","fqdn":"c.sia-kora.live","domain":"sia-kora.live","tld":"live"},"ip":{"addr":"104.21.59.127","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://a.sia-kora.live/premium-1/","date":"2026-01-02T19:00:57.246Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sia-kora.live","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Dec 2025 18:34:25 GMT","end":"Fri, 20 Mar 2026 19:33:09 GMT"},"fingerprint":{"sha1":"2E:3A:37:D9:31:CF:56:C1:F7:ED:BC:2A:F4:F1:A7:4B:10:19:1E:8B","sha256":"DB:8F:50:6D:78:00:C4:F4:5B:01:4C:7C:F4:43:B1:97:D7:7A:27:EF:FE:88:EF:3F:31:05:A0:9E:8B:A6:EF:CA"}}},"request":{"raw":"GET /wp-content/uploads/2025/11/cropped-tv-koora.live-4-scaled-1-32x32.png HTTP/1.1\r\nHost: c.sia-kora.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://a.sia-kora.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 02 Jan 2026 19:00:57 GMT\r\ncontent-type: image/png\r\ncontent-length: 1575\r\nlast-modified: Wed, 24 Dec 2025 20:29:39 GMT\r\nexpires: Sun, 01 Mar 2026 12:10:50 GMT\r\ncache-control: max-age=5184000\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-nginx-upstream-cache-status: STALE\r\nx-server-powered-by: Engintron\r\naccept-ranges: bytes\r\nage: 197406\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5tSKsBhyY8hfhIwPcak0ARbJomNAZ7Z4p%2F2V18bQoLDHi2xhCAfXmwfW9VYojleAMB%2B%2Bo9srk4cXSGa9zA2l2YwCd6HrONTT5N6pCys%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=6,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9b7c8091bb2d5687-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Engintron","description":"Engintron is a plugin that integrates Nginx to cPanel/WHM server.","website":"https://github.com/engintron/engintron","common_platform_enumeration":"","icon":"engintron.png","categories":["Web server extensions"]}],"data":{"size":1575,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"622d13d3234738a61011b2e978691742","sha1":"78a4a8a9bb5937e6e0417667873673b711fae228","sha256":"d12480614f06aaf2df87ea4a22cf02540936542eff534e4d99e9f11f2f586416","sha512":"afe4767af2fbacaa124368abd616e9859197937561d553e3810081c11b98f21e203481f709cb7fdabdef6343d86b96220c79cb70b5b6b87fd702e950e6f8d60b","ssdeep":"","tlshash":"6631c5f7033b1e4a64ee126e19973d9d8458bff0c26222770239ee6196912e544f0ece","first_seen":"2026-01-02T19:01:26.034319Z","last_seen":"2026-01-02T19:01:26.034319Z","times_seen":1,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"13.syria-live.space/live/beinmax1","fqdn":"13.syria-live.space","domain":"syria-live.space","tld":"space"},"ip":{"addr":"52.84.50.91","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://e.sia.watch/albaplayer/pemium-1/","date":"2026-01-02T19:00:57.476Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"13.syria-live.space","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 31 Dec 2025 00:00:00 GMT","end":"Fri, 29 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"34:A0:AE:E5:01:D4:FF:7C:99:99:6E:99:CC:D7:3F:F6:DE:B1:DB:F1","sha256":"C0:63:95:74:65:A5:BE:EF:49:7C:07:A7:CE:C2:27:FA:FB:8B:AB:74:2F:61:DB:59:36:12:3C:E8:53:CD:29:8D"}}},"request":{"raw":"GET /live/beinmax1 HTTP/1.1\r\nHost: 13.syria-live.space\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://e.sia.watch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://e.sia.watch/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncontent-type: text/html\r\nserver: nginx\r\ndate: Fri, 02 Jan 2026 19:00:54 GMT\r\nx-content-type-options: nosniff\r\nx-robots-tag: noindex\r\ncache-control: public, max-age=2\r\naccept-ranges: none\r\nx-cache: Error from cloudfront\r\nvia: 1.1 b0a74a1c8b6a1560cd851a637b999ff4.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: 4bUHDzhuQxrFYmF2e_00SYzSIsG84w4HNjBzhJAvXwM2gSInPuP3ow==\r\nage: 3\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":146,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-04-03T18:31:29.894522Z","times_seen":476818,"resource_available":true,"data":null}},"time_used":529,"timings":{"blocked":248,"dns":140,"connect":2,"send":0,"wait":26,"receive":0,"ssl":109},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.sia-kora.live/premium-1/","fqdn":"a.sia-kora.live","domain":"sia-kora.live","tld":"live"},"ip":{"addr":"104.21.59.127","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-02T19:00:56.507Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sia-kora.live","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Dec 2025 18:34:25 GMT","end":"Fri, 20 Mar 2026 19:33:09 GMT"},"fingerprint":{"sha1":"2E:3A:37:D9:31:CF:56:C1:F7:ED:BC:2A:F4:F1:A7:4B:10:19:1E:8B","sha256":"DB:8F:50:6D:78:00:C4:F4:5B:01:4C:7C:F4:43:B1:97:D7:7A:27:EF:FE:88:EF:3F:31:05:A0:9E:8B:A6:EF:CA"}}},"request":{"raw":"GET /premium-1/ HTTP/1.1\r\nHost: a.sia-kora.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 02 Jan 2026 19:00:56 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\ncache-control: max-age=3, must-revalidate\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-nginx-upstream-cache-status: HIT\r\nx-server-powered-by: Engintron\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1pC4bx003DwZtKFIJ5w6btmgYs66bCmqkJNBkKNk9eb8FEQZwfsSNcS3KED5Z3TlbLbFAM3AFEF5pIZZeP5qH9mAfh7Eyeoj8vMZyEo%2F1w%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9b7c808d5f49c272-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Engintron","description":"Engintron is a plugin that integrates Nginx to cPanel/WHM server.","website":"https://github.com/engintron/engintron","common_platform_enumeration":"","icon":"engintron.png","categories":["Web server extensions"]},{"name":"WordPress Super Cache","description":"WordPress Super Cache is a static caching plugin for WordPress.","website":"https://z9.io/wp-super-cache/","common_platform_enumeration":"","icon":"wp_super_cache.png","categories":["Caching","WordPress plugins"]},{"name":"Yoast SEO:26.6","description":"Yoast SEO is a search engine optimisation plugin for WordPress and other platforms.","website":"https://yoast.com/wordpress/plugins/seo/","common_platform_enumeration":"","icon":"Yoast SEO.png","categories":["SEO","WordPress plugins"]},{"name":"WordPress","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":59465,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (15967), with CRLF, LF line terminators","md5":"22e036ee1c54550430034d4f818a7a54","sha1":"30c5e4da9e0ab9ffaf39d643d0eb49d2365652fa","sha256":"797b1b6d57a079e6d7f02077ad31ba465c4114998f9ea970a8eb8d12baff3abd","sha512":"ff37afa76f57db67870a79f9c59dc25c2eff2bb65141ed840e5cd83c78b19b1874c8dd3ef9cd1d00649eaf91c8e4feb255738c0f513c2bd2a53239d5b03988b3","ssdeep":"1536:HZ/gr9DLURZpjtgNypAegFWjYiM+/dgQ5Kx2BjOcAnN6+OUEYU0GnYG5BIT+7:HhgYR/QCAeoG","tlshash":"89433a72a29060347b1bc7eed197720cf435a80be9039a74b0ac72654bd69f742a773c","first_seen":"2026-01-02T19:01:26.036326Z","last_seen":"2026-01-02T19:01:26.036326Z","times_seen":1,"resource_available":false,"data":null}},"time_used":159,"timings":{"blocked":26,"dns":1,"connect":1,"send":0,"wait":107,"receive":0,"ssl":21},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"a.sia-kora.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"c.sia-kora.live/wp-content/themes/AlbaYallaShoot/public/fonts/NeoSansArabic.woff2?v=3","fqdn":"c.sia-kora.live","domain":"sia-kora.live","tld":"live"},"ip":{"addr":"104.21.59.127","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://a.sia-kora.live/premium-1/","date":"2026-01-02T19:00:56.889Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sia-kora.live","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Dec 2025 18:34:25 GMT","end":"Fri, 20 Mar 2026 19:33:09 GMT"},"fingerprint":{"sha1":"2E:3A:37:D9:31:CF:56:C1:F7:ED:BC:2A:F4:F1:A7:4B:10:19:1E:8B","sha256":"DB:8F:50:6D:78:00:C4:F4:5B:01:4C:7C:F4:43:B1:97:D7:7A:27:EF:FE:88:EF:3F:31:05:A0:9E:8B:A6:EF:CA"}}},"request":{"raw":"GET /wp-content/themes/AlbaYallaShoot/public/fonts/NeoSansArabic.woff2?v=3 HTTP/1.1\r\nHost: c.sia-kora.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://a.sia-kora.live\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://a.sia-kora.live/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 02 Jan 2026 19:00:56 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 39156\r\nserver: cloudflare\r\nlast-modified: Wed, 24 Sep 2025 01:08:30 GMT\r\nexpires: Sun, 01 Mar 2026 13:43:05 GMT\r\ncache-control: max-age=5184000\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-nginx-upstream-cache-status: STALE\r\nx-server-powered-by: Engintron\r\naccept-ranges: bytes\r\nage: 191871\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=31Tb%2BvzGGsXXAhIEaZWvORNoHoSeldCx5by1jCNU99A%2BzsEqnbaDGLY9H15glQx5%2FJRgPK387J%2FU%2Bmwd32G5QdzqgSM7Y7nVwTosXNXnhg%3D%3D\"}]}\r\ncf-ray: 9b7c808fead1a41f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Engintron","description":"Engintron is a plugin that integrates Nginx to cPanel/WHM server.","website":"https://github.com/engintron/engintron","common_platform_enumeration":"","icon":"engintron.png","categories":["Web server extensions"]}],"data":{"size":39156,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 39156, version 1.0","md5":"a4761b675c1f72d272bb212b5eba6fce","sha1":"f40f312b883ef7efa2bb41733fd5dceeb17ac5a1","sha256":"1964614fd42691b34332efca2158901370a21827c1b31907d11ba6585a8c8304","sha512":"5f70126307295c5b61202816d7549e6f396179373d450be401970628d072ed58cfa4c6653e1d781ee2661fe0eb73a33f90ae6886fbd11d0f5b19ba1931b99bdd","ssdeep":"768:4MtNG4lR4CZeLm/hKHUgLt9Ybw3m5ITa2iR1m5GXzVGO:nNX6cgmpeUSAMpw1m5wVGO","tlshash":"a403f15b1ad23b96b40601fc65baed91f5354fc1c7cbd88125b266e71a180fcc4fad90","first_seen":"2025-01-19T14:49:21.534067Z","last_seen":"2026-03-22T20:47:49.816818Z","times_seen":120,"resource_available":false,"data":null}},"time_used":121,"timings":{"blocked":56,"dns":8,"connect":1,"send":0,"wait":11,"receive":3,"ssl":35},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.kooralive.fans/wp-content/uploads/2025/12/kooralive.webp","fqdn":"www.kooralive.fans","domain":"kooralive.fans","tld":"fans"},"ip":{"addr":"172.67.212.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://a.sia-kora.live/premium-1/","date":"2026-01-02T19:00:56.866Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kooralive.fans","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Dec 2025 01:33:25 GMT","end":"Tue, 24 Mar 2026 02:32:04 GMT"},"fingerprint":{"sha1":"C6:E5:E1:74:08:88:56:68:3C:9D:33:FA:69:50:BA:D1:62:21:53:C6","sha256":"97:A6:27:3B:68:D3:05:29:0D:A7:D1:7E:9E:B9:8D:F5:3B:CE:12:D3:A0:F5:3B:16:EC:9E:DB:00:14:CE:51:BA"}}},"request":{"raw":"GET /wp-content/uploads/2025/12/kooralive.webp HTTP/1.1\r\nHost: www.kooralive.fans\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://a.sia-kora.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 02 Jan 2026 19:00:56 GMT\r\ncontent-type: image/webp\r\ncontent-length: 13746\r\nserver: cloudflare\r\nlast-modified: Fri, 26 Dec 2025 19:03:06 GMT\r\nexpires: Tue, 24 Feb 2026 19:05:43 GMT\r\ncache-control: max-age=5184000\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-nginx-upstream-cache-status: HIT\r\nx-server-powered-by: Engintron\r\naccept-ranges: bytes\r\nage: 604513\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SI56OOXterGlhxXF2tlf9r%2FC4nk8xIaoKLaoxBF%2Bba2hL4CfGrF%2F6XA88216CROSxcqC5sbwTG8eQa7LTTE7%2FKGEJLvEG2Ej7VBKDueMI3qI6w%3D%3D\"}]}\r\ncf-ray: 9b7c808fe800a0f0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Engintron","description":"Engintron is a plugin that integrates Nginx to cPanel/WHM server.","website":"https://github.com/engintron/engintron","common_platform_enumeration":"","icon":"engintron.png","categories":["Web server extensions"]}],"data":{"size":13746,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"fd62084887c87942db1ab24364d1d9c1","sha1":"46e64a5b970232e454f18f43e43cfc6c80af91d2","sha256":"67185bd893bc6fcaa3a6d44b7a4d4bba1e94104aab29e59d99b887088938e2e2","sha512":"eec5d059dc1a1eb5f6016e023ae21ea5ddf7aa3e2ba51a9f370b601f98dddafecd380cac49583b541ff41d80568bcfd1f6727ed51cccf680aad61ee7fcbd4004","ssdeep":"384:rycEZaQY45ZtjC7pRYxWuGrX4gGC367BxpRSPWTnT:ryfBZtj+YEbX/GCqfpRGWTT","tlshash":"e252d0a5af015879d974cc6d1ebe3247d0d137980ec5f0c791898d236a783b0ba71ec5","first_seen":"2026-01-02T19:01:26.037912Z","last_seen":"2026-01-24T20:23:51.162993Z","times_seen":2,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":79,"dns":31,"connect":1,"send":0,"wait":7,"receive":1,"ssl":31},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ipapi.co/json/","fqdn":"ipapi.co","domain":"ipapi.co","tld":"co"},"ip":{"addr":"104.26.8.44","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://a.sia-kora.live/premium-1/","date":"2026-01-02T19:00:56.879Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ipapi.co","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Dec 2025 12:14:55 GMT","end":"Thu, 19 Mar 2026 13:14:43 GMT"},"fingerprint":{"sha1":"9F:6D:86:C5:B8:42:73:79:95:D9:AD:A7:9E:37:F2:54:CF:A0:9C:90","sha256":"C1:37:01:B7:C2:DD:54:62:A0:93:A6:F0:05:9D:5A:0C:55:E4:49:78:D8:DD:C8:9D:B1:B8:6B:75:83:70:B2:28"}}},"request":{"raw":"GET /json/ HTTP/1.1\r\nHost: ipapi.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://a.sia-kora.live/\r\nOrigin: https://a.sia-kora.live\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 02 Jan 2026 19:00:57 GMT\r\ncontent-type: application/json\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\nallow: GET, OPTIONS, OPTIONS, HEAD, POST\r\nx-frame-options: DENY\r\nvary: Host, origin\r\naccess-control-allow-origin: https://a.sia-kora.live\r\nx-content-type-options: nosniff\r\nreferrer-policy: same-origin\r\ncross-origin-opener-policy: same-origin\r\ncontent-security-policy-report-only: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.stripe.com https://*.paddle.com https://www.google.com https://www.gstatic.com https://maps.gstatic.com https://maps.googleapis.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://*.paddle.com https://fonts.gstatic.com https://fonts.googleapis.com; img-src 'self' data: https://ipapi.co https://maps.gstatic.com https://maps.googleapis.com https://*.stripe.com; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com; frame-src 'self' https://www.google.com https://*.stripe.com https://*.paddle.com https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/; connect-src 'self' https://ipapi.co/ https://*.paddle.com https://*.stripe.com https://maps.googleapis.com https://www.google.com/recaptcha/; object-src 'none'; frame-ancestors 'none'; base-uri 'self'; form-action 'self';\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=djkGZOw%2FlxY5mNSjf%2FarwCcj57uq7BSFnZXSuDF37d58b88otjba39GRbB0cE%2B6NEnACpuCmVQqVkAgaAUq1hjMtfhBu\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9b7c808fbf5bb51e-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":748,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"460b460d57658b5fd29c5e4934445c33","sha1":"24a724b25ef1401657cafa588835edfb9f7ef1f7","sha256":"93eefe1243dfce9ac06bf199cc9962e610bab6bff4f096662a357d27c9aefa70","sha512":"127d42078b0a87c6d0a70bd359dbcf50844e871ae9e98875a63f2303950b50bcc04fdb72df3f2e157dde3c019355fb67791147d38d6c3c570e1bde1d3b8f31c2","ssdeep":"","tlshash":"a9012428e4680e7b88b80358b4286a07122422075f16354e7fd4878d0f8d8bf20b124e","first_seen":"2025-12-17T10:03:05.72606Z","last_seen":"2026-03-25T09:03:12.863773Z","times_seen":3067,"resource_available":false,"data":null}},"time_used":313,"timings":{"blocked":43,"dns":3,"connect":1,"send":0,"wait":223,"receive":0,"ssl":39},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"e.sia.watch/albaplayer/pemium-1/","fqdn":"e.sia.watch","domain":"sia.watch","tld":"watch"},"ip":{"addr":"172.67.202.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://a.sia-kora.live/premium-1/","date":"2026-01-02T19:00:56.939Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sia.watch","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 09 Dec 2025 19:14:04 GMT","end":"Mon, 09 Mar 2026 20:10:24 GMT"},"fingerprint":{"sha1":"19:1C:4C:6B:FA:DA:7A:71:07:9A:F3:2B:1B:6E:4A:5E:39:33:BD:87","sha256":"19:E5:EC:C3:36:E5:B2:1E:0C:8A:8A:4F:61:E2:4E:83:60:D8:4C:47:A2:2C:0B:18:59:E8:21:86:AA:19:36:9E"}}},"request":{"raw":"GET /albaplayer/pemium-1/ HTTP/1.1\r\nHost: e.sia.watch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://a.sia-kora.live/\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 02 Jan 2026 19:00:56 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\ncache-control: max-age=3, must-revalidate\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-nginx-upstream-cache-status: HIT\r\nx-server-powered-by: Engintron\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Icq02qAWj5fcg13FgVkp40HdBG%2BhY5W0o8R%2BrKbsRndiM3IXSmXELVeoMz2fCyVAwrgLVMD4mm5u%2FMU0Vrg9NSTcVQYjRPu5%2Fg%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9b7c808feb3b5695-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"WordPress Super Cache","description":"WordPress Super Cache is a static caching plugin for WordPress.","website":"https://z9.io/wp-super-cache/","common_platform_enumeration":"","icon":"wp_super_cache.png","categories":["Caching","WordPress plugins"]},{"name":"WordPress","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]},{"name":"Engintron","description":"Engintron is a plugin that integrates Nginx to cPanel/WHM server.","website":"https://github.com/engintron/engintron","common_platform_enumeration":"","icon":"engintron.png","categories":["Web server extensions"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]}],"data":{"size":4260,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1135), with CRLF, LF line terminators","md5":"d92a1589ba01a6c5e4ca59a4bd854904","sha1":"14687224731be14a1fe82c1d34575c4f68418776","sha256":"69f5052ada188577717372900b78d05bf2db3d854b074caecde07aaa45ea14d0","sha512":"fe95734a61a1401f1f87342b19cec11fbc3d3526f1b1b34051b82fa9f4886cf2de804b6f42e2ee8f6cf968881bf143ae4642c3e3610b0254ad5a261466c825d8","ssdeep":"96:6UMsDL2pc8Wv8+egiFJHX7IcoUhM4dSYrb0SPRWzjJkZYEHNgfY:6Udf18WxSBX7ywM4dSAb0YR2FkZYEHIY","tlshash":"b191a8364ee069322712c259a13a344db0775c1b9a52c70db5ff921fe78ced8029ed6b","first_seen":"2026-01-02T19:01:26.039278Z","last_seen":"2026-01-02T19:01:26.039278Z","times_seen":1,"resource_available":false,"data":null}},"time_used":43,"timings":{"blocked":9,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}