{"report_id":"2add15c1-0d2d-4b5e-bdb8-9a9ee74f2480","version":6,"status":"done","tags":[],"date":"2025-12-12T03:00:02Z","url":{"schema":"http","addr":"grow.hakiviet.com/","fqdn":"grow.hakiviet.com","domain":"hakiviet.com","tld":"com"},"ip":{"addr":"172.67.135.157","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"grow.hakiviet.com/cgi-sys/defaultwebpage.cgi","fqdn":"grow.hakiviet.com","domain":"hakiviet.com","tld":"com"},"title":"VIETNIX","dom":{"size":1509,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"67c0c60ad738c5dc80b0f5efc0969805","sha1":"1582937790ceae890379ac17eae0515956ba7221","sha256":"356e16b0490b8d73d7755e238fd7dddaa98a21255b0b0259a37c6c3e8080dbc8","sha512":"d15aa59d6bcfacf5da6792761d7f56a3c8175877f6c738f21276816913914c0c74a6c5ae1d3ad8aa30998bfdf7338df39ba8050fcff927614e916c898971ef65","ssdeep":"","tlshash":"5731119656e31102650398241be3a7545798c403cacbdcf57e9e3288cf8c2926ae338c","dom_hash":"domhash87f6ecf458a94c6c863fe9713e246f69","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"grow.hakiviet.com/","fqdn":"grow.hakiviet.com","domain":"hakiviet.com","tld":"com"},"ip":{"addr":"172.67.135.157","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-01-16T03:00:02Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"grow.hakiviet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"grow.hakiviet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"grow.hakiviet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"grow.hakiviet.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"grow.hakiviet.com","ip":{"addr":"104.21.26.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-03-20","domain_rank":0,"first_seen":"2025-12-12T03:00:02.062234Z","last_seen":"2025-12-12T03:00:02.062234Z","alert_count":16,"request_count":4,"received_data":21828,"sent_data":1956,"comment":"","tags":null,"fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"grow.hakiviet.com/favicon.ico","fqdn":"grow.hakiviet.com","domain":"hakiviet.com","tld":"com"},"ip":{"addr":"104.21.26.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://grow.hakiviet.com/cgi-sys/defaultwebpage.cgi","date":"2025-12-12T02:59:40.989Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hakiviet.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 08:43:51 GMT","end":"Tue, 10 Feb 2026 09:42:22 GMT"},"fingerprint":{"sha1":"02:94:D2:33:0C:34:A0:89:8B:6F:5A:03:7D:EA:E0:3C:48:AD:82:FF","sha256":"32:81:35:45:36:3F:AC:FE:36:DD:E4:13:E9:FB:85:F8:1D:CF:2F:61:67:FC:12:8F:B0:2D:FD:2E:6B:3D:4A:48"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: grow.hakiviet.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://grow.hakiviet.com/cgi-sys/defaultwebpage.cgi\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Y22K5iZ8folCRoSOPfB%2FdL6GedzMssgN2JkIGtNmWjRNAVS2kos%2FON4DOiMo0%2FCh3ZNkk9yez5vXWEH3p9ypBpC78SIgY%2FhJlp8C0KmCrw%3D%3D\"}]}\r\ncontent-encoding: br\r\ncontent-type: text/html\r\npriority: u=6,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\ndate: Fri, 12 Dec 2025 02:59:41 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\ncf-ray: 9ac9f7952a0556aa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10375,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (4070)","md5":"70184034f05d366fcb32276460801f43","sha1":"5d65c9d1133aed6ff1a8fd872ec0d4d53af789b0","sha256":"b0be3a4f0128b6bfa41771a6f83bfd532d3073b58cabb7353975a5e41b0154d3","sha512":"015aa0b4c8da8469a0caf1ab576fc7cb1c11788c7394dab50aa1582e1e2a74487901357528ce74fb589639d29132d76d31877af296b5c40c1609dbb7331b4263","ssdeep":"192:rlYHC0HNXGZkHQU7ydPJq5S2KqQVX/uTK3w3DK+tMy47R/Ga0kVhFuPwf8Pn93JA:FVGaRF8I8OiB+Ii","tlshash":"4e22b69b1ae3000b744760b96bba2211ab69f543d11fcd643f4df3a4df869819c93b4e","first_seen":"2025-12-12T03:00:03.854362Z","last_seen":"2025-12-12T03:00:03.854362Z","times_seen":1,"resource_available":false,"data":null}},"time_used":463,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":463,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"grow.hakiviet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"grow.hakiviet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"grow.hakiviet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"grow.hakiviet.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"grow.hakiviet.com/","fqdn":"grow.hakiviet.com","domain":"hakiviet.com","tld":"com"},"ip":{"addr":"104.21.26.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-12T02:59:39.708Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hakiviet.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 08:43:51 GMT","end":"Tue, 10 Feb 2026 09:42:22 GMT"},"fingerprint":{"sha1":"02:94:D2:33:0C:34:A0:89:8B:6F:5A:03:7D:EA:E0:3C:48:AD:82:FF","sha256":"32:81:35:45:36:3F:AC:FE:36:DD:E4:13:E9:FB:85:F8:1D:CF:2F:61:67:FC:12:8F:B0:2D:FD:2E:6B:3D:4A:48"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: grow.hakiviet.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 12 Dec 2025 02:59:40 GMT\r\ncontent-type: text/html\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=t0OwCI6idLpFkAjiY1JZPB%2F5esEkk3oZnnpCRcpvagLVn7IYCdo7VSUhze2iaNN%2FPeqWdxiDtzXrtIt8rhRXmjBJWwJjY6e4%2BlaDC4rOmjOE\"}]}\r\nlast-modified: Tue, 05 Aug 2025 23:18:53 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9ac9f78d4f485a0f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":163,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"f1fb042c62910c34be16ad91cbbd71fa","sha1":"5bc7aceba9a8704ef4b1d427d7d08b140afcd866","sha256":"9278d16ed2fdcd5dc651615b0b8adc6b55fb667a9d106a9891b861d4561d9a24","sha512":"d4b2f435a14e915ec8c36364ef6be6dd810883b5c9c8e337573a114d36257186fae92ead623ac5ef7812b0ff2cc4973842e994f2f7fcd510d3c5a9c5c33a369b","ssdeep":"","tlshash":"71c08cd8009c383c7124b888dfc102c284669009a4a03ec154dbb62cc27ca27c88e2e4","first_seen":"2023-03-08T15:50:46Z","last_seen":"2026-04-04T11:40:15.240175Z","times_seen":24611,"resource_available":true,"data":null}},"time_used":513,"timings":{"blocked":21,"dns":1,"connect":1,"send":0,"wait":470,"receive":0,"ssl":15},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"grow.hakiviet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"grow.hakiviet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"grow.hakiviet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"grow.hakiviet.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"grow.hakiviet.com/cgi-sys/defaultwebpage.cgi","fqdn":"grow.hakiviet.com","domain":"hakiviet.com","tld":"com"},"ip":{"addr":"104.21.26.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-12T02:59:40.386Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hakiviet.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 08:43:51 GMT","end":"Tue, 10 Feb 2026 09:42:22 GMT"},"fingerprint":{"sha1":"02:94:D2:33:0C:34:A0:89:8B:6F:5A:03:7D:EA:E0:3C:48:AD:82:FF","sha256":"32:81:35:45:36:3F:AC:FE:36:DD:E4:13:E9:FB:85:F8:1D:CF:2F:61:67:FC:12:8F:B0:2D:FD:2E:6B:3D:4A:48"}}},"request":{"raw":"GET /cgi-sys/defaultwebpage.cgi HTTP/1.1\r\nHost: grow.hakiviet.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hmEhKGawliX1aMuTM9rguUu6kHylmsweoAoLEjAY37yBwiivbx3lrNpIPMYb%2ByJG%2FgMZADf9bfmL2oB4tP0wgmMeNNJnFJEUiV8CdsE7Jw%3D%3D\"}]}\r\ncontent-encoding: br\r\ncontent-type: text/html\r\npriority: u=1,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\ndate: Fri, 12 Dec 2025 02:59:40 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: DYNAMIC\r\ncf-ray: 9ac9f79159ed56aa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":1586,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF, LF line terminators","md5":"37ad7ee9f176a95e54fbbe2622424291","sha1":"ec837f021bb122e9df37a3fc6aaf96467a88788f","sha256":"084fb4edc020247a5a4dbebe8e2282a6a1e2989ca08ac90268495649d6be6ac0","sha512":"a5f5cfc67f567619bf9d3438bfe87c515c4edddda80f73d2df14a37a2f5ba98029274c2ec5f2105c9de3ba8d94802a60843d09cbebb95d2fe1bef819497d2dc9","ssdeep":"","tlshash":"bb31ed168682280261339a785fe29358ebc54053c68319b17eae32878fb910187d3b8c","first_seen":"2025-10-25T23:28:57.257596Z","last_seen":"2026-03-21T14:38:10.322681Z","times_seen":17,"resource_available":true,"data":null}},"time_used":475,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":475,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"grow.hakiviet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"grow.hakiviet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"grow.hakiviet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"grow.hakiviet.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"grow.hakiviet.com/img-sys/vietnix-logo-fullwhite.svg","fqdn":"grow.hakiviet.com","domain":"hakiviet.com","tld":"com"},"ip":{"addr":"104.21.26.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://grow.hakiviet.com/cgi-sys/defaultwebpage.cgi","date":"2025-12-12T02:59:40.889Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hakiviet.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 08:43:51 GMT","end":"Tue, 10 Feb 2026 09:42:22 GMT"},"fingerprint":{"sha1":"02:94:D2:33:0C:34:A0:89:8B:6F:5A:03:7D:EA:E0:3C:48:AD:82:FF","sha256":"32:81:35:45:36:3F:AC:FE:36:DD:E4:13:E9:FB:85:F8:1D:CF:2F:61:67:FC:12:8F:B0:2D:FD:2E:6B:3D:4A:48"}}},"request":{"raw":"GET /img-sys/vietnix-logo-fullwhite.svg HTTP/1.1\r\nHost: grow.hakiviet.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://grow.hakiviet.com/cgi-sys/defaultwebpage.cgi\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-length: 2405\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 19 Dec 2025 02:59:38 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Tue, 01 Jul 2025 04:58:52 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\npriority: u=4,i=?0\r\ndate: Fri, 12 Dec 2025 02:59:41 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lt2Z1%2F9ZTx05a5xsuObDDOfUTdpex%2Fienii6MBp2wcYxki8PzwMnR3jqI25xGbTZUI%2Fzp8Fi5RT44iUVHHDJU7GkuHxa2aWDN6uzFTntmw%3D%3D\"}]}\r\ncf-ray: 9ac9f7948a0456aa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7078,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"6bd4d752d4ed7ca4552905460b219079","sha1":"e3d551c517f4c3da889091ac311ac2aedd0f392f","sha256":"54769b528d91ed868083a148edc53fa64277c7a9d791ef79b475ef1612cdf68e","sha512":"37dd9963801d18cb1639f9fdb3374d0e110abbb3e78bc12e4a348fc05581fda1aba52056910e5962a278b5676740838d7c110146bc65c9bd89b7b64782e2f98f","ssdeep":"96:jXn3A6JXPS0Sz3AKALXU79Ij3zOa40rdAwJKE5sftFdg0yYgIQwA7SCGZKTAMvMr:bn3A6JXq0S7SLk5HyPKFFdg0ytTAMktZ","tlshash":"33e1529966dd61f1bc4cf3f4da9ba06975122cfe2721cacc43c5a856ed8072ed948c83","first_seen":"2025-01-19T17:35:34.439695Z","last_seen":"2026-03-21T14:38:10.324121Z","times_seen":65,"resource_available":false,"data":null}},"time_used":464,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":464,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"grow.hakiviet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"grow.hakiviet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"grow.hakiviet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"grow.hakiviet.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}