{"report_id":"9090ac70-7861-45a4-91b3-42cf90075e34","version":6,"status":"done","tags":[],"date":"2026-03-18T10:51:31Z","url":{"schema":"http","addr":"calvirex.xyz","fqdn":"calvirex.xyz","domain":"calvirex.xyz","tld":"xyz"},"ip":{"addr":"91.84.122.139","port":0,"asn":0,"as":"","country":"United Kingdom","country_code":"GB"},"final":{"url":{"schema":"https","addr":"calvirex.xyz/","fqdn":"calvirex.xyz","domain":"calvirex.xyz","tld":"xyz"},"title":"RU • MaxUnique 07 • 2026","dom":{"size":6432,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"e3b6094abb737ff26144a04ae11579b6","sha1":"b39e93c96b2950912a911f536713c7ff2e967652","sha256":"ce4ccd4176ec5928c2bc03d0c601e409da7e6a1899a8a3154701a0bc1f41f7d0","sha512":"e34a7933d9e4373dc31df3c8fa80186f03f07bf484a013a54bdd9d16fb35a97c168f0d54a035fd44a00fe4c55fe02f79534d3a4a5e575104dae30da35e6aba9e","ssdeep":"192:CR3kYTBjzguExYChaty9giuhy7hyrGimeH:1Y1B8rgiuhy7hyiimW","tlshash":"e0d1b631a3922239716390cabc52978e35b48023ea1bc318fb6d61a59fc5edfdb12546","dom_hash":"domhash7a0e63f8bd72ce93f733c5043052520e","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"calvirex.xyz","fqdn":"calvirex.xyz","domain":"calvirex.xyz","tld":"xyz"},"ip":{"addr":"91.84.122.139","port":0,"asn":0,"as":"","country":"United Kingdom","country_code":"GB"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-22T10:51:31Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"calvirex.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"calvirex.xyz","ip":{"addr":"91.84.122.139","port":443,"asn":0,"as":"","country":"United Kingdom","country_code":"GB"},"domain_registered":"2026-03-10","domain_rank":0,"first_seen":"2026-03-18T10:51:31.456218Z","last_seen":"2026-03-18T10:51:31.456218Z","alert_count":2,"request_count":2,"received_data":6970,"sent_data":912,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"calvirex.xyz/","fqdn":"calvirex.xyz","domain":"calvirex.xyz","tld":"xyz"},"ip":{"addr":"91.84.122.139","port":443,"asn":0,"as":"","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"c4911ed679bb00aeac51b25697d9eee4","sha1":"6a17b8e027b651ed82c336fbbf22b653d03c54c8","sha256":"a4984e19e42c4e6d75a9c1656f8715e0a4bbd93bae458342b439245cdce31d2e","sha512":"de20575c1c2f292bcec2e35eff5dc817aa10c9b36a00cc71297bcc229ff82f9614fd1f7bf240a40893292e754a55c116851a56fd412d31a7ca8b1d3614947a0e","ssdeep":"","tlshash":"23b012951001cec1165010a03a418f31147812558b41669014069481207054e4e85dc4","size":92,"data":"","first_seen":"2026-02-25T01:49:52.587601Z","last_seen":"2026-03-18T11:27:42.617032Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"calvirex.xyz/","fqdn":"calvirex.xyz","domain":"calvirex.xyz","tld":"xyz"},"ip":{"addr":"91.84.122.139","port":443,"asn":0,"as":"","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"01c3c28e001e9ad492c1e836e106584b","sha1":"eb5365f9afe1ebc61bfd6413d0fe855d43596847","sha256":"e8279ba19627d2609fc6754f55a2f43c9ba90b56b3ff144cfdc8687177a39596","sha512":"dfebaea2e64c961fd6d09aeea137d941a13badbfaba351b73d43831836967ab9691ae2ad34405d2785c5791a89fa115892df844b11bacd7750564dbd07f20185","ssdeep":"","tlshash":"56f02b73f39a0678839f52ff2c9567a534b440063205c35a992c102168d8f9fb4bbacb","size":544,"data":"","first_seen":"2026-03-18T10:51:33.907371Z","last_seen":"2026-03-18T11:27:42.617836Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"calvirex.xyz/","fqdn":"calvirex.xyz","domain":"calvirex.xyz","tld":"xyz"},"ip":{"addr":"91.84.122.139","port":443,"asn":0,"as":"","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"a01f0a452f05f953e5c153b2e08f6ee2","sha1":"e59cf925c80b9644dd3c7d0e9dcda95fc669f7eb","sha256":"503a8645020705e0cb342b3fb605a3ca82712ae442007550936b23d7dbaeef26","sha512":"c2ee1873f120889635510df4a1cca118aabe26bd0b81487318827e7beccae12ff3831b97d8b380039dfea6fb29c4af265d780eb19d56f4e0c5557e7617510249","ssdeep":"","tlshash":"ea11ab1e01234bf610f36098db87b3a079f201933149c6083d1e8144af8ce5db7b1aaa","size":905,"data":"","first_seen":"2026-03-18T10:51:33.909032Z","last_seen":"2026-03-18T11:27:42.618584Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"6e9167c29a9f10e51209cab3b6e2f143","sha1":"8895f9338215f015d8af0cb333770c904c30460b","sha256":"876725f90e15ea178dec5b9f913167ed319014a61a254f390d79b086e15e6e8c","sha512":"9edd27d71bb6fab05719fed578f4e34b920a22705cc1aacbef4225514138e73f0e41bae77f99610563ce0a8bbe9707ee0b1494ec4834b2f79a0267cfdf2ce198","ssdeep":"","tlshash":"3e7000000080200a020008cabc08032200802e08c88b00002c0000000000a028a00230","size":21,"data":"","first_seen":"2026-03-18T10:51:33.912592Z","last_seen":"2026-03-18T11:27:42.619223Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"calvirex.xyz/","fqdn":"calvirex.xyz","domain":"calvirex.xyz","tld":"xyz"},"ip":{"addr":"91.84.122.139","port":443,"asn":0,"as":"","country":"United Kingdom","country_code":"GB"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-18T10:51:09.720Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"calvirex.xyz","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 10 Mar 2026 08:29:22 GMT","end":"Mon, 08 Jun 2026 08:29:21 GMT"},"fingerprint":{"sha1":"C4:EF:7B:40:F5:4C:B4:C8:1B:E2:16:88:5B:1C:B5:22:B1:7C:D1:D5","sha256":"82:6F:42:A9:63:3A:96:A2:67:A1:55:EF:3B:E9:8A:D1:75:D6:58:DC:B4:B3:F4:50:4A:0B:32:4A:5D:85:69:76"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: calvirex.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 18 Mar 2026 10:51:10 GMT\r\ncontent-type: text/html\r\nlast-modified: Tue, 10 Mar 2026 09:23:07 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69afe2fb-1905\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6405,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"641f3bae82da5611774cc16e3ef694db","sha1":"70a5e89255cc984ff00a4066f9d053bcba433161","sha256":"ef626a4791c769f7f74fc5dfe91e9460c8d4044a049d2269b879cb23418e2079","sha512":"50431f9aaf6b91b9c37cf8efd94e16c52e327ed051a8dd1d7ee2fb513974b63a9cc010221dbbb6b9bf3467dced55ea3341cba2c7b3273b090270d1749a36b511","ssdeep":"192:cR3kYTBjzguExYChat6Dgiuhy7hyrGimeL:TY1B89giuhy7hyiimu","tlshash":"24d1b631a3922239716390cabc52978e35f48023e91bc318bb6d61a5dfc5edfdb16506","first_seen":"2026-03-18T10:51:33.903236Z","last_seen":"2026-03-18T11:27:42.616243Z","times_seen":2,"resource_available":false,"data":null}},"time_used":620,"timings":{"blocked":297,"dns":241,"connect":26,"send":0,"wait":25,"receive":0,"ssl":28},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"calvirex.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"calvirex.xyz/favicon.ico","fqdn":"calvirex.xyz","domain":"calvirex.xyz","tld":"xyz"},"ip":{"addr":"91.84.122.139","port":443,"asn":0,"as":"","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://calvirex.xyz/","date":"2026-03-18T10:51:10.233Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"calvirex.xyz","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 10 Mar 2026 08:29:22 GMT","end":"Mon, 08 Jun 2026 08:29:21 GMT"},"fingerprint":{"sha1":"C4:EF:7B:40:F5:4C:B4:C8:1B:E2:16:88:5B:1C:B5:22:B1:7C:D1:D5","sha256":"82:6F:42:A9:63:3A:96:A2:67:A1:55:EF:3B:E9:8A:D1:75:D6:58:DC:B4:B3:F4:50:4A:0B:32:4A:5D:85:69:76"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: calvirex.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://calvirex.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Wed, 18 Mar 2026 10:51:10 GMT\r\ncontent-type: text/html\r\ncontent-length: 146\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":146,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-06-17T09:26:42.858382Z","times_seen":527753,"resource_available":true,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"calvirex.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}