{"id":"60c30336-dc8e-4dd8-9e74-f31583eca747","url":"https://xcorewave.site/","status":"completed","submitted_at":"2026-06-19T12:10:25.712877Z","started_at":"2026-06-19T12:10:26.493644Z","completed_at":"2026-06-19T12:10:47.978458Z","final_url":"https://xcorewave.site/","http_status":404,"error":null,"artifacts":{"html_url":"/artifact/html/c8c07e59d2649d23e615ec030c08f90fbe8d8d39b067c2cb7eb47a1b178fefeb.html","screenshot_url":"/artifact/screenshot/569a89372b63182dae06563e1bb37712010f1d129379fb8c8c0996e8aa7866ea.png","har_url":"/artifact/har/333b6ce10bce742619704780d7d9ac973014a0d032c847880f83824a21d4750e.har","annotations_url":null},"metadata":{"redirect_chain":[],"network_summary":[{"url":"https://xcorewave.site/","status":404,"type":"document"}],"captured_js_bytes":3580,"turnstile":null,"cloudflare":null,"enrichment":{"registered":"xcorewave.site","host":"xcorewave.site","host_ip":"188.114.97.1","domain":{"key":"xcorewave.site","status":"fetching","data":null,"fetched_at":null,"expires_at":null,"fresh":false,"error":null},"ip":{"key":"188.114.97.1","status":"ok","data":{"asn":13335,"asn_org":"Cloudflare, Inc.","source":"geolite2-asn"},"fetched_at":"2026-06-10T17:37:50.474796+00:00","expires_at":"2026-07-10T17:37:50.474796+00:00","fresh":true,"error":null}},"timings":{"dns_ms":75,"scrape_ms":4434,"artifacts_ms":1988,"enrichment_ms":1707,"detection_ms":456,"per_detector_ms":{"domain":0,"forms":0,"yara":1,"urlhaus":392,"feeds":0,"brand_watch":0,"redirect_chain":0},"investigation_ms":0,"total_ms":21450,"ai_review_ms":11914},"investigation":{"hashes":{"html_sha256":"c8c07e59d2649d23e615ec030c08f90fbe8d8d39b067c2cb7eb47a1b178fefeb","screenshot_sha256":"569a89372b63182dae06563e1bb37712010f1d129379fb8c8c0996e8aa7866ea","har_sha256":"333b6ce10bce742619704780d7d9ac973014a0d032c847880f83824a21d4750e"},"iocs":{"emails":[],"crypto_wallets":[],"telegram_bots":[],"telegram_handles":[],"telegram_chat_ids":[],"discord_webhooks":[],"phone_numbers":[],"exfil_endpoints":[],"urls":["https://xcorewave.site/"]},"urls_by_type":{"document":["https://xcorewave.site/"]},"captured_resource_urls":["https://xcorewave.site/"],"hosts":[{"host":"xcorewave.site","request_count":1,"resource_types":["document"],"asn":13335,"asn_org":"Cloudflare, Inc.","ip":"188.114.97.1","registered":"xcorewave.site"}],"redirect_chain":[],"chain_signature":null,"host_count_total":1,"host_count_enriched":1,"tls":{"host":"xcorewave.site","validated":true,"subject":{"commonName":"xcorewave.site"},"issuer":{"countryName":"US","organizationName":"Let's Encrypt","commonName":"YE2"},"not_before":"2026-06-19T06:59:14+00:00","not_after":"2026-09-17T06:59:13+00:00","serial_number":"057EC138AC88761927F93E1CD08A72F6F08E","subject_alt_names":["*.xcorewave.site","xcorewave.site"],"fingerprint_sha256":"aed815364ecbe89b6b4ff7f38f58fefdcc810d72622fd9f4d6f3d85ea8823f0a","tls_version":"TLSv1.3","cipher":"TLS_AES_256_GCM_SHA384"},"kit":null,"page_links":[]},"worker_host":"scraper-21","annotations_key":null,"c2_endpoints":[],"screenshot_is_decoded_kit":false},"queue_wait_ms":780,"duration_ms":22265,"score":70,"verdict":"malicious","signals":[{"id":"domain.asn_info","severity":"info","weight":0,"detector":"domain","message":"Hosted on ASN 13335 (Cloudflare, Inc.).","evidence":{"host_ip":"188.114.97.1","asn":13335,"asn_org":"Cloudflare, Inc."}},{"id":"cert_pl.domain_hit","severity":"critical","weight":55,"detector":"feeds","message":"CERT-PL lists this host as a phishing domain.","evidence":{"host":"xcorewave.site","feed":"cert_pl"}}],"ai_review":{"verdict":{"verdict":"suspicious","score_adjustment":-5,"brand_impersonated":null,"kit_fingerprint":null,"iocs":[],"rationale":"The rule-based detection flagged this domain as a phishing target in CERT-PL, but the page content is a standard 404 error response from nginx, indicating no active phishing payload is currently serving. The adjustment reflects the discrepancy between the high-weight phishing signal and the lack of malicious content.","confidence":0.85},"skipped":false,"skipped_reason":null,"error":null,"model_text":"qwen3.5:4b","model_vlm":null,"prompt_version_text":"verdict_v1","prompt_version_vlm":null,"latency_ms":11190,"served_by":"primary"},"ai_skipped":false,"ai_skipped_reason":null,"ai_pending":false}