{"report_id":"1e675fb1-2213-48a9-9445-6cb46fcf58ab","version":0,"status":"done","tags":["commonwealth_bank","financial","phishing","suspicious","telegram_bot"],"date":"2026-06-24T10:17:51Z","url":{"schema":"http","addr":"commonwealth.biz.id","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":0,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"title":"NetBank - Log on to NetBank - Enjoy simple and secure online banking from Commonwealth Bank","dom":{"size":36283,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (5917)","md5":"b53e1f39be8bee77e6264572226a2f7c","sha1":"947321c98525278eb79530271624746488c0646c","sha256":"ce2637bd870b1979ea5e6715e4c1677b438220ae13fac71931c9e7b85190af55","sha512":"09a6a5d67ee5edeb25e16d31722d942bcfdaa69708dce3d3e38ffcffe947353d093a93354c16d4dbd5b3f4b68d1aa188902a5cbcb00c1f0351725b8790296f86","ssdeep":"768:jon4UhCbpEYgjjNQNTAVswoqcMxsJn1wI9Z96SDnx/V6TZ:En4U0bpENRCwoqxsJneI9Z96SDnx/V6N","tlshash":"dbf25be29f3c9c2680038656f07bf749118fdd33b6529894f8dd64141f91e89a633faa","dom_hash":"domhash69726376abca6e4ec14690d6db609939","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"commonwealth.biz.id","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":0,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-29T10:17:51Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":3,"analyzer":7}},"detection":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-06-24","alert":"Detects file containing Telegram Bot API","trigger":"commonwealth.biz.id/","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-06-24","alert":"Detects file containing Telegram Bot API","trigger":"commonwealth.biz.id/?Embedded=true","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"commonwealth.biz.id","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Commonwealth Bank","verdict":"phishing","severity":"medium","comment":"Associated with Commonwealth Bank phishing","tags":["commonwealth_bank","financial","phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null},{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]},"summary":[{"fqdn":"commonwealth.biz.id","ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"domain_registered":"2026-06-23","domain_rank":0,"first_seen":"2026-06-24T10:17:56.001325Z","last_seen":"2026-06-24T10:17:56.001326Z","alert_count":231,"request_count":38,"received_data":2887327,"sent_data":23156,"comment":"","tags":null,"fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Bootstrap:27ddcbdd352e9113971be193e1c5622e","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]}]},{"fqdn":"log-d8814f41.commbank.com.au","ip":{"addr":"20.53.196.14","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Australia","country_code":"AU"},"domain_registered":"unknown","domain_rank":1710448,"first_seen":"2022-05-26T00:45:48Z","last_seen":"2026-03-04T19:24:33.720274Z","alert_count":0,"request_count":7,"received_data":955,"sent_data":4744,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.stg.commbank.com.au","ip":{"addr":"162.159.141.173","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2015-08-17T01:36:44Z","last_seen":"2026-03-28T09:30:54.121991Z","alert_count":0,"request_count":1,"received_data":784,"sent_data":526,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"static.my.commbank.com.au","ip":{"addr":"162.159.141.172","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":5189057,"first_seen":"2017-01-29T13:59:55Z","last_seen":"2026-03-28T09:30:54.957352Z","alert_count":0,"request_count":1,"received_data":3707,"sent_data":624,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"www.commbank.com.au","ip":{"addr":"162.159.141.172","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":32360,"first_seen":"2012-05-23T02:11:31Z","last_seen":"2026-06-24T01:56:58.251072Z","alert_count":0,"request_count":2,"received_data":22446,"sent_data":1265,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}]},{"fqdn":"wup-d8814f41.commbank.com.au","ip":{"addr":"20.53.176.113","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Australia","country_code":"AU"},"domain_registered":"unknown","domain_rank":1630125,"first_seen":"2022-05-26T00:45:48Z","last_seen":"2026-03-04T19:24:33.888543Z","alert_count":0,"request_count":5,"received_data":14639,"sent_data":2762,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.my.commbank.com.au","ip":{"addr":"162.159.141.172","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":1978174,"first_seen":"2017-01-29T13:59:47Z","last_seen":"2026-06-24T01:56:58.456931Z","alert_count":0,"request_count":3,"received_data":22465,"sent_data":2298,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}]},{"fqdn":"www1.my.commbank.com.au","ip":{"addr":"162.159.141.172","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":6353054,"first_seen":"2017-02-01T06:17:09Z","last_seen":"2026-06-24T01:56:58.334027Z","alert_count":0,"request_count":1,"received_data":379,"sent_data":997,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":[{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"md5":"da9cc4f6b08bf7bc6fe4ef3030d3276f","sha1":"8b8be19376a85b89c0b18d4341817f23123b056a","sha256":"1eadac59a74425a7a8817c9ab8612ad2dd2fb9ac682d36d2a8378d5eef36bf85","sha512":"b7701ebb9c5e3a1517199ce08dce1fe4f14432dd0cfabec9b94a8fa55d42a8a7d1fdf1f62ffddf0f5661dedd0cb07ecb96097c4afa8cfe8727030566c1df5ce4","size":2505,"token":"8665773620:AAGmY96BOBJis4GORsGditxQumYibmPMfOs","is_revoked":false,"bot":{"token":"8665773620:AAGmY96BOBJis4GORsGditxQumYibmPMfOs","user_id":"8665773620","username":"Anymeans_bot","first_name":"Common wealth","last_name":"","chat":{"chat_id":"6786796559","title":"","type":"private","bot_is":"member","total_users":2,"active_members":null,"admins":null},"pending_messages":1}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"md5":"da9cc4f6b08bf7bc6fe4ef3030d3276f","sha1":"8b8be19376a85b89c0b18d4341817f23123b056a","sha256":"1eadac59a74425a7a8817c9ab8612ad2dd2fb9ac682d36d2a8378d5eef36bf85","sha512":"b7701ebb9c5e3a1517199ce08dce1fe4f14432dd0cfabec9b94a8fa55d42a8a7d1fdf1f62ffddf0f5661dedd0cb07ecb96097c4afa8cfe8727030566c1df5ce4","size":2505,"token":"8665773620:AAGmY96BOBJis4GORsGditxQumYibmPMfOs","is_revoked":false,"bot":{"token":"8665773620:AAGmY96BOBJis4GORsGditxQumYibmPMfOs","user_id":"8665773620","username":"Anymeans_bot","first_name":"Common wealth","last_name":"","chat":{"chat_id":"6786796559","title":"","type":"private","bot_is":"member","total_users":2,"active_members":null,"admins":null},"pending_messages":1}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"md5":"da9cc4f6b08bf7bc6fe4ef3030d3276f","sha1":"8b8be19376a85b89c0b18d4341817f23123b056a","sha256":"1eadac59a74425a7a8817c9ab8612ad2dd2fb9ac682d36d2a8378d5eef36bf85","sha512":"b7701ebb9c5e3a1517199ce08dce1fe4f14432dd0cfabec9b94a8fa55d42a8a7d1fdf1f62ffddf0f5661dedd0cb07ecb96097c4afa8cfe8727030566c1df5ce4","size":2505,"token":"8665773620:AAGmY96BOBJis4GORsGditxQumYibmPMfOs","is_revoked":false,"bot":{"token":"8665773620:AAGmY96BOBJis4GORsGditxQumYibmPMfOs","user_id":"8665773620","username":"Anymeans_bot","first_name":"Common wealth","last_name":"","chat":{"chat_id":"6786796559","title":"","type":"private","bot_is":"member","total_users":2,"active_members":null,"admins":null},"pending_messages":1}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"md5":"da9cc4f6b08bf7bc6fe4ef3030d3276f","sha1":"8b8be19376a85b89c0b18d4341817f23123b056a","sha256":"1eadac59a74425a7a8817c9ab8612ad2dd2fb9ac682d36d2a8378d5eef36bf85","sha512":"b7701ebb9c5e3a1517199ce08dce1fe4f14432dd0cfabec9b94a8fa55d42a8a7d1fdf1f62ffddf0f5661dedd0cb07ecb96097c4afa8cfe8727030566c1df5ce4","size":2505,"token":"8665773620:AAGmY96BOBJis4GORsGditxQumYibmPMfOs","is_revoked":false,"bot":{"token":"8665773620:AAGmY96BOBJis4GORsGditxQumYibmPMfOs","user_id":"8665773620","username":"Anymeans_bot","first_name":"Common wealth","last_name":"","chat":{"chat_id":"6786796559","title":"","type":"private","bot_is":"member","total_users":2,"active_members":null,"admins":null},"pending_messages":1}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"md5":"da9cc4f6b08bf7bc6fe4ef3030d3276f","sha1":"8b8be19376a85b89c0b18d4341817f23123b056a","sha256":"1eadac59a74425a7a8817c9ab8612ad2dd2fb9ac682d36d2a8378d5eef36bf85","sha512":"b7701ebb9c5e3a1517199ce08dce1fe4f14432dd0cfabec9b94a8fa55d42a8a7d1fdf1f62ffddf0f5661dedd0cb07ecb96097c4afa8cfe8727030566c1df5ce4","size":2505,"token":"8665773620:AAGmY96BOBJis4GORsGditxQumYibmPMfOs","is_revoked":false,"bot":{"token":"8665773620:AAGmY96BOBJis4GORsGditxQumYibmPMfOs","user_id":"8665773620","username":"Anymeans_bot","first_name":"Common wealth","last_name":"","chat":{"chat_id":"6786796559","title":"","type":"private","bot_is":"member","total_users":2,"active_members":null,"admins":null},"pending_messages":1}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"md5":"da9cc4f6b08bf7bc6fe4ef3030d3276f","sha1":"8b8be19376a85b89c0b18d4341817f23123b056a","sha256":"1eadac59a74425a7a8817c9ab8612ad2dd2fb9ac682d36d2a8378d5eef36bf85","sha512":"b7701ebb9c5e3a1517199ce08dce1fe4f14432dd0cfabec9b94a8fa55d42a8a7d1fdf1f62ffddf0f5661dedd0cb07ecb96097c4afa8cfe8727030566c1df5ce4","size":2505,"token":"8665773620:AAGmY96BOBJis4GORsGditxQumYibmPMfOs","is_revoked":false,"bot":{"token":"8665773620:AAGmY96BOBJis4GORsGditxQumYibmPMfOs","user_id":"8665773620","username":"Anymeans_bot","first_name":"Common wealth","last_name":"","chat":{"chat_id":"6786796559","title":"","type":"private","bot_is":"member","total_users":2,"active_members":null,"admins":null},"pending_messages":1}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"md5":"da9cc4f6b08bf7bc6fe4ef3030d3276f","sha1":"8b8be19376a85b89c0b18d4341817f23123b056a","sha256":"1eadac59a74425a7a8817c9ab8612ad2dd2fb9ac682d36d2a8378d5eef36bf85","sha512":"b7701ebb9c5e3a1517199ce08dce1fe4f14432dd0cfabec9b94a8fa55d42a8a7d1fdf1f62ffddf0f5661dedd0cb07ecb96097c4afa8cfe8727030566c1df5ce4","size":2505,"token":"8665773620:AAGmY96BOBJis4GORsGditxQumYibmPMfOs","is_revoked":false,"bot":{"token":"8665773620:AAGmY96BOBJis4GORsGditxQumYibmPMfOs","user_id":"8665773620","username":"Anymeans_bot","first_name":"Common wealth","last_name":"","chat":{"chat_id":"6786796559","title":"","type":"private","bot_is":"member","total_users":2,"active_members":null,"admins":null},"pending_messages":1}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"md5":"da9cc4f6b08bf7bc6fe4ef3030d3276f","sha1":"8b8be19376a85b89c0b18d4341817f23123b056a","sha256":"1eadac59a74425a7a8817c9ab8612ad2dd2fb9ac682d36d2a8378d5eef36bf85","sha512":"b7701ebb9c5e3a1517199ce08dce1fe4f14432dd0cfabec9b94a8fa55d42a8a7d1fdf1f62ffddf0f5661dedd0cb07ecb96097c4afa8cfe8727030566c1df5ce4","size":2505,"token":"8665773620:AAGmY96BOBJis4GORsGditxQumYibmPMfOs","is_revoked":false,"bot":{"token":"8665773620:AAGmY96BOBJis4GORsGditxQumYibmPMfOs","user_id":"8665773620","username":"Anymeans_bot","first_name":"Common wealth","last_name":"","chat":{"chat_id":"6786796559","title":"","type":"private","bot_is":"member","total_users":2,"active_members":null,"admins":null},"pending_messages":1}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"md5":"da9cc4f6b08bf7bc6fe4ef3030d3276f","sha1":"8b8be19376a85b89c0b18d4341817f23123b056a","sha256":"1eadac59a74425a7a8817c9ab8612ad2dd2fb9ac682d36d2a8378d5eef36bf85","sha512":"b7701ebb9c5e3a1517199ce08dce1fe4f14432dd0cfabec9b94a8fa55d42a8a7d1fdf1f62ffddf0f5661dedd0cb07ecb96097c4afa8cfe8727030566c1df5ce4","size":2505,"token":"8665773620:AAGmY96BOBJis4GORsGditxQumYibmPMfOs","is_revoked":false,"bot":{"token":"8665773620:AAGmY96BOBJis4GORsGditxQumYibmPMfOs","user_id":"8665773620","username":"Anymeans_bot","first_name":"Common wealth","last_name":"","chat":{"chat_id":"6786796559","title":"","type":"private","bot_is":"member","total_users":2,"active_members":null,"admins":null},"pending_messages":1}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"md5":"da9cc4f6b08bf7bc6fe4ef3030d3276f","sha1":"8b8be19376a85b89c0b18d4341817f23123b056a","sha256":"1eadac59a74425a7a8817c9ab8612ad2dd2fb9ac682d36d2a8378d5eef36bf85","sha512":"b7701ebb9c5e3a1517199ce08dce1fe4f14432dd0cfabec9b94a8fa55d42a8a7d1fdf1f62ffddf0f5661dedd0cb07ecb96097c4afa8cfe8727030566c1df5ce4","size":2505,"token":"8665773620:AAGmY96BOBJis4GORsGditxQumYibmPMfOs","is_revoked":false,"bot":{"token":"8665773620:AAGmY96BOBJis4GORsGditxQumYibmPMfOs","user_id":"8665773620","username":"Anymeans_bot","first_name":"Common wealth","last_name":"","chat":{"chat_id":"6786796559","title":"","type":"private","bot_is":"member","total_users":2,"active_members":null,"admins":null},"pending_messages":1}}],"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Commonwealth Bank","verdict":"phishing","severity":"medium","comment":"Associated with Commonwealth Bank phishing","tags":["commonwealth_bank","financial","phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-06-27T19:13:52.132726Z","times_seen":230315,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/index_files/smartbanner.d1197ec1675a985d0591d2083729fe1a.js.download","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d1197ec1675a985d0591d2083729fe1a","sha1":"cc588442ff5d3953f968e454b13c6acd905537f7","sha256":"08df99ec4d261b66ad39c6b65776c83fc7d66591d0fbb466fe0950737db57bfc","sha512":"945a5f2695a25d42da38409c9484cac58910208f57a492bcecbc9352952277c45b33ec941acb9e6adfd241f420681e3c784e3d5c36b9c06074d23eded36ca702","ssdeep":"192:OkdYKNV4WoLTR7jI+kiUdOqDuh20VAk98OgLu+:TdVRo98+Xk9yJTr+","tlshash":"94f1534a7a91172981e794ed200f254e14b2f33fd5a0905f38a0cbfad57590b90e7b7e","size":7524,"data":"","first_seen":"2023-03-08T01:30:16Z","last_seen":"2026-06-24T10:18:04.546626Z","times_seen":817,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"d75c54be450eb937cb1a3e63aa51fcd8","sha1":"fffa5189aa5594af81596215a0882a1c069b6d71","sha256":"513c00559d8c638b095367931b4f5b4f7e72c11ed1df418564bc4a2bb81fca1a","sha512":"999b2db00778d9c873c92408b9d7b576d00488e4bc51a929f28da77a3227e9859c690ef97d457b78614fb73e01b4fbd8884e37c550b397bcf2249e265a4e2b42","ssdeep":"","tlshash":"79e022c2bc4f760de316c093006b0358b141b9b6a4868fa9f476e830266cdcb8a68f95","size":400,"data":"","first_seen":"2023-04-11T21:25:23Z","last_seen":"2026-06-24T10:18:04.547275Z","times_seen":401,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"273cbb6ebf727be53ff615853ea3b2dd","sha1":"0de3bd90851890e5dab9cd2d73acebbe4203654e","sha256":"28bd6a370e0dcdb12112ca7c22235658b9d5b3d86dc88a33e6917387ca752c5c","sha512":"f9f4902beb2a61c42b05910b7aaede2021d0d0dfe3b038387a194de9a3d8cd3437c8c84be250b8b09b30e4a70730f962eb310158aa27f0718a3d38333f1ffe11","ssdeep":"","tlshash":"fef0e593709fed8c63d8109341af8692d220ad7684b00c6ec170f93116ac297fd20af5","size":444,"data":"","first_seen":"2023-04-11T21:25:23Z","last_seen":"2026-06-26T17:10:08.190601Z","times_seen":1515,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/index_files/trackingbootstrap.27ddcbdd352e9113971be193e1c5622e.js.download","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"27ddcbdd352e9113971be193e1c5622e","sha1":"bdae19cff839877be741782813f6ea81534358e2","sha256":"0d2ddec0d9a1f136483ee0f8f5c2dc1f02bfb402ee885dfd4731ef0356d02004","sha512":"47b1d271ad4e736ecf97421c105e758a11441ed90a4040504ba4a0b9c0be6c72343b9b6dca54846c12e2fae8cd9f2d4ce871f64b6d80f94ea7daa3ffe80e35b8","ssdeep":"768:ScbdLVNhqgQRb60fNvdpNCLweKbwaMqR1RGB8YJilcX3yh83HD2j/43s8wzm2D:ZLVNhwH5NZMo1RGelcX3yh83HD2jB8wr","tlshash":"59031a02b3d2493701ba1016726ff306e1f5e96b6ec0d8a0c646d4b066add7b743bf99","size":40758,"data":"","first_seen":"2026-03-04T19:24:36.721383Z","last_seen":"2026-06-24T10:18:04.544691Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/index_files/metrics.68005ee68f518241e358a6a372717995.js.download","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"68005ee68f518241e358a6a372717995","sha1":"2b3ec45f7211793cd0a0a82b06b371cee7b2984b","sha256":"d2c4f57af86150f90dccff337dd4b6682f43076055a26f2b0df6307aa2a8dfd9","sha512":"c24cc6e71f73ab515050bb8647481c353861220e8821fdedaf60f0205e533989bac39643ba6a77eb37942af97d859b5a16296fa7af6dc30a85d00e2c744577f7","ssdeep":"384:ex9+EEYDbpWt66u87WdE35ZErqHHaHx5HDOe4:E9+EEYDV87QELqKgvie4","tlshash":"d942728835debc8a2331b47e559f3417619ffc947518da86c032d6e23ae0b056a1fe9c","size":13112,"data":"","first_seen":"2026-03-04T19:24:36.72422Z","last_seen":"2026-06-24T10:18:04.533338Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"fcfdbe7618990c75625208257c0be6fc","sha1":"ff955697663bf34c6257adb7e8e7896e8f793fba","sha256":"08909a1ec2be2a86c7efba76b5161a534a9705b2d73c1ea9d7c65cfea4f54797","sha512":"25573cac2a28cbeff13e32fb230af87e57fadf2833a016b00209178f550aa001d49803d025a2012a32532ab4750dda36bc9a28111efe13384e059e4475cb2bd2","ssdeep":"","tlshash":"a2a022cc3ec3238a0330b03e808bc0e0e80fc80a000000e022083f8c3c08f2083088ca","size":71,"data":"","first_seen":"2026-06-24T01:57:07.913288Z","last_seen":"2026-06-24T10:18:04.548628Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"da9cc4f6b08bf7bc6fe4ef3030d3276f","sha1":"8b8be19376a85b89c0b18d4341817f23123b056a","sha256":"1eadac59a74425a7a8817c9ab8612ad2dd2fb9ac682d36d2a8378d5eef36bf85","sha512":"b7701ebb9c5e3a1517199ce08dce1fe4f14432dd0cfabec9b94a8fa55d42a8a7d1fdf1f62ffddf0f5661dedd0cb07ecb96097c4afa8cfe8727030566c1df5ce4","ssdeep":"","tlshash":"a851f092379c647845eb3bb6a56de284253ec0336c00a962bc7cdc1a4f61c691639dd8","size":2505,"data":"","first_seen":"2026-06-24T01:57:07.917892Z","last_seen":"2026-06-24T10:18:04.550093Z","times_seen":2,"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-06-24","alert":"Detects file containing Telegram Bot API","trigger":"commonwealth.biz.id/","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"fd240912598ca0047285f4385abbc57d","sha1":"d63dc976bdbff42416d4b4c492d815221e73e2c4","sha256":"c02f577381a0024d4931b7f837a4c57926c7b6301899299af60a03158d577a41","sha512":"1f67547389a6ad1a15b6753cc7732d4884924ec0f49e012c96ead37252ad887a0fc543fecb4582195f6ef29eb70fee1986666412765805b6497a1e2861064260","ssdeep":"","tlshash":"e2b0127330d18ef5ccdb27ba3215e19559750008140420500a1c0a91d011b950391b45","size":104,"data":"","first_seen":"2026-06-24T01:57:07.922793Z","last_seen":"2026-06-24T10:18:04.551612Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"6aff614ce99371b15d9067124a594f13","sha1":"8f1f205bba4256ea184f72f18c745854f85d6d81","sha256":"0c0b813769ca020605917eca6a1d3340b80b8d39f22f4ffe19ac1cdf27a5c2ed","sha512":"feaa3c4e174a70c04a8724768bdb40d6fdc6af4dd864b8d45e0573e7c3eb6eb0d14edde46196370fc4e85344d00535b99278f0357cd3a6e919157e839c615e73","ssdeep":"","tlshash":"b4d0a9e330016c780fcf8aa2e831e2a7a72088015c276060c9484c0ee2a388320edcaa","size":211,"data":"","first_seen":"2026-06-24T01:57:07.924463Z","last_seen":"2026-06-24T10:18:04.552986Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"9599959f4c541aba303dcaa332d29295","sha1":"3f0bfa964f5ec7002aed3f8468ad1df6eb4630f1","sha256":"8afc65fc40b7c32406a40d039c8187b4b2cc9997044c3f9172359555c247bcd1","sha512":"df99dd28d5c975c235aaf4060a72cea1ba7567e342cd01982fe56b4dad09e7dcbdb3af8f8f741e75f9ca66cb8f39d54098bab1d7729c93c4c1d6bbbe647c970e","ssdeep":"","tlshash":"99a022202020c28f2800003020b8feb2acbff0bec200a88a03cfec0c8022ce0030ce80","size":86,"data":"","first_seen":"2026-06-24T01:57:07.931009Z","last_seen":"2026-06-24T10:18:04.554301Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"eee1b61fff3a644051a83b5f36404132","sha1":"8ad66ce2f48c257d3242d43a386c70051f869ed1","sha256":"591ab67f920ad3544ca179bc3914d96a50bab5d138ddd9c0bdb23d64d314295f","sha512":"857c1d2bdd67344eef6fc05ac280d974f576a1422c289a9e5bfaa6251e6f89b276fe373f65d4f34b23eb70e61787babccca3ef4229d04a8181e59c61ef3b0675","ssdeep":"","tlshash":"36f09eede6fb087e021530ba9485d00f5276ec731c0a54a1c5c60fad30b497a033dd46","size":475,"data":"","first_seen":"2026-06-24T01:57:07.933306Z","last_seen":"2026-06-24T10:18:04.555985Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"aa4e17aa70077772acc94863d7e8230b","sha1":"279c8e6732fd4576d0ca85cece2a40a07e9f0ca4","sha256":"7871bd98a9fa44b5b771eb36bb6a9a8a1d06ebeb7e03114d08bc9301a42a9de5","sha512":"455d8c1daef8cd317f3f5ea9d666bb223be6ed091051ed9f347cef1d84b4663d0290b3b54bbec0f607b2a51c3314b0a0ec96ce97cc98f8e059e37c6d41c5df1e","ssdeep":"","tlshash":"7401b1a8afff347546b670376a64729c79bde0b2340854529ddc4d0845a8e09222ef96","size":777,"data":"","first_seen":"2026-06-24T01:57:07.935328Z","last_seen":"2026-06-24T10:18:04.557253Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"6e5e7fabdf13bb3ece7d6900ec3bf92e","sha1":"5912955d89d7e87c652a6ad5f75f5e080d19a021","sha256":"b53539c0d78ab033c83463eca285b35abeb77aa4f7dacb16f14655980ec4a3c6","sha512":"f16b2afe5ee95863b855bd604269f6a7f3ea0980ce5a97f00be3d22b1409077108de5c9c32858d4a274bc4116ae201a706f9927f2e8c76f394c89fe398ad292d","ssdeep":"","tlshash":"d3e0cd2775042a744472b67236cf77495d771346640158c4c81429587b75c1b717edd6","size":300,"data":"","first_seen":"2026-06-24T01:57:07.937176Z","last_seen":"2026-06-24T10:18:04.55861Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"d847246ed8553e9d322302de765702cb","sha1":"4fe53111eb2fb0461c56843af8c63de1cf2068cf","sha256":"718a9dd8ea217750460320aaf393ce0ed31e0d3cc86c910ebd93e33ca93869c3","sha512":"1db50dd6b24d0b0c7eb159e0e2f21c169448c058c1f79f753f63d3ede69f2517b7f481dd100f07bc4cdfd9a3d0aace95883a61a3d26b8fd68587c298b0433e41","ssdeep":"","tlshash":"3c31edc5df156b3f875a539e240b490d68e85801c2c9497adcecc8a224fb0c9f27a369","size":1651,"data":"","first_seen":"2026-06-24T01:57:07.93897Z","last_seen":"2026-06-24T10:18:04.560033Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"0c5cdd630c00006d13d9c1a90d15a5f4","sha1":"c49750d4bd76fa556974357202228163a0c96168","sha256":"f2cbd262e00880e539351e4c41bcfa301f625a22895be40a0c47df289c53edce","sha512":"fc0727f1a90700718e83e32472fc75e20432cec286b07147b5b3fa33853376645ca542d9e1a837586a78c2e3a4ad5e414aef11d59243984faf2947ebdd37ebf9","ssdeep":"","tlshash":"4e11c4763b296534c6d5514b317ee7a93d3260617a02a144c36cdc355d2ce8714dfcbe","size":921,"data":"","first_seen":"2026-06-24T01:57:07.941057Z","last_seen":"2026-06-24T10:18:04.561653Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.commbank.com.au/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"www.commbank.com.au","domain":"commbank.com.au","tld":"com.au"},"ip":{"addr":"162.159.141.172","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"16367028647b345b17330df9752f5bc7","sha1":"8186ff00d0679b9f2f2656fbe02c7870fb27ec5e","sha256":"5a9e3b9af99ee15f3108e0eb582ca0e49323e62a37b38210ff4b0003ac0e3f5b","sha512":"31ac1072c154a448ab2864a1c9aef66991e2dc776ff4165d78c2e61b2ee946e58d1e21da7806acc4b79716eee53f95a539978583978e2bfa6114b7ab74bb12e6","ssdeep":"384:+B3WF4+lj3dxyoywy6yasXmyJnIuG+jBR7a+4PC0pYAiPAd7MApSYL+ABaRadLur:+BUHLR9MmxZU2K","tlshash":"0e92a68d7ee2b04d53ea9434045b30cbf1affc446d6c151cc930eaa2fce27465a5a9a9","size":21139,"data":"","first_seen":"2026-06-24T10:18:04.542087Z","last_seen":"2026-06-24T10:39:38.877989Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"eventHandler","is_inline":false,"md5":"bf14a2b0bc19cc8f55b8ece5dc0f4bf0","sha1":"d6eeaf3cf9ba292b47918f6ad4afa7f2288939f6","sha256":"d57daeec2ee590950f08fee215df88fb8ca5af2dc3606d628652517e1f32182b","sha512":"1ad4be1a0e8484ceefe19ee54be3da074bceca9c9a934daaf9ec960766e7c8e270fc005bc7e6bca630fbccc76c2a0f2625377ce26f354b5cb1cfc6ac1c180b1b","ssdeep":"","tlshash":"589002236d31d06898805590c4b0c522c41854927640e555b994085c82a125f093027f","size":55,"data":"","first_seen":"2023-05-05T01:25:43Z","last_seen":"2026-06-24T10:18:04.562898Z","times_seen":47,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"fcfdbe7618990c75625208257c0be6fc","sha1":"ff955697663bf34c6257adb7e8e7896e8f793fba","sha256":"08909a1ec2be2a86c7efba76b5161a534a9705b2d73c1ea9d7c65cfea4f54797","sha512":"25573cac2a28cbeff13e32fb230af87e57fadf2833a016b00209178f550aa001d49803d025a2012a32532ab4750dda36bc9a28111efe13384e059e4475cb2bd2","ssdeep":"","tlshash":"a2a022cc3ec3238a0330b03e808bc0e0e80fc80a000000e022083f8c3c08f2083088ca","size":71,"data":"","first_seen":"2026-06-24T01:57:07.913288Z","last_seen":"2026-06-24T10:18:04.548628Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"da9cc4f6b08bf7bc6fe4ef3030d3276f","sha1":"8b8be19376a85b89c0b18d4341817f23123b056a","sha256":"1eadac59a74425a7a8817c9ab8612ad2dd2fb9ac682d36d2a8378d5eef36bf85","sha512":"b7701ebb9c5e3a1517199ce08dce1fe4f14432dd0cfabec9b94a8fa55d42a8a7d1fdf1f62ffddf0f5661dedd0cb07ecb96097c4afa8cfe8727030566c1df5ce4","ssdeep":"","tlshash":"a851f092379c647845eb3bb6a56de284253ec0336c00a962bc7cdc1a4f61c691639dd8","size":2505,"data":"","first_seen":"2026-06-24T01:57:07.917892Z","last_seen":"2026-06-24T10:18:04.550093Z","times_seen":2,"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-06-24","alert":"Detects file containing Telegram Bot API","trigger":"commonwealth.biz.id/","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"fd240912598ca0047285f4385abbc57d","sha1":"d63dc976bdbff42416d4b4c492d815221e73e2c4","sha256":"c02f577381a0024d4931b7f837a4c57926c7b6301899299af60a03158d577a41","sha512":"1f67547389a6ad1a15b6753cc7732d4884924ec0f49e012c96ead37252ad887a0fc543fecb4582195f6ef29eb70fee1986666412765805b6497a1e2861064260","ssdeep":"","tlshash":"e2b0127330d18ef5ccdb27ba3215e19559750008140420500a1c0a91d011b950391b45","size":104,"data":"","first_seen":"2026-06-24T01:57:07.922793Z","last_seen":"2026-06-24T10:18:04.551612Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"6aff614ce99371b15d9067124a594f13","sha1":"8f1f205bba4256ea184f72f18c745854f85d6d81","sha256":"0c0b813769ca020605917eca6a1d3340b80b8d39f22f4ffe19ac1cdf27a5c2ed","sha512":"feaa3c4e174a70c04a8724768bdb40d6fdc6af4dd864b8d45e0573e7c3eb6eb0d14edde46196370fc4e85344d00535b99278f0357cd3a6e919157e839c615e73","ssdeep":"","tlshash":"b4d0a9e330016c780fcf8aa2e831e2a7a72088015c276060c9484c0ee2a388320edcaa","size":211,"data":"","first_seen":"2026-06-24T01:57:07.924463Z","last_seen":"2026-06-24T10:18:04.552986Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"9599959f4c541aba303dcaa332d29295","sha1":"3f0bfa964f5ec7002aed3f8468ad1df6eb4630f1","sha256":"8afc65fc40b7c32406a40d039c8187b4b2cc9997044c3f9172359555c247bcd1","sha512":"df99dd28d5c975c235aaf4060a72cea1ba7567e342cd01982fe56b4dad09e7dcbdb3af8f8f741e75f9ca66cb8f39d54098bab1d7729c93c4c1d6bbbe647c970e","ssdeep":"","tlshash":"99a022202020c28f2800003020b8feb2acbff0bec200a88a03cfec0c8022ce0030ce80","size":86,"data":"","first_seen":"2026-06-24T01:57:07.931009Z","last_seen":"2026-06-24T10:18:04.554301Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"eee1b61fff3a644051a83b5f36404132","sha1":"8ad66ce2f48c257d3242d43a386c70051f869ed1","sha256":"591ab67f920ad3544ca179bc3914d96a50bab5d138ddd9c0bdb23d64d314295f","sha512":"857c1d2bdd67344eef6fc05ac280d974f576a1422c289a9e5bfaa6251e6f89b276fe373f65d4f34b23eb70e61787babccca3ef4229d04a8181e59c61ef3b0675","ssdeep":"","tlshash":"36f09eede6fb087e021530ba9485d00f5276ec731c0a54a1c5c60fad30b497a033dd46","size":475,"data":"","first_seen":"2026-06-24T01:57:07.933306Z","last_seen":"2026-06-24T10:18:04.555985Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"aa4e17aa70077772acc94863d7e8230b","sha1":"279c8e6732fd4576d0ca85cece2a40a07e9f0ca4","sha256":"7871bd98a9fa44b5b771eb36bb6a9a8a1d06ebeb7e03114d08bc9301a42a9de5","sha512":"455d8c1daef8cd317f3f5ea9d666bb223be6ed091051ed9f347cef1d84b4663d0290b3b54bbec0f607b2a51c3314b0a0ec96ce97cc98f8e059e37c6d41c5df1e","ssdeep":"","tlshash":"7401b1a8afff347546b670376a64729c79bde0b2340854529ddc4d0845a8e09222ef96","size":777,"data":"","first_seen":"2026-06-24T01:57:07.935328Z","last_seen":"2026-06-24T10:18:04.557253Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"6e5e7fabdf13bb3ece7d6900ec3bf92e","sha1":"5912955d89d7e87c652a6ad5f75f5e080d19a021","sha256":"b53539c0d78ab033c83463eca285b35abeb77aa4f7dacb16f14655980ec4a3c6","sha512":"f16b2afe5ee95863b855bd604269f6a7f3ea0980ce5a97f00be3d22b1409077108de5c9c32858d4a274bc4116ae201a706f9927f2e8c76f394c89fe398ad292d","ssdeep":"","tlshash":"d3e0cd2775042a744472b67236cf77495d771346640158c4c81429587b75c1b717edd6","size":300,"data":"","first_seen":"2026-06-24T01:57:07.937176Z","last_seen":"2026-06-24T10:18:04.55861Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"d847246ed8553e9d322302de765702cb","sha1":"4fe53111eb2fb0461c56843af8c63de1cf2068cf","sha256":"718a9dd8ea217750460320aaf393ce0ed31e0d3cc86c910ebd93e33ca93869c3","sha512":"1db50dd6b24d0b0c7eb159e0e2f21c169448c058c1f79f753f63d3ede69f2517b7f481dd100f07bc4cdfd9a3d0aace95883a61a3d26b8fd68587c298b0433e41","ssdeep":"","tlshash":"3c31edc5df156b3f875a539e240b490d68e85801c2c9497adcecc8a224fb0c9f27a369","size":1651,"data":"","first_seen":"2026-06-24T01:57:07.93897Z","last_seen":"2026-06-24T10:18:04.560033Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"0c5cdd630c00006d13d9c1a90d15a5f4","sha1":"c49750d4bd76fa556974357202228163a0c96168","sha256":"f2cbd262e00880e539351e4c41bcfa301f625a22895be40a0c47df289c53edce","sha512":"fc0727f1a90700718e83e32472fc75e20432cec286b07147b5b3fa33853376645ca542d9e1a837586a78c2e3a4ad5e414aef11d59243984faf2947ebdd37ebf9","ssdeep":"","tlshash":"4e11c4763b296534c6d5514b317ee7a93d3260617a02a144c36cdc355d2ce8714dfcbe","size":921,"data":"","first_seen":"2026-06-24T01:57:07.941057Z","last_seen":"2026-06-24T10:18:04.561653Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"c6381e0f9a8a9bd56dd094e45fa82b26","sha1":"9ffba09a12bcd8fe6950a1b5bd3932f589546777","sha256":"a6c8d5d92fb5909decb20bfbe7e52aa5bba311db74af43d40fda908f81e2a061","sha512":"71ec99def56d58ea57d57d218f212277726c5b25b565ac39039107f0a01fd1a6e3a044ba6f8b9263dbc770fe95d1e8a56a1b25ae1d6a3d292a05b92665291169","ssdeep":"","tlshash":"5ad0a7d62eb101bd60f2ba53b0db4b3992d56d3112a44a6ac22cc0a75b98643b45551d","size":228,"data":"","first_seen":"2023-04-11T21:25:23Z","last_seen":"2026-06-24T10:18:04.564133Z","times_seen":109,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"fcfdbe7618990c75625208257c0be6fc","sha1":"ff955697663bf34c6257adb7e8e7896e8f793fba","sha256":"08909a1ec2be2a86c7efba76b5161a534a9705b2d73c1ea9d7c65cfea4f54797","sha512":"25573cac2a28cbeff13e32fb230af87e57fadf2833a016b00209178f550aa001d49803d025a2012a32532ab4750dda36bc9a28111efe13384e059e4475cb2bd2","ssdeep":"","tlshash":"a2a022cc3ec3238a0330b03e808bc0e0e80fc80a000000e022083f8c3c08f2083088ca","size":71,"data":"","first_seen":"2026-06-24T01:57:07.913288Z","last_seen":"2026-06-24T10:18:04.548628Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"da9cc4f6b08bf7bc6fe4ef3030d3276f","sha1":"8b8be19376a85b89c0b18d4341817f23123b056a","sha256":"1eadac59a74425a7a8817c9ab8612ad2dd2fb9ac682d36d2a8378d5eef36bf85","sha512":"b7701ebb9c5e3a1517199ce08dce1fe4f14432dd0cfabec9b94a8fa55d42a8a7d1fdf1f62ffddf0f5661dedd0cb07ecb96097c4afa8cfe8727030566c1df5ce4","ssdeep":"","tlshash":"a851f092379c647845eb3bb6a56de284253ec0336c00a962bc7cdc1a4f61c691639dd8","size":2505,"data":"","first_seen":"2026-06-24T01:57:07.917892Z","last_seen":"2026-06-24T10:18:04.550093Z","times_seen":2,"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-06-24","alert":"Detects file containing Telegram Bot API","trigger":"commonwealth.biz.id/","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"fd240912598ca0047285f4385abbc57d","sha1":"d63dc976bdbff42416d4b4c492d815221e73e2c4","sha256":"c02f577381a0024d4931b7f837a4c57926c7b6301899299af60a03158d577a41","sha512":"1f67547389a6ad1a15b6753cc7732d4884924ec0f49e012c96ead37252ad887a0fc543fecb4582195f6ef29eb70fee1986666412765805b6497a1e2861064260","ssdeep":"","tlshash":"e2b0127330d18ef5ccdb27ba3215e19559750008140420500a1c0a91d011b950391b45","size":104,"data":"","first_seen":"2026-06-24T01:57:07.922793Z","last_seen":"2026-06-24T10:18:04.551612Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"6aff614ce99371b15d9067124a594f13","sha1":"8f1f205bba4256ea184f72f18c745854f85d6d81","sha256":"0c0b813769ca020605917eca6a1d3340b80b8d39f22f4ffe19ac1cdf27a5c2ed","sha512":"feaa3c4e174a70c04a8724768bdb40d6fdc6af4dd864b8d45e0573e7c3eb6eb0d14edde46196370fc4e85344d00535b99278f0357cd3a6e919157e839c615e73","ssdeep":"","tlshash":"b4d0a9e330016c780fcf8aa2e831e2a7a72088015c276060c9484c0ee2a388320edcaa","size":211,"data":"","first_seen":"2026-06-24T01:57:07.924463Z","last_seen":"2026-06-24T10:18:04.552986Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"9599959f4c541aba303dcaa332d29295","sha1":"3f0bfa964f5ec7002aed3f8468ad1df6eb4630f1","sha256":"8afc65fc40b7c32406a40d039c8187b4b2cc9997044c3f9172359555c247bcd1","sha512":"df99dd28d5c975c235aaf4060a72cea1ba7567e342cd01982fe56b4dad09e7dcbdb3af8f8f741e75f9ca66cb8f39d54098bab1d7729c93c4c1d6bbbe647c970e","ssdeep":"","tlshash":"99a022202020c28f2800003020b8feb2acbff0bec200a88a03cfec0c8022ce0030ce80","size":86,"data":"","first_seen":"2026-06-24T01:57:07.931009Z","last_seen":"2026-06-24T10:18:04.554301Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"eee1b61fff3a644051a83b5f36404132","sha1":"8ad66ce2f48c257d3242d43a386c70051f869ed1","sha256":"591ab67f920ad3544ca179bc3914d96a50bab5d138ddd9c0bdb23d64d314295f","sha512":"857c1d2bdd67344eef6fc05ac280d974f576a1422c289a9e5bfaa6251e6f89b276fe373f65d4f34b23eb70e61787babccca3ef4229d04a8181e59c61ef3b0675","ssdeep":"","tlshash":"36f09eede6fb087e021530ba9485d00f5276ec731c0a54a1c5c60fad30b497a033dd46","size":475,"data":"","first_seen":"2026-06-24T01:57:07.933306Z","last_seen":"2026-06-24T10:18:04.555985Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"aa4e17aa70077772acc94863d7e8230b","sha1":"279c8e6732fd4576d0ca85cece2a40a07e9f0ca4","sha256":"7871bd98a9fa44b5b771eb36bb6a9a8a1d06ebeb7e03114d08bc9301a42a9de5","sha512":"455d8c1daef8cd317f3f5ea9d666bb223be6ed091051ed9f347cef1d84b4663d0290b3b54bbec0f607b2a51c3314b0a0ec96ce97cc98f8e059e37c6d41c5df1e","ssdeep":"","tlshash":"7401b1a8afff347546b670376a64729c79bde0b2340854529ddc4d0845a8e09222ef96","size":777,"data":"","first_seen":"2026-06-24T01:57:07.935328Z","last_seen":"2026-06-24T10:18:04.557253Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"6e5e7fabdf13bb3ece7d6900ec3bf92e","sha1":"5912955d89d7e87c652a6ad5f75f5e080d19a021","sha256":"b53539c0d78ab033c83463eca285b35abeb77aa4f7dacb16f14655980ec4a3c6","sha512":"f16b2afe5ee95863b855bd604269f6a7f3ea0980ce5a97f00be3d22b1409077108de5c9c32858d4a274bc4116ae201a706f9927f2e8c76f394c89fe398ad292d","ssdeep":"","tlshash":"d3e0cd2775042a744472b67236cf77495d771346640158c4c81429587b75c1b717edd6","size":300,"data":"","first_seen":"2026-06-24T01:57:07.937176Z","last_seen":"2026-06-24T10:18:04.55861Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"d847246ed8553e9d322302de765702cb","sha1":"4fe53111eb2fb0461c56843af8c63de1cf2068cf","sha256":"718a9dd8ea217750460320aaf393ce0ed31e0d3cc86c910ebd93e33ca93869c3","sha512":"1db50dd6b24d0b0c7eb159e0e2f21c169448c058c1f79f753f63d3ede69f2517b7f481dd100f07bc4cdfd9a3d0aace95883a61a3d26b8fd68587c298b0433e41","ssdeep":"","tlshash":"3c31edc5df156b3f875a539e240b490d68e85801c2c9497adcecc8a224fb0c9f27a369","size":1651,"data":"","first_seen":"2026-06-24T01:57:07.93897Z","last_seen":"2026-06-24T10:18:04.560033Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"0c5cdd630c00006d13d9c1a90d15a5f4","sha1":"c49750d4bd76fa556974357202228163a0c96168","sha256":"f2cbd262e00880e539351e4c41bcfa301f625a22895be40a0c47df289c53edce","sha512":"fc0727f1a90700718e83e32472fc75e20432cec286b07147b5b3fa33853376645ca542d9e1a837586a78c2e3a4ad5e414aef11d59243984faf2947ebdd37ebf9","ssdeep":"","tlshash":"4e11c4763b296534c6d5514b317ee7a93d3260617a02a144c36cdc355d2ce8714dfcbe","size":921,"data":"","first_seen":"2026-06-24T01:57:07.941057Z","last_seen":"2026-06-24T10:18:04.561653Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-06-27T19:13:52.132726Z","times_seen":230315,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.my.commbank.com.au/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"www.my.commbank.com.au","domain":"commbank.com.au","tld":"com.au"},"ip":{"addr":"162.159.141.172","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2228c01d62f502e2d8da062de1aa5064","sha1":"b65812e08f865992c44113ecc4e4ba24ec6ddd20","sha256":"b416cd45ef17b30060400901860e92d3104261cc2eadbd40c90c982f56afa8a8","sha512":"fc97507143e47e5615703146d5a0a08443918e480aaaa55724079a168c13cf4cf203ee5b37c1041c3a73d0ea168a9ffca3dd17a03ce1a4fa99837afb6eb184fd","ssdeep":"384:K4WBh2WDfwEmzCk2uWxcb2sU1q203J2U5C2/xvUawYgSFN3boO0y:+P2yCkuWE3Hw1QcO0y","tlshash":"2c92c6877ccab09e0376707a056f71caa71fadf46089c94ed160d9b0bce170895dbda8","size":20806,"data":"","first_seen":"2026-06-24T09:38:32.69004Z","last_seen":"2026-06-24T10:22:46.73441Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/index_files/saved_resource(1).html","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"a3ff694f253e2a37507a1b8537057c0b","sha1":"22c5d6d0a7d9a0e311e4086bbdde11f51ba39e13","sha256":"20d304e00917c30d2ebf526fb3312b6eb2e55b9419c88c8e52b9aad981dabbb9","sha512":"28987314e168ca7a726a84de4a1e5f90fb20538c48ba0c10cf7ba06422503583355597e047172a397548145d170c2bbd400bc0f986b995af98a3e19ade6667e4","ssdeep":"","tlshash":"99d09767183488306788010f20b7e3d4222560a02b116a0080cecc2b7a31fc300b1998","size":236,"data":"","first_seen":"2026-06-24T01:57:07.94766Z","last_seen":"2026-06-24T10:18:04.564728Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"3804c3bbe6e3dd2a0f11d7432d213a4e","sha1":"14422cd993e138cf66315d2e2c5d71856f10a8de","sha256":"d55e2418afe8239cda2034887fae6fba28533bd8728ab7f32a905d38c25f2845","sha512":"18ab1c89875ac44b67e207e3394df9df8d203c661d3ca78c4364e994f968aef9f76c91debe27ad18b520950bbc1d34ff4c8146754b89fde467403ced7be468c3","ssdeep":"","tlshash":"f2f027833108981d37f90483e3dbc23290a0886661d41e58d220bcb4601c6f7ec04af5","size":463,"data":"","first_seen":"2023-04-11T21:25:23Z","last_seen":"2026-06-24T10:18:04.566056Z","times_seen":135,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/index_files/core-merge.36971982ebc03a2658d8e51f70007637.js.download","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"36971982ebc03a2658d8e51f70007637","sha1":"389e5799a0321f5fa83d3ac1f14bf86799be4cb2","sha256":"c1366941e76e519a2aa15c50241f44f81528f5c5765f200c420d70e1fd26b893","sha512":"e7e2e4c11f5b55409652b8f3b3bc69902af81bcf4d6796d8464f1e73c69496db36f0ae2338c30573444c6ce82d7bcd7999289f689d8017f434a0f4dd60dd68be","ssdeep":"6144:5yPrdTd8l9Gu/+8l8c89PzeRIaIrGWYPj+wxZiPEc9j2Qa+1:tLp/+8l8NAMPL9s+1","tlshash":"5a84299973d1707a8bfb3075207f6207f276a86645048464f0a9e8e42ebcd48627bf7d","size":400180,"data":"","first_seen":"2023-03-07T16:48:51Z","last_seen":"2026-06-24T10:18:04.526746Z","times_seen":820,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"fcfdbe7618990c75625208257c0be6fc","sha1":"ff955697663bf34c6257adb7e8e7896e8f793fba","sha256":"08909a1ec2be2a86c7efba76b5161a534a9705b2d73c1ea9d7c65cfea4f54797","sha512":"25573cac2a28cbeff13e32fb230af87e57fadf2833a016b00209178f550aa001d49803d025a2012a32532ab4750dda36bc9a28111efe13384e059e4475cb2bd2","ssdeep":"","tlshash":"a2a022cc3ec3238a0330b03e808bc0e0e80fc80a000000e022083f8c3c08f2083088ca","size":71,"data":"","first_seen":"2026-06-24T01:57:07.913288Z","last_seen":"2026-06-24T10:18:04.548628Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"da9cc4f6b08bf7bc6fe4ef3030d3276f","sha1":"8b8be19376a85b89c0b18d4341817f23123b056a","sha256":"1eadac59a74425a7a8817c9ab8612ad2dd2fb9ac682d36d2a8378d5eef36bf85","sha512":"b7701ebb9c5e3a1517199ce08dce1fe4f14432dd0cfabec9b94a8fa55d42a8a7d1fdf1f62ffddf0f5661dedd0cb07ecb96097c4afa8cfe8727030566c1df5ce4","ssdeep":"","tlshash":"a851f092379c647845eb3bb6a56de284253ec0336c00a962bc7cdc1a4f61c691639dd8","size":2505,"data":"","first_seen":"2026-06-24T01:57:07.917892Z","last_seen":"2026-06-24T10:18:04.550093Z","times_seen":2,"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-06-24","alert":"Detects file containing Telegram Bot API","trigger":"commonwealth.biz.id/","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"fd240912598ca0047285f4385abbc57d","sha1":"d63dc976bdbff42416d4b4c492d815221e73e2c4","sha256":"c02f577381a0024d4931b7f837a4c57926c7b6301899299af60a03158d577a41","sha512":"1f67547389a6ad1a15b6753cc7732d4884924ec0f49e012c96ead37252ad887a0fc543fecb4582195f6ef29eb70fee1986666412765805b6497a1e2861064260","ssdeep":"","tlshash":"e2b0127330d18ef5ccdb27ba3215e19559750008140420500a1c0a91d011b950391b45","size":104,"data":"","first_seen":"2026-06-24T01:57:07.922793Z","last_seen":"2026-06-24T10:18:04.551612Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"6aff614ce99371b15d9067124a594f13","sha1":"8f1f205bba4256ea184f72f18c745854f85d6d81","sha256":"0c0b813769ca020605917eca6a1d3340b80b8d39f22f4ffe19ac1cdf27a5c2ed","sha512":"feaa3c4e174a70c04a8724768bdb40d6fdc6af4dd864b8d45e0573e7c3eb6eb0d14edde46196370fc4e85344d00535b99278f0357cd3a6e919157e839c615e73","ssdeep":"","tlshash":"b4d0a9e330016c780fcf8aa2e831e2a7a72088015c276060c9484c0ee2a388320edcaa","size":211,"data":"","first_seen":"2026-06-24T01:57:07.924463Z","last_seen":"2026-06-24T10:18:04.552986Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"9599959f4c541aba303dcaa332d29295","sha1":"3f0bfa964f5ec7002aed3f8468ad1df6eb4630f1","sha256":"8afc65fc40b7c32406a40d039c8187b4b2cc9997044c3f9172359555c247bcd1","sha512":"df99dd28d5c975c235aaf4060a72cea1ba7567e342cd01982fe56b4dad09e7dcbdb3af8f8f741e75f9ca66cb8f39d54098bab1d7729c93c4c1d6bbbe647c970e","ssdeep":"","tlshash":"99a022202020c28f2800003020b8feb2acbff0bec200a88a03cfec0c8022ce0030ce80","size":86,"data":"","first_seen":"2026-06-24T01:57:07.931009Z","last_seen":"2026-06-24T10:18:04.554301Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"eee1b61fff3a644051a83b5f36404132","sha1":"8ad66ce2f48c257d3242d43a386c70051f869ed1","sha256":"591ab67f920ad3544ca179bc3914d96a50bab5d138ddd9c0bdb23d64d314295f","sha512":"857c1d2bdd67344eef6fc05ac280d974f576a1422c289a9e5bfaa6251e6f89b276fe373f65d4f34b23eb70e61787babccca3ef4229d04a8181e59c61ef3b0675","ssdeep":"","tlshash":"36f09eede6fb087e021530ba9485d00f5276ec731c0a54a1c5c60fad30b497a033dd46","size":475,"data":"","first_seen":"2026-06-24T01:57:07.933306Z","last_seen":"2026-06-24T10:18:04.555985Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"aa4e17aa70077772acc94863d7e8230b","sha1":"279c8e6732fd4576d0ca85cece2a40a07e9f0ca4","sha256":"7871bd98a9fa44b5b771eb36bb6a9a8a1d06ebeb7e03114d08bc9301a42a9de5","sha512":"455d8c1daef8cd317f3f5ea9d666bb223be6ed091051ed9f347cef1d84b4663d0290b3b54bbec0f607b2a51c3314b0a0ec96ce97cc98f8e059e37c6d41c5df1e","ssdeep":"","tlshash":"7401b1a8afff347546b670376a64729c79bde0b2340854529ddc4d0845a8e09222ef96","size":777,"data":"","first_seen":"2026-06-24T01:57:07.935328Z","last_seen":"2026-06-24T10:18:04.557253Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"6e5e7fabdf13bb3ece7d6900ec3bf92e","sha1":"5912955d89d7e87c652a6ad5f75f5e080d19a021","sha256":"b53539c0d78ab033c83463eca285b35abeb77aa4f7dacb16f14655980ec4a3c6","sha512":"f16b2afe5ee95863b855bd604269f6a7f3ea0980ce5a97f00be3d22b1409077108de5c9c32858d4a274bc4116ae201a706f9927f2e8c76f394c89fe398ad292d","ssdeep":"","tlshash":"d3e0cd2775042a744472b67236cf77495d771346640158c4c81429587b75c1b717edd6","size":300,"data":"","first_seen":"2026-06-24T01:57:07.937176Z","last_seen":"2026-06-24T10:18:04.55861Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"d847246ed8553e9d322302de765702cb","sha1":"4fe53111eb2fb0461c56843af8c63de1cf2068cf","sha256":"718a9dd8ea217750460320aaf393ce0ed31e0d3cc86c910ebd93e33ca93869c3","sha512":"1db50dd6b24d0b0c7eb159e0e2f21c169448c058c1f79f753f63d3ede69f2517b7f481dd100f07bc4cdfd9a3d0aace95883a61a3d26b8fd68587c298b0433e41","ssdeep":"","tlshash":"3c31edc5df156b3f875a539e240b490d68e85801c2c9497adcecc8a224fb0c9f27a369","size":1651,"data":"","first_seen":"2026-06-24T01:57:07.93897Z","last_seen":"2026-06-24T10:18:04.560033Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"0c5cdd630c00006d13d9c1a90d15a5f4","sha1":"c49750d4bd76fa556974357202228163a0c96168","sha256":"f2cbd262e00880e539351e4c41bcfa301f625a22895be40a0c47df289c53edce","sha512":"fc0727f1a90700718e83e32472fc75e20432cec286b07147b5b3fa33853376645ca542d9e1a837586a78c2e3a4ad5e414aef11d59243984faf2947ebdd37ebf9","ssdeep":"","tlshash":"4e11c4763b296534c6d5514b317ee7a93d3260617a02a144c36cdc355d2ce8714dfcbe","size":921,"data":"","first_seen":"2026-06-24T01:57:07.941057Z","last_seen":"2026-06-24T10:18:04.561653Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/index_files/2a817845.js.download","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"084c250894cab4e3b8730f719b03705a","sha1":"f0c42bd0744cf4342715b676129bd2064997ad0e","sha256":"ab53c67f5b41e359d33d9165304758cd55e48bac40c7d47987bb7736d29b98dd","sha512":"8517fae429c2bbef8c901d57335a9db6fb2313e4c0fb35c9f46697481330db1858a559a0981876c7c44b1ec25d3150c3f1e946d5579c99fa93c900e45454a882","ssdeep":"24576:2VzBAPn8qUm0rp5Ok/fSCHat3jxpBh6oH0:2VzBAf8qUm0rp5Ok/fSCHat3jxpBh6oU","tlshash":"db15f7987560b87242c7526a113f110bb23869f294ac80d4b235eced6efd8d9536bf3d","size":914508,"data":"","first_seen":"2024-09-19T22:21:46.382347Z","last_seen":"2026-06-24T10:18:04.566737Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"025529bbd72f072e9d68ed8db52356a1","sha1":"7f896f057d4d10b67354603230ce315184ddc4a2","sha256":"0a998d9d0f3b65ff1e7ef578219b71a69a413a207934960e3773353a3abb8738","sha512":"ac2c763e036a1b19ec9b95a3ad7b32383191b26a809eab8cfb128a60004134bde3c5eb7fdcd793582b7560a768a16cf6c8e0a3a5736f23fba56c2701294a22b3","ssdeep":"","tlshash":"5dd0a7c1319b6500d5c004a5406b3a546254ab3404e40cafc62de0102ceb592ba122f5","size":216,"data":"","first_seen":"2023-04-11T21:25:23Z","last_seen":"2026-06-24T10:18:04.567332Z","times_seen":174,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/1b8394bb-49e0-4df7-95a5-8ae867fd3cee","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"","is_inline":false,"md5":"b8e797fdff4d1e962b0e586b7ee490ee","sha1":"132845f673b12fc7abe49d8524ff6cf21161891d","sha256":"c0d2ead3947e390d11b6da22eab925b250a57976b08e6bdb774075a5dc19a3fe","sha512":"cf2445410461e6844e2d2c1af6fc412b8735033381d05ae8d18b0fa97c19fcf0764e0351a4c23af18fb970ae3603d453e26202bacafdc41418918eb2b071fa3f","ssdeep":"1536:YaojZ1UYFoW8+uYnTpFM6MhBPtNPU9ArHMpJfC50SLn67UuMoMgyF/lqvKIsxrry:dqvUYFoWVT2Rn67UJRIFTyjw","tlshash":"b3444cd87294746342977165143f310b61723962688954a8f338ecee6ebc8d8a37bf3d","size":263403,"data":"","first_seen":"2026-06-24T01:57:07.957293Z","last_seen":"2026-06-24T10:18:04.567993Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/index_files/saved_resource.html","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"9e2a52d401dfd9fe93e7a4fe94493103","sha1":"bc3051e5acc90136cd9c49e22e05e10207fe13c1","sha256":"c6b0538d574f5dc4a4acc5fe3585d95a421dec6d575df2789d9b3cecc50e95ca","sha512":"673325379a5e09bfb71d4512874c2189465ab9cdf1729cfbe56920b254076e3f4aba290da2877abc566c43df83ccc73fb48d8f6ea65faa0af8c7f3a70772520d","ssdeep":"","tlshash":"7cd097a7083489306398010b21b3d3a82121245027516b0081c9cc3b7a30fc314a2c98","size":236,"data":"","first_seen":"2026-06-24T01:57:07.942646Z","last_seen":"2026-06-24T10:18:04.569322Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"fcfdbe7618990c75625208257c0be6fc","sha1":"ff955697663bf34c6257adb7e8e7896e8f793fba","sha256":"08909a1ec2be2a86c7efba76b5161a534a9705b2d73c1ea9d7c65cfea4f54797","sha512":"25573cac2a28cbeff13e32fb230af87e57fadf2833a016b00209178f550aa001d49803d025a2012a32532ab4750dda36bc9a28111efe13384e059e4475cb2bd2","ssdeep":"","tlshash":"a2a022cc3ec3238a0330b03e808bc0e0e80fc80a000000e022083f8c3c08f2083088ca","size":71,"data":"","first_seen":"2026-06-24T01:57:07.913288Z","last_seen":"2026-06-24T10:18:04.548628Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"da9cc4f6b08bf7bc6fe4ef3030d3276f","sha1":"8b8be19376a85b89c0b18d4341817f23123b056a","sha256":"1eadac59a74425a7a8817c9ab8612ad2dd2fb9ac682d36d2a8378d5eef36bf85","sha512":"b7701ebb9c5e3a1517199ce08dce1fe4f14432dd0cfabec9b94a8fa55d42a8a7d1fdf1f62ffddf0f5661dedd0cb07ecb96097c4afa8cfe8727030566c1df5ce4","ssdeep":"","tlshash":"a851f092379c647845eb3bb6a56de284253ec0336c00a962bc7cdc1a4f61c691639dd8","size":2505,"data":"","first_seen":"2026-06-24T01:57:07.917892Z","last_seen":"2026-06-24T10:18:04.550093Z","times_seen":2,"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-06-24","alert":"Detects file containing Telegram Bot API","trigger":"commonwealth.biz.id/","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"fd240912598ca0047285f4385abbc57d","sha1":"d63dc976bdbff42416d4b4c492d815221e73e2c4","sha256":"c02f577381a0024d4931b7f837a4c57926c7b6301899299af60a03158d577a41","sha512":"1f67547389a6ad1a15b6753cc7732d4884924ec0f49e012c96ead37252ad887a0fc543fecb4582195f6ef29eb70fee1986666412765805b6497a1e2861064260","ssdeep":"","tlshash":"e2b0127330d18ef5ccdb27ba3215e19559750008140420500a1c0a91d011b950391b45","size":104,"data":"","first_seen":"2026-06-24T01:57:07.922793Z","last_seen":"2026-06-24T10:18:04.551612Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"6aff614ce99371b15d9067124a594f13","sha1":"8f1f205bba4256ea184f72f18c745854f85d6d81","sha256":"0c0b813769ca020605917eca6a1d3340b80b8d39f22f4ffe19ac1cdf27a5c2ed","sha512":"feaa3c4e174a70c04a8724768bdb40d6fdc6af4dd864b8d45e0573e7c3eb6eb0d14edde46196370fc4e85344d00535b99278f0357cd3a6e919157e839c615e73","ssdeep":"","tlshash":"b4d0a9e330016c780fcf8aa2e831e2a7a72088015c276060c9484c0ee2a388320edcaa","size":211,"data":"","first_seen":"2026-06-24T01:57:07.924463Z","last_seen":"2026-06-24T10:18:04.552986Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"9599959f4c541aba303dcaa332d29295","sha1":"3f0bfa964f5ec7002aed3f8468ad1df6eb4630f1","sha256":"8afc65fc40b7c32406a40d039c8187b4b2cc9997044c3f9172359555c247bcd1","sha512":"df99dd28d5c975c235aaf4060a72cea1ba7567e342cd01982fe56b4dad09e7dcbdb3af8f8f741e75f9ca66cb8f39d54098bab1d7729c93c4c1d6bbbe647c970e","ssdeep":"","tlshash":"99a022202020c28f2800003020b8feb2acbff0bec200a88a03cfec0c8022ce0030ce80","size":86,"data":"","first_seen":"2026-06-24T01:57:07.931009Z","last_seen":"2026-06-24T10:18:04.554301Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"eee1b61fff3a644051a83b5f36404132","sha1":"8ad66ce2f48c257d3242d43a386c70051f869ed1","sha256":"591ab67f920ad3544ca179bc3914d96a50bab5d138ddd9c0bdb23d64d314295f","sha512":"857c1d2bdd67344eef6fc05ac280d974f576a1422c289a9e5bfaa6251e6f89b276fe373f65d4f34b23eb70e61787babccca3ef4229d04a8181e59c61ef3b0675","ssdeep":"","tlshash":"36f09eede6fb087e021530ba9485d00f5276ec731c0a54a1c5c60fad30b497a033dd46","size":475,"data":"","first_seen":"2026-06-24T01:57:07.933306Z","last_seen":"2026-06-24T10:18:04.555985Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"aa4e17aa70077772acc94863d7e8230b","sha1":"279c8e6732fd4576d0ca85cece2a40a07e9f0ca4","sha256":"7871bd98a9fa44b5b771eb36bb6a9a8a1d06ebeb7e03114d08bc9301a42a9de5","sha512":"455d8c1daef8cd317f3f5ea9d666bb223be6ed091051ed9f347cef1d84b4663d0290b3b54bbec0f607b2a51c3314b0a0ec96ce97cc98f8e059e37c6d41c5df1e","ssdeep":"","tlshash":"7401b1a8afff347546b670376a64729c79bde0b2340854529ddc4d0845a8e09222ef96","size":777,"data":"","first_seen":"2026-06-24T01:57:07.935328Z","last_seen":"2026-06-24T10:18:04.557253Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"6e5e7fabdf13bb3ece7d6900ec3bf92e","sha1":"5912955d89d7e87c652a6ad5f75f5e080d19a021","sha256":"b53539c0d78ab033c83463eca285b35abeb77aa4f7dacb16f14655980ec4a3c6","sha512":"f16b2afe5ee95863b855bd604269f6a7f3ea0980ce5a97f00be3d22b1409077108de5c9c32858d4a274bc4116ae201a706f9927f2e8c76f394c89fe398ad292d","ssdeep":"","tlshash":"d3e0cd2775042a744472b67236cf77495d771346640158c4c81429587b75c1b717edd6","size":300,"data":"","first_seen":"2026-06-24T01:57:07.937176Z","last_seen":"2026-06-24T10:18:04.55861Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"d847246ed8553e9d322302de765702cb","sha1":"4fe53111eb2fb0461c56843af8c63de1cf2068cf","sha256":"718a9dd8ea217750460320aaf393ce0ed31e0d3cc86c910ebd93e33ca93869c3","sha512":"1db50dd6b24d0b0c7eb159e0e2f21c169448c058c1f79f753f63d3ede69f2517b7f481dd100f07bc4cdfd9a3d0aace95883a61a3d26b8fd68587c298b0433e41","ssdeep":"","tlshash":"3c31edc5df156b3f875a539e240b490d68e85801c2c9497adcecc8a224fb0c9f27a369","size":1651,"data":"","first_seen":"2026-06-24T01:57:07.93897Z","last_seen":"2026-06-24T10:18:04.560033Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"0c5cdd630c00006d13d9c1a90d15a5f4","sha1":"c49750d4bd76fa556974357202228163a0c96168","sha256":"f2cbd262e00880e539351e4c41bcfa301f625a22895be40a0c47df289c53edce","sha512":"fc0727f1a90700718e83e32472fc75e20432cec286b07147b5b3fa33853376645ca542d9e1a837586a78c2e3a4ad5e414aef11d59243984faf2947ebdd37ebf9","ssdeep":"","tlshash":"4e11c4763b296534c6d5514b317ee7a93d3260617a02a144c36cdc355d2ce8714dfcbe","size":921,"data":"","first_seen":"2026-06-24T01:57:07.941057Z","last_seen":"2026-06-24T10:18:04.561653Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"fcfdbe7618990c75625208257c0be6fc","sha1":"ff955697663bf34c6257adb7e8e7896e8f793fba","sha256":"08909a1ec2be2a86c7efba76b5161a534a9705b2d73c1ea9d7c65cfea4f54797","sha512":"25573cac2a28cbeff13e32fb230af87e57fadf2833a016b00209178f550aa001d49803d025a2012a32532ab4750dda36bc9a28111efe13384e059e4475cb2bd2","ssdeep":"","tlshash":"a2a022cc3ec3238a0330b03e808bc0e0e80fc80a000000e022083f8c3c08f2083088ca","size":71,"data":"","first_seen":"2026-06-24T01:57:07.913288Z","last_seen":"2026-06-24T10:18:04.548628Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"da9cc4f6b08bf7bc6fe4ef3030d3276f","sha1":"8b8be19376a85b89c0b18d4341817f23123b056a","sha256":"1eadac59a74425a7a8817c9ab8612ad2dd2fb9ac682d36d2a8378d5eef36bf85","sha512":"b7701ebb9c5e3a1517199ce08dce1fe4f14432dd0cfabec9b94a8fa55d42a8a7d1fdf1f62ffddf0f5661dedd0cb07ecb96097c4afa8cfe8727030566c1df5ce4","ssdeep":"","tlshash":"a851f092379c647845eb3bb6a56de284253ec0336c00a962bc7cdc1a4f61c691639dd8","size":2505,"data":"","first_seen":"2026-06-24T01:57:07.917892Z","last_seen":"2026-06-24T10:18:04.550093Z","times_seen":2,"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-06-24","alert":"Detects file containing Telegram Bot API","trigger":"commonwealth.biz.id/","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"fd240912598ca0047285f4385abbc57d","sha1":"d63dc976bdbff42416d4b4c492d815221e73e2c4","sha256":"c02f577381a0024d4931b7f837a4c57926c7b6301899299af60a03158d577a41","sha512":"1f67547389a6ad1a15b6753cc7732d4884924ec0f49e012c96ead37252ad887a0fc543fecb4582195f6ef29eb70fee1986666412765805b6497a1e2861064260","ssdeep":"","tlshash":"e2b0127330d18ef5ccdb27ba3215e19559750008140420500a1c0a91d011b950391b45","size":104,"data":"","first_seen":"2026-06-24T01:57:07.922793Z","last_seen":"2026-06-24T10:18:04.551612Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"6aff614ce99371b15d9067124a594f13","sha1":"8f1f205bba4256ea184f72f18c745854f85d6d81","sha256":"0c0b813769ca020605917eca6a1d3340b80b8d39f22f4ffe19ac1cdf27a5c2ed","sha512":"feaa3c4e174a70c04a8724768bdb40d6fdc6af4dd864b8d45e0573e7c3eb6eb0d14edde46196370fc4e85344d00535b99278f0357cd3a6e919157e839c615e73","ssdeep":"","tlshash":"b4d0a9e330016c780fcf8aa2e831e2a7a72088015c276060c9484c0ee2a388320edcaa","size":211,"data":"","first_seen":"2026-06-24T01:57:07.924463Z","last_seen":"2026-06-24T10:18:04.552986Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"9599959f4c541aba303dcaa332d29295","sha1":"3f0bfa964f5ec7002aed3f8468ad1df6eb4630f1","sha256":"8afc65fc40b7c32406a40d039c8187b4b2cc9997044c3f9172359555c247bcd1","sha512":"df99dd28d5c975c235aaf4060a72cea1ba7567e342cd01982fe56b4dad09e7dcbdb3af8f8f741e75f9ca66cb8f39d54098bab1d7729c93c4c1d6bbbe647c970e","ssdeep":"","tlshash":"99a022202020c28f2800003020b8feb2acbff0bec200a88a03cfec0c8022ce0030ce80","size":86,"data":"","first_seen":"2026-06-24T01:57:07.931009Z","last_seen":"2026-06-24T10:18:04.554301Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"eee1b61fff3a644051a83b5f36404132","sha1":"8ad66ce2f48c257d3242d43a386c70051f869ed1","sha256":"591ab67f920ad3544ca179bc3914d96a50bab5d138ddd9c0bdb23d64d314295f","sha512":"857c1d2bdd67344eef6fc05ac280d974f576a1422c289a9e5bfaa6251e6f89b276fe373f65d4f34b23eb70e61787babccca3ef4229d04a8181e59c61ef3b0675","ssdeep":"","tlshash":"36f09eede6fb087e021530ba9485d00f5276ec731c0a54a1c5c60fad30b497a033dd46","size":475,"data":"","first_seen":"2026-06-24T01:57:07.933306Z","last_seen":"2026-06-24T10:18:04.555985Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"aa4e17aa70077772acc94863d7e8230b","sha1":"279c8e6732fd4576d0ca85cece2a40a07e9f0ca4","sha256":"7871bd98a9fa44b5b771eb36bb6a9a8a1d06ebeb7e03114d08bc9301a42a9de5","sha512":"455d8c1daef8cd317f3f5ea9d666bb223be6ed091051ed9f347cef1d84b4663d0290b3b54bbec0f607b2a51c3314b0a0ec96ce97cc98f8e059e37c6d41c5df1e","ssdeep":"","tlshash":"7401b1a8afff347546b670376a64729c79bde0b2340854529ddc4d0845a8e09222ef96","size":777,"data":"","first_seen":"2026-06-24T01:57:07.935328Z","last_seen":"2026-06-24T10:18:04.557253Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"6e5e7fabdf13bb3ece7d6900ec3bf92e","sha1":"5912955d89d7e87c652a6ad5f75f5e080d19a021","sha256":"b53539c0d78ab033c83463eca285b35abeb77aa4f7dacb16f14655980ec4a3c6","sha512":"f16b2afe5ee95863b855bd604269f6a7f3ea0980ce5a97f00be3d22b1409077108de5c9c32858d4a274bc4116ae201a706f9927f2e8c76f394c89fe398ad292d","ssdeep":"","tlshash":"d3e0cd2775042a744472b67236cf77495d771346640158c4c81429587b75c1b717edd6","size":300,"data":"","first_seen":"2026-06-24T01:57:07.937176Z","last_seen":"2026-06-24T10:18:04.55861Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"d847246ed8553e9d322302de765702cb","sha1":"4fe53111eb2fb0461c56843af8c63de1cf2068cf","sha256":"718a9dd8ea217750460320aaf393ce0ed31e0d3cc86c910ebd93e33ca93869c3","sha512":"1db50dd6b24d0b0c7eb159e0e2f21c169448c058c1f79f753f63d3ede69f2517b7f481dd100f07bc4cdfd9a3d0aace95883a61a3d26b8fd68587c298b0433e41","ssdeep":"","tlshash":"3c31edc5df156b3f875a539e240b490d68e85801c2c9497adcecc8a224fb0c9f27a369","size":1651,"data":"","first_seen":"2026-06-24T01:57:07.93897Z","last_seen":"2026-06-24T10:18:04.560033Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"0c5cdd630c00006d13d9c1a90d15a5f4","sha1":"c49750d4bd76fa556974357202228163a0c96168","sha256":"f2cbd262e00880e539351e4c41bcfa301f625a22895be40a0c47df289c53edce","sha512":"fc0727f1a90700718e83e32472fc75e20432cec286b07147b5b3fa33853376645ca542d9e1a837586a78c2e3a4ad5e414aef11d59243984faf2947ebdd37ebf9","ssdeep":"","tlshash":"4e11c4763b296534c6d5514b317ee7a93d3260617a02a144c36cdc355d2ce8714dfcbe","size":921,"data":"","first_seen":"2026-06-24T01:57:07.941057Z","last_seen":"2026-06-24T10:18:04.561653Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"6f3f68edbb63ab6f5ea0e26ae6b45ef7","sha1":"eeaf7e6577aadb00bd1a5be9d2cdb22dfb665dbf","sha256":"3d202d602a24af3f00f543059305fb1358312c5daed0de048054a717f7cdd35b","sha512":"b44fb52813094abdf72cada922834295250e4258d65989529e6fd4351821afe14a494e2a14062b6114a0531d7128ecc30e426ba4789c5549f76dc98b58d1e7e3","ssdeep":"","tlshash":"b00175ea10f925e6f3ef0bb4017909ae12237d6b0c98c931581ddd080c581836e0f796","size":781,"data":"","first_seen":"2023-04-11T21:25:23Z","last_seen":"2026-06-27T02:05:43.193788Z","times_seen":1391,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"e339075eb6a0c13665ced6925ac8fcf4","sha1":"8c5b55300aab95ce2ae71a5f69d490aaf707c3ab","sha256":"101cf1f50ca662e0ac231a573846ab0a3ca490b7dcde999d13e5428dc1b96565","sha512":"83680121cada7c881241c25021876f76d128c449010cfcdb30101fd6a5bcbe5a12a63333b0cb4ea1d7257a69b05930f39d918b9d75b870f3b67e92a0eeb1284c","ssdeep":"","tlshash":"06210061330674cce39530b6582b02819321ae764ce4ed75c533e6264d78b2337b8bc6","size":1136,"data":"","first_seen":"2023-04-11T21:25:23Z","last_seen":"2026-06-24T10:18:04.571318Z","times_seen":183,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"ad647657a6182865673fe2300a1d13ad","sha1":"b1d7352ec14223bdae58961fe3ebab2ec990427b","sha256":"9f500ac02daa86fc846af97dff1b0d92a41654db4a3548dd90574e5e70c28cdf","sha512":"7251d3e421e49649e39c374e19dfa3f7c03ffa741f49f19371d088fa8e8bdc89e85724b880431c6597b7d4b4b08b03cd0e6b3be1d74ecb9f537fe384b5cd841e","ssdeep":"","tlshash":"f8c08c81065260ac89bf09a1089d0c8884620e8008417871c0c0c74068c8ba020afaca","size":148,"data":"","first_seen":"2023-04-11T21:25:23Z","last_seen":"2026-06-27T16:11:06.719955Z","times_seen":16529,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"53d8589ebc4fadb87f1135274db4336a","sha1":"f988aada6bc2e8412ef084550352078c9ed5e56e","sha256":"bd6d634c1b6694571e474743d2d89be15c22ae039b51869d33597806e596feb0","sha512":"41413b602f337674ec46fb140678577b3666eef1147314fccf82b6a4ed5f3f516f2cacd08d49fbf282fa72a1b9ac79dfc4138ced44074468afad25572b49937e","ssdeep":"","tlshash":"58d022c5b3e373039bf938ea4928154412fc3812dd08474ab144d07705282a043bbd6c","size":201,"data":"","first_seen":"2023-04-11T21:25:23Z","last_seen":"2026-06-27T19:11:36.93089Z","times_seen":40210,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/index_files/marketing-merge.0fbf6484f2883cc9ea2b8d39f991a5a1.js.download","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"0fbf6484f2883cc9ea2b8d39f991a5a1","sha1":"200a1edd0e7ad78e44536d4a67a9c7a17216711c","sha256":"f116e317891a04fadb7d4411dfbd74be94719ccc4b35d9532e7159fd874e2278","sha512":"25b378d439aa7c35e7c4926ce08052871954b8e0da828ac5a832986767069fc8d3971b538b6b64b53d67ee1d6d0989756b72f764cff4cb95c8fd1947de09d411","ssdeep":"1536:bGOxbnIY5ygXpiLT/ErgSTZKA/yL3CkRE8yIRROOoqzIwX:BrIY5ZgT/qgVA/sxnkO","tlshash":"4693a3c876c2f46653a360b640af114ff23e6da5684d9060e095f0ed3c7893d967beac","size":95084,"data":"","first_seen":"2025-02-10T03:46:55.927756Z","last_seen":"2026-06-24T10:18:04.509545Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/index_files/instrumentation-merge.4043785f5795e2e8297bdfe0cdf60f4d.js.download","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"4043785f5795e2e8297bdfe0cdf60f4d","sha1":"2f6c06391199d8c4f89f468e398f94fef932798e","sha256":"7cf46fbfca24dd814d3ef457da79b54ca3a38858a75f6f70ff49343231cc0bf9","sha512":"3a71b0e5c0a7e7b78e66981fbd8b14665003b2c66d67904a135f10400d6398ab93cee361ae58d9fa4e4950f29186f1bf364752b2f45eb4f22468b53705f32d8b","ssdeep":"384:D/T0hsJNAMwAMFSR33NK4uOewvmupjwAhuwl86h+:DoqNHtK3OewvmupjwAhK6h+","tlshash":"84922c9632f053b582cabd21999f05aba576fc711d44d0a8b350f8c56c38dc6932ff29","size":19937,"data":"","first_seen":"2023-03-07T16:48:51Z","last_seen":"2026-06-24T10:18:04.524595Z","times_seen":820,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"fcfdbe7618990c75625208257c0be6fc","sha1":"ff955697663bf34c6257adb7e8e7896e8f793fba","sha256":"08909a1ec2be2a86c7efba76b5161a534a9705b2d73c1ea9d7c65cfea4f54797","sha512":"25573cac2a28cbeff13e32fb230af87e57fadf2833a016b00209178f550aa001d49803d025a2012a32532ab4750dda36bc9a28111efe13384e059e4475cb2bd2","ssdeep":"","tlshash":"a2a022cc3ec3238a0330b03e808bc0e0e80fc80a000000e022083f8c3c08f2083088ca","size":71,"data":"","first_seen":"2026-06-24T01:57:07.913288Z","last_seen":"2026-06-24T10:18:04.548628Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"da9cc4f6b08bf7bc6fe4ef3030d3276f","sha1":"8b8be19376a85b89c0b18d4341817f23123b056a","sha256":"1eadac59a74425a7a8817c9ab8612ad2dd2fb9ac682d36d2a8378d5eef36bf85","sha512":"b7701ebb9c5e3a1517199ce08dce1fe4f14432dd0cfabec9b94a8fa55d42a8a7d1fdf1f62ffddf0f5661dedd0cb07ecb96097c4afa8cfe8727030566c1df5ce4","ssdeep":"","tlshash":"a851f092379c647845eb3bb6a56de284253ec0336c00a962bc7cdc1a4f61c691639dd8","size":2505,"data":"","first_seen":"2026-06-24T01:57:07.917892Z","last_seen":"2026-06-24T10:18:04.550093Z","times_seen":2,"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-06-24","alert":"Detects file containing Telegram Bot API","trigger":"commonwealth.biz.id/","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"fd240912598ca0047285f4385abbc57d","sha1":"d63dc976bdbff42416d4b4c492d815221e73e2c4","sha256":"c02f577381a0024d4931b7f837a4c57926c7b6301899299af60a03158d577a41","sha512":"1f67547389a6ad1a15b6753cc7732d4884924ec0f49e012c96ead37252ad887a0fc543fecb4582195f6ef29eb70fee1986666412765805b6497a1e2861064260","ssdeep":"","tlshash":"e2b0127330d18ef5ccdb27ba3215e19559750008140420500a1c0a91d011b950391b45","size":104,"data":"","first_seen":"2026-06-24T01:57:07.922793Z","last_seen":"2026-06-24T10:18:04.551612Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"6aff614ce99371b15d9067124a594f13","sha1":"8f1f205bba4256ea184f72f18c745854f85d6d81","sha256":"0c0b813769ca020605917eca6a1d3340b80b8d39f22f4ffe19ac1cdf27a5c2ed","sha512":"feaa3c4e174a70c04a8724768bdb40d6fdc6af4dd864b8d45e0573e7c3eb6eb0d14edde46196370fc4e85344d00535b99278f0357cd3a6e919157e839c615e73","ssdeep":"","tlshash":"b4d0a9e330016c780fcf8aa2e831e2a7a72088015c276060c9484c0ee2a388320edcaa","size":211,"data":"","first_seen":"2026-06-24T01:57:07.924463Z","last_seen":"2026-06-24T10:18:04.552986Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"9599959f4c541aba303dcaa332d29295","sha1":"3f0bfa964f5ec7002aed3f8468ad1df6eb4630f1","sha256":"8afc65fc40b7c32406a40d039c8187b4b2cc9997044c3f9172359555c247bcd1","sha512":"df99dd28d5c975c235aaf4060a72cea1ba7567e342cd01982fe56b4dad09e7dcbdb3af8f8f741e75f9ca66cb8f39d54098bab1d7729c93c4c1d6bbbe647c970e","ssdeep":"","tlshash":"99a022202020c28f2800003020b8feb2acbff0bec200a88a03cfec0c8022ce0030ce80","size":86,"data":"","first_seen":"2026-06-24T01:57:07.931009Z","last_seen":"2026-06-24T10:18:04.554301Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"eee1b61fff3a644051a83b5f36404132","sha1":"8ad66ce2f48c257d3242d43a386c70051f869ed1","sha256":"591ab67f920ad3544ca179bc3914d96a50bab5d138ddd9c0bdb23d64d314295f","sha512":"857c1d2bdd67344eef6fc05ac280d974f576a1422c289a9e5bfaa6251e6f89b276fe373f65d4f34b23eb70e61787babccca3ef4229d04a8181e59c61ef3b0675","ssdeep":"","tlshash":"36f09eede6fb087e021530ba9485d00f5276ec731c0a54a1c5c60fad30b497a033dd46","size":475,"data":"","first_seen":"2026-06-24T01:57:07.933306Z","last_seen":"2026-06-24T10:18:04.555985Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"aa4e17aa70077772acc94863d7e8230b","sha1":"279c8e6732fd4576d0ca85cece2a40a07e9f0ca4","sha256":"7871bd98a9fa44b5b771eb36bb6a9a8a1d06ebeb7e03114d08bc9301a42a9de5","sha512":"455d8c1daef8cd317f3f5ea9d666bb223be6ed091051ed9f347cef1d84b4663d0290b3b54bbec0f607b2a51c3314b0a0ec96ce97cc98f8e059e37c6d41c5df1e","ssdeep":"","tlshash":"7401b1a8afff347546b670376a64729c79bde0b2340854529ddc4d0845a8e09222ef96","size":777,"data":"","first_seen":"2026-06-24T01:57:07.935328Z","last_seen":"2026-06-24T10:18:04.557253Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"6e5e7fabdf13bb3ece7d6900ec3bf92e","sha1":"5912955d89d7e87c652a6ad5f75f5e080d19a021","sha256":"b53539c0d78ab033c83463eca285b35abeb77aa4f7dacb16f14655980ec4a3c6","sha512":"f16b2afe5ee95863b855bd604269f6a7f3ea0980ce5a97f00be3d22b1409077108de5c9c32858d4a274bc4116ae201a706f9927f2e8c76f394c89fe398ad292d","ssdeep":"","tlshash":"d3e0cd2775042a744472b67236cf77495d771346640158c4c81429587b75c1b717edd6","size":300,"data":"","first_seen":"2026-06-24T01:57:07.937176Z","last_seen":"2026-06-24T10:18:04.55861Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"d847246ed8553e9d322302de765702cb","sha1":"4fe53111eb2fb0461c56843af8c63de1cf2068cf","sha256":"718a9dd8ea217750460320aaf393ce0ed31e0d3cc86c910ebd93e33ca93869c3","sha512":"1db50dd6b24d0b0c7eb159e0e2f21c169448c058c1f79f753f63d3ede69f2517b7f481dd100f07bc4cdfd9a3d0aace95883a61a3d26b8fd68587c298b0433e41","ssdeep":"","tlshash":"3c31edc5df156b3f875a539e240b490d68e85801c2c9497adcecc8a224fb0c9f27a369","size":1651,"data":"","first_seen":"2026-06-24T01:57:07.93897Z","last_seen":"2026-06-24T10:18:04.560033Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"0c5cdd630c00006d13d9c1a90d15a5f4","sha1":"c49750d4bd76fa556974357202228163a0c96168","sha256":"f2cbd262e00880e539351e4c41bcfa301f625a22895be40a0c47df289c53edce","sha512":"fc0727f1a90700718e83e32472fc75e20432cec286b07147b5b3fa33853376645ca542d9e1a837586a78c2e3a4ad5e414aef11d59243984faf2947ebdd37ebf9","ssdeep":"","tlshash":"4e11c4763b296534c6d5514b317ee7a93d3260617a02a144c36cdc355d2ce8714dfcbe","size":921,"data":"","first_seen":"2026-06-24T01:57:07.941057Z","last_seen":"2026-06-24T10:18:04.561653Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"26bc31e12628b8388c3be44bb175d592","sha1":"9464185aa11d68ea75e8d6495ff7b02ec3b4f1ad","sha256":"b4829119269f7853888d67440f0424d68bd7a7f3d6a85b408bc5260b7953fe09","sha512":"4c2b63d1616648758499ba9674263b101a4f03c0f2d7b6671267632982069a9ededf8182a1656e2d1352e7d17d5f8875b31411f21749d3b91bb55c462b22598e","ssdeep":"","tlshash":"64c08cc822a2027a8e6b09d108e8180d48b10f501c1120f2c0e0e98014c8ad0629fa0c","size":152,"data":"","first_seen":"2023-04-11T21:25:23Z","last_seen":"2026-06-27T18:21:12.523565Z","times_seen":59530,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"40cfc7946a9419d2aa96e9679348d708","sha1":"fde28dce094895ac457646dc42056804410878b1","sha256":"468e49e66119a873131daebba9a8c400e84b2c86cb5da9e8db40e739eeba17ea","sha512":"d0fe71b7a1e8b9264f9599091f7e817d4718c44d42b0622c3c676ed3f69430edf04992c5740c231fc8f037ef9d6bf7c9393812df173038fd7fed77884afa1632","ssdeep":"","tlshash":"30410fc1b7632b1bd3e130ee24cd28d48015ea2359a49d535010f2572269b637ffefa9","size":2196,"data":"","first_seen":"2023-04-11T21:25:23Z","last_seen":"2026-06-24T10:18:04.574007Z","times_seen":135,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"fcfdbe7618990c75625208257c0be6fc","sha1":"ff955697663bf34c6257adb7e8e7896e8f793fba","sha256":"08909a1ec2be2a86c7efba76b5161a534a9705b2d73c1ea9d7c65cfea4f54797","sha512":"25573cac2a28cbeff13e32fb230af87e57fadf2833a016b00209178f550aa001d49803d025a2012a32532ab4750dda36bc9a28111efe13384e059e4475cb2bd2","ssdeep":"","tlshash":"a2a022cc3ec3238a0330b03e808bc0e0e80fc80a000000e022083f8c3c08f2083088ca","size":71,"data":"","first_seen":"2026-06-24T01:57:07.913288Z","last_seen":"2026-06-24T10:18:04.548628Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"da9cc4f6b08bf7bc6fe4ef3030d3276f","sha1":"8b8be19376a85b89c0b18d4341817f23123b056a","sha256":"1eadac59a74425a7a8817c9ab8612ad2dd2fb9ac682d36d2a8378d5eef36bf85","sha512":"b7701ebb9c5e3a1517199ce08dce1fe4f14432dd0cfabec9b94a8fa55d42a8a7d1fdf1f62ffddf0f5661dedd0cb07ecb96097c4afa8cfe8727030566c1df5ce4","ssdeep":"","tlshash":"a851f092379c647845eb3bb6a56de284253ec0336c00a962bc7cdc1a4f61c691639dd8","size":2505,"data":"","first_seen":"2026-06-24T01:57:07.917892Z","last_seen":"2026-06-24T10:18:04.550093Z","times_seen":2,"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-06-24","alert":"Detects file containing Telegram Bot API","trigger":"commonwealth.biz.id/","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"fd240912598ca0047285f4385abbc57d","sha1":"d63dc976bdbff42416d4b4c492d815221e73e2c4","sha256":"c02f577381a0024d4931b7f837a4c57926c7b6301899299af60a03158d577a41","sha512":"1f67547389a6ad1a15b6753cc7732d4884924ec0f49e012c96ead37252ad887a0fc543fecb4582195f6ef29eb70fee1986666412765805b6497a1e2861064260","ssdeep":"","tlshash":"e2b0127330d18ef5ccdb27ba3215e19559750008140420500a1c0a91d011b950391b45","size":104,"data":"","first_seen":"2026-06-24T01:57:07.922793Z","last_seen":"2026-06-24T10:18:04.551612Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"6aff614ce99371b15d9067124a594f13","sha1":"8f1f205bba4256ea184f72f18c745854f85d6d81","sha256":"0c0b813769ca020605917eca6a1d3340b80b8d39f22f4ffe19ac1cdf27a5c2ed","sha512":"feaa3c4e174a70c04a8724768bdb40d6fdc6af4dd864b8d45e0573e7c3eb6eb0d14edde46196370fc4e85344d00535b99278f0357cd3a6e919157e839c615e73","ssdeep":"","tlshash":"b4d0a9e330016c780fcf8aa2e831e2a7a72088015c276060c9484c0ee2a388320edcaa","size":211,"data":"","first_seen":"2026-06-24T01:57:07.924463Z","last_seen":"2026-06-24T10:18:04.552986Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"9599959f4c541aba303dcaa332d29295","sha1":"3f0bfa964f5ec7002aed3f8468ad1df6eb4630f1","sha256":"8afc65fc40b7c32406a40d039c8187b4b2cc9997044c3f9172359555c247bcd1","sha512":"df99dd28d5c975c235aaf4060a72cea1ba7567e342cd01982fe56b4dad09e7dcbdb3af8f8f741e75f9ca66cb8f39d54098bab1d7729c93c4c1d6bbbe647c970e","ssdeep":"","tlshash":"99a022202020c28f2800003020b8feb2acbff0bec200a88a03cfec0c8022ce0030ce80","size":86,"data":"","first_seen":"2026-06-24T01:57:07.931009Z","last_seen":"2026-06-24T10:18:04.554301Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"eee1b61fff3a644051a83b5f36404132","sha1":"8ad66ce2f48c257d3242d43a386c70051f869ed1","sha256":"591ab67f920ad3544ca179bc3914d96a50bab5d138ddd9c0bdb23d64d314295f","sha512":"857c1d2bdd67344eef6fc05ac280d974f576a1422c289a9e5bfaa6251e6f89b276fe373f65d4f34b23eb70e61787babccca3ef4229d04a8181e59c61ef3b0675","ssdeep":"","tlshash":"36f09eede6fb087e021530ba9485d00f5276ec731c0a54a1c5c60fad30b497a033dd46","size":475,"data":"","first_seen":"2026-06-24T01:57:07.933306Z","last_seen":"2026-06-24T10:18:04.555985Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"aa4e17aa70077772acc94863d7e8230b","sha1":"279c8e6732fd4576d0ca85cece2a40a07e9f0ca4","sha256":"7871bd98a9fa44b5b771eb36bb6a9a8a1d06ebeb7e03114d08bc9301a42a9de5","sha512":"455d8c1daef8cd317f3f5ea9d666bb223be6ed091051ed9f347cef1d84b4663d0290b3b54bbec0f607b2a51c3314b0a0ec96ce97cc98f8e059e37c6d41c5df1e","ssdeep":"","tlshash":"7401b1a8afff347546b670376a64729c79bde0b2340854529ddc4d0845a8e09222ef96","size":777,"data":"","first_seen":"2026-06-24T01:57:07.935328Z","last_seen":"2026-06-24T10:18:04.557253Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"6e5e7fabdf13bb3ece7d6900ec3bf92e","sha1":"5912955d89d7e87c652a6ad5f75f5e080d19a021","sha256":"b53539c0d78ab033c83463eca285b35abeb77aa4f7dacb16f14655980ec4a3c6","sha512":"f16b2afe5ee95863b855bd604269f6a7f3ea0980ce5a97f00be3d22b1409077108de5c9c32858d4a274bc4116ae201a706f9927f2e8c76f394c89fe398ad292d","ssdeep":"","tlshash":"d3e0cd2775042a744472b67236cf77495d771346640158c4c81429587b75c1b717edd6","size":300,"data":"","first_seen":"2026-06-24T01:57:07.937176Z","last_seen":"2026-06-24T10:18:04.55861Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"d847246ed8553e9d322302de765702cb","sha1":"4fe53111eb2fb0461c56843af8c63de1cf2068cf","sha256":"718a9dd8ea217750460320aaf393ce0ed31e0d3cc86c910ebd93e33ca93869c3","sha512":"1db50dd6b24d0b0c7eb159e0e2f21c169448c058c1f79f753f63d3ede69f2517b7f481dd100f07bc4cdfd9a3d0aace95883a61a3d26b8fd68587c298b0433e41","ssdeep":"","tlshash":"3c31edc5df156b3f875a539e240b490d68e85801c2c9497adcecc8a224fb0c9f27a369","size":1651,"data":"","first_seen":"2026-06-24T01:57:07.93897Z","last_seen":"2026-06-24T10:18:04.560033Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"0c5cdd630c00006d13d9c1a90d15a5f4","sha1":"c49750d4bd76fa556974357202228163a0c96168","sha256":"f2cbd262e00880e539351e4c41bcfa301f625a22895be40a0c47df289c53edce","sha512":"fc0727f1a90700718e83e32472fc75e20432cec286b07147b5b3fa33853376645ca542d9e1a837586a78c2e3a4ad5e414aef11d59243984faf2947ebdd37ebf9","ssdeep":"","tlshash":"4e11c4763b296534c6d5514b317ee7a93d3260617a02a144c36cdc355d2ce8714dfcbe","size":921,"data":"","first_seen":"2026-06-24T01:57:07.941057Z","last_seen":"2026-06-24T10:18:04.561653Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/index_files/func.9b8de72fe2f973dd95ef094847ce3974.js.download","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"9b8de72fe2f973dd95ef094847ce3974","sha1":"4922107025013373e24b89d8d8b67a859db47715","sha256":"dcf81f81e9abca1b1942c63e37c79547ef37c0b8fd127655c6c23b59fabdf0b1","sha512":"e519dcd4cad52d94c685a9d03f864aab6aadaa3f20aab2d02e9f2e036bac6ef4fdfa74dea941721c791d66a275d5cccc9559a05bc1e35e3216794cb551b788ef","ssdeep":"1536:4iysvEoOOvwNf5UJBP0vaPz+ijyN6GNCe++1winu5U7JBtZzsisrSW8cbc:ZcoOOoAMjN6K++1winisd","tlshash":"86637798bad5f0603327a375762b6ceaf71bb955128dd086d941528235f0f3cf22b638","size":69692,"data":"","first_seen":"2023-03-09T07:30:43Z","last_seen":"2026-06-24T10:18:04.527563Z","times_seen":46,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-06-27T19:16:53.150101Z","times_seen":705852,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-06-27T19:16:53.150101Z","times_seen":705852,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"9e2a52d401dfd9fe93e7a4fe94493103","sha1":"bc3051e5acc90136cd9c49e22e05e10207fe13c1","sha256":"c6b0538d574f5dc4a4acc5fe3585d95a421dec6d575df2789d9b3cecc50e95ca","sha512":"673325379a5e09bfb71d4512874c2189465ab9cdf1729cfbe56920b254076e3f4aba290da2877abc566c43df83ccc73fb48d8f6ea65faa0af8c7f3a70772520d","ssdeep":"","tlshash":"7cd097a7083489306398010b21b3d3a82121245027516b0081c9cc3b7a30fc314a2c98","size":236,"data":"","first_seen":"2026-06-24T01:57:07.942646Z","last_seen":"2026-06-24T10:18:04.569322Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"fcfdbe7618990c75625208257c0be6fc","sha1":"ff955697663bf34c6257adb7e8e7896e8f793fba","sha256":"08909a1ec2be2a86c7efba76b5161a534a9705b2d73c1ea9d7c65cfea4f54797","sha512":"25573cac2a28cbeff13e32fb230af87e57fadf2833a016b00209178f550aa001d49803d025a2012a32532ab4750dda36bc9a28111efe13384e059e4475cb2bd2","ssdeep":"","tlshash":"a2a022cc3ec3238a0330b03e808bc0e0e80fc80a000000e022083f8c3c08f2083088ca","size":71,"data":"","first_seen":"2026-06-24T01:57:07.913288Z","last_seen":"2026-06-24T10:18:04.548628Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"da9cc4f6b08bf7bc6fe4ef3030d3276f","sha1":"8b8be19376a85b89c0b18d4341817f23123b056a","sha256":"1eadac59a74425a7a8817c9ab8612ad2dd2fb9ac682d36d2a8378d5eef36bf85","sha512":"b7701ebb9c5e3a1517199ce08dce1fe4f14432dd0cfabec9b94a8fa55d42a8a7d1fdf1f62ffddf0f5661dedd0cb07ecb96097c4afa8cfe8727030566c1df5ce4","ssdeep":"","tlshash":"a851f092379c647845eb3bb6a56de284253ec0336c00a962bc7cdc1a4f61c691639dd8","size":2505,"data":"","first_seen":"2026-06-24T01:57:07.917892Z","last_seen":"2026-06-24T10:18:04.550093Z","times_seen":2,"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-06-24","alert":"Detects file containing Telegram Bot API","trigger":"commonwealth.biz.id/","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"fd240912598ca0047285f4385abbc57d","sha1":"d63dc976bdbff42416d4b4c492d815221e73e2c4","sha256":"c02f577381a0024d4931b7f837a4c57926c7b6301899299af60a03158d577a41","sha512":"1f67547389a6ad1a15b6753cc7732d4884924ec0f49e012c96ead37252ad887a0fc543fecb4582195f6ef29eb70fee1986666412765805b6497a1e2861064260","ssdeep":"","tlshash":"e2b0127330d18ef5ccdb27ba3215e19559750008140420500a1c0a91d011b950391b45","size":104,"data":"","first_seen":"2026-06-24T01:57:07.922793Z","last_seen":"2026-06-24T10:18:04.551612Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"6aff614ce99371b15d9067124a594f13","sha1":"8f1f205bba4256ea184f72f18c745854f85d6d81","sha256":"0c0b813769ca020605917eca6a1d3340b80b8d39f22f4ffe19ac1cdf27a5c2ed","sha512":"feaa3c4e174a70c04a8724768bdb40d6fdc6af4dd864b8d45e0573e7c3eb6eb0d14edde46196370fc4e85344d00535b99278f0357cd3a6e919157e839c615e73","ssdeep":"","tlshash":"b4d0a9e330016c780fcf8aa2e831e2a7a72088015c276060c9484c0ee2a388320edcaa","size":211,"data":"","first_seen":"2026-06-24T01:57:07.924463Z","last_seen":"2026-06-24T10:18:04.552986Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"9599959f4c541aba303dcaa332d29295","sha1":"3f0bfa964f5ec7002aed3f8468ad1df6eb4630f1","sha256":"8afc65fc40b7c32406a40d039c8187b4b2cc9997044c3f9172359555c247bcd1","sha512":"df99dd28d5c975c235aaf4060a72cea1ba7567e342cd01982fe56b4dad09e7dcbdb3af8f8f741e75f9ca66cb8f39d54098bab1d7729c93c4c1d6bbbe647c970e","ssdeep":"","tlshash":"99a022202020c28f2800003020b8feb2acbff0bec200a88a03cfec0c8022ce0030ce80","size":86,"data":"","first_seen":"2026-06-24T01:57:07.931009Z","last_seen":"2026-06-24T10:18:04.554301Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"eee1b61fff3a644051a83b5f36404132","sha1":"8ad66ce2f48c257d3242d43a386c70051f869ed1","sha256":"591ab67f920ad3544ca179bc3914d96a50bab5d138ddd9c0bdb23d64d314295f","sha512":"857c1d2bdd67344eef6fc05ac280d974f576a1422c289a9e5bfaa6251e6f89b276fe373f65d4f34b23eb70e61787babccca3ef4229d04a8181e59c61ef3b0675","ssdeep":"","tlshash":"36f09eede6fb087e021530ba9485d00f5276ec731c0a54a1c5c60fad30b497a033dd46","size":475,"data":"","first_seen":"2026-06-24T01:57:07.933306Z","last_seen":"2026-06-24T10:18:04.555985Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"aa4e17aa70077772acc94863d7e8230b","sha1":"279c8e6732fd4576d0ca85cece2a40a07e9f0ca4","sha256":"7871bd98a9fa44b5b771eb36bb6a9a8a1d06ebeb7e03114d08bc9301a42a9de5","sha512":"455d8c1daef8cd317f3f5ea9d666bb223be6ed091051ed9f347cef1d84b4663d0290b3b54bbec0f607b2a51c3314b0a0ec96ce97cc98f8e059e37c6d41c5df1e","ssdeep":"","tlshash":"7401b1a8afff347546b670376a64729c79bde0b2340854529ddc4d0845a8e09222ef96","size":777,"data":"","first_seen":"2026-06-24T01:57:07.935328Z","last_seen":"2026-06-24T10:18:04.557253Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"6e5e7fabdf13bb3ece7d6900ec3bf92e","sha1":"5912955d89d7e87c652a6ad5f75f5e080d19a021","sha256":"b53539c0d78ab033c83463eca285b35abeb77aa4f7dacb16f14655980ec4a3c6","sha512":"f16b2afe5ee95863b855bd604269f6a7f3ea0980ce5a97f00be3d22b1409077108de5c9c32858d4a274bc4116ae201a706f9927f2e8c76f394c89fe398ad292d","ssdeep":"","tlshash":"d3e0cd2775042a744472b67236cf77495d771346640158c4c81429587b75c1b717edd6","size":300,"data":"","first_seen":"2026-06-24T01:57:07.937176Z","last_seen":"2026-06-24T10:18:04.55861Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"d847246ed8553e9d322302de765702cb","sha1":"4fe53111eb2fb0461c56843af8c63de1cf2068cf","sha256":"718a9dd8ea217750460320aaf393ce0ed31e0d3cc86c910ebd93e33ca93869c3","sha512":"1db50dd6b24d0b0c7eb159e0e2f21c169448c058c1f79f753f63d3ede69f2517b7f481dd100f07bc4cdfd9a3d0aace95883a61a3d26b8fd68587c298b0433e41","ssdeep":"","tlshash":"3c31edc5df156b3f875a539e240b490d68e85801c2c9497adcecc8a224fb0c9f27a369","size":1651,"data":"","first_seen":"2026-06-24T01:57:07.93897Z","last_seen":"2026-06-24T10:18:04.560033Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"0c5cdd630c00006d13d9c1a90d15a5f4","sha1":"c49750d4bd76fa556974357202228163a0c96168","sha256":"f2cbd262e00880e539351e4c41bcfa301f625a22895be40a0c47df289c53edce","sha512":"fc0727f1a90700718e83e32472fc75e20432cec286b07147b5b3fa33853376645ca542d9e1a837586a78c2e3a4ad5e414aef11d59243984faf2947ebdd37ebf9","ssdeep":"","tlshash":"4e11c4763b296534c6d5514b317ee7a93d3260617a02a144c36cdc355d2ce8714dfcbe","size":921,"data":"","first_seen":"2026-06-24T01:57:07.941057Z","last_seen":"2026-06-24T10:18:04.561653Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"1960c98a6bbb854c8ad461004650eeef","sha1":"edd3c3895a5657d346e352a37bfff52d455b455f","sha256":"a97483ac6fdb0311bc6a06ed13c8de98a245666598d73d40e275e3df739c2c83","sha512":"2c9ece8f8910ed7db6ce043a8048b195f5d4010c85a646baaf5706f6e8d39ecf16e530d7d10de0df08604dd9cd38d23376b43e0c128092be41279534040b28f5","ssdeep":"","tlshash":"45c09b907e519cc1417f7278027fdc71e544545c544da4e54515d3c52cd9423d27667d","size":131,"data":"","first_seen":"2023-04-11T21:25:23Z","last_seen":"2026-06-27T16:11:06.721523Z","times_seen":7156,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"eventHandler","is_inline":false,"md5":"bf14a2b0bc19cc8f55b8ece5dc0f4bf0","sha1":"d6eeaf3cf9ba292b47918f6ad4afa7f2288939f6","sha256":"d57daeec2ee590950f08fee215df88fb8ca5af2dc3606d628652517e1f32182b","sha512":"1ad4be1a0e8484ceefe19ee54be3da074bceca9c9a934daaf9ec960766e7c8e270fc005bc7e6bca630fbccc76c2a0f2625377ce26f354b5cb1cfc6ac1c180b1b","ssdeep":"","tlshash":"589002236d31d06898805590c4b0c522c41854927640e555b994085c82a125f093027f","size":55,"data":"","first_seen":"2023-05-05T01:25:43Z","last_seen":"2026-06-24T10:18:04.562898Z","times_seen":47,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/index_files/signout.html","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"f5f6e1a8e82ba940b21319316d52418c","sha1":"5e6f95da444468b52afba5934ce5e47c13654159","sha256":"0e939a644ab6c8f5d6f7b4f3cc89446e0d980e90979dd136099604df4c7026bb","sha512":"fd4ea6c2e32672461545d9ec2390306ae3f8b1ddaf7ad8a9bc75cf7e9de64414f1a8a74d2e6c6452f8b4ae437c32a201f6fbd68e895c47fec88cfef181819463","ssdeep":"","tlshash":"ed1104763a291534cac5404b317fe7a93d3260717e029144c26cdc245d28ec714efcbe","size":921,"data":"","first_seen":"2026-06-24T01:57:07.963954Z","last_seen":"2026-06-24T10:18:04.576232Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"a3ff694f253e2a37507a1b8537057c0b","sha1":"22c5d6d0a7d9a0e311e4086bbdde11f51ba39e13","sha256":"20d304e00917c30d2ebf526fb3312b6eb2e55b9419c88c8e52b9aad981dabbb9","sha512":"28987314e168ca7a726a84de4a1e5f90fb20538c48ba0c10cf7ba06422503583355597e047172a397548145d170c2bbd400bc0f986b995af98a3e19ade6667e4","ssdeep":"","tlshash":"99d09767183488306788010f20b7e3d4222560a02b116a0080cecc2b7a31fc300b1998","size":236,"data":"","first_seen":"2026-06-24T01:57:07.94766Z","last_seen":"2026-06-24T10:18:04.564728Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/index_files/tracking-merge.4384551dad88c3309752a599fddd700a.js.download","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"4384551dad88c3309752a599fddd700a","sha1":"0695f865e3619a34295d938f007e9f90b5186ba0","sha256":"eb2c30d249e26567bbd3798cae72610f9759a6cbfe1295af51f6ad682b66c7ac","sha512":"ace5fa967f34f4c080f135b219e18af92d6d33d11197beee0696bf5793bf659ed67fafe500e2e51e111417a40b6699d87fb25d283fc02d825b7d7d4e0c635b59","ssdeep":"3072:mQVSJMyuRkRkFbiUQcHOvjIMkyVp2IyC71BI1Ph09OqxQGy:m2/RkybiUQcHOLIMP72mI1h09VxQP","tlshash":"4a44f88a36ebb4378e967170903f460bf33eed9554c8c0a4d152d8d4397894a81b7fab","size":264713,"data":"","first_seen":"2026-03-04T19:24:36.634126Z","last_seen":"2026-06-24T10:18:04.531187Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"ad647657a6182865673fe2300a1d13ad","sha1":"b1d7352ec14223bdae58961fe3ebab2ec990427b","sha256":"9f500ac02daa86fc846af97dff1b0d92a41654db4a3548dd90574e5e70c28cdf","sha512":"7251d3e421e49649e39c374e19dfa3f7c03ffa741f49f19371d088fa8e8bdc89e85724b880431c6597b7d4b4b08b03cd0e6b3be1d74ecb9f537fe384b5cd841e","ssdeep":"","tlshash":"f8c08c81065260ac89bf09a1089d0c8884620e8008417871c0c0c74068c8ba020afaca","size":148,"data":"","first_seen":"2023-04-11T21:25:23Z","last_seen":"2026-06-27T16:11:06.719955Z","times_seen":16529,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"1960c98a6bbb854c8ad461004650eeef","sha1":"edd3c3895a5657d346e352a37bfff52d455b455f","sha256":"a97483ac6fdb0311bc6a06ed13c8de98a245666598d73d40e275e3df739c2c83","sha512":"2c9ece8f8910ed7db6ce043a8048b195f5d4010c85a646baaf5706f6e8d39ecf16e530d7d10de0df08604dd9cd38d23376b43e0c128092be41279534040b28f5","ssdeep":"","tlshash":"45c09b907e519cc1417f7278027fdc71e544545c544da4e54515d3c52cd9423d27667d","size":131,"data":"","first_seen":"2023-04-11T21:25:23Z","last_seen":"2026-06-27T16:11:06.721523Z","times_seen":7156,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"5344a648367ace19a5cbdf0ac4442f80","sha1":"4a07807f3a8770c2c3cbaefa0c282e0badd44492","sha256":"2ea53553c74b210526ab4587beb1f28c4389d872cc5151a951b2dd77b7c4ba06","sha512":"eb51edd8ff04dbe80bd3a35a4c026d34a3073f13a6c26040f33391fecf99cbec39567c0ee10f7e91e59a42c5a7eeafc0d3730dcef4a54fbc1d30a2f838b7559e","ssdeep":"","tlshash":"7dc08045305e7448d1a1156501bb16448229aff404d45d27c52dd5243d9405564165f6","size":158,"data":"","first_seen":"2023-04-11T21:25:23Z","last_seen":"2026-06-24T10:18:04.580847Z","times_seen":512,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"e480511aa0877b44c194ae8d956bbeac","sha1":"89fab2c13ec27233e4f3a25aae1871ddc29eb436","sha256":"1008c0d1f25bc12ab18ef2a551d221fdf29ba3719b4285406eb67f048409d374","sha512":"d6f86dbc0191e4a6807e76da503ea03563cbe0973c2a2d2a130117190ff521a7f83cb3bf80988b9ea0ceff8ebb148578e3b7073bb6b4b7c05dc20d5cdbdc81d7","ssdeep":"","tlshash":"33d0c2a142a9100bf1a701f84d2a2740c17c1938695ce24e6f1af5648990d7109b78ff","size":286,"data":"","first_seen":"2023-04-11T21:25:23Z","last_seen":"2026-06-27T16:14:01.278705Z","times_seen":41902,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"fcfdbe7618990c75625208257c0be6fc","sha1":"ff955697663bf34c6257adb7e8e7896e8f793fba","sha256":"08909a1ec2be2a86c7efba76b5161a534a9705b2d73c1ea9d7c65cfea4f54797","sha512":"25573cac2a28cbeff13e32fb230af87e57fadf2833a016b00209178f550aa001d49803d025a2012a32532ab4750dda36bc9a28111efe13384e059e4475cb2bd2","ssdeep":"","tlshash":"a2a022cc3ec3238a0330b03e808bc0e0e80fc80a000000e022083f8c3c08f2083088ca","size":71,"data":"","first_seen":"2026-06-24T01:57:07.913288Z","last_seen":"2026-06-24T10:18:04.548628Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"da9cc4f6b08bf7bc6fe4ef3030d3276f","sha1":"8b8be19376a85b89c0b18d4341817f23123b056a","sha256":"1eadac59a74425a7a8817c9ab8612ad2dd2fb9ac682d36d2a8378d5eef36bf85","sha512":"b7701ebb9c5e3a1517199ce08dce1fe4f14432dd0cfabec9b94a8fa55d42a8a7d1fdf1f62ffddf0f5661dedd0cb07ecb96097c4afa8cfe8727030566c1df5ce4","ssdeep":"","tlshash":"a851f092379c647845eb3bb6a56de284253ec0336c00a962bc7cdc1a4f61c691639dd8","size":2505,"data":"","first_seen":"2026-06-24T01:57:07.917892Z","last_seen":"2026-06-24T10:18:04.550093Z","times_seen":2,"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-06-24","alert":"Detects file containing Telegram Bot API","trigger":"commonwealth.biz.id/","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"fd240912598ca0047285f4385abbc57d","sha1":"d63dc976bdbff42416d4b4c492d815221e73e2c4","sha256":"c02f577381a0024d4931b7f837a4c57926c7b6301899299af60a03158d577a41","sha512":"1f67547389a6ad1a15b6753cc7732d4884924ec0f49e012c96ead37252ad887a0fc543fecb4582195f6ef29eb70fee1986666412765805b6497a1e2861064260","ssdeep":"","tlshash":"e2b0127330d18ef5ccdb27ba3215e19559750008140420500a1c0a91d011b950391b45","size":104,"data":"","first_seen":"2026-06-24T01:57:07.922793Z","last_seen":"2026-06-24T10:18:04.551612Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"6aff614ce99371b15d9067124a594f13","sha1":"8f1f205bba4256ea184f72f18c745854f85d6d81","sha256":"0c0b813769ca020605917eca6a1d3340b80b8d39f22f4ffe19ac1cdf27a5c2ed","sha512":"feaa3c4e174a70c04a8724768bdb40d6fdc6af4dd864b8d45e0573e7c3eb6eb0d14edde46196370fc4e85344d00535b99278f0357cd3a6e919157e839c615e73","ssdeep":"","tlshash":"b4d0a9e330016c780fcf8aa2e831e2a7a72088015c276060c9484c0ee2a388320edcaa","size":211,"data":"","first_seen":"2026-06-24T01:57:07.924463Z","last_seen":"2026-06-24T10:18:04.552986Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"9599959f4c541aba303dcaa332d29295","sha1":"3f0bfa964f5ec7002aed3f8468ad1df6eb4630f1","sha256":"8afc65fc40b7c32406a40d039c8187b4b2cc9997044c3f9172359555c247bcd1","sha512":"df99dd28d5c975c235aaf4060a72cea1ba7567e342cd01982fe56b4dad09e7dcbdb3af8f8f741e75f9ca66cb8f39d54098bab1d7729c93c4c1d6bbbe647c970e","ssdeep":"","tlshash":"99a022202020c28f2800003020b8feb2acbff0bec200a88a03cfec0c8022ce0030ce80","size":86,"data":"","first_seen":"2026-06-24T01:57:07.931009Z","last_seen":"2026-06-24T10:18:04.554301Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"eee1b61fff3a644051a83b5f36404132","sha1":"8ad66ce2f48c257d3242d43a386c70051f869ed1","sha256":"591ab67f920ad3544ca179bc3914d96a50bab5d138ddd9c0bdb23d64d314295f","sha512":"857c1d2bdd67344eef6fc05ac280d974f576a1422c289a9e5bfaa6251e6f89b276fe373f65d4f34b23eb70e61787babccca3ef4229d04a8181e59c61ef3b0675","ssdeep":"","tlshash":"36f09eede6fb087e021530ba9485d00f5276ec731c0a54a1c5c60fad30b497a033dd46","size":475,"data":"","first_seen":"2026-06-24T01:57:07.933306Z","last_seen":"2026-06-24T10:18:04.555985Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"aa4e17aa70077772acc94863d7e8230b","sha1":"279c8e6732fd4576d0ca85cece2a40a07e9f0ca4","sha256":"7871bd98a9fa44b5b771eb36bb6a9a8a1d06ebeb7e03114d08bc9301a42a9de5","sha512":"455d8c1daef8cd317f3f5ea9d666bb223be6ed091051ed9f347cef1d84b4663d0290b3b54bbec0f607b2a51c3314b0a0ec96ce97cc98f8e059e37c6d41c5df1e","ssdeep":"","tlshash":"7401b1a8afff347546b670376a64729c79bde0b2340854529ddc4d0845a8e09222ef96","size":777,"data":"","first_seen":"2026-06-24T01:57:07.935328Z","last_seen":"2026-06-24T10:18:04.557253Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"6e5e7fabdf13bb3ece7d6900ec3bf92e","sha1":"5912955d89d7e87c652a6ad5f75f5e080d19a021","sha256":"b53539c0d78ab033c83463eca285b35abeb77aa4f7dacb16f14655980ec4a3c6","sha512":"f16b2afe5ee95863b855bd604269f6a7f3ea0980ce5a97f00be3d22b1409077108de5c9c32858d4a274bc4116ae201a706f9927f2e8c76f394c89fe398ad292d","ssdeep":"","tlshash":"d3e0cd2775042a744472b67236cf77495d771346640158c4c81429587b75c1b717edd6","size":300,"data":"","first_seen":"2026-06-24T01:57:07.937176Z","last_seen":"2026-06-24T10:18:04.55861Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"d847246ed8553e9d322302de765702cb","sha1":"4fe53111eb2fb0461c56843af8c63de1cf2068cf","sha256":"718a9dd8ea217750460320aaf393ce0ed31e0d3cc86c910ebd93e33ca93869c3","sha512":"1db50dd6b24d0b0c7eb159e0e2f21c169448c058c1f79f753f63d3ede69f2517b7f481dd100f07bc4cdfd9a3d0aace95883a61a3d26b8fd68587c298b0433e41","ssdeep":"","tlshash":"3c31edc5df156b3f875a539e240b490d68e85801c2c9497adcecc8a224fb0c9f27a369","size":1651,"data":"","first_seen":"2026-06-24T01:57:07.93897Z","last_seen":"2026-06-24T10:18:04.560033Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"0c5cdd630c00006d13d9c1a90d15a5f4","sha1":"c49750d4bd76fa556974357202228163a0c96168","sha256":"f2cbd262e00880e539351e4c41bcfa301f625a22895be40a0c47df289c53edce","sha512":"fc0727f1a90700718e83e32472fc75e20432cec286b07147b5b3fa33853376645ca542d9e1a837586a78c2e3a4ad5e414aef11d59243984faf2947ebdd37ebf9","ssdeep":"","tlshash":"4e11c4763b296534c6d5514b317ee7a93d3260617a02a144c36cdc355d2ce8714dfcbe","size":921,"data":"","first_seen":"2026-06-24T01:57:07.941057Z","last_seen":"2026-06-24T10:18:04.561653Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"commonwealth.biz.id/index_files/marketing-merge.0fbf6484f2883cc9ea2b8d39f991a5a1.js.download","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://commonwealth.biz.id/","date":"2026-06-24T10:17:33.434Z","timestamp":1782296253434,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"commonwealth.biz.id","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Jun 2026 08:55:47 GMT","end":"Mon, 21 Sep 2026 08:55:46 GMT"},"fingerprint":{"sha1":"7D:FF:80:DF:2E:30:1B:E2:15:D3:09:53:6C:91:3A:EE:B3:EF:01:66","sha256":"E3:2A:D3:CE:B7:E2:BC:44:9B:9E:92:27:92:FC:58:20:1D:93:18:C5:76:82:F6:15:59:53:E9:43:34:8D:54:A2"}}},"request":{"raw":"GET /index_files/marketing-merge.0fbf6484f2883cc9ea2b8d39f991a5a1.js.download HTTP/1.1\r\nHost: commonwealth.biz.id\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://commonwealth.biz.id/\r\nCookie: cdContextId=2; bmuid=1782296244968-C5C34ACE-B397-48A3-AA96-71CF7CFB7233; at_check=true; cdSNum=1782294335154-sjt0000405-6b83f5b3-f8b9-4637-80f7-60feae04e463\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 24 Jun 2026 10:17:33 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 95084\r\nLast-Modified: Thu, 09 Apr 2026 06:51:11 GMT\r\nConnection: keep-alive\r\nETag: \"69d74c5f-1736c\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":95084,"size_decoded":95350,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with very long lines (65508)","md5":"0fbf6484f2883cc9ea2b8d39f991a5a1","sha1":"200a1edd0e7ad78e44536d4a67a9c7a17216711c","sha256":"f116e317891a04fadb7d4411dfbd74be94719ccc4b35d9532e7159fd874e2278","sha512":"25b378d439aa7c35e7c4926ce08052871954b8e0da828ac5a832986767069fc8d3971b538b6b64b53d67ee1d6d0989756b72f764cff4cb95c8fd1947de09d411","ssdeep":"1536:bGOxbnIY5ygXpiLT/ErgSTZKA/yL3CkRE8yIRROOoqzIwX:BrIY5ZgT/qgVA/sxnkO","tlshash":"4693a3c876c2f46653a360b640af114ff23e6da5684d9060e095f0ed3c7893d967beac","first_seen":"2025-02-10T03:46:55.927756Z","last_seen":"2026-06-24T10:18:04.509545Z","times_seen":8,"resource_available":true,"data":null}},"time_used":401,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":194,"receive":207,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"commonwealth.biz.id","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Commonwealth Bank","verdict":"phishing","severity":"medium","comment":"Associated with Commonwealth Bank phishing","tags":["commonwealth_bank","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"commonwealth.biz.id/index_files/signout.html","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://commonwealth.biz.id/?Embedded=true","date":"2026-06-24T10:17:33.941Z","timestamp":1782296253941,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"commonwealth.biz.id","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Jun 2026 08:55:47 GMT","end":"Mon, 21 Sep 2026 08:55:46 GMT"},"fingerprint":{"sha1":"7D:FF:80:DF:2E:30:1B:E2:15:D3:09:53:6C:91:3A:EE:B3:EF:01:66","sha256":"E3:2A:D3:CE:B7:E2:BC:44:9B:9E:92:27:92:FC:58:20:1D:93:18:C5:76:82:F6:15:59:53:E9:43:34:8D:54:A2"}}},"request":{"raw":"GET /index_files/signout.html HTTP/1.1\r\nHost: commonwealth.biz.id\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://commonwealth.biz.id/?Embedded=true\r\nCookie: cdContextId=2; bmuid=1782296244968-C5C34ACE-B397-48A3-AA96-71CF7CFB7233; at_check=true; cdSNum=1782294335154-sjt0000405-6b83f5b3-f8b9-4637-80f7-60feae04e463\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 24 Jun 2026 10:17:34 GMT\r\nContent-Type: text/html\r\nLast-Modified: Thu, 09 Apr 2026 06:51:12 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69d74c60-5a8\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":1448,"size_decoded":1070,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (1090)","md5":"37c30f80e115ce850712004992789f1f","sha1":"c0fc9004dcdb72e22199dceb729513b15b9b78d7","sha256":"276067141167826adca8263b76bcfe004460b33190db4e9b3a75fdec36527041","sha512":"a5bea47066445e550958c4abee60584725c4cea7fa245de6cd87409818f7b3aa393468eb11e65d9ba626c3b1a12cdbb9aa4603d90f0a7b091d9934f271483d81","ssdeep":"","tlshash":"0f3174b63a1560348685618630fef36c3832a154be059040c2ece8689a9cfd758efd7d","first_seen":"2026-06-24T01:57:07.879662Z","last_seen":"2026-06-24T10:18:04.51103Z","times_seen":2,"resource_available":false,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"commonwealth.biz.id","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Commonwealth Bank","verdict":"phishing","severity":"medium","comment":"Associated with Commonwealth Bank phishing","tags":["commonwealth_bank","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"log-d8814f41.commbank.com.au/api/v1/sendLogs?cid=coco\u0026cdsnum=1782294335154-sjt0000405-6b83f5b3-f8b9-4637-80f7-60feae04e463\u0026csid=cd15c2b147d44b9ea0561f95203b05af\u0026ds=js\u0026sdkVer=2.36.0.1722.f8962c0","fqdn":"log-d8814f41.commbank.com.au","domain":"commbank.com.au","tld":"com.au"},"ip":{"addr":"20.53.196.14","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Australia","country_code":"AU"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://commonwealth.biz.id/","date":"2026-06-24T10:17:44.003Z","timestamp":1782296264003,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wup-d8814f41.commbank.com.au","organization":""},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Tue, 12 May 2026 00:00:00 GMT","end":"Thu, 26 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"05:81:05:84:87:C9:BE:11:66:61:D8:EE:6A:96:FC:04:A6:8D:22:35","sha256":"93:B3:21:B9:C5:15:37:DB:25:A2:AB:D0:2A:72:F1:85:E7:4E:6D:96:3C:13:F5:D4:0F:51:2C:C7:03:36:92:FF"}}},"request":{"raw":"POST /api/v1/sendLogs?cid=coco\u0026cdsnum=1782294335154-sjt0000405-6b83f5b3-f8b9-4637-80f7-60feae04e463\u0026csid=cd15c2b147d44b9ea0561f95203b05af\u0026ds=js\u0026sdkVer=2.36.0.1722.f8962c0 HTTP/1.1\r\nHost: log-d8814f41.commbank.com.au\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nContent-Type: text/plain;charset=utf-8\r\nContent-Length: 812\r\nOrigin: https://commonwealth.biz.id\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://commonwealth.biz.id/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 20\r\naccess-control-allow-origin: *\r\ndate: Wed, 24 Jun 2026 10:17:44 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":20,"size_decoded":191,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"5820854f62a6eb3d38ba7ba0d1b3ea75","sha1":"639df0b84fe699b4a290a713fd6b9a94bd4deb95","sha256":"912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d","sha512":"4452c0a26fa81357f95bf6160c3f5d35ff39f62e03d5faa1e69eb9dfdcb2c83eda4235463ee4065dceb534cc497891a05535467337ad84693e5fa48c317dbbbb","ssdeep":"","tlshash":"f67000020000208008803c0000000a203ae00aa0822a00c0802c00288e08088f08a000","first_seen":"2023-03-13T15:21:35Z","last_seen":"2026-06-27T18:39:43.219089Z","times_seen":92220,"resource_available":true,"data":null}},"time_used":799,"timings":{"blocked":0,"dns":0,"connect":264,"send":0,"wait":265,"receive":0,"ssl":269},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/index_files/sign-out.html","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://commonwealth.biz.id/","date":"2026-06-24T10:17:25.006Z","timestamp":1782296245006,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"commonwealth.biz.id","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Jun 2026 08:55:47 GMT","end":"Mon, 21 Sep 2026 08:55:46 GMT"},"fingerprint":{"sha1":"7D:FF:80:DF:2E:30:1B:E2:15:D3:09:53:6C:91:3A:EE:B3:EF:01:66","sha256":"E3:2A:D3:CE:B7:E2:BC:44:9B:9E:92:27:92:FC:58:20:1D:93:18:C5:76:82:F6:15:59:53:E9:43:34:8D:54:A2"}}},"request":{"raw":"GET /index_files/sign-out.html HTTP/1.1\r\nHost: commonwealth.biz.id\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://commonwealth.biz.id/\r\nCookie: cdContextId=1; bmuid=1782296244968-C5C34ACE-B397-48A3-AA96-71CF7CFB7233\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 24 Jun 2026 10:17:25 GMT\r\nContent-Type: text/html\r\nLast-Modified: Thu, 09 Apr 2026 06:51:12 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69d74c60-132\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":306,"size_decoded":501,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"e4d11decee1935ba4f77526d87404891","sha1":"f6aa209946c9c370a98ecd5c2610181a5dc88550","sha256":"3741541f1aa5a4bdcf840b40c334fe09ce987e041562df0aaf6b764e6400f69e","sha512":"5d649646634ad61a676d50f0dd70705307f48ce8cce63c0b72395cf2ad2aaeeac9799b0ec4e1055f41def97b7b45b2d6cfaf8b8d439c9aaf57edcdfb670ba3c9","ssdeep":"","tlshash":"34e07df1c5163413163a25907bd2b3494405e74cf84d8c41926c34f4db9b21cd462444","first_seen":"2026-06-24T01:57:07.866953Z","last_seen":"2026-06-24T10:18:04.515636Z","times_seen":2,"resource_available":false,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"commonwealth.biz.id","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Commonwealth Bank","verdict":"phishing","severity":"medium","comment":"Associated with Commonwealth Bank phishing","tags":["commonwealth_bank","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"wup-d8814f41.commbank.com.au/client/v3/web/wup?cid=coco","fqdn":"wup-d8814f41.commbank.com.au","domain":"commbank.com.au","tld":"com.au"},"ip":{"addr":"20.53.176.113","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Australia","country_code":"AU"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://commonwealth.biz.id/","date":"2026-06-24T10:17:32.776Z","timestamp":1782296252776,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wup-d8814f41.commbank.com.au","organization":""},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Tue, 12 May 2026 00:00:00 GMT","end":"Thu, 26 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"05:81:05:84:87:C9:BE:11:66:61:D8:EE:6A:96:FC:04:A6:8D:22:35","sha256":"93:B3:21:B9:C5:15:37:DB:25:A2:AB:D0:2A:72:F1:85:E7:4E:6D:96:3C:13:F5:D4:0F:51:2C:C7:03:36:92:FF"}}},"request":{"raw":"POST /client/v3/web/wup?cid=coco HTTP/1.1\r\nHost: wup-d8814f41.commbank.com.au\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nContent-Type: text/plain;charset=utf-8\r\nContent-Length: 522\r\nOrigin: https://commonwealth.biz.id\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://commonwealth.biz.id/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: application/json\r\ncontent-length: 781\r\ndate: Wed, 24 Jun 2026 10:17:32 GMT\r\naccess-control-allow-origin: *\r\ncache-control: no-cache, no-store\r\npragma: no-cache\r\ntail-id: 810844d5-8621-49ea-8ce4-5221b7b0a336\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":781,"size_decoded":1038,"mime_type":"application/json","magic":"JSON text data","md5":"ed1d23a0953efc9837ad0bd37d8599ac","sha1":"bdb907e60f44e78d9418787a1ba621b11e2089d8","sha256":"bcbfa4559e25ca92378c7c42148dd8635d0c92d0d7f758a371360a8a5520dd04","sha512":"c9d56af682bb944add84592af6689f2905e72a6003068649a3e5cd92b49f55b0f6540c56e47b3085e074ad71f99c26bec88c4be901a1ef970cbda20a7b7bd9eb","ssdeep":"","tlshash":"ed01751e326fccbe4c618407712ded3d06a45675949f398945ef27c1a3d265480492c9","first_seen":"2026-06-24T10:18:04.519058Z","last_seen":"2026-06-24T10:18:04.519058Z","times_seen":1,"resource_available":false,"data":null}},"time_used":268,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":268,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.stg.commbank.com.au/content/netbank/tracking/trackingbase.smt.json?callback=jsonCallback","fqdn":"www.stg.commbank.com.au","domain":"commbank.com.au","tld":"com.au"},"ip":{"addr":"162.159.141.173","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://commonwealth.biz.id/","date":"2026-06-24T10:17:25.559Z","timestamp":1782296245559,"http_version":"HTTP/2","security_state":"","security_info":null,"request":{"raw":"GET /content/netbank/tracking/trackingbase.smt.json?callback=jsonCallback HTTP/1.1\r\nHost: www.stg.commbank.com.au\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://commonwealth.biz.id/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 \r\ndate: Wed, 24 Jun 2026 10:17:25 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nset-cookie: __cf_bm=3DDf6wbvgtsK0IwDNI6fE9K01UsoeDTKWAz9gMCVPHU-1782296245.5890913-1.0.1.1-6B8pZ7a2T0kYkjxl.Fe_9yPPkHJqKoTZ5nOU7Ur94XfYhM3f0KjudJWG9wIxq_mANxdhKKM5LcbRh30HNhWpRkHRk1tbXdXC3H3mSOEb.bRlRzIr.1LHw5riDXyeJeD4; HttpOnly; SameSite=None; Secure; Path=/; Domain=stg.commbank.com.au; Expires=Wed, 24 Jun 2026 10:47:25 GMT\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: a10afb8eebaa0883-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T19:17:39.714218Z","times_seen":16768209,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/index_files/Logon.html","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://commonwealth.biz.id/?Embedded=true","date":"2026-06-24T10:17:33.949Z","timestamp":1782296253949,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"commonwealth.biz.id","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Jun 2026 08:55:47 GMT","end":"Mon, 21 Sep 2026 08:55:46 GMT"},"fingerprint":{"sha1":"7D:FF:80:DF:2E:30:1B:E2:15:D3:09:53:6C:91:3A:EE:B3:EF:01:66","sha256":"E3:2A:D3:CE:B7:E2:BC:44:9B:9E:92:27:92:FC:58:20:1D:93:18:C5:76:82:F6:15:59:53:E9:43:34:8D:54:A2"}}},"request":{"raw":"GET /index_files/Logon.html HTTP/1.1\r\nHost: commonwealth.biz.id\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://commonwealth.biz.id/?Embedded=true\r\nCookie: cdContextId=2; bmuid=1782296244968-C5C34ACE-B397-48A3-AA96-71CF7CFB7233; at_check=true; cdSNum=1782294335154-sjt0000405-6b83f5b3-f8b9-4637-80f7-60feae04e463\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 24 Jun 2026 10:17:34 GMT\r\nContent-Type: text/html\r\nLast-Modified: Thu, 09 Apr 2026 06:51:12 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69d74c60-95\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":149,"size_decoded":402,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"3c2ccda97c47ede0b1c91b11efd575ea","sha1":"0a348c4b61c961aba7618f909beb87f740a81983","sha256":"97f9b10039b05e1af4a3c9b778fc72ba44cf68a376e4ec1d55f2558f16cf3e50","sha512":"31afbe911abfda33a2948d14578ba290b604920983118ca5a6268a9906120ef365416e5e776ea685d648eef7a2ee2245f424829fdd4c7150d944f4bf673aee28","ssdeep":"","tlshash":"50c08cb52412200ba220aaa2dadde56408408010a04a8c82a04039ac65cc35ce8a3690","first_seen":"2023-03-10T00:19:37Z","last_seen":"2026-06-26T19:58:57.046368Z","times_seen":1316,"resource_available":false,"data":null}},"time_used":97,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"commonwealth.biz.id","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Commonwealth Bank","verdict":"phishing","severity":"medium","comment":"Associated with Commonwealth Bank phishing","tags":["commonwealth_bank","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"commonwealth.biz.id/index_files/instrumentation-merge.4043785f5795e2e8297bdfe0cdf60f4d.js.download","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://commonwealth.biz.id/","date":"2026-06-24T10:17:24.002Z","timestamp":1782296244002,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"commonwealth.biz.id","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Jun 2026 08:55:47 GMT","end":"Mon, 21 Sep 2026 08:55:46 GMT"},"fingerprint":{"sha1":"7D:FF:80:DF:2E:30:1B:E2:15:D3:09:53:6C:91:3A:EE:B3:EF:01:66","sha256":"E3:2A:D3:CE:B7:E2:BC:44:9B:9E:92:27:92:FC:58:20:1D:93:18:C5:76:82:F6:15:59:53:E9:43:34:8D:54:A2"}}},"request":{"raw":"GET /index_files/instrumentation-merge.4043785f5795e2e8297bdfe0cdf60f4d.js.download HTTP/1.1\r\nHost: commonwealth.biz.id\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://commonwealth.biz.id/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 24 Jun 2026 10:17:24 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 19937\r\nLast-Modified: Thu, 09 Apr 2026 06:51:11 GMT\r\nConnection: keep-alive\r\nETag: \"69d74c5f-4de1\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":19937,"size_decoded":20202,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with very long lines (11721)","md5":"4043785f5795e2e8297bdfe0cdf60f4d","sha1":"2f6c06391199d8c4f89f468e398f94fef932798e","sha256":"7cf46fbfca24dd814d3ef457da79b54ca3a38858a75f6f70ff49343231cc0bf9","sha512":"3a71b0e5c0a7e7b78e66981fbd8b14665003b2c66d67904a135f10400d6398ab93cee361ae58d9fa4e4950f29186f1bf364752b2f45eb4f22468b53705f32d8b","ssdeep":"384:D/T0hsJNAMwAMFSR33NK4uOewvmupjwAhuwl86h+:DoqNHtK3OewvmupjwAhK6h+","tlshash":"84922c9632f053b582cabd21999f05aba576fc711d44d0a8b350f8c56c38dc6932ff29","first_seen":"2023-03-07T16:48:51Z","last_seen":"2026-06-24T10:18:04.524595Z","times_seen":820,"resource_available":true,"data":null}},"time_used":263,"timings":{"blocked":165,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"commonwealth.biz.id","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Commonwealth Bank","verdict":"phishing","severity":"medium","comment":"Associated with Commonwealth Bank phishing","tags":["commonwealth_bank","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"www.my.commbank.com.au/financial.js?url=https%3A%2F%2Fcommonwealth.biz.id%2F\u0026referrer=","fqdn":"www.my.commbank.com.au","domain":"commbank.com.au","tld":"com.au"},"ip":{"addr":"162.159.141.172","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://commonwealth.biz.id/","date":"2026-06-24T10:17:33.682Z","timestamp":1782296253682,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"my.commbank.com.au","organization":""},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Fri, 01 Aug 2025 00:00:00 GMT","end":"Fri, 31 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"B5:50:98:D9:FE:CA:D2:43:61:CB:53:6D:A3:04:40:1B:40:06:00:BE","sha256":"82:0B:00:32:8B:E1:EF:E1:7B:05:3C:84:90:EA:46:A3:DF:0F:95:0A:9F:41:F5:C9:AF:64:7B:0D:0C:25:37:64"}}},"request":{"raw":"GET /financial.js?url=https%3A%2F%2Fcommonwealth.biz.id%2F\u0026referrer= HTTP/1.1\r\nHost: www.my.commbank.com.au\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://commonwealth.biz.id/\r\nCookie: __cf_bm=.mTbLE2F4hoOTMbC4ZyzHZcH8rDDYzwtF.tVtH_XClk-1782296245.7162983-1.0.1.1-mF2jJhHocaxRoCUmDcur_4MWE2YTD8UmtVKkyy9NTIMvF5.rcz8VhlZliLIrEcV715VEOubu2QgUbO4blzW5Yfb7R4kHEMFGfWQTSjEtbm_hhd6horJJMU9d31In6N2C; __cf_bm=UwcRgx3VyCixNb1a_EKQmcrlJA1xdUaS7Aj.ph2eygQ-1782296245.806642-1.0.1.1-rwtAjSqLdTuG1aGIZvXPnNP9b1_vuXtH4up4wZn_KPX2lSFIdL6xB6RRvzvmEtWNomON3ZjO5TzARPv8ph9R2lKIX5CoMxh2uq..X0wl9gtaTfM1fu3Lqis2J0HHcbgB\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 \r\ndate: Wed, 24 Jun 2026 10:17:34 GMT\r\ncontent-length: 0\r\nlocation: https://www1.my.commbank.com.au/financial.js?url=https%3A%2F%2Fcommonwealth.biz.id%2F\u0026referrer=\r\ncf-ray: a10afbc18add5693-OSL\r\ncf-cache-status: BYPASS\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T19:17:39.714218Z","times_seen":16768209,"resource_available":true,"data":null}},"time_used":408,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":408,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/index_files/sign-out.html","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://commonwealth.biz.id/?Embedded=true","date":"2026-06-24T10:17:33.931Z","timestamp":1782296253931,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"commonwealth.biz.id","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Jun 2026 08:55:47 GMT","end":"Mon, 21 Sep 2026 08:55:46 GMT"},"fingerprint":{"sha1":"7D:FF:80:DF:2E:30:1B:E2:15:D3:09:53:6C:91:3A:EE:B3:EF:01:66","sha256":"E3:2A:D3:CE:B7:E2:BC:44:9B:9E:92:27:92:FC:58:20:1D:93:18:C5:76:82:F6:15:59:53:E9:43:34:8D:54:A2"}}},"request":{"raw":"GET /index_files/sign-out.html HTTP/1.1\r\nHost: commonwealth.biz.id\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://commonwealth.biz.id/?Embedded=true\r\nCookie: cdContextId=2; bmuid=1782296244968-C5C34ACE-B397-48A3-AA96-71CF7CFB7233; at_check=true; cdSNum=1782294335154-sjt0000405-6b83f5b3-f8b9-4637-80f7-60feae04e463\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 24 Jun 2026 10:17:33 GMT\r\nContent-Type: text/html\r\nLast-Modified: Thu, 09 Apr 2026 06:51:12 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69d74c60-132\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":306,"size_decoded":501,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"e4d11decee1935ba4f77526d87404891","sha1":"f6aa209946c9c370a98ecd5c2610181a5dc88550","sha256":"3741541f1aa5a4bdcf840b40c334fe09ce987e041562df0aaf6b764e6400f69e","sha512":"5d649646634ad61a676d50f0dd70705307f48ce8cce63c0b72395cf2ad2aaeeac9799b0ec4e1055f41def97b7b45b2d6cfaf8b8d439c9aaf57edcdfb670ba3c9","ssdeep":"","tlshash":"34e07df1c5163413163a25907bd2b3494405e74cf84d8c41926c34f4db9b21cd462444","first_seen":"2026-06-24T01:57:07.866953Z","last_seen":"2026-06-24T10:18:04.515636Z","times_seen":2,"resource_available":false,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"commonwealth.biz.id","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Commonwealth Bank","verdict":"phishing","severity":"medium","comment":"Associated with Commonwealth Bank phishing","tags":["commonwealth_bank","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"commonwealth.biz.id/index_files/2a817845.js.download","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://commonwealth.biz.id/","date":"2026-06-24T10:17:23.992Z","timestamp":1782296243992,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"commonwealth.biz.id","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Jun 2026 08:55:47 GMT","end":"Mon, 21 Sep 2026 08:55:46 GMT"},"fingerprint":{"sha1":"7D:FF:80:DF:2E:30:1B:E2:15:D3:09:53:6C:91:3A:EE:B3:EF:01:66","sha256":"E3:2A:D3:CE:B7:E2:BC:44:9B:9E:92:27:92:FC:58:20:1D:93:18:C5:76:82:F6:15:59:53:E9:43:34:8D:54:A2"}}},"request":{"raw":"GET /index_files/2a817845.js.download HTTP/1.1\r\nHost: commonwealth.biz.id\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://commonwealth.biz.id/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 24 Jun 2026 10:17:24 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 914508\r\nLast-Modified: Thu, 09 Apr 2026 06:51:10 GMT\r\nConnection: keep-alive\r\nETag: \"69d74c5e-df44c\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":914508,"size_decoded":914775,"mime_type":"application/octet-stream","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T19:17:39.714218Z","times_seen":16768209,"resource_available":true,"data":null}},"time_used":879,"timings":{"blocked":-1,"dns":0,"connect":96,"send":0,"wait":194,"receive":487,"ssl":102},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"commonwealth.biz.id","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Commonwealth Bank","verdict":"phishing","severity":"medium","comment":"Associated with Commonwealth Bank phishing","tags":["commonwealth_bank","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"commonwealth.biz.id/images/hbg.0236e4e9a193069c4e8554db8b06354c.png","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://commonwealth.biz.id/","date":"2026-06-24T10:17:24.204Z","timestamp":1782296244204,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"commonwealth.biz.id","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Jun 2026 08:55:47 GMT","end":"Mon, 21 Sep 2026 08:55:46 GMT"},"fingerprint":{"sha1":"7D:FF:80:DF:2E:30:1B:E2:15:D3:09:53:6C:91:3A:EE:B3:EF:01:66","sha256":"E3:2A:D3:CE:B7:E2:BC:44:9B:9E:92:27:92:FC:58:20:1D:93:18:C5:76:82:F6:15:59:53:E9:43:34:8D:54:A2"}}},"request":{"raw":"GET /images/hbg.0236e4e9a193069c4e8554db8b06354c.png HTTP/1.1\r\nHost: commonwealth.biz.id\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://commonwealth.biz.id/index_files/logon-merge.26d40f052bde646f68e5a483f075ba6d.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 24 Jun 2026 10:17:24 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":162,"size_decoded":318,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"37d5c3a24983196361e6ce9b1a499464","sha1":"2dd5878df894f3c648e42408879e9a61c112d1b3","sha256":"766c1d6bcb81d3e983fb7adbc19c616d7fc01dafb7893738edc242e2adc59c07","sha512":"cc140d1f61a01ba5f282d682dfeb19229426c7164b147a3031d3b5544c2d7213ce19b075a81d5e00750bdac7b1d9232b8b971e026d838ccae9466523338b09a9","ssdeep":"","tlshash":"eac08c6e2513bd4cc663217432c36490c08b93a7a4ea42228440805331cb2aa8ac7396","first_seen":"2023-11-07T17:46:00Z","last_seen":"2026-06-27T18:41:29.054499Z","times_seen":25756,"resource_available":true,"data":null}},"time_used":465,"timings":{"blocked":367,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"commonwealth.biz.id","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Commonwealth Bank","verdict":"phishing","severity":"medium","comment":"Associated with Commonwealth Bank phishing","tags":["commonwealth_bank","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"commonwealth.biz.id/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://commonwealth.biz.id/index_files/saved_resource(1).html","date":"2026-06-24T10:17:25.762Z","timestamp":1782296245762,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"commonwealth.biz.id","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Jun 2026 08:55:47 GMT","end":"Mon, 21 Sep 2026 08:55:46 GMT"},"fingerprint":{"sha1":"7D:FF:80:DF:2E:30:1B:E2:15:D3:09:53:6C:91:3A:EE:B3:EF:01:66","sha256":"E3:2A:D3:CE:B7:E2:BC:44:9B:9E:92:27:92:FC:58:20:1D:93:18:C5:76:82:F6:15:59:53:E9:43:34:8D:54:A2"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1\r\nHost: commonwealth.biz.id\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://commonwealth.biz.id/index_files/saved_resource(1).html\r\nCookie: cdContextId=2; bmuid=1782296244968-C5C34ACE-B397-48A3-AA96-71CF7CFB7233; at_check=true\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 24 Jun 2026 10:17:25 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":162,"size_decoded":318,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"37d5c3a24983196361e6ce9b1a499464","sha1":"2dd5878df894f3c648e42408879e9a61c112d1b3","sha256":"766c1d6bcb81d3e983fb7adbc19c616d7fc01dafb7893738edc242e2adc59c07","sha512":"cc140d1f61a01ba5f282d682dfeb19229426c7164b147a3031d3b5544c2d7213ce19b075a81d5e00750bdac7b1d9232b8b971e026d838ccae9466523338b09a9","ssdeep":"","tlshash":"eac08c6e2513bd4cc663217432c36490c08b93a7a4ea42228440805331cb2aa8ac7396","first_seen":"2023-11-07T17:46:00Z","last_seen":"2026-06-27T18:41:29.054499Z","times_seen":25756,"resource_available":true,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"commonwealth.biz.id","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Commonwealth Bank","verdict":"phishing","severity":"medium","comment":"Associated with Commonwealth Bank phishing","tags":["commonwealth_bank","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"commonwealth.biz.id/index_files/core-merge.36971982ebc03a2658d8e51f70007637.js.download","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://commonwealth.biz.id/","date":"2026-06-24T10:17:33.432Z","timestamp":1782296253432,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"commonwealth.biz.id","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Jun 2026 08:55:47 GMT","end":"Mon, 21 Sep 2026 08:55:46 GMT"},"fingerprint":{"sha1":"7D:FF:80:DF:2E:30:1B:E2:15:D3:09:53:6C:91:3A:EE:B3:EF:01:66","sha256":"E3:2A:D3:CE:B7:E2:BC:44:9B:9E:92:27:92:FC:58:20:1D:93:18:C5:76:82:F6:15:59:53:E9:43:34:8D:54:A2"}}},"request":{"raw":"GET /index_files/core-merge.36971982ebc03a2658d8e51f70007637.js.download HTTP/1.1\r\nHost: commonwealth.biz.id\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://commonwealth.biz.id/\r\nCookie: cdContextId=2; bmuid=1782296244968-C5C34ACE-B397-48A3-AA96-71CF7CFB7233; at_check=true; cdSNum=1782294335154-sjt0000405-6b83f5b3-f8b9-4637-80f7-60feae04e463\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 24 Jun 2026 10:17:33 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 400180\r\nLast-Modified: Thu, 09 Apr 2026 06:51:11 GMT\r\nConnection: keep-alive\r\nETag: \"69d74c5f-61b34\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":400180,"size_decoded":400447,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with very long lines (39928)","md5":"36971982ebc03a2658d8e51f70007637","sha1":"389e5799a0321f5fa83d3ac1f14bf86799be4cb2","sha256":"c1366941e76e519a2aa15c50241f44f81528f5c5765f200c420d70e1fd26b893","sha512":"e7e2e4c11f5b55409652b8f3b3bc69902af81bcf4d6796d8464f1e73c69496db36f0ae2338c30573444c6ce82d7bcd7999289f689d8017f434a0f4dd60dd68be","ssdeep":"6144:5yPrdTd8l9Gu/+8l8c89PzeRIaIrGWYPj+wxZiPEc9j2Qa+1:tLp/+8l8NAMPL9s+1","tlshash":"5a84299973d1707a8bfb3075207f6207f276a86645048464f0a9e8e42ebcd48627bf7d","first_seen":"2023-03-07T16:48:51Z","last_seen":"2026-06-24T10:18:04.526746Z","times_seen":820,"resource_available":true,"data":null}},"time_used":599,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":194,"receive":405,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"commonwealth.biz.id","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Commonwealth Bank","verdict":"phishing","severity":"medium","comment":"Associated with Commonwealth Bank phishing","tags":["commonwealth_bank","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"commonwealth.biz.id/index_files/func.9b8de72fe2f973dd95ef094847ce3974.js.download","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://commonwealth.biz.id/","date":"2026-06-24T10:17:33.438Z","timestamp":1782296253438,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"commonwealth.biz.id","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Jun 2026 08:55:47 GMT","end":"Mon, 21 Sep 2026 08:55:46 GMT"},"fingerprint":{"sha1":"7D:FF:80:DF:2E:30:1B:E2:15:D3:09:53:6C:91:3A:EE:B3:EF:01:66","sha256":"E3:2A:D3:CE:B7:E2:BC:44:9B:9E:92:27:92:FC:58:20:1D:93:18:C5:76:82:F6:15:59:53:E9:43:34:8D:54:A2"}}},"request":{"raw":"GET /index_files/func.9b8de72fe2f973dd95ef094847ce3974.js.download HTTP/1.1\r\nHost: commonwealth.biz.id\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://commonwealth.biz.id/\r\nCookie: cdContextId=2; bmuid=1782296244968-C5C34ACE-B397-48A3-AA96-71CF7CFB7233; at_check=true; cdSNum=1782294335154-sjt0000405-6b83f5b3-f8b9-4637-80f7-60feae04e463\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 24 Jun 2026 10:17:33 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 69692\r\nLast-Modified: Thu, 09 Apr 2026 06:51:11 GMT\r\nConnection: keep-alive\r\nETag: \"69d74c5f-1103c\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":69692,"size_decoded":69958,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"9b8de72fe2f973dd95ef094847ce3974","sha1":"4922107025013373e24b89d8d8b67a859db47715","sha256":"dcf81f81e9abca1b1942c63e37c79547ef37c0b8fd127655c6c23b59fabdf0b1","sha512":"e519dcd4cad52d94c685a9d03f864aab6aadaa3f20aab2d02e9f2e036bac6ef4fdfa74dea941721c791d66a275d5cccc9559a05bc1e35e3216794cb551b788ef","ssdeep":"1536:4iysvEoOOvwNf5UJBP0vaPz+ijyN6GNCe++1winu5U7JBtZzsisrSW8cbc:ZcoOOoAMjN6K++1winisd","tlshash":"86637798bad5f0603327a375762b6ceaf71bb955128dd086d941528235f0f3cf22b638","first_seen":"2023-03-09T07:30:43Z","last_seen":"2026-06-24T10:18:04.527563Z","times_seen":46,"resource_available":true,"data":null}},"time_used":292,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":194,"receive":98,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"commonwealth.biz.id","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Commonwealth Bank","verdict":"phishing","severity":"medium","comment":"Associated with Commonwealth Bank phishing","tags":["commonwealth_bank","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"commonwealth.biz.id/images/logonsprite2.307a0c523f35f709f390895b4720d350.png","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://commonwealth.biz.id/","date":"2026-06-24T10:17:25.011Z","timestamp":1782296245011,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"commonwealth.biz.id","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Jun 2026 08:55:47 GMT","end":"Mon, 21 Sep 2026 08:55:46 GMT"},"fingerprint":{"sha1":"7D:FF:80:DF:2E:30:1B:E2:15:D3:09:53:6C:91:3A:EE:B3:EF:01:66","sha256":"E3:2A:D3:CE:B7:E2:BC:44:9B:9E:92:27:92:FC:58:20:1D:93:18:C5:76:82:F6:15:59:53:E9:43:34:8D:54:A2"}}},"request":{"raw":"GET /images/logonsprite2.307a0c523f35f709f390895b4720d350.png HTTP/1.1\r\nHost: commonwealth.biz.id\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://commonwealth.biz.id/index_files/logon-merge.26d40f052bde646f68e5a483f075ba6d.css\r\nCookie: cdContextId=1; bmuid=1782296244968-C5C34ACE-B397-48A3-AA96-71CF7CFB7233\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 24 Jun 2026 10:17:25 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":162,"size_decoded":318,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"37d5c3a24983196361e6ce9b1a499464","sha1":"2dd5878df894f3c648e42408879e9a61c112d1b3","sha256":"766c1d6bcb81d3e983fb7adbc19c616d7fc01dafb7893738edc242e2adc59c07","sha512":"cc140d1f61a01ba5f282d682dfeb19229426c7164b147a3031d3b5544c2d7213ce19b075a81d5e00750bdac7b1d9232b8b971e026d838ccae9466523338b09a9","ssdeep":"","tlshash":"eac08c6e2513bd4cc663217432c36490c08b93a7a4ea42228440805331cb2aa8ac7396","first_seen":"2023-11-07T17:46:00Z","last_seen":"2026-06-27T18:41:29.054499Z","times_seen":25756,"resource_available":true,"data":null}},"time_used":96,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":96,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"commonwealth.biz.id","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Commonwealth Bank","verdict":"phishing","severity":"medium","comment":"Associated with Commonwealth Bank phishing","tags":["commonwealth_bank","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"static.my.commbank.com.au/static/netbank/theme/fo/images/cba_logo_diamond.37dea6048f7da9a9473614e0843d07d9.png","fqdn":"static.my.commbank.com.au","domain":"commbank.com.au","tld":"com.au"},"ip":{"addr":"162.159.141.172","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://commonwealth.biz.id/","date":"2026-06-24T10:17:25.571Z","timestamp":1782296245571,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"my.commbank.com.au","organization":""},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Fri, 01 Aug 2025 00:00:00 GMT","end":"Fri, 31 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"B5:50:98:D9:FE:CA:D2:43:61:CB:53:6D:A3:04:40:1B:40:06:00:BE","sha256":"82:0B:00:32:8B:E1:EF:E1:7B:05:3C:84:90:EA:46:A3:DF:0F:95:0A:9F:41:F5:C9:AF:64:7B:0D:0C:25:37:64"}}},"request":{"raw":"GET /static/netbank/theme/fo/images/cba_logo_diamond.37dea6048f7da9a9473614e0843d07d9.png HTTP/1.1\r\nHost: static.my.commbank.com.au\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://commonwealth.biz.id/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Wed, 24 Jun 2026 10:17:25 GMT\r\ncontent-type: image/png\r\ncf-ray: a10afb8fb8335693-OSL\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 18155140\r\ncache-control: public,max-age=31536000,must-revalidate,proxy-revalidate\r\nlast-modified: Wed, 01 Oct 2025 03:37:06 GMT\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nset-cookie: __cf_bm=.mTbLE2F4hoOTMbC4ZyzHZcH8rDDYzwtF.tVtH_XClk-1782296245.7162983-1.0.1.1-mF2jJhHocaxRoCUmDcur_4MWE2YTD8UmtVKkyy9NTIMvF5.rcz8VhlZliLIrEcV715VEOubu2QgUbO4blzW5Yfb7R4kHEMFGfWQTSjEtbm_hhd6horJJMU9d31In6N2C; HttpOnly; SameSite=None; Secure; Path=/; Domain=my.commbank.com.au; Expires=Wed, 24 Jun 2026 10:47:25 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2949,"size_decoded":3707,"mime_type":"image/png","magic":"PNG image data, 77 x 80, 8-bit/color RGBA, non-interlaced","md5":"37dea6048f7da9a9473614e0843d07d9","sha1":"673727199de0f5017d74ed0afc2786470b6b2e09","sha256":"9782a7cbdb4da46b3c226879826c580e7a2d31c31a4bfd7ac1dc0dbfefee74cd","sha512":"ff0e924baed3ba71f70f98a3375b578c0c8634aa9f82188c2ce2f13c865c8378b925989d6af53b9c7208dce7e6c7170cd2a56e8d0e420d6602b73bea8656ddb8","ssdeep":"","tlshash":"0d516d1ad354c7d7baf01936a30859feb72a079fea314c8e65d37d2340502278ecd499","first_seen":"2024-09-19T22:21:46.412424Z","last_seen":"2026-06-27T17:36:12.517239Z","times_seen":34,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":5,"connect":2,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/index_files/instrumentation-merge.4043785f5795e2e8297bdfe0cdf60f4d.js.download","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://commonwealth.biz.id/","date":"2026-06-24T10:17:33.436Z","timestamp":1782296253436,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"commonwealth.biz.id","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Jun 2026 08:55:47 GMT","end":"Mon, 21 Sep 2026 08:55:46 GMT"},"fingerprint":{"sha1":"7D:FF:80:DF:2E:30:1B:E2:15:D3:09:53:6C:91:3A:EE:B3:EF:01:66","sha256":"E3:2A:D3:CE:B7:E2:BC:44:9B:9E:92:27:92:FC:58:20:1D:93:18:C5:76:82:F6:15:59:53:E9:43:34:8D:54:A2"}}},"request":{"raw":"GET /index_files/instrumentation-merge.4043785f5795e2e8297bdfe0cdf60f4d.js.download HTTP/1.1\r\nHost: commonwealth.biz.id\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://commonwealth.biz.id/\r\nCookie: cdContextId=2; bmuid=1782296244968-C5C34ACE-B397-48A3-AA96-71CF7CFB7233; at_check=true; cdSNum=1782294335154-sjt0000405-6b83f5b3-f8b9-4637-80f7-60feae04e463\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 24 Jun 2026 10:17:33 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 19937\r\nLast-Modified: Thu, 09 Apr 2026 06:51:11 GMT\r\nConnection: keep-alive\r\nETag: \"69d74c5f-4de1\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":19937,"size_decoded":20202,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with very long lines (11721)","md5":"4043785f5795e2e8297bdfe0cdf60f4d","sha1":"2f6c06391199d8c4f89f468e398f94fef932798e","sha256":"7cf46fbfca24dd814d3ef457da79b54ca3a38858a75f6f70ff49343231cc0bf9","sha512":"3a71b0e5c0a7e7b78e66981fbd8b14665003b2c66d67904a135f10400d6398ab93cee361ae58d9fa4e4950f29186f1bf364752b2f45eb4f22468b53705f32d8b","ssdeep":"384:D/T0hsJNAMwAMFSR33NK4uOewvmupjwAhuwl86h+:DoqNHtK3OewvmupjwAhK6h+","tlshash":"84922c9632f053b582cabd21999f05aba576fc711d44d0a8b350f8c56c38dc6932ff29","first_seen":"2023-03-07T16:48:51Z","last_seen":"2026-06-24T10:18:04.524595Z","times_seen":820,"resource_available":true,"data":null}},"time_used":194,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":193,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"commonwealth.biz.id","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Commonwealth Bank","verdict":"phishing","severity":"medium","comment":"Associated with Commonwealth Bank phishing","tags":["commonwealth_bank","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"commonwealth.biz.id/index_files/Netbank_login_Branch.jpg","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://commonwealth.biz.id/","date":"2026-06-24T10:17:24.013Z","timestamp":1782296244013,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"commonwealth.biz.id","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Jun 2026 08:55:47 GMT","end":"Mon, 21 Sep 2026 08:55:46 GMT"},"fingerprint":{"sha1":"7D:FF:80:DF:2E:30:1B:E2:15:D3:09:53:6C:91:3A:EE:B3:EF:01:66","sha256":"E3:2A:D3:CE:B7:E2:BC:44:9B:9E:92:27:92:FC:58:20:1D:93:18:C5:76:82:F6:15:59:53:E9:43:34:8D:54:A2"}}},"request":{"raw":"GET /index_files/Netbank_login_Branch.jpg HTTP/1.1\r\nHost: commonwealth.biz.id\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://commonwealth.biz.id/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 24 Jun 2026 10:17:24 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 24822\r\nLast-Modified: Thu, 09 Apr 2026 06:51:11 GMT\r\nConnection: keep-alive\r\nETag: \"69d74c5f-60f6\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":24822,"size_decoded":25073,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=3, xresolution=50, yresolution=58, resolutionunit=2], progressive, precision 8, 201x96, components 3","md5":"20f8f5f5ecf6b7233d946eac0b9f3946","sha1":"c49d0f40cc559c2cd418a31070ed70deb92fc44b","sha256":"7dc5d2fd1381cdc31430359a6b68405b9c99760ff49156142217aae9ebb9fdcb","sha512":"8442828ff794e3ea76c83589e4858284057ebae01a51182d2f39709a01c4cd8ce8cb10141bcea94f51a30d21306f6ba7f5fe0db522bfb8f46a2328285bb1f3c7","ssdeep":"768:6YykyUjFhjvO1d6LvOp8e8kme8zYaB2AG:6wyUxIWHbYAG","tlshash":"87b2d177cb27a7e1ff3fda3975f107d4b2a2732721872a468a9c5649c5480435e884c6","first_seen":"2026-03-04T19:24:36.69664Z","last_seen":"2026-06-27T17:36:12.519427Z","times_seen":15,"resource_available":false,"data":null}},"time_used":667,"timings":{"blocked":568,"dns":0,"connect":0,"send":0,"wait":99,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"commonwealth.biz.id","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Commonwealth Bank","verdict":"phishing","severity":"medium","comment":"Associated with Commonwealth Bank phishing","tags":["commonwealth_bank","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"commonwealth.biz.id/index_files/signout.html","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://commonwealth.biz.id/","date":"2026-06-24T10:17:25.008Z","timestamp":1782296245008,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"commonwealth.biz.id","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Jun 2026 08:55:47 GMT","end":"Mon, 21 Sep 2026 08:55:46 GMT"},"fingerprint":{"sha1":"7D:FF:80:DF:2E:30:1B:E2:15:D3:09:53:6C:91:3A:EE:B3:EF:01:66","sha256":"E3:2A:D3:CE:B7:E2:BC:44:9B:9E:92:27:92:FC:58:20:1D:93:18:C5:76:82:F6:15:59:53:E9:43:34:8D:54:A2"}}},"request":{"raw":"GET /index_files/signout.html HTTP/1.1\r\nHost: commonwealth.biz.id\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://commonwealth.biz.id/\r\nCookie: cdContextId=1; bmuid=1782296244968-C5C34ACE-B397-48A3-AA96-71CF7CFB7233\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 24 Jun 2026 10:17:25 GMT\r\nContent-Type: text/html\r\nLast-Modified: Thu, 09 Apr 2026 06:51:12 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69d74c60-5a8\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":1448,"size_decoded":1070,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (1090)","md5":"37c30f80e115ce850712004992789f1f","sha1":"c0fc9004dcdb72e22199dceb729513b15b9b78d7","sha256":"276067141167826adca8263b76bcfe004460b33190db4e9b3a75fdec36527041","sha512":"a5bea47066445e550958c4abee60584725c4cea7fa245de6cd87409818f7b3aa393468eb11e65d9ba626c3b1a12cdbb9aa4603d90f0a7b091d9934f271483d81","ssdeep":"","tlshash":"0f3174b63a1560348685618630fef36c3832a154be059040c2ece8689a9cfd758efd7d","first_seen":"2026-06-24T01:57:07.879662Z","last_seen":"2026-06-24T10:18:04.51103Z","times_seen":2,"resource_available":false,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"commonwealth.biz.id","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Commonwealth Bank","verdict":"phishing","severity":"medium","comment":"Associated with Commonwealth Bank phishing","tags":["commonwealth_bank","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"commonwealth.biz.id/index_files/tracking-merge.4384551dad88c3309752a599fddd700a.js.download","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://commonwealth.biz.id/","date":"2026-06-24T10:17:33.430Z","timestamp":1782296253430,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"commonwealth.biz.id","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Jun 2026 08:55:47 GMT","end":"Mon, 21 Sep 2026 08:55:46 GMT"},"fingerprint":{"sha1":"7D:FF:80:DF:2E:30:1B:E2:15:D3:09:53:6C:91:3A:EE:B3:EF:01:66","sha256":"E3:2A:D3:CE:B7:E2:BC:44:9B:9E:92:27:92:FC:58:20:1D:93:18:C5:76:82:F6:15:59:53:E9:43:34:8D:54:A2"}}},"request":{"raw":"GET /index_files/tracking-merge.4384551dad88c3309752a599fddd700a.js.download HTTP/1.1\r\nHost: commonwealth.biz.id\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://commonwealth.biz.id/\r\nCookie: cdContextId=2; bmuid=1782296244968-C5C34ACE-B397-48A3-AA96-71CF7CFB7233; at_check=true; cdSNum=1782294335154-sjt0000405-6b83f5b3-f8b9-4637-80f7-60feae04e463\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 24 Jun 2026 10:17:33 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 264713\r\nLast-Modified: Thu, 09 Apr 2026 06:51:11 GMT\r\nConnection: keep-alive\r\nETag: \"69d74c5f-40a09\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":264713,"size_decoded":264980,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with very long lines (62938)","md5":"4384551dad88c3309752a599fddd700a","sha1":"0695f865e3619a34295d938f007e9f90b5186ba0","sha256":"eb2c30d249e26567bbd3798cae72610f9759a6cbfe1295af51f6ad682b66c7ac","sha512":"ace5fa967f34f4c080f135b219e18af92d6d33d11197beee0696bf5793bf659ed67fafe500e2e51e111417a40b6699d87fb25d283fc02d825b7d7d4e0c635b59","ssdeep":"3072:mQVSJMyuRkRkFbiUQcHOvjIMkyVp2IyC71BI1Ph09OqxQGy:m2/RkybiUQcHOLIMP72mI1h09VxQP","tlshash":"4a44f88a36ebb4378e967170903f460bf33eed9554c8c0a4d152d8d4397894a81b7fab","first_seen":"2026-03-04T19:24:36.634126Z","last_seen":"2026-06-24T10:18:04.531187Z","times_seen":3,"resource_available":true,"data":null}},"time_used":501,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":194,"receive":307,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"commonwealth.biz.id","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Commonwealth Bank","verdict":"phishing","severity":"medium","comment":"Associated with Commonwealth Bank phishing","tags":["commonwealth_bank","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"commonwealth.biz.id/index_files/saved_resource(1).html","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://commonwealth.biz.id/index_files/signout.html","date":"2026-06-24T10:17:34.522Z","timestamp":1782296254522,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"commonwealth.biz.id","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Jun 2026 08:55:47 GMT","end":"Mon, 21 Sep 2026 08:55:46 GMT"},"fingerprint":{"sha1":"7D:FF:80:DF:2E:30:1B:E2:15:D3:09:53:6C:91:3A:EE:B3:EF:01:66","sha256":"E3:2A:D3:CE:B7:E2:BC:44:9B:9E:92:27:92:FC:58:20:1D:93:18:C5:76:82:F6:15:59:53:E9:43:34:8D:54:A2"}}},"request":{"raw":"GET /index_files/saved_resource(1).html HTTP/1.1\r\nHost: commonwealth.biz.id\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://commonwealth.biz.id/index_files/signout.html\r\nCookie: cdContextId=2; bmuid=1782296244968-C5C34ACE-B397-48A3-AA96-71CF7CFB7233; at_check=true; cdSNum=1782294335154-sjt0000405-6b83f5b3-f8b9-4637-80f7-60feae04e463\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 24 Jun 2026 10:17:34 GMT\r\nContent-Type: text/html\r\nLast-Modified: Thu, 09 Apr 2026 06:51:12 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69d74c60-1f4\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":500,"size_decoded":612,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (457)","md5":"4d8403380957831ed074f8698fe6cd6a","sha1":"77f5a279eb7c614c2aafb342d3604aca3754630a","sha256":"27798b8b4b0ea77e42fa0d0563e2a7736e14f0c84297c96bdf6a3b9a7810d993","sha512":"800e326aa1c6870620600a65f650f5b6faf972344ef80ee8652a2086d634c82933a1e5e3fefdf1dedcb21cfc7c498661f39cc59bac1cd243ea943ecd328dc175","ssdeep":"","tlshash":"53f09ef61c35c42566a0068bb0faf39c05616050b545dd8080c9fc7d6f14fdb98a3998","first_seen":"2026-06-24T01:57:07.902092Z","last_seen":"2026-06-24T10:18:04.531896Z","times_seen":2,"resource_available":false,"data":null}},"time_used":100,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":100,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"commonwealth.biz.id","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Commonwealth Bank","verdict":"phishing","severity":"medium","comment":"Associated with Commonwealth Bank phishing","tags":["commonwealth_bank","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"log-d8814f41.commbank.com.au/api/v1/sendLogs?cid=coco\u0026cdsnum=1782294335154-sjt0000405-6b83f5b3-f8b9-4637-80f7-60feae04e463\u0026csid=cd15c2b147d44b9ea0561f95203b05af\u0026ds=js\u0026sdkVer=2.36.0.1722.f8962c0","fqdn":"log-d8814f41.commbank.com.au","domain":"commbank.com.au","tld":"com.au"},"ip":{"addr":"20.53.196.14","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Australia","country_code":"AU"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://commonwealth.biz.id/","date":"2026-06-24T10:17:44.810Z","timestamp":1782296264810,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wup-d8814f41.commbank.com.au","organization":""},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Tue, 12 May 2026 00:00:00 GMT","end":"Thu, 26 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"05:81:05:84:87:C9:BE:11:66:61:D8:EE:6A:96:FC:04:A6:8D:22:35","sha256":"93:B3:21:B9:C5:15:37:DB:25:A2:AB:D0:2A:72:F1:85:E7:4E:6D:96:3C:13:F5:D4:0F:51:2C:C7:03:36:92:FF"}}},"request":{"raw":"POST /api/v1/sendLogs?cid=coco\u0026cdsnum=1782294335154-sjt0000405-6b83f5b3-f8b9-4637-80f7-60feae04e463\u0026csid=cd15c2b147d44b9ea0561f95203b05af\u0026ds=js\u0026sdkVer=2.36.0.1722.f8962c0 HTTP/1.1\r\nHost: log-d8814f41.commbank.com.au\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nContent-Type: text/plain;charset=utf-8\r\nContent-Length: 244\r\nOrigin: https://commonwealth.biz.id\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://commonwealth.biz.id/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 20\r\naccess-control-allow-origin: *\r\ndate: Wed, 24 Jun 2026 10:17:44 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":20,"size_decoded":191,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"5820854f62a6eb3d38ba7ba0d1b3ea75","sha1":"639df0b84fe699b4a290a713fd6b9a94bd4deb95","sha256":"912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d","sha512":"4452c0a26fa81357f95bf6160c3f5d35ff39f62e03d5faa1e69eb9dfdcb2c83eda4235463ee4065dceb534cc497891a05535467337ad84693e5fa48c317dbbbb","ssdeep":"","tlshash":"f67000020000208008803c0000000a203ae00aa0822a00c0802c00288e08088f08a000","first_seen":"2023-03-13T15:21:35Z","last_seen":"2026-06-27T18:39:43.219089Z","times_seen":92220,"resource_available":true,"data":null}},"time_used":265,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":265,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/index_files/metrics.68005ee68f518241e358a6a372717995.js.download","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://commonwealth.biz.id/","date":"2026-06-24T10:17:24.005Z","timestamp":1782296244005,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"commonwealth.biz.id","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Jun 2026 08:55:47 GMT","end":"Mon, 21 Sep 2026 08:55:46 GMT"},"fingerprint":{"sha1":"7D:FF:80:DF:2E:30:1B:E2:15:D3:09:53:6C:91:3A:EE:B3:EF:01:66","sha256":"E3:2A:D3:CE:B7:E2:BC:44:9B:9E:92:27:92:FC:58:20:1D:93:18:C5:76:82:F6:15:59:53:E9:43:34:8D:54:A2"}}},"request":{"raw":"GET /index_files/metrics.68005ee68f518241e358a6a372717995.js.download HTTP/1.1\r\nHost: commonwealth.biz.id\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://commonwealth.biz.id/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 24 Jun 2026 10:17:24 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 13112\r\nLast-Modified: Thu, 09 Apr 2026 06:51:11 GMT\r\nConnection: keep-alive\r\nETag: \"69d74c5f-3338\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13112,"size_decoded":13377,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with very long lines (13112), with no line terminators","md5":"68005ee68f518241e358a6a372717995","sha1":"2b3ec45f7211793cd0a0a82b06b371cee7b2984b","sha256":"d2c4f57af86150f90dccff337dd4b6682f43076055a26f2b0df6307aa2a8dfd9","sha512":"c24cc6e71f73ab515050bb8647481c353861220e8821fdedaf60f0205e533989bac39643ba6a77eb37942af97d859b5a16296fa7af6dc30a85d00e2c744577f7","ssdeep":"384:ex9+EEYDbpWt66u87WdE35ZErqHHaHx5HDOe4:E9+EEYDV87QELqKgvie4","tlshash":"d942728835debc8a2331b47e559f3417619ffc947518da86c032d6e23ae0b056a1fe9c","first_seen":"2026-03-04T19:24:36.72422Z","last_seen":"2026-06-24T10:18:04.533338Z","times_seen":3,"resource_available":true,"data":null}},"time_used":552,"timings":{"blocked":455,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"commonwealth.biz.id","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Commonwealth Bank","verdict":"phishing","severity":"medium","comment":"Associated with Commonwealth Bank phishing","tags":["commonwealth_bank","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"www.my.commbank.com.au/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"www.my.commbank.com.au","domain":"commbank.com.au","tld":"com.au"},"ip":{"addr":"162.159.141.172","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://commonwealth.biz.id/index_files/saved_resource.html","date":"2026-06-24T10:17:25.610Z","timestamp":1782296245610,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"my.commbank.com.au","organization":""},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Fri, 01 Aug 2025 00:00:00 GMT","end":"Fri, 31 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"B5:50:98:D9:FE:CA:D2:43:61:CB:53:6D:A3:04:40:1B:40:06:00:BE","sha256":"82:0B:00:32:8B:E1:EF:E1:7B:05:3C:84:90:EA:46:A3:DF:0F:95:0A:9F:41:F5:C9:AF:64:7B:0D:0C:25:37:64"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1\r\nHost: www.my.commbank.com.au\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://commonwealth.biz.id/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 \r\ndate: Wed, 24 Jun 2026 10:17:25 GMT\r\ncontent-length: 0\r\nlocation: /cdn-cgi/challenge-platform/h/g/scripts/jsd/f95a7f38c08f/main.js?\r\ncache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public\r\naccess-control-allow-origin: *\r\nset-cookie: __cf_bm=qda.8arZd4LhBwSLCO1w1Gi.q5vXk7nMYcBD3elrcZ4-1782296245.634204-1.0.1.1-TqOOjWpCfRP.IImOy2Y1DINz8.sLRd.33Mm5BKsax1WGWsjr1_IEpYEAK_8aSuWuw90nOSjeZY042hNwNxeejP8yPwuqXGNfKQX7rKbe86miYLUExDhgKEchgldMK4Sf; HttpOnly; SameSite=None; Secure; Path=/; Domain=my.commbank.com.au; Expires=Wed, 24 Jun 2026 10:47:25 GMT\r\nserver: cloudflare\r\ncf-ray: a10afb8f3fa35693-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T19:17:39.714218Z","times_seen":16768209,"resource_available":true,"data":null}},"time_used":28,"timings":{"blocked":0,"dns":5,"connect":1,"send":0,"wait":6,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"log-d8814f41.commbank.com.au/api/v1/sendLogs?cid=coco\u0026cdsnum=null\u0026csid=null\u0026ds=js\u0026sdkVer=2.36.0.1722.f8962c0","fqdn":"log-d8814f41.commbank.com.au","domain":"commbank.com.au","tld":"com.au"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://commonwealth.biz.id/","date":"2026-06-24T10:17:28.267Z","timestamp":1782296248267,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"POST /api/v1/sendLogs?cid=coco\u0026cdsnum=null\u0026csid=null\u0026ds=js\u0026sdkVer=2.36.0.1722.f8962c0 HTTP/1.1\r\nHost: log-d8814f41.commbank.com.au\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nContent-Type: text/plain;charset=utf-8\r\nContent-Length: 812\r\nOrigin: https://commonwealth.biz.id\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://commonwealth.biz.id/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T19:17:39.714218Z","times_seen":16768209,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wup-d8814f41.commbank.com.au/client/v3/web/wup?cid=coco","fqdn":"wup-d8814f41.commbank.com.au","domain":"commbank.com.au","tld":"com.au"},"ip":{"addr":"20.53.176.113","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Australia","country_code":"AU"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://commonwealth.biz.id/","date":"2026-06-24T10:17:31.680Z","timestamp":1782296251680,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wup-d8814f41.commbank.com.au","organization":""},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Tue, 12 May 2026 00:00:00 GMT","end":"Thu, 26 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"05:81:05:84:87:C9:BE:11:66:61:D8:EE:6A:96:FC:04:A6:8D:22:35","sha256":"93:B3:21:B9:C5:15:37:DB:25:A2:AB:D0:2A:72:F1:85:E7:4E:6D:96:3C:13:F5:D4:0F:51:2C:C7:03:36:92:FF"}}},"request":{"raw":"POST /client/v3/web/wup?cid=coco HTTP/1.1\r\nHost: wup-d8814f41.commbank.com.au\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nContent-Type: text/plain;charset=utf-8\r\nContent-Length: 222\r\nOrigin: https://commonwealth.biz.id\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://commonwealth.biz.id/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: application/json\r\ncontent-length: 11456\r\ndate: Wed, 24 Jun 2026 10:17:31 GMT\r\naccess-control-allow-origin: *\r\ncache-control: no-cache, no-store\r\npragma: no-cache\r\ntail-id: 18f0efce-7b12-4c71-ae18-31a8b6f90af7\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":11456,"size_decoded":11715,"mime_type":"application/json","magic":"JSON text data","md5":"34a5c17859b054aa2552ee8026316533","sha1":"6de4ac9ba12972136adcf49298142cde43731340","sha256":"0ec16f0e3e5aa16b9f442ac0b33a611c66f93b7f691d1560f2dcbec7f5ac2ee2","sha512":"8c780b5982615a4a44f9e191254b3576a0c13d8d4af2abc3148d65fe3e79c721aceac729381d3274969544cd5507b5d650857b39d9ef49fc7189c501cc0b108c","ssdeep":"96:S2kxeWfA9DoIUOw45UlI0Oh1HR/RvZiSoo+Beywp0xWP/hcFTA3u4512j+HjfY:S2kAWfA9DNwODzvfjywbh8521xs","tlshash":"a0322546b41cc8f6d6d62f3e657a3d37369cf4410186b8984bafc6190391c742bbae87","first_seen":"2026-06-24T10:18:04.534131Z","last_seen":"2026-06-24T10:18:04.534131Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1060,"timings":{"blocked":0,"dns":0,"connect":263,"send":0,"wait":525,"receive":0,"ssl":272},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-24T10:17:23.115Z","timestamp":1782296243115,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"commonwealth.biz.id","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Jun 2026 08:55:47 GMT","end":"Mon, 21 Sep 2026 08:55:46 GMT"},"fingerprint":{"sha1":"7D:FF:80:DF:2E:30:1B:E2:15:D3:09:53:6C:91:3A:EE:B3:EF:01:66","sha256":"E3:2A:D3:CE:B7:E2:BC:44:9B:9E:92:27:92:FC:58:20:1D:93:18:C5:76:82:F6:15:59:53:E9:43:34:8D:54:A2"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: commonwealth.biz.id\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 24 Jun 2026 10:17:23 GMT\r\nContent-Type: text/html\r\nLast-Modified: Thu, 09 Apr 2026 18:24:58 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69d7eefa-8b02\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Bootstrap:27ddcbdd352e9113971be193e1c5622e","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":35586,"size_decoded":14039,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (5924)","md5":"9166df8081fdf62d4f27ea9c3f4d6821","sha1":"51ca34846215cd7fd2dcbdbdd3ec33692a211ddd","sha256":"eaff4e9f62ce82f2081019a27c415f5ea0e074684d548bb908f7b730bcbbf03d","sha512":"3f4c585c4fbd81f9d1241b06956ee70387b5fa2eae5e3e3ccc0b2ee33e0e5b017b6411575b1da02d3bb59788be17e53cea033a6e4173c1ec1c5ed417567b9a7d","ssdeep":"768:Kvn4UhCMpEYgh+nrSAVswoqcM6sJn1wI9Z96SDnx/b6F:Kvn4U0MpEzOawoq6sJneI9Z96SDnx/b6","tlshash":"aaf25cd1de3c9c3680034683f0abf745158f8933b602d498f5dd68555f91e89a633faa","first_seen":"2026-06-24T01:57:07.87317Z","last_seen":"2026-06-24T10:18:04.535381Z","times_seen":2,"resource_available":true,"data":null}},"time_used":605,"timings":{"blocked":-1,"dns":109,"connect":97,"send":0,"wait":194,"receive":0,"ssl":205},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-06-24","alert":"Detects file containing Telegram Bot API","trigger":"commonwealth.biz.id/","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"commonwealth.biz.id","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Commonwealth Bank","verdict":"phishing","severity":"medium","comment":"Associated with Commonwealth Bank phishing","tags":["commonwealth_bank","financial","phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]}},{"url":{"schema":"https","addr":"commonwealth.biz.id/index_files/logon-merge.26d40f052bde646f68e5a483f075ba6d.css","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://commonwealth.biz.id/?Embedded=true","date":"2026-06-24T10:17:33.921Z","timestamp":1782296253921,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"commonwealth.biz.id","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Jun 2026 08:55:47 GMT","end":"Mon, 21 Sep 2026 08:55:46 GMT"},"fingerprint":{"sha1":"7D:FF:80:DF:2E:30:1B:E2:15:D3:09:53:6C:91:3A:EE:B3:EF:01:66","sha256":"E3:2A:D3:CE:B7:E2:BC:44:9B:9E:92:27:92:FC:58:20:1D:93:18:C5:76:82:F6:15:59:53:E9:43:34:8D:54:A2"}}},"request":{"raw":"GET /index_files/logon-merge.26d40f052bde646f68e5a483f075ba6d.css HTTP/1.1\r\nHost: commonwealth.biz.id\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://commonwealth.biz.id/?Embedded=true\r\nCookie: cdContextId=2; bmuid=1782296244968-C5C34ACE-B397-48A3-AA96-71CF7CFB7233; at_check=true; cdSNum=1782294335154-sjt0000405-6b83f5b3-f8b9-4637-80f7-60feae04e463\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 24 Jun 2026 10:17:33 GMT\r\nContent-Type: text/css\r\nContent-Length: 31989\r\nLast-Modified: Thu, 09 Apr 2026 06:51:10 GMT\r\nConnection: keep-alive\r\nETag: \"69d74c5e-7cf5\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":31989,"size_decoded":32238,"mime_type":"text/css","magic":"ASCII text, with very long lines (31989), with no line terminators","md5":"26d40f052bde646f68e5a483f075ba6d","sha1":"62397a4c137dd3c4cfefeaf4e634ea4d6df43ae6","sha256":"e93e27ce286a2aaa1ff48ef86f97dfcd2a555603c4314de6b92f149f333df557","sha512":"3f54c601c536bd7929ecebcfd6939a6aa500f7e5dde19851c08a4b178d2c991be711659dd95dd1dd3128b4377a4e20212de110e83169d13828a96bdd00d7957b","ssdeep":"768:cf4S/Lb7r775f/qPw6CaWOIl6E+NrmM+QKoOQmx/b:RY6CaWOIlf0rmM+QKoOQmx/b","tlshash":"46e2b7398aa129bff32f85b3f4a3b788b172840391175b7de21e5472996c99814377cc","first_seen":"2024-09-19T22:21:46.393553Z","last_seen":"2026-06-24T10:18:04.536456Z","times_seen":15,"resource_available":false,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"commonwealth.biz.id","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Commonwealth Bank","verdict":"phishing","severity":"medium","comment":"Associated with Commonwealth Bank phishing","tags":["commonwealth_bank","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"wup-d8814f41.commbank.com.au/client/v3/web/wup?cid=coco","fqdn":"wup-d8814f41.commbank.com.au","domain":"commbank.com.au","tld":"com.au"},"ip":{"addr":"20.53.176.113","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Australia","country_code":"AU"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://commonwealth.biz.id/","date":"2026-06-24T10:17:42.773Z","timestamp":1782296262773,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wup-d8814f41.commbank.com.au","organization":""},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Tue, 12 May 2026 00:00:00 GMT","end":"Thu, 26 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"05:81:05:84:87:C9:BE:11:66:61:D8:EE:6A:96:FC:04:A6:8D:22:35","sha256":"93:B3:21:B9:C5:15:37:DB:25:A2:AB:D0:2A:72:F1:85:E7:4E:6D:96:3C:13:F5:D4:0F:51:2C:C7:03:36:92:FF"}}},"request":{"raw":"POST /client/v3/web/wup?cid=coco HTTP/1.1\r\nHost: wup-d8814f41.commbank.com.au\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nContent-Type: text/plain;charset=utf-8\r\nContent-Length: 1236\r\nOrigin: https://commonwealth.biz.id\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://commonwealth.biz.id/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: application/json\r\ncontent-length: 686\r\ndate: Wed, 24 Jun 2026 10:17:42 GMT\r\naccess-control-allow-origin: *\r\ncache-control: no-cache, no-store\r\npragma: no-cache\r\ntail-id: 6e97046f-a0bf-4309-9594-63926dfe2964\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":686,"size_decoded":943,"mime_type":"application/json","magic":"JSON text data","md5":"826ad66a81e4854706885070c5a9fb98","sha1":"08c5ab90cef770c57b9d28b2e2e88b7392af068d","sha256":"ed3effd75c3a1d19b7c2748dcb7230f994d0c6ad32fc3ee11a98de0d468be997","sha512":"6816557c6ddb2388482623ea7605dd6f4f98b8d2ffd99cd28494c50817797ad201fc0f21fc84b991eee1c49a1d032b325a9ddc125584df20a81a6fd516d8e641","ssdeep":"","tlshash":"cc014ea9c4beebc906309182859701b2a9c8e5c165af254b309b9cd33dd4e25a585a78","first_seen":"2026-06-24T10:18:04.537129Z","last_seen":"2026-06-24T10:18:04.537129Z","times_seen":1,"resource_available":false,"data":null}},"time_used":275,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":275,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"log-d8814f41.commbank.com.au/api/v1/sendLogs?cid=coco\u0026cdsnum=1782294335154-sjt0000405-6b83f5b3-f8b9-4637-80f7-60feae04e463\u0026csid=cd15c2b147d44b9ea0561f95203b05af\u0026ds=js\u0026sdkVer=2.36.0.1722.f8962c0","fqdn":"log-d8814f41.commbank.com.au","domain":"commbank.com.au","tld":"com.au"},"ip":{"addr":"20.53.196.14","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Australia","country_code":"AU"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://commonwealth.biz.id/","date":"2026-06-24T10:17:45.365Z","timestamp":1782296265365,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wup-d8814f41.commbank.com.au","organization":""},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Tue, 12 May 2026 00:00:00 GMT","end":"Thu, 26 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"05:81:05:84:87:C9:BE:11:66:61:D8:EE:6A:96:FC:04:A6:8D:22:35","sha256":"93:B3:21:B9:C5:15:37:DB:25:A2:AB:D0:2A:72:F1:85:E7:4E:6D:96:3C:13:F5:D4:0F:51:2C:C7:03:36:92:FF"}}},"request":{"raw":"POST /api/v1/sendLogs?cid=coco\u0026cdsnum=1782294335154-sjt0000405-6b83f5b3-f8b9-4637-80f7-60feae04e463\u0026csid=cd15c2b147d44b9ea0561f95203b05af\u0026ds=js\u0026sdkVer=2.36.0.1722.f8962c0 HTTP/1.1\r\nHost: log-d8814f41.commbank.com.au\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nContent-Type: text/plain;charset=utf-8\r\nContent-Length: 60\r\nOrigin: https://commonwealth.biz.id\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://commonwealth.biz.id/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 20\r\naccess-control-allow-origin: *\r\ndate: Wed, 24 Jun 2026 10:17:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":20,"size_decoded":191,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"5820854f62a6eb3d38ba7ba0d1b3ea75","sha1":"639df0b84fe699b4a290a713fd6b9a94bd4deb95","sha256":"912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d","sha512":"4452c0a26fa81357f95bf6160c3f5d35ff39f62e03d5faa1e69eb9dfdcb2c83eda4235463ee4065dceb534cc497891a05535467337ad84693e5fa48c317dbbbb","ssdeep":"","tlshash":"f67000020000208008803c0000000a203ae00aa0822a00c0802c00288e08088f08a000","first_seen":"2023-03-13T15:21:35Z","last_seen":"2026-06-27T18:39:43.219089Z","times_seen":92220,"resource_available":true,"data":null}},"time_used":265,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":265,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"log-d8814f41.commbank.com.au/api/v1/sendLogs?cid=coco\u0026cdsnum=1782294335154-sjt0000405-6b83f5b3-f8b9-4637-80f7-60feae04e463\u0026csid=cd15c2b147d44b9ea0561f95203b05af\u0026ds=js\u0026sdkVer=2.36.0.1722.f8962c0","fqdn":"log-d8814f41.commbank.com.au","domain":"commbank.com.au","tld":"com.au"},"ip":{"addr":"20.53.196.14","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Australia","country_code":"AU"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://commonwealth.biz.id/","date":"2026-06-24T10:17:45.637Z","timestamp":1782296265637,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wup-d8814f41.commbank.com.au","organization":""},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Tue, 12 May 2026 00:00:00 GMT","end":"Thu, 26 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"05:81:05:84:87:C9:BE:11:66:61:D8:EE:6A:96:FC:04:A6:8D:22:35","sha256":"93:B3:21:B9:C5:15:37:DB:25:A2:AB:D0:2A:72:F1:85:E7:4E:6D:96:3C:13:F5:D4:0F:51:2C:C7:03:36:92:FF"}}},"request":{"raw":"POST /api/v1/sendLogs?cid=coco\u0026cdsnum=1782294335154-sjt0000405-6b83f5b3-f8b9-4637-80f7-60feae04e463\u0026csid=cd15c2b147d44b9ea0561f95203b05af\u0026ds=js\u0026sdkVer=2.36.0.1722.f8962c0 HTTP/1.1\r\nHost: log-d8814f41.commbank.com.au\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nContent-Type: text/plain;charset=utf-8\r\nContent-Length: 204\r\nOrigin: https://commonwealth.biz.id\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://commonwealth.biz.id/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 20\r\naccess-control-allow-origin: *\r\ndate: Wed, 24 Jun 2026 10:17:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":20,"size_decoded":191,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"5820854f62a6eb3d38ba7ba0d1b3ea75","sha1":"639df0b84fe699b4a290a713fd6b9a94bd4deb95","sha256":"912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d","sha512":"4452c0a26fa81357f95bf6160c3f5d35ff39f62e03d5faa1e69eb9dfdcb2c83eda4235463ee4065dceb534cc497891a05535467337ad84693e5fa48c317dbbbb","ssdeep":"","tlshash":"f67000020000208008803c0000000a203ae00aa0822a00c0802c00288e08088f08a000","first_seen":"2023-03-13T15:21:35Z","last_seen":"2026-06-27T18:39:43.219089Z","times_seen":92220,"resource_available":true,"data":null}},"time_used":265,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":265,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/index_files/cba_mainlogo.552c5a58c5e8e13c837eac9f362e571a.svg","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://commonwealth.biz.id/","date":"2026-06-24T10:17:24.012Z","timestamp":1782296244012,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"commonwealth.biz.id","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Jun 2026 08:55:47 GMT","end":"Mon, 21 Sep 2026 08:55:46 GMT"},"fingerprint":{"sha1":"7D:FF:80:DF:2E:30:1B:E2:15:D3:09:53:6C:91:3A:EE:B3:EF:01:66","sha256":"E3:2A:D3:CE:B7:E2:BC:44:9B:9E:92:27:92:FC:58:20:1D:93:18:C5:76:82:F6:15:59:53:E9:43:34:8D:54:A2"}}},"request":{"raw":"GET /index_files/cba_mainlogo.552c5a58c5e8e13c837eac9f362e571a.svg HTTP/1.1\r\nHost: commonwealth.biz.id\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://commonwealth.biz.id/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 24 Jun 2026 10:17:24 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 5570\r\nLast-Modified: Thu, 09 Apr 2026 06:51:10 GMT\r\nConnection: keep-alive\r\nETag: \"69d74c5e-15c2\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":5570,"size_decoded":5823,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"552c5a58c5e8e13c837eac9f362e571a","sha1":"3ad9e69a1d544ef46455e8ff680fbd5f078f4c0f","sha256":"3b4eb9868fb9248fa543a745027ca5ccc80741eaa4751fd86f0c4d778f2af786","sha512":"a5b1466f7b8a5c4d9a071affe2f39ae5490bf114db26df20013f54e52403f9d2311980fafc60a77422215ed3a69286f64668925c1c2f4c5474547bcde6defbd2","ssdeep":"96:EaLOLILzp+2686um6Nm60EoI1Pm6Nm6TEotlT6uzFgXKucPLkOHVpNsWgP1:xzTNXn5Xx55xXt61","tlshash":"96b141b64b3c1a37a4f7429cc2c81581769c8593f1b0d1e8f776666f0d31aeb459cb12","first_seen":"2024-09-19T22:21:46.40825Z","last_seen":"2026-06-27T17:36:12.518844Z","times_seen":30,"resource_available":false,"data":null}},"time_used":668,"timings":{"blocked":568,"dns":0,"connect":0,"send":0,"wait":100,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"commonwealth.biz.id","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Commonwealth Bank","verdict":"phishing","severity":"medium","comment":"Associated with Commonwealth Bank phishing","tags":["commonwealth_bank","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"commonwealth.biz.id/index_files/Logon.html","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://commonwealth.biz.id/","date":"2026-06-24T10:17:25.300Z","timestamp":1782296245300,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"commonwealth.biz.id","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Jun 2026 08:55:47 GMT","end":"Mon, 21 Sep 2026 08:55:46 GMT"},"fingerprint":{"sha1":"7D:FF:80:DF:2E:30:1B:E2:15:D3:09:53:6C:91:3A:EE:B3:EF:01:66","sha256":"E3:2A:D3:CE:B7:E2:BC:44:9B:9E:92:27:92:FC:58:20:1D:93:18:C5:76:82:F6:15:59:53:E9:43:34:8D:54:A2"}}},"request":{"raw":"GET /index_files/Logon.html HTTP/1.1\r\nHost: commonwealth.biz.id\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://commonwealth.biz.id/\r\nCookie: cdContextId=1; bmuid=1782296244968-C5C34ACE-B397-48A3-AA96-71CF7CFB7233; at_check=true\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 24 Jun 2026 10:17:25 GMT\r\nContent-Type: text/html\r\nLast-Modified: Thu, 09 Apr 2026 06:51:12 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69d74c60-95\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":149,"size_decoded":402,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"3c2ccda97c47ede0b1c91b11efd575ea","sha1":"0a348c4b61c961aba7618f909beb87f740a81983","sha256":"97f9b10039b05e1af4a3c9b778fc72ba44cf68a376e4ec1d55f2558f16cf3e50","sha512":"31afbe911abfda33a2948d14578ba290b604920983118ca5a6268a9906120ef365416e5e776ea685d648eef7a2ee2245f424829fdd4c7150d944f4bf673aee28","ssdeep":"","tlshash":"50c08cb52412200ba220aaa2dadde56408408010a04a8c82a04039ac65cc35ce8a3690","first_seen":"2023-03-10T00:19:37Z","last_seen":"2026-06-26T19:58:57.046368Z","times_seen":1316,"resource_available":false,"data":null}},"time_used":97,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"commonwealth.biz.id","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Commonwealth Bank","verdict":"phishing","severity":"medium","comment":"Associated with Commonwealth Bank phishing","tags":["commonwealth_bank","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"commonwealth.biz.id/index_files/saved_resource.html","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://commonwealth.biz.id/?Embedded=true","date":"2026-06-24T10:17:33.947Z","timestamp":1782296253947,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"commonwealth.biz.id","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Jun 2026 08:55:47 GMT","end":"Mon, 21 Sep 2026 08:55:46 GMT"},"fingerprint":{"sha1":"7D:FF:80:DF:2E:30:1B:E2:15:D3:09:53:6C:91:3A:EE:B3:EF:01:66","sha256":"E3:2A:D3:CE:B7:E2:BC:44:9B:9E:92:27:92:FC:58:20:1D:93:18:C5:76:82:F6:15:59:53:E9:43:34:8D:54:A2"}}},"request":{"raw":"GET /index_files/saved_resource.html HTTP/1.1\r\nHost: commonwealth.biz.id\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://commonwealth.biz.id/?Embedded=true\r\nCookie: cdContextId=2; bmuid=1782296244968-C5C34ACE-B397-48A3-AA96-71CF7CFB7233; at_check=true; cdSNum=1782294335154-sjt0000405-6b83f5b3-f8b9-4637-80f7-60feae04e463\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 24 Jun 2026 10:17:34 GMT\r\nContent-Type: text/html\r\nLast-Modified: Thu, 09 Apr 2026 06:51:12 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69d74c60-1f7\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":503,"size_decoded":614,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (460)","md5":"932512dc19def527518a131a3104a2bd","sha1":"b8525d6e59454b49e02e07e2ddb21ccd71a4792f","sha256":"1d650abc0830cc6d43ef9da056b5a56319911b732ee764c4d569dff6d8f2046a","sha512":"245e9ad466ac06af3f81cd51eb2099efaac6ae4cd6c1e16f6d091d8d50b1916012455b8774f74a3bf2dd76ba86b381d21ef61f062899bab1083af0e43f535546","ssdeep":"","tlshash":"13f097f61c36c43562a00687b1faf3ac15616450b686de8181c8fc7d6f28fdb98a3d98","first_seen":"2026-06-24T01:57:07.88489Z","last_seen":"2026-06-24T10:18:04.539121Z","times_seen":2,"resource_available":false,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"commonwealth.biz.id","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Commonwealth Bank","verdict":"phishing","severity":"medium","comment":"Associated with Commonwealth Bank phishing","tags":["commonwealth_bank","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"commonwealth.biz.id/index_files/saved_resource(1).html","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://commonwealth.biz.id/index_files/signout.html","date":"2026-06-24T10:17:25.604Z","timestamp":1782296245604,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"commonwealth.biz.id","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Jun 2026 08:55:47 GMT","end":"Mon, 21 Sep 2026 08:55:46 GMT"},"fingerprint":{"sha1":"7D:FF:80:DF:2E:30:1B:E2:15:D3:09:53:6C:91:3A:EE:B3:EF:01:66","sha256":"E3:2A:D3:CE:B7:E2:BC:44:9B:9E:92:27:92:FC:58:20:1D:93:18:C5:76:82:F6:15:59:53:E9:43:34:8D:54:A2"}}},"request":{"raw":"GET /index_files/saved_resource(1).html HTTP/1.1\r\nHost: commonwealth.biz.id\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://commonwealth.biz.id/index_files/signout.html\r\nCookie: cdContextId=2; bmuid=1782296244968-C5C34ACE-B397-48A3-AA96-71CF7CFB7233; at_check=true\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 24 Jun 2026 10:17:25 GMT\r\nContent-Type: text/html\r\nLast-Modified: Thu, 09 Apr 2026 06:51:12 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69d74c60-1f4\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":500,"size_decoded":612,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (457)","md5":"4d8403380957831ed074f8698fe6cd6a","sha1":"77f5a279eb7c614c2aafb342d3604aca3754630a","sha256":"27798b8b4b0ea77e42fa0d0563e2a7736e14f0c84297c96bdf6a3b9a7810d993","sha512":"800e326aa1c6870620600a65f650f5b6faf972344ef80ee8652a2086d634c82933a1e5e3fefdf1dedcb21cfc7c498661f39cc59bac1cd243ea943ecd328dc175","ssdeep":"","tlshash":"53f09ef61c35c42566a0068bb0faf39c05616050b545dd8080c9fc7d6f14fdb98a3998","first_seen":"2026-06-24T01:57:07.902092Z","last_seen":"2026-06-24T10:18:04.531896Z","times_seen":2,"resource_available":false,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"commonwealth.biz.id","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Commonwealth Bank","verdict":"phishing","severity":"medium","comment":"Associated with Commonwealth Bank phishing","tags":["commonwealth_bank","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"log-d8814f41.commbank.com.au/api/v1/sendLogs?cid=coco\u0026cdsnum=1782294335154-sjt0000405-6b83f5b3-f8b9-4637-80f7-60feae04e463\u0026csid=cd15c2b147d44b9ea0561f95203b05af\u0026ds=js\u0026sdkVer=2.36.0.1722.f8962c0","fqdn":"log-d8814f41.commbank.com.au","domain":"commbank.com.au","tld":"com.au"},"ip":{"addr":"20.53.196.14","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Australia","country_code":"AU"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://commonwealth.biz.id/","date":"2026-06-24T10:17:45.082Z","timestamp":1782296265082,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wup-d8814f41.commbank.com.au","organization":""},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Tue, 12 May 2026 00:00:00 GMT","end":"Thu, 26 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"05:81:05:84:87:C9:BE:11:66:61:D8:EE:6A:96:FC:04:A6:8D:22:35","sha256":"93:B3:21:B9:C5:15:37:DB:25:A2:AB:D0:2A:72:F1:85:E7:4E:6D:96:3C:13:F5:D4:0F:51:2C:C7:03:36:92:FF"}}},"request":{"raw":"POST /api/v1/sendLogs?cid=coco\u0026cdsnum=1782294335154-sjt0000405-6b83f5b3-f8b9-4637-80f7-60feae04e463\u0026csid=cd15c2b147d44b9ea0561f95203b05af\u0026ds=js\u0026sdkVer=2.36.0.1722.f8962c0 HTTP/1.1\r\nHost: log-d8814f41.commbank.com.au\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nContent-Type: text/plain;charset=utf-8\r\nContent-Length: 956\r\nOrigin: https://commonwealth.biz.id\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://commonwealth.biz.id/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 20\r\naccess-control-allow-origin: *\r\ndate: Wed, 24 Jun 2026 10:17:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":20,"size_decoded":191,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"5820854f62a6eb3d38ba7ba0d1b3ea75","sha1":"639df0b84fe699b4a290a713fd6b9a94bd4deb95","sha256":"912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d","sha512":"4452c0a26fa81357f95bf6160c3f5d35ff39f62e03d5faa1e69eb9dfdcb2c83eda4235463ee4065dceb534cc497891a05535467337ad84693e5fa48c317dbbbb","ssdeep":"","tlshash":"f67000020000208008803c0000000a203ae00aa0822a00c0802c00288e08088f08a000","first_seen":"2023-03-13T15:21:35Z","last_seen":"2026-06-27T18:39:43.219089Z","times_seen":92220,"resource_available":true,"data":null}},"time_used":264,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":264,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/index_files/cba_mainlogo.552c5a58c5e8e13c837eac9f362e571a.svg","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://commonwealth.biz.id/?Embedded=true","date":"2026-06-24T10:17:33.922Z","timestamp":1782296253922,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"commonwealth.biz.id","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Jun 2026 08:55:47 GMT","end":"Mon, 21 Sep 2026 08:55:46 GMT"},"fingerprint":{"sha1":"7D:FF:80:DF:2E:30:1B:E2:15:D3:09:53:6C:91:3A:EE:B3:EF:01:66","sha256":"E3:2A:D3:CE:B7:E2:BC:44:9B:9E:92:27:92:FC:58:20:1D:93:18:C5:76:82:F6:15:59:53:E9:43:34:8D:54:A2"}}},"request":{"raw":"GET /index_files/cba_mainlogo.552c5a58c5e8e13c837eac9f362e571a.svg HTTP/1.1\r\nHost: commonwealth.biz.id\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://commonwealth.biz.id/?Embedded=true\r\nCookie: cdContextId=2; bmuid=1782296244968-C5C34ACE-B397-48A3-AA96-71CF7CFB7233; at_check=true; cdSNum=1782294335154-sjt0000405-6b83f5b3-f8b9-4637-80f7-60feae04e463\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 24 Jun 2026 10:17:34 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 5570\r\nLast-Modified: Thu, 09 Apr 2026 06:51:10 GMT\r\nConnection: keep-alive\r\nETag: \"69d74c5e-15c2\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":5570,"size_decoded":5823,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"552c5a58c5e8e13c837eac9f362e571a","sha1":"3ad9e69a1d544ef46455e8ff680fbd5f078f4c0f","sha256":"3b4eb9868fb9248fa543a745027ca5ccc80741eaa4751fd86f0c4d778f2af786","sha512":"a5b1466f7b8a5c4d9a071affe2f39ae5490bf114db26df20013f54e52403f9d2311980fafc60a77422215ed3a69286f64668925c1c2f4c5474547bcde6defbd2","ssdeep":"96:EaLOLILzp+2686um6Nm60EoI1Pm6Nm6TEotlT6uzFgXKucPLkOHVpNsWgP1:xzTNXn5Xx55xXt61","tlshash":"96b141b64b3c1a37a4f7429cc2c81581769c8593f1b0d1e8f776666f0d31aeb459cb12","first_seen":"2024-09-19T22:21:46.40825Z","last_seen":"2026-06-27T17:36:12.518844Z","times_seen":30,"resource_available":false,"data":null}},"time_used":192,"timings":{"blocked":95,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"commonwealth.biz.id","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Commonwealth Bank","verdict":"phishing","severity":"medium","comment":"Associated with Commonwealth Bank phishing","tags":["commonwealth_bank","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"commonwealth.biz.id/index_files/Netbank_login_Branch.jpg","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://commonwealth.biz.id/?Embedded=true","date":"2026-06-24T10:17:33.924Z","timestamp":1782296253924,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"commonwealth.biz.id","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Jun 2026 08:55:47 GMT","end":"Mon, 21 Sep 2026 08:55:46 GMT"},"fingerprint":{"sha1":"7D:FF:80:DF:2E:30:1B:E2:15:D3:09:53:6C:91:3A:EE:B3:EF:01:66","sha256":"E3:2A:D3:CE:B7:E2:BC:44:9B:9E:92:27:92:FC:58:20:1D:93:18:C5:76:82:F6:15:59:53:E9:43:34:8D:54:A2"}}},"request":{"raw":"GET /index_files/Netbank_login_Branch.jpg HTTP/1.1\r\nHost: commonwealth.biz.id\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://commonwealth.biz.id/?Embedded=true\r\nCookie: cdContextId=2; bmuid=1782296244968-C5C34ACE-B397-48A3-AA96-71CF7CFB7233; at_check=true; cdSNum=1782294335154-sjt0000405-6b83f5b3-f8b9-4637-80f7-60feae04e463\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 24 Jun 2026 10:17:34 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 24822\r\nLast-Modified: Thu, 09 Apr 2026 06:51:11 GMT\r\nConnection: keep-alive\r\nETag: \"69d74c5f-60f6\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":24822,"size_decoded":25073,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=3, xresolution=50, yresolution=58, resolutionunit=2], progressive, precision 8, 201x96, components 3","md5":"20f8f5f5ecf6b7233d946eac0b9f3946","sha1":"c49d0f40cc559c2cd418a31070ed70deb92fc44b","sha256":"7dc5d2fd1381cdc31430359a6b68405b9c99760ff49156142217aae9ebb9fdcb","sha512":"8442828ff794e3ea76c83589e4858284057ebae01a51182d2f39709a01c4cd8ce8cb10141bcea94f51a30d21306f6ba7f5fe0db522bfb8f46a2328285bb1f3c7","ssdeep":"768:6YykyUjFhjvO1d6LvOp8e8kme8zYaB2AG:6wyUxIWHbYAG","tlshash":"87b2d177cb27a7e1ff3fda3975f107d4b2a2732721872a468a9c5649c5480435e884c6","first_seen":"2026-03-04T19:24:36.69664Z","last_seen":"2026-06-27T17:36:12.519427Z","times_seen":15,"resource_available":false,"data":null}},"time_used":203,"timings":{"blocked":106,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"commonwealth.biz.id","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Commonwealth Bank","verdict":"phishing","severity":"medium","comment":"Associated with Commonwealth Bank phishing","tags":["commonwealth_bank","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"wup-d8814f41.commbank.com.au/client/v3/web/wup?cid=coco","fqdn":"wup-d8814f41.commbank.com.au","domain":"commbank.com.au","tld":"com.au"},"ip":{"addr":"20.53.176.113","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Australia","country_code":"AU"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://commonwealth.biz.id/","date":"2026-06-24T10:17:37.771Z","timestamp":1782296257771,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wup-d8814f41.commbank.com.au","organization":""},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Tue, 12 May 2026 00:00:00 GMT","end":"Thu, 26 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"05:81:05:84:87:C9:BE:11:66:61:D8:EE:6A:96:FC:04:A6:8D:22:35","sha256":"93:B3:21:B9:C5:15:37:DB:25:A2:AB:D0:2A:72:F1:85:E7:4E:6D:96:3C:13:F5:D4:0F:51:2C:C7:03:36:92:FF"}}},"request":{"raw":"POST /client/v3/web/wup?cid=coco HTTP/1.1\r\nHost: wup-d8814f41.commbank.com.au\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nContent-Type: text/plain;charset=utf-8\r\nContent-Length: 2828\r\nOrigin: https://commonwealth.biz.id\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://commonwealth.biz.id/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: application/json\r\ncontent-length: 686\r\ndate: Wed, 24 Jun 2026 10:17:37 GMT\r\naccess-control-allow-origin: *\r\ncache-control: no-cache, no-store\r\npragma: no-cache\r\ntail-id: bcc48da0-429c-4e2f-a0a0-1799fedb5ba5\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":686,"size_decoded":943,"mime_type":"application/json","magic":"JSON text data","md5":"ff4a24e84dd5d1b64d7223bc605c8703","sha1":"3372986ba52e7e8a61e251d1f8b41e98ae73d7d1","sha256":"1fecc5f9b149565943746bc594304e9f1fc8d67315b6df4f03343ee92f03c7ea","sha512":"13b719534ac7fa39f4dd5252af3ef4b40c0486c662e868d720d2d3a1b62c41de7ea0299ee20920616c58f796cb0edf75669b35bebf91d538b3e7e51c34a3bea4","ssdeep":"","tlshash":"53014e5aca33cfb2ca97d4c858e244b09ea10cd1ac9c184258da902a30ceeacd12c896","first_seen":"2026-06-24T10:18:04.540493Z","last_seen":"2026-06-24T10:18:04.540493Z","times_seen":1,"resource_available":false,"data":null}},"time_used":281,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":281,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/index_files/marketing-merge.0fbf6484f2883cc9ea2b8d39f991a5a1.js.download","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://commonwealth.biz.id/","date":"2026-06-24T10:17:23.999Z","timestamp":1782296243999,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"commonwealth.biz.id","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Jun 2026 08:55:47 GMT","end":"Mon, 21 Sep 2026 08:55:46 GMT"},"fingerprint":{"sha1":"7D:FF:80:DF:2E:30:1B:E2:15:D3:09:53:6C:91:3A:EE:B3:EF:01:66","sha256":"E3:2A:D3:CE:B7:E2:BC:44:9B:9E:92:27:92:FC:58:20:1D:93:18:C5:76:82:F6:15:59:53:E9:43:34:8D:54:A2"}}},"request":{"raw":"GET /index_files/marketing-merge.0fbf6484f2883cc9ea2b8d39f991a5a1.js.download HTTP/1.1\r\nHost: commonwealth.biz.id\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://commonwealth.biz.id/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 24 Jun 2026 10:17:24 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 95084\r\nLast-Modified: Thu, 09 Apr 2026 06:51:11 GMT\r\nConnection: keep-alive\r\nETag: \"69d74c5f-1736c\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":95084,"size_decoded":95350,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with very long lines (65508)","md5":"0fbf6484f2883cc9ea2b8d39f991a5a1","sha1":"200a1edd0e7ad78e44536d4a67a9c7a17216711c","sha256":"f116e317891a04fadb7d4411dfbd74be94719ccc4b35d9532e7159fd874e2278","sha512":"25b378d439aa7c35e7c4926ce08052871954b8e0da828ac5a832986767069fc8d3971b538b6b64b53d67ee1d6d0989756b72f764cff4cb95c8fd1947de09d411","ssdeep":"1536:bGOxbnIY5ygXpiLT/ErgSTZKA/yL3CkRE8yIRROOoqzIwX:BrIY5ZgT/qgVA/sxnkO","tlshash":"4693a3c876c2f46653a360b640af114ff23e6da5684d9060e095f0ed3c7893d967beac","first_seen":"2025-02-10T03:46:55.927756Z","last_seen":"2026-06-24T10:18:04.509545Z","times_seen":8,"resource_available":true,"data":null}},"time_used":588,"timings":{"blocked":-1,"dns":0,"connect":97,"send":0,"wait":195,"receive":194,"ssl":102},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"commonwealth.biz.id","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Commonwealth Bank","verdict":"phishing","severity":"medium","comment":"Associated with Commonwealth Bank phishing","tags":["commonwealth_bank","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"commonwealth.biz.id/index_files/func.9b8de72fe2f973dd95ef094847ce3974.js.download","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://commonwealth.biz.id/","date":"2026-06-24T10:17:24.003Z","timestamp":1782296244003,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"commonwealth.biz.id","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Jun 2026 08:55:47 GMT","end":"Mon, 21 Sep 2026 08:55:46 GMT"},"fingerprint":{"sha1":"7D:FF:80:DF:2E:30:1B:E2:15:D3:09:53:6C:91:3A:EE:B3:EF:01:66","sha256":"E3:2A:D3:CE:B7:E2:BC:44:9B:9E:92:27:92:FC:58:20:1D:93:18:C5:76:82:F6:15:59:53:E9:43:34:8D:54:A2"}}},"request":{"raw":"GET /index_files/func.9b8de72fe2f973dd95ef094847ce3974.js.download HTTP/1.1\r\nHost: commonwealth.biz.id\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://commonwealth.biz.id/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 24 Jun 2026 10:17:24 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 69692\r\nLast-Modified: Thu, 09 Apr 2026 06:51:11 GMT\r\nConnection: keep-alive\r\nETag: \"69d74c5f-1103c\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":69692,"size_decoded":69958,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"9b8de72fe2f973dd95ef094847ce3974","sha1":"4922107025013373e24b89d8d8b67a859db47715","sha256":"dcf81f81e9abca1b1942c63e37c79547ef37c0b8fd127655c6c23b59fabdf0b1","sha512":"e519dcd4cad52d94c685a9d03f864aab6aadaa3f20aab2d02e9f2e036bac6ef4fdfa74dea941721c791d66a275d5cccc9559a05bc1e35e3216794cb551b788ef","ssdeep":"1536:4iysvEoOOvwNf5UJBP0vaPz+ijyN6GNCe++1winu5U7JBtZzsisrSW8cbc:ZcoOOoAMjN6K++1winisd","tlshash":"86637798bad5f0603327a375762b6ceaf71bb955128dd086d941528235f0f3cf22b638","first_seen":"2023-03-09T07:30:43Z","last_seen":"2026-06-24T10:18:04.527563Z","times_seen":46,"resource_available":true,"data":null}},"time_used":457,"timings":{"blocked":263,"dns":0,"connect":0,"send":0,"wait":98,"receive":96,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"commonwealth.biz.id","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Commonwealth Bank","verdict":"phishing","severity":"medium","comment":"Associated with Commonwealth Bank phishing","tags":["commonwealth_bank","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"www.commbank.com.au/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"www.commbank.com.au","domain":"commbank.com.au","tld":"com.au"},"ip":{"addr":"162.159.141.172","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://commonwealth.biz.id/index_files/saved_resource(1).html","date":"2026-06-24T10:17:25.758Z","timestamp":1782296245758,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.commbank.com.au","organization":""},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Fri, 25 Jul 2025 00:00:00 GMT","end":"Fri, 24 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:F5:63:F6:32:24:AF:4E:6B:3E:85:75:0B:BB:34:6D:F2:FB:30:6F","sha256":"30:83:00:A0:6E:2A:9C:C7:00:2B:EA:73:DD:CF:1D:B1:D3:E4:87:22:7F:26:54:8F:6D:8F:6C:F4:E8:42:E7:E3"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1\r\nHost: www.commbank.com.au\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://commonwealth.biz.id/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 \r\ndate: Wed, 24 Jun 2026 10:17:25 GMT\r\ncontent-length: 0\r\nlocation: /cdn-cgi/challenge-platform/h/g/scripts/jsd/f95a7f38c08f/main.js?\r\ncache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public\r\naccess-control-allow-origin: *\r\nset-cookie: __cf_bm=2o.K2SLYgbmB5qevBnKyfOwoZD0bpNru.q4B2gWZD3Y-1782296245.7807994-1.0.1.1-yM4Ai7U7gJU7ql7ipWYnWS5pwW9c2Cbam3RwrYvWRh5cKH5hMXV5aMgFpGrac8zv4q9felUuTgHmpENdipmmN8oQotYC52ouX.0LOa_Qlo8HVh9kOGYYRJ_QBdNm5un9; HttpOnly; SameSite=None; Secure; Path=/; Domain=commbank.com.au; Expires=Wed, 24 Jun 2026 10:47:25 GMT\r\nserver: cloudflare\r\ncf-ray: a10afb901a8a5688-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T19:17:39.714218Z","times_seen":16768209,"resource_available":true,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":6,"connect":1,"send":0,"wait":6,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.commbank.com.au/cdn-cgi/challenge-platform/h/g/scripts/jsd/f95a7f38c08f/main.js?","fqdn":"www.commbank.com.au","domain":"commbank.com.au","tld":"com.au"},"ip":{"addr":"162.159.141.172","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://commonwealth.biz.id/index_files/saved_resource(1).html","date":"2026-06-24T10:17:25.806Z","timestamp":1782296245806,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.commbank.com.au","organization":""},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Fri, 25 Jul 2025 00:00:00 GMT","end":"Fri, 24 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2D:F5:63:F6:32:24:AF:4E:6B:3E:85:75:0B:BB:34:6D:F2:FB:30:6F","sha256":"30:83:00:A0:6E:2A:9C:C7:00:2B:EA:73:DD:CF:1D:B1:D3:E4:87:22:7F:26:54:8F:6D:8F:6C:F4:E8:42:E7:E3"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/f95a7f38c08f/main.js? HTTP/1.1\r\nHost: www.commbank.com.au\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://commonwealth.biz.id/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=2o.K2SLYgbmB5qevBnKyfOwoZD0bpNru.q4B2gWZD3Y-1782296245.7807994-1.0.1.1-yM4Ai7U7gJU7ql7ipWYnWS5pwW9c2Cbam3RwrYvWRh5cKH5hMXV5aMgFpGrac8zv4q9felUuTgHmpENdipmmN8oQotYC52ouX.0LOa_Qlo8HVh9kOGYYRJ_QBdNm5un9\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Wed, 24 Jun 2026 10:17:25 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\ncache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public\r\nx-content-type-options: nosniff\r\nset-cookie: __cf_bm=UwcRgx3VyCixNb1a_EKQmcrlJA1xdUaS7Aj.ph2eygQ-1782296245.806642-1.0.1.1-rwtAjSqLdTuG1aGIZvXPnNP9b1_vuXtH4up4wZn_KPX2lSFIdL6xB6RRvzvmEtWNomON3ZjO5TzARPv8ph9R2lKIX5CoMxh2uq..X0wl9gtaTfM1fu3Lqis2J0HHcbgB; HttpOnly; SameSite=None; Secure; Path=/; Domain=commbank.com.au; Expires=Wed, 24 Jun 2026 10:47:25 GMT\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: a10afb904aba5688-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":21139,"size_decoded":9778,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (21139), with no line terminators","md5":"16367028647b345b17330df9752f5bc7","sha1":"8186ff00d0679b9f2f2656fbe02c7870fb27ec5e","sha256":"5a9e3b9af99ee15f3108e0eb582ca0e49323e62a37b38210ff4b0003ac0e3f5b","sha512":"31ac1072c154a448ab2864a1c9aef66991e2dc776ff4165d78c2e61b2ee946e58d1e21da7806acc4b79716eee53f95a539978583978e2bfa6114b7ab74bb12e6","ssdeep":"384:+B3WF4+lj3dxyoywy6yasXmyJnIuG+jBR7a+4PC0pYAiPAd7MApSYL+ABaRadLur:+BUHLR9MmxZU2K","tlshash":"0e92a68d7ee2b04d53ea9434045b30cbf1affc446d6c151cc930eaa2fce27465a5a9a9","first_seen":"2026-06-24T10:18:04.542087Z","last_seen":"2026-06-24T10:39:38.877989Z","times_seen":2,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/index_files/tracking-merge.4384551dad88c3309752a599fddd700a.js.download","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://commonwealth.biz.id/","date":"2026-06-24T10:17:23.995Z","timestamp":1782296243995,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"commonwealth.biz.id","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Jun 2026 08:55:47 GMT","end":"Mon, 21 Sep 2026 08:55:46 GMT"},"fingerprint":{"sha1":"7D:FF:80:DF:2E:30:1B:E2:15:D3:09:53:6C:91:3A:EE:B3:EF:01:66","sha256":"E3:2A:D3:CE:B7:E2:BC:44:9B:9E:92:27:92:FC:58:20:1D:93:18:C5:76:82:F6:15:59:53:E9:43:34:8D:54:A2"}}},"request":{"raw":"GET /index_files/tracking-merge.4384551dad88c3309752a599fddd700a.js.download HTTP/1.1\r\nHost: commonwealth.biz.id\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://commonwealth.biz.id/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 24 Jun 2026 10:17:24 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 264713\r\nLast-Modified: Thu, 09 Apr 2026 06:51:11 GMT\r\nConnection: keep-alive\r\nETag: \"69d74c5f-40a09\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":264713,"size_decoded":264980,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with very long lines (62938)","md5":"4384551dad88c3309752a599fddd700a","sha1":"0695f865e3619a34295d938f007e9f90b5186ba0","sha256":"eb2c30d249e26567bbd3798cae72610f9759a6cbfe1295af51f6ad682b66c7ac","sha512":"ace5fa967f34f4c080f135b219e18af92d6d33d11197beee0696bf5793bf659ed67fafe500e2e51e111417a40b6699d87fb25d283fc02d825b7d7d4e0c635b59","ssdeep":"3072:mQVSJMyuRkRkFbiUQcHOvjIMkyVp2IyC71BI1Ph09OqxQGy:m2/RkybiUQcHOLIMP72mI1h09VxQP","tlshash":"4a44f88a36ebb4378e967170903f460bf33eed9554c8c0a4d152d8d4397894a81b7fab","first_seen":"2026-03-04T19:24:36.634126Z","last_seen":"2026-06-24T10:18:04.531187Z","times_seen":3,"resource_available":true,"data":null}},"time_used":685,"timings":{"blocked":-1,"dns":0,"connect":97,"send":0,"wait":194,"receive":292,"ssl":102},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"commonwealth.biz.id","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Commonwealth Bank","verdict":"phishing","severity":"medium","comment":"Associated with Commonwealth Bank phishing","tags":["commonwealth_bank","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"commonwealth.biz.id/index_files/core-merge.36971982ebc03a2658d8e51f70007637.js.download","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://commonwealth.biz.id/","date":"2026-06-24T10:17:23.997Z","timestamp":1782296243997,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"commonwealth.biz.id","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Jun 2026 08:55:47 GMT","end":"Mon, 21 Sep 2026 08:55:46 GMT"},"fingerprint":{"sha1":"7D:FF:80:DF:2E:30:1B:E2:15:D3:09:53:6C:91:3A:EE:B3:EF:01:66","sha256":"E3:2A:D3:CE:B7:E2:BC:44:9B:9E:92:27:92:FC:58:20:1D:93:18:C5:76:82:F6:15:59:53:E9:43:34:8D:54:A2"}}},"request":{"raw":"GET /index_files/core-merge.36971982ebc03a2658d8e51f70007637.js.download HTTP/1.1\r\nHost: commonwealth.biz.id\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://commonwealth.biz.id/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 24 Jun 2026 10:17:24 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 400180\r\nLast-Modified: Thu, 09 Apr 2026 06:51:11 GMT\r\nConnection: keep-alive\r\nETag: \"69d74c5f-61b34\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":400180,"size_decoded":400447,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with very long lines (39928)","md5":"36971982ebc03a2658d8e51f70007637","sha1":"389e5799a0321f5fa83d3ac1f14bf86799be4cb2","sha256":"c1366941e76e519a2aa15c50241f44f81528f5c5765f200c420d70e1fd26b893","sha512":"e7e2e4c11f5b55409652b8f3b3bc69902af81bcf4d6796d8464f1e73c69496db36f0ae2338c30573444c6ce82d7bcd7999289f689d8017f434a0f4dd60dd68be","ssdeep":"6144:5yPrdTd8l9Gu/+8l8c89PzeRIaIrGWYPj+wxZiPEc9j2Qa+1:tLp/+8l8NAMPL9s+1","tlshash":"5a84299973d1707a8bfb3075207f6207f276a86645048464f0a9e8e42ebcd48627bf7d","first_seen":"2023-03-07T16:48:51Z","last_seen":"2026-06-24T10:18:04.526746Z","times_seen":820,"resource_available":true,"data":null}},"time_used":785,"timings":{"blocked":-1,"dns":0,"connect":97,"send":0,"wait":195,"receive":392,"ssl":101},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"commonwealth.biz.id","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Commonwealth Bank","verdict":"phishing","severity":"medium","comment":"Associated with Commonwealth Bank phishing","tags":["commonwealth_bank","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"commonwealth.biz.id/index_files/saved_resource.html","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://commonwealth.biz.id/","date":"2026-06-24T10:17:25.298Z","timestamp":1782296245298,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"commonwealth.biz.id","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Jun 2026 08:55:47 GMT","end":"Mon, 21 Sep 2026 08:55:46 GMT"},"fingerprint":{"sha1":"7D:FF:80:DF:2E:30:1B:E2:15:D3:09:53:6C:91:3A:EE:B3:EF:01:66","sha256":"E3:2A:D3:CE:B7:E2:BC:44:9B:9E:92:27:92:FC:58:20:1D:93:18:C5:76:82:F6:15:59:53:E9:43:34:8D:54:A2"}}},"request":{"raw":"GET /index_files/saved_resource.html HTTP/1.1\r\nHost: commonwealth.biz.id\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://commonwealth.biz.id/\r\nCookie: cdContextId=1; bmuid=1782296244968-C5C34ACE-B397-48A3-AA96-71CF7CFB7233; at_check=true\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 24 Jun 2026 10:17:25 GMT\r\nContent-Type: text/html\r\nLast-Modified: Thu, 09 Apr 2026 06:51:12 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69d74c60-1f7\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":503,"size_decoded":614,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (460)","md5":"932512dc19def527518a131a3104a2bd","sha1":"b8525d6e59454b49e02e07e2ddb21ccd71a4792f","sha256":"1d650abc0830cc6d43ef9da056b5a56319911b732ee764c4d569dff6d8f2046a","sha512":"245e9ad466ac06af3f81cd51eb2099efaac6ae4cd6c1e16f6d091d8d50b1916012455b8774f74a3bf2dd76ba86b381d21ef61f062899bab1083af0e43f535546","ssdeep":"","tlshash":"13f097f61c36c43562a00687b1faf3ac15616450b686de8181c8fc7d6f28fdb98a3d98","first_seen":"2026-06-24T01:57:07.88489Z","last_seen":"2026-06-24T10:18:04.539121Z","times_seen":2,"resource_available":false,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"commonwealth.biz.id","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Commonwealth Bank","verdict":"phishing","severity":"medium","comment":"Associated with Commonwealth Bank phishing","tags":["commonwealth_bank","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"www.my.commbank.com.au/cdn-cgi/challenge-platform/h/g/scripts/jsd/f95a7f38c08f/main.js?","fqdn":"www.my.commbank.com.au","domain":"commbank.com.au","tld":"com.au"},"ip":{"addr":"162.159.141.172","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://commonwealth.biz.id/index_files/saved_resource.html","date":"2026-06-24T10:17:25.646Z","timestamp":1782296245646,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"my.commbank.com.au","organization":""},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Fri, 01 Aug 2025 00:00:00 GMT","end":"Fri, 31 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"B5:50:98:D9:FE:CA:D2:43:61:CB:53:6D:A3:04:40:1B:40:06:00:BE","sha256":"82:0B:00:32:8B:E1:EF:E1:7B:05:3C:84:90:EA:46:A3:DF:0F:95:0A:9F:41:F5:C9:AF:64:7B:0D:0C:25:37:64"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/f95a7f38c08f/main.js? HTTP/1.1\r\nHost: www.my.commbank.com.au\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://commonwealth.biz.id/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=qda.8arZd4LhBwSLCO1w1Gi.q5vXk7nMYcBD3elrcZ4-1782296245.634204-1.0.1.1-TqOOjWpCfRP.IImOy2Y1DINz8.sLRd.33Mm5BKsax1WGWsjr1_IEpYEAK_8aSuWuw90nOSjeZY042hNwNxeejP8yPwuqXGNfKQX7rKbe86miYLUExDhgKEchgldMK4Sf\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Wed, 24 Jun 2026 10:17:25 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\ncache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public\r\nx-content-type-options: nosniff\r\nset-cookie: __cf_bm=QYw1qJXFCyFk9dhiPI4TRWe2i0Z4F8LBRQ0Ac74ZpFQ-1782296245.6471446-1.0.1.1-QRK2.cA0sXkVscIy8Vr21F3rx1guv23gNpJzjNJLwVxIs_cOT5r3Qj3iczgUTQIPAa7QWMXvQm2gV6HaXF.PcTMTYsnVaRPgYi2Go_A6a8jVDFyQcJsd9fi7i3hhPPVp; HttpOnly; SameSite=None; Secure; Path=/; Domain=my.commbank.com.au; Expires=Wed, 24 Jun 2026 10:47:25 GMT\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: a10afb8f4fd55693-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":20806,"size_decoded":9745,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (20806), with no line terminators","md5":"2228c01d62f502e2d8da062de1aa5064","sha1":"b65812e08f865992c44113ecc4e4ba24ec6ddd20","sha256":"b416cd45ef17b30060400901860e92d3104261cc2eadbd40c90c982f56afa8a8","sha512":"fc97507143e47e5615703146d5a0a08443918e480aaaa55724079a168c13cf4cf203ee5b37c1041c3a73d0ea168a9ffca3dd17a03ce1a4fa99837afb6eb184fd","ssdeep":"384:K4WBh2WDfwEmzCk2uWxcb2sU1q203J2U5C2/xvUawYgSFN3boO0y:+P2yCkuWE3Hw1QcO0y","tlshash":"2c92c6877ccab09e0376707a056f71caa71fadf46089c94ed160d9b0bce170895dbda8","first_seen":"2026-06-24T09:38:32.69004Z","last_seen":"2026-06-24T10:22:46.73441Z","times_seen":3,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wup-d8814f41.commbank.com.au/client/v3/web/wup?cid=coco","fqdn":"wup-d8814f41.commbank.com.au","domain":"commbank.com.au","tld":"com.au"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://commonwealth.biz.id/","date":"2026-06-24T10:17:25.742Z","timestamp":1782296245742,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"POST /client/v3/web/wup?cid=coco HTTP/1.1\r\nHost: wup-d8814f41.commbank.com.au\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nContent-Type: text/plain;charset=utf-8\r\nContent-Length: 222\r\nOrigin: https://commonwealth.biz.id\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://commonwealth.biz.id/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T19:17:39.714218Z","times_seen":16768209,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://commonwealth.biz.id/index_files/signout.html","date":"2026-06-24T10:17:25.614Z","timestamp":1782296245614,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"commonwealth.biz.id","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Jun 2026 08:55:47 GMT","end":"Mon, 21 Sep 2026 08:55:46 GMT"},"fingerprint":{"sha1":"7D:FF:80:DF:2E:30:1B:E2:15:D3:09:53:6C:91:3A:EE:B3:EF:01:66","sha256":"E3:2A:D3:CE:B7:E2:BC:44:9B:9E:92:27:92:FC:58:20:1D:93:18:C5:76:82:F6:15:59:53:E9:43:34:8D:54:A2"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1\r\nHost: commonwealth.biz.id\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: cdContextId=2; bmuid=1782296244968-C5C34ACE-B397-48A3-AA96-71CF7CFB7233; at_check=true\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 24 Jun 2026 10:17:25 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":162,"size_decoded":318,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"37d5c3a24983196361e6ce9b1a499464","sha1":"2dd5878df894f3c648e42408879e9a61c112d1b3","sha256":"766c1d6bcb81d3e983fb7adbc19c616d7fc01dafb7893738edc242e2adc59c07","sha512":"cc140d1f61a01ba5f282d682dfeb19229426c7164b147a3031d3b5544c2d7213ce19b075a81d5e00750bdac7b1d9232b8b971e026d838ccae9466523338b09a9","ssdeep":"","tlshash":"eac08c6e2513bd4cc663217432c36490c08b93a7a4ea42228440805331cb2aa8ac7396","first_seen":"2023-11-07T17:46:00Z","last_seen":"2026-06-27T18:41:29.054499Z","times_seen":25756,"resource_available":true,"data":null}},"time_used":98,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"commonwealth.biz.id","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Commonwealth Bank","verdict":"phishing","severity":"medium","comment":"Associated with Commonwealth Bank phishing","tags":["commonwealth_bank","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"commonwealth.biz.id/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://commonwealth.biz.id/index_files/saved_resource.html","date":"2026-06-24T10:17:25.621Z","timestamp":1782296245621,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"commonwealth.biz.id","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Jun 2026 08:55:47 GMT","end":"Mon, 21 Sep 2026 08:55:46 GMT"},"fingerprint":{"sha1":"7D:FF:80:DF:2E:30:1B:E2:15:D3:09:53:6C:91:3A:EE:B3:EF:01:66","sha256":"E3:2A:D3:CE:B7:E2:BC:44:9B:9E:92:27:92:FC:58:20:1D:93:18:C5:76:82:F6:15:59:53:E9:43:34:8D:54:A2"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1\r\nHost: commonwealth.biz.id\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://commonwealth.biz.id/index_files/saved_resource.html\r\nCookie: cdContextId=2; bmuid=1782296244968-C5C34ACE-B397-48A3-AA96-71CF7CFB7233; at_check=true\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 24 Jun 2026 10:17:25 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":162,"size_decoded":318,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"37d5c3a24983196361e6ce9b1a499464","sha1":"2dd5878df894f3c648e42408879e9a61c112d1b3","sha256":"766c1d6bcb81d3e983fb7adbc19c616d7fc01dafb7893738edc242e2adc59c07","sha512":"cc140d1f61a01ba5f282d682dfeb19229426c7164b147a3031d3b5544c2d7213ce19b075a81d5e00750bdac7b1d9232b8b971e026d838ccae9466523338b09a9","ssdeep":"","tlshash":"eac08c6e2513bd4cc663217432c36490c08b93a7a4ea42228440805331cb2aa8ac7396","first_seen":"2023-11-07T17:46:00Z","last_seen":"2026-06-27T18:41:29.054499Z","times_seen":25756,"resource_available":true,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"commonwealth.biz.id","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Commonwealth Bank","verdict":"phishing","severity":"medium","comment":"Associated with Commonwealth Bank phishing","tags":["commonwealth_bank","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"commonwealth.biz.id/?Embedded=true","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://commonwealth.biz.id/","date":"2026-06-24T10:17:33.674Z","timestamp":1782296253674,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"commonwealth.biz.id","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Jun 2026 08:55:47 GMT","end":"Mon, 21 Sep 2026 08:55:46 GMT"},"fingerprint":{"sha1":"7D:FF:80:DF:2E:30:1B:E2:15:D3:09:53:6C:91:3A:EE:B3:EF:01:66","sha256":"E3:2A:D3:CE:B7:E2:BC:44:9B:9E:92:27:92:FC:58:20:1D:93:18:C5:76:82:F6:15:59:53:E9:43:34:8D:54:A2"}}},"request":{"raw":"GET /?Embedded=true HTTP/1.1\r\nHost: commonwealth.biz.id\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://commonwealth.biz.id/\r\nCookie: cdContextId=2; bmuid=1782296244968-C5C34ACE-B397-48A3-AA96-71CF7CFB7233; at_check=true; cdSNum=1782294335154-sjt0000405-6b83f5b3-f8b9-4637-80f7-60feae04e463\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 24 Jun 2026 10:17:33 GMT\r\nContent-Type: text/html\r\nLast-Modified: Thu, 09 Apr 2026 18:24:58 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69d7eefa-8b02\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Bootstrap:27ddcbdd352e9113971be193e1c5622e","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":35586,"size_decoded":14039,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (5924)","md5":"9166df8081fdf62d4f27ea9c3f4d6821","sha1":"51ca34846215cd7fd2dcbdbdd3ec33692a211ddd","sha256":"eaff4e9f62ce82f2081019a27c415f5ea0e074684d548bb908f7b730bcbbf03d","sha512":"3f4c585c4fbd81f9d1241b06956ee70387b5fa2eae5e3e3ccc0b2ee33e0e5b017b6411575b1da02d3bb59788be17e53cea033a6e4173c1ec1c5ed417567b9a7d","ssdeep":"768:Kvn4UhCMpEYgh+nrSAVswoqcM6sJn1wI9Z96SDnx/b6F:Kvn4U0MpEzOawoq6sJneI9Z96SDnx/b6","tlshash":"aaf25cd1de3c9c3680034683f0abf745158f8933b602d498f5dd68555f91e89a633faa","first_seen":"2026-06-24T01:57:07.87317Z","last_seen":"2026-06-24T10:18:04.535381Z","times_seen":2,"resource_available":true,"data":null}},"time_used":99,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":99,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-06-24","alert":"Detects file containing Telegram Bot API","trigger":"commonwealth.biz.id/?Embedded=true","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"commonwealth.biz.id","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Commonwealth Bank","verdict":"phishing","severity":"medium","comment":"Associated with Commonwealth Bank phishing","tags":["commonwealth_bank","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"log-d8814f41.commbank.com.au/api/v1/sendLogs?cid=coco\u0026cdsnum=1782294335154-sjt0000405-6b83f5b3-f8b9-4637-80f7-60feae04e463\u0026csid=cd15c2b147d44b9ea0561f95203b05af\u0026ds=js\u0026sdkVer=2.36.0.1722.f8962c0","fqdn":"log-d8814f41.commbank.com.au","domain":"commbank.com.au","tld":"com.au"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://commonwealth.biz.id/","date":"2026-06-24T10:17:34.500Z","timestamp":1782296254500,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"POST /api/v1/sendLogs?cid=coco\u0026cdsnum=1782294335154-sjt0000405-6b83f5b3-f8b9-4637-80f7-60feae04e463\u0026csid=cd15c2b147d44b9ea0561f95203b05af\u0026ds=js\u0026sdkVer=2.36.0.1722.f8962c0 HTTP/1.1\r\nHost: log-d8814f41.commbank.com.au\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nContent-Type: text/plain;charset=utf-8\r\nContent-Length: 812\r\nOrigin: https://commonwealth.biz.id\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://commonwealth.biz.id/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T19:17:39.714218Z","times_seen":16768209,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www1.my.commbank.com.au/financial.js?url=https%3A%2F%2Fcommonwealth.biz.id%2F\u0026referrer=","fqdn":"www1.my.commbank.com.au","domain":"commbank.com.au","tld":"com.au"},"ip":{"addr":"162.159.141.172","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://commonwealth.biz.id/","date":"2026-06-24T10:17:34.515Z","timestamp":1782296254515,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"my.commbank.com.au","organization":""},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Fri, 01 Aug 2025 00:00:00 GMT","end":"Fri, 31 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"B5:50:98:D9:FE:CA:D2:43:61:CB:53:6D:A3:04:40:1B:40:06:00:BE","sha256":"82:0B:00:32:8B:E1:EF:E1:7B:05:3C:84:90:EA:46:A3:DF:0F:95:0A:9F:41:F5:C9:AF:64:7B:0D:0C:25:37:64"}}},"request":{"raw":"GET /financial.js?url=https%3A%2F%2Fcommonwealth.biz.id%2F\u0026referrer= HTTP/1.1\r\nHost: www1.my.commbank.com.au\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://commonwealth.biz.id/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=.mTbLE2F4hoOTMbC4ZyzHZcH8rDDYzwtF.tVtH_XClk-1782296245.7162983-1.0.1.1-mF2jJhHocaxRoCUmDcur_4MWE2YTD8UmtVKkyy9NTIMvF5.rcz8VhlZliLIrEcV715VEOubu2QgUbO4blzW5Yfb7R4kHEMFGfWQTSjEtbm_hhd6horJJMU9d31In6N2C; __cf_bm=UwcRgx3VyCixNb1a_EKQmcrlJA1xdUaS7Aj.ph2eygQ-1782296245.806642-1.0.1.1-rwtAjSqLdTuG1aGIZvXPnNP9b1_vuXtH4up4wZn_KPX2lSFIdL6xB6RRvzvmEtWNomON3ZjO5TzARPv8ph9R2lKIX5CoMxh2uq..X0wl9gtaTfM1fu3Lqis2J0HHcbgB\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 \r\ndate: Wed, 24 Jun 2026 10:17:34 GMT\r\ncontent-type: text/html\r\ncf-ray: a10afbc6c8985693-OSL\r\ncf-cache-status: BYPASS\r\nserver: cloudflare\r\nset-cookie: BIGipServermy.commbank.com.au_Burwood=1747066540.35437.0000; path=/; Secure\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: accept-encoding\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T19:17:39.714218Z","times_seen":16768209,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"commonwealth.biz.id/index_files/logon-merge.26d40f052bde646f68e5a483f075ba6d.css","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://commonwealth.biz.id/","date":"2026-06-24T10:17:23.985Z","timestamp":1782296243985,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"commonwealth.biz.id","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Jun 2026 08:55:47 GMT","end":"Mon, 21 Sep 2026 08:55:46 GMT"},"fingerprint":{"sha1":"7D:FF:80:DF:2E:30:1B:E2:15:D3:09:53:6C:91:3A:EE:B3:EF:01:66","sha256":"E3:2A:D3:CE:B7:E2:BC:44:9B:9E:92:27:92:FC:58:20:1D:93:18:C5:76:82:F6:15:59:53:E9:43:34:8D:54:A2"}}},"request":{"raw":"GET /index_files/logon-merge.26d40f052bde646f68e5a483f075ba6d.css HTTP/1.1\r\nHost: commonwealth.biz.id\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://commonwealth.biz.id/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 24 Jun 2026 10:17:24 GMT\r\nContent-Type: text/css\r\nContent-Length: 31989\r\nLast-Modified: Thu, 09 Apr 2026 06:51:10 GMT\r\nConnection: keep-alive\r\nETag: \"69d74c5e-7cf5\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":31989,"size_decoded":32238,"mime_type":"text/css","magic":"ASCII text, with very long lines (31989), with no line terminators","md5":"26d40f052bde646f68e5a483f075ba6d","sha1":"62397a4c137dd3c4cfefeaf4e634ea4d6df43ae6","sha256":"e93e27ce286a2aaa1ff48ef86f97dfcd2a555603c4314de6b92f149f333df557","sha512":"3f54c601c536bd7929ecebcfd6939a6aa500f7e5dde19851c08a4b178d2c991be711659dd95dd1dd3128b4377a4e20212de110e83169d13828a96bdd00d7957b","ssdeep":"768:cf4S/Lb7r775f/qPw6CaWOIl6E+NrmM+QKoOQmx/b:RY6CaWOIlf0rmM+QKoOQmx/b","tlshash":"46e2b7398aa129bff32f85b3f4a3b788b172840391175b7de21e5472996c99814377cc","first_seen":"2024-09-19T22:21:46.393553Z","last_seen":"2026-06-24T10:18:04.536456Z","times_seen":15,"resource_available":false,"data":null}},"time_used":194,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":96,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"commonwealth.biz.id","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Commonwealth Bank","verdict":"phishing","severity":"medium","comment":"Associated with Commonwealth Bank phishing","tags":["commonwealth_bank","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"commonwealth.biz.id/index_files/trackingbootstrap.27ddcbdd352e9113971be193e1c5622e.js.download","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://commonwealth.biz.id/","date":"2026-06-24T10:17:24.000Z","timestamp":1782296244000,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"commonwealth.biz.id","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Jun 2026 08:55:47 GMT","end":"Mon, 21 Sep 2026 08:55:46 GMT"},"fingerprint":{"sha1":"7D:FF:80:DF:2E:30:1B:E2:15:D3:09:53:6C:91:3A:EE:B3:EF:01:66","sha256":"E3:2A:D3:CE:B7:E2:BC:44:9B:9E:92:27:92:FC:58:20:1D:93:18:C5:76:82:F6:15:59:53:E9:43:34:8D:54:A2"}}},"request":{"raw":"GET /index_files/trackingbootstrap.27ddcbdd352e9113971be193e1c5622e.js.download HTTP/1.1\r\nHost: commonwealth.biz.id\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://commonwealth.biz.id/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 24 Jun 2026 10:17:24 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 40758\r\nLast-Modified: Thu, 09 Apr 2026 06:51:11 GMT\r\nConnection: keep-alive\r\nETag: \"69d74c5f-9f36\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":40758,"size_decoded":41023,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with very long lines (40758), with no line terminators","md5":"27ddcbdd352e9113971be193e1c5622e","sha1":"bdae19cff839877be741782813f6ea81534358e2","sha256":"0d2ddec0d9a1f136483ee0f8f5c2dc1f02bfb402ee885dfd4731ef0356d02004","sha512":"47b1d271ad4e736ecf97421c105e758a11441ed90a4040504ba4a0b9c0be6c72343b9b6dca54846c12e2fae8cd9f2d4ce871f64b6d80f94ea7daa3ffe80e35b8","ssdeep":"768:ScbdLVNhqgQRb60fNvdpNCLweKbwaMqR1RGB8YJilcX3yh83HD2j/43s8wzm2D:ZLVNhwH5NZMo1RGelcX3yh83HD2jB8wr","tlshash":"59031a02b3d2493701ba1016726ff306e1f5e96b6ec0d8a0c646d4b066add7b743bf99","first_seen":"2026-03-04T19:24:36.721383Z","last_seen":"2026-06-24T10:18:04.544691Z","times_seen":3,"resource_available":true,"data":null}},"time_used":489,"timings":{"blocked":-1,"dns":0,"connect":97,"send":0,"wait":194,"receive":97,"ssl":101},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"commonwealth.biz.id","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Commonwealth Bank","verdict":"phishing","severity":"medium","comment":"Associated with Commonwealth Bank phishing","tags":["commonwealth_bank","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"commonwealth.biz.id/index_files/smartbanner.d1197ec1675a985d0591d2083729fe1a.js.download","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://commonwealth.biz.id/","date":"2026-06-24T10:17:24.006Z","timestamp":1782296244006,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"commonwealth.biz.id","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Jun 2026 08:55:47 GMT","end":"Mon, 21 Sep 2026 08:55:46 GMT"},"fingerprint":{"sha1":"7D:FF:80:DF:2E:30:1B:E2:15:D3:09:53:6C:91:3A:EE:B3:EF:01:66","sha256":"E3:2A:D3:CE:B7:E2:BC:44:9B:9E:92:27:92:FC:58:20:1D:93:18:C5:76:82:F6:15:59:53:E9:43:34:8D:54:A2"}}},"request":{"raw":"GET /index_files/smartbanner.d1197ec1675a985d0591d2083729fe1a.js.download HTTP/1.1\r\nHost: commonwealth.biz.id\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://commonwealth.biz.id/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 24 Jun 2026 10:17:24 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 7524\r\nLast-Modified: Thu, 09 Apr 2026 06:51:12 GMT\r\nConnection: keep-alive\r\nETag: \"69d74c60-1d64\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":7524,"size_decoded":7788,"mime_type":"application/octet-stream","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (7521), with no line terminators","md5":"b49de4bf3def21a0ea157155ba0590cd","sha1":"8fafa836a9fa13969c877d14214490393628a463","sha256":"02ff00f4b4ab43a5e32e18f40a2679f0009db0f758f0984d45f82232b67ba289","sha512":"400b0ddbf990d214d4be232c6ea6a400ff06bafc0a4ed101e3e95f95d90f694b9379d53e337ecef08df6ed883b2ff548c5f248f395dcb8df01d48cbc9a14e298","ssdeep":"192:OkdYKNV4WoLTR7jI+kiUdOqDuh20VFk98OgLu+:TdVRo98+Xk9yJIr+","tlshash":"cff1434a7a91172981e794ed200f254e14b2f33fd5a0905f38a0cbfad57590b90e7b7e","first_seen":"2025-03-24T14:40:42.12955Z","last_seen":"2026-06-24T10:18:04.545336Z","times_seen":5,"resource_available":false,"data":null}},"time_used":569,"timings":{"blocked":472,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"commonwealth.biz.id","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Commonwealth Bank","verdict":"phishing","severity":"medium","comment":"Associated with Commonwealth Bank phishing","tags":["commonwealth_bank","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"commonwealth.biz.id/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"commonwealth.biz.id","domain":"commonwealth.biz.id","tld":"biz.id"},"ip":{"addr":"107.175.148.253","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://commonwealth.biz.id/","date":"2026-06-24T10:17:25.561Z","timestamp":1782296245561,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"commonwealth.biz.id","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Jun 2026 08:55:47 GMT","end":"Mon, 21 Sep 2026 08:55:46 GMT"},"fingerprint":{"sha1":"7D:FF:80:DF:2E:30:1B:E2:15:D3:09:53:6C:91:3A:EE:B3:EF:01:66","sha256":"E3:2A:D3:CE:B7:E2:BC:44:9B:9E:92:27:92:FC:58:20:1D:93:18:C5:76:82:F6:15:59:53:E9:43:34:8D:54:A2"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1\r\nHost: commonwealth.biz.id\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: cdContextId=1; bmuid=1782296244968-C5C34ACE-B397-48A3-AA96-71CF7CFB7233; at_check=true\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 24 Jun 2026 10:17:25 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":162,"size_decoded":318,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"37d5c3a24983196361e6ce9b1a499464","sha1":"2dd5878df894f3c648e42408879e9a61c112d1b3","sha256":"766c1d6bcb81d3e983fb7adbc19c616d7fc01dafb7893738edc242e2adc59c07","sha512":"cc140d1f61a01ba5f282d682dfeb19229426c7164b147a3031d3b5544c2d7213ce19b075a81d5e00750bdac7b1d9232b8b971e026d838ccae9466523338b09a9","ssdeep":"","tlshash":"eac08c6e2513bd4cc663217432c36490c08b93a7a4ea42228440805331cb2aa8ac7396","first_seen":"2023-11-07T17:46:00Z","last_seen":"2026-06-27T18:41:29.054499Z","times_seen":25756,"resource_available":true,"data":null}},"time_used":99,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":99,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"commonwealth.biz.id","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"commonwealth.biz.id","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Commonwealth Bank","verdict":"phishing","severity":"medium","comment":"Associated with Commonwealth Bank phishing","tags":["commonwealth_bank","financial","phishing"],"meta":null}]}}]}