{"report_id":"e15bba61-f02f-4496-94ee-5f82b3347a67","version":6,"status":"done","tags":[],"date":"2024-12-23T11:59:12Z","url":{"schema":"http","addr":"download.qt.io/official_releases/jom/jom.zip","fqdn":"download.qt.io","domain":"qt.io","tld":"io"},"ip":{"addr":"77.86.162.2","port":0,"asn":29422,"as":"Telia Cygate Oy","country":"Finland","country_code":"FI"},"final":{"url":{"schema":"about","addr":"about:privatebrowsing","fqdn":"","domain":"","tld":""},"title":"about:privatebrowsing"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"","expires_at":"2027-03-03T11:59:12Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"download.qt.io","ip":{"addr":"77.86.162.2","port":443,"asn":29422,"as":"Telia Cygate Oy","country":"Finland","country_code":"FI"},"domain_registered":"2013-10-05","domain_rank":681032,"first_seen":"2017-02-02T06:16:49Z","last_seen":"2024-12-21T13:24:59.055081Z","alert_count":0,"request_count":1,"received_data":1567,"sent_data":498,"comment":"","tags":null,"fingerprints":null},{"fqdn":"mirrors.dotsrc.org","ip":{"addr":"130.225.254.116","port":443,"asn":1835,"as":"FSKNET-DK Forskningsnettet - Danish network for Research and Education","country":"Denmark","country_code":"DK"},"domain_registered":"2003-04-15","domain_rank":411439,"first_seen":"2014-03-19T12:46:59Z","last_seen":"2024-12-21T13:24:59.781848Z","alert_count":1,"request_count":1,"received_data":1697243,"sent_data":512,"comment":"","tags":null,"fingerprints":null}],"files":[{"md5":"4cd0e6fb721e063b24232bc9ecb6d130","sha1":"5551d95151dc8a8658d5b8a7ce40c6f64a4697db","sha256":"d533c1ef49214229681e90196ed2094691e8c4a0a0bef0b2c901debcb562682b","sha512":"a683bd829c84942223a791dae8abac5cfc2e3fa7de84c6fdc490ad3aa996a26c9fa0be0636890f02c9d56948bbe3225b43497cb590d1cb01e70c6fac447fa17b","magic":"Zip archive data, at least v2.0 to extract, compression method=deflate","size":1696930,"url":{"schema":"https","addr":"mirrors.dotsrc.org/qtproject/official_releases/jom/jom.zip","fqdn":"mirrors.dotsrc.org","domain":"dotsrc.org","tld":"org"},"ip":{"addr":"130.225.254.116","port":443,"asn":1835,"as":"FSKNET-DK Forskningsnettet - Danish network for Research and Education","country":"Denmark","country_code":"DK"},"archive":[{"path":"changelog.txt","filename":"changelog.txt","modified":"2023-08-08T18:49:54+02:00","Modified":"","magic":"ASCII text, with CRLF line terminators","size":9336,"md5":"4deb1e4ea18c5dae5ff63446b01dabbb","sha1":"d3909db2e07e2895de461b731f0e9dbd1db5a3fa","sha256":"c0d208537acfe6e160b3945aee714c221568a6cbc030fc5ab4fc6f51798cb728","sha512":"d03c87d3f5e172e10c819f562b230f196acfbf91e7dac8686eaa86f86a35686637ce54f2bf8259376c2481440f5bfc8e8dedc4a442ec34aa2d7a269ee43a9747","alerts":{"urlquery":null,"analyzer":null}},{"path":"ibjom.bat","filename":"ibjom.bat","modified":"2023-06-23T11:46:52+02:00","Modified":"","magic":"DOS batch file, ASCII text, with CRLF line terminators","size":192,"md5":"9928512dbcab8a23f711f7a360379505","sha1":"c9844cede9abb09516ea1021ff3eed455114b079","sha256":"fdfa225160226823733182037d2690e279cf6926616acafe6b2945915e589764","sha512":"d76f944d35cb337cd8905e867d13b0c3c95334f876b170183b8cf12dee05b1343357e5d257f603fb608f97e0b8ccfa9877944ed1646f9109a6d2b53cc274d7f0","alerts":{"urlquery":null,"analyzer":null}},{"path":"jom.exe","filename":"jom.exe","modified":"2023-06-23T12:29:47+02:00","Modified":"","magic":"PE32+ executable (console) x86-64, for MS Windows, 7 sections","size":3861504,"md5":"cbd781462a5768b21eb457f892e84afa","sha1":"1cbeed0e634dacb0058eb9ecd2e3e72e589229e0","sha256":"93eb6b9df1a61b75f8d279578b200706a98096d85773ae3a09bbefea365cc2e8","sha512":"63e0597ad313df5dbb1309268ea5e267daa6901eda3b77d3f0cac8beb9d4edcdc714200c4913e2035c8a01ecf44c4e05e4192f0c478e0d30141bf720543a0336","alerts":{"urlquery":null,"analyzer":null}},{"path":"xgejom.bat","filename":"xgejom.bat","modified":"2023-06-23T11:46:52+02:00","Modified":"","magic":"DOS batch file, ASCII text, with CRLF line terminators","size":238,"md5":"14ba8bc9f91f4a2395cf88c1caae3a12","sha1":"e7529293d25532d5e9b2320a8d5a2ffdcf330400","sha256":"05c83e80b543cf4a6dbc178731eaf991c0c0ef8766a425a45781d2ab2c6282b4","sha512":"a2badeb2209f8e10712c51cc219a48d1c9850625be217235ba73eb4f6587625657cb5dd565270f6ad430238111e96b63aa556bf897e88be0ff9606c60ca2682a","alerts":{"urlquery":null,"analyzer":null}},{"path":"xgejom.xml","filename":"xgejom.xml","modified":"2023-06-23T11:46:52+02:00","Modified":"","magic":"XML 1.0 document, ASCII text, with CRLF line terminators","size":663,"md5":"889bf543998d378eb004096bbc26dd9b","sha1":"843c1c24e79c0b69a6f31415d06fa104a981530a","sha256":"f6939a5b0147ce57ef8d772af071e63e7cfed3a2078887b5e0f12b2f790f919a","sha512":"d20df9afb2b1223e19458dda748e8247a6645b76de2a45f016639d0db393712c889bffcd2b1ae6934e9b0fbefdad426daf176c699e932f38890b5d0bc824cf45","alerts":{"urlquery":null,"analyzer":null}}],"alerts":{"urlquery":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-10-29","alert":"Scan result 1/66","trigger":"d533c1ef49214229681e90196ed2094691e8c4a0a0bef0b2c901debcb562682b","verdict":"suspicious","severity":"","comment":"suspicious - 1/66","link":"https://www.virustotal.com/gui/file/d533c1ef49214229681e90196ed2094691e8c4a0a0bef0b2c901debcb562682b","meta":null}]}}],"artifacts":{"windows_shortcuts":null,"files":[{"md5":"4cd0e6fb721e063b24232bc9ecb6d130","sha1":"5551d95151dc8a8658d5b8a7ce40c6f64a4697db","sha256":"d533c1ef49214229681e90196ed2094691e8c4a0a0bef0b2c901debcb562682b","sha512":"a683bd829c84942223a791dae8abac5cfc2e3fa7de84c6fdc490ad3aa996a26c9fa0be0636890f02c9d56948bbe3225b43497cb590d1cb01e70c6fac447fa17b","magic":"Zip archive data, at least v2.0 to extract, compression method=deflate","size":1696930,"url":{"schema":"https","addr":"mirrors.dotsrc.org/qtproject/official_releases/jom/jom.zip","fqdn":"mirrors.dotsrc.org","domain":"dotsrc.org","tld":"org"},"ip":{"addr":"130.225.254.116","port":443,"asn":1835,"as":"FSKNET-DK Forskningsnettet - Danish network for Research and Education","country":"Denmark","country_code":"DK"},"archive":[{"path":"changelog.txt","filename":"changelog.txt","modified":"2023-08-08T18:49:54+02:00","Modified":"","magic":"ASCII text, with CRLF line terminators","size":9336,"md5":"4deb1e4ea18c5dae5ff63446b01dabbb","sha1":"d3909db2e07e2895de461b731f0e9dbd1db5a3fa","sha256":"c0d208537acfe6e160b3945aee714c221568a6cbc030fc5ab4fc6f51798cb728","sha512":"d03c87d3f5e172e10c819f562b230f196acfbf91e7dac8686eaa86f86a35686637ce54f2bf8259376c2481440f5bfc8e8dedc4a442ec34aa2d7a269ee43a9747","alerts":{"urlquery":null,"analyzer":null}},{"path":"ibjom.bat","filename":"ibjom.bat","modified":"2023-06-23T11:46:52+02:00","Modified":"","magic":"DOS batch file, ASCII text, with CRLF line terminators","size":192,"md5":"9928512dbcab8a23f711f7a360379505","sha1":"c9844cede9abb09516ea1021ff3eed455114b079","sha256":"fdfa225160226823733182037d2690e279cf6926616acafe6b2945915e589764","sha512":"d76f944d35cb337cd8905e867d13b0c3c95334f876b170183b8cf12dee05b1343357e5d257f603fb608f97e0b8ccfa9877944ed1646f9109a6d2b53cc274d7f0","alerts":{"urlquery":null,"analyzer":null}},{"path":"jom.exe","filename":"jom.exe","modified":"2023-06-23T12:29:47+02:00","Modified":"","magic":"PE32+ executable (console) x86-64, for MS Windows, 7 sections","size":3861504,"md5":"cbd781462a5768b21eb457f892e84afa","sha1":"1cbeed0e634dacb0058eb9ecd2e3e72e589229e0","sha256":"93eb6b9df1a61b75f8d279578b200706a98096d85773ae3a09bbefea365cc2e8","sha512":"63e0597ad313df5dbb1309268ea5e267daa6901eda3b77d3f0cac8beb9d4edcdc714200c4913e2035c8a01ecf44c4e05e4192f0c478e0d30141bf720543a0336","alerts":{"urlquery":null,"analyzer":null}},{"path":"xgejom.bat","filename":"xgejom.bat","modified":"2023-06-23T11:46:52+02:00","Modified":"","magic":"DOS batch file, ASCII text, with CRLF line terminators","size":238,"md5":"14ba8bc9f91f4a2395cf88c1caae3a12","sha1":"e7529293d25532d5e9b2320a8d5a2ffdcf330400","sha256":"05c83e80b543cf4a6dbc178731eaf991c0c0ef8766a425a45781d2ab2c6282b4","sha512":"a2badeb2209f8e10712c51cc219a48d1c9850625be217235ba73eb4f6587625657cb5dd565270f6ad430238111e96b63aa556bf897e88be0ff9606c60ca2682a","alerts":{"urlquery":null,"analyzer":null}},{"path":"xgejom.xml","filename":"xgejom.xml","modified":"2023-06-23T11:46:52+02:00","Modified":"","magic":"XML 1.0 document, ASCII text, with CRLF line terminators","size":663,"md5":"889bf543998d378eb004096bbc26dd9b","sha1":"843c1c24e79c0b69a6f31415d06fa104a981530a","sha256":"f6939a5b0147ce57ef8d772af071e63e7cfed3a2078887b5e0f12b2f790f919a","sha512":"d20df9afb2b1223e19458dda748e8247a6645b76de2a45f016639d0db393712c889bffcd2b1ae6934e9b0fbefdad426daf176c699e932f38890b5d0bc824cf45","alerts":{"urlquery":null,"analyzer":null}}],"alerts":{"urlquery":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-10-29","alert":"Scan result 1/66","trigger":"d533c1ef49214229681e90196ed2094691e8c4a0a0bef0b2c901debcb562682b","verdict":"suspicious","severity":"","comment":"suspicious - 1/66","link":"https://www.virustotal.com/gui/file/d533c1ef49214229681e90196ed2094691e8c4a0a0bef0b2c901debcb562682b","meta":null}]}}],"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"download.qt.io/official_releases/jom/jom.zip","fqdn":"download.qt.io","domain":"qt.io","tld":"io"},"ip":{"addr":"77.86.162.2","port":443,"asn":29422,"as":"Telia Cygate Oy","country":"Finland","country_code":"FI"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-12-23T11:58:47.442Z","timestamp":1734955127442,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.qt.io","organization":"The Qt Company Ltd"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Tue, 30 Jul 2024 00:00:00 GMT","end":"Wed, 20 Aug 2025 23:59:59 GMT"},"fingerprint":{"sha1":"8C:26:04:94:5E:5A:3E:7E:97:B2:B1:12:D6:5E:DF:00:0F:24:39:EE","sha256":"BB:05:F4:65:8B:6C:7A:03:26:BB:14:ED:DB:C3:C6:63:E6:96:A4:BB:76:5D:79:0C:6A:14:37:34:23:1C:01:E9"}}},"request":{"raw":"GET /official_releases/jom/jom.zip HTTP/1.1\r\nHost: download.qt.io\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nDate: Mon, 23 Dec 2024 11:58:47 GMT\r\nServer: Apache\r\nStrict-Transport-Security: max-age=63072000; includeSubdomains;\r\nX-Prefix: 91.90.40.0/21\r\nX-AS: 50304\r\nX-MirrorBrain-Mirror: dotsrc.org\r\nX-MirrorBrain-Realm: region\r\nLink: \u003chttps://download.qt.io/official_releases/jom/jom.zip.meta4\u003e; rel=describedby; type=\"application/metalink4+xml\", \u003chttps://download.qt.io/official_releases/jom/jom.zip.torrent\u003e; rel=describedby; type=\"application/x-bittorrent\", \u003chttps://mirrors.dotsrc.org/qtproject/official_releases/jom/jom.zip\u003e; rel=duplicate; pri=1; geo=dk, \u003chttps://qt-mirror.dannhauer.de/official_releases/jom/jom.zip\u003e; rel=duplicate; pri=2; geo=de, \u003chttps://mirror.accum.se/mirror/qt.io/qtproject/official_releases/jom/jom.zip\u003e; rel=duplicate; pri=3; geo=se, \u003chttps://ftp.fau.de/qtproject/official_releases/jom/jom.zip\u003e; rel=duplicate; pri=4; geo=de, \u003chttps://www.mirrorservice.org/sites/download.qt-project.org/official_releases/jom/jom.zip\u003e; rel=duplicate; pri=5; geo=gb\r\nDigest: MD5=TNDm+3IeBjskIyvJ7LbRMA==, SHA=VVHZUVHcioZY1binzkDG9kpGl9s=, SHA-256=1TPB70khQiloHpAZbtIJRpHoxKCgvvCyyQHevLViaCs=\r\nLocation: https://mirrors.dotsrc.org/qtproject/official_releases/jom/jom.zip\r\nContent-Length: 250\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=iso-8859-1\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":250,"size_decoded":250,"mime_type":"application/zip","magic":"HTML document, ASCII text","md5":"2bd2d2670135a41e072aafde9c8ae91a","sha1":"cb98f49f57ee5890affe356bc93a0445c066934f","sha256":"6dcbc126479d0b585daa6b14cb5544ca6cc14db293528b66ea1232115e235795","sha512":"cb87c04730e0984626cc74e725b7748eba792083deb2a1c287a448c174b93929fd9d9c1bbd2d9093f84d1f2f2d6269faf1f59769694f61510e64a7e2ea6be133","ssdeep":"","tlshash":"70d097ffa08324898b7332c0bcc130d8181b25f37584aaac1d876842c4146b048cf2ab","first_seen":"2023-11-17T21:56:20Z","last_seen":"2025-01-31T06:33:17.283442Z","times_seen":13,"resource_available":false,"data":null}},"time_used":875,"timings":{"blocked":429,"dns":1,"connect":14,"send":0,"wait":17,"receive":0,"ssl":411},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mirrors.dotsrc.org/qtproject/official_releases/jom/jom.zip","fqdn":"mirrors.dotsrc.org","domain":"dotsrc.org","tld":"org"},"ip":{"addr":"130.225.254.116","port":443,"asn":1835,"as":"FSKNET-DK Forskningsnettet - Danish network for Research and Education","country":"Denmark","country_code":"DK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-12-23T11:58:47.895Z","timestamp":1734955127895,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mirrors.dotsrc.org","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Mon, 28 Oct 2024 04:06:44 GMT","end":"Sun, 26 Jan 2025 04:06:43 GMT"},"fingerprint":{"sha1":"19:FA:D8:76:95:A5:60:04:39:D6:84:5F:63:7E:1E:E1:28:05:0F:78","sha256":"D3:1E:27:36:84:63:60:9A:7B:68:90:7E:C3:70:80:49:67:13:67:D3:2D:71:2B:55:66:FD:9C:E6:75:89:63:E8"}}},"request":{"raw":"GET /qtproject/official_releases/jom/jom.zip HTTP/1.1\r\nHost: mirrors.dotsrc.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Mon, 23 Dec 2024 11:58:48 GMT\r\ncontent-type: application/zip\r\ncontent-length: 1696930\r\nlast-modified: Tue, 05 Sep 2023 12:36:25 GMT\r\netag: \"64f720c9-19e4a2\"\r\nx-frame-options: SAMEORIGIN\r\nreferrer-policy: strict-origin\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1696930,"size_decoded":1696930,"mime_type":"application/zip","magic":"Zip archive data, at least v2.0 to extract, compression method=deflate","md5":"4cd0e6fb721e063b24232bc9ecb6d130","sha1":"5551d95151dc8a8658d5b8a7ce40c6f64a4697db","sha256":"d533c1ef49214229681e90196ed2094691e8c4a0a0bef0b2c901debcb562682b","sha512":"a683bd829c84942223a791dae8abac5cfc2e3fa7de84c6fdc490ad3aa996a26c9fa0be0636890f02c9d56948bbe3225b43497cb590d1cb01e70c6fac447fa17b","ssdeep":"49152:tE7krqZcxyurFlZA+ovVY1clmDiYIVsNItzGk2Bym:tE7OxyuHZA+6Vfl04Vsytzh2T","tlshash":"8675335f4cd4ab9845bf361aa190cfe7e8b64067736365090df9f2172ba330a236d861","first_seen":"2023-09-23T07:04:13Z","last_seen":"2025-05-20T06:03:39.919515Z","times_seen":37,"resource_available":false,"data":null}},"time_used":813,"timings":{"blocked":106,"dns":3,"connect":44,"send":0,"wait":44,"receive":556,"ssl":54},"alerts":{"ids":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-10-29","alert":"Scan result 1/66","trigger":"d533c1ef49214229681e90196ed2094691e8c4a0a0bef0b2c901debcb562682b","verdict":"suspicious","severity":"","comment":"suspicious - 1/66","link":"https://www.virustotal.com/gui/file/d533c1ef49214229681e90196ed2094691e8c4a0a0bef0b2c901debcb562682b","meta":null}],"urlquery":null}}]}