{"report_id":"2d2a2a82-a049-4a81-b2dd-420aa39db810","version":6,"status":"done","tags":[],"date":"2026-02-21T21:50:23Z","url":{"schema":"http","addr":"ekhealthsharefiledoc8786.us-sea-1.linodeobjects.com","fqdn":"ekhealthsharefiledoc8786.us-sea-1.linodeobjects.com","domain":"ekhealthsharefiledoc8786.us-sea-1.linodeobjects.com","tld":"us-sea-1.linodeobjects.com"},"ip":{"addr":"172.234.248.30","port":0,"asn":63949,"as":"Akamai Connected Cloud","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"ekhealthsharefiledoc8786.us-sea-1.linodeobjects.com/","fqdn":"ekhealthsharefiledoc8786.us-sea-1.linodeobjects.com","domain":"ekhealthsharefiledoc8786.us-sea-1.linodeobjects.com","tld":"us-sea-1.linodeobjects.com"},"title":"ekhealthsharefiledoc8786.us-sea-1.linodeobjects.com/","dom":{"size":538,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with very long lines (538), with no line terminators","md5":"87bca115563f95292dc53c3fc2f83c03","sha1":"d99fb2905ab051479c990ca9115415a753a071fc","sha256":"84c6df5f63330f2d5102640bb83ed3f848dc50e5a0d32cd7eeb8e8892f2dbadc","sha512":"7b75f6aec47a0a541b79ee72741076ad6a4d932f14f70db35b0c7f8da4ee69434521729c3139fadc3abc9c0abc75bf2919ee28a44c9a88438146336ff06988ea","ssdeep":"","tlshash":"3af005fcdb6c14946ead14650c7c15dd562323fa69d821f7ee7cdc0e38c8e9960142b4","dom_hash":"domhash39e6dd6df1d779ee6eb6200cd0a25528","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"ekhealthsharefiledoc8786.us-sea-1.linodeobjects.com","fqdn":"ekhealthsharefiledoc8786.us-sea-1.linodeobjects.com","domain":"ekhealthsharefiledoc8786.us-sea-1.linodeobjects.com","tld":"us-sea-1.linodeobjects.com"},"ip":{"addr":"172.234.248.30","port":0,"asn":63949,"as":"Akamai Connected Cloud","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-28T21:50:23Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-21","alert":"Sinkholed","trigger":"ekhealthsharefiledoc8786.us-sea-1.linodeobjects.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-21","alert":"Sinkholed","trigger":"ekhealthsharefiledoc8786.us-sea-1.linodeobjects.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"ekhealthsharefiledoc8786.us-sea-1.linodeobjects.com","ip":{"addr":"172.238.39.150","port":443,"asn":20940,"as":"Akamai International B.V.","country":"United States","country_code":"US"},"domain_registered":"2018-07-11","domain_rank":0,"first_seen":"2026-02-20T21:35:35.71154Z","last_seen":"2026-02-20T21:35:35.71154Z","alert_count":4,"request_count":2,"received_data":1306,"sent_data":1029,"comment":"","tags":null,"fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"ekhealthsharefiledoc8786.us-sea-1.linodeobjects.com/","fqdn":"ekhealthsharefiledoc8786.us-sea-1.linodeobjects.com","domain":"ekhealthsharefiledoc8786.us-sea-1.linodeobjects.com","tld":"us-sea-1.linodeobjects.com"},"ip":{"addr":"172.238.39.150","port":443,"asn":20940,"as":"Akamai International B.V.","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-21T21:50:01.684Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"us-sea-1.linodeobjects.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 06:40:39 GMT","end":"Sat, 25 Apr 2026 06:40:38 GMT"},"fingerprint":{"sha1":"D6:3E:EC:E2:12:36:A3:63:6F:5E:32:21:59:CE:7A:2A:C5:CC:0C:36","sha256":"5A:2C:98:73:94:AD:A3:A4:0A:1F:96:A4:F6:CA:9C:64:69:40:02:42:72:96:05:11:D0:AB:11:17:A3:F2:5F:6A"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: ekhealthsharefiledoc8786.us-sea-1.linodeobjects.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 21 Feb 2026 21:50:02 GMT\r\nContent-Type: application/xml\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nx-amz-request-id: tx000006ffef277d5c739cf-00699a288a-101244578-default\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":602,"size_decoded":0,"mime_type":"application/xml","magic":"XML 1.0 document, ASCII text, with very long lines (602), with no line terminators","md5":"378ca36565b557dcc0ce467de8538707","sha1":"efa96c825d780e1b636595ee6e3dfc0a590e80f8","sha256":"7907305ccc1079138d71138ab15a23a18584377789f8dbfa3f896e0302857630","sha512":"8491316ad9320b1f470445d85a4f5248e6c73c20a4868420ba739a8e9832a808c35ce540571245d0bcec3d68848e50d1b5774f9b1f32263d6cc3b58cc386ba88","ssdeep":"","tlshash":"fdf041f8da7c10e42eec28580d7c82cd222323fa1dd412faee78d80f3894f9950052b8","first_seen":"2026-02-21T20:32:59.961579Z","last_seen":"2026-02-21T21:50:23.420298Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1126,"timings":{"blocked":474,"dns":168,"connect":148,"send":0,"wait":176,"receive":1,"ssl":156},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-21","alert":"Sinkholed","trigger":"ekhealthsharefiledoc8786.us-sea-1.linodeobjects.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-21","alert":"Sinkholed","trigger":"ekhealthsharefiledoc8786.us-sea-1.linodeobjects.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ekhealthsharefiledoc8786.us-sea-1.linodeobjects.com/favicon.ico","fqdn":"ekhealthsharefiledoc8786.us-sea-1.linodeobjects.com","domain":"ekhealthsharefiledoc8786.us-sea-1.linodeobjects.com","tld":"us-sea-1.linodeobjects.com"},"ip":{"addr":"172.238.39.150","port":443,"asn":20940,"as":"Akamai International B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ekhealthsharefiledoc8786.us-sea-1.linodeobjects.com/","date":"2026-02-21T21:50:02.556Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"us-sea-1.linodeobjects.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 06:40:39 GMT","end":"Sat, 25 Apr 2026 06:40:38 GMT"},"fingerprint":{"sha1":"D6:3E:EC:E2:12:36:A3:63:6F:5E:32:21:59:CE:7A:2A:C5:CC:0C:36","sha256":"5A:2C:98:73:94:AD:A3:A4:0A:1F:96:A4:F6:CA:9C:64:69:40:02:42:72:96:05:11:D0:AB:11:17:A3:F2:5F:6A"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: ekhealthsharefiledoc8786.us-sea-1.linodeobjects.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ekhealthsharefiledoc8786.us-sea-1.linodeobjects.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Sat, 21 Feb 2026 21:50:02 GMT\r\nContent-Type: application/xml\r\nContent-Length: 260\r\nConnection: keep-alive\r\nx-amz-request-id: tx0000030d5e74c1331755b-00699a288a-101248bf1-default\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":260,"size_decoded":0,"mime_type":"application/xml","magic":"XML 1.0 document, ASCII text, with no line terminators","md5":"d7e41b9278cddd14697ae0a4f6b0b82a","sha1":"442e05e2c5702c31d4d13ef6e03b226f92b0281e","sha256":"f0c17e3a2847f89543a7a6d0e5388e217abdbb94153f4498ce2490b2b7130b88","sha512":"cec41d98903c14fce4930124805a05a8772a7f9a0ed9fd4b9f4ba2a193e9c429732a070a72beeefab2d7054a5d0b77b012179dbc0a9c978837b5fa6cee28930d","ssdeep":"","tlshash":"abd02b6d3750a52dd251005c693ee131769ce43d12d130299d800a830e6c4875d25330","first_seen":"2026-02-21T21:50:23.420919Z","last_seen":"2026-02-21T21:50:23.420919Z","times_seen":1,"resource_available":false,"data":null}},"time_used":152,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":151,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-21","alert":"Sinkholed","trigger":"ekhealthsharefiledoc8786.us-sea-1.linodeobjects.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-21","alert":"Sinkholed","trigger":"ekhealthsharefiledoc8786.us-sea-1.linodeobjects.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}