Report - kzconn.com.cn/api/gateway.php?method=statistics.reportingdata

Report Overview

Submitted URL
kzconn.com.cn/api/gateway.php?method=statistics.reportingdata
IP
211.149.231.139
ASN
#38283 CHINANET SiChuan Telecom Internet Data Center
Submitted
2024-04-24 13:57:16
Access
public
Website Title
kzconn.com.cn/api/gateway.php?method=statistics.reportingdata
Final URL
www.kzconn.com.cn/api/gateway.php?method=statistics.reportingdata
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
kzconn.com.cn	unknown	unknown	No data	No data	431 B	552 B	211.149.231.139
www.kzconn.com.cn	unknown	2021-03-04	2022-08-16	2023-06-30	827 B	18 kB	211.149.231.139

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-24	medium	kzconn.com.cn	Sinkholed
2024-04-24	medium	kzconn.com.cn	Sinkholed
2024-04-24	medium	kzconn.com.cn	Sinkholed

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (3)

URL IP Response Size

kzconn.com.cn/api/gateway.php?method=statistics.reportingdata

211.149.231.139

301 Moved Permanently

280 B

URL User Request GET HTTP/1.1
kzconn.com.cn/api/gateway.php?method=statistics.reportingdata
IP
211.149.231.139:80
ASN
#38283 CHINANET SiChuan Telecom Internet Data Center

File type
HTML document, ASCII text
Size
280 B (280 bytes)
Hash
f0a88baa44e9ca0b9fafe194a80272bf
aa6d34e1e7507f6f8ab4cb06e0f8cc47384b0c8e
19fc336d8fbda2528f0b94b67e55e9a5c8faab98092bd42387a352028e26d6e9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/gateway.php?method=statistics.reportingdata HTTP/1.1
Host: kzconn.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: wts/1.19.9.1
Date: Wed, 24 Apr 2024 13:56:52 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://www.kzconn.com.cn/api/gateway.php?method=statistics.reportingdata

www.kzconn.com.cn/api/gateway.php?method=statistics.reportingdata

211.149.231.139

200 OK

105 B

URL User Request GET HTTP/1.1
www.kzconn.com.cn/api/gateway.php?method=statistics.reportingdata
IP
211.149.231.139:80
ASN
#38283 CHINANET SiChuan Telecom Internet Data Center

File type
JSON text data
Size
105 B (105 bytes)
Hash
3b5b1c7fbba781d26b84000002d91876
50f6652fa3d14b27c333b6db8ecc1d98f4934bfa
906dd10efda9f5497f9bd220cd9404ebd2c3bdee3da4e1d4d2040bca5fb2e375

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/gateway.php?method=statistics.reportingdata HTTP/1.1
Host: www.kzconn.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: wts/1.19.9.1
Date: Wed, 24 Apr 2024 13:56:55 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 105
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

www.kzconn.com.cn/favicon.ico

211.149.231.139

200 OK

17 kB

URL GET HTTP/1.1
www.kzconn.com.cn/favicon.ico
IP
211.149.231.139:80
ASN
#38283 CHINANET SiChuan Telecom Internet Data Center

Requested by
http://www.kzconn.com.cn/api/gateway.php?method=statistics.reportingdata

File type
MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel
Size
17 kB (16958 bytes)
Hash
b2175a6665ed95867eb515f292d4ff74
88e5da4a6d2b66e8d8b121d6ebb83338fbafb1e5
e5a329f1447a2178a6fecfd446b6a45c0281295e3b0570365b741041ad3c6e0b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.kzconn.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kzconn.com.cn/api/gateway.php?method=statistics.reportingdata
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: wts/1.19.9.1
Date: Wed, 24 Apr 2024 13:56:55 GMT
Content-Type: image/vnd.microsoft.icon
Content-Length: 16958
Connection: keep-alive
Last-Modified: Wed, 24 Mar 2021 16:56:12 GMT
ETag: "423e-5be4b2d192300"
Accept-Ranges: bytes

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (3)

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers