42.200.108.27 Open in urlscan Pro
42.200.108.27 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.crownrms.dc13.teleeye.link/
Effective URL:
http://42.200.108.27:2024/Pages/login.htm
Submission: On August 08 via api (August 8th 2024, 5:06:41 am UTC) from US — Scanned from US

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 14 HTTP transactions. The main IP is 42.200.108.27, located in Hong Kong and belongs to HKTIMS-AP HKT Limited, HK. The main domain is 42.200.108.27.

This is the only time 42.200.108.27 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	104.199.148.72 104.199.148.72	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
8	42.200.108.27 42.200.108.27	4760 (HKTIMS-AP...) (HKTIMS-AP HKT Limited)
14	3

2 104.199.148.72 (Taipei, Taiwan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 72.148.199.104.bc.googleusercontent.com

www.crownrms.dc13.teleeye.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 42.200.108.27 (Hong Kong)

ASN4760 (HKTIMS-AP HKT Limited, HK)
PTR: 42-200-108-27.static.imsbiz.com

42.200.108.27	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	teleeye.link www.crownrms.dc13.teleeye.link	1 KB
0	Failed function sub() { [native code] }. Failed
14	2

	Domain	Requested by
2	www.crownrms.dc13.teleeye.link
0	42.200.108.27 Failed	42.200.108.27
14	2

This site contains no links.

Subject Issuer	Validity	Valid
www.teleeye.com Go Daddy Secure Certificate Authority - G2	`2023-09-03` - `2024-10-04`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://42.200.108.27:2024/Pages/login.htm
Frame ID: F25F755759F5998899EA7A42276B0E2F
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.crownrms.dc13.teleeye.link/ Page URL
http://42.200.108.27:2024/ HTTP 307
https://42.200.108.27:2024/ HTTP 307
http://42.200.108.27:2024/ Page URL
http://42.200.108.27:2024/Pages/login.htm Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

17 kB
Transfer

129 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.crownrms.dc13.teleeye.link/ Page URL
http://42.200.108.27:2024/ HTTP 307
https://42.200.108.27:2024/ HTTP 307
http://42.200.108.27:2024/ Page URL
http://42.200.108.27:2024/Pages/login.htm Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://42.200.108.27:2024/ HTTP 307
https://42.200.108.27:2024/ HTTP 307
http://42.200.108.27:2024/

14 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response www.crownrms.dc13.teleeye.link/	712 B 777 B	990ms 192ms	Document text/html	104.199.148.72 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://www.crownrms.dc13.teleeye.link/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.199.148.72 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 72.148.199.104.bc.googleusercontent.com Software Apache / Resource Hash `f3ae8501cae42dfdce930323e3f1286f3232c1ad4e25621f954bf7f27374703c` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Connection Keep-Alive Content-Encoding gzip Content-Length 453 Content-Type text/html;charset=ISO-8859-1 Date Thu, 08 Aug 2024 05:06:26 GMT Keep-Alive timeout=15, max=100 Server Apache Vary Accept-Encoding
GET H/1.1	200 OK	/ 42.200.108.27/ Redirect Chain http://42.200.108.27:2024/ https://42.200.108.27:2024/ http://42.200.108.27:2024/	340 B 436 B	567ms 335ms	Document text/html	42.200.108.27 HKTIMS-AP HKT Lim...
General Check archive.org Show headers Download Go to Full URL http://42.200.108.27:2024/ Protocol HTTP/1.1 Server 42.200.108.27 , Hong Kong, ASN4760 (HKTIMS-AP HKT Limited, HK), Reverse DNS 42-200-108-27.static.imsbiz.com Software / Resource Hash Request headers Referer https://www.crownrms.dc13.teleeye.link/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers AuthInfo Connection close Content-Length 340 Content-type text/html Redirect headers Location http://42.200.108.27:2024/ Non-Authoritative-Reason HttpsUpgrades
GET H/1.1	404 Not Found	favicon.ico www.crownrms.dc13.teleeye.link/	277 B 478 B	185ms 185ms	Other text/html	104.199.148.72 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://www.crownrms.dc13.teleeye.link/favicon.ico Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.199.148.72 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 72.148.199.104.bc.googleusercontent.com Software Apache / Resource Hash Request headers Referer https://www.crownrms.dc13.teleeye.link/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Date Thu, 08 Aug 2024 05:06:26 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=15, max=99 Content-Length 277 Content-Type text/html; charset=iso-8859-1
GET H/1.1	200 OK	Primary Request login.htm Show response 42.200.108.27/Pages/	3 KB 3 KB	460ms 232ms	Document text/html	42.200.108.27 HKTIMS-AP HKT Lim...
General Check archive.org Show headers Download Go to Full URL http://42.200.108.27:2024/Pages/login.htm Requested by Host: 42.200.108.27 URL: http://42.200.108.27:2024/ Protocol HTTP/1.1 Server 42.200.108.27 , Hong Kong, ASN4760 (HKTIMS-AP HKT Limited, HK), Reverse DNS 42-200-108-27.static.imsbiz.com Software / Resource Hash `892564e6b0c9a5fdf615c0fcc02e0ef7b2f78066599d5f00909acbad5084427b` Request headers Referer http://42.200.108.27:2024/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers AuthInfo Connection close Content-Length 2701 Content-type text/html
GET H/1.1	200 OK	login.css 42.200.108.27/Css/	4 KB 4 KB	467ms 234ms	Stylesheet text/css	42.200.108.27 HKTIMS-AP HKT Lim...
General Check archive.org Show headers Download Go to Full URL http://42.200.108.27:2024/Css/login.css?v=20160310.1 Requested by Host: 42.200.108.27 URL: http://42.200.108.27:2024/Pages/login.htm Protocol HTTP/1.1 Server 42.200.108.27 , Hong Kong, ASN4760 (HKTIMS-AP HKT Limited, HK), Reverse DNS 42-200-108-27.static.imsbiz.com Software / Resource Hash `a9b14344afa24dde4205210f2672ad54ffa6c72591669518648ebb0bcd74aad0` Request headers Referer http://42.200.108.27:2024/Pages/login.htm User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Connection close Content-Length 4508 AuthInfo Content-type text/css
GET H/1.1	200 OK	jquery-1.7.2.min.js 42.200.108.27/Scripts/	39 KB 0	471ms 238ms	Script text/plain	42.200.108.27 HKTIMS-AP HKT Lim...
General Check archive.org Show headers Download Go to Full URL http://42.200.108.27:2024/Scripts/jquery-1.7.2.min.js?v=20160310.1 Requested by Host: 42.200.108.27 URL: http://42.200.108.27:2024/Pages/login.htm Protocol HTTP/1.1 Server 42.200.108.27 , Hong Kong, ASN4760 (HKTIMS-AP HKT Limited, HK), Reverse DNS 42-200-108-27.static.imsbiz.com Software / Resource Hash Request headers Referer http://42.200.108.27:2024/Pages/login.htm User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Connection close Content-Length 94843 AuthInfo Content-type
GET H/1.1	200 OK	jquery.cookie.js Show response 42.200.108.27/Scripts/Third/	4 KB 4 KB	506ms 253ms	Script text/plain	42.200.108.27 HKTIMS-AP HKT Lim...
General Check archive.org Show headers Download Go to Full URL http://42.200.108.27:2024/Scripts/Third/jquery.cookie.js?v=20160310.1 Requested by Host: 42.200.108.27 URL: http://42.200.108.27:2024/Pages/login.htm Protocol HTTP/1.1 Server 42.200.108.27 , Hong Kong, ASN4760 (HKTIMS-AP HKT Limited, HK), Reverse DNS 42-200-108-27.static.imsbiz.com Software / Resource Hash `087712cabcc08391246c1c3ab4ddecd706ac939a7b1f10e13fe207d9f9240148` Request headers Referer http://42.200.108.27:2024/Pages/login.htm User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Connection close Content-Length 3752 AuthInfo Content-type
GET H/1.1	200 OK	CommonFunctions.js 42.200.108.27/Scripts/Common/	39 KB 0	508ms 256ms	Script text/plain	42.200.108.27 HKTIMS-AP HKT Lim...
General Check archive.org Show headers Download Go to Full URL http://42.200.108.27:2024/Scripts/Common/CommonFunctions.js?v=20160310.1 Requested by Host: 42.200.108.27 URL: http://42.200.108.27:2024/Pages/login.htm Protocol HTTP/1.1 Server 42.200.108.27 , Hong Kong, ASN4760 (HKTIMS-AP HKT Limited, HK), Reverse DNS 42-200-108-27.static.imsbiz.com Software / Resource Hash Request headers Referer http://42.200.108.27:2024/Pages/login.htm User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Connection close Content-Length 49816 AuthInfo Content-type
GET H/1.1	200 OK	jquery.watermark.min.js Show response 42.200.108.27/Scripts/Third/	5 KB 5 KB	736ms 484ms	Script text/plain	42.200.108.27 HKTIMS-AP HKT Lim...
General Check archive.org Show headers Download Go to Full URL http://42.200.108.27:2024/Scripts/Third/jquery.watermark.min.js?v=20160310.1 Requested by Host: 42.200.108.27 URL: http://42.200.108.27:2024/Pages/login.htm Protocol HTTP/1.1 Server 42.200.108.27 , Hong Kong, ASN4760 (HKTIMS-AP HKT Limited, HK), Reverse DNS 42-200-108-27.static.imsbiz.com Software / Resource Hash `1b0c90cb0cbeea1cfd3eda207b1857d488c8c03185363297104e4e17e8ebb3a6` Request headers Referer http://42.200.108.27:2024/Pages/login.htm User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Connection close Content-Length 4629 AuthInfo Content-type
GET H/1.1	200 OK	UnicodeAnsi.js 42.200.108.27/Scripts/Common/	34 KB 0	628ms 374ms	Script text/plain	42.200.108.27 HKTIMS-AP HKT Lim...
General Check archive.org Show headers Download Go to Full URL http://42.200.108.27:2024/Scripts/Common/UnicodeAnsi.js Requested by Host: 42.200.108.27 URL: http://42.200.108.27:2024/Pages/login.htm Protocol HTTP/1.1 Server 42.200.108.27 , Hong Kong, ASN4760 (HKTIMS-AP HKT Limited, HK), Reverse DNS 42-200-108-27.static.imsbiz.com Software / Resource Hash Request headers Referer http://42.200.108.27:2024/Pages/login.htm User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Connection close Content-Length 78012 AuthInfo Content-type
GET		Base64.js 42.200.108.27/Scripts/Common/	0 0

GET		Encryption.js 42.200.108.27/Scripts/Common/	0 0

GET		base.js 42.200.108.27/Scripts/	0 0

GET		login.htm.js 42.200.108.27/Scripts/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 42.200.108.27
URL: http://42.200.108.27:2024/Scripts/Common/Base64.js?v=20160310.1

Domain: 42.200.108.27
URL: http://42.200.108.27:2024/Scripts/Common/Encryption.js?v=20160310.1

Domain: 42.200.108.27
URL: http://42.200.108.27:2024/Scripts/base.js?v=20160310.1

Domain: 42.200.108.27
URL: http://42.200.108.27:2024/Scripts/login.htm.js?v=20160310.1

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.crownrms.dc13.teleeye.link/	1969-12-31 23:59:59	Name: JSESSIONID Value: F80AB307B9896E4423E40DB41715F31C

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.crownrms.dc13.teleeye.link/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

42.200.108.27
www.crownrms.dc13.teleeye.link
42.200.108.27
104.199.148.72
42.200.108.27
087712cabcc08391246c1c3ab4ddecd706ac939a7b1f10e13fe207d9f9240148
1b0c90cb0cbeea1cfd3eda207b1857d488c8c03185363297104e4e17e8ebb3a6
892564e6b0c9a5fdf615c0fcc02e0ef7b2f78066599d5f00909acbad5084427b
a9b14344afa24dde4205210f2672ad54ffa6c72591669518648ebb0bcd74aad0
f3ae8501cae42dfdce930323e3f1286f3232c1ad4e25621f954bf7f27374703c

42.200.108.27 Open in urlscan Pro 42.200.108.27 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

0 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

17 kBTransfer

129 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

42.200.108.27 Open in urlscan Pro
42.200.108.27 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

17 kB
Transfer

129 kB
Size

1
Cookies

14 HTTP transactions
0 data transactions