twitchbots.t3kkie.ch
Open in
urlscan Pro
2a01:ab20:0:4::37
Public Scan
URL:
https://twitchbots.t3kkie.ch/
Submission Tags: phishingrod
Submission: On May 03 via api from DE — Scanned from DE
Submission Tags: phishingrod
Submission: On May 03 via api from DE — Scanned from DE
Summary
This website contacted 4 IPs
in 3 countries
across 4 domains to perform 17 HTTP transactions.
The main IP is 2a01:ab20:0:4::37, located in
Switzerland and
belongs to CYON, CH.
The main domain is twitchbots.t3kkie.ch.
TLS certificate: Issued by twitchbots.t3kkie.ch on May 3rd 2023. Valid for: a year.
This is the only time twitchbots.t3kkie.ch was scanned on urlscan.io!
TLS certificate: Issued by twitchbots.t3kkie.ch on May 3rd 2023. Valid for: a year.
This is the only time twitchbots.t3kkie.ch was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 | 2a01:ab20:0:4... 2a01:ab20:0:4::37 | 47302 (CYON) (CYON) | |
| 10 | 2a02:26f0:350... 2a02:26f0:3500:16::215:1495 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 1 | 65.9.94.213 65.9.94.213 | 16509 (AMAZON-02) (AMAZON-02) | |
| 17 | 4 |
10
2a02:26f0:3500:16::215:1495
(Frankfurt am Main, Germany)
ASN20940 (AKAMAI-ASN1, NL)
ASN20940 (AKAMAI-ASN1, NL)
| use.typekit.net | |
| p.typekit.net |
1
65.9.94.213
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-65-9-94-213.prg50.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-65-9-94-213.prg50.r.cloudfront.net
| d3e54v103j8qbb.cloudfront.net |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 10 |
typekit.net
use.typekit.net — Cisco Umbrella Rank: 432 p.typekit.net — Cisco Umbrella Rank: 559 |
132 KB |
| 1 |
cloudfront.net
d3e54v103j8qbb.cloudfront.net |
31 KB |
| 1 |
t3kkie.ch
twitchbots.t3kkie.ch |
2 KB |
| 0 |
alynrox.com
Failed
style.alynrox.com Failed |
|
| 17 | 4 |
| Domain | Requested by | |
|---|---|---|
| 9 | use.typekit.net |
twitchbots.t3kkie.ch
|
| 1 | p.typekit.net | |
| 1 | d3e54v103j8qbb.cloudfront.net |
twitchbots.t3kkie.ch
|
| 1 | twitchbots.t3kkie.ch | |
| 0 | style.alynrox.com Failed |
twitchbots.t3kkie.ch
|
| 17 | 5 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| id.twitch.tv |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| twitchbots.t3kkie.ch twitchbots.t3kkie.ch |
2023-05-03 - 2024-05-02 |
a year | crt.sh |
| use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-09-14 - 2023-10-15 |
a year | crt.sh |
| *.cloudfront.net Amazon RSA 2048 M01 |
2022-12-08 - 2023-12-07 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://twitchbots.t3kkie.ch/
Frame ID: 9865C0A2BF3C9B55A0950C1A848F1BB7
Requests: 17 HTTP requests in this frame
1 Outgoing links
These are links going to different origins than the main page.
URL: https://id.twitch.tv/oauth2/authorize?response_type=code&client_id=6cvdmllslvdupriqr0g4kxplomv5ap&redirect_uri=https://auth.bots.alynrox.com/access.php&scope=channel:manage:broadcast%20channel:manage:polls%20channel:read:polls%20channel:read:subscriptions%20channel:read:hype_train%20user:read:email+chat:read+chat:edit+channel:moderate+whispers:edit&state=bd2h208pzgtdc6qg1lpyic1gssgjjs&claims={
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
17 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
twitchbots.t3kkie.ch/ |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
normalize.css
style.alynrox.com/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
webflow.css
style.alynrox.com/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
alynrox.webflow.css
style.alynrox.com/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mut2vij.js
use.typekit.net/ |
19 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-3.5.1.min.dc5e7f18c8.js
d3e54v103j8qbb.cloudfront.net/js/ |
87 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
webflow.js
style.alynrox.com/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
twitch-logo.svg
style.alynrox.com/images/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
l
use.typekit.net/af/2555e1/00000000000000007735e603/30/ |
16 KB 17 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
l
use.typekit.net/af/efe4a5/00000000000000007735e609/30/ |
16 KB 16 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
l
use.typekit.net/af/1be3c2/00000000000000007735e606/30/ |
16 KB 16 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
l
use.typekit.net/af/23e139/00000000000000007735e605/30/ |
16 KB 17 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
l
use.typekit.net/af/d70b18/00000000000000003b9ae812/27/ |
14 KB 14 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
l
use.typekit.net/af/b07a72/00000000000000003b9ae813/27/ |
15 KB 15 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
l
use.typekit.net/af/0d5649/00000000000000003b9ae814/27/ |
15 KB 15 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
l
use.typekit.net/af/9c1ec4/00000000000000003b9ae815/27/ |
15 KB 15 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
p.gif
p.typekit.net/ |
35 B 228 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- style.alynrox.com
- URL
- https://style.alynrox.com/css/normalize.css
- Domain
- style.alynrox.com
- URL
- https://style.alynrox.com/css/webflow.css
- Domain
- style.alynrox.com
- URL
- https://style.alynrox.com/css/alynrox.webflow.css
- Domain
- style.alynrox.com
- URL
- https://style.alynrox.com/js/webflow.js
- Domain
- style.alynrox.com
- URL
- https://style.alynrox.com/images/twitch-logo.svg
Verdicts & Comments Add Verdict or Comment
4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| Typekit function| $ function| jQuery1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| twitchbots.t3kkie.ch/ | Name: PHPSESSID Value: e8e796416e8ec93b916b6906e1c58461 |
5 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
d3e54v103j8qbb.cloudfront.net
p.typekit.net
style.alynrox.com
twitchbots.t3kkie.ch
use.typekit.net
style.alynrox.com
2a01:ab20:0:4::37
2a02:26f0:3500:16::215:1495
65.9.94.213
151ebc702b03e9310f8600b8ca34a4c66a0137714a62e6767cd32ff5f76caae6
4903975d119047dca7855955efd07f559556d566463df068713b6f4bd9faa2fe
58dc2f9ecbfa85accf8b5b67e283ba5b32fafc4769e6244a271ebb80d8a2efcf
6e797142281ac8bdd264cd6810043c5880eccf8797b420d437e9310453d1e2c9
81a6361b1f6ff5f9f6ca05b773fb993d7b7b3f668635ccba4379fa3ecb9a7e3e
886bb1876ed6c6b23065cb9ce55d8fd793e94593318627a43e2dd1362d40d999
8d2a52f42ca1a04b030d1f0cb97657c693e5bb29b2de6628281c28765ea1c2a9
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
b4096925f34c85d0c0e934ad77c44165dcd66fecc354c153784d246f00911da5
c16601d1a1e9dad10c547c2c7e3db78ea2ab11052f66741f412c48265a4d43c5
f1096de525ecd4549a0dea1507686fd365db607cddc697686b0f7ce81a9bdbab
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d