twitchyneedles.com Open in urlscan Pro
149.202.144.6 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://twitchyneedles.com/
Submission Tags: phishingrod
Submission: On June 05 via api (June 5th 2023, 2:08:09 pm UTC) from DE — Scanned from FR

Summary HTTP 12 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 12 HTTP transactions. The main IP is 149.202.144.6, located in France and belongs to OVH, FR. The main domain is twitchyneedles.com.
TLS certificate: Issued by R3 on June 5th 2023. Valid for: 3 months.

This is the only time twitchyneedles.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	149.202.144.6 149.202.144.6	16276 (OVH) (OVH)
1	18.66.105.80 18.66.105.80	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
2	104.244.42.65 104.244.42.65	13414 (TWITTER) (TWITTER)
12	4

8 149.202.144.6 (France)

ASN16276 (OVH, FR)
PTR: davidakroyd.co.uk

twitchyneedles.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.105.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-105-80.fra56.r.cloudfront.net

farm5.static.flickr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.65 (United States)

ASN13414 (TWITTER, US)

twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	twitchyneedles.com twitchyneedles.com	169 KB
2	twitter.com twitter.com — Cisco Umbrella Rank: 261
1	blogspot.com 4.bp.blogspot.com — Cisco Umbrella Rank: 14343	9 KB
1	flickr.com farm5.static.flickr.com — Cisco Umbrella Rank: 168610	10 KB
12	4

	Domain	Requested by
8	twitchyneedles.com	twitchyneedles.com
2	twitter.com	twitchyneedles.com
1	4.bp.blogspot.com	twitchyneedles.com
1	farm5.static.flickr.com	twitchyneedles.com
12	4

This site contains links to these domains. Also see Links.

Domain
www.flickr.com
www.folksy.com
beckie-a.blogspot.com
www.ravelry.com

Subject Issuer	Validity	Valid
twitchyneedles.com R3	`2023-06-05` - `2023-09-03`	3 months	crt.sh
static.flickr.com Amazon RSA 2048 M01	`2023-02-23` - `2024-01-11`	a year	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-25` - `2023-12-25`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://twitchyneedles.com/
Frame ID: 5CAF54DA0EDC7FACFA033BC19AFE666A
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Twitchy Needles

Page Statistics

12
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

188 kB
Transfer

190 kB
Size

1
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.flickr.com/photos/82706023@N00/
Title: Photos

Search URL Search Domain Scan URL

URL: https://www.folksy.com/shops/TwitchyNeedles
Title: Store

Search URL Search Domain Scan URL

URL: https://beckie-a.blogspot.com/
Title: Flickr

Search URL Search Domain Scan URL

URL: https://www.ravelry.com/designers/beckie-akroyd
Title: Ravelry

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
twitchyneedles.com/ 3 KB
998 B 97ms
20ms Document
text/html 149.202.144.6
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://twitchyneedles.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.202.144.6 , France, ASN16276 (OVH, FR),
Reverse DNS: davidakroyd.co.uk
Software: nginx / PleskLin
Resource Hash: 20d419edb1bc869b82e7e8002dc6354400e74358075dee340effac06349b34c2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

content-encoding: br
content-type: text/html
date: Mon, 05 Jun 2023 14:08:04 GMT
etag: W/"604d1df4-a19"
last-modified: Sat, 13 Mar 2021 20:17:56 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 style.css
twitchyneedles.com/ 4 KB
1 KB 22ms
21ms Stylesheet
text/css 149.202.144.6
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://twitchyneedles.com/style.css
Requested by: Host: twitchyneedles.com
URL: https://twitchyneedles.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.202.144.6 , France, ASN16276 (OVH, FR),
Reverse DNS: davidakroyd.co.uk
Software: nginx / PleskLin
Resource Hash: cf7f4bad9d70f0b43acc635e2ca24590919c29003e09ca73338545c8142a11dd

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://twitchyneedles.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:08:04 GMT
content-encoding: br
last-modified: Sat, 13 Mar 2021 20:17:57 GMT
server: nginx
etag: W/"604d1df5-fad"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 4573813937_3e9bd44ef7_m.jpg
farm5.static.flickr.com/4055/ 9 KB
10 KB 363ms
296ms Image
image/jpeg 18.66.105.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farm5.static.flickr.com/4055/4573813937_3e9bd44ef7_m.jpg

Requested by

Host: twitchyneedles.com
URL: https://twitchyneedles.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.105.80 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-105-80.fra56.r.cloudfront.net

Software

Jubilee /

Resource Hash

349fc7fd7bc0eb77b0aef60902ca75f28e00226b1050a2fa98583cb21e759413

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://twitchyneedles.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:08:04 GMT
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
mib: 2
x-ttfb: 0.1721
x-amz-cf-pop: FRA56-P5
surrogate-control: public, max-age=31536000
ourvalues: Empower Passion (#5 of 5)
x-env: a=live, b=jubilee, c=77f4af62, e=57ff0640092cb6b0db3735df07a7742299b2307d
p3p: CP="This is not a P3P policy. We respect your privacy."
streaming: false
edge-control: public, max-age=31536000
x-cache: Miss from cloudfront
imageheight: 161
powered-by: Mutation/1.0
imagewidth: 240
x-ttdb-l: 9195
x-request-id: 0f3748cb
last-modified: Thu, 28 Feb 2019 10:59:28 GMT
server: Jubilee
etag: "94f6befe0e73162b47a90679ddef5227.1"
x-frame-options: DENY
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
quote: "I'm not a kid anymore, I'm one of you, one of the X-Men. It means more to me than anything in the world."
access-control-allow-origin: *
cache-control: public, max-age=31536000
hiring: Change the world of photography with us. https://www.flickr.com/jobs/
origintype: X
x-amz-cf-id: zP_nfeOQMkSnEkKXf5H0-_DcGtHeFyUMNuEQE477w0gN8t0yOxaDiA==
expires: Tue, 04 Jun 2024 14:08:05 GMT

GET
H2 200 DSC_2309+%28c%29.JPG
4.bp.blogspot.com/_NLZtAT_XB0A/S8GzBg_OC6I/AAAAAAAAAAs/tGzAWlW6Jho/s320/ 9 KB
9 KB 478ms
413ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/_NLZtAT_XB0A/S8GzBg_OC6I/AAAAAAAAAAs/tGzAWlW6Jho/s320/DSC_2309+%28c%29.JPG

Requested by

Host: twitchyneedles.com
URL: https://twitchyneedles.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9d91b58b2508ce8198328c22621db6b0b3650cf22cc803beed7fec1122c15e96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://twitchyneedles.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:08:04 GMT
x-content-type-options: nosniff
server: fife
etag: "vb"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="DSC_2309 (c).JPG"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9256
x-xss-protection: 0
expires: Tue, 06 Jun 2023 14:08:04 GMT

GET
H2 200 blogger.js Show response
twitter.com/javascripts/ 0
0 220ms
158ms Script
text/html 104.244.42.65
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL: https://twitter.com/javascripts/blogger.js
Requested by: Host: twitchyneedles.com
URL: https://twitchyneedles.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.244.42.65 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://twitchyneedles.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H2 200 Beckie_A.json Show response
twitter.com/statuses/user_timeline/ 0
0 209ms
147ms Script
text/html 104.244.42.65
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL: https://twitter.com/statuses/user_timeline/Beckie_A.json?callback=twitterCallback2&count=2
Requested by: Host: twitchyneedles.com
URL: https://twitchyneedles.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.244.42.65 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://twitchyneedles.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H2 200 menu.jpg
twitchyneedles.com/img/ 43 KB
43 KB 50ms
49ms Image
image/jpeg 149.202.144.6
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twitchyneedles.com/img/menu.jpg
Requested by: Host: twitchyneedles.com
URL: https://twitchyneedles.com/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.202.144.6 , France, ASN16276 (OVH, FR),
Reverse DNS: davidakroyd.co.uk
Software: nginx / PleskLin
Resource Hash: 50c09b1c5cc7528a45b7af34a014dc25b429fcfce25f1c1befa4b33a3b13b129

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://twitchyneedles.com/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:08:04 GMT
last-modified: Sat, 13 Mar 2021 20:17:56 GMT
server: nginx
etag: "604d1df4-aa28"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 43560

GET
H2 200 logoleft.jpg
twitchyneedles.com/img/ 40 KB
40 KB 67ms
66ms Image
image/jpeg 149.202.144.6
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twitchyneedles.com/img/logoleft.jpg
Requested by: Host: twitchyneedles.com
URL: https://twitchyneedles.com/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.202.144.6 , France, ASN16276 (OVH, FR),
Reverse DNS: davidakroyd.co.uk
Software: nginx / PleskLin
Resource Hash: facbf5373804ab7e0c791e74ce692c228b1f68ae061e2dfb7f194087bda4fd76

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://twitchyneedles.com/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:08:04 GMT
last-modified: Sat, 13 Mar 2021 20:17:56 GMT
server: nginx
etag: "604d1df4-9fab"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 40875

GET
H2 200 linksright.jpg
twitchyneedles.com/img/ 29 KB
29 KB 68ms
67ms Image
image/jpeg 149.202.144.6
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twitchyneedles.com/img/linksright.jpg
Requested by: Host: twitchyneedles.com
URL: https://twitchyneedles.com/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.202.144.6 , France, ASN16276 (OVH, FR),
Reverse DNS: davidakroyd.co.uk
Software: nginx / PleskLin
Resource Hash: 4bcd942beb12a3c42a89ed990635606a4b6d54ee913c745acc59dc3b59feabed

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://twitchyneedles.com/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:08:04 GMT
last-modified: Sat, 13 Mar 2021 20:17:56 GMT
server: nginx
etag: "604d1df4-73da"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 29658

GET
H2 200 border.jpg
twitchyneedles.com/img/ 15 KB
15 KB 67ms
66ms Image
image/jpeg 149.202.144.6
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twitchyneedles.com/img/border.jpg
Requested by: Host: twitchyneedles.com
URL: https://twitchyneedles.com/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.202.144.6 , France, ASN16276 (OVH, FR),
Reverse DNS: davidakroyd.co.uk
Software: nginx / PleskLin
Resource Hash: dd074c3d00d593d9be482774552fe85610b7df82e320ccc0a632e8276664060c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://twitchyneedles.com/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:08:04 GMT
last-modified: Sat, 13 Mar 2021 20:17:56 GMT
server: nginx
etag: "604d1df4-3d19"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 15641

GET
H2 200 box.jpg
twitchyneedles.com/img/ 17 KB
18 KB 66ms
65ms Image
image/jpeg 149.202.144.6
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twitchyneedles.com/img/box.jpg
Requested by: Host: twitchyneedles.com
URL: https://twitchyneedles.com/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.202.144.6 , France, ASN16276 (OVH, FR),
Reverse DNS: davidakroyd.co.uk
Software: nginx / PleskLin
Resource Hash: 3a7a8bad3b25fc1945f58c43452f760aface31b9402caa191946b5f7df3b7934

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://twitchyneedles.com/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:08:04 GMT
last-modified: Sat, 13 Mar 2021 20:17:56 GMT
server: nginx
etag: "604d1df4-4582"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 17794

GET
H2 200 footer.jpg
twitchyneedles.com/img/ 21 KB
22 KB 22ms
21ms Image
image/jpeg 149.202.144.6
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twitchyneedles.com/img/footer.jpg
Requested by: Host: twitchyneedles.com
URL: https://twitchyneedles.com/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.202.144.6 , France, ASN16276 (OVH, FR),
Reverse DNS: davidakroyd.co.uk
Software: nginx / PleskLin
Resource Hash: d804dfbf3a379b013a561543c00abe81c4e2eedc809f3133b78d9dc8449fceac

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://twitchyneedles.com/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:08:04 GMT
last-modified: Sat, 13 Mar 2021 20:17:56 GMT
server: nginx
etag: "604d1df4-55dd"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 21981

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.twitter.com/	1970-01-20 21:49:48	Name: guest_id Value: v1%3A168597408463519203

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4.bp.blogspot.com
farm5.static.flickr.com
twitchyneedles.com
twitter.com
104.244.42.65
149.202.144.6
18.66.105.80
2a00:1450:4001:827::2001
20d419edb1bc869b82e7e8002dc6354400e74358075dee340effac06349b34c2
349fc7fd7bc0eb77b0aef60902ca75f28e00226b1050a2fa98583cb21e759413
3a7a8bad3b25fc1945f58c43452f760aface31b9402caa191946b5f7df3b7934
4bcd942beb12a3c42a89ed990635606a4b6d54ee913c745acc59dc3b59feabed
50c09b1c5cc7528a45b7af34a014dc25b429fcfce25f1c1befa4b33a3b13b129
9d91b58b2508ce8198328c22621db6b0b3650cf22cc803beed7fec1122c15e96
cf7f4bad9d70f0b43acc635e2ca24590919c29003e09ca73338545c8142a11dd
d804dfbf3a379b013a561543c00abe81c4e2eedc809f3133b78d9dc8449fceac
dd074c3d00d593d9be482774552fe85610b7df82e320ccc0a632e8276664060c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
facbf5373804ab7e0c791e74ce692c228b1f68ae061e2dfb7f194087bda4fd76

twitchyneedles.com Open in urlscan Pro 149.202.144.6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

12 Requests

100 %HTTPS

25 %IPv6

4 Domains

4 Subdomains

4 IPs

3 Countries

188 kBTransfer

190 kBSize

1 Cookies

4 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

1 Cookies

Indicators

twitchyneedles.com Open in urlscan Pro
149.202.144.6 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

188 kB
Transfer

190 kB
Size

1
Cookies

12 HTTP transactions
0 data transactions