URL: https://twitchyneedles.com/
Submission Tags: phishingrod
Submission: On June 05 via api from DE — Scanned from FR

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 12 HTTP transactions. The main IP is 149.202.144.6, located in France and belongs to OVH, FR. The main domain is twitchyneedles.com.
TLS certificate: Issued by R3 on June 5th 2023. Valid for: 3 months.
This is the only time twitchyneedles.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 149.202.144.6 16276 (OVH)
1 18.66.105.80 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 104.244.42.65 13414 (TWITTER)
12 4
Apex Domain
Subdomains
Transfer
8 twitchyneedles.com
twitchyneedles.com
169 KB
2 twitter.com
twitter.com — Cisco Umbrella Rank: 261
1 blogspot.com
4.bp.blogspot.com — Cisco Umbrella Rank: 14343
9 KB
1 flickr.com
farm5.static.flickr.com — Cisco Umbrella Rank: 168610
10 KB
12 4
Domain Requested by
8 twitchyneedles.com twitchyneedles.com
2 twitter.com twitchyneedles.com
1 4.bp.blogspot.com twitchyneedles.com
1 farm5.static.flickr.com twitchyneedles.com
12 4

This site contains links to these domains. Also see Links.

Domain
www.flickr.com
www.folksy.com
beckie-a.blogspot.com
www.ravelry.com
Subject Issuer Validity Valid
twitchyneedles.com
R3
2023-06-05 -
2023-09-03
3 months crt.sh
static.flickr.com
Amazon RSA 2048 M01
2023-02-23 -
2024-01-11
a year crt.sh
misc-sni.blogspot.com
GTS CA 1C3
2023-05-19 -
2023-08-11
3 months crt.sh
twitter.com
DigiCert TLS RSA SHA256 2020 CA1
2022-12-25 -
2023-12-25
a year crt.sh

This page contains 1 frames:

Primary Page: https://twitchyneedles.com/
Frame ID: 5CAF54DA0EDC7FACFA033BC19AFE666A
Requests: 12 HTTP requests in this frame

Screenshot

Page Title

Twitchy Needles

Page Statistics

12
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

188 kB
Transfer

190 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
twitchyneedles.com/
3 KB
998 B
Document
General
Full URL
https://twitchyneedles.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.202.144.6 , France, ASN16276 (OVH, FR),
Reverse DNS
davidakroyd.co.uk
Software
nginx / PleskLin
Resource Hash
20d419edb1bc869b82e7e8002dc6354400e74358075dee340effac06349b34c2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

content-encoding
br
content-type
text/html
date
Mon, 05 Jun 2023 14:08:04 GMT
etag
W/"604d1df4-a19"
last-modified
Sat, 13 Mar 2021 20:17:56 GMT
server
nginx
x-powered-by
PleskLin
style.css
twitchyneedles.com/
4 KB
1 KB
Stylesheet
General
Full URL
https://twitchyneedles.com/style.css
Requested by
Host: twitchyneedles.com
URL: https://twitchyneedles.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.202.144.6 , France, ASN16276 (OVH, FR),
Reverse DNS
davidakroyd.co.uk
Software
nginx / PleskLin
Resource Hash
cf7f4bad9d70f0b43acc635e2ca24590919c29003e09ca73338545c8142a11dd

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://twitchyneedles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 14:08:04 GMT
content-encoding
br
last-modified
Sat, 13 Mar 2021 20:17:57 GMT
server
nginx
etag
W/"604d1df5-fad"
x-powered-by
PleskLin
content-type
text/css
4573813937_3e9bd44ef7_m.jpg
farm5.static.flickr.com/4055/
9 KB
10 KB
Image
General
Full URL
https://farm5.static.flickr.com/4055/4573813937_3e9bd44ef7_m.jpg
Requested by
Host: twitchyneedles.com
URL: https://twitchyneedles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.105.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-105-80.fra56.r.cloudfront.net
Software
Jubilee /
Resource Hash
349fc7fd7bc0eb77b0aef60902ca75f28e00226b1050a2fa98583cb21e759413
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://twitchyneedles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 14:08:04 GMT
via
1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
mib
2
x-ttfb
0.1721
x-amz-cf-pop
FRA56-P5
surrogate-control
public, max-age=31536000
ourvalues
Empower Passion (#5 of 5)
x-env
a=live, b=jubilee, c=77f4af62, e=57ff0640092cb6b0db3735df07a7742299b2307d
p3p
CP="This is not a P3P policy. We respect your privacy."
streaming
false
edge-control
public, max-age=31536000
x-cache
Miss from cloudfront
imageheight
161
powered-by
Mutation/1.0
imagewidth
240
x-ttdb-l
9195
x-request-id
0f3748cb
last-modified
Thu, 28 Feb 2019 10:59:28 GMT
server
Jubilee
etag
"94f6befe0e73162b47a90679ddef5227.1"
x-frame-options
DENY
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
quote
"I'm not a kid anymore, I'm one of you, one of the X-Men. It means more to me than anything in the world."
access-control-allow-origin
*
cache-control
public, max-age=31536000
hiring
Change the world of photography with us. https://www.flickr.com/jobs/
origintype
X
x-amz-cf-id
zP_nfeOQMkSnEkKXf5H0-_DcGtHeFyUMNuEQE477w0gN8t0yOxaDiA==
expires
Tue, 04 Jun 2024 14:08:05 GMT
DSC_2309+%28c%29.JPG
4.bp.blogspot.com/_NLZtAT_XB0A/S8GzBg_OC6I/AAAAAAAAAAs/tGzAWlW6Jho/s320/
9 KB
9 KB
Image
General
Full URL
https://4.bp.blogspot.com/_NLZtAT_XB0A/S8GzBg_OC6I/AAAAAAAAAAs/tGzAWlW6Jho/s320/DSC_2309+%28c%29.JPG
Requested by
Host: twitchyneedles.com
URL: https://twitchyneedles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
9d91b58b2508ce8198328c22621db6b0b3650cf22cc803beed7fec1122c15e96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://twitchyneedles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 14:08:04 GMT
x-content-type-options
nosniff
server
fife
etag
"vb"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="DSC_2309 (c).JPG"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9256
x-xss-protection
0
expires
Tue, 06 Jun 2023 14:08:04 GMT
blogger.js
twitter.com/javascripts/
0
0
Script
General
Full URL
https://twitter.com/javascripts/blogger.js
Requested by
Host: twitchyneedles.com
URL: https://twitchyneedles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.65 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://twitchyneedles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Beckie_A.json
twitter.com/statuses/user_timeline/
0
0
Script
General
Full URL
https://twitter.com/statuses/user_timeline/Beckie_A.json?callback=twitterCallback2&count=2
Requested by
Host: twitchyneedles.com
URL: https://twitchyneedles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.65 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://twitchyneedles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

menu.jpg
twitchyneedles.com/img/
43 KB
43 KB
Image
General
Full URL
https://twitchyneedles.com/img/menu.jpg
Requested by
Host: twitchyneedles.com
URL: https://twitchyneedles.com/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.202.144.6 , France, ASN16276 (OVH, FR),
Reverse DNS
davidakroyd.co.uk
Software
nginx / PleskLin
Resource Hash
50c09b1c5cc7528a45b7af34a014dc25b429fcfce25f1c1befa4b33a3b13b129

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://twitchyneedles.com/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 14:08:04 GMT
last-modified
Sat, 13 Mar 2021 20:17:56 GMT
server
nginx
etag
"604d1df4-aa28"
x-powered-by
PleskLin
content-type
image/jpeg
accept-ranges
bytes
content-length
43560
logoleft.jpg
twitchyneedles.com/img/
40 KB
40 KB
Image
General
Full URL
https://twitchyneedles.com/img/logoleft.jpg
Requested by
Host: twitchyneedles.com
URL: https://twitchyneedles.com/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.202.144.6 , France, ASN16276 (OVH, FR),
Reverse DNS
davidakroyd.co.uk
Software
nginx / PleskLin
Resource Hash
facbf5373804ab7e0c791e74ce692c228b1f68ae061e2dfb7f194087bda4fd76

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://twitchyneedles.com/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 14:08:04 GMT
last-modified
Sat, 13 Mar 2021 20:17:56 GMT
server
nginx
etag
"604d1df4-9fab"
x-powered-by
PleskLin
content-type
image/jpeg
accept-ranges
bytes
content-length
40875
linksright.jpg
twitchyneedles.com/img/
29 KB
29 KB
Image
General
Full URL
https://twitchyneedles.com/img/linksright.jpg
Requested by
Host: twitchyneedles.com
URL: https://twitchyneedles.com/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.202.144.6 , France, ASN16276 (OVH, FR),
Reverse DNS
davidakroyd.co.uk
Software
nginx / PleskLin
Resource Hash
4bcd942beb12a3c42a89ed990635606a4b6d54ee913c745acc59dc3b59feabed

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://twitchyneedles.com/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 14:08:04 GMT
last-modified
Sat, 13 Mar 2021 20:17:56 GMT
server
nginx
etag
"604d1df4-73da"
x-powered-by
PleskLin
content-type
image/jpeg
accept-ranges
bytes
content-length
29658
border.jpg
twitchyneedles.com/img/
15 KB
15 KB
Image
General
Full URL
https://twitchyneedles.com/img/border.jpg
Requested by
Host: twitchyneedles.com
URL: https://twitchyneedles.com/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.202.144.6 , France, ASN16276 (OVH, FR),
Reverse DNS
davidakroyd.co.uk
Software
nginx / PleskLin
Resource Hash
dd074c3d00d593d9be482774552fe85610b7df82e320ccc0a632e8276664060c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://twitchyneedles.com/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 14:08:04 GMT
last-modified
Sat, 13 Mar 2021 20:17:56 GMT
server
nginx
etag
"604d1df4-3d19"
x-powered-by
PleskLin
content-type
image/jpeg
accept-ranges
bytes
content-length
15641
box.jpg
twitchyneedles.com/img/
17 KB
18 KB
Image
General
Full URL
https://twitchyneedles.com/img/box.jpg
Requested by
Host: twitchyneedles.com
URL: https://twitchyneedles.com/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.202.144.6 , France, ASN16276 (OVH, FR),
Reverse DNS
davidakroyd.co.uk
Software
nginx / PleskLin
Resource Hash
3a7a8bad3b25fc1945f58c43452f760aface31b9402caa191946b5f7df3b7934

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://twitchyneedles.com/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 14:08:04 GMT
last-modified
Sat, 13 Mar 2021 20:17:56 GMT
server
nginx
etag
"604d1df4-4582"
x-powered-by
PleskLin
content-type
image/jpeg
accept-ranges
bytes
content-length
17794
footer.jpg
twitchyneedles.com/img/
21 KB
22 KB
Image
General
Full URL
https://twitchyneedles.com/img/footer.jpg
Requested by
Host: twitchyneedles.com
URL: https://twitchyneedles.com/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.202.144.6 , France, ASN16276 (OVH, FR),
Reverse DNS
davidakroyd.co.uk
Software
nginx / PleskLin
Resource Hash
d804dfbf3a379b013a561543c00abe81c4e2eedc809f3133b78d9dc8449fceac

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://twitchyneedles.com/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 14:08:04 GMT
last-modified
Sat, 13 Mar 2021 20:17:56 GMT
server
nginx
etag
"604d1df4-55dd"
x-powered-by
PleskLin
content-type
image/jpeg
accept-ranges
bytes
content-length
21981

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend

1 Cookies

Domain/Path Name / Value
.twitter.com/ Name: guest_id
Value: v1%3A168597408463519203