twint-k.com Open in urlscan Pro
2603:1020:a01:4::37 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://toyota.betagdemo.com/Guts58896905SDSAF/
Effective URL:
https://twint-k.com/redeem/796675/home/?id=941635900
Submission: On May 03 via api (May 3rd 2024, 2:50:52 pm UTC) from HU — Scanned from CH

Summary HTTP 15 Redirects Links 72 Behaviour Indicators

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 15 HTTP transactions. The main IP is 2603:1020:a01:4::37, located in Zurich, Switzerland and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is twint-k.com.
TLS certificate: Issued by R3 on May 2nd 2024. Valid for: 3 months.

This is the only time twint-k.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: TWINT (Financial)

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3035::ac43:97ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2603:1020:a01... 2603:1020:a01:4::37	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
15	1

1 2606:4700:3035::ac43:97ec (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

toyota.betagdemo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2603:1020:a01:4::37 (Zurich, Switzerland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

twint-k.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	twint-k.com twint-k.com	473 KB
1	betagdemo.com 1 redirects toyota.betagdemo.com	476 B
15	2

	Domain	Requested by
15	twint-k.com	twint-k.com
1	toyota.betagdemo.com	1 redirects
15	2

This site contains links to these domains. Also see Links.

Domain
www.twint.ch
shop.twint.ch
banks.twint.ch
portal.twint.ch
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
ch.linkedin.com

Subject Issuer	Validity	Valid
twint-k.com R3	`2024-05-02` - `2024-07-31`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://twint-k.com/redeem/796675/home/?id=941635900
Frame ID: 2AD81A6721CB2C891DE60F68292AF921
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TWINT – the simple and secure way to pay online

Page URL History Show full URLs

https://toyota.betagdemo.com/Guts58896905SDSAF/ HTTP 302
https://twint-k.com/redeem/796675/?684083 Page URL
https://twint-k.com/redeem/796675/home/?id=941635900 Page URL

Page Statistics

15
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

473 kB
Transfer

472 kB
Size

1
Cookies

72 Outgoing links

These are links going to different origins than the main page.

URL: https://www.twint.ch/en/

Search URL Search Domain Scan URL

URL: https://www.twint.ch/en/private-customers/payment/at-cash-registers/#widget

Search URL Search Domain Scan URL

URL: https://www.twint.ch/en/private-customers/payment/at-cash-registers/
Title: At cash registers

Search URL Search Domain Scan URL

URL: https://www.twint.ch/en/private-customers/payment/onlineshop/
Title: In online shops

Search URL Search Domain Scan URL

URL: https://www.twint.ch/en/private-customers/functions/send-and-request-money/
Title: Between friends

Search URL Search Domain Scan URL

URL: https://www.twint.ch/en/private-customers/payment/pay-later/
Title: Pay later

Search URL Search Domain Scan URL

URL: https://www.twint.ch/en/private-customers/payment/loyalty-cards/
Title: Loyalty cards

Search URL Search Domain Scan URL

URL: https://www.twint.ch/en/private-customers/functions/mobility/refuel/
Title: Refuel

Search URL Search Domain Scan URL

URL: https://www.twint.ch/en/private-customers/functions/mobility/parking/
Title: Parking

Search URL Search Domain Scan URL

URL: https://www.twint.ch/en/private-customers/functions/purchase-ticket/
Title: Ticket purchase

Search URL Search Domain Scan URL

URL: https://www.twint.ch/en/private-customers/functions/insurance/travel/
Title: Travel

Search URL Search Domain Scan URL

URL: https://www.twint.ch/en/private-customers/functions/insurance/phone/
Title: Mobile phone

Search URL Search Domain Scan URL

URL: https://www.twint.ch/en/private-customers/functions/insurance/bicycle/
Title: Bicycle

Search URL Search Domain Scan URL

URL: https://www.twint.ch/en/private-customers/functions/insurance/
Title: All about the function

Search URL Search Domain Scan URL

URL: https://www.twint.ch/en/private-customers/functions/digital-vouchers/paysafecard/
Title: Paysafecard

Search URL Search Domain Scan URL

URL: https://www.twint.ch/en/private-customers/functions/digital-vouchers/google-play/
Title: Google Play

Search URL Search Domain Scan URL

URL: https://www.twint.ch/en/private-customers/functions/digital-vouchers/netflix/
Title: Netflix

Search URL Search Domain Scan URL

URL: https://www.twint.ch/en/private-customers/functions/digital-vouchers/
Title: All about the function

Search URL Search Domain Scan URL

URL: https://www.twint.ch/en/private-customers/functions/super-deals/
Title: Super Deals

Search URL Search Domain Scan URL

URL: https://www.twint.ch/en/private-customers/functions/donation/
Title: Donate

Search URL Search Domain Scan URL

URL: https://www.twint.ch/en/private-customers/functions/mobile-comparison/
Title: Mobile comparison

Search URL Search Domain Scan URL

URL: https://www.twint.ch/en/private-customers/functions/cash-withdrawal/
Title: Withdraw cash

Search URL Search Domain Scan URL

URL: https://www.twint.ch/en/private-customers/functions/order-coffee/
Title: Order coffee

Search URL Search Domain Scan URL

URL: https://www.twint.ch/en/private-customers/functions/
Title: All functions

Search URL Search Domain Scan URL

URL: https://www.twint.ch/en/private-customers/the-support-team/#section-faq
Title: FAQ

Search URL Search Domain Scan URL

URL: https://www.twint.ch/en/private-customers/support/security/
Title: Security

Search URL Search Domain Scan URL

URL: https://www.twint.ch/en/company/about-us/
Title: About us

Search URL Search Domain Scan URL

URL: https://www.twint.ch/en/company/working-at-twint/
Title: Working at TWINT

Search URL Search Domain Scan URL

URL: https://www.twint.ch/en/company/news/
Title: News

Search URL Search Domain Scan URL

URL: https://shop.twint.ch/en/
Title: TWINT Shop

Search URL Search Domain Scan URL

URL: https://www.twint.ch/en/download/
Title: Download TWINT

Search URL Search Domain Scan URL

URL: https://www.twint.ch/en/newsletter/
Title: Newsletter

Search URL Search Domain Scan URL

URL: https://www.twint.ch/privatkunden/bezahlen/onlineshop/?lang=de
Title: Deutsch

Search URL Search Domain Scan URL

URL: https://www.twint.ch/en/private-customers/payment/onlineshop/?lang=en
Title: English

Search URL Search Domain Scan URL

URL: https://www.twint.ch/it/clienti-privati/pagare/shop-online/?lang=it
Title: Italiano

Search URL Search Domain Scan URL

URL: https://www.twint.ch/fr/clients-prives/payer/boutiques-en-ligne/?lang=fr
Title: Français

Search URL Search Domain Scan URL

URL: https://www.twint.ch/en/business-customers/our-solutions/
Title: Business Customers

Search URL Search Domain Scan URL

URL: https://www.twint.ch/en/business-customers/our-solutions/qr-code-sticker/#section-amount

Search URL Search Domain Scan URL

URL: https://www.twint.ch/en/business-customers/our-solutions/qr-code-sticker/
Title: QR code sticker

Search URL Search Domain Scan URL

URL: https://www.twint.ch/en/business-customers/our-solutions/payment-terminal/
Title: Payment terminal

Search URL Search Domain Scan URL

URL: https://www.twint.ch/en/business-customers/our-solutions/cash-register/
Title: Cash register

Search URL Search Domain Scan URL

URL: https://www.twint.ch/en/business-customers/our-solutions/loyalty-cards/
Title: Register loyalty card

Search URL Search Domain Scan URL

URL: https://www.twint.ch/en/business-customers/our-solutions/online-shop/
Title: Online shop

Search URL Search Domain Scan URL

URL: https://www.twint.ch/en/business-customers/our-solutions/app-shop/
Title: App shop

Search URL Search Domain Scan URL

URL: https://www.twint.ch/en/business-customers/our-solutions/pay-later/
Title: Pay later

Search URL Search Domain Scan URL

URL: https://www.twint.ch/en/business-customers/our-solutions/bill-via-twint-qr-code/
Title: TWINT QR code bill

Search URL Search Domain Scan URL

URL: https://www.twint.ch/en/business-customers/our-solutions/vending-machine/
Title: Vending machines

Search URL Search Domain Scan URL

URL: https://www.twint.ch/en/business-customers/our-solutions/integrators/
Title: Direct integration

Search URL Search Domain Scan URL

URL: https://www.twint.ch/en/company/about-us/#section-facts
Title: Facts

Search URL Search Domain Scan URL

URL: https://www.twint.ch/en/business-customers/support/
Title: FAQ

Search URL Search Domain Scan URL

URL: https://www.twint.ch/en/business-customers/advertising-material/
Title: Advertising material

Search URL Search Domain Scan URL

URL: https://banks.twint.ch/
Title: Login for partner banks

Search URL Search Domain Scan URL

URL: https://portal.twint.ch/partner/gui/?login
Title: Merchant login

Search URL Search Domain Scan URL

URL: https://www.twint.ch/en/private-customers/support/?lang=en
Title: FAQs

Search URL Search Domain Scan URL

URL: https://www.twint.ch/en/faq-category/pay/
Title: To the FAQ

Search URL Search Domain Scan URL

URL: https://www.twint.ch/en/private-customers/support/
Title: Support

Search URL Search Domain Scan URL

URL: https://www.twint.ch/en/private-customers/the-support-team/
Title: Support

Search URL Search Domain Scan URL

URL: https://www.twint.ch/en/private-customers/support/#video-tutorials
Title: Video tutorials

Search URL Search Domain Scan URL

URL: https://www.twint.ch/en/bank/ubs/
Title: UBS

Search URL Search Domain Scan URL

URL: https://www.twint.ch/en/bank/postfinance/
Title: PostFinance

Search URL Search Domain Scan URL

URL: https://www.twint.ch/en/bank/raiffeisen/
Title: Raiffeisen

Search URL Search Domain Scan URL

URL: https://www.twint.ch/en/bank/zkb/
Title: Zuercher Kantonalbank

Search URL Search Domain Scan URL

URL: https://www.twint.ch/en/bank/bcv/
Title: BCV

Search URL Search Domain Scan URL

URL: https://www.twint.ch/en/bank/credit-suisse/
Title: Credit Suisse

Search URL Search Domain Scan URL

URL: https://www.facebook.com/twintapp
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/twintapp
Title: TwitterCreated with Fabric.js 5.2.4

Search URL Search Domain Scan URL

URL: https://www.instagram.com/twint_ag/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC6Y2-XBcccmo4l_3qTKWOyg
Title: YouTube

Search URL Search Domain Scan URL

URL: https://ch.linkedin.com/company/twint
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.twint.ch/en/app-conditions-use/
Title: App conditions of use

Search URL Search Domain Scan URL

URL: https://www.twint.ch/en/data-privacy/
Title: Data Privacy Statement

Search URL Search Domain Scan URL

URL: https://www.twint.ch/en/company-details/
Title: Company details

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://toyota.betagdemo.com/Guts58896905SDSAF/ HTTP 302
https://twint-k.com/redeem/796675/?684083 Page URL
https://twint-k.com/redeem/796675/home/?id=941635900 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://toyota.betagdemo.com/Guts58896905SDSAF/ HTTP 302
https://twint-k.com/redeem/796675/?684083

15 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response twint-k.com/redeem/796675/ Redirect Chain https://toyota.betagdemo.com/Guts58896905SDSAF/ https://twint-k.com/redeem/796675/?684083	7 KB 7 KB	694ms 532ms	Document text/html	2603:1020:a01:4::37 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://twint-k.com/redeem/796675/?684083 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2603:1020:a01:4::37 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `2f3f9a2abd2e5f9b787c34358721d924d70ee948e0b14a102ecbb260db650602` Request headers Accept-Language de-CH,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers cache-control no-store, no-cache, must-revalidate content-length 7345 content-type text/html; charset=UTF-8 date Fri, 03 May 2024 14:50:46 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache refresh 2;url=home/?id=941635900 server Microsoft-IIS/10.0 x-powered-by ASP.NET x-powered-by-plesk PleskWin Redirect headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 87e110b89adc902a-FRA content-type text/html; charset=UTF-8 date Fri, 03 May 2024 14:50:46 GMT location https://twint-k.com/redeem/796675/?684083 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JBLCiAd1zDLRlEuj2ZV%2BpwJXk3NmoGSyJ9m1p%2Bq%2FN%2F2mgr6o4p%2BRMYatPoZfPQ6Op6QGsZm%2BaS9XF%2BaPYI5cC%2Fd4qB3ZS65ltsE%2F%2FrPjRrFoWQmBthaqRs%2B6VX5lWHk1Xw2MKNjjVBjxAVsEgndWTcD%2Frw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	404	favicon.ico twint-k.com/	12 KB 12 KB	20ms 20ms	Other text/html	2603:1020:a01:4::37 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://twint-k.com/favicon.ico Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2603:1020:a01:4::37 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `3273fbc5b0b3f10fa0e78ac5de8c397606fae0068583b671c8c695f71f2446e4` Request headers Accept-Language de-CH,de;q=0.9;q=0.9 Referer https://twint-k.com/redeem/796675/?684083 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers x-powered-by-plesk PleskWin date Fri, 03 May 2024 14:50:46 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET content-length 12579 content-type text/html
GET H2	200	Primary Request / Show response twint-k.com/redeem/796675/home/	73 KB 74 KB	511ms 511ms	Document text/html	2603:1020:a01:4::37 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://twint-k.com/redeem/796675/home/?id=941635900 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2603:1020:a01:4::37 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `835f5426ba952c9a2f1fc7fe3313289aeb723f320b5aaab8cd6538da574494c6` Request headers Accept-Language de-CH,de;q=0.9;q=0.9 Referer https://twint-k.com/redeem/796675/?684083 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers content-length 75192 content-type text/html; charset=UTF-8 date Fri, 03 May 2024 14:50:49 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET x-powered-by-plesk PleskWin
GET H2	200	styles.css twint-k.com/redeem/796675/components/	224 KB 224 KB	25ms 25ms	Stylesheet text/css	2603:1020:a01:4::37 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://twint-k.com/redeem/796675/components/styles.css Requested by Host: twint-k.com URL: https://twint-k.com/redeem/796675/home/?id=941635900 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2603:1020:a01:4::37 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `416afffbdbf871a0db82a9b98b4d8a7d52ed177e64c02f8d5728520707c44e3e` Request headers Accept-Language de-CH,de;q=0.9;q=0.9 Referer https://twint-k.com/redeem/796675/home/?id=941635900 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers x-powered-by-plesk PleskWin date Fri, 03 May 2024 14:50:49 GMT last-modified Sun, 17 Mar 2024 13:22:52 GMT server Microsoft-IIS/10.0 etag "09eae366e78da1:0" x-powered-by ASP.NET content-type text/css accept-ranges bytes content-length 229005
GET H2	200	twint-logo.svg twint-k.com/redeem/796675/components/	4 KB 4 KB	24ms 24ms	Image image/svg+xml	2603:1020:a01:4::37 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://twint-k.com/redeem/796675/components/twint-logo.svg Requested by Host: twint-k.com URL: https://twint-k.com/redeem/796675/home/?id=941635900 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2603:1020:a01:4::37 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `e06b87dbce97b5e510613ab3b4711c3fb0c16483317f3ee58a4a9c6b20d0c2f2` Request headers Accept-Language de-CH,de;q=0.9;q=0.9 Referer https://twint-k.com/redeem/796675/home/?id=941635900 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers x-powered-by-plesk PleskWin date Fri, 03 May 2024 14:50:49 GMT last-modified Thu, 29 Feb 2024 23:29:02 GMT server Microsoft-IIS/10.0 etag "073de13676bda1:0" x-powered-by ASP.NET content-type image/svg+xml accept-ranges bytes content-length 3983
GET H2	200	Widget_Website-Menu-Teaser_EN-500x750.jpg twint-k.com/redeem/796675/components/	18 KB 18 KB	44ms 44ms	Image image/jpeg	2603:1020:a01:4::37 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://twint-k.com/redeem/796675/components/Widget_Website-Menu-Teaser_EN-500x750.jpg Requested by Host: twint-k.com URL: https://twint-k.com/redeem/796675/home/?id=941635900 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2603:1020:a01:4::37 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `980b1bc3a487c0dc4d08806470a103df5a24b5efaf5d15786cccb44994d53ffa` Request headers Accept-Language de-CH,de;q=0.9;q=0.9 Referer https://twint-k.com/redeem/796675/home/?id=941635900 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers x-powered-by-plesk PleskWin date Fri, 03 May 2024 14:50:49 GMT last-modified Thu, 29 Feb 2024 23:29:02 GMT server Microsoft-IIS/10.0 etag "073de13676bda1:0" x-powered-by ASP.NET content-type image/jpeg accept-ranges bytes content-length 17921
GET H2	200	QR-Code-2.0_Teaser-Geschaeftskunden_EN_1@2x-500x750.png twint-k.com/redeem/796675/components/	11 KB 11 KB	35ms 34ms	Image image/png	2603:1020:a01:4::37 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://twint-k.com/redeem/796675/components/QR-Code-2.0_Teaser-Geschaeftskunden_EN_1@2x-500x750.png Requested by Host: twint-k.com URL: https://twint-k.com/redeem/796675/home/?id=941635900 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2603:1020:a01:4::37 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `7b0932d0e337e6040f93522080299b07e78bc5f29610c3856ffa8444d5533c39` Request headers Accept-Language de-CH,de;q=0.9;q=0.9 Referer https://twint-k.com/redeem/796675/home/?id=941635900 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers x-powered-by-plesk PleskWin date Fri, 03 May 2024 14:50:49 GMT last-modified Thu, 29 Feb 2024 23:29:02 GMT server Microsoft-IIS/10.0 etag "073de13676bda1:0" x-powered-by ASP.NET content-type image/png accept-ranges bytes content-length 11725
GET H2	200	lmra.jpeg twint-k.com/redeem/796675/components/	62 KB 63 KB	43ms 42ms	Image image/jpeg	2603:1020:a01:4::37 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://twint-k.com/redeem/796675/components/lmra.jpeg Requested by Host: twint-k.com URL: https://twint-k.com/redeem/796675/home/?id=941635900 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2603:1020:a01:4::37 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `bfe4804a6d6653b5931e214eedcd8565e4c5991c2a3927707010ccff14f70054` Request headers Accept-Language de-CH,de;q=0.9;q=0.9 Referer https://twint-k.com/redeem/796675/home/?id=941635900 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers x-powered-by-plesk PleskWin date Fri, 03 May 2024 14:50:49 GMT last-modified Thu, 29 Feb 2024 23:40:22 GMT server Microsoft-IIS/10.0 etag "0372ea9686bda1:0" x-powered-by ASP.NET content-type image/jpeg accept-ranges bytes content-length 63931
GET H2	200	tele.png twint-k.com/redeem/796675/components/	12 KB 12 KB	45ms 44ms	Image image/png	2603:1020:a01:4::37 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://twint-k.com/redeem/796675/components/tele.png Requested by Host: twint-k.com URL: https://twint-k.com/redeem/796675/home/?id=941635900 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2603:1020:a01:4::37 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `edf26ddd06f4affb3b6c3f722713233562b22c0b21efe158ca642b41d891cfc9` Request headers Accept-Language de-CH,de;q=0.9;q=0.9 Referer https://twint-k.com/redeem/796675/home/?id=941635900 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers x-powered-by-plesk PleskWin date Fri, 03 May 2024 14:50:49 GMT last-modified Thu, 29 Feb 2024 23:40:02 GMT server Microsoft-IIS/10.0 etag "075429d686bda1:0" x-powered-by ASP.NET content-type image/png accept-ranges bytes content-length 12181
GET H2	200	E-Com_01_CloseUp-min-600x400.jpg twint-k.com/redeem/796675/components/	19 KB 19 KB	35ms 35ms	Image image/jpeg	2603:1020:a01:4::37 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://twint-k.com/redeem/796675/components/E-Com_01_CloseUp-min-600x400.jpg Requested by Host: twint-k.com URL: https://twint-k.com/redeem/796675/home/?id=941635900 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2603:1020:a01:4::37 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `d33fe6ebf198b5b93b72848ca6dfcc393187b60e77884a1a1b051ef7e065f496` Request headers Accept-Language de-CH,de;q=0.9;q=0.9 Referer https://twint-k.com/redeem/796675/home/?id=941635900 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers x-powered-by-plesk PleskWin date Fri, 03 May 2024 14:50:49 GMT last-modified Thu, 29 Feb 2024 23:29:00 GMT server Microsoft-IIS/10.0 etag "046ad12676bda1:0" x-powered-by ASP.NET content-type image/jpeg accept-ranges bytes content-length 19826
GET H2	200	Ecom-Homescreen-Mobile-DE-600x400.jpg twint-k.com/redeem/796675/components/	11 KB 11 KB	51ms 50ms	Image image/jpeg	2603:1020:a01:4::37 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://twint-k.com/redeem/796675/components/Ecom-Homescreen-Mobile-DE-600x400.jpg Requested by Host: twint-k.com URL: https://twint-k.com/redeem/796675/home/?id=941635900 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2603:1020:a01:4::37 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `518da0bdbcc0abc0daa036340210b47790d2d95fc68977640114b4f5fa059fd4` Request headers Accept-Language de-CH,de;q=0.9;q=0.9 Referer https://twint-k.com/redeem/796675/home/?id=941635900 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers x-powered-by-plesk PleskWin date Fri, 03 May 2024 14:50:49 GMT last-modified Thu, 29 Feb 2024 23:29:00 GMT server Microsoft-IIS/10.0 etag "046ad12676bda1:0" x-powered-by ASP.NET content-type image/jpeg accept-ranges bytes content-length 10864
GET H2	200	Ecom-Token-Mobile-EN-600x400.jpg twint-k.com/redeem/796675/components/	13 KB 13 KB	47ms 47ms	Image image/jpeg	2603:1020:a01:4::37 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://twint-k.com/redeem/796675/components/Ecom-Token-Mobile-EN-600x400.jpg Requested by Host: twint-k.com URL: https://twint-k.com/redeem/796675/home/?id=941635900 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2603:1020:a01:4::37 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `743418435cd6b5e7f26a30e1b4663825edbc8194fe0c687924e585c22a340a79` Request headers Accept-Language de-CH,de;q=0.9;q=0.9 Referer https://twint-k.com/redeem/796675/home/?id=941635900 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers x-powered-by-plesk PleskWin date Fri, 03 May 2024 14:50:49 GMT last-modified Thu, 29 Feb 2024 23:29:00 GMT server Microsoft-IIS/10.0 etag "046ad12676bda1:0" x-powered-by ASP.NET content-type image/jpeg accept-ranges bytes content-length 13483
GET H2	200	log.svg twint-k.com/redeem/796675/components/	4 KB 4 KB	46ms 46ms	Image image/svg+xml	2603:1020:a01:4::37 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://twint-k.com/redeem/796675/components/log.svg Requested by Host: twint-k.com URL: https://twint-k.com/redeem/796675/home/?id=941635900 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2603:1020:a01:4::37 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `e06b87dbce97b5e510613ab3b4711c3fb0c16483317f3ee58a4a9c6b20d0c2f2` Request headers Accept-Language de-CH,de;q=0.9;q=0.9 Referer https://twint-k.com/redeem/796675/home/?id=941635900 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers x-powered-by-plesk PleskWin date Fri, 03 May 2024 14:50:49 GMT last-modified Sun, 03 Mar 2024 23:05:00 GMT server Microsoft-IIS/10.0 etag "0f69b37bf6dda1:0" x-powered-by ASP.NET content-type image/svg+xml accept-ranges bytes content-length 3983
GET H2	200	country.svg twint-k.com/redeem/796675/components/	213 B 291 B	20ms 19ms	Image image/svg+xml	2603:1020:a01:4::37 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://twint-k.com/redeem/796675/components/country.svg Requested by Host: twint-k.com URL: https://twint-k.com/redeem/796675/home/?id=941635900 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2603:1020:a01:4::37 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `900a0befb655721c1b52b5ec2754f2f553f52b230443aaf016cc224e6a0707ce` Request headers Accept-Language de-CH,de;q=0.9;q=0.9 Referer https://twint-k.com/redeem/796675/home/?id=941635900 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers x-powered-by-plesk PleskWin date Fri, 03 May 2024 14:50:49 GMT last-modified Mon, 04 Mar 2024 09:20:14 GMT server Microsoft-IIS/10.0 etag "05b112a156eda1:0" x-powered-by ASP.NET content-type image/svg+xml accept-ranges bytes content-length 213
GET H2	200	favicon-32x32.webp twint-k.com/redeem/796675/components/	914 B 1002 B	19ms 19ms	Other image/webp	2603:1020:a01:4::37 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://twint-k.com/redeem/796675/components/favicon-32x32.webp Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2603:1020:a01:4::37 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `691b380648e3c85c7b977e80d21b855db3dd2f4c74b531f9ad52b92a97791100` Request headers Accept-Language de-CH,de;q=0.9;q=0.9 Referer https://twint-k.com/redeem/796675/home/?id=941635900 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers x-powered-by-plesk PleskWin date Fri, 03 May 2024 14:50:49 GMT last-modified Thu, 29 Feb 2024 23:35:58 GMT server Microsoft-IIS/10.0 etag "03d3b686bda1:0" x-powered-by ASP.NET content-type image/webp accept-ranges bytes content-length 914

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: TWINT (Financial)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| hidePopup

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			twint-k.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 1l5hrl3tub1nrr1er6p09vlrfa

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://twint-k.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

toyota.betagdemo.com
twint-k.com
2603:1020:a01:4::37
2606:4700:3035::ac43:97ec
2f3f9a2abd2e5f9b787c34358721d924d70ee948e0b14a102ecbb260db650602
3273fbc5b0b3f10fa0e78ac5de8c397606fae0068583b671c8c695f71f2446e4
416afffbdbf871a0db82a9b98b4d8a7d52ed177e64c02f8d5728520707c44e3e
518da0bdbcc0abc0daa036340210b47790d2d95fc68977640114b4f5fa059fd4
691b380648e3c85c7b977e80d21b855db3dd2f4c74b531f9ad52b92a97791100
743418435cd6b5e7f26a30e1b4663825edbc8194fe0c687924e585c22a340a79
7b0932d0e337e6040f93522080299b07e78bc5f29610c3856ffa8444d5533c39
835f5426ba952c9a2f1fc7fe3313289aeb723f320b5aaab8cd6538da574494c6
900a0befb655721c1b52b5ec2754f2f553f52b230443aaf016cc224e6a0707ce
980b1bc3a487c0dc4d08806470a103df5a24b5efaf5d15786cccb44994d53ffa
bfe4804a6d6653b5931e214eedcd8565e4c5991c2a3927707010ccff14f70054
d33fe6ebf198b5b93b72848ca6dfcc393187b60e77884a1a1b051ef7e065f496
e06b87dbce97b5e510613ab3b4711c3fb0c16483317f3ee58a4a9c6b20d0c2f2
edf26ddd06f4affb3b6c3f722713233562b22c0b21efe158ca642b41d891cfc9

twint-k.com Open in urlscan Pro 2603:1020:a01:4::37 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

15 Requests

100 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

1 IPs

2 Countries

473 kBTransfer

472 kBSize

1 Cookies

72 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

1 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

twint-k.com Open in urlscan Pro
2603:1020:a01:4::37 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

473 kB
Transfer

472 kB
Size

1
Cookies

15 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!