![](/screenshots/6bb31d98-8a93-4b8c-b242-2f7db613e339.png)
technical-support.cloud
Open in
urlscan Pro
149.102.138.112
Malicious Activity!
Public Scan
Effective URL: https://technical-support.cloud/Kxi/o/a31
Submission: On October 29 via automatic, source openphish — Scanned from DE
Summary
TLS certificate: Issued by R3 on October 27th 2022. Valid for: 3 months.
This is the only time technical-support.cloud was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Apple (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 15 | 149.102.138.112 149.102.138.112 | 51167 (CONTABO) (CONTABO) | |
2 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:1a | 20446 (STACKPATH...) (STACKPATH-CDN) | |
3 | 2a02:26f0:350... 2a02:26f0:3500:88c::117e | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 | 96.16.134.158 96.16.134.158 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
21 | 5 |
ASN51167 (CONTABO, DE)
PTR: ip-112-138-102-149.static.contabo.net
technical-support.cloud |
ASN16625 (AKAMAI-AS, US)
PTR: a96-16-134-158.deploy.static.akamaitechnologies.com
appleid.cdn-apple.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
technical-support.cloud
1 redirects
technical-support.cloud |
518 KB |
3 |
icloud.com
www.icloud.com — Cisco Umbrella Rank: 1824 |
417 KB |
2 |
cdn-apple.com
appleid.cdn-apple.com — Cisco Umbrella Rank: 3008 |
132 KB |
2 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 665 |
149 KB |
21 | 4 |
Domain | Requested by | |
---|---|---|
15 | technical-support.cloud |
1 redirects
technical-support.cloud
|
3 | www.icloud.com |
technical-support.cloud
www.icloud.com |
2 | appleid.cdn-apple.com |
technical-support.cloud
|
2 | code.jquery.com |
technical-support.cloud
|
21 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
apple.com.ec R3 |
2022-10-27 - 2023-01-25 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2022-08-03 - 2023-07-14 |
a year | crt.sh |
www.icloud.com Apple Public EV Server RSA CA 2 - G1 |
2022-04-19 - 2023-05-19 |
a year | crt.sh |
appleid.cdn-apple.com Apple Public EV Server RSA CA 2 - G1 |
2022-04-19 - 2023-05-19 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://technical-support.cloud/Kxi/o/a31
Frame ID: 6E2EC280A01D4835A654BBF582BBDF94
Requests: 10 HTTP requests in this frame
Frame:
https://technical-support.cloud/Kxi/o/c1.php?cf=a31&nn=a31&bb=6&i=1
Frame ID: 82A96023149E15740FC0BEFDB880FE02
Requests: 13 HTTP requests in this frame
Screenshot
![](/screenshots/6bb31d98-8a93-4b8c-b242-2f7db613e339.png)
Page Title
iCloudPage URL History Show full URLs
-
http://technical-support.cloud/Kxi/oa31
HTTP 301
https://technical-support.cloud/Kxi/oa31 Page URL
- https://technical-support.cloud/Kxi/o/a31 Page URL
Detected technologies
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://technical-support.cloud/Kxi/oa31
HTTP 301
https://technical-support.cloud/Kxi/oa31 Page URL
- https://technical-support.cloud/Kxi/o/a31 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://technical-support.cloud/Kxi/oa31 HTTP 301
- https://technical-support.cloud/Kxi/oa31
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
oa31
technical-support.cloud/Kxi/ Redirect Chain
|
49 B 309 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
a31
technical-support.cloud/Kxi/o/ |
45 KB 45 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-2.2.4.js
code.jquery.com/ |
252 KB 75 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
www.icloud.com/system/cloudos2/2224Project36/es-es/ |
330 KB 30 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
r$__116.png
technical-support.cloud/Kxi/o/imagen/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
spinner2.gif
technical-support.cloud/Kxi/o/imagen/ |
77 KB 77 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
5 KB 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SFUIText-Light.woff
www.icloud.com/fonts/ |
210 KB 211 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
c1.php
technical-support.cloud/Kxi/o/ Frame 82A9 |
48 KB 48 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
close.png
technical-support.cloud/Kxi/o/imagen/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SFUIText-Regular.woff
www.icloud.com/fonts/ |
176 KB 177 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fonts2.css
technical-support.cloud/Kxi/o/css/ Frame 82A9 |
8 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
appe.css
technical-support.cloud/Kxi/o/css/ Frame 82A9 |
126 KB 127 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common-header.js
appleid.cdn-apple.com/appleauth/static/jsj/N1241477586/ Frame 82A9 |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-2.2.4.js
code.jquery.com/ Frame 82A9 |
252 KB 75 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
function.js
technical-support.cloud/Kxi/o/jss/ Frame 82A9 |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
myscript_ind_fact.js
technical-support.cloud/Kxi/o/jss/ Frame 82A9 |
5 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
myscript_patron.js
technical-support.cloud/Kxi/o/jss/ Frame 82A9 |
12 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ajax-loader.gif
technical-support.cloud/Kxi/o/images/ Frame 82A9 |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.js
appleid.cdn-apple.com/appleauth/static/jsj/1577869377/widget/auth/ Frame 82A9 |
448 KB 130 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 82A9 |
24 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
myriad-set-pro_text.woff
technical-support.cloud/Kxi/o/css/ Frame 82A9 |
105 KB 106 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
myriad-set-pro_thin.woff
technical-support.cloud/Kxi/o/css/ Frame 82A9 |
67 KB 68 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Apple (Online)18 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| event object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation undefined| PolyFillCustomEvent function| __startFilteringErrors function| __startFilteringUnhandledRejections function| $ function| jQuery function| miFuncion function| close_x1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
technical-support.cloud/ | Name: PHPSESSID Value: d232e8d45123d747cd8124e1c9a5a028 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | upgrade-insecure-requests; |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
appleid.cdn-apple.com
code.jquery.com
technical-support.cloud
www.icloud.com
149.102.138.112
2001:4de0:ac18::1:a:1a
2a02:26f0:3500:88c::117e
96.16.134.158
1d0215ad32e637ce0a549c1cc6440eac8d32ac8912ee445e64cb2fd51c7dcd41
1dd142cb948458f8258fa4f7ba5e61bb3060e1b41dbc55eaefce115c3518759f
20b14318d1ded4777435b1dd8540da7c29d620ee96d621db5ef645b2b5050600
2312f7696de36168df6c027b534b7893fe20ae07f21ed87127109d08b3d06979
25eea4dd6528ca99a238dd677a0d8f81571c3eb66019305f8472e2b054bb82f9
2a49036e25ece04c427d544fb69b00a1dd7376999a98f34afd502e17dfb296c1
2e7e87280e4a17892cbbd0ab2adc1341b83b8c026f8491daf64680d752e869a8
4105f266e2ddc97cd4638d92f227d99d29820aec513e574dfd2be54f9a30868d
422dd27463cb6142ded7fa182ca1c220f463d6b38ec18c44fd1685c3b4f64984
4df294a864b5a5b1b441622637565a1cedf4e8e879f39cb483a1b66359fdf86b
51d89294cbffbf328cb91fe7f0de4f7ac73ec33eb73feba0ac7d309d35d5ad9f
64ff0570e91055ef514596d780cd0d07533c5b49236b8a4f8cc05ed1fafcf828
76c73bf38b3630026b249102112d7ad232b08c93128630ee69cf6e50fcd5d1cc
780fedb6a57456f332e8e89da8069fbfd103ca120ca56c5f6a6253d277c993ac
832dc1d13667c3d0d1213a90ee24a013e511912220913dc4f54988b8cea73c5d
893e90f6230962e42231635df650f20544ad22affc3ee396df768eaa6bc5a6a2
c382f99f49158456a7b367b9a1a96fe0702e996b2cb5daec67cad7e1b8f5b02c
d11c78757916595858b32ae58855141527c743a248a40ab157edd1c30b0d1db3
e69849b56d9384d0a7f9c5bf62bf73811a2e59aa5dea61fcd05cbf742ba8a25c
f913bfc260acfd2f4c0fba9827c510e5ab096bd7fc0877b0aa2f439a5254ccca
fd458f36d73b7d6434326d18c9229da92384d37303dbdd72fa346597fde23068