urlscan.io logo urlscan.io
SecurityTrails logo

technical-support.cloud Open in urlscan Pro
149.102.138.112  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://technical-support.cloud/Kxi/oa31
Effective URL: https://technical-support.cloud/Kxi/o/a31
Submission: On October 29 via automatic, source openphish — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 21 HTTP transactions. The main IP is 149.102.138.112, located in Düsseldorf, Germany and belongs to CONTABO, DE. The main domain is technical-support.cloud.
TLS certificate: Issued by R3 on October 27th 2022. Valid for: 3 months.
This is the only time technical-support.cloud was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Apple (Online)

Domain & IP information

IP Address AS Autonomous System
1 15 149.102.138.112 51167 (CONTABO)
2 2001:4de0:ac1... 20446 (STACKPATH...)
3 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 96.16.134.158 16625 (AKAMAI-AS)
21 5
Apex Domain
Subdomains		 Transfer
15 technical-support.cloud
technical-support.cloud
518 KB
3 icloud.com
www.icloud.com — Cisco Umbrella Rank: 1824
417 KB
2 cdn-apple.com
appleid.cdn-apple.com — Cisco Umbrella Rank: 3008
132 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 665
149 KB
21 4
Domain Requested by
15 technical-support.cloud 1 redirects technical-support.cloud
3 www.icloud.com technical-support.cloud
www.icloud.com
2 appleid.cdn-apple.com technical-support.cloud
2 code.jquery.com technical-support.cloud
21 4

This site contains no links.

Subject Issuer Validity Valid
apple.com.ec
R3		 2022-10-27 -
2023-01-25		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
www.icloud.com
Apple Public EV Server RSA CA 2 - G1		 2022-04-19 -
2023-05-19		 a year crt.sh
appleid.cdn-apple.com
Apple Public EV Server RSA CA 2 - G1		 2022-04-19 -
2023-05-19		 a year crt.sh

This page contains 2 frames:

Primary Page: https://technical-support.cloud/Kxi/o/a31
Frame ID: 6E2EC280A01D4835A654BBF582BBDF94
Requests: 10 HTTP requests in this frame

Frame: https://technical-support.cloud/Kxi/o/c1.php?cf=a31&nn=a31&bb=6&i=1
Frame ID: 82A96023149E15740FC0BEFDB880FE02
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

iCloud

Page URL History Show full URLs

  1. http://technical-support.cloud/Kxi/oa31 HTTP 301
    https://technical-support.cloud/Kxi/oa31 Page URL
  2. https://technical-support.cloud/Kxi/o/a31 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

1216 kB
Transfer

2212 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://technical-support.cloud/Kxi/oa31 HTTP 301
    https://technical-support.cloud/Kxi/oa31 Page URL
  2. https://technical-support.cloud/Kxi/o/a31 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://technical-support.cloud/Kxi/oa31 HTTP 301
  • https://technical-support.cloud/Kxi/oa31

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
oa31
technical-support.cloud/Kxi/
Redirect Chain
  • http://technical-support.cloud/Kxi/oa31
  • https://technical-support.cloud/Kxi/oa31
49 B
309 B 		Document
General
Check archive.org
Download Go to
Full URL
https://technical-support.cloud/Kxi/oa31
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.102.138.112 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
ip-112-138-102-149.static.contabo.net
Software
Apache /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Security-Policy
upgrade-insecure-requests;
Content-Type
text/html; charset=UTF-8
Date
Sat, 29 Oct 2022 13:26:17 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Transfer-Encoding
chunked

Redirect headers

Connection
Keep-Alive
Content-Length
248
Content-Security-Policy
upgrade-insecure-requests;
Content-Type
text/html; charset=iso-8859-1
Date
Sat, 29 Oct 2022 13:26:17 GMT
Keep-Alive
timeout=5, max=100
Location
https://technical-support.cloud/Kxi/oa31
Server
Apache
Primary Request a31
technical-support.cloud/Kxi/o/ 		45 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://technical-support.cloud/Kxi/o/a31
Requested by
Host: technical-support.cloud
URL: https://technical-support.cloud/Kxi/oa31
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.102.138.112 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
ip-112-138-102-149.static.contabo.net
Software
Apache /
Resource Hash
2312f7696de36168df6c027b534b7893fe20ae07f21ed87127109d08b3d06979
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

Referer
https://technical-support.cloud/Kxi/oa31
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Security-Policy
upgrade-insecure-requests;
Content-Type
text/html; charset=UTF-8
Date
Sat, 29 Oct 2022 13:26:17 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=99
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked
jquery-2.2.4.js
code.jquery.com/ 		252 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.4.js
Requested by
Host: technical-support.cloud
URL: https://technical-support.cloud/Kxi/o/a31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
893e90f6230962e42231635df650f20544ad22affc3ee396df768eaa6bc5a6a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://technical-support.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 13:26:18 GMT
content-encoding
gzip
last-modified
Fri, 12 Aug 2022 13:47:02 GMT
server
nginx
etag
W/"62f659d6-3ee0f"
vary
Accept-Encoding
x-hw
1667049978.dop012.fr8.t,1667049978.cds053.fr8.hn,1667049978.cds017.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
76245
main.css
www.icloud.com/system/cloudos2/2224Project36/es-es/ 		330 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.icloud.com/system/cloudos2/2224Project36/es-es/main.css
Requested by
Host: technical-support.cloud
URL: https://technical-support.cloud/Kxi/o/a31
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:88c::117e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AppleHttpServer/3faf4ee9434b /
Resource Hash
780fedb6a57456f332e8e89da8069fbfd103ca120ca56c5f6a6253d277c993ac
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; default-src 'none'; form-action 'none'; frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://technical-support.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
br
Content-Security-Policy
base-uri 'none'; default-src 'none'; form-action 'none'; frame-ancestors 'none'
Date
Sat, 29 Oct 2022 13:26:17 GMT
Content-Version
V1
Connection
keep-alive
Content-Length
29933
Server
AppleHttpServer/3faf4ee9434b
ETag
"18369ce8e0074ed"
Vary
accept-encoding
Content-Language
en-us
Content-Type
text/css
Access-Control-Expose-Headers
X-Apple-Request-UUID,Via
Cache-Control
public, max-age=1209600
X-Apple-Request-UUID
743ebbdf-2034-4162-a568-84bb1be557e3
Content-Location
/system/cloudos2/2224Project36/es-es/main.css.brotli
r$__116.png
technical-support.cloud/Kxi/o/imagen/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://technical-support.cloud/Kxi/o/imagen/r$__116.png
Requested by
Host: technical-support.cloud
URL: https://technical-support.cloud/Kxi/o/a31
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.102.138.112 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
ip-112-138-102-149.static.contabo.net
Software
Apache /
Resource Hash
51d89294cbffbf328cb91fe7f0de4f7ac73ec33eb73feba0ac7d309d35d5ad9f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://technical-support.cloud/Kxi/o/a31
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Sat, 29 Oct 2022 13:26:18 GMT
Content-Security-Policy
upgrade-insecure-requests;
Last-Modified
Sat, 29 Oct 2022 06:04:18 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
9431
spinner2.gif
technical-support.cloud/Kxi/o/imagen/ 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://technical-support.cloud/Kxi/o/imagen/spinner2.gif
Requested by
Host: technical-support.cloud
URL: https://technical-support.cloud/Kxi/o/a31
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.102.138.112 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
ip-112-138-102-149.static.contabo.net
Software
Apache /
Resource Hash
832dc1d13667c3d0d1213a90ee24a013e511912220913dc4f54988b8cea73c5d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://technical-support.cloud/Kxi/o/a31
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Sat, 29 Oct 2022 13:26:18 GMT
Content-Security-Policy
upgrade-insecure-requests;
Last-Modified
Sat, 29 Oct 2022 06:04:18 GMT
Server
Apache
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
78737
truncated
/ 		5 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e69849b56d9384d0a7f9c5bf62bf73811a2e59aa5dea61fcd05cbf742ba8a25c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
text/css
SFUIText-Light.woff
www.icloud.com/fonts/ 		210 KB
211 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.icloud.com/fonts/SFUIText-Light.woff
Requested by
Host: www.icloud.com
URL: https://www.icloud.com/system/cloudos2/2224Project36/es-es/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:88c::117e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AppleHttpServer/3faf4ee9434b /
Resource Hash
64ff0570e91055ef514596d780cd0d07533c5b49236b8a4f8cc05ed1fafcf828
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; default-src 'none'; form-action 'none'; frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.icloud.com/system/cloudos2/2224Project36/es-es/main.css
Origin
https://technical-support.cloud
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
base-uri 'none'; default-src 'none'; form-action 'none'; frame-ancestors 'none'
Date
Sat, 29 Oct 2022 13:26:19 GMT
Server
AppleHttpServer/3faf4ee9434b
ETag
"183f989d3d834924"
Content-Language
en-us
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Apple-Request-UUID,Via
Cache-Control
public, max-age=1209600
X-Apple-Request-UUID
98d80aed-660a-49df-8aa0-bdf67264c115
Content-Version
V1
Connection
keep-alive
Content-Length
215332
c1.php
technical-support.cloud/Kxi/o/ Frame 82A9 		48 KB
48 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://technical-support.cloud/Kxi/o/c1.php?cf=a31&nn=a31&bb=6&i=1
Requested by
Host: technical-support.cloud
URL: https://technical-support.cloud/Kxi/o/a31
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.102.138.112 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
ip-112-138-102-149.static.contabo.net
Software
Apache /
Resource Hash
76c73bf38b3630026b249102112d7ad232b08c93128630ee69cf6e50fcd5d1cc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

Referer
https://technical-support.cloud/Kxi/o/a31
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Security-Policy
upgrade-insecure-requests;
Content-Type
text/html; charset=UTF-8
Date
Sat, 29 Oct 2022 13:26:19 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=96
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked
close.png
technical-support.cloud/Kxi/o/imagen/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://technical-support.cloud/Kxi/o/imagen/close.png
Requested by
Host: technical-support.cloud
URL: https://technical-support.cloud/Kxi/o/a31
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.102.138.112 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
ip-112-138-102-149.static.contabo.net
Software
Apache /
Resource Hash
4df294a864b5a5b1b441622637565a1cedf4e8e879f39cb483a1b66359fdf86b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://technical-support.cloud/Kxi/o/a31
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Sat, 29 Oct 2022 13:26:20 GMT
Content-Security-Policy
upgrade-insecure-requests;
Last-Modified
Sat, 29 Oct 2022 06:04:18 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
3762
SFUIText-Regular.woff
www.icloud.com/fonts/ 		176 KB
177 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.icloud.com/fonts/SFUIText-Regular.woff
Requested by
Host: www.icloud.com
URL: https://www.icloud.com/system/cloudos2/2224Project36/es-es/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:88c::117e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AppleHttpServer/3faf4ee9434b /
Resource Hash
1dd142cb948458f8258fa4f7ba5e61bb3060e1b41dbc55eaefce115c3518759f
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; default-src 'none'; form-action 'none'; frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.icloud.com/system/cloudos2/2224Project36/es-es/main.css
Origin
https://technical-support.cloud
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
base-uri 'none'; default-src 'none'; form-action 'none'; frame-ancestors 'none'
Date
Sat, 29 Oct 2022 13:26:19 GMT
Server
AppleHttpServer/3faf4ee9434b
ETag
"183f989d3d82bf9c"
Content-Language
en-us
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Apple-Request-UUID,Via
Cache-Control
public, max-age=1209600
X-Apple-Request-UUID
f35433ec-e5bc-48cd-ba6f-b6255dac5695
Content-Version
V1
Connection
keep-alive
Content-Length
180124
fonts2.css
technical-support.cloud/Kxi/o/css/ Frame 82A9 		8 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://technical-support.cloud/Kxi/o/css/fonts2.css
Requested by
Host: technical-support.cloud
URL: https://technical-support.cloud/Kxi/o/c1.php?cf=a31&nn=a31&bb=6&i=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.102.138.112 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
ip-112-138-102-149.static.contabo.net
Software
Apache /
Resource Hash
20b14318d1ded4777435b1dd8540da7c29d620ee96d621db5ef645b2b5050600
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://technical-support.cloud/Kxi/o/c1.php?cf=a31&nn=a31&bb=6&i=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Sat, 29 Oct 2022 13:26:19 GMT
Content-Security-Policy
upgrade-insecure-requests;
Last-Modified
Sat, 29 Oct 2022 06:04:18 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
8371
appe.css
technical-support.cloud/Kxi/o/css/ Frame 82A9 		126 KB
127 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://technical-support.cloud/Kxi/o/css/appe.css
Requested by
Host: technical-support.cloud
URL: https://technical-support.cloud/Kxi/o/c1.php?cf=a31&nn=a31&bb=6&i=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.102.138.112 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
ip-112-138-102-149.static.contabo.net
Software
Apache /
Resource Hash
f913bfc260acfd2f4c0fba9827c510e5ab096bd7fc0877b0aa2f439a5254ccca
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://technical-support.cloud/Kxi/o/c1.php?cf=a31&nn=a31&bb=6&i=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Sat, 29 Oct 2022 13:26:19 GMT
Content-Security-Policy
upgrade-insecure-requests;
Last-Modified
Sat, 29 Oct 2022 06:04:18 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
129378
common-header.js
appleid.cdn-apple.com/appleauth/static/jsj/N1241477586/ Frame 82A9 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appleid.cdn-apple.com/appleauth/static/jsj/N1241477586/common-header.js
Requested by
Host: technical-support.cloud
URL: https://technical-support.cloud/Kxi/o/c1.php?cf=a31&nn=a31&bb=6&i=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.134.158 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-134-158.deploy.static.akamaitechnologies.com
Software
Apple /
Resource Hash
1d0215ad32e637ce0a549c1cc6440eac8d32ac8912ee445e64cb2fd51c7dcd41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://technical-support.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Date
Sat, 29 Oct 2022 13:26:20 GMT
Last-Modified
Mon, 01 Oct 2018 06:47:21 GMT
Server
Apple
ETag
W/"3517-1538376441415"
Vary
accept-encoding
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1438
jquery-2.2.4.js
code.jquery.com/ Frame 82A9 		252 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.4.js
Requested by
Host: technical-support.cloud
URL: https://technical-support.cloud/Kxi/o/c1.php?cf=a31&nn=a31&bb=6&i=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
893e90f6230962e42231635df650f20544ad22affc3ee396df768eaa6bc5a6a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://technical-support.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 13:26:19 GMT
content-encoding
gzip
last-modified
Fri, 12 Aug 2022 13:47:02 GMT
server
nginx
etag
W/"62f659d6-3ee0f"
vary
Accept-Encoding
x-hw
1667049979.dop012.fr8.t,1667049979.cds053.fr8.hn,1667049979.cds017.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
76245
function.js
technical-support.cloud/Kxi/o/jss/ Frame 82A9 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://technical-support.cloud/Kxi/o/jss/function.js
Requested by
Host: technical-support.cloud
URL: https://technical-support.cloud/Kxi/o/c1.php?cf=a31&nn=a31&bb=6&i=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.102.138.112 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
ip-112-138-102-149.static.contabo.net
Software
Apache /
Resource Hash
422dd27463cb6142ded7fa182ca1c220f463d6b38ec18c44fd1685c3b4f64984
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://technical-support.cloud/Kxi/o/c1.php?cf=a31&nn=a31&bb=6&i=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Sat, 29 Oct 2022 13:26:20 GMT
Content-Security-Policy
upgrade-insecure-requests;
Last-Modified
Sat, 29 Oct 2022 06:04:19 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
3108
myscript_ind_fact.js
technical-support.cloud/Kxi/o/jss/ Frame 82A9 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://technical-support.cloud/Kxi/o/jss/myscript_ind_fact.js
Requested by
Host: technical-support.cloud
URL: https://technical-support.cloud/Kxi/o/c1.php?cf=a31&nn=a31&bb=6&i=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.102.138.112 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
ip-112-138-102-149.static.contabo.net
Software
Apache /
Resource Hash
25eea4dd6528ca99a238dd677a0d8f81571c3eb66019305f8472e2b054bb82f9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://technical-support.cloud/Kxi/o/c1.php?cf=a31&nn=a31&bb=6&i=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Sat, 29 Oct 2022 13:26:20 GMT
Content-Security-Policy
upgrade-insecure-requests;
Last-Modified
Sat, 29 Oct 2022 06:04:19 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
4997
myscript_patron.js
technical-support.cloud/Kxi/o/jss/ Frame 82A9 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://technical-support.cloud/Kxi/o/jss/myscript_patron.js?v=1asff
Requested by
Host: technical-support.cloud
URL: https://technical-support.cloud/Kxi/o/c1.php?cf=a31&nn=a31&bb=6&i=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.102.138.112 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
ip-112-138-102-149.static.contabo.net
Software
Apache /
Resource Hash
d11c78757916595858b32ae58855141527c743a248a40ab157edd1c30b0d1db3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://technical-support.cloud/Kxi/o/c1.php?cf=a31&nn=a31&bb=6&i=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Sat, 29 Oct 2022 13:26:20 GMT
Content-Security-Policy
upgrade-insecure-requests;
Last-Modified
Sat, 29 Oct 2022 06:04:19 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
12201
ajax-loader.gif
technical-support.cloud/Kxi/o/images/ Frame 82A9 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://technical-support.cloud/Kxi/o/images/ajax-loader.gif
Requested by
Host: technical-support.cloud
URL: https://technical-support.cloud/Kxi/o/c1.php?cf=a31&nn=a31&bb=6&i=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.102.138.112 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
ip-112-138-102-149.static.contabo.net
Software
Apache /
Resource Hash
fd458f36d73b7d6434326d18c9229da92384d37303dbdd72fa346597fde23068
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://technical-support.cloud/Kxi/o/c1.php?cf=a31&nn=a31&bb=6&i=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Sat, 29 Oct 2022 13:26:20 GMT
Content-Security-Policy
upgrade-insecure-requests;
Last-Modified
Sat, 29 Oct 2022 06:04:18 GMT
Server
Apache
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
3783
app.js
appleid.cdn-apple.com/appleauth/static/jsj/1577869377/widget/auth/ Frame 82A9 		448 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appleid.cdn-apple.com/appleauth/static/jsj/1577869377/widget/auth/app.js
Requested by
Host: technical-support.cloud
URL: https://technical-support.cloud/Kxi/o/c1.php?cf=a31&nn=a31&bb=6&i=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.134.158 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-134-158.deploy.static.akamaitechnologies.com
Software
Apple /
Resource Hash
4105f266e2ddc97cd4638d92f227d99d29820aec513e574dfd2be54f9a30868d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://technical-support.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Date
Sat, 29 Oct 2022 13:26:20 GMT
Last-Modified
Tue, 20 Jun 2017 06:15:31 GMT
Server
Apple
ETag
W/"458846-1497939331429"
Vary
accept-encoding
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
133120
truncated
/ Frame 82A9 		24 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c382f99f49158456a7b367b9a1a96fe0702e996b2cb5daec67cad7e1b8f5b02c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
myriad-set-pro_text.woff
technical-support.cloud/Kxi/o/css/ Frame 82A9 		105 KB
106 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://technical-support.cloud/Kxi/o/css/myriad-set-pro_text.woff
Requested by
Host: technical-support.cloud
URL: https://technical-support.cloud/Kxi/o/css/fonts2.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.102.138.112 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
ip-112-138-102-149.static.contabo.net
Software
Apache /
Resource Hash
2e7e87280e4a17892cbbd0ab2adc1341b83b8c026f8491daf64680d752e869a8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

Referer
https://technical-support.cloud/Kxi/o/css/fonts2.css
Origin
https://technical-support.cloud
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Sat, 29 Oct 2022 13:26:20 GMT
Content-Security-Policy
upgrade-insecure-requests;
Last-Modified
Sat, 29 Oct 2022 06:04:18 GMT
Server
Apache
Content-Type
font/woff
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
107920
myriad-set-pro_thin.woff
technical-support.cloud/Kxi/o/css/ Frame 82A9 		67 KB
68 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://technical-support.cloud/Kxi/o/css/myriad-set-pro_thin.woff
Requested by
Host: technical-support.cloud
URL: https://technical-support.cloud/Kxi/o/css/fonts2.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.102.138.112 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
ip-112-138-102-149.static.contabo.net
Software
Apache /
Resource Hash
2a49036e25ece04c427d544fb69b00a1dd7376999a98f34afd502e17dfb296c1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

Referer
https://technical-support.cloud/Kxi/o/css/fonts2.css
Origin
https://technical-support.cloud
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Sat, 29 Oct 2022 13:26:20 GMT
Content-Security-Policy
upgrade-insecure-requests;
Last-Modified
Sat, 29 Oct 2022 06:04:18 GMT
Server
Apache
Content-Type
font/woff
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
69068

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Apple (Online)

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| event object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation undefined| PolyFillCustomEvent function| __startFilteringErrors function| __startFilteringUnhandledRejections function| $ function| jQuery function| miFuncion function| close_x

1 Cookies

Domain/Path Name / Value
technical-support.cloud/ Name: PHPSESSID
Value: d232e8d45123d747cd8124e1c9a5a028

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

appleid.cdn-apple.com
code.jquery.com
technical-support.cloud
www.icloud.com
149.102.138.112
2001:4de0:ac18::1:a:1a
2a02:26f0:3500:88c::117e
96.16.134.158
1d0215ad32e637ce0a549c1cc6440eac8d32ac8912ee445e64cb2fd51c7dcd41
1dd142cb948458f8258fa4f7ba5e61bb3060e1b41dbc55eaefce115c3518759f
20b14318d1ded4777435b1dd8540da7c29d620ee96d621db5ef645b2b5050600
2312f7696de36168df6c027b534b7893fe20ae07f21ed87127109d08b3d06979
25eea4dd6528ca99a238dd677a0d8f81571c3eb66019305f8472e2b054bb82f9
2a49036e25ece04c427d544fb69b00a1dd7376999a98f34afd502e17dfb296c1
2e7e87280e4a17892cbbd0ab2adc1341b83b8c026f8491daf64680d752e869a8
4105f266e2ddc97cd4638d92f227d99d29820aec513e574dfd2be54f9a30868d
422dd27463cb6142ded7fa182ca1c220f463d6b38ec18c44fd1685c3b4f64984
4df294a864b5a5b1b441622637565a1cedf4e8e879f39cb483a1b66359fdf86b
51d89294cbffbf328cb91fe7f0de4f7ac73ec33eb73feba0ac7d309d35d5ad9f
64ff0570e91055ef514596d780cd0d07533c5b49236b8a4f8cc05ed1fafcf828
76c73bf38b3630026b249102112d7ad232b08c93128630ee69cf6e50fcd5d1cc
780fedb6a57456f332e8e89da8069fbfd103ca120ca56c5f6a6253d277c993ac
832dc1d13667c3d0d1213a90ee24a013e511912220913dc4f54988b8cea73c5d
893e90f6230962e42231635df650f20544ad22affc3ee396df768eaa6bc5a6a2
c382f99f49158456a7b367b9a1a96fe0702e996b2cb5daec67cad7e1b8f5b02c
d11c78757916595858b32ae58855141527c743a248a40ab157edd1c30b0d1db3
e69849b56d9384d0a7f9c5bf62bf73811a2e59aa5dea61fcd05cbf742ba8a25c
f913bfc260acfd2f4c0fba9827c510e5ab096bd7fc0877b0aa2f439a5254ccca
fd458f36d73b7d6434326d18c9229da92384d37303dbdd72fa346597fde23068