find.devices.today Open in urlscan Pro
2a06:98c1:3121::3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://find.devices.today/help?bpk
Submission: On July 02 via api (July 2nd 2024, 12:04:05 pm UTC) from US — Scanned from NL

Summary HTTP 17 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 2 domains to perform 17 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is find.devices.today.
TLS certificate: Issued by GTS CA 1P5 on May 30th 2024. Valid for: 3 months.

This is the only time find.devices.today was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Apple (Online)

Domain & IP information

	IP Address	AS Autonomous System
7	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:710... 2a02:26f0:7100:982::117e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
17	4

7 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

find.devices.today	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

find.devices.today	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:982::117e (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.icloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	devices.today find.devices.today	2 MB
1	icloud.com www.icloud.com — Cisco Umbrella Rank: 5224 Failed	2 KB
17	2

	Domain	Requested by
15	find.devices.today	find.devices.today
1	www.icloud.com	find.devices.today
17	2

This site contains links to these domains. Also see Links.

Domain
www.icloud.com
apple.com
www.apple.com

Subject Issuer	Validity	Valid
devices.today GTS CA 1P5	`2024-05-30` - `2024-08-28`	3 months	crt.sh
www.icloud.com Apple Public EV Server RSA CA 2 - G1	`2024-06-06` - `2024-12-03`	6 months	crt.sh

This page contains 1 frames:

Primary Page: https://find.devices.today/help?bpk
Frame ID: 80C05C35227486E2F350FAB0FC2D65D1
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

iCloud

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

94 %
HTTPS

67 %
IPv6

2
Domains

2
Subdomains

4
IPs

3
Countries

2301 kB
Transfer

5264 kB
Size

1
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.icloud.com/

Search URL Search Domain Scan URL

URL: https://apple.com/icloud
Title: apple.com/icloud.

Search URL Search Domain Scan URL

URL: https://www.apple.com/support/systemstatus/
Title: Systeemstatus

Search URL Search Domain Scan URL

URL: https://www.apple.com/legal/privacy/
Title: Privacybeleid

Search URL Search Domain Scan URL

URL: https://www.apple.com/legal/internet-services/icloud/
Title: Voorwaarden

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request help Show response
find.devices.today/ 10 KB
3 KB 4640ms
4355ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://find.devices.today/help?bpk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14513b66c67171dabeffd0e3c3acc2e994bc294d2d67193886ada8214942395b

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 89ce7ec3494bb96f-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 02 Jul 2024 12:03:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cK7v1WdWUXGoj2uqm%2FyG6X7xHIubyg1Vm%2Fa%2Fkb%2FnAbdKNz%2FjVYc%2Fu%2B9JWK4zq6cbWbQPb3rl%2B2LSAsVSv1BNOSgyRzvbOSFNus0efdNZhGdNufUjfy%2FqRO5YyP5EhBRr1%2BZU9mI%2BLbf0xBlXh5jVBBs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 2.main.css
find.devices.today/script/icloud_login_2024/script/icloud2024/css/ 135 KB
10 KB 556ms
553ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://find.devices.today/script/icloud_login_2024/script/icloud2024/css/2.main.css
Requested by: Host: find.devices.today
URL: https://find.devices.today/help?bpk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d01dd62a64a4ebad65ab9868ef9cada41e081dcaec24fd153a6f12e4b972571

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://find.devices.today/help?bpk
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 12:03:58 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 07 Jan 2024 06:36:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=St6UOf3ZHzpnMCuD4D3PXOdgQGbEJCl8AVWMI74QL0%2FydDo%2BCpnfoAgsUiuI7ZNJ6gy5MDQILtKwHjjeoZLcpKPlvwWsmAlLevOHt0kGOP%2FbRwJzwLJBcGGHvavqCBIdfZVDAd1n%2BnpDiRJb3r706UQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 89ce7ede8ed3b96f-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 0.main.css
find.devices.today/script/icloud_login_2024/script/icloud2024/css/ 918 KB
85 KB 1175ms
1173ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://find.devices.today/script/icloud_login_2024/script/icloud2024/css/0.main.css
Requested by: Host: find.devices.today
URL: https://find.devices.today/help?bpk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ce039887eda4ff8ffb58c58f7416b50f44d309a90bd8510079c989fe5b5db0c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://find.devices.today/help?bpk
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 12:03:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 07 Jan 2024 06:35:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QH2WlUW6MKP8pB9tyIA7f5WjS%2BfIR6i%2BV5IbmrkpY%2FCjt4JXr6buXwucMxw6Br1aSofhIm%2FB1xxYL8IQHnyr3LMExZs%2Ba3ilDoPt1zfR006CQoTHOMJrcY9CTdyUfU%2BPtZ7YgL%2B%2Fd00wgde%2F4cB4%2FfU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 89ce7ede8ed5b96f-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 2.main.js Show response
find.devices.today/script/icloud_login_2024/script/icloud2024/js/ 1 MB
239 KB 374ms
373ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://find.devices.today/script/icloud_login_2024/script/icloud2024/js/2.main.js
Requested by: Host: find.devices.today
URL: https://find.devices.today/help?bpk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6800896543b4710c63fa006522c1b51fa3ced838fd0651512c4b88495f2a287

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://find.devices.today/help?bpk
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 12:03:58 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 07 Jan 2024 06:15:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AZMgBsAgnp7mX9KHEpvsbwHdeW7DdPsD%2FZy3nNKvTzLzQkkGAN4ewQiWrEV8C99irCOlotc%2BJKCvDwjNRntY9oG7bB7zhwiNoPXi59pLJ5LtlX%2BKjJEXobG2O70SXGlwGuuXnDoYxjD%2FYtdXN8I%2BSMc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 89ce7ede8ed7b96f-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 0.main.js Show response
find.devices.today/script/icloud_login_2024/script/icloud2024/js/ 655 KB
171 KB 569ms
568ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://find.devices.today/script/icloud_login_2024/script/icloud2024/js/0.main.js
Requested by: Host: find.devices.today
URL: https://find.devices.today/help?bpk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a39957b806e8c9f39fe1421a88adcf729ad557ab9bd32891beee5c341a75ca05

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://find.devices.today/help?bpk
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 12:03:58 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 07 Jan 2024 06:15:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fMt7%2FNO27HhgxQnpzqB9aqQVLILMCn0LOLPx%2BNiTV9I5S23jPJxnec71Jp9d0qNxpomIo3xtBP91S%2FRYSkJfIB2OwbQ8%2FcTlP%2FQLr41tnZLeKXBp3OuLvHt7A0QU40J8CfHJY8xTBxYbltKgYltmm5g%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 89ce7ede8ed9b96f-AMS
alt-svc: h3=":443"; ma=86400

GET wallpaper.webp
www.icloud.com/system/icloud.com/2404Project58/ 0
0

GET
H2 200 header_logo.svg
find.devices.today/script/icloud_login_2024/script/icloud2024/img/ 4 KB
2 KB 1332ms
1331ms Image
image/svg+xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://find.devices.today/script/icloud_login_2024/script/icloud2024/img/header_logo.svg
Requested by: Host: find.devices.today
URL: https://find.devices.today/help?bpk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d1591177485adcd8cd1352cf6794d32f0ce2567a153343a40a9f19550b34bac

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://find.devices.today/help?bpk
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 12:03:59 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 10 Jan 2024 11:11:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GbIqMrgPOVr4B%2By9MH%2BOFIMfY8S8BA%2BNEOixR8Mw2Z2ZG1RCSVCX9xEkVSwujO86oi6TyN31RY%2BXqOE385hmJCqIr9wsayIlbIih3EbiGy8BM%2BpxrFQJDMVAuQxFCgJ722LyFkPijG0gTK%2F6997Xqxs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 89ce7ede8edab96f-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 dot3.svg
find.devices.today/script/icloud_login_2024/script/icloud2024/img/ 1 KB
698 B 530ms
529ms Image
image/svg+xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://find.devices.today/script/icloud_login_2024/script/icloud2024/img/dot3.svg
Requested by: Host: find.devices.today
URL: https://find.devices.today/help?bpk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5b09e7d9ba276a8bd06cb15a52c0ea3528674b277884a597aea89f8877606b7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://find.devices.today/help?bpk
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 12:03:58 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 10 Jan 2024 11:14:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1hFzckyozoIILkbW3mNHGgJkweGhyq%2B9m4ILOQppZjXtnpW4S2VV8czu0gRLdjDxQY3Gwgr0qFQYt%2B4Ck8naXbaN050Ox8aidQE9yq%2FwXPkwVrC91R%2Bzy9CCH6ug8jsWcooNrvqeB4C1YvWcpOz8CgA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 89ce7ede8edfb96f-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 fc2b7d9c646c188a2aed32221a4fe795.jpg
find.devices.today/script/icloud_login_2024/script/icloud2024/img/ 15 KB
15 KB 800ms
800ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://find.devices.today/script/icloud_login_2024/script/icloud2024/img/fc2b7d9c646c188a2aed32221a4fe795.jpg
Requested by: Host: find.devices.today
URL: https://find.devices.today/help?bpk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fd318b09575d24158dc627f2b43ca6b3ccc482ecd0a3014fb80765a8e2d0b45

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://find.devices.today/help?bpk
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 12:03:59 GMT
cf-cache-status: MISS
last-modified: Wed, 10 Jan 2024 14:43:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aWh8lfP%2BpGAfIWp9jmqqnSPD5n%2Fww4C8cBtwLdXxaHJ77bKsehZpiJdloM6ZiqStoNqo8nVTJXvfUziDnNzkxhGwAqZpwJF4BKUNODgmhHZgHb1a8TGSuleWSiHyStb2Aub3TOg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89ce7ee1dc679fe1-AMS
alt-svc: h3=":443"; ma=86400
content-length: 15202

GET
H3 200 e6ffc52737977fe1700d423a10874d0b.png
find.devices.today/script/icloud_login_2024/script/icloud2024/img/ 693 KB
694 KB 363ms
363ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://find.devices.today/script/icloud_login_2024/script/icloud2024/img/e6ffc52737977fe1700d423a10874d0b.png
Requested by: Host: find.devices.today
URL: https://find.devices.today/help?bpk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b317f2c8bde39168e0a5ff018a40239b08f4e7a6678851f3a24d20f6b2f3845a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://find.devices.today/help?bpk
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 12:03:59 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 10 Jan 2024 14:37:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EODaPQj%2FSLZ29P8%2BxZ9Ds%2BSeZpiCxpLNRG113cplJtcD%2FobxjXPqgn%2BD8SJL5oS7CCf0CbtmVPF7vNecOYnabV9CCBDUNa%2F%2FSIBnX%2BadB82xneyHtyaiXSVq0GITSHqn5wgC6Ow%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89ce7ee6ec769fe1-AMS
alt-svc: h3=":443"; ma=86400
content-length: 709570

GET
H3 200 c63858bf09261d1e1c206e3930b013d3.png
find.devices.today/script/icloud_login_2024/script/icloud2024/img/ 436 KB
437 KB 422ms
421ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://find.devices.today/script/icloud_login_2024/script/icloud2024/img/c63858bf09261d1e1c206e3930b013d3.png
Requested by: Host: find.devices.today
URL: https://find.devices.today/help?bpk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e804713897cf44075d1f7a9d9e8c756750832b8d931e6c4a2b1e9c5c722d5b4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://find.devices.today/help?bpk
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 12:03:59 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 10 Jan 2024 14:37:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UXtyQ5%2FD%2BITkuqa019gPeIxqL6geYMVb%2FoTqNwxfSkVxAPu7kqaraHO5nExQn3lLbk%2B4xL%2Bvh4%2BbVk0Q4O%2FMTlo9MhSA6OhHQUimNaTdm6%2B7zEztbS1j486xZ2xpjQJlhbiYhLU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89ce7ee70cbf9fe1-AMS
alt-svc: h3=":443"; ma=86400
content-length: 446450

GET
H3 200 main.css
find.devices.today/script/icloud_login_2024/script/icloud2024/css/ 455 KB
47 KB 434ms
433ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://find.devices.today/script/icloud_login_2024/script/icloud2024/css/main.css
Requested by: Host: find.devices.today
URL: https://find.devices.today/help?bpk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3299e5beb59d111d3a8b598314285b7a3eeb6ac9aa5b058db4166a5eae9da614

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://find.devices.today/help?bpk
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 12:03:59 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 07 Jan 2024 06:33:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y8Ce3EISuomhF6sxadNhek0VzrG3wJW8JIrL707ptOHUtNGkPtJaiVUHIdZt7g1v4P7VCZB6boa8RoaMMvlBRJ7y5EWbY%2B6yYzfLPRQBCbjrD0qr2tC4zYpzo5db3TzPwUnODdc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 89ce7ee70cc79fe1-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery-3.7.1.min.js Show response
find.devices.today/script/icloud_login_2024/script/icloud2024/js/ 85 KB
31 KB 560ms
559ms Script
text/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://find.devices.today/script/icloud_login_2024/script/icloud2024/js/jquery-3.7.1.min.js
Requested by: Host: find.devices.today
URL: https://find.devices.today/help?bpk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://find.devices.today/help?bpk
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 12:03:59 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 10 Jan 2024 14:57:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WUx48Vc6miQBRMpZScgUNSsuk1AHCthQ2FyQCjku3fvJectbS4cjWUrSu19W3qpsRuZqnz%2Ba956FftTEiZlHP6JtolM8rvF7B7tmTG4SSjm5za6OujModKouQ4w3laFWIYmIYAU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 89ce7ee70cca9fe1-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 206 fpo@1x.mp4
find.devices.today/script/icloud_login_2024/script/icloud2024/files/ 68 KB
0 430ms
430ms Media
video/mp4 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://find.devices.today/script/icloud_login_2024/script/icloud2024/files/fpo@1x.mp4
Requested by: Host: find.devices.today
URL: https://find.devices.today/help?bpk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer: https://find.devices.today/help?bpk
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 12:03:59 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 10 Jan 2024 14:29:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a1hmwTsH6S47q4h7sT9ByzVcKXkjv5PuqgyhRgpmBHOARy17i3sq5AqCVMM77JjLEvahzVNVQ21yoOeDdi6Sih3r1O4TQjg7CrVCPpj1Z0fa16SK2Zxbe6nslKMDvJ88PoGy%2FZY%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
Content-Range: bytes 0-647681/647682
cache-control: max-age=14400
cf-ray: 89ce7ee71cd99fe1-AMS
alt-svc: h3=":443"; ma=86400
Content-Length: 647682

GET
H3 206 fpo@1x.mp4
find.devices.today/script/icloud_login_2024/script/icloud2024/files/ 25 KB
25 KB 51ms
49ms Media
video/mp4 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://find.devices.today/script/icloud_login_2024/script/icloud2024/files/fpo@1x.mp4
Requested by: Host: find.devices.today
URL: https://find.devices.today/help?bpk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21d0c67d45bb75d1a3d81d1ae83831756d97397f8903f5ec4ee701ed82dc0288

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer: https://find.devices.today/help?bpk
Range: bytes=622592-
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 12:03:59 GMT
cf-cache-status: HIT
last-modified: Wed, 10 Jan 2024 14:29:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iE%2FsdV2BB9qkJlUuhmAD69F1Becj40kstCZ9uJDxbnxDDyfE7RmsN8xFSAxkdHWNjIPYSRs0b9pEiagoXvKJHTpfd3RTL196ffcqAf24k3Tyq090N7sYOaVjj8zxrFtmGnrAVuQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
Content-Range: bytes 622592-647681/647682
cache-control: max-age=14400
cf-ray: 89ce7ee9d9689fe1-AMS
alt-svc: h3=":443"; ma=86400
Content-Length: 25090

GET
H3 206 fpo@1x.mp4
find.devices.today/script/icloud_login_2024/script/icloud2024/files/ 601 KB
540 KB 0ms
0ms Media
video/mp4 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://find.devices.today/script/icloud_login_2024/script/icloud2024/files/fpo@1x.mp4
Requested by: Host: find.devices.today
URL: https://find.devices.today/help?bpk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14f461f94996079f26b52792dbb60d816634a80f751962d57199161332497ab0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer: https://find.devices.today/help?bpk
Range: bytes=32768-
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 12:03:59 GMT
cf-cache-status: HIT
last-modified: Wed, 10 Jan 2024 14:29:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iE%2FsdV2BB9qkJlUuhmAD69F1Becj40kstCZ9uJDxbnxDDyfE7RmsN8xFSAxkdHWNjIPYSRs0b9pEiagoXvKJHTpfd3RTL196ffcqAf24k3Tyq090N7sYOaVjj8zxrFtmGnrAVuQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
Content-Range: bytes 32768-647681/647682
cache-control: max-age=14400
cf-ray: 89ce7ee9d9689fe1-AMS
alt-svc: h3=":443"; ma=86400
Content-Length: 614914

GET
H2 200 favicon.ico
www.icloud.com/ 22 KB
2 KB 59ms
53ms Other
image/x-icon 2a02:26f0:7100:982::117e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.icloud.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:982::117e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AppleHttpServer/b866cf47a603 /

Resource Hash

2ee7ca9b189df54d7ccdd064d75d0143a8229bae9bdb69f37105e59f433c0a8b

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; default-src 'none'; form-action 'none'; frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://find.devices.today/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
content-security-policy: base-uri 'none'; default-src 'none'; form-action 'none'; frame-ancestors 'none'
date: Tue, 02 Jul 2024 12:03:59 GMT
content-version: V1
content-length: 1130
server: AppleHttpServer/b866cf47a603
etag: "1902cc4988046a"
vary: accept-encoding
content-language: en-us
content-type: image/x-icon
access-control-expose-headers: X-Apple-Request-UUID,Via
cache-control: public, max-age=300
x-apple-request-uuid: a60716c7-bd41-4fe7-a801-60b800e0912a
content-location: /favicon.ico.br
x-robots-tag: none, noarchive

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.icloud.com
URL: https://www.icloud.com/system/icloud.com/2404Project58/wallpaper.webp

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Apple (Online)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			find.devices.today/	1970-01-20 21:45:36	Name: CAKEPHP Value: 7b16a6ecdf79914bfa36d8c1ed901c1e

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://find.devices.today/help?bpk Message: The resource https://www.icloud.com/system/icloud.com/2404Project58/wallpaper.webp was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

find.devices.today
www.icloud.com
www.icloud.com
188.114.97.3
2a02:26f0:7100:982::117e
2a06:98c1:3121::3
14513b66c67171dabeffd0e3c3acc2e994bc294d2d67193886ada8214942395b
14f461f94996079f26b52792dbb60d816634a80f751962d57199161332497ab0
21d0c67d45bb75d1a3d81d1ae83831756d97397f8903f5ec4ee701ed82dc0288
2ee7ca9b189df54d7ccdd064d75d0143a8229bae9bdb69f37105e59f433c0a8b
3299e5beb59d111d3a8b598314285b7a3eeb6ac9aa5b058db4166a5eae9da614
3ce039887eda4ff8ffb58c58f7416b50f44d309a90bd8510079c989fe5b5db0c
4e804713897cf44075d1f7a9d9e8c756750832b8d931e6c4a2b1e9c5c722d5b4
5d1591177485adcd8cd1352cf6794d32f0ce2567a153343a40a9f19550b34bac
5fd318b09575d24158dc627f2b43ca6b3ccc482ecd0a3014fb80765a8e2d0b45
7d01dd62a64a4ebad65ab9868ef9cada41e081dcaec24fd153a6f12e4b972571
a39957b806e8c9f39fe1421a88adcf729ad557ab9bd32891beee5c341a75ca05
b317f2c8bde39168e0a5ff018a40239b08f4e7a6678851f3a24d20f6b2f3845a
d6800896543b4710c63fa006522c1b51fa3ced838fd0651512c4b88495f2a287
f5b09e7d9ba276a8bd06cb15a52c0ea3528674b277884a597aea89f8877606b7
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

find.devices.today Open in urlscan Pro 2a06:98c1:3121::3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

17 Requests

94 %HTTPS

67 %IPv6

2 Domains

2 Subdomains

4 IPs

3 Countries

2301 kBTransfer

5264 kBSize

1 Cookies

5 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

6 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

find.devices.today Open in urlscan Pro
2a06:98c1:3121::3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

94 %
HTTPS

67 %
IPv6

2
Domains

2
Subdomains

4
IPs

3
Countries

2301 kB
Transfer

5264 kB
Size

1
Cookies

17 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!