sombersteepelement.informacion88.repl.co Open in urlscan Pro
34.149.204.188 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sombersteepelement.informacion88.repl.co/
Effective URL:
http://sombersteepelement.informacion88.repl.co/
Submission Tags: replit-anti-abuse
Submission: On August 26 via api (August 26th 2022, 5:08:21 am UTC) from US — Scanned from DE

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 13 HTTP transactions. The main IP is 34.149.204.188, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is sombersteepelement.informacion88.repl.co.

This is the only time sombersteepelement.informacion88.repl.co was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banco Galicia (Banking)

Domain & IP information

	IP Address		AS Autonomous System
13	34.149.204.188 34.149.204.188		15169 (GOOGLE) (GOOGLE)
13	1

13 34.149.204.188 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 188.204.149.34.bc.googleusercontent.com

sombersteepelement.informacion88.repl.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	repl.co sombersteepelement.informacion88.repl.co	3 MB
13	1

	Domain	Requested by
13	sombersteepelement.informacion88.repl.co	sombersteepelement.informacion88.repl.co
13	1

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://sombersteepelement.informacion88.repl.co/
Frame ID: 478DADE6A60BADBF24AD5AE84048A124
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Galicia

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Page Statistics

13
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

2651 kB
Transfer

2649 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response sombersteepelement.informacion88.repl.co/	12 KB 12 KB	548ms 361ms	Document text/html	34.149.204.188 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://sombersteepelement.informacion88.repl.co/ Protocol HTTP/1.1 Server 34.149.204.188 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 188.204.149.34.bc.googleusercontent.com Software / PHP/7.4.21 Resource Hash `9cc7b2c3ff275562cc08ef902cadf8d6b22caca0da08d77ee782d975ce7d6d45` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Content-Type text/html; charset=UTF-8 Date Fri, 26 Aug 2022 05:08:15 GMT Host sombersteepelement.informacion88.repl.co Replit-Cluster global Transfer-Encoding chunked Via 1.1 google X-Powered-By PHP/7.4.21
GET H/1.1	200 OK	bootstrap.min.css sombersteepelement.informacion88.repl.co/fis/	121 KB 121 KB	270ms 261ms	Stylesheet text/css	34.149.204.188 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://sombersteepelement.informacion88.repl.co/fis/bootstrap.min.css Requested by Host: sombersteepelement.informacion88.repl.co URL: http://sombersteepelement.informacion88.repl.co/ Protocol HTTP/1.1 Server 34.149.204.188 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 188.204.149.34.bc.googleusercontent.com Software / Resource Hash `2d12848b00ebaaec53f63e33f10e142b316c72f093c6bdddbea63e0349c728b6` Request headers accept-language de-DE,de;q=0.9 Referer http://sombersteepelement.informacion88.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Fri, 26 Aug 2022 05:08:15 GMT Via 1.1 google Host sombersteepelement.informacion88.repl.co Replit-Cluster global Content-Length 123764 Content-Type text/css; charset=UTF-8
GET H/1.1	200 OK	default.min.css sombersteepelement.informacion88.repl.co/fis/	1 MB 1 MB	287ms 274ms	Stylesheet text/css	34.149.204.188 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://sombersteepelement.informacion88.repl.co/fis/default.min.css Requested by Host: sombersteepelement.informacion88.repl.co URL: http://sombersteepelement.informacion88.repl.co/ Protocol HTTP/1.1 Server 34.149.204.188 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 188.204.149.34.bc.googleusercontent.com Software / Resource Hash `adf4ed7b2002cefea896c969877b6638ef5cd0d78d956819b3b0e32abbea9e7e` Request headers accept-language de-DE,de;q=0.9 Referer http://sombersteepelement.informacion88.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Fri, 26 Aug 2022 05:08:15 GMT Via 1.1 google Host sombersteepelement.informacion88.repl.co Replit-Cluster global Content-Length 1242134 Content-Type text/css; charset=UTF-8
GET H/1.1	200 OK	keyboard.css sombersteepelement.informacion88.repl.co/fis/	492 B 697 B	272ms 258ms	Stylesheet text/css	34.149.204.188 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://sombersteepelement.informacion88.repl.co/fis/keyboard.css Requested by Host: sombersteepelement.informacion88.repl.co URL: http://sombersteepelement.informacion88.repl.co/ Protocol HTTP/1.1 Server 34.149.204.188 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 188.204.149.34.bc.googleusercontent.com Software / Resource Hash `612a237e8ee113c28afb5b58bce39eed244dc31b6d2127b45da334edca204b85` Request headers accept-language de-DE,de;q=0.9 Referer http://sombersteepelement.informacion88.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Fri, 26 Aug 2022 05:08:15 GMT Via 1.1 google Host sombersteepelement.informacion88.repl.co Replit-Cluster global Content-Length 492 Content-Type text/css; charset=UTF-8
GET H/1.1	200 OK	simple-keyboard.css sombersteepelement.informacion88.repl.co/fis/	3 KB 3 KB	369ms 355ms	Stylesheet text/css	34.149.204.188 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://sombersteepelement.informacion88.repl.co/fis/simple-keyboard.css Requested by Host: sombersteepelement.informacion88.repl.co URL: http://sombersteepelement.informacion88.repl.co/ Protocol HTTP/1.1 Server 34.149.204.188 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 188.204.149.34.bc.googleusercontent.com Software / Resource Hash `c46e9d5b86e7a9c0405f4edb56d1f7f8a4a463dca80ff9b99b916da39064a233` Request headers accept-language de-DE,de;q=0.9 Referer http://sombersteepelement.informacion88.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Fri, 26 Aug 2022 05:08:15 GMT Via 1.1 google Host sombersteepelement.informacion88.repl.co Replit-Cluster global Content-Length 2790 Content-Type text/css; charset=UTF-8
GET H/1.1	200 OK	customcarousel.min.css sombersteepelement.informacion88.repl.co/fis/	2 KB 2 KB	235ms 222ms	Stylesheet text/css	34.149.204.188 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://sombersteepelement.informacion88.repl.co/fis/customcarousel.min.css Requested by Host: sombersteepelement.informacion88.repl.co URL: http://sombersteepelement.informacion88.repl.co/ Protocol HTTP/1.1 Server 34.149.204.188 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 188.204.149.34.bc.googleusercontent.com Software / Resource Hash `f397778bb003ff2d647f5d7d90050f9b50f43622fb02637c8537f159f460bbad` Request headers accept-language de-DE,de;q=0.9 Referer http://sombersteepelement.informacion88.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Fri, 26 Aug 2022 05:08:15 GMT Via 1.1 google Host sombersteepelement.informacion88.repl.co Replit-Cluster global Content-Length 1949 Content-Type text/css; charset=UTF-8
GET H/1.1	200 OK	titl.png sombersteepelement.informacion88.repl.co/fis/	902 B 1 KB	231ms 229ms	Image image/png	34.149.204.188 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL http://sombersteepelement.informacion88.repl.co/fis/titl.png Requested by Host: sombersteepelement.informacion88.repl.co URL: http://sombersteepelement.informacion88.repl.co/ Protocol HTTP/1.1 Server 34.149.204.188 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 188.204.149.34.bc.googleusercontent.com Software / Resource Hash `be9d8f21c2d215622dee4fdfbf605fa1e6fbd8830553aba34140b5b47aea1863` Request headers accept-language de-DE,de;q=0.9 Referer http://sombersteepelement.informacion88.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Fri, 26 Aug 2022 05:08:15 GMT Via 1.1 google Host sombersteepelement.informacion88.repl.co Replit-Cluster global Content-Length 902 Content-Type image/png
GET H/1.1	200 OK	tecl.png sombersteepelement.informacion88.repl.co/fis/	409 B 600 B	236ms 236ms	Image image/png	34.149.204.188 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL http://sombersteepelement.informacion88.repl.co/fis/tecl.png Requested by Host: sombersteepelement.informacion88.repl.co URL: http://sombersteepelement.informacion88.repl.co/ Protocol HTTP/1.1 Server 34.149.204.188 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 188.204.149.34.bc.googleusercontent.com Software / Resource Hash `ae9668d3cd1491510cbd1e97a1e1bb47cfc1d2fd59adfb4ad59a9e73de1ba88d` Request headers accept-language de-DE,de;q=0.9 Referer http://sombersteepelement.informacion88.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Fri, 26 Aug 2022 05:08:15 GMT Via 1.1 google Host sombersteepelement.informacion88.repl.co Replit-Cluster global Content-Length 409 Content-Type image/png
GET H/1.1	200 OK	logo.png sombersteepelement.informacion88.repl.co/fis/	42 KB 42 KB	253ms 252ms	Image image/png	34.149.204.188 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL http://sombersteepelement.informacion88.repl.co/fis/logo.png Requested by Host: sombersteepelement.informacion88.repl.co URL: http://sombersteepelement.informacion88.repl.co/fis/default.min.css Protocol HTTP/1.1 Server 34.149.204.188 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 188.204.149.34.bc.googleusercontent.com Software / Resource Hash `e854776c611f6246074b3deaa598e832f293b264fca5f3587089035a2309ed92` Request headers accept-language de-DE,de;q=0.9 Referer http://sombersteepelement.informacion88.repl.co/fis/default.min.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Fri, 26 Aug 2022 05:08:16 GMT Via 1.1 google Host sombersteepelement.informacion88.repl.co Replit-Cluster global Content-Length 42705 Content-Type image/png
GET H/1.1	200 OK	burbu.png sombersteepelement.informacion88.repl.co/fis/	1 MB 1 MB	235ms 234ms	Image image/png	34.149.204.188 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL http://sombersteepelement.informacion88.repl.co/fis/burbu.png Requested by Host: sombersteepelement.informacion88.repl.co URL: http://sombersteepelement.informacion88.repl.co/fis/default.min.css Protocol HTTP/1.1 Server 34.149.204.188 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 188.204.149.34.bc.googleusercontent.com Software / Resource Hash `82bc584fee883c53f99cabf1cd92931813e35383a44fcd706ad38ddd65bb9bf9` Request headers accept-language de-DE,de;q=0.9 Referer http://sombersteepelement.informacion88.repl.co/fis/default.min.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Fri, 26 Aug 2022 05:08:16 GMT Via 1.1 google Host sombersteepelement.informacion88.repl.co Replit-Cluster global Content-Length 1285461 Content-Type image/png
GET H/1.1	404 Not Found	Inter-Regular.woff2 sombersteepelement.informacion88.repl.co/Content/fonts/	0 0	222ms 222ms	Font text/html	34.149.204.188 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://sombersteepelement.informacion88.repl.co/Content/fonts/Inter-Regular.woff2 Requested by Host: sombersteepelement.informacion88.repl.co URL: http://sombersteepelement.informacion88.repl.co/fis/default.min.css Protocol HTTP/1.1 Server 34.149.204.188 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 188.204.149.34.bc.googleusercontent.com Software / Resource Hash Request headers Referer http://sombersteepelement.informacion88.repl.co/fis/default.min.css Origin http://sombersteepelement.informacion88.repl.co accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Fri, 26 Aug 2022 05:08:16 GMT Via 1.1 google Host sombersteepelement.informacion88.repl.co Replit-Cluster global Content-Length 566 Content-Type text/html; charset=UTF-8
GET H/1.1	404 Not Found	Inter-Regular.woff sombersteepelement.informacion88.repl.co/Content/fonts/	0 0	264ms 263ms	Font text/html	34.149.204.188 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://sombersteepelement.informacion88.repl.co/Content/fonts/Inter-Regular.woff Requested by Host: sombersteepelement.informacion88.repl.co URL: http://sombersteepelement.informacion88.repl.co/fis/default.min.css Protocol HTTP/1.1 Server 34.149.204.188 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 188.204.149.34.bc.googleusercontent.com Software / Resource Hash Request headers Referer http://sombersteepelement.informacion88.repl.co/fis/default.min.css Origin http://sombersteepelement.informacion88.repl.co accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Fri, 26 Aug 2022 05:08:16 GMT Via 1.1 google Host sombersteepelement.informacion88.repl.co Replit-Cluster global Content-Length 565 Content-Type text/html; charset=UTF-8
GET H/1.1	404 Not Found	Inter-Regular.ttf sombersteepelement.informacion88.repl.co/Content/fonts/	0 0	217ms 217ms	Font text/html	34.149.204.188 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://sombersteepelement.informacion88.repl.co/Content/fonts/Inter-Regular.ttf Requested by Host: sombersteepelement.informacion88.repl.co URL: http://sombersteepelement.informacion88.repl.co/fis/default.min.css Protocol HTTP/1.1 Server 34.149.204.188 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 188.204.149.34.bc.googleusercontent.com Software / Resource Hash Request headers Referer http://sombersteepelement.informacion88.repl.co/fis/default.min.css Origin http://sombersteepelement.informacion88.repl.co accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Fri, 26 Aug 2022 05:08:16 GMT Via 1.1 google Host sombersteepelement.informacion88.repl.co Replit-Cluster global Content-Length 564 Content-Type text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banco Galicia (Banking)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://sombersteepelement.informacion88.repl.co/Content/fonts/Inter-Regular.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://sombersteepelement.informacion88.repl.co/Content/fonts/Inter-Regular.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://sombersteepelement.informacion88.repl.co/Content/fonts/Inter-Regular.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

sombersteepelement.informacion88.repl.co
34.149.204.188
2d12848b00ebaaec53f63e33f10e142b316c72f093c6bdddbea63e0349c728b6
612a237e8ee113c28afb5b58bce39eed244dc31b6d2127b45da334edca204b85
82bc584fee883c53f99cabf1cd92931813e35383a44fcd706ad38ddd65bb9bf9
9cc7b2c3ff275562cc08ef902cadf8d6b22caca0da08d77ee782d975ce7d6d45
adf4ed7b2002cefea896c969877b6638ef5cd0d78d956819b3b0e32abbea9e7e
ae9668d3cd1491510cbd1e97a1e1bb47cfc1d2fd59adfb4ad59a9e73de1ba88d
be9d8f21c2d215622dee4fdfbf605fa1e6fbd8830553aba34140b5b47aea1863
c46e9d5b86e7a9c0405f4edb56d1f7f8a4a463dca80ff9b99b916da39064a233
e854776c611f6246074b3deaa598e832f293b264fca5f3587089035a2309ed92
f397778bb003ff2d647f5d7d90050f9b50f43622fb02637c8537f159f460bbad

sombersteepelement.informacion88.repl.co Open in urlscan Pro 34.149.204.188 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

13 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

2651 kBTransfer

2649 kBSize

0 Cookies

0 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

6 JavaScript Global Variables

0 Cookies

3 Console Messages

Indicators

sombersteepelement.informacion88.repl.co Open in urlscan Pro
34.149.204.188 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

2651 kB
Transfer

2649 kB
Size

0
Cookies

13 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!