URL: http://404htm1l.verif1.repl.co/
Submission: On November 22 via manual from CZ — Scanned from DE

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 5 HTTP transactions. The main IP is 34.149.204.188, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is 404htm1l.verif1.repl.co.
This is the only time 404htm1l.verif1.repl.co was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
5 34.149.204.188 15169 (GOOGLE)
5 1
Apex Domain
Subdomains
Transfer
5 repl.co
404htm1l.verif1.repl.co
44 KB
5 1
Domain Requested by
5 404htm1l.verif1.repl.co 404htm1l.verif1.repl.co
5 1

This site contains no links.

Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://404htm1l.verif1.repl.co/
Frame ID: 6DA6D7741C0590DF8C3FFA24C0C2732C
Requests: 5 HTTP requests in this frame

Screenshot


Page Statistics

5
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

44 kB
Transfer

43 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
404htm1l.verif1.repl.co/
1 KB
2 KB
Document
General
Full URL
http://404htm1l.verif1.repl.co/
Protocol
HTTP/1.1
Server
34.149.204.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.204.149.34.bc.googleusercontent.com
Software
/ PHP/7.2.24-0ubuntu0.18.04.7
Resource Hash
6798489dac21c63b358641cc6c0d68f62ac38be976a493a95aa86298d49b487b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Type
text/html; charset=UTF-8
Date
Tue, 22 Nov 2022 18:23:37 GMT
Host
404htm1l.verif1.repl.co
Replit-Cluster
global
Transfer-Encoding
chunked
Via
1.1 google
X-Powered-By
PHP/7.2.24-0ubuntu0.18.04.7
estilo.css
404htm1l.verif1.repl.co/
3 KB
3 KB
Stylesheet
General
Full URL
http://404htm1l.verif1.repl.co/estilo.css
Requested by
Host: 404htm1l.verif1.repl.co
URL: http://404htm1l.verif1.repl.co/
Protocol
HTTP/1.1
Server
34.149.204.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.204.149.34.bc.googleusercontent.com
Software
/
Resource Hash
eb71a55f4c3775f142abeb4d2061caea9da95f78e6b79f82dd3ef1419c7dc816

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://404htm1l.verif1.repl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 18:23:37 GMT
Via
1.1 google
Host
404htm1l.verif1.repl.co
Replit-Cluster
global
Content-Length
2809
Content-Type
text/css; charset=UTF-8
hotmail.jpg
404htm1l.verif1.repl.co/
3 KB
3 KB
Image
General
Full URL
http://404htm1l.verif1.repl.co/hotmail.jpg
Requested by
Host: 404htm1l.verif1.repl.co
URL: http://404htm1l.verif1.repl.co/
Protocol
HTTP/1.1
Server
34.149.204.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.204.149.34.bc.googleusercontent.com
Software
/
Resource Hash
981b4809872d27aa2e26bb1c78051a6ccfb4ba33a394c2ce68f2869feddfc413

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://404htm1l.verif1.repl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 18:23:37 GMT
Via
1.1 google
Host
404htm1l.verif1.repl.co
Replit-Cluster
global
Content-Length
2651
Content-Type
image/jpeg
llave.jpg
404htm1l.verif1.repl.co/
1 KB
1 KB
Image
General
Full URL
http://404htm1l.verif1.repl.co/llave.jpg
Requested by
Host: 404htm1l.verif1.repl.co
URL: http://404htm1l.verif1.repl.co/
Protocol
HTTP/1.1
Server
34.149.204.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.204.149.34.bc.googleusercontent.com
Software
/
Resource Hash
8b7a468b57fb23a55dabdb0aa6bf27ddf2290eb73b10799ca64aafac6c9fcd31

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://404htm1l.verif1.repl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 18:23:37 GMT
Via
1.1 google
Host
404htm1l.verif1.repl.co
Replit-Cluster
global
Content-Length
1290
Content-Type
image/jpeg
background.jpg
404htm1l.verif1.repl.co/
35 KB
36 KB
Image
General
Full URL
http://404htm1l.verif1.repl.co/background.jpg
Requested by
Host: 404htm1l.verif1.repl.co
URL: http://404htm1l.verif1.repl.co/estilo.css
Protocol
HTTP/1.1
Server
34.149.204.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.204.149.34.bc.googleusercontent.com
Software
/
Resource Hash
fa333034a79f11b00088a93e3023b058dcaec1b5643e5e425e247407907324e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://404htm1l.verif1.repl.co/estilo.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 18:23:37 GMT
Via
1.1 google
Host
404htm1l.verif1.repl.co
Replit-Cluster
global
Content-Length
36317
Content-Type
image/jpeg

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies