404htm1l.verif1.repl.co

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 5 HTTP transactions. The main IP is 34.149.204.188, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is 404htm1l.verif1.repl.co.

This is the only time 404htm1l.verif1.repl.co was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

	IP Address		AS Autonomous System
5	34.149.204.188 34.149.204.188		15169 (GOOGLE) (GOOGLE)
5	1

5 34.149.204.188 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 188.204.149.34.bc.googleusercontent.com

404htm1l.verif1.repl.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	repl.co 404htm1l.verif1.repl.co	44 KB
5	1

	Domain	Requested by
5	404htm1l.verif1.repl.co	404htm1l.verif1.repl.co
5	1

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://404htm1l.verif1.repl.co/
Frame ID: 6DA6D7741C0590DF8C3FFA24C0C2732C
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Confirma tu cuenta Microsoft

Page Statistics

5
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

44 kB
Transfer

43 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response 404htm1l.verif1.repl.co/	1 KB 2 KB	421ms 280ms	Document text/html	34.149.204.188 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://404htm1l.verif1.repl.co/ Protocol HTTP/1.1 Server 34.149.204.188 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 188.204.149.34.bc.googleusercontent.com Software / PHP/7.2.24-0ubuntu0.18.04.7 Resource Hash `6798489dac21c63b358641cc6c0d68f62ac38be976a493a95aa86298d49b487b` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Content-Type text/html; charset=UTF-8 Date Tue, 22 Nov 2022 18:23:37 GMT Host 404htm1l.verif1.repl.co Replit-Cluster global Transfer-Encoding chunked Via 1.1 google X-Powered-By PHP/7.2.24-0ubuntu0.18.04.7
GET H/1.1	200 OK	estilo.css 404htm1l.verif1.repl.co/	3 KB 3 KB	279ms 277ms	Stylesheet text/css	34.149.204.188 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://404htm1l.verif1.repl.co/estilo.css Requested by Host: 404htm1l.verif1.repl.co URL: http://404htm1l.verif1.repl.co/ Protocol HTTP/1.1 Server 34.149.204.188 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 188.204.149.34.bc.googleusercontent.com Software / Resource Hash `eb71a55f4c3775f142abeb4d2061caea9da95f78e6b79f82dd3ef1419c7dc816` Request headers accept-language de-DE,de;q=0.9 Referer http://404htm1l.verif1.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Date Tue, 22 Nov 2022 18:23:37 GMT Via 1.1 google Host 404htm1l.verif1.repl.co Replit-Cluster global Content-Length 2809 Content-Type text/css; charset=UTF-8
GET H/1.1	200 OK	hotmail.jpg 404htm1l.verif1.repl.co/	3 KB 3 KB	294ms 277ms	Image image/jpeg	34.149.204.188 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL http://404htm1l.verif1.repl.co/hotmail.jpg Requested by Host: 404htm1l.verif1.repl.co URL: http://404htm1l.verif1.repl.co/ Protocol HTTP/1.1 Server 34.149.204.188 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 188.204.149.34.bc.googleusercontent.com Software / Resource Hash `981b4809872d27aa2e26bb1c78051a6ccfb4ba33a394c2ce68f2869feddfc413` Request headers accept-language de-DE,de;q=0.9 Referer http://404htm1l.verif1.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Date Tue, 22 Nov 2022 18:23:37 GMT Via 1.1 google Host 404htm1l.verif1.repl.co Replit-Cluster global Content-Length 2651 Content-Type image/jpeg
GET H/1.1	200 OK	llave.jpg 404htm1l.verif1.repl.co/	1 KB 1 KB	276ms 261ms	Image image/jpeg	34.149.204.188 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL http://404htm1l.verif1.repl.co/llave.jpg Requested by Host: 404htm1l.verif1.repl.co URL: http://404htm1l.verif1.repl.co/ Protocol HTTP/1.1 Server 34.149.204.188 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 188.204.149.34.bc.googleusercontent.com Software / Resource Hash `8b7a468b57fb23a55dabdb0aa6bf27ddf2290eb73b10799ca64aafac6c9fcd31` Request headers accept-language de-DE,de;q=0.9 Referer http://404htm1l.verif1.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Date Tue, 22 Nov 2022 18:23:37 GMT Via 1.1 google Host 404htm1l.verif1.repl.co Replit-Cluster global Content-Length 1290 Content-Type image/jpeg
GET H/1.1	200 OK	background.jpg 404htm1l.verif1.repl.co/	35 KB 36 KB	275ms 274ms	Image image/jpeg	34.149.204.188 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL http://404htm1l.verif1.repl.co/background.jpg Requested by Host: 404htm1l.verif1.repl.co URL: http://404htm1l.verif1.repl.co/estilo.css Protocol HTTP/1.1 Server 34.149.204.188 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 188.204.149.34.bc.googleusercontent.com Software / Resource Hash `fa333034a79f11b00088a93e3023b058dcaec1b5643e5e425e247407907324e9` Request headers accept-language de-DE,de;q=0.9 Referer http://404htm1l.verif1.repl.co/estilo.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Date Tue, 22 Nov 2022 18:23:37 GMT Via 1.1 google Host 404htm1l.verif1.repl.co Replit-Cluster global Content-Length 36317 Content-Type image/jpeg

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

404htm1l.verif1.repl.co
34.149.204.188
6798489dac21c63b358641cc6c0d68f62ac38be976a493a95aa86298d49b487b
8b7a468b57fb23a55dabdb0aa6bf27ddf2290eb73b10799ca64aafac6c9fcd31
981b4809872d27aa2e26bb1c78051a6ccfb4ba33a394c2ce68f2869feddfc413
eb71a55f4c3775f142abeb4d2061caea9da95f78e6b79f82dd3ef1419c7dc816
fa333034a79f11b00088a93e3023b058dcaec1b5643e5e425e247407907324e9

404htm1l.verif1.repl.co Open in urlscan Pro 34.149.204.188 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

5 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

44 kBTransfer

43 kBSize

0 Cookies

0 Outgoing links

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

0 Cookies

Indicators

404htm1l.verif1.repl.co Open in urlscan Pro
34.149.204.188 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

44 kB
Transfer

43 kB
Size

0
Cookies

5 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!