404htm1l.verif1.repl.co
Open in
urlscan Pro
34.149.204.188
Malicious Activity!
Public Scan
Submission: On November 22 via manual from CZ — Scanned from DE
Summary
This is the only time 404htm1l.verif1.repl.co was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Microsoft (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
5 | 34.149.204.188 34.149.204.188 | 15169 (GOOGLE) (GOOGLE) | |
5 | 1 |
ASN15169 (GOOGLE, US)
PTR: 188.204.149.34.bc.googleusercontent.com
404htm1l.verif1.repl.co |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
repl.co
404htm1l.verif1.repl.co |
44 KB |
5 | 1 |
Domain | Requested by | |
---|---|---|
5 | 404htm1l.verif1.repl.co |
404htm1l.verif1.repl.co
|
5 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://404htm1l.verif1.repl.co/
Frame ID: 6DA6D7741C0590DF8C3FFA24C0C2732C
Requests: 5 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
5 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
404htm1l.verif1.repl.co/ |
1 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
estilo.css
404htm1l.verif1.repl.co/ |
3 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hotmail.jpg
404htm1l.verif1.repl.co/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
llave.jpg
404htm1l.verif1.repl.co/ |
1 KB 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
background.jpg
404htm1l.verif1.repl.co/ |
35 KB 36 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Microsoft (Consumer)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
404htm1l.verif1.repl.co
34.149.204.188
6798489dac21c63b358641cc6c0d68f62ac38be976a493a95aa86298d49b487b
8b7a468b57fb23a55dabdb0aa6bf27ddf2290eb73b10799ca64aafac6c9fcd31
981b4809872d27aa2e26bb1c78051a6ccfb4ba33a394c2ce68f2869feddfc413
eb71a55f4c3775f142abeb4d2061caea9da95f78e6b79f82dd3ef1419c7dc816
fa333034a79f11b00088a93e3023b058dcaec1b5643e5e425e247407907324e9