urlscan.io logo urlscan.io
SecurityTrails logo

request-61-submit.requests-submit.repl.co Open in urlscan Pro
34.160.67.231  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://request-61-submit.requests-submit.repl.co/
Effective URL: https://request-61-submit.requests-submit.repl.co/
Submission: On October 14 via automatic, source openphish — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 1 HTTP transactions. The main IP is 34.160.67.231, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is request-61-submit.requests-submit.repl.co.
TLS certificate: Issued by GTS CA 1P5 on October 11th 2023. Valid for: 3 months.
This is the only time request-61-submit.requests-submit.repl.co was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

IP Address AS Autonomous System
1 2 34.160.67.231 396982 (GOOGLE-CL...)
1 2
Apex Domain
Subdomains		 Transfer
2 repl.co
request-61-submit.requests-submit.repl.co
1 MB
1 1
Domain Requested by
2 request-61-submit.requests-submit.repl.co 1 redirects
1 1

This site contains links to these domains. Also see Links.

Domain
submit-request-067.lovestoblog.com
detailed-video-29b30.web.app
about.meta.com
www.facebook.com
Subject Issuer Validity Valid
requests-submit.repl.co
GTS CA 1P5		 2023-10-11 -
2024-01-09		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://request-61-submit.requests-submit.repl.co/
Frame ID: 12148176E8A04C58A3FD05E7A2451A11
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Action Required | Facebook

Page URL History Show full URLs

  1. http://request-61-submit.requests-submit.repl.co/ HTTP 308
    https://request-61-submit.requests-submit.repl.co/ Page URL

Page Statistics

1
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

1450 kB
Transfer

1457 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://request-61-submit.requests-submit.repl.co/ HTTP 308
    https://request-61-submit.requests-submit.repl.co/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
request-61-submit.requests-submit.repl.co/
Redirect Chain
  • http://request-61-submit.requests-submit.repl.co/
  • https://request-61-submit.requests-submit.repl.co/
1 MB
1 MB 		Document
General
Check archive.org
Download Go to
Full URL
https://request-61-submit.requests-submit.repl.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.160.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
231.67.160.34.bc.googleusercontent.com
Software
/
Resource Hash
58867f685b5f25feb6568490ef951c927a95b9b3ce8e1112ea8f61c203b59b48
Security Headers
Name Value
Strict-Transport-Security max-age=7561521; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Content-Length
1484187
Content-Type
text/html; charset=utf-8
Date
Sat, 14 Oct 2023 02:22:25 GMT
Expect-Ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
Replit-Cluster
asia-b
Strict-Transport-Security
max-age=7561521; includeSubDomains

Redirect headers

Content-Length
86
Content-Type
text/html; charset=utf-8
Date
Sat, 14 Oct 2023 02:22:24 GMT
Location
https://request-61-submit.requests-submit.repl.co/
Replit-Cluster
asia-b
Via
1.1 google
truncated
/ 		846 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a6aaca4023daaa66aeb85fa91a18a688ff46621acb7bb5ced681bea5bd13c75f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/gif

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| googleTranslateElementInit

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=7561521; includeSubDomains