repl's Being Abused for Phishing

I received the following link over Facebook, which leads to a phishing page that resembles Facebook.

IMHO, badly needs a feature to report these!

Peeking at the code,

  • They've banned a bunch of IPs from that page, redirecting them to as song "Hawái" by "Maluma"... idea why. They seem to belong to a bunch of US ISPs.

  • The page loads a script from
  • When you click "log in", it POSTs the values of the form along with a bunch of geographical data retrieved via GeoJS, to
  • They also grab an image from which looks like a website traffic analytics tool.

Report them: and [email protected].

You are viewing a single comment. View All
Answered by SixBeeps [earned 5 cycles]
View Answer

@RavinduL when I go to now it brings me to is this a remake of it too, or is it the real one, cause some users can find a domain that is exactly the same as another