How can I report a Repl?

IanAtCSTeach · June 10, 2023, 4:31pm

How can I report a Repl?

You are hopefully here because you want to report a Repl. Maybe it is for phishing, inappropriate content, or something else.

This is a common question on Ask so we have made it a resource. Thank you to @akac for the information below (I’ve edited it slightly to be more generic) and @codingcactus for the image:

If you are concerned about a webpage hosted on Replit and are not sure how to get to the project’s spotlight page from a repl.co address, just add /__repl to the end of the web address.

For example:

To report the Repl linked with the URL https://honestlynot.ascam.repl.co/ just add /__repl to the URL so it becomes:

https://honestlynot.ascam.repl.co/__repl

You can find more information on how to make reports here:
https://docs.replit.com/legal-and-security-info/trust-and-safety#how-to-make-reports

HexScript · June 10, 2023, 5:01pm

If somebody stumble upon a replit with encoded or obfuscated code then it is good to activate Caution: Danger Ahead mode.

Another warning signs are that user is freemium user with fairly new account as people who try to scam, troll or cause harm quite often don’t like to spend real money on their accounts as they lose that investment if their account is banned because they post unsafe code.

There is also great free tools like virus total that can be used to scan content of the URL if its safe or not before entering them.

not-ethan · June 10, 2023, 5:03pm

So phishing sites if I understand correctly? If so we know about them and remove literal hundreds every day.

HexScript · June 13, 2023, 3:13pm

I mostly, encounter replits with obfuscated JavaScript code. When I copy and scan the code with an antivirus program (without running it in my browser) or scan it with some online tool, it warns about potential risks like unsafe redirects or attempts to exploit browser vulnerabilities. I never run suspicious replits and report them.

I can usually tell when a replit or its code seems sketchy and potentially unsafe but not make final call if it is safe or not that why I report them.

One trick to fool phishing sites is type in wrong user name and password if it still logs you in. It is fake site that try to steal your userId and password.

juanignaciomarc · November 12, 2023, 7:54pm

In order to report a phishing account you are forced to create an account? What type of scam site is this? I’m reporting your website to google, microsoft and all the companies I have at hand.
It seems you allow phishing website just to get more users, nice move guys

not-ethan · November 12, 2023, 7:58pm

Hey @juanignaciomarc welcome to the forums!

Yes you do need an account. I think its like this to reduce spam reports as we only have so many moderators to handle the reports

juanignaciomarc · November 12, 2023, 8:29pm

I have reported http://validacioness.datoscl.repl.co/ but it’s still up and running. So you have many moderators but don’t like to work it seems… I have reported replit to google, microsoft, a couple of antivirus sites and even filled a report in complaint.ic3.gov and reportfraud ftc. Hope they can get the account banned as well as yours for allowing phishing websites.
Regards

not-ethan · November 12, 2023, 8:40pm

Its currently the weekend so the staff that help moderate arent working and they are the only ones that have the power to delete stuff. And us community moderaters we are volunteers so we may not moderate every day.

python660 · November 12, 2023, 10:36pm

Well… You’d probably should hope that not many people would have to come here in the first place

hmm… does that mean the scammers would have their site guaranteed to be up for 2.5 days if they post it at the end of the Replit workday on friday?

not-ethan · November 12, 2023, 10:40pm

In theory yes unless staff logs on during the weekend.

jeiksegovia · December 22, 2023, 2:54pm

Thanks, I just reported a phishing site