How can I report a Repl?

General
1

How can I report a Repl?

You are hopefully here because you want to report a Repl. Maybe it is for phishing, inappropriate content, or something else.

This is a common question on Ask so we have made it a resource. Thank you to @akac for the information below (I’ve edited it slightly to be more generic) and @codingcactus for the image:

image

If you are concerned about a webpage hosted on Replit and are not sure how to get to the project’s spotlight page from a repl.co address, just add /__repl to the end of the web address.

For example:

To report the Repl linked with the URL https://honestlynot.ascam.repl.co/ just add /__repl to the URL so it becomes:

https://honestlynot.ascam.repl.co/__repl

You can find more information on how to make reports here:
https://docs.replit.com/legal-and-security-info/trust-and-safety#how-to-make-reports

7 Likes
2

If somebody stumble upon a replit with encoded or obfuscated code then it is good to activate Caution: Danger Ahead mode.

Another warning signs are that user is freemium user with fairly new account as people who try to scam, troll or cause harm quite often don’t like to spend real money on their accounts as they lose that investment if their account is banned because they post unsafe code.

There is also great free tools like virus total that can be used to scan content of the URL if its safe or not before entering them.

4 Likes
3

So phishing sites if I understand correctly? If so we know about them and remove literal hundreds every day.

4 Likes
4

I mostly, encounter replits with obfuscated JavaScript code. When I copy and scan the code with an antivirus program (without running it in my browser) or scan it with some online tool, it warns about potential risks like unsafe redirects or attempts to exploit browser vulnerabilities. I never run suspicious replits and report them.

I can usually tell when a replit or its code seems sketchy and potentially unsafe but not make final call if it is safe or not that why I report them.

One trick to fool phishing sites is type in wrong user name and password if it still logs you in. It is fake site that try to steal your userId and password.

1 Like