urlscan.io logo urlscan.io
SecurityTrails logo

jaysautomotibemobilerepairs.com Open in urlscan Pro
192.185.31.203  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://clt1018618.benchurl.com/c/l?u=119F868A&e=18D09BA&c=F8AFA&t=0&l=1107F901D&email=XS900zzgJeP8+7siLQqYkkGdDiZrsknn&seq=1
Effective URL: https://jaysautomotibemobilerepairs.com/eventbrite.comaccountslogin=authreview/?utm_source=BenchmarkEmail&utm_campaign=CB_email&utm_medi...
Submission: On October 01 via manual from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 4 domains to perform 8 HTTP transactions. The main IP is 192.185.31.203, located in United States and belongs to NETWORK-SOLUTIONS-HOSTING, US. The main domain is jaysautomotibemobilerepairs.com.
TLS certificate: Issued by R11 on September 28th 2024. Valid for: 3 months.
This is the only time jaysautomotibemobilerepairs.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Eventbrite (Entertainment)

Domain & IP information

IP Address AS Autonomous System
1 1 52.41.252.44 16509 (AMAZON-02)
4 192.185.31.203 19871 (NETWORK-S...)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
3 13.249.39.72 16509 (AMAZON-02)
8 3
Apex Domain
Subdomains		 Transfer
4 jaysautomotibemobilerepairs.com
jaysautomotibemobilerepairs.com
8 KB
3 evbstatic.com
cdn.evbstatic.com — Cisco Umbrella Rank: 26479
319 KB
2 tailwindcss.com
cdn.tailwindcss.com — Cisco Umbrella Rank: 28385
110 KB
1 benchurl.com
clt1018618.benchurl.com
174 B
8 4
Domain Requested by
4 jaysautomotibemobilerepairs.com jaysautomotibemobilerepairs.com
3 cdn.evbstatic.com jaysautomotibemobilerepairs.com
2 cdn.tailwindcss.com 1 redirects jaysautomotibemobilerepairs.com
1 clt1018618.benchurl.com 1 redirects
8 4

This site contains no links.

Subject Issuer Validity Valid
*.jaysautomotibemobilerepairs.com
R11		 2024-09-28 -
2024-12-27		 3 months crt.sh
evbstatic.com
Amazon RSA 2048 M02		 2024-01-01 -
2025-01-29		 a year crt.sh

This page contains 1 frames:

Primary Page: https://jaysautomotibemobilerepairs.com/eventbrite.comaccountslogin=authreview/?utm_source=BenchmarkEmail&utm_campaign=CB_email&utm_medium=email
Frame ID: B36CCEB8C75DCAF0ADF2D3B1F184E35A
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login Page

Page URL History Show full URLs

  1. https://clt1018618.benchurl.com/c/l?u=119F868A&e=18D09BA&c=F8AFA&t=0&l=1107F901D&email=XS900zzgJeP8+7siLQqYk... HTTP 302
    https://jaysautomotibemobilerepairs.com/eventbrite.comaccountslogin=authreview/?utm_source=BenchmarkEmail&utm_campai... Page URL

Page Statistics

8
Requests

88 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

3
IPs

1
Countries

436 kB
Transfer

696 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://clt1018618.benchurl.com/c/l?u=119F868A&e=18D09BA&c=F8AFA&t=0&l=1107F901D&email=XS900zzgJeP8+7siLQqYkkGdDiZrsknn&seq=1 HTTP 302
    https://jaysautomotibemobilerepairs.com/eventbrite.comaccountslogin=authreview/?utm_source=BenchmarkEmail&utm_campaign=CB_email&utm_medium=email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://cdn.tailwindcss.com/ HTTP 302
  • https://cdn.tailwindcss.com/3.4.5

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
jaysautomotibemobilerepairs.com/eventbrite.comaccountslogin=authreview/
Redirect Chain
  • https://clt1018618.benchurl.com/c/l?u=119F868A&e=18D09BA&c=F8AFA&t=0&l=1107F901D&email=XS900zzgJeP8+7siLQqYkkGdDiZrsknn&seq=1
  • https://jaysautomotibemobilerepairs.com/eventbrite.comaccountslogin=authreview/?utm_source=BenchmarkEmail&utm_campaign=CB_email&utm_medium=email
18 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://jaysautomotibemobilerepairs.com/eventbrite.comaccountslogin=authreview/?utm_source=BenchmarkEmail&utm_campaign=CB_email&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.31.203 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-31-203.unifiedlayer.com
Software
Apache /
Resource Hash
0b09785573cdc9aadf1c3bf5b15219dab9a80b0d91c277221c5b2d3c627ec408
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
4934
content-security-policy
upgrade-insecure-requests
content-type
text/html
date
Tue, 01 Oct 2024 19:34:08 GMT
last-modified
Tue, 20 Aug 2024 19:11:54 GMT
server
Apache
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
application/octet-stream
date
Tue, 01 Oct 2024 19:34:07 GMT
location
https://jaysautomotibemobilerepairs.com/eventbrite.comaccountslogin=authreview/?utm_source=BenchmarkEmail&utm_campaign=CB_email&utm_medium=email
server
awselb/2.0
3.4.5
cdn.tailwindcss.com/
Redirect Chain
  • https://cdn.tailwindcss.com/
  • https://cdn.tailwindcss.com/3.4.5
358 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tailwindcss.com/3.4.5
Requested by
Host: jaysautomotibemobilerepairs.com
URL: https://jaysautomotibemobilerepairs.com/eventbrite.comaccountslogin=authreview/?utm_source=BenchmarkEmail&utm_campaign=CB_email&utm_medium=email
Protocol
H2
Server
2606:4700:10::6816:1490 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f0570ef81afaa4194fa4ffe80fb291971f0ce27cecd0a1100fdcb4865703364
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://jaysautomotibemobilerepairs.com/

Response headers

server
cloudflare
strict-transport-security
max-age=63072000
cache-control
max-age=31536000
content-encoding
br
x-vercel-cache
MISS
cf-cache-status
HIT
age
5205513
cf-ray
8cbee36ce81fa2be-YUL
date
Tue, 01 Oct 2024 19:34:08 GMT
content-type
text/javascript
last-modified
Mon, 22 Jul 2024 02:55:17 GMT
vary
Accept-Encoding
x-vercel-id
cle1::iad1::f99vl-1721616917239-1527fee4c9ae

Redirect headers

strict-transport-security
max-age=63072000
cache-control
max-age=14400
location
/3.4.5
x-vercel-cache
MISS
cf-cache-status
HIT
age
393
cf-ray
8cbee36cbfdfa2be-YUL
content-length
0
date
Tue, 01 Oct 2024 19:34:08 GMT
vary
Accept-Encoding
server
cloudflare
x-vercel-id
cle1::iad1::btwvf-1727810156031-bbc113684c0f
google-icon.svg
jaysautomotibemobilerepairs.com/eventbrite.comaccountslogin=authreview/assets/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jaysautomotibemobilerepairs.com/eventbrite.comaccountslogin=authreview/assets/google-icon.svg
Requested by
Host: jaysautomotibemobilerepairs.com
URL: https://jaysautomotibemobilerepairs.com/eventbrite.comaccountslogin=authreview/?utm_source=BenchmarkEmail&utm_campaign=CB_email&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.31.203 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-31-203.unifiedlayer.com
Software
Apache /
Resource Hash
8cefadad58fc023914e5ebdc059f3bea9ae095e22103063850bb8c682843f211
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://jaysautomotibemobilerepairs.com/eventbrite.comaccountslogin=authreview/?utm_source=BenchmarkEmail&utm_campaign=CB_email&utm_medium=email

Response headers

accept-ranges
bytes
content-security-policy
upgrade-insecure-requests
content-length
1165
date
Tue, 01 Oct 2024 19:34:08 GMT
last-modified
Tue, 20 Aug 2024 09:16:36 GMT
content-type
image/svg+xml
server
Apache
facebook-icon.svg
jaysautomotibemobilerepairs.com/eventbrite.comaccountslogin=authreview/assets/ 		554 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jaysautomotibemobilerepairs.com/eventbrite.comaccountslogin=authreview/assets/facebook-icon.svg
Requested by
Host: jaysautomotibemobilerepairs.com
URL: https://jaysautomotibemobilerepairs.com/eventbrite.comaccountslogin=authreview/?utm_source=BenchmarkEmail&utm_campaign=CB_email&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.31.203 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-31-203.unifiedlayer.com
Software
Apache /
Resource Hash
3fe92d2452ebe3f967fc5e4f6669f1047e27b00819c2a77b937e697a6fc39439
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://jaysautomotibemobilerepairs.com/eventbrite.comaccountslogin=authreview/?utm_source=BenchmarkEmail&utm_campaign=CB_email&utm_medium=email

Response headers

accept-ranges
bytes
content-security-policy
upgrade-insecure-requests
content-length
554
date
Tue, 01 Oct 2024 19:34:08 GMT
last-modified
Tue, 20 Aug 2024 09:16:54 GMT
content-type
image/svg+xml
server
Apache
apple-icon.svg
jaysautomotibemobilerepairs.com/eventbrite.comaccountslogin=authreview/assets/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jaysautomotibemobilerepairs.com/eventbrite.comaccountslogin=authreview/assets/apple-icon.svg
Requested by
Host: jaysautomotibemobilerepairs.com
URL: https://jaysautomotibemobilerepairs.com/eventbrite.comaccountslogin=authreview/?utm_source=BenchmarkEmail&utm_campaign=CB_email&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.31.203 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-31-203.unifiedlayer.com
Software
Apache /
Resource Hash
c7713b910956763199a730e04894f32c5a0cff65a98c24ed22a6328c964192ad
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://jaysautomotibemobilerepairs.com/eventbrite.comaccountslogin=authreview/?utm_source=BenchmarkEmail&utm_campaign=CB_email&utm_medium=email

Response headers

accept-ranges
bytes
content-security-policy
upgrade-insecure-requests
content-length
1040
date
Tue, 01 Oct 2024 19:34:08 GMT
last-modified
Tue, 20 Aug 2024 09:17:28 GMT
content-type
image/svg+xml
server
Apache
lateral-image-2.jpg
cdn.evbstatic.com/s3-build/perm_001/530d34/django/images/login/ 		143 KB
143 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.evbstatic.com/s3-build/perm_001/530d34/django/images/login/lateral-image-2.jpg
Requested by
Host: jaysautomotibemobilerepairs.com
URL: https://jaysautomotibemobilerepairs.com/eventbrite.comaccountslogin=authreview/?utm_source=BenchmarkEmail&utm_campaign=CB_email&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.39.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-39-72.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6bc114a9cd6406387f1ffee00366cd55b975ed449c2258ba7981680e986ce1c2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://jaysautomotibemobilerepairs.com/

Response headers

x-amz-version-id
null
etag
"530d340b554689b387ba3e3c2226f35a"
age
3239
expires
Tue, 25 May 2021 19:24:29 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
Kod0khsCkLxXsu4nviQGTzDA6VME0ne-fXelSUESfeWyM76Gnf2jfA==
date
Tue, 01 Oct 2024 18:40:10 GMT
content-type
image/jpeg
last-modified
Thu, 26 Nov 2020 19:26:50 GMT
vary
Accept-Encoding, Origin
cache-control
private, max-age=604800
via
1.1 dd169cfdbbafbb3da513bede6bc6640e.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
146224
x-amz-cf-pop
IAD89-C1
server
AmazonS3
lateral-image-1.jpg
cdn.evbstatic.com/s3-build/perm_001/1bab52/django/images/login/ 		173 KB
174 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.evbstatic.com/s3-build/perm_001/1bab52/django/images/login/lateral-image-1.jpg
Requested by
Host: jaysautomotibemobilerepairs.com
URL: https://jaysautomotibemobilerepairs.com/eventbrite.comaccountslogin=authreview/?utm_source=BenchmarkEmail&utm_campaign=CB_email&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.39.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-39-72.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
434eb9543d740864d524fe86c9a2674e22cbaa51c924bb0f0d54ca427d0a5ba2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://jaysautomotibemobilerepairs.com/

Response headers

x-amz-version-id
null
etag
"1bab5281ccfcb2d5bc7335ebc9c61840"
age
3107
expires
Tue, 25 May 2021 19:24:29 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
_9qAtFqVB5v2woQgMv6dhwmf7qgFT-QG2dG00BvEuCtdwMPwytNfLQ==
date
Tue, 01 Oct 2024 18:42:22 GMT
content-type
image/jpeg
last-modified
Thu, 26 Nov 2020 19:24:42 GMT
vary
Accept-Encoding, Origin
cache-control
private, max-age=604800
via
1.1 dd169cfdbbafbb3da513bede6bc6640e.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
177062
x-amz-cf-pop
IAD89-C1
server
AmazonS3
favicon-32x32.png
cdn.evbstatic.com/s3-build/prod/1711912-rc2024-08-20_16.04-9e7f386/django/images/favicons/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.evbstatic.com/s3-build/prod/1711912-rc2024-08-20_16.04-9e7f386/django/images/favicons/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.39.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-39-72.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
02396a70b3e295a584f2e734b522b39dcdffcaf654ec886458b0545d73cc62f3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://jaysautomotibemobilerepairs.com/

Response headers

x-amz-version-id
uBPRYsrqwC1EAdOZbKpHiNAYWw1X68gE
etag
"8a4e23bc27fc1ffc3fe9680afaa003ca"
age
1180
expires
Sun, 16 Feb 2025 09:06:48 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
x7LCTL7mCcAOY0wLnHc2kBIZ7yuZXTQCY-ZJ1pdp77tRXzCsShXRdA==
date
Tue, 01 Oct 2024 19:14:29 GMT
content-type
image/png
vary
Accept-Encoding, Origin
x-amz-expiration
expiry-date="Thu, 21 Aug 2025 00:00:00 GMT", rule-id="default"
last-modified
Tue, 20 Aug 2024 09:08:40 GMT
cache-control
private, max-age=604800
via
1.1 dd169cfdbbafbb3da513bede6bc6640e.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
1307
x-amz-cf-pop
IAD89-C1
server
AmazonS3
x-amz-server-side-encryption
AES256

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Eventbrite (Entertainment)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| tailwind string| /template.html function| changeImage function| handleDelayedActions function| handleSubmit function| preFillEmailFromHash

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests