urlscan.io logo urlscan.io
SecurityTrails logo

cleaningmygun.com Open in urlscan Pro
198.12.145.135  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://cleaningmygun.com/kgz/lbkgf/scjwebmaster/exchange/m9_view_order.php?doesnt=d10pec3d00zm
Submission: On November 26 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 2 HTTP transactions. The main IP is 198.12.145.135, located in Scottsdale, United States and belongs to AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US. The main domain is cleaningmygun.com.
This is the only time cleaningmygun.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Lion's Den Scam (Online) Weightloss Scam (Online)

Domain & IP information

IP Address AS Autonomous System
1 198.12.145.135 26496 (AS-26496-...)
1 205.185.208.52 20446 (HIGHWINDS3)
2 3
Apex Domain
Subdomains		 Transfer
1 jquery.com
code.jquery.com
33 KB
1 cleaningmygun.com
cleaningmygun.com
2 MB
2 2
Domain Requested by
1 code.jquery.com cleaningmygun.com
1 cleaningmygun.com
2 2

This site contains links to these domains. Also see Links.

Domain
keto24.doctorwonnado.com
Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://cleaningmygun.com/kgz/lbkgf/scjwebmaster/exchange/m9_view_order.php?doesnt=d10pec3d00zm
Frame ID: C28CCB7163FFC5C0CA6528D90453FD0C
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Page Statistics

2
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

2087 kB
Transfer

4862 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request m9_view_order.php
cleaningmygun.com/kgz/lbkgf/scjwebmaster/exchange/ 		3 MB
2 MB 		Document
General
Check archive.org
Download Go to
Full URL
http://cleaningmygun.com/kgz/lbkgf/scjwebmaster/exchange/m9_view_order.php?doesnt=d10pec3d00zm
Protocol
HTTP/1.1
Server
198.12.145.135 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-198.12-145-135.ip.secureserver.net
Software
/
Resource Hash
aa4dcd424da53883a41f477deec99207668f7424886ecdcc44e448dd2b0db056

Request headers

Host
cleaningmygun.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
X-Port
port_10875
X-Cacheable
YES:Forced
Content-Length
2102619
Accept-Ranges
bytes
Date
Mon, 26 Nov 2018 10:35:35 GMT
Age
18361
Vary
Accept-Encoding, User-Agent
X-Cache
cached
X-Cache-Hit
HIT
X-Backend
all_requests
jquery-1.12.4.min.js
code.jquery.com/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://code.jquery.com/jquery-1.12.4.min.js
Requested by
Host: cleaningmygun.com
URL: http://cleaningmygun.com/kgz/lbkgf/scjwebmaster/exchange/m9_view_order.php?doesnt=d10pec3d00zm
Protocol
HTTP/1.1
Server
205.185.208.52 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip052.ssl.hwcdn.net
Software
nginx /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://cleaningmygun.com/kgz/lbkgf/scjwebmaster/exchange/m9_view_order.php?doesnt=d10pec3d00zm
Origin
http://cleaningmygun.com

Response headers

Date
Mon, 26 Nov 2018 10:35:36 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 May 2016 17:18:54 GMT
Server
nginx
ETag
W/"573f46fe-17b8b"
Vary
Accept-Encoding
X-HW
1543228536.dop040.fr8.t,1543228536.cds123.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
33738
truncated
/ 		31 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9cb642383f1b08aaa8e2d7c2ef99113b97e8e94842321246cb033e17cec918db

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/jpeg
truncated
/ 		11 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4144b353d6f7ac94be8885c84815f0786992fa944a2a9b2cff26385ce364532

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/jpeg
truncated
/ 		50 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
10f1303832fbecc866079119a3f785ec60503b365e32daa7b4cfc34a8b7cec1b

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/jpeg
truncated
/ 		313 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
38dc025d7cb0ae7b108a5d481249e5bd65f0e4c1ad800e5cb0aa7752fbeb035e

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/jpeg
truncated
/ 		371 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
88b4a6313e72f10dbfa3549b2716c323ad05408d867a43d8fe865b4516dc68bf

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/jpeg
truncated
/ 		53 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
99e8a18cfe409c5d68413a9b0220056f762fe1e11f1563eca5ab8db69efdea58

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/jpeg
truncated
/ 		99 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3a977165879844f401e61e9df5afd823f4ed122b22f4c9f778af50da6a482c2d

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/jpeg
truncated
/ 		31 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
69e24d542169477c6a4cac7e42dc9f61e8dad2ae77b8bbdcfe6d9fd95af5b1a1

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/jpeg
truncated
/ 		18 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
19b42a034a6f8978e5774a746e2a0da52fda1fa1233dc04342d8dd606837fa61

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/jpeg
truncated
/ 		160 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7df14c5576c3d08888a3c366f7e5ea9081ac3c75823aeaee132a9a9074a05b5c

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/jpeg
truncated
/ 		378 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
81a3808ca4bd762b0668cbe666cfd25fdd424e84c09a795b2dacafbf9265d99b

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
truncated
/ 		74 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4066329f7a1534e94054f19bcb484a44ba4f07f5b928bce040e7d02969209bbf

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/jpeg
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
952486205391f5f25f8f71726e0c298325dd52720a9a40e0a40f488bae1f93db

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
truncated
/ 		15 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c695baf22f4b6e88665f9046d30801761588574232f89d1d493e59894cab62ca

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/jpeg
truncated
/ 		51 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2d60ba32a78ac0596ff0e8c4a46728de1ed00baa52858e071e75fe42b1fc58d7

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/jpeg
truncated
/ 		503 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d30f37857264833a94453ad53c98647870b4b32b37edea6c37ecd87bfe8b571

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d3ea26440007e023bca18a1d3d5110ff9b4d973cd1b92f923885cf13649ac728

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/jpeg
truncated
/ 		764 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e05c1102a6503201c7cf8617e0efb288191c98146ae885b598877f97971f9386

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
truncated
/ 		34 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d37ff60ec3de6623ef48620f79fdbe6c2c122e6b798d54e6e32292cf037ad4c4

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
614d55ced2b56784a05738a39e84c54317b1d0cc02bbcc1853496951ba238061

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/jpeg
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9eacc10ffb9e5f37e3a2ca38cc7af64419ae4245367029650492d7114ee0028c

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/jpeg
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5d22fef4a636dacbf66f1a93ebc8c1cde201c81fdf47515910a8c0da5c57dbf0

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/jpeg
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c8f7c5f7e15236364d78cee645a196115acb1df2a1df3a54bc0b735d6dc3f435

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/jpeg
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ebf0402ee62bae00a6ded482e97c47ed1cf74b9fa6a602fd4d57b376ddd539a

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/jpeg
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1961dae4e9f66c5c951957fb84449505adb6fd8335379c3083f2a606a283153b

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/jpeg
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6f8c42fed40fae549062f1d034a8b3a730945657d0a23fda855d7f1d9d0f4fcb

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/jpeg
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c103d2d94d42d7c792d1373e0af4f643d34109a16c74d52f67371fd482faa84d

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/jpeg
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5356634402cb703bf9a7e00f98f540ab5bbe054faf1c0f438e9b795a2f650af9

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/jpeg
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
12cb50cb79be64d1612599ba1005d07b10eb9b0ef30fb6ed24426914b9df6689

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/jpeg

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Lion's Den Scam (Online) Weightloss Scam (Online)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| dayNames function| randomInteger

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cleaningmygun.com
code.jquery.com
198.12.145.135
205.185.208.52
10f1303832fbecc866079119a3f785ec60503b365e32daa7b4cfc34a8b7cec1b
12cb50cb79be64d1612599ba1005d07b10eb9b0ef30fb6ed24426914b9df6689
1961dae4e9f66c5c951957fb84449505adb6fd8335379c3083f2a606a283153b
19b42a034a6f8978e5774a746e2a0da52fda1fa1233dc04342d8dd606837fa61
2d60ba32a78ac0596ff0e8c4a46728de1ed00baa52858e071e75fe42b1fc58d7
38dc025d7cb0ae7b108a5d481249e5bd65f0e4c1ad800e5cb0aa7752fbeb035e
3a977165879844f401e61e9df5afd823f4ed122b22f4c9f778af50da6a482c2d
4066329f7a1534e94054f19bcb484a44ba4f07f5b928bce040e7d02969209bbf
5356634402cb703bf9a7e00f98f540ab5bbe054faf1c0f438e9b795a2f650af9
5d22fef4a636dacbf66f1a93ebc8c1cde201c81fdf47515910a8c0da5c57dbf0
614d55ced2b56784a05738a39e84c54317b1d0cc02bbcc1853496951ba238061
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
69e24d542169477c6a4cac7e42dc9f61e8dad2ae77b8bbdcfe6d9fd95af5b1a1
6f8c42fed40fae549062f1d034a8b3a730945657d0a23fda855d7f1d9d0f4fcb
7df14c5576c3d08888a3c366f7e5ea9081ac3c75823aeaee132a9a9074a05b5c
7ebf0402ee62bae00a6ded482e97c47ed1cf74b9fa6a602fd4d57b376ddd539a
81a3808ca4bd762b0668cbe666cfd25fdd424e84c09a795b2dacafbf9265d99b
88b4a6313e72f10dbfa3549b2716c323ad05408d867a43d8fe865b4516dc68bf
8d30f37857264833a94453ad53c98647870b4b32b37edea6c37ecd87bfe8b571
952486205391f5f25f8f71726e0c298325dd52720a9a40e0a40f488bae1f93db
99e8a18cfe409c5d68413a9b0220056f762fe1e11f1563eca5ab8db69efdea58
9cb642383f1b08aaa8e2d7c2ef99113b97e8e94842321246cb033e17cec918db
9eacc10ffb9e5f37e3a2ca38cc7af64419ae4245367029650492d7114ee0028c
aa4dcd424da53883a41f477deec99207668f7424886ecdcc44e448dd2b0db056
c103d2d94d42d7c792d1373e0af4f643d34109a16c74d52f67371fd482faa84d
c695baf22f4b6e88665f9046d30801761588574232f89d1d493e59894cab62ca
c8f7c5f7e15236364d78cee645a196115acb1df2a1df3a54bc0b735d6dc3f435
d37ff60ec3de6623ef48620f79fdbe6c2c122e6b798d54e6e32292cf037ad4c4
d3ea26440007e023bca18a1d3d5110ff9b4d973cd1b92f923885cf13649ac728
d4144b353d6f7ac94be8885c84815f0786992fa944a2a9b2cff26385ce364532
e05c1102a6503201c7cf8617e0efb288191c98146ae885b598877f97971f9386