www.comfortinfashion.com Open in urlscan Pro
70.32.20.147  Malicious Activity! Public Scan

Submitted URL: http://waimao.cn/url.asp?url=https%3A%2F%2Fwww.comfortinfashion.com%2Fhomepage_image%2Fcms%2F
Effective URL: https://www.comfortinfashion.com/homepage_image/cms/appsrc/
Submission: On November 07 via manual from IN

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 24 HTTP transactions. The main IP is 70.32.20.147, located in Ann Arbor, United States and belongs to A2HOSTING - A2 Hosting, Inc., US. The main domain is www.comfortinfashion.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 24th 2019. Valid for: 3 months.
This is the only time www.comfortinfashion.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Apple (Online)

Domain & IP information

IP Address AS Autonomous System
1 1 218.247.77.231 132719 (CWDDTCL-A...)
2 25 70.32.20.147 55293 (A2HOSTING)
24 2
Apex Domain
Subdomains
Transfer
25 comfortinfashion.com
www.comfortinfashion.com
28 KB
1 waimao.cn
waimao.cn
375 B
24 2
Domain Requested by
25 www.comfortinfashion.com 2 redirects www.comfortinfashion.com
1 waimao.cn 1 redirects
24 2

This site contains no links.

Subject Issuer Validity Valid
fashionfulfillment.com
Let's Encrypt Authority X3
2019-09-24 -
2019-12-23
3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.comfortinfashion.com/homepage_image/cms/appsrc/
Frame ID: 1A2CFAAD3EE2F001CF4E8B61A11A820F
Requests: 24 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://waimao.cn/url.asp?url=https%3A%2F%2Fwww.comfortinfashion.com%2Fhomepage_image%2Fcms%2F HTTP 302
    https://www.comfortinfashion.com/homepage_image/cms/ HTTP 302
    https://www.comfortinfashion.com/homepage_image/cms/appsrc HTTP 301
    https://www.comfortinfashion.com/homepage_image/cms/appsrc/ Page URL

Detected technologies

Overall confidence: 50%
Detected patterns
  • url /\.aspx?(?:$|\?)/i

Overall confidence: 100%
Detected patterns
  • url /\.aspx?(?:$|\?)/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Overall confidence: 50%
Detected patterns
  • url /\.aspx?(?:$|\?)/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

24
Requests

96 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

28 kB
Transfer

38 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://waimao.cn/url.asp?url=https%3A%2F%2Fwww.comfortinfashion.com%2Fhomepage_image%2Fcms%2F HTTP 302
    https://www.comfortinfashion.com/homepage_image/cms/ HTTP 302
    https://www.comfortinfashion.com/homepage_image/cms/appsrc HTTP 301
    https://www.comfortinfashion.com/homepage_image/cms/appsrc/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.comfortinfashion.com/homepage_image/cms/appsrc/
Redirect Chain
  • http://waimao.cn/url.asp?url=https%3A%2F%2Fwww.comfortinfashion.com%2Fhomepage_image%2Fcms%2F
  • https://www.comfortinfashion.com/homepage_image/cms/
  • https://www.comfortinfashion.com/homepage_image/cms/appsrc
  • https://www.comfortinfashion.com/homepage_image/cms/appsrc/
5 KB
2 KB
Document
General
Full URL
https://www.comfortinfashion.com/homepage_image/cms/appsrc/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.32.20.147 Ann Arbor, United States, ASN55293 (A2HOSTING - A2 Hosting, Inc., US),
Reverse DNS
70.32.20.147.static.a2webhosting.com
Software
Apache / PHP/5.6.40
Resource Hash
07e789b68002c67738d4e0ff2a32ce5b38d01a5f1c149aca1b446008e9c28402
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
www.comfortinfashion.com
:scheme
https
:path
/homepage_image/cms/appsrc/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
cookie
PHPSESSID=p8c45a26fbnkp7d604o9a2sce0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

status
200
date
Thu, 07 Nov 2019 16:20:26 GMT
server
Apache
x-powered-by
PHP/5.6.40
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
strict-transport-security
max-age=63072000; includeSubDomains
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
vary
Accept-Encoding
content-encoding
gzip
content-length
1678
content-type
text/html; charset=UTF-8

Redirect headers

status
301
date
Thu, 07 Nov 2019 16:20:26 GMT
server
Apache
strict-transport-security
max-age=63072000; includeSubDomains
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
location
https://www.comfortinfashion.com/homepage_image/cms/appsrc/
content-length
267
content-type
text/html; charset=iso-8859-1
login.css
www.comfortinfashion.com/homepage_image/cms/appsrc/files/
7 KB
2 KB
Stylesheet
General
Full URL
https://www.comfortinfashion.com/homepage_image/cms/appsrc/files/login.css
Requested by
Host: www.comfortinfashion.com
URL: https://www.comfortinfashion.com/homepage_image/cms/appsrc/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.32.20.147 Ann Arbor, United States, ASN55293 (A2HOSTING - A2 Hosting, Inc., US),
Reverse DNS
70.32.20.147.static.a2webhosting.com
Software
Apache /
Resource Hash
28a9fba0d97f40ce8fc68c93ae63f501e4ef90daf5c1918319e0d36cf180acd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.comfortinfashion.com/homepage_image/cms/appsrc/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Thu, 07 Nov 2019 16:20:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 07 Nov 2019 07:36:48 GMT
server
Apache
etag
"6761b98-1a29-596bcba5a2f47-gzip"
x-frame-options
SAMEORIGIN
content-type
text/css
status
200
cache-control
max-age=604800, public
strict-transport-security
max-age=63072000; includeSubDomains
accept-ranges
bytes
vary
Accept-Encoding
content-length
1627
nav.css
www.comfortinfashion.com/homepage_image/cms/appsrc/files/
2 KB
734 B
Stylesheet
General
Full URL
https://www.comfortinfashion.com/homepage_image/cms/appsrc/files/nav.css
Requested by
Host: www.comfortinfashion.com
URL: https://www.comfortinfashion.com/homepage_image/cms/appsrc/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.32.20.147 Ann Arbor, United States, ASN55293 (A2HOSTING - A2 Hosting, Inc., US),
Reverse DNS
70.32.20.147.static.a2webhosting.com
Software
Apache /
Resource Hash
a24e8ddf1a508f264663f4bb0d3672c0799e5349212dd4484cb272952fb0a818
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.comfortinfashion.com/homepage_image/cms/appsrc/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Thu, 07 Nov 2019 16:20:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 07 Nov 2019 07:36:48 GMT
server
Apache
etag
"6761b9a-93f-596bcba5a2f47-gzip"
x-frame-options
SAMEORIGIN
content-type
text/css
status
200
cache-control
max-age=604800, public
strict-transport-security
max-age=63072000; includeSubDomains
accept-ranges
bytes
vary
Accept-Encoding
content-length
670
font-awesome.css
www.comfortinfashion.com/homepage_image/cms/appsrc/files/
0
0

c.php
www.comfortinfashion.com/homepage_image/cms/appsrc/
3 KB
3 KB
Image
General
Full URL
https://www.comfortinfashion.com/homepage_image/cms/appsrc/c.php?rand=1624779454
Requested by
Host: www.comfortinfashion.com
URL: https://www.comfortinfashion.com/homepage_image/cms/appsrc/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.32.20.147 Ann Arbor, United States, ASN55293 (A2HOSTING - A2 Hosting, Inc., US),
Reverse DNS
70.32.20.147.static.a2webhosting.com
Software
Apache / PHP/5.6.40
Resource Hash
f05eb4390a48bd21f7f802c1831b97c0ae9aced6feeecbbc6f87f0abf74910e4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.comfortinfashion.com/homepage_image/cms/appsrc/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Nov 2019 16:20:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
x-powered-by
PHP/5.6.40
x-frame-options
SAMEORIGIN
content-type
image/jpeg
status
200
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security
max-age=63072000; includeSubDomains
vary
Accept-Encoding
content-length
2840
expires
Thu, 19 Nov 1981 08:52:00 GMT
refr.png
www.comfortinfashion.com/homepage_image/cms/appsrc/img/
6 KB
6 KB
Image
General
Full URL
https://www.comfortinfashion.com/homepage_image/cms/appsrc/img/refr.png
Requested by
Host: www.comfortinfashion.com
URL: https://www.comfortinfashion.com/homepage_image/cms/appsrc/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.32.20.147 Ann Arbor, United States, ASN55293 (A2HOSTING - A2 Hosting, Inc., US),
Reverse DNS
70.32.20.147.static.a2webhosting.com
Software
Apache /
Resource Hash
80ee812a76eeafd716e69a45e695216435035e9d6fc4e79912e7aa5569116462
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.comfortinfashion.com/homepage_image/cms/appsrc/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Thu, 07 Nov 2019 16:20:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 07 Nov 2019 07:36:43 GMT
server
Apache
etag
"6761af1-188e-596bcba1aa9d3-gzip"
x-frame-options
SAMEORIGIN
content-type
image/png
status
200
cache-control
max-age=604800, public
strict-transport-security
max-age=63072000; includeSubDomains
accept-ranges
bytes
vary
Accept-Encoding
content-length
5629
jquery-3.js
www.comfortinfashion.com/homepage_image/cms/appsrc/files/
0
0
Script
General
Full URL
https://www.comfortinfashion.com/homepage_image/cms/appsrc/files/jquery-3.js
Requested by
Host: www.comfortinfashion.com
URL: https://www.comfortinfashion.com/homepage_image/cms/appsrc/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.32.20.147 Ann Arbor, United States, ASN55293 (A2HOSTING - A2 Hosting, Inc., US),
Reverse DNS
70.32.20.147.static.a2webhosting.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.comfortinfashion.com/homepage_image/cms/appsrc/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Thu, 07 Nov 2019 16:20:26 GMT
x-content-type-options
nosniff
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/html; charset=iso-8859-1
status
404
strict-transport-security
max-age=63072000; includeSubDomains
content-length
315
effect.js
www.comfortinfashion.com/homepage_image/cms/appsrc/files/
0
0
Script
General
Full URL
https://www.comfortinfashion.com/homepage_image/cms/appsrc/files/effect.js
Requested by
Host: www.comfortinfashion.com
URL: https://www.comfortinfashion.com/homepage_image/cms/appsrc/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.32.20.147 Ann Arbor, United States, ASN55293 (A2HOSTING - A2 Hosting, Inc., US),
Reverse DNS
70.32.20.147.static.a2webhosting.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.comfortinfashion.com/homepage_image/cms/appsrc/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Thu, 07 Nov 2019 16:20:27 GMT
x-content-type-options
nosniff
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/html; charset=iso-8859-1
status
404
strict-transport-security
max-age=63072000; includeSubDomains
content-length
315
mask.js
www.comfortinfashion.com/homepage_image/cms/appsrc/files/
0
0
Script
General
Full URL
https://www.comfortinfashion.com/homepage_image/cms/appsrc/files/mask.js
Requested by
Host: www.comfortinfashion.com
URL: https://www.comfortinfashion.com/homepage_image/cms/appsrc/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.32.20.147 Ann Arbor, United States, ASN55293 (A2HOSTING - A2 Hosting, Inc., US),
Reverse DNS
70.32.20.147.static.a2webhosting.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.comfortinfashion.com/homepage_image/cms/appsrc/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Thu, 07 Nov 2019 16:20:27 GMT
x-content-type-options
nosniff
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/html; charset=iso-8859-1
status
404
strict-transport-security
max-age=63072000; includeSubDomains
content-length
315
javascriptcode.js
www.comfortinfashion.com/homepage_image/cms/appsrc/files/
0
0
Script
General
Full URL
https://www.comfortinfashion.com/homepage_image/cms/appsrc/files/javascriptcode.js
Requested by
Host: www.comfortinfashion.com
URL: https://www.comfortinfashion.com/homepage_image/cms/appsrc/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.32.20.147 Ann Arbor, United States, ASN55293 (A2HOSTING - A2 Hosting, Inc., US),
Reverse DNS
70.32.20.147.static.a2webhosting.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.comfortinfashion.com/homepage_image/cms/appsrc/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Thu, 07 Nov 2019 16:20:27 GMT
x-content-type-options
nosniff
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/html; charset=iso-8859-1
status
404
strict-transport-security
max-age=63072000; includeSubDomains
content-length
315
jquery-3.js
www.comfortinfashion.com/homepage_image/cms/appsrc/files/
0
0
Script
General
Full URL
https://www.comfortinfashion.com/homepage_image/cms/appsrc/files/jquery-3.js
Requested by
Host: www.comfortinfashion.com
URL: https://www.comfortinfashion.com/homepage_image/cms/appsrc/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.32.20.147 Ann Arbor, United States, ASN55293 (A2HOSTING - A2 Hosting, Inc., US),
Reverse DNS
70.32.20.147.static.a2webhosting.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.comfortinfashion.com/homepage_image/cms/appsrc/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Thu, 07 Nov 2019 16:20:27 GMT
x-content-type-options
nosniff
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/html; charset=iso-8859-1
status
404
strict-transport-security
max-age=63072000; includeSubDomains
content-length
315
log.svg
www.comfortinfashion.com/homepage_image/cms/appsrc/img/
1 KB
2 KB
Image
General
Full URL
https://www.comfortinfashion.com/homepage_image/cms/appsrc/img/log.svg
Requested by
Host: www.comfortinfashion.com
URL: https://www.comfortinfashion.com/homepage_image/cms/appsrc/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.32.20.147 Ann Arbor, United States, ASN55293 (A2HOSTING - A2 Hosting, Inc., US),
Reverse DNS
70.32.20.147.static.a2webhosting.com
Software
Apache /
Resource Hash
544853f2277b0ecbfcb712c75236e1ef2a48bef7190c56dc7c71b57d17d2d45d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.comfortinfashion.com/homepage_image/cms/appsrc/files/nav.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Thu, 07 Nov 2019 16:20:27 GMT
x-content-type-options
nosniff
last-modified
Thu, 07 Nov 2019 07:36:43 GMT
server
Apache
etag
"6761af7-5bd-596bcba1b55b2"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
status
200
strict-transport-security
max-age=63072000; includeSubDomains
accept-ranges
bytes
content-length
1469
ma.svg
www.comfortinfashion.com/homepage_image/cms/appsrc/img/
1 KB
1 KB
Image
General
Full URL
https://www.comfortinfashion.com/homepage_image/cms/appsrc/img/ma.svg
Requested by
Host: www.comfortinfashion.com
URL: https://www.comfortinfashion.com/homepage_image/cms/appsrc/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.32.20.147 Ann Arbor, United States, ASN55293 (A2HOSTING - A2 Hosting, Inc., US),
Reverse DNS
70.32.20.147.static.a2webhosting.com
Software
Apache /
Resource Hash
79a9e158088d0ee4b3442a5251904ab870b0fba335d814797a9b571b4c556e1f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.comfortinfashion.com/homepage_image/cms/appsrc/files/nav.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Thu, 07 Nov 2019 16:20:27 GMT
x-content-type-options
nosniff
last-modified
Thu, 07 Nov 2019 07:36:43 GMT
server
Apache
etag
"6761af3-55c-596bcba1abd5b"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
status
200
strict-transport-security
max-age=63072000; includeSubDomains
accept-ranges
bytes
content-length
1372
ipod.svg
www.comfortinfashion.com/homepage_image/cms/appsrc/img/
2 KB
2 KB
Image
General
Full URL
https://www.comfortinfashion.com/homepage_image/cms/appsrc/img/ipod.svg
Requested by
Host: www.comfortinfashion.com
URL: https://www.comfortinfashion.com/homepage_image/cms/appsrc/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.32.20.147 Ann Arbor, United States, ASN55293 (A2HOSTING - A2 Hosting, Inc., US),
Reverse DNS
70.32.20.147.static.a2webhosting.com
Software
Apache /
Resource Hash
a4dc7477df90a6e1a4ac5f1bb6a1b02762c4f3ddf6e24ef342748608168dc9ac
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.comfortinfashion.com/homepage_image/cms/appsrc/files/nav.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Thu, 07 Nov 2019 16:20:27 GMT
x-content-type-options
nosniff
last-modified
Thu, 07 Nov 2019 07:36:43 GMT
server
Apache
etag
"6761aee-67e-596bcba1a9263"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
status
200
strict-transport-security
max-age=63072000; includeSubDomains
accept-ranges
bytes
content-length
1662
phone.svg
www.comfortinfashion.com/homepage_image/cms/appsrc/img/
2 KB
2 KB
Image
General
Full URL
https://www.comfortinfashion.com/homepage_image/cms/appsrc/img/phone.svg
Requested by
Host: www.comfortinfashion.com
URL: https://www.comfortinfashion.com/homepage_image/cms/appsrc/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.32.20.147 Ann Arbor, United States, ASN55293 (A2HOSTING - A2 Hosting, Inc., US),
Reverse DNS
70.32.20.147.static.a2webhosting.com
Software
Apache /
Resource Hash
893a70e6ec4582c41ec1d6909cc7880c19b7bf09f6cbc284055e730ae5b6da76
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.comfortinfashion.com/homepage_image/cms/appsrc/files/nav.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Thu, 07 Nov 2019 16:20:27 GMT
x-content-type-options
nosniff
last-modified
Thu, 07 Nov 2019 07:36:43 GMT
server
Apache
etag
"6761af2-77d-596bcba1ab973"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
status
200
strict-transport-security
max-age=63072000; includeSubDomains
accept-ranges
bytes
content-length
1917
watch.svg
www.comfortinfashion.com/homepage_image/cms/appsrc/img/
2 KB
2 KB
Image
General
Full URL
https://www.comfortinfashion.com/homepage_image/cms/appsrc/img/watch.svg
Requested by
Host: www.comfortinfashion.com
URL: https://www.comfortinfashion.com/homepage_image/cms/appsrc/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.32.20.147 Ann Arbor, United States, ASN55293 (A2HOSTING - A2 Hosting, Inc., US),
Reverse DNS
70.32.20.147.static.a2webhosting.com
Software
Apache /
Resource Hash
9d4b71cd0fdcb496b8af7894b4583a418ea9c37d5c20ac1be98508109c1942f1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.comfortinfashion.com/homepage_image/cms/appsrc/files/nav.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Thu, 07 Nov 2019 16:20:27 GMT
x-content-type-options
nosniff
last-modified
Thu, 07 Nov 2019 07:36:43 GMT
server
Apache
etag
"6761af4-735-596bcba1ac52b"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
status
200
strict-transport-security
max-age=63072000; includeSubDomains
accept-ranges
bytes
content-length
1845
tv.svg
www.comfortinfashion.com/homepage_image/cms/appsrc/img/
678 B
734 B
Image
General
Full URL
https://www.comfortinfashion.com/homepage_image/cms/appsrc/img/tv.svg
Requested by
Host: www.comfortinfashion.com
URL: https://www.comfortinfashion.com/homepage_image/cms/appsrc/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.32.20.147 Ann Arbor, United States, ASN55293 (A2HOSTING - A2 Hosting, Inc., US),
Reverse DNS
70.32.20.147.static.a2webhosting.com
Software
Apache /
Resource Hash
50df47a18c8e561ab12280759861b8cadd0602e80d9dd45f779d8219ece94f8b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.comfortinfashion.com/homepage_image/cms/appsrc/files/nav.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Thu, 07 Nov 2019 16:20:27 GMT
x-content-type-options
nosniff
last-modified
Thu, 07 Nov 2019 07:36:43 GMT
server
Apache
etag
"6761aeb-2a6-596bcba1a8e7b"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
status
200
strict-transport-security
max-age=63072000; includeSubDomains
accept-ranges
bytes
content-length
678
music.svg
www.comfortinfashion.com/homepage_image/cms/appsrc/img/
2 KB
2 KB
Image
General
Full URL
https://www.comfortinfashion.com/homepage_image/cms/appsrc/img/music.svg
Requested by
Host: www.comfortinfashion.com
URL: https://www.comfortinfashion.com/homepage_image/cms/appsrc/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.32.20.147 Ann Arbor, United States, ASN55293 (A2HOSTING - A2 Hosting, Inc., US),
Reverse DNS
70.32.20.147.static.a2webhosting.com
Software
Apache /
Resource Hash
4fed053f80d04caf73fb210e54597b09deca5ad03e42bd27cb32d5fb673feddd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.comfortinfashion.com/homepage_image/cms/appsrc/files/nav.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Thu, 07 Nov 2019 16:20:27 GMT
x-content-type-options
nosniff
last-modified
Thu, 07 Nov 2019 07:36:43 GMT
server
Apache
etag
"6761af5-6f6-596bcba1ac913"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
status
200
strict-transport-security
max-age=63072000; includeSubDomains
accept-ranges
bytes
content-length
1782
support.svg
www.comfortinfashion.com/homepage_image/cms/appsrc/img/
2 KB
3 KB
Image
General
Full URL
https://www.comfortinfashion.com/homepage_image/cms/appsrc/img/support.svg
Requested by
Host: www.comfortinfashion.com
URL: https://www.comfortinfashion.com/homepage_image/cms/appsrc/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.32.20.147 Ann Arbor, United States, ASN55293 (A2HOSTING - A2 Hosting, Inc., US),
Reverse DNS
70.32.20.147.static.a2webhosting.com
Software
Apache /
Resource Hash
791ff1954bcb0307883cc4b2a966759f2fc209cc7acf47ecaede22834833398e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.comfortinfashion.com/homepage_image/cms/appsrc/files/nav.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Thu, 07 Nov 2019 16:20:27 GMT
x-content-type-options
nosniff
last-modified
Thu, 07 Nov 2019 07:36:44 GMT
server
Apache
etag
"6761afa-9fe-596bcba1e3bdf"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
status
200
strict-transport-security
max-age=63072000; includeSubDomains
accept-ranges
bytes
content-length
2558
resh.svg
www.comfortinfashion.com/homepage_image/cms/appsrc/img/
879 B
936 B
Image
General
Full URL
https://www.comfortinfashion.com/homepage_image/cms/appsrc/img/resh.svg
Requested by
Host: www.comfortinfashion.com
URL: https://www.comfortinfashion.com/homepage_image/cms/appsrc/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.32.20.147 Ann Arbor, United States, ASN55293 (A2HOSTING - A2 Hosting, Inc., US),
Reverse DNS
70.32.20.147.static.a2webhosting.com
Software
Apache /
Resource Hash
6b808187a61de06a63f471e3a467b4c09177e0830e92eadc8abf6b2348a1a6b7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.comfortinfashion.com/homepage_image/cms/appsrc/files/nav.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Thu, 07 Nov 2019 16:20:27 GMT
x-content-type-options
nosniff
last-modified
Thu, 07 Nov 2019 07:36:44 GMT
server
Apache
etag
"6761afd-36f-596bcba29c4f3"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
status
200
strict-transport-security
max-age=63072000; includeSubDomains
accept-ranges
bytes
content-length
879
wall.svg
www.comfortinfashion.com/homepage_image/cms/appsrc/img/
892 B
949 B
Image
General
Full URL
https://www.comfortinfashion.com/homepage_image/cms/appsrc/img/wall.svg
Requested by
Host: www.comfortinfashion.com
URL: https://www.comfortinfashion.com/homepage_image/cms/appsrc/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.32.20.147 Ann Arbor, United States, ASN55293 (A2HOSTING - A2 Hosting, Inc., US),
Reverse DNS
70.32.20.147.static.a2webhosting.com
Software
Apache /
Resource Hash
2328f2a4a358a5e076d84ba3abcc13f5b2b956a635f4c05ac4fe066ab14bdf65
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.comfortinfashion.com/homepage_image/cms/appsrc/files/nav.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Thu, 07 Nov 2019 16:20:27 GMT
x-content-type-options
nosniff
last-modified
Thu, 07 Nov 2019 07:36:43 GMT
server
Apache
etag
"6761aef-37c-596bcba1a9a33"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
status
200
strict-transport-security
max-age=63072000; includeSubDomains
accept-ranges
bytes
content-length
892
effect.js
www.comfortinfashion.com/homepage_image/cms/appsrc/files/
0
0
Script
General
Full URL
https://www.comfortinfashion.com/homepage_image/cms/appsrc/files/effect.js
Requested by
Host: www.comfortinfashion.com
URL: https://www.comfortinfashion.com/homepage_image/cms/appsrc/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.32.20.147 Ann Arbor, United States, ASN55293 (A2HOSTING - A2 Hosting, Inc., US),
Reverse DNS
70.32.20.147.static.a2webhosting.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.comfortinfashion.com/homepage_image/cms/appsrc/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Thu, 07 Nov 2019 16:20:27 GMT
x-content-type-options
nosniff
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/html; charset=iso-8859-1
status
404
strict-transport-security
max-age=63072000; includeSubDomains
content-length
315
mask.js
www.comfortinfashion.com/homepage_image/cms/appsrc/files/
0
0
Script
General
Full URL
https://www.comfortinfashion.com/homepage_image/cms/appsrc/files/mask.js
Requested by
Host: www.comfortinfashion.com
URL: https://www.comfortinfashion.com/homepage_image/cms/appsrc/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.32.20.147 Ann Arbor, United States, ASN55293 (A2HOSTING - A2 Hosting, Inc., US),
Reverse DNS
70.32.20.147.static.a2webhosting.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.comfortinfashion.com/homepage_image/cms/appsrc/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Thu, 07 Nov 2019 16:20:27 GMT
x-content-type-options
nosniff
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/html; charset=iso-8859-1
status
404
strict-transport-security
max-age=63072000; includeSubDomains
content-length
315
javascriptcode.js
www.comfortinfashion.com/homepage_image/cms/appsrc/files/
0
0
Script
General
Full URL
https://www.comfortinfashion.com/homepage_image/cms/appsrc/files/javascriptcode.js
Requested by
Host: www.comfortinfashion.com
URL: https://www.comfortinfashion.com/homepage_image/cms/appsrc/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.32.20.147 Ann Arbor, United States, ASN55293 (A2HOSTING - A2 Hosting, Inc., US),
Reverse DNS
70.32.20.147.static.a2webhosting.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.comfortinfashion.com/homepage_image/cms/appsrc/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Thu, 07 Nov 2019 16:20:28 GMT
x-content-type-options
nosniff
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/html; charset=iso-8859-1
status
404
strict-transport-security
max-age=63072000; includeSubDomains
content-length
315

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.comfortinfashion.com
URL
https://www.comfortinfashion.com/homepage_image/cms/appsrc/files/font-awesome.css

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Apple (Online)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| refreshCaptcha

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN