Submitted URL: https://wsol.xyz/law/index.php
Effective URL: https://www.comack.cl/law/index.php
Submission: On October 04 via manual from US — Scanned from DE

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 6 HTTP transactions. The main IP is 186.64.119.95, located in Curicó, Chile and belongs to ZAM LTDA., CL. The main domain is www.comack.cl.
TLS certificate: Issued by cPanel, Inc. Certification Authority on October 1st 2021. Valid for: 3 months.
This is the only time www.comack.cl was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: BECU Credit Union (Financial)

Domain & IP information

IP Address AS Autonomous System
1 1 192.3.201.85 36352 (AS-COLOCR...)
6 186.64.119.95 52368 (ZAM LTDA.)
6 1
Apex Domain
Subdomains
Transfer
6 comack.cl
www.comack.cl
58 KB
1 wsol.xyz
wsol.xyz
231 B
6 2
Domain Requested by
6 www.comack.cl www.comack.cl
1 wsol.xyz 1 redirects
6 2

This site contains no links.

Subject Issuer Validity Valid
comack.cl
cPanel, Inc. Certification Authority
2021-10-01 -
2021-12-30
3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.comack.cl/law/index.php
Frame ID: 6BA4B022CC944AF84DA22722B92BA93D
Requests: 6 HTTP requests in this frame

Screenshot

Page Title

ΒΕϹU Οnlinе

Page URL History Show full URLs

  1. https://wsol.xyz/law/index.php HTTP 301
    https://www.comack.cl/law/index.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

6
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

58 kB
Transfer

63 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://wsol.xyz/law/index.php HTTP 301
    https://www.comack.cl/law/index.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request index.php
www.comack.cl/law/
Redirect Chain
  • https://wsol.xyz/law/index.php
  • https://www.comack.cl/law/index.php
2 KB
983 B
Document
General
Full URL
https://www.comack.cl/law/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
186.64.119.95 Curicó, Chile, ASN52368 (ZAM LTDA., CL),
Reverse DNS
mail.blue115.dnsmisitio.net
Software
Apache /
Resource Hash
fc3f2ef0ff0af76ed857ec87ca4bf698b02cd6ba6cea1e600a1d234654b7dfcd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;

Request headers

:method
GET
:authority
www.comack.cl
:scheme
https
:path
/law/index.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 04 Oct 2021 17:14:51 GMT
server
Apache
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubdomains;
cache-control
max-age=0, public
expires
Mon, 04 Oct 2021 17:14:51 GMT
content-type
text/html; charset=UTF-8

Redirect headers

content-type
text/html
content-length
707
date
Mon, 04 Oct 2021 17:14:50 GMT
server
LiteSpeed
location
https://www.comack.cl/law/index.php
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
b1.png
www.comack.cl/law/images/
11 KB
10 KB
Image
General
Full URL
https://www.comack.cl/law/images/b1.png
Requested by
Host: www.comack.cl
URL: https://www.comack.cl/law/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
186.64.119.95 Curicó, Chile, ASN52368 (ZAM LTDA., CL),
Reverse DNS
mail.blue115.dnsmisitio.net
Software
Apache /
Resource Hash
444c7d4abe3df3ec399bad342faa249adf45a8cbd997516503fa6d393106505c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;

Request headers

:path
/law/images/b1.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.comack.cl
referer
https://www.comack.cl/law/index.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.comack.cl/law/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 17:14:52 GMT
content-encoding
gzip
last-modified
Sat, 19 May 2018 03:54:46 GMT
server
Apache
etag
"348e81a-2c00-56c8707838d80-gzip"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=604800, public
strict-transport-security
max-age=63072000; includeSubdomains;
accept-ranges
bytes
expires
Wed, 03 Nov 2021 17:14:52 GMT
b2.png
www.comack.cl/law/images/
14 KB
13 KB
Image
General
Full URL
https://www.comack.cl/law/images/b2.png
Requested by
Host: www.comack.cl
URL: https://www.comack.cl/law/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
186.64.119.95 Curicó, Chile, ASN52368 (ZAM LTDA., CL),
Reverse DNS
mail.blue115.dnsmisitio.net
Software
Apache /
Resource Hash
bd3a536644d11638bc534366e980f3a345e2bd45650828801a3bf12241299733
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;

Request headers

:path
/law/images/b2.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.comack.cl
referer
https://www.comack.cl/law/index.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.comack.cl/law/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 17:14:52 GMT
content-encoding
gzip
last-modified
Mon, 11 Nov 2019 16:41:54 GMT
server
Apache
etag
"348e81c-3903-59714cf24f880-gzip"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=604800, public
strict-transport-security
max-age=63072000; includeSubdomains;
accept-ranges
bytes
expires
Wed, 03 Nov 2021 17:14:52 GMT
b3.png
www.comack.cl/law/images/
6 KB
6 KB
Image
General
Full URL
https://www.comack.cl/law/images/b3.png
Requested by
Host: www.comack.cl
URL: https://www.comack.cl/law/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
186.64.119.95 Curicó, Chile, ASN52368 (ZAM LTDA., CL),
Reverse DNS
mail.blue115.dnsmisitio.net
Software
Apache /
Resource Hash
3a79a69472f9e4d0bbd359db3cd107f7169d1ce7714a01b0c96f38ce44776749
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;

Request headers

:path
/law/images/b3.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.comack.cl
referer
https://www.comack.cl/law/index.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.comack.cl/law/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 17:14:52 GMT
content-encoding
gzip
last-modified
Sat, 19 May 2018 03:55:40 GMT
server
Apache
etag
"348e81d-1793-56c870abb8700-gzip"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=604800, public
strict-transport-security
max-age=63072000; includeSubdomains;
accept-ranges
bytes
expires
Wed, 03 Nov 2021 17:14:52 GMT
b4.png
www.comack.cl/law/images/
29 KB
27 KB
Image
General
Full URL
https://www.comack.cl/law/images/b4.png
Requested by
Host: www.comack.cl
URL: https://www.comack.cl/law/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
186.64.119.95 Curicó, Chile, ASN52368 (ZAM LTDA., CL),
Reverse DNS
mail.blue115.dnsmisitio.net
Software
Apache /
Resource Hash
bc5532b0f6b7054b77fa5d6a488ca51fcd7265e2791887d12d60f31a4f7c78ae
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;

Request headers

:path
/law/images/b4.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.comack.cl
referer
https://www.comack.cl/law/index.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.comack.cl/law/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 17:14:52 GMT
content-encoding
gzip
last-modified
Sun, 21 Feb 2021 18:08:28 GMT
server
Apache
etag
"348e81e-75c8-5bbdc92769f00-gzip"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=604800, public
strict-transport-security
max-age=63072000; includeSubdomains;
accept-ranges
bytes
expires
Wed, 03 Nov 2021 17:14:52 GMT
btn.png
www.comack.cl/law/images/
608 B
768 B
Image
General
Full URL
https://www.comack.cl/law/images/btn.png
Requested by
Host: www.comack.cl
URL: https://www.comack.cl/law/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
186.64.119.95 Curicó, Chile, ASN52368 (ZAM LTDA., CL),
Reverse DNS
mail.blue115.dnsmisitio.net
Software
Apache /
Resource Hash
08d00153d4daf1cac922bd2c22a1fbb758a3d3d2a4b0fc26e20e0d16af167a41
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;

Request headers

:path
/law/images/btn.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.comack.cl
referer
https://www.comack.cl/law/index.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.comack.cl/law/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 17:14:52 GMT
content-encoding
gzip
last-modified
Sat, 19 May 2018 03:56:28 GMT
server
Apache
etag
"348e825-260-56c870d97f300-gzip"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=604800, public
strict-transport-security
max-age=63072000; includeSubdomains;
accept-ranges
bytes
expires
Wed, 03 Nov 2021 17:14:52 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BECU Credit Union (Financial)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubdomains;