selimlighthouse.com Open in urlscan Pro
38.46.221.171 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://oyn.at/hu-posta
Effective URL:
https://selimlighthouse.com/skk.sk/
Submission: On March 28 via manual (March 28th 2024, 7:56:30 am UTC) from HU — Scanned from AT

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 11 HTTP transactions. The main IP is 38.46.221.171, located in Draper, United States and belongs to FIBERSTATE, US. The main domain is selimlighthouse.com.
TLS certificate: Issued by R3 on January 29th 2024. Valid for: 3 months.

This is the only time selimlighthouse.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DHL (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
1 1	109.71.253.25 109.71.253.25	44486 (SYNLINQ s...) (SYNLINQ synlinq.de)
10	38.46.221.171 38.46.221.171	26042 (FIBERSTATE) (FIBERSTATE)
11	2

1 109.71.253.25 (Germany) 1 redirects

ASN44486 (SYNLINQ synlinq.de, DE)

oyn.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 38.46.221.171 (Draper, United States)

ASN26042 (FIBERSTATE, US)
PTR: gravity.whitelabelwebserver.com

selimlighthouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	selimlighthouse.com selimlighthouse.com	256 KB
1	oyn.at 1 redirects oyn.at	292 B
0	dhl.com Failed www.dhl.com Failed
11	3

	Domain	Requested by
10	selimlighthouse.com	selimlighthouse.com
1	oyn.at	1 redirects
0	www.dhl.com Failed	selimlighthouse.com
11	3

This site contains no links.

Subject Issuer	Validity	Valid
*.selimlighthouse.com R3	`2024-01-29` - `2024-04-28`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://selimlighthouse.com/skk.sk/
Frame ID: 687F391460523AC97191B8913B6B9A08
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DHL Home - Globale Logistik und internationaler Versand

Page URL History Show full URLs

http://oyn.at/hu-posta HTTP 307
https://oyn.at/hu-posta HTTP 302
https://selimlighthouse.com/skk.sk/ Page URL

Page Statistics

11
Requests

91 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

256 kB
Transfer

254 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://oyn.at/hu-posta HTTP 307
https://oyn.at/hu-posta HTTP 302
https://selimlighthouse.com/skk.sk/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response selimlighthouse.com/skk.sk/ Redirect Chain http://oyn.at/hu-posta https://oyn.at/hu-posta https://selimlighthouse.com/skk.sk/	6 KB 6 KB	1197ms 693ms	Document text/html	38.46.221.171 FIBERSTATE
General Check archive.org Show headers Download Go to Full URL https://selimlighthouse.com/skk.sk/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 38.46.221.171 Draper, United States, ASN26042 (FIBERSTATE, US), Reverse DNS gravity.whitelabelwebserver.com Software Apache / Resource Hash `34e4cae32d123285f4e82ecc8d3c787223d7dc4319a2b3ea3a09d6fc77dbbadd` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 accept-language de-AT,de;q=0.9 Response headers Connection Keep-Alive Content-Type text/html; charset=UTF-8 Date Thu, 28 Mar 2024 07:56:25 GMT Keep-Alive timeout=3, max=60 Server Apache Transfer-Encoding chunked Redirect headers Connection Keep-Alive Content-Length 114 Content-Type text/html; charset=utf-8 Date Thu, 28 Mar 2024 07:56:24 GMT Keep-Alive timeout=5, max=100 Location https://selimlighthouse.com/skk.sk/ Server Apache/2.4.38 (Debian) Vary Accept X-Powered-By Express
GET H/1.1	200 OK	dstyle.css selimlighthouse.com/skk.sk/dcss/	7 KB 8 KB	173ms 172ms	Stylesheet text/css	38.46.221.171 FIBERSTATE
General Check archive.org Show headers Download Go to Full URL https://selimlighthouse.com/skk.sk/dcss/dstyle.css Requested by Host: selimlighthouse.com URL: https://selimlighthouse.com/skk.sk/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 38.46.221.171 Draper, United States, ASN26042 (FIBERSTATE, US), Reverse DNS gravity.whitelabelwebserver.com Software Apache / Resource Hash `75e2486847303c33aeca55078537df5c70e016cb02a64ef5159c3606b99ff844` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://selimlighthouse.com/skk.sk/ accept-language de-AT,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 28 Mar 2024 07:56:25 GMT Last-Modified Tue, 05 Mar 2024 07:44:14 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=3, max=59 Content-Length 7657
GET H/1.1	200 OK	dhl-logo.svg selimlighthouse.com/skk.sk/dfiles/	2 KB 2 KB	345ms 169ms	Image image/svg+xml	38.46.221.171 FIBERSTATE
General Check archive.org Show headers Download Go to Show image Full URL https://selimlighthouse.com/skk.sk/dfiles/dhl-logo.svg Requested by Host: selimlighthouse.com URL: https://selimlighthouse.com/skk.sk/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 38.46.221.171 Draper, United States, ASN26042 (FIBERSTATE, US), Reverse DNS gravity.whitelabelwebserver.com Software Apache / Resource Hash `bb6821bb8cce2e571b87295519170e2032a8e1747d56937b558ec3f5779d2b59` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://selimlighthouse.com/skk.sk/ accept-language de-AT,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 28 Mar 2024 07:56:25 GMT Last-Modified Tue, 05 Mar 2024 07:44:14 GMT Server Apache Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=3, max=58 Content-Length 1621
GET H/1.1	200 OK	arrowdown.PNG selimlighthouse.com/skk.sk/dfiles/	2 KB 2 KB	514ms 169ms	Image image/png	38.46.221.171 FIBERSTATE
General Check archive.org Show headers Download Go to Show image Full URL https://selimlighthouse.com/skk.sk/dfiles/arrowdown.PNG Requested by Host: selimlighthouse.com URL: https://selimlighthouse.com/skk.sk/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 38.46.221.171 Draper, United States, ASN26042 (FIBERSTATE, US), Reverse DNS gravity.whitelabelwebserver.com Software Apache / Resource Hash `9259756d856d552ec58f1f131da6889b1a7b1c01a611c50ac70c3f9b4d5d2b58` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://selimlighthouse.com/skk.sk/ accept-language de-AT,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 28 Mar 2024 07:56:26 GMT Last-Modified Tue, 05 Mar 2024 07:44:14 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=3, max=57 Content-Length 1918
GET H/1.1	200 OK	loupe.png selimlighthouse.com/skk.sk/dfiles/	43 KB 43 KB	508ms 171ms	Image image/png	38.46.221.171 FIBERSTATE
General Check archive.org Show headers Download Go to Show image Full URL https://selimlighthouse.com/skk.sk/dfiles/loupe.png Requested by Host: selimlighthouse.com URL: https://selimlighthouse.com/skk.sk/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 38.46.221.171 Draper, United States, ASN26042 (FIBERSTATE, US), Reverse DNS gravity.whitelabelwebserver.com Software Apache / Resource Hash `f0fb07c6cb78e5adf94eead250a369950a1b3f67e29a0c09ab7b83d7fce2d599` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://selimlighthouse.com/skk.sk/ accept-language de-AT,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 28 Mar 2024 07:56:26 GMT Last-Modified Tue, 05 Mar 2024 07:44:14 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=3, max=60 Content-Length 44122
GET H/1.1	200 OK	customer.svg selimlighthouse.com/skk.sk/dfiles/	2 KB 2 KB	595ms 165ms	Image image/svg+xml	38.46.221.171 FIBERSTATE
General Check archive.org Show headers Download Go to Show image Full URL https://selimlighthouse.com/skk.sk/dfiles/customer.svg Requested by Host: selimlighthouse.com URL: https://selimlighthouse.com/skk.sk/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 38.46.221.171 Draper, United States, ASN26042 (FIBERSTATE, US), Reverse DNS gravity.whitelabelwebserver.com Software Apache / Resource Hash `b9f38b5560300539daa3cf1167763713444878f60689d270b96cbd3eef5209bf` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://selimlighthouse.com/skk.sk/ accept-language de-AT,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 28 Mar 2024 07:56:26 GMT Last-Modified Tue, 05 Mar 2024 07:44:14 GMT Server Apache Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=3, max=60 Content-Length 1622
GET H/1.1	200 OK	glo-footer-logo.svg selimlighthouse.com/skk.sk/dfiles/	4 KB 5 KB	608ms 168ms	Image image/svg+xml	38.46.221.171 FIBERSTATE
General Check archive.org Show headers Download Go to Show image Full URL https://selimlighthouse.com/skk.sk/dfiles/glo-footer-logo.svg Requested by Host: selimlighthouse.com URL: https://selimlighthouse.com/skk.sk/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 38.46.221.171 Draper, United States, ASN26042 (FIBERSTATE, US), Reverse DNS gravity.whitelabelwebserver.com Software Apache / Resource Hash `09685aa19deb8ef5a52bcebfe4e0cc009d0ca199d7a85c2a2e58e2d7ab41db35` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://selimlighthouse.com/skk.sk/ accept-language de-AT,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 28 Mar 2024 07:56:26 GMT Last-Modified Tue, 05 Mar 2024 07:44:14 GMT Server Apache Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=3, max=60 Content-Length 4537
GET H/1.1	200 OK	socialmedia.PNG selimlighthouse.com/skk.sk/dfiles/	1 KB 2 KB	475ms 169ms	Image image/png	38.46.221.171 FIBERSTATE
General Check archive.org Show headers Download Go to Show image Full URL https://selimlighthouse.com/skk.sk/dfiles/socialmedia.PNG Requested by Host: selimlighthouse.com URL: https://selimlighthouse.com/skk.sk/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 38.46.221.171 Draper, United States, ASN26042 (FIBERSTATE, US), Reverse DNS gravity.whitelabelwebserver.com Software Apache / Resource Hash `d989ec1becac9667a6afa13f7c44cedec2c26f4149062b4f45a88bb3afd5e0ae` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://selimlighthouse.com/skk.sk/ accept-language de-AT,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 28 Mar 2024 07:56:26 GMT Last-Modified Tue, 05 Mar 2024 07:44:14 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=3, max=60 Content-Length 1339
GET H/1.1	200 OK	background.jpg selimlighthouse.com/skk.sk/dfiles/	186 KB 186 KB	286ms 169ms	Image image/jpeg	38.46.221.171 FIBERSTATE
General Check archive.org Show headers Download Go to Show image Full URL https://selimlighthouse.com/skk.sk/dfiles/background.jpg Requested by Host: selimlighthouse.com URL: https://selimlighthouse.com/skk.sk/dcss/dstyle.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 38.46.221.171 Draper, United States, ASN26042 (FIBERSTATE, US), Reverse DNS gravity.whitelabelwebserver.com Software Apache / Resource Hash `33368ce4e7b4cef3579ea323d1e799b2fa731adb769ea12d6dd6d6fd24a1d81f` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://selimlighthouse.com/skk.sk/dcss/dstyle.css accept-language de-AT,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 28 Mar 2024 07:56:26 GMT Last-Modified Tue, 05 Mar 2024 07:44:14 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=3, max=60 Content-Length 190353
GET		default-6e1b36f5f35659cf6fbf.woff2 www.dhl.com/etc/clientlibs/dhl/clientlib-all/assets/fonts/	0 0

GET H/1.1	200 OK	favicon.ico selimlighthouse.com/skk.sk/dfiles/	1 KB 1 KB	169ms 168ms	Other image/x-icon	38.46.221.171 FIBERSTATE
General Check archive.org Show headers Download Go to Full URL https://selimlighthouse.com/skk.sk/dfiles/favicon.ico Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 38.46.221.171 Draper, United States, ASN26042 (FIBERSTATE, US), Reverse DNS gravity.whitelabelwebserver.com Software Apache / Resource Hash `9ada5709e264c31b04a05bd85448a9bd5e91925e8d83df5cef0762ec97cc283e` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://selimlighthouse.com/skk.sk/ accept-language de-AT,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 28 Mar 2024 07:56:26 GMT Last-Modified Tue, 05 Mar 2024 07:44:14 GMT Server Apache Content-Type image/x-icon Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=3, max=59 Content-Length 1150

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.dhl.com
URL: https://www.dhl.com/etc/clientlibs/dhl/clientlib-all/assets/fonts/default-6e1b36f5f35659cf6fbf.woff2

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DHL (Transportation)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onpagereveal

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://selimlighthouse.com/skk.sk/ Message: Access to font at 'https://www.dhl.com/etc/clientlibs/dhl/clientlib-all/assets/fonts/default-6e1b36f5f35659cf6fbf.woff2' from origin 'https://selimlighthouse.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.dhl.com/etc/clientlibs/dhl/clientlib-all/assets/fonts/default-6e1b36f5f35659cf6fbf.woff2 Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

oyn.at
selimlighthouse.com
www.dhl.com
www.dhl.com
109.71.253.25
38.46.221.171
09685aa19deb8ef5a52bcebfe4e0cc009d0ca199d7a85c2a2e58e2d7ab41db35
33368ce4e7b4cef3579ea323d1e799b2fa731adb769ea12d6dd6d6fd24a1d81f
34e4cae32d123285f4e82ecc8d3c787223d7dc4319a2b3ea3a09d6fc77dbbadd
75e2486847303c33aeca55078537df5c70e016cb02a64ef5159c3606b99ff844
9259756d856d552ec58f1f131da6889b1a7b1c01a611c50ac70c3f9b4d5d2b58
9ada5709e264c31b04a05bd85448a9bd5e91925e8d83df5cef0762ec97cc283e
b9f38b5560300539daa3cf1167763713444878f60689d270b96cbd3eef5209bf
bb6821bb8cce2e571b87295519170e2032a8e1747d56937b558ec3f5779d2b59
d989ec1becac9667a6afa13f7c44cedec2c26f4149062b4f45a88bb3afd5e0ae
f0fb07c6cb78e5adf94eead250a369950a1b3f67e29a0c09ab7b83d7fce2d599

selimlighthouse.com Open in urlscan Pro 38.46.221.171 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

11 Requests

91 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

2 IPs

2 Countries

256 kBTransfer

254 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

1 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

selimlighthouse.com Open in urlscan Pro
38.46.221.171 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

91 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

256 kB
Transfer

254 kB
Size

0
Cookies

11 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!