URL: http://mail.utility-energy.com/u/amo3z6ccodm9/login.srf/7c4d80/9ba5613f-c29a-4729-9c67-988bbc8f5565/?
Submission: On February 11 via manual

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 3 HTTP transactions.
The main IP is 96.127.39.185, located in Boardman, United States and belongs to AMAZON EXPANSION, GB. The main domain is mail.utility-energy.com.
This is the first time this domain was scanned on urlscan.io!

Domain & IP information

IP Address AS Autonomous System
3 96.127.39.185 8987 (AMAZON EX...)
3 1
Domain
Subdomains
Transfer
3 utility-energy.com
87 KB
3 1
Domain Requested by
3 mail.utility-energy.com mail.utility-energy.com
3 1

This site contains links to these domains. Also see Links.

Domain
cofense.com
Subject / Issuer Validity Valid

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

3 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
?
/u/amo3z6ccodm9/login.srf/7c4d80/9ba5613f-c29a-4729-9c67-988bbc8f5565
14 KB
15 KB
Document
General
Full URL
http://mail.utility-energy.com/u/amo3z6ccodm9/login.srf/7c4d80/9ba5613f-c29a-4729-9c67-988bbc8f5565/?
Protocol
HTTP/1.1
Server
96.127.39.185 Boardman, United States, ASN8987 (AMAZON EXPANSION, GB),
Reverse DNS
ec2-96-127-39-185.us-gov-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
a2240425d2102009c93e6939199ed781da56666a8b3ea5875dcfa0a3a353fec6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Host
mail.utility-energy.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 11 Feb 2019 16:47:20 GMT
Server
Apache
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Pragma
no-cache
X-XSS-Protection
1; mode=block
X-Request-Id
3d11140d-350e-4766-bb1d-3eeb4829f97f
X-Runtime
0.034914
X-Frame-Options
DENY
X-Content-Type-Options
nosniff
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Status
404 Not Found
Access-Control-Allow-Origin
http://landing.us.phishme.com
X-Download-Options
noopen
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
logo.png
/images/www
2 KB
3 KB
Image
General
Full URL
http://mail.utility-energy.com/images/www/logo.png
Requested by
Host: mail.utility-energy.com
URL: http://mail.utility-energy.com/u/amo3z6ccodm9/login.srf/7c4d80/9ba5613f-c29a-4729-9c67-988bbc8f5565/?
Protocol
HTTP/1.1
Server
96.127.39.185 Boardman, United States, ASN8987 (AMAZON EXPANSION, GB),
Reverse DNS
ec2-96-127-39-185.us-gov-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
cb51a14651a66a4bffc0cf0194f50aef0c13531ccb2d4f9e0c0a12cc0e84faca

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
mail.utility-energy.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://mail.utility-energy.com/u/amo3z6ccodm9/login.srf/7c4d80/9ba5613f-c29a-4729-9c67-988bbc8f5565/?
Connection
keep-alive
Cache-Control
no-cache
Referer
http://mail.utility-energy.com/u/amo3z6ccodm9/login.srf/7c4d80/9ba5613f-c29a-4729-9c67-988bbc8f5565/?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 11 Feb 2019 16:47:21 GMT
Last-Modified
Fri, 08 Feb 2019 17:27:34 GMT
Server
Apache
ETag
"981-5816546428d80"
X-Download-Options
noopen
Content-Type
image/png
Access-Control-Allow-Origin
http://landing.us.phishme.com
Cache-Control
max-age=0
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
2433
Expires
Mon, 11 Feb 2019 16:47:21 GMT
mountain.png
/images/www
69 KB
70 KB
Image
General
Full URL
http://mail.utility-energy.com/images/www/mountain.png
Requested by
Host: mail.utility-energy.com
URL: http://mail.utility-energy.com/u/amo3z6ccodm9/login.srf/7c4d80/9ba5613f-c29a-4729-9c67-988bbc8f5565/?
Protocol
HTTP/1.1
Server
96.127.39.185 Boardman, United States, ASN8987 (AMAZON EXPANSION, GB),
Reverse DNS
ec2-96-127-39-185.us-gov-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
9ee8114b20da5400a45967cdaf6dbfb2fc0826ab3299c704496168d8e7603c65

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
mail.utility-energy.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://mail.utility-energy.com/u/amo3z6ccodm9/login.srf/7c4d80/9ba5613f-c29a-4729-9c67-988bbc8f5565/?
Connection
keep-alive
Cache-Control
no-cache
Referer
http://mail.utility-energy.com/u/amo3z6ccodm9/login.srf/7c4d80/9ba5613f-c29a-4729-9c67-988bbc8f5565/?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 11 Feb 2019 16:47:21 GMT
Last-Modified
Fri, 08 Feb 2019 17:27:34 GMT
Server
Apache
ETag
"1148f-5816546428d80"
X-Download-Options
noopen
Content-Type
image/png
Access-Control-Allow-Origin
http://landing.us.phishme.com
Cache-Control
max-age=0
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
70799
Expires
Mon, 11 Feb 2019 16:47:21 GMT

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators of compromise (IoCs)

This is a term in the security industry to describe indicators around an attack. This includes IPs, hashes, domains, etc.

mail.utility-energy.com


96.127.39.185

9ee8114b20da5400a45967cdaf6dbfb2fc0826ab3299c704496168d8e7603c65
a2240425d2102009c93e6939199ed781da56666a8b3ea5875dcfa0a3a353fec6
cb51a14651a66a4bffc0cf0194f50aef0c13531ccb2d4f9e0c0a12cc0e84faca