mail.utility-energy.com

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 3 HTTP transactions.
The main IP is 96.127.39.185, located in Boardman, United States and belongs to AMAZON EXPANSION, GB. The main domain is mail.utility-energy.com.

This is the first time this domain was scanned on urlscan.io!

Verdict: Unknown

Domain & IP information

	IP Address		AS Autonomous System
3	96.127.39.185 96.127.39.185		8987 (AMAZON EX...) (AMAZON EXPANSION)
3	1

3 96.127.39.185 (Boardman, United States)

ASN8987 (AMAZON EXPANSION, GB)
PTR: ec2-96-127-39-185.us-gov-west-1.compute.amazonaws.com

mail.utility-energy.com
Domain lookup

	Domain Subdomains	Transfer
3	utility-energy.com	87 KB
3	1

	Domain	Requested by
3	mail.utility-energy.com	mail.utility-energy.com
3	1

This site contains links to these domains. Also see Links.

Domain
cofense.com

Subject / Issuer	Validity	Valid

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Website

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

7 Outgoing links

These are links going to different origins than the main page. For each link, only the first name is shown.

https://cofense.com/
https://cofense.com/product-services/simulator-2/
Title: What Is PhishMe?
https://cofense.com/company/overview/
Title: Who is Cofense?
https://cofense.com/news/
Title: News
https://cofense.com/events/
Title: Events
https://cofense.com/contact
Title: Contact Us
https://cofense.com/product-services/live-demo/
Title: Sign Up

3 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 404
Not Found ? Show response
/u/amo3z6ccodm9/login.srf/7c4d80/9ba5613f-c29a-4729-9c67-988bbc8f5565 14 KB
15 KB 429ms
217ms Document
text/html 96.127.39.185
AMAZON EXPANSION

General

Check archive.org

Show headers Download Go to

Full URL

http://mail.utility-energy.com/u/amo3z6ccodm9/login.srf/7c4d80/9ba5613f-c29a-4729-9c67-988bbc8f5565/?

Protocol

HTTP/1.1

Server

96.127.39.185 Boardman, United States, ASN8987 (AMAZON EXPANSION, GB),

Reverse DNS

ec2-96-127-39-185.us-gov-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

a2240425d2102009c93e6939199ed781da56666a8b3ea5875dcfa0a3a353fec6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Host: mail.utility-energy.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 11 Feb 2019 16:47:20 GMT
Server: Apache
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
X-XSS-Protection: 1; mode=block
X-Request-Id: 3d11140d-350e-4766-bb1d-3eeb4829f97f
X-Runtime: 0.034914
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Status: 404 Not Found
Access-Control-Allow-Origin: http://landing.us.phishme.com
X-Download-Options: noopen
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK logo.png
/images/www 2 KB
3 KB 182ms
181ms Image
image/png 96.127.39.185
AMAZON EXPANSION

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://mail.utility-energy.com/images/www/logo.png
Requested by: Host: mail.utility-energy.com
URL: http://mail.utility-energy.com/u/amo3z6ccodm9/login.srf/7c4d80/9ba5613f-c29a-4729-9c67-988bbc8f5565/?
Protocol: HTTP/1.1
Server: 96.127.39.185 Boardman, United States, ASN8987 (AMAZON EXPANSION, GB),
Reverse DNS: ec2-96-127-39-185.us-gov-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: cb51a14651a66a4bffc0cf0194f50aef0c13531ccb2d4f9e0c0a12cc0e84faca

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: mail.utility-energy.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://mail.utility-energy.com/u/amo3z6ccodm9/login.srf/7c4d80/9ba5613f-c29a-4729-9c67-988bbc8f5565/?
Connection: keep-alive
Cache-Control: no-cache
Referer: http://mail.utility-energy.com/u/amo3z6ccodm9/login.srf/7c4d80/9ba5613f-c29a-4729-9c67-988bbc8f5565/?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 11 Feb 2019 16:47:21 GMT
Last-Modified: Fri, 08 Feb 2019 17:27:34 GMT
Server: Apache
ETag: "981-5816546428d80"
X-Download-Options: noopen
Content-Type: image/png
Access-Control-Allow-Origin: http://landing.us.phishme.com
Cache-Control: max-age=0
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2433
Expires: Mon, 11 Feb 2019 16:47:21 GMT

GET
H/1.1 200
OK mountain.png
/images/www 69 KB
70 KB 362ms
181ms Image
image/png 96.127.39.185
AMAZON EXPANSION

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://mail.utility-energy.com/images/www/mountain.png
Requested by: Host: mail.utility-energy.com
URL: http://mail.utility-energy.com/u/amo3z6ccodm9/login.srf/7c4d80/9ba5613f-c29a-4729-9c67-988bbc8f5565/?
Protocol: HTTP/1.1
Server: 96.127.39.185 Boardman, United States, ASN8987 (AMAZON EXPANSION, GB),
Reverse DNS: ec2-96-127-39-185.us-gov-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 9ee8114b20da5400a45967cdaf6dbfb2fc0826ab3299c704496168d8e7603c65

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: mail.utility-energy.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://mail.utility-energy.com/u/amo3z6ccodm9/login.srf/7c4d80/9ba5613f-c29a-4729-9c67-988bbc8f5565/?
Connection: keep-alive
Cache-Control: no-cache
Referer: http://mail.utility-energy.com/u/amo3z6ccodm9/login.srf/7c4d80/9ba5613f-c29a-4729-9c67-988bbc8f5565/?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 11 Feb 2019 16:47:21 GMT
Last-Modified: Fri, 08 Feb 2019 17:27:34 GMT
Server: Apache
ETag: "1148f-5816546428d80"
X-Download-Options: noopen
Content-Type: image/png
Access-Control-Allow-Origin: http://landing.us.phishme.com
Cache-Control: max-age=0
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 70799
Expires: Mon, 11 Feb 2019 16:47:21 GMT

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators of compromise (IoCs)

This is a term in the security industry to describe indicators around an attack. This includes IPs, hashes, domains, etc.

mail.utility-energy.com


96.127.39.185

9ee8114b20da5400a45967cdaf6dbfb2fc0826ab3299c704496168d8e7603c65
a2240425d2102009c93e6939199ed781da56666a8b3ea5875dcfa0a3a353fec6
cb51a14651a66a4bffc0cf0194f50aef0c13531ccb2d4f9e0c0a12cc0e84faca

mail.utility-energy.com 96.127.39.185

Summary

Verdict: Unknown

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Stats

0 Requests

0 Ad-blocked

0 Malicious

0 %HTTPS

0 %IPv6

0 Domains

0 Subdomains

0 IPs

0 Countries

0 kBTransfer

0 kBSize

0 Cookies

7 Outgoing links

3 HTTP transactions Everything HTML Script AJAX CSS Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect requests

3 JavaScript Global Variables

0 Cookies

Security Headers

Indicators of compromise (IoCs)

mail.utility-energy.com
96.127.39.185

Screenshot
Live screenshot

Full Image

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

3 HTTP transactions
0 data transactions