urlscan.io logo urlscan.io
SecurityTrails logo

www.mortgagequestions.com Open in urlscan Pro
198.202.33.22  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.mortgagequestions.com/servlet/WEB/SelfReg/sso/user_submitter.jsp
Effective URL: https://www.mortgagequestions.com/info/landscape?jpid=InvalidSite
Submission: On June 20 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 3 HTTP transactions. The main IP is 198.202.33.22, located in Mount Laurel, United States and belongs to PHHMORT-AS - PHH Mortgage Corporation, US. The main domain is www.mortgagequestions.com.
TLS certificate: Issued by DigiCert Global CA G2 on February 9th 2018. Valid for: 3 years.
This is the only time www.mortgagequestions.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 198.202.33.22 15279 (PHHMORT-AS)
2 198.202.33.61 15279 (PHHMORT-AS)
3 2
Apex Domain
Subdomains		 Transfer
4 mortgagequestions.com
www.mortgagequestions.com
images.mortgagequestions.com
17 KB
3 1
Domain Requested by
2 images.mortgagequestions.com www.mortgagequestions.com
2 www.mortgagequestions.com 1 redirects
3 2

This site contains no links.

Subject Issuer Validity Valid
www.mortgagequestions.com
DigiCert Global CA G2		 2018-02-09 -
2021-02-09		 3 years crt.sh
images.mortgagequestions.com
DigiCert Global CA G2		 2018-02-08 -
2021-02-08		 3 years crt.sh

This page contains 1 frames:

Primary Page: https://www.mortgagequestions.com/info/landscape?jpid=InvalidSite
Frame ID: 0BB90182E351E21E9F98E4BD1587F93D
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.mortgagequestions.com/servlet/WEB/SelfReg/sso/user_submitter.jsp HTTP 302
    https://www.mortgagequestions.com/info/landscape?jpid=InvalidSite Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Oracle-HTTP-Server(?:\/([\d.]+))?/i

Page Statistics

3
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

2
IPs

1
Countries

17 kB
Transfer

16 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.mortgagequestions.com/servlet/WEB/SelfReg/sso/user_submitter.jsp HTTP 302
    https://www.mortgagequestions.com/info/landscape?jpid=InvalidSite Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set landscape
www.mortgagequestions.com/info/
Redirect Chain
  • https://www.mortgagequestions.com/servlet/WEB/SelfReg/sso/user_submitter.jsp
  • https://www.mortgagequestions.com/info/landscape?jpid=InvalidSite
16 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mortgagequestions.com/info/landscape?jpid=InvalidSite
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
198.202.33.22 Mount Laurel, United States, ASN15279 (PHHMORT-AS - PHH Mortgage Corporation, US),
Reverse DNS
Software
Oracle-HTTP-Server-11g /
Resource Hash
ddcf47737205c8fad140e56596a7ce172c9f1ddd122c969a7694cf7bd1b7dffd

Request headers

Host
www.mortgagequestions.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Cookie
JSESSIONID=ThGMbq1Hr1gGxr1cL6SQdZlpLxvYVn2V3zSD8YFS4fpLxTd3ksCC!383302923!173823271!7001!-1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
0BB90182E351E21E9F98E4BD1587F93D

Response headers

Date
Wed, 20 Jun 2018 20:55:42 GMT
Server
Oracle-HTTP-Server-11g
Pragma
no-cache
Content-Length
16380
Expires
Wed, 31 Dec 1969 23:59:59 GMT
Cache-Control
no-cache,no-store,must-revalidate
Set-Cookie
jplchk=ThGMbq1Hr1gGxr1cL6SQdZlpLxvYVn2V3zSD8YFS4fpLxTd3ksCC!383302923!173823271!7001!-1!1529528199482; expires=Wednesday, 20-Jun-2018 22:56:39 GMT; path=/;HttpOnly; secure
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Content-Type
text/html
Content-Language
en

Redirect headers

Date
Wed, 20 Jun 2018 20:55:42 GMT
Server
Oracle-HTTP-Server-11g
Location
https://www.mortgagequestions.com/info/landscape?jpid=InvalidSite
Set-Cookie
JSESSIONID=ThGMbq1Hr1gGxr1cL6SQdZlpLxvYVn2V3zSD8YFS4fpLxTd3ksCC!383302923!173823271!7001!-1; path=/; secure; HttpOnly
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html
Content-Language
en
hbx.js
images.mortgagequestions.com/scripts/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://images.mortgagequestions.com/scripts/hbx.js
Requested by
Host: www.mortgagequestions.com
URL: https://www.mortgagequestions.com/info/landscape?jpid=InvalidSite
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
198.202.33.61 Mount Laurel, United States, ASN15279 (PHHMORT-AS - PHH Mortgage Corporation, US),
Reverse DNS
Software
Oracle-HTTP-Server-11g /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
images.mortgagequestions.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
*/*
Referer
https://www.mortgagequestions.com/info/landscape?jpid=InvalidSite
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.mortgagequestions.com/info/landscape?jpid=InvalidSite
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Wed, 20 Jun 2018 20:56:31 GMT
Server
Oracle-HTTP-Server-11g
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
197
Content-Type
text/html; charset=iso-8859-1
bg_column_fade.gif
images.mortgagequestions.com/img/art/ 		153 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.mortgagequestions.com/img/art/bg_column_fade.gif
Requested by
Host: www.mortgagequestions.com
URL: https://www.mortgagequestions.com/info/landscape?jpid=InvalidSite
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
198.202.33.61 Mount Laurel, United States, ASN15279 (PHHMORT-AS - PHH Mortgage Corporation, US),
Reverse DNS
Software
Oracle-HTTP-Server-11g /
Resource Hash
925775f43389978d675667404614b19e98c8ee3b0c884c91270f9e6a8d9fb9c7

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
images.mortgagequestions.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://www.mortgagequestions.com/info/landscape?jpid=InvalidSite
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.mortgagequestions.com/info/landscape?jpid=InvalidSite
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Wed, 20 Jun 2018 20:56:31 GMT
Last-Modified
Thu, 11 Nov 2010 16:48:17 GMT
Server
Oracle-HTTP-Server-11g
ETag
"2b0552-99-494c9bd977640"
Content-Language
en
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
image/gif
Keep-Alive
timeout=5, max=99
Content-Length
153

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

number| size1 number| size2 number| size3 number| size4 number| size5 number| size6 number| _hbEC object| _hbE function| _hbEvent object| hbx string| pageTitle string| lsClientProps object| clientPropsArray object| clientPropsIndex

2 Cookies

Domain/Path Name / Value
www.mortgagequestions.com/ Name: jplchk
Value: ThGMbq1Hr1gGxr1cL6SQdZlpLxvYVn2V3zSD8YFS4fpLxTd3ksCC!383302923!173823271!7001!-1!1529528199482
www.mortgagequestions.com/ Name: JSESSIONID
Value: ThGMbq1Hr1gGxr1cL6SQdZlpLxvYVn2V3zSD8YFS4fpLxTd3ksCC!383302923!173823271!7001!-1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

images.mortgagequestions.com
www.mortgagequestions.com
198.202.33.22
198.202.33.61
925775f43389978d675667404614b19e98c8ee3b0c884c91270f9e6a8d9fb9c7
ddcf47737205c8fad140e56596a7ce172c9f1ddd122c969a7694cf7bd1b7dffd