account.myuwmloan.com
Open in
urlscan Pro
2606:4700:4400::ac40:915e
Public Scan
Effective URL: https://account.myuwmloan.com/d13fb1c1-02bf-49c4-8761-b4291e712029/oauth2/v2.0/authorize?p=B2C_1A_SignUpOrSignIn&client_id=ba7...
Submission: On April 15 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 24th 2021. Valid for: a year.
This is the only time account.myuwmloan.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 7 | 2606:4700:440... 2606:4700:4400::ac40:915e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 20.60.178.68 20.60.178.68 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 2a00:1450:400... 2a00:1450:4001:812::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:829::2008 | 15169 (GOOGLE) (GOOGLE) | |
2 | 20.60.49.4 20.60.49.4 | () () | |
2 | 13.69.106.90 13.69.106.90 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 | 2a00:1450:400... 2a00:1450:4001:82a::200e | 15169 (GOOGLE) (GOOGLE) | |
14 | 8 |
ASN13335 (CLOUDFLARENET, US)
www.myuwmloan.com | |
account.myuwmloan.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
uwmb2cprodstg.blob.core.windows.net |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
myuwmloan.com
3 redirects
www.myuwmloan.com — Cisco Umbrella Rank: 647310 account.myuwmloan.com — Cisco Umbrella Rank: 757061 |
93 KB |
3 |
windows.net
uwmb2cprodstg.blob.core.windows.net — Cisco Umbrella Rank: 875358 apolloimage.blob.core.windows.net |
517 KB |
2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37 |
20 KB |
2 |
visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 855 |
281 B |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71 |
38 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46 |
959 B |
14 | 6 |
Domain | Requested by | |
---|---|---|
4 | account.myuwmloan.com |
account.myuwmloan.com
|
3 | www.myuwmloan.com | 3 redirects |
2 | www.google-analytics.com |
www.googletagmanager.com
account.myuwmloan.com |
2 | dc.services.visualstudio.com |
account.myuwmloan.com
|
2 | apolloimage.blob.core.windows.net |
account.myuwmloan.com
|
1 | www.googletagmanager.com |
account.myuwmloan.com
|
1 | fonts.googleapis.com |
account.myuwmloan.com
|
1 | uwmb2cprodstg.blob.core.windows.net |
account.myuwmloan.com
|
14 | 8 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.myuwmloan.com |
www.nmlsconsumeraccess.org |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-10-24 - 2022-10-23 |
a year | crt.sh |
*.blob.core.windows.net Microsoft RSA TLS CA 02 |
2022-03-19 - 2023-03-19 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-03-28 - 2022-06-20 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-03-28 - 2022-06-20 |
3 months | crt.sh |
in.applicationinsights.azure.com Microsoft RSA TLS CA 02 |
2022-02-08 - 2023-02-08 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://account.myuwmloan.com/d13fb1c1-02bf-49c4-8761-b4291e712029/oauth2/v2.0/authorize?p=B2C_1A_SignUpOrSignIn&client_id=ba79298b-dea8-4138-89d3-aafa857d12b8&nonce=defaultNonce&redirect_uri=https://www.myuwmloan.com/sessions/login&scope=openid&response_type=id_token&response_mode=form_post&pageName=&session_id=ea8ac430762e959fcba0ffaf8ef8985b&guid=&ga_client_id=&&getCustomer=no&state={%22redirect%22:null}&x-client-SKU=apollo-web-uwm-prod
Frame ID: 5AC22764B71DE9F5923581FB619A813B
Requests: 13 HTTP requests in this frame
Screenshot
Page Title
Mortgage Account Login, Sign In | UWMUnited Wholesale MortgagePage URL History Show full URLs
-
https://www.myuwmloan.com/
HTTP 301
https://www.myuwmloan.com/logout?existing_login=true HTTP 302
https://account.myuwmloan.com/d13fb1c1-02bf-49c4-8761-b4291e712029/B2C_1A_SignUpOrSignIn/oauth2/logout?sta... Page URL
-
https://www.myuwmloan.com/signin?state=%7b%22redirect%22%3anull%7d
HTTP 302
https://account.myuwmloan.com/d13fb1c1-02bf-49c4-8761-b4291e712029/oauth2/v2.0/authorize?p=B2C_1A_SignUpOr... Page URL
Detected technologies
Google Analytics (Analytics) ExpandDetected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtm\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Title: United Wholesale MortgageCreated with Sketch.
Search URL Search Domain Scan URL
Title: Forgot your username?
Search URL Search Domain Scan URL
Title: (www.nmlsconsumeraccess.org).
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.myuwmloan.com/
HTTP 301
https://www.myuwmloan.com/logout?existing_login=true HTTP 302
https://account.myuwmloan.com/d13fb1c1-02bf-49c4-8761-b4291e712029/B2C_1A_SignUpOrSignIn/oauth2/logout?state={%22redirect%22:null}&post_logout_redirect_uri=https://www.myuwmloan.com/signin Page URL
-
https://www.myuwmloan.com/signin?state=%7b%22redirect%22%3anull%7d
HTTP 302
https://account.myuwmloan.com/d13fb1c1-02bf-49c4-8761-b4291e712029/oauth2/v2.0/authorize?p=B2C_1A_SignUpOrSignIn&client_id=ba79298b-dea8-4138-89d3-aafa857d12b8&nonce=defaultNonce&redirect_uri=https://www.myuwmloan.com/sessions/login&scope=openid&response_type=id_token&response_mode=form_post&pageName=&session_id=ea8ac430762e959fcba0ffaf8ef8985b&guid=&ga_client_id=&&getCustomer=no&state={%22redirect%22:null}&x-client-SKU=apollo-web-uwm-prod Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://www.myuwmloan.com/ HTTP 301
- https://www.myuwmloan.com/logout?existing_login=true HTTP 302
- https://account.myuwmloan.com/d13fb1c1-02bf-49c4-8761-b4291e712029/B2C_1A_SignUpOrSignIn/oauth2/logout?state={%22redirect%22:null}&post_logout_redirect_uri=https://www.myuwmloan.com/signin
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
logout
account.myuwmloan.com/d13fb1c1-02bf-49c4-8761-b4291e712029/B2C_1A_SignUpOrSignIn/oauth2/ Redirect Chain
|
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
cspreport
account.myuwmloan.com/uwmciamprod.onmicrosoft.com/B2C_1A_SignUpOrSignIn/client/ |
31 KB 11 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.5.1.min.js
account.myuwmloan.com/static/library/ |
87 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
authorize
account.myuwmloan.com/d13fb1c1-02bf-49c4-8761-b4291e712029/oauth2/v2.0/ Redirect Chain
|
146 KB 48 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.html
uwmb2cprodstg.blob.core.windows.net/identity-ux/signin/ |
513 KB 513 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
3 KB 959 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
98 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
config.json
apolloimage.blob.core.windows.net/tax-season-config/ |
907 B 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
uwm-alert-maintenance.json
apolloimage.blob.core.windows.net/images/ |
1 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
perftrace
account.myuwmloan.com/d13fb1c1-02bf-49c4-8761-b4291e712029/B2C_1A_SignUpOrSignIn/client/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
track
dc.services.visualstudio.com/v2/ |
96 B 281 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
track
dc.services.visualstudio.com/v2/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
1 B 210 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- account.myuwmloan.com
- URL
- https://account.myuwmloan.com/d13fb1c1-02bf-49c4-8761-b4291e712029/B2C_1A_SignUpOrSignIn/client/perftrace?tx=StateProperties=eyJUSUQiOiJiNzIyZGZhOC0wNGQ4LTQ0MmMtYWEwNC1kMTU2NDhjNGUyODIifQ&p=B2C_1A_SignUpOrSignIn
Verdicts & Comments Add Verdict or Comment
55 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| CP object| SA_FIELDS object| CONTENT object| SETTINGS string| staticHost string| targetSlice string| targetDc number| initializationTimeout boolean| diagsAlways number| maxTrace function| PageLoadTime function| _isFunction function| _mapObject function| _getPerformanceObjectData function| $trace object| $diags object| $santizer object| preloadCssLink object| $i2e object| $element function| checkCssPreloaded function| preloadJavaScript object| $cors function| applyTenantBranding function| sendPageLoadTime function| $ function| jQuery boolean| pageReady object| Handlebars boolean| contentReady object| dataLayer object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| _ function| __assign function| __extends object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData12 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.myuwmloan.com/ | Name: _apollo-web_session Value: ea8ac430762e959fcba0ffaf8ef8985b |
|
account.myuwmloan.com/ | Name: ASLBSA Value: c773239dacca29db82a83173d355aa634757eead5931dfa543d2ee1b8c80bff4 |
|
account.myuwmloan.com/ | Name: ASLBSACORS Value: c773239dacca29db82a83173d355aa634757eead5931dfa543d2ee1b8c80bff4 |
|
.account.myuwmloan.com/ | Name: x-ms-cpim-sso:uwmciamprod.onmicrosoft.com_0 Value: m1.slXgBox67V2Q3Jr0.Bhr8HushFlcz0TYZgeudzA==.0.QUTGu3Zx6vODD2nmQRat6v7zd3S0E7E7dYaKtQOCzpE11CyRlsWFJtN9ULMy5f/GgP8TgBLvxJjB+dynaLtOd6dKHOh+mOjxopEo8pucPzhD3qzBqvuYjP+W6p/AWFJIvgq8sIUShRdsJCLdO8uG7dAxN+ElWKZPATlLrHZyDvNeNtPsP+LsO2BmukwJmdEnC8d+JvujYjy9QEHBL75t8o6+v6VWONNc6wr4jB/uBy6OhhdADAs/CdPWIejqrMXbByeSdqkpGZhTlLcWLZwGnCfW06NRKcq5IvEd7hIFD68SLfdd5jBk5npHKA0cPYhI/4Sn |
|
.account.myuwmloan.com/ | Name: x-ms-cpim-csrf Value: ZkRVTzdScjlrWG9VTEFqaGtRa25MUmFmM2d2SHR1c0JYWFY3bzR1aHFmL2pycnBmcExqZTRjWS81SkpaV2IwRy9oUm5oeTFYWW40KzRIZWc0QzhMbUE9PTsyMDIyLTA0LTE1VDIwOjA0OjIxLjk5NzA0MTdaO2huRVRrVVBNTzNaZGxZOUhWRUVkb2c9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjo0fQ== |
|
.account.myuwmloan.com/ | Name: x-ms-cpim-cache|qn8it9gelesqbnfwsmtigg_0 Value: m1.bu2JqnG2QKFV5O4S.q24jlG1zyWpCddiETc2qag==.0.NePx1AvkH97Pgyg4jwndjju8JpfsRjUrXY4zKAlgQA+bFLrtVW0BQX+b4fiiWVBOjcdxAbLweqxxJyw/BDnNrYBgzxTLPt2GqKXZzYQNSCpz+979Ky0biMsCr8V/Vqoyr4siFUlJ/P1gRprCLGh2+T9w6WAM43WbiBv2dMtz017MI5RzpEH3pDOILEYMCDsSgit6baQroiv3BD0G+Ybj3Zx3CXEtn7pvoxiCZmkot2CfR6xUodtWVtX6dLq4r7C14yFg497aG2WGgXxM8dS0KynjZA9fvJwGRtCsu2MewnsvHicuXl0Mk2kPXJ7orBW0FkSjwIHiCRFmjsPpPjyt7LS2FhvPk1vz6rDyphabLem7VkFM1DXtaF5hP60EsWQq/pWNc/vVkEC1FeoV+pdxFqHAoZPZhFyEI8A6mi29ryIaQlQ1JNOd4kQOoywHZz/MOwCCtAieE0fNEZBlFfL30kXT+8KWXIXr2CCfqOY7WWTVVM7rahwSHkZ3z0IQjR0Jt3nI5bQZReJTgChbFTQImCaf6AcW3gj47C06RACBOrnsSHstC2nCZmScx1/pYA03R8AEQqE6loQWL6DKbF/6wzlZqqlsdwGW9yCo5Q/Sbbc0FymibYuil/CMNeBJk35Jja2UdrZOafNngdz94SkzlMbagF9GwxwlYAzsZ345vH173N/3Bb3UexYALP1n6pzzpTJcOpZi2LJ6wSHqjFyUuFtc5ka9E+uOSZSNyRptCCKCl/C57kbNALGnhoyrd/UJKPIwhhjmdd+/tC8okEPYVNvSo3A737Y2mctvUiBUcic4Qutdu6R4u4JdOyfyMvY= |
|
.account.myuwmloan.com/ | Name: x-ms-cpim-trans Value: eyJUX0RJQyI6W3siSSI6ImI3MjJkZmE4LTA0ZDgtNDQyYy1hYTA0LWQxNTY0OGM0ZTI4MiIsIlQiOiJ1d21jaWFtcHJvZC5vbm1pY3Jvc29mdC5jb20iLCJQIjoiQjJDXzFBX1NpZ25VcE9yU2lnbkluIiwiQyI6ImJhNzkyOThiLWRlYTgtNDEzOC04OWQzLWFhZmE4NTdkMTJiOCIsIlMiOjEsIk0iOnt9LCJEIjowfV0sIkNfSUQiOiJiNzIyZGZhOC0wNGQ4LTQ0MmMtYWEwNC1kMTU2NDhjNGUyODIifQ== |
|
account.myuwmloan.com/ | Name: ai_user Value: aUW0OX8ORaZFD+B5VetOYv|2022-04-15T20:04:23.484Z |
|
account.myuwmloan.com/ | Name: ai_session Value: rOgUZZQVIfaMrgwTjzffNY|1650053063588|1650053063588 |
|
.myuwmloan.com/ | Name: _ga Value: GA1.2.1471104284.1650053064 |
|
.myuwmloan.com/ | Name: _gid Value: GA1.2.896719582.1650053064 |
|
.myuwmloan.com/ | Name: _gat_UA-114417815-1 Value: 1 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | script-src 'strict-dynamic' 'self' 'nonce-4rHSXBzmHgUEL0UModNsIw==' 'report-sample'; report-uri /uwmciamprod.onmicrosoft.com/B2C_1A_SignUpOrSignIn/client/cspreport?p=B2C_1A_SignUpOrSignIn |
Strict-Transport-Security | max-age=31536000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
account.myuwmloan.com
apolloimage.blob.core.windows.net
dc.services.visualstudio.com
fonts.googleapis.com
uwmb2cprodstg.blob.core.windows.net
www.google-analytics.com
www.googletagmanager.com
www.myuwmloan.com
account.myuwmloan.com
13.69.106.90
20.60.178.68
20.60.49.4
2606:4700:4400::ac40:915e
2a00:1450:4001:812::200a
2a00:1450:4001:829::2008
2a00:1450:4001:82a::200e
23495df1ef4d41ca9d45ad33df07999ab1a1f36035f2012e94f9ac7c728e4a71
2ac1c53365dfe6c11f2dd0050f08ce7cb2ac1b3f4d223757a3c1e3d3a97ee38b
2ca807bec51b6d55c5cf4e3eaac8d70fdc99a470f4bc36858ad4aa55636cd59e
503255db2ca0e886a8c9d056a52613d95f064ca7a7539acfc33022aaf1dfa7c4
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
b7bb6a593c70b39ae7e79355d5ae8acf488d9ef95fab77c24227490f9b73269f
b8faf52fda540ef586dd9156cdd0355afc5b9e719ea3dfea8187f7ed8034bc8c
d29688f39535cac94eb7311078f29b7d6c63dee28cacb48a28182c01f9274a37
fa93fdd69400b1dfe22adfb65e6d879c89c36290dca54e49f17748ca23fdb9e3