urlscan.io logo urlscan.io
SecurityTrails logo

thecliffpartners.com Open in urlscan Pro
103.21.59.26  Public Scan

Go To Rescan Add Verdict Report
URL: https://thecliffpartners.com/broadviewpaycancel/
Submission: On May 28 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 6 domains to perform 12 HTTP transactions. The main IP is 103.21.59.26, located in Mumbai, India and belongs to PUBLIC-DOMAIN-REGISTRY, US. The main domain is thecliffpartners.com.
TLS certificate: Issued by R3 on May 21st 2024. Valid for: 3 months.
This is the only time thecliffpartners.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 103.21.59.26 394695 (PUBLIC-DO...)
1 18.173.187.98 16509 (AMAZON-02)
1 130.211.29.114 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
12 5
Apex Domain
Subdomains		 Transfer
7 thecliffpartners.com
thecliffpartners.com
22 KB
1 android.com
developer.android.com — Cisco Umbrella Rank: 77003
5 KB
1 perfdrive.com
cdn.perfdrive.com — Cisco Umbrella Rank: 22544
8 KB
1 appdynamics.com
cdn.appdynamics.com — Cisco Umbrella Rank: 4533
20 KB
0 sccu.com Failed
www.sccu.com — Cisco Umbrella Rank: 507560 Failed
0 robinsfcu.org Failed
www.robinsfcu.org Failed
12 6
Domain Requested by
7 thecliffpartners.com thecliffpartners.com
1 developer.android.com thecliffpartners.com
1 cdn.perfdrive.com thecliffpartners.com
1 cdn.appdynamics.com thecliffpartners.com
0 www.sccu.com Failed thecliffpartners.com
0 www.robinsfcu.org Failed thecliffpartners.com
12 6

This site contains links to these domains. Also see Links.

Domain
play.google.com
Subject Issuer Validity Valid
*.thecliffpartners.com
R3		 2024-05-21 -
2024-08-19		 3 months crt.sh
*.appdynamics.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-21 -
2024-07-21		 a year crt.sh
*.perfdrive.com
Go Daddy Secure Certificate Authority - G2		 2023-09-21 -
2024-09-26		 a year crt.sh
developer.android.com
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://thecliffpartners.com/broadviewpaycancel/
Frame ID: FED6C4207DD5E5C01EAC3BAED2086692
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign In - Broadview Federal Credit Union

Detected technologies

Overall confidence: 100%
Detected patterns
  • adrum

Page Statistics

12
Requests

83 %
HTTPS

25 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

55 kB
Transfer

147 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://robinsfcu.org/ HTTP 301
  • https://www.robinsfcu.org/
Request Chain 7
  • https://olb.sccu.com/OnlineBanking/Theme5Css.aspx?h=7CC200ED151C8E95B54A8AB8314619D7 HTTP 303
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=16a669d6d9d5148940229f298404eaa2d9b154e376b6dff745d5b4bc2a822d90 HTTP 303
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=598fefcef6dcfc78b8f88168fd980f9b6bf214709da85fe8088df0f55de411c9 HTTP 303
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=598fefcef6dcfc78b8f88168fd980f9b0f826cc7081a83ca7877bccc4a35bc7c HTTP 303
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=598fefcef6dcfc78b8f88168fd980f9b42ea4362d6f5790cad703981a425933d HTTP 303
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=598fefcef6dcfc78b8f88168fd980f9bae7f398f563078889a1878bb309d50ae HTTP 303
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=598fefcef6dcfc78b8f88168fd980f9badc8f5433ac48ac0d170a92fb4c57bf8 HTTP 303
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=598fefcef6dcfc78b8f88168fd980f9be7a40aa5c0e3aa3c2167d9c9034f8451 HTTP 303
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=598fefcef6dcfc78b8f88168fd980f9b3b02b40eefa3765960613fc5d835c39d HTTP 303
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=598fefcef6dcfc78b8f88168fd980f9b9e9b6364c74b0e9553954e9235441f35 HTTP 303
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=598fefcef6dcfc78b8f88168fd980f9b5c95f063bec1c91e1a26d45e5be829ef HTTP 303
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=598fefcef6dcfc78b8f88168fd980f9b144b65d0664c218b819cd477c074655a HTTP 303
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=598fefcef6dcfc78b8f88168fd980f9b137712fd11b4f2d0ce9e3a7be0af93e9 HTTP 303
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=598fefcef6dcfc78b8f88168fd980f9b32ec3e8d65846a3a79d1bfdc6f92ab7f HTTP 303
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=598fefcef6dcfc78b8f88168fd980f9bebf506b64d03e1e2aa612470b80cd243 HTTP 303
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=598fefcef6dcfc78b8f88168fd980f9ba001a8a67e71b98dac59618488690616 HTTP 303
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=598fefcef6dcfc78b8f88168fd980f9b0895f5f5a3dbc1607c16698d63699557 HTTP 303
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=598fefcef6dcfc78b8f88168fd980f9b74c14b891d4ce840b6a57baba8aa91c9 HTTP 303
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=598fefcef6dcfc78b8f88168fd980f9b9234856984e993675f74ded016d43d92 HTTP 303
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=598fefcef6dcfc78b8f88168fd980f9be64c0323f04f18923cf7b717881c188d HTTP 303
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=598fefcef6dcfc78b8f88168fd980f9b32aca6029502bc867bc2a0bdcd4ef4d0

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
thecliffpartners.com/broadviewpaycancel/ 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://thecliffpartners.com/broadviewpaycancel/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.21.59.26 Mumbai, India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
bh-in-9.webhostbox.net
Software
nginx/1.23.4 /
Resource Hash
5713e92f387ff8b5bdb90c9a18b9c5c8e2fa6946fa27960b01eae9e5adb1712d

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
3120
content-type
text/html
date
Tue, 28 May 2024 10:52:45 GMT
last-modified
Sun, 07 Jan 2024 04:32:17 GMT
server
nginx/1.23.4
vary
Accept-Encoding
x-proxy-cache
EXPIRED
x-server-cache
true
adrum-ext.ebf1620b3b847dfbf76f6e109dcacd8e.js
cdn.appdynamics.com/ 		52 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.appdynamics.com/adrum-ext.ebf1620b3b847dfbf76f6e109dcacd8e.js
Requested by
Host: thecliffpartners.com
URL: https://thecliffpartners.com/broadviewpaycancel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-98.muc50.r.cloudfront.net
Software
nginx/1.16.1 /
Resource Hash
ec18f578c88849b492d2199102714284f50cb3eba8c81f95da3876f82fb0438e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thecliffpartners.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 23:12:00 GMT
content-encoding
gzip
via
1.1 577c189d14f20f4f61c76d2711499f1c.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P4
age
1251645
x-cache
Hit from cloudfront
last-modified
Fri, 15 Apr 2022 21:40:35 GMT
server
nginx/1.16.1
etag
W/"6259e653-ce76"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2678400, s-max-age=14400
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
TdWuVi2C0wdQjQR2gczEPYYkeh2BALNbmExSnm_zxjLapLQNwtZ0yA==
aperture.js
cdn.perfdrive.com/aperture/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.perfdrive.com/aperture/aperture.js
Requested by
Host: thecliffpartners.com
URL: https://thecliffpartners.com/broadviewpaycancel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.29.114 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
114.29.211.130.bc.googleusercontent.com
Software
nginx/1.10.1 /
Resource Hash
9fb91ff0e8c179aea40dbe6842b36fd201654f5647c21dcec41fd18be535d506

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thecliffpartners.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 09:57:21 GMT
content-encoding
gzip
via
1.1 google
last-modified
Mon, 13 May 2024 04:56:44 GMT
server
nginx/1.10.1
age
3324
etag
W/"66419d8c-6844"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7938
opensans.css
thecliffpartners.com/broadviewpaycancel/css/ 		2 KB
664 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thecliffpartners.com/broadviewpaycancel/css/opensans.css
Requested by
Host: thecliffpartners.com
URL: https://thecliffpartners.com/broadviewpaycancel/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.21.59.26 Mumbai, India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
bh-in-9.webhostbox.net
Software
Apache /
Resource Hash
4e7588fe9002b8dfa03aa04e34aa12a908180cdcd40c7971204783bb207b1d2d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thecliffpartners.com/broadviewpaycancel/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 10:52:45 GMT
content-encoding
gzip
last-modified
Mon, 12 Sep 2022 14:44:50 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
610
material-icons.css
thecliffpartners.com/broadviewpaycancel/css/ 		1 KB
543 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thecliffpartners.com/broadviewpaycancel/css/material-icons.css
Requested by
Host: thecliffpartners.com
URL: https://thecliffpartners.com/broadviewpaycancel/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.21.59.26 Mumbai, India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
bh-in-9.webhostbox.net
Software
Apache /
Resource Hash
8d2b3b3f10ca6c187d1743874258809edabc2e3acbd05aa810e68db6c63dada0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thecliffpartners.com/broadviewpaycancel/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 10:52:45 GMT
content-encoding
gzip
last-modified
Mon, 12 Sep 2022 14:42:40 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
488
angular.css
thecliffpartners.com/broadviewpaycancel/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thecliffpartners.com/broadviewpaycancel/css/angular.css
Requested by
Host: thecliffpartners.com
URL: https://thecliffpartners.com/broadviewpaycancel/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.21.59.26 Mumbai, India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
bh-in-9.webhostbox.net
Software
Apache /
Resource Hash
01d576ecec7ba742fe2d660d95cf62ad1a05138d1633e7615267db9df314565b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thecliffpartners.com/broadviewpaycancel/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 10:52:45 GMT
content-encoding
gzip
last-modified
Mon, 12 Sep 2022 14:42:22 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
1606
/
www.robinsfcu.org/
Redirect Chain
  • https://robinsfcu.org/
  • https://www.robinsfcu.org/
0
0
RadDockableObject.css
thecliffpartners.com/broadviewpaycancel/css/ 		2 KB
771 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thecliffpartners.com/broadviewpaycancel/css/RadDockableObject.css
Requested by
Host: thecliffpartners.com
URL: https://thecliffpartners.com/broadviewpaycancel/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.21.59.26 Mumbai, India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
bh-in-9.webhostbox.net
Software
Apache /
Resource Hash
926172c6f78bad8d437e449a3309ea0de03199f2bc0d2101899f3ce99df04f4b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thecliffpartners.com/broadviewpaycancel/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 10:52:45 GMT
content-encoding
gzip
last-modified
Mon, 12 Sep 2022 14:45:04 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
709
unauthorized-activity-detected
www.sccu.com/
Redirect Chain
  • https://olb.sccu.com/OnlineBanking/Theme5Css.aspx?h=7CC200ED151C8E95B54A8AB8314619D7
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=16a669d6d9d5148940229f298404eaa2d9b154e376b6dff745d5b4bc2a822d90
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=598fefcef6dcfc78b8f88168fd980f9b6bf214709da85fe8088df0f55de411c9
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=598fefcef6dcfc78b8f88168fd980f9b0f826cc7081a83ca7877bccc4a35bc7c
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=598fefcef6dcfc78b8f88168fd980f9b42ea4362d6f5790cad703981a425933d
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=598fefcef6dcfc78b8f88168fd980f9bae7f398f563078889a1878bb309d50ae
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=598fefcef6dcfc78b8f88168fd980f9badc8f5433ac48ac0d170a92fb4c57bf8
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=598fefcef6dcfc78b8f88168fd980f9be7a40aa5c0e3aa3c2167d9c9034f8451
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=598fefcef6dcfc78b8f88168fd980f9b3b02b40eefa3765960613fc5d835c39d
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=598fefcef6dcfc78b8f88168fd980f9b9e9b6364c74b0e9553954e9235441f35
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=598fefcef6dcfc78b8f88168fd980f9b5c95f063bec1c91e1a26d45e5be829ef
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=598fefcef6dcfc78b8f88168fd980f9b144b65d0664c218b819cd477c074655a
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=598fefcef6dcfc78b8f88168fd980f9b137712fd11b4f2d0ce9e3a7be0af93e9
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=598fefcef6dcfc78b8f88168fd980f9b32ec3e8d65846a3a79d1bfdc6f92ab7f
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=598fefcef6dcfc78b8f88168fd980f9bebf506b64d03e1e2aa612470b80cd243
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=598fefcef6dcfc78b8f88168fd980f9ba001a8a67e71b98dac59618488690616
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=598fefcef6dcfc78b8f88168fd980f9b0895f5f5a3dbc1607c16698d63699557
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=598fefcef6dcfc78b8f88168fd980f9b74c14b891d4ce840b6a57baba8aa91c9
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=598fefcef6dcfc78b8f88168fd980f9b9234856984e993675f74ded016d43d92
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=598fefcef6dcfc78b8f88168fd980f9be64c0323f04f18923cf7b717881c188d
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=598fefcef6dcfc78b8f88168fd980f9b32aca6029502bc867bc2a0bdcd4ef4d0
0
0
gcu.png
thecliffpartners.com/broadviewpaycancel/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thecliffpartners.com/broadviewpaycancel/img/gcu.png
Requested by
Host: thecliffpartners.com
URL: https://thecliffpartners.com/broadviewpaycancel/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.21.59.26 Mumbai, India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
bh-in-9.webhostbox.net
Software
Apache /
Resource Hash
fa7bd6db8adfb21bc39dc42f83b6236648429836a7ae6e4f443237123b2953e8

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thecliffpartners.com/broadviewpaycancel/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 10:52:45 GMT
last-modified
Sun, 07 Jan 2024 04:25:55 GMT
server
Apache
accept-ranges
bytes
content-length
7143
content-type
image/png
en_generic_rgb_wo_45.png
developer.android.com/images/brand/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://developer.android.com/images/brand/en_generic_rgb_wo_45.png
Requested by
Host: thecliffpartners.com
URL: https://thecliffpartners.com/broadviewpaycancel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
d838b2098a6dde4053f9ccdbbc0f889d4444b5a27da3ee211cd782a8458bb63e
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; object-src 'none'; script-src 'strict-dynamic' 'unsafe-inline' https: http: 'nonce-myWIPOGbw0/f4OPK/NG8sQwoedDW8a' 'unsafe-eval'; report-uri https://csp.withgoogle.com/csp/devsite/v2
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thecliffpartners.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
content-security-policy
base-uri 'self'; object-src 'none'; script-src 'strict-dynamic' 'unsafe-inline' https: http: 'nonce-myWIPOGbw0/f4OPK/NG8sQwoedDW8a' 'unsafe-eval'; report-uri https://csp.withgoogle.com/csp/devsite/v2
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
date
Tue, 28 May 2024 10:52:45 GMT
server
Google Frontend
vary
Cookie
x-frame-options
SAMEORIGIN
content-type
image/png
x-cloud-trace-context
f8b69d1d1103b1c8a97cc5c4e1d3b98a
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4109
x-xss-protection
0
expires
0
favicon.ico
thecliffpartners.com/ 		37 KB
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://thecliffpartners.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.21.59.26 Mumbai, India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
bh-in-9.webhostbox.net
Software
nginx/1.23.4 /
Resource Hash
648025f0836b9aa0a85573305e80dacd1d696b627c47bf50dba2547143ceaf4f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thecliffpartners.com/broadviewpaycancel/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 10:52:49 GMT
content-encoding
gzip
server
nginx/1.23.4
x-server-cache
false
content-length
8822
vary
Accept-Encoding
content-type
text/html; charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.robinsfcu.org
URL
https://www.robinsfcu.org/
Domain
www.sccu.com
URL
https://www.sccu.com/unauthorized-activity-detected?_event_transid=598fefcef6dcfc78b8f88168fd980f9b32aca6029502bc867bc2a0bdcd4ef4d0

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ssTimeLogs object| BrowserStyle string| j object| SSJSConnectorObj function| ssJSActionTaker function| ssJSConnWriteCookies

2 Cookies

Domain/Path Name / Value
.thecliffpartners.com/ Name: __ssds
Value: 2
.thecliffpartners.com/ Name: __ssuzjsr2
Value: a9be0cd8e

1 Console Messages

Source Level URL
Text
network error URL: https://www.sccu.com/unauthorized-activity-detected?_event_transid=598fefcef6dcfc78b8f88168fd980f9b32aca6029502bc867bc2a0bdcd4ef4d0
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS