urlscan.io logo urlscan.io
SecurityTrails logo

thecliffpartners.com Open in urlscan Pro
103.21.59.26  Public Scan

Go To Rescan Add Verdict Report
URL: https://thecliffpartners.com/broadviewpaycancel/
Submission: On May 30 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 6 domains to perform 12 HTTP transactions. The main IP is 103.21.59.26, located in Mumbai, India and belongs to PUBLIC-DOMAIN-REGISTRY, US. The main domain is thecliffpartners.com.
TLS certificate: Issued by R3 on May 21st 2024. Valid for: 3 months.
This is the only time thecliffpartners.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 103.21.59.26 394695 (PUBLIC-DO...)
1 3.160.150.127 16509 (AMAZON-02)
1 130.211.29.114 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
12 5
Apex Domain
Subdomains		 Transfer
7 thecliffpartners.com
thecliffpartners.com
22 KB
1 android.com
developer.android.com — Cisco Umbrella Rank: 77003
5 KB
1 perfdrive.com
cdn.perfdrive.com — Cisco Umbrella Rank: 22544
8 KB
1 appdynamics.com
cdn.appdynamics.com — Cisco Umbrella Rank: 4533
20 KB
0 sccu.com Failed
www.sccu.com — Cisco Umbrella Rank: 507560 Failed
0 robinsfcu.org Failed
www.robinsfcu.org Failed
12 6
Domain Requested by
7 thecliffpartners.com thecliffpartners.com
1 developer.android.com thecliffpartners.com
1 cdn.perfdrive.com thecliffpartners.com
1 cdn.appdynamics.com thecliffpartners.com
0 www.sccu.com Failed thecliffpartners.com
0 www.robinsfcu.org Failed thecliffpartners.com
12 6

This site contains links to these domains. Also see Links.

Domain
play.google.com
Subject Issuer Validity Valid
*.thecliffpartners.com
R3		 2024-05-21 -
2024-08-19		 3 months crt.sh
*.appdynamics.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-21 -
2024-07-21		 a year crt.sh
*.perfdrive.com
Go Daddy Secure Certificate Authority - G2		 2023-09-21 -
2024-09-26		 a year crt.sh
developer.android.com
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://thecliffpartners.com/broadviewpaycancel/
Frame ID: 8DE18F081E52CC819099C42A280003BD
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign In - Broadview Federal Credit Union

Detected technologies

Overall confidence: 100%
Detected patterns
  • adrum

Page Statistics

12
Requests

83 %
HTTPS

25 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

55 kB
Transfer

147 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://robinsfcu.org/ HTTP 301
  • https://www.robinsfcu.org/
Request Chain 7
  • https://olb.sccu.com/OnlineBanking/Theme5Css.aspx?h=7CC200ED151C8E95B54A8AB8314619D7 HTTP 303
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=7b0076db2f39793247ec74269969b373b260015dde069ac0d78806b9663bde6b HTTP 303
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=63248708981eff298789aee3416f30c15d919b4c06117b0d317880ee1de87283 HTTP 303
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=63248708981eff298789aee3416f30c1bff26daf4958a64e11ddc76d97632380 HTTP 303
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=63248708981eff298789aee3416f30c10a4e091e6fdd8c24bcd1d925facfbed5 HTTP 303
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=63248708981eff298789aee3416f30c176fff58f0a5ec908f0dac57f84208ae3 HTTP 303
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=63248708981eff298789aee3416f30c13538e7a8d68429267b49cd9933aff764 HTTP 303
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=63248708981eff298789aee3416f30c1c6c78cd49c266700c9d9b9f7f4e6250b HTTP 303
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=63248708981eff298789aee3416f30c18fc096757399553e19cf4c74209a7ba5 HTTP 303
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=63248708981eff298789aee3416f30c10a84d99c1829c85d7c25e7317c0b36a4 HTTP 303
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=63248708981eff298789aee3416f30c1bd4c1e335939847e396ab99e42a7442a HTTP 303
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=63248708981eff298789aee3416f30c1cfbe8bfb3d5a9a1a0216ebaddba779a8 HTTP 303
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=63248708981eff298789aee3416f30c1295d8268e6a60093335f863283c7b48e HTTP 303
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=63248708981eff298789aee3416f30c12f0690c63cbd3d05f2c7d053b6d4b8c3 HTTP 303
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=63248708981eff298789aee3416f30c13c32f2f2f1d884405827a19c83dd1810 HTTP 303
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=63248708981eff298789aee3416f30c1319e052383479a177a542e7763509e53 HTTP 303
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=63248708981eff298789aee3416f30c113498f06e71e973d24c2e979ae04c04f HTTP 303
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=63248708981eff298789aee3416f30c10f52545086e166587a9fbf958606aac5 HTTP 303
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=63248708981eff298789aee3416f30c17cd98760235d50ff5f2df7d9a366f233 HTTP 303
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=63248708981eff298789aee3416f30c10bca8320a7f68519b2934005c1cad312 HTTP 303
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=63248708981eff298789aee3416f30c15aab21a255e4d50ee04357eba740c5f1

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
thecliffpartners.com/broadviewpaycancel/ 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://thecliffpartners.com/broadviewpaycancel/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.21.59.26 Mumbai, India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
bh-in-9.webhostbox.net
Software
nginx/1.23.4 /
Resource Hash
5713e92f387ff8b5bdb90c9a18b9c5c8e2fa6946fa27960b01eae9e5adb1712d

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
3120
content-type
text/html
date
Thu, 30 May 2024 02:02:27 GMT
last-modified
Sun, 07 Jan 2024 04:32:17 GMT
server
nginx/1.23.4
vary
Accept-Encoding
x-proxy-cache
EXPIRED
x-server-cache
true
adrum-ext.ebf1620b3b847dfbf76f6e109dcacd8e.js
cdn.appdynamics.com/ 		52 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.appdynamics.com/adrum-ext.ebf1620b3b847dfbf76f6e109dcacd8e.js
Requested by
Host: thecliffpartners.com
URL: https://thecliffpartners.com/broadviewpaycancel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-127.fra60.r.cloudfront.net
Software
nginx/1.16.1 /
Resource Hash
ec18f578c88849b492d2199102714284f50cb3eba8c81f95da3876f82fb0438e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thecliffpartners.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 23:12:00 GMT
content-encoding
gzip
via
1.1 4f2a14569b371893f3851a804b6ae8dc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P7
age
1392627
x-cache
Hit from cloudfront
last-modified
Fri, 15 Apr 2022 21:40:35 GMT
server
nginx/1.16.1
etag
W/"6259e653-ce76"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2678400, s-max-age=14400
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
DTnSOdhPLb7m6P4oTg_HjTC8H0uI7cZLkRQoNs4k2egBgyfGKMfAzA==
aperture.js
cdn.perfdrive.com/aperture/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.perfdrive.com/aperture/aperture.js
Requested by
Host: thecliffpartners.com
URL: https://thecliffpartners.com/broadviewpaycancel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.29.114 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
114.29.211.130.bc.googleusercontent.com
Software
nginx/1.10.1 /
Resource Hash
9fb91ff0e8c179aea40dbe6842b36fd201654f5647c21dcec41fd18be535d506

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thecliffpartners.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 01:20:42 GMT
content-encoding
gzip
via
1.1 google
last-modified
Mon, 13 May 2024 04:56:44 GMT
server
nginx/1.10.1
age
2505
etag
W/"66419d8c-6844"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7938
opensans.css
thecliffpartners.com/broadviewpaycancel/css/ 		2 KB
664 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thecliffpartners.com/broadviewpaycancel/css/opensans.css
Requested by
Host: thecliffpartners.com
URL: https://thecliffpartners.com/broadviewpaycancel/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.21.59.26 Mumbai, India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
bh-in-9.webhostbox.net
Software
Apache /
Resource Hash
4e7588fe9002b8dfa03aa04e34aa12a908180cdcd40c7971204783bb207b1d2d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thecliffpartners.com/broadviewpaycancel/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 02:02:27 GMT
content-encoding
gzip
last-modified
Mon, 12 Sep 2022 14:44:50 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
610
material-icons.css
thecliffpartners.com/broadviewpaycancel/css/ 		1 KB
556 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thecliffpartners.com/broadviewpaycancel/css/material-icons.css
Requested by
Host: thecliffpartners.com
URL: https://thecliffpartners.com/broadviewpaycancel/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.21.59.26 Mumbai, India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
bh-in-9.webhostbox.net
Software
Apache /
Resource Hash
8d2b3b3f10ca6c187d1743874258809edabc2e3acbd05aa810e68db6c63dada0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thecliffpartners.com/broadviewpaycancel/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 02:02:27 GMT
content-encoding
gzip
last-modified
Mon, 12 Sep 2022 14:42:40 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
488
angular.css
thecliffpartners.com/broadviewpaycancel/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thecliffpartners.com/broadviewpaycancel/css/angular.css
Requested by
Host: thecliffpartners.com
URL: https://thecliffpartners.com/broadviewpaycancel/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.21.59.26 Mumbai, India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
bh-in-9.webhostbox.net
Software
Apache /
Resource Hash
01d576ecec7ba742fe2d660d95cf62ad1a05138d1633e7615267db9df314565b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thecliffpartners.com/broadviewpaycancel/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 02:02:27 GMT
content-encoding
gzip
last-modified
Mon, 12 Sep 2022 14:42:22 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
1606
/
www.robinsfcu.org/
Redirect Chain
  • https://robinsfcu.org/
  • https://www.robinsfcu.org/
0
0
RadDockableObject.css
thecliffpartners.com/broadviewpaycancel/css/ 		2 KB
764 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thecliffpartners.com/broadviewpaycancel/css/RadDockableObject.css
Requested by
Host: thecliffpartners.com
URL: https://thecliffpartners.com/broadviewpaycancel/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.21.59.26 Mumbai, India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
bh-in-9.webhostbox.net
Software
Apache /
Resource Hash
926172c6f78bad8d437e449a3309ea0de03199f2bc0d2101899f3ce99df04f4b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thecliffpartners.com/broadviewpaycancel/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 02:02:27 GMT
content-encoding
gzip
last-modified
Mon, 12 Sep 2022 14:45:04 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
709
unauthorized-activity-detected
www.sccu.com/
Redirect Chain
  • https://olb.sccu.com/OnlineBanking/Theme5Css.aspx?h=7CC200ED151C8E95B54A8AB8314619D7
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=7b0076db2f39793247ec74269969b373b260015dde069ac0d78806b9663bde6b
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=63248708981eff298789aee3416f30c15d919b4c06117b0d317880ee1de87283
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=63248708981eff298789aee3416f30c1bff26daf4958a64e11ddc76d97632380
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=63248708981eff298789aee3416f30c10a4e091e6fdd8c24bcd1d925facfbed5
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=63248708981eff298789aee3416f30c176fff58f0a5ec908f0dac57f84208ae3
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=63248708981eff298789aee3416f30c13538e7a8d68429267b49cd9933aff764
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=63248708981eff298789aee3416f30c1c6c78cd49c266700c9d9b9f7f4e6250b
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=63248708981eff298789aee3416f30c18fc096757399553e19cf4c74209a7ba5
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=63248708981eff298789aee3416f30c10a84d99c1829c85d7c25e7317c0b36a4
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=63248708981eff298789aee3416f30c1bd4c1e335939847e396ab99e42a7442a
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=63248708981eff298789aee3416f30c1cfbe8bfb3d5a9a1a0216ebaddba779a8
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=63248708981eff298789aee3416f30c1295d8268e6a60093335f863283c7b48e
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=63248708981eff298789aee3416f30c12f0690c63cbd3d05f2c7d053b6d4b8c3
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=63248708981eff298789aee3416f30c13c32f2f2f1d884405827a19c83dd1810
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=63248708981eff298789aee3416f30c1319e052383479a177a542e7763509e53
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=63248708981eff298789aee3416f30c113498f06e71e973d24c2e979ae04c04f
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=63248708981eff298789aee3416f30c10f52545086e166587a9fbf958606aac5
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=63248708981eff298789aee3416f30c17cd98760235d50ff5f2df7d9a366f233
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=63248708981eff298789aee3416f30c10bca8320a7f68519b2934005c1cad312
  • https://www.sccu.com/unauthorized-activity-detected?_event_transid=63248708981eff298789aee3416f30c15aab21a255e4d50ee04357eba740c5f1
0
0
gcu.png
thecliffpartners.com/broadviewpaycancel/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thecliffpartners.com/broadviewpaycancel/img/gcu.png
Requested by
Host: thecliffpartners.com
URL: https://thecliffpartners.com/broadviewpaycancel/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.21.59.26 Mumbai, India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
bh-in-9.webhostbox.net
Software
Apache /
Resource Hash
fa7bd6db8adfb21bc39dc42f83b6236648429836a7ae6e4f443237123b2953e8

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thecliffpartners.com/broadviewpaycancel/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 02:02:27 GMT
last-modified
Sun, 07 Jan 2024 04:25:55 GMT
server
Apache
accept-ranges
bytes
content-length
7143
content-type
image/png
en_generic_rgb_wo_45.png
developer.android.com/images/brand/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://developer.android.com/images/brand/en_generic_rgb_wo_45.png
Requested by
Host: thecliffpartners.com
URL: https://thecliffpartners.com/broadviewpaycancel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
d838b2098a6dde4053f9ccdbbc0f889d4444b5a27da3ee211cd782a8458bb63e
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; object-src 'none'; script-src 'strict-dynamic' 'unsafe-inline' https: http: 'nonce-859IdgSxwW91z6E1Vc+bLTTaxLgsCJ' 'unsafe-eval'; report-uri https://csp.withgoogle.com/csp/devsite/v2
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thecliffpartners.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
content-security-policy
base-uri 'self'; object-src 'none'; script-src 'strict-dynamic' 'unsafe-inline' https: http: 'nonce-859IdgSxwW91z6E1Vc+bLTTaxLgsCJ' 'unsafe-eval'; report-uri https://csp.withgoogle.com/csp/devsite/v2
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
date
Thu, 30 May 2024 02:02:27 GMT
server
Google Frontend
vary
Cookie
x-frame-options
SAMEORIGIN
content-type
image/png
x-cloud-trace-context
fbe4a8b6c6515a606e35ddb66ff0abac
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4109
x-xss-protection
0
expires
0
favicon.ico
thecliffpartners.com/ 		37 KB
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://thecliffpartners.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.21.59.26 Mumbai, India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
bh-in-9.webhostbox.net
Software
nginx/1.23.4 /
Resource Hash
648025f0836b9aa0a85573305e80dacd1d696b627c47bf50dba2547143ceaf4f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thecliffpartners.com/broadviewpaycancel/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 02:02:30 GMT
content-encoding
gzip
server
nginx/1.23.4
x-server-cache
false
content-length
8822
vary
Accept-Encoding
content-type
text/html; charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.robinsfcu.org
URL
https://www.robinsfcu.org/
Domain
www.sccu.com
URL
https://www.sccu.com/unauthorized-activity-detected?_event_transid=63248708981eff298789aee3416f30c15aab21a255e4d50ee04357eba740c5f1

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ssTimeLogs object| BrowserStyle string| j object| SSJSConnectorObj function| ssJSActionTaker function| ssJSConnWriteCookies

2 Cookies

Domain/Path Name / Value
.thecliffpartners.com/ Name: __ssds
Value: 2
.thecliffpartners.com/ Name: __ssuzjsr2
Value: a9be0cd8e

1 Console Messages

Source Level URL
Text
network error URL: https://www.sccu.com/unauthorized-activity-detected?_event_transid=63248708981eff298789aee3416f30c15aab21a255e4d50ee04357eba740c5f1
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS