Domain > backoffice.cuscatlanmyrewards.com

More information on this domain is in AlienVault OTX

DNS Resolutions

Date	IP Address
2024-12-21	3.163.101.23 (ClassC)
2025-11-12	3.169.173.73 (ClassC)

HTTP/1.1 403 ForbiddenServer: CloudFrontDate: Wed, 12 Nov 2025 01:36:17 GMTContent-Type: text/htmlContent-Length: 915Connection: keep-aliveX-Cache: Error from cloudfrontVia: 1.1 7d14d4fc1c149f1d429681a4c414c21a.cloudfront.net (CloudFront)X-Amz-Cf-Pop: HIO52-P4X-Amz-Cf-Id: 92fM-CQolx0aEFhMOiqmlM2sBNTbVPnapcfwuOaE_j4-wzGaSvtsEw

!DOCTYPE HTML PUBLIC -//W3C//DTD HTML 4.01 Transitional//EN http://www.w3.org/TR/html4/loose.dtd>HTML>HEAD>META HTTP-EQUIVContent-Type CONTENTtext/html; charsetiso-8859-1>TITLE>ERROR: The request could not be satisfied/TITLE>/HEAD>BODY>H1>403 ERROR/H1>H2>The request could not be satisfied./H2>HR noshade size1px>Bad request.We cant connect to the server for this app or website at this time. There might be too much traffic or a configuration error. Try again later, or contact the app or website owner.BR clearall>If you provide content to customers through CloudFront, you can find steps to troubleshoot and help prevent this error by reviewing the CloudFront documentation.BR clearall>HR noshade size1px>PRE>Generated by cloudfront (CloudFront)Request ID: 92fM-CQolx0aEFhMOiqmlM2sBNTbVPnapcfwuOaE_j4-wzGaSvtsEw/PRE>ADDRESS>/ADDRESS>/BODY>/HTML>

Port 443

HTTP/1.1 200 OKContent-Type: text/htmlContent-Length: 2972Connection: keep-aliveDate: Wed, 12 Nov 2025 01:36:17 GMTAccept-Ranges: bytesServer: nginxLast-Modified: Mon, 30 Sep 2024 23:32:06 GMTETag: 66fb34f6-b9cContent-Security-Policy: default-src self *.allegrarewards.com *.alle2020.com *.cuscatlanmyrewards.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src self https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src self data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src self unsafe-eval unsafe-inline *.cuscatlanmyrewards.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src self unsafe-inline https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src self *.cuscatlanmyrewards.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.comX-Frame-Options: ALLOW-FROM *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.go2redeem.com *.cuscatlanmyrewards.com *.visa.comAccess-Control-Allow-Origin: ALLOW-FROM *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.go2redeem.com *.cuscatlanmyrewards.com *.visa.comStrict-Transport-Security: max-age31536000; includeSubDomainsX-Content-Type-Options: nosniffReferrer-Policy: no-referrerPermissions-Policy: camera(), fullscreen(), geolocation(), microphone(), payment(), usb()X-Permitted-Cross-Domain-Policies: master-onlyX-XSS-Protection: 1; modeblockX-Cache: Miss from cloudfrontVia: 1.1 bb0a0a1792594c22377eddc835c4b882.cloudfront.net (CloudFront)X-Amz-Cf-Pop: HIO52-P4X-Amz-Cf-Id: 80u9AQfLvvsRHf9PQm6ulmMPmKMLZCW-iPr-HgDg0sm3dLqDTQqgZw

!DOCTYPE html> html ng-appbackoffice> head> meta charsetutf-8> meta nameviewport contentwidthdevice-width,initial-scale1> !-- Page title set in pageTitle directive --> title page-title>/title> link relstylesheet hrefstyles/vendor.c50f8792.css> link relstylesheet hrefstyles/style.d64f2e61.css> !-- Hotjar Tracking Code for iatairewards.com --> script>(function(h,o,t,j,a,r){			h.hjh.hj||function(){(h.hj.qh.hj.q||).push(arguments)};			h._hjSettings{hjid:1359174,hjsv:6};			ao.getElementsByTagName(head)0;			ro.createElement(script);r.async1;			r.srct+h._hjSettings.hjid+j+h._hjSettings.hjsv;			a.appendChild(r);		})(window,document,https://static.hotjar.com/c/hotjar-,.js?sv);/script>  !-- Body --> !-- appCtrl controller with several data used in theme on diferent view --> body ng-controllerappCtrl class{{$state.current.data.specialClass}} fixed-navbar> !-- Simple splash screen--> div classsplash> div classcolor-line>/div>div classsplash-title>h1>Homer - Responsive Admin Theme/h1>p>Special AngularJS Admin Theme for small and medium webapp with very clean and aesthetic style and feel. /p>img srcimages/loading-bars.svg width64 height64 altLoading bars> /div> /div> !--if lt IE 7>p classalert alert-danger>You are using an strong>outdated/strong> browser. Please a hrefhttp://browsehappy.com/>upgrade your browser/a> to improve your experience./p>!endif--> !-- Page view wrapper --> div classuiview ui-view>/div> div idlpBOBankChat>/div> div idengagementPlaceholder>/div> div idchatWindow classhidden> div classwrapper> p> form classform-inline onsubmitreturn false> div classform-group> input idtextline typetext classform-control input-sm placeholderEnter text here...> button idsendButton classbtn btn-sm btn-primary disabled>Send/button> /div> /form> /p> p classrow> div idchatLines>/div> /p> p> form classform-inline onsubmitreturn false> div classform-group> input typetext idvisitorName classform-control input-sm placeholderEnter name...> button idsetvisitorName classbtn btn-sm>Set Name/button> /div> div classform-group> input typeemail idemailAddress classform-control input-sm placeholderEnter email address...> button idsendTranscript classbtn btn-sm>Send Transcript/button> /div> div classform-group> button idcloseChat classbtn btn-danger btn-sm>End Chat/button> /div> /form> /p> /div> /div> div idagentIsTyping classhidden>/div> div idlogs>/div>  script srchttps://cdnjs.cloudflare.com/ajax/libs/es6-shim/0.35.3/es6-shim.min.js>/script> script srcscripts/vendor.d156ff04.js>/script> script srcscripts/scripts.9397d63b.js>/script> script typetext/javascript srchttps://lpcdn.lpsnmedia.net/api/chat/public/lpChat.min.js>/script>

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]

Domain > backoffice.cuscatlanmyrewards.com

Is this malicious?

DNS Resolutions

Port 80

Port 443