urlscan.io logo urlscan.io
SecurityTrails logo

cinymtevi.cf Open in urlscan Pro
2606:4700:30::6818:6d97  Public Scan

Go To Rescan Add Verdict Report
URL: http://cinymtevi.cf/qyko/benefitwallet-login-taf.php
Submission: On February 04 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 7 domains to perform 23 HTTP transactions. The main IP is 2606:4700:30::6818:6d97, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is cinymtevi.cf.
This is the only time cinymtevi.cf was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 2606:4700:30:... 13335 (CLOUDFLAR...)
1 205.185.208.52 20446 (HIGHWINDS3)
6 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 6 12.180.115.54 16983 (AS16983)
1 18.234.20.59 14618 (AMAZON-AES)
1 50.97.5.218 36351 (SOFTLAYER)
1 2 69.89.50.214 27018 (WAGEWORKS)
1 52.73.5.54 14618 (AMAZON-AES)
23 9
6    2606:4700:30::6818:6d97 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cinymtevi.cf
1    205.185.208.52 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip052.ssl.hwcdn.net
code.jquery.com
6    2606:4700:30::6818:6c97 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cinymtevi.cf
1    2a00:1450:4001:809::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
lh3.googleusercontent.com
6    12.180.115.54 (United States)

ASN16983 (AS16983 - Conduent Business Services, LLC, US)
mybenefitwallet.com
www.mybenefitwallet.com
1    18.234.20.59 (Cambridge, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-18-234-20-59.compute-1.amazonaws.com
site-images.similarcdn.com
1    50.97.5.218 (Seattle, United States)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: da.05.6132.ip4.static.sl-reverse.com
mark.trademarkia.com
2    69.89.50.214 (San Mateo, United States)

ASN27018 (WAGEWORKS - WAGEWORKS, Inc., US)
PTR: host50-214.wageworks.com
www.choice-strategies.com
1    52.73.5.54 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-73-5-54.compute-1.amazonaws.com
member.mybenefitwallet.com
Domain Requested by
12 cinymtevi.cf cinymtevi.cf
4 www.mybenefitwallet.com 1 redirects cinymtevi.cf
2 www.choice-strategies.com 1 redirects cinymtevi.cf
2 mybenefitwallet.com cinymtevi.cf
1 member.mybenefitwallet.com cinymtevi.cf
1 mark.trademarkia.com cinymtevi.cf
1 site-images.similarcdn.com cinymtevi.cf
1 lh3.googleusercontent.com cinymtevi.cf
1 code.jquery.com cinymtevi.cf
23 9

This site contains links to these domains. Also see Links.

Domain
wordpress.org
Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-01-17 -
2020-01-17		 a year crt.sh
*.googleusercontent.com
Google Internet Authority G3		 2019-01-15 -
2019-04-09		 3 months crt.sh
www.mybenefitwallet.com
COMODO RSA Extended Validation Secure Server CA		 2018-08-06 -
2020-08-05		 2 years crt.sh
mark.trademarkia.com
COMODO RSA Domain Validation Secure Server CA		 2016-06-01 -
2019-06-01		 3 years crt.sh
choice-strategies.com
Entrust Certification Authority - L1K		 2017-06-26 -
2020-07-01		 3 years crt.sh
member.mybenefitwallet.com
COMODO RSA Organization Validation Secure Server CA		 2017-03-24 -
2018-06-22		 a year crt.sh

This page contains 1 frames:

Primary Page: http://cinymtevi.cf/qyko/benefitwallet-login-taf.php
Frame ID: 1097D30D5F54A8E87690C7BE16AAC53D
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i
Overall confidence: 100%
Detected patterns
  • script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

23
Requests

39 %
HTTPS

33 %
IPv6

7
Domains

9
Subdomains

9
IPs

2
Countries

525 kB
Transfer

642 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • http://www.mybenefitwallet.com/img/base/benefitwallet-logo.png HTTP 302
  • https://www.mybenefitwallet.com/img/base/benefitwallet-logo.png
Request Chain 13
  • http://www.choice-strategies.com/files/0/7a3e226465da14a9bdf16a3acd7f2091/files/benefitwallet_endorsed_rgb.jpg HTTP 301
  • https://www.choice-strategies.com/files/0/7a3e226465da14a9bdf16a3acd7f2091/files/benefitwallet_endorsed_rgb.jpg

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set benefitwallet-login-taf.php
cinymtevi.cf/qyko/ 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://cinymtevi.cf/qyko/benefitwallet-login-taf.php
Protocol
HTTP/1.1
Server
2606:4700:30::6818:6d97 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
af15e91d092c78f4dd129d00e064d72fd59c82bd39c0007f235f46458684c301

Request headers

Host
cinymtevi.cf
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 04 Feb 2019 16:41:09 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d86cf662c3b261acdf1caf1da76aaf19e1549298468; expires=Tue, 04-Feb-20 16:41:08 GMT; path=/; domain=.cinymtevi.cf; HttpOnly
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
4a3e954644679718-FRA
Content-Encoding
gzip
jquery-1.7.2.min.js
code.jquery.com/ 		93 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://code.jquery.com/jquery-1.7.2.min.js
Requested by
Host: cinymtevi.cf
URL: http://cinymtevi.cf/qyko/benefitwallet-login-taf.php
Protocol
HTTP/1.1
Server
205.185.208.52 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip052.ssl.hwcdn.net
Software
nginx /
Resource Hash
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Request headers

Referer
http://cinymtevi.cf/qyko/benefitwallet-login-taf.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 04 Feb 2019 16:41:09 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Oct 2014 00:16:07 GMT
Server
nginx
ETag
"54499a47-17278"
Vary
Accept-Encoding
X-HW
1549298469.dop002.pa1.t,1549298469.cds024.pa1.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
38992
kizinit.css
cinymtevi.cf/ 		76 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://cinymtevi.cf/kizinit.css
Requested by
Host: cinymtevi.cf
URL: http://cinymtevi.cf/qyko/benefitwallet-login-taf.php
Protocol
HTTP/1.1
Server
2606:4700:30::6818:6d97 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d32b7cffea99e0041afda54dee07252f903133f692b114c913518cca8acccca

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
cinymtevi.cf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://cinymtevi.cf/qyko/benefitwallet-login-taf.php
Cookie
__cfduid=d86cf662c3b261acdf1caf1da76aaf19e1549298468
Connection
keep-alive
Cache-Control
no-cache
Referer
http://cinymtevi.cf/qyko/benefitwallet-login-taf.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 04 Feb 2019 16:41:09 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Wed, 22 Aug 2018 02:13:36 GMT
Server
cloudflare
ETag
"131aa-573fcb0a35400-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
4a3e9547d53f9718-FRA
Content-Length
14595
Expires
Mon, 04 Feb 2019 20:41:09 GMT
vid-skylinedark.jpg
cinymtevi.cf/ 		295 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cinymtevi.cf/vid-skylinedark.jpg
Requested by
Host: cinymtevi.cf
URL: http://cinymtevi.cf/qyko/benefitwallet-login-taf.php
Protocol
HTTP/1.1
Server
2606:4700:30::6818:6c97 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a6770f773ef3aed4083c38ad332566d4e26526708e0653cb62f90dcdd947330

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
cinymtevi.cf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://cinymtevi.cf/qyko/benefitwallet-login-taf.php
Cookie
__cfduid=d86cf662c3b261acdf1caf1da76aaf19e1549298468
Connection
keep-alive
Cache-Control
no-cache
Referer
http://cinymtevi.cf/qyko/benefitwallet-login-taf.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 04 Feb 2019 16:41:09 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Server
cloudflare
Vary
Accept-Encoding
Content-Type
text/html; charset=iso-8859-1
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
4a3e9547f54dc292-FRA
Expires
Mon, 04 Feb 2019 20:41:09 GMT
cropped-wordcampus-logo_standard-1.png
cinymtevi.cf/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cinymtevi.cf/cropped-wordcampus-logo_standard-1.png
Requested by
Host: cinymtevi.cf
URL: http://cinymtevi.cf/qyko/benefitwallet-login-taf.php
Protocol
HTTP/1.1
Server
2606:4700:30::6818:6c97 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ed4920b76cbe6f026d51a70013ea3d0ef792d7e2173d85f48975f55e2de4e39

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
cinymtevi.cf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://cinymtevi.cf/qyko/benefitwallet-login-taf.php
Cookie
__cfduid=d86cf662c3b261acdf1caf1da76aaf19e1549298468
Connection
keep-alive
Cache-Control
no-cache
Referer
http://cinymtevi.cf/qyko/benefitwallet-login-taf.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 04 Feb 2019 16:41:09 GMT
CF-Cache-Status
MISS
Last-Modified
Mon, 13 Nov 2017 13:12:56 GMT
Server
cloudflare
ETag
"3098-55ddd07594600"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
4a3e95480406c283-FRA
Content-Length
12440
Expires
Mon, 04 Feb 2019 20:41:09 GMT
gravity_forms_logo.png
cinymtevi.cf/files/2017/08/ 		0
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cinymtevi.cf/files/2017/08/gravity_forms_logo.png
Requested by
Host: cinymtevi.cf
URL: http://cinymtevi.cf/qyko/benefitwallet-login-taf.php
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::6818:6d97 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://cinymtevi.cf/qyko/benefitwallet-login-taf.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers
pGb7ZLJC1NwCc83dmNGl38-Gije27WiTPfVmkMYoNbebSLuHPlrybmSm2oPV2ADGlw=h900
lh3.googleusercontent.com/ 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/pGb7ZLJC1NwCc83dmNGl38-Gije27WiTPfVmkMYoNbebSLuHPlrybmSm2oPV2ADGlw=h900
Requested by
Host: cinymtevi.cf
URL: http://cinymtevi.cf/qyko/benefitwallet-login-taf.php
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:809::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
985953e0191f0c49b14043b147accfd5e30b4f2d9a260f66b54947578fe475b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://cinymtevi.cf/qyko/benefitwallet-login-taf.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 04 Feb 2019 16:41:09 GMT
x-content-type-options
nosniff
status
200
content-disposition
inline;filename="unnamed.png"
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
82840
x-xss-protection
1; mode=block
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 05 Feb 2019 16:41:09 GMT
top-bw-hra-overview.jpg
mybenefitwallet.com/img/video-button/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mybenefitwallet.com/img/video-button/top-bw-hra-overview.jpg
Requested by
Host: cinymtevi.cf
URL: http://cinymtevi.cf/qyko/benefitwallet-login-taf.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
12.180.115.54 , United States, ASN16983 (AS16983 - Conduent Business Services, LLC, US),
Reverse DNS
Software
/
Resource Hash
8e83ce57205e9acf1e38ab84de99ca92ab4c9e448f5ec4ac4c91d38b4f9a79c7

Request headers

Referer
http://cinymtevi.cf/qyko/benefitwallet-login-taf.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Location
Date
Mon, 04 Feb 2019 16:41:09 GMT
Last-modified
Mon, 31 Aug 2015 12:10:44 GMT
Accept-ranges
bytes
Etag
"5b55-55e44444"
Content-length
23381
Content-type
image/jpeg
benefitwallet-logo.png
www.mybenefitwallet.com/img/base/
Redirect Chain
  • http://www.mybenefitwallet.com/img/base/benefitwallet-logo.png
  • https://www.mybenefitwallet.com/img/base/benefitwallet-logo.png
11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mybenefitwallet.com/img/base/benefitwallet-logo.png
Requested by
Host: cinymtevi.cf
URL: http://cinymtevi.cf/qyko/benefitwallet-login-taf.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
12.180.115.54 , United States, ASN16983 (AS16983 - Conduent Business Services, LLC, US),
Reverse DNS
Software
/
Resource Hash
94390a67c67068b6607ba65e59cbc713f1b67110e19746cdb3f1a91640f2b409

Request headers

Referer
http://cinymtevi.cf/qyko/benefitwallet-login-taf.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Location
Date
Mon, 04 Feb 2019 16:41:09 GMT
Last-modified
Tue, 03 Oct 2017 02:07:46 GMT
Accept-Ranges
bytes
Etag
"2bd3-59d2f0f2"
Content-length
11219
Content-type
image/png

Redirect headers

Location
https://www.mybenefitwallet.com/img/base/benefitwallet-logo.png
Date
Mon, 04 Feb 2019 16:41:09 GMT
Connection
Keep-Alive
Content-Length
0
Content-Type
text/html
top-bw-fsa-overview.jpg
www.mybenefitwallet.com/img/video-button/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mybenefitwallet.com/img/video-button/top-bw-fsa-overview.jpg
Requested by
Host: cinymtevi.cf
URL: http://cinymtevi.cf/qyko/benefitwallet-login-taf.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
12.180.115.54 , United States, ASN16983 (AS16983 - Conduent Business Services, LLC, US),
Reverse DNS
Software
/
Resource Hash
89b74cfc4d2577899c2c86f26ac45dcb90f173de6aaf4c001320e6728235ace8

Request headers

Referer
http://cinymtevi.cf/qyko/benefitwallet-login-taf.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Location
Date
Mon, 04 Feb 2019 16:41:09 GMT
Last-modified
Mon, 31 Aug 2015 12:10:44 GMT
Accept-ranges
bytes
Etag
"49c2-55e44444"
Content-length
18882
Content-type
image/jpeg
hsa.jpg
mybenefitwallet.com/HSA/scripts/img/page-banner/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mybenefitwallet.com/HSA/scripts/img/page-banner/hsa.jpg
Requested by
Host: cinymtevi.cf
URL: http://cinymtevi.cf/qyko/benefitwallet-login-taf.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
12.180.115.54 , United States, ASN16983 (AS16983 - Conduent Business Services, LLC, US),
Reverse DNS
Software
/
Resource Hash
f6c19a94239262786e6c405e9542b1f8cfc37a25694f0d745e14bc6adff084c6

Request headers

Referer
http://cinymtevi.cf/qyko/benefitwallet-login-taf.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Location
Date
Mon, 04 Feb 2019 16:41:09 GMT
Last-modified
Thu, 15 Nov 2018 13:09:08 GMT
Content-type
image/jpeg
Content-length
33662
Content-language
en-US
top-bw-hsa-overview.jpg
www.mybenefitwallet.com/img/video-button/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mybenefitwallet.com/img/video-button/top-bw-hsa-overview.jpg
Requested by
Host: cinymtevi.cf
URL: http://cinymtevi.cf/qyko/benefitwallet-login-taf.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
12.180.115.54 , United States, ASN16983 (AS16983 - Conduent Business Services, LLC, US),
Reverse DNS
Software
/
Resource Hash
34006509a46a6b94358e8b7ec93894135d21f073715c3c94403e6e83fd2042ed

Request headers

Referer
http://cinymtevi.cf/qyko/benefitwallet-login-taf.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Location
Date
Mon, 04 Feb 2019 16:41:09 GMT
Last-modified
Thu, 14 Sep 2017 20:57:58 GMT
Accept-ranges
bytes
Etag
"7b9f-59baed56"
Content-length
31647
Content-type
image/jpeg
image
site-images.similarcdn.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://site-images.similarcdn.com/image?url=hsamember.com&t=1&s=10&h=12786800872283552531
Requested by
Host: cinymtevi.cf
URL: http://cinymtevi.cf/qyko/benefitwallet-login-taf.php
Protocol
HTTP/1.1
Server
18.234.20.59 Cambridge, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-18-234-20-59.compute-1.amazonaws.com
Software
SGIMageGetter/1.1 /
Resource Hash
684ad59d83c0217347130f0c406826d00ad70e878d60cfc49d65646e3ae3273b

Request headers

Referer
http://cinymtevi.cf/qyko/benefitwallet-login-taf.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 04 Feb 2019 16:41:09 GMT
Cache-Control
no-cache
Server
SGIMageGetter/1.1
Connection
keep-alive
Content-Length
4167
Content-Type
image/jpeg
benefitwallet-85823647.jpg
mark.trademarkia.com/logo-images/xerox-corporation/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mark.trademarkia.com/logo-images/xerox-corporation/benefitwallet-85823647.jpg
Requested by
Host: cinymtevi.cf
URL: http://cinymtevi.cf/qyko/benefitwallet-login-taf.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
50.97.5.218 Seattle, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
da.05.6132.ip4.static.sl-reverse.com
Software
Microsoft-IIS/8.5 / UrlRewriter.NET 1.7.0, ASP.NET
Resource Hash
c6bfb957c778bb853529658b9b13e041d32d5be53c7e8fe3f3f07602c80e91bf

Request headers

Referer
http://cinymtevi.cf/qyko/benefitwallet-login-taf.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 04 Feb 2019 16:41:17 GMT
Cache-Control
public
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
UrlRewriter.NET 1.7.0, ASP.NET
Content-Length
19294
Content-Type
image/jpeg
benefitwallet_endorsed_rgb.jpg
www.choice-strategies.com/files/0/7a3e226465da14a9bdf16a3acd7f2091/files/
Redirect Chain
  • http://www.choice-strategies.com/files/0/7a3e226465da14a9bdf16a3acd7f2091/files/benefitwallet_endorsed_rgb.jpg
  • https://www.choice-strategies.com/files/0/7a3e226465da14a9bdf16a3acd7f2091/files/benefitwallet_endorsed_rgb.jpg
192 KB
192 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.choice-strategies.com/files/0/7a3e226465da14a9bdf16a3acd7f2091/files/benefitwallet_endorsed_rgb.jpg
Requested by
Host: cinymtevi.cf
URL: http://cinymtevi.cf/qyko/benefitwallet-login-taf.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.89.50.214 San Mateo, United States, ASN27018 (WAGEWORKS - WAGEWORKS, Inc., US),
Reverse DNS
host50-214.wageworks.com
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
f9bbdaa24755ca5ecb87832e8e6f220e7fc8cf77a4ba764e7a275491b7ba1b24

Request headers

Referer
http://cinymtevi.cf/qyko/benefitwallet-login-taf.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 04 Feb 2019 16:41:09 GMT
ETag
"803bf2e5a4c9ce1:0"
Last-Modified
Tue, 15 Oct 2013 12:48:51 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
196333

Redirect headers

Location
https://www.choice-strategies.com/files/0/7a3e226465da14a9bdf16a3acd7f2091/files/benefitwallet_endorsed_rgb.jpg
Date
Mon, 04 Feb 2019 16:41:09 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
Content-Length
234
Content-Type
text/html; charset=UTF-8
BenefitWallet_NonEndorsed_RGB.jpg
member.mybenefitwallet.com/portal/calculators/hsagoal/image/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://member.mybenefitwallet.com/portal/calculators/hsagoal/image/BenefitWallet_NonEndorsed_RGB.jpg
Requested by
Host: cinymtevi.cf
URL: http://cinymtevi.cf/qyko/benefitwallet-login-taf.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.73.5.54 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-73-5-54.compute-1.amazonaws.com
Software
/
Resource Hash
498e4de17901f0cfd55973d2d4552e5a650eb72524e34896ffc164b4b070f278

Request headers

Referer
http://cinymtevi.cf/qyko/benefitwallet-login-taf.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 04 Feb 2019 16:41:10 GMT
Last-Modified
Tue, 06 Aug 2013 20:07:26 GMT
Connection
keep-alive
Accept-Ranges
bytes
ETag
W/"39684-1375819646000"
Content-Length
39684
Content-Type
image/jpeg
wordcampus-logo_2017-below.png
cinymtevi.cf/ 		306 B
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cinymtevi.cf/wordcampus-logo_2017-below.png
Requested by
Host: cinymtevi.cf
URL: http://cinymtevi.cf/qyko/benefitwallet-login-taf.php
Protocol
HTTP/1.1
Server
2606:4700:30::6818:6c97 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d92d56f278d85cad56e9920fca2503e188dbe4bf1c9a1e69a396570f33e44e87

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
cinymtevi.cf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://cinymtevi.cf/qyko/benefitwallet-login-taf.php
Cookie
__cfduid=d86cf662c3b261acdf1caf1da76aaf19e1549298468
Connection
keep-alive
Cache-Control
no-cache
Referer
http://cinymtevi.cf/qyko/benefitwallet-login-taf.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 04 Feb 2019 16:41:09 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Server
cloudflare
Vary
Accept-Encoding
Content-Type
text/html; charset=iso-8859-1
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
4a3e954a73e6c29c-FRA
Expires
Mon, 04 Feb 2019 20:41:09 GMT
vid-skylinedark.jpg
cinymtevi.cf/ 		295 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cinymtevi.cf/vid-skylinedark.jpg
Requested by
Host: cinymtevi.cf
URL: http://cinymtevi.cf/qyko/benefitwallet-login-taf.php
Protocol
HTTP/1.1
Server
2606:4700:30::6818:6d97 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a6770f773ef3aed4083c38ad332566d4e26526708e0653cb62f90dcdd947330

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
cinymtevi.cf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://cinymtevi.cf/kizinit.css
Cookie
__cfduid=d86cf662c3b261acdf1caf1da76aaf19e1549298468
Connection
keep-alive
Cache-Control
no-cache
Referer
http://cinymtevi.cf/kizinit.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 04 Feb 2019 16:41:09 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
text/html; charset=iso-8859-1
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
4a3e954b76ef9718-FRA
Expires
Mon, 04 Feb 2019 20:41:09 GMT
bt4eodsgwkvncy5x_hfyg44p5icox8kq3llunmylgo4.woff2
cinymtevi.cf/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
http://cinymtevi.cf/bt4eodsgwkvncy5x_hfyg44p5icox8kq3llunmylgo4.woff2
Requested by
Host: cinymtevi.cf
URL: http://cinymtevi.cf/qyko/benefitwallet-login-taf.php
Protocol
HTTP/1.1
Server
2606:4700:30::6818:6d97 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Pragma
no-cache
Origin
http://cinymtevi.cf
Accept-Encoding
gzip, deflate
Host
cinymtevi.cf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://cinymtevi.cf/kizinit.css
Cookie
__cfduid=d86cf662c3b261acdf1caf1da76aaf19e1549298468
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://cinymtevi.cf/kizinit.css
Origin
http://cinymtevi.cf

Response headers

Date
Mon, 04 Feb 2019 16:41:09 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Server
cloudflare
Vary
Accept-Encoding
Content-Type
text/html; charset=iso-8859-1
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
4a3e954a263b9718-FRA
Expires
Mon, 04 Feb 2019 20:41:09 GMT
tttucfj272gbgskaoad7kltxra8tvwticgirnjhmvjw.woff2
cinymtevi.cf/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
http://cinymtevi.cf/tttucfj272gbgskaoad7kltxra8tvwticgirnjhmvjw.woff2
Requested by
Host: cinymtevi.cf
URL: http://cinymtevi.cf/qyko/benefitwallet-login-taf.php
Protocol
HTTP/1.1
Server
2606:4700:30::6818:6c97 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Pragma
no-cache
Origin
http://cinymtevi.cf
Accept-Encoding
gzip, deflate
Host
cinymtevi.cf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://cinymtevi.cf/kizinit.css
Cookie
__cfduid=d86cf662c3b261acdf1caf1da76aaf19e1549298468
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://cinymtevi.cf/kizinit.css
Origin
http://cinymtevi.cf

Response headers

Date
Mon, 04 Feb 2019 16:41:09 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Server
cloudflare
Vary
Accept-Encoding
Content-Type
text/html; charset=iso-8859-1
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
4a3e954a274fc283-FRA
Expires
Mon, 04 Feb 2019 20:41:09 GMT
csns3nwpegpvrqzvkh3neq.woff2
cinymtevi.cf/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
http://cinymtevi.cf/csns3nwpegpvrqzvkh3neq.woff2
Requested by
Host: cinymtevi.cf
URL: http://cinymtevi.cf/qyko/benefitwallet-login-taf.php
Protocol
HTTP/1.1
Server
2606:4700:30::6818:6c97 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Pragma
no-cache
Origin
http://cinymtevi.cf
Accept-Encoding
gzip, deflate
Host
cinymtevi.cf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://cinymtevi.cf/kizinit.css
Cookie
__cfduid=d86cf662c3b261acdf1caf1da76aaf19e1549298468
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://cinymtevi.cf/kizinit.css
Origin
http://cinymtevi.cf

Response headers

Date
Mon, 04 Feb 2019 16:41:09 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Server
cloudflare
Vary
Accept-Encoding
Content-Type
text/html; charset=iso-8859-1
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
4a3e954a302bc292-FRA
Expires
Mon, 04 Feb 2019 20:41:09 GMT
o-nqezqhxmcznt8g452hvi4p5icox8kq3llunmylgo4.woff2
cinymtevi.cf/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
http://cinymtevi.cf/o-nqezqhxmcznt8g452hvi4p5icox8kq3llunmylgo4.woff2
Requested by
Host: cinymtevi.cf
URL: http://cinymtevi.cf/qyko/benefitwallet-login-taf.php
Protocol
HTTP/1.1
Server
2606:4700:30::6818:6c97 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Pragma
no-cache
Origin
http://cinymtevi.cf
Accept-Encoding
gzip, deflate
Host
cinymtevi.cf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://cinymtevi.cf/kizinit.css
Cookie
__cfduid=d86cf662c3b261acdf1caf1da76aaf19e1549298468
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://cinymtevi.cf/kizinit.css
Origin
http://cinymtevi.cf

Response headers

Date
Mon, 04 Feb 2019 16:41:09 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Server
cloudflare
Vary
Accept-Encoding
Content-Type
text/html; charset=iso-8859-1
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
4a3e954a4515c279-FRA
Expires
Mon, 04 Feb 2019 20:41:09 GMT
pfwjf3addaqpvnkurt3u70l2euxwousmdrnacskl_ek.woff2
cinymtevi.cf/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
http://cinymtevi.cf/pfwjf3addaqpvnkurt3u70l2euxwousmdrnacskl_ek.woff2
Requested by
Host: cinymtevi.cf
URL: http://cinymtevi.cf/qyko/benefitwallet-login-taf.php
Protocol
HTTP/1.1
Server
2606:4700:30::6818:6d97 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Pragma
no-cache
Origin
http://cinymtevi.cf
Accept-Encoding
gzip, deflate
Host
cinymtevi.cf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://cinymtevi.cf/kizinit.css
Cookie
__cfduid=d86cf662c3b261acdf1caf1da76aaf19e1549298468
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://cinymtevi.cf/kizinit.css
Origin
http://cinymtevi.cf

Response headers

Date
Mon, 04 Feb 2019 16:41:09 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Server
cloudflare
Vary
Accept-Encoding
Content-Type
text/html; charset=iso-8859-1
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
4a3e954a504096a0-FRA
Expires
Mon, 04 Feb 2019 20:41:09 GMT

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery

1 Cookies

Domain/Path Name / Value
.cinymtevi.cf/ Name: __cfduid
Value: d86cf662c3b261acdf1caf1da76aaf19e1549298468

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cinymtevi.cf
code.jquery.com
lh3.googleusercontent.com
mark.trademarkia.com
member.mybenefitwallet.com
mybenefitwallet.com
site-images.similarcdn.com
www.choice-strategies.com
www.mybenefitwallet.com
12.180.115.54
18.234.20.59
205.185.208.52
2606:4700:30::6818:6c97
2606:4700:30::6818:6d97
2a00:1450:4001:809::2001
50.97.5.218
52.73.5.54
69.89.50.214
0d32b7cffea99e0041afda54dee07252f903133f692b114c913518cca8acccca
2ed4920b76cbe6f026d51a70013ea3d0ef792d7e2173d85f48975f55e2de4e39
34006509a46a6b94358e8b7ec93894135d21f073715c3c94403e6e83fd2042ed
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
498e4de17901f0cfd55973d2d4552e5a650eb72524e34896ffc164b4b070f278
684ad59d83c0217347130f0c406826d00ad70e878d60cfc49d65646e3ae3273b
7a6770f773ef3aed4083c38ad332566d4e26526708e0653cb62f90dcdd947330
89b74cfc4d2577899c2c86f26ac45dcb90f173de6aaf4c001320e6728235ace8
8e83ce57205e9acf1e38ab84de99ca92ab4c9e448f5ec4ac4c91d38b4f9a79c7
94390a67c67068b6607ba65e59cbc713f1b67110e19746cdb3f1a91640f2b409
985953e0191f0c49b14043b147accfd5e30b4f2d9a260f66b54947578fe475b1
af15e91d092c78f4dd129d00e064d72fd59c82bd39c0007f235f46458684c301
c6bfb957c778bb853529658b9b13e041d32d5be53c7e8fe3f3f07602c80e91bf
d92d56f278d85cad56e9920fca2503e188dbe4bf1c9a1e69a396570f33e44e87
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6c19a94239262786e6c405e9542b1f8cfc37a25694f0d745e14bc6adff084c6
f9bbdaa24755ca5ecb87832e8e6f220e7fc8cf77a4ba764e7a275491b7ba1b24