cheatsheetsketo.com Open in urlscan Pro
2606:4700:3031::ac43:8f67 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://tinyurl.com/yd99zzvu
Effective URL:
https://cheatsheetsketo.com/ohionew/profile.html
Submission: On June 30 via api (June 30th 2020, 5:33:52 pm UTC) from US

Summary HTTP 27 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 27 HTTP transactions. The main IP is 2606:4700:3031::ac43:8f67, located in United States and belongs to CLOUDFLARENET, US. The main domain is cheatsheetsketo.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 28th 2020. Valid for: a year.

This is the only time cheatsheetsketo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:10:... 2606:4700:10::6814:8a41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	2606:4700:303... 2606:4700:3031::ac43:8f67	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
27	3

1 2606:4700:10::6814:8a41 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tinyurl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3031::ac43:8f67 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cheatsheetsketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	cheatsheetsketo.com 1 redirects cheatsheetsketo.com	8 KB
1	googleapis.com fonts.googleapis.com	947 B
1	tinyurl.com 1 redirects tinyurl.com	766 B
0	ohio.gov Failed elicense3.com.ohio.gov Failed
27	4

	Domain	Requested by
3	cheatsheetsketo.com	1 redirects cheatsheetsketo.com
1	fonts.googleapis.com	cheatsheetsketo.com
1	tinyurl.com	1 redirects
0	elicense3.com.ohio.gov Failed	cheatsheetsketo.com
27	4

This site contains links to these domains. Also see Links.

Domain
elicense3.com.ohio.gov

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-05-28` - `2021-05-28`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-06-10` - `2020-09-02`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://cheatsheetsketo.com/ohionew/profile.html
Frame ID: 2227D944F5081B89F7A7861010FC5411
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://tinyurl.com/yd99zzvu HTTP 301
http://cheatsheetsketo.com/ohionew/profile.html HTTP 301
https://cheatsheetsketo.com/ohionew/profile.html Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 50%
Detected patterns

html /<input[^>]+name="__VIEWSTATE/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<input[^>]+name="__VIEWSTATE/i

IIS (Web Servers) Expand

Overall confidence: 50%
Detected patterns

html /<input[^>]+name="__VIEWSTATE/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
script /jquery-ui.*\.js/i

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
script /jquery-ui.*\.js/i

Page Statistics

27
Requests

11 %
HTTPS

100 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

9 kB
Transfer

45 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://elicense3.com.ohio.gov/Login.aspx?ReturnUrl=/Account/UserAccount.aspx#MainContent
Title: Skip to Main Content

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://tinyurl.com/yd99zzvu HTTP 301
http://cheatsheetsketo.com/ohionew/profile.html HTTP 301
https://cheatsheetsketo.com/ohionew/profile.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request profile.html Show response
cheatsheetsketo.com/ohionew/
Redirect Chain

https://tinyurl.com/yd99zzvu
http://cheatsheetsketo.com/ohionew/profile.html
https://cheatsheetsketo.com/ohionew/profile.html

32 KB
7 KB

435ms
418ms

Document
text/html

2606:4700:3031::ac43:8f67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cheatsheetsketo.com/ohionew/profile.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8f67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f41096fdc30ee2944a16e60af326fe9ece41aba53d6898015199173ed75ca442

Request headers

:method: GET
:authority: cheatsheetsketo.com
:scheme: https
:path: /ohionew/profile.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 30 Jun 2020 17:33:18 GMT
content-type: text/html
set-cookie: __cfduid=db00ceec2599c7b2a7bdc64c934a122b21593538397; expires=Thu, 30-Jul-20 17:33:17 GMT; path=/; domain=.cheatsheetsketo.com; HttpOnly; SameSite=Lax; Secure
last-modified: Thu, 18 Jun 2020 08:34:00 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-request-id: 03a7e35ee3000005cca9217200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5ab9a1ab0a3405cc-FRA
content-encoding: br

Redirect headers

Date: Tue, 30 Jun 2020 17:33:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 30 Jun 2020 18:33:17 GMT
Location: https://cheatsheetsketo.com/ohionew/profile.html
cf-request-id: 03a7e35ec5000007428f091200000001
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 5ab9a1aad9d20742-FRA

GET
H2 200 css
fonts.googleapis.com/ 12 KB
947 B 21ms
15ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800

Requested by

Host: cheatsheetsketo.com
URL: https://cheatsheetsketo.com/ohionew/profile.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

84e6ba10a3ea0dbddf004cdd014b1621c5fe8a7065a3f15271307272befea438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cheatsheetsketo.com/ohionew/profile.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 30 Jun 2020 16:54:41 GMT
server: ESF
date: Tue, 30 Jun 2020 17:33:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 Jun 2020 17:33:18 GMT

GET kendo.min.css
elicense3.com.ohio.gov/Assets/css/generated/ 0
0

GET styles.min.css
elicense3.com.ohio.gov/Assets/css/generated/ 0
0

GET WebResource.axd
elicense3.com.ohio.gov/ 0
0

GET ScriptResource.axd
elicense3.com.ohio.gov/ 0
0

GET modernizr-2.8.3.min.js
elicense3.com.ohio.gov/Assets/thirdparty/modernizr-2.8.3/ 0
0

GET jquery-1.12.4.min.js
elicense3.com.ohio.gov/Assets/thirdparty/jquery-1.12.4/ 0
0

GET jquery-ui.min.js
elicense3.com.ohio.gov/Assets/thirdparty/jquery-ui-1-11.3/ 0
0

GET jquery-migrate-1.2.1.min.js
elicense3.com.ohio.gov/Assets/thirdparty/jquery-migrate-1.2.1/ 0
0

GET toastr.min.js
elicense3.com.ohio.gov/Assets/thirdparty/toastr-2.1.1/ 0
0

GET bootstrap.min.js
elicense3.com.ohio.gov/Assets/thirdparty/bootstrap-3.3.2/js/ 0
0

GET respond.min.js
elicense3.com.ohio.gov/Assets/thirdparty/respond-1.4.2/ 0
0

GET kendo.ui.core.min.js
elicense3.com.ohio.gov/Assets/thirdparty/kendoui-core-2014.3.1119/js/ 0
0

GET AjaxPatchForWebKit.js
elicense3.com.ohio.gov/Assets/js/ 0
0

GET bs.pagination.js
elicense3.com.ohio.gov/Assets/js/ 0
0

GET Global.js
elicense3.com.ohio.gov/Assets/js/ 0
0

GET Master.js
elicense3.com.ohio.gov/ 0
0

GET Oath.js
elicense3.com.ohio.gov/Activities/ 0
0

GET CavuPopupServer.js
elicense3.com.ohio.gov/Assets/js/ 0
0

GET js
elicense3.com.ohio.gov/AjaxWebServices/CommonService.svc/ 0
0

GET WebResource.axd
elicense3.com.ohio.gov/ 0
0

GET Logo_OH_OHREPL.png
elicense3.com.ohio.gov/Images/ 0
0

GET Wait.gif
elicense3.com.ohio.gov/Images/ 0
0

GET
H2 200 email-decode.min.js Show response
cheatsheetsketo.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
858 B 10ms
8ms Script
application/javascript 2606:4700:3031::ac43:8f67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cheatsheetsketo.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: cheatsheetsketo.com
URL: https://cheatsheetsketo.com/ohionew/profile.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:8f67 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://cheatsheetsketo.com/ohionew/profile.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 30 Jun 2020 17:33:18 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Fri, 26 Jun 2020 09:13:11 GMT
server: cloudflare
etag: W/"5ef5bc27-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
cf-ray: 5ab9a1adba6105cc-FRA
cf-request-id: 03a7e36090000005cca9248200000001
expires: Thu, 02 Jul 2020 17:33:18 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: elicense3.com.ohio.gov
URL: https://elicense3.com.ohio.gov/Assets/css/generated/kendo.min.css?ver=20150413_Release.86.20424

Domain: elicense3.com.ohio.gov
URL: https://elicense3.com.ohio.gov/Assets/css/generated/styles.min.css?ver=20150413_Release.86.20424

Domain: elicense3.com.ohio.gov
URL: https://elicense3.com.ohio.gov/WebResource.axd?d=c-hU2cyZsJujrnW0Erj1WHBULLK-Gu7tLMDJZDCPnxH9z09P8oymNkaq6N6rWSTwdRwqfXX_P3A1m1v48uqf0-LMrE4PurCZix3WC5uvz_Y1&t=637100626445053551

Domain: elicense3.com.ohio.gov
URL: https://elicense3.com.ohio.gov/ScriptResource.axd?d=L66n0waanP6N0-I34btGIKRVlkfg8VAt804eH0JID3q0BpFgvLdAZPUQxuwu57ipawFcOvUfq1T6T17Oy8A_jVocXjJQ7VOBNkui4-Gy47UkolrQGpGylkMAoLijOuJsgAv0fyZQoRnibDCXRdYZWLAjaEbIi7D1PIL2Z_XjbEU1&t=ffffffffcdd1bd0a

Domain: elicense3.com.ohio.gov
URL: https://elicense3.com.ohio.gov/ScriptResource.axd?d=L1XouZGflF83KB_cwtBepLc3Uc_zqGYwHAd7huuVTGcPcNY6QmJDUW0fMTN4ZefI9odipKnIsK8-KRNfVxFmpi_TiWJg_jDvad5flh9RPBQoeTQSt53sj16i66U1erwRuCiAfn168eZT-BvlKfs1uYKMMm5_zLUd2l-u33xs2dk1&t=ffffffff9a9577e8

Domain: elicense3.com.ohio.gov
URL: https://elicense3.com.ohio.gov/ScriptResource.axd?d=w5u-xSShbzyFVCoFY_Mitmgj-SccmEBeQc6Rgv8hvhm6zlfq7oLxHNV3usPQ5MFEBToexrladMxCeE7hucptUfoCIMf4nskh8udt8DLH3NLnjcjo__z5_TG2ywIX3p78DdV3kOML8Wgbqg8zURzBdmd2n1bOnNF5UxKDh8ub9g3L4Pmr65-d1eW0mvdp0VLL0&t=ffffffff9a9577e8

Domain: elicense3.com.ohio.gov
URL: https://elicense3.com.ohio.gov/Assets/thirdparty/modernizr-2.8.3/modernizr-2.8.3.min.js?ver=20150413_Release.86.20424

Domain: elicense3.com.ohio.gov
URL: https://elicense3.com.ohio.gov/Assets/thirdparty/jquery-1.12.4/jquery-1.12.4.min.js?ver=20150413_Release.86.20424

Domain: elicense3.com.ohio.gov
URL: https://elicense3.com.ohio.gov/Assets/thirdparty/jquery-ui-1-11.3/jquery-ui.min.js?ver=20150413_Release.86.20424

Domain: elicense3.com.ohio.gov
URL: https://elicense3.com.ohio.gov/Assets/thirdparty/jquery-migrate-1.2.1/jquery-migrate-1.2.1.min.js?ver=20150413_Release.86.20424

Domain: elicense3.com.ohio.gov
URL: https://elicense3.com.ohio.gov/Assets/thirdparty/toastr-2.1.1/toastr.min.js?ver=20150413_Release.86.20424

Domain: elicense3.com.ohio.gov
URL: https://elicense3.com.ohio.gov/Assets/thirdparty/bootstrap-3.3.2/js/bootstrap.min.js?ver=20150413_Release.86.20424

Domain: elicense3.com.ohio.gov
URL: https://elicense3.com.ohio.gov/Assets/thirdparty/respond-1.4.2/respond.min.js?ver=20150413_Release.86.20424

Domain: elicense3.com.ohio.gov
URL: https://elicense3.com.ohio.gov/Assets/thirdparty/kendoui-core-2014.3.1119/js/kendo.ui.core.min.js?ver=20150413_Release.86.20424

Domain: elicense3.com.ohio.gov
URL: https://elicense3.com.ohio.gov/Assets/js/AjaxPatchForWebKit.js?ver=20150413_Release.86.20424

Domain: elicense3.com.ohio.gov
URL: https://elicense3.com.ohio.gov/Assets/js/bs.pagination.js?ver=20150413_Release.86.20424

Domain: elicense3.com.ohio.gov
URL: https://elicense3.com.ohio.gov/Assets/js/Global.js?ver=20150413_Release.86.20424

Domain: elicense3.com.ohio.gov
URL: https://elicense3.com.ohio.gov/Master.js?ver=20150413_Release.86.20424

Domain: elicense3.com.ohio.gov
URL: https://elicense3.com.ohio.gov/Activities/Oath.js?ver=20150413_Release.86.20424

Domain: elicense3.com.ohio.gov
URL: https://elicense3.com.ohio.gov/Assets/js/CavuPopupServer.js?ver=20150413_Release.86.20424

Domain: elicense3.com.ohio.gov
URL: https://elicense3.com.ohio.gov/AjaxWebServices/CommonService.svc/js

Domain: elicense3.com.ohio.gov
URL: https://elicense3.com.ohio.gov/WebResource.axd?d=_OPA1qp3lUoLVwWU6taVNJgMKFdsDkB2nWbJtiyJP41w6x2zTqbRVDnmPJX74zWZxSbv6SJkkwgmyll9NhgWrUUk_ZAGxZ6PUTaPx1GzzNo1&t=637100626445053551

Domain: elicense3.com.ohio.gov
URL: https://elicense3.com.ohio.gov/Images/Logo_OH_OHREPL.png

Domain: elicense3.com.ohio.gov
URL: https://elicense3.com.ohio.gov/Images/Wait.gif

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| theForm function| __doPostBack

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cheatsheetsketo.com
elicense3.com.ohio.gov
fonts.googleapis.com
tinyurl.com
elicense3.com.ohio.gov
2606:4700:10::6814:8a41
2606:4700:3031::ac43:8f67
2a00:1450:4001:802::200a
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
84e6ba10a3ea0dbddf004cdd014b1621c5fe8a7065a3f15271307272befea438
f41096fdc30ee2944a16e60af326fe9ece41aba53d6898015199173ed75ca442

cheatsheetsketo.com Open in urlscan Pro 2606:4700:3031::ac43:8f67 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

27 Requests

11 %HTTPS

100 %IPv6

4 Domains

4 Subdomains

3 IPs

2 Countries

9 kBTransfer

45 kBSize

0 Cookies

1 Outgoing links

Page URL History

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

Indicators

cheatsheetsketo.com Open in urlscan Pro
2606:4700:3031::ac43:8f67 Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

11 %
HTTPS

100 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

9 kB
Transfer

45 kB
Size

0
Cookies

27 HTTP transactions
0 data transactions