urlscan.io logo urlscan.io
SecurityTrails logo

officetooltips.cysthost.com Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
URL: https://officetooltips.cysthost.com/
Submission Tags: falconsandbox
Submission: On October 24 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 7 domains to perform 24 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is officetooltips.cysthost.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 15th 2022. Valid for: a year.
This is the only time officetooltips.cysthost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
18 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 192.243.61.225 39572 (ADVANCEDH...)
1 46.105.201.240 16276 (OVH)
1 158.69.251.190 16276 (OVH)
24 7
18    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
officetooltips.cysthost.com
www.officetooltips.com
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
cloud.nextagc.com
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    192.243.61.225 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
drawingwheels.com
1    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
1    158.69.251.190 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns546644.ip-158-69-251.net
s4.histats.com
Apex Domain
Subdomains		 Transfer
17 officetooltips.com
www.officetooltips.com — Cisco Umbrella Rank: 290958
1 MB
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 17901
s4.histats.com — Cisco Umbrella Rank: 15235
5 KB
1 drawingwheels.com
drawingwheels.com
1 gstatic.com
fonts.gstatic.com
44 KB
1 nextagc.com
cloud.nextagc.com
2 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 44
1 KB
1 cysthost.com
officetooltips.cysthost.com
6 KB
24 7
Domain Requested by
17 www.officetooltips.com officetooltips.cysthost.com
1 s4.histats.com s10.histats.com
1 s10.histats.com cloud.nextagc.com
1 drawingwheels.com cloud.nextagc.com
1 fonts.gstatic.com fonts.googleapis.com
1 cloud.nextagc.com officetooltips.cysthost.com
1 fonts.googleapis.com officetooltips.cysthost.com
1 officetooltips.cysthost.com
24 8

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-03-15 -
2023-03-14		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
drawingwheels.com
R3		 2022-10-21 -
2023-01-19		 3 months crt.sh
histats.com
R3		 2022-09-30 -
2022-12-29		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://officetooltips.cysthost.com/
Frame ID: EB11A81CB15C6CC41187DECC9BF4771D
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Team USA sets | 😨😃😅 Microsoft Word, Excel, Outlook and PowerPoint tips and tricksTeam USA sets | 😨😃😅 Microsoft Word, Excel, Outlook and PowerPoint tips and tricks

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

24
Requests

100 %
HTTPS

57 %
IPv6

7
Domains

8
Subdomains

7
IPs

4
Countries

1214 kB
Transfer

1309 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
officetooltips.cysthost.com/ 		29 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://officetooltips.cysthost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7145fed0aed778503517c4446e8ea632f2bd2941e221379ba3f475aa38b33cf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache
cf-cache-status
DYNAMIC
cf-ray
75f132b7cfc741e2-AMS
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 24 Oct 2022 08:03:49 GMT
last-modified
Monday, 24-Oct-2022 08:03:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c9wzcnCovErc46mGh8nEVmCxs8hwsZdAEnu1BalnwA%2FhKTyHJg8bCIat%2FxHJMT7VyJFrKkfydzs7WBFY0dbr66tZg2T%2Bq2Jj9rP5SWI8gIC3EvTp3V85q1hGY5%2BLOY39Yd888ybk2HahQOXd9xwhUwjwpz3UgPp4yYQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
css
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,400i,600&display=swap
Requested by
Host: officetooltips.cysthost.com
URL: https://officetooltips.cysthost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3a4164bd0bf1c198881d38cb371fab35be3007117ac48d437e5ed20842d2efd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://officetooltips.cysthost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 24 Oct 2022 08:03:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 24 Oct 2022 07:18:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 24 Oct 2022 08:03:49 GMT
style-f92389e53a43bec9c34246c7b4d9c0a1-min.css
www.officetooltips.com/css/ 		78 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.officetooltips.com/css/style-f92389e53a43bec9c34246c7b4d9c0a1-min.css
Requested by
Host: officetooltips.cysthost.com
URL: https://officetooltips.cysthost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66cd53d8449f62a808624898849beb27b0ef5e82930de6181400dd0a8326dd82

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://officetooltips.cysthost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 08:03:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 10 Sep 2022 11:55:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
7172
etag
W/"631c7b20-1391f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YJVmt%2BChEGs%2F5Cud78kwn9hHtYxPMiVLu2vvQYsIZqbp6BDxwxUUXkxaeIADhgVTSolKHhLG0brOPoJKVMggzsZVBo0RCpvn9tqzthf5KTgfksYk0XwY%2Bwozvwp6so3KQjK8ZbmAZmUOxKNVRwbrSSCfJBNW"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
75f132bc5844b70c-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
logo.png
www.officetooltips.com/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.officetooltips.com/img/logo.png
Requested by
Host: officetooltips.cysthost.com
URL: https://officetooltips.cysthost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f09b79cfef36d1073abec56d7100bee829a1ae00db12e85d48912cbe118ff32

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://officetooltips.cysthost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 08:03:49 GMT
cf-cache-status
HIT
last-modified
Thu, 20 May 2021 12:24:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
7171
etag
"60a65505-732"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cl29byyCt6%2BFqBJ5%2BrULx6hRot4eZf59cijQrfd1eoF6k2vniqqrhWz8iSc2DNdnW45OXrBnDxz9YB%2B5gFsfxaneC87tFTuarkT1FziAbAn4bxSbrbbiws4NHWp6wzzsxLkiZsKqm9QAizb6yIT%2BMRzTiJWW"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75f132bc584bb70c-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1842
shortcuts.png
www.officetooltips.com/thumbnails/tips/ 		194 KB
195 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.officetooltips.com/thumbnails/tips/shortcuts.png
Requested by
Host: officetooltips.cysthost.com
URL: https://officetooltips.cysthost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bde872b59119a31972d21c198eb0aa1e3c55a5107b5b3e03649c0c6b270b58cd

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://officetooltips.cysthost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 08:03:50 GMT
cf-cache-status
MISS
last-modified
Tue, 09 Aug 2022 12:32:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"62f253ca-3093e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4u2vLTn9JZwSu%2Bn%2FQgN58BtHXXjJPKYQOuRC%2BlNi0yQflNQJyJiM3Ydj%2BDl0SNpL60hmT1XzU4gswRkEZ%2Fdd6b8edIO6Vhky1lyUyjqyl1HWbCeXVduTf29VbZ8OxNKGEEK6ddJtS5PVgK%2FeT5ooX163Byiw"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75f132bc5849b70c-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
198974
773.png
www.officetooltips.com/thumbnails/tips/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.officetooltips.com/thumbnails/tips/773.png
Requested by
Host: officetooltips.cysthost.com
URL: https://officetooltips.cysthost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
352d8f8bf745805b6e1992cf61b6efe97a9279129ea6dba2f7699adf6ae3d861

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://officetooltips.cysthost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 08:03:50 GMT
cf-cache-status
EXPIRED
last-modified
Sun, 12 Jun 2022 13:30:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"62a5ea8e-859a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XZ25NBOnDEZDREHxS8l6iLkLi7%2FO6VwDa1hvRkXCbwq5TWG2qLiBRgcwE2pwEG8eHsEdoZzArM21YiBrzpQt6vc7dhd2bjyPvuYocxvBryrD4uDRh7XH7O%2B6Ami4WD4TXiLPOOtvdmuaov5SDobWDmyYCNZT"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75f132bc5848b70c-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
34202
772.png
www.officetooltips.com/thumbnails/tips/ 		85 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.officetooltips.com/thumbnails/tips/772.png
Requested by
Host: officetooltips.cysthost.com
URL: https://officetooltips.cysthost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34688fda525b0df56cf2a42d65b1a97597900e27757b642d0afa5dd3a203d7d1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://officetooltips.cysthost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 08:03:50 GMT
cf-cache-status
MISS
last-modified
Sun, 12 Jun 2022 13:29:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"62a5ea3a-15537"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UG86b5AWP0G%2BQKGUZtkwasunghv3WpwuEnKEz%2B%2BuPaak7bKypNirPJWt8e0P0jGplaXA1qz28TdiJjhu7iL%2B5n3HaFRU1Uus8A1bwakEVj4OgIrSpKzfXajNT%2Fz%2BXIji17AIvG%2FTqH6BHRfIBp3Bl%2BH9FHrt"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75f132bc5847b70c-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
87351
488.png
www.officetooltips.com/thumbnails/tips/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.officetooltips.com/thumbnails/tips/488.png
Requested by
Host: officetooltips.cysthost.com
URL: https://officetooltips.cysthost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8740deeae45de6bbd71da0ae4b3a5be2df96af2f5de023beacaec1a455894bef

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://officetooltips.cysthost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 08:03:50 GMT
cf-cache-status
MISS
last-modified
Thu, 22 Sep 2022 08:21:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"632c1b07-7d01"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2FZQPsjLzugh3BPUG8WwVGQb8dM0h2YwUmZ2P4tE5lqzWIq8MCJ33EsHZ4Qkh1LtLjgvs3lu36bHAQPRM4XxqNoBx9FEiGV%2BR9wz7ZwmEAtAtbPc0nYvO69iKO348pdUFss03CVQv86opHiSWFsizKb9Famh"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75f132bc5846b70c-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
32001
487.png
www.officetooltips.com/thumbnails/tips/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.officetooltips.com/thumbnails/tips/487.png
Requested by
Host: officetooltips.cysthost.com
URL: https://officetooltips.cysthost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a7e4e1c809e1addc9600af77e20b86e7507c88708a7631ea4998e2d4c220765

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://officetooltips.cysthost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 08:03:50 GMT
cf-cache-status
MISS
last-modified
Thu, 22 Sep 2022 08:21:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"632c1b07-7eea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VZD%2F%2FELh0Krdbp6XfgvWGGgPDsgEAiwV0LcqL2vLgaju9e%2FqjO5qqA2%2FS9IdG%2B0PfmUObERoLYBKLa6ikQZI%2FN4078zd%2F2tgwfQqa4IkDtMxVjf4sUGCSfP4BdsGufXS7hljUSDhGMFrxiunEHO9C4Cu45m6"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75f132bc888cb70c-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
32490
485.png
www.officetooltips.com/thumbnails/tips/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.officetooltips.com/thumbnails/tips/485.png
Requested by
Host: officetooltips.cysthost.com
URL: https://officetooltips.cysthost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d07bc242f42542fb9da8b1aaf68cffb02542e3186067918d67ca976a50a147f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://officetooltips.cysthost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 08:03:50 GMT
cf-cache-status
MISS
last-modified
Thu, 22 Sep 2022 08:21:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"632c1b07-76db"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MkPUGydDqP7NZCyLLXMI5Y61xnR77TXhYFZP2J0RT5FfU5AlTaeSJVAfeaUfNBflm%2FqW9ZeZiYWpcY4WafTNbwof0efb9svZtNdO8UgN4mc%2FU%2FfGMh%2Fc6typqdKfJ%2BO4aNHNPnZ2KViD7pj7e2ILS8%2FIvQne"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75f132bc8890b70c-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30427
filemaster2.png
www.officetooltips.com/thumbnails/tips/ 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.officetooltips.com/thumbnails/tips/filemaster2.png
Requested by
Host: officetooltips.cysthost.com
URL: https://officetooltips.cysthost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e75a999c4e13f84e2c8d26e45d351636ccc44c03491945abae7a8a8b4ab86a07

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://officetooltips.cysthost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 08:03:50 GMT
cf-cache-status
MISS
last-modified
Thu, 09 Jan 2020 12:14:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5e17193a-1347e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t5zCWHLiziT1LAwJSRRbL8a2Lk8Ee8PoZ%2FAw2KSCGx7SJs3lLgfu66z4gvcC9zkrezC3%2BC4%2FtNEUJZn%2B3g6IyLHab0M50oCZtf06q17cbioOA64tH%2BdFCgvvLKINQNiPyvFgaxl740rfSbdc7jJVXZK2ZiDC"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75f132bc8891b70c-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
78974
getprospect.png
www.officetooltips.com/thumbnails/tips/ 		166 KB
167 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.officetooltips.com/thumbnails/tips/getprospect.png
Requested by
Host: officetooltips.cysthost.com
URL: https://officetooltips.cysthost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdf77e3caa621507680057995c416ee1ca8f8e891ae1d031731f7e116ffa2c55

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://officetooltips.cysthost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 08:03:50 GMT
cf-cache-status
MISS
last-modified
Thu, 20 May 2021 13:23:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"60a662cc-297fc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RpUfYQGhoChfD82FsYAzwfRkrXK%2FToRyPXGDX34tguxvM7a3Mn4HxGcUcp6dTFt6rSjXCgCRfiIOMgSDDvWfH96XoBCsDmnLYntEPRa6ggw%2BPdJtAvCQWUjvzqlR%2FelrhnCUKqMXAxntBuoEyPpeLtuQkdU9"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75f132bc8893b70c-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
169980
133.png
www.officetooltips.com/thumbnails/tips/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.officetooltips.com/thumbnails/tips/133.png
Requested by
Host: officetooltips.cysthost.com
URL: https://officetooltips.cysthost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85f675582d5a0eadaf70463df63fab06abda0a1867f3f0bb705c369f0ee977f3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://officetooltips.cysthost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 08:03:50 GMT
cf-cache-status
MISS
last-modified
Mon, 01 Feb 2021 08:20:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6017b9dd-7cd4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nIH0tGv9tu9uV6%2BFaqDSKvaUFp0F5he%2FiYudUS1rifplhzfHELkp%2BnJt6y%2FDZDzUMfc4071vS80oZON%2BqabLbzbaz6nioQ9z7SYcKwTFcxQyS2UpcILFsPrtnmlOAS5vGvE8My6Xqy5xHZs55moRCbyvW5n9"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75f132bc8894b70c-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
31956
slidemodel.png
www.officetooltips.com/thumbnails/tips/ 		82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.officetooltips.com/thumbnails/tips/slidemodel.png
Requested by
Host: officetooltips.cysthost.com
URL: https://officetooltips.cysthost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b3635c6645b573a57338143c4576768de6d8b3b1b20995689cf2cdf89746cfb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://officetooltips.cysthost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 08:03:50 GMT
cf-cache-status
MISS
last-modified
Tue, 16 Aug 2022 04:50:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"62fb220b-14713"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4JCXXMmpALgXVmCGCRP3J9u5sYpjpZKxklpmL9JcimZcC3%2F%2Fm43NtgpRDRjZIr7xU7NjsZg5JUaq7SpPyzse%2FD%2Ft2DxjbQhyejlO9%2BklDTOYepoipv5gcX4I25NA0mK2wATqC9LdTLrFV%2BRIVs%2FM%2Fl39uUK4"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75f132bc8897b70c-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
83731
805.png
www.officetooltips.com/thumbnails/tips/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.officetooltips.com/thumbnails/tips/805.png
Requested by
Host: officetooltips.cysthost.com
URL: https://officetooltips.cysthost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c8bd81dc760c6303e3f4370a19c8776141937c5960408886c69d0f74fcaf5c3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://officetooltips.cysthost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 08:03:50 GMT
cf-cache-status
MISS
last-modified
Thu, 04 Aug 2022 11:39:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"62ebb008-ae12"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ohqzar6fZDsJ4F%2BR9BeUGpuLDu2itA7H0ljMTyvDonb%2Bb899%2BU5hL%2Bn33mGLXg81nVXeHWM2Gju4AA2BJBKOktvWiJLqm8oRCp3Zt%2B7M5pmH7cz0Yda781rXkikwFP7wzOnWWkM50bvdWt9OGWxpyCdnMDOS"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75f132bc8899b70c-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44562
804.png
www.officetooltips.com/thumbnails/tips/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.officetooltips.com/thumbnails/tips/804.png
Requested by
Host: officetooltips.cysthost.com
URL: https://officetooltips.cysthost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7b2d4a9c54ff6cd6640fd7037440585930a754da13b694f19f9a5e115c26a5d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://officetooltips.cysthost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 08:03:50 GMT
cf-cache-status
MISS
last-modified
Thu, 04 Aug 2022 11:39:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"62ebb008-883f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A0dhREoI56Ne0dJdRO%2FRZMJfqTLutz8nW1GXntDQwcTtzxNoBN%2F8IF0EZnsuRHc5bD1B8qhtdB968IUz4iYBgc9VRmXkgaKPkfUmg7T1g54obqg2PQPZfEh1xowqJ277CBye3ZnIDOBnMqDtkleuv3p4VQCZ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75f132bc889ab70c-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
34879
lawrina.png
www.officetooltips.com/thumbnails/tips/ 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.officetooltips.com/thumbnails/tips/lawrina.png
Requested by
Host: officetooltips.cysthost.com
URL: https://officetooltips.cysthost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6aaf0bc10d6c3b5f40f97392b820371329c80017aee466d01815ec01ae07077

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://officetooltips.cysthost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 08:03:50 GMT
cf-cache-status
MISS
last-modified
Sat, 17 Sep 2022 05:51:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6325607e-c532"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SQyvYbNhgVk1wDVL5cUxY0elAsA0yARfpY8aQtdElFRLKKiEuXVqNE0qUZHoERq6djR9rdm6hd5tLSofvmm9sTX7G9%2BghAikCiy%2BuCLqqwdqwy%2BSVW63e42gWoPyhvSyHq0jNMzyAbrjo95oP%2BJq9MRim9NK"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75f132bc889cb70c-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
50482
bizzoom.png
www.officetooltips.com/thumbnails/tips/ 		212 KB
212 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.officetooltips.com/thumbnails/tips/bizzoom.png
Requested by
Host: officetooltips.cysthost.com
URL: https://officetooltips.cysthost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad78d8587c6a15dcff007b0dbe450ecc11876e57c081deb57ce1df1f5d78d3d7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://officetooltips.cysthost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 08:03:50 GMT
cf-cache-status
MISS
last-modified
Tue, 31 May 2022 05:10:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6295a358-34f20"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MH3BuhqX70bzM0miMCVobVvsAVmMF1kqUu2zoSgkGJco3Xp5xQ7y%2F2V2GfhhDlhfWrXnCfyBq00duQe%2BEPCL2qQgeFGZrlY8Jl0d8ud0PHPVJFsdE3zu%2BMhyXyBjcqyN%2Bh8clsIgRTvMYARe071NIK69YKNs"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75f132bc889db70c-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
216864
750.png
www.officetooltips.com/thumbnails/tips/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.officetooltips.com/thumbnails/tips/750.png
Requested by
Host: officetooltips.cysthost.com
URL: https://officetooltips.cysthost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
521e6e333d2862a5384eb601991222706f1d14110c59fb1d38a429f34742947b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://officetooltips.cysthost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 08:03:50 GMT
cf-cache-status
MISS
last-modified
Wed, 02 Feb 2022 12:02:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"61fa72e6-7c0f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HdhSNjEVRHNdlMRDOJ0WV6ka%2BrH2fgtZ7MhMUvXxMHuaoi5psgIOZ1kVIUGmHR6pxji4zYyYwByAcRw7%2F%2B%2FnR1CLIWDZvTuUxSwyhJHYvP0e71UdvCZFNoy8ZRviGYhzXcMojS%2B8Ted9iXlRqmNNQNW%2F5URC"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75f132bc889fb70c-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
31759
jsnext.js
cloud.nextagc.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cloud.nextagc.com/jsnext.js?uid=81&m=dash
Requested by
Host: officetooltips.cysthost.com
URL: https://officetooltips.cysthost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3046f938844e7869e82206cfcaee12a5de8f416b22dccd49b25da83d811a0b6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://officetooltips.cysthost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 08:03:50 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Monday, 24-Oct-2022 08:03:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
POST,GET,OPTIONS
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BfuJQD9dDRSZ8bXVadbFSOE3ioekM%2FOxxFmedpY%2F%2FDC0LbOiiRou2UWFFzjlaSNH8nETVl2W7d%2Brw629%2BR8qx%2BFcDn0HpI%2BwQnlzq3KbxXHTbdbC%2FIP2Ac1Zdd%2FRe6espiHmXJbHM5UxxSEPPpDuPg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache
cf-ray
75f132bc7e26b8d6-AMS
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,400i,600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://officetooltips.cysthost.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 18:50:24 GMT
x-content-type-options
nosniff
age
566006
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Oct 2023 18:50:24 GMT
invoke.js
drawingwheels.com/82d4b0f6495aa90a07471062d1163f87/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://drawingwheels.com/82d4b0f6495aa90a07471062d1163f87/invoke.js
Requested by
Host: cloud.nextagc.com
URL: https://cloud.nextagc.com/jsnext.js?uid=81&m=dash
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://officetooltips.cysthost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 24 Oct 2022 08:03:50 GMT
Server
nginx/1.22.0
Accept-CH
Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: cloud.nextagc.com
URL: https://cloud.nextagc.com/jsnext.js?uid=81&m=dash
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://officetooltips.cysthost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 08:02:41 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cacheable
Matched cache
x-cdn-pop-ip
51.254.41.128/25
etag
"-375139978"
content-type
application/javascript; charset=UTF-8
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
4364
x-request-id
660901477
0.php
s4.histats.com/stats/ 		49 B
183 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4690849&@f16&@g1&@h1&@i1&@j1666598630349&@k0&@l1&@mTeam%20USA%20sets%20%7C%20%F0%9F%98%A8%F0%9F%98%83%F0%9F%98%85%20Microsoft%20Word%2C%20Excel%2C%20Outlook%20and%20PowerPoint%20tips%20and%20tricks&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-72303863&@b3:1666598630&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fofficetooltips.cysthost.com%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.69.251.190 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns546644.ip-158-69-251.net
Software
/
Resource Hash
58f46f6afc034792a96283c648d0e3737cffdf539229fc515638ce39d3f6a4c9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://officetooltips.cysthost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 24 Oct 2022 08:03:50 GMT
Connection
close
Content-Length
49
Content-Type
text/html;charset=UTF-8

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| setInnerHTML function| inject object| _Hasync object| atOptions function| chfh function| chfh2 string| _HST_cntval object| Histats object| _HistatsCounterGraphics_0_setValues

7 Cookies

Domain/Path Name / Value
officetooltips.cysthost.com/ Name: HstCfa4690849
Value: 1666598630349
officetooltips.cysthost.com/ Name: HstCla4690849
Value: 1666598630349
officetooltips.cysthost.com/ Name: HstCmu4690849
Value: 1666598630349
officetooltips.cysthost.com/ Name: HstPn4690849
Value: 1
officetooltips.cysthost.com/ Name: HstPt4690849
Value: 1
officetooltips.cysthost.com/ Name: HstCnv4690849
Value: 1
officetooltips.cysthost.com/ Name: HstCns4690849
Value: 1

1 Console Messages

Source Level URL
Text
network error URL: https://drawingwheels.com/82d4b0f6495aa90a07471062d1163f87/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cloud.nextagc.com
drawingwheels.com
fonts.googleapis.com
fonts.gstatic.com
officetooltips.cysthost.com
s10.histats.com
s4.histats.com
www.officetooltips.com
158.69.251.190
192.243.61.225
2a00:1450:4001:811::200a
2a00:1450:4001:82a::2003
2a06:98c1:3120::3
2a06:98c1:3121::3
46.105.201.240
0f09b79cfef36d1073abec56d7100bee829a1ae00db12e85d48912cbe118ff32
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
34688fda525b0df56cf2a42d65b1a97597900e27757b642d0afa5dd3a203d7d1
352d8f8bf745805b6e1992cf61b6efe97a9279129ea6dba2f7699adf6ae3d861
3a4164bd0bf1c198881d38cb371fab35be3007117ac48d437e5ed20842d2efd6
3c8bd81dc760c6303e3f4370a19c8776141937c5960408886c69d0f74fcaf5c3
521e6e333d2862a5384eb601991222706f1d14110c59fb1d38a429f34742947b
58f46f6afc034792a96283c648d0e3737cffdf539229fc515638ce39d3f6a4c9
66cd53d8449f62a808624898849beb27b0ef5e82930de6181400dd0a8326dd82
85f675582d5a0eadaf70463df63fab06abda0a1867f3f0bb705c369f0ee977f3
8740deeae45de6bbd71da0ae4b3a5be2df96af2f5de023beacaec1a455894bef
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8b3635c6645b573a57338143c4576768de6d8b3b1b20995689cf2cdf89746cfb
9a7e4e1c809e1addc9600af77e20b86e7507c88708a7631ea4998e2d4c220765
9d07bc242f42542fb9da8b1aaf68cffb02542e3186067918d67ca976a50a147f
a7b2d4a9c54ff6cd6640fd7037440585930a754da13b694f19f9a5e115c26a5d
ad78d8587c6a15dcff007b0dbe450ecc11876e57c081deb57ce1df1f5d78d3d7
b6aaf0bc10d6c3b5f40f97392b820371329c80017aee466d01815ec01ae07077
bde872b59119a31972d21c198eb0aa1e3c55a5107b5b3e03649c0c6b270b58cd
cdf77e3caa621507680057995c416ee1ca8f8e891ae1d031731f7e116ffa2c55
e7145fed0aed778503517c4446e8ea632f2bd2941e221379ba3f475aa38b33cf
e75a999c4e13f84e2c8d26e45d351636ccc44c03491945abae7a8a8b4ab86a07
f3046f938844e7869e82206cfcaee12a5de8f416b22dccd49b25da83d811a0b6