urlscan.io logo urlscan.io
SecurityTrails logo

oos.annotext-online.de Open in urlscan Pro
212.75.39.120  Public Scan

Go To Rescan Add Verdict Report
URL: https://oos.annotext-online.de/op/view.aspx?src=https://kanzleiamrathaus.oa.annotext.de/wp-content/uploads/sites/479/gwp_cache/...
Submission: On August 28 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 22 HTTP transactions. The main IP is 212.75.39.120, located in Germany and belongs to SCAN-PLUS-AS q.beyond AG, DE. The main domain is oos.annotext-online.de.
TLS certificate: Issued by R3 on July 13th 2023. Valid for: 3 months.
This is the only time oos.annotext-online.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
22 212.75.39.120 12399 (SCAN-PLUS...)
22 2
Apex Domain
Subdomains		 Transfer
22 annotext-online.de
oos.annotext-online.de
594 KB
22 1
Domain Requested by
22 oos.annotext-online.de oos.annotext-online.de
22 1

This site contains no links.

Subject Issuer Validity Valid
oos.annotext-online.de
R3		 2023-07-13 -
2023-10-11		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://oos.annotext-online.de/op/view.aspx?src=https://kanzleiamrathaus.oa.annotext.de/wp-content/uploads/sites/479/gwp_cache/26190f3b05cbc7ff111a7b4aa436f84f.doc?cache_busting=20230828121692970860
Frame ID: 6568B6A90EF175564CEB2BADF87597D3
Requests: 2 HTTP requests in this frame

Frame: https://oos.annotext-online.de/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=https%3A%2F%2Foos%2Eannotext%2Donline%2Ede%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fkanzleiamrathaus%252Eoa%252Eannotext%252Ede%253A443%252Fwp%252Dcontent%252Fuploads%252Fsites%252F479%252Fgwp%255Fcache%252F26190f3b05cbc7ff111a7b4aa436f84f%252Edoc%253Fcache%255Fbusting%253D20230828121692970860&access_token_ttl=0
Frame ID: F2CEFB91874720CE9A06EECCA72F0437
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

26190f3b05cbc7ff111a7b4aa436f84f.doc

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)
  • <input[^>]+name="__VIEWSTATE

Page Statistics

22
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

594 kB
Transfer

1835 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request view.aspx
oos.annotext-online.de/op/ 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://oos.annotext-online.de/op/view.aspx?src=https://kanzleiamrathaus.oa.annotext.de/wp-content/uploads/sites/479/gwp_cache/26190f3b05cbc7ff111a7b4aa436f84f.doc?cache_busting=20230828121692970860
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.75.39.120 , Germany, ASN12399 (SCAN-PLUS-AS q.beyond AG, DE),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a2d74cd174952d703017bf4f8f4b0ac5b46faa11deb88a248159e021931bcf45
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private
content-type
text/html; charset=utf-8
date
Mon, 28 Aug 2023 12:37:38 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-content-type-options
nosniff
x-correlationid
57abb8d4-8900-4c96-ace1-5f46d23022c8
x-officefe
57f9f757aeb543558407a852443b2531
x-officeversion
16.0.10373.20000
x-powered-by
ASP.NET
truncated
/ 		695 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type
image/gif
wordviewerframe.aspx
oos.annotext-online.de/wv/ Frame F2CE 		32 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://oos.annotext-online.de/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=https%3A%2F%2Foos%2Eannotext%2Donline%2Ede%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fkanzleiamrathaus%252Eoa%252Eannotext%252Ede%253A443%252Fwp%252Dcontent%252Fuploads%252Fsites%252F479%252Fgwp%255Fcache%252F26190f3b05cbc7ff111a7b4aa436f84f%252Edoc%253Fcache%255Fbusting%253D20230828121692970860&access_token_ttl=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.75.39.120 , Germany, ASN12399 (SCAN-PLUS-AS q.beyond AG, DE),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d39dc69be9a170f2daac00eb2c914d60ab50ae34937e924f53997a6bd6c45028
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://oos.annotext-online.de
Referer
https://oos.annotext-online.de/op/view.aspx?src=https://kanzleiamrathaus.oa.annotext.de/wp-content/uploads/sites/479/gwp_cache/26190f3b05cbc7ff111a7b4aa436f84f.doc?cache_busting=20230828121692970860
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store
content-type
text/html; charset=utf-8
date
Mon, 28 Aug 2023 12:37:38 GMT
expires
-1
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma
no-cache
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-content-type-options
nosniff
x-correlationid
a1646f9c-758d-4ea8-b750-c8d50c53164a
x-officefe
57f9f757aeb543558407a852443b2531
x-officeversion
16.0.10373.20000
x-powered-by
ASP.NET
x-usersessionid
a1646f9c-758d-4ea8-b750-c8d50c53164a
WordViewer.css
oos.annotext-online.de/wv/resources/1031/ Frame F2CE 		190 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://oos.annotext-online.de/wv/resources/1031/WordViewer.css?bn=326383543
Requested by
Host: oos.annotext-online.de
URL: https://oos.annotext-online.de/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=https%3A%2F%2Foos%2Eannotext%2Donline%2Ede%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fkanzleiamrathaus%252Eoa%252Eannotext%252Ede%253A443%252Fwp%252Dcontent%252Fuploads%252Fsites%252F479%252Fgwp%255Fcache%252F26190f3b05cbc7ff111a7b4aa436f84f%252Edoc%253Fcache%255Fbusting%253D20230828121692970860&access_token_ttl=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.75.39.120 , Germany, ASN12399 (SCAN-PLUS-AS q.beyond AG, DE),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3693e6072e9acff53a16d38931ba8d7f3b3ac2736699af92c2066ea6c92d8f59

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 12:37:38 GMT
content-encoding
gzip
x-officeversion
16.0.10373.20000
x-powered-by
ASP.NET
x-officefe
57f9f757aeb543558407a852443b2531
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
42557
last-modified
Thu, 09 Sep 2021 10:21:35 GMT
server
Microsoft-IIS/10.0
x-usersessionid
cbbec618-2e43-4e7b-bfab-c979909603ca
x-correlationid
cbbec618-2e43-4e7b-bfab-c979909603ca
etag
"54fbf17764a5d71:0"
vary
Accept-Encoding
content-type
text/css
cache-control
public,max-age=31536000
accept-ranges
bytes
MicrosoftAjax.js
oos.annotext-online.de/wv/App_Scripts/ Frame F2CE 		105 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oos.annotext-online.de/wv/App_Scripts/MicrosoftAjax.js?bn=326383543
Requested by
Host: oos.annotext-online.de
URL: https://oos.annotext-online.de/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=https%3A%2F%2Foos%2Eannotext%2Donline%2Ede%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fkanzleiamrathaus%252Eoa%252Eannotext%252Ede%253A443%252Fwp%252Dcontent%252Fuploads%252Fsites%252F479%252Fgwp%255Fcache%252F26190f3b05cbc7ff111a7b4aa436f84f%252Edoc%253Fcache%255Fbusting%253D20230828121692970860&access_token_ttl=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.75.39.120 , Germany, ASN12399 (SCAN-PLUS-AS q.beyond AG, DE),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0472d2a94ae07ca63c9b7b6b7ed95419bb2da6ad34d01075b43f0f9287b30984

Request headers

Referer
Origin
https://oos.annotext-online.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 12:37:38 GMT
content-encoding
gzip
x-officeversion
16.0.10373.20000
x-powered-by
ASP.NET
x-officefe
57f9f757aeb543558407a852443b2531
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
26989
last-modified
Mon, 05 Nov 2018 23:38:28 GMT
server
Microsoft-IIS/10.0
x-usersessionid
8a1645b7-0e98-441f-bd5f-d7b076cc3d0b
x-correlationid
8a1645b7-0e98-441f-bd5f-d7b076cc3d0b
etag
"0b24a76075d41:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
CommonIntl.js
oos.annotext-online.de/wv/App_Scripts/1031/ Frame F2CE 		62 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oos.annotext-online.de/wv/App_Scripts/1031/CommonIntl.js?bn=326383543
Requested by
Host: oos.annotext-online.de
URL: https://oos.annotext-online.de/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=https%3A%2F%2Foos%2Eannotext%2Donline%2Ede%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fkanzleiamrathaus%252Eoa%252Eannotext%252Ede%253A443%252Fwp%252Dcontent%252Fuploads%252Fsites%252F479%252Fgwp%255Fcache%252F26190f3b05cbc7ff111a7b4aa436f84f%252Edoc%253Fcache%255Fbusting%253D20230828121692970860&access_token_ttl=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.75.39.120 , Germany, ASN12399 (SCAN-PLUS-AS q.beyond AG, DE),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6f0ccba9866dfeca5d59891e587eb666cf78b38fe69384a69c7775be5c056b79

Request headers

Referer
Origin
https://oos.annotext-online.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 12:37:38 GMT
content-encoding
gzip
x-officeversion
16.0.10373.20000
x-powered-by
ASP.NET
x-officefe
57f9f757aeb543558407a852443b2531
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
23937
last-modified
Thu, 11 Mar 2021 11:38:24 GMT
server
Microsoft-IIS/10.0
x-usersessionid
41c44328-8e11-42d5-ab8c-66be9c822dfd
x-correlationid
41c44328-8e11-42d5-ab8c-66be9c822dfd
etag
"03871b6b16d71:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
Compat.js
oos.annotext-online.de/wv/App_Scripts/ Frame F2CE 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oos.annotext-online.de/wv/App_Scripts/Compat.js?bn=326383543
Requested by
Host: oos.annotext-online.de
URL: https://oos.annotext-online.de/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=https%3A%2F%2Foos%2Eannotext%2Donline%2Ede%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fkanzleiamrathaus%252Eoa%252Eannotext%252Ede%253A443%252Fwp%252Dcontent%252Fuploads%252Fsites%252F479%252Fgwp%255Fcache%252F26190f3b05cbc7ff111a7b4aa436f84f%252Edoc%253Fcache%255Fbusting%253D20230828121692970860&access_token_ttl=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.75.39.120 , Germany, ASN12399 (SCAN-PLUS-AS q.beyond AG, DE),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
06fe78141d1f3a435441a17ec8f9f46af7000af35aa0133c699c537d663607d0

Request headers

Referer
Origin
https://oos.annotext-online.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 12:37:38 GMT
content-encoding
gzip
x-officeversion
16.0.10373.20000
x-powered-by
ASP.NET
x-officefe
57f9f757aeb543558407a852443b2531
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
1618
last-modified
Mon, 05 Nov 2018 23:48:04 GMT
server
Microsoft-IIS/10.0
x-usersessionid
cbb852cf-e981-4885-8491-07514ef191ed
x-correlationid
cbb852cf-e981-4885-8491-07514ef191ed
etag
"05257fe6175d41:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
WordViewerIntl.js
oos.annotext-online.de/wv/App_Scripts/1031/ Frame F2CE 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oos.annotext-online.de/wv/App_Scripts/1031/WordViewerIntl.js?bn=326383543
Requested by
Host: oos.annotext-online.de
URL: https://oos.annotext-online.de/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=https%3A%2F%2Foos%2Eannotext%2Donline%2Ede%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fkanzleiamrathaus%252Eoa%252Eannotext%252Ede%253A443%252Fwp%252Dcontent%252Fuploads%252Fsites%252F479%252Fgwp%255Fcache%252F26190f3b05cbc7ff111a7b4aa436f84f%252Edoc%253Fcache%255Fbusting%253D20230828121692970860&access_token_ttl=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.75.39.120 , Germany, ASN12399 (SCAN-PLUS-AS q.beyond AG, DE),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e6a6d585d02508011523e8ef5b01f5c3f23819afbdb34673075eba783196d39

Request headers

Referer
Origin
https://oos.annotext-online.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 12:37:38 GMT
content-encoding
gzip
x-officeversion
16.0.10373.20000
x-powered-by
ASP.NET
x-officefe
57f9f757aeb543558407a852443b2531
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
5587
last-modified
Tue, 06 Nov 2018 12:28:26 GMT
server
Microsoft-IIS/10.0
x-usersessionid
75d9890e-0ce7-44ae-a674-dbe981861704
x-correlationid
75d9890e-0ce7-44ae-a674-dbe981861704
etag
"0112c37cc75d41:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
WordViewer.js
oos.annotext-online.de/wv/App_Scripts/ Frame F2CE 		860 KB
231 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oos.annotext-online.de/wv/App_Scripts/WordViewer.js?bn=326383543
Requested by
Host: oos.annotext-online.de
URL: https://oos.annotext-online.de/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=https%3A%2F%2Foos%2Eannotext%2Donline%2Ede%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fkanzleiamrathaus%252Eoa%252Eannotext%252Ede%253A443%252Fwp%252Dcontent%252Fuploads%252Fsites%252F479%252Fgwp%255Fcache%252F26190f3b05cbc7ff111a7b4aa436f84f%252Edoc%253Fcache%255Fbusting%253D20230828121692970860&access_token_ttl=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.75.39.120 , Germany, ASN12399 (SCAN-PLUS-AS q.beyond AG, DE),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8f62f59ffe0ecb69894fca3ec02dd7f2a4de8875f13c44b621205fdb0fe5006d

Request headers

Referer
Origin
https://oos.annotext-online.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 12:37:38 GMT
content-encoding
gzip
x-officeversion
16.0.10373.20000
x-powered-by
ASP.NET
x-officefe
57f9f757aeb543558407a852443b2531
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
236452
last-modified
Tue, 16 May 2023 01:04:42 GMT
server
Microsoft-IIS/10.0
x-usersessionid
2657a89d-cab4-489a-b251-f0e306524a17
x-correlationid
2657a89d-cab4-489a-b251-f0e306524a17
etag
"07161659287d91:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
truncated
/ Frame F2CE 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
223f620d31252cab8d99fba428b123b3ccc9fa705bfe3a43417e1d976c4a6221

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame F2CE 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7f87a803dcaa9a3c75ec3b8f670c76709d494f3086d8c8d279ec7da52abf4380

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type
image/gif
ResReader.ashx
oos.annotext-online.de/wv/ Frame F2CE 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oos.annotext-online.de/wv/ResReader.ashx?n=p1.img&WOPIsrc=https%3A%2F%2Foos%2Eannotext%2Donline%2Ede%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fkanzleiamrathaus%252Eoa%252Eannotext%252Ede%253A443%252Fwp%252Dcontent%252Fuploads%252Fsites%252F479%252Fgwp%255Fcache%252F26190f3b05cbc7ff111a7b4aa436f84f%252Edoc%253Fcache%255Fbusting%253D20230828121692970860&access_token=1&access_token_ttl=0&z=74ffb13f7674874d77971a1980194d90d1e722b37698f2b08d52d4e522ec0261&v=00000000-0000-0000-0000-000000000802&usid=a1646f9c-758d-4ea8-b750-c8d50c53164a&splashscreen=1&build=16.0.10373.20000
Requested by
Host: oos.annotext-online.de
URL: https://oos.annotext-online.de/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=https%3A%2F%2Foos%2Eannotext%2Donline%2Ede%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fkanzleiamrathaus%252Eoa%252Eannotext%252Ede%253A443%252Fwp%252Dcontent%252Fuploads%252Fsites%252F479%252Fgwp%255Fcache%252F26190f3b05cbc7ff111a7b4aa436f84f%252Edoc%253Fcache%255Fbusting%253D20230828121692970860&access_token_ttl=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.75.39.120 , Germany, ASN12399 (SCAN-PLUS-AS q.beyond AG, DE),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d70a71f5e1ffffc4bd5fa05d7fff3badd6eaf8eaeaf3d4b290be26a10e2546e8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 12:37:38 GMT
x-content-type-options
nosniff
x-aspnet-version
4.0.30319
x-officeversion
16.0.10373.20000
x-powered-by
ASP.NET
x-officefe
57f9f757aeb543558407a852443b2531
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
content-length
21444
x-correlationid
b7d4f3d5-1b43-4b33-a7fb-f7f6b82b0bfb
server
Microsoft-IIS/10.0
etag
"WOPIsrc=https%3A%2F%2Foos%2Eannotext%2Donline%2Ede%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fkanzleiamrathaus%252Eoa%252Eannotext%252Ede%253A443%252Fwp%252Dcontent%252Fuploads%252Fsites%252F479%252Fgwp%255Fcache%252F26190f3b05cbc7ff111a7b4aa436f84f%252Edoc%253Fcache%255Fbusting%253D20230828121692970860&access_token=1&access_token_ttl=0&z=74ffb13f7674874d77971a1980194d90d1e722b37698f2b08d52d4e522ec026100000000-0000-0000-0000-000000000802p1.img"
x-download-options
noopen
content-type
image/png
cache-control
private
expires
Tue, 27 Aug 2024 12:37:39 GMT
truncated
/ Frame F2CE 		60 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
83f8c8c200f72e996a99b719fa97f1e588904baa0602a9347bf6ea342b909ac7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ Frame F2CE 		60 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
36f5a64c706e1ae129419a67790b4a99a8f8f0ba20210a9920e7b474914442b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type
image/gif
segoeui.woff
oos.annotext-online.de/wv/resources/1031/ Frame F2CE 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://oos.annotext-online.de/wv/resources/1031/segoeui.woff
Requested by
Host: oos.annotext-online.de
URL: https://oos.annotext-online.de/wv/resources/1031/WordViewer.css?bn=326383543
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.75.39.120 , Germany, ASN12399 (SCAN-PLUS-AS q.beyond AG, DE),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Referer
https://oos.annotext-online.de/wv/resources/1031/WordViewer.css?bn=326383543
Origin
https://oos.annotext-online.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 12:37:38 GMT
x-correlationid
b875f19b-cd12-4bd6-9c43-6fec54618ff1
server
Microsoft-IIS/10.0
x-usersessionid
b875f19b-cd12-4bd6-9c43-6fec54618ff1
x-officeversion
16.0.10373.20000
x-powered-by
ASP.NET
x-officefe
57f9f757aeb543558407a852443b2531
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-type
text/html
content-length
1285
docdatahandler.ashx
oos.annotext-online.de/wv/ Frame F2CE 		445 B
520 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://oos.annotext-online.de/wv/docdatahandler.ashx?WOPIsrc=https%3A%2F%2Foos%2Eannotext%2Donline%2Ede%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fkanzleiamrathaus%252Eoa%252Eannotext%252Ede%253A443%252Fwp%252Dcontent%252Fuploads%252Fsites%252F479%252Fgwp%255Fcache%252F26190f3b05cbc7ff111a7b4aa436f84f%252Edoc%253Fcache%255Fbusting%253D20230828121692970860&access_token=1&access_token_ttl=0&z=74ffb13f7674874d77971a1980194d90d1e722b37698f2b08d52d4e522ec0261&type=png&o15=1&ui=de-DE
Requested by
Host: oos.annotext-online.de
URL: https://oos.annotext-online.de/wv/App_Scripts/MicrosoftAjax.js?bn=326383543
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.75.39.120 , Germany, ASN12399 (SCAN-PLUS-AS q.beyond AG, DE),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
295c6c5d3bc5a13a1fe7c3b569f1408d0777d542526b52a3ebc22e082e695f94
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

X-UserSessionId
a1646f9c-758d-4ea8-b750-c8d50c53164a
accept-language
de-DE,de;q=0.9
X-OfficeVersion
16.0.10373.20000
X-Key
exLO7+QsPvTiXHQM6d5lDuv79o7Br6e9G2fDfHmGH1E=,638288230590546930
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Referer
X-Requested-With
XMLHttpRequest
X-UserType
WOPI
X-xhr
1

Response headers

date
Mon, 28 Aug 2023 12:37:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-aspnet-version
4.0.30319
x-officeversion
16.0.10373.20000
x-powered-by
ASP.NET
x-officefe
57f9f757aeb543558407a852443b2531
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
content-length
419
x-correlationid
92863baf-40f7-48e5-bbe9-3e3981b4950c
server
Microsoft-IIS/10.0
x-download-options
noopen
vary
Accept-Encoding
content-type
text/xml; charset=utf-8
cache-control
private
expires
Tue, 27 Aug 2024 12:37:39 GMT
wacairspaceanimationlibrary.js
oos.annotext-online.de/wv/App_Scripts/ Frame F2CE 		40 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oos.annotext-online.de/wv/App_Scripts/wacairspaceanimationlibrary.js?bn=326383543
Requested by
Host: oos.annotext-online.de
URL: https://oos.annotext-online.de/wv/App_Scripts/WordViewer.js?bn=326383543
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.75.39.120 , Germany, ASN12399 (SCAN-PLUS-AS q.beyond AG, DE),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
458d704b9bfcd0c284aa3a76db26dfce870f7537f2913937aec2a6b9d0c969ca

Request headers

Referer
Origin
https://oos.annotext-online.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 12:37:38 GMT
content-encoding
gzip
x-officeversion
16.0.10373.20000
x-powered-by
ASP.NET
x-officefe
57f9f757aeb543558407a852443b2531
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
6753
last-modified
Mon, 05 Nov 2018 23:49:46 GMT
server
Microsoft-IIS/10.0
x-usersessionid
72c56f67-f499-4057-8532-fc0bcfdc9366
x-correlationid
72c56f67-f499-4057-8532-fc0bcfdc9366
etag
"049233b6275d41:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
segoeui.ttf
oos.annotext-online.de/wv/resources/1031/ Frame F2CE 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://oos.annotext-online.de/wv/resources/1031/segoeui.ttf
Requested by
Host: oos.annotext-online.de
URL: https://oos.annotext-online.de/wv/resources/1031/WordViewer.css?bn=326383543
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.75.39.120 , Germany, ASN12399 (SCAN-PLUS-AS q.beyond AG, DE),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Referer
https://oos.annotext-online.de/wv/resources/1031/WordViewer.css?bn=326383543
Origin
https://oos.annotext-online.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 12:37:38 GMT
x-correlationid
eae48424-736d-4a43-a4fb-e3449ca02deb
server
Microsoft-IIS/10.0
x-usersessionid
eae48424-736d-4a43-a4fb-e3449ca02deb
x-officeversion
16.0.10373.20000
x-powered-by
ASP.NET
x-officefe
57f9f757aeb543558407a852443b2531
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-type
text/html
content-length
1285
WordViewer.dll1.js
oos.annotext-online.de/wv/App_Scripts/ Frame F2CE 		385 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oos.annotext-online.de/wv/App_Scripts/WordViewer.dll1.js?bn=326383543
Requested by
Host: oos.annotext-online.de
URL: https://oos.annotext-online.de/wv/App_Scripts/WordViewer.js?bn=326383543
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.75.39.120 , Germany, ASN12399 (SCAN-PLUS-AS q.beyond AG, DE),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7ca09a481e3c46e26d02cbc449dc2d711a52ea9fe840bdad6842d2af1b5796ec

Request headers

Referer
Origin
https://oos.annotext-online.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 12:37:38 GMT
content-encoding
gzip
x-officeversion
16.0.10373.20000
x-powered-by
ASP.NET
x-officefe
57f9f757aeb543558407a852443b2531
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
99654
last-modified
Tue, 16 May 2023 01:04:36 GMT
server
Microsoft-IIS/10.0
x-usersessionid
b59e2fe0-05bf-4868-96e5-6283cad0f96d
x-correlationid
b59e2fe0-05bf-4868-96e5-6283cad0f96d
etag
"0eacd619287d91:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
progress.gif
oos.annotext-online.de/wv/resources/1031/ Frame F2CE 		695 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oos.annotext-online.de/wv/resources/1031/progress.gif?bn=326383543
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.75.39.120 , Germany, ASN12399 (SCAN-PLUS-AS q.beyond AG, DE),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 12:37:38 GMT
last-modified
Wed, 07 Nov 2018 14:34:00 GMT
server
Microsoft-IIS/10.0
x-usersessionid
a3c3e801-d011-43b1-bee7-6c22c9aa781f
x-correlationid
a3c3e801-d011-43b1-bee7-6c22c9aa781f
etag
"0fc32eca676d41:0"
x-officeversion
16.0.10373.20000
x-officefe
57f9f757aeb543558407a852443b2531
content-type
image/gif
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-powered-by
ASP.NET
cache-control
public,max-age=31536000
accept-ranges
bytes
content-length
695
ResReader.ashx
oos.annotext-online.de/wv/ Frame F2CE 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oos.annotext-online.de/wv/ResReader.ashx?n=p1.img&v=00000000-0000-0000-0000-000000000802&usid=a1646f9c-758d-4ea8-b750-c8d50c53164a&build=16.0.10373.20000&WOPIsrc=https%3A%2F%2Foos%2Eannotext%2Donline%2Ede%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fkanzleiamrathaus%252Eoa%252Eannotext%252Ede%253A443%252Fwp%252Dcontent%252Fuploads%252Fsites%252F479%252Fgwp%255Fcache%252F26190f3b05cbc7ff111a7b4aa436f84f%252Edoc%253Fcache%255Fbusting%253D20230828121692970860&access_token=1&access_token_ttl=0&z=74ffb13f7674874d77971a1980194d90d1e722b37698f2b08d52d4e522ec0261
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.75.39.120 , Germany, ASN12399 (SCAN-PLUS-AS q.beyond AG, DE),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d70a71f5e1ffffc4bd5fa05d7fff3badd6eaf8eaeaf3d4b290be26a10e2546e8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 12:37:38 GMT
x-content-type-options
nosniff
x-aspnet-version
4.0.30319
x-officeversion
16.0.10373.20000
x-powered-by
ASP.NET
x-officefe
57f9f757aeb543558407a852443b2531
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
content-length
21444
x-correlationid
79f139ad-43fe-48ff-b992-d20279c9997d
server
Microsoft-IIS/10.0
etag
"WOPIsrc=https%3A%2F%2Foos%2Eannotext%2Donline%2Ede%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fkanzleiamrathaus%252Eoa%252Eannotext%252Ede%253A443%252Fwp%252Dcontent%252Fuploads%252Fsites%252F479%252Fgwp%255Fcache%252F26190f3b05cbc7ff111a7b4aa436f84f%252Edoc%253Fcache%255Fbusting%253D20230828121692970860&access_token=1&access_token_ttl=0&z=74ffb13f7674874d77971a1980194d90d1e722b37698f2b08d52d4e522ec026100000000-0000-0000-0000-000000000802p1.img"
x-download-options
noopen
content-type
image/png
cache-control
private
expires
Tue, 27 Aug 2024 12:37:39 GMT
ResReader.ashx
oos.annotext-online.de/wv/ Frame F2CE 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oos.annotext-online.de/wv/ResReader.ashx?n=p2.img&v=00000000-0000-0000-0000-000000000802&usid=a1646f9c-758d-4ea8-b750-c8d50c53164a&build=16.0.10373.20000&WOPIsrc=https%3A%2F%2Foos%2Eannotext%2Donline%2Ede%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fkanzleiamrathaus%252Eoa%252Eannotext%252Ede%253A443%252Fwp%252Dcontent%252Fuploads%252Fsites%252F479%252Fgwp%255Fcache%252F26190f3b05cbc7ff111a7b4aa436f84f%252Edoc%253Fcache%255Fbusting%253D20230828121692970860&access_token=1&access_token_ttl=0&z=74ffb13f7674874d77971a1980194d90d1e722b37698f2b08d52d4e522ec0261
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.75.39.120 , Germany, ASN12399 (SCAN-PLUS-AS q.beyond AG, DE),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
716a53c5a8e69ce936113816d72ad6a04d47401db6a840b8bb85888367a6b04d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 12:37:38 GMT
x-content-type-options
nosniff
x-aspnet-version
4.0.30319
x-officeversion
16.0.10373.20000
x-powered-by
ASP.NET
x-officefe
57f9f757aeb543558407a852443b2531
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
content-length
12704
x-correlationid
6527e656-1772-4c3b-b46b-2ecb04095e52
server
Microsoft-IIS/10.0
etag
"WOPIsrc=https%3A%2F%2Foos%2Eannotext%2Donline%2Ede%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fkanzleiamrathaus%252Eoa%252Eannotext%252Ede%253A443%252Fwp%252Dcontent%252Fuploads%252Fsites%252F479%252Fgwp%255Fcache%252F26190f3b05cbc7ff111a7b4aa436f84f%252Edoc%253Fcache%255Fbusting%253D20230828121692970860&access_token=1&access_token_ttl=0&z=74ffb13f7674874d77971a1980194d90d1e722b37698f2b08d52d4e522ec026100000000-0000-0000-0000-000000000802p2.img"
x-download-options
noopen
content-type
image/png
cache-control
private
expires
Tue, 27 Aug 2024 12:37:39 GMT
segoeui-semilight-final.woff
oos.annotext-online.de/wv/resources/1031/ Frame F2CE 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://oos.annotext-online.de/wv/resources/1031/segoeui-semilight-final.woff
Requested by
Host: oos.annotext-online.de
URL: https://oos.annotext-online.de/wv/resources/1031/WordViewer.css?bn=326383543
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.75.39.120 , Germany, ASN12399 (SCAN-PLUS-AS q.beyond AG, DE),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e018e8b8973a4a204f322e3afe6439ac1055c5a52b9b8dcf63635e42fe89003c

Request headers

Referer
https://oos.annotext-online.de/wv/resources/1031/WordViewer.css?bn=326383543
Origin
https://oos.annotext-online.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 12:37:38 GMT
last-modified
Mon, 05 Nov 2018 23:33:54 GMT
server
Microsoft-IIS/10.0
x-usersessionid
3fbcd683-976b-4e8b-ab1e-bfbc2912f037
x-correlationid
3fbcd683-976b-4e8b-ab1e-bfbc2912f037
etag
"09db336075d41:0"
x-officeversion
16.0.10373.20000
x-officefe
57f9f757aeb543558407a852443b2531
content-type
font/x-woff
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-powered-by
ASP.NET
cache-control
public,max-age=31536000
accept-ranges
bytes
content-length
25997
wv.png
oos.annotext-online.de/wv/resources/1031/ Frame F2CE 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oos.annotext-online.de/wv/resources/1031/wv.png?bn=326383543
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.75.39.120 , Germany, ASN12399 (SCAN-PLUS-AS q.beyond AG, DE),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99d9c1e39a86446eba19c88714d1686fded6287841ecf52c45af7cf2cf9d6468

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 12:37:38 GMT
last-modified
Wed, 07 Nov 2018 14:33:40 GMT
server
Microsoft-IIS/10.0
x-usersessionid
807f4481-27c4-4570-b65a-d2f4b979f03d
x-correlationid
807f4481-27c4-4570-b65a-d2f4b979f03d
etag
"03a47e0a676d41:0"
x-officeversion
16.0.10373.20000
x-officefe
57f9f757aeb543558407a852443b2531
content-type
image/png
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-powered-by
ASP.NET
cache-control
public,max-age=31536000
accept-ranges
bytes
content-length
33323
progress16.gif
oos.annotext-online.de/wv/resources/1031/ Frame F2CE 		668 B
809 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oos.annotext-online.de/wv/resources/1031/progress16.gif?bn=326383543
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.75.39.120 , Germany, ASN12399 (SCAN-PLUS-AS q.beyond AG, DE),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
38e88b6af6c6531959a5ad70f5310b60878dc948086a1d4107168b08cc44ecf7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 12:37:38 GMT
last-modified
Wed, 07 Nov 2018 14:33:36 GMT
server
Microsoft-IIS/10.0
x-usersessionid
5701423a-7c22-4aaa-ba28-331d8c2b7777
x-correlationid
5701423a-7c22-4aaa-ba28-331d8c2b7777
etag
"0e0e4dda676d41:0"
x-officeversion
16.0.10373.20000
x-officefe
57f9f757aeb543558407a852443b2531
content-type
image/gif
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-powered-by
ASP.NET
cache-control
public,max-age=31536000
accept-ranges
bytes
content-length
668
RemoteUls.ashx
oos.annotext-online.de/wv/ Frame F2CE 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://oos.annotext-online.de/wv/RemoteUls.ashx?build=16.0.10373.20000
Requested by
Host: oos.annotext-online.de
URL: https://oos.annotext-online.de/wv/App_Scripts/WordViewer.js?bn=326383543
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.75.39.120 , Germany, ASN12399 (SCAN-PLUS-AS q.beyond AG, DE),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

X-AccessToken
1
X-UserSessionId
a1646f9c-758d-4ea8-b750-c8d50c53164a
X-AccessTokenTtl
0
accept-language
de-DE,de;q=0.9
X-OfficeVersion
16.0.10373.20000
X-Key
exLO7+QsPvTiXHQM6d5lDuv79o7Br6e9G2fDfHmGH1E=,638288230590546930
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
X-UserType
WOPI
X-xhr
1

Response headers

date
Mon, 28 Aug 2023 12:37:38 GMT
x-content-type-options
nosniff
x-aspnet-version
4.0.30319
x-officeversion
16.0.10373.20000
x-powered-by
ASP.NET
x-officefe
57f9f757aeb543558407a852443b2531
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
content-length
0
x-correlationid
16cd3488-5124-4529-b98f-b0ca8b5b8cef
server
Microsoft-IIS/10.0
x-download-options
noopen
content-type
text/plain
access-control-allow-origin
https://oos.annotext-online.de
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey
cache-control
private
ResReader.ashx
oos.annotext-online.de/wv/ Frame F2CE 		14 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://oos.annotext-online.de/wv/ResReader.ashx?n=p_1_10.xml&v=00000000-0000-0000-0000-000000000802&usid=a1646f9c-758d-4ea8-b750-c8d50c53164a&build=16.0.10373.20000&WOPIsrc=https%3A%2F%2Foos%2Eannotext%2Donline%2Ede%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fkanzleiamrathaus%252Eoa%252Eannotext%252Ede%253A443%252Fwp%252Dcontent%252Fuploads%252Fsites%252F479%252Fgwp%255Fcache%252F26190f3b05cbc7ff111a7b4aa436f84f%252Edoc%253Fcache%255Fbusting%253D20230828121692970860&access_token=1&access_token_ttl=0&z=74ffb13f7674874d77971a1980194d90d1e722b37698f2b08d52d4e522ec0261
Requested by
Host: oos.annotext-online.de
URL: https://oos.annotext-online.de/wv/App_Scripts/MicrosoftAjax.js?bn=326383543
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.75.39.120 , Germany, ASN12399 (SCAN-PLUS-AS q.beyond AG, DE),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
022df0c8dd0e7675e77902cfee906b51c1f056f81f538e493f2b30b4bf3ea755
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

X-UserSessionId
a1646f9c-758d-4ea8-b750-c8d50c53164a
accept-language
de-DE,de;q=0.9
X-OfficeVersion
16.0.10373.20000
X-Key
exLO7+QsPvTiXHQM6d5lDuv79o7Br6e9G2fDfHmGH1E=,638288230590546930
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Referer
X-Requested-With
XMLHttpRequest
X-UserType
WOPI
X-xhr
1

Response headers

date
Mon, 28 Aug 2023 12:37:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-aspnet-version
4.0.30319
x-officeversion
16.0.10373.20000
x-powered-by
ASP.NET
x-officefe
57f9f757aeb543558407a852443b2531
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
content-length
5467
x-correlationid
1236bd53-c1a7-41d0-97eb-6db7ca790b55
server
Microsoft-IIS/10.0
etag
"WOPIsrc=https%3A%2F%2Foos%2Eannotext%2Donline%2Ede%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fkanzleiamrathaus%252Eoa%252Eannotext%252Ede%253A443%252Fwp%252Dcontent%252Fuploads%252Fsites%252F479%252Fgwp%255Fcache%252F26190f3b05cbc7ff111a7b4aa436f84f%252Edoc%253Fcache%255Fbusting%253D20230828121692970860&access_token=1&access_token_ttl=0&z=74ffb13f7674874d77971a1980194d90d1e722b37698f2b08d52d4e522ec026100000000-0000-0000-0000-000000000802p_1_10.xml"
x-download-options
noopen
vary
Accept-Encoding
content-type
text/xml; charset=utf-8
cache-control
private
expires
Tue, 27 Aug 2024 12:37:39 GMT

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture string| _iframeUrl string| _windowTitle string| _favIconUrl boolean| _shouldDoRedirect string| _failureRedirectUrl string| _accessToken function| OnLoad

1 Cookies

Domain/Path Name / Value
oos.annotext-online.de/ Name: DcLcid
Value: ui=1031&data=1031

2 Console Messages

Source Level URL
Text
network error URL: https://oos.annotext-online.de/wv/resources/1031/segoeui.woff
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://oos.annotext-online.de/wv/resources/1031/segoeui.ttf
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

oos.annotext-online.de
212.75.39.120
022df0c8dd0e7675e77902cfee906b51c1f056f81f538e493f2b30b4bf3ea755
0472d2a94ae07ca63c9b7b6b7ed95419bb2da6ad34d01075b43f0f9287b30984
06fe78141d1f3a435441a17ec8f9f46af7000af35aa0133c699c537d663607d0
223f620d31252cab8d99fba428b123b3ccc9fa705bfe3a43417e1d976c4a6221
295c6c5d3bc5a13a1fe7c3b569f1408d0777d542526b52a3ebc22e082e695f94
3693e6072e9acff53a16d38931ba8d7f3b3ac2736699af92c2066ea6c92d8f59
36f5a64c706e1ae129419a67790b4a99a8f8f0ba20210a9920e7b474914442b6
38e88b6af6c6531959a5ad70f5310b60878dc948086a1d4107168b08cc44ecf7
458d704b9bfcd0c284aa3a76db26dfce870f7537f2913937aec2a6b9d0c969ca
4e6a6d585d02508011523e8ef5b01f5c3f23819afbdb34673075eba783196d39
6f0ccba9866dfeca5d59891e587eb666cf78b38fe69384a69c7775be5c056b79
716a53c5a8e69ce936113816d72ad6a04d47401db6a840b8bb85888367a6b04d
7ca09a481e3c46e26d02cbc449dc2d711a52ea9fe840bdad6842d2af1b5796ec
7f87a803dcaa9a3c75ec3b8f670c76709d494f3086d8c8d279ec7da52abf4380
83f8c8c200f72e996a99b719fa97f1e588904baa0602a9347bf6ea342b909ac7
8f62f59ffe0ecb69894fca3ec02dd7f2a4de8875f13c44b621205fdb0fe5006d
99d9c1e39a86446eba19c88714d1686fded6287841ecf52c45af7cf2cf9d6468
a2d74cd174952d703017bf4f8f4b0ac5b46faa11deb88a248159e021931bcf45
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
d39dc69be9a170f2daac00eb2c914d60ab50ae34937e924f53997a6bd6c45028
d70a71f5e1ffffc4bd5fa05d7fff3badd6eaf8eaeaf3d4b290be26a10e2546e8
e018e8b8973a4a204f322e3afe6439ac1055c5a52b9b8dcf63635e42fe89003c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855