Analysis
-
max time kernel
150s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system -
submitted
12/12/2024, 07:02 UTC
Static task
static1
Behavioral task
behavioral1
Sample
e53bcefe67ef4c07fbc68571aeed16bb_JaffaCakes118.exe
Resource
win7-20240903-en
General
-
Target
e53bcefe67ef4c07fbc68571aeed16bb_JaffaCakes118.exe
-
Size
327KB
-
MD5
e53bcefe67ef4c07fbc68571aeed16bb
-
SHA1
ac43508e3195525348518e43c4514de1023bff2e
-
SHA256
ea6e1cd7b54a6abca274cea4aca81c1d6a3e199c42c417089a6e1a9de655cfd0
-
SHA512
129c2fb2cbdf3e87375ee82342e169cd025b6fa5adef0083fa3f60ddd8e9377f1bc4a7ae57c2727e10f3666bba194191eb5d9fec41196e397cd3aea5f52460db
-
SSDEEP
6144:LmpyGttLh7jEa4q5S+MBQUC7TWZgRZUYZ:Lmt574q4rBFC7Th9Z
Malware Config
Signatures
-
Ardamax family
-
Ardamax main executable 1 IoCs
resource yara_rule behavioral2/files/0x000b000000023b9b-12.dat family_ardamax -
Checks computer location settings 2 TTPs 1 IoCs
Looks up country code configured in the registry, likely geofence.
description ioc Process Key value queried \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000\Control Panel\International\Geo\Nation e53bcefe67ef4c07fbc68571aeed16bb_JaffaCakes118.exe -
Executes dropped EXE 1 IoCs
pid Process 2804 iexplore.exe -
Loads dropped DLL 5 IoCs
pid Process 4468 e53bcefe67ef4c07fbc68571aeed16bb_JaffaCakes118.exe 2804 iexplore.exe 2804 iexplore.exe 2804 iexplore.exe 2804 iexplore.exe -
Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory 4 IoCs
description ioc Process File created C:\Windows\SysWOW64\iexplore.001 e53bcefe67ef4c07fbc68571aeed16bb_JaffaCakes118.exe File created C:\Windows\SysWOW64\iexplore.006 e53bcefe67ef4c07fbc68571aeed16bb_JaffaCakes118.exe File created C:\Windows\SysWOW64\iexplore.007 e53bcefe67ef4c07fbc68571aeed16bb_JaffaCakes118.exe File created C:\Windows\SysWOW64\iexplore.exe e53bcefe67ef4c07fbc68571aeed16bb_JaffaCakes118.exe -
Drops file in Windows directory 1 IoCs
description ioc Process File opened for modification C:\Windows\SysWOW64 iexplore.exe -
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
System Location Discovery: System Language Discovery 1 TTPs 2 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language e53bcefe67ef4c07fbc68571aeed16bb_JaffaCakes118.exe Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language iexplore.exe -
Checks processor information in registry 2 TTPs 3 IoCs
Processor information is often read in order to detect sandboxing environments.
description ioc Process Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 POWERPNT.EXE Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz POWERPNT.EXE Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString POWERPNT.EXE -
Enumerates system info in registry 2 TTPs 3 IoCs
description ioc Process Key opened \REGISTRY\MACHINE\Hardware\Description\System\BIOS POWERPNT.EXE Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemFamily POWERPNT.EXE Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU POWERPNT.EXE -
Modifies registry class 1 IoCs
description ioc Process Key created \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\Local Settings e53bcefe67ef4c07fbc68571aeed16bb_JaffaCakes118.exe -
Suspicious behavior: AddClipboardFormatListener 1 IoCs
pid Process 1760 POWERPNT.EXE -
Suspicious use of AdjustPrivilegeToken 2 IoCs
description pid Process Token: 33 2804 iexplore.exe Token: SeIncBasePriorityPrivilege 2804 iexplore.exe -
Suspicious use of SetWindowsHookEx 5 IoCs
pid Process 2804 iexplore.exe 2804 iexplore.exe 2804 iexplore.exe 2804 iexplore.exe 1760 POWERPNT.EXE -
Suspicious use of WriteProcessMemory 6 IoCs
description pid Process procid_target PID 4468 wrote to memory of 2804 4468 e53bcefe67ef4c07fbc68571aeed16bb_JaffaCakes118.exe 83 PID 4468 wrote to memory of 2804 4468 e53bcefe67ef4c07fbc68571aeed16bb_JaffaCakes118.exe 83 PID 4468 wrote to memory of 2804 4468 e53bcefe67ef4c07fbc68571aeed16bb_JaffaCakes118.exe 83 PID 4468 wrote to memory of 1760 4468 e53bcefe67ef4c07fbc68571aeed16bb_JaffaCakes118.exe 84 PID 4468 wrote to memory of 1760 4468 e53bcefe67ef4c07fbc68571aeed16bb_JaffaCakes118.exe 84 PID 4468 wrote to memory of 1760 4468 e53bcefe67ef4c07fbc68571aeed16bb_JaffaCakes118.exe 84
Processes
-
C:\Users\Admin\AppData\Local\Temp\e53bcefe67ef4c07fbc68571aeed16bb_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\e53bcefe67ef4c07fbc68571aeed16bb_JaffaCakes118.exe"1⤵
- Checks computer location settings
- Loads dropped DLL
- Drops file in System32 directory
- System Location Discovery: System Language Discovery
- Modifies registry class
- Suspicious use of WriteProcessMemory
PID:4468 -
C:\Windows\SysWOW64\iexplore.exe"C:\Windows\system32\iexplore.exe"2⤵
- Executes dropped EXE
- Loads dropped DLL
- Drops file in Windows directory
- System Location Discovery: System Language Discovery
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
PID:2804
-
-
C:\Program Files\Microsoft Office\Root\Office16\POWERPNT.EXE"C:\Program Files\Microsoft Office\Root\Office16\POWERPNT.EXE" /s "C:\Users\Admin\AppData\Local\Temp\Cidade dos anjos.pps" /ou ""2⤵
- Checks processor information in registry
- Enumerates system info in registry
- Suspicious behavior: AddClipboardFormatListener
- Suspicious use of SetWindowsHookEx
PID:1760
-
Network
-
Remote address:8.8.8.8:53Request172.214.232.199.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request58.55.71.13.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Requestroaming.officeapps.live.comIN AResponseroaming.officeapps.live.comIN CNAMEprod.roaming1.live.com.akadns.netprod.roaming1.live.com.akadns.netIN CNAMEeur.roaming1.live.com.akadns.neteur.roaming1.live.com.akadns.netIN CNAMEweu-azsc-000.roaming.officeapps.live.comweu-azsc-000.roaming.officeapps.live.comIN CNAMEosiprod-weu-buff-azsc-000.westeurope.cloudapp.azure.comosiprod-weu-buff-azsc-000.westeurope.cloudapp.azure.comIN A52.109.89.19
-
Remote address:52.109.89.19:443RequestPOST /rs/RoamingSoapService.svc HTTP/1.1
Cache-Control: no-cache
Connection: Keep-Alive
Pragma: no-cache
Content-Type: text/xml; charset=utf-8
User-Agent: MS-WebServices/1.0
SOAPAction: "http://tempuri.org/IRoamingSettingsService/GetConfig"
Content-Length: 511
Host: roaming.officeapps.live.com
ResponseHTTP/1.1 200 OK
Content-Type: text/xml; charset=utf-8
Server: Microsoft-IIS/10.0
X-OfficeFE: RoamingFE_IN_155
X-OfficeVersion: 16.0.18315.30575
X-OfficeCluster: weu-000.roaming.officeapps.live.com
Content-Security-Policy-Report-Only: script-src 'nonce-iNLF7QLkkGmKELjP0MEE+rIObOXm5DqSRTxr/OpxgNNBhh1W1K0k81GKNkb7ZmWj8QS3GgE153eRIusFN5k5dPyQc1o6fU0mpr9sMsx2Dji5F0/dJMyVWqSv0HNMSWaR1jLxbDnCRRSl39QC5QMVS6cKB/1BtHrISWSnWbv7MjE=' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https:; base-uri 'self'; object-src 'none'; require-trusted-types-for 'script'; report-uri https://csp.microsoft.com/report/OfficeIce-OfficeRoaming-Prod
X-CorrelationId: dda31456-436c-416b-a359-3e4b82f3d67b
X-Powered-By: ASP.NET
Date: Thu, 12 Dec 2024 15:03:18 GMT
Content-Length: 654
-
Remote address:8.8.8.8:53Request68.32.126.40.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request19.89.109.52.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request95.221.229.192.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request105.193.132.51.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request241.150.49.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Requestmetadata.templates.cdn.office.netIN AResponsemetadata.templates.cdn.office.netIN CNAMEtemplatesmetadata.office.nettemplatesmetadata.office.netIN CNAMEtemplatesmetadata.office.net.edgekey.nettemplatesmetadata.office.net.edgekey.netIN CNAMEe26769.dscb.akamaiedge.nete26769.dscb.akamaiedge.netIN A95.100.195.11e26769.dscb.akamaiedge.netIN A95.100.195.47
-
GEThttps://metadata.templates.cdn.office.net/client/templates/gallery?lcid=1033&syslcid=1033&uilcid=1033&app=3&ver=16&tl=2&build=16.0.12527>ype=0%2C2%2CPOWERPNT.EXERemote address:95.100.195.11:443RequestGET /client/templates/gallery?lcid=1033&syslcid=1033&uilcid=1033&app=3&ver=16&tl=2&build=16.0.12527>ype=0%2C2%2C HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft PowerPoint 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 3
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 684734B8-37A0-4FCC-83EE-8CC039C27D3F
Host: metadata.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Server: Kestrel
Content-Encoding: gzip
Content-Length: 1119
Cache-Control: max-age=137152
Date: Thu, 12 Dec 2024 15:03:34 GMT
Connection: keep-alive
Vary: Accept-Encoding
-
Remote address:8.8.8.8:53Requestbinaries.templates.cdn.office.netIN AResponsebinaries.templates.cdn.office.netIN CNAMEbinaries.templates.cdn.office.net.edgesuite.netbinaries.templates.cdn.office.net.edgesuite.netIN CNAMEa1847.dscg2.akamai.neta1847.dscg2.akamai.netIN A184.50.113.73a1847.dscg2.akamai.netIN A184.50.113.32
-
Remote address:184.50.113.73:443RequestGET /support/templates/en-us/tp0283634201.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft PowerPoint 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 3
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 684734B8-37A0-4FCC-83EE-8CC039C27D3F
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: 689yT4iFaSu44u4kBqrcAg==
Last-Modified: Fri, 10 May 2019 01:40:27 GMT
ETag: 0x8D6D4E87A95C4CA
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: c7e1e4aa-f01e-005e-2e97-a061ca000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 12 Dec 2024 15:03:34 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:184.50.113.73:443RequestGET /support/templates/en-us/tp0290068801.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft PowerPoint 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 3
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 684734B8-37A0-4FCC-83EE-8CC039C27D3F
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: tDEvykqKIfiQUxHUQn6Huw==
Last-Modified: Fri, 10 May 2019 01:39:26 GMT
ETag: 0x8D6D4E85692E711
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 33330aa5-101e-008d-2e97-a0bdf8000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 12 Dec 2024 15:03:34 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:184.50.113.73:443RequestGET /support/templates/en-us/tp0289231501.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft PowerPoint 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 3
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 684734B8-37A0-4FCC-83EE-8CC039C27D3F
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: rS2CwqYjwRdtJXJwA/R0pg==
Last-Modified: Fri, 10 May 2019 01:39:05 GMT
ETag: 0x8D6D4E849C6E9D3
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: a209bf42-f01e-003c-3797-a0a3ed000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 12 Dec 2024 15:03:34 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:184.50.113.73:443RequestGET /support/templates/en-us/tp0290072001.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft PowerPoint 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 3
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 684734B8-37A0-4FCC-83EE-8CC039C27D3F
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: VzmRBoJhhEA6N596moaa0w==
Last-Modified: Fri, 10 May 2019 01:37:43 GMT
ETag: 0x8D6D4E818DA1F68
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d215cf81-701e-001d-115b-b98796000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 12 Dec 2024 15:03:34 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:184.50.113.73:443RequestGET /support/templates/en-us/tp0290072202.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft PowerPoint 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 3
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 684734B8-37A0-4FCC-83EE-8CC039C27D3F
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: D1a0PYNhbWpgE0v1D55oTg==
Last-Modified: Wed, 29 Aug 2018 18:15:13 GMT
ETag: 0x8D60DDB5D2646C1
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 1c33ea78-401e-00cd-4197-a0bac0000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 12 Dec 2024 15:03:34 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:184.50.113.73:443RequestGET /support/templates/en-us/tp0290076901.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft PowerPoint 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 3
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 684734B8-37A0-4FCC-83EE-8CC039C27D3F
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: xK9J8vvCma59O4KFvAiQyQ==
Last-Modified: Wed, 29 Aug 2018 18:21:37 GMT
ETag: 0x8D60DDC42494332
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 85afca4c-001e-00ca-7197-a0aba4000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 12 Dec 2024 15:03:34 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:184.50.113.73:443RequestGET /support/templates/en-us/tp0290074301.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft PowerPoint 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 3
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 684734B8-37A0-4FCC-83EE-8CC039C27D3F
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: mu0vu7Qn1voaTA2JCcs/Pw==
Last-Modified: Fri, 10 May 2019 01:41:58 GMT
ETag: 0x8D6D4E8B0B2BBB9
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 233fc269-001e-005f-1c55-f93479000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 12 Dec 2024 15:03:34 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:184.50.113.73:443RequestGET /support/templates/en-us/tp03328884.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft PowerPoint 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 3
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 684734B8-37A0-4FCC-83EE-8CC039C27D3F
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: q78QzulIDkHYEnfpU4+Yyw==
Last-Modified: Fri, 22 Apr 2016 16:10:17 GMT
ETag: 0x8D36AC8987823BE
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: f3206081-b01e-0002-7f97-a03492000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 12 Dec 2024 15:03:34 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:184.50.113.73:443RequestGET /support/templates/en-us/tp0309043402.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft PowerPoint 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 3
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 684734B8-37A0-4FCC-83EE-8CC039C27D3F
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: dIpTxr3Vzpe9VKdsejNChg==
Last-Modified: Wed, 29 Aug 2018 18:14:30 GMT
ETag: 0x8D60DDB43B59EC5
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b73fb8ce-601e-005c-4e97-a0df72000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 12 Dec 2024 15:03:34 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:184.50.113.73:443RequestGET /support/templates/en-us/tp03328893.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft PowerPoint 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 3
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 684734B8-37A0-4FCC-83EE-8CC039C27D3F
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: 48ZBc7L0qnq3LhOWqVFL2A==
Last-Modified: Fri, 22 Apr 2016 16:10:17 GMT
ETag: 0x8D36AC898C9059A
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 984e6235-501e-0057-1e97-a02419000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 12 Dec 2024 15:03:34 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:184.50.113.73:443RequestGET /support/templates/en-us/tp03328905.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft PowerPoint 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 3
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 684734B8-37A0-4FCC-83EE-8CC039C27D3F
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: TvpI7DB+ry+bNGoHPGf8+w==
Last-Modified: Fri, 22 Apr 2016 16:09:46 GMT
ETag: 0x8D36AC886167DDF
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 3e37f31b-801e-0044-5062-b90015000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 12 Dec 2024 15:03:34 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:184.50.113.73:443RequestGET /support/templates/en-us/tp03328908.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft PowerPoint 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 3
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 684734B8-37A0-4FCC-83EE-8CC039C27D3F
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: iamBjmZY1zpztkJSL/hwHw==
Last-Modified: Fri, 22 Apr 2016 16:09:46 GMT
ETag: 0x8D36AC8865F4922
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d2bdd4cc-b01e-0084-2497-a0f82b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 12 Dec 2024 15:03:34 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:184.50.113.73:443RequestGET /support/templates/en-us/tp03328919.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft PowerPoint 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 3
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 684734B8-37A0-4FCC-83EE-8CC039C27D3F
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: ZsUZnPT7GL1Pnz8sywdABw==
Last-Modified: Fri, 22 Apr 2016 16:09:48 GMT
ETag: 0x8D36AC8871139C3
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: bd32d8ea-801e-0033-2376-14dfee000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 12 Dec 2024 15:03:34 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:184.50.113.73:443RequestGET /support/templates/en-us/tp03328916.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft PowerPoint 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 3
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 684734B8-37A0-4FCC-83EE-8CC039C27D3F
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: +RPdhJFXUwQthWzsTl2rpQ==
Last-Modified: Fri, 22 Apr 2016 16:09:47 GMT
ETag: 0x8D36AC886C4C4EE
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 1184cf03-901e-010a-18fd-bfd090000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 12 Dec 2024 15:03:34 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:184.50.113.73:443RequestGET /support/templates/en-us/tp03328925.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft PowerPoint 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 3
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 684734B8-37A0-4FCC-83EE-8CC039C27D3F
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: xH40MK+BPfiwLhy0gp3ZSw==
Last-Modified: Fri, 22 Apr 2016 16:09:48 GMT
ETag: 0x8D36AC8875AEF5A
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d4300e98-b01e-0122-3c97-a0b138000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 12 Dec 2024 15:03:34 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:184.50.113.73:443RequestGET /support/templates/en-us/tp0403393701.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft PowerPoint 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 3
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 684734B8-37A0-4FCC-83EE-8CC039C27D3F
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: iGe99fx1Tanab1ujQTNFlQ==
Last-Modified: Wed, 29 Aug 2018 18:19:43 GMT
ETag: 0x8D60DDBFE4BB50C
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 1aa38d20-a01e-00b7-6997-a0a780000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 12 Dec 2024 15:03:35 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:184.50.113.73:443RequestGET /support/templates/en-us/tp03328932.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft PowerPoint 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 3
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 684734B8-37A0-4FCC-83EE-8CC039C27D3F
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: SGy8siO4cxMv+vS4rQrQRA==
Last-Modified: Fri, 22 Apr 2016 16:09:49 GMT
ETag: 0x8D36AC887A4CC19
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 66a5a3ee-401e-0074-7f97-a0beda000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 12 Dec 2024 15:03:34 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:184.50.113.73:443RequestGET /support/templates/en-us/tp03328935.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft PowerPoint 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 3
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 684734B8-37A0-4FCC-83EE-8CC039C27D3F
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: fGRexQWYL+Up0OUDWzeP/A==
Last-Modified: Fri, 22 Apr 2016 16:09:49 GMT
ETag: 0x8D36AC887EFBA2F
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 56e459b1-f01e-010c-2097-a0e32f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 12 Dec 2024 15:03:34 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:184.50.113.73:443RequestGET /support/templates/en-us/tp03328940.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft PowerPoint 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 3
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 684734B8-37A0-4FCC-83EE-8CC039C27D3F
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: e/iLPKIOtx7UU6M2GQjgEA==
Last-Modified: Fri, 22 Apr 2016 16:09:50 GMT
ETag: 0x8D36AC8883A8134
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: bab20722-a01e-0046-4c1d-22b4c2000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 12 Dec 2024 15:03:34 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:184.50.113.73:443RequestGET /support/templates/en-us/tp03328951.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft PowerPoint 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 3
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 684734B8-37A0-4FCC-83EE-8CC039C27D3F
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: 75y4vfvAjwO+9RmtZrpkLw==
Last-Modified: Fri, 22 Apr 2016 16:09:50 GMT
ETag: 0x8D36AC8888436CF
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: f60ed86d-c01e-00fc-3b97-a05bd3000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 12 Dec 2024 15:03:34 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:184.50.113.73:443RequestGET /support/templates/en-us/tp0403392901.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft PowerPoint 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 3
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 684734B8-37A0-4FCC-83EE-8CC039C27D3F
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: go+WAx9Av468teUqrut+TA==
Last-Modified: Wed, 29 Aug 2018 18:21:39 GMT
ETag: 0x8D60DDC4354B7FB
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: a3240f77-901e-0000-474a-3a8045000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 12 Dec 2024 15:03:35 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:184.50.113.73:443RequestGET /support/templates/en-us/tp03328972.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft PowerPoint 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 3
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 684734B8-37A0-4FCC-83EE-8CC039C27D3F
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: 0wrSbbtt7KT90pT0jtrVXQ==
Last-Modified: Fri, 22 Apr 2016 16:09:51 GMT
ETag: 0x8D36AC888CEAFBE
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 477f7fba-801e-00a0-169e-b90e8b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 12 Dec 2024 15:03:34 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:184.50.113.73:443RequestGET /support/templates/en-us/tp0403392501.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft PowerPoint 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 3
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 684734B8-37A0-4FCC-83EE-8CC039C27D3F
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: nJ9JpHIiwYAlzCVXUzepZQ==
Last-Modified: Wed, 29 Aug 2018 18:17:15 GMT
ETag: 0x8D60DDBA5EDDA1A
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: ef258b2c-c01e-001b-4d97-a016fb000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 12 Dec 2024 15:03:35 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:184.50.113.73:443RequestGET /support/templates/en-us/tp03328975.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft PowerPoint 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 3
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 684734B8-37A0-4FCC-83EE-8CC039C27D3F
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: 7gEpx8waySu8PWyw9lP8rg==
Last-Modified: Fri, 22 Apr 2016 16:09:51 GMT
ETag: 0x8D36AC889183E51
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: a209c062-f01e-003c-4097-a0a3ed000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 12 Dec 2024 15:03:34 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:184.50.113.73:443RequestGET /support/templates/en-us/tp0403392301.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft PowerPoint 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 3
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 684734B8-37A0-4FCC-83EE-8CC039C27D3F
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: pt4gugbNfIqrmPjAO71J9w==
Last-Modified: Wed, 29 Aug 2018 18:20:34 GMT
ETag: 0x8D60DDC1C7FD7C3
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: be228df2-001e-0049-2a97-a00b09000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 12 Dec 2024 15:03:35 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:184.50.113.73:443RequestGET /support/templates/en-us/tp03328986.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft PowerPoint 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 3
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 684734B8-37A0-4FCC-83EE-8CC039C27D3F
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: iyn6tQb9ZcIcnNb+a7vBRg==
Last-Modified: Fri, 22 Apr 2016 16:09:52 GMT
ETag: 0x8D36AC889AD573C
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 0b4615e6-601e-0004-20d7-c70d42000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 12 Dec 2024 15:03:34 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:184.50.113.73:443RequestGET /support/templates/en-us/tp1640137501.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft PowerPoint 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 3
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 684734B8-37A0-4FCC-83EE-8CC039C27D3F
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: Rm5YUeYBzvpfhGgQERZe0A==
Last-Modified: Thu, 11 May 2017 00:47:27 GMT
ETag: 0x8D498074C08D1CD
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 6ed9573b-301e-00c2-6d97-a0b0d7000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 12 Dec 2024 15:03:35 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:184.50.113.73:443RequestGET /support/templates/en-us/tp03328983.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft PowerPoint 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 3
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 684734B8-37A0-4FCC-83EE-8CC039C27D3F
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: 5TIDh2JQP/oTcd8D+i4iLQ==
Last-Modified: Fri, 22 Apr 2016 16:09:52 GMT
ETag: 0x8D36AC88963C8B3
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 20402454-101e-012b-7297-a0f4eb000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 12 Dec 2024 15:03:34 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:184.50.113.73:443RequestGET /support/templates/en-us/tp0403392701.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft PowerPoint 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 3
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 684734B8-37A0-4FCC-83EE-8CC039C27D3F
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: 8laspQm0xsAUTSeMcDawqA==
Last-Modified: Wed, 29 Aug 2018 18:18:47 GMT
ETag: 0x8D60DDBDD02F94A
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 0e86dec0-501e-00d1-55b9-b9e8a0000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 12 Dec 2024 15:03:35 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:184.50.113.73:443RequestGET /support/templates/en-us/tp03328990.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft PowerPoint 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 3
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 684734B8-37A0-4FCC-83EE-8CC039C27D3F
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: uab/cVcZ7p3hZCGrmDynRQ==
Last-Modified: Fri, 22 Apr 2016 16:09:53 GMT
ETag: 0x8D36AC88A1DF716
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 6d182899-901e-0083-4897-a09448000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 12 Dec 2024 15:03:34 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:184.50.113.73:443RequestGET /support/templates/en-us/tp03328998.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft PowerPoint 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 3
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 684734B8-37A0-4FCC-83EE-8CC039C27D3F
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: l/W3t+nhKBmZRopcQssS5w==
Last-Modified: Fri, 22 Apr 2016 16:09:53 GMT
ETag: 0x8D36AC88A7F05EE
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d5cd4d7a-901e-011a-2b97-a015f8000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 12 Dec 2024 15:03:34 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:184.50.113.73:443RequestGET /support/templates/en-us/tp0345744402.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft PowerPoint 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 3
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 684734B8-37A0-4FCC-83EE-8CC039C27D3F
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: mgcDXvgCv4n27SVNDbAqsA==
Last-Modified: Wed, 29 Aug 2018 21:59:16 GMT
ETag: 0x8D60DFAA9CC48C3
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: ea01ec0c-b01e-0110-4a97-a048da000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 12 Dec 2024 15:03:34 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:184.50.113.73:443RequestGET /support/templates/en-us/tp0345745202.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft PowerPoint 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 3
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 684734B8-37A0-4FCC-83EE-8CC039C27D3F
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: 13UUMtmJN4/xByvmXYdyVg==
Last-Modified: Fri, 10 May 2019 01:12:50 GMT
ETag: 0x8D6D4E49EEF1189
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 3aee0210-001e-00ae-2d3c-b9273b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 12 Dec 2024 15:03:35 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:184.50.113.73:443RequestGET /support/templates/en-us/tp0345746401.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft PowerPoint 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 3
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 684734B8-37A0-4FCC-83EE-8CC039C27D3F
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: hNjzhI50JMvjgB+VcOBQGA==
Last-Modified: Wed, 29 Aug 2018 18:16:15 GMT
ETag: 0x8D60DDB824A3C69
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: c6460182-001e-00a7-1a97-a0018a000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 12 Dec 2024 15:03:35 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:184.50.113.73:443RequestGET /support/templates/en-us/tp0345747501.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft PowerPoint 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 3
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 684734B8-37A0-4FCC-83EE-8CC039C27D3F
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: IUN4l8m4isLLK7L++SLRkQ==
Last-Modified: Wed, 29 Aug 2018 18:16:49 GMT
ETag: 0x8D60DDB967B9FA5
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: dacba5b7-401e-0105-2397-a08a43000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 12 Dec 2024 15:03:36 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:184.50.113.73:443RequestGET /support/templates/en-us/tp0345749101.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft PowerPoint 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 3
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 684734B8-37A0-4FCC-83EE-8CC039C27D3F
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: ZYKNx76Loc5hrXFCJSrMVA==
Last-Modified: Wed, 29 Aug 2018 18:23:58 GMT
ETag: 0x8D60DDC968C4F0E
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 02d4ae31-901e-0135-6fd0-ae1833000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 12 Dec 2024 15:03:36 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:184.50.113.73:443RequestGET /support/templates/en-us/tp0345750301.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft PowerPoint 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 3
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 684734B8-37A0-4FCC-83EE-8CC039C27D3F
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: +TNk7sbE/6V2jeVFosNPBw==
Last-Modified: Wed, 29 Aug 2018 18:15:13 GMT
ETag: 0x8D60DDB5D624CF0
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 7adc3bba-701e-004d-4a96-8afe8b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 12 Dec 2024 15:03:38 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:184.50.113.73:443RequestGET /support/templates/en-us/tp0345749601.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft PowerPoint 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 3
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 684734B8-37A0-4FCC-83EE-8CC039C27D3F
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: HBIxXIYqdFpkfa1UbrQmfg==
Last-Modified: Wed, 29 Aug 2018 18:21:00 GMT
ETag: 0x8D60DDC2BE7DF3C
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 0414ccae-601e-0011-165a-b9109e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 12 Dec 2024 15:03:35 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:184.50.113.73:443RequestGET /support/templates/en-us/tp0345751001.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft PowerPoint 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 3
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 684734B8-37A0-4FCC-83EE-8CC039C27D3F
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: 4RAcym4/7bKLV69MQbUNNw==
Last-Modified: Wed, 29 Aug 2018 18:15:37 GMT
ETag: 0x8D60DDB6BA6E455
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 9ae00d4d-001e-0028-7797-a0eb82000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 12 Dec 2024 15:03:35 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:184.50.113.73:443RequestGET /support/templates/en-us/tp0345751501.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft PowerPoint 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 3
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 684734B8-37A0-4FCC-83EE-8CC039C27D3F
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: Jr6rnM6v5Pvwt8A2JoGp0g==
Last-Modified: Wed, 29 Aug 2018 18:20:50 GMT
ETag: 0x8D60DDC26100537
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 6efd7f9e-101e-00b2-2f97-a0755b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 12 Dec 2024 15:03:40 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:184.50.113.73:443RequestGET /support/templates/en-us/tp0403391901.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft PowerPoint 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 3
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 684734B8-37A0-4FCC-83EE-8CC039C27D3F
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: v5XpZ+fRzsjv5Ca8ASfT3g==
Last-Modified: Wed, 29 Aug 2018 18:16:09 GMT
ETag: 0x8D60DDB7EAA50F0
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 4b5a1384-701e-0032-6dfb-b98a5d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 12 Dec 2024 15:03:35 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:184.50.113.73:443RequestGET /support/templates/en-us/tp0403391701.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft PowerPoint 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 3
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 684734B8-37A0-4FCC-83EE-8CC039C27D3F
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: 4pziZjpWoUROqjcy/7gpQA==
Last-Modified: Wed, 29 Aug 2018 18:15:39 GMT
ETag: 0x8D60DDB6CAEA91D
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d7c59a99-101e-0021-318b-c7a43e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 12 Dec 2024 15:03:38 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:184.50.113.73:443RequestGET /support/templates/en-us/tp0403392101.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft PowerPoint 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 3
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 684734B8-37A0-4FCC-83EE-8CC039C27D3F
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: U8X0WyLhM7KNS9O1o1D9vQ==
Last-Modified: Wed, 29 Aug 2018 18:19:46 GMT
ETag: 0x8D60DDC0007D57D
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 3d2d7040-b01e-0050-5297-a02761000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 12 Dec 2024 15:03:38 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:184.50.113.73:443RequestGET /support/templates/en-us/tp1000111403.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft PowerPoint 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 3
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 684734B8-37A0-4FCC-83EE-8CC039C27D3F
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: 1OrACenntkuLABroK4EC+g==
Last-Modified: Thu, 12 Jul 2018 00:20:10 GMT
ETag: 0x8D5E78D3A9D8C97
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 6910c7b5-e01e-00d4-5297-a03a7b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 12 Dec 2024 15:03:35 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:184.50.113.73:443RequestGET /support/templates/en-us/tp1000111502.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft PowerPoint 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 3
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 684734B8-37A0-4FCC-83EE-8CC039C27D3F
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: k/qfd5Ugqy0irE6oZLe7NA==
Last-Modified: Thu, 12 Jul 2018 00:23:55 GMT
ETag: 0x8D5E78DC0BDFFD8
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 2d92c9d7-101e-00de-2910-1668c0000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 12 Dec 2024 15:03:37 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:184.50.113.73:443RequestGET /support/templates/en-us/tp1640137101.cab HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft PowerPoint 16.0.12527; Pro)
X-IDCRL_ACCEPTED: t
X-Office-Version: 16.0.12527
X-Office-Application: 3
X-Office-Platform: Win32
X-Office-AudienceGroup: Production
X-Office-SessionId: 684734B8-37A0-4FCC-83EE-8CC039C27D3F
Host: binaries.templates.cdn.office.net
ResponseHTTP/1.1 200 OK
Content-Type: application/vnd.ms-cab-compressed
Content-MD5: Jx/5BM64tTg7Rezw2mqSOA==
Last-Modified: Fri, 12 May 2017 00:30:55 GMT
ETag: 0x8D498CE277C1E74
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: f2e24a3b-801e-015b-1997-a04d1c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 12 Dec 2024 15:03:35 GMT
Connection: keep-alive
Access-Control-Allow-Headers: *
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
-
Remote address:8.8.8.8:53Request11.195.100.95.in-addr.arpaIN PTRResponse11.195.100.95.in-addr.arpaIN PTRa95-100-195-11deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request11.195.100.95.in-addr.arpaIN PTR
-
Remote address:8.8.8.8:53Request11.195.100.95.in-addr.arpaIN PTR
-
Remote address:8.8.8.8:53Request73.113.50.184.in-addr.arpaIN PTRResponse73.113.50.184.in-addr.arpaIN PTRa184-50-113-73deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request73.113.50.184.in-addr.arpaIN PTR
-
Remote address:8.8.8.8:53Request73.113.50.184.in-addr.arpaIN PTR
-
Remote address:8.8.8.8:53Request56.163.245.4.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request18.31.95.13.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request217.135.221.88.in-addr.arpaIN PTRResponse217.135.221.88.in-addr.arpaIN PTRa88-221-135-217deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request30.243.111.52.in-addr.arpaIN PTRResponse
-
52.109.89.19:443https://roaming.officeapps.live.com/rs/RoamingSoapService.svctls, httpPOWERPNT.EXE1.8kB 8.2kB 12 11
HTTP Request
POST https://roaming.officeapps.live.com/rs/RoamingSoapService.svcHTTP Response
200 -
95.100.195.11:443https://metadata.templates.cdn.office.net/client/templates/gallery?lcid=1033&syslcid=1033&uilcid=1033&app=3&ver=16&tl=2&build=16.0.12527>ype=0%2C2%2Ctls, httpPOWERPNT.EXE1.3kB 5.9kB 10 11
HTTP Request
GET https://metadata.templates.cdn.office.net/client/templates/gallery?lcid=1033&syslcid=1033&uilcid=1033&app=3&ver=16&tl=2&build=16.0.12527>ype=0%2C2%2CHTTP Response
200 -
184.50.113.73:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0283634201.cabtls, httpPOWERPNT.EXE70.6kB 1.7MB 1059 1203
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0283634201.cabHTTP Response
200 -
184.50.113.73:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0290068801.cabtls, httpPOWERPNT.EXE24.5kB 508.1kB 347 370
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0290068801.cabHTTP Response
200 -
184.50.113.73:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0289231501.cabtls, httpPOWERPNT.EXE24.2kB 517.2kB 348 377
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0289231501.cabHTTP Response
200 -
184.50.113.73:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0290072001.cabtls, httpPOWERPNT.EXE80.4kB 2.8MB 1435 2045
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0290072001.cabHTTP Response
200 -
184.50.113.73:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0290072202.cabtls, httpPOWERPNT.EXE59.7kB 1.4MB 919 1039
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0290072202.cabHTTP Response
200 -
184.50.113.73:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0290076901.cabtls, httpPOWERPNT.EXE49.7kB 1.1MB 728 816
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0290076901.cabHTTP Response
200 -
184.50.113.73:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0290074301.cabtls, httpPOWERPNT.EXE187.6kB 8.4MB 3575 6054
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0290074301.cabHTTP Response
200 -
15.4kB 323.6kB 218 238
-
184.50.113.73:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328884.cabtls, httpPOWERPNT.EXE1.9kB 32.0kB 24 29
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328884.cabHTTP Response
200 -
184.50.113.73:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0309043402.cabtls, httpPOWERPNT.EXE26.7kB 751.4kB 432 544
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0309043402.cabHTTP Response
200 -
184.50.113.73:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328893.cabtls, httpPOWERPNT.EXE1.7kB 26.0kB 20 25
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328893.cabHTTP Response
200 -
184.50.113.73:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328905.cabtls, httpPOWERPNT.EXE1.8kB 27.8kB 22 27
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328905.cabHTTP Response
200 -
184.50.113.73:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328908.cabtls, httpPOWERPNT.EXE2.6kB 37.1kB 31 32
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328908.cabHTTP Response
200 -
184.50.113.73:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328919.cabtls, httpPOWERPNT.EXE2.2kB 27.9kB 26 26
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328919.cabHTTP Response
200 -
184.50.113.73:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328916.cabtls, httpPOWERPNT.EXE2.0kB 33.9kB 25 32
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328916.cabHTTP Response
200 -
184.50.113.73:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0403393701.cabtls, httpPOWERPNT.EXE127.7kB 3.4MB 1994 2439
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328925.cabHTTP Response
200HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0403393701.cabHTTP Response
200 -
184.50.113.73:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328932.cabtls, httpPOWERPNT.EXE2.1kB 26.3kB 25 25
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328932.cabHTTP Response
200 -
184.50.113.73:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328935.cabtls, httpPOWERPNT.EXE2.1kB 29.4kB 25 27
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328935.cabHTTP Response
200 -
184.50.113.73:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328940.cabtls, httpPOWERPNT.EXE1.9kB 29.2kB 23 28
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328940.cabHTTP Response
200 -
184.50.113.73:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0403392901.cabtls, httpPOWERPNT.EXE55.8kB 1.8MB 953 1332
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328951.cabHTTP Response
200HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0403392901.cabHTTP Response
200 -
184.50.113.73:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0403392501.cabtls, httpPOWERPNT.EXE54.3kB 1.4MB 874 998
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328972.cabHTTP Response
200HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0403392501.cabHTTP Response
200 -
184.50.113.73:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0403392301.cabtls, httpPOWERPNT.EXE66.0kB 2.2MB 1150 1553
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328975.cabHTTP Response
200HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0403392301.cabHTTP Response
200 -
184.50.113.73:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp1640137501.cabtls, httpPOWERPNT.EXE75.4kB 2.2MB 1265 1618
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328986.cabHTTP Response
200HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp1640137501.cabHTTP Response
200 -
184.50.113.73:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0403392701.cabtls, httpPOWERPNT.EXE78.4kB 2.6MB 1384 1898
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328983.cabHTTP Response
200HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0403392701.cabHTTP Response
200 -
184.50.113.73:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328990.cabtls, httpPOWERPNT.EXE1.6kB 26.0kB 18 25
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328990.cabHTTP Response
200 -
184.50.113.73:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328998.cabtls, httpPOWERPNT.EXE1.6kB 27.1kB 18 26
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp03328998.cabHTTP Response
200 -
184.50.113.73:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345744402.cabtls, httpPOWERPNT.EXE14.0kB 313.8kB 211 231
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345744402.cabHTTP Response
200 -
184.50.113.73:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345745202.cabtls, httpPOWERPNT.EXE90.4kB 3.0MB 1590 2144
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345745202.cabHTTP Response
200 -
184.50.113.73:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345746401.cabtls, httpPOWERPNT.EXE12.1kB 290.5kB 188 214
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345746401.cabHTTP Response
200 -
1.3kB 9.2kB 16 12
-
184.50.113.73:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345747501.cabtls, httpPOWERPNT.EXE12.9kB 287.0kB 181 213
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345747501.cabHTTP Response
200 -
184.50.113.73:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345749101.cabtls, httpPOWERPNT.EXE12.5kB 277.4kB 189 205
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345749101.cabHTTP Response
200 -
184.50.113.73:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345750301.cabtls, httpPOWERPNT.EXE18.0kB 670.3kB 305 488
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345750301.cabHTTP Response
200 -
184.50.113.73:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345749601.cabtls, httpPOWERPNT.EXE23.7kB 574.1kB 366 419
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345749601.cabHTTP Response
200 -
184.50.113.73:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345751001.cabtls, httpPOWERPNT.EXE50.0kB 1.1MB 733 801
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345751001.cabHTTP Response
200 -
184.50.113.73:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345751501.cabtls, httpPOWERPNT.EXE5.4kB 235.2kB 95 176
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0345751501.cabHTTP Response
200 -
184.50.113.73:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0403391901.cabtls, httpPOWERPNT.EXE43.3kB 1.1MB 715 823
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0403391901.cabHTTP Response
200 -
184.50.113.73:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0403391701.cabtls, httpPOWERPNT.EXE23.5kB 727.0kB 370 531
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0403391701.cabHTTP Response
200 -
184.50.113.73:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp0403392101.cabtls, httpPOWERPNT.EXE58.9kB 1.9MB 1064 1409
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp0403392101.cabHTTP Response
200 -
184.50.113.73:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp1000111403.cabtls, httpPOWERPNT.EXE37.2kB 988.9kB 605 715
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp1000111403.cabHTTP Response
200 -
184.50.113.73:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp1000111502.cabtls, httpPOWERPNT.EXE5.9kB 244.5kB 100 183
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp1000111502.cabHTTP Response
200 -
184.50.113.73:443https://binaries.templates.cdn.office.net/support/templates/en-us/tp1640137101.cabtls, httpPOWERPNT.EXE22.6kB 473.2kB 345 347
HTTP Request
GET https://binaries.templates.cdn.office.net/support/templates/en-us/tp1640137101.cabHTTP Response
200
-
74 B 128 B 1 1
DNS Request
172.214.232.199.in-addr.arpa
-
70 B 144 B 1 1
DNS Request
58.55.71.13.in-addr.arpa
-
73 B 247 B 1 1
DNS Request
roaming.officeapps.live.com
DNS Response
52.109.89.19
-
71 B 157 B 1 1
DNS Request
68.32.126.40.in-addr.arpa
-
71 B 145 B 1 1
DNS Request
19.89.109.52.in-addr.arpa
-
73 B 144 B 1 1
DNS Request
95.221.229.192.in-addr.arpa
-
73 B 159 B 1 1
DNS Request
105.193.132.51.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
241.150.49.20.in-addr.arpa
-
79 B 231 B 1 1
DNS Request
metadata.templates.cdn.office.net
DNS Response
95.100.195.1195.100.195.47
-
79 B 202 B 1 1
DNS Request
binaries.templates.cdn.office.net
DNS Response
184.50.113.73184.50.113.32
-
216 B 137 B 3 1
DNS Request
11.195.100.95.in-addr.arpa
DNS Request
11.195.100.95.in-addr.arpa
DNS Request
11.195.100.95.in-addr.arpa
-
216 B 137 B 3 1
DNS Request
73.113.50.184.in-addr.arpa
DNS Request
73.113.50.184.in-addr.arpa
DNS Request
73.113.50.184.in-addr.arpa
-
71 B 157 B 1 1
DNS Request
56.163.245.4.in-addr.arpa
-
70 B 144 B 1 1
DNS Request
18.31.95.13.in-addr.arpa
-
73 B 139 B 1 1
DNS Request
217.135.221.88.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
30.243.111.52.in-addr.arpa
-
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4KB
MD5683f1f1e72a9fd91018e379b0f45c646
SHA1e715798afee630bca17bd35e382626399e608788
SHA2560770043fa8f879787c32f97e915295320738b28dc5c7a07a033df6d9ac5b4e50
SHA512490a8fcc256fb97bdaf0ef7a243998338b3796db448874ed85613a087e16a9e1b0105af3deb57e18db253e550e5c8a0fd02dba1e52f4959937ffb6c587e3b8f5
-
Filesize
135KB
MD50a14b8ccf3374fb94c2bde7438cedc94
SHA140704ffc1f37cc819b32dbfa9360ba8b1a694eb4
SHA25678a070c66b86759cb46db93ad6bfff5518a2435ce5fd0695e2130a8b9a049f39
SHA512319b63a8171f073e32b65498584218e736264af03128a6cb1d5ff2ef2a89b67478cb6d3822b17b42397437e033ae4b984f24ce156e9fff23c4b064b9f2807801
-
Filesize
2KB
MD5c960dc2c2ee28c2cd292445bb603dda9
SHA1a736c2b77ef13a059d87158e07d89f46e9ab988e
SHA256a43d34f1374c8d6b0e5ff04711a9cdfe38714147e75ffaa85a19c73e897652fd
SHA51297b5e686557d4dee78c824bbe642c4b6e08db807dfb892c76ddd42c978fcbba4c390745ebf70e9858afbc3e59f3df07f976d61e76e7d43496fb6152f0b174f97
-
Filesize
5KB
MD5b8e130b146557e640cb3e198f3d9110e
SHA1c1cbebfce4e3af8ced7d1019586e91c371432d78
SHA2563dbca63a39382e4c25d0b02e668ba72c5c81071bb62937ec939325f1f89926a1
SHA512bc858367e64188c3a365fff4c7986e86d6d666651b2421e3b96fe06836aede073f2228349f66f1836e6ef98bb8e5120354c54a0fb13059e5b875bbf34ed7868f
-
Filesize
4KB
MD5097c525e86f64364479227f1603a0221
SHA1c84897900f59cbff5f607368ceba93bfc5273998
SHA2561b62745c0181f36b7c0227225da12c0d357fd6f14ff8a0ea8484fd4a9c6bf766
SHA512b52b9d51c3bb50fab292c8bf13d2d87694391481742830c266f4512b2e33a16b852cdbf3faea7f5945b60415a12d1d6a0e9319500cb769b12e0a03357f66ef12
-
Filesize
295KB
MD52b8def730c5bab9d9b58e117af9fb84a
SHA1090c2c4f0309895bad639ba1c0af21d1eb70d987
SHA256759f339edba9126cd77ee621e6852f281b9a3190bc4aa17711164bac5ece41a7
SHA512809aa7300e4bef33489f4166fd5b8245a9b9523c9fd908a37b51a0384966f8f036ac09fbca3730bb04b98ff976c17380ddc4c2ed75dbda51350f049b3d0bf48a