Network Analysis

GET /download?cid=D6676A9A61E841F3&resid=D6676A9A61E841F3%21129&authkey=ALgOfs5uX8ML6NU HTTP/1.1 User-Agent: zipo Host: onedrive.live.com

HTTP/1.1 302 Found Cache-Control: no-cache, no-store Pragma: no-cache Content-Type: text/html Expires: -1 Location: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1629687681&rver=7.3.6962.0&wp=MBI_SSL_SHARED&wreply=https:%2F%2Fonedrive.live.com%2Fdownload%3Fcid%3DD6676A9A61E841F3%26resid%3DD6676A9A61E841F3%2521129%26authkey%3DALgOfs5uX8ML6NU&lc=1033&id=250206&cbcxt=sky&cbcxt=sky Set-Cookie: E=P:jw/sSOJl2Yg=:4OLoCRwrbWY9J5JjkF4Sa7wb5qfH30I/C7HkEpSQpQQ=:F; domain=.live.com; path=/ Set-Cookie: xid=3c252a09-19f4-44a6-a835-a83c42a5449b&&RDE42AAC93FAFE&279; domain=.live.com; path=/ Set-Cookie: xidseq=1; domain=.live.com; path=/ Set-Cookie: LD=; domain=.live.com; expires=Mon, 23-Aug-2021 01:21:21 GMT; path=/ Set-Cookie: wla42=; domain=live.com; expires=Mon, 30-Aug-2021 03:01:21 GMT; path=/ X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000 X-MSNServer: RDE42AAC93FAFE X-ODWebServer: centralus0-odwebpl X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: E03EA78F98954FCF8C5DA6C0EE47CFF1 Ref B: SLAEDGE1116 Ref C: 2021-08-23T03:01:20Z Date: Mon, 23 Aug 2021 03:01:21 GMT Content-Length: 0

GET /login.srf?wa=wsignin1.0&rpsnv=13&ct=1629687681&rver=7.3.6962.0&wp=MBI_SSL_SHARED&wreply=https:%2F%2Fonedrive.live.com%2Fdownload%3Fcid%3DD6676A9A61E841F3%26resid%3DD6676A9A61E841F3%2521129%26authkey%3DALgOfs5uX8ML6NU&lc=1033&id=250206&cbcxt=sky&cbcxt=sky HTTP/1.1 User-Agent: zipo Host: login.live.com Connection: Keep-Alive Cookie: E=P:jw/sSOJl2Yg=:4OLoCRwrbWY9J5JjkF4Sa7wb5qfH30I/C7HkEpSQpQQ=:F; xid=3c252a09-19f4-44a6-a835-a83c42a5449b&&RDE42AAC93FAFE&279; xidseq=1; wla42=

HTTP/1.1 200 OK Cache-Control: no-store, max-age=0 Content-Type: text/html; charset=utf-8 Expires: Mon, 23 Aug 2021 03:00:21 GMT P3P: CP="DSP CUR OTPi IND OTRi ONL FIN" Set-Cookie: uaid=61759b2bd42a4bba9ed386dbd155ef69; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly Set-Cookie: MSPRequ=id=250206&lt=1629687681&co=1; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly Set-Cookie: MSCC=175.208.134.150-KR; expires=Sat, 17-Sep-2022 03:01:21 GMT; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly Set-Cookie: OParams=11O.Degnn5Rh*OtuyQBc7!W98mBDE2V087K5sxjeVc5akOy8MI2P55dI7E!deM4ENIzWgUSG5a8nfsCvCBli1xdiogYFT4SsFBKbYzEYLPVEV6ryxOwtXZ8iXDn3eKTafqj7lo3iEyVuemRQBL0507b3Dxcvd7FxU3yQpJOha5zK9imvhud8NID5ccjslW5sj8ZVsHGlazJRe6FaEa3Vzi9emNOr1tO2rloEN5Om1hNojs2eRzPSnF9TC5oy9gLbJc92JCq!61urxlB5lZLZ*9TAcEi!cC1Dx4LBa412mfX5!O!LVDH6MGnB1c0rAdjVHY*pitpLzv78IeYOKT2rniMTYy4YhcvmXig*r3mguRe9MWQXgnC2U1c*H9qYJMoivbtnNZB3wnn7CKeG1Si0KeoGFls2ZtVKmpcPA0eQeig3UIsM33QwPzXo5ka5mYrbV9FOhA$$; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly Set-Cookie: MSPOK=$uuid-3dd5405f-0701-4cba-9d50-e7db81b7f386; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly X-Frame-Options: DENY X-DNS-Prefetch-Control: on Link: <https://acctcdn.msauth.net>; rel=preconnect; crossorigin Link: <https://logincdn.msauth.net>; rel=preconnect; crossorigin Link: <https://acctcdn.msauth.net/>; rel=dns-prefetch Link: <https://acctcdn.msftauth.net/>; rel=dns-prefetch Link: <https://acctcdnmsftuswe2.azureedge.net/>; rel=dns-prefetch Link: <https://acctcdnvzeuno.azureedge.net/>; rel=dns-prefetch Link: <https://logincdn.msauth.net/>; rel=dns-prefetch Link: <https://lgincdnvzeuno.azureedge.net/>; rel=dns-prefetch Link: <https://lgincdnmsftuswe2.azureedge.net/>; rel=dns-prefetch Referrer-Policy: strict-origin-when-cross-origin x-ms-route-info: R3_BAY x-ms-request-id: b03dc4fc-faec-42ed-9f74-fd7fd48258ff PPServer: PPV: 30 H: BY1PPF61AE72AD7 V: 0 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000 X-XSS-Protection: 1; mode=block Date: Mon, 23 Aug 2021 03:01:20 GMT Content-Length: 27371

GET /download?cid=D6676A9A61E841F3&resid=D6676A9A61E841F3%21129&authkey=ALgOfs5uX8ML6NU HTTP/1.1 User-Agent: aswe Host: onedrive.live.com Cache-Control: no-cache Cookie: E=P:jw/sSOJl2Yg=:4OLoCRwrbWY9J5JjkF4Sa7wb5qfH30I/C7HkEpSQpQQ=:F; xid=3c252a09-19f4-44a6-a835-a83c42a5449b&&RDE42AAC93FAFE&279; xidseq=1; wla42=

HTTP/1.1 302 Found Cache-Control: no-cache, no-store Pragma: no-cache Content-Type: text/html Expires: -1 Location: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1629687681&rver=7.3.6962.0&wp=MBI_SSL_SHARED&wreply=https:%2F%2Fonedrive.live.com%2Fdownload%3Fcid%3DD6676A9A61E841F3%26resid%3DD6676A9A61E841F3%2521129%26authkey%3DALgOfs5uX8ML6NU&lc=1033&id=250206&cbcxt=sky&cbcxt=sky Set-Cookie: E=P:L3VLSeJl2Yg=:kqaoojWzJYkytTl7Oh7lOoB2RTOsDbc0LcSgzo9XDbA=:F; domain=.live.com; path=/ Set-Cookie: xidseq=2; domain=.live.com; path=/ Set-Cookie: LD=; domain=.live.com; expires=Mon, 23-Aug-2021 01:21:21 GMT; path=/ Set-Cookie: wla42=; domain=live.com; expires=Mon, 30-Aug-2021 03:01:21 GMT; path=/ X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000 X-MSNServer: RDE42AAC93BE8D X-ODWebServer: centralus0-odwebpl X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: 35AF57D330A546E19D6526A7E9E250BC Ref B: SLAEDGE1116 Ref C: 2021-08-23T03:01:21Z Date: Mon, 23 Aug 2021 03:01:21 GMT Content-Length: 0

GET /login.srf?wa=wsignin1.0&rpsnv=13&ct=1629687681&rver=7.3.6962.0&wp=MBI_SSL_SHARED&wreply=https:%2F%2Fonedrive.live.com%2Fdownload%3Fcid%3DD6676A9A61E841F3%26resid%3DD6676A9A61E841F3%2521129%26authkey%3DALgOfs5uX8ML6NU&lc=1033&id=250206&cbcxt=sky&cbcxt=sky HTTP/1.1 User-Agent: aswe Host: login.live.com Cache-Control: no-cache Connection: Keep-Alive Cookie: E=P:L3VLSeJl2Yg=:kqaoojWzJYkytTl7Oh7lOoB2RTOsDbc0LcSgzo9XDbA=:F; xid=3c252a09-19f4-44a6-a835-a83c42a5449b&&RDE42AAC93FAFE&279; xidseq=2; wla42=; uaid=61759b2bd42a4bba9ed386dbd155ef69; MSPRequ=id=250206&lt=1629687681&co=1; MSCC=175.208.134.150-KR; OParams=11O.Degnn5Rh*OtuyQBc7!W98mBDE2V087K5sxjeVc5akOy8MI2P55dI7E!deM4ENIzWgUSG5a8nfsCvCBli1xdiogYFT4SsFBKbYzEYLPVEV6ryxOwtXZ8iXDn3eKTafqj7lo3iEyVuemRQBL0507b3Dxcvd7FxU3yQpJOha5zK9imvhud8NID5ccjslW5sj8ZVsHGlazJRe6FaEa3Vzi9emNOr1tO2rloEN5Om1hNojs2eRzPSnF9TC5oy9gLbJc92JCq!61urxlB5lZLZ*9TAcEi!cC1Dx4LBa412mfX5!O!LVDH6MGnB1c0rAdjVHY*pitpLzv78IeYOKT2rniMTYy4YhcvmXig*r3mguRe9MWQXgnC2U1c*H9qYJMoivbtnNZB3wnn7CKeG1Si0KeoGFls2ZtVKmpcPA0eQeig3UIsM33QwPzXo5ka5mYrbV9FOhA$$; MSPOK=$uuid-3dd5405f-0701-4cba-9d50-e7db81b7f386

HTTP/1.1 200 OK Cache-Control: no-store, max-age=0 Content-Type: text/html; charset=utf-8 Expires: Mon, 23 Aug 2021 03:00:22 GMT P3P: CP="DSP CUR OTPi IND OTRi ONL FIN" Set-Cookie: uaid=d3d8ed71c42c4c4f80cc495d11e45ec3; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly Set-Cookie: MSPRequ=id=250206&lt=1629687682&co=2; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly Set-Cookie: OParams=11O.DZQAdQuPUO6jfd4JBMwt*Iex*toj4XsggrG2Vg4MvoU*9022gB58rjWaS5T!ZEMubQdajUrKjwsgXE0a4pH0O2AEH2*D7J7nASv8iE87vhnCp78mfldzNttF6d9qePbdjAi4ymUqT5oMjSE7WIJXI7PCr*XchIU3rJI7EAnmJmOdGlxl2QSv1RSJONr9Pi9P0dydf*z78naB6Vjkn9IHpSSHkjqGBFDbRTgH*ns3O5ZmKwfZc!KKn*1sERJFt95lKRBQMK12oXyyxF0P3JmlusNuwAjcsBOOZ*Nh8DewGEr6JSaxkdRjFJnEIf1N!mFkSVo9fDTrm!mbdRC9oNK7PTHpmArU0W9dSv2Hre5dcM4573b!KIKtzTAOhi3JKaY9qAYBHPYjc1QCS0IHgW8*9T*yCB*8Mq1wlEe0GfbLn!xxI2is14Y1SylUCRo!XtZEHQxaToNJlvMRRWRi3TAN7!VD8ZlHgEkbGSo3JfCaD7C!ISoTj4hh5WEeKYfdeT4r6g$$; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly Set-Cookie: MSPOK=$uuid-3dd5405f-0701-4cba-9d50-e7db81b7f386$uuid-14c2a93a-f946-4f75-b01d-be0bfc78b2fb; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly X-Frame-Options: DENY Referrer-Policy: strict-origin-when-cross-origin x-ms-route-info: R3_BAY x-ms-request-id: f11d8816-e303-4e33-8fb8-31146058a2fa PPServer: PPV: 30 H: BY1PPF2802FEFEA V: 0 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000 X-XSS-Protection: 1; mode=block Date: Mon, 23 Aug 2021 03:01:21 GMT Content-Length: 26612