Network Analysis

GET /download?cid=E97110434470423E&resid=E97110434470423E%21396&authkey=AMSfkm3AUupwnz8 HTTP/1.1 User-Agent: lVali Host: onedrive.live.com

HTTP/1.1 302 Found Cache-Control: no-cache, no-store Pragma: no-cache Content-Type: text/html Expires: -1 Location: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1634697082&rver=7.3.6962.0&wp=MBI_SSL_SHARED&wreply=https:%2F%2Fonedrive.live.com%2Fdownload%3Fcid%3DE97110434470423E%26resid%3DE97110434470423E%2521396%26authkey%3DAMSfkm3AUupwnz8&lc=1033&id=250206&cbcxt=sky&cbcxt=sky Set-Cookie: E=P:r7O8tHGT2Yg=:1eZrWUDa2ZRMp/zgHPxEi1/aNvmY0toR3eGK2wB1KlA=:F; domain=.live.com; path=/ Set-Cookie: xid=54d57251-d182-4b77-98dd-bd1421a5c593&&RD00155D99B843&340; domain=.live.com; path=/ Set-Cookie: xidseq=1; domain=.live.com; path=/ Set-Cookie: LD=; domain=.live.com; expires=Wed, 20-Oct-2021 00:51:22 GMT; path=/ Set-Cookie: wla42=; domain=live.com; expires=Wed, 27-Oct-2021 02:31:22 GMT; path=/ X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000 X-MSNServer: RD00155D99B843 X-ODWebServer: eastus0-odwebpl X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: 89E0E23751C3409D9A2D840B5A6E5E82 Ref B: SLAEDGE1116 Ref C: 2021-10-20T02:31:22Z Date: Wed, 20 Oct 2021 02:31:22 GMT Content-Length: 0

GET /login.srf?wa=wsignin1.0&rpsnv=13&ct=1634697082&rver=7.3.6962.0&wp=MBI_SSL_SHARED&wreply=https:%2F%2Fonedrive.live.com%2Fdownload%3Fcid%3DE97110434470423E%26resid%3DE97110434470423E%2521396%26authkey%3DAMSfkm3AUupwnz8&lc=1033&id=250206&cbcxt=sky&cbcxt=sky HTTP/1.1 User-Agent: lVali Host: login.live.com Connection: Keep-Alive Cookie: E=P:r7O8tHGT2Yg=:1eZrWUDa2ZRMp/zgHPxEi1/aNvmY0toR3eGK2wB1KlA=:F; xid=54d57251-d182-4b77-98dd-bd1421a5c593&&RD00155D99B843&340; xidseq=1; wla42=

HTTP/1.1 200 OK Cache-Control: no-store, max-age=0 Content-Type: text/html; charset=utf-8 Expires: Wed, 20 Oct 2021 02:30:22 GMT P3P: CP="DSP CUR OTPi IND OTRi ONL FIN" X-Frame-Options: DENY X-DNS-Prefetch-Control: on Link: <https://acctcdn.msauth.net>; rel=preconnect; crossorigin Link: <https://logincdn.msauth.net>; rel=preconnect; crossorigin Link: <https://acctcdn.msauth.net/>; rel=dns-prefetch Link: <https://acctcdn.msftauth.net/>; rel=dns-prefetch Link: <https://acctcdnmsftuswe2.azureedge.net/>; rel=dns-prefetch Link: <https://acctcdnvzeuno.azureedge.net/>; rel=dns-prefetch Link: <https://logincdn.msauth.net/>; rel=dns-prefetch Link: <https://lgincdnvzeuno.azureedge.net/>; rel=dns-prefetch Link: <https://lgincdnmsftuswe2.azureedge.net/>; rel=dns-prefetch Referrer-Policy: strict-origin-when-cross-origin x-ms-route-info: R3_BAY x-ms-request-id: 31b939dc-2a34-4c91-b99a-3583a81ddb5a PPServer: PPV: 30 H: BY1PPF33146FE9F V: 0 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000 X-XSS-Protection: 1; mode=block Set-Cookie: uaid=c5c116f9a31a4d44970944a0e74dfbcd; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly Set-Cookie: MSPRequ=id=250206&lt=1634697082&co=1; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly Set-Cookie: MSCC=175.208.134.150-KR; expires=Mon, 14-Nov-2022 02:31:22 GMT; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly Set-Cookie: OParams=11O.DT7IDDHB62PjidXJX7nzJ5tV5h63IRpd29JPjl7f6*qai2CalBFrvAQwaUkI73oeaAYY4z!geLF1WYegHVtTWyvdwEupJz7Cd32UPVokb1*RFq3yeqLHmh4y7*qqJ260IHnbjtzlodfjnyFK3cDlkaJ5w3uBoLCx1pFDDmWMyHKlcgU5E!hCjxm4POg*G5ebhUhc8EwGmzHltj2dL8B*20GqXZsepLFgqg4GiLWGX88dJeAvPj2zx7b6FXzC4VUbYqepaCQ7WUoigOVeSnE5b0HDoCNxGXaLg0S01D*1!hvPnAD1xxwW874kMTLwfqNy4!64wXoAn3Syv6Us9tIqR8FBtY7UcjcMg5ymfSouZGrF3XI0NKyhz9GFkpDlR6UAdKsTw!Iai7UKpp2UISaEmdSupPRXIwlRQmqOjqz!lxIROvOttzRmOqoUQucweqtuGQ$$; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly Set-Cookie: MSPOK=$uuid-fb28d59a-6ef1-44ae-b07a-9dcad069a647; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly Date: Wed, 20 Oct 2021 02:31:22 GMT Content-Length: 27269

GET /download?cid=E97110434470423E&resid=E97110434470423E%21396&authkey=AMSfkm3AUupwnz8 HTTP/1.1 User-Agent: aswe Host: onedrive.live.com Cache-Control: no-cache Cookie: E=P:r7O8tHGT2Yg=:1eZrWUDa2ZRMp/zgHPxEi1/aNvmY0toR3eGK2wB1KlA=:F; xid=54d57251-d182-4b77-98dd-bd1421a5c593&&RD00155D99B843&340; xidseq=1; wla42=

HTTP/1.1 302 Found Cache-Control: no-cache, no-store Pragma: no-cache Content-Type: text/html Expires: -1 Location: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1634697084&rver=7.3.6962.0&wp=MBI_SSL_SHARED&wreply=https:%2F%2Fonedrive.live.com%2Fdownload%3Fcid%3DE97110434470423E%26resid%3DE97110434470423E%2521396%26authkey%3DAMSfkm3AUupwnz8&lc=1033&id=250206&cbcxt=sky&cbcxt=sky Set-Cookie: E=P:HAoztXGT2Yg=:gkp/eY3yrSD+KtFsSa3xYoekQpHhcu5dmudq7G3oCTc=:F; domain=.live.com; path=/ Set-Cookie: xidseq=2; domain=.live.com; path=/ Set-Cookie: LD=; domain=.live.com; expires=Wed, 20-Oct-2021 00:51:23 GMT; path=/ Set-Cookie: wla42=; domain=live.com; expires=Wed, 27-Oct-2021 02:31:24 GMT; path=/ X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000 X-MSNServer: RD00155D998954 X-ODWebServer: eastus0-odwebpl X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: 93B03768B64C4EAFA7E7F2725B46C0B8 Ref B: SLAEDGE1116 Ref C: 2021-10-20T02:31:22Z Date: Wed, 20 Oct 2021 02:31:23 GMT Content-Length: 0

GET /login.srf?wa=wsignin1.0&rpsnv=13&ct=1634697084&rver=7.3.6962.0&wp=MBI_SSL_SHARED&wreply=https:%2F%2Fonedrive.live.com%2Fdownload%3Fcid%3DE97110434470423E%26resid%3DE97110434470423E%2521396%26authkey%3DAMSfkm3AUupwnz8&lc=1033&id=250206&cbcxt=sky&cbcxt=sky HTTP/1.1 User-Agent: aswe Host: login.live.com Cache-Control: no-cache Connection: Keep-Alive Cookie: E=P:HAoztXGT2Yg=:gkp/eY3yrSD+KtFsSa3xYoekQpHhcu5dmudq7G3oCTc=:F; xid=54d57251-d182-4b77-98dd-bd1421a5c593&&RD00155D99B843&340; xidseq=2; wla42=; uaid=c5c116f9a31a4d44970944a0e74dfbcd; MSPRequ=id=250206&lt=1634697082&co=1; MSCC=175.208.134.150-KR; OParams=11O.DT7IDDHB62PjidXJX7nzJ5tV5h63IRpd29JPjl7f6*qai2CalBFrvAQwaUkI73oeaAYY4z!geLF1WYegHVtTWyvdwEupJz7Cd32UPVokb1*RFq3yeqLHmh4y7*qqJ260IHnbjtzlodfjnyFK3cDlkaJ5w3uBoLCx1pFDDmWMyHKlcgU5E!hCjxm4POg*G5ebhUhc8EwGmzHltj2dL8B*20GqXZsepLFgqg4GiLWGX88dJeAvPj2zx7b6FXzC4VUbYqepaCQ7WUoigOVeSnE5b0HDoCNxGXaLg0S01D*1!hvPnAD1xxwW874kMTLwfqNy4!64wXoAn3Syv6Us9tIqR8FBtY7UcjcMg5ymfSouZGrF3XI0NKyhz9GFkpDlR6UAdKsTw!Iai7UKpp2UISaEmdSupPRXIwlRQmqOjqz!lxIROvOttzRmOqoUQucweqtuGQ$$; MSPOK=$uuid-fb28d59a-6ef1-44ae-b07a-9dcad069a647

HTTP/1.1 200 OK Cache-Control: no-store, max-age=0 Content-Type: text/html; charset=utf-8 Expires: Wed, 20 Oct 2021 02:30:24 GMT P3P: CP="DSP CUR OTPi IND OTRi ONL FIN" X-Frame-Options: DENY Referrer-Policy: strict-origin-when-cross-origin x-ms-route-info: R3_BAY x-ms-request-id: d65f2152-ea0b-4c05-ba63-e1dda322ef26 PPServer: PPV: 30 H: BY1PPF7BF3A85DC V: 0 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000 X-XSS-Protection: 1; mode=block Set-Cookie: uaid=3f689d1d92c64d8dbd6b341b27744b98; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly Set-Cookie: MSPRequ=id=250206&lt=1634697084&co=2; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly Set-Cookie: OParams=11O.DbhFiEbKlLU7YKMRP31V1*q7XCU!iSGFU6X9v*IKmP1j9oshNNWDfo7nl8I1DMs35Ch9S!HNV5seuJSxWMTVG2SIWsWUIv5PtJX2Ntzu59vZTric2zM!ckH1R0OiBYD*dHZdQoOVzmVx61hH52G2eNs9WWpNcYoDUG0gqLeXO*u4K1WtpDoXSZQyLi61Ry9mdl3Zi1PTlp5gn3dxExh4NfffTCjVPWGZZG3ZzH4xEPjdPWH*HlddK4xInFzEft5N8f9Wjl2oL8BcufowqgCxUmCcQqoN97QCnuJs6VtZQdw7iql7zExU6*9t2YEMrC9Me*EacOPKDTyine0v*0i5T2*KiuxbCU2NICgVmIX16GW!DpNiVEW6CG8eL4Jt3QgxZLyAXd82OvrkK9rab69jOSjUtHprc60pZ9*UC!Jy!z3cRIKFJH34XOpnlfk7mWKdqfJShlB1b9FDWVpCQRgXqXzmc7F7m9afdAhPUu3UIQ8TjVjZ1YHqSW0cjbzbx8gZRQ$$; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly Set-Cookie: MSPOK=$uuid-fb28d59a-6ef1-44ae-b07a-9dcad069a647$uuid-d1a2b9b6-2921-4bec-bc03-ddb7d45efdc5; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly Date: Wed, 20 Oct 2021 02:31:23 GMT Content-Length: 26602