Network Analysis

GET /download?cid=1836E41CA02A0786&resid=1836E41CA02A0786%21127&authkey=AOx84Mv6sv3iPME HTTP/1.1 User-Agent: lVali Host: onedrive.live.com

HTTP/1.1 302 Found Cache-Control: no-cache, no-store Pragma: no-cache Content-Type: text/html Expires: -1 Location: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1634863115&rver=7.3.6962.0&wp=MBI_SSL_SHARED&wreply=https:%2F%2Fonedrive.live.com%2Fdownload%3Fcid%3D1836E41CA02A0786%26resid%3D1836E41CA02A0786%2521127%26authkey%3DAOx84Mv6sv3iPME&lc=1033&id=250206&cbcxt=sky&cbcxt=sky Set-Cookie: E=P:WKvuR/SU2Yg=:LwrDk5LDtN+D2yOnfF4DZECGZjEZk62zJfDHlhNBsDI=:F; domain=.live.com; path=/ Set-Cookie: xid=5ba1c571-e198-4cb7-8464-02b7f527f120&&RDE42AAC8860E2&342; domain=.live.com; path=/ Set-Cookie: xidseq=1; domain=.live.com; path=/ Set-Cookie: LD=; domain=.live.com; expires=Thu, 21-Oct-2021 22:58:34 GMT; path=/ Set-Cookie: wla42=; domain=live.com; expires=Fri, 29-Oct-2021 00:38:35 GMT; path=/ X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000 X-MSNServer: RDE42AAC8860E2 X-ODWebServer: canadacentral0-odwebpl X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: 24CF6A698ECF474A998D8A633F9CCF50 Ref B: SLAEDGE1116 Ref C: 2021-10-22T00:38:34Z Date: Fri, 22 Oct 2021 00:38:34 GMT Content-Length: 0

GET /login.srf?wa=wsignin1.0&rpsnv=13&ct=1634863115&rver=7.3.6962.0&wp=MBI_SSL_SHARED&wreply=https:%2F%2Fonedrive.live.com%2Fdownload%3Fcid%3D1836E41CA02A0786%26resid%3D1836E41CA02A0786%2521127%26authkey%3DAOx84Mv6sv3iPME&lc=1033&id=250206&cbcxt=sky&cbcxt=sky HTTP/1.1 User-Agent: lVali Host: login.live.com Connection: Keep-Alive Cookie: E=P:WKvuR/SU2Yg=:LwrDk5LDtN+D2yOnfF4DZECGZjEZk62zJfDHlhNBsDI=:F; xid=5ba1c571-e198-4cb7-8464-02b7f527f120&&RDE42AAC8860E2&342; xidseq=1; wla42=

HTTP/1.1 200 OK Cache-Control: no-store, max-age=0 Content-Type: text/html; charset=utf-8 Expires: Fri, 22 Oct 2021 00:37:35 GMT P3P: CP="DSP CUR OTPi IND OTRi ONL FIN" X-Frame-Options: DENY Referrer-Policy: strict-origin-when-cross-origin x-ms-route-info: R3_BAY x-ms-request-id: 9ca0c4e1-5129-4c8f-aa88-646951f70963 PPServer: PPV: 30 H: BY1PPF87BE3C022 V: 0 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000 X-XSS-Protection: 1; mode=block Set-Cookie: uaid=d63131269c9d4ec68a2c2b2ae7d13149; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly Set-Cookie: MSPRequ=id=250206&lt=1634863115&co=1; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly Set-Cookie: MSCC=175.208.134.150-KR; expires=Wed, 16-Nov-2022 00:38:35 GMT; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly Set-Cookie: OParams=11O.DfOkJaqjLg3rp7g6X3YFDOFlaliJqAgYPsr0t4qNQE!eoriIvom8sHBtgSTLUIYEyc8OF9*LBHLW5bV4ECsFfwt*2CkKwCBA3TGARoOS42ih3Il2P5QoG8Eyg48Pvyp3ngLoqxKztcc3o09D3HIxXwiQymdA3HZ!LhFPdBqrbE80DHGiE51DZnWFpluiDhLQx0m!fP2Awmzcv9W4T87OymIsfVBPBRMSBxkgwmxcfAmXMViII9SuvyY7PlhK0clWUa1uUpwQzS*WNLxDgQXX4WVkVvCoXbOmY7tPnni2XT64NcXW1CcN!wYCQeJEQjW!qonIX1Fkc*U!fUPuY06bfoW!eXQKeip7ZvaYnQhmKiKf5DQS8yAf08DbyFb4meC1FQ08pXKFDx73TTiLnMD3!mbgzQON2V1BlU9Su*vAQRpv; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly Set-Cookie: MSPOK=$uuid-777335c7-c354-4378-ab7e-953784b3aebd; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly Date: Fri, 22 Oct 2021 00:38:34 GMT Content-Length: 26608

GET /download?cid=1836E41CA02A0786&resid=1836E41CA02A0786%21127&authkey=AOx84Mv6sv3iPME HTTP/1.1 User-Agent: aswe Host: onedrive.live.com Cache-Control: no-cache Cookie: E=P:WKvuR/SU2Yg=:LwrDk5LDtN+D2yOnfF4DZECGZjEZk62zJfDHlhNBsDI=:F; xid=5ba1c571-e198-4cb7-8464-02b7f527f120&&RDE42AAC8860E2&342; xidseq=1; wla42=

HTTP/1.1 302 Found Cache-Control: no-cache, no-store Pragma: no-cache Content-Type: text/html Expires: -1 Location: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1634863115&rver=7.3.6962.0&wp=MBI_SSL_SHARED&wreply=https:%2F%2Fonedrive.live.com%2Fdownload%3Fcid%3D1836E41CA02A0786%26resid%3D1836E41CA02A0786%2521127%26authkey%3DAOx84Mv6sv3iPME&lc=1033&id=250206&cbcxt=sky&cbcxt=sky Set-Cookie: E=P:oN1CSPSU2Yg=:doF8rGKaPtkE+PjSASSi7icB5THK3SIbL+uJegnaj7w=:F; domain=.live.com; path=/ Set-Cookie: xidseq=2; domain=.live.com; path=/ Set-Cookie: LD=; domain=.live.com; expires=Thu, 21-Oct-2021 22:58:35 GMT; path=/ Set-Cookie: wla42=; domain=live.com; expires=Fri, 29-Oct-2021 00:38:35 GMT; path=/ X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000 X-MSNServer: RDE42AAC88E775 X-ODWebServer: canadacentral0-odwebpl X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: 6313473A2F784D35946C2C7D4AC5E42C Ref B: SLAEDGE1116 Ref C: 2021-10-22T00:38:35Z Date: Fri, 22 Oct 2021 00:38:35 GMT Content-Length: 0

GET /login.srf?wa=wsignin1.0&rpsnv=13&ct=1634863115&rver=7.3.6962.0&wp=MBI_SSL_SHARED&wreply=https:%2F%2Fonedrive.live.com%2Fdownload%3Fcid%3D1836E41CA02A0786%26resid%3D1836E41CA02A0786%2521127%26authkey%3DAOx84Mv6sv3iPME&lc=1033&id=250206&cbcxt=sky&cbcxt=sky HTTP/1.1 User-Agent: aswe Host: login.live.com Cache-Control: no-cache Connection: Keep-Alive Cookie: E=P:oN1CSPSU2Yg=:doF8rGKaPtkE+PjSASSi7icB5THK3SIbL+uJegnaj7w=:F; xid=5ba1c571-e198-4cb7-8464-02b7f527f120&&RDE42AAC8860E2&342; xidseq=2; wla42=; uaid=d63131269c9d4ec68a2c2b2ae7d13149; MSPRequ=id=250206&lt=1634863115&co=1; MSCC=175.208.134.150-KR; OParams=11O.DfOkJaqjLg3rp7g6X3YFDOFlaliJqAgYPsr0t4qNQE!eoriIvom8sHBtgSTLUIYEyc8OF9*LBHLW5bV4ECsFfwt*2CkKwCBA3TGARoOS42ih3Il2P5QoG8Eyg48Pvyp3ngLoqxKztcc3o09D3HIxXwiQymdA3HZ!LhFPdBqrbE80DHGiE51DZnWFpluiDhLQx0m!fP2Awmzcv9W4T87OymIsfVBPBRMSBxkgwmxcfAmXMViII9SuvyY7PlhK0clWUa1uUpwQzS*WNLxDgQXX4WVkVvCoXbOmY7tPnni2XT64NcXW1CcN!wYCQeJEQjW!qonIX1Fkc*U!fUPuY06bfoW!eXQKeip7ZvaYnQhmKiKf5DQS8yAf08DbyFb4meC1FQ08pXKFDx73TTiLnMD3!mbgzQON2V1BlU9Su*vAQRpv; MSPOK=$uuid-777335c7-c354-4378-ab7e-953784b3aebd

HTTP/1.1 200 OK Cache-Control: no-store, max-age=0 Content-Type: text/html; charset=utf-8 Expires: Fri, 22 Oct 2021 00:37:36 GMT P3P: CP="DSP CUR OTPi IND OTRi ONL FIN" X-Frame-Options: DENY X-DNS-Prefetch-Control: on Link: <https://acctcdn.msauth.net>; rel=preconnect; crossorigin Link: <https://logincdn.msauth.net>; rel=preconnect; crossorigin Link: <https://acctcdn.msauth.net/>; rel=dns-prefetch Link: <https://acctcdn.msftauth.net/>; rel=dns-prefetch Link: <https://acctcdnmsftuswe2.azureedge.net/>; rel=dns-prefetch Link: <https://acctcdnvzeuno.azureedge.net/>; rel=dns-prefetch Link: <https://logincdn.msauth.net/>; rel=dns-prefetch Link: <https://lgincdnvzeuno.azureedge.net/>; rel=dns-prefetch Link: <https://lgincdnmsftuswe2.azureedge.net/>; rel=dns-prefetch Referrer-Policy: strict-origin-when-cross-origin x-ms-route-info: R3_BAY x-ms-request-id: 3939a25c-b244-461c-954b-37e7077927bf PPServer: PPV: 30 H: BY1PPF2DC738E66 V: 0 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000 X-XSS-Protection: 1; mode=block Set-Cookie: uaid=8b55d4c09eff454385d4b957d8b75477; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly Set-Cookie: MSPRequ=id=250206&lt=1634863116&co=2; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly Set-Cookie: OParams=11O.DbNZCvVC6ALG!ggWZmGcQGhV!2UC!Z6rEeSsBQqHtsXr1BuKbNt2lGA7fsiw2Rg9cofZTKbG6N3nmc*S84CRBVIrGjD1OIBqSjBWVOqtQAChTy8qXdpLBYQxhSI1aFb2H8XmCQF2yNJSKQXEMlw9ln8bo2ACDwvD5hMjpKv7hhrCk1qk7oqyYxsbetKyHWevDic0ckHnT6LeT3MXM1Cv1ggMDkUmMqXFo7abwFRGd3nmk3F91CPWur2*NbNTHOWWkMeWu9wFT*E7bZxFrwZ*Ds2Igqj3qnSNCfgTuWfJPae0f4ypj400Q3tONzMIWQl8n9CNfx0*Mz1lqO1d4XPMuw*2FQ9MJKx21g8P4UwkaoBimA0uAQ18uSLA6UARXeH0lru2TLvlf6mcU2KaZ1Vj*8WL5f*azySRonhIRddc6NLQ1LGFib4okd48iLjan0NEaoxCUVNqWjyaO3inIcAfdTRD788ENliM*3lYHVQwZHN3; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly Set-Cookie: MSPOK=$uuid-777335c7-c354-4378-ab7e-953784b3aebd$uuid-be31bc2f-d15e-41fa-84f3-81fc88b83578; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly Date: Fri, 22 Oct 2021 00:38:35 GMT Content-Length: 27365