Network Analysis

GET /download?cid=25E9CF6E21BEFFDC&resid=25E9CF6E21BEFFDC%21106&authkey=AA9IzMKpx1T2bSQ HTTP/1.1 User-Agent: lVali Host: onedrive.live.com

HTTP/1.1 302 Found Cache-Control: no-cache, no-store Pragma: no-cache Content-Type: text/html Expires: -1 Location: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1634950021&rver=7.3.6962.0&wp=MBI_SSL_SHARED&wreply=https:%2F%2Fonedrive.live.com%2Fdownload%3Fcid%3D25E9CF6E21BEFFDC%26resid%3D25E9CF6E21BEFFDC%2521106%26authkey%3DAA9IzMKpx1T2bSQ&lc=1033&id=250206&cbcxt=sky&cbcxt=sky Set-Cookie: E=P:rv+qn76V2Yg=:WkWpuU6RMqWfpoofkgoxZHGWOTgh3b9Zu6o96dPSfI0=:F; domain=.live.com; path=/ Set-Cookie: xid=4e75733d-e5ba-4af3-9ce3-66a6317f017e&&RDE42AAC93FAEF&343; domain=.live.com; path=/ Set-Cookie: xidseq=1; domain=.live.com; path=/ Set-Cookie: LD=; domain=.live.com; expires=Fri, 22-Oct-2021 23:07:00 GMT; path=/ Set-Cookie: wla42=; domain=live.com; expires=Sat, 30-Oct-2021 00:47:01 GMT; path=/ X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000 X-MSNServer: RDE42AAC93FAEF X-ODWebServer: centralus0-odwebpl X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: C3B412CF2DE047849E2187D30A4721D9 Ref B: SLAEDGE1116 Ref C: 2021-10-23T00:47:00Z Date: Sat, 23 Oct 2021 00:47:00 GMT Content-Length: 0

GET /login.srf?wa=wsignin1.0&rpsnv=13&ct=1634950021&rver=7.3.6962.0&wp=MBI_SSL_SHARED&wreply=https:%2F%2Fonedrive.live.com%2Fdownload%3Fcid%3D25E9CF6E21BEFFDC%26resid%3D25E9CF6E21BEFFDC%2521106%26authkey%3DAA9IzMKpx1T2bSQ&lc=1033&id=250206&cbcxt=sky&cbcxt=sky HTTP/1.1 User-Agent: lVali Host: login.live.com Connection: Keep-Alive Cookie: E=P:rv+qn76V2Yg=:WkWpuU6RMqWfpoofkgoxZHGWOTgh3b9Zu6o96dPSfI0=:F; xid=4e75733d-e5ba-4af3-9ce3-66a6317f017e&&RDE42AAC93FAEF&343; xidseq=1; wla42=

HTTP/1.1 200 OK Cache-Control: no-store, max-age=0 Content-Type: text/html; charset=utf-8 Expires: Sat, 23 Oct 2021 00:46:01 GMT P3P: CP="DSP CUR OTPi IND OTRi ONL FIN" X-Frame-Options: DENY X-DNS-Prefetch-Control: on Link: <https://acctcdn.msauth.net>; rel=preconnect; crossorigin Link: <https://logincdn.msauth.net>; rel=preconnect; crossorigin Link: <https://acctcdn.msauth.net/>; rel=dns-prefetch Link: <https://acctcdn.msftauth.net/>; rel=dns-prefetch Link: <https://acctcdnmsftuswe2.azureedge.net/>; rel=dns-prefetch Link: <https://acctcdnvzeuno.azureedge.net/>; rel=dns-prefetch Link: <https://logincdn.msauth.net/>; rel=dns-prefetch Link: <https://lgincdnvzeuno.azureedge.net/>; rel=dns-prefetch Link: <https://lgincdnmsftuswe2.azureedge.net/>; rel=dns-prefetch Referrer-Policy: strict-origin-when-cross-origin x-ms-route-info: R3_BAY x-ms-request-id: 49638fd8-f2f3-4863-a9c3-3d1219d881d8 PPServer: PPV: 30 H: BY1PEPF00001DE6 V: 0 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000 X-XSS-Protection: 1; mode=block Set-Cookie: uaid=0e1633141d444de6aa74eb4a8132df0f; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly Set-Cookie: MSPRequ=id=250206&lt=1634950021&co=1; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly Set-Cookie: MSCC=175.208.134.150-KR; expires=Thu, 17-Nov-2022 00:47:01 GMT; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly Set-Cookie: OParams=11O.DVTz6c0SboFDFU!LPyGpWrqQTdneGIoO*4T8Aan!g0X76rw6xhuGcWTtjRvrSnxPLfgIbYrvVsC4IWNlzZfAiTh6JITLgo3G!sekx*3HufX76kLtliL6YWnUhDXAAFiDeur62*65hbt8XZor*mmS6g0gbWZU15!wHrkCNkcAkGPm!UM5ONyMNMV3SJCfRrWnE9x0uY81ATDZrmLTSghhiNlYRwvEPvUqNT!N6RQf5BiANXTVnIBGhNYlvS45i3M40d!0GHDpV2SmxfOHNkmnLREb43hLzHzAuYfeHXo!5kSJocjwEBsbhkSjC5YI0Cu0GJ3ev1uBzFJwfuZDV9y19y68XzhA*CVVmmio4iC6vvBvy4ouMGZXaJKYukX5pbSlfZApoNddbfLOY2s91sV58xRZU7UH72DevAAyXKS1xPo96azXy0mApmleUfZP*78nyA$$; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly Set-Cookie: MSPOK=$uuid-8788afe9-0d96-4e09-bbea-877bc7247275; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly Date: Sat, 23 Oct 2021 00:47:00 GMT Content-Length: 27277

GET /download?cid=25E9CF6E21BEFFDC&resid=25E9CF6E21BEFFDC%21106&authkey=AA9IzMKpx1T2bSQ HTTP/1.1 User-Agent: aswe Host: onedrive.live.com Cache-Control: no-cache Cookie: E=P:rv+qn76V2Yg=:WkWpuU6RMqWfpoofkgoxZHGWOTgh3b9Zu6o96dPSfI0=:F; xid=4e75733d-e5ba-4af3-9ce3-66a6317f017e&&RDE42AAC93FAEF&343; xidseq=1; wla42=

HTTP/1.1 302 Found Cache-Control: no-cache, no-store Pragma: no-cache Content-Type: text/html Expires: -1 Location: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1634950022&rver=7.3.6962.0&wp=MBI_SSL_SHARED&wreply=https:%2F%2Fonedrive.live.com%2Fdownload%3Fcid%3D25E9CF6E21BEFFDC%26resid%3D25E9CF6E21BEFFDC%2521106%26authkey%3DAA9IzMKpx1T2bSQ&lc=1033&id=250206&cbcxt=sky&cbcxt=sky Set-Cookie: E=P:wXBqoL6V2Yg=:K+u/j9vL5NuDrttGP7t99w5dbtJ4Lbg4Yzc2yzuoi1A=:F; domain=.live.com; path=/ Set-Cookie: xidseq=2; domain=.live.com; path=/ Set-Cookie: LD=; domain=.live.com; expires=Fri, 22-Oct-2021 23:07:01 GMT; path=/ Set-Cookie: wla42=; domain=live.com; expires=Sat, 30-Oct-2021 00:47:02 GMT; path=/ X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000 X-MSNServer: RD00155D997DE3 X-ODWebServer: eastus0-odwebpl X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: 1B52332728FB47B4A1F1F41A0CCCEE59 Ref B: SLAEDGE1116 Ref C: 2021-10-23T00:47:01Z Date: Sat, 23 Oct 2021 00:47:01 GMT Content-Length: 0

GET /login.srf?wa=wsignin1.0&rpsnv=13&ct=1634950022&rver=7.3.6962.0&wp=MBI_SSL_SHARED&wreply=https:%2F%2Fonedrive.live.com%2Fdownload%3Fcid%3D25E9CF6E21BEFFDC%26resid%3D25E9CF6E21BEFFDC%2521106%26authkey%3DAA9IzMKpx1T2bSQ&lc=1033&id=250206&cbcxt=sky&cbcxt=sky HTTP/1.1 User-Agent: aswe Host: login.live.com Cache-Control: no-cache Connection: Keep-Alive Cookie: E=P:wXBqoL6V2Yg=:K+u/j9vL5NuDrttGP7t99w5dbtJ4Lbg4Yzc2yzuoi1A=:F; xid=4e75733d-e5ba-4af3-9ce3-66a6317f017e&&RDE42AAC93FAEF&343; xidseq=2; wla42=; uaid=0e1633141d444de6aa74eb4a8132df0f; MSPRequ=id=250206&lt=1634950021&co=1; MSCC=175.208.134.150-KR; OParams=11O.DVTz6c0SboFDFU!LPyGpWrqQTdneGIoO*4T8Aan!g0X76rw6xhuGcWTtjRvrSnxPLfgIbYrvVsC4IWNlzZfAiTh6JITLgo3G!sekx*3HufX76kLtliL6YWnUhDXAAFiDeur62*65hbt8XZor*mmS6g0gbWZU15!wHrkCNkcAkGPm!UM5ONyMNMV3SJCfRrWnE9x0uY81ATDZrmLTSghhiNlYRwvEPvUqNT!N6RQf5BiANXTVnIBGhNYlvS45i3M40d!0GHDpV2SmxfOHNkmnLREb43hLzHzAuYfeHXo!5kSJocjwEBsbhkSjC5YI0Cu0GJ3ev1uBzFJwfuZDV9y19y68XzhA*CVVmmio4iC6vvBvy4ouMGZXaJKYukX5pbSlfZApoNddbfLOY2s91sV58xRZU7UH72DevAAyXKS1xPo96azXy0mApmleUfZP*78nyA$$; MSPOK=$uuid-8788afe9-0d96-4e09-bbea-877bc7247275

HTTP/1.1 200 OK Cache-Control: no-store, max-age=0 Content-Type: text/html; charset=utf-8 Expires: Sat, 23 Oct 2021 00:46:02 GMT P3P: CP="DSP CUR OTPi IND OTRi ONL FIN" X-Frame-Options: DENY Referrer-Policy: strict-origin-when-cross-origin x-ms-route-info: R3_BAY x-ms-request-id: c70e1f9e-6416-4484-91e6-43ef1349fc27 PPServer: PPV: 30 H: BY1PPFCC1098292 V: 0 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000 X-XSS-Protection: 1; mode=block Set-Cookie: uaid=617bd47c3c8644759c861966ddf65e0a; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly Set-Cookie: MSPRequ=id=250206&lt=1634950022&co=2; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly Set-Cookie: OParams=11O.DWZvSCeQ8HMAZswPpqLmBR!C9R!mir19nUetPq60NB9nx0R9YnKdPS8DB*p5EbZ6Cet520NzIhF48OQB6zAVe9sYKKphBoGoDgr9ZDwFjm13P7AOO05OBuWMCy9zQYKx59puht0s7fb29ea1DFC6f5GQ54CdLhWJcDFuny9DHf37mokrFvnYMs*dauEN9K9XwtvI15tNfti!UqvCUF20QVXmTSwWM8ZMv40Oym55Ia3UoLFMVtxrUljUeOiEI!ynYy5nAyw!II5P5iuKRO*R50mdyG75goBI!*ZCMjjKkxfMQ0ePpE9FM46rTtu7DRXvS7gQc**q0CSB8fIFDYQ2inBnD2KqOhZ0NepCkzgfZCvXK77Bitu3AxkEImzUKNDQM7dXcWgwS0ZQcXTwB0ZDCmOAeApxumTVTpF5WfTbztzsjiGQ8bPBXHU!zRe095TQaGf2NfTfiCFmSua5XNdp3Y!YBoFFNknMnrRsWYq1hMISlWPK7i2JVOMkcADGTEFpBg$$; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly Set-Cookie: MSPOK=$uuid-8788afe9-0d96-4e09-bbea-877bc7247275$uuid-f20b9099-982a-4f1b-afa1-b602b66af4bb; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly Date: Sat, 23 Oct 2021 00:47:01 GMT Content-Length: 26597