Network Analysis

GET /download?cid=4C66C628080BCD75&resid=4C66C628080BCD75%21115&authkey=AJjK25H3RYrnKoA HTTP/1.1 User-Agent: lVali Host: onedrive.live.com

HTTP/1.1 302 Found Cache-Control: no-cache, no-store Pragma: no-cache Content-Type: text/html Expires: -1 Location: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1635294282&rver=7.3.6962.0&wp=MBI_SSL_SHARED&wreply=https:%2F%2Fonedrive.live.com%2Fdownload%3Fcid%3D4C66C628080BCD75%26resid%3D4C66C628080BCD75%2521115%26authkey%3DAJjK25H3RYrnKoA&lc=1033&id=250206&cbcxt=sky&cbcxt=sky Set-Cookie: E=P:GIrMK+CY2Yg=:XVfTYxIz52pcDZJaJxXZlTRU0MfTVz2Pg83xjrxKISc=:F; domain=.live.com; path=/ Set-Cookie: xid=d54497cd-1850-4650-b4a0-bfc4b07381b7&&RD00155D996085&347; domain=.live.com; path=/ Set-Cookie: xidseq=1; domain=.live.com; path=/ Set-Cookie: LD=; domain=.live.com; expires=Tue, 26-Oct-2021 22:44:42 GMT; path=/ Set-Cookie: wla42=; domain=live.com; expires=Wed, 03-Nov-2021 00:24:42 GMT; path=/ X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000 X-MSNServer: RD00155D996085 X-ODWebServer: eastus0-odwebpl X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: FC52BE192B1247719178C665A07AFBAA Ref B: SLAEDGE1013 Ref C: 2021-10-27T00:24:42Z Date: Wed, 27 Oct 2021 00:24:42 GMT Content-Length: 0

GET /login.srf?wa=wsignin1.0&rpsnv=13&ct=1635294282&rver=7.3.6962.0&wp=MBI_SSL_SHARED&wreply=https:%2F%2Fonedrive.live.com%2Fdownload%3Fcid%3D4C66C628080BCD75%26resid%3D4C66C628080BCD75%2521115%26authkey%3DAJjK25H3RYrnKoA&lc=1033&id=250206&cbcxt=sky&cbcxt=sky HTTP/1.1 User-Agent: lVali Host: login.live.com Connection: Keep-Alive Cookie: E=P:GIrMK+CY2Yg=:XVfTYxIz52pcDZJaJxXZlTRU0MfTVz2Pg83xjrxKISc=:F; xid=d54497cd-1850-4650-b4a0-bfc4b07381b7&&RD00155D996085&347; xidseq=1; wla42=

HTTP/1.1 200 OK Cache-Control: no-store, max-age=0 Content-Type: text/html; charset=utf-8 Expires: Wed, 27 Oct 2021 00:23:43 GMT P3P: CP="DSP CUR OTPi IND OTRi ONL FIN" X-Frame-Options: DENY Referrer-Policy: strict-origin-when-cross-origin x-ms-route-info: R3_BAY x-ms-request-id: ed1a78ac-119b-4828-8447-2fc63a83bfa9 PPServer: PPV: 30 H: BY1PEPF00001E69 V: 0 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000 X-XSS-Protection: 1; mode=block Set-Cookie: uaid=5f3b4f6520094b6ba995cdefc5ce5799; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly Set-Cookie: MSPRequ=id=250206&lt=1635294283&co=1; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly Set-Cookie: MSCC=175.208.134.150-KR; expires=Mon, 21-Nov-2022 00:24:43 GMT; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly Set-Cookie: OParams=11O.DW!ohh39xAxjBAahgO*QXjvQn52lffUx25U0J*8lptXKNB*gBrS*P5NOaqjcrSEbcHuNHO2aWnylGESUfU9JGEqJvSZgOQa6jXjiHm5zKHXqqcIifh3a3cSx4LwwqTtprx4I6oUAViPBH2zNQDpV!qbPwaIDxVqYfcFGCYljeVeNFAre5rHgVGbPPwdt8KbBVR6AhAHxceq6j8pd9nhfN!8NKnC4Pxpl8D3PEYF1TH2MqpP2S7VLukoTFMrziCpg1EwmzZ*aYFlzY59uhqZWnEjq09Npg3dUnusurOp9cTigx6uTT52MbgfoJtuAXlWnXxrnvjCs9yJs6g3PkN*emsAmGw8NOyyfjs1UnlMOlxUNUJ99k*IgsXak5CP3RElHnTkHJK3ZNBs3u*lhV2SNVMkVYJ*u0ggkl9ivTz3jF2rK00TJN5BiPDxQFkVQfbzwxw$$; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly Set-Cookie: MSPOK=$uuid-0453fe33-6506-4cf1-be64-35623387557e; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly Date: Wed, 27 Oct 2021 00:24:43 GMT Content-Length: 26620

GET /download?cid=4C66C628080BCD75&resid=4C66C628080BCD75%21115&authkey=AJjK25H3RYrnKoA HTTP/1.1 User-Agent: aswe Host: onedrive.live.com Cache-Control: no-cache Cookie: E=P:GIrMK+CY2Yg=:XVfTYxIz52pcDZJaJxXZlTRU0MfTVz2Pg83xjrxKISc=:F; xid=d54497cd-1850-4650-b4a0-bfc4b07381b7&&RD00155D996085&347; xidseq=1; wla42=

HTTP/1.1 302 Found Cache-Control: no-cache, no-store Pragma: no-cache Content-Type: text/html Expires: -1 Location: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1635294283&rver=7.3.6962.0&wp=MBI_SSL_SHARED&wreply=https:%2F%2Fonedrive.live.com%2Fdownload%3Fcid%3D4C66C628080BCD75%26resid%3D4C66C628080BCD75%2521115%26authkey%3DAJjK25H3RYrnKoA&lc=1033&id=250206&cbcxt=sky&cbcxt=sky Set-Cookie: E=P:yZ9JLOCY2Yg=:AJgB1OQuFXvKuGTKwD0RKjwYebID4NyzG6OD+/pHN88=:F; domain=.live.com; path=/ Set-Cookie: xidseq=2; domain=.live.com; path=/ Set-Cookie: LD=; domain=.live.com; expires=Tue, 26-Oct-2021 22:44:43 GMT; path=/ Set-Cookie: wla42=; domain=live.com; expires=Wed, 03-Nov-2021 00:24:43 GMT; path=/ X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000 X-MSNServer: RD0003FF11A7DC X-ODWebServer: centralus1-odwebpl X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: 3E1D7F23B0E3477FB4589F42334D8744 Ref B: SLAEDGE1019 Ref C: 2021-10-27T00:24:43Z Date: Wed, 27 Oct 2021 00:24:43 GMT Content-Length: 0

GET /login.srf?wa=wsignin1.0&rpsnv=13&ct=1635294283&rver=7.3.6962.0&wp=MBI_SSL_SHARED&wreply=https:%2F%2Fonedrive.live.com%2Fdownload%3Fcid%3D4C66C628080BCD75%26resid%3D4C66C628080BCD75%2521115%26authkey%3DAJjK25H3RYrnKoA&lc=1033&id=250206&cbcxt=sky&cbcxt=sky HTTP/1.1 User-Agent: aswe Host: login.live.com Cache-Control: no-cache Connection: Keep-Alive Cookie: E=P:yZ9JLOCY2Yg=:AJgB1OQuFXvKuGTKwD0RKjwYebID4NyzG6OD+/pHN88=:F; xid=d54497cd-1850-4650-b4a0-bfc4b07381b7&&RD00155D996085&347; xidseq=2; wla42=; uaid=5f3b4f6520094b6ba995cdefc5ce5799; MSPRequ=id=250206&lt=1635294283&co=1; MSCC=175.208.134.150-KR; OParams=11O.DW!ohh39xAxjBAahgO*QXjvQn52lffUx25U0J*8lptXKNB*gBrS*P5NOaqjcrSEbcHuNHO2aWnylGESUfU9JGEqJvSZgOQa6jXjiHm5zKHXqqcIifh3a3cSx4LwwqTtprx4I6oUAViPBH2zNQDpV!qbPwaIDxVqYfcFGCYljeVeNFAre5rHgVGbPPwdt8KbBVR6AhAHxceq6j8pd9nhfN!8NKnC4Pxpl8D3PEYF1TH2MqpP2S7VLukoTFMrziCpg1EwmzZ*aYFlzY59uhqZWnEjq09Npg3dUnusurOp9cTigx6uTT52MbgfoJtuAXlWnXxrnvjCs9yJs6g3PkN*emsAmGw8NOyyfjs1UnlMOlxUNUJ99k*IgsXak5CP3RElHnTkHJK3ZNBs3u*lhV2SNVMkVYJ*u0ggkl9ivTz3jF2rK00TJN5BiPDxQFkVQfbzwxw$$; MSPOK=$uuid-0453fe33-6506-4cf1-be64-35623387557e

HTTP/1.1 200 OK Cache-Control: no-store, max-age=0 Content-Type: text/html; charset=utf-8 Expires: Wed, 27 Oct 2021 00:23:44 GMT P3P: CP="DSP CUR OTPi IND OTRi ONL FIN" X-Frame-Options: DENY X-DNS-Prefetch-Control: on Link: <https://acctcdn.msauth.net>; rel=preconnect; crossorigin Link: <https://logincdn.msauth.net>; rel=preconnect; crossorigin Link: <https://acctcdn.msauth.net/>; rel=dns-prefetch Link: <https://acctcdn.msftauth.net/>; rel=dns-prefetch Link: <https://acctcdnmsftuswe2.azureedge.net/>; rel=dns-prefetch Link: <https://acctcdnvzeuno.azureedge.net/>; rel=dns-prefetch Link: <https://logincdn.msauth.net/>; rel=dns-prefetch Link: <https://lgincdnvzeuno.azureedge.net/>; rel=dns-prefetch Link: <https://lgincdnmsftuswe2.azureedge.net/>; rel=dns-prefetch Referrer-Policy: strict-origin-when-cross-origin x-ms-route-info: R3_BAY x-ms-request-id: c9da5b65-e5ab-4355-a4d3-9a2f130e2c88 PPServer: PPV: 30 H: BY1PPF3BA0B2215 V: 0 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000 X-XSS-Protection: 1; mode=block Set-Cookie: uaid=93ba64e3325d46859dd7b4b1455abdaa; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly Set-Cookie: MSPRequ=id=250206&lt=1635294284&co=2; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly Set-Cookie: OParams=11O.DevtkgB1HeEYJxKtE0Nl9weduBlYnjfTWunuPmCGMUE6GUJn9SJlvyy8uKuntSIRatUAFJRIq7vm0RsAQapeqjSVE7vBmqel1Fr!X3Hiw7f0CJuXTHCDb7RfJeVdGmAAuD9p6*AKJmNPFvMpPBM8eKiJKddraJQkEcYHrR!fL8I477zuI9n8mBb5XmTSmx8rsLLuPoZAlreY3okiim3WlywCk9o0Pl0PX8QNmoY20Qaof1UjK!ZIrrsYjBVgSKeylkpDoqCGEJLbr3XLnEBhcSMjrBr8A9LTR3z6e1gvqOr155*SEVP1dEypCZRkDYUnXDtThUwq!3YHBEVoQLAOM43mL0wfAUEBqLrdye8E7DgQzzI3CWCZkzswwQnWDDgJdmwzhOt8QdY5eR2uVS9e6molYT2L0Mr3id2gkrVHExv6Tf!KfQZuv!HkAxdat4f!wIz6Bs7x54PLbtwwI2Lrcy2WFAqV05iofQxl*YQpxyMIpLz5Vh5tTCpJiknHxQWg2w$$; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly Set-Cookie: MSPOK=$uuid-0453fe33-6506-4cf1-be64-35623387557e$uuid-a1852a33-7cc2-4836-97ee-c82561155ff4; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly Date: Wed, 27 Oct 2021 00:24:44 GMT Content-Length: 27287