urlscan.io logo urlscan.io
SecurityTrails logo

livefreemakeup.com Open in urlscan Pro
20.12.97.102  Public Scan

Go To Rescan Add Verdict Report
URL: https://livefreemakeup.com/
Submission: On October 25 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 1 countries across 5 domains to perform 18 HTTP transactions. The main IP is 20.12.97.102, located in Boydton, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is livefreemakeup.com.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on October 25th 2023. Valid for: 6 months.
This is the only time livefreemakeup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 20.12.97.102 8075 (MICROSOFT...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 2606:4700:e2:... 13335 (CLOUDFLAR...)
1 13.107.42.13 8068 (MICROSOFT...)
7 2600:141b:f00... 20940 (AKAMAI-ASN1)
1 2603:1063:200... 8075 (MICROSOFT...)
1 2 20.125.209.212 ()
1 1 2620:1ec:c11:... ()
18 7
2    20.12.97.102 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
livefreemakeup.com
1    2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
5    2606:4700:e2::ac40:8309 (United States)

ASN13335 (CLOUDFLARENET, US)
ka-f.fontawesome.com
1    13.107.42.13 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
onedrive.live.com
7    2600:141b:f000:37::1728:1216 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
res-1.cdn.office.net
1    2603:1063:2000::12 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
excel.officeapps.live.com
2    20.125.209.212 (None, )

ASN- ()
c.live.com
1    2620:1ec:c11::200 (None, )

ASN- ()
c.bing.com
Apex Domain
Subdomains		 Transfer
7 office.net
res-1.cdn.office.net — Cisco Umbrella Rank: 421
300 KB
6 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 1848
ka-f.fontawesome.com — Cisco Umbrella Rank: 3656
181 KB
4 live.com
onedrive.live.com — Cisco Umbrella Rank: 690
excel.officeapps.live.com — Cisco Umbrella Rank: 2877
c.live.com
26 KB
2 livefreemakeup.com
livefreemakeup.com
2 KB
1 bing.com
c.bing.com
1 KB
18 5
Domain Requested by
7 res-1.cdn.office.net onedrive.live.com
5 ka-f.fontawesome.com kit.fontawesome.com
livefreemakeup.com
2 c.live.com 1 redirects
2 livefreemakeup.com livefreemakeup.com
1 c.bing.com 1 redirects
1 excel.officeapps.live.com onedrive.live.com
1 onedrive.live.com livefreemakeup.com
1 kit.fontawesome.com livefreemakeup.com
18 8

This site contains no links.

Subject Issuer Validity Valid
livefreemakeup.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-10-25 -
2024-04-25		 6 months crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-22 -
2023-12-23		 a year crt.sh
ka-f.fontawesome.com
GTS CA 1P5		 2023-09-10 -
2023-12-09		 3 months crt.sh
onedrive.com
Microsoft Azure TLS Issuing CA 02		 2023-08-06 -
2024-06-27		 a year crt.sh
*.res.outlook.com
DigiCert SHA2 Secure Server CA		 2023-04-17 -
2024-04-17		 a year crt.sh
officeapps.live.com
Microsoft Azure TLS Issuing CA 02		 2023-06-20 -
2024-06-14		 a year crt.sh

This page contains 3 frames:

Primary Page: https://livefreemakeup.com/
Frame ID: D42890AEC9541333DD0AE9BEE88E9C6A
Requests: 8 HTTP requests in this frame

Frame: https://onedrive.live.com/embed?resid=B4684487C76950C%21498&authkey=!ALc7gBBd183jTNk&em=2
Frame ID: 2389DFA2E83A99915F1A2C2405ECDA7B
Requests: 9 HTTP requests in this frame

Frame: https://excel.officeapps.live.com/x/_layouts/xlembed.aspx?ui=en-US&rs=en-US&hid=0vyloD81f0SxwtonhGkOEg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FB4684487C76950C%21498&sc=host%3D%26qt%3DDefault%26pt%3Dem
Frame ID: 9C756A9984BD1571380686C18E006FAB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

livefreemakeup

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

94 %
HTTPS

63 %
IPv6

5
Domains

8
Subdomains

7
IPs

1
Countries

509 kB
Transfer

1463 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://c.live.com/c.gif?DI=15347&wlxid=494037aa-ab83-46e6-9179-b01a83b3fc8e&reqid=001cba13d44&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD0003FF11A1A7%26MA%3Den-US%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D4182%26IR%3D1%26EX%3D0%26L.h%3D971%26L.sjs%3D1814%26L.ttg%3D971%26C.st%3D1698259996338%26N.domIn%3D983%26N.tcp%3D58%26N.req%3D490%26N.resp%3D45%26N.navType%3D0%26N.redirectCount%3D0&r=0.9005097419472268 HTTP 302
  • https://c.bing.com/c.gif?DI=15347&wlxid=494037aa-ab83-46e6-9179-b01a83b3fc8e&reqid=001cba13d44&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD0003FF11A1A7%26MA%3Den-US%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D4182%26IR%3D1%26EX%3D0%26L.h%3D971%26L.sjs%3D1814%26L.ttg%3D971%26C.st%3D1698259996338%26N.domIn%3D983%26N.tcp%3D58%26N.req%3D490%26N.resp%3D45%26N.navType%3D0%26N.redirectCount%3D0&r=0.9005097419472268&ctsa=mr&CtsSyncId=2E99AAA96DAA4E8BB4A67B166E1B7382&RedC=c.live.com&MXFR=1A61C61439E46F972D41D5A13DE46B08 HTTP 302
  • https://c.live.com/c.gif?DI=15347&wlxid=494037aa-ab83-46e6-9179-b01a83b3fc8e&reqid=001cba13d44&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD0003FF11A1A7%26MA%3Den-US%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D4182%26IR%3D1%26EX%3D0%26L.h%3D971%26L.sjs%3D1814%26L.ttg%3D971%26C.st%3D1698259996338%26N.domIn%3D983%26N.tcp%3D58%26N.req%3D490%26N.resp%3D45%26N.navType%3D0%26N.redirectCount%3D0&r=0.9005097419472268&ctsa=mr&CtsSyncId=2E99AAA96DAA4E8BB4A67B166E1B7382&MUID=1A61C61439E46F972D41D5A13DE46B08

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
livefreemakeup.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://livefreemakeup.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.12.97.102 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3e6d62d5c59f7fbe437c9e711efc092d7a966406163b80546749f4cf544f179c
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
public, must-revalidate, max-age=30
content-encoding
br
content-type
text/html
date
Wed, 25 Oct 2023 18:53:15 GMT
etag
"83553422"
last-modified
Wed, 25 Oct 2023 18:39:45 GMT
referrer-policy
same-origin
strict-transport-security
max-age=10886400; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
style.css
livefreemakeup.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://livefreemakeup.com/style.css
Requested by
Host: livefreemakeup.com
URL: https://livefreemakeup.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.12.97.102 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9f2cd5b52c8cd65a3e48e474059ebe8b2e7df06208fd7620d33d1fe529ab80ca
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://livefreemakeup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 18:53:16 GMT
content-encoding
br
referrer-policy
same-origin
strict-transport-security
max-age=10886400; includeSubDomains; preload
last-modified
Wed, 25 Oct 2023 18:39:45 GMT
x-content-type-options
nosniff
etag
"83553422"
vary
Accept-Encoding
x-dns-prefetch-control
off
content-type
text/css
cache-control
public, must-revalidate, max-age=30
x-xss-protection
1; mode=block
b0d198bb12.js
kit.fontawesome.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/b0d198bb12.js
Requested by
Host: livefreemakeup.com
URL: https://livefreemakeup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1b3c9993974ce76aaaa9d7c14131cb29198bbd232096b8f8405e0f5a7333d41

Request headers

Referer
Origin
https://livefreemakeup.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 18:53:16 GMT
content-encoding
gzip
cf-cache-status
MISS
server
cloudflare
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
content-type
text/javascript
cache-control
max-age=60, public, stale-while-revalidate=30
cf-ray
81bca9509c48d9d5-MIA
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
F5FueAf2YIJRGi0crPoj
free.min.css
ka-f.fontawesome.com/releases/v6.4.2/css/ 		100 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.4.2/css/free.min.css?token=b0d198bb12
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/b0d198bb12.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8309 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e0821588462d15b0ff8e911760fc041332c162e2e30ab4b1071bcc8eb6c8223

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 18:53:16 GMT
via
1.1 96ec34ce0a0b54341f66006912ddc5d4.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
MIA3-C3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 01 Aug 2023 19:07:56 GMT
server
cloudflare
etag
W/"ae737a19e46fd502ba9cbe9e33213861"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nocq6jlHIYeAUwfEigPHD6elfKD%2Bwqai6NJDth99IjkGMwnUQCJTHetc2asGG%2BVzNU1Z4Nd5tgJykw3kn6pYnV9MOgjg15996KTOh7939PUtwsRq6d6a%2FOqqq3K9DEwrC5ndHNrGnag2RPv82fQ8BqKsPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
81bca9519979571e-MIA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
Ha7Qjh28Knu8eLbvXPG1NCJQduvfMf5xeXjr-VVBvJ2neYwNyf1K1Q==
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v6.4.2/css/ 		27 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.4.2/css/free-v4-shims.min.css?token=b0d198bb12
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/b0d198bb12.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8309 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
236e285339a2a692e9491d356489cdf83513cfb1add049a0620123d644e47554

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 18:53:16 GMT
via
1.1 ad3b284751d880099667fccef7bc24e6.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
MIA3-C3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 01 Aug 2023 19:07:56 GMT
server
cloudflare
etag
W/"da06df503ced6ee507b5fb4fa0999f74"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ypkWD5TuVyLevjzGt2uxjvlTmLsIQbmtftJgVJi0fjhK5M4sg3Bk8D65DPa1cN6IApfgvYtmB45C3z5rNxQ9T21A2i%2FFa6pQBx3PYFyfgwzPc%2FQOR9dWL%2BbZsSHhsfwhx0LRHN3PFVhW43A%2BQgUvJASbiA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
81bca951997a571e-MIA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
K4xwLfDpz1GN3kd_chipHZKcXVti6jMVMpfyh3_Qomn54FSU3xXC3Q==
free-v5-font-face.min.css
ka-f.fontawesome.com/releases/v6.4.2/css/ 		823 B
718 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.4.2/css/free-v5-font-face.min.css?token=b0d198bb12
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/b0d198bb12.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8309 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e81443469aa4b967191ce19b7474eb223746a2b8d5dc42d3786da84d99dfad9

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 18:53:16 GMT
via
1.1 64f46386c7d793ef08095943662bb42a.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
MIA3-C3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 01 Aug 2023 19:07:56 GMT
server
cloudflare
etag
W/"dbf296002d53e56d340b105d9d764940"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rq5RbnnGvXCYdtArS9hokwKksmKutUBOtS4uFY6N6LUQhATHS8wPZBDS1aa7gMn9NJUdD3lnOOUKa0SCvS16jrjqaKy4j71BAILScfGZkrn6gU8nv%2BH2egEy53rHabjdlX%2BWzV2iLXi67Km2zcxYotAvaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
81bca9519976571e-MIA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
aeKb36W4OvceXz7HmTL4n8J3vBTZzis--Rvvp5DzXhXMDmI2qz-4CQ==
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v6.4.2/css/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.4.2/css/free-v4-font-face.min.css?token=b0d198bb12
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/b0d198bb12.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8309 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c58c4804370b9c347d517491c450416ca371fb1403aceaa1d6f751403b07c48

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 18:53:16 GMT
via
1.1 c8ee9137ed6341821e410f1ccbd20d4c.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
MIA3-C3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 01 Aug 2023 19:07:56 GMT
server
cloudflare
etag
W/"9b853b50f37dd0ca770ce0f294d427df"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fW9OhbT4DBRLKXSn5GdFogyc7fq%2BIkWouVsjRfg%2F5gBReXNUliUv4fPePtj0aDe3tL90LEAzBW2lNicWntKGYBUuSyleJ%2F4%2F245K9Ovsry9foFoijcXIbXNFlBHdcTGVQFKkVutivnTe0tw73PrNbog4EA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
81bca9519978571e-MIA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
JukqRqkjg3DX3j95biSzziIlwnM3jNR3KZVHUVDcDE3Pk1TYXrQ-Fg==
embed
onedrive.live.com/ Frame 2389 		73 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onedrive.live.com/embed?resid=B4684487C76950C%21498&authkey=!ALc7gBBd183jTNk&em=2
Requested by
Host: livefreemakeup.com
URL: https://livefreemakeup.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d579f15fcc1929b6c9909e459806660657679ae9a1f8e733ee92e5a6e23905d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 25 Oct 2023 18:53:16 GMT
expires
-1
pragma
no-cache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-msedge-ref
Ref A: 0E6D44D5F2274A57BC1C92E995D297A9 Ref B: MIAEDGE1907 Ref C: 2023-10-25T18:53:16Z
x-msnserver
RD0003FF11A1A7
x-odwebserver
centralus1-odwebpl
free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v6.4.2/webfonts/ 		147 KB
147 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.4.2/webfonts/free-fa-solid-900.woff2
Requested by
Host: livefreemakeup.com
URL: https://livefreemakeup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8309 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3e9a900f61c6811de529e4227226b898ce88b65a66347d0088a2da3af5e60b5

Request headers

Referer
https://livefreemakeup.com/
Origin
https://livefreemakeup.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 18:53:16 GMT
via
1.1 ad3b284751d880099667fccef7bc24e6.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
MIA3-C3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
150020
last-modified
Tue, 01 Aug 2023 19:25:32 GMT
server
cloudflare
etag
"a8dcee416ebfe6e615e5902a49500e48"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dYNIJiavOp0N445qWbZMJz6AnfgkyvBTiINiqAYlsUdrnqN72dWpC%2BotW%2FetHiwCnhz9pQHO%2FnbER814hL0tEYdKdpk1sFA3DltMnenQbS2z3rQ5BQTqXRaXEcuqz92n%2FOeqD0TUE9tvMutWA69x6shVQA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
81bca951f9dc571e-MIA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
pbwC1r0_5enIr2eI-7LlI_gFRQ-VJeeCVBnZXlL9imBKXKr3TaSUkA==
filescss1-11eb1969.css
res-1.cdn.office.net/files/onedrive-website-release-prod_master_20220804.001// Frame 2389 		85 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://res-1.cdn.office.net/files/onedrive-website-release-prod_master_20220804.001//filescss1-11eb1969.css
Requested by
Host: onedrive.live.com
URL: https://onedrive.live.com/embed?resid=B4684487C76950C%21498&authkey=!ALc7gBBd183jTNk&em=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:37::1728:1216 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onedrive.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 18:53:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
content-length
15784
last-modified
Fri, 05 Aug 2022 05:56:51 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=EDISON&ASN=20940&Country=US&Region=NJ&RequestIdentifier=0.16112817.1698259997.3df4922"}],"include_subdomains ":true}
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
b525069a-c01e-0061-53ed-1adcd4000000
access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control
public, max-age=630720000
timing-allow-origin
*
filescss2-7859787f.css
res-1.cdn.office.net/files/onedrive-website-release-prod_master_20220804.001// Frame 2389 		169 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://res-1.cdn.office.net/files/onedrive-website-release-prod_master_20220804.001//filescss2-7859787f.css
Requested by
Host: onedrive.live.com
URL: https://onedrive.live.com/embed?resid=B4684487C76950C%21498&authkey=!ALc7gBBd183jTNk&em=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:37::1728:1216 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
85b57eaee8f090113ca4eb0584c8e22f1e1a891efbac13b9251676ea5e968449
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onedrive.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 18:53:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
alt-svc
h3=":443"; ma=93600
content-length
30612
last-modified
Fri, 05 Aug 2022 05:56:51 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=EDISON&ASN=20940&Country=US&Region=NJ&RequestIdentifier=0.16112817.1698259997.3df4921"}],"include_subdomains ":true}
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
49d7bea7-101e-0040-2d62-aecdf9000000
access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control
public, max-age=630720000
timing-allow-origin
*
xlembed.aspx
excel.officeapps.live.com/x/_layouts/ Frame 9C75 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://excel.officeapps.live.com/x/_layouts/xlembed.aspx?ui=en-US&rs=en-US&hid=0vyloD81f0SxwtonhGkOEg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FB4684487C76950C%21498&sc=host%3D%26qt%3DDefault%26pt%3Dem
Requested by
Host: onedrive.live.com
URL: https://onedrive.live.com/embed?resid=B4684487C76950C%21498&authkey=!ALc7gBBd183jTNk&em=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1063:2000::12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy font-src data: 'self' res-1.cdn.office.net *.cdn.office.net res-cn.cdn.partner.office365.cn res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-dev.cdn.officeppe.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com spoprod-a.akamaihd.net *.azureedge.net fs.microsoft.com *.officeapps.live.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' res-1.cdn.office.net *.officeapps.live.com *.msftauth.net js.monitor.azure.com *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.rt.microsoft.com res-prod.cdn.office.net res.cdn.office.net messaging.office.com messaging.growth.office.com messaging.action.office.com messaging.engagement.office.com content.lifecycle.office.net www.microsoft.com *.cdn.office.net res-cn.cdn.partner.office365.cn res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-dev.cdn.officeppe.net; style-src 'self' 'unsafe-inline' 'unsafe-eval' res-1.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com *.cdn.office.net res-cn.cdn.partner.office365.cn res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-dev.cdn.officeppe.net; media-src blob: *.skype.com *.skypeassets.com *.officeapps.live.com; object-src 'self'; child-src blob: * ms-excel:; worker-src blob: 'self'; img-src * data: blob:; report-uri /x/reportcsp.ashx
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://onedrive.live.com
Referer
https://onedrive.live.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store
content-encoding
gzip
content-security-policy
font-src data: 'self' res-1.cdn.office.net *.cdn.office.net res-cn.cdn.partner.office365.cn res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-dev.cdn.officeppe.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com spoprod-a.akamaihd.net *.azureedge.net fs.microsoft.com *.officeapps.live.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' res-1.cdn.office.net *.officeapps.live.com *.msftauth.net js.monitor.azure.com *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.rt.microsoft.com res-prod.cdn.office.net res.cdn.office.net messaging.office.com messaging.growth.office.com messaging.action.office.com messaging.engagement.office.com content.lifecycle.office.net www.microsoft.com *.cdn.office.net res-cn.cdn.partner.office365.cn res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-dev.cdn.officeppe.net; style-src 'self' 'unsafe-inline' 'unsafe-eval' res-1.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com *.cdn.office.net res-cn.cdn.partner.office365.cn res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-dev.cdn.officeppe.net; media-src blob: *.skype.com *.skypeassets.com *.officeapps.live.com; object-src 'self'; child-src blob: * ms-excel:; worker-src blob: 'self'; img-src * data: blob:; report-uri /x/reportcsp.ashx
content-type
text/html; charset=utf-8
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 18:53:16 GMT
document-policy
js-profiling
expires
-1
nel
{"report_to":"network-errors","max_age":604800,"include_subdomains":true,"success_fraction":0.01,"failure_fraction":1.0}
origin-agent-cluster
?1
origin-trial
AtAgCmjF9NSDe7WG5+zXddNhpryHIhWvHG5BxTAcMRn1V9oswBhX2RSXHeDxLcwXMB/NYHr3BAXOBJJY1ita2BAAAABteyJvcmlnaW4iOiJodHRwczovL29mZmljZWFwcHMubGl2ZS5jb206NDQzIiwiaXNTdWJkb21haW4iOnRydWUsImZlYXR1cmUiOiJIYXB0aWNzRGV2aWNlIiwiZXhwaXJ5IjoxNzAzOTgwODAwfQ==
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma
no-cache
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://excelonline.nel.measure.office.net/api/report?FrontEnd=AFD&DestinationEndpoint=Edge-Prod-MIA30r5b&DC=PUS9&FileSource="}]}
reporting-endpoints
default="https://excel.officeapps.live.com/x/BrowserReportingHandler.ashx"
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
944920c5-a84f-49d5-9365-fd744c2614c7
x-msedge-features
afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_excelslicetest
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,5e4w=afd_excelslicetest
x-msedge-ref
Ref A: A34A40E3693148C5BA7C54F13CB410A2 Ref B: MIA301000103009 Ref C: 2023-10-25T18:53:17Z
x-officecluster
PUS9
x-officefd
BN3PEPF00009DCB
x-officefe
BN3PEPF00005145
x-officeversion
16.0.17018.42305
x-usersessionid
944920c5-a84f-49d5-9365-fd744c2614c7
jquery-1.7.2-39eeb07e.js
res-1.cdn.office.net/files/onedrive-website-release-prod_master_20220804.001/ Frame 2389 		92 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res-1.cdn.office.net/files/onedrive-website-release-prod_master_20220804.001/jquery-1.7.2-39eeb07e.js
Requested by
Host: onedrive.live.com
URL: https://onedrive.live.com/embed?resid=B4684487C76950C%21498&authkey=!ALc7gBBd183jTNk&em=2
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2600:141b:f000:37::1728:1216 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
d6c15974b6181a68e9b74e4f38fbac81d640569ef0fbbaa3381cc59683a9763f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://onedrive.live.com/
Origin
https://onedrive.live.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 18:53:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
alt-svc
h3=":443"; ma=93600
content-length
33335
last-modified
Fri, 05 Aug 2022 05:56:47 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=EDISON&ASN=20940&Country=US&Region=NJ&RequestIdentifier=0.16112817.1698259997.3df49da"}],"include_subdomains ":true}
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
fb7b8cd4-401e-005d-5e62-aec045000000
access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control
public, max-age=630720000
timing-allow-origin
*
quic-version
0x00000001
embed_s_embed-02df9e94.js
res-1.cdn.office.net/files/onedrive-website-release-prod_master_20220804.001/ Frame 2389 		486 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res-1.cdn.office.net/files/onedrive-website-release-prod_master_20220804.001/embed_s_embed-02df9e94.js
Requested by
Host: onedrive.live.com
URL: https://onedrive.live.com/embed?resid=B4684487C76950C%21498&authkey=!ALc7gBBd183jTNk&em=2
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2600:141b:f000:37::1728:1216 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
1cdfe8a8c95a5a93f441830b2a18dbe884016235e11b55dc7955505f5992ab5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://onedrive.live.com/
Origin
https://onedrive.live.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 18:53:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
alt-svc
h3=":443"; ma=93600
content-length
137086
last-modified
Fri, 05 Aug 2022 05:56:53 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=EDISON&ASN=20940&Country=US&Region=NJ&RequestIdentifier=0.16112817.1698259997.3df49d9"}],"include_subdomains ":true}
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e67ecc6e-601e-0059-0c84-bd4581000000
access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control
public, max-age=630720000
timing-allow-origin
*
quic-version
0x00000001
embed1-73836002.js
res-1.cdn.office.net/files/onedrive-website-release-prod_master_20220804.001/ Frame 2389 		47 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res-1.cdn.office.net/files/onedrive-website-release-prod_master_20220804.001/embed1-73836002.js
Requested by
Host: onedrive.live.com
URL: https://onedrive.live.com/embed?resid=B4684487C76950C%21498&authkey=!ALc7gBBd183jTNk&em=2
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2600:141b:f000:37::1728:1216 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
24a1d530f47847a53c5d016e452ef4d2e9eb89eb97b6e8d8907d1f4e3216d556
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://onedrive.live.com/
Origin
https://onedrive.live.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 18:53:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
alt-svc
h3=":443"; ma=93600
content-length
14141
last-modified
Fri, 05 Aug 2022 05:56:53 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=EDISON&ASN=20940&Country=US&Region=NJ&RequestIdentifier=0.16112817.1698259998.3df4abe"}],"include_subdomains ":true}
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e9ef0d2e-a01e-0034-3c03-bef1ca000000
access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control
public, max-age=630720000
timing-allow-origin
*
quic-version
0x00000001
embed2-34d50142.js
res-1.cdn.office.net/files/onedrive-website-release-prod_master_20220804.001/ Frame 2389 		203 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res-1.cdn.office.net/files/onedrive-website-release-prod_master_20220804.001/embed2-34d50142.js
Requested by
Host: onedrive.live.com
URL: https://onedrive.live.com/embed?resid=B4684487C76950C%21498&authkey=!ALc7gBBd183jTNk&em=2
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2600:141b:f000:37::1728:1216 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
bebee2d55b1641e7b16ba986128936cf7318aa01388f748ee4e5ee4083cff529
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://onedrive.live.com/
Origin
https://onedrive.live.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 18:53:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
alt-svc
h3=":443"; ma=93600
content-length
69158
last-modified
Fri, 05 Aug 2022 05:56:48 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=EDISON&ASN=20940&Country=US&Region=NJ&RequestIdentifier=0.16112817.1698259998.3df4abf"}],"include_subdomains ":true}
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
3180bbaa-301e-0009-7081-bd87d1000000
access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control
public, max-age=630720000
timing-allow-origin
*
quic-version
0x00000001
embed0-425fbbd1.js
res-1.cdn.office.net/files/onedrive-website-release-prod_master_20220804.001/ Frame 2389 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res-1.cdn.office.net/files/onedrive-website-release-prod_master_20220804.001/embed0-425fbbd1.js
Requested by
Host: onedrive.live.com
URL: https://onedrive.live.com/embed?resid=B4684487C76950C%21498&authkey=!ALc7gBBd183jTNk&em=2
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2600:141b:f000:37::1728:1216 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f197ff63bcea0dc2e572e72f231ac1b493800866a21428eccd6e0a0fac1081e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://onedrive.live.com/
Origin
https://onedrive.live.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 18:53:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
alt-svc
h3=":443"; ma=93600
content-length
5912
last-modified
Fri, 05 Aug 2022 05:56:49 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=EDISON&ASN=20940&Country=US&Region=NJ&RequestIdentifier=0.16112817.1698259998.3df4ac3"}],"include_subdomains ":true}
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
3128d3d5-c01e-001d-7b1a-bccfbe000000
access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control
public, max-age=630720000
timing-allow-origin
*
quic-version
0x00000001
c.gif
c.live.com/ Frame 2389
Redirect Chain
  • https://c.live.com/c.gif?DI=15347&wlxid=494037aa-ab83-46e6-9179-b01a83b3fc8e&reqid=001cba13d44&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD0003FF11A1A7%26MA%3Den-US%26B%3D0.0.0%26TR%3DNA%252ANA%252A...
  • https://c.bing.com/c.gif?DI=15347&wlxid=494037aa-ab83-46e6-9179-b01a83b3fc8e&reqid=001cba13d44&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD0003FF11A1A7%26MA%3Den-US%26B%3D0.0.0%26TR%3DNA%252ANA%252A...
  • https://c.live.com/c.gif?DI=15347&wlxid=494037aa-ab83-46e6-9179-b01a83b3fc8e&reqid=001cba13d44&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD0003FF11A1A7%26MA%3Den-US%26B%3D0.0.0%26TR%3DNA%252ANA%252A...
42 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.live.com/c.gif?DI=15347&wlxid=494037aa-ab83-46e6-9179-b01a83b3fc8e&reqid=001cba13d44&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD0003FF11A1A7%26MA%3Den-US%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D4182%26IR%3D1%26EX%3D0%26L.h%3D971%26L.sjs%3D1814%26L.ttg%3D971%26C.st%3D1698259996338%26N.domIn%3D983%26N.tcp%3D58%26N.req%3D490%26N.resp%3D45%26N.navType%3D0%26N.redirectCount%3D0&r=0.9005097419472268&ctsa=mr&CtsSyncId=2E99AAA96DAA4E8BB4A67B166E1B7382&MUID=1A61C61439E46F972D41D5A13DE46B08
Protocol
H2
Server
20.125.209.212 -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onedrive.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 18:53:20 GMT
last-modified
Wed, 30 Aug 2023 19:01:59 GMT
server
Microsoft-IIS/10.0
etag
"3f4a4a7474dbd91:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 18:53:20 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 19CEF7212F004DF088802CA822D2DBA1 Ref B: MIAEDGE2705 Ref C: 2023-10-25T18:53:20Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.live.com/c.gif?DI=15347&wlxid=494037aa-ab83-46e6-9179-b01a83b3fc8e&reqid=001cba13d44&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD0003FF11A1A7%26MA%3Den-US%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D4182%26IR%3D1%26EX%3D0%26L.h%3D971%26L.sjs%3D1814%26L.ttg%3D971%26C.st%3D1698259996338%26N.domIn%3D983%26N.tcp%3D58%26N.req%3D490%26N.resp%3D45%26N.navType%3D0%26N.redirectCount%3D0&r=0.9005097419472268&ctsa=mr&CtsSyncId=2E99AAA96DAA4E8BB4A67B166E1B7382&MUID=1A61C61439E46F972D41D5A13DE46B08
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| FontAwesomeKitConfig

4 Cookies

Domain/Path Name / Value
excel.officeapps.live.com/x/_layouts Name: Excel_CurrentVersion_Artifacts
Value: 161701842305
excel.officeapps.live.com/x/_layouts Name: PLTBrowserCachedVersions
Value: %7B%22cachedVersions%22%3A%5B%7B%22version%22%3A%2216.0.17018.42305%22%2C%22initiallyCachedAt%22%3A1698259998897%2C%22resourceUrls%22%3A%5B%22https%3A%2F%2Fres-1.cdn.office.net%3A443%2Fofficeonline%2Fx%2Fs%2F161701842305__layouts%2FApp_Scripts%2FEwaTS.js%22%2C%22https%3A%2F%2Fres-1.cdn.office.net%3A443%2Fofficeonline%2Fx%2Fs%2F161701842305__layouts%2FApp_Scripts%2FMicrosoftAjaxDS.js%22%2C%22https%3A%2F%2Fres-1.cdn.office.net%3A443%2Fofficeonline%2Fx%2Fs%2F161701842305__layouts%2FApp_Scripts%2F1033%2FEwa.Strings.Wac.js%22%2C%22https%3A%2F%2Fres-1.cdn.office.net%3A443%2Fofficeonline%2Fx%2Fs%2F161701842305__layouts%2FResources%2F1033%2FEwrDefault.css%22%2C%22https%3A%2F%2Fres-1.cdn.office.net%3A443%2Fofficeonline%2Fx%2Fs%2F161701842305__layouts%2FResources%2F1033%2Fexcelframe.css%22%2C%22https%3A%2F%2Fres-1.cdn.office.net%3A443%2Fofficeonline%2Fx%2Fs%2F161701842305__layouts%2FApp_Scripts%2FgridRenderer.min.js%22%5D%7D%5D%7D
.excel.officeapps.live.com/ Name: PUS9-Excel-ARRAffinity
Value: 38b5417ebfb82df20159689a05571c9eec00c373854e54070086e2122176fa2e
.shared.officeapps.live.com/ Name: PUS8-ARRAffinity
Value: 3be6887370ee8fab2d36e64fdbffeaf300bfc691418dbf9047e035c6cf88c498

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.bing.com
c.live.com
excel.officeapps.live.com
ka-f.fontawesome.com
kit.fontawesome.com
livefreemakeup.com
onedrive.live.com
res-1.cdn.office.net
13.107.42.13
20.12.97.102
20.125.209.212
2600:141b:f000:37::1728:1216
2603:1063:2000::12
2606:4700::6812:1634
2606:4700:e2::ac40:8309
2620:1ec:c11::200
0e81443469aa4b967191ce19b7474eb223746a2b8d5dc42d3786da84d99dfad9
1cdfe8a8c95a5a93f441830b2a18dbe884016235e11b55dc7955505f5992ab5b
236e285339a2a692e9491d356489cdf83513cfb1add049a0620123d644e47554
24a1d530f47847a53c5d016e452ef4d2e9eb89eb97b6e8d8907d1f4e3216d556
3e6d62d5c59f7fbe437c9e711efc092d7a966406163b80546749f4cf544f179c
5e0821588462d15b0ff8e911760fc041332c162e2e30ab4b1071bcc8eb6c8223
6c58c4804370b9c347d517491c450416ca371fb1403aceaa1d6f751403b07c48
85b57eaee8f090113ca4eb0584c8e22f1e1a891efbac13b9251676ea5e968449
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9f2cd5b52c8cd65a3e48e474059ebe8b2e7df06208fd7620d33d1fe529ab80ca
a1b3c9993974ce76aaaa9d7c14131cb29198bbd232096b8f8405e0f5a7333d41
bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc
bebee2d55b1641e7b16ba986128936cf7318aa01388f748ee4e5ee4083cff529
d3e9a900f61c6811de529e4227226b898ce88b65a66347d0088a2da3af5e60b5
d579f15fcc1929b6c9909e459806660657679ae9a1f8e733ee92e5a6e23905d7
d6c15974b6181a68e9b74e4f38fbac81d640569ef0fbbaa3381cc59683a9763f
f197ff63bcea0dc2e572e72f231ac1b493800866a21428eccd6e0a0fac1081e2