chilled-windows-95.mp3cielo.co Open in urlscan Pro
2606:4700:3037::ac43:9594  Public Scan

URL: https://chilled-windows-95.mp3cielo.co/
Submission Tags: @phishunt_io
Submission: On November 28 via api from DE — Scanned from DE

Summary

This website contacted 11 IPs in 3 countries across 10 domains to perform 28 HTTP transactions. The main IP is 2606:4700:3037::ac43:9594, located in United States and belongs to CLOUDFLARENET, US. The main domain is chilled-windows-95.mp3cielo.co.
TLS certificate: Issued by E1 on October 7th 2022. Valid for: 3 months.
This is the only time chilled-windows-95.mp3cielo.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
8 gstatic.com
fonts.gstatic.com
160 KB
6 napster.com
api.napster.com — Cisco Umbrella Rank: 101513
995 KB
4 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 108
65 KB
3 mp3cielo.co
chilled-windows-95.mp3cielo.co
85 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 84
20 KB
2 amung.us
whos.amung.us — Cisco Umbrella Rank: 10208
widgets.amung.us — Cisco Umbrella Rank: 14135
692 B
1 vianoivernom.com
vianoivernom.com — Cisco Umbrella Rank: 320031
356 B
1 lmp3.org
go.lmp3.org — Cisco Umbrella Rank: 415500
1 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 107
2 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 106
43 KB
28 10
Domain Requested by
8 fonts.gstatic.com fonts.googleapis.com
6 api.napster.com chilled-windows-95.mp3cielo.co
4 i.ytimg.com chilled-windows-95.mp3cielo.co
3 chilled-windows-95.mp3cielo.co chilled-windows-95.mp3cielo.co
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 vianoivernom.com go.lmp3.org
1 widgets.amung.us chilled-windows-95.mp3cielo.co
1 whos.amung.us 1 redirects
1 go.lmp3.org chilled-windows-95.mp3cielo.co
1 fonts.googleapis.com chilled-windows-95.mp3cielo.co
1 www.googletagmanager.com chilled-windows-95.mp3cielo.co
28 11
Subject Issuer Validity Valid
*.mp3cielo.co
E1
2022-10-07 -
2023-01-05
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-07-02 -
2023-07-02
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
edgestatic.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
*.napster.com
Go Daddy Secure Certificate Authority - G2
2021-12-03 -
2023-01-04
a year crt.sh
vianoivernom.com
R3
2022-10-28 -
2023-01-26
3 months crt.sh

This page contains 1 frames:

Primary Page: https://chilled-windows-95.mp3cielo.co/
Frame ID: 105257607146EB73E966AAFA19E70A1C
Requests: 31 HTTP requests in this frame

Screenshot

Page Title

🥇 Chilled windows 95 - Descarga gratuita de mp3 Chilled windows 95 a 320kbps

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

28
Requests

96 %
HTTPS

90 %
IPv6

10
Domains

11
Subdomains

11
IPs

3
Countries

1372 kB
Transfer

1686 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://whos.amung.us/swidget/mp3cieloco HTTP 307
  • https://widgets.amung.us/small/01/129.png

28 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
chilled-windows-95.mp3cielo.co/
260 KB
78 KB
Document
General
Full URL
https://chilled-windows-95.mp3cielo.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9594 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b616000a0c5dedd3090f0eafcc8184c08f17d636b31b12ca4eecc198d2dd3b7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
770ef955a966bb44-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 28 Nov 2022 00:26:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R0j0NAOz%2BedO%2BXkN687K%2Fo%2Bpv%2FH7Q8MgaYTAjnMsyziZDq3ZlfyxyLbq9uo8VVWJQRIVWPlWnp8Iczi09DsPjnJSUgHyNWVYDQMyDoKsxDtec9kGR3wwVbyYYA6h6EOZCpn%2BTisVySIw%2FfXyRhfzH4lptkmbz9d%2BG9K1QEs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
js
www.googletagmanager.com/gtag/
109 KB
43 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-195202272-1
Requested by
Host: chilled-windows-95.mp3cielo.co
URL: https://chilled-windows-95.mp3cielo.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0bbd4b6e0d754a1450df5cd6045d8148b383c053aed294c6d9da90c1d5126642
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chilled-windows-95.mp3cielo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 00:26:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43679
x-xss-protection
0
last-modified
Mon, 28 Nov 2022 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 28 Nov 2022 00:26:46 GMT
truncated
/
12 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfcd9c7a38d13e6867075256c03d11b6cc471a97dfb14850a039ec6ed8e7cb24

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a6dc9cde98dff9628d0a2498a79ec8c2123aaf70e4e7975ade789e32a9105ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
icomoon.ttf
chilled-windows-95.mp3cielo.co/Views/fonts/
5 KB
5 KB
Font
General
Full URL
https://chilled-windows-95.mp3cielo.co/Views/fonts/icomoon.ttf
Requested by
Host: chilled-windows-95.mp3cielo.co
URL: https://chilled-windows-95.mp3cielo.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9594 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1525b7a79d1c6ff5fedb3343819aac65a376d4c0a5a9246c4aa4b091b582b9a4

Request headers

Referer
https://chilled-windows-95.mp3cielo.co/
Origin
https://chilled-windows-95.mp3cielo.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 00:26:46 GMT
cf-cache-status
MISS
last-modified
Fri, 13 Nov 2020 17:24:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5faec168-13f0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=621vtEzY8MwSoO4w4YGQfkHpkUcKqkfkXGCIdze5Rba%2BA0PWBFsD694hwDZteB1rzMZcPg00LBi%2BwTSW6gWcSuwe7SS8ADkkddAYZ2oAC6JAuUlbmVOoR3bfW1AB7wD0NbvPIwMVSCauOkFlHzoSLMIh%2BaxslMMrxl1D1dU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
770ef9595d3ebb44-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5104
css
fonts.googleapis.com/
18 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?display=swap&family=Open+Sans:300,400,600|Roboto:300,400,500|Sriracha|Comfortaa:400
Requested by
Host: chilled-windows-95.mp3cielo.co
URL: https://chilled-windows-95.mp3cielo.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e769444895a698be938ef2a10349bae69f6c3ddba793a34005ba6db83ed571a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chilled-windows-95.mp3cielo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 28 Nov 2022 00:26:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 28 Nov 2022 00:26:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 28 Nov 2022 00:26:46 GMT
ipp.js
go.lmp3.org/js/
2 KB
1 KB
Script
General
Full URL
https://go.lmp3.org/js/ipp.js
Requested by
Host: chilled-windows-95.mp3cielo.co
URL: https://chilled-windows-95.mp3cielo.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:da34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e4f049d14aa7120673e91985c08d0083d6dc3cda50e99c64f57a54169aa28bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chilled-windows-95.mp3cielo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 00:26:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
36233
cf-polished
origSize=2614
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 21 Oct 2022 13:59:08 GMT
server
cloudflare
etag
W/"6352a5ac-a36"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g0a61lv6hrKNn2euFuh4fDY19%2BrbuO5ZWGaxD0WZg4Ki%2B5ZFgKcZ%2FnGSSXr4IIeFL66z9PaR2ZnqPMGzZGY8nzc4Sz6rScLESGoxevV%2Bsv0a1wDd2HOLsWKG6krNw6QuJfZe%2Ft7%2FvnLJFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
770ef959bc4e9b2d-FRA
expires
Mon, 28 Nov 2022 02:22:53 GMT
truncated
/
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
33394c1d9561ba557413557b2c04bc81afd787af5d58b38b80093f7e8dd8bba8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/png
1Pt_g8LJRfWJmhDAuUsSQamb1W0lwk4S4WjMDrMfIA.woff2
fonts.gstatic.com/s/comfortaa/v40/
12 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/comfortaa/v40/1Pt_g8LJRfWJmhDAuUsSQamb1W0lwk4S4WjMDrMfIA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?display=swap&family=Open+Sans:300,400,600|Roboto:300,400,500|Sriracha|Comfortaa:400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7beee22f05326e6b35fe4737c4639433f496bac10e22e2b9ae23068a3d2aba29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://chilled-windows-95.mp3cielo.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 21:32:36 GMT
x-content-type-options
nosniff
age
269650
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12028
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 19:17:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Nov 2023 21:32:36 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?display=swap&family=Open+Sans:300,400,600|Roboto:300,400,500|Sriracha|Comfortaa:400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://chilled-windows-95.mp3cielo.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 19:42:15 GMT
x-content-type-options
nosniff
age
276271
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Nov 2023 19:42:15 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?display=swap&family=Open+Sans:300,400,600|Roboto:300,400,500|Sriracha|Comfortaa:400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://chilled-windows-95.mp3cielo.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 18:50:24 GMT
x-content-type-options
nosniff
age
538582
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 21 Nov 2023 18:50:24 GMT
0nkrC9D4IuYBgWcI9NbfTwE.woff2
fonts.gstatic.com/s/sriracha/v10/
38 KB
38 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sriracha/v10/0nkrC9D4IuYBgWcI9NbfTwE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?display=swap&family=Open+Sans:300,400,600|Roboto:300,400,500|Sriracha|Comfortaa:400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db1683cf0cc2da1e119bcdac1654a3ac5b26bbddd090306189d6c1702c12f0c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://chilled-windows-95.mp3cielo.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 00:30:30 GMT
x-content-type-options
nosniff
age
345376
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39000
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:10:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Nov 2023 00:30:30 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?display=swap&family=Open+Sans:300,400,600|Roboto:300,400,500|Sriracha|Comfortaa:400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://chilled-windows-95.mp3cielo.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 11:59:40 GMT
x-content-type-options
nosniff
age
304026
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Nov 2023 11:59:40 GMT
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/
9 KB
10 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?display=swap&family=Open+Sans:300,400,600|Roboto:300,400,500|Sriracha|Comfortaa:400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://chilled-windows-95.mp3cielo.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 12:01:13 GMT
x-content-type-options
nosniff
age
303933
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9628
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Nov 2023 12:01:13 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?display=swap&family=Open+Sans:300,400,600|Roboto:300,400,500|Sriracha|Comfortaa:400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://chilled-windows-95.mp3cielo.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 20:40:44 GMT
x-content-type-options
nosniff
age
186362
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Nov 2023 20:40:44 GMT
129.png
widgets.amung.us/small/01/
Redirect Chain
  • https://whos.amung.us/swidget/mp3cieloco
  • https://widgets.amung.us/small/01/129.png
327 B
521 B
Image
General
Full URL
https://widgets.amung.us/small/01/129.png
Requested by
Host: chilled-windows-95.mp3cielo.co
URL: https://chilled-windows-95.mp3cielo.co/
Protocol
H2
Server
2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cc87f561fad021b9d250e08f34dc6c45d56c502d9428069b0624b4b3cebce14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chilled-windows-95.mp3cielo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 00:26:47 GMT
cf-cache-status
HIT
last-modified
Sun, 13 Jun 2010 09:48:29 GMT
server
cloudflare
age
1071901
etag
"4c14a96d-147"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
770ef95c1c459b88-FRA
content-length
327
expires
Wed, 16 Nov 2022 14:41:46 GMT

Redirect headers

location
https://widgets.amung.us/small/01/129.png
date
Mon, 28 Nov 2022 00:26:46 GMT
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
770ef95aeac39b88-FRA
content-type
text/html; charset=UTF-8
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-195202272-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chilled-windows-95.mp3cielo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 27 Nov 2022 23:15:54 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
4252
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Mon, 28 Nov 2022 01:15:54 GMT
ajax
chilled-windows-95.mp3cielo.co/
9 KB
3 KB
XHR
General
Full URL
https://chilled-windows-95.mp3cielo.co/ajax
Requested by
Host: chilled-windows-95.mp3cielo.co
URL: https://chilled-windows-95.mp3cielo.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9594 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69db4fdbd3b526c40e3241f27dc95c1b3925226f9f35f6e1a4c9269608f91cc0

Request headers

Accept
*/*
Referer
https://chilled-windows-95.mp3cielo.co/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 28 Nov 2022 00:26:47 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HZ03GcXjQGXpusabcpZ3s%2BOElvXTN7KJm5%2FB72uN3OqqXTysn20Yf2%2B04bo2gn6%2B2T6HswTSzMHEyRDEvGy853o86wlQ8LTkshAaBreQYHxIzv9BbnRz0qd%2BLDSqCUZMObr0S6v8MVyyidKzV4tfBAkXDPE7VOCAvhAKQCs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
770ef95ad83fbbe3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sddefault.jpg
i.ytimg.com/vi/YlNcClyw8qY/
42 KB
42 KB
Image
General
Full URL
https://i.ytimg.com/vi/YlNcClyw8qY/sddefault.jpg
Requested by
Host: chilled-windows-95.mp3cielo.co
URL: https://chilled-windows-95.mp3cielo.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1608d736c864ce3805a2aa64aa9bc13c6c57b989ebbaca9b90bd6f1918a5706
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chilled-windows-95.mp3cielo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 00:26:46 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42908
x-xss-protection
0
server
sffe
etag
"0"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 28 Nov 2022 02:26:46 GMT
633x422.jpg
api.napster.com/imageserver/v2/artists/art.307685811/images/
107 KB
107 KB
Image
General
Full URL
https://api.napster.com/imageserver/v2/artists/art.307685811/images/633x422.jpg
Requested by
Host: chilled-windows-95.mp3cielo.co
URL: https://chilled-windows-95.mp3cielo.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::745 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
509fb5fff826701251049115f92338317048344886820370cacc39358030cd50
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chilled-windows-95.mp3cielo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-cache-hits
0, 0
strict-transport-security
max-age=300
via
1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
date
Mon, 28 Nov 2022 00:26:47 GMT
age
21267
x-cache
HIT, MISS, MISS
content-length
109136
x-served-by
cache-bfi-krnt7300060-BFI, cache-hhn4040-HHN
server
Apache-Coyote/1.1
x-timer
S1669595207.899094,VS0,VE208
access-control-allow-methods
*
content-type
image/jpg
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public,max-age=1
accept-ranges
bytes
access-control-allow-headers
*
expires
Sun, 11 Dec 2022 18:32:19 GMT
633x422.jpg
api.napster.com/imageserver/v2/artists/art.173205056/images/
136 KB
137 KB
Image
General
Full URL
https://api.napster.com/imageserver/v2/artists/art.173205056/images/633x422.jpg
Requested by
Host: chilled-windows-95.mp3cielo.co
URL: https://chilled-windows-95.mp3cielo.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::745 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
0a2d0d3330a8f371a0ce3fce23d4498c5bfb08e73f52d24eded16867a42029f1
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chilled-windows-95.mp3cielo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-cache-hits
0, 0
strict-transport-security
max-age=300
via
1.1 varnish (Varnish/6.2), 1.1 varnish, 1.1 varnish
date
Mon, 28 Nov 2022 00:26:47 GMT
age
42306
x-cache
HIT, MISS, MISS
content-length
139534
x-served-by
cache-bfi-krnt7300035-BFI, cache-hhn4040-HHN
server
Apache-Coyote/1.1
x-timer
S1669595207.899341,VS0,VE386
access-control-allow-methods
*
content-type
image/jpg
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public,max-age=1
accept-ranges
bytes
access-control-allow-headers
*
expires
Sun, 11 Dec 2022 12:41:40 GMT
633x422.jpg
api.napster.com/imageserver/v2/artists/art.261679027/images/
244 KB
245 KB
Image
General
Full URL
https://api.napster.com/imageserver/v2/artists/art.261679027/images/633x422.jpg
Requested by
Host: chilled-windows-95.mp3cielo.co
URL: https://chilled-windows-95.mp3cielo.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::745 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
282013b046999f421f1b3584a95356557aa498692a24b9ab9a39e5ecee044296
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chilled-windows-95.mp3cielo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-cache-hits
0, 0
strict-transport-security
max-age=300
via
1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
date
Mon, 28 Nov 2022 00:26:47 GMT
age
65289
x-cache
HIT, MISS, MISS
content-length
250158
x-served-by
cache-bfi-krnt7300102-BFI, cache-hhn4040-HHN
server
Apache-Coyote/1.1
x-timer
S1669595207.899324,VS0,VE205
access-control-allow-methods
*
content-type
image/jpg
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public,max-age=1
accept-ranges
bytes
access-control-allow-headers
*
expires
Sun, 11 Dec 2022 06:18:37 GMT
633x422.jpg
api.napster.com/imageserver/v2/artists/art.176567527/images/
183 KB
184 KB
Image
General
Full URL
https://api.napster.com/imageserver/v2/artists/art.176567527/images/633x422.jpg
Requested by
Host: chilled-windows-95.mp3cielo.co
URL: https://chilled-windows-95.mp3cielo.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::745 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
fa688eb6d8219d638c9d877aaee891494e1bc50bbdb1bec32112d232ca5e26ce
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chilled-windows-95.mp3cielo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-cache-hits
0, 0
strict-transport-security
max-age=300
via
1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
date
Mon, 28 Nov 2022 00:26:47 GMT
age
65361
x-cache
HIT, MISS, MISS
content-length
187576
x-served-by
cache-bfi-krnt7300092-BFI, cache-hhn4040-HHN
server
Apache-Coyote/1.1
x-timer
S1669595207.899303,VS0,VE196
access-control-allow-methods
*
content-type
image/jpg
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public,max-age=1
accept-ranges
bytes
access-control-allow-headers
*
expires
Sun, 11 Dec 2022 06:17:25 GMT
633x422.jpg
api.napster.com/imageserver/v2/artists/art.6843642/images/
150 KB
150 KB
Image
General
Full URL
https://api.napster.com/imageserver/v2/artists/art.6843642/images/633x422.jpg
Requested by
Host: chilled-windows-95.mp3cielo.co
URL: https://chilled-windows-95.mp3cielo.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::745 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
e8c4df856a2bbea31da1f593151755e384324361b0fdcdceaac1b03809838446
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chilled-windows-95.mp3cielo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-cache-hits
0, 0
strict-transport-security
max-age=300
via
1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
date
Mon, 28 Nov 2022 00:26:47 GMT
age
71945
x-cache
HIT, MISS, MISS
content-length
153237
x-served-by
cache-bfi-krnt7300079-BFI, cache-hhn4040-HHN
server
Apache-Coyote/1.1
x-timer
S1669595207.899507,VS0,VE206
access-control-allow-methods
*
content-type
image/jpg
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public,max-age=1
accept-ranges
bytes
access-control-allow-headers
*
expires
Sun, 11 Dec 2022 04:27:41 GMT
633x422.jpg
api.napster.com/imageserver/v2/artists/art.7375005/images/
173 KB
174 KB
Image
General
Full URL
https://api.napster.com/imageserver/v2/artists/art.7375005/images/633x422.jpg
Requested by
Host: chilled-windows-95.mp3cielo.co
URL: https://chilled-windows-95.mp3cielo.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::745 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
32a886ef1727dd03b9dbf4001a6f0fc5811561de0eddef3e3b9182da753a6ddf
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chilled-windows-95.mp3cielo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-cache-hits
0, 0
strict-transport-security
max-age=300
via
1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
date
Mon, 28 Nov 2022 00:26:47 GMT
age
48430
x-cache
HIT, MISS, MISS
content-length
177486
x-served-by
cache-bfi-krnt7300069-BFI, cache-hhn4040-HHN
server
Apache-Coyote/1.1
x-timer
S1669595207.899498,VS0,VE228
access-control-allow-methods
*
content-type
image/jpg
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public,max-age=1
accept-ranges
bytes
access-control-allow-headers
*
expires
Sun, 11 Dec 2022 10:59:36 GMT
mqdefault.jpg
i.ytimg.com/vi/nhrlpL-71fI/
10 KB
10 KB
Image
General
Full URL
https://i.ytimg.com/vi/nhrlpL-71fI/mqdefault.jpg
Requested by
Host: chilled-windows-95.mp3cielo.co
URL: https://chilled-windows-95.mp3cielo.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc951f5d757f6fee51024b8f9ac9d0abc7878dd8b5a3ed1701ea1de86796f384
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chilled-windows-95.mp3cielo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 00:26:46 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10046
x-xss-protection
0
server
sffe
etag
"1645737140"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 28 Nov 2022 02:26:46 GMT
mqdefault.jpg
i.ytimg.com/vi/3VvPeWtdReQ/
4 KB
4 KB
Image
General
Full URL
https://i.ytimg.com/vi/3VvPeWtdReQ/mqdefault.jpg
Requested by
Host: chilled-windows-95.mp3cielo.co
URL: https://chilled-windows-95.mp3cielo.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aca6c30d74e699e92112c9576adb2e857835eb95899c0d5c3b5b1e0311440f33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chilled-windows-95.mp3cielo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 00:26:46 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4475
x-xss-protection
0
server
sffe
etag
"1620993963"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 28 Nov 2022 02:26:46 GMT
mqdefault.jpg
i.ytimg.com/vi/MP71w9FqM2Q/
8 KB
8 KB
Image
General
Full URL
https://i.ytimg.com/vi/MP71w9FqM2Q/mqdefault.jpg
Requested by
Host: chilled-windows-95.mp3cielo.co
URL: https://chilled-windows-95.mp3cielo.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19ff94fb896c5e5b6a8fd83b1f2d8e94f3d33ed10a05cad55c1a80790b11c64c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chilled-windows-95.mp3cielo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 00:26:46 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7960
x-xss-protection
0
server
sffe
etag
"0"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 28 Nov 2022 02:26:46 GMT
collect
www.google-analytics.com/j/
1 B
21 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=424830130&t=pageview&_s=1&dl=https%3A%2F%2Fchilled-windows-95.mp3cielo.co%2F&ul=en-us&de=UTF-8&dt=%F0%9F%A5%87%20Chilled%20windows%2095%20-%20Descarga%20gratuita%20de%20mp3%20Chilled%20windows%2095%20a%20320kbps&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=857571603&gjid=879434044&cid=1666571242.1669595207&tid=UA-195202272-1&_gid=590314049.1669595207&_r=1&gtm=2oub90&z=855851749
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://chilled-windows-95.mp3cielo.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 00:26:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://chilled-windows-95.mp3cielo.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/
10 KB
10 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?display=swap&family=Open+Sans:300,400,600|Roboto:300,400,500|Sriracha|Comfortaa:400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://chilled-windows-95.mp3cielo.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 11:52:14 GMT
x-content-type-options
nosniff
age
218073
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9840
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Nov 2023 11:52:14 GMT
4877159
vianoivernom.com/400/
0
356 B
Script
General
Full URL
https://vianoivernom.com/400/4877159
Requested by
Host: go.lmp3.org
URL: https://go.lmp3.org/js/ipp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chilled-windows-95.mp3cielo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-trace-id
10907c0c0b8b11cb92f19154af60bf30
pragma
no-cache
date
Mon, 28 Nov 2022 00:26:48 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
vary
Origin
access-control-allow-origin
*
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer function| _extends function| _typeof function| $ function| jQuery function| LazyLoad function| _gh function| addWhosImage function| addScript function| setCookie function| getCookie string| siteid object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady number| DPR object| _LAZY object| gaplugins object| gaGlobal object| gaData string| publicResponse

3 Cookies

Domain/Path Name / Value
.mp3cielo.co/ Name: _ga
Value: GA1.2.1666571242.1669595207
.mp3cielo.co/ Name: _gid
Value: GA1.2.590314049.1669595207
.mp3cielo.co/ Name: _gat_gtag_UA_195202272_1
Value: 1

1 Console Messages

Source Level URL
Text
security error URL: https://chilled-windows-95.mp3cielo.co/
Message:
Refused to execute script from 'https://vianoivernom.com/400/4877159' because its MIME type ('') is not executable, and strict MIME type checking is enabled.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.napster.com
chilled-windows-95.mp3cielo.co
fonts.googleapis.com
fonts.gstatic.com
go.lmp3.org
i.ytimg.com
vianoivernom.com
whos.amung.us
widgets.amung.us
www.google-analytics.com
www.googletagmanager.com
139.45.197.237
2606:4700:10::ac43:88d
2606:4700:3036::ac43:da34
2606:4700:3037::ac43:9594
2a00:1450:4001:803::2008
2a00:1450:4001:80b::2016
2a00:1450:4001:827::2003
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::200a
2a04:4e42:200::745
0a2d0d3330a8f371a0ce3fce23d4498c5bfb08e73f52d24eded16867a42029f1
0bbd4b6e0d754a1450df5cd6045d8148b383c053aed294c6d9da90c1d5126642
1525b7a79d1c6ff5fedb3343819aac65a376d4c0a5a9246c4aa4b091b582b9a4
19ff94fb896c5e5b6a8fd83b1f2d8e94f3d33ed10a05cad55c1a80790b11c64c
282013b046999f421f1b3584a95356557aa498692a24b9ab9a39e5ecee044296
2b616000a0c5dedd3090f0eafcc8184c08f17d636b31b12ca4eecc198d2dd3b7
32a886ef1727dd03b9dbf4001a6f0fc5811561de0eddef3e3b9182da753a6ddf
33394c1d9561ba557413557b2c04bc81afd787af5d58b38b80093f7e8dd8bba8
3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
509fb5fff826701251049115f92338317048344886820370cacc39358030cd50
5a6dc9cde98dff9628d0a2498a79ec8c2123aaf70e4e7975ade789e32a9105ca
69db4fdbd3b526c40e3241f27dc95c1b3925226f9f35f6e1a4c9269608f91cc0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7beee22f05326e6b35fe4737c4639433f496bac10e22e2b9ae23068a3d2aba29
7e4f049d14aa7120673e91985c08d0083d6dc3cda50e99c64f57a54169aa28bd
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8cc87f561fad021b9d250e08f34dc6c45d56c502d9428069b0624b4b3cebce14
aca6c30d74e699e92112c9576adb2e857835eb95899c0d5c3b5b1e0311440f33
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1608d736c864ce3805a2aa64aa9bc13c6c57b989ebbaca9b90bd6f1918a5706
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
db1683cf0cc2da1e119bcdac1654a3ac5b26bbddd090306189d6c1702c12f0c5
dc951f5d757f6fee51024b8f9ac9d0abc7878dd8b5a3ed1701ea1de86796f384
dfcd9c7a38d13e6867075256c03d11b6cc471a97dfb14850a039ec6ed8e7cb24
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e769444895a698be938ef2a10349bae69f6c3ddba793a34005ba6db83ed571a6
e8c4df856a2bbea31da1f593151755e384324361b0fdcdceaac1b03809838446
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fa688eb6d8219d638c9d877aaee891494e1bc50bbdb1bec32112d232ca5e26ce