urlscan.io logo urlscan.io
SecurityTrails logo

mp3-tut.click Open in urlscan Pro
185.182.193.7  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://mp3-tut.click/
Effective URL: https://mp3-tut.click/
Submission Tags: tranco_l324
Submission: On November 21 via api from DE — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 9 domains to perform 24 HTTP transactions. The main IP is 185.182.193.7, located in Naaldwijk, Netherlands and belongs to WORLDSTREAM, NL. The main domain is mp3-tut.click.
TLS certificate: Issued by R3 on November 9th 2021. Valid for: 3 months.
This is the only time mp3-tut.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

6    185.182.193.7 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 185-182-193-7.hosted-by-worldstream.net
mp3-tut.click
6    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    195.201.81.219 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.219.81.201.195.clients.your-server.de
c.killtarget.biz
2    46.4.172.146 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.146.172.4.46.clients.your-server.de
prolala.info
2    88.212.201.198 (Russian Federation)

ASN39134 (UNITEDNET, RU)
counter.yadro.ru
2    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.nl
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Domain Requested by
6 pagead2.googlesyndication.com mp3-tut.click
pagead2.googlesyndication.com
tpc.googlesyndication.com
6 mp3-tut.click 1 redirects mp3-tut.click
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 counter.yadro.ru 1 redirects mp3-tut.click
2 prolala.info mp3-tut.click
2 c.killtarget.biz mp3-tut.click
c.killtarget.biz
1 www.google.com tpc.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.nl pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
24 11

This site contains no links.

Subject Issuer Validity Valid
mp3-tut.click
R3		 2021-11-09 -
2022-02-07		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
c.killtarget.biz
R3		 2021-10-10 -
2022-01-08		 3 months crt.sh
prolala.info
R3		 2021-09-07 -
2021-12-06		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.google.nl
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://mp3-tut.click/
Frame ID: 7735B252EF1219AD3EB09267E1F59B3D
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html
Frame ID: 6AEE9D8237224C20B427B131E724E0CF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4287935231942730&output=html&adk=1812271804&adf=3025194257&lmt=1637461504&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmp3-tut.click%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637461504059&bpp=3&bdt=169&idt=81&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2821969296098&frm=20&pv=2&ga_vid=1023358445.1637461504&ga_sid=1637461504&ga_hid=2117184722&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428&oid=2&pvsid=3070198949876299&pem=785&tmod=688083386&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=99
Frame ID: 35F4DC10D6CFCDC576CAA86A376B81FD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 2321D207300B7C2BA2DC242ECAFA47DF
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F1C5A156B5CE7D32C9938B02BD2530A6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Самые популярные mp3 песни российских и зарубежных исполнителей на сегодняшний деньМеню

Page URL History Show full URLs

  1. http://mp3-tut.click/ HTTP 301
    https://mp3-tut.click/ Page URL

Page Statistics

24
Requests

96 %
HTTPS

55 %
IPv6

9
Domains

11
Subdomains

12
IPs

4
Countries

387 kB
Transfer

1191 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://mp3-tut.click/ HTTP 301
    https://mp3-tut.click/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//mp3-tut.click/;0.22248974307975877 HTTP 302
  • https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//mp3-tut.click/;0.22248974307975877

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
mp3-tut.click/
Redirect Chain
  • http://mp3-tut.click/
  • https://mp3-tut.click/
77 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mp3-tut.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.193.7 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-182-193-7.hosted-by-worldstream.net
Software
nginx/1.14.1 / PHP/7.3.31
Resource Hash
88bccbbd31f7ce565fe49d8e2db95cac535696516c30ee09c6b5914589312f17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx/1.14.1
date
Sun, 21 Nov 2021 02:25:03 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.3.31
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
strict-transport-security
max-age=31536000;
content-encoding
gzip

Redirect headers

Server
nginx/1.14.1
Date
Sun, 21 Nov 2021 02:25:03 GMT
Content-Type
text/html
Content-Length
185
Connection
keep-alive
Location
https://mp3-tut.click:443/
all-3c99516aaa47fa3ddfe88ff7c77e8172.css
mp3-tut.click/compressed/ 		209 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mp3-tut.click/compressed/all-3c99516aaa47fa3ddfe88ff7c77e8172.css?v=1624782656
Requested by
Host: mp3-tut.click
URL: https://mp3-tut.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.193.7 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-182-193-7.hosted-by-worldstream.net
Software
nginx/1.14.1 /
Resource Hash
bb4abef022afa9fed45917c6f097ab0f6a5fce4da24b58c4775312a23e7a23dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://mp3-tut.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 21 Nov 2021 02:25:03 GMT
content-encoding
gzip
last-modified
Sun, 27 Jun 2021 08:30:56 GMT
server
nginx/1.14.1
etag
W/"60d83740-344a8"
strict-transport-security
max-age=31536000;
content-type
text/css
cache-control
max-age=2592000
expires
Tue, 21 Dec 2021 02:25:03 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: mp3-tut.click
URL: https://mp3-tut.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
569fb71662840dd19b7b7c9a3dca12f01a93490ce9e3a9460dc48001200586b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://mp3-tut.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 21 Nov 2021 02:25:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51181
x-xss-protection
0
server
cafe
etag
5034890575459909190
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 21 Nov 2021 02:25:03 GMT
all-f2ad38241e8c7911f2e912e959bb899f.js
mp3-tut.click/compressed/ 		301 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mp3-tut.click/compressed/all-f2ad38241e8c7911f2e912e959bb899f.js?v=1624782654
Requested by
Host: mp3-tut.click
URL: https://mp3-tut.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.193.7 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-182-193-7.hosted-by-worldstream.net
Software
nginx/1.14.1 /
Resource Hash
e0b464a7cbd4984aba7fedab7119db8caeb76a668939b6602e13e5bd6a738dae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://mp3-tut.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 21 Nov 2021 02:25:03 GMT
content-encoding
gzip
last-modified
Sun, 27 Jun 2021 08:30:54 GMT
server
nginx/1.14.1
etag
W/"60d8373e-4b4b8"
strict-transport-security
max-age=31536000;
content-type
application/javascript
cache-control
max-age=2592000
expires
Tue, 21 Dec 2021 02:25:03 GMT
main
c.killtarget.biz/get-code/ 		82 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.killtarget.biz/get-code/main?id=0a2522708b00b301741a19da55ca440d
Requested by
Host: mp3-tut.click
URL: https://mp3-tut.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.81.219 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.219.81.201.195.clients.your-server.de
Software
nginx/1.14.1 / PHP/7.4.11
Resource Hash
e048f3269cf140bd87c5546e4a35e360fe9e87156a05e52eccf5df76f373056f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://mp3-tut.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 21 Nov 2021 02:25:04 GMT
content-encoding
gzip
server
nginx/1.14.1
content-type
text/javascript;charset=UTF-8
x-powered-by
PHP/7.4.11
strict-transport-security
max-age=31536000;
expires
Sun, 21 Nov 2021 08:25:04 GMT
i.php
prolala.info/mp/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prolala.info/mp/i.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.4.172.146 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.146.172.4.46.clients.your-server.de
Software
nginx/1.12.2 / PHP/7.1.33
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-requested-with
Origin
https://mp3-tut.click
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.12.2
date
Sun, 21 Nov 2021 02:25:04 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.1.33
access-control-allow-origin
*
access-control-allow-headers
X-Requested-With
strict-transport-security
max-age=31536000;
content-encoding
gzip
hit
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//mp3-tut.click/;0.22248974307975877
  • https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//mp3-tut.click/;0.22248974307975877
43 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//mp3-tut.click/;0.22248974307975877
Requested by
Host: mp3-tut.click
URL: https://mp3-tut.click/
Protocol
HTTP/1.1
Server
88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://mp3-tut.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Nov 2021 02:25:13 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Nov 2020 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 21 Nov 2021 02:25:13 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//mp3-tut.click/;0.22248974307975877
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Fri, 20 Nov 2020 21:00:00 GMT
i.php
prolala.info/mp/ 		0
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prolala.info/mp/i.php
Requested by
Host: mp3-tut.click
URL: https://mp3-tut.click/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.4.172.146 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.146.172.4.46.clients.your-server.de
Software
nginx/1.12.2 / PHP/7.1.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://mp3-tut.click/
X-Requested-With
XMLHttpRequest
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 21 Nov 2021 02:25:04 GMT
content-encoding
gzip
server
nginx/1.12.2
x-powered-by
PHP/7.1.33
strict-transport-security
max-age=31536000;
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-allow-headers
X-Requested-With
truncated
/ 		869 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7f7526748a62254f26fbc75427563305114440bc6ab6498231ec36674802effa

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
logo.png
mp3-tut.click/style/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mp3-tut.click/style/logo.png
Requested by
Host: mp3-tut.click
URL: https://mp3-tut.click/compressed/all-3c99516aaa47fa3ddfe88ff7c77e8172.css?v=1624782656
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.193.7 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-182-193-7.hosted-by-worldstream.net
Software
nginx/1.14.1 /
Resource Hash
684196fda614f968421886304d734034f14cf44b5c4542851c0e4e3b08a190cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://mp3-tut.click/compressed/all-3c99516aaa47fa3ddfe88ff7c77e8172.css?v=1624782656
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 21 Nov 2021 02:25:03 GMT
last-modified
Sun, 16 Dec 2018 16:19:01 GMT
server
nginx/1.14.1
etag
"5c167af5-58e"
strict-transport-security
max-age=31536000;
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1422
expires
Tue, 21 Dec 2021 02:25:03 GMT
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a85e2225a0afa9300b8f9dcf4104cd67bb60514df1cd610c1301ce9a80c6b92c

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1010 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2fc64e5cdf82ea156cdaf6bd11bda2589e45b4d63377ab11317b03197803eaf2

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
spritesheet.png
mp3-tut.click/style/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mp3-tut.click/style/spritesheet.png
Requested by
Host: mp3-tut.click
URL: https://mp3-tut.click/compressed/all-3c99516aaa47fa3ddfe88ff7c77e8172.css?v=1624782656
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.193.7 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-182-193-7.hosted-by-worldstream.net
Software
nginx/1.14.1 /
Resource Hash
0c8c75009ed86fe653d9e0a39af04b99032178f7f61a131350ec4115a0548df8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://mp3-tut.click/compressed/all-3c99516aaa47fa3ddfe88ff7c77e8172.css?v=1624782656
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 21 Nov 2021 02:25:03 GMT
last-modified
Fri, 22 Dec 2017 15:38:33 GMT
server
nginx/1.14.1
etag
"5a3d26f9-2efb"
strict-transport-security
max-age=31536000;
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
12027
expires
Tue, 21 Dec 2021 02:25:03 GMT
truncated
/ 		505 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
283cb65b783affa3e3151683266785080f23d15a1b233ea32cf4ad3f993bcc9b

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		483 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e51df78f5fe6f8621aefa122d9739a10c1a86589036a8257deaebf5c87a40a36

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/ 		270 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4287935231942730&plah=mp3-tut.click
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3dd57d8e39b28345e42295e2fce6ee0261a1ffbc11fe5e424cab04e89ae74b83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://mp3-tut.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 21 Nov 2021 02:25:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99573
x-xss-protection
0
server
cafe
etag
10585044419916002848
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 21 Nov 2021 02:25:04 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/ Frame 6AEE 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://mp3-tut.click/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sat, 20 Nov 2021 06:55:30 GMT
expires
Sat, 04 Dec 2021 06:55:30 GMT
content-type
text/html; charset=UTF-8
etag
16478831307880631077
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4883
x-xss-protection
0
age
70174
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
declined
c.killtarget.biz/notify/ 		0
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.killtarget.biz/notify/declined?site_hash=0a2522708b00b301741a19da55ca440d
Requested by
Host: c.killtarget.biz
URL: https://c.killtarget.biz/get-code/main?id=0a2522708b00b301741a19da55ca440d
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.81.219 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.219.81.201.195.clients.your-server.de
Software
nginx/1.14.1 / PHP/7.4.11
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://mp3-tut.click/
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Sun, 21 Nov 2021 02:25:04 GMT
content-encoding
gzip
server
nginx/1.14.1
x-powered-by
PHP/7.4.11
strict-transport-security
max-age=31536000;
content-type
text/html; charset=UTF-8
cookie.js
partner.googleadservices.com/gampad/ 		203 B
639 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=mp3-tut.click&callback=_gfp_s_&client=ca-pub-4287935231942730
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4287935231942730&plah=mp3-tut.click
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
230bab318e0f5e78b6197c8f15ddb19148ef5ab1d33e229e274123a12f73fded
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://mp3-tut.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 21 Nov 2021 02:25:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
194
x-xss-protection
0
integrator.js
adservice.google.nl/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=mp3-tut.click
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4287935231942730&plah=mp3-tut.click
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://mp3-tut.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Nov 2021 02:25:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=mp3-tut.click
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4287935231942730&plah=mp3-tut.click
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://mp3-tut.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Nov 2021 02:25:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 35F4 		603 B
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4287935231942730&output=html&adk=1812271804&adf=3025194257&lmt=1637461504&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmp3-tut.click%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637461504059&bpp=3&bdt=169&idt=81&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2821969296098&frm=20&pv=2&ga_vid=1023358445.1637461504&ga_sid=1637461504&ga_hid=2117184722&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428&oid=2&pvsid=3070198949876299&pem=785&tmod=688083386&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=99
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4287935231942730&plah=mp3-tut.click
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://mp3-tut.click/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 21 Nov 2021 02:25:04 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/getconfig/ 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211111&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4287935231942730&plah=mp3-tut.click
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
609f5dce45e051d640d5de73d0bce30790fb634822ffe68d521f3894054692c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://mp3-tut.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Nov 2021 02:25:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9145
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4287935231942730&plah=mp3-tut.click
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://mp3-tut.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 21 Nov 2021 02:25:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sun, 21 Nov 2021 02:25:04 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 2321 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://mp3-tut.click/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Sat, 20 Nov 2021 19:21:24 GMT
expires
Sun, 20 Nov 2022 19:21:24 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
25420
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame F1C5 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
76234dcb7c58524f12c3ea7b4568f21a85861f974f48df43581ea97305c3397a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ejDysgjvz26QFK+YaXB2vg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://mp3-tut.click/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sun, 21 Nov 2021 02:25:04 GMT
date
Sun, 21 Nov 2021 02:25:04 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-ejDysgjvz26QFK+YaXB2vg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
pagead2.googlesyndication.com/bg/ Frame 2321 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 20 Nov 2021 18:32:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
28327
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13332
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 20 Nov 2022 18:32:57 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame F1C5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211111&jk=3070198949876299&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211111&jk=3070198949876299&bg=!ra6lrurNAAZQLpa_UC47ACkAdvg8WpevhhBdf0vvGjPhGEQ6LBY-D6UELiYOpXBQJzAOkdMjSSVAGgIAAABbUgAAAApoAQcKAEQTouaFNIP9kWpqdoD1-UE9B5ilAw0L9fy6YO918u8OEP5oXfyWCE42EZJ20gE-kp6qQ2R2T25rFdceUFkCLe4m0xpqSZkCiC_JCHymXTUVh056yM8DRHShgBNFRGDKd5YkSJJwMyqPG6iWBldCdYw7Uv0ktplGpS7ETnTg6TZA2fUASeUOQnvIB2rCpaTXNJMmoh2Ud8QtvU8kip9S_i4uIsNvrm3clEdzn-NcD969Ta3pIiWC-tIs9IYWXlByBCO5aR0RVlLkgM7Es1u9sBWhsXjyZL1YbwsSRz3Oz5NsbIoNnyA8O4nXSFzgvNLcaOmU7A18_08agu8ZSLekmGzMQTdAw9gYsOtO3JaTEQCaXN0ZRxJeFA8vxHVGErenZFREMJxHFRdPg7dmKo7w3r6FfqDoY-xt0-9Z_QivqhjiHwCwhHVQDito-akfsoBDuH-nYdM3OiaHpvV0bU4C3MT8_vkCKAasHzza7Z_VFS1sBVaX_ROcPNfQNcy2OTlcZCB5mTn4zzSdsxTqeSAq6pcVWL8e2o2rH7tPXFfzd5uqb953vhfUgU0NndXudNFqwbzXB4YJuF9xsIKCKDn4x3JyoAb68FKNVmUVYjQ9owc0PvRqGisZ87fDa47p_NKmo5czdxjNHhFp0f6DxBR1ME5k5M23kCRvHZBjiOy20idHigc95JW5naMTbT_UxmPOQye1xE1M7tXYhvUnAsbo1PLL8f-EbdBmOfpvyyxuqRl-1xGqLDjRB99qgiGjF-tZyXmf4F2P9Yqb_3cKUY9PsL9vIR8QD3rd_n7zTLJqGw6xCTKG-yOFQCd2E3N2exRRSPHQYeBkHE_7gVl5MH1ZRkuExM4IES7cNjIStQTbgb8H_lZht-Bc4iqRPuhAcY_3g_3VAY4yhBdsYAvf_57xjaUzx50JHWTRXOJ2tzmKs33qO46LrAGHyyp3FdIlg5lblA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://mp3-tut.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Nov 2021 02:25:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| adsbygoogle string| mainDomainUrl function| gns_ajax object| $jscomp function| insertJsonIntoSoundManager function| insertEntriesIntoSoundManager function| launchUserPlaylistWithData function| deleteUserPlaylistQueue function| findSoundManagerAudioIndex function| markUserPlaylistActive function| showNotifier function| $ function| jQuery object| yii function| SoundManager object| soundManager object| sm2BarPlayers object| sm2BarPlayerOptions function| SM2BarPlayer object| UserPlaylistManager object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint object| messaging function| showBackdrop function| hideBackdrop function| ktLogo function| KT_FP_Show function| KTShowSubscribe function| sendTokenToServer function| isTokenSentToServer function| setTokenSentToServer object| core object| __core-js_shared__ object| firebase function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| json_data string| additional_prop function| showNotification function| UniversalModalGetID function| updateUniversalModalClose function| updateUniversalModalText function| updateUniversalModalByUrl function| updateUniversalModalFooter object| GoogleGcLKhOms object| google_image_requests

7 Cookies

Domain/Path Name / Value
mp3-tut.click/ Name: PHPSESSID
Value: edd6d822865bd54264d970893b1c6e8d
mp3-tut.click/ Name: _csrf
Value: 89da4d9ed27a93e0e589279a3cec002ba845619bae97d7f8643d06bdf694ef95a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22nEOtM4FsyxW4ZKhMAl_WjLHCucgLO0xl%22%3B%7D
c.killtarget.biz/ Name: code_already_asked_1
Value: 453c630512664f08d6d173057ed78066f3644070c205f4d2125bc0f347f5aa21a%3A2%3A%7Bi%3A0%3Bs%3A20%3A%22code_already_asked_1%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D
.yadro.ru/ Name: FTID
Value: 1XcQu901PeuC1XcQu90018yu
.yadro.ru/ Name: VID
Value: 0CgCUJ0oth8C1XcQu90018zp
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.mp3-tut.click/ Name: __gads
Value: ID=f9ed6ff5806eb1ba-2292ba03e4cb00d0:T=1637461504:RT=1637461504:S=ALNI_MZT_v7dHMFuP3-d2pCwDLyNK7qtUw

1 Console Messages

Source Level URL
Text
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4287935231942730&output=html&adk=1812271804&adf=3025194257&lmt=1637461504&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmp3-tut.click%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637461504059&bpp=3&bdt=169&idt=81&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2821969296098&frm=20&pv=2&ga_vid=1023358445.1637461504&ga_sid=1637461504&ga_hid=2117184722&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428&oid=2&pvsid=3070198949876299&pem=785&tmod=688083386&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=99
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.nl
c.killtarget.biz
counter.yadro.ru
googleads.g.doubleclick.net
mp3-tut.click
pagead2.googlesyndication.com
partner.googleadservices.com
prolala.info
tpc.googlesyndication.com
www.google.com
142.250.186.98
185.182.193.7
195.201.81.219
2a00:1450:4001:80f::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::2004
2a00:1450:4001:829::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2002
46.4.172.146
88.212.201.198
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed
0c8c75009ed86fe653d9e0a39af04b99032178f7f61a131350ec4115a0548df8
230bab318e0f5e78b6197c8f15ddb19148ef5ab1d33e229e274123a12f73fded
283cb65b783affa3e3151683266785080f23d15a1b233ea32cf4ad3f993bcc9b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2fc64e5cdf82ea156cdaf6bd11bda2589e45b4d63377ab11317b03197803eaf2
3dd57d8e39b28345e42295e2fce6ee0261a1ffbc11fe5e424cab04e89ae74b83
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
569fb71662840dd19b7b7c9a3dca12f01a93490ce9e3a9460dc48001200586b0
5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274
609f5dce45e051d640d5de73d0bce30790fb634822ffe68d521f3894054692c5
684196fda614f968421886304d734034f14cf44b5c4542851c0e4e3b08a190cb
76234dcb7c58524f12c3ea7b4568f21a85861f974f48df43581ea97305c3397a
7f7526748a62254f26fbc75427563305114440bc6ab6498231ec36674802effa
88bccbbd31f7ce565fe49d8e2db95cac535696516c30ee09c6b5914589312f17
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a85e2225a0afa9300b8f9dcf4104cd67bb60514df1cd610c1301ce9a80c6b92c
bb4abef022afa9fed45917c6f097ab0f6a5fce4da24b58c4775312a23e7a23dd
e048f3269cf140bd87c5546e4a35e360fe9e87156a05e52eccf5df76f373056f
e0b464a7cbd4984aba7fedab7119db8caeb76a668939b6602e13e5bd6a738dae
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51df78f5fe6f8621aefa122d9739a10c1a86589036a8257deaebf5c87a40a36