mp3snow.com Open in urlscan Pro
172.67.166.107  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response mp3snow.com/	76 KB 23 KB	121ms 90ms	Document text/html	172.67.166.107 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://mp3snow.com/ Protocol HTTP/1.1 Server 172.67.166.107 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fdc00c65368d1706f6bfd1854373792931a726e05d445ad8ecc6484f748135f8 Request headers Host mp3snow.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Date Fri, 17 Sep 2021 20:51:02 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive CF-Ray 690535d2be704108-PRG Cache-Control public, max-age=3600 Link </source/ui.min.js?v=60a5112e>; rel=preload; as=script; CF-Cache-Status DYNAMIC Expect-CT max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" process-time 2ms Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ve7v08hFRGOMLklAFnWCYlP7IC2QxaQgOVM1dQGZJvZbKOF%2BCKxNkQ%2BXyOpmM5Fdjhk293dg0px%2FfMq9IhdyL%2BK47LgY%2BqJ%2FJZpwDCUQrtNHrI6lxeGl%2B9tl%2FHuVpg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary Accept-Encoding Server cloudflare Content-Encoding gzip alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H/1.1	200 OK	ui.min.js Show response mp3snow.com/source/	102 KB 43 KB	36ms 28ms	Script application/javascript	172.67.166.107 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://mp3snow.com/source/ui.min.js?v=60a5112e Protocol HTTP/1.1 Server 172.67.166.107 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 778a795b52ab265e6c2c67805eb19dedcb1d5d3ecb65983c6437202491a14337 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host mp3snow.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept */* Referer http://mp3snow.com/ Connection keep-alive Cache-Control no-cache Accept-Language de-DE,de;q=0.9 Referer http://mp3snow.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Fri, 17 Sep 2021 20:51:02 GMT Content-Encoding gzip CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 10481162 Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 cf-request-id 0a266622ec000027904990b000000001 Last-Modified Wed, 19 May 2021 13:22:54 GMT Server cloudflare ETag W/"60a5112e-199fd" Expect-CT max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d4ofMzThQG1DtbNch5m1X88xY5TqsCdW66pGp6uPOmNnQ14V4Wb6urSAhuL3iqeSwwOt799rInL%2BOtlcCerZoy5Z9ok2VhtjdO%2FmAIsBG0T1LPVlsWxzOgT0NYG8%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=31536000 CF-Ray 690535d35f4f4108-PRG Expires Thu, 19 May 2022 13:25:00 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	127 KB 50 KB	50ms 26ms	Script application/javascript	142.250.186.72 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-4F566V84YJ Requested by Host: mp3snow.com URL: http://mp3snow.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.72 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f8.1e100.net Software Google Tag Manager / Resource Hash 23366f52fd20237262211b2ecc856e68a47b74d4982a3d879c05b22633ba9ac6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://mp3snow.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 17 Sep 2021 20:51:02 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 51134 x-xss-protection 0 expires Fri, 17 Sep 2021 20:51:02 GMT
GET H/1.1	200 OK	YTDLv4.ttf mp3snow.com/source/fonts/	4 KB 5 KB	38ms 37ms	Font application/octet-stream	172.67.166.107 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://mp3snow.com/source/fonts/YTDLv4.ttf Requested by Host: mp3snow.com URL: http://mp3snow.com/ Protocol HTTP/1.1 Server 172.67.166.107 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5b0beb27fa869dac72d44d0b8928d76d2d89e204b6b77e1479680a31c47fb0bd Request headers Pragma no-cache Origin http://mp3snow.com Accept-Encoding gzip, deflate Host mp3snow.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept */* Cache-Control no-cache Referer http://mp3snow.com/ Connection keep-alive Referer http://mp3snow.com/ Origin http://mp3snow.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Fri, 17 Sep 2021 20:51:02 GMT CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 6916235 Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Content-Length 4196 cf-request-id 0afae2993d000027bceb0dc000000001 Last-Modified Fri, 01 Nov 2019 05:07:09 GMT Server cloudflare ETag "5dbbbd7d-1064" Expect-CT max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GUNZgVUpqSz7CvYkvJ1kcbKoRiPO94CVZ7bkY%2BoDfYEjAGDXncCMBH7ydaafoQnlG%2FgmXNDcN6Ys1NoPAYoVL8YpjmzbBlc9%2FqoLabmBMLR3i1yTTD7WdqzwZeCWiA%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type application/octet-stream Access-Control-Allow-Origin * Cache-Control max-age=31536000 Accept-Ranges bytes CF-Ray 690535d36ab14131-PRG Expires Wed, 29 Jun 2022 19:40:27 GMT
GET H/1.1	200 OK	ntfc.php Show response ptauxofi.net/	15 KB 6 KB	37ms 12ms	Script application/javascript	139.45.197.250 RETN-AS
General Check archive.org Show headers Download Go to Full URL http://ptauxofi.net/ntfc.php?p=4161083 Requested by Host: mp3snow.com URL: http://mp3snow.com/ Protocol HTTP/1.1 Server 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 8f1385838fa75da4b5f1ea1f44898ed01e77b1f678a1afe30326cd283978fd1c Request headers Accept-Language de-DE,de;q=0.9 Referer http://mp3snow.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Pragma no-cache Date Fri, 17 Sep 2021 20:51:02 GMT Content-Encoding gzip Last-Modified Wed, 01 Sep 2021 09:06:02 GMT Server nginx ETag W/"612f427a-3b23" Transfer-Encoding chunked Content-Type application/javascript Cache-Control no-cache Access-Control-Allow-Credentials true Connection keep-alive
GET H2	200	css fonts.googleapis.com/	22 KB 2 KB	56ms 22ms	Stylesheet text/css	142.250.186.42 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?display=swap&family=Comfortaa:300,400,700|Roboto+Mono:100,300,400,500|Roboto:100,300,400,500 Requested by Host: mp3snow.com URL: http://mp3snow.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.42 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f10.1e100.net Software ESF / Resource Hash 25a9159ccc6f98a4b9068ee6881220ad4214a1e95558b555d70d019622c8acdd Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://mp3snow.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 17 Sep 2021 20:32:02 GMT server ESF date Fri, 17 Sep 2021 20:51:02 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 17 Sep 2021 20:51:02 GMT
GET H2	200	zone Show response ptauxofi.net/	710 B 994 B	42ms 14ms	Fetch application/json	139.45.197.250 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://ptauxofi.net/zone?pub=0&zone_id=4161083&is_mobile=false&domain=mp3snow.com&var=&ymid=&var_3= Requested by Host: ptauxofi.net URL: http://ptauxofi.net/ntfc.php?p=4161083 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 9e5ec831f95e7a5c89aafdd4136295d333b33b7c9a7c9253de8af20dd4261733 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer http://mp3snow.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-trace-id 9ca5a5e1c59692948047324e37fa003c date Fri, 17 Sep 2021 20:51:02 GMT x-content-type-options nosniff server nginx strict-transport-security max-age=1 content-type application/json; charset=utf-8 access-control-allow-origin http://mp3snow.com access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept content-length 710
GET H2	200	universal.min.js Show response ptauxofi.net/pfe/current/	101 KB 37 KB	51ms 23ms	Fetch application/javascript	139.45.197.250 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://ptauxofi.net/pfe/current/universal.min.js?v=3.1.323 Requested by Host: ptauxofi.net URL: http://ptauxofi.net/ntfc.php?p=4161083 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash ea5b2f0ae6e51e58a4849658ff814852af1f2134408d0be55062dbcc1b5868fc Request headers Accept-Language de-DE,de;q=0.9 Referer http://mp3snow.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Fri, 17 Sep 2021 20:51:02 GMT content-encoding gzip last-modified Wed, 01 Sep 2021 09:05:59 GMT server nginx etag W/"612f4277-192d7" content-type application/javascript access-control-allow-origin http://mp3snow.com cache-control no-cache access-control-allow-credentials true
GET H2	200	1Ptsg8LJRfWJmhDAuUs4TYFq.woff2 fonts.gstatic.com/s/comfortaa/v30/	34 KB 34 KB	41ms 18ms	Font font/woff2	142.250.185.163 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/comfortaa/v30/1Ptsg8LJRfWJmhDAuUs4TYFq.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?display=swap&family=Comfortaa:300,400,700|Roboto+Mono:100,300,400,500|Roboto:100,300,400,500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.163 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f3.1e100.net Software sffe / Resource Hash 6cb648705e0a85e22f37d8e3f53e5f73502af6cdeb5a3a96c7a74098f4c88474 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin http://mp3snow.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 14 Sep 2021 03:56:20 GMT x-content-type-options nosniff age 320082 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35116 x-xss-protection 0 last-modified Thu, 28 Jan 2021 20:48:51 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 14 Sep 2022 03:56:20 GMT
GET H2	200	L0x5DF4xlVMF-BfR8bXMIjhLq38.woff2 fonts.gstatic.com/s/robotomono/v13/	32 KB 32 KB	32ms 12ms	Font font/woff2	142.250.185.163 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/robotomono/v13/L0x5DF4xlVMF-BfR8bXMIjhLq38.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?display=swap&family=Comfortaa:300,400,700|Roboto+Mono:100,300,400,500|Roboto:100,300,400,500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.163 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f3.1e100.net Software sffe / Resource Hash fc4c099a52d8225f29a6b4b500222b364cf1239e30cf1fe69fd1b50564fa7725 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin http://mp3snow.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sun, 12 Sep 2021 17:49:52 GMT x-content-type-options nosniff age 442870 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 32484 x-xss-protection 0 last-modified Thu, 28 Jan 2021 20:32:27 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Mon, 12 Sep 2022 17:49:52 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v27/	15 KB 16 KB	27ms 8ms	Font font/woff2	142.250.185.163 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?display=swap&family=Comfortaa:300,400,700|Roboto+Mono:100,300,400,500|Roboto:100,300,400,500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.163 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f3.1e100.net Software sffe / Resource Hash cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin http://mp3snow.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 14 Sep 2021 04:03:18 GMT x-content-type-options nosniff age 319664 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15688 x-xss-protection 0 last-modified Mon, 05 Apr 2021 21:10:35 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 14 Sep 2022 04:03:18 GMT
POST H2	204	collect www.google-analytics.com/g/	0 364 B	65ms 23ms	Ping text/plain	142.250.184.206 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-4F566V84YJ&gtm=2oe9f0&_p=778048890&sr=1600x1200&ul=en-us&cid=1907523882.1631911862&_s=1&dl=http%3A%2F%2Fmp3snow.com%2F&dt=MP3%20Snow&sid=1631911862&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-4F566V84YJ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.206 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f14.1e100.net Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://mp3snow.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Fri, 17 Sep 2021 20:51:02 GMT server Golfe2 content-type text/plain access-control-allow-origin http://mp3snow.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
OPTIONS H2	200	custom ptauxofi.net/ Frame	0 0	12ms 12ms	Preflight text/plain	139.45.197.250 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://ptauxofi.net/custom Protocol H2 Server 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin http://mp3snow.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Sec-Fetch-Mode cors Response headers server nginx date Fri, 17 Sep 2021 20:51:02 GMT content-type text/plain; charset=utf-8 content-length 0 access-control-allow-origin http://mp3snow.com access-control-allow-credentials true access-control-allow-methods GET, POST, OPTIONS access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token access-control-max-age 86400
OPTIONS H2	200	custom ptauxofi.net/ Frame	0 0	12ms 12ms	Preflight text/plain	139.45.197.250 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://ptauxofi.net/custom Protocol H2 Server 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin http://mp3snow.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Sec-Fetch-Mode cors Response headers server nginx date Fri, 17 Sep 2021 20:51:02 GMT content-type text/plain; charset=utf-8 content-length 0 access-control-allow-origin http://mp3snow.com access-control-allow-credentials true access-control-allow-methods GET, POST, OPTIONS access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token access-control-max-age 86400
POST H2	200	custom Show response ptauxofi.net/	39 B 321 B	14ms 14ms	Fetch application/json	139.45.197.250 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://ptauxofi.net/custom Requested by Host: mp3snow.com URL: http://mp3snow.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer http://mp3snow.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-Type application/json Response headers x-trace-id 6d5bd62709e9a16da8bf1b4f74a2aaa2 date Fri, 17 Sep 2021 20:51:02 GMT x-content-type-options nosniff server nginx strict-transport-security max-age=1 content-type application/json; charset=utf-8 access-control-allow-origin http://mp3snow.com access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept content-length 39
POST H2	200	custom Show response ptauxofi.net/	39 B 321 B	13ms 13ms	Fetch application/json	139.45.197.250 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://ptauxofi.net/custom Requested by Host: mp3snow.com URL: http://mp3snow.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer http://mp3snow.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-Type application/json Response headers x-trace-id 9795c8095b3ff56b941b229b17de4194 date Fri, 17 Sep 2021 20:51:02 GMT x-content-type-options nosniff server nginx strict-transport-security max-age=1 content-type application/json; charset=utf-8 access-control-allow-origin http://mp3snow.com access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept content-length 39
GET H2	200	gid.js Show response my.rtmark.net/	65 B 539 B	51ms 12ms	Fetch application/json	139.45.195.8 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://my.rtmark.net/gid.js?pub=0&userId=12aac7bbf320411087071ca08b98b5b6&zoneId=4161083&checkDuplicate=true&ymid=&var= Requested by Host: mp3snow.com URL: http://mp3snow.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash d4f5affa2897ee5c8fcb7a433a12e959451ed85af5673e54d8df9cbda84d970c Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer http://mp3snow.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 17 Sep 2021 20:51:02 GMT x-content-type-options nosniff server nginx strict-transport-security max-age=1 access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/json; charset=utf-8 access-control-allow-origin http://mp3snow.com access-control-expose-headers Authorization access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token content-length 65
GET H2	200	defaultSkin.min.js Show response ptauxofi.net/pfe/current/	56 KB 19 KB	14ms 13ms	Fetch application/javascript	139.45.197.250 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://ptauxofi.net/pfe/current/defaultSkin.min.js Requested by Host: mp3snow.com URL: http://mp3snow.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 7b23e3a7155161323573e58616ff1bfdaffd0560483db31315d181f6b394ddd5 Request headers Accept-Language de-DE,de;q=0.9 Referer http://mp3snow.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Fri, 17 Sep 2021 20:51:02 GMT content-encoding gzip last-modified Wed, 01 Sep 2021 09:05:59 GMT server nginx etag W/"612f4277-df63" content-type application/javascript access-control-allow-origin http://mp3snow.com cache-control no-cache access-control-allow-credentials true
GET DATA	200 OK	truncated / Frame 9249	255 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24 Request headers Accept-Language de-DE,de;q=0.9 Referer http://mp3snow.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Content-Type image/svg+xml
OPTIONS H2	200	custom ptauxofi.net/ Frame	0 0	13ms 13ms	Preflight text/plain	139.45.197.250 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://ptauxofi.net/custom Protocol H2 Server 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin http://mp3snow.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Sec-Fetch-Mode cors Response headers server nginx date Fri, 17 Sep 2021 20:51:02 GMT content-type text/plain; charset=utf-8 content-length 0 access-control-allow-origin http://mp3snow.com access-control-allow-credentials true access-control-allow-methods GET, POST, OPTIONS access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token access-control-max-age 86400
POST H2	200	custom Show response ptauxofi.net/	39 B 321 B	13ms 13ms	Fetch application/json	139.45.197.250 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://ptauxofi.net/custom Requested by Host: mp3snow.com URL: http://mp3snow.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer http://mp3snow.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-Type application/json Response headers x-trace-id d0d7b195ce15f30b76804da836363d47 date Fri, 17 Sep 2021 20:51:02 GMT x-content-type-options nosniff server nginx strict-transport-security max-age=1 content-type application/json; charset=utf-8 access-control-allow-origin http://mp3snow.com access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept content-length 39

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect boolean| originAgentCluster object| _conf function| gtag object| dataLayer string| k object| _y6017fxw8cl object| dfumt5gmoi object| zfgformats function| setImmediate function| clearImmediate function| _dihtjd function| _ljsmz function| $ function| jQuery function| Cookies object| google_tag_manager object| google_tag_data object| gaGlobal function| onYouTubeIframeAPIReady object| _lib function| reCaptchaDone function| reCaptchaReady object| sdk boolean| installOnFly boolean| zfgloadedpush boolean| zfgloadedpushopt boolean| zfgloadedpushcode object| onClickExcludes

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.mp3snow.com/	1970-01-20 14:49:43	Name: _ga_4F566V84YJ Value: GS1.1.1631911862.1.0.1631911862.0
			.mp3snow.com/	1970-01-20 14:49:43	Name: _ga Value: GA1.1.1907523882.1631911862
			my.rtmark.net/	1970-01-20 06:04:07	Name: ID Value: 12aac7bbf320411087071ca08b98b5b6

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
mp3snow.com
my.rtmark.net
ptauxofi.net
www.google-analytics.com
www.googletagmanager.com
139.45.195.8
139.45.197.250
142.250.184.206
142.250.185.163
142.250.186.42
142.250.186.72
172.67.166.107
23366f52fd20237262211b2ecc856e68a47b74d4982a3d879c05b22633ba9ac6
25a9159ccc6f98a4b9068ee6881220ad4214a1e95558b555d70d019622c8acdd
5b0beb27fa869dac72d44d0b8928d76d2d89e204b6b77e1479680a31c47fb0bd
6cb648705e0a85e22f37d8e3f53e5f73502af6cdeb5a3a96c7a74098f4c88474
778a795b52ab265e6c2c67805eb19dedcb1d5d3ecb65983c6437202491a14337
7b23e3a7155161323573e58616ff1bfdaffd0560483db31315d181f6b394ddd5
8f1385838fa75da4b5f1ea1f44898ed01e77b1f678a1afe30326cd283978fd1c
9e5ec831f95e7a5c89aafdd4136295d333b33b7c9a7c9253de8af20dd4261733
ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d4f5affa2897ee5c8fcb7a433a12e959451ed85af5673e54d8df9cbda84d970c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea5b2f0ae6e51e58a4849658ff814852af1f2134408d0be55062dbcc1b5868fc
fc4c099a52d8225f29a6b4b500222b364cf1239e30cf1fe69fd1b50564fa7725
fdc00c65368d1706f6bfd1854373792931a726e05d445ad8ecc6484f748135f8
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881