auth.tunes.ninja Open in urlscan Pro
76.76.21.21 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://auth.tunes.ninja/
Submission Tags: @phishunt_io
Submission: On September 19 via api (September 19th 2021, 6:19:52 pm UTC) from DE — Scanned from DE

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 17 HTTP transactions. The main IP is 76.76.21.21, located in United States and belongs to AMAZON-02, US. The main domain is auth.tunes.ninja.
TLS certificate: Issued by R3 on September 18th 2021. Valid for: 3 months.

This is the only time auth.tunes.ninja was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	76.76.21.21 76.76.21.21	16509 (AMAZON-02) (AMAZON-02)
3	2a02:26f0:6c0... 2a02:26f0:6c00:299::1fcf	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	178.162.136.155 178.162.136.155	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2	34.120.195.249 34.120.195.249	15169 (GOOGLE) (GOOGLE)
17	4

10 76.76.21.21 (United States)

ASN16509 (AMAZON-02, US)

auth.tunes.ninja	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:6c00:299::1fcf (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

js-cdn.music.apple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.162.136.155 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

sa.ms7m.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.195.249 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o964760.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	tunes.ninja auth.tunes.ninja	310 KB
3	apple.com js-cdn.music.apple.com	142 KB
2	sentry.io o964760.ingest.sentry.io	430 B
2	ms7m.me sa.ms7m.me	4 KB
17	4

	Domain	Requested by
10	auth.tunes.ninja	auth.tunes.ninja
3	js-cdn.music.apple.com	auth.tunes.ninja js-cdn.music.apple.com
2	o964760.ingest.sentry.io	auth.tunes.ninja
2	sa.ms7m.me	auth.tunes.ninja
17	4

This site contains no links.

Subject Issuer	Validity	Valid
auth.tunes.ninja R3	`2021-09-18` - `2021-12-17`	3 months	crt.sh
authorize.music.apple.com Apple Public EV Server RSA CA 2 - G1	`2021-01-06` - `2022-02-05`	a year	crt.sh
sa.ms7m.me R3	`2021-09-19` - `2021-12-18`	3 months	crt.sh
*.ingest.sentry.io R3	`2021-08-25` - `2021-11-23`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://auth.tunes.ninja/
Frame ID: 7159871C43B81523C08E7A8A52A803B5
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

josh-frontend

Page Statistics

17
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

456 kB
Transfer

988 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
auth.tunes.ninja/ 1 KB
820 B 83ms
28ms Document
text/html 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.tunes.ninja/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

2863fb2e35829982c8391125b11314398b09239e6da2468d7c19492ca1317a5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

:method: GET
:authority: auth.tunes.ninja
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sun, 19 Sep 2021 18:19:47 GMT
content-type: text/html; charset=utf-8
content-disposition: inline; filename="index.html"
cache-control: public, max-age=0, must-revalidate
access-control-allow-origin: *
etag: W/"2863fb2e35829982c8391125b11314398b09239e6da2468d7c19492ca1317a5c"
age: 68264
x-vercel-cache: HIT
server: Vercel
x-vercel-id: fra1:fra1::lhnjx-1632075587123-91f43f05dea9
strict-transport-security: max-age=63072000
content-encoding: br

GET
H2 200 app.bc20ba5d.css
auth.tunes.ninja/css/ 8 KB
3 KB 12ms
11ms Stylesheet
text/css 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.tunes.ninja/css/app.bc20ba5d.css

Requested by

Host: auth.tunes.ninja
URL: https://auth.tunes.ninja/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

4062aae543e68893c06990c7f6f3409d10e8a27c8a6d4b6076ff619e5a51cfcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

:path: /css/app.bc20ba5d.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: auth.tunes.ninja
referer: https://auth.tunes.ninja/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://auth.tunes.ninja/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 18:19:47 GMT
content-encoding: br
server: Vercel
age: 68233
x-vercel-id: fra1:fra1::lhnjx-1632075587192-cd8f64e5b108
etag: W/"4062aae543e68893c06990c7f6f3409d10e8a27c8a6d4b6076ff619e5a51cfcd"
strict-transport-security: max-age=63072000
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="app.bc20ba5d.css"
x-vercel-cache: HIT

GET
H2 200 app.3e4c406d.js Show response
auth.tunes.ninja/js/ 6 KB
3 KB 12ms
12ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.tunes.ninja/js/app.3e4c406d.js

Requested by

Host: auth.tunes.ninja
URL: https://auth.tunes.ninja/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

323c093291ddcef06c236886876ac8c308fb807cf1a3022f6bbc2c99c0098da5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

:path: /js/app.3e4c406d.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: auth.tunes.ninja
referer: https://auth.tunes.ninja/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://auth.tunes.ninja/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 18:19:47 GMT
content-encoding: br
server: Vercel
age: 68233
x-vercel-id: fra1:fra1::lhnjx-1632075587192-e9453426c0c6
etag: W/"323c093291ddcef06c236886876ac8c308fb807cf1a3022f6bbc2c99c0098da5"
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="app.3e4c406d.js"
x-vercel-cache: HIT

GET
H2 200 chunk-vendors.9f4af6eb.js Show response
auth.tunes.ninja/js/ 259 KB
86 KB 13ms
12ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.tunes.ninja/js/chunk-vendors.9f4af6eb.js

Requested by

Host: auth.tunes.ninja
URL: https://auth.tunes.ninja/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

29961f579126cf55542d37ff00b18ac6a39480e89daf072c6b01bce227e5547a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

:path: /js/chunk-vendors.9f4af6eb.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: auth.tunes.ninja
referer: https://auth.tunes.ninja/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://auth.tunes.ninja/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 18:19:47 GMT
content-encoding: br
server: Vercel
age: 68233
x-vercel-id: fra1:fra1::lhnjx-1632075587192-93da4323937c
etag: W/"29961f579126cf55542d37ff00b18ac6a39480e89daf072c6b01bce227e5547a"
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="chunk-vendors.9f4af6eb.js"
x-vercel-cache: HIT

GET
H2 200 musickit.js Show response
js-cdn.music.apple.com/musickit/v3/ 478 KB
131 KB 153ms
17ms Script
application/javascript 2a02:26f0:6c00:299::1fcf
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://js-cdn.music.apple.com/musickit/v3/musickit.js

Requested by

Host: auth.tunes.ninja
URL: https://auth.tunes.ninja/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:299::1fcf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

daiquiri/3.0.0 /

Resource Hash

efad2364da86f39c1ffc95290d121772b3921d3a30220dec975837db43e31947

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.tunes.ninja/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-apple-jingle-correlation-key: DJEY75E4WVAMVVHE6CLNO7JNJY
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-responding-instance: silverbullet-external:2032:st47p00it-qujn14040302:8301:21REL4
x-daiquiri-instance: daiquiri:45887001:st44p00it-hyhk15124201:7987:21RELEASE140:daiquiri-amp-all-shared-int-001-st, daiquiri:48493001:st44p00it-hyhk15034601:7987:21RELEASE140:daiquiri-amp-all-shared-ext-001-st, daiquiri:47691001:st44p00it-hyhk16124001:7987:21RELEASE140:daiquiri-amp-store-shared-ext-003-st
x-apple-request-uuid: 1a498ff4-9cb5-40ca-d4e4-f096d77d2d4e
content-length: 133349
etag: e6fa66fa310c2b58e2ce6021f5693a6a
apple-tk: false
last-modified: Thu, 2 Sep 2021 18:11:59 GMT
server: daiquiri/3.0.0
apple-seq: 0.0
date: Sun, 19 Sep 2021 18:19:47 GMT
apple-originating-system: UnknownOriginatingSystem
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-transform, max-age=312
x-apple-version-number: 2136.11.0

GET
H2 200 musickit-components.esm.js Show response
js-cdn.music.apple.com/musickit/v3/components/musickit-components/ 12 KB
4 KB 24ms
7ms Script
application/javascript 2a02:26f0:6c00:299::1fcf
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://js-cdn.music.apple.com/musickit/v3/components/musickit-components/musickit-components.esm.js

Requested by

Host: js-cdn.music.apple.com
URL: https://js-cdn.music.apple.com/musickit/v3/musickit.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:299::1fcf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

daiquiri/3.0.0 /

Resource Hash

7d966a2abc7df4b11cc0f7eca67247bc5a69ee86a6fd18361a8729e52c1d7d10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://auth.tunes.ninja/
Origin: https://auth.tunes.ninja
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-apple-jingle-correlation-key: YYF7473NODSZQDZGC42BY2C3FU
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-responding-instance: silverbullet-external:3002:mr28p00it-ztdg08092301:8301:21REL4
x-daiquiri-instance: daiquiri:15887002:mr85p00it-hyhk04103901:7987:21RELEASE140:daiquiri-amp-all-shared-int-001-mr, daiquiri:18493001:mr85p00it-hyhk03154801:7987:21RELEASE140:daiquiri-amp-all-shared-ext-001-mr, daiquiri:18215001:mr85p00it-hyhk03094701:7987:21RELEASE140:daiquiri-amp-store-shared-ext-001-mr
x-apple-request-uuid: c60bfe7f-6d70-e598-0f26-17341c685b2d
content-length: 3816
etag: c4b4d82d0ee45c0d222dfbe4ca24cf4c
apple-tk: false
last-modified: Thu, 2 Sep 2021 18:11:59 GMT
server: daiquiri/3.0.0
apple-seq: 0.0
date: Sun, 19 Sep 2021 18:19:47 GMT
apple-originating-system: UnknownOriginatingSystem
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-transform, max-age=25
x-apple-version-number: 2136.11.0

GET
H2 200 apple-music-link.a87a0dc0.js
auth.tunes.ninja/js/ 0
6 KB 12ms
12ms Other
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.tunes.ninja/js/apple-music-link.a87a0dc0.js

Requested by

Host: auth.tunes.ninja
URL: https://auth.tunes.ninja/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

:path: /js/apple-music-link.a87a0dc0.js
pragma: no-cache
purpose: prefetch
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: empty
:authority: auth.tunes.ninja
referer: https://auth.tunes.ninja/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://auth.tunes.ninja/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 18:19:47 GMT
content-encoding: br
server: Vercel
age: 68233
x-vercel-id: fra1:fra1::lhnjx-1632075587416-27e935473ec1
etag: W/"81005cde53aff14c403d290ee1fd6d05cb3382350e697cdaaf9c749c35c27a65"
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="apple-music-link.a87a0dc0.js"
x-vercel-cache: HIT

GET
H2 200 errorSpotify.43e0bd9d.js
auth.tunes.ninja/js/ 0
3 KB 13ms
12ms Other
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.tunes.ninja/js/errorSpotify.43e0bd9d.js

Requested by

Host: auth.tunes.ninja
URL: https://auth.tunes.ninja/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

:path: /js/errorSpotify.43e0bd9d.js
pragma: no-cache
purpose: prefetch
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: empty
:authority: auth.tunes.ninja
referer: https://auth.tunes.ninja/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://auth.tunes.ninja/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 18:19:47 GMT
content-encoding: br
server: Vercel
age: 68233
x-vercel-id: fra1:fra1::lhnjx-1632075587417-eed10910937b
etag: W/"de994d626e504dda4cfad2090576fa26725dba85ae76dcd88d72e93dd1e911e4"
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="errorSpotify.43e0bd9d.js"
x-vercel-cache: HIT

GET
H2 200 successSpotify.f2ef874c.js
auth.tunes.ninja/js/ 0
1010 B 12ms
12ms Other
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.tunes.ninja/js/successSpotify.f2ef874c.js

Requested by

Host: auth.tunes.ninja
URL: https://auth.tunes.ninja/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

:path: /js/successSpotify.f2ef874c.js
pragma: no-cache
purpose: prefetch
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: empty
:authority: auth.tunes.ninja
referer: https://auth.tunes.ninja/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://auth.tunes.ninja/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 18:19:47 GMT
content-encoding: br
server: Vercel
age: 68233
x-vercel-id: fra1:fra1::lhnjx-1632075587417-52544fc9daa0
etag: W/"b5f6ca46d6bc6c15c388f46b87b15778ed827c2cdd8588e8147b9bc286341e78"
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="successSpotify.f2ef874c.js"
x-vercel-cache: HIT

GET
H2 200 user-unauthorized-apple-music-message.531b17f8.js
auth.tunes.ninja/js/ 0
1017 B 13ms
13ms Other
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.tunes.ninja/js/user-unauthorized-apple-music-message.531b17f8.js

Requested by

Host: auth.tunes.ninja
URL: https://auth.tunes.ninja/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

:path: /js/user-unauthorized-apple-music-message.531b17f8.js
pragma: no-cache
purpose: prefetch
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: empty
:authority: auth.tunes.ninja
referer: https://auth.tunes.ninja/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://auth.tunes.ninja/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 18:19:47 GMT
content-encoding: br
server: Vercel
age: 68233
x-vercel-id: fra1:fra1::lhnjx-1632075587417-a0fce0471d9f
etag: W/"ddf0477a50501f0955df7df1420c703754127756e9993c6232b8906d09a4475d"
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="user-unauthorized-apple-music-message.531b17f8.js"
x-vercel-cache: HIT

GET
H2 200 latest.js Show response
sa.ms7m.me/ 6 KB
3 KB 245ms
13ms Script
application/javascript 178.162.136.155
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sa.ms7m.me/latest.js

Requested by

Host: auth.tunes.ninja
URL: https://auth.tunes.ninja/js/chunk-vendors.9f4af6eb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

178.162.136.155 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

nginx /

Resource Hash

8e551716013eb5ed90747075d826b6878153ee35787cca5874ddf2234c5794e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.tunes.ninja/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 18:19:47 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
strict-transport-security: max-age=31536000; includeSubDomains
simple-analytics: true
expires: Sun, 26 Sep 2021 18:19:47 GMT

GET
H2 200 yawn.png
auth.tunes.ninja/ 29 KB
29 KB 10ms
10ms Image
image/png 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auth.tunes.ninja/yawn.png

Requested by

Host: auth.tunes.ninja
URL: https://auth.tunes.ninja/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

f53ce6c20dc2c6a143447c6fe1df869902b040a6f451ace96ec82062ed21822b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

:path: /yawn.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: auth.tunes.ninja
referer: https://auth.tunes.ninja/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://auth.tunes.ninja/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 18:19:47 GMT
server: Vercel
age: 68233
x-vercel-id: fra1:fra1::lhnjx-1632075587452-484b934a7f93
etag: W/"f53ce6c20dc2c6a143447c6fe1df869902b040a6f451ace96ec82062ed21822b"
strict-transport-security: max-age=63072000
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="yawn.png"
accept-ranges: bytes
x-vercel-cache: HIT
content-length: 29460

GET
H2 200 bg.59d4ec3f.jpg
auth.tunes.ninja/img/ 177 KB
177 KB 10ms
10ms Image
image/jpeg 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auth.tunes.ninja/img/bg.59d4ec3f.jpg

Requested by

Host: auth.tunes.ninja
URL: https://auth.tunes.ninja/css/app.bc20ba5d.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

d6abd02ad7ee0d4962059d44d29c2d094dd1144762919280fc920b691277fa12

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

:path: /img/bg.59d4ec3f.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: auth.tunes.ninja
referer: https://auth.tunes.ninja/css/app.bc20ba5d.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://auth.tunes.ninja/css/app.bc20ba5d.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 18:19:47 GMT
server: Vercel
age: 68233
x-vercel-id: fra1:fra1::lhnjx-1632075587453-0c9ba0f43055
etag: W/"d6abd02ad7ee0d4962059d44d29c2d094dd1144762919280fc920b691277fa12"
strict-transport-security: max-age=63072000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="bg.59d4ec3f.jpg"
accept-ranges: bytes
x-vercel-cache: HIT
content-length: 180914

POST
H2 200 / Show response
o964760.ingest.sentry.io/api/5915601/store/ 41 B
285 B 52ms
12ms Fetch
application/json 34.120.195.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o964760.ingest.sentry.io/api/5915601/store/?sentry_key=9ba65401951c4a6eaf17dd8289d0ba84&sentry_version=7

Requested by

Host: auth.tunes.ninja
URL: https://auth.tunes.ninja/js/chunk-vendors.9f4af6eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

112932a4af873ed34c5cfb5891e867fd45d68aef002ad09128705901009521e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://auth.tunes.ninja/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 19 Sep 2021 18:19:47 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://auth.tunes.ninja
access-control-expose-headers: x-sentry-rate-limits, retry-after, x-sentry-error
x-envoy-upstream-service-time: 3
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: clear
content-length: 41

GET
H2 200 p-a23b3d3a.js Show response
js-cdn.music.apple.com/musickit/v3/components/musickit-components/ 12 KB
6 KB 7ms
7ms Script
application/javascript 2a02:26f0:6c00:299::1fcf
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://js-cdn.music.apple.com/musickit/v3/components/musickit-components/p-a23b3d3a.js

Requested by

Host: auth.tunes.ninja
URL: https://auth.tunes.ninja/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:299::1fcf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

daiquiri/3.0.0 /

Resource Hash

94d3d8f70c7d0610a3e1fe972ed05dd0b574767255a382c94c477cf644f08b30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js-cdn.music.apple.com/musickit/v3/components/musickit-components/musickit-components.esm.js
Origin: https://auth.tunes.ninja
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-apple-jingle-correlation-key: PV64ARRBHAV6OMJVMWF7L4YVVA
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-responding-instance: silverbullet-external:2032:st47p00it-qujn14040302:8301:21REL3
x-daiquiri-instance: daiquiri:45887001:st44p00it-hyhk15124201:7987:21HOTFIX14, daiquiri:48493001:st44p00it-hyhk15034601:7987:21RELEASE130:daiquiri-amp-all-shared-ext-001-st, daiquiri:42814001:st44p00it-hyhk15034801:7987:21RELEASE130:daiquiri-amp-store-shared-ext-005-st
x-apple-request-uuid: 7d7dc046-2138-2be7-3135-658bf5f315a8
content-length: 5626
etag: 2d583893b856005b8c94d32ec90a654f
apple-tk: false
last-modified: Thu, 8 Jul 2021 19:20:30 GMT
server: daiquiri/3.0.0
apple-seq: 0.0
date: Sun, 19 Sep 2021 18:19:47 GMT
apple-originating-system: UnknownOriginatingSystem
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-transform, max-age=27539221
x-apple-version-number: 2128.14.0

GET
H2 202 simple.gif
sa.ms7m.me/ 43 B
307 B 16ms
16ms Image
image/gif 178.162.136.155
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sa.ms7m.me/simple.gif?version=custom_latest_7&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F92.0.4515.159%20Safari%2F537.36&sri=true&mobile=false&brands=%5B%5D&hostname=auth.tunes.ninja&os_name=&os_version=&path=%2F&viewport_width=1600&viewport_height=1200&language=en-US&screen_width=1600&screen_height=1200&unique=true&id=26fa5c59-886b-4cf4-b6de-6f19261ddab1&https=true&timezone=Etc%2FUnknown&type=pageview&time=1632075587716

Requested by

Host: auth.tunes.ninja
URL: https://auth.tunes.ninja/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

178.162.136.155 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.tunes.ninja/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Sep 2021 18:19:47 GMT
simple-analytics-feedback: Thanks for sending this page view!
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
simple-analytics-location: Amsterdam
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
expires: 0

POST
H2 200 / Show response
o964760.ingest.sentry.io/api/5915601/envelope/ 41 B
145 B 9ms
8ms Fetch
application/json 34.120.195.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o964760.ingest.sentry.io/api/5915601/envelope/?sentry_key=9ba65401951c4a6eaf17dd8289d0ba84&sentry_version=7

Requested by

Host: auth.tunes.ninja
URL: https://auth.tunes.ninja/js/chunk-vendors.9f4af6eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

7fb384e37ff0bc73213002acf338fce8bd30a6b4fd869a400b8802c157e4c0d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://auth.tunes.ninja/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 19 Sep 2021 18:19:50 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://auth.tunes.ninja
access-control-expose-headers: x-sentry-rate-limits, x-sentry-error, retry-after
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: clear
content-length: 41

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.tunes.ninja
js-cdn.music.apple.com
o964760.ingest.sentry.io
sa.ms7m.me
178.162.136.155
2a02:26f0:6c00:299::1fcf
34.120.195.249
76.76.21.21
112932a4af873ed34c5cfb5891e867fd45d68aef002ad09128705901009521e2
2863fb2e35829982c8391125b11314398b09239e6da2468d7c19492ca1317a5c
29961f579126cf55542d37ff00b18ac6a39480e89daf072c6b01bce227e5547a
323c093291ddcef06c236886876ac8c308fb807cf1a3022f6bbc2c99c0098da5
4062aae543e68893c06990c7f6f3409d10e8a27c8a6d4b6076ff619e5a51cfcd
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
7d966a2abc7df4b11cc0f7eca67247bc5a69ee86a6fd18361a8729e52c1d7d10
7fb384e37ff0bc73213002acf338fce8bd30a6b4fd869a400b8802c157e4c0d9
8e551716013eb5ed90747075d826b6878153ee35787cca5874ddf2234c5794e6
94d3d8f70c7d0610a3e1fe972ed05dd0b574767255a382c94c477cf644f08b30
d6abd02ad7ee0d4962059d44d29c2d094dd1144762919280fc920b691277fa12
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
efad2364da86f39c1ffc95290d121772b3921d3a30220dec975837db43e31947
f53ce6c20dc2c6a143447c6fe1df869902b040a6f451ace96ec82062ed21822b

auth.tunes.ninja Open in urlscan Pro 76.76.21.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

17 Requests

100 %HTTPS

25 %IPv6

4 Domains

4 Subdomains

4 IPs

3 Countries

456 kBTransfer

988 kBSize

0 Cookies

0 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

auth.tunes.ninja Open in urlscan Pro
76.76.21.21 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

456 kB
Transfer

988 kB
Size

0
Cookies

17 HTTP transactions
0 data transactions