You can check the URL of the parent window within the iframe, and check if it matches your domain or not... and then accordingly display the mp3 player or deny access.
use the following in the javascript inside the iframe:
if(top.location.href == "http://mysite.com"){
//display mp3 player
}
//or don't display mp3 player