dancesecure.margrop.net Open in urlscan Pro
163.172.205.141 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://dancesecure.margrop.net/
Submission: On June 30 via automatic, source certstream-suspicious (June 30th 2022, 4:04:13 am UTC) — Scanned from FR

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 9 HTTP transactions. The main IP is 163.172.205.141, located in France and belongs to Online SAS, FR. The main domain is dancesecure.margrop.net.
TLS certificate: Issued by R3 on June 30th 2022. Valid for: 3 months.

This is the only time dancesecure.margrop.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	163.172.205.141 163.172.205.141	12876 (Online SAS) (Online SAS)
3	192.243.59.13 192.243.59.13	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
1	158.69.248.123 158.69.248.123	16276 (OVH) (OVH)
9	5

3 163.172.205.141 (France)

ASN12876 (Online SAS, FR)
PTR: 163-172-205-141.rev.poneytelecom.eu

dancesecure.margrop.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.243.59.13 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

snorefamiliarsiege.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 158.69.248.123 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns542881.ip-158-69-248.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	snorefamiliarsiege.com snorefamiliarsiege.com — Cisco Umbrella Rank: 232956
3	margrop.net dancesecure.margrop.net	26 KB
2	histats.com s10.histats.com — Cisco Umbrella Rank: 16196 s4.histats.com — Cisco Umbrella Rank: 13665	5 KB
0	askingames.com Failed askingames.com Failed
9	4

	Domain	Requested by
3	snorefamiliarsiege.com	dancesecure.margrop.net
3	dancesecure.margrop.net	dancesecure.margrop.net
1	s4.histats.com	s10.histats.com
1	s10.histats.com	dancesecure.margrop.net
0	askingames.com Failed	dancesecure.margrop.net
9	5

This site contains no links.

Subject Issuer	Validity	Valid
dancesecure.margrop.net R3	`2022-06-30` - `2022-09-28`	3 months	crt.sh
snorefamiliarsiege.com R3	`2022-06-28` - `2022-09-26`	3 months	crt.sh
histats.com R3	`2022-04-19` - `2022-07-18`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://dancesecure.margrop.net/
Frame ID: 82F5C3AD5FB8D92DE1C480FF5E444E09
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Askingames – All of games

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

9
Requests

89 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

3
Countries

31 kB
Transfer

174 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://cdn.statically.io/img/askingames.com/wp-content/uploads/2022/04/askingames.png HTTP 301
https://askingames.com/wp-content/uploads/2022/04/askingames.png

9 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response dancesecure.margrop.net/	57 KB 10 KB	2063ms 1932ms	Document text/html	163.172.205.141 Online SAS
General Check archive.org Show headers Download Go to Full URL https://dancesecure.margrop.net/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 163.172.205.141 , France, ASN12876 (Online SAS, FR), Reverse DNS 163-172-205-141.rev.poneytelecom.eu Software Apache/2.4.29 (Ubuntu) / Resource Hash `c8e485cd6445b62d87320004e6102fc99d18810e2dc31e841525d51d7147883b` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language fr-FR,fr;q=0.9 Response headers Connection Keep-Alive Content-Encoding gzip Content-Length 9930 Content-Type text/html; charset=UTF-8 Date Thu, 30 Jun 2022 04:04:02 GMT Keep-Alive timeout=5, max=100 Server Apache/2.4.29 (Ubuntu) Vary Accept-Encoding
GET H/1.1	200 OK	style.min.css dancesecure.margrop.net/wp-includes/css/dist/block-library/	87 KB 12 KB	1981ms 1974ms	Stylesheet text/css	163.172.205.141 Online SAS
General Check archive.org Show headers Download Go to Full URL https://dancesecure.margrop.net/wp-includes/css/dist/block-library/style.min.css?ver=6.0 Requested by Host: dancesecure.margrop.net URL: https://dancesecure.margrop.net/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 163.172.205.141 , France, ASN12876 (Online SAS, FR), Reverse DNS 163-172-205-141.rev.poneytelecom.eu Software Apache/2.4.29 (Ubuntu) / Resource Hash `d678ab3b4e7dddf5615012cc1a930e50dfbc967181b8fbeb1b98d61549f5ed08` Request headers accept-language fr-FR,fr;q=0.9 Referer https://dancesecure.margrop.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Thu, 30 Jun 2022 04:04:04 GMT Content-Encoding gzip Server Apache/2.4.29 (Ubuntu) Vary Accept-Encoding Content-Type text/css;charset=UTF-8 Connection Keep-Alive Keep-Alive timeout=5, max=99 Content-Length 11674
GET H/1.1	200 OK	main.min.css dancesecure.margrop.net/wp-content/themes/generatepress/assets/css/	19 KB 5 KB	1633ms 1542ms	Stylesheet text/css	163.172.205.141 Online SAS
General Check archive.org Show headers Download Go to Full URL https://dancesecure.margrop.net/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.1.3 Requested by Host: dancesecure.margrop.net URL: https://dancesecure.margrop.net/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 163.172.205.141 , France, ASN12876 (Online SAS, FR), Reverse DNS 163-172-205-141.rev.poneytelecom.eu Software Apache/2.4.29 (Ubuntu) / Resource Hash `33a3b2b4bb13ccc6ea24e09ac28cf3934212a8191289ff8e032b8a25d84997f8` Request headers accept-language fr-FR,fr;q=0.9 Referer https://dancesecure.margrop.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Thu, 30 Jun 2022 04:04:04 GMT Content-Encoding gzip Server Apache/2.4.29 (Ubuntu) Vary Accept-Encoding Content-Type text/css;charset=UTF-8 Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 4666
GET		askingames.png askingames.com/wp-content/uploads/2022/04/ Redirect Chain https://cdn.statically.io/img/askingames.com/wp-content/uploads/2022/04/askingames.png https://askingames.com/wp-content/uploads/2022/04/askingames.png	0 0

GET H/1.1	403 Forbidden	c77d3767acca30e285f49a68255e6789.js snorefamiliarsiege.com/c7/7d/37/	0 0	695ms 101ms	Script application/javascript	192.243.59.13 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://snorefamiliarsiege.com/c7/7d/37/c77d3767acca30e285f49a68255e6789.js Requested by Host: dancesecure.margrop.net URL: https://dancesecure.margrop.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.17.6 / Resource Hash Request headers accept-language fr-FR,fr;q=0.9 Referer https://dancesecure.margrop.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Thu, 30 Jun 2022 04:04:05 GMT Server nginx/1.17.6 P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin * Connection keep-alive Accept-CH Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA Content-Type application/javascript Content-Length 0
GET H/1.1	403 Forbidden	06e27d87c0b1990f2822e5e6d73650c1.js snorefamiliarsiege.com/06/e2/7d/	0 0	716ms 122ms	Script application/javascript	192.243.59.13 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://snorefamiliarsiege.com/06/e2/7d/06e27d87c0b1990f2822e5e6d73650c1.js Requested by Host: dancesecure.margrop.net URL: https://dancesecure.margrop.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.17.6 / Resource Hash Request headers accept-language fr-FR,fr;q=0.9 Referer https://dancesecure.margrop.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Thu, 30 Jun 2022 04:04:05 GMT Server nginx/1.17.6 P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin * Connection keep-alive Accept-CH Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA Content-Type application/javascript Content-Length 0
GET H/1.1	403 Forbidden	invoke.js snorefamiliarsiege.com/503de238648ac767e52316b449a25761/	0 0	276ms 137ms	Script application/javascript	192.243.59.13 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://snorefamiliarsiege.com/503de238648ac767e52316b449a25761/invoke.js Requested by Host: dancesecure.margrop.net URL: https://dancesecure.margrop.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.17.6 / Resource Hash Request headers Referer https://dancesecure.margrop.net/ accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Date Thu, 30 Jun 2022 04:04:07 GMT Server nginx/1.17.6 P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin * Connection keep-alive Accept-CH Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA Content-Type application/javascript Content-Length 0
GET H2	200	js15_as.js Show response s10.histats.com/	11 KB 4 KB	158ms 14ms	Script text/javascript	46.105.201.240 OVH
General Check archive.org Show headers Download Go to Full URL https://s10.histats.com/js15_as.js Requested by Host: dancesecure.margrop.net URL: https://dancesecure.margrop.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.105.201.240 , France, ASN16276 (OVH, FR), Reverse DNS Software / Resource Hash `2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede` Request headers accept-language fr-FR,fr;q=0.9 Referer https://dancesecure.margrop.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Thu, 30 Jun 2022 03:55:40 GMT content-encoding br last-modified Thu, 16 Apr 2020 10:44:16 GMT x-cdn-pop-ip 51.254.41.128/25 etag "-375139978" x-cacheable Matched cache content-type text/javascript x-cdn-pop rbx1 accept-ranges bytes content-length 4364 x-request-id 749438497
GET H/1.1	200 OK	0.php Show response s4.histats.com/stats/	49 B 183 B	359ms 116ms	Script text/html	158.69.248.123 OVH
General Check archive.org Show headers Download Go to Full URL https://s4.histats.com/stats/0.php?4665186&@f16&@g1&@h1&@i1&@j1656561847534&@k0&@l1&@mAskingames%20%E2%80%93%20All%20of%20games&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:45624314&@b3:1656561848&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fdancesecure.margrop.net%2F&@w Requested by Host: s10.histats.com URL: https://s10.histats.com/js15_as.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 158.69.248.123 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ns542881.ip-158-69-248.net Software / Resource Hash `f4788932ad63054757ffcba66a09958e9f3de1f04d8bb58ef4b4d4d1bd55164b` Request headers accept-language fr-FR,fr;q=0.9 Referer https://dancesecure.margrop.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Thu, 30 Jun 2022 04:04:07 GMT Connection close Content-Length 49 Content-Type text/html;charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: askingames.com
URL: https://askingames.com/wp-content/uploads/2022/04/askingames.png

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
dancesecure.margrop.net/	1970-01-20 12:54:57	Name: HstCfa4665186 Value: 1656561847534
dancesecure.margrop.net/	1970-01-20 12:54:57	Name: HstCla4665186 Value: 1656561847534
dancesecure.margrop.net/	1970-01-20 12:54:57	Name: HstCmu4665186 Value: 1656561847534
dancesecure.margrop.net/	1970-01-20 12:54:57	Name: HstPn4665186 Value: 1
dancesecure.margrop.net/	1970-01-20 12:54:57	Name: HstPt4665186 Value: 1
dancesecure.margrop.net/	1970-01-20 12:54:57	Name: HstCnv4665186 Value: 1
dancesecure.margrop.net/	1970-01-20 12:54:57	Name: HstCns4665186 Value: 1

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://snorefamiliarsiege.com/c7/7d/37/c77d3767acca30e285f49a68255e6789.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://snorefamiliarsiege.com/06/e2/7d/06e27d87c0b1990f2822e5e6d73650c1.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://dancesecure.margrop.net/(Line 9) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://snorefamiliarsiege.com/503de238648ac767e52316b449a25761/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://dancesecure.margrop.net/(Line 9) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://snorefamiliarsiege.com/503de238648ac767e52316b449a25761/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://snorefamiliarsiege.com/503de238648ac767e52316b449a25761/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

askingames.com
dancesecure.margrop.net
s10.histats.com
s4.histats.com
snorefamiliarsiege.com
askingames.com
158.69.248.123
163.172.205.141
192.243.59.13
46.105.201.240
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
33a3b2b4bb13ccc6ea24e09ac28cf3934212a8191289ff8e032b8a25d84997f8
c8e485cd6445b62d87320004e6102fc99d18810e2dc31e841525d51d7147883b
d678ab3b4e7dddf5615012cc1a930e50dfbc967181b8fbeb1b98d61549f5ed08
f4788932ad63054757ffcba66a09958e9f3de1f04d8bb58ef4b4d4d1bd55164b

dancesecure.margrop.net Open in urlscan Pro 163.172.205.141 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

9 Requests

89 %HTTPS

0 %IPv6

4 Domains

5 Subdomains

5 IPs

3 Countries

31 kBTransfer

174 kBSize

7 Cookies

0 Outgoing links

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

7 Cookies

5 Console Messages

Indicators

dancesecure.margrop.net Open in urlscan Pro
163.172.205.141 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

89 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

3
Countries

31 kB
Transfer

174 kB
Size

7
Cookies

9 HTTP transactions
0 data transactions