urlscan.io logo urlscan.io
SecurityTrails logo

gilles.pineau.free.fr Open in urlscan Pro
212.27.63.129  Public Scan

Go To Rescan Add Verdict Report
URL: http://gilles.pineau.free.fr/IMG/html/deface.html
Submission: On July 08 via manual from FR — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 8 domains to perform 8 HTTP transactions. The main IP is 212.27.63.129, located in France and belongs to PROXAD, FR. The main domain is gilles.pineau.free.fr.
This is the only time gilles.pineau.free.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    212.27.63.129 (France)

ASN12322 (PROXAD, FR)
PTR: perso129-g5.free.fr
gilles.pineau.free.fr
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    151.101.192.193 (San Francisco, United States)

ASN54113 (FASTLY, US)
pa1.narvii.com
2    2001:41d0:1:1b00:213:186:33:19 (France)

ASN16276 (OVH, FR)
www.afficheip.net
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2a00:1450:4001:81c::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
Apex Domain
Subdomains		 Transfer
2 afficheip.net
www.afficheip.net
893 B
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 115
4 KB
1 youtube.com
www.youtube.com — Cisco Umbrella Rank: 82
1 gstatic.com
fonts.gstatic.com
7 KB
1 narvii.com
pa1.narvii.com — Cisco Umbrella Rank: 242168
2 MB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 108
840 B
1 free.fr
gilles.pineau.free.fr
10 KB
0 googleusercontent.com Failed
lh3.googleusercontent.com Failed
8 8
Domain Requested by
2 www.afficheip.net 1 redirects gilles.pineau.free.fr
1 i.ytimg.com
1 www.youtube.com gilles.pineau.free.fr
1 fonts.gstatic.com fonts.googleapis.com
1 pa1.narvii.com gilles.pineau.free.fr
1 fonts.googleapis.com gilles.pineau.free.fr
1 gilles.pineau.free.fr
0 lh3.googleusercontent.com Failed
8 8

This site contains links to these domains. Also see Links.

Domain
www.afficheip.net
Subject Issuer Validity Valid
upload.video.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
pa1.aminoapps.com
R3		 2024-05-11 -
2024-08-09		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
edgestatic.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://gilles.pineau.free.fr/IMG/html/deface.html
Frame ID: E3F90F9495F52DF5F23557D40005F1AB
Requests: 7 HTTP requests in this frame

Frame: https://www.youtube.com/embed/NPD58u6i-AA?autoplay=1
Frame ID: 13081163E34E8D8AE35FEA044CF45691
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hacked By Zystew

Page URL History Show full URLs

  1. http://gilles.pineau.free.fr/IMG/html/deface.html HTTP 307
    https://gilles.pineau.free.fr/IMG/html/deface.html HTTP 307
    http://gilles.pineau.free.fr/IMG/html/deface.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

8
Requests

63 %
HTTPS

71 %
IPv6

8
Domains

8
Subdomains

8
IPs

3
Countries

2057 kB
Transfer

2054 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://gilles.pineau.free.fr/IMG/html/deface.html HTTP 307
    https://gilles.pineau.free.fr/IMG/html/deface.html HTTP 307
    http://gilles.pineau.free.fr/IMG/html/deface.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • http://www.afficheip.net/scripts/AfficheIP.php?color=5D08FF&bg=000000&taille=20&police=Verdana HTTP 301
  • https://www.afficheip.net/scripts/AfficheIP.php?color=5D08FF&bg=000000&taille=20&police=Verdana

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request deface.html
gilles.pineau.free.fr/IMG/html/
Redirect Chain
  • http://gilles.pineau.free.fr/IMG/html/deface.html
  • https://gilles.pineau.free.fr/IMG/html/deface.html
  • http://gilles.pineau.free.fr/IMG/html/deface.html
10 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://gilles.pineau.free.fr/IMG/html/deface.html
Protocol
HTTP/1.1
Server
212.27.63.129 , France, ASN12322 (PROXAD, FR),
Reverse DNS
perso129-g5.free.fr
Software
Apache/ProXad [Jan 23 2019 20:05:46] /
Resource Hash
907bd4daa5a1a6d15a6ed3fbb24211ac6760fd191c2e6c6122bc7cdb563f1741

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Connection
close
Content-Length
9741
Content-Type
text/html
Date
Mon, 08 Jul 2024 13:21:34 GMT
ETag
"50163db2d-260d-60131c6f"
Last-Modified
Thu, 28 Jan 2021 20:19:59 GMT
Server
Apache/ProXad [Jan 23 2019 20:05:46]

Redirect headers

Location
http://gilles.pineau.free.fr/IMG/html/deface.html
Non-Authoritative-Reason
HttpsUpgrades
css
fonts.googleapis.com/ 		410 B
840 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Orbitron:700
Requested by
Host: gilles.pineau.free.fr
URL: http://gilles.pineau.free.fr/IMG/html/deface.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f1615e5a6f1399688bedb8b3911d99359c5a7f8c23072c5b940a1ec92ccce762
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://gilles.pineau.free.fr/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 08 Jul 2024 13:21:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 08 Jul 2024 13:21:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 08 Jul 2024 13:21:33 GMT
b7bc1f5500abe6ecea247dfdaf827673a011ab14r1-500-281_hq.gif
pa1.narvii.com/7528/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pa1.narvii.com/7528/b7bc1f5500abe6ecea247dfdaf827673a011ab14r1-500-281_hq.gif
Requested by
Host: gilles.pineau.free.fr
URL: http://gilles.pineau.free.fr/IMG/html/deface.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.192.193 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f280591df44e3da19c0ee6a5a39fbddda9c1d3a8c110be494753d20bdeed1ffe
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
http://gilles.pineau.free.fr/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 08 Jul 2024 13:21:34 GMT
via
1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
age
0
x-cache
Miss from cloudfront, MISS, MISS
content-length
2082108
x-served-by
cache-pdx12323-PDX, cache-lcy-eglc8600096-LCY
last-modified
Mon, 13 Apr 2020 19:07:43 GMT
server
AmazonS3
etag
"2a6e2a9c6b0b6638a752d1147225535e"
content-type
image/gif
access-control-allow-origin
https://aminoapps.com
cache-control
s-max-age: 31536000, max-age: 31536000, public
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0, 0
AfficheIP.php
www.afficheip.net/scripts/
Redirect Chain
  • http://www.afficheip.net/scripts/AfficheIP.php?color=5D08FF&bg=000000&taille=20&police=Verdana
  • https://www.afficheip.net/scripts/AfficheIP.php?color=5D08FF&bg=000000&taille=20&police=Verdana
326 B
493 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.afficheip.net/scripts/AfficheIP.php?color=5D08FF&bg=000000&taille=20&police=Verdana
Requested by
Host: gilles.pineau.free.fr
URL: http://gilles.pineau.free.fr/IMG/html/deface.html
Protocol
H2
Server
2001:41d0:1:1b00:213:186:33:19 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache / PHP/8.1
Resource Hash
745d06b7c2d9ec4a4c9dc1fda2b2aa9f0fc4433bead3c9cfd6a4b07fa63b56f2

Request headers

Referer
http://gilles.pineau.free.fr/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Jul 2024 13:21:33 GMT
content-encoding
gzip
server
Apache
x-powered-by
PHP/8.1
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0

Redirect headers

location
https://www.afficheip.net/scripts/AfficheIP.php?color=5D08FF&bg=000000&taille=20&police=Verdana
date
Mon, 08 Jul 2024 13:21:33 GMT
server
Apache
x-iplb-request-id
200141D0000D364D0000000000000002:CB60_200141D000011B000213018600330019:0050_668BE7DD_4DAA4:75FB
content-length
315
x-iplb-instance
51833
content-type
text/html; charset=iso-8859-1
yMJMMIlzdpvBhQQL_SC3X9yhF25-T1ny_CmBoWgz.woff2
fonts.gstatic.com/s/orbitron/v31/ 		6 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/orbitron/v31/yMJMMIlzdpvBhQQL_SC3X9yhF25-T1ny_CmBoWgz.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Orbitron:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
73a21741caf44223c193937df3dccc7e4eed6ff676e8729ae553603ffe193687
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://gilles.pineau.free.fr
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 04 Jul 2024 12:24:45 GMT
x-content-type-options
nosniff
age
349008
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6536
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:51:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Jul 2025 12:24:45 GMT
NPD58u6i-AA
www.youtube.com/embed/ Frame 1308 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/NPD58u6i-AA?autoplay=1
Requested by
Host: gilles.pineau.free.fr
URL: http://gilles.pineau.free.fr/IMG/html/deface.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://gilles.pineau.free.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Mon, 08 Jul 2024 13:21:34 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=fr for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
tE_SqdKfmyjGBhBLRiIEqdcqSIWYmqQD3X2S3Pk1R11RShyBJ6NBGM-cuQo-82qoCzNCN9gaY6k21o6CubxyrfB6g6bWn5dqsmNOATIXvzPXCMnOC11lnA
lh3.googleusercontent.com/proxy/ 		0
0
mqdefault.jpg
i.ytimg.com/vi/NPD58u6i-AA/ 		4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://i.ytimg.com/vi/NPD58u6i-AA/mqdefault.jpg?sqp=-oaymwEmCMACELQB8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGH8gEygeMA8=&rs=AOn4CLAORnts53UBipvnR6-D1LrKS6YUbA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
25c941e031bdbda13372f1f5476a17599f78d14cb065f1873c4dd425d71da5f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://gilles.pineau.free.fr/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 08 Jul 2024 12:32:28 GMT
x-content-type-options
nosniff
age
2949
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3995
x-xss-protection
0
server
sffe
etag
"1452219740"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 08 Jul 2024 14:32:28 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
lh3.googleusercontent.com
URL
https://lh3.googleusercontent.com/proxy/tE_SqdKfmyjGBhBLRiIEqdcqSIWYmqQD3X2S3Pk1R11RShyBJ6NBGM-cuQo-82qoCzNCN9gaY6k21o6CubxyrfB6g6bWn5dqsmNOATIXvzPXCMnOC11lnA

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| afficheip_s string| afficheip_sc

3 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: OnqZQQ9zUsU
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: eWnKRSn3FLc
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJGUhIcEhgSFhMLFBUWFwwYGRobHB0eHw4PIBAREiEgCw%3D%3D

2 Console Messages

Source Level URL
Text
javascript warning URL: http://gilles.pineau.free.fr/IMG/html/deface.html(Line 33)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.afficheip.net/scripts/AfficheIP.php?color=5D08FF&bg=000000&taille=20&police=Verdana, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://gilles.pineau.free.fr/IMG/html/deface.html(Line 33)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.afficheip.net/scripts/AfficheIP.php?color=5D08FF&bg=000000&taille=20&police=Verdana, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.