henri-iv.com Open in urlscan Pro
192.232.251.79 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://henri-iv.com/
Effective URL:
https://henri-iv.com/
Submission Tags: @phish_report
Submission: On April 14 via api (April 14th 2024, 9:21:20 am UTC) from FI — Scanned from FI

Summary HTTP 11 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 11 HTTP transactions. The main IP is 192.232.251.79, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is henri-iv.com.
TLS certificate: Issued by R3 on February 9th 2024. Valid for: 3 months.

This is the only time henri-iv.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
10	192.232.251.79 192.232.251.79		46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
11	2

10 192.232.251.79 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 192-232-251-79.unifiedlayer.com

henri-iv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	henri-iv.com henri-iv.com	81 KB
0	googlesyndication.com Failed pagead2.googlesyndication.com Failed
11	2

	Domain	Requested by
10	henri-iv.com	henri-iv.com
0	pagead2.googlesyndication.com Failed	henri-iv.com
11	2

This site contains links to these domains. Also see Links.

Domain
www.henri-iv.com
www.ville-marvejols.fr

Subject Issuer	Validity	Valid
webmail.henri-iv.com R3	`2024-02-09` - `2024-05-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://henri-iv.com/
Frame ID: CA3988E33C9D5037438279100F68C979
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HENRI IV FRANCE

Page URL History Show full URLs

http://henri-iv.com/ HTTP 307
https://henri-iv.com/ Page URL

Page Statistics

11
Requests

91 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

81 kB
Transfer

87 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.henri-iv.com/index-f.htm

Search URL Search Domain Scan URL

URL: http://www.ville-marvejols.fr/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://henri-iv.com/ HTTP 307
https://henri-iv.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response henri-iv.com/ Redirect Chain http://henri-iv.com/ https://henri-iv.com/	11 KB 4 KB	980ms 211ms	Document text/html	192.232.251.79 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://henri-iv.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.232.251.79 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-232-251-79.unifiedlayer.com Software Apache / Resource Hash `5f1c9598abdfcc7418ddf4113a992b550f3f18fdf9edea34c0e761efc6362553` Request headers Accept-Language fi-FI,fi;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers accept-ranges bytes content-encoding gzip content-length 4396 content-type text/html date Sun, 14 Apr 2024 09:21:14 GMT last-modified Sun, 05 Oct 2014 23:54:11 GMT server Apache vary Accept-Encoding Redirect headers Location https://henri-iv.com/ Non-Authoritative-Reason HttpsUpgrades
GET H2	200	fshield1.gif henri-iv.com/	3 KB 3 KB	413ms 413ms	Image image/gif	192.232.251.79 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://henri-iv.com/fshield1.gif Requested by Host: henri-iv.com URL: https://henri-iv.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.232.251.79 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-232-251-79.unifiedlayer.com Software Apache / Resource Hash `8ae3933f6586bb1753831ddba6421c87f0efa3b3f0c4612842202cb09862bd75` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://henri-iv.com/ Accept-Language fi-FI,fi;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 14 Apr 2024 09:21:14 GMT last-modified Sun, 14 Sep 2014 00:55:17 GMT server Apache accept-ranges bytes content-length 3437 content-type image/gif
GET H2	200	banner01.gif henri-iv.com/	23 KB 23 KB	212ms 212ms	Image image/gif	192.232.251.79 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://henri-iv.com/banner01.gif Requested by Host: henri-iv.com URL: https://henri-iv.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.232.251.79 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-232-251-79.unifiedlayer.com Software Apache / Resource Hash `200e3665973935ac2449dcedc1a46b0b6284ee10b677b45d8f68c753513d1672` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://henri-iv.com/ Accept-Language fi-FI,fi;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 14 Apr 2024 09:21:14 GMT last-modified Sun, 14 Sep 2014 00:54:43 GMT server Apache accept-ranges bytes content-length 23638 content-type image/gif
GET H2	200	henri401.jpg henri-iv.com/	19 KB 19 KB	414ms 414ms	Image image/jpeg	192.232.251.79 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://henri-iv.com/henri401.jpg Requested by Host: henri-iv.com URL: https://henri-iv.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.232.251.79 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-232-251-79.unifiedlayer.com Software Apache / Resource Hash `01a714a46e5fc3ae63bafa037106a439ee4810a022bf3b876a38d07ab17c5821` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://henri-iv.com/ Accept-Language fi-FI,fi;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 14 Apr 2024 09:21:14 GMT last-modified Sun, 14 Sep 2014 00:58:16 GMT server Apache accept-ranges bytes content-length 19327 content-type image/jpeg
GET H2	200	nshield1.gif henri-iv.com/	6 KB 6 KB	606ms 606ms	Image image/gif	192.232.251.79 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://henri-iv.com/nshield1.gif Requested by Host: henri-iv.com URL: https://henri-iv.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.232.251.79 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-232-251-79.unifiedlayer.com Software Apache / Resource Hash `1a87871bc4f01292da16821232ec63746e4a9cc9fc092d7499c11d0b9abb7d3c` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://henri-iv.com/ Accept-Language fi-FI,fi;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 14 Apr 2024 09:21:14 GMT last-modified Sun, 14 Sep 2014 00:59:25 GMT server Apache accept-ranges bytes content-length 5677 content-type image/gif
GET H2	200	fr-flag.gif henri-iv.com/	405 B 458 B	606ms 606ms	Image image/gif	192.232.251.79 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://henri-iv.com/fr-flag.gif Requested by Host: henri-iv.com URL: https://henri-iv.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.232.251.79 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-232-251-79.unifiedlayer.com Software Apache / Resource Hash `bcafc530cac4159e0df9e1b2549c4ca3cfd76912e9ef1f0619c0122c8b28d07c` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://henri-iv.com/ Accept-Language fi-FI,fi;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 14 Apr 2024 09:21:14 GMT last-modified Sun, 14 Sep 2014 00:55:12 GMT server Apache accept-ranges bytes content-length 405 content-type image/gif
GET H2	200	gm-flag.gif henri-iv.com/	310 B 362 B	607ms 607ms	Image image/gif	192.232.251.79 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://henri-iv.com/gm-flag.gif Requested by Host: henri-iv.com URL: https://henri-iv.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.232.251.79 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-232-251-79.unifiedlayer.com Software Apache / Resource Hash `859a60c9cfe19d0a27f7d5607bb82a02167c9d15fbab59e0c9b2b6afb7e0e1b0` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://henri-iv.com/ Accept-Language fi-FI,fi;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 14 Apr 2024 09:21:14 GMT last-modified Sun, 14 Sep 2014 00:55:24 GMT server Apache accept-ranges bytes content-length 310 content-type image/gif
GET H2	200	marvejol.gif henri-iv.com/	23 KB 23 KB	446ms 445ms	Image image/gif	192.232.251.79 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://henri-iv.com/marvejol.gif Requested by Host: henri-iv.com URL: https://henri-iv.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.232.251.79 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-232-251-79.unifiedlayer.com Software Apache / Resource Hash `7a3c1b8d688de5636145f2ac0338535649510820e6ccc62329621809035498d7` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://henri-iv.com/ Accept-Language fi-FI,fi;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 14 Apr 2024 09:21:14 GMT last-modified Sun, 14 Sep 2014 00:59:12 GMT server Apache accept-ranges bytes content-length 23709 content-type image/gif
GET		show_ads.js pagead2.googlesyndication.com/pagead/	0 0

GET H2	200	fleurbk2.gif henri-iv.com/	435 B 488 B	606ms 606ms	Image image/gif	192.232.251.79 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://henri-iv.com/fleurbk2.gif Requested by Host: henri-iv.com URL: https://henri-iv.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.232.251.79 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-232-251-79.unifiedlayer.com Software Apache / Resource Hash `b11feb42368848cfe1f413c5cf2be6e6e77530378af2b3d237bbf241d9a7a8e8` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://henri-iv.com/ Accept-Language fi-FI,fi;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 14 Apr 2024 09:21:14 GMT last-modified Sun, 14 Sep 2014 00:55:11 GMT server Apache accept-ranges bytes content-length 435 content-type image/gif
GET H2	404	favicon.ico henri-iv.com/	746 B 540 B	212ms 212ms	Other text/html	192.232.251.79 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://henri-iv.com/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.232.251.79 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-232-251-79.unifiedlayer.com Software Apache / Resource Hash `63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://henri-iv.com/ Accept-Language fi-FI,fi;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 14 Apr 2024 09:21:15 GMT content-encoding gzip last-modified Tue, 09 Jan 2024 12:13:10 GMT server Apache vary Accept-Encoding content-type text/html accept-ranges bytes content-length 462

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://henri-iv.com/ Message: Mixed Content: The page at 'https://henri-iv.com/' was loaded over HTTPS, but requested an insecure script 'http://pagead2.googlesyndication.com/pagead/show_ads.js'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://henri-iv.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

henri-iv.com
pagead2.googlesyndication.com
pagead2.googlesyndication.com
192.232.251.79
01a714a46e5fc3ae63bafa037106a439ee4810a022bf3b876a38d07ab17c5821
1a87871bc4f01292da16821232ec63746e4a9cc9fc092d7499c11d0b9abb7d3c
200e3665973935ac2449dcedc1a46b0b6284ee10b677b45d8f68c753513d1672
5f1c9598abdfcc7418ddf4113a992b550f3f18fdf9edea34c0e761efc6362553
63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666
7a3c1b8d688de5636145f2ac0338535649510820e6ccc62329621809035498d7
859a60c9cfe19d0a27f7d5607bb82a02167c9d15fbab59e0c9b2b6afb7e0e1b0
8ae3933f6586bb1753831ddba6421c87f0efa3b3f0c4612842202cb09862bd75
b11feb42368848cfe1f413c5cf2be6e6e77530378af2b3d237bbf241d9a7a8e8
bcafc530cac4159e0df9e1b2549c4ca3cfd76912e9ef1f0619c0122c8b28d07c

henri-iv.com Open in urlscan Pro 192.232.251.79 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

11 Requests

91 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

81 kBTransfer

87 kBSize

0 Cookies

2 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

henri-iv.com Open in urlscan Pro
192.232.251.79 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

91 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

81 kB
Transfer

87 kB
Size

0
Cookies

11 HTTP transactions
0 data transactions