forms.marketing.vgrf.fr

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 4 HTTP transactions. The main IP is 217.74.111.254, located in Zegerscappel, France and belongs to SEWAN-FR SEWAN SAS, FR. The main domain is forms.marketing.vgrf.fr.
TLS certificate: Issued by R11 on November 2nd 2024. Valid for: 3 months.

This is the only time forms.marketing.vgrf.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a06:98c1:320... 2a06:98c1:3200::90:2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	217.74.111.254 217.74.111.254	8399 (SEWAN-FR ...) (SEWAN-FR SEWAN SAS)
2	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	3

1 2a06:98c1:3200::90:2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

sms.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.74.111.254 (Zegerscappel, France)

ASN8399 (SEWAN-FR SEWAN SAS, FR)

forms.marketing.vgrf.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

assets.sarbacane-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	sarbacane-cdn.com assets.sarbacane-cdn.com	2 KB
2	vgrf.fr forms.marketing.vgrf.fr	174 KB
1	sms.link 1 redirects sms.link	1 KB
4	3

	Domain	Requested by
2	assets.sarbacane-cdn.com	forms.marketing.vgrf.fr
2	forms.marketing.vgrf.fr
1	sms.link	1 redirects
4	3

This site contains no links.

Subject Issuer	Validity	Valid
eye.marketing.vgrf.fr R11	`2024-11-02` - `2025-01-31`	3 months	crt.sh
sarbacane-cdn.com WE1	`2024-10-30` - `2025-01-28`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://forms.marketing.vgrf.fr/5e2aff89b85b5317165fc621/VHy5_fDNR6-gulVzEOz0CA/ZWXkgdDCQs2fIv-BLqyYsA/form.html
Frame ID: 85DB4A5529C6D639C5B49FB7E237680E
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ventes Privées_Novembre 2024 SMS Plaque intentionnistes

Page URL History Show full URLs

http://sms.link/VGRF/1q3zcp HTTP 307
https://sms.link/VGRF/1q3zcp HTTP 301
https://forms.marketing.vgrf.fr/5e2aff89b85b5317165fc621/VHy5_fDNR6-gulVzEOz0CA/ZWXkgdDCQs2fIv-BLqyYsA/form.... Page URL

Page Statistics

4
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

176 kB
Transfer

259 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sms.link/VGRF/1q3zcp HTTP 307
https://sms.link/VGRF/1q3zcp HTTP 301
https://forms.marketing.vgrf.fr/5e2aff89b85b5317165fc621/VHy5_fDNR6-gulVzEOz0CA/ZWXkgdDCQs2fIv-BLqyYsA/form.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request form.html Show response
forms.marketing.vgrf.fr/5e2aff89b85b5317165fc621/VHy5_fDNR6-gulVzEOz0CA/ZWXkgdDCQs2fIv-BLqyYsA/
Redirect Chain

http://sms.link/VGRF/1q3zcp
https://sms.link/VGRF/1q3zcp
https://forms.marketing.vgrf.fr/5e2aff89b85b5317165fc621/VHy5_fDNR6-gulVzEOz0CA/ZWXkgdDCQs2fIv-BLqyYsA/form.html

173 KB
174 KB

388ms
72ms

Document
text/html

217.74.111.254
SEWAN-FR SEWAN SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.marketing.vgrf.fr/5e2aff89b85b5317165fc621/VHy5_fDNR6-gulVzEOz0CA/ZWXkgdDCQs2fIv-BLqyYsA/form.html

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

217.74.111.254 Zegerscappel, France, ASN8399 (SEWAN-FR SEWAN SAS, FR),

Reverse DNS

Software

nginx /

Resource Hash

4a37bf097b6b382c91becd51a5a7f14cbbd58a1feb3be230ca5420795ea0a0eb

Security Headers

Name	Value
Content-Security-Policy	form-action 'self' https://services.sarbacane.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-length: 177198
content-security-policy: form-action 'self' https://services.sarbacane.com
content-type: text/html
date: Wed, 20 Nov 2024 18:11:27 GMT
etag: "672dcee7-2b42e"
feature-policy: geolocation 'none'; microphone 'none'
last-modified: Fri, 08 Nov 2024 08:42:15 GMT
permissions-policy: geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8e5a670d2873ecce-ARN
content-type: text/html; charset=utf-8
date: Wed, 20 Nov 2024 18:11:27 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://forms.marketing.vgrf.fr/5e2aff89b85b5317165fc621/VHy5_fDNR6-gulVzEOz0CA/ZWXkgdDCQs2fIv-BLqyYsA/form.html
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff

GET
H3 200 lato400.css
assets.sarbacane-cdn.com/fonts/google/ 750 B
991 B 225ms
122ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.sarbacane-cdn.com/fonts/google/lato400.css
Requested by: Host: forms.marketing.vgrf.fr
URL: https://forms.marketing.vgrf.fr/5e2aff89b85b5317165fc621/VHy5_fDNR6-gulVzEOz0CA/ZWXkgdDCQs2fIv-BLqyYsA/form.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfaff4beca8c850c0a25e18a1e0fcb937bdfa5b74c17b2639ba028ed25a1d768

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://forms.marketing.vgrf.fr/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "2ee-5fdee372edcab-gzip"
age: 202
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rE8k0rlhk4GaYGmrYoauvgyF9ss3iaRYMsdc4aWsA%2FfTsVjvuiqlYRX6xe7gQ3%2BFLjr6okEbhBKBwlbxc9CInYwNkQq%2FROtMe%2BxC%2Bg2Ebi3tBQAbFkK%2FeRLvW2bAphk31S098iGIacyGHhU%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=79614&sent=11&recv=8&lost=0&retrans=0&sent_bytes=5174&recv_bytes=4617&delivery_rate=39890&cwnd=12000&unsent_bytes=0&cid=6defb203a2bdf647&ts=131&x=1", cfHdrFlush;dur=0
date: Wed, 20 Nov 2024 18:11:27 GMT
content-type: text/css
last-modified: Mon, 12 Jun 2023 12:54:13 GMT
vary: Accept-Encoding
cache-control: max-age=5356800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e5a67123f26bb6f-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 350
server: cloudflare

GET
H3 200 lato300.css
assets.sarbacane-cdn.com/fonts/google/ 758 B
1 KB 213ms
111ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.sarbacane-cdn.com/fonts/google/lato300.css
Requested by: Host: forms.marketing.vgrf.fr
URL: https://forms.marketing.vgrf.fr/5e2aff89b85b5317165fc621/VHy5_fDNR6-gulVzEOz0CA/ZWXkgdDCQs2fIv-BLqyYsA/form.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 606b5b23fd4c9b3adb06d77448100ca035290d0b4a2df54660dff5f0a8289bd6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://forms.marketing.vgrf.fr/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "2f6-5fdee3648f1fc-gzip"
age: 202
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U8Rw5bBYyCkTCuSJ4ddNm75RAkwv6WADB0V6ZbORgNTpO%2BiOtW22I5EEJ%2FPEoqbfpvfbCeQboSAAsgZScZxTkpEIxcmeCYutebjI7yburdpWPSbVfy%2FTOkVrnm76PB8Eb3VB9k2y%2FVn29V0%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=79614&sent=10&recv=8&lost=0&retrans=0&sent_bytes=4121&recv_bytes=4617&delivery_rate=39890&cwnd=12000&unsent_bytes=0&cid=6defb203a2bdf647&ts=120&x=1", cfHdrFlush;dur=0
date: Wed, 20 Nov 2024 18:11:27 GMT
content-type: text/css
last-modified: Mon, 12 Jun 2023 12:53:58 GMT
vary: Accept-Encoding
cache-control: max-age=5356800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e5a67124f35bb6f-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 353
server: cloudflare

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77d50d9af42970379daf09be4553c5681267bf09765f5c07b9181ba75b669908

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 79 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f630f1cf2f3fa06e4fa218ed25dce4112d13f35262031de11acdfbeb19a2f63

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpeg

GET
H2 200 favicon.ico
forms.marketing.vgrf.fr/ 0
487 B 73ms
73ms Other
image/x-icon 217.74.111.254
SEWAN-FR SEWAN SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.marketing.vgrf.fr/favicon.ico

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

217.74.111.254 Zegerscappel, France, ASN8399 (SEWAN-FR SEWAN SAS, FR),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	form-action 'self' https://services.sarbacane.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://forms.marketing.vgrf.fr/5e2aff89b85b5317165fc621/VHy5_fDNR6-gulVzEOz0CA/ZWXkgdDCQs2fIv-BLqyYsA/form.html

Response headers

etag: "6062d2ce-0"
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff, nosniff
date: Wed, 20 Nov 2024 18:11:27 GMT
content-type: image/x-icon
last-modified: Tue, 30 Mar 2021 07:27:10 GMT
feature-policy: geolocation 'none'; microphone 'none'
x-frame-options: DENY
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: form-action 'self' https://services.sarbacane.com
referrer-policy: strict-origin-when-cross-origin
permissions-policy: geolocation=(), microphone=()
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-xss-protection: 1; mode=block
server: nginx

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			sms.link/	1969-12-31 23:59:59	Name: APPSESSION Value: f4gdh2n6ogk7klf6rhs8tbmilp

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: geolocation, microphone. Values defined in Permissions-Policy header will be used.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	form-action 'self' https://services.sarbacane.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.sarbacane-cdn.com
forms.marketing.vgrf.fr
sms.link
188.114.97.3
217.74.111.254
2a06:98c1:3200::90:2
4a37bf097b6b382c91becd51a5a7f14cbbd58a1feb3be230ca5420795ea0a0eb
5f630f1cf2f3fa06e4fa218ed25dce4112d13f35262031de11acdfbeb19a2f63
606b5b23fd4c9b3adb06d77448100ca035290d0b4a2df54660dff5f0a8289bd6
77d50d9af42970379daf09be4553c5681267bf09765f5c07b9181ba75b669908
cfaff4beca8c850c0a25e18a1e0fcb937bdfa5b74c17b2639ba028ed25a1d768
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

forms.marketing.vgrf.fr Open in urlscan Pro 217.74.111.254 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

4 Requests

100 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

3 IPs

3 Countries

176 kBTransfer

259 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

1 Cookies

1 Console Messages

Security Headers

Indicators

forms.marketing.vgrf.fr Open in urlscan Pro
217.74.111.254 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

176 kB
Transfer

259 kB
Size

1
Cookies

4 HTTP transactions
2 data transactions