v.ttbm.com - urlscan.io

Summary

This website contacted 3 IPs in 3 countries across 4 domains to perform 4 HTTP transactions. The main IP is 18.184.38.55, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is v.ttbm.com.
TLS certificate: Issued by R3 on August 16th 2022. Valid for: 3 months.

This is the only time v.ttbm.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 4	37.187.154.165 37.187.154.165	16276 (OVH) (OVH)
1 1	47.241.22.124 47.241.22.124	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
1 2	52.59.53.139 52.59.53.139	16509 (AMAZON-02) (AMAZON-02)
1	18.184.38.55 18.184.38.55	16509 (AMAZON-02) (AMAZON-02)
4	3

4 37.187.154.165 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ns321363.ip-37-187-154.eu

e.revesdoux.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.241.22.124 (Singapore, Singapore) 1 redirects

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

doux1.crazy-leads.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.59.53.139 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-53-139.eu-central-1.compute.amazonaws.com

rdvmaintenant.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.184.38.55 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-38-55.eu-central-1.compute.amazonaws.com

v.ttbm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	revesdoux.fr 2 redirects e.revesdoux.fr	4 KB
2	rdvmaintenant.club 1 redirects rdvmaintenant.club	12 KB
1	ttbm.com v.ttbm.com	317 B
1	crazy-leads.fr 1 redirects doux1.crazy-leads.fr	173 B
4	4

	Domain	Requested by
4	e.revesdoux.fr	2 redirects e.revesdoux.fr
2	rdvmaintenant.club	1 redirects
1	v.ttbm.com	rdvmaintenant.club
1	doux1.crazy-leads.fr	1 redirects
4	4

This site contains no links.

Subject Issuer	Validity	Valid
v.ttbm.com R3	`2022-08-16` - `2022-11-14`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://v.ttbm.com/4e0477cd-4de8-4ea8-9bcf-29fe8ad187a0?adxzoneid=9230&adxdomain=e.revesdoux.fr&adxcampaignid=9879&adxmaterialname=&pid=69&adxsubid=&emailsix=&emailfour=&adxcost=0.047591&adxcid=i6W0Y1Iy73YpMhw5LTjBO7gmOgHX430AX7kWWRu3utHgzdAkWILLpQWeWEbzh0Ye
Frame ID: AD78AE2B49A04AB90C743823E2E84066
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://e.revesdoux.fr/tk/t/2/0164618871d8e1/0298855696/74451e84c/5159125655d3/ HTTP 301
http://e.revesdoux.fr/tk/tracker.aspx?v=2&idi=0164618871d8e1&idl=0298855696&idm=74451e84c&idc=5159... Page URL
http://e.revesdoux.fr/tk/tracker.aspx?v=2&idi=0164618871d8e1&idl=0298855696&idm=74451e84c&idc=5159... HTTP 302
http://doux1.crazy-leads.fr/smartlink.php?sl_id=6&aff_id=7&source_id=O_COS HTTP 302
http://rdvmaintenant.club/delivery/directlink.php?slot=9230 Page URL
http://rdvmaintenant.club/delivery/directlink.php?slot=9230&fp2=AX1|tz:0|w:1600|h:1200|ua:Mozilla/5.0%... HTTP 302
https://v.ttbm.com/4e0477cd-4de8-4ea8-9bcf-29fe8ad187a0?adxzoneid=9230&adxdomain=e.revesdoux.fr... Page URL

Page Statistics

4
Requests

25 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

15 kB
Transfer

40 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://e.revesdoux.fr/tk/t/2/0164618871d8e1/0298855696/74451e84c/5159125655d3/ HTTP 301
http://e.revesdoux.fr/tk/tracker.aspx?v=2&idi=0164618871d8e1&idl=0298855696&idm=74451e84c&idc=5159125655d3 Page URL
http://e.revesdoux.fr/tk/tracker.aspx?v=2&idi=0164618871d8e1&idl=0298855696&idm=74451e84c&idc=5159125655d3 HTTP 302
http://doux1.crazy-leads.fr/smartlink.php?sl_id=6&aff_id=7&source_id=O_COS HTTP 302
http://rdvmaintenant.club/delivery/directlink.php?slot=9230 Page URL
http://rdvmaintenant.club/delivery/directlink.php?slot=9230&fp2=AX1|tz:0|w:1600|h:1200|ua:Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/105.0.5195.125%20Safari/537.36|lng:fr-FR,fr;q=0.9|Chrome%20PDF%20Plugin|Chrome%20PDF%20Viewer|Native%20Client|IP:92.222.212.16&allowcookie=true&setreferrer=http%3A%2F%2Fe.revesdoux.fr%2F HTTP 302
https://v.ttbm.com/4e0477cd-4de8-4ea8-9bcf-29fe8ad187a0?adxzoneid=9230&adxdomain=e.revesdoux.fr&adxcampaignid=9879&adxmaterialname=&pid=69&adxsubid=&emailsix=&emailfour=&adxcost=0.047591&adxcid=i6W0Y1Iy73YpMhw5LTjBO7gmOgHX430AX7kWWRu3utHgzdAkWILLpQWeWEbzh0Ye Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://e.revesdoux.fr/tk/t/2/0164618871d8e1/0298855696/74451e84c/5159125655d3/ HTTP 301
http://e.revesdoux.fr/tk/tracker.aspx?v=2&idi=0164618871d8e1&idl=0298855696&idm=74451e84c&idc=5159125655d3

Request Chain 2

http://e.revesdoux.fr/tk/tracker.aspx?v=2&idi=0164618871d8e1&idl=0298855696&idm=74451e84c&idc=5159125655d3 HTTP 302
http://doux1.crazy-leads.fr/smartlink.php?sl_id=6&aff_id=7&source_id=O_COS HTTP 302
http://rdvmaintenant.club/delivery/directlink.php?slot=9230

4 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	tracker.aspx Show response e.revesdoux.fr/tk/ Redirect Chain http://e.revesdoux.fr/tk/t/2/0164618871d8e1/0298855696/74451e84c/5159125655d3/ http://e.revesdoux.fr/tk/tracker.aspx?v=2&idi=0164618871d8e1&idl=0298855696&idm=74451e84c&idc=5159125655d3	2 KB 1 KB	16ms 16ms	Document text/html	37.187.154.165 OVH
General Check archive.org Show headers Download Go to Full URL http://e.revesdoux.fr/tk/tracker.aspx?v=2&idi=0164618871d8e1&idl=0298855696&idm=74451e84c&idc=5159125655d3 Protocol HTTP/1.1 Server 37.187.154.165 , France, ASN16276 (OVH, FR), Reverse DNS ns321363.ip-37-187-154.eu Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `edc06cfa0732e4220849d160d514a030343516da93bfd1e5408ae39dbf4a517e` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 accept-language fr-FR,fr;q=0.9 Response headers Cache-Control private Content-Encoding gzip Content-Length 1110 Content-Type text/html; charset=utf-8 Date Tue, 20 Sep 2022 07:28:02 GMT Refresh 0 Server Microsoft-IIS/8.5 Vary Accept-Encoding X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Redirect headers Content-Length 245 Content-Type text/html; charset=UTF-8 Date Tue, 20 Sep 2022 07:28:02 GMT Location http://e.revesdoux.fr/tk/tracker.aspx?v=2&idi=0164618871d8e1&idl=0298855696&idm=74451e84c&idc=5159125655d3 Server Microsoft-IIS/8.5 X-Powered-By ASP.NET
GET H/1.1	200 OK	browser.js Show response e.revesdoux.fr/tk/	6 KB 2 KB	15ms 15ms	Script application/javascript	37.187.154.165 OVH
General Check archive.org Show headers Download Go to Full URL http://e.revesdoux.fr/tk/browser.js Requested by Host: e.revesdoux.fr URL: http://e.revesdoux.fr/tk/tracker.aspx?v=2&idi=0164618871d8e1&idl=0298855696&idm=74451e84c&idc=5159125655d3 Protocol HTTP/1.1 Server 37.187.154.165 , France, ASN16276 (OVH, FR), Reverse DNS ns321363.ip-37-187-154.eu Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `88ab33aa6eed72ca5232a79f9f1c159528db6bde2a693e3cc09054e88dbb1778` Request headers accept-language fr-FR,fr;q=0.9 Referer http://e.revesdoux.fr/tk/tracker.aspx?v=2&idi=0164618871d8e1&idl=0298855696&idm=74451e84c&idc=5159125655d3 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Date Tue, 20 Sep 2022 07:28:02 GMT Content-Encoding gzip Last-Modified Wed, 27 Jul 2011 20:14:06 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET ETag "07b50bc994ccc1:0" Vary Accept-Encoding Content-Type application/javascript Accept-Ranges bytes Content-Length 1565
GET H/1.1	200 OK	directlink.php rdvmaintenant.club/delivery/ Redirect Chain http://e.revesdoux.fr/tk/tracker.aspx?v=2&idi=0164618871d8e1&idl=0298855696&idm=74451e84c&idc=5159125655d3 http://doux1.crazy-leads.fr/smartlink.php?sl_id=6&aff_id=7&source_id=O_COS http://rdvmaintenant.club/delivery/directlink.php?slot=9230	32 KB 11 KB	102ms 26ms	Document text/html	52.59.53.139 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://rdvmaintenant.club/delivery/directlink.php?slot=9230 Protocol HTTP/1.1 Server 52.59.53.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-59-53-139.eu-central-1.compute.amazonaws.com Software Apache/2.4.10 (Debian) / Resource Hash Request headers Content-Type application/x-www-form-urlencoded Origin http://e.revesdoux.fr Referer http://e.revesdoux.fr/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 accept-language fr-FR,fr;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0 Cache-control no-cache="set-cookie" Connection keep-alive Content-Encoding gzip Content-Length 10827 Content-Type text/html; charset=UTF-8 Date Tue, 20 Sep 2022 07:27:58 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Pragma no-cache Server Apache/2.4.10 (Debian) Vary Accept-Encoding Redirect headers Connection keep-alive Content-Length 0 Date Tue, 20 Sep 2022 07:27:58 GMT Location http://rdvmaintenant.club/delivery/directlink.php?slot=9230
GET H2	410	Primary Request 4e0477cd-4de8-4ea8-9bcf-29fe8ad187a0 Show response v.ttbm.com/ Redirect Chain http://rdvmaintenant.club/delivery/directlink.php?slot=9230&fp2=AX1\|tz:0\|w:1600\|h:1200\|ua:Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome... https://v.ttbm.com/4e0477cd-4de8-4ea8-9bcf-29fe8ad187a0?adxzoneid=9230&adxdomain=e.revesdoux.fr&adxcampaignid=9879&adxmaterialname=&pid=69&adxsubid=&emailsix=&emailfour=&adxcost=0.047591&adxcid=i6W...	146 B 317 B	306ms 26ms	Document application/json	18.184.38.55 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://v.ttbm.com/4e0477cd-4de8-4ea8-9bcf-29fe8ad187a0?adxzoneid=9230&adxdomain=e.revesdoux.fr&adxcampaignid=9879&adxmaterialname=&pid=69&adxsubid=&emailsix=&emailfour=&adxcost=0.047591&adxcid=i6W0Y1Iy73YpMhw5LTjBO7gmOgHX430AX7kWWRu3utHgzdAkWILLpQWeWEbzh0Ye Requested by Host: rdvmaintenant.club URL: http://rdvmaintenant.club/delivery/directlink.php?slot=9230 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.184.38.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-184-38-55.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash `c64a77e5bbfe93bc0d50ba2674901c969d7dc62159ea396410249e6f242638f2` Request headers Referer http://rdvmaintenant.club/delivery/directlink.php?slot=9230 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 accept-language fr-FR,fr;q=0.9 Response headers cache-control no-store, no-cache, pre-check=0, post-check=0 content-length 146 content-type application/json;charset=UTF-8 date Tue, 20 Sep 2022 07:27:59 GMT expires Thu, 01 Jan 1970 00:00:00 GMT pragma no-cache server nginx Redirect headers Cache-Control no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0 Connection keep-alive Content-Length 178 Content-Type text/html; charset=UTF-8 Date Tue, 20 Sep 2022 07:27:58 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Pragma no-cache Server Apache/2.4.10 (Debian) adxcampaignid 9879 adxcid i6W0Y1Iy73YpMhw5LTjBO7gmOgHX430AX7kWWRu3utHgzdAkWILLpQWeWEbzh0Ye adxcost 0.047591 adxdomain e.revesdoux.fr adxmaterialid 34653 adxmaterialname adxsubid adxzoneid 9230 location https://v.ttbm.com/4e0477cd-4de8-4ea8-9bcf-29fe8ad187a0?adxzoneid=9230&adxdomain=e.revesdoux.fr&adxcampaignid=9879&adxmaterialname=&pid=69&adxsubid=&emailsix=&emailfour=&adxcost=0.047591&adxcid=i6W0Y1Iy73YpMhw5LTjBO7gmOgHX430AX7kWWRu3utHgzdAkWILLpQWeWEbzh0Ye

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
e.revesdoux.fr/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: ve1noff0tdzts2kn3pkyuil2
rdvmaintenant.club/	1969-12-31 23:59:59	Name: PHPSESSID Value: 42341fq70eg0eicfkege560961
rdvmaintenant.club/	1970-01-20 06:07:39	Name: AWSELB Value: 671BC5111EC8C439EC6ECDAADF42C2FCC39A19517218077FA7C3489EE5CC3E54EC44B822F2F5F60AFCADD93926CF44860692B62F1C797EF084A9198321F2927E6887A4D4F4
.rdvmaintenant.club/	1970-01-20 06:17:43	Name: fp2 Value: 53d11c9cc8db83597f8fe20833197f0f

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://v.ttbm.com/4e0477cd-4de8-4ea8-9bcf-29fe8ad187a0?adxzoneid=9230&adxdomain=e.revesdoux.fr&adxcampaignid=9879&adxmaterialname=&pid=69&adxsubid=&emailsix=&emailfour=&adxcost=0.047591&adxcid=i6W0Y1Iy73YpMhw5LTjBO7gmOgHX430AX7kWWRu3utHgzdAkWILLpQWeWEbzh0Ye Message: Failed to load resource: the server responded with a status of 410 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

doux1.crazy-leads.fr
e.revesdoux.fr
rdvmaintenant.club
v.ttbm.com
18.184.38.55
37.187.154.165
47.241.22.124
52.59.53.139
88ab33aa6eed72ca5232a79f9f1c159528db6bde2a693e3cc09054e88dbb1778
c64a77e5bbfe93bc0d50ba2674901c969d7dc62159ea396410249e6f242638f2
edc06cfa0732e4220849d160d514a030343516da93bfd1e5408ae39dbf4a517e

v.ttbm.com Open in urlscan Pro 18.184.38.55 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

4 Requests

25 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

3 IPs

3 Countries

15 kBTransfer

40 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

4 Cookies

1 Console Messages

Indicators

v.ttbm.com Open in urlscan Pro
18.184.38.55 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

25 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

15 kB
Transfer

40 kB
Size

4
Cookies

4 HTTP transactions
0 data transactions