urlscan.io logo urlscan.io
SecurityTrails logo

clk.tradedoubler.com Open in urlscan Pro
54.93.34.251  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ingban.pl/
Effective URL: https://clk.tradedoubler.com/click?p=288386&a=3264677&epi=71883014aaa0a2ac41a97ef23b6e0df5
Submission: On October 05 via api from NL — Scanned from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 8 HTTP transactions. The main IP is 54.93.34.251, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is clk.tradedoubler.com. The Cisco Umbrella rank of the primary domain is 138244.
TLS certificate: Issued by Amazon RSA 2048 M02 on August 7th 2024. Valid for: a year.
This is the only time clk.tradedoubler.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 185.253.212.22 48707 (AS48707-OPS-)
1 1 185.253.212.10 48707 (AS48707-OPS-)
1 3 18.244.18.81 16509 (AMAZON-02)
1 52.57.48.127 16509 (AMAZON-02)
2 54.93.34.251 16509 (AMAZON-02)
1 13.224.189.110 16509 (AMAZON-02)
8 6
1    185.253.212.22 (Poland)

ASN48707 (AS48707-OPS-, PL)
ingban.pl
1    185.253.212.10 (Poland)

ASN48707 (AS48707-OPS-, PL)
t2857.am-track.pl
3    18.244.18.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-81.fra56.r.cloudfront.net
saystal-choped.com
1    52.57.48.127 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-48-127.eu-central-1.compute.amazonaws.com
gpm.scaletrk.com
2    54.93.34.251 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-34-251.eu-central-1.compute.amazonaws.com
clk.tradedoubler.com
1    13.224.189.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-110.fra2.r.cloudfront.net
vht.tradedoubler.com
Apex Domain
Subdomains		 Transfer
3 tradedoubler.com
clk.tradedoubler.com — Cisco Umbrella Rank: 138244
vht.tradedoubler.com — Cisco Umbrella Rank: 167925
14 KB
3 saystal-choped.com
saystal-choped.com
3 KB
1 scaletrk.com
gpm.scaletrk.com
7 KB
1 am-track.pl
t2857.am-track.pl
546 B
1 ingban.pl
ingban.pl
721 B
0 allegro.pl Failed
allegro.pl Failed
8 6
Domain Requested by
3 saystal-choped.com 1 redirects ingban.pl
saystal-choped.com
2 clk.tradedoubler.com gpm.scaletrk.com
1 vht.tradedoubler.com clk.tradedoubler.com
1 gpm.scaletrk.com saystal-choped.com
1 t2857.am-track.pl 1 redirects
1 ingban.pl
0 allegro.pl Failed
8 7

This site contains no links.

Subject Issuer Validity Valid
ingban.pl
R11		 2024-08-02 -
2024-10-31		 3 months crt.sh
saystal-choped.com
Amazon RSA 2048 M02		 2024-01-31 -
2025-02-28		 a year crt.sh
scaleo.io
Amazon RSA 2048 M03		 2024-06-17 -
2025-07-16		 a year crt.sh
*.tradedoubler.com
Amazon RSA 2048 M02		 2024-08-07 -
2025-09-06		 a year crt.sh

This page contains 1 frames:

Frame: https://allegro.pl/?utm_source=tdb&utm_medium=afiliacja&utm_content=gpmarketing.eu&tduid=7efefc8b3281a0ea06f62ca561ec7b6c&tdpeh=16Q2*o0pz*G418VszLvPDjyRzs_S8UWDE1LwmKxImVkC74Xyo8rdB9wgv3qPnDyBH9pMY5JM4fMyVquyYyn1XGdbD8_t_7KZpA
Frame ID: 1466BFB3D61685D0B9EEEEA115EA5BE3
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://ingban.pl/ HTTP 307
    https://ingban.pl/ Page URL
  2. https://t2857.am-track.pl/track.php?track=d5ef5b1ccfda851d9fb729a9602c7a3b&ref= HTTP 301
    https://saystal-choped.com/voluum/c2f24802-7171-4ca4-835e-d43da183517a HTTP 307
    https://saystal-choped.com/voluum/c2f24802-7171-4ca4-835e-d43da183517a/2 Page URL
  3. https://saystal-choped.com/redirect?target=BASE64aHR0cHM6Ly9ncG0uc2NhbGV0cmsuY29tL2NsaWNrP289MzkwJmE9NC... Page URL
  4. https://gpm.scaletrk.com/click?o=390&a=4&aff_click_id=wm5rtbvbdrahcjl43ghpbja6 Page URL
  5. https://clk.tradedoubler.com/click?p=288386&a=3264677&epi=71883014aaa0a2ac41a97ef23b6e0df5 Page URL

Page Statistics

8
Requests

88 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

6
IPs

3
Countries

24 kB
Transfer

55 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ingban.pl/ HTTP 307
    https://ingban.pl/ Page URL
  2. https://t2857.am-track.pl/track.php?track=d5ef5b1ccfda851d9fb729a9602c7a3b&ref= HTTP 301
    https://saystal-choped.com/voluum/c2f24802-7171-4ca4-835e-d43da183517a HTTP 307
    https://saystal-choped.com/voluum/c2f24802-7171-4ca4-835e-d43da183517a/2 Page URL
  3. https://saystal-choped.com/redirect?target=BASE64aHR0cHM6Ly9ncG0uc2NhbGV0cmsuY29tL2NsaWNrP289MzkwJmE9NCZhZmZfY2xpY2tfaWQ9d201cnRidmJkcmFoY2psNDNnaHBiamE2&ts=1728128723269&hash=Pg1kbUFb551_eKyIuW4V3AadlWz_Mb9jC98t_DOL78c&rm=DJ Page URL
  4. https://gpm.scaletrk.com/click?o=390&a=4&aff_click_id=wm5rtbvbdrahcjl43ghpbja6 Page URL
  5. https://clk.tradedoubler.com/click?p=288386&a=3264677&epi=71883014aaa0a2ac41a97ef23b6e0df5 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://ingban.pl/ HTTP 307
  • https://ingban.pl/
Request Chain 1
  • https://t2857.am-track.pl/track.php?track=d5ef5b1ccfda851d9fb729a9602c7a3b&ref= HTTP 301
  • https://saystal-choped.com/voluum/c2f24802-7171-4ca4-835e-d43da183517a HTTP 307
  • https://saystal-choped.com/voluum/c2f24802-7171-4ca4-835e-d43da183517a/2
Request Chain 6
  • https://clk.tradedoubler.com/click?p=288386&a=3264677&epi=71883014aaa0a2ac41a97ef23b6e0df5 HTTP 302
  • https://allegro.pl/?utm_source=tdb&utm_medium=afiliacja&utm_content=gpmarketing.eu&tduid=7efefc8b3281a0ea06f62ca561ec7b6c&tdpeh=16Q2*o0pz*G418VszLvPDjyRzs_S8UWDE1LwmKxImVkC74Xyo8rdB9wgv3qPnDyBH9pMY5JM4fMyVquyYyn1XGdbD8_t_7KZpA

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
ingban.pl/
Redirect Chain
  • http://ingban.pl/
  • https://ingban.pl/
347 B
721 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ingban.pl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.253.212.22 , Poland, ASN48707 (AS48707-OPS-, PL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Connection
close
Content-Type
text/html; charset=UTF-8
Date
Sat, 05 Oct 2024 11:45:22 GMT
Referrer-Policy
no-referrer
Server
nginx
Transfer-Encoding
chunked

Redirect headers

Location
https://ingban.pl/
Non-Authoritative-Reason
HttpsUpgrades
2
saystal-choped.com/voluum/c2f24802-7171-4ca4-835e-d43da183517a/
Redirect Chain
  • https://t2857.am-track.pl/track.php?track=d5ef5b1ccfda851d9fb729a9602c7a3b&ref=
  • https://saystal-choped.com/voluum/c2f24802-7171-4ca4-835e-d43da183517a
  • https://saystal-choped.com/voluum/c2f24802-7171-4ca4-835e-d43da183517a/2
796 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://saystal-choped.com/voluum/c2f24802-7171-4ca4-835e-d43da183517a/2
Requested by
Host: ingban.pl
URL: https://ingban.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-81.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
a2ed107d8d5b11237f6cf7937f340892f2c0a58b9f106ee9dd88968f8235af4d

Request headers

Referer
https://ingban.pl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-type
text/html;charset=UTF-8
date
Sat, 05 Oct 2024 11:45:23 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
via
1.1 111f802abddccd55d219ff1635e1aa4a.cloudfront.net (CloudFront)
x-amz-cf-id
jKXe5M3sUKA1w4wIr4iiMemBinIQIyt8ImOlPJTiwEC8swzju_rOPg==
x-amz-cf-pop
FRA56-P11
x-cache
Miss from cloudfront

Redirect headers

accept-ch
sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-full-version-list,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-ua,sec-ch-ua-mobile,sec-ch-ua-platform
cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
0
date
Sat, 05 Oct 2024 11:45:23 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://saystal-choped.com/voluum/c2f24802-7171-4ca4-835e-d43da183517a/2
pragma
no-cache
server
nginx
via
1.1 111f802abddccd55d219ff1635e1aa4a.cloudfront.net (CloudFront)
x-amz-cf-id
3l2oH2syGH5WvK47ZrfNKaYC89FgtYc9WymMCyLX2P3P3wVbHkyBeA==
x-amz-cf-pop
FRA56-P11
x-cache
Miss from cloudfront
redirect
saystal-choped.com/ 		494 B
820 B 		Document
General
Check archive.org
Download Go to
Full URL
https://saystal-choped.com/redirect?target=BASE64aHR0cHM6Ly9ncG0uc2NhbGV0cmsuY29tL2NsaWNrP289MzkwJmE9NCZhZmZfY2xpY2tfaWQ9d201cnRidmJkcmFoY2psNDNnaHBiamE2&ts=1728128723269&hash=Pg1kbUFb551_eKyIuW4V3AadlWz_Mb9jC98t_DOL78c&rm=DJ
Requested by
Host: saystal-choped.com
URL: https://saystal-choped.com/voluum/c2f24802-7171-4ca4-835e-d43da183517a/2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-81.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
c995e1a072ee94a8335db1994c3b666141d54f7443377c48e634b771ba7b8893

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-type
text/html;charset=UTF-8
date
Sat, 05 Oct 2024 11:45:23 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
via
1.1 111f802abddccd55d219ff1635e1aa4a.cloudfront.net (CloudFront)
x-amz-cf-id
5KjewhVNwG-8EDWPjT-yOJed_nul54140MG_kW34KoSN2mX0kLClBQ==
x-amz-cf-pop
FRA56-P11
x-cache
Miss from cloudfront
click
gpm.scaletrk.com/ 		26 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gpm.scaletrk.com/click?o=390&a=4&aff_click_id=wm5rtbvbdrahcjl43ghpbja6
Requested by
Host: saystal-choped.com
URL: https://saystal-choped.com/redirect?target=BASE64aHR0cHM6Ly9ncG0uc2NhbGV0cmsuY29tL2NsaWNrP289MzkwJmE9NCZhZmZfY2xpY2tfaWQ9d201cnRidmJkcmFoY2psNDNnaHBiamE2&ts=1728128723269&hash=Pg1kbUFb551_eKyIuW4V3AadlWz_Mb9jC98t_DOL78c&rm=DJ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.48.127 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-48-127.eu-central-1.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
ce55157b46fe8b29c82754addb4a5ab68eb8648ac98b1c29eb01f917a35c9f7b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 05 Oct 2024 11:45:23 GMT
server
nginx/1.24.0
Primary Request click
clk.tradedoubler.com/ 		4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://clk.tradedoubler.com/click?p=288386&a=3264677&epi=71883014aaa0a2ac41a97ef23b6e0df5
Requested by
Host: gpm.scaletrk.com
URL: https://gpm.scaletrk.com/click?o=390&a=4&aff_click_id=wm5rtbvbdrahcjl43ghpbja6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.34.251 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-34-251.eu-central-1.compute.amazonaws.com
Software
TXServerHttp /
Resource Hash
4ec1c818a71be71e695b45bc9cda3f9bcc7175ccbcde315986d3a6d9064ed60c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Form-Factor, Sec-CH-UA-Model, Sec-CH-UA-WoW64
access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, max-age=0
content-length
4360
content-type
text/html; charset=ISO-8859-1
date
Sat, 05 Oct 2024 11:45:23 GMT
pragma
no-cache
referrer-policy
origin
server
TXServerHttp
vary
Origin
fpjs.js
vht.tradedoubler.com/fp/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vht.tradedoubler.com/fp/fpjs.js
Requested by
Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?p=288386&a=3264677&epi=71883014aaa0a2ac41a97ef23b6e0df5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-110.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
5b036ab5052dc73813aa4a472e3046a0fe217f5787d0c322d755a42201050d5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://clk.tradedoubler.com/

Response headers

Content-Encoding
gzip
Age
489262
X-Content-Type-Options
nosniff
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
SaIjabrOQ2HgolSNyfuA4g4oKAoFoQmUYTzcDbXc7yphRu8vj9YyxQ==
Date
Sun, 29 Sep 2024 19:51:01 GMT
Content-Type
text/javascript
Last-Modified
Tue, 12 Mar 2024 11:04:52 GMT
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000
Connection
keep-alive
Referrer-Policy
strict-origin-when-cross-origin
Via
1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Content-Length
8745
X-XSS-Protection
1; mode=block
X-Amz-Cf-Pop
FRA2-C1
Server
Apache
favicon.ico
clk.tradedoubler.com/ 		193 B
274 B 		Other
General
Check archive.org
Download Go to
Full URL
https://clk.tradedoubler.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.34.251 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-34-251.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
37b6ca25983f4126bd10c135684bc8f421c8b48a5bdb75b5ad69c849035a84f4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://clk.tradedoubler.com/

Response headers

date
Sat, 05 Oct 2024 11:45:24 GMT
content-type
text/html; charset=ISO-8859-1
content-length
193
/
allegro.pl/
Redirect Chain
  • https://clk.tradedoubler.com/click?p=288386&a=3264677&epi=71883014aaa0a2ac41a97ef23b6e0df5
  • https://allegro.pl/?utm_source=tdb&utm_medium=afiliacja&utm_content=gpmarketing.eu&tduid=7efefc8b3281a0ea06f62ca561ec7b6c&tdpeh=16Q2*o0pz*G418VszLvPDjyRzs_S8UWDE1LwmKxImVkC74Xyo8rdB9wgv3qPnDyBH9pMY...
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
allegro.pl
URL
https://allegro.pl/?utm_source=tdb&utm_medium=afiliacja&utm_content=gpmarketing.eu&tduid=7efefc8b3281a0ea06f62ca561ec7b6c&tdpeh=16Q2*o0pz*G418VszLvPDjyRzs_S8UWDE1LwmKxImVkC74Xyo8rdB9wgv3qPnDyBH9pMY5JM4fMyVquyYyn1XGdbD8_t_7KZpA

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| FingerprintJS function| getTDCustomVales function| isAppleMobileDevice function| removeCanvas

10 Cookies

Domain/Path Name / Value
ingban.pl/ Name: PHPSESSID
Value: 8ddc9c0de5c96b6ba7c4d9c287d42cc9
ingban.pl/ Name: locale
Value: pl_PL
t2857.am-track.pl/ Name: PHPSESSID
Value: 79cfbc70346cd5da197a5a37f02cb172
t2857.am-track.pl/ Name: locale
Value: pl_PL
.saystal-choped.com/ Name: c2f24802-7171-4ca4-835e-d43da183517a-v4
Value: ybU5Vu-770pAQj6dmg5XNL9tJ37q8cOVT93UYdExzjg
.saystal-choped.com/ Name: cc-v4
Value: 7BoMSiicNqN4O9E0WH9%2BWkbuCoT1B0QVv9JVw4l01wbVgSOseM9s1GIBQW3ehzUlAkzdYznM3kzq9lVqyWTtElp3hwqZ89xlb1SuG%2BRHGdIXWO%2BiC1FQzFFRptR0Jvg3EOc7UkXPLcZKIJRxN0%2F6dw%3D%3D
gpm.scaletrk.com/ Name: U-a01a0380ca3c61428c26a231f0e49a09
Value: unique
gpm.scaletrk.com/ Name: o_a01a0380ca3c61428c26a231f0e49a09
Value: 43110749-7f3e-4e27-a6c8-f15eedb5bad9
.tradedoubler.com/ Name: GUID
Value: 1z11zz19Pz1ubGegz7efefc8b3281a0ea06f62ca561ec7b6c
.tradedoubler.com/ Name: EH_0
Value: 1z11z1z19PzJNEXNz1K6Qyb93FufEyG47a09Ef9%79o3W_iKGQ_7P%79wZ1%79j2YQk22qTYhulZgNHdbq9dYJtxjF5m7xvtPiU3AkGK4sVUKvTS3c%7aijLNbJ6XYLj_sJJ15Sf

1 Console Messages

Source Level URL
Text
network error URL: https://clk.tradedoubler.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()