urlscan.io logo urlscan.io
SecurityTrails logo

click.accesstrade.vn Open in urlscan Pro
54.169.62.66  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://go.isclix.com/deep_link/6005653542310575696/5174156387933564214?url=hxxps%3A%2F%2Frobocash.vn%2F
Effective URL: https://click.accesstrade.vn/adv.php?url=hxxps%3A%2F%2Frobocash.vn%2F%3Futm_campaign%3Dhome%26utm_term%3D%7Bpsn%7D%26utm_sour...
Submission: On November 01 via manual from TH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 2 HTTP transactions. The main IP is 54.169.62.66, located in Singapore, Singapore and belongs to AMAZON-02, US. The main domain is click.accesstrade.vn. The Cisco Umbrella rank of the primary domain is 272509.
TLS certificate: Issued by RapidSSL TLS DV RSA Mixed SHA256 2020... on April 25th 2022. Valid for: a year.
This is the only time click.accesstrade.vn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 210.245.26.140 18403 (FPT-AS-AP...)
1 54.169.62.66 16509 (AMAZON-02)
2 2
Apex Domain
Subdomains		 Transfer
2 isclix.com
go.isclix.com — Cisco Umbrella Rank: 305601
1 KB
1 accesstrade.vn
click.accesstrade.vn — Cisco Umbrella Rank: 272509
675 B
0 robocash.vn Failed
robocash.vn Failed
2 3
Domain Requested by
2 go.isclix.com 2 redirects
1 click.accesstrade.vn
0 robocash.vn Failed
2 3

This site contains no links.

Subject Issuer Validity Valid
*.accesstrade.vn
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-04-25 -
2023-05-26		 a year crt.sh

This page contains 1 frames:

Frame: hxxps://robocash.vn/?utm_campaign=home&utm_term=1319538&utm_source=accesstrade&wmid=1319538&utm_medium=cpa&aff_sid=F8gDWPmLdSxsSIaKSKfppKSzbbl4mv4cjiIyzZ1l7fYjecCe&atnct1=ccb1d45fb76f7c5a0bf619f979c6cf36&atnct2=F8gDWPmLdSxsSIaKSKfppKSzbbl4mv4cjiIyzZ1l7fYjecCe&atnct3=OqctM00071h00sa5u
Frame ID: 5FF9A7BF23626E1F947BADFA11D11F45
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://go.isclix.com/deep_link/6005653542310575696/5174156387933564214?url=hxxps%3A%2F%2Frobocash... HTTP 302
    https://go.isclix.com/deep_link/v2/549/6005653542310575696?url=hxxps%3A%2F%2Frobocash.vn%2F HTTP 302
    https://click.accesstrade.vn/adv.php?url=hxxps%3A%2F%2Frobocash.vn%2F%3Futm_campaign%3Dhome%26utm_term%3D... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

2
Requests

50 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

1 kB
Transfer

1 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://go.isclix.com/deep_link/6005653542310575696/5174156387933564214?url=hxxps%3A%2F%2Frobocash.vn%2F HTTP 302
    https://go.isclix.com/deep_link/v2/549/6005653542310575696?url=hxxps%3A%2F%2Frobocash.vn%2F HTTP 302
    https://click.accesstrade.vn/adv.php?url=hxxps%3A%2F%2Frobocash.vn%2F%3Futm_campaign%3Dhome%26utm_term%3D%7Bpsn%7D%26utm_source%3Daccesstrade%26wmid%3D%7Bpsn%7D%26utm_medium%3Dcpa%26aff_sid%3D%7Bclickid%7D&utm_tool=deeplink&at_unique_id=JCmQSAme6nevc2f00mYe5Anxat&rk=00071h00sa5u&at_source=deep_link Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request adv.php
click.accesstrade.vn/
Redirect Chain
  • https://go.isclix.com/deep_link/6005653542310575696/5174156387933564214?url=hxxps%3A%2F%2Frobocash.vn%2F
  • https://go.isclix.com/deep_link/v2/549/6005653542310575696?url=hxxps%3A%2F%2Frobocash.vn%2F
  • https://click.accesstrade.vn/adv.php?url=hxxps%3A%2F%2Frobocash.vn%2F%3Futm_campaign%3Dhome%26utm_term%3D%7Bpsn%7D%26utm_source%3Daccesstrade%26wmid%3D%7Bpsn%7D%26utm_medium%3Dcpa%26aff_sid%3D%7Bcl...
802 B
675 B 		Document
General
Check archive.org
Download Go to
Full URL
https://click.accesstrade.vn/adv.php?url=hxxps%3A%2F%2Frobocash.vn%2F%3Futm_campaign%3Dhome%26utm_term%3D%7Bpsn%7D%26utm_source%3Daccesstrade%26wmid%3D%7Bpsn%7D%26utm_medium%3Dcpa%26aff_sid%3D%7Bclickid%7D&utm_tool=deeplink&at_unique_id=JCmQSAme6nevc2f00mYe5Anxat&rk=00071h00sa5u&at_source=deep_link
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.62.66 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-62-66.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) / PHP/5.5.9-1ubuntu4.26
Resource Hash
fa69abf0b142a4fc1c0e26ce429a9731a2d921c6a1eadabd80487a57c034f326

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-length
342
content-type
text/html
date
Tue, 01 Nov 2022 12:40:26 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
Apache/2.4.7 (Ubuntu)
vary
Accept-Encoding
x-powered-by
PHP/5.5.9-1ubuntu4.26

Redirect headers

AT_UNIQUE_ID
JCmQSAme6nevc2f00mYe5Anxat
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Content-Length
837
Content-Type
text/html; charset=utf-8
Date
Tue, 01 Nov 2022 12:40:25 GMT
Location
https://click.accesstrade.vn/adv.php?url=hxxps%3A%2F%2Frobocash.vn%2F%3Futm_campaign%3Dhome%26utm_term%3D%7Bpsn%7D%26utm_source%3Daccesstrade%26wmid%3D%7Bpsn%7D%26utm_medium%3Dcpa%26aff_sid%3D%7Bclickid%7D&utm_tool=deeplink&at_unique_id=JCmQSAme6nevc2f00mYe5Anxat&rk=00071h00sa5u&at_source=deep_link
Server
nginx/1.10.3 (Ubuntu)
referer
None
/
robocash.vn/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
robocash.vn
URL
hxxps://robocash.vn/?utm_campaign=home&utm_term=1319538&utm_source=accesstrade&wmid=1319538&utm_medium=cpa&aff_sid=F8gDWPmLdSxsSIaKSKfppKSzbbl4mv4cjiIyzZ1l7fYjecCe&atnct1=ccb1d45fb76f7c5a0bf619f979c6cf36&atnct2=F8gDWPmLdSxsSIaKSKfppKSzbbl4mv4cjiIyzZ1l7fYjecCe&atnct3=OqctM00071h00sa5u

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation

2 Cookies

Domain/Path Name / Value
go.isclix.com/ Name: at_user_fingerprint
Value: tXKgl6lzT6CkJtGdI93Fw5
.accesstrade.vn/ Name: v1
Value: f042db0d8eca27504b8b61e1ca9af047

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

click.accesstrade.vn
go.isclix.com
robocash.vn
robocash.vn
210.245.26.140
54.169.62.66
fa69abf0b142a4fc1c0e26ce429a9731a2d921c6a1eadabd80487a57c034f326