urlscan.io logo urlscan.io
SecurityTrails logo

es.aliexpress.com Open in urlscan Pro
23.203.67.7  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://niki-trader.com/
Effective URL: https://es.aliexpress.com/campaign/fahion-dailypromo/outdoors?wh_weex=true&bz=300*250&aff_fcid=dae96dc7e7dc4f108b347f36442...
Submission: On December 04 via manual from ES — Scanned from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 7 domains to perform 23 HTTP transactions. The main IP is 23.203.67.7, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is es.aliexpress.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on September 2nd 2022. Valid for: 6 months.
This is the only time es.aliexpress.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
15 50.31.176.9 23352 (SERVERCEN...)
2 185.177.94.152 39572 (ADVANCEDH...)
1 1 185.177.92.179 39572 (ADVANCEDH...)
1 1 195.201.108.83 24940 (HETZNER-AS)
2 3 23.203.67.7 16625 (AKAMAI-AS)
23 4
15    50.31.176.9 (Chicago, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: bh8906.banahosting.com
niki-trader.com
2    185.177.94.152 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
PTR: ip-185-177-94-152.ah-server.com
newsforyou.me
0.newsforyou.me
1    185.177.92.179 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
PTR: ip-185-177-92-179.ah-server.com
di4.biz
1    195.201.108.83 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.83.108.201.195.clients.your-server.de
germanytrackerchinni.com
3    23.203.67.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-67-7.deploy.static.akamaitechnologies.com
s.click.aliexpress.com
www.aliexpress.com
es.aliexpress.com
Apex Domain
Subdomains		 Transfer
15 niki-trader.com
niki-trader.com
612 KB
3 aliexpress.com
s.click.aliexpress.com — Cisco Umbrella Rank: 25938
www.aliexpress.com — Cisco Umbrella Rank: 14336
es.aliexpress.com
41 KB
2 newsforyou.me
newsforyou.me
0.newsforyou.me
63 KB
1 germanytrackerchinni.com
germanytrackerchinni.com
564 B
1 di4.biz
di4.biz — Cisco Umbrella Rank: 724934
537 B
0 alicdn.com Failed
assets.alicdn.com Failed
0 go-mpulse.net Failed
s.go-mpulse.net Failed
23 7
Domain Requested by
15 niki-trader.com niki-trader.com
1 es.aliexpress.com niki-trader.com
1 www.aliexpress.com 1 redirects
1 s.click.aliexpress.com 1 redirects
1 germanytrackerchinni.com 1 redirects
1 di4.biz 1 redirects
1 0.newsforyou.me niki-trader.com
1 newsforyou.me
0 assets.alicdn.com Failed es.aliexpress.com
0 s.go-mpulse.net Failed es.aliexpress.com
23 10

This site contains no links.

Subject Issuer Validity Valid
niki-trader.com
cPanel, Inc. Certification Authority		 2022-10-16 -
2023-01-14		 3 months crt.sh
bp.hobby.porn
R3		 2022-12-01 -
2023-03-01		 3 months crt.sh
ru.aliexpress.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-02 -
2023-02-16		 6 months crt.sh

This page contains 2 frames:

Primary Page: https://es.aliexpress.com/campaign/fahion-dailypromo/outdoors?wh_weex=true&bz=300*250&aff_fcid=dae96dc7e7dc4f108b347f36442197c2-1670168863154-08045-_APLx6j&tt=CPS_NORMAL&aff_fsk=_APLx6j&aff_platform=portals-promotion&sk=_APLx6j&aff_trace_key=dae96dc7e7dc4f108b347f36442197c2-1670168863154-08045-_APLx6j&terminal_id=3b6bb7668fe74372a2a5113e4907e496
Frame ID: 4BA8681B7DDE4488067D35D7F2D30277
Requests: 26 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/QNAFN-M5G8E-MTGE9-MRVZ4-ECB7Z
Frame ID: 21CA009A0DA52135FA550EAE02763AD3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://niki-trader.com/ Page URL
  2. https://newsforyou.me/go/mrqwinlega5dinbyg4 Page URL
  3. https://0.newsforyou.me/index.php?p=mrqwinlega5dinbyg4 Page URL
  4. https://di4.biz/?auf=gu2tazrsgq5dcnbsgaxtinbyg4xtqlzsmrrtqmrymezc6mruf4ytmnzqge3dqobwge&p=b&... HTTP 302
    https://germanytrackerchinni.com/click.php?key=7r95ymva9u6asun79vti&clickid=b52a0e4a-2d0f-4759-9e7c-b037d448c... HTTP 302
    https://s.click.aliexpress.com/e/_APLx6j?bz=300*250 HTTP 302
    https://www.aliexpress.com/campaign/fahion-dailypromo/outdoors?wh_weex=true&bz=300*250&aff_fcid=dae96dc... HTTP 302
    https://es.aliexpress.com/campaign/fahion-dailypromo/outdoors?wh_weex=true&bz=300*250&aff_fcid=dae96dc... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Page Statistics

23
Requests

78 %
HTTPS

0 %
IPv6

7
Domains

10
Subdomains

4
IPs

3
Countries

713 kB
Transfer

1032 kB
Size

18
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://niki-trader.com/ Page URL
  2. https://newsforyou.me/go/mrqwinlega5dinbyg4 Page URL
  3. https://0.newsforyou.me/index.php?p=mrqwinlega5dinbyg4 Page URL
  4. https://di4.biz/?auf=gu2tazrsgq5dcnbsgaxtinbyg4xtqlzsmrrtqmrymezc6mruf4ytmnzqge3dqobwge&p=b&sub1=&sub2=&sub3=&sub4=&cpc=0&cpm=0 HTTP 302
    https://germanytrackerchinni.com/click.php?key=7r95ymva9u6asun79vti&clickid=b52a0e4a-2d0f-4759-9e7c-b037d448ce74&price=0.00386&feed=feed71420&hash=2dc828a2&creative=0&campaign=62926&country=ES&subday=0&fcap=0&platform=Windows&browser=Chrome&ip=45.152.183.46 HTTP 302
    https://s.click.aliexpress.com/e/_APLx6j?bz=300*250 HTTP 302
    https://www.aliexpress.com/campaign/fahion-dailypromo/outdoors?wh_weex=true&bz=300*250&aff_fcid=dae96dc7e7dc4f108b347f36442197c2-1670168863154-08045-_APLx6j&tt=CPS_NORMAL&aff_fsk=_APLx6j&aff_platform=portals-promotion&sk=_APLx6j&aff_trace_key=dae96dc7e7dc4f108b347f36442197c2-1670168863154-08045-_APLx6j&terminal_id=3b6bb7668fe74372a2a5113e4907e496 HTTP 302
    https://es.aliexpress.com/campaign/fahion-dailypromo/outdoors?wh_weex=true&bz=300*250&aff_fcid=dae96dc7e7dc4f108b347f36442197c2-1670168863154-08045-_APLx6j&tt=CPS_NORMAL&aff_fsk=_APLx6j&aff_platform=portals-promotion&sk=_APLx6j&aff_trace_key=dae96dc7e7dc4f108b347f36442197c2-1670168863154-08045-_APLx6j&terminal_id=3b6bb7668fe74372a2a5113e4907e496 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
niki-trader.com/ 		15 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://niki-trader.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.31.176.9 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
bh8906.banahosting.com
Software
/
Resource Hash
11197fe3c2a1c07be3595a1b10c8e32121b743de3cd161d63027ab0577f06344

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 04 Dec 2022 15:47:39 GMT
link
<https://niki-trader.com/wp-json/>; rel="https://api.w.org/" <https://niki-trader.com/wp-json/wp/v2/pages/39>; rel="alternate"; type="application/json" <https://niki-trader.com/>; rel=shortlink
vary
Accept-Encoding
c-icon-2.png
niki-trader.com/wp-content/uploads/2022/02/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://niki-trader.com/wp-content/uploads/2022/02/c-icon-2.png
Requested by
Host: niki-trader.com
URL: https://niki-trader.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.31.176.9 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
bh8906.banahosting.com
Software
/
Resource Hash
938508001f278555e81f4ede134a47b2e6eda01780cf9ba011662230771eb198

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://niki-trader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/png
date
Sun, 04 Dec 2022 15:47:39 GMT
cache-control
public, max-age=604800
last-modified
Sun, 13 Feb 2022 18:19:10 GMT
accept-ranges
bytes
content-length
19937
expires
Sun, 11 Dec 2022 15:47:39 GMT
c-icon-12-150x150.png
niki-trader.com/wp-content/uploads/2022/02/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://niki-trader.com/wp-content/uploads/2022/02/c-icon-12-150x150.png
Requested by
Host: niki-trader.com
URL: https://niki-trader.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.31.176.9 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
bh8906.banahosting.com
Software
/
Resource Hash
e73df618192f33c32736bc125dd22c09b1fd29e75e198c4c300c99a2ea70cb41

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://niki-trader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/png
date
Sun, 04 Dec 2022 15:47:39 GMT
cache-control
public, max-age=604800
last-modified
Sun, 13 Feb 2022 18:19:11 GMT
accept-ranges
bytes
content-length
10458
expires
Sun, 11 Dec 2022 15:47:39 GMT
c-icon-7-150x150.png
niki-trader.com/wp-content/uploads/2022/02/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://niki-trader.com/wp-content/uploads/2022/02/c-icon-7-150x150.png
Requested by
Host: niki-trader.com
URL: https://niki-trader.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.31.176.9 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
bh8906.banahosting.com
Software
/
Resource Hash
b67f498c4cf5fe982c237f20f544373207688e94718275f2ad7cdbefd6f8d1f7

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://niki-trader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/png
date
Sun, 04 Dec 2022 15:47:39 GMT
cache-control
public, max-age=604800
last-modified
Sun, 13 Feb 2022 18:19:11 GMT
accept-ranges
bytes
content-length
4653
expires
Sun, 11 Dec 2022 15:47:39 GMT
c-icon-7.png
niki-trader.com/wp-content/uploads/2022/02/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://niki-trader.com/wp-content/uploads/2022/02/c-icon-7.png
Requested by
Host: niki-trader.com
URL: https://niki-trader.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.31.176.9 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
bh8906.banahosting.com
Software
/
Resource Hash
11ffc79efd78d92dee7322b7f8b46e96340cf40a4842b56ab94b99606572c470

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://niki-trader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/png
date
Sun, 04 Dec 2022 15:47:39 GMT
cache-control
public, max-age=604800
last-modified
Sun, 13 Feb 2022 18:19:11 GMT
accept-ranges
bytes
content-length
13944
expires
Sun, 11 Dec 2022 15:47:39 GMT
c-icon-17.png
niki-trader.com/wp-content/uploads/2022/02/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://niki-trader.com/wp-content/uploads/2022/02/c-icon-17.png
Requested by
Host: niki-trader.com
URL: https://niki-trader.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.31.176.9 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
bh8906.banahosting.com
Software
/
Resource Hash
a92f86f75c4223efc6f46191c10b3460464d9cae8b29ea7cac3bb99ab664b5d0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://niki-trader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/png
date
Sun, 04 Dec 2022 15:47:39 GMT
cache-control
public, max-age=604800
last-modified
Sun, 13 Feb 2022 18:19:12 GMT
accept-ranges
bytes
content-length
10783
expires
Sun, 11 Dec 2022 15:47:39 GMT
c-icon-1.png
niki-trader.com/wp-content/uploads/2022/02/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://niki-trader.com/wp-content/uploads/2022/02/c-icon-1.png
Requested by
Host: niki-trader.com
URL: https://niki-trader.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.31.176.9 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
bh8906.banahosting.com
Software
/
Resource Hash
70bc9353135af5b462da782ced65cd7ba4425306af53dc4930b9e11915545e86

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://niki-trader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/png
date
Sun, 04 Dec 2022 15:47:39 GMT
cache-control
public, max-age=604800
last-modified
Sun, 13 Feb 2022 18:19:12 GMT
accept-ranges
bytes
content-length
26455
expires
Sun, 11 Dec 2022 15:47:39 GMT
c-icon-21.png
niki-trader.com/wp-content/uploads/2022/02/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://niki-trader.com/wp-content/uploads/2022/02/c-icon-21.png
Requested by
Host: niki-trader.com
URL: https://niki-trader.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.31.176.9 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
bh8906.banahosting.com
Software
/
Resource Hash
194c12381ffc083cc31ad745d8f187e4d7d59caecfcc39d27f3ecdb86b43e127

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://niki-trader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/png
date
Sun, 04 Dec 2022 15:47:39 GMT
cache-control
public, max-age=604800
last-modified
Sun, 13 Feb 2022 18:19:13 GMT
accept-ranges
bytes
content-length
18540
expires
Sun, 11 Dec 2022 15:47:39 GMT
c-icon-8.png
niki-trader.com/wp-content/uploads/2022/02/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://niki-trader.com/wp-content/uploads/2022/02/c-icon-8.png
Requested by
Host: niki-trader.com
URL: https://niki-trader.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.31.176.9 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
bh8906.banahosting.com
Software
/
Resource Hash
9480c86132d5656abba779aed7387c7e6da34f7bd7839c0fc8b1569dea3a635f

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://niki-trader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/png
date
Sun, 04 Dec 2022 15:47:39 GMT
cache-control
public, max-age=604800
last-modified
Sun, 13 Feb 2022 18:19:13 GMT
accept-ranges
bytes
content-length
36252
expires
Sun, 11 Dec 2022 15:47:39 GMT
Bitcoin-_Monochromatic.png
niki-trader.com/wp-content/uploads/2022/02/ 		82 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://niki-trader.com/wp-content/uploads/2022/02/Bitcoin-_Monochromatic.png
Requested by
Host: niki-trader.com
URL: https://niki-trader.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.31.176.9 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
bh8906.banahosting.com
Software
/
Resource Hash
7fa89b174fc0efaf634bb42c1fb81860a559c6d057746b231ac575a5ba9b52e2

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://niki-trader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/png
date
Sun, 04 Dec 2022 15:47:39 GMT
cache-control
public, max-age=604800
last-modified
Sun, 13 Feb 2022 17:47:05 GMT
accept-ranges
bytes
content-length
84389
expires
Sun, 11 Dec 2022 15:47:39 GMT
binancefutures.png
niki-trader.com/wp-content/uploads/2022/02/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://niki-trader.com/wp-content/uploads/2022/02/binancefutures.png
Requested by
Host: niki-trader.com
URL: https://niki-trader.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.31.176.9 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
bh8906.banahosting.com
Software
/
Resource Hash
4418e6d58a1a6d5433e31ed003354a1290ce07fa712c8715f1921d128d3e132f

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://niki-trader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/png
date
Sun, 04 Dec 2022 15:47:40 GMT
cache-control
public, max-age=604800
last-modified
Sun, 13 Feb 2022 17:47:08 GMT
accept-ranges
bytes
content-length
76087
expires
Sun, 11 Dec 2022 15:47:40 GMT
kucoin-review.png
niki-trader.com/wp-content/uploads/2022/02/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://niki-trader.com/wp-content/uploads/2022/02/kucoin-review.png
Requested by
Host: niki-trader.com
URL: https://niki-trader.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.31.176.9 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
bh8906.banahosting.com
Software
/
Resource Hash

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://niki-trader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/png
date
Sun, 04 Dec 2022 15:47:40 GMT
cache-control
public, max-age=604800
last-modified
Sun, 13 Feb 2022 17:47:09 GMT
accept-ranges
bytes
content-length
2613
expires
Sun, 11 Dec 2022 15:47:40 GMT
Huobi.png
niki-trader.com/wp-content/uploads/2022/02/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://niki-trader.com/wp-content/uploads/2022/02/Huobi.png
Requested by
Host: niki-trader.com
URL: https://niki-trader.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.31.176.9 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
bh8906.banahosting.com
Software
/
Resource Hash

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://niki-trader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/png
date
Sun, 04 Dec 2022 15:47:40 GMT
cache-control
public, max-age=604800
last-modified
Sun, 13 Feb 2022 17:47:09 GMT
accept-ranges
bytes
content-length
58391
expires
Sun, 11 Dec 2022 15:47:40 GMT
etoro.png
niki-trader.com/wp-content/uploads/2022/02/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://niki-trader.com/wp-content/uploads/2022/02/etoro.png
Requested by
Host: niki-trader.com
URL: https://niki-trader.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.31.176.9 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
bh8906.banahosting.com
Software
/
Resource Hash

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://niki-trader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/png
date
Sun, 04 Dec 2022 15:47:40 GMT
cache-control
public, max-age=604800
last-modified
Sun, 13 Feb 2022 17:47:10 GMT
accept-ranges
bytes
content-length
72691
expires
Sun, 11 Dec 2022 15:47:40 GMT
Nikita-1.jpg
niki-trader.com/wp-content/uploads/2022/02/ 		182 KB
182 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://niki-trader.com/wp-content/uploads/2022/02/Nikita-1.jpg
Requested by
Host: niki-trader.com
URL: https://niki-trader.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.31.176.9 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
bh8906.banahosting.com
Software
/
Resource Hash

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://niki-trader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/jpeg
date
Sun, 04 Dec 2022 15:47:40 GMT
cache-control
public, max-age=604800
last-modified
Sun, 13 Feb 2022 17:47:16 GMT
accept-ranges
bytes
content-length
186213
expires
Sun, 11 Dec 2022 15:47:40 GMT
mrqwinlega5dinbyg4
newsforyou.me/go/ 		12 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newsforyou.me/go/mrqwinlega5dinbyg4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.177.94.152 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
ip-185-177-94-152.ah-server.com
Software
nginx /
Resource Hash
15cbdc98cb0f1b625fc13b7663b574d7a63a15b345bf9fc4929e00ddda0503c8
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://niki-trader.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

access-control-allow-origin
*
content-security-policy
img-src https: data:; upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Sun, 04 Dec 2022 15:47:40 GMT
server
nginx
strict-transport-security
max-age=31536000
truncated
/ 		748 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a5308b7decd6fc2d5e8438fb037c4a822125135db832c05437d754655ff2fc23

Request headers

accept-language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/svg+xml
index.php
0.newsforyou.me/ 		50 KB
51 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0.newsforyou.me/index.php?p=mrqwinlega5dinbyg4
Requested by
Host: niki-trader.com
URL: https://niki-trader.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.177.94.152 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
ip-185-177-94-152.ah-server.com
Software
nginx /
Resource Hash
55ebb2075f3eac294d77dfe74ae6da9691041272a7c3dd199373d001f5bf1539
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://newsforyou.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

access-control-allow-origin
*
content-security-policy
img-src https: data:; upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Sun, 04 Dec 2022 15:47:41 GMT
server
nginx
strict-transport-security
max-age=31536000
truncated
/ 		24 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6cbf5ff9c2945171c3f93c38e9c67d4b98fb5354a3c95cf4910259780c1fb9b0

Request headers

accept-language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a72fd7760f623c9fd5fee0bd98df809a347471902fc479bcdae38681c1a071d1

Request headers

accept-language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ca7a07233506b5529a951fd2c4580757f5606d874b8a2b0a153d14a418b201ef

Request headers

accept-language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/png
Primary Request outdoors
es.aliexpress.com/campaign/fahion-dailypromo/
Redirect Chain
  • https://di4.biz/?auf=gu2tazrsgq5dcnbsgaxtinbyg4xtqlzsmrrtqmrymezc6mruf4ytmnzqge3dqobwge&p=b&sub1=&sub2=&sub3=&sub4=&cpc=0&cpm=0
  • https://germanytrackerchinni.com/click.php?key=7r95ymva9u6asun79vti&clickid=b52a0e4a-2d0f-4759-9e7c-b037d448ce74&price=0.00386&feed=feed71420&hash=2dc828a2&creative=0&campaign=62926&country=ES&subd...
  • https://s.click.aliexpress.com/e/_APLx6j?bz=300*250
  • https://www.aliexpress.com/campaign/fahion-dailypromo/outdoors?wh_weex=true&bz=300*250&aff_fcid=dae96dc7e7dc4f108b347f36442197c2-1670168863154-08045-_APLx6j&tt=CPS_NORMAL&aff_fsk=_APLx6j&aff_platfo...
  • https://es.aliexpress.com/campaign/fahion-dailypromo/outdoors?wh_weex=true&bz=300*250&aff_fcid=dae96dc7e7dc4f108b347f36442197c2-1670168863154-08045-_APLx6j&tt=CPS_NORMAL&aff_fsk=_APLx6j&aff_platfor...
319 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://es.aliexpress.com/campaign/fahion-dailypromo/outdoors?wh_weex=true&bz=300*250&aff_fcid=dae96dc7e7dc4f108b347f36442197c2-1670168863154-08045-_APLx6j&tt=CPS_NORMAL&aff_fsk=_APLx6j&aff_platform=portals-promotion&sk=_APLx6j&aff_trace_key=dae96dc7e7dc4f108b347f36442197c2-1670168863154-08045-_APLx6j&terminal_id=3b6bb7668fe74372a2a5113e4907e496
Requested by
Host: niki-trader.com
URL: https://niki-trader.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.203.67.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-67-7.deploy.static.akamaitechnologies.com
Software
Tengine/Aserver /
Resource Hash
971691aa4b21f00c4955145e5eb68a158f89aea12f9f78229454f41bb52ae285
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://0.newsforyou.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sun, 04 Dec 2022 15:47:45 GMT
eagleeye-traceid
2100bdd516701688647826753e458f
link
<https://assets.alicdn.com>;rel="preconnect"
p3p
CP="CAO PSA OUR"
server
Tengine/Aserver
server-timing
cdn-cache; desc=REVALIDATE edge; dur=10 origin; dur=446
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x-akamai-fwd-auth-data
806159227, 23.55.162.168, 1670168865, 10.55.162.174
x-akamai-fwd-auth-sha
61A81F282040882D7DEE5A95318D1E02F1D8FC568EA0791F9F69B6FBB657AAD3
x-akamai-fwd-auth-sign
OLP1Ck1sWPJ5fzdS9B8DJfsCD726w43DsgafyYHm3QYQLq0cKZWynfE+XtjF2BWbXIuHjYp5Xitc/Pehz4syLwW+wrP5jMUfw+oUo9zW6Ls=
x-akamai-transformed
9 - 0 pmb=mRUM,2
x-application-context
global-biz-gateway:9901

Redirect headers

content-length
0
date
Sun, 04 Dec 2022 15:47:43 GMT
link
<https://assets.alicdn.com>;rel="preconnect"
location
https://es.aliexpress.com/campaign/fahion-dailypromo/outdoors?wh_weex=true&bz=300*250&aff_fcid=dae96dc7e7dc4f108b347f36442197c2-1670168863154-08045-_APLx6j&tt=CPS_NORMAL&aff_fsk=_APLx6j&aff_platform=portals-promotion&sk=_APLx6j&aff_trace_key=dae96dc7e7dc4f108b347f36442197c2-1670168863154-08045-_APLx6j&terminal_id=3b6bb7668fe74372a2a5113e4907e496
server
AkamaiGHost
server-timing
cdn-cache; desc=HIT edge; dur=1
QNAFN-M5G8E-MTGE9-MRVZ4-ECB7Z
s.go-mpulse.net/boomerang/ Frame 21CA 		0
0
base-with-font-face.css
assets.alicdn.com/g/ae-fe/gcp-base/0.0.2/ 		0
0
ae-header.css
assets.alicdn.com/g/ae-fe/header-ui/0.0.35/prev/front/ 		0
0
/
assets.alicdn.com/g/ 		0
0
/
assets.alicdn.com/g/alilog/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s.go-mpulse.net
URL
https://s.go-mpulse.net/boomerang/QNAFN-M5G8E-MTGE9-MRVZ4-ECB7Z
Domain
assets.alicdn.com
URL
https://assets.alicdn.com/g/ae-fe/gcp-base/0.0.2/base-with-font-face.css
Domain
assets.alicdn.com
URL
https://assets.alicdn.com/g/ae-fe/header-ui/0.0.35/prev/front/ae-header.css
Domain
assets.alicdn.com
URL
https://assets.alicdn.com/g/??mui/feloader/5.0.5/feloader-min.js,rax-pkg/rax/1.2.2/index.js,code/npm/@ali/pnpm-uni--env/1.0.6/index.js,rax-pkg/universal-env/3.3.3/index.js,rax-pkg/rax-image/2.2.6/index.js,rax-pkg/rax-view/2.3.0/index.js,code/npm/@ali/gcom-gcp-use-image-source/1.0.9/index.js,code/npm/@ali/gcom-gcp-rax-view/1.0.0/index.js,rax-pkg/rax-text/1.2.1/index.js,code/npm/@ali/gcom-gcp-rax-text/1.2.1/index.js,code/npm/@ali/gcom-gcp-rax-link/1.0.0/index.js,code/npm/@ali/gcom-pagebuilder-query-string/5.0.4/index.js,code/npm/@ali/gcom-link/5.0.15/index.js,rax-pkg/rax-get-element-by-id/1.0.0/index.js,code/npm/@ali/gcom-gcp-hoist-non-react-statics/1.0.3/index.js,rax-pkg/rax-view/1.0.1/index.js,rax-pkg/rax-find-dom-node/1.0.0/index.js,rax-pkg/rax-refreshcontrol/1.0.0/index.js,rax-pkg/rax-scrollview/2.0.0/index.js,rax-pkg/rax-children/1.0.0/index.js,rax-pkg/rax-proptypes/1.0.0/index.js,rax-pkg/rax-recyclerview/1.1.2/index.js,code/npm/@ali/pcom-gcp-dom-driver/0.0.3/index.js,code/npm/@ali/gcom-gcp-core-render-v2/0.0.39/index.js,code/npm/@ali/pcom-fetch/2.0.9/index.js,code/npm/@ali/gcom-core-render-helper/2.0.7/index.js,code/npm/@ali/gcom-gcp-ae-render-v2/0.0.69/index.js,code/npm/@ali/pcom-regenerator-runtime/1.0.2/index.js,mui/mtb-windvane/5.1.2/index.js
Domain
assets.alicdn.com
URL
https://assets.alicdn.com/g/alilog/??aplus_plugin_aefront/index.js,mlog/aplus_int.js

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange

18 Cookies

Domain/Path Name / Value
niki-trader.com/ Name: pmpro_visit
Value: 1
.newsforyou.me/ Name: uuid
Value: 1d92fb44-de06-4c13-bb62-254c75c04f8e
.0.newsforyou.me/ Name: uuid
Value: 1d92fb44-de06-4c13-bb62-254c75c04f8e
di4.biz/ Name: uuid
Value: 8d8bc17d-c2be-4b3c-b82e-cd87a19a1973
.di4.biz/ Name: ccid
Value: %5B62926%5D
germanytrackerchinni.com/ Name: uclick
Value: bzwhcia1bl
germanytrackerchinni.com/ Name: uclickhash
Value: bzwhcia1bl-bzwhcia1bl-7s4k-bg3y-xri4-bzj2dz-gxxr8n-6abbb4
.aliexpress.com/ Name: xman_us_f
Value: x_l=0&x_as_i=%7B%22aeuCID%22%3A%22dae96dc7e7dc4f108b347f36442197c2-1670168863154-08045-_APLx6j%22%2C%22affiliateKey%22%3A%22_APLx6j%22%2C%22channel%22%3A%22AFFILIATE%22%2C%22cv%22%3A%221%22%2C%22isCookieCache%22%3A%22N%22%2C%22ms%22%3A%221%22%2C%22pid%22%3A%221969284976%22%2C%22tagtime%22%3A1670168863154%7D&acs_rt=3b6bb7668fe74372a2a5113e4907e496
.aliexpress.com/ Name: acs_usuc_t
Value: x_csrf=r8ydyk2y0scz&acs_rt=3b6bb7668fe74372a2a5113e4907e496
.aliexpress.com/ Name: aeu_cid
Value: dae96dc7e7dc4f108b347f36442197c2-1670168863154-08045-_APLx6j
.aliexpress.com/ Name: xman_t
Value: uidHeTOWPPtC2upSaO9ovsWFw67UZuDcOaZPSKs0soq0o2rCJCkh3jD/ihbx0/T0
.aliexpress.com/ Name: xman_f
Value: 2DXtCXFa5BT+D1mO6LUGyfzxAkoOAUejHts2k7BqQ2vyPQ9Ixc5mqQeHcHnNZJGAFoTo2ClA3BecvZcfqF38PI8PHiJnX9lniTC8n6RnBJLvOcHWsiYMLw==
.aliexpress.com/ Name: traffic_se_co
Value: %7B%7D
.aliexpress.com/ Name: af_ss_a
Value: 1
.aliexpress.com/ Name: af_ss_b
Value: 1
.aliexpress.com/ Name: AKA_A2
Value: A
.aliexpress.com/ Name: e_id
Value: pt50
.aliexpress.com/ Name: aep_usuc_f
Value: site=esp&b_locale=es_ES

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0.newsforyou.me
assets.alicdn.com
di4.biz
es.aliexpress.com
germanytrackerchinni.com
newsforyou.me
niki-trader.com
s.click.aliexpress.com
s.go-mpulse.net
www.aliexpress.com
assets.alicdn.com
s.go-mpulse.net
185.177.92.179
185.177.94.152
195.201.108.83
23.203.67.7
50.31.176.9
11197fe3c2a1c07be3595a1b10c8e32121b743de3cd161d63027ab0577f06344
11ffc79efd78d92dee7322b7f8b46e96340cf40a4842b56ab94b99606572c470
15cbdc98cb0f1b625fc13b7663b574d7a63a15b345bf9fc4929e00ddda0503c8
194c12381ffc083cc31ad745d8f187e4d7d59caecfcc39d27f3ecdb86b43e127
4418e6d58a1a6d5433e31ed003354a1290ce07fa712c8715f1921d128d3e132f
55ebb2075f3eac294d77dfe74ae6da9691041272a7c3dd199373d001f5bf1539
6cbf5ff9c2945171c3f93c38e9c67d4b98fb5354a3c95cf4910259780c1fb9b0
70bc9353135af5b462da782ced65cd7ba4425306af53dc4930b9e11915545e86
7fa89b174fc0efaf634bb42c1fb81860a559c6d057746b231ac575a5ba9b52e2
938508001f278555e81f4ede134a47b2e6eda01780cf9ba011662230771eb198
9480c86132d5656abba779aed7387c7e6da34f7bd7839c0fc8b1569dea3a635f
971691aa4b21f00c4955145e5eb68a158f89aea12f9f78229454f41bb52ae285
a5308b7decd6fc2d5e8438fb037c4a822125135db832c05437d754655ff2fc23
a72fd7760f623c9fd5fee0bd98df809a347471902fc479bcdae38681c1a071d1
a92f86f75c4223efc6f46191c10b3460464d9cae8b29ea7cac3bb99ab664b5d0
b67f498c4cf5fe982c237f20f544373207688e94718275f2ad7cdbefd6f8d1f7
ca7a07233506b5529a951fd2c4580757f5606d874b8a2b0a153d14a418b201ef
e73df618192f33c32736bc125dd22c09b1fd29e75e198c4c300c99a2ea70cb41