dalkayga.com Open in urlscan Pro
173.254.28.18 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ow.ly/sfvt30pUyK6
Effective URL:
https://dalkayga.com/.well-knowmA/AXAconnectedd-loading/responsives/zkztq=/
Submission: On November 21 via manual (November 21st 2019, 3:42:29 pm UTC) from FR

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 4 domains to perform 8 HTTP transactions. The main IP is 173.254.28.18, located in Provo, United States and belongs to UNIFIEDLAYER-AS-1 - Unified Layer, US. The main domain is dalkayga.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 8th 2019. Valid for: 3 months.

This is the only time dalkayga.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Axa (Insurance)

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.67.62.204 54.67.62.204	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	2606:4700:30:... 2606:4700:30::6812:35fd	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 2	192.169.243.42 192.169.243.42	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com)
2 8	173.254.28.18 173.254.28.18	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1 - Unified Layer)
8	3

1 54.67.62.204 (San Jose, United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ow.ly

ow.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:30::6812:35fd (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

indraprasthfoods.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.169.243.42 (Scottsdale, United States) 1 redirects

ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-192-169-243-42.ip.secureserver.net

armentaconmigo.mx	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 173.254.28.18 (Provo, United States) 2 redirects

ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US)
PTR: just18.justhost.com

dalkayga.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	dalkayga.com 2 redirects dalkayga.com	202 KB
2	armentaconmigo.mx 1 redirects armentaconmigo.mx	633 B
2	indraprasthfoods.com 1 redirects indraprasthfoods.com	482 B
1	ow.ly 1 redirects ow.ly	127 B
8	4

	Domain	Requested by
8	dalkayga.com	2 redirects dalkayga.com
2	armentaconmigo.mx	1 redirects
2	indraprasthfoods.com	1 redirects
1	ow.ly	1 redirects
8	4

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-03-04` - `2020-03-04`	a year	crt.sh
armentaconmigo.mx cPanel, Inc. Certification Authority	`2019-10-08` - `2020-01-06`	3 months	crt.sh
dalkayga.com Let's Encrypt Authority X3	`2019-11-08` - `2020-02-06`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://dalkayga.com/.well-knowmA/AXAconnectedd-loading/responsives/zkztq=/
Frame ID: B5D0E2537F76F5E1DA2967AC25C22077
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://ow.ly/sfvt30pUyK6 HTTP 301
https://indraprasthfoods.com/calendar/qtml/ HTTP 302
https://indraprasthfoods.com/calendar/qtml/372be2bb48010ea49da9946d36aa40db/Load.php Page URL
https://armentaconmigo.mx/calendmwMA/btml/ HTTP 302
https://armentaconmigo.mx/calendmwMA/btml/56c56a3798e1213ecd90ba915fb6dd79/Load.php Page URL
https://dalkayga.com/.well-knowmA/AXAconnectedd-loading/responsives/ HTTP 302
https://dalkayga.com/.well-knowmA/AXAconnectedd-loading/responsives/zkztq= HTTP 301
https://dalkayga.com/.well-knowmA/AXAconnectedd-loading/responsives/zkztq=/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

8
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

3
IPs

1
Countries

202 kB
Transfer

212 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ow.ly/sfvt30pUyK6 HTTP 301
https://indraprasthfoods.com/calendar/qtml/ HTTP 302
https://indraprasthfoods.com/calendar/qtml/372be2bb48010ea49da9946d36aa40db/Load.php Page URL
https://armentaconmigo.mx/calendmwMA/btml/ HTTP 302
https://armentaconmigo.mx/calendmwMA/btml/56c56a3798e1213ecd90ba915fb6dd79/Load.php Page URL
https://dalkayga.com/.well-knowmA/AXAconnectedd-loading/responsives/ HTTP 302
https://dalkayga.com/.well-knowmA/AXAconnectedd-loading/responsives/zkztq= HTTP 301
https://dalkayga.com/.well-knowmA/AXAconnectedd-loading/responsives/zkztq=/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://ow.ly/sfvt30pUyK6 HTTP 301
https://indraprasthfoods.com/calendar/qtml/ HTTP 302
https://indraprasthfoods.com/calendar/qtml/372be2bb48010ea49da9946d36aa40db/Load.php

Request Chain 1

https://armentaconmigo.mx/calendmwMA/btml/ HTTP 302
https://armentaconmigo.mx/calendmwMA/btml/56c56a3798e1213ecd90ba915fb6dd79/Load.php

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Load.php Show response indraprasthfoods.com/calendar/qtml/372be2bb48010ea49da9946d36aa40db/ Redirect Chain http://ow.ly/sfvt30pUyK6 https://indraprasthfoods.com/calendar/qtml/ https://indraprasthfoods.com/calendar/qtml/372be2bb48010ea49da9946d36aa40db/Load.php	86 B 164 B	155ms 154ms	Document text/html	2606:4700:30::6812:35fd Cloudflare
General Check archive.org Show headers Download Go to Full URL https://indraprasthfoods.com/calendar/qtml/372be2bb48010ea49da9946d36aa40db/Load.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::6812:35fd , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `83fc3e3517990f4103ab88344bdccd38701de36922ce895e7a8874e1b2774ed5` Request headers :method GET :authority indraprasthfoods.com :scheme https :path /calendar/qtml/372be2bb48010ea49da9946d36aa40db/Load.php pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 sec-fetch-site none sec-fetch-mode navigate accept-encoding gzip, deflate, br cookie __cfduid=dc64063be9ad6b3a257a566bd33f1b2b81574350932 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers status 200 date Thu, 21 Nov 2019 15:42:13 GMT content-type text/html; charset=UTF-8 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 5393c5b2adff8c62-VIE content-encoding br Redirect headers status 302 date Thu, 21 Nov 2019 15:42:12 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=dc64063be9ad6b3a257a566bd33f1b2b81574350932; expires=Sat, 21-Dec-19 15:42:12 GMT; path=/; domain=.indraprasthfoods.com; HttpOnly location 372be2bb48010ea49da9946d36aa40db/Load.php cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 5393c5ae6c008c62-VIE
GET H/1.1	200 OK	Load.php Show response armentaconmigo.mx/calendmwMA/btml/56c56a3798e1213ecd90ba915fb6dd79/ Redirect Chain https://armentaconmigo.mx/calendmwMA/btml/ https://armentaconmigo.mx/calendmwMA/btml/56c56a3798e1213ecd90ba915fb6dd79/Load.php	112 B 372 B	156ms 151ms	Document text/html	192.169.243.42 GoDaddy.com
General Check archive.org Show headers Download Go to Full URL https://armentaconmigo.mx/calendmwMA/btml/56c56a3798e1213ecd90ba915fb6dd79/Load.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.169.243.42 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US), Reverse DNS ip-192-169-243-42.ip.secureserver.net Software Apache / Resource Hash `a0520a5f9e8a148a807f9c9dd1f7c7849e262c5a6e2aacd8b0a38f4937dfc46b` Request headers Host armentaconmigo.mx Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Referer https://indraprasthfoods.com/calendar/qtml/372be2bb48010ea49da9946d36aa40db/Load.php Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Referer https://indraprasthfoods.com/calendar/qtml/372be2bb48010ea49da9946d36aa40db/Load.php Response headers Date Thu, 21 Nov 2019 15:42:13 GMT Server Apache Vary Accept-Encoding,User-Agent Content-Encoding gzip Content-Length 126 Keep-Alive timeout=5, max=99 Connection Keep-Alive Content-Type text/html; charset=UTF-8 Redirect headers Date Thu, 21 Nov 2019 15:42:13 GMT Server Apache location 56c56a3798e1213ecd90ba915fb6dd79/Load.php Vary User-Agent Content-Length 0 Keep-Alive timeout=5, max=100 Connection Keep-Alive Content-Type text/html; charset=UTF-8
GET H2	200	Primary Request / Show response dalkayga.com/.well-knowmA/AXAconnectedd-loading/responsives/zkztq=/ Redirect Chain https://dalkayga.com/.well-knowmA/AXAconnectedd-loading/responsives/ https://dalkayga.com/.well-knowmA/AXAconnectedd-loading/responsives/zkztq= https://dalkayga.com/.well-knowmA/AXAconnectedd-loading/responsives/zkztq=/	14 KB 3 KB	210ms 210ms	Document text/html	173.254.28.18 Unified Layer
General Check archive.org Show headers Download Go to Full URL https://dalkayga.com/.well-knowmA/AXAconnectedd-loading/responsives/zkztq=/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 173.254.28.18 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US), Reverse DNS just18.justhost.com Software nginx/1.14.1 / Resource Hash `400c00f707012002ec6b2c15131518c80ddb1db388f5ffb90d66f862252a1b8f` Request headers :method GET :authority dalkayga.com :scheme https :path /.well-knowmA/AXAconnectedd-loading/responsives/zkztq=/ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 sec-fetch-site cross-site sec-fetch-mode navigate referer https://armentaconmigo.mx/calendmwMA/btml/56c56a3798e1213ecd90ba915fb6dd79/Load.php accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Referer https://armentaconmigo.mx/calendmwMA/btml/56c56a3798e1213ecd90ba915fb6dd79/Load.php Response headers status 200 server nginx/1.14.1 date Thu, 21 Nov 2019 15:42:15 GMT content-type text/html last-modified Thu, 21 Nov 2019 15:42:14 GMT x-server-cache false content-encoding gzip Redirect headers status 301 server nginx/1.14.1 date Thu, 21 Nov 2019 15:42:15 GMT content-type text/html; charset=iso-8859-1 content-length 346 location https://dalkayga.com/.well-knowmA/AXAconnectedd-loading/responsives/zkztq=/ x-server-cache false
GET H2	200	style.css dalkayga.com/.well-knowmA/AXAconnectedd-loading/responsives/zkztq=/	0 128 B	327ms 327ms	Stylesheet text/html	173.254.28.18 Unified Layer
General Check archive.org Show headers Download Go to Full URL https://dalkayga.com/.well-knowmA/AXAconnectedd-loading/responsives/zkztq=/style.css Requested by Host: dalkayga.com URL: https://dalkayga.com/.well-knowmA/AXAconnectedd-loading/responsives/zkztq=/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 173.254.28.18 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US), Reverse DNS just18.justhost.com Software nginx/1.14.1 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://dalkayga.com/.well-knowmA/AXAconnectedd-loading/responsives/zkztq=/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers status 200 date Thu, 21 Nov 2019 15:42:15 GMT content-encoding gzip server nginx/1.14.1 x-server-cache false content-type text/html; charset=UTF-8
GET H2	200	logo.jpg dalkayga.com/.well-knowmA/AXAconnectedd-loading/responsives/zkztq=/	1 KB 2 KB	218ms 217ms	Image image/jpeg	173.254.28.18 Unified Layer
General Check archive.org Show headers Download Go to Show image Full URL https://dalkayga.com/.well-knowmA/AXAconnectedd-loading/responsives/zkztq=/logo.jpg Requested by Host: dalkayga.com URL: https://dalkayga.com/.well-knowmA/AXAconnectedd-loading/responsives/zkztq=/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 173.254.28.18 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US), Reverse DNS just18.justhost.com Software nginx/1.14.1 / Resource Hash `6bcbba94cd7a796861c100a8b362d7dcf92dfffa27fbb8bc77c741c77d9a9e53` Request headers Referer https://dalkayga.com/.well-knowmA/AXAconnectedd-loading/responsives/zkztq=/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers date Thu, 21 Nov 2019 15:42:15 GMT last-modified Thu, 21 Nov 2019 15:42:14 GMT server nginx/1.14.1 x-server-cache false content-type image/jpeg status 200 accept-ranges bytes content-length 1403
GET H2	200	Capture.png dalkayga.com/.well-knowmA/AXAconnectedd-loading/responsives/zkztq=/	649 B 784 B	204ms 203ms	Image image/png	173.254.28.18 Unified Layer
General Check archive.org Show headers Download Go to Show image Full URL https://dalkayga.com/.well-knowmA/AXAconnectedd-loading/responsives/zkztq=/Capture.png Requested by Host: dalkayga.com URL: https://dalkayga.com/.well-knowmA/AXAconnectedd-loading/responsives/zkztq=/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 173.254.28.18 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US), Reverse DNS just18.justhost.com Software nginx/1.14.1 / Resource Hash `aae6907b97bb625bc3d760099058e3e2c40b78089bc95790c91cee26b83e4b5e` Request headers Referer https://dalkayga.com/.well-knowmA/AXAconnectedd-loading/responsives/zkztq=/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers date Thu, 21 Nov 2019 15:42:15 GMT last-modified Thu, 21 Nov 2019 15:42:14 GMT server nginx/1.14.1 x-server-cache false content-type image/png status 200 accept-ranges bytes content-length 649
GET H2	200	seS.png dalkayga.com/.well-knowmA/AXAconnectedd-loading/responsives/zkztq=/	541 B 676 B	203ms 203ms	Image image/png	173.254.28.18 Unified Layer
General Check archive.org Show headers Download Go to Show image Full URL https://dalkayga.com/.well-knowmA/AXAconnectedd-loading/responsives/zkztq=/seS.png Requested by Host: dalkayga.com URL: https://dalkayga.com/.well-knowmA/AXAconnectedd-loading/responsives/zkztq=/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 173.254.28.18 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US), Reverse DNS just18.justhost.com Software nginx/1.14.1 / Resource Hash `25692c1d953a19d8a493ca3d135eb868dd31795a960dc890e77e7a0eaee1298d` Request headers Referer https://dalkayga.com/.well-knowmA/AXAconnectedd-loading/responsives/zkztq=/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers date Thu, 21 Nov 2019 15:42:15 GMT last-modified Thu, 21 Nov 2019 15:42:14 GMT server nginx/1.14.1 x-server-cache false content-type image/png status 200 accept-ranges bytes content-length 541
GET H2	200	fd.jpg dalkayga.com/.well-knowmA/AXAconnectedd-loading/responsives/zkztq=/	195 KB 196 KB	380ms 380ms	Image image/jpeg	173.254.28.18 Unified Layer
General Check archive.org Show headers Download Go to Show image Full URL https://dalkayga.com/.well-knowmA/AXAconnectedd-loading/responsives/zkztq=/fd.jpg Requested by Host: dalkayga.com URL: https://dalkayga.com/.well-knowmA/AXAconnectedd-loading/responsives/zkztq=/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 173.254.28.18 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US), Reverse DNS just18.justhost.com Software nginx/1.14.1 / Resource Hash `398cf13156c47ea7fd1bc7cda55c23634b929e36c8ac5fa7fe392d4607747183` Request headers Referer https://dalkayga.com/.well-knowmA/AXAconnectedd-loading/responsives/zkztq=/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers date Thu, 21 Nov 2019 15:42:15 GMT last-modified Thu, 21 Nov 2019 15:42:14 GMT server nginx/1.14.1 x-server-cache false content-type image/jpeg status 200 accept-ranges bytes content-length 199899

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Axa (Insurance)

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

armentaconmigo.mx
dalkayga.com
indraprasthfoods.com
ow.ly
173.254.28.18
192.169.243.42
2606:4700:30::6812:35fd
54.67.62.204
25692c1d953a19d8a493ca3d135eb868dd31795a960dc890e77e7a0eaee1298d
398cf13156c47ea7fd1bc7cda55c23634b929e36c8ac5fa7fe392d4607747183
400c00f707012002ec6b2c15131518c80ddb1db388f5ffb90d66f862252a1b8f
6bcbba94cd7a796861c100a8b362d7dcf92dfffa27fbb8bc77c741c77d9a9e53
83fc3e3517990f4103ab88344bdccd38701de36922ce895e7a8874e1b2774ed5
a0520a5f9e8a148a807f9c9dd1f7c7849e262c5a6e2aacd8b0a38f4937dfc46b
aae6907b97bb625bc3d760099058e3e2c40b78089bc95790c91cee26b83e4b5e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

dalkayga.com Open in urlscan Pro 173.254.28.18 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

8 Requests

100 %HTTPS

25 %IPv6

4 Domains

4 Subdomains

3 IPs

1 Countries

202 kBTransfer

212 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

13 JavaScript Global Variables

0 Cookies

Indicators

dalkayga.com Open in urlscan Pro
173.254.28.18 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

3
IPs

1
Countries

202 kB
Transfer

212 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!