0/100

high Risk

dailytra.com

https://dailytra.com/#/register?code=CHOT48

104.21.26.231 · Cloudflare, Inc.

Location

Toronto, Canada

Domain Age

194 days

HTTP

200 · 19.4s

SSL

Valid· WE1, Google Trust Services, US

Status

COMPLETED

Visual Evidence

Zoom

Title: "DailyTrade"

Save

Take this site down

Report to 50+ vendors instantly

KB/IOK Matches (0)—

No KB/IOK detections were recorded for this scan.

DailyTrade

Credential Phishing

finance | technology | ecommerce | cryptocurrency · 4/5/2026

Summary

DailyTrade is presented as the brand on the page, with the DailyTrade logo and name visible. The URL dailytra.com shows a domain that visually impersonates DailyTrade in branding and UI elements (logo, colors, form layout). The page contains a login/registration form with password fields and a code parameter in the hash-based route, suggesting an account creation flow that could be used for credential collection. Network and DOM analysis indicate credential collection UI and related API endpoints (get_config, captcha) that could be leveraged for abuse; however, the page appears to be a clone with first-party branding signals rather than an official domain. The evidence supports impersonation/phishing signals rather than legitimate first-party hosting of the brand.

Evidence Summary

▸Observed 3 capture stage(s); canonical stage is late_render_3s.

▸Canonical stage contains password collection UI.

▸POST targets observed during capture: https://dailytra.com/api/get_config, https://dailytra.com/cdn-cgi/rum?, https://dailytra.com/api/captcha.

▸Distinctive asset clues: v8c78df7c7c0f484497ecbca7046644da1771523124516, vendor.5b63762f.js, line-awesome.min.css, css2, DailyTrade.290dfd6a.png.

Capture

Stages: 3

Canonical: Late Render (+3s)

Changed: No

Credential Signals

Forms: 1

Password fields: 2

Late-stage login UI: No

Resource Signals

Resources: 29

Hosts: 5

Domains: 5

Suspicious Endpoints

hxxps://dailytra[.]com/api/get_config

hxxps://dailytra[.]com/api/captcha

hxxps://dailytra[.]com/#/register?code=CHOT48

Attack Techniques (5)

Brand impersonation via visual cloning (logo, DailyTrade branding) on dailytra.comCredential collection UI with password fields and login formSPA-like structure loading multiple JS assets and API endpoints for configuration and captchaUse of POST /api/get_config and /api/captcha endpoints potentially for anti-bot or data exfiltrationHash-based routing (#/register) to present a registration flow

Indicators of Compromise (8)

▸Page title: DailyTrade

▸Brand logo and name displayed: DailyTrade

▸Hostname dailytra.com under Cloudflare protection

▸Login/registration form with password field present in UI

▸POST requests to /api/get_config and /api/captcha

▸Asset filenames and script names referencing DailyTrade assets (DailyTrade.290dfd6a.png, index.*.js, nickname.js, phone.js, etc.)

▸External assets loaded from dailytra.com and Cloudflare beacon

▸SSL certificate issued to dailytra.com; SAN includes dailytra.com and *.dailytra.com

Risk AssessmentUsed in abuse reports

The scan reveals clear impersonation signals: the page displays the DailyTrade branding (logo and name) on the domain dailytra.com, which is not the official DailyTrade domain. The UI includes a password field and a login/registration form, and several POST endpoints (get_config, captcha) that could be used to harvest credentials or seed phishing sessions. The presence of SPA-style assets and a hash-based route for /#/register suggests an attempt to capture user credentials under the guise of a legitimate DailyTrade registration flow. Given the strong branding impersonation and credential collection UI, this site demonstrates abusive impersonation behavior. Monitor and consider taking action against the domain to prevent credential theft.

Recommended Action

Block URL

Cross-Reference8

URL Intelligence