urlscan.io logo urlscan.io
SecurityTrails logo

betterthanmanuka.com Open in urlscan Pro
2606:4700:3037::6815:42aa  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://betterthanmanuka.com/acapulco_atp_championship/unique/page/
Submission: On March 18 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 9 HTTP transactions. The main IP is 2606:4700:3037::6815:42aa, located in United States and belongs to CLOUDFLARENET, US. The main domain is betterthanmanuka.com.
This is the only time betterthanmanuka.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Email (Online)

Domain & IP information

IP Address AS Autonomous System
1 7 2606:4700:303... 13335 (CLOUDFLAR...)
2 192.229.133.221 15133 (EDGECAST)
9 3
Apex Domain
Subdomains		 Transfer
7 betterthanmanuka.com
betterthanmanuka.com
11 KB
2 w3schools.com
www.w3schools.com
11 KB
9 2
Domain Requested by
7 betterthanmanuka.com 1 redirects betterthanmanuka.com
2 www.w3schools.com betterthanmanuka.com
9 2

This site contains no links.

Subject Issuer Validity Valid
*.w3schools.com
DigiCert SHA2 Secure Server CA		 2020-05-05 -
2022-05-10		 2 years crt.sh

This page contains 2 frames:

Primary Page: http://betterthanmanuka.com/acapulco_atp_championship/unique/page/
Frame ID: 73199E6281C39AFF5211E8D5DEDD8B5F
Requests: 4 HTTP requests in this frame

Frame: http://betterthanmanuka.com/acapulco_atp_championship/unique/page/
Frame ID: D021A35BF9D03BCC28AA3C32AFB73D3F
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://betterthanmanuka.com/acapulco_atp_championship/unique/page HTTP 301
    http://betterthanmanuka.com/acapulco_atp_championship/unique/page/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

9
Requests

22 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

21 kB
Transfer

57 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://betterthanmanuka.com/acapulco_atp_championship/unique/page HTTP 301
    http://betterthanmanuka.com/acapulco_atp_championship/unique/page/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
betterthanmanuka.com/acapulco_atp_championship/unique/page/
Redirect Chain
  • http://betterthanmanuka.com/acapulco_atp_championship/unique/page
  • http://betterthanmanuka.com/acapulco_atp_championship/unique/page/
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://betterthanmanuka.com/acapulco_atp_championship/unique/page/
Protocol
HTTP/1.1
Server
2606:4700:3037::6815:42aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed06367d142f7a491d16016e0d78c4b05e33beb1ee979cda99019dd8e8d20675

Request headers

Host
betterthanmanuka.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
__cfduid=d5227a18986bdae15f897432f7af88fc61616098369
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 20:12:49 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Set-Cookie
PHPSESSID=62b23cae75a72439e59544b3a0b0a756; path=/
CF-Cache-Status
DYNAMIC
cf-request-id
08e89137c00000c2867f811000000001
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KYAStLSatS7v%2BXRKwCG8aM%2FvQxpKI4AFcK3hkpNx9ErJXLN398HktRqRho0szxZzF%2FMWQ9%2By3mk4KiFH02AJhDKesVykbijuak6aTSrAhn1r7%2BEmMPzQezgCQakT3DckGw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"max_age":604800,"report_to":"cf-nel"}
Server
cloudflare
CF-RAY
63211e393b4ec286-FRA
Content-Encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date
Thu, 18 Mar 2021 20:12:49 GMT
Content-Type
text/html; charset=iso-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d5227a18986bdae15f897432f7af88fc61616098369; expires=Sat, 17-Apr-21 20:12:49 GMT; path=/; domain=.betterthanmanuka.com; HttpOnly; SameSite=Lax
Location
http://betterthanmanuka.com/acapulco_atp_championship/unique/page/
CF-Cache-Status
DYNAMIC
cf-request-id
08e89136040000c286e7011000000001
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sgTVbIeItT06J2t5Qj7HPAg61LGtff29MZpdipRh67l5zDhabG4FwsDKFz3PEahkeLrmAYnn6cN%2FkdryGiWmELjwb%2BpMiZKZBVX7kso6bWQjC8dWcyw86zyO1SQi%2F0QBUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"max_age":604800,"report_to":"cf-nel"}
Server
cloudflare
CF-RAY
63211e366f26c286-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
w3.css
www.w3schools.com/w3css/4/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.w3schools.com/w3css/4/w3.css
Requested by
Host: betterthanmanuka.com
URL: http://betterthanmanuka.com/acapulco_atp_championship/unique/page/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.133.221 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (via/F347) / ASP.NET
Resource Hash
f995f439838c0e107cbd7fb1b4aac1beb4f3bb719b1279edf0193f301bfd9f24
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://betterthanmanuka.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 20:12:49 GMT
content-encoding
gzip
etag
"de56b85245c9d61:0+gzip"
last-modified
Thu, 03 Dec 2020 07:24:23 GMT
server
ECS (via/F347)
age
6340
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
text/css
cache-control
public,max-age=14400,public
accept-ranges
bytes
vary
Accept-Encoding
content-length
5263
design.css
betterthanmanuka.com/acapulco_atp_championship/unique/page/assets/css/ 		330 B
989 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://betterthanmanuka.com/acapulco_atp_championship/unique/page/assets/css/design.css
Requested by
Host: betterthanmanuka.com
URL: http://betterthanmanuka.com/acapulco_atp_championship/unique/page/
Protocol
HTTP/1.1
Server
2606:4700:3037::6815:42aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a1666209ffc8b3e5398352fe43683713e97960b4fba25049726cc49fec486e2

Request headers

Referer
http://betterthanmanuka.com/acapulco_atp_championship/unique/page/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 20:12:49 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"max_age":604800,"report_to":"cf-nel"}
Age
299
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08e89138530000c2866c320000000001
last-modified
Thu, 28 Mar 2019 17:13:16 GMT
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JhVIYXQ7%2BEZMfXQp3ZWuJwz6z%2B1rVXd%2FXE5N%2BQT%2FJ7YJzroBGoZDjTGF6K2dXxFZ6X3IDoLM%2BNUFzlGkMSJNaHjkMKxTM2CcGcL1R83XlWZi3uHBhlKBLptcV2OtUHH38A%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
CF-RAY
63211e3a1c8dc286-FRA
validate.js
betterthanmanuka.com/acapulco_atp_championship/unique/page/assets/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://betterthanmanuka.com/acapulco_atp_championship/unique/page/assets/js/validate.js
Requested by
Host: betterthanmanuka.com
URL: http://betterthanmanuka.com/acapulco_atp_championship/unique/page/
Protocol
HTTP/1.1
Server
2606:4700:3037::6815:42aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d35a1ab30d065cb8a0a0274c1b8a8b6140685228f14da41e53d7cfb4782ab531

Request headers

Referer
http://betterthanmanuka.com/acapulco_atp_championship/unique/page/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 20:12:49 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"max_age":604800,"report_to":"cf-nel"}
Age
299
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08e891385800004ea426018000000001
last-modified
Thu, 28 Mar 2019 17:13:16 GMT
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jkx%2B7Yb%2B8%2FMpvuFRWBnfjKLWYA9L9oFa8HktZF6FiiPzE2PZO4mWevOmfwTKbUtWnNdlgG8HEGTh6np5H%2FMH8E5P%2FulJaLFlXCVuiLnAPJk7lx4KRMSF9wYbM%2FLJiYnDAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
CF-RAY
63211e3a2b714ea4-FRA
/
betterthanmanuka.com/acapulco_atp_championship/unique/page/ Frame D021 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://betterthanmanuka.com/acapulco_atp_championship/unique/page/
Requested by
Host: betterthanmanuka.com
URL: http://betterthanmanuka.com/acapulco_atp_championship/unique/page/
Protocol
HTTP/1.1
Server
2606:4700:3037::6815:42aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed06367d142f7a491d16016e0d78c4b05e33beb1ee979cda99019dd8e8d20675

Request headers

Host
betterthanmanuka.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://betterthanmanuka.com/acapulco_atp_championship/unique/page/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
__cfduid=d5227a18986bdae15f897432f7af88fc61616098369; PHPSESSID=62b23cae75a72439e59544b3a0b0a756
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://betterthanmanuka.com/acapulco_atp_championship/unique/page/

Response headers

Date
Thu, 18 Mar 2021 20:12:49 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
CF-Cache-Status
DYNAMIC
cf-request-id
08e89138ad00004ea42a1a2000000001
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hF4Q2t8QY579cDJ6cQb45%2BCo2iLak%2BLCxy6d%2FsoI2%2F3%2FDi5Ai6DfV7R%2F2p50R7f0swQXrukkDcG5DmpK%2B6c8RpJFdqdJ4bgjaaDJRT9j2I0dbegob5diMHV%2B3BdbUuCCsg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"max_age":604800,"report_to":"cf-nel"}
Server
cloudflare
CF-RAY
63211e3aac7e4ea4-FRA
Content-Encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
w3.css
www.w3schools.com/w3css/4/ Frame D021 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.w3schools.com/w3css/4/w3.css
Requested by
Host: betterthanmanuka.com
URL: http://betterthanmanuka.com/acapulco_atp_championship/unique/page/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.133.221 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (via/F347) / ASP.NET
Resource Hash
f995f439838c0e107cbd7fb1b4aac1beb4f3bb719b1279edf0193f301bfd9f24
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://betterthanmanuka.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 20:12:49 GMT
content-encoding
gzip
etag
"de56b85245c9d61:0+gzip"
last-modified
Thu, 03 Dec 2020 07:24:23 GMT
server
ECS (via/F347)
age
6340
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
text/css
cache-control
public,max-age=14400,public
accept-ranges
bytes
vary
Accept-Encoding
content-length
5263
design.css
betterthanmanuka.com/acapulco_atp_championship/unique/page/assets/css/ Frame D021 		330 B
989 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://betterthanmanuka.com/acapulco_atp_championship/unique/page/assets/css/design.css
Requested by
Host: betterthanmanuka.com
URL: http://betterthanmanuka.com/acapulco_atp_championship/unique/page/
Protocol
HTTP/1.1
Server
2606:4700:3037::6815:42aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a1666209ffc8b3e5398352fe43683713e97960b4fba25049726cc49fec486e2

Request headers

Referer
http://betterthanmanuka.com/acapulco_atp_championship/unique/page/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 20:12:49 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"max_age":604800,"report_to":"cf-nel"}
Age
299
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08e891392900004ea44b23d000000001
last-modified
Thu, 28 Mar 2019 17:13:16 GMT
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pLraWk8sLZsHqKC6N1VF%2BAiktM8KZDEFTP%2F5NQOnt8bbX2dlmytee3Z4MBmET9HO9S%2F8oWbPGaoM1%2BcB47%2FI1Ah03un%2FZw7G1ZuXxwy3SAri6R60Wb2tZ5JvYtVpQRc6lg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
CF-RAY
63211e3b7e164ea4-FRA
validate.js
betterthanmanuka.com/acapulco_atp_championship/unique/page/assets/js/ Frame D021 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://betterthanmanuka.com/acapulco_atp_championship/unique/page/assets/js/validate.js
Requested by
Host: betterthanmanuka.com
URL: http://betterthanmanuka.com/acapulco_atp_championship/unique/page/
Protocol
HTTP/1.1
Server
2606:4700:3037::6815:42aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d35a1ab30d065cb8a0a0274c1b8a8b6140685228f14da41e53d7cfb4782ab531

Request headers

Referer
http://betterthanmanuka.com/acapulco_atp_championship/unique/page/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 20:12:49 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"max_age":604800,"report_to":"cf-nel"}
Age
299
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08e891392a0000c28684960000000001
last-modified
Thu, 28 Mar 2019 17:13:16 GMT
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WxzZRI4BOZHFR4wwifAT0hWLAMM62BoWqjHA%2Bi4mzgJaujs2gscr2%2BGx4lXzoAclnwpuuLEm3vPs1sYDyjk81hljS45w6uY%2Fc02rCBcfU5p4GawSy4bQvkudnGtPwfZkcA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
CF-RAY
63211e3b7e62c286-FRA

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Email (Online)

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated function| getUrlVars undefined| email undefined| domain undefined| provider undefined| locateFav undefined| aol undefined| cn21 undefined| yandex undefined| yahoo undefined| a163 undefined| sina undefined| mailru undefined| office undefined| godaddy undefined| gmail undefined| locate

2 Cookies

Domain/Path Name / Value
betterthanmanuka.com/ Name: PHPSESSID
Value: 62b23cae75a72439e59544b3a0b0a756
.betterthanmanuka.com/ Name: __cfduid
Value: d5227a18986bdae15f897432f7af88fc61616098369