urlscan.io logo urlscan.io
SecurityTrails logo

predictiondexchange.com Open in urlscan Pro
35.190.43.140  Public Scan

Go To Rescan Add Verdict Report
URL: https://predictiondexchange.com/jump/next.php?r=3893051
Submission: On April 11 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 2 HTTP transactions. The main IP is 35.190.43.140, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is predictiondexchange.com. The Cisco Umbrella rank of the primary domain is 101448.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 30th 2023. Valid for: a year.
This is the only time predictiondexchange.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 3 35.190.43.140 15169 (GOOGLE)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2
Apex Domain
Subdomains		 Transfer
3 predictiondexchange.com
predictiondexchange.com — Cisco Umbrella Rank: 101448
3 KB
1 betandplay.partners
betandplay.partners
472 B
2 2
Domain Requested by
3 predictiondexchange.com 2 redirects
1 betandplay.partners predictiondexchange.com
2 2

This site contains no links.

Subject Issuer Validity Valid
predictiondexchange.com
Sectigo RSA Domain Validation Secure Server CA		 2023-01-30 -
2024-01-30		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-02-21 -
2024-02-20		 a year crt.sh

This page contains 1 frames:

Frame: https://betandplay.partners/jf8c31a01&visit_id=168124921110000TDETV436481828094Vc5
Frame ID: CA6A5EE2BD2972A0A516CFAF8690B8B4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

2
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

3 kB
Transfer

7 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://predictiondexchange.com/jump/next.php?stamat=m%257C%252Ck93LiIjdrB1dwP0dEdHP3xP.1fb%252C2t5FkDDYpjxJXsMWHSh7wKsTFo_9DWdVnHcBDLzDvAXJz59NBF_4R7IFVb-p1PTn&cbpage=https://predictiondexchange.com/jump/next.php?r=3893051&cbur=0.004238848460484723&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref= HTTP 302
  • https://predictiondexchange.com/script/i.php?t=1&stamat=m%257C%252C%252CQiPWIhZnoGU3Bk-GH0dEdHP3xP.1dd%252CkTG-rdjgHUiO-qNvZPKCuM6MlddIz7oGxze0GiC1LRuP4k4u1QBioAkkuipEdSbD8AP6LkYqATvMxM-I8hA2CCG68DUeyEdDIRJ4K-WnaOqq1i8PdAF_cOwp257lY1qcbY1y7T95mG15N3Y4CnRkc7EqUofqLiflIyhlXul6P9dPhIAfEk9yrsJW98F4XRiESikGSoQx46XllLdVfpIPAoaY7WsQ21NSkWgeu8Qgd8klK6gJ_-ZjJy8ERNYh351tAZ2jNu7IFxLgeOnMcREefMpBudrnsmhpDtp___JAn-z6R2sFwvnxcnMKtA-tTczvg2IkGQCWA55CO0w43Hl3dkJdU3swb2WyWFbqf7N1Q9oMN6ycwfFQC9I4ZnOsJGLVD4E0QK_k_-yrpEVrdcSfMNGAHUV4rJWdsllpmzKaLAHyZrfZuv0hQWWW96CpqjTm2DLwWbVxMK-u_cYYID1HB3BHGfoa6I63Vg_kwwhWpckjCH0_PFNrcHvkLOMAn2tPJlK867OA-im-D5FmZPTafkyGvMJs0E2fKLOaWHZFyjI%252C HTTP 302
  • https://betandplay.partners/jf8c31a01&visit_id=168124921110000TDETV436481828094Vc5

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request next.php
predictiondexchange.com/jump/ 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://predictiondexchange.com/jump/next.php?r=3893051
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.43.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 11 Apr 2023 21:40:10 GMT
server
openresty
via
1.1 google
jf8c31a01&visit_id=168124921110000TDETV436481828094Vc5
betandplay.partners/
Redirect Chain
  • https://predictiondexchange.com/jump/next.php?stamat=m%257C%252Ck93LiIjdrB1dwP0dEdHP3xP.1fb%252C2t5FkDDYpjxJXsMWHSh7wKsTFo_9DWdVnHcBDLzDvAXJz59NBF_4R7IFVb-p1PTn&cbpage=https://predictiondexchange.c...
  • https://predictiondexchange.com/script/i.php?t=1&stamat=m%257C%252C%252CQiPWIhZnoGU3Bk-GH0dEdHP3xP.1dd%252CkTG-rdjgHUiO-qNvZPKCuM6MlddIz7oGxze0GiC1LRuP4k4u1QBioAkkuipEdSbD8AP6LkYqATvMxM-I8hA2CCG68D...
  • https://betandplay.partners/jf8c31a01&visit_id=168124921110000TDETV436481828094Vc5
0
472 B 		Document
General
Check archive.org
Download Go to
Full URL
https://betandplay.partners/jf8c31a01&visit_id=168124921110000TDETV436481828094Vc5
Requested by
Host: predictiondexchange.com
URL: https://predictiondexchange.com/jump/next.php?r=3893051
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://predictiondexchange.com/jump/next.php?r=3893051
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7b6662f4489e03b0-FRA
date
Tue, 11 Apr 2023 21:40:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XBEb36CQTouospr2ng1gnnLJNb9UmQGIyHU2c8462R%2BBOWYhQPXtYzgFr1X1OH5SnmQj5vULkE%2F9zRxndyjCuW5UTgYpBy5Wpr5cHUrIkkilpR7LcbTtyFR9HMgzeuDEZO%2B7%2FNtFdusMPBRdTQCZE8zO"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=utf-8
date
Tue, 11 Apr 2023 21:40:11 GMT
location
https://betandplay.partners/jf8c31a01&visit_id=168124921110000TDETV436481828094Vc5
server
openresty
via
1.1 google

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://betandplay.partners/jf8c31a01&visit_id=168124921110000TDETV436481828094Vc5
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

betandplay.partners
predictiondexchange.com
2a06:98c1:3120::3
35.190.43.140
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855