www.18dewapoker.tech

Summary

This website contacted 3 IPs in 3 countries across 4 domains to perform 7 HTTP transactions. The main IP is 103.247.9.29, located in Indonesia and belongs to RUMAHWEB-AS-ID Rumahweb Indonesia CV., ID. The main domain is www.18dewapoker.tech.

This is the only time www.18dewapoker.tech was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	103.247.9.29 103.247.9.29	58487 (RUMAHWEB-...) (RUMAHWEB-AS-ID Rumahweb Indonesia CV.)
5	2606:4700:20:... 2606:4700:20::6819:9917	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 1	172.96.191.164 172.96.191.164	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
1	2606:4700:30:... 2606:4700:30::681b:9801	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
7	3

1 103.247.9.29 (Indonesia)

ASN58487 (RUMAHWEB-AS-ID Rumahweb Indonesia CV., ID)
PTR: wpiix2-1.rumahweb.com

www.18dewapoker.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:20::6819:9917 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.w3counter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pulse.w3counter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.96.191.164 (Fergus, Canada) 1 redirects

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
PTR: 172.96.191.164-static.reverse.arandomserver.com

poker18dewa.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::681b:9801 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.poker18dewa.asia	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	w3counter.com www.w3counter.com pulse.w3counter.com	2 KB
1	poker18dewa.asia www.poker18dewa.asia
1	poker18dewa.org 1 redirects poker18dewa.org	222 B
1	18dewapoker.tech www.18dewapoker.tech	1 KB
7	4

	Domain	Requested by
3	pulse.w3counter.com	www.w3counter.com pulse.w3counter.com
2	www.w3counter.com	www.18dewapoker.tech www.w3counter.com
1	www.poker18dewa.asia	www.18dewapoker.tech
1	poker18dewa.org	1 redirects
1	www.18dewapoker.tech
7	5

This site contains no links.

Subject Issuer	Validity	Valid
ssl391982.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-07-16` - `2020-01-22`	6 months	crt.sh
sni70323.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-07-16` - `2020-01-22`	6 months	crt.sh
	`1970-01-01` - `1970-01-01`	a few seconds	crt.sh

This page contains 2 frames:

Primary Page: http://www.18dewapoker.tech/
Frame ID: 7F301B5D2F8561268BCFCF990E217AC0
Requests: 6 HTTP requests in this frame

Frame: https://www.poker18dewa.asia/ref.php?ref=SANDIRAWA
Frame ID: B2D1AA5DC11C043547DCE70E996F0783
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

LiteSpeed (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^LiteSpeed$/i

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /tracker\.js/i

W3Counter (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /w3counter\.com\/tracker\.js/i

Page Statistics

7
Requests

57 %
HTTPS

50 %
IPv6

4
Domains

5
Subdomains

3
IPs

3
Countries

4 kB
Transfer

6 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

http://poker18dewa.org/ref.php?ref=SANDIRAWA HTTP 301
https://www.poker18dewa.asia/ref.php?ref=SANDIRAWA

7 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response www.18dewapoker.tech/	2 KB 1 KB	3733ms 176ms	Document text/html	103.247.9.29 RUMAHWEB-AS-ID Ru...
General Check archive.org Show headers Download Go to Full URL http://www.18dewapoker.tech/ Protocol HTTP/1.1 Server 103.247.9.29 , Indonesia, ASN58487 (RUMAHWEB-AS-ID Rumahweb Indonesia CV., ID), Reverse DNS wpiix2-1.rumahweb.com Software LiteSpeed / PleskLin Resource Hash `43345ea3b512addd305bea3257cc52fd367ca8adb752cf205f96dee0e6d94ec7` Request headers Host www.18dewapoker.tech Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers ETag "7ba-5d4e2429-a28dbbbbc00d9abf;gz" Last-Modified Sat, 10 Aug 2019 01:55:53 GMT Content-Type text/html Content-Length 895 Accept-Ranges bytes Content-Encoding gzip Vary Accept-Encoding Date Sat, 10 Aug 2019 04:35:26 GMT Server LiteSpeed X-Powered-By PleskLin Connection Keep-Alive
GET H2	200	tracker.js Show response www.w3counter.com/	2 KB 862 B	310ms 159ms	Script application/javascript	2606:4700:20::6819:9917 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://www.w3counter.com/tracker.js?id=90840 Requested by Host: www.18dewapoker.tech URL: http://www.18dewapoker.tech/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:9917 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / PHP/5.4.16 Resource Hash `c77b9eb099d7fcd32802bf60ffc015c6a4902295add7a5f49c60859f314d6f69` Request headers Sec-Fetch-Mode no-cors Referer http://www.18dewapoker.tech/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sat, 10 Aug 2019 04:35:26 GMT content-encoding br server cloudflare x-powered-by PHP/5.4.16 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control no-cache cf-ray 503f435abf4e9ab0-FRA
GET H2	200	pv Show response www.w3counter.com/track/	0 102 B	207ms 205ms	Script application/javascript	2606:4700:20::6819:9917 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://www.w3counter.com/track/pv?id=90840&userAgent=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&webpageName=18dewa%20%7C%2018dewapoker%20Asia%20%7C%20dewapoker%20Asia%20Online&ref=&url=http%3A%2F%2Fwww.18dewapoker.tech%2F&width=1600&height=1200&rand=836 Requested by Host: www.w3counter.com URL: https://www.w3counter.com/tracker.js?id=90840 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:9917 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / PHP/5.4.16 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Sec-Fetch-Mode no-cors Referer http://www.18dewapoker.tech/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sat, 10 Aug 2019 04:35:26 GMT content-encoding br server cloudflare x-powered-by PHP/5.4.16 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control no-cache cf-ray 503f435bd80f9ab0-FRA
GET H2	200	pulse.js Show response pulse.w3counter.com/	2 KB 781 B	208ms 106ms	Script application/javascript	2606:4700:20::6819:9917 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://pulse.w3counter.com/pulse.js?id=90840 Requested by Host: www.w3counter.com URL: https://www.w3counter.com/tracker.js?id=90840 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:9917 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `cff072659a07ad7b51010f503af55d433979674836cdbe57166481fb5e5ec990` Request headers Sec-Fetch-Mode no-cors Referer http://www.18dewapoker.tech/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Sat, 10 Aug 2019 04:35:26 GMT content-encoding br server cloudflare cf-ray 503f435c78949ab0-FRA expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type application/javascript
GET H2	200	ref.php www.poker18dewa.asia/ Frame B2D1 Redirect Chain http://poker18dewa.org/ref.php?ref=SANDIRAWA https://www.poker18dewa.asia/ref.php?ref=SANDIRAWA	0 0	1172ms 1089ms	Document text/html	2606:4700:30::681b:9801 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://www.poker18dewa.asia/ref.php?ref=SANDIRAWA Requested by Host: www.18dewapoker.tech URL: http://www.18dewapoker.tech/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:9801 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash Request headers :method GET :authority www.poker18dewa.asia :scheme https :path /ref.php?ref=SANDIRAWA pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 sec-fetch-site cross-site referer http://www.18dewapoker.tech/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://www.18dewapoker.tech/ Response headers status 200 date Sat, 10 Aug 2019 04:35:29 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=ddc4470ff40eb90515b01041f284cbf071565411728; expires=Sun, 09-Aug-20 04:35:28 GMT; path=/; domain=.poker18dewa.asia; HttpOnly PHPSESSID=djsmiin8g3vrdv5pb6hbi168uo; path=/ ref=SANDIRAWA; expires=Sun, 08-Sep-2019 11:05:29 GMT; Max-Age=2529000 vary Accept-Encoding expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate pragma no-cache last-modified Sat, 10 Aug 2019 04:35:28 GMT x-cache HIT from Backend expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 503f436528429abc-FRA content-encoding br Redirect headers Content-Type text/html Content-Length 617 Date Sat, 10 Aug 2019 04:35:28 GMT Server LiteSpeed Location https://www.poker18dewa.asia/ref.php?ref=SANDIRAWA Connection Keep-Alive
GET H/1.1	200 OK	ping.js Show response pulse.w3counter.com/	0 251 B	136ms 130ms	Script application/javascript	2606:4700:20::6819:9917 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://pulse.w3counter.com/ping.js?id=90840&activity=reading&userAgent=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&webpageName=18dewa%20%7C%2018dewapoker%20Asia%20%7C%20dewapoker%20Asia%20Online&ref=&url=http%3A%2F%2Fwww.18dewapoker.tech%2F&rand=610 Requested by Host: pulse.w3counter.com URL: https://pulse.w3counter.com/pulse.js?id=90840 Protocol HTTP/1.1 Security , , Server 2606:4700:20::6819:9917 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer http://www.18dewapoker.tech/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sat, 10 Aug 2019 04:35:27 GMT Content-Encoding gzip Server cloudflare Connection keep-alive CF-RAY 503f435d386ac277-FRA Transfer-Encoding chunked Content-Type application/javascript
GET H/1.1	200 OK	ping.js Show response pulse.w3counter.com/	0 395 B	108ms 101ms	Script application/javascript	2606:4700:20::6819:9917 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://pulse.w3counter.com/ping.js?id=90840&activity=reading&userAgent=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&webpageName=18dewa%20%7C%2018dewapoker%20Asia%20%7C%20dewapoker%20Asia%20Online&ref=&url=http%3A%2F%2Fwww.18dewapoker.tech%2F&rand=273 Requested by Host: pulse.w3counter.com URL: https://pulse.w3counter.com/pulse.js?id=90840 Protocol HTTP/1.1 Security , , Server 2606:4700:20::6819:9917 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer http://www.18dewapoker.tech/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sat, 10 Aug 2019 04:35:47 GMT Content-Encoding gzip Server cloudflare Connection keep-alive CF-RAY 503f43da3afedfbb-FRA Transfer-Encoding chunked Content-Type application/javascript

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.livechatinc.com/licence/8484972	1970-01-20 05:50:11	Name: __livechat Value: lc_all_invitation%3D0%26lc_auto_invites_shown%3D%26lc_chat_number%3D0%26lc_client_version%3D%26lc_goals_achieved%3D%26lc_integration_params%3D%26lc_lang%3Did%26lc_last_chat_start_time%3D0%26lc_last_conference_id%3D%26lc_last_operator_id%3D%26lc_last_operator_key%3D%26lc_last_operator_key_per_skill%3D%26lc_last_operator_per_skill%3D%26lc_last_visit%3D1565411738%26lc_nick%3D%26lc_ok_invitation%3D0%26lc_page_view%3D0%26lc_session%3DS1565411738.74e8687f1a%26lc_visit_number%3D0%26mcid%3D%26mcid_done%3D0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

poker18dewa.org
pulse.w3counter.com
www.18dewapoker.tech
www.poker18dewa.asia
www.w3counter.com
103.247.9.29
172.96.191.164
2606:4700:20::6819:9917
2606:4700:30::681b:9801
43345ea3b512addd305bea3257cc52fd367ca8adb752cf205f96dee0e6d94ec7
c77b9eb099d7fcd32802bf60ffc015c6a4902295add7a5f49c60859f314d6f69
cff072659a07ad7b51010f503af55d433979674836cdbe57166481fb5e5ec990
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

www.18dewapoker.tech Open in urlscan Pro 103.247.9.29 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

7 Requests

57 %HTTPS

50 %IPv6

4 Domains

5 Subdomains

3 IPs

3 Countries

4 kBTransfer

6 kBSize

1 Cookies

0 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

1 Cookies

Indicators

www.18dewapoker.tech Open in urlscan Pro
103.247.9.29 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

57 %
HTTPS

50 %
IPv6

4
Domains

5
Subdomains

3
IPs

3
Countries

4 kB
Transfer

6 kB
Size

1
Cookies

7 HTTP transactions
0 data transactions