gameta.openintime.top Open in urlscan Pro
23.95.186.190 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://gameta.openintime.top/
Submission: On December 13 via api (December 13th 2024, 2:40:09 pm UTC) from US — Scanned from FR

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 13 HTTP transactions. The main IP is 23.95.186.190, located in Buffalo, United States and belongs to AS-COLOCROSSING, US. The main domain is gameta.openintime.top.
TLS certificate: Issued by E5 on December 8th 2024. Valid for: 3 months.

This is the only time gameta.openintime.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	23.95.186.190 23.95.186.190	36352 (AS-COLOCR...) (AS-COLOCROSSING)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
2	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
2	157.240.0.35 157.240.0.35	32934 (FACEBOOK) (FACEBOOK)
13	4

8 23.95.186.190 (Buffalo, United States)

ASN36352 (AS-COLOCROSSING, US)
PTR: 23-95-186-190-host.colocrossing.com

gameta.openintime.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.0.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	openintime.top gameta.openintime.top	126 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	215 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	75 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
13	4

	Domain	Requested by
8	gameta.openintime.top	gameta.openintime.top
2	www.facebook.com	gameta.openintime.top
2	connect.facebook.net	gameta.openintime.top connect.facebook.net
1	fonts.googleapis.com	gameta.openintime.top
13	4

This site contains no links.

Subject Issuer	Validity	Valid
gameta.openintime.top E5	`2024-12-08` - `2025-03-08`	3 months	crt.sh
upload.video.google.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-09-22` - `2024-12-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://gameta.openintime.top/
Frame ID: D8B2CFFE168417C2BC47EE62067BC951
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MyBlog

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

13
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

203 kB
Transfer

455 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
gameta.openintime.top/ 5 KB
2 KB 977ms
332ms Document
text/html 23.95.186.190
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to

Full URL: https://gameta.openintime.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.95.186.190 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS: 23-95-186-190-host.colocrossing.com
Software: openresty /
Resource Hash: 5c3b673f5eaacba82d89f160aadf16a458efc568e6cc39e1737084ac7291a52d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 13 Dec 2024 14:39:55 GMT
server: openresty
vary: Accept-Encoding Accept-Encoding Accept-Encoding

GET
H2 200 style.css
gameta.openintime.top/prel_whatsapp_ES/css/ 4 KB
1 KB 325ms
323ms Stylesheet
text/css 23.95.186.190
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to

Full URL: https://gameta.openintime.top/prel_whatsapp_ES/css/style.css
Requested by: Host: gameta.openintime.top
URL: https://gameta.openintime.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.95.186.190 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS: 23-95-186-190-host.colocrossing.com
Software: openresty /
Resource Hash: 3ba454e243957b4e2d82df819dca010397a0013b2db64fe40c4fa95b800f0c4f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gameta.openintime.top/

Response headers

content-encoding: gzip
date: Fri, 13 Dec 2024 14:39:55 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
server: openresty

GET
H2 200 intro-img.webp
gameta.openintime.top/prel_whatsapp_ES/img/ 25 KB
25 KB 380ms
379ms Image
image/webp 23.95.186.190
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gameta.openintime.top/prel_whatsapp_ES/img/intro-img.webp
Requested by: Host: gameta.openintime.top
URL: https://gameta.openintime.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.95.186.190 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS: 23-95-186-190-host.colocrossing.com
Software: openresty /
Resource Hash: debeb6820fa57c5edd5edb6acee4c3b1f2dd656e24fb87bc47889c6b62ade5b2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gameta.openintime.top/

Response headers

date: Fri, 13 Dec 2024 14:39:55 GMT
content-type: image/webp
vary: Accept-Encoding
server: openresty

GET
H2 200 swap-img.webp
gameta.openintime.top/prel_whatsapp_ES/img/ 54 KB
55 KB 695ms
693ms Image
image/webp 23.95.186.190
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gameta.openintime.top/prel_whatsapp_ES/img/swap-img.webp
Requested by: Host: gameta.openintime.top
URL: https://gameta.openintime.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.95.186.190 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS: 23-95-186-190-host.colocrossing.com
Software: openresty /
Resource Hash: 7c3dad9d72f53c32bc7221b25eb0ac6f6584c5f8ea19c4708d5b4c7c110ce54b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gameta.openintime.top/

Response headers

date: Fri, 13 Dec 2024 14:39:56 GMT
content-type: image/webp
vary: Accept-Encoding
server: openresty

GET
H2 200 main.js Show response
gameta.openintime.top/prel_whatsapp_ES/js/ 0
156 B 394ms
354ms Script
application/javascript 23.95.186.190
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to

Full URL: https://gameta.openintime.top/prel_whatsapp_ES/js/main.js
Requested by: Host: gameta.openintime.top
URL: https://gameta.openintime.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.95.186.190 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS: 23-95-186-190-host.colocrossing.com
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gameta.openintime.top/

Response headers

content-encoding: gzip
date: Fri, 13 Dec 2024 14:39:56 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
server: openresty

GET
H2 200 css2
fonts.googleapis.com/ 14 KB
1 KB 341ms
57ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;500;700&family=Roboto:wght@400;500;700&display=swap

Requested by

Host: gameta.openintime.top
URL: https://gameta.openintime.top/prel_whatsapp_ES/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

45907c625ce2122e8b4502ae200701d9fbb55025a9ae1d907404df125c494bb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gameta.openintime.top/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 13 Dec 2024 14:39:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 13 Dec 2024 14:39:56 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 13 Dec 2024 13:39:24 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 157ms
42ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: gameta.openintime.top
URL: https://gameta.openintime.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

c4eb49795f7a703429e7012cec0a556e6faf6f551f07cd337f66c5a1ec3a5847

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-u8zEWPmF' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gameta.openintime.top/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 13 Dec 2024 14:39:56 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-u8zEWPmF' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=24, rtx=0, c=23, mss=1232, tbw=4574, tp=10, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: URfozvQgYUUyPB6tR0Qdi5fcTj+JKp1MPravuZjQSzAs1rfyEe5VoqqmNBFrS3nzrkPOpiBs4v76ucHzbBx/yg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62212
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 img-1.webp
gameta.openintime.top/prel_whatsapp_ES/img/ 27 KB
27 KB 434ms
381ms Image
image/webp 23.95.186.190
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gameta.openintime.top/prel_whatsapp_ES/img/img-1.webp
Requested by: Host: gameta.openintime.top
URL: https://gameta.openintime.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.95.186.190 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS: 23-95-186-190-host.colocrossing.com
Software: openresty /
Resource Hash: 995bb252663ed18a15262d9299a2cb854f039ee597796848e2a56013b500a954

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gameta.openintime.top/

Response headers

date: Fri, 13 Dec 2024 14:39:57 GMT
content-type: image/webp
vary: Accept-Encoding
server: openresty

GET
H2 200 img-2.webp
gameta.openintime.top/prel_whatsapp_ES/img/ 16 KB
16 KB 662ms
610ms Image
image/webp 23.95.186.190
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gameta.openintime.top/prel_whatsapp_ES/img/img-2.webp
Requested by: Host: gameta.openintime.top
URL: https://gameta.openintime.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.95.186.190 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS: 23-95-186-190-host.colocrossing.com
Software: openresty /
Resource Hash: 8e96ca3a9514594783bff313a69df1a9b60c81b42eb3fadd09ade6c285482575

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gameta.openintime.top/

Response headers

date: Fri, 13 Dec 2024 14:39:57 GMT
content-type: image/webp
vary: Accept-Encoding
server: openresty

GET
H3 200 1763748961089727 Show response
connect.facebook.net/signals/config/ 69 KB
14 KB 165ms
144ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1763748961089727?v=2.9.178&r=stable&domain=gameta.openintime.top&hme=28abfdc7e582ae2a8fdd6ac5ebb406923cf601dc2ee488049b0628e75e0f6b36&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

812cb4be40c034e9b753ce53f065bf86e50dbe2a22775cc5088e3a6921bbfbd6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-Bx76ACgI' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gameta.openintime.top/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 13 Dec 2024 14:39:57 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-Bx76ACgI' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=26, rtx=0, c=71, mss=1232, tbw=71252, tp=69, tpl=0, uplat=106, ullat=0
pragma: public
x-fb-debug: bFuI2dRN4/Y1k3ZjkkKujBuDICnCzuOA4CiKbOjCMhY8TgvNjUKaYUNcPgm9X7MdU2SEA1mSwouilnwyHOgf2Q==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 189ms
36ms Image
text/plain 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1763748961089727&ev=PageView&dl=https%3A%2F%2Fgameta.openintime.top%2F&rl=&if=false&ts=1734100797824&sw=1600&sh=1200&v=2.9.178&r=stable&ec=0&o=4126&fbp=fb.1.1734100797817.695819401833317329&ler=empty&cdl=API_unavailable&it=1734100797429&coo=false&rqm=GET

Requested by

Host: gameta.openintime.top
URL: https://gameta.openintime.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gameta.openintime.top/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=30, rtx=0, c=23, mss=1232, tbw=4664, tp=12, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 13 Dec 2024 14:39:57 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
196 B 342ms
190ms Image
image/png 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1763748961089727&ev=PageView&dl=https%3A%2F%2Fgameta.openintime.top%2F&rl=&if=false&ts=1734100797824&sw=1600&sh=1200&v=2.9.178&r=stable&ec=0&o=4126&fbp=fb.1.1734100797817.695819401833317329&ler=empty&cdl=API_unavailable&it=1734100797429&coo=false&rqm=FGET

Requested by

Host: gameta.openintime.top
URL: https://gameta.openintime.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gameta.openintime.top/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7447906215685313678"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 13 Dec 2024 14:39:58 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: gzAkCJQW/UD8mGBN7ftB9kN+yhC3sE4mgh+DQVs7dEZ7Lhk1huQxS3t/cZUmE35d9HNXjm5TDkGXvGvgQiCE2Q==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7447906215685313678", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=23, mss=1232, tbw=5032, tp=15, tpl=0, uplat=158, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 favicon.ico
gameta.openintime.top/ 1 KB
491 B 336ms
313ms Other
image/x-icon 23.95.186.190
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to

Full URL: https://gameta.openintime.top/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.95.186.190 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS: 23-95-186-190-host.colocrossing.com
Software: openresty /
Resource Hash: 58ec991677746be80baaff8347d8372a31c9bfbbb5dafa5e0cefae36a8d95f21

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gameta.openintime.top/

Response headers

content-encoding: gzip
date: Fri, 13 Dec 2024 14:39:58 GMT
content-type: image/x-icon
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
server: openresty

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| fbq function| _fbq

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.openintime.top/	1970-01-21 03:51:16	Name: _fbp Value: fb.1.1734100797817.695819401833317329

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
fonts.googleapis.com
gameta.openintime.top
www.facebook.com
157.240.0.35
157.240.0.6
23.95.186.190
2a00:1450:4001:829::200a
3ba454e243957b4e2d82df819dca010397a0013b2db64fe40c4fa95b800f0c4f
45907c625ce2122e8b4502ae200701d9fbb55025a9ae1d907404df125c494bb2
58ec991677746be80baaff8347d8372a31c9bfbbb5dafa5e0cefae36a8d95f21
5c3b673f5eaacba82d89f160aadf16a458efc568e6cc39e1737084ac7291a52d
7c3dad9d72f53c32bc7221b25eb0ac6f6584c5f8ea19c4708d5b4c7c110ce54b
812cb4be40c034e9b753ce53f065bf86e50dbe2a22775cc5088e3a6921bbfbd6
8e96ca3a9514594783bff313a69df1a9b60c81b42eb3fadd09ade6c285482575
995bb252663ed18a15262d9299a2cb854f039ee597796848e2a56013b500a954
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
c4eb49795f7a703429e7012cec0a556e6faf6f551f07cd337f66c5a1ec3a5847
debeb6820fa57c5edd5edb6acee4c3b1f2dd656e24fb87bc47889c6b62ade5b2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

gameta.openintime.top Open in urlscan Pro 23.95.186.190 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

25 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

203 kBTransfer

455 kBSize

1 Cookies

0 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

1 Cookies

Indicators

gameta.openintime.top Open in urlscan Pro
23.95.186.190 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

203 kB
Transfer

455 kB
Size

1
Cookies

13 HTTP transactions
0 data transactions