URL: https://www.returngta.com/
Submission: On December 20 via api from US — Scanned from US

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 46 HTTP transactions. The main IP is 162.0.209.144, located in United States and belongs to NAMECHEAP-NET, US. The main domain is www.returngta.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on December 20th 2023. Valid for: a year.
This is the only time www.returngta.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
24 162.0.209.144 22612 (NAMECHEAP...)
17 2607:f8b0:402... 15169 (GOOGLE)
1 2607:f8b0:402... 15169 (GOOGLE)
1 2607:f8b0:402... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
46 7
Apex Domain
Subdomains
Transfer
24 returngta.com
www.returngta.com
381 KB
17 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 428
224 KB
1 takenupload.com
takenupload.com
165 KB
1 backendapiwtg.com
backendapiwtg.com
7 KB
1 gstatic.com
fonts.gstatic.com
33 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
46 6
Domain Requested by
24 www.returngta.com www.returngta.com
17 cdn.ampproject.org www.returngta.com
cdn.ampproject.org
1 takenupload.com www.returngta.com
1 backendapiwtg.com cdn.ampproject.org
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com www.returngta.com
46 6

This site contains links to these domains. Also see Links.

Domain
takenlink.com
returngta.com
Subject Issuer Validity Valid
returngta.com
Sectigo RSA Domain Validation Secure Server CA
2023-12-20 -
2024-12-20
a year crt.sh
misc-sni.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
backendapiwtg.com
E1
2023-10-30 -
2024-01-28
3 months crt.sh
takenupload.com
GTS CA 1P5
2023-12-18 -
2024-03-17
3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.returngta.com/
Frame ID: F4405094F46D000FA3DEDB28D21C66C1
Requests: 47 HTTP requests in this frame

Screenshot

Page Title

RTP GTATOGEL Largest Return Percentage of All Games

Detected technologies

Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Page Statistics

46
Requests

98 %
HTTPS

83 %
IPv6

6
Domains

6
Subdomains

7
IPs

2
Countries

812 kB
Transfer

1548 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.returngta.com/
102 KB
17 KB
Document
General
Full URL
https://www.returngta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.209.144 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium176-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
04302ac3169b97262b64a9451b9e38d791096d143f8591f0af31053d184e3e00

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
br
content-length
17476
content-type
text/html
date
Wed, 20 Dec 2023 19:14:07 GMT
last-modified
Thu, 21 Dec 2023 02:37:06 GMT
server
LiteSpeed
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
v0.js
cdn.ampproject.org/
278 KB
73 KB
Script
General
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.returngta.com
URL: https://www.returngta.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0435079f9a4a1280a9ccfbb593d29768c3f96b4cd7b0c6ee2134f820b5f65cf
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.returngta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 20 Dec 2023 19:14:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73141
x-xss-protection
0
server
sffe
etag
"20620290c9309704"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 20 Dec 2023 19:14:07 GMT
amp-carousel-0.1.js
cdn.ampproject.org/v0/
38 KB
11 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-carousel-0.1.js
Requested by
Host: www.returngta.com
URL: https://www.returngta.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85d85df9e61ec25caa8e6033bbf255be0036e9af0bec9d8f0cde5f8d6629da3b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.returngta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 20 Dec 2023 19:14:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11509
x-xss-protection
0
server
sffe
etag
"89fd1f55c72a0a94"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 20 Dec 2023 19:14:07 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/
31 KB
10 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.returngta.com
URL: https://www.returngta.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c86be9343f991a2b91d8238e2b458002707a4d38bc8e74ae99d2a58242ba04c4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.returngta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 20 Dec 2023 19:14:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9639
x-xss-protection
0
server
sffe
etag
"13e0a16aa728157d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 20 Dec 2023 19:14:07 GMT
amp-accordion-0.1.js
cdn.ampproject.org/v0/
17 KB
6 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-accordion-0.1.js
Requested by
Host: www.returngta.com
URL: https://www.returngta.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b13fc5243de4eb0a5aad0b621d1336a83a255ba730e8dbde34694eada4fdc00c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.returngta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 20 Dec 2023 19:14:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5826
x-xss-protection
0
server
sffe
etag
"06ef0c30e46eb644"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 20 Dec 2023 19:14:07 GMT
amp-instagram-0.1.js
cdn.ampproject.org/v0/
6 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-instagram-0.1.js
Requested by
Host: www.returngta.com
URL: https://www.returngta.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1713e25a849d0d5748dd55221502163a2d6cb52e75a7b5efd4a3bf85665dfe2a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.returngta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 20 Dec 2023 19:14:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2195
x-xss-protection
0
server
sffe
etag
"d284a71452e04fad"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 20 Dec 2023 19:14:07 GMT
amp-list-0.1.js
cdn.ampproject.org/v0/
42 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-list-0.1.js
Requested by
Host: www.returngta.com
URL: https://www.returngta.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
432b08f51bcc7dc94a57c2fcbbc5d2bc0092cf21bddfc416fe6ccd6ebf07721f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.returngta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 20 Dec 2023 19:14:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12982
x-xss-protection
0
server
sffe
etag
"f2ca69145d033a75"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 20 Dec 2023 19:14:07 GMT
amp-form-0.1.js
cdn.ampproject.org/v0/
50 KB
15 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-form-0.1.js
Requested by
Host: www.returngta.com
URL: https://www.returngta.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e40d97b983b5756bf934b6b97d8d3fbb7cd719406bf82fee6e8a2c1acced376d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.returngta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 20 Dec 2023 19:14:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14979
x-xss-protection
0
server
sffe
etag
"5c37322451a9f07d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 20 Dec 2023 19:14:07 GMT
amp-anim-0.1.js
cdn.ampproject.org/v0/
6 KB
3 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-anim-0.1.js
Requested by
Host: www.returngta.com
URL: https://www.returngta.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2ec9d8d19236a815a5b0473e79b1b6823330026a8a564e4074f3f7595abc4ed1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.returngta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 20 Dec 2023 19:14:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2473
x-xss-protection
0
server
sffe
etag
"f9ec7b9cfb04b32c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 20 Dec 2023 19:14:07 GMT
amp-animation-0.1.js
cdn.ampproject.org/v0/
82 KB
19 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-animation-0.1.js
Requested by
Host: www.returngta.com
URL: https://www.returngta.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5cbe7689e39ff7a090b50b9cc6ae254215fcdc37ae4584ccc752781e8cf8f2b1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.returngta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 20 Dec 2023 19:14:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18991
x-xss-protection
0
server
sffe
etag
"f1ee7f6e53f6872a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 20 Dec 2023 19:14:07 GMT
amp-bind-0.1.js
cdn.ampproject.org/v0/
50 KB
16 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-bind-0.1.js
Requested by
Host: www.returngta.com
URL: https://www.returngta.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4bedabec2adb6bd571b46c49de0885c0f832735209f7c58f6af7c7e3d95fe02
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.returngta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 20 Dec 2023 19:14:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16384
x-xss-protection
0
server
sffe
etag
"955c3f88d7ef8ae3"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 20 Dec 2023 19:14:07 GMT
amp-youtube-0.1.js
cdn.ampproject.org/v0/
36 KB
11 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-youtube-0.1.js
Requested by
Host: www.returngta.com
URL: https://www.returngta.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e8b6c3aeb54a060ad585e3e3c4573a65e6b482713c5198b653dcb2eee843756
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.returngta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 20 Dec 2023 19:14:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11224
x-xss-protection
0
server
sffe
etag
"9dbbfb2d40c1c50e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 20 Dec 2023 19:14:07 GMT
amp-fx-flying-carpet-0.1.js
cdn.ampproject.org/v0/
7 KB
3 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-fx-flying-carpet-0.1.js
Requested by
Host: www.returngta.com
URL: https://www.returngta.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8664ffa7e1de549d94482225d37b504a16023ba154393e2f6538c3924028e69a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.returngta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 20 Dec 2023 19:14:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2539
x-xss-protection
0
server
sffe
etag
"ecfbfb74574f763f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 20 Dec 2023 19:14:07 GMT
amp-mustache-0.2.js
cdn.ampproject.org/v0/
45 KB
15 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-mustache-0.2.js
Requested by
Host: www.returngta.com
URL: https://www.returngta.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83af0c09a4f51158ec41f22995415aad509db6ef38d91c7feda2503acf5c49f6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.returngta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 20 Dec 2023 19:14:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15383
x-xss-protection
0
server
sffe
etag
"10ecb1b2e6eeaabe"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 20 Dec 2023 19:14:07 GMT
amp-lightbox-0.1.js
cdn.ampproject.org/v0/
26 KB
8 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-lightbox-0.1.js
Requested by
Host: www.returngta.com
URL: https://www.returngta.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8f4932f20fa0868dd2caaa4e5bde036d3db73868c2132a5f387d87064f0343b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.returngta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 20 Dec 2023 19:14:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8507
x-xss-protection
0
server
sffe
etag
"97039edf12d9673b"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 20 Dec 2023 19:14:07 GMT
css
fonts.googleapis.com/
10 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Inconsolata|Montserrat:400,500,600,700|Crimson+Text:400,600
Requested by
Host: www.returngta.com
URL: https://www.returngta.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7d5cf8646fcb07ec8948072be095c6c9b055d7e389114408f0c5d6bfba0ebad4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.returngta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 20 Dec 2023 19:14:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 20 Dec 2023 19:14:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 20 Dec 2023 19:14:07 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/
32 KB
33 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inconsolata|Montserrat:400,500,600,700|Crimson+Text:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.returngta.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 09:01:36 GMT
x-content-type-options
nosniff
age
382351
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 15 Dec 2024 09:01:36 GMT
1.png
www.returngta.com/assets/provider/
22 KB
22 KB
Image
General
Full URL
https://www.returngta.com/assets/provider/1.png
Requested by
Host: www.returngta.com
URL: https://www.returngta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.209.144 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium176-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
1cccc374b2ba379ef29e12cdf9e5bb9ac667c59d5823f203cf9a36b0a6f71f60

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.returngta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 19:14:07 GMT
last-modified
Fri, 02 Jun 2023 14:23:24 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
22291
expires
Wed, 27 Dec 2023 19:14:07 GMT
2.png
www.returngta.com/assets/provider/
18 KB
18 KB
Image
General
Full URL
https://www.returngta.com/assets/provider/2.png
Requested by
Host: www.returngta.com
URL: https://www.returngta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.209.144 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium176-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
96620304bdcb5cbc6893ddeb0083c57562ee7f7cfbadd5e21e5bc02bd0398473

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.returngta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 19:14:07 GMT
last-modified
Fri, 02 Jun 2023 14:23:24 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
18623
expires
Wed, 27 Dec 2023 19:14:07 GMT
3.png
www.returngta.com/assets/provider/
19 KB
19 KB
Image
General
Full URL
https://www.returngta.com/assets/provider/3.png
Requested by
Host: www.returngta.com
URL: https://www.returngta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.209.144 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium176-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
0962a31b5f84607e7c8c97d2ab602ffa585dbbe9a0cfe940fb34357649f2ee3b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.returngta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 19:14:07 GMT
last-modified
Fri, 02 Jun 2023 14:23:24 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
19012
expires
Wed, 27 Dec 2023 19:14:07 GMT
4.png
www.returngta.com/assets/provider/
17 KB
17 KB
Image
General
Full URL
https://www.returngta.com/assets/provider/4.png
Requested by
Host: www.returngta.com
URL: https://www.returngta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.209.144 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium176-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
3ca86ce0e63076516eed50008beed9c2c4bad269c4526f18f86fa835dd0eb772

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.returngta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 19:14:07 GMT
last-modified
Fri, 02 Jun 2023 14:23:24 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
17126
expires
Wed, 27 Dec 2023 19:14:07 GMT
5.png
www.returngta.com/assets/provider/
21 KB
22 KB
Image
General
Full URL
https://www.returngta.com/assets/provider/5.png
Requested by
Host: www.returngta.com
URL: https://www.returngta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.209.144 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium176-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
937b66e65014015f42b92843e49118fb59abeae2dc9332c412650ed8ab180da0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.returngta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 19:14:07 GMT
last-modified
Mon, 30 Oct 2023 15:45:58 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
21948
expires
Wed, 27 Dec 2023 19:14:07 GMT
gmw.png
www.returngta.com/assets/provider/
20 KB
20 KB
Image
General
Full URL
https://www.returngta.com/assets/provider/gmw.png
Requested by
Host: www.returngta.com
URL: https://www.returngta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.209.144 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium176-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
018eb0416a644948ae04172c71eddbfa10d1d8b8d47efbe40f796de1b4c61e83

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.returngta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 19:14:07 GMT
last-modified
Mon, 30 Oct 2023 15:45:58 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
20430
expires
Wed, 27 Dec 2023 19:14:07 GMT
nolimit.png
www.returngta.com/assets/provider/
64 KB
64 KB
Image
General
Full URL
https://www.returngta.com/assets/provider/nolimit.png
Requested by
Host: www.returngta.com
URL: https://www.returngta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.209.144 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium176-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
8dc06c0ddc99797fa7cf214e193c95801e295bb24b3354e61ab4cb4391a23d55

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.returngta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 19:14:07 GMT
last-modified
Mon, 30 Oct 2023 15:46:00 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
65316
expires
Wed, 27 Dec 2023 19:14:07 GMT
toptrend.png
www.returngta.com/assets/provider/
18 KB
18 KB
Image
General
Full URL
https://www.returngta.com/assets/provider/toptrend.png
Requested by
Host: www.returngta.com
URL: https://www.returngta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.209.144 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium176-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
c9e0a66b3d4fd989010ed66eaedc109b171ba9d5eda9e792c490be68d36e0053

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.returngta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 19:14:07 GMT
last-modified
Mon, 30 Oct 2023 15:46:00 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
18257
expires
Wed, 27 Dec 2023 19:14:07 GMT
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012312012346000/v0/
8 KB
3 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012312012346000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e2aa31ea0b4c14103915ba7d906536f68d021c22d3038b36c145bc2e6a2cc1d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.returngta.com/
Origin
https://www.returngta.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 15 Dec 2023 18:05:41 GMT
age
436106
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2975
x-xss-protection
0
server
sffe
etag
"a9f93cfafa19b094"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 14 Dec 2024 18:05:41 GMT
ww.js
cdn.ampproject.org/rtv/012312012346000/
51 KB
14 KB
Fetch
General
Full URL
https://cdn.ampproject.org/rtv/012312012346000/ww.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc86fc37ff1669c88ff3e9829a845c62b1e296033836c5d6512c7f7446270914
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
text/plain
Referer
https://www.returngta.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 16 Dec 2023 20:19:24 GMT
age
341683
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14435
x-xss-protection
0
server
sffe
etag
"e78dfcc7e84f41f3"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 15 Dec 2024 20:19:24 GMT
truncated
/
207 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a1647deb8dfb9dd568b291fd9822d7c6e0febe2c500bafc4f65f0b2e71a1c32

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
amp-loader-0.1.js
cdn.ampproject.org/rtv/012312012346000/v0/
12 KB
4 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012312012346000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c54442f21c2cbd18f8e6e2508129e77dab00b67022621679202cfe3b9baa4e9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.returngta.com/
Origin
https://www.returngta.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 15 Dec 2023 18:05:37 GMT
age
436110
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3942
x-xss-protection
0
server
sffe
etag
"4694a1430564add5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 14 Dec 2024 18:05:37 GMT
games
backendapiwtg.com/api/
44 KB
7 KB
Fetch
General
Full URL
https://backendapiwtg.com/api/games?game=pp&__amp_source_origin=https%3A%2F%2Fwww.returngta.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:49ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4917fd4ba59d46c8e89b8f34ac888a91419d6238e34e7cc437f587f2e5f324ff
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.returngta.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 19:14:08 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 20 Dec 2023 19:14:08 GMT
server
cloudflare
access-control-max-age
1728000
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F6uKw%2BbauPhINPNAeHxrTPbQ85vGJDCze8bOKcp9iY01RRL43AjCteRLjlvKKbOezoI2%2B6%2BOZ7H25jv9vNDw48%2Bgz%2B%2BJAJUwHO7%2BSZqd71xlevwyV2x0LJGuyd3UKPb72GdQSKO0d6aHU1FxIlU9YQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=7200
access-control-allow-credentials
true
vary
Accept-Encoding
cf-ray
838a34deb85442b1-EWR
access-control-allow-headers
accept, authorization,content-type,Referer,Sec-Fetch-Mode,User-Agent,X-Requested-With
rtp-gtatogel
takenupload.com/
165 KB
165 KB
Image
General
Full URL
https://takenupload.com/rtp-gtatogel
Requested by
Host: www.returngta.com
URL: https://www.returngta.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.30
Resource Hash
71f47dbe82c1d8b6cbf2d25b3562105215ea1345f529e6ce6e98bb0a7595a5f5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.returngta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 19:14:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.0.30
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FH%2FgW3ldaW9fnHYtdIKxvggHr208HPuaiYO8Vd2lbY%2B%2BpQ9RAzojsL5wjB%2FRPmbic7uwsqkTv7RPIYZK%2B3BMEB2kSTnmMXWO%2FecGZGRIQu6qAXLUEwWrCU2%2FKgnTeAnRZX1OI3dKk%2FffQeV7j1U%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
838a34de58b6176c-EWR
alt-svc
h3=":443"; ma=86400
expires
Wed, 27 Dec 2023 19:14:08 GMT
90db16f8-42e6-440a-9287-19018fd8b39f
https://www.returngta.com/
51 KB
0
Other
General
Full URL
blob:https://www.returngta.com/90db16f8-42e6-440a-9287-19018fd8b39f
Requested by
Host: www.returngta.com
URL: https://www.returngta.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1da870c4db72f786d1d04409b20d4ec7376b352b9bc68327ac5a0c83f17e0553

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
52080
Content-Type
text/javascript
Queenie%20web.webp
www.returngta.com/assets/PP/
15 KB
15 KB
Image
General
Full URL
https://www.returngta.com/assets/PP/Queenie%20web.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.209.144 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium176-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
4e169186cd087f9f36e6a18a2e181c64d7172be2ab0a3ab15ba85a303a1bb8a2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.returngta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 19:14:09 GMT
last-modified
Fri, 02 Jun 2023 14:23:24 GMT
server
LiteSpeed
content-type
image/webp
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
15152
expires
Wed, 27 Dec 2023 19:14:09 GMT
The%20Ultimate%205.webp
www.returngta.com/assets/PP/
13 KB
14 KB
Image
General
Full URL
https://www.returngta.com/assets/PP/The%20Ultimate%205.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.209.144 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium176-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
3cb7c012a847180e6791d43b3dea0ace843513341106710037143e13c09cc05b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.returngta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 19:14:09 GMT
last-modified
Fri, 02 Jun 2023 14:23:24 GMT
server
LiteSpeed
content-type
image/webp
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
13746
expires
Wed, 27 Dec 2023 19:14:09 GMT
Aztec%20King%20web.webp
www.returngta.com/assets/PP/
14 KB
14 KB
Image
General
Full URL
https://www.returngta.com/assets/PP/Aztec%20King%20web.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.209.144 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium176-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
e7dedafbcf3d49d952493738bda25b9e27a8f24f27a0e6966056067a92354ac2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.returngta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 19:14:09 GMT
last-modified
Fri, 02 Jun 2023 14:23:24 GMT
server
LiteSpeed
content-type
image/webp
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
14018
expires
Wed, 27 Dec 2023 19:14:09 GMT
r3r23rGates-of-Olympus.webp
www.returngta.com/assets/PP/
5 KB
5 KB
Image
General
Full URL
https://www.returngta.com/assets/PP/r3r23rGates-of-Olympus.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.209.144 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium176-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
27231200d7320918c013a0aa68d51a74535f1283d80676c99a1e2a5f30b190b5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.returngta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 19:14:09 GMT
last-modified
Fri, 02 Jun 2023 14:23:24 GMT
server
LiteSpeed
content-type
image/webp
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
4972
expires
Wed, 27 Dec 2023 19:14:09 GMT
Sweet-Bonanza.webp
www.returngta.com/assets/PP/
5 KB
5 KB
Image
General
Full URL
https://www.returngta.com/assets/PP/Sweet-Bonanza.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.209.144 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium176-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
9099779f5a8fbcd041012bdfb50b9b4f82230687642b85a64e390a4ea2f9f304

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.returngta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 19:14:09 GMT
last-modified
Fri, 02 Jun 2023 14:23:24 GMT
server
LiteSpeed
content-type
image/webp
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
5190
expires
Wed, 27 Dec 2023 19:14:09 GMT
Aztec-Gems.webp
www.returngta.com/assets/PP/
5 KB
6 KB
Image
General
Full URL
https://www.returngta.com/assets/PP/Aztec-Gems.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.209.144 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium176-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
1fbf18c5a9784c65ffe2c73ce808ea801eb6b0dfb6501e5b7c0a85a32fab81b1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.returngta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 19:14:09 GMT
last-modified
Fri, 02 Jun 2023 14:23:24 GMT
server
LiteSpeed
content-type
image/webp
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
5626
expires
Wed, 27 Dec 2023 19:14:09 GMT
Sweet%20Bonanza%20Xmas.webp
www.returngta.com/assets/PP/
5 KB
5 KB
Image
General
Full URL
https://www.returngta.com/assets/PP/Sweet%20Bonanza%20Xmas.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.209.144 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium176-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
a089f539d19106159c776ef51f8a7523c9cbce5ad025eeea3cefaeea73889583

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.returngta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 19:14:09 GMT
last-modified
Fri, 02 Jun 2023 14:23:24 GMT
server
LiteSpeed
content-type
image/webp
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
5016
expires
Wed, 27 Dec 2023 19:14:09 GMT
starlightprincess1.webp
www.returngta.com/assets/PP/
14 KB
15 KB
Image
General
Full URL
https://www.returngta.com/assets/PP/starlightprincess1.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.209.144 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium176-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
fc2f22192b1231263eeadf133ef98a088f7b2d7f18d4beac812ba5e85e78435d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.returngta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 19:14:09 GMT
last-modified
Fri, 02 Jun 2023 14:23:24 GMT
server
LiteSpeed
content-type
image/webp
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
14832
expires
Wed, 27 Dec 2023 19:14:09 GMT
Wild%20West%20Gold-min.webp
www.returngta.com/assets/PP/
15 KB
15 KB
Image
General
Full URL
https://www.returngta.com/assets/PP/Wild%20West%20Gold-min.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.209.144 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium176-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
a82cbc498579797cf1c6fc081ac7f706244ed78c9f4064e421f8f858e1bcc376

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.returngta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 19:14:09 GMT
last-modified
Fri, 02 Jun 2023 14:23:24 GMT
server
LiteSpeed
content-type
image/webp
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
15046
expires
Wed, 27 Dec 2023 19:14:09 GMT
Bonanza%20Gold-min.webp
www.returngta.com/assets/PP/
12 KB
12 KB
Image
General
Full URL
https://www.returngta.com/assets/PP/Bonanza%20Gold-min.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.209.144 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium176-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
c6703cb1ba9db7b0666e0c8b9a0745ee516bf1292c22fa020e275a331be0b9cb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.returngta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 19:14:09 GMT
last-modified
Fri, 02 Jun 2023 14:23:24 GMT
server
LiteSpeed
content-type
image/webp
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
11880
expires
Wed, 27 Dec 2023 19:14:09 GMT
Joker-s-Jewels.webp
www.returngta.com/assets/PP/
6 KB
6 KB
Image
General
Full URL
https://www.returngta.com/assets/PP/Joker-s-Jewels.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.209.144 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium176-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
cd75dbf51095df2971053e2ba031f9d6a484340bbfc33b83fba9b875930dc042

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.returngta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 19:14:09 GMT
last-modified
Fri, 02 Jun 2023 14:23:24 GMT
server
LiteSpeed
content-type
image/webp
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
5734
expires
Wed, 27 Dec 2023 19:14:09 GMT
Pyramid%20Bonanza.webp
www.returngta.com/assets/PP/
9 KB
9 KB
Image
General
Full URL
https://www.returngta.com/assets/PP/Pyramid%20Bonanza.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.209.144 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium176-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
5f9f441c90fd8a69f889dc23ac0d64e4d52f496ab3401e0ebdbfd2c2ef1d2f62

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.returngta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 19:14:09 GMT
last-modified
Fri, 02 Jun 2023 14:23:24 GMT
server
LiteSpeed
content-type
image/webp
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
9184
expires
Wed, 27 Dec 2023 19:14:09 GMT
Aztec%20Gems%20Deluxe-minw.webp
www.returngta.com/assets/PP/
15 KB
15 KB
Image
General
Full URL
https://www.returngta.com/assets/PP/Aztec%20Gems%20Deluxe-minw.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.209.144 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium176-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
bdaf1119f9424fc76ad4276f2c66164a16229271203d016f6f9cb70814f3bf12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.returngta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 19:14:09 GMT
last-modified
Fri, 02 Jun 2023 14:23:24 GMT
server
LiteSpeed
content-type
image/webp
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
15216
expires
Wed, 27 Dec 2023 19:14:09 GMT
Great%20Rhino%20Megaways-min.webp
www.returngta.com/assets/PP/
14 KB
14 KB
Image
General
Full URL
https://www.returngta.com/assets/PP/Great%20Rhino%20Megaways-min.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.209.144 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium176-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
6af866c9b7be2b4c63fd7473f3f34747fdd62199d541e90894422def50430579

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.returngta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 19:14:09 GMT
last-modified
Fri, 02 Jun 2023 14:23:24 GMT
server
LiteSpeed
content-type
image/webp
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
14452
expires
Wed, 27 Dec 2023 19:14:09 GMT
5lionsmegawaty.webp
www.returngta.com/assets/PP/
14 KB
14 KB
Image
General
Full URL
https://www.returngta.com/assets/PP/5lionsmegawaty.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.209.144 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium176-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
901c76f61b724dc998607895e19fdb605113b183703a9df492141e713f9989f4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.returngta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 19:14:09 GMT
last-modified
Fri, 02 Jun 2023 14:23:24 GMT
server
LiteSpeed
content-type
image/webp
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
14378
expires
Wed, 27 Dec 2023 19:14:09 GMT

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP__EXPERIMENT_TOGGLES object| __AMP_URL_CACHE boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

backendapiwtg.com
cdn.ampproject.org
fonts.googleapis.com
fonts.gstatic.com
takenupload.com
www.returngta.com
162.0.209.144
2606:4700:3035::6815:2ae0
2606:4700:3035::6815:49ce
2607:f8b0:4020:805::200a
2607:f8b0:4020:806::2001
2607:f8b0:4020:806::2003
018eb0416a644948ae04172c71eddbfa10d1d8b8d47efbe40f796de1b4c61e83
04302ac3169b97262b64a9451b9e38d791096d143f8591f0af31053d184e3e00
0962a31b5f84607e7c8c97d2ab602ffa585dbbe9a0cfe940fb34357649f2ee3b
1713e25a849d0d5748dd55221502163a2d6cb52e75a7b5efd4a3bf85665dfe2a
1cccc374b2ba379ef29e12cdf9e5bb9ac667c59d5823f203cf9a36b0a6f71f60
1da870c4db72f786d1d04409b20d4ec7376b352b9bc68327ac5a0c83f17e0553
1e2aa31ea0b4c14103915ba7d906536f68d021c22d3038b36c145bc2e6a2cc1d
1fbf18c5a9784c65ffe2c73ce808ea801eb6b0dfb6501e5b7c0a85a32fab81b1
27231200d7320918c013a0aa68d51a74535f1283d80676c99a1e2a5f30b190b5
2ec9d8d19236a815a5b0473e79b1b6823330026a8a564e4074f3f7595abc4ed1
3c54442f21c2cbd18f8e6e2508129e77dab00b67022621679202cfe3b9baa4e9
3ca86ce0e63076516eed50008beed9c2c4bad269c4526f18f86fa835dd0eb772
3cb7c012a847180e6791d43b3dea0ace843513341106710037143e13c09cc05b
432b08f51bcc7dc94a57c2fcbbc5d2bc0092cf21bddfc416fe6ccd6ebf07721f
4917fd4ba59d46c8e89b8f34ac888a91419d6238e34e7cc437f587f2e5f324ff
4e169186cd087f9f36e6a18a2e181c64d7172be2ab0a3ab15ba85a303a1bb8a2
5cbe7689e39ff7a090b50b9cc6ae254215fcdc37ae4584ccc752781e8cf8f2b1
5f9f441c90fd8a69f889dc23ac0d64e4d52f496ab3401e0ebdbfd2c2ef1d2f62
6af866c9b7be2b4c63fd7473f3f34747fdd62199d541e90894422def50430579
6e8b6c3aeb54a060ad585e3e3c4573a65e6b482713c5198b653dcb2eee843756
71f47dbe82c1d8b6cbf2d25b3562105215ea1345f529e6ce6e98bb0a7595a5f5
7a1647deb8dfb9dd568b291fd9822d7c6e0febe2c500bafc4f65f0b2e71a1c32
7d5cf8646fcb07ec8948072be095c6c9b055d7e389114408f0c5d6bfba0ebad4
83af0c09a4f51158ec41f22995415aad509db6ef38d91c7feda2503acf5c49f6
85d85df9e61ec25caa8e6033bbf255be0036e9af0bec9d8f0cde5f8d6629da3b
8664ffa7e1de549d94482225d37b504a16023ba154393e2f6538c3924028e69a
8dc06c0ddc99797fa7cf214e193c95801e295bb24b3354e61ab4cb4391a23d55
901c76f61b724dc998607895e19fdb605113b183703a9df492141e713f9989f4
9099779f5a8fbcd041012bdfb50b9b4f82230687642b85a64e390a4ea2f9f304
937b66e65014015f42b92843e49118fb59abeae2dc9332c412650ed8ab180da0
96620304bdcb5cbc6893ddeb0083c57562ee7f7cfbadd5e21e5bc02bd0398473
a089f539d19106159c776ef51f8a7523c9cbce5ad025eeea3cefaeea73889583
a82cbc498579797cf1c6fc081ac7f706244ed78c9f4064e421f8f858e1bcc376
b13fc5243de4eb0a5aad0b621d1336a83a255ba730e8dbde34694eada4fdc00c
b8f4932f20fa0868dd2caaa4e5bde036d3db73868c2132a5f387d87064f0343b
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bdaf1119f9424fc76ad4276f2c66164a16229271203d016f6f9cb70814f3bf12
c6703cb1ba9db7b0666e0c8b9a0745ee516bf1292c22fa020e275a331be0b9cb
c86be9343f991a2b91d8238e2b458002707a4d38bc8e74ae99d2a58242ba04c4
c9e0a66b3d4fd989010ed66eaedc109b171ba9d5eda9e792c490be68d36e0053
cd75dbf51095df2971053e2ba031f9d6a484340bbfc33b83fba9b875930dc042
e0435079f9a4a1280a9ccfbb593d29768c3f96b4cd7b0c6ee2134f820b5f65cf
e40d97b983b5756bf934b6b97d8d3fbb7cd719406bf82fee6e8a2c1acced376d
e7dedafbcf3d49d952493738bda25b9e27a8f24f27a0e6966056067a92354ac2
f4bedabec2adb6bd571b46c49de0885c0f832735209f7c58f6af7c7e3d95fe02
fc2f22192b1231263eeadf133ef98a088f7b2d7f18d4beac812ba5e85e78435d
fc86fc37ff1669c88ff3e9829a845c62b1e296033836c5d6512c7f7446270914