www.gtspremium.com Open in urlscan Pro
13.225.213.7  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.gtspremium.com/	1 KB 1 KB	262ms 20ms	Document text/html	13.225.213.7 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.gtspremium.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.213.7 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-213-7.ewr50.r.cloudfront.net Software AmazonS3 / Resource Hash a8992ff74411b5aded48aac1de85fa023fbd198fe91dfa6aa7f16336047655e3 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ranges bytes age 27177 content-length 1103 content-type text/html date Thu, 05 May 2022 11:56:24 GMT etag "15b7bb8f4a2f5e1a6c50f040141b21e5" last-modified Sun, 10 Apr 2022 15:47:07 GMT server AmazonS3 via 1.1 c267e55887d5d0922d95439137f937dc.cloudfront.net (CloudFront) x-amz-cf-id TE7xqkt-u_QEeN-pO20-JhSPUkhVHyam5o9KlwS1GcpensUtZdmqsQ== x-amz-cf-pop EWR50-C1 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront
GET H2	200	css fonts.googleapis.com/	12 KB 1 KB	86ms 36ms	Stylesheet text/css	2607:f8b0:4006:809::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900 Requested by Host: www.gtspremium.com URL: https://www.gtspremium.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:809::200a Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash ba5c75008a133ef73a0eb980a0c37c168b6bd5db7279a90105697670440eeedf Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.gtspremium.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 05 May 2022 18:52:01 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Thu, 05 May 2022 19:29:20 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 05 May 2022 19:29:20 GMT
GET H2	200	materialdesignicons.min.css cdn.jsdelivr.net/npm/@mdi/font@6.x/css/	303 KB 49 KB	72ms 38ms	Stylesheet text/css	2606:4700::6810:5914 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/@mdi/font@6.x/css/materialdesignicons.min.css Requested by Host: www.gtspremium.com URL: https://www.gtspremium.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0c00faa6d4b73654f5e50520a9fb4af9bc1097b49e3590ae2b82d4ef15e85a2e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://www.gtspremium.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Thu, 05 May 2022 19:29:20 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 42308 x-jsd-version 6.6.96 x-cache HIT, HIT cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-fra19179-FRA, cache-iad-kiad7000171-IAD timing-allow-origin * x-jsd-version-type version server cloudflare etag W/"4bab1-TyhYY8PtwoQKL2tVQF7LGmKan1k" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FPuSgvjCNZqGdhlU21QOADHyLeG263DIozPzeauVbb%2BPd7gj%2FHmI05VZpSXgndtT7N96jzvmiPzi%2BlBw86zi5nhJWBO%2BOF%2FfEjD%2BYNYOI9mkxzB5Upg%2F2Hjo6%2B9xhdGr7YmB5QKjFkc7tZ7SOz4%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 cf-ray 706be269fdcbecea-YUL
GET H2	200	prismic.min.js Show response static.cdn.prismic.io/	29 KB 10 KB	89ms 18ms	Script application/javascript	2600:9000:2140:3600:6:ea06:d140:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.cdn.prismic.io/prismic.min.js Requested by Host: www.gtspremium.com URL: https://www.gtspremium.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2140:3600:6:ea06:d140:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 9b2938086569ff46ce7b05a5f7a401e4d505ebc0ee2ffd0cba75afa8ae3afc52 Request headers accept-language en-CA,en;q=0.9 Referer https://www.gtspremium.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Thu, 05 May 2022 08:11:31 GMT content-encoding gzip last-modified Mon, 25 Oct 2021 12:52:48 GMT server AmazonS3 age 40670 etag W/"bbab9dc3132293ba40e3539ec2389de3" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 1e0c086b1361f8d4ae58a5db76efda36.cloudfront.net (CloudFront) x-amz-cf-pop EWR52-C1 x-amz-cf-id DcwW6lrkfXhcY2m0MvS1HQoVCDRpLxlcVJ1P3d3ZWc1uh6YPWaVBEQ==
GET H2	200	LogRocket.min.js Show response cdn.lr-in.com/	37 KB 11 KB	55ms 24ms	Script text/javascript	2606:4700:3034::ac43:cefe CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.lr-in.com/LogRocket.min.js Requested by Host: www.gtspremium.com URL: https://www.gtspremium.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:cefe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2a9b67d525db8715d6b09be00cbf5199dcea99697a432008ff2c27de632cc1b9 Security Headers Name Value Strict-Transport-Security max-age=31556926 Request headers Referer https://www.gtspremium.com/ Origin https://www.gtspremium.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Thu, 05 May 2022 19:29:20 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-cache HIT cross-origin-resource-policy cross-origin strict-transport-security max-age=31556926 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-yul12832-YUL last-modified Thu, 05 May 2022 19:22:12 GMT server cloudflare x-timer S1651778961.958764,VS0,VE0 etag W/"1642d2ddb5da683491ec733b9757db8590222e757f1cc90c791b7250c44f4612" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary x-fh-requested-host, accept-encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mgfaoEmIsDRv%2B4kAUREY%2BnF1vdOpe%2FDTAA9L8P%2BE%2BJEuekOid8lrHmfc1ScbWEmL%2BvGxSZYjf1FErN9m2e2OseDdpdBhygT5r6msrrE5pBHwao7cWIO%2F%2BZBMWpSwd9dh%2B8SnNdL7VgyeEBWg"}],"group":"cf-nel","max_age":604800} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=14400 cf-ray 706be269ed8e7150-YUL x-cache-hits 2
GET H2	200	app.54667044a5454483442489858b500279.css www.gtspremium.com/static/css/	1 MB 1 MB	27ms 24ms	Stylesheet text/css	13.225.213.7 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.gtspremium.com/static/css/app.54667044a5454483442489858b500279.css Requested by Host: www.gtspremium.com URL: https://www.gtspremium.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.213.7 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-213-7.ewr50.r.cloudfront.net Software AmazonS3 / Resource Hash 421a5469887a7391339448d09d0aba49fc128d710415406149f1ce17f4c67b82 Request headers accept-language en-CA,en;q=0.9 Referer https://www.gtspremium.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Thu, 05 May 2022 06:56:38 GMT via 1.1 c267e55887d5d0922d95439137f937dc.cloudfront.net (CloudFront) etag "3294d8d944ee67527e5ee3200f32aebc" last-modified Sun, 10 Apr 2022 15:47:07 GMT server AmazonS3 age 45162 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type text/css x-amz-cf-pop EWR50-C1 accept-ranges bytes content-length 1391730 x-amz-cf-id qnXp5kB5EtaCMihKJgwG0e2bdjd9l7Y2dxzl4Mg8S26iPBm7qCYYjQ==
GET H2	200	manifest.2ae2e69a05c33dfc65f8.js Show response www.gtspremium.com/static/js/	857 B 1 KB	41ms 40ms	Script application/javascript	13.225.213.7 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.gtspremium.com/static/js/manifest.2ae2e69a05c33dfc65f8.js Requested by Host: www.gtspremium.com URL: https://www.gtspremium.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.213.7 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-213-7.ewr50.r.cloudfront.net Software AmazonS3 / Resource Hash d414b80e539a45c4c5b318d37543f524d2cfcc69c92256879afb2f1dd980fdd1 Request headers accept-language en-CA,en;q=0.9 Referer https://www.gtspremium.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Thu, 05 May 2022 16:37:01 GMT via 1.1 c267e55887d5d0922d95439137f937dc.cloudfront.net (CloudFront) etag "323055c248c0cbf6e12cf4b27d6dfd9b" last-modified Sun, 10 Apr 2022 15:47:07 GMT server AmazonS3 age 10340 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type application/javascript x-amz-cf-pop EWR50-C1 accept-ranges bytes content-length 857 x-amz-cf-id Q05ywOYoKxFTeBUUmTVt0oFoQRr5NrL6_X-MIXQEuqDePiPxqVQDvg==
GET H2	200	vendor.7491c924762caab6ef97.js Show response www.gtspremium.com/static/js/	3 MB 3 MB	58ms 58ms	Script application/javascript	13.225.213.7 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.gtspremium.com/static/js/vendor.7491c924762caab6ef97.js Requested by Host: www.gtspremium.com URL: https://www.gtspremium.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.213.7 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-213-7.ewr50.r.cloudfront.net Software AmazonS3 / Resource Hash 9eba917f01e115af06369295cfdb8c9ca9de9f337851d841b2e870667f32d5bd Request headers accept-language en-CA,en;q=0.9 Referer https://www.gtspremium.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Thu, 05 May 2022 16:37:01 GMT via 1.1 c267e55887d5d0922d95439137f937dc.cloudfront.net (CloudFront) etag "572ee1e07f8839b80f112dbbf310cd56" last-modified Sun, 10 Apr 2022 15:47:07 GMT server AmazonS3 age 10340 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type application/javascript x-amz-cf-pop EWR50-C1 accept-ranges bytes content-length 2623731 x-amz-cf-id 3aYjy8uRbrjaC_bvjtlBBhfxC97qgW__ws4KSBPqIKMfqyM4mgriTg==
GET H2	200	app.afe37335394699af15d8.js Show response www.gtspremium.com/static/js/	95 KB 95 KB	77ms 77ms	Script application/javascript	13.225.213.7 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.gtspremium.com/static/js/app.afe37335394699af15d8.js Requested by Host: www.gtspremium.com URL: https://www.gtspremium.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.213.7 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-213-7.ewr50.r.cloudfront.net Software AmazonS3 / Resource Hash 40e5cec8c53d927b06c5737614b086343220204655e4122cdcc2b94e66b4114d Request headers accept-language en-CA,en;q=0.9 Referer https://www.gtspremium.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Thu, 05 May 2022 16:37:01 GMT via 1.1 c267e55887d5d0922d95439137f937dc.cloudfront.net (CloudFront) etag "2609f2b46ece5ebd8a2bb403cd4f73dd" last-modified Sun, 10 Apr 2022 15:47:07 GMT server AmazonS3 age 10340 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type application/javascript x-amz-cf-pop EWR50-C1 accept-ranges bytes content-length 97315 x-amz-cf-id nYwdbTj0aiIE-T-h-nGFMSgMUAmuzTM7gBZzUEQA0TmJcDm3I3h_9w==
GET H3	200	logger-1.min.js Show response cdn.lr-in.com/	782 KB 162 KB	110ms 78ms	Script text/javascript	2606:4700:3034::ac43:cefe CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.lr-in.com/logger-1.min.js Requested by Host: cdn.lr-in.com URL: https://cdn.lr-in.com/LogRocket.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:cefe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f7c7859b244172e7ca55b605a322dab2a995a77fdcfa05c0f9db5325a883faa9 Security Headers Name Value Strict-Transport-Security max-age=31556926 Request headers accept-language en-CA,en;q=0.9 Referer https://www.gtspremium.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Thu, 05 May 2022 19:29:21 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 108 x-cache MISS cross-origin-resource-policy cross-origin strict-transport-security max-age=31556926 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-yul12830-YUL last-modified Thu, 05 May 2022 19:22:12 GMT server cloudflare x-timer S1651778552.150192,VS0,VE150 etag W/"96c7e0f05aeb605f698dc0e8cdaf4d1a8a46b6874581a63e31347ba875a89e0c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary x-fh-requested-host, accept-encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YG74i%2B%2BeUSYgUfGbnIV7kI%2BQlU2SLaXheFBc6uScUycFRxPKIuZfZBWE%2BZj786SaGfR0zom7NA9dtS1th7MrfFq0lrHwYWhLlynE6fTZYlfxE7IoQAmz%2BnKVXfGN%2BgMQLyr8LeV%2BlNgosaKG"}],"group":"cf-nel","max_age":604800} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=14400 cf-ray 706be26aca49ca6f-YUL x-cache-hits 0
GET H3	200	css fonts.googleapis.com/	2 KB 537 B	74ms 34ms	Stylesheet text/css	2607:f8b0:4006:809::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto Requested by Host: www.gtspremium.com URL: https://www.gtspremium.com/static/css/app.54667044a5454483442489858b500279.css Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:809::200a Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.gtspremium.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 05 May 2022 18:55:46 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Thu, 05 May 2022 19:29:21 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 05 May 2022 19:29:21 GMT
GET H2	200	pptm.js Show response www.paypal.com/tagmanager/	12 KB 5 KB	166ms 87ms	Script application/x-javascript	151.101.193.21 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/tagmanager/pptm.js?id=www.gtspremium.com&source=checkoutjs&t=xo&v=4.0.331 Requested by Host: www.gtspremium.com URL: https://www.gtspremium.com/static/js/vendor.7491c924762caab6ef97.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.193.21 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655 Security Headers Name Value Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-pwdm4BCjUvTqyjFPGqWag1LJEhaCdV+zcczjjWa/KAc6vqtg' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com; Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://www.gtspremium.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers content-security-policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-pwdm4BCjUvTqyjFPGqWag1LJEhaCdV+zcczjjWa/KAc6vqtg' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com; content-encoding gzip x-content-type-options nosniff age 1032 x-cache HIT, MISS paypal-debug-id f177329e479ec server-timing content-encoding;desc="gzip",x-cdn;desc="fastly" dc ccg11-origin-www-1.paypal.com vary Accept-Encoding content-length 4299 x-xss-protection 1; mode=block x-served-by cache-sna10743-LGB, cache-yul12824-YUL x-timer S1651778961.478318,VS0,VE76 x-frame-options SAMEORIGIN date Thu, 05 May 2022 19:29:21 GMT strict-transport-security max-age=63072000; includeSubDomains; preload content-type application/x-javascript; charset=utf-8 via 1.1 varnish, 1.1 varnish cache-control public, max-age=3600 etag W/"2f34-zQQ0FVqIlbkbuS4WgpPW/nUPXC4" accept-ranges bytes x-cache-hits 1, 0
GET H2	200	v2 Show response gtspremium.prismic.io/api/	2 KB 1 KB	155ms 82ms	Fetch application/json	52.22.75.182 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://gtspremium.prismic.io/api/v2 Requested by Host: static.cdn.prismic.io URL: https://static.cdn.prismic.io/prismic.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.22.75.182 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-22-75-182.compute-1.amazonaws.com Software / Resource Hash f73e8bea779d9b4d8ee7233ef13f268e61a540037c093c77665247b0a0edf92b Request headers Accept application/json Referer https://www.gtspremium.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers pragma no-cache date Thu, 05 May 2022 19:29:21 GMT content-encoding gzip x-amzn-requestid 364d8c8a-5959-4865-b4f0-000c247e1d99 x-ratelimit-remaining 387 content-type application/json access-control-allow-origin * cache-control max-age=0, no-store x-amzn-trace-id Root=1-62742591-231b26c72b49d588410a4213 x-ratelimit-reset 1651778961 x-ratelimit-limit 400 x-robots-tag noindex, noarchive, nosnippet x-amz-apigw-id RqrOxElAIAMFRHg= x-local-cache MISS
GET H2	200	5bf1e618b8a4c5d3d430.worker.js www.gtspremium.com/	861 KB 863 KB	31ms 29ms	Other application/javascript	13.225.213.7 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.gtspremium.com/5bf1e618b8a4c5d3d430.worker.js Requested by Host: www.gtspremium.com URL: https://www.gtspremium.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.213.7 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-213-7.ewr50.r.cloudfront.net Software AmazonS3 / Resource Hash 80fbfb00dc4b709cddece7b14c31da3c7e4638368f2ba1da3982987451afd521 Request headers accept-language en-CA,en;q=0.9 Referer https://www.gtspremium.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Thu, 05 May 2022 17:06:27 GMT via 1.1 c267e55887d5d0922d95439137f937dc.cloudfront.net (CloudFront) etag "1eb058b6f40044e78e342bf843ef5717" last-modified Sun, 10 Apr 2022 15:47:07 GMT server AmazonS3 age 8575 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type application/javascript x-amz-cf-pop EWR50-C1 accept-ranges bytes content-length 882003 x-amz-cf-id pZ2EsEgim-QpQOAY--ZWIOXYJEG8hLy45AT26oHNWAdkvicVmo1lDQ==
GET H2	200	iframe.html Show response gtspremium.prismic.io/prismic-toolbar/4.0.7/ Frame 1682	20 KB 8 KB	95ms 47ms	Document text/html	52.22.75.182 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://gtspremium.prismic.io/prismic-toolbar/4.0.7/iframe.html Requested by Host: static.cdn.prismic.io URL: https://static.cdn.prismic.io/prismic.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.22.75.182 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-22-75-182.compute-1.amazonaws.com Software / Resource Hash 3b906487a9d11fd14fef05648ce1dfe9c718926da0cd9cda2a24564aeb2bb619 Request headers Referer https://www.gtspremium.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers content-encoding gzip content-type text/html date Thu, 05 May 2022 19:29:21 GMT etag W/"80f4676797f50202e324a04e40bb6d1f" last-modified Thu, 30 Sep 2021 09:06:20 GMT
GET BLOB	200 OK	3884b353-4bf5-48f2-86ee-25582cadfe3d https://www.gtspremium.com/	441 KB 0		Other text/plain
General Check archive.org Show headers Download Go to Full URL blob:https://www.gtspremium.com/3884b353-4bf5-48f2-86ee-25582cadfe3d Requested by Host: www.gtspremium.com URL: https://www.gtspremium.com/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 2ae5f2dc326c166d50a504d0601cde88a1e0e6323219956f76d7e7ef61604364 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Content-Length 451375
GET H2	200	ts t.paypal.com/	42 B 794 B	186ms 130ms	Image image/gif	151.101.129.35 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=GTS%20Premium&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1651778961574&g=0&completeurl=https%3A%2F%2Fwww.gtspremium.com%2F%23%2F%3Fcountry_name%3Dgermany%26tag%3Dbefore_interview%26refid%3D45157841&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D Requested by Host: www.gtspremium.com URL: https://www.gtspremium.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.129.35 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language en-CA,en;q=0.9 Referer https://www.gtspremium.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Thu, 05 May 2022 19:29:21 GMT via 1.1 varnish, 1.1 varnish x-cache MISS, MISS p3p policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM" paypal-debug-id 8efd9bcf7d40f x-cache-hits 0, 0 server-timing content-encoding;desc="",x-cdn;desc="fastly" content-length 42 x-served-by cache-lax10640-LGB, cache-yul12826-YUL pragma no-cache x-timer S1651778962.636339,VS0,VE119 strict-transport-security max-age=63072000; includeSubDomains; preload content-type image/gif cache-control max-age=0, no-cache, no-store, must-revalidate accept-ranges bytes timing-allow-origin * expires Thu, 05 May 2022 19:29:21 GMT
GET H2	200	search Show response gtspremium.cdn.prismic.io/api/v2/documents/	3 KB 2 KB	144ms 29ms	Fetch application/json	2600:9000:2191:3e00:15:1def:a40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://gtspremium.cdn.prismic.io/api/v2/documents/search?page=1&pageSize=1&ref=YlWBbxEAAB4A3hJs&q=%5B%5Bat(document.type%2C%20%22homepage%22)%5D%5D Requested by Host: static.cdn.prismic.io URL: https://static.cdn.prismic.io/prismic.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2191:3e00:15:1def:a40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 686c2883ec8c84800bf8c7e1e2564a8d91413795132c8189a5379ccecc6d989a Request headers Accept application/json Referer https://www.gtspremium.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 12 Apr 2022 13:52:13 GMT content-encoding gzip age 2007428 x-amzn-requestid 8b8a0186-8a58-4bca-bd00-a24a40909622 x-cache Hit from cloudfront content-type application/json access-control-allow-origin * cache-control max-age=315360000 x-amzn-trace-id Root=1-6255840d-1388fb3d2ce795d1729b5a12 x-amz-cf-pop IAD89-C1 x-amz-apigw-id QeGSKFmgIAMFrWw= x-local-cache MISS via 1.1 6bc1c280aeef9bbdeb102c7f4e4f773e.cloudfront.net (CloudFront) x-amz-cf-id i9zOTv4S7s22hr3I-wOsvTUP7FBbYCYPR2s5CfXtO4dOimKSNiDu4g==
GET H3	200	css fonts.googleapis.com/ Frame 1682	2 KB 579 B	35ms 35ms	Stylesheet text/css	2607:f8b0:4006:809::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Source+Code+Pro Requested by Host: gtspremium.prismic.io URL: https://gtspremium.prismic.io/prismic-toolbar/4.0.7/iframe.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:809::200a Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 223158157c70f1ae70b9d5a062895db582a7be6ced708cdc02417fa5b5fecdbd Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://gtspremium.prismic.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 05 May 2022 18:57:39 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Thu, 05 May 2022 19:29:21 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 05 May 2022 19:29:21 GMT
OPTIONS H2	200	initiate 55ddgrdsjd.execute-api.eu-west-1.amazonaws.com/prod/ Frame	0 0	305ms 224ms	Preflight application/json	99.84.126.105 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://55ddgrdsjd.execute-api.eu-west-1.amazonaws.com/prod/initiate Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.126.105 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-126-105.ewr52.r.cloudfront.net Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://www.gtspremium.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers access-control-allow-headers Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent access-control-allow-methods OPTIONS,POST access-control-allow-origin https://www.gtspremium.com content-length 1 content-type application/json date Thu, 05 May 2022 19:29:22 GMT via 1.1 3cd1317514b30fdf5f6be98709ec1b0e.cloudfront.net (CloudFront) x-amz-apigw-id RqrO2GgnDoEF-Rw= x-amz-cf-id _CUabxlScoAUfI3yE4MHAZ0F_N_6Tk6KLUS5sHhrYPvF26vdQyFnug== x-amz-cf-pop EWR52-C3 x-amzn-requestid a93f31fd-1ef6-4569-8e83-7eb2586f3c07 x-cache Miss from cloudfront
POST H2	200	initiate Show response 55ddgrdsjd.execute-api.eu-west-1.amazonaws.com/prod/	13 B 559 B	461ms 460ms	Fetch application/json	99.84.126.105 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://55ddgrdsjd.execute-api.eu-west-1.amazonaws.com/prod/initiate Requested by Host: static.cdn.prismic.io URL: https://static.cdn.prismic.io/prismic.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.126.105 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-126-105.ewr52.r.cloudfront.net Software / Resource Hash 1c9d64ce7719748bf26cd81580ea58245e2a130baf32cd5fc92e08602626c26c Request headers Referer https://www.gtspremium.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type application/json Response headers date Thu, 05 May 2022 19:29:22 GMT via 1.1 3cd1317514b30fdf5f6be98709ec1b0e.cloudfront.net (CloudFront) x-amz-cf-pop EWR52-C3 x-amzn-requestid 10c49440-3536-4efc-9991-fa98345dc481 access-control-allow-methods POST, OPTIONS content-type application/json access-control-allow-origin * access-control-expose-headers Authorize, Authorization, authorize, authorization x-amzn-trace-id Root=1-62742592-63c5af3912fe17595d01b1fa;Sampled=0 x-cache Miss from cloudfront access-control-allow-credentials true x-amz-apigw-id RqrO5E0vDoEFr6A= content-length 13 x-amz-cf-id Se46KfFLmo3iSGPyb9JZ-C81MNvXjA0Xi7xS2t81JaZJ7zsJciAl_g== access-control-allow-headers Authorize, Authorization, authorize, authorization
GET DATA	200 OK	truncated /	5 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 2036280fd12418a70ab1849d35cb8be3703e2db02d6daf481ca092467ad43013 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	6 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e9346dc5f0c92d4a0929c19f6c0b4fa61cfff85b433c410cad854dd204f11020 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v29/	16 KB 16 KB	74ms 26ms	Font font/woff2	2607:f8b0:4006:816::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:816::2003 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.gtspremium.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Wed, 04 May 2022 19:45:15 GMT x-content-type-options nosniff age 85446 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15920 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:21 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 04 May 2023 19:45:15 GMT
GET H2	200	search Show response gtspremium.cdn.prismic.io/api/v2/documents/	26 KB 6 KB	26ms 26ms	Fetch application/json	2600:9000:2191:3e00:15:1def:a40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://gtspremium.cdn.prismic.io/api/v2/documents/search?page=1&pageSize=20&lang=*&ref=YlWBbxEAAB4A3hJs&q=%5B%5Bin(document.id%2C%20%5B%22X5cU7hIAACcAljVI%22%2C%22W-4wTREAAKFA69Gx%22%2C%22YZbmuBEAACIAfONe%22%5D)%5D%5D Requested by Host: static.cdn.prismic.io URL: https://static.cdn.prismic.io/prismic.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2191:3e00:15:1def:a40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash d33cc927e54c97fe0d616e7dbaabfe9746cf5339e0bbee50c5d7d98f47ce41d3 Request headers Accept application/json Referer https://www.gtspremium.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 12 Apr 2022 13:52:13 GMT content-encoding gzip age 2007428 x-amzn-requestid f342124e-63a1-4420-b01f-e852213519e5 x-cache Hit from cloudfront content-type application/json access-control-allow-origin * cache-control max-age=315360000 x-amzn-trace-id Root=1-62558184-45f284d00b212ec40bb21136 x-amz-cf-pop IAD89-C1 x-amz-apigw-id QeEsuHj2IAMFTZA= x-local-cache HIT via 1.1 6bc1c280aeef9bbdeb102c7f4e4f773e.cloudfront.net (CloudFront) x-amz-cf-id RKaXlu7MZMpZxKAhh9wHVqp8tzPzG95Cjuj11hpld3w9z8ssPvpgJw==
GET H2	200	search Show response gtspremium.cdn.prismic.io/api/v2/documents/	40 KB 13 KB	26ms 26ms	Fetch application/json	2600:9000:2191:3e00:15:1def:a40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://gtspremium.cdn.prismic.io/api/v2/documents/search?page=1&pageSize=20&lang=*&ref=YlWBbxEAAB4A3hJs&q=%5B%5Bin(document.id%2C%20%5B%22XCZm4BAAACoAGw4v%22%2C%22XCZlxRAAAH0KGwkx%22%2C%22XA_5MRAAACsANA5Q%22%2C%22W_bFCxQAAJoJcSbd%22%2C%22W_bFJhQAACwAcSdX%22%2C%22W_bETxMAAOEvrzmD%22%5D)%5D%5D Requested by Host: static.cdn.prismic.io URL: https://static.cdn.prismic.io/prismic.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2191:3e00:15:1def:a40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 731d2efad0b4205a6e9dc49d0e62120a478d289dc17113770c7c956d7cb2e5fb Request headers Accept application/json Referer https://www.gtspremium.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 12 Apr 2022 13:52:13 GMT content-encoding gzip age 2007428 x-amzn-requestid 22d777ff-bc5f-494d-a81d-8ab35500a778 x-cache Hit from cloudfront content-type application/json access-control-allow-origin * cache-control max-age=315360000 x-amzn-trace-id Root=1-6255840d-2ee2b8f1067f263208c6451e x-amz-cf-pop IAD89-C1 x-amz-apigw-id QeGSMGuQoAMFfiQ= x-local-cache MISS via 1.1 6bc1c280aeef9bbdeb102c7f4e4f773e.cloudfront.net (CloudFront) x-amz-cf-id jziPEHqPzWCh0o77pCqLYP4upqXn8ggH9UlwFuzFObkWQ1neTKLIqQ==
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v29/	15 KB 16 KB	59ms 22ms	Font font/woff2	2607:f8b0:4006:816::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:816::2003 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.gtspremium.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 03 May 2022 13:46:46 GMT x-content-type-options nosniff age 193355 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15688 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:19 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 03 May 2023 13:46:46 GMT
GET H2	200	search Show response gtspremium.cdn.prismic.io/api/v2/documents/	5 KB 1 KB	31ms 31ms	Fetch application/json	2600:9000:2191:3e00:15:1def:a40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://gtspremium.cdn.prismic.io/api/v2/documents/search?page=1&pageSize=20&lang=*&ref=YlWBbxEAAB4A3hJs&q=%5B%5Bin(document.id%2C%20%5B%22YZZfyhEAACQAgxrI%22%2C%22YWdCUREAACMAFQg0%22%2C%22YWl2iBEAACMAHsrc%22%5D)%5D%5D Requested by Host: static.cdn.prismic.io URL: https://static.cdn.prismic.io/prismic.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2191:3e00:15:1def:a40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 40d1dd4a74f4376f61c3b50d3c8fc88fdf65b3852a58941e15c7305afde4cfdd Request headers Accept application/json Referer https://www.gtspremium.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 12 Apr 2022 13:52:14 GMT content-encoding gzip age 2007427 x-amzn-requestid 7540db4b-dcb2-460b-a724-da20c9ad21b8 x-cache Hit from cloudfront content-type application/json access-control-allow-origin * cache-control max-age=315360000 x-amzn-trace-id Root=1-6255840d-2ec4fd233d8e64667fd7148d x-amz-cf-pop IAD89-C1 x-robots-tag noindex, noarchive, nosnippet x-amz-apigw-id QeGSNGagoAMFfbQ= x-local-cache MISS via 1.1 6bc1c280aeef9bbdeb102c7f4e4f773e.cloudfront.net (CloudFront) x-amz-cf-id jGK9-gbXniy2J6JO5nekXU4345uFJxqf-KX0QDeK0KHVNk9tIZFTEw==
GET H2	200	search Show response gtspremium.cdn.prismic.io/api/v2/documents/	37 KB 6 KB	30ms 29ms	Fetch application/json	2600:9000:2191:3e00:15:1def:a40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://gtspremium.cdn.prismic.io/api/v2/documents/search?page=1&pageSize=20&lang=*&ref=YlWBbxEAAB4A3hJs&q=%5B%5Bin(document.id%2C%20%5B%22YXuuEhIAACQAjK_6%22%2C%22YZYsWxEAACIAgi-z%22%2C%22YZYsWxEAACIAgi-z%22%2C%22YXuuEhIAACQAjK_6%22%2C%22YeBjDxEAACQAUyjZ%22%2C%22YfLblxEAACQApEfx%22%2C%22YfLa4xEAACcApETA%22%2C%22YZYsWxEAACIAgi-z%22%2C%22YXuuEhIAACQAjK_6%22%5D)%5D%5D Requested by Host: static.cdn.prismic.io URL: https://static.cdn.prismic.io/prismic.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2191:3e00:15:1def:a40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash b81781c82591d4b0619a11c9842a1a3bb5d4fe61492e80c5d6b5f99c4d579907 Request headers Accept application/json Referer https://www.gtspremium.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 12 Apr 2022 13:52:14 GMT content-encoding gzip age 2007427 x-amzn-requestid dfca220e-b8fb-4304-a0d2-ad1e41f2a56f x-cache Hit from cloudfront content-type application/json access-control-allow-origin * cache-control max-age=315360000 x-amzn-trace-id Root=1-6255840e-191ff1c80e7716320f2e9cf5 x-amz-cf-pop IAD89-C1 x-amz-apigw-id QeGSPEfoIAMFfpA= x-local-cache MISS via 1.1 6bc1c280aeef9bbdeb102c7f4e4f773e.cloudfront.net (CloudFront) x-amz-cf-id zJ868V4VeX006oWIV49iFOAl1WVPeAhxo7wn2mU_JoQPXkq5Km05ew==
GET H2	200	b7e7f87b-efbb-4c29-85cb-1db9eed7459b_germany-flag-medium.jpg images.prismic.io/gtspremium/	730 B 1020 B	76ms 18ms	Image image/avif	2a04:4e42:31::720 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://images.prismic.io/gtspremium/b7e7f87b-efbb-4c29-85cb-1db9eed7459b_germany-flag-medium.jpg?auto=compress,format Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:31::720 , United States, ASN54113 (FASTLY, US), Reverse DNS Software imgix / Resource Hash 8050db3cfdbbfa2cae83bb19f07c9c8ae97326830f29142382160a970d17d18a Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://www.gtspremium.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Thu, 05 May 2022 19:29:21 GMT x-content-type-options nosniff last-modified Mon, 11 Apr 2022 13:48:52 GMT server imgix age 2094030 vary Accept, User-Agent x-cache HIT, HIT content-type image/avif access-control-allow-origin * cache-control public, max-age=315360000 x-imgix-id 57d4051a53db453bf6ce750cfa06329bd9437b94 accept-ranges bytes content-length 730 cross-origin-resource-policy cross-origin x-served-by cache-sjc10047-SJC, cache-ewr18170-EWR
GET H2	200	b7e7f87b-efbb-4c29-85cb-1db9eed7459b_germany-flag-medium.jpg images.prismic.io/gtspremium/	730 B 769 B	18ms 17ms	Image image/avif	2a04:4e42:31::720 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://images.prismic.io/gtspremium/b7e7f87b-efbb-4c29-85cb-1db9eed7459b_germany-flag-medium.jpg?auto=compress,format Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:31::720 , United States, ASN54113 (FASTLY, US), Reverse DNS Software imgix / Resource Hash 8050db3cfdbbfa2cae83bb19f07c9c8ae97326830f29142382160a970d17d18a Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://www.gtspremium.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Thu, 05 May 2022 19:29:21 GMT x-content-type-options nosniff last-modified Mon, 11 Apr 2022 13:48:52 GMT server imgix age 2094030 vary Accept, User-Agent x-cache HIT, HIT content-type image/avif access-control-allow-origin * cache-control public, max-age=315360000 x-imgix-id 57d4051a53db453bf6ce750cfa06329bd9437b94 accept-ranges bytes content-length 730 cross-origin-resource-policy cross-origin x-served-by cache-sjc10047-SJC, cache-ewr18170-EWR
GET H2	200	b7e7f87b-efbb-4c29-85cb-1db9eed7459b_germany-flag-medium.jpg images.prismic.io/gtspremium/	730 B 792 B	18ms 18ms	Image image/avif	2a04:4e42:31::720 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://images.prismic.io/gtspremium/b7e7f87b-efbb-4c29-85cb-1db9eed7459b_germany-flag-medium.jpg?auto=compress,format Requested by Host: www.gtspremium.com URL: https://www.gtspremium.com/static/js/vendor.7491c924762caab6ef97.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:31::720 , United States, ASN54113 (FASTLY, US), Reverse DNS Software imgix / Resource Hash 8050db3cfdbbfa2cae83bb19f07c9c8ae97326830f29142382160a970d17d18a Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://www.gtspremium.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Thu, 05 May 2022 19:29:22 GMT x-content-type-options nosniff last-modified Mon, 11 Apr 2022 13:48:52 GMT server imgix age 2094030 vary Accept, User-Agent x-cache HIT, HIT content-type image/avif access-control-allow-origin * cache-control public, max-age=315360000 x-imgix-id 57d4051a53db453bf6ce750cfa06329bd9437b94 accept-ranges bytes content-length 730 cross-origin-resource-policy cross-origin x-served-by cache-sjc10047-SJC, cache-ewr18170-EWR
GET H2	200	b7e7f87b-efbb-4c29-85cb-1db9eed7459b_germany-flag-medium.jpg images.prismic.io/gtspremium/	730 B 769 B	18ms 17ms	Image image/avif	2a04:4e42:31::720 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://images.prismic.io/gtspremium/b7e7f87b-efbb-4c29-85cb-1db9eed7459b_germany-flag-medium.jpg?auto=compress,format Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:31::720 , United States, ASN54113 (FASTLY, US), Reverse DNS Software imgix / Resource Hash 8050db3cfdbbfa2cae83bb19f07c9c8ae97326830f29142382160a970d17d18a Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://www.gtspremium.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Thu, 05 May 2022 19:29:22 GMT x-content-type-options nosniff last-modified Mon, 11 Apr 2022 13:48:52 GMT server imgix age 2094030 vary Accept, User-Agent x-cache HIT, HIT content-type image/avif access-control-allow-origin * cache-control public, max-age=315360000 x-imgix-id 57d4051a53db453bf6ce750cfa06329bd9437b94 accept-ranges bytes content-length 730 cross-origin-resource-policy cross-origin x-served-by cache-sjc10047-SJC, cache-ewr18170-EWR
POST H2	200	update Show response 55ddgrdsjd.execute-api.eu-west-1.amazonaws.com/prod/	13 B 563 B	277ms 276ms	Fetch application/json	99.84.126.105 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://55ddgrdsjd.execute-api.eu-west-1.amazonaws.com/prod/update Requested by Host: static.cdn.prismic.io URL: https://static.cdn.prismic.io/prismic.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.126.105 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-126-105.ewr52.r.cloudfront.net Software / Resource Hash 1c9d64ce7719748bf26cd81580ea58245e2a130baf32cd5fc92e08602626c26c Request headers Referer https://www.gtspremium.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type application/json Response headers date Thu, 05 May 2022 19:29:23 GMT via 1.1 3cd1317514b30fdf5f6be98709ec1b0e.cloudfront.net (CloudFront) x-amz-cf-pop EWR52-C3 x-amzn-requestid f7780227-9c74-4748-89d6-6a76a799d574 access-control-allow-methods POST, OPTIONS content-type application/json access-control-allow-origin * access-control-expose-headers Authorize, Authorization, authorize, authorization x-amzn-trace-id Root=1-62742593-049e1c474b7352dd3cb4969f;Sampled=0 x-cache Miss from cloudfront access-control-allow-credentials true x-amz-apigw-id RqrPBEzVjoEFiGw= content-length 13 x-amz-cf-id k3lflLaf89qZLTBCrOKVQn3Z6mFA8Sf4TvU3_HGMV9G0Htv015g0QA== access-control-allow-headers Authorize, Authorization, authorize, authorization
OPTIONS H2	200	update 55ddgrdsjd.execute-api.eu-west-1.amazonaws.com/prod/ Frame	0 0	425ms 424ms	Preflight application/json	99.84.126.105 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://55ddgrdsjd.execute-api.eu-west-1.amazonaws.com/prod/update Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.126.105 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-126-105.ewr52.r.cloudfront.net Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://www.gtspremium.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers access-control-allow-headers Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent access-control-allow-methods OPTIONS,POST access-control-allow-origin https://www.gtspremium.com content-length 1 content-type application/json date Thu, 05 May 2022 19:29:22 GMT via 1.1 3cd1317514b30fdf5f6be98709ec1b0e.cloudfront.net (CloudFront) x-amz-apigw-id RqrO_HcbDoEFq2g= x-amz-cf-id LMx7k8y4Y5FOvEapC-9Y_Kbx7Cz3Qsket2YtkxcwPdDSg9BoMFXERQ== x-amz-cf-pop EWR52-C3 x-amzn-requestid 353b2521-06fd-4c54-8078-1244d99489b8 x-cache Miss from cloudfront

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| prismic object| PrismicToolbar function| _lrMutationObserver function| _lr_surl_cb object| __SDKCONFIG__ object| LogRocket function| webpackJsonp function| setImmediate function| clearImmediate object| __core-js_shared__ object| __postRobot__ object| __zoid__ function| onLegacyPaymentAuthorize function| watchForLegacyFallback function| onLegacyFallback string| LOG_LEVEL function| __pptmLoadedWithNoContent object| regeneratorRuntime boolean| _pdfjsCompatibilityChecked function| _LRLogger boolean| _lr_loaded object| paypalDDL

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.paypal.com/	1970-01-21 05:07:53	Name: ts Value: vreXpYrS%3D1746473361%26vteXpYrS%3D1651780761%26vr%3D95b2c12a1800a98077b33fbcffffffff%26vt%3D95b2c12a1800a98077b33fbcfffffffe
			.paypal.com/	1970-01-21 05:07:53	Name: ts_c Value: vr%3D95b2c12a1800a98077b33fbcffffffff%26vt%3D95b2c12a1800a98077b33fbcfffffffe

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

55ddgrdsjd.execute-api.eu-west-1.amazonaws.com
cdn.jsdelivr.net
cdn.lr-in.com
fonts.googleapis.com
fonts.gstatic.com
gtspremium.cdn.prismic.io
gtspremium.prismic.io
images.prismic.io
static.cdn.prismic.io
t.paypal.com
www.gtspremium.com
www.paypal.com
13.225.213.7
151.101.129.35
151.101.193.21
2600:9000:2140:3600:6:ea06:d140:93a1
2600:9000:2191:3e00:15:1def:a40:93a1
2606:4700:3034::ac43:cefe
2606:4700::6810:5914
2607:f8b0:4006:809::200a
2607:f8b0:4006:816::2003
2a04:4e42:31::720
52.22.75.182
99.84.126.105
0c00faa6d4b73654f5e50520a9fb4af9bc1097b49e3590ae2b82d4ef15e85a2e
1c9d64ce7719748bf26cd81580ea58245e2a130baf32cd5fc92e08602626c26c
2036280fd12418a70ab1849d35cb8be3703e2db02d6daf481ca092467ad43013
223158157c70f1ae70b9d5a062895db582a7be6ced708cdc02417fa5b5fecdbd
25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655
2a9b67d525db8715d6b09be00cbf5199dcea99697a432008ff2c27de632cc1b9
2ae5f2dc326c166d50a504d0601cde88a1e0e6323219956f76d7e7ef61604364
3b906487a9d11fd14fef05648ce1dfe9c718926da0cd9cda2a24564aeb2bb619
40d1dd4a74f4376f61c3b50d3c8fc88fdf65b3852a58941e15c7305afde4cfdd
40e5cec8c53d927b06c5737614b086343220204655e4122cdcc2b94e66b4114d
421a5469887a7391339448d09d0aba49fc128d710415406149f1ce17f4c67b82
686c2883ec8c84800bf8c7e1e2564a8d91413795132c8189a5379ccecc6d989a
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
731d2efad0b4205a6e9dc49d0e62120a478d289dc17113770c7c956d7cb2e5fb
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
8050db3cfdbbfa2cae83bb19f07c9c8ae97326830f29142382160a970d17d18a
80fbfb00dc4b709cddece7b14c31da3c7e4638368f2ba1da3982987451afd521
9b2938086569ff46ce7b05a5f7a401e4d505ebc0ee2ffd0cba75afa8ae3afc52
9eba917f01e115af06369295cfdb8c9ca9de9f337851d841b2e870667f32d5bd
a8992ff74411b5aded48aac1de85fa023fbd198fe91dfa6aa7f16336047655e3
b81781c82591d4b0619a11c9842a1a3bb5d4fe61492e80c5d6b5f99c4d579907
ba5c75008a133ef73a0eb980a0c37c168b6bd5db7279a90105697670440eeedf
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d33cc927e54c97fe0d616e7dbaabfe9746cf5339e0bbee50c5d7d98f47ce41d3
d414b80e539a45c4c5b318d37543f524d2cfcc69c92256879afb2f1dd980fdd1
e9346dc5f0c92d4a0929c19f6c0b4fa61cfff85b433c410cad854dd204f11020
f73e8bea779d9b4d8ee7233ef13f268e61a540037c093c77665247b0a0edf92b
f7c7859b244172e7ca55b605a322dab2a995a77fdcfa05c0f9db5325a883faa9