naturoterapia.co.uk Open in urlscan Pro
2001:41d0:301:12::27 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://diabetestreatment.uk/
Effective URL:
https://naturoterapia.co.uk/
Submission: On November 21 via api (November 21st 2024, 7:34:22 pm UTC) from US — Scanned from FR

Summary HTTP 41 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 5 domains to perform 41 HTTP transactions. The main IP is 2001:41d0:301:12::27, located in France and belongs to OVH OVH SAS, FR. The main domain is naturoterapia.co.uk.
TLS certificate: Issued by R10 on November 18th 2024. Valid for: 3 months.

This is the only time naturoterapia.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2001:41d0:301... 2001:41d0:301::27	16276 (OVH OVH SAS) (OVH OVH SAS)
19	2001:41d0:301... 2001:41d0:301:12::27	16276 (OVH OVH SAS) (OVH OVH SAS)
6	142.250.184.227 142.250.184.227	15169 (GOOGLE) (GOOGLE)
9	151.101.129.21 151.101.129.21	54113 (FASTLY) (FASTLY)
1	151.101.131.1 151.101.131.1	54113 (FASTLY) (FASTLY)
2	151.101.193.21 151.101.193.21	54113 (FASTLY) (FASTLY)
3	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
41	7

1 2001:41d0:301::27 (France) 1 redirects

ASN16276 (OVH OVH SAS, FR)

diabetestreatment.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2001:41d0:301:12::27 (France)

ASN16276 (OVH OVH SAS, FR)

naturoterapia.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.184.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.101.129.21 (San Francisco, United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.131.1 (San Francisco, United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.21 (San Francisco, United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	naturoterapia.co.uk naturoterapia.co.uk	880 KB
12	paypal.com www.paypal.com — Cisco Umbrella Rank: 3003 t.paypal.com — Cisco Umbrella Rank: 3701	105 KB
6	gstatic.com fonts.gstatic.com	154 KB
3	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2811	7 KB
1	diabetestreatment.uk 1 redirects diabetestreatment.uk	363 B
41	5

	Domain	Requested by
19	naturoterapia.co.uk	naturoterapia.co.uk
11	www.paypal.com	naturoterapia.co.uk www.paypal.com
6	fonts.gstatic.com	naturoterapia.co.uk
3	www.paypalobjects.com	www.paypal.com
1	t.paypal.com	naturoterapia.co.uk
1	diabetestreatment.uk	1 redirects
41	6

This site contains links to these domains. Also see Links.

Domain
wa.me
join.skype.com
jerzykozak.com

Subject Issuer	Validity	Valid
www.diabetestreatment.uk R10	`2024-11-18` - `2025-02-16`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2024-02-08` - `2025-02-08`	a year	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2024-06-21` - `2025-06-20`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://naturoterapia.co.uk/
Frame ID: BDA060BC2EAB22FE2BE0147531A66EC8
Requests: 35 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?hostedButtonId=JRYZAJAFEGVWE&style.label=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=42&style.menuPlacement=below&fundingSource=paypal&allowBillingPayments=true&applePaySupport=false&buttonSessionID=uid_3ef47f36cd_mtk6mzq6mty&buttonSize=huge&customerId=&clientID=BAAQasDVaVvmb9VVDJyHx4FeslgnMbizt7LqOT_rq7iPBJkfU7ucMK9OWsoNkc-XrrYQL-g4A05dzBris0&clientMetadataID=uid_e7208c916b_mtk6mzq6mty&commit=true&components.0=hosted-buttons&currency=GBP&debug=false&disableFunding.0=venmo&disableSetCookie=true&env=production&experiment.enableVenmo=false&experiment.venmoVaultWithoutPurchase=false&experiment.venmoWebEnabled=false&flow=purchase&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwibWFlc3RybyI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGluZXJzIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJjdXAiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9fSwiZ3Vlc3RFbmFibGVkIjpmYWxzZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&intent=capture&locale.country=US&locale.lang=en&hasShippingCallback=false&platform=desktop&renderedButtons.0=paypal&sessionID=uid_e7208c916b_mtk6mzq6mty&sdkCorrelationID=0142985078322&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QkFBUWFzRFZhVnZtYjlWVkRKeUh4NEZlc2xnbk1iaXp0N0xxT1RfcnE3aVBCSmtmVTd1Y01LOU9Xc29Oa2MtWHJyWVFMLWc0QTA1ZHpCcmlzMCZjb21wb25lbnRzPWhvc3RlZC1idXR0b25zJmRpc2FibGUtZnVuZGluZz12ZW5tbyZjdXJyZW5jeT1HQlAiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF96eGRwd3dkeGh0cnJjZ3Vpc3dmYnp4YmxvYW5udHAifX0&sdkVersion=5.0.465&storageID=uid_f83d4deba9_mtk6mzq6mty&supportedNativeBrowser=false&supportsPopups=true&vault=false
Frame ID: 68E0CA428801145C44DB275C94451AE8
Requests: 1 HTTP requests in this frame

Frame: https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-blue.svg
Frame ID: 4F59F856E57B4644FCB111055DD87E23
Requests: 1 HTTP requests in this frame

Frame: https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-blue.svg
Frame ID: 4C7BDBA4D633517C67A1368825DAF4E7
Requests: 1 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?hostedButtonId=N93VJ55E3FM6W&style.label=buynow&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=42&style.menuPlacement=below&fundingSource=paypal&allowBillingPayments=true&applePaySupport=false&buttonSessionID=uid_d3caac2157_mtk6mzq6mty&customerId=&clientID=BAAQasDVaVvmb9VVDJyHx4FeslgnMbizt7LqOT_rq7iPBJkfU7ucMK9OWsoNkc-XrrYQL-g4A05dzBris0&clientMetadataID=uid_e7208c916b_mtk6mzq6mty&commit=true&components.0=hosted-buttons&currency=GBP&debug=false&disableFunding.0=venmo&disableSetCookie=true&env=production&experiment.enableVenmo=false&experiment.venmoVaultWithoutPurchase=false&experiment.venmoWebEnabled=false&flow=purchase&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwibWFlc3RybyI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGluZXJzIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJjdXAiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9fSwiZ3Vlc3RFbmFibGVkIjpmYWxzZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&intent=capture&locale.country=US&locale.lang=en&hasShippingCallback=false&platform=desktop&renderedButtons.0=paypal&sessionID=uid_e7208c916b_mtk6mzq6mty&sdkCorrelationID=0142985078322&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QkFBUWFzRFZhVnZtYjlWVkRKeUh4NEZlc2xnbk1iaXp0N0xxT1RfcnE3aVBCSmtmVTd1Y01LOU9Xc29Oa2MtWHJyWVFMLWc0QTA1ZHpCcmlzMCZjb21wb25lbnRzPWhvc3RlZC1idXR0b25zJmRpc2FibGUtZnVuZGluZz12ZW5tbyZjdXJyZW5jeT1HQlAiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF96eGRwd3dkeGh0cnJjZ3Vpc3dmYnp4YmxvYW5udHAifX0&sdkVersion=5.0.465&storageID=uid_f83d4deba9_mtk6mzq6mty&supportedNativeBrowser=false&supportsPopups=true&vault=false
Frame ID: F34D28DAEE3F05763B5E0FAC6EA89BCA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

NATUROPATHERAPY – Discover the Power of Naturopathy for a Healthier, Happier You

Page URL History Show full URLs

http://diabetestreatment.uk/ HTTP 307
https://diabetestreatment.uk/ HTTP 301
https://naturoterapia.co.uk/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

41
Requests

98 %
HTTPS

29 %
IPv6

5
Domains

6
Subdomains

7
IPs

2
Countries

1145 kB
Transfer

2215 kB
Size

0
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://wa.me/447419775392
Title: WhatsApp

Search URL Search Domain Scan URL

URL: https://join.skype.com/invite/G0neSog5QovD
Title: Skype

Search URL Search Domain Scan URL

URL: https://jerzykozak.com/
Title: Jerzy Kozak

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://diabetestreatment.uk/ HTTP 307
https://diabetestreatment.uk/ HTTP 301
https://naturoterapia.co.uk/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
naturoterapia.co.uk/
Redirect Chain

http://diabetestreatment.uk/
https://diabetestreatment.uk/
https://naturoterapia.co.uk/

126 KB
18 KB

105ms
46ms

Document
text/html

2001:41d0:301:12::27
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://naturoterapia.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:12::27 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
Software: Apache / PHP/8.3
Resource Hash: 119e768a4d0011adae70e4ac2c6a606bb59900286cd59cbd9bdcacaafbd93719

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 21 Nov 2024 19:34:14 GMT
server: Apache
sg-f-cache: HIT
vary: Accept-Encoding
x-powered-by: PHP/8.3

Redirect headers

content-length: 236
content-type: text/html; charset=iso-8859-1
date: Thu, 21 Nov 2024 19:34:14 GMT
location: https://naturoterapia.co.uk/
server: Apache

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v32/ 13 KB
13 KB 82ms
33ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: naturoterapia.co.uk
URL: https://naturoterapia.co.uk/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

0a7fc3de6341e5ab2853f213dbf792903cd35039daa9530a649a20a877ccac8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://naturoterapia.co.uk
Referer: https://naturoterapia.co.uk/

Response headers

age: 198550
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 19 Nov 2025 12:25:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 19 Nov 2024 12:25:04 GMT
last-modified: Thu, 01 Aug 2024 20:41:26 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13408
x-xss-protection: 0
server: sffe

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
fonts.gstatic.com/s/opensans/v40/ 42 KB
42 KB 88ms
39ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2

Requested by

Host: naturoterapia.co.uk
URL: https://naturoterapia.co.uk/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

94a23e7f96fbde62943e5fc93c59212f68a57d2587fe51f056d20ce802e8249c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://naturoterapia.co.uk
Referer: https://naturoterapia.co.uk/

Response headers

age: 240889
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 19 Nov 2025 00:39:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 19 Nov 2024 00:39:25 GMT
last-modified: Thu, 14 Dec 2023 02:05:10 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 43068
x-xss-protection: 0
server: sffe

GET
H2 200 siteground-optimizer-combined-css-776092131b90645636ca9eb0fcd9c15c.css
naturoterapia.co.uk/wp-content/uploads/siteground-optimizer-assets/ 459 KB
64 KB 84ms
81ms Stylesheet
text/css 2001:41d0:301:12::27
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://naturoterapia.co.uk/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-776092131b90645636ca9eb0fcd9c15c.css
Requested by: Host: naturoterapia.co.uk
URL: https://naturoterapia.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:12::27 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
Software: Apache /
Resource Hash: d563fc2f42c688f701a7fd46edc379e5fb21101cedb53837cb25e43246849316

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://naturoterapia.co.uk/

Response headers

cache-control: max-age=31536000
content-encoding: gzip
expires: Fri, 21 Nov 2025 19:34:14 GMT
accept-ranges: bytes
date: Thu, 21 Nov 2024 19:34:14 GMT
content-type: text/css
last-modified: Sat, 16 Nov 2024 13:38:28 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 fa-regular-400.woff2
naturoterapia.co.uk/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/webfonts/ 13 KB
13 KB 27ms
24ms Font
application/octet-stream 2001:41d0:301:12::27
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://naturoterapia.co.uk/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/webfonts/fa-regular-400.woff2
Requested by: Host: naturoterapia.co.uk
URL: https://naturoterapia.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:12::27 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
Software: Apache /
Resource Hash: e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://naturoterapia.co.uk
Referer: https://naturoterapia.co.uk/

Response headers

accept-ranges: bytes
content-length: 13224
date: Thu, 21 Nov 2024 19:34:14 GMT
last-modified: Sat, 16 Nov 2024 13:16:15 GMT
server: Apache

GET
H2 200 fa-solid-900.woff2
naturoterapia.co.uk/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/webfonts/ 76 KB
77 KB 43ms
41ms Font
application/octet-stream 2001:41d0:301:12::27
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://naturoterapia.co.uk/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/webfonts/fa-solid-900.woff2
Requested by: Host: naturoterapia.co.uk
URL: https://naturoterapia.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:12::27 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
Software: Apache /
Resource Hash: 9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://naturoterapia.co.uk
Referer: https://naturoterapia.co.uk/

Response headers

accept-ranges: bytes
content-length: 78268
date: Thu, 21 Nov 2024 19:34:14 GMT
last-modified: Sat, 16 Nov 2024 13:16:15 GMT
server: Apache

GET
H2 200 fa-brands-400.woff2
naturoterapia.co.uk/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/webfonts/ 75 KB
75 KB 46ms
43ms Font
application/octet-stream 2001:41d0:301:12::27
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://naturoterapia.co.uk/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/webfonts/fa-brands-400.woff2
Requested by: Host: naturoterapia.co.uk
URL: https://naturoterapia.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:12::27 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
Software: Apache /
Resource Hash: 8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://naturoterapia.co.uk
Referer: https://naturoterapia.co.uk/

Response headers

accept-ranges: bytes
content-length: 76736
date: Thu, 21 Nov 2024 19:34:14 GMT
last-modified: Sat, 16 Nov 2024 13:16:15 GMT
server: Apache

GET
H2 200 jquery.min.js Show response
naturoterapia.co.uk/wp-includes/js/jquery/ 86 KB
30 KB 81ms
79ms Script
application/javascript 2001:41d0:301:12::27
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://naturoterapia.co.uk/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: naturoterapia.co.uk
URL: https://naturoterapia.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:12::27 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
Software: Apache /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://naturoterapia.co.uk/

Response headers

cache-control: max-age=31536000
content-encoding: gzip
expires: Fri, 21 Nov 2025 19:34:14 GMT
accept-ranges: bytes
content-length: 30368
date: Thu, 21 Nov 2024 19:34:14 GMT
content-type: application/javascript
last-modified: Sat, 16 Nov 2024 13:16:20 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 final-ogo-web.png
naturoterapia.co.uk/wp-content/uploads/2024/11/ 45 KB
45 KB 23ms
21ms Image
image/png 2001:41d0:301:12::27
OVH OVH SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://naturoterapia.co.uk/wp-content/uploads/2024/11/final-ogo-web.png
Requested by: Host: naturoterapia.co.uk
URL: https://naturoterapia.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:12::27 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
Software: Apache /
Resource Hash: a5eec6253f997b58bcfca04db4588859a06c8e51fcf31bb8dbcefb669765948c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://naturoterapia.co.uk/

Response headers

cache-control: max-age=31536000
expires: Fri, 21 Nov 2025 19:34:14 GMT
accept-ranges: bytes
content-length: 45778
date: Thu, 21 Nov 2024 19:34:14 GMT
content-type: image/png
last-modified: Sat, 16 Nov 2024 13:16:18 GMT
server: Apache

GET
H2 200 js Show response
www.paypal.com/sdk/ 299 KB
85 KB 648ms
537ms Script
application/javascript 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=BAAQasDVaVvmb9VVDJyHx4FeslgnMbizt7LqOT_rq7iPBJkfU7ucMK9OWsoNkc-XrrYQL-g4A05dzBris0&components=hosted-buttons&disable-funding=venmo&currency=GBP

Requested by

Host: naturoterapia.co.uk
URL: https://naturoterapia.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

980dd84167c68274b8964506f5c0b036aabbde4eb02edec54e7461b06131ed90

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-jAOGOw5c1Xix/USEcI1hU+mtC1x6+tFDKsGuE7wMnMOHHnfe' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-jAOGOw5c1Xix/USEcI1hU+mtC1x6+tFDKsGuE7wMnMOHHnfe' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://naturoterapia.co.uk/

Response headers

access-control-expose-headers: Server-Timing
paypal-debug-id: f4386944139cb
content-encoding: gzip
etag: W/"14bde-HCNt7mMGRQxz6yDA6UwK5y45XKk"
age: 0
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
disable-set-cookie: true
traceparent: 00-0000000000000000000f4386944139cb-ed197bcc93075616-01
server-timing: "traceparent;desc="00-0000000000000000000f4386944139cb-6501a1d38fd4c7ed-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
p3p: true
date: Thu, 21 Nov 2024 19:34:15 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-lhr-egll1980053-LHR, cache-lcy-eglc8600042-LCY, cache-lcy-eglc8600042-LCY
x-cache-hits: 0, 0, 0
x-frame-options: SAMEORIGIN
x-cache: MISS, HIT, MISS
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-jAOGOw5c1Xix/USEcI1hU+mtC1x6+tFDKsGuE7wMnMOHHnfe' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-jAOGOw5c1Xix/USEcI1hU+mtC1x6+tFDKsGuE7wMnMOHHnfe' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control: public, max-age=3600, s-maxage=10800
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer: S1732217655.995358,VS0,VE498
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
access-control-allow-origin: *
content-length: 84958
x-xss-protection: 1; mode=block

GET
H2 200 logo-naturoterapia-light.png
naturoterapia.co.uk/wp-content/uploads/2024/11/ 40 KB
40 KB 35ms
34ms Image
image/png 2001:41d0:301:12::27
OVH OVH SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://naturoterapia.co.uk/wp-content/uploads/2024/11/logo-naturoterapia-light.png
Requested by: Host: naturoterapia.co.uk
URL: https://naturoterapia.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:12::27 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
Software: Apache /
Resource Hash: df859cbe217a21de279a5d947d44dc7c06decaf3f414c561c0ed3ccd574ff3f5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://naturoterapia.co.uk/

Response headers

cache-control: max-age=31536000
expires: Fri, 21 Nov 2025 19:34:14 GMT
accept-ranges: bytes
content-length: 40942
date: Thu, 21 Nov 2024 19:34:14 GMT
content-type: image/png
last-modified: Sat, 16 Nov 2024 13:16:18 GMT
server: Apache

GET
H2 200 hooks.min.js Show response
naturoterapia.co.uk/wp-includes/js/dist/ 5 KB
2 KB 22ms
21ms Script
application/javascript 2001:41d0:301:12::27
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://naturoterapia.co.uk/wp-includes/js/dist/hooks.min.js?ver=4d63a3d491d11ffd8ac6
Requested by: Host: naturoterapia.co.uk
URL: https://naturoterapia.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:12::27 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
Software: Apache /
Resource Hash: 9a1e0d38b691f1d22a92cff65ec0439b428170ac39a4493c7ecb06d5585f56a3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://naturoterapia.co.uk/

Response headers

cache-control: max-age=31536000
content-encoding: gzip
expires: Fri, 21 Nov 2025 19:34:14 GMT
accept-ranges: bytes
content-length: 1648
date: Thu, 21 Nov 2024 19:34:14 GMT
content-type: application/javascript
last-modified: Sat, 16 Nov 2024 13:16:19 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 i18n.min.js Show response
naturoterapia.co.uk/wp-includes/js/dist/ 9 KB
4 KB 27ms
26ms Script
application/javascript 2001:41d0:301:12::27
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://naturoterapia.co.uk/wp-includes/js/dist/i18n.min.js?ver=5e580eb46a90c2b997e6
Requested by: Host: naturoterapia.co.uk
URL: https://naturoterapia.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:12::27 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
Software: Apache /
Resource Hash: f313d12ea6124bd28fc4a6b7163d253bb83d5aeab5edce594880c5c3df475cbc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://naturoterapia.co.uk/

Response headers

cache-control: max-age=31536000
content-encoding: gzip
expires: Fri, 21 Nov 2025 19:34:14 GMT
accept-ranges: bytes
content-length: 3667
date: Thu, 21 Nov 2024 19:34:14 GMT
content-type: application/javascript
last-modified: Sat, 16 Nov 2024 13:16:19 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 siteground-optimizer-combined-js-c8348ed590379100b62b59899d121019.js Show response
naturoterapia.co.uk/wp-content/uploads/siteground-optimizer-assets/ 164 KB
37 KB 27ms
27ms Script
application/javascript 2001:41d0:301:12::27
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://naturoterapia.co.uk/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-c8348ed590379100b62b59899d121019.js
Requested by: Host: naturoterapia.co.uk
URL: https://naturoterapia.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:12::27 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
Software: Apache /
Resource Hash: 9a806430f4ca22d516dca8cf86fe627e8070c138d7b389dde1145ae6fb61b7ff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://naturoterapia.co.uk/

Response headers

cache-control: max-age=31536000
content-encoding: gzip
expires: Fri, 21 Nov 2025 19:34:14 GMT
accept-ranges: bytes
content-length: 37863
date: Thu, 21 Nov 2024 19:34:14 GMT
content-type: application/javascript
last-modified: Sat, 16 Nov 2024 13:34:42 GMT
server: Apache
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/gif

GET
H2 200 header-bg.jpg
naturoterapia.co.uk/wp-content/uploads/2024/11/ 189 KB
189 KB 22ms
21ms Image
image/jpeg 2001:41d0:301:12::27
OVH OVH SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://naturoterapia.co.uk/wp-content/uploads/2024/11/header-bg.jpg
Requested by: Host: naturoterapia.co.uk
URL: https://naturoterapia.co.uk/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-776092131b90645636ca9eb0fcd9c15c.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:12::27 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
Software: Apache /
Resource Hash: e7198d60d8a3310bf459bd17548e3733257effa55e87cbfe8720b4e95b23c8c6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://naturoterapia.co.uk/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-776092131b90645636ca9eb0fcd9c15c.css

Response headers

cache-control: max-age=31536000
expires: Fri, 21 Nov 2025 19:34:14 GMT
accept-ranges: bytes
content-length: 193367
date: Thu, 21 Nov 2024 19:34:14 GMT
content-type: image/jpeg
last-modified: Sat, 16 Nov 2024 13:16:18 GMT
server: Apache

GET
H2 200 decor-bottom1.png
naturoterapia.co.uk/wp-content/uploads/2024/11/ 29 KB
29 KB 26ms
25ms Image
image/png 2001:41d0:301:12::27
OVH OVH SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://naturoterapia.co.uk/wp-content/uploads/2024/11/decor-bottom1.png
Requested by: Host: naturoterapia.co.uk
URL: https://naturoterapia.co.uk/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-776092131b90645636ca9eb0fcd9c15c.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:12::27 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
Software: Apache /
Resource Hash: 1c3a68f0c53d1a6678c9d5b3c57f72be604184ddfaa098c9872d9026b53145a7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://naturoterapia.co.uk/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-776092131b90645636ca9eb0fcd9c15c.css

Response headers

cache-control: max-age=31536000
expires: Fri, 21 Nov 2025 19:34:14 GMT
accept-ranges: bytes
content-length: 29550
date: Thu, 21 Nov 2024 19:34:14 GMT
content-type: image/png
last-modified: Sat, 16 Nov 2024 13:16:18 GMT
server: Apache

GET
H2 200 rt-decor2.png
naturoterapia.co.uk/wp-content/uploads/2024/11/ 35 KB
35 KB 28ms
28ms Image
image/png 2001:41d0:301:12::27
OVH OVH SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://naturoterapia.co.uk/wp-content/uploads/2024/11/rt-decor2.png
Requested by: Host: naturoterapia.co.uk
URL: https://naturoterapia.co.uk/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-776092131b90645636ca9eb0fcd9c15c.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:12::27 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
Software: Apache /
Resource Hash: d77dc2a480eb9d8465ece5882ed690a31c5d4fe3cb190dce0b2c4caae8d51ec5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://naturoterapia.co.uk/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-776092131b90645636ca9eb0fcd9c15c.css

Response headers

cache-control: max-age=31536000
expires: Fri, 21 Nov 2025 19:34:14 GMT
accept-ranges: bytes
content-length: 35916
date: Thu, 21 Nov 2024 19:34:14 GMT
content-type: image/png
last-modified: Sat, 16 Nov 2024 13:16:18 GMT
server: Apache

GET
H2 200 consult.png
naturoterapia.co.uk/wp-content/uploads/2024/11/ 33 KB
33 KB 21ms
21ms Image
image/png 2001:41d0:301:12::27
OVH OVH SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://naturoterapia.co.uk/wp-content/uploads/2024/11/consult.png
Requested by: Host: naturoterapia.co.uk
URL: https://naturoterapia.co.uk/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-776092131b90645636ca9eb0fcd9c15c.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:12::27 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
Software: Apache /
Resource Hash: d41de722ad6e228950c1fe1f297bb4fb180359b295c13afdf483a1939f51c233

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://naturoterapia.co.uk/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-776092131b90645636ca9eb0fcd9c15c.css

Response headers

cache-control: max-age=31536000
expires: Fri, 21 Nov 2025 19:34:15 GMT
accept-ranges: bytes
content-length: 33540
date: Thu, 21 Nov 2024 19:34:15 GMT
content-type: image/png
last-modified: Sat, 16 Nov 2024 13:16:18 GMT
server: Apache

GET
H3 200 QldgNThLqRwH-OJ1UHjlKENVzkWGVkL3GZQmAwLYxYWI2qfdm7Lpp9s8WR32kg.ttf
fonts.gstatic.com/s/inconsolata/v32/ 35 KB
22 KB 47ms
46ms Font
font/ttf 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inconsolata/v32/QldgNThLqRwH-OJ1UHjlKENVzkWGVkL3GZQmAwLYxYWI2qfdm7Lpp9s8WR32kg.ttf

Requested by

Host: naturoterapia.co.uk
URL: https://naturoterapia.co.uk/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

cb65ddf7eadc78bfc839b1b2208bf414cd1d41f607b4603535da20261161a948

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://naturoterapia.co.uk
Referer: https://naturoterapia.co.uk/

Response headers

content-encoding: gzip
age: 298
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 21 Nov 2025 19:29:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 19:29:17 GMT
last-modified: Thu, 14 Sep 2023 01:26:29 GMT
content-type: font/ttf
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22426
x-xss-protection: 0
server: sffe

GET
H3 200 QldgNThLqRwH-OJ1UHjlKENVzkWGVkL3GZQmAwLYxYWI2qfdm7Lpp4U8WR32kg.ttf
fonts.gstatic.com/s/inconsolata/v32/ 35 KB
22 KB 36ms
34ms Font
font/ttf 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inconsolata/v32/QldgNThLqRwH-OJ1UHjlKENVzkWGVkL3GZQmAwLYxYWI2qfdm7Lpp4U8WR32kg.ttf

Requested by

Host: naturoterapia.co.uk
URL: https://naturoterapia.co.uk/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

b24d79e7f95f28a46d793a99a59cc1ba696db1c270f824f55f8fe02166e40bd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://naturoterapia.co.uk
Referer: https://naturoterapia.co.uk/

Response headers

content-encoding: gzip
age: 56533
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 21 Nov 2025 03:52:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 03:52:02 GMT
last-modified: Thu, 14 Sep 2023 00:51:08 GMT
content-type: font/ttf
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22175
x-xss-protection: 0
server: sffe

GET
H3 200 kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxY.ttf
fonts.gstatic.com/s/librebaskerville/v14/ 77 KB
33 KB 38ms
37ms Font
font/ttf 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librebaskerville/v14/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxY.ttf

Requested by

Host: naturoterapia.co.uk
URL: https://naturoterapia.co.uk/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

207a123334c65d976b11a0bd1b2be5c207e103a4dee63dd6b2c5a2c44fd7411e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://naturoterapia.co.uk
Referer: https://naturoterapia.co.uk/

Response headers

content-encoding: gzip
age: 4705
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 21 Nov 2025 18:15:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 18:15:50 GMT
last-modified: Tue, 26 Apr 2022 16:42:07 GMT
content-type: font/ttf
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 34268
x-xss-protection: 0
server: sffe

GET
H3 200 QldgNThLqRwH-OJ1UHjlKENVzkWGVkL3GZQmAwLYxYWI2qfdm7Lpp2I7WR32kg.ttf
fonts.gstatic.com/s/inconsolata/v32/ 35 KB
22 KB 47ms
46ms Font
font/ttf 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inconsolata/v32/QldgNThLqRwH-OJ1UHjlKENVzkWGVkL3GZQmAwLYxYWI2qfdm7Lpp2I7WR32kg.ttf

Requested by

Host: naturoterapia.co.uk
URL: https://naturoterapia.co.uk/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

df1c461f89b42e3e2cd829c86c6a96fb3eb997d68ce14f65657a4c28a3fc38c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://naturoterapia.co.uk
Referer: https://naturoterapia.co.uk/

Response headers

content-encoding: gzip
age: 180391
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 19 Nov 2025 17:27:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 19 Nov 2024 17:27:44 GMT
last-modified: Wed, 13 Sep 2023 23:30:06 GMT
content-type: font/ttf
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22594
x-xss-protection: 0
server: sffe

GET
H2 200 Ultimate-Icons.ttf
naturoterapia.co.uk/wp-content/uploads/bb-plugin/icons/ultimate-icons/fonts/ 92 KB
55 KB 29ms
28ms Font
application/x-font-ttf 2001:41d0:301:12::27
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://naturoterapia.co.uk/wp-content/uploads/bb-plugin/icons/ultimate-icons/fonts/Ultimate-Icons.ttf?1ddi1j
Requested by: Host: naturoterapia.co.uk
URL: https://naturoterapia.co.uk/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-776092131b90645636ca9eb0fcd9c15c.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:12::27 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
Software: Apache /
Resource Hash: 749e9e6c1652b50dde4385d73974f50d699f43ae8def9f78dad63ef837fbf556

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://naturoterapia.co.uk
Referer: https://naturoterapia.co.uk/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-776092131b90645636ca9eb0fcd9c15c.css

Response headers

cache-control: max-age=31536000
content-encoding: gzip
expires: Fri, 21 Nov 2025 19:34:15 GMT
accept-ranges: bytes
date: Thu, 21 Nov 2024 19:34:15 GMT
content-type: application/x-font-ttf
last-modified: Sat, 16 Nov 2024 13:16:18 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 12 KB
5 KB 399ms
398ms Script
application/x-javascript 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=naturoterapia.co.uk&t=xo&v=5.0.465&source=payments_sdk&client_id=BAAQasDVaVvmb9VVDJyHx4FeslgnMbizt7LqOT_rq7iPBJkfU7ucMK9OWsoNkc-XrrYQL-g4A05dzBris0&comp=hosted-buttons&disableSetCookie=true&vault=false

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=BAAQasDVaVvmb9VVDJyHx4FeslgnMbizt7LqOT_rq7iPBJkfU7ucMK9OWsoNkc-XrrYQL-g4A05dzBris0&components=hosted-buttons&disable-funding=venmo&currency=GBP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fb11430bad0503642a242e3c42be2690df96d11efc4f08e27b9b96f02480f8ee

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-6fuLjLN6ab02L2jdaH70Lh8ApmjxKZBtEEqo4nVDM04opU9T' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://naturoterapia.co.uk/

Response headers

paypal-debug-id: f4356284fc0e8
content-encoding: gzip
etag: W/"2f86-rIyHQCWayVhsCSMMD5/wlkCo+Tw"
age: 0
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
traceparent: 00-0000000000000000000f4356284fc0e8-3f242138fdd78a60-01
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT, HIT, MISS
date: Thu, 21 Nov 2024 19:34:15 GMT
content-type: application/x-javascript; charset=utf-8
x-served-by: cache-lhr-egll1980026-LHR, cache-lcy-eglc8600042-LCY, cache-lcy-eglc8600042-LCY
x-cache-hits: 8, 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-6fuLjLN6ab02L2jdaH70Lh8ApmjxKZBtEEqo4nVDM04opU9T' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
cache-control: public, max-age=3600
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer: S1732217656.578897,VS0,VE372
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
content-length: 4354
x-xss-protection: 1; mode=block

GET 5d606db4-0cbf-40de-9f9f-d2592b05b408
https://naturoterapia.co.uk/ Frame 0
0

OPTIONS
H2 204 JRYZAJAFEGVWE
www.paypal.com/ncp/api/form-fields/ Frame 0
0 287ms
226ms Preflight 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/ncp/api/form-fields/JRYZAJAFEGVWE?locale.x=en-US

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-rLcpHxIyZueCFT1qTh8rvKIomiwPLFUN2HqDjiGD4Fb9p6kT' 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; img-src 'self' https: data:; object-src 'none'; font-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.paypalobjects.com https://.paypal.com https://.qualtrics.com; connect-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com https://api.sprig.com https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	SAMEORIGIN
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,paypal-entry-point
Access-Control-Request-Method: GET
Origin: https://naturoterapia.co.uk
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-allow-headers: content-type,paypal-entry-point
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-rLcpHxIyZueCFT1qTh8rvKIomiwPLFUN2HqDjiGD4Fb9p6kT' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https: data:; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://api.sprig.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
date: Thu, 21 Nov 2024 19:34:15 GMT
dc: ccg11-origin-www-1.paypal.com
expires: -1
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f403212160f15
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
pragma: no-cache
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f403212160f15-9db758ec83a97ab7-01
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS, MISS
x-cache-hits: 0, 0, 0
x-content-type-options: SAMEORIGIN
x-frame-options: SAMEORIGIN
x-served-by: cache-lhr-egll1980088-LHR, cache-lcy-eglc8600097-LCY, cache-lcy-eglc8600097-LCY
x-timer: S1732217656.723147,VS0,VE201
x-xss-protection: SAMEORIGIN

OPTIONS
H2 204 N93VJ55E3FM6W
www.paypal.com/ncp/api/form-fields/ Frame 0
0 345ms
285ms Preflight 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/ncp/api/form-fields/N93VJ55E3FM6W?locale.x=en-US

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-XvYzzebhlIaHNeB3Sxx/d9uailkwEtqIa5IxG6iYEa6y6HQq' 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; img-src 'self' https: data:; object-src 'none'; font-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.paypalobjects.com https://.paypal.com https://.qualtrics.com; connect-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com https://api.sprig.com https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	SAMEORIGIN
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,paypal-entry-point
Access-Control-Request-Method: GET
Origin: https://naturoterapia.co.uk
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-allow-headers: content-type,paypal-entry-point
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-XvYzzebhlIaHNeB3Sxx/d9uailkwEtqIa5IxG6iYEa6y6HQq' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https: data:; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://api.sprig.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
date: Thu, 21 Nov 2024 19:34:15 GMT
dc: ccg11-origin-www-1.paypal.com
expires: -1
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f4032123be5b9
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
pragma: no-cache
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f4032123be5b9-f29a5d0867a76d08-01
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS, MISS
x-cache-hits: 0, 0, 0
x-content-type-options: SAMEORIGIN
x-frame-options: SAMEORIGIN
x-served-by: cache-lhr-egll1980041-LHR, cache-lcy-eglc8600097-LCY, cache-lcy-eglc8600097-LCY
x-timer: S1732217656.723149,VS0,VE261
x-xss-protection: SAMEORIGIN

GET
H2 200 JRYZAJAFEGVWE Show response
www.paypal.com/ncp/api/form-fields/ 12 KB
6 KB 447ms
446ms XHR
application/json 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/ncp/api/form-fields/JRYZAJAFEGVWE?locale.x=en-US

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9c0d7db87adb30be5ce00565f713b04eacc106d4e42e14483e785b941ee91b33

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-kPEE7m8CDsy+/bP2Og2NqkK7eEMo5ybzcSx/CEQHSNlDQhjd' 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; img-src 'self' https: data:; object-src 'none'; font-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.paypalobjects.com https://.paypal.com https://.qualtrics.com; connect-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com https://api.sprig.com https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	SAMEORIGIN
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	SAMEORIGIN

Request headers

paypal-entry-point: SDK
Referer: https://naturoterapia.co.uk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept: application/json
content-type: application/json

Response headers

paypal-debug-id: f40321208a05c
content-encoding: gzip
etag: W/"2f44-3KsnmznEcVw0haA9BxqAR7VjIRM"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: SAMEORIGIN
expires: -1
traceparent: 00-0000000000000000000f40321208a05c-3adb8ef4d256e901-01
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-cache: MISS, MISS, MISS
date: Thu, 21 Nov 2024 19:34:16 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-lhr-egll1980077-LHR, cache-lcy-eglc8600097-LCY, cache-lcy-eglc8600097-LCY
x-cache-hits: 0, 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-kPEE7m8CDsy+/bP2Og2NqkK7eEMo5ybzcSx/CEQHSNlDQhjd' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https: data:; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://api.sprig.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
pragma: no-cache
x-timer: S1732217656.951917,VS0,VE421
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
access-control-allow-origin: *
x-xss-protection: SAMEORIGIN

GET
H2 200 N93VJ55E3FM6W Show response
www.paypal.com/ncp/api/form-fields/ 12 KB
6 KB 472ms
471ms XHR
application/json 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/ncp/api/form-fields/N93VJ55E3FM6W?locale.x=en-US

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3a496c9559749778359bb703e95535b2ca11608f577b3849e79f887b43663e2a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-2j7M46Hx+43Li620teRvoxzuPYlnFC+sWxRV5GF8SkiBUFAg' 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; img-src 'self' https: data:; object-src 'none'; font-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.paypalobjects.com https://.paypal.com https://.qualtrics.com; connect-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com https://api.sprig.com https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	SAMEORIGIN
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	SAMEORIGIN

Request headers

paypal-entry-point: SDK
Referer: https://naturoterapia.co.uk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept: application/json
content-type: application/json

Response headers

paypal-debug-id: f4032128c4958
content-encoding: gzip
etag: W/"2f5d-pzDYXMLaJrCZ8pUgSv9b8g9SLd0"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: SAMEORIGIN
expires: -1
traceparent: 00-0000000000000000000f4032128c4958-e5ad36f8ade47541-01
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-cache: MISS, MISS, MISS
date: Thu, 21 Nov 2024 19:34:16 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-lhr-egll1980025-LHR, cache-lcy-eglc8600097-LCY, cache-lcy-eglc8600097-LCY
x-cache-hits: 0, 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-2j7M46Hx+43Li620teRvoxzuPYlnFC+sWxRV5GF8SkiBUFAg' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https: data:; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://api.sprig.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
pragma: no-cache
x-timer: S1732217656.009238,VS0,VE447
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
access-control-allow-origin: *
x-xss-protection: SAMEORIGIN

GET
H2 200 wp-emoji-release.min.js Show response
naturoterapia.co.uk/wp-includes/js/ 18 KB
5 KB 21ms
21ms Script
application/javascript 2001:41d0:301:12::27
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://naturoterapia.co.uk/wp-includes/js/wp-emoji-release.min.js?ver=6.7
Requested by: Host: naturoterapia.co.uk
URL: https://naturoterapia.co.uk/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-c8348ed590379100b62b59899d121019.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:12::27 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
Software: Apache /
Resource Hash: 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://naturoterapia.co.uk/

Response headers

cache-control: max-age=31536000
content-encoding: gzip
expires: Fri, 21 Nov 2025 19:34:15 GMT
accept-ranges: bytes
content-length: 5062
date: Thu, 21 Nov 2024 19:34:15 GMT
content-type: application/javascript
last-modified: Sat, 16 Nov 2024 13:16:19 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 ts
t.paypal.com/ 42 B
638 B 242ms
164ms Image
image/gif 151.101.131.1
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=NATUROPATHERAPY%20%E2%80%93%20Discover%20the%20Power%20of%20Naturopathy%20for%20a%20Healthier%2C%20Happier%20You&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1732217655968&g=-60&completeurl=https%3A%2F%2Fnaturoterapia.co.uk%2F&ru=https%3A%2F%2Fnaturoterapia.co.uk%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D&disableSetCookie=true

Requested by

Host: naturoterapia.co.uk
URL: https://naturoterapia.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.131.1 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://naturoterapia.co.uk/

Response headers

access-control-expose-headers: Server-Timing
paypal-debug-id: d375f622a4466
correlation-id: d375f622a4466
expires: Thu, 21 Nov 2024 19:34:16 GMT
traceparent: 00-0000000000000000000d375f622a4466-97b4f6d19dffc2bd-01
x-cache: MISS, MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
server-timing: "traceparent;desc="00-0000000000000000000d375f622a4466-67403349af9d39cc-01"";content-encoding;desc="",x-cdn;desc="fastly"
date: Thu, 21 Nov 2024 19:34:16 GMT
content-type: image/gif
x-served-by: cache-lhr-egll1980051-LHR, cache-lcy-eglc8600073-LCY
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
x-timer: S1732217656.059146,VS0,VE139
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes

GET
H2 200 NIBO5360.jpg
naturoterapia.co.uk/wp-content/uploads/2024/11/ 125 KB
126 KB 22ms
21ms Image
image/jpeg 2001:41d0:301:12::27
OVH OVH SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://naturoterapia.co.uk/wp-content/uploads/2024/11/NIBO5360.jpg
Requested by: Host: naturoterapia.co.uk
URL: https://naturoterapia.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:12::27 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
Software: Apache /
Resource Hash: b3e53e556efefd02a6ea816cf876387b232613414309b7c6448c1d32e18b39c4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://naturoterapia.co.uk/

Response headers

cache-control: max-age=31536000
expires: Fri, 21 Nov 2025 19:34:16 GMT
accept-ranges: bytes
content-length: 128258
date: Thu, 21 Nov 2024 19:34:16 GMT
content-type: image/jpeg
last-modified: Sat, 16 Nov 2024 13:16:18 GMT
server: Apache

GET
H2 200 cropped-site-icon-32x32.png
naturoterapia.co.uk/wp-content/uploads/2024/11/ 2 KB
2 KB 24ms
22ms Other
image/png 2001:41d0:301:12::27
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://naturoterapia.co.uk/wp-content/uploads/2024/11/cropped-site-icon-32x32.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:12::27 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
Software: Apache /
Resource Hash: 1a1aebe5c5add65da2a57be6c1b361a09f31d9d726fa1d59d1533e1e214860b3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://naturoterapia.co.uk/

Response headers

cache-control: max-age=31536000
expires: Fri, 21 Nov 2025 19:34:16 GMT
accept-ranges: bytes
content-length: 2196
date: Thu, 21 Nov 2024 19:34:16 GMT
content-type: image/png
last-modified: Sat, 16 Nov 2024 13:16:18 GMT
server: Apache

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 964 B
1 KB 213ms
211ms XHR
application/json 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9d1301b0918ac8b02faac67636da03816e3174545e43cb8d1ac282f98a6c3e36

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://naturoterapia.co.uk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept: application/json
content-type: application/json

Response headers

paypal-debug-id: f40321235c1be
content-encoding: br
etag: W/"3c4-77E148iSimwwUQmu7RHAFtIsDyk"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
traceparent: 00-0000000000000000000f40321235c1be-e63cccb3972d6264-01
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-cache: MISS, MISS, MISS
date: Thu, 21 Nov 2024 19:34:16 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-lhr-egll1980084-LHR, cache-lcy-eglc8600097-LCY, cache-lcy-eglc8600097-LCY
x-cache-hits: 0, 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer: S1732217656.467076,VS0,VE187
access-control-allow-credentials: true
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
access-control-allow-origin: https://naturoterapia.co.uk

OPTIONS
H2 204 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 184ms
176ms Preflight 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://naturoterapia.co.uk
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://naturoterapia.co.uk
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Thu, 21 Nov 2024 19:34:16 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f403212f4bbf7
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f403212f4bbf7-1f146d17b50d5508-01
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS, MISS
x-cache-hits: 0, 0, 0
x-content-type-options: nosniff
x-served-by: cache-lhr-egll1980029-LHR, cache-lcy-eglc8600097-LCY, cache-lcy-eglc8600097-LCY
x-timer: S1732217656.287653,VS0,VE154

GET
DATA 200
OK truncated
/ 136 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7c608a601f878db1068dc95b4b24cb567a46e2fc037e74172e0f80d93e9fc7a2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H2 200 buttons
www.paypal.com/smart/ Frame 68E0 0
0 602ms
564ms Document
text/html 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/smart/buttons?hostedButtonId=JRYZAJAFEGVWE&style.label=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=42&style.menuPlacement=below&fundingSource=paypal&allowBillingPayments=true&applePaySupport=false&buttonSessionID=uid_3ef47f36cd_mtk6mzq6mty&buttonSize=huge&customerId=&clientID=BAAQasDVaVvmb9VVDJyHx4FeslgnMbizt7LqOT_rq7iPBJkfU7ucMK9OWsoNkc-XrrYQL-g4A05dzBris0&clientMetadataID=uid_e7208c916b_mtk6mzq6mty&commit=true&components.0=hosted-buttons&currency=GBP&debug=false&disableFunding.0=venmo&disableSetCookie=true&env=production&experiment.enableVenmo=false&experiment.venmoVaultWithoutPurchase=false&experiment.venmoWebEnabled=false&flow=purchase&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwibWFlc3RybyI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGluZXJzIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJjdXAiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9fSwiZ3Vlc3RFbmFibGVkIjpmYWxzZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&intent=capture&locale.country=US&locale.lang=en&hasShippingCallback=false&platform=desktop&renderedButtons.0=paypal&sessionID=uid_e7208c916b_mtk6mzq6mty&sdkCorrelationID=0142985078322&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QkFBUWFzRFZhVnZtYjlWVkRKeUh4NEZlc2xnbk1iaXp0N0xxT1RfcnE3aVBCSmtmVTd1Y01LOU9Xc29Oa2MtWHJyWVFMLWc0QTA1ZHpCcmlzMCZjb21wb25lbnRzPWhvc3RlZC1idXR0b25zJmRpc2FibGUtZnVuZGluZz12ZW5tbyZjdXJyZW5jeT1HQlAiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF96eGRwd3dkeGh0cnJjZ3Vpc3dmYnp4YmxvYW5udHAifX0&sdkVersion=5.0.465&storageID=uid_f83d4deba9_mtk6mzq6mty&supportedNativeBrowser=false&supportsPopups=true&vault=false

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	form-action 'self' https://.paypal.com https://.cardinalcommerce.com; default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com: https://.paypalobjects.com https://.googleapis.com https://.firebaseio.com wss://.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://.qualtrics.com; frame-src 'self' https://.paypal.com:* https://.paypalobjects.com https://.cardinalcommerce.com https://.venmo.com https://.firebaseapp.com https://.qualtrics.com; script-src 'self' https://.paypal.com:* https://.paypalobjects.com 'unsafe-inline' https://apis.google.com; style-src 'self' https://.paypal.com:* https://.paypalobjects.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://naturoterapia.co.uk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-disposition: inline
content-encoding: gzip
content-security-policy: form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.venmo.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
date: Thu, 21 Nov 2024 19:34:17 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"7ac86-gb6n514MbokyM9MH6/eyfoFz3bM"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
p3p: true
paypal-debug-id: f88515097fd2b
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: "traceparent;desc="00-0000000000000000000f88515097fd2b-65068f2796253aa5-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f88515097fd2b-f737e109473783f9-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS, MISS
x-cache-hits: 0, 0, 0
x-content-type-options: nosniff
x-csrf-jwt: __blank__
x-served-by: cache-lhr-egll1980026-LHR, cache-lcy-eglc8600072-LCY, cache-lcy-eglc8600072-LCY
x-timer: S1732217657.641759,VS0,VE523
x-xss-protection: 1; mode=block

GET
H2 200 Debit_Credit_APM.svg
www.paypalobjects.com/images/ 13 KB
5 KB 211ms
37ms Image
image/svg+xml 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/images/Debit_Credit_APM.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (paa/6F6B) /

Resource Hash

408a1c8b8dda2db59d070e300851139b510c447807ee6aa86c59250dbdfd68e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://naturoterapia.co.uk/

Response headers

paypal-debug-id: 15f173549ca7b
content-encoding: br
etag: W/"67229932-35f7"
x-content-type-options: nosniff
expires: Thu, 21 Nov 2024 20:34:16 GMT
traceparent: 00-000000000000000000015f173549ca7b-d88692299aa81f85-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Thu, 21 Nov 2024 19:34:16 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Oct 2024 20:38:10 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4903
server: ECAcc (paa/6F6B)

GET
H2 200 paypal-blue.svg
www.paypalobjects.com/js-sdk-logos/2.2.7/ Frame 4F59 3 KB
2 KB 196ms
26ms Image
image/svg+xml 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-blue.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (paa/6F05) /

Resource Hash

25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

paypal-debug-id: d18d9e9ea48ff
content-encoding: br
etag: W/"642c9aab-cc2"
x-content-type-options: nosniff
expires: Thu, 21 Nov 2024 20:34:16 GMT
traceparent: 00-0000000000000000000d18d9e9ea48ff-876595a86b750599-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Thu, 21 Nov 2024 19:34:16 GMT
content-type: image/svg+xml
last-modified: Tue, 04 Apr 2023 21:46:19 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-origin: *
content-length: 1246
server: ECAcc (paa/6F05)

GET
H2 200 paypal-blue.svg
www.paypalobjects.com/js-sdk-logos/2.2.7/ Frame 4C7B 3 KB
0 39ms
39ms Image
image/svg+xml 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-blue.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (paa/6F05) /

Resource Hash

25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

paypal-debug-id: d18d9e9ea48ff
content-encoding: br
etag: W/"642c9aab-cc2"
x-content-type-options: nosniff
expires: Thu, 21 Nov 2024 20:34:16 GMT
traceparent: 00-0000000000000000000d18d9e9ea48ff-876595a86b750599-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Thu, 21 Nov 2024 19:34:16 GMT
content-type: image/svg+xml
last-modified: Tue, 04 Apr 2023 21:46:19 GMT
vary: Accept-Encoding
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-origin: *
content-length: 1246
server: ECAcc (paa/6F05)

GET
H2 200 buttons
www.paypal.com/smart/ Frame F34D 0
0 531ms
529ms Document
text/html 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/smart/buttons?hostedButtonId=N93VJ55E3FM6W&style.label=buynow&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=42&style.menuPlacement=below&fundingSource=paypal&allowBillingPayments=true&applePaySupport=false&buttonSessionID=uid_d3caac2157_mtk6mzq6mty&customerId=&clientID=BAAQasDVaVvmb9VVDJyHx4FeslgnMbizt7LqOT_rq7iPBJkfU7ucMK9OWsoNkc-XrrYQL-g4A05dzBris0&clientMetadataID=uid_e7208c916b_mtk6mzq6mty&commit=true&components.0=hosted-buttons&currency=GBP&debug=false&disableFunding.0=venmo&disableSetCookie=true&env=production&experiment.enableVenmo=false&experiment.venmoVaultWithoutPurchase=false&experiment.venmoWebEnabled=false&flow=purchase&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwibWFlc3RybyI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGluZXJzIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJjdXAiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9fSwiZ3Vlc3RFbmFibGVkIjpmYWxzZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&intent=capture&locale.country=US&locale.lang=en&hasShippingCallback=false&platform=desktop&renderedButtons.0=paypal&sessionID=uid_e7208c916b_mtk6mzq6mty&sdkCorrelationID=0142985078322&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QkFBUWFzRFZhVnZtYjlWVkRKeUh4NEZlc2xnbk1iaXp0N0xxT1RfcnE3aVBCSmtmVTd1Y01LOU9Xc29Oa2MtWHJyWVFMLWc0QTA1ZHpCcmlzMCZjb21wb25lbnRzPWhvc3RlZC1idXR0b25zJmRpc2FibGUtZnVuZGluZz12ZW5tbyZjdXJyZW5jeT1HQlAiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF96eGRwd3dkeGh0cnJjZ3Vpc3dmYnp4YmxvYW5udHAifX0&sdkVersion=5.0.465&storageID=uid_f83d4deba9_mtk6mzq6mty&supportedNativeBrowser=false&supportsPopups=true&vault=false

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	form-action 'self' https://.paypal.com https://.cardinalcommerce.com; default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com: https://.paypalobjects.com https://.googleapis.com https://.firebaseio.com wss://.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://.qualtrics.com; frame-src 'self' https://.paypal.com:* https://.paypalobjects.com https://.cardinalcommerce.com https://.venmo.com https://.firebaseapp.com https://.qualtrics.com; script-src 'self' https://.paypal.com:* https://.paypalobjects.com 'unsafe-inline' https://apis.google.com; style-src 'self' https://.paypal.com:* https://.paypalobjects.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://naturoterapia.co.uk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-disposition: inline
content-encoding: gzip
content-security-policy: form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.venmo.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
date: Thu, 21 Nov 2024 19:34:17 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"7acdc-RN4Ou+GV/+c9I1kuOoIa4Mp/gaU"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
p3p: true
paypal-debug-id: f88515093703f
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: "traceparent;desc="00-0000000000000000000f88515093703f-d54732f892164e25-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f88515093703f-bd51bbbd68a72e24-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS, MISS
x-cache-hits: 0, 0, 0
x-content-type-options: nosniff
x-csrf-jwt: __blank__
x-served-by: cache-lhr-egll1980045-LHR, cache-lcy-eglc8600072-LCY, cache-lcy-eglc8600072-LCY
x-timer: S1732217657.744738,VS0,VE490
x-xss-protection: 1; mode=block

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 968 B
843 B 208ms
201ms XHR
application/json 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

38d2a19f600b01b4fc596f3a944ac756af582c790d49341662850de1a65ecc04

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://naturoterapia.co.uk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept: application/json
content-type: application/json

Response headers

paypal-debug-id: f88515065a8fa
content-encoding: br
etag: W/"3c8-UsgRWGZRgCNKmwTiuVO0KHLIbnw"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
traceparent: 00-0000000000000000000f88515065a8fa-33be7fffd7d65116-01
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-cache: MISS, MISS, MISS
date: Thu, 21 Nov 2024 19:34:16 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-lhr-egll1980044-LHR, cache-lcy-eglc8600097-LCY, cache-lcy-eglc8600097-LCY
x-cache-hits: 0, 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer: S1732217657.757207,VS0,VE178
access-control-allow-credentials: true
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
access-control-allow-origin: https://naturoterapia.co.uk

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: naturoterapia.co.uk
URL: blob:https://naturoterapia.co.uk/5d606db4-0cbf-40de-9f9f-d2592b05b408

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

diabetestreatment.uk
fonts.gstatic.com
naturoterapia.co.uk
t.paypal.com
www.paypal.com
www.paypalobjects.com
naturoterapia.co.uk
142.250.184.227
151.101.129.21
151.101.131.1
151.101.193.21
192.229.221.25
2001:41d0:301:12::27
2001:41d0:301::27
0a7fc3de6341e5ab2853f213dbf792903cd35039daa9530a649a20a877ccac8a
119e768a4d0011adae70e4ac2c6a606bb59900286cd59cbd9bdcacaafbd93719
1a1aebe5c5add65da2a57be6c1b361a09f31d9d726fa1d59d1533e1e214860b3
1c3a68f0c53d1a6678c9d5b3c57f72be604184ddfaa098c9872d9026b53145a7
207a123334c65d976b11a0bd1b2be5c207e103a4dee63dd6b2c5a2c44fd7411e
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b
38d2a19f600b01b4fc596f3a944ac756af582c790d49341662850de1a65ecc04
3a496c9559749778359bb703e95535b2ca11608f577b3849e79f887b43663e2a
408a1c8b8dda2db59d070e300851139b510c447807ee6aa86c59250dbdfd68e5
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
749e9e6c1652b50dde4385d73974f50d699f43ae8def9f78dad63ef837fbf556
7c608a601f878db1068dc95b4b24cb567a46e2fc037e74172e0f80d93e9fc7a2
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
94a23e7f96fbde62943e5fc93c59212f68a57d2587fe51f056d20ce802e8249c
980dd84167c68274b8964506f5c0b036aabbde4eb02edec54e7461b06131ed90
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
9a1e0d38b691f1d22a92cff65ec0439b428170ac39a4493c7ecb06d5585f56a3
9a806430f4ca22d516dca8cf86fe627e8070c138d7b389dde1145ae6fb61b7ff
9c0d7db87adb30be5ce00565f713b04eacc106d4e42e14483e785b941ee91b33
9d1301b0918ac8b02faac67636da03816e3174545e43cb8d1ac282f98a6c3e36
a5eec6253f997b58bcfca04db4588859a06c8e51fcf31bb8dbcefb669765948c
b24d79e7f95f28a46d793a99a59cc1ba696db1c270f824f55f8fe02166e40bd5
b3e53e556efefd02a6ea816cf876387b232613414309b7c6448c1d32e18b39c4
cb65ddf7eadc78bfc839b1b2208bf414cd1d41f607b4603535da20261161a948
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d41de722ad6e228950c1fe1f297bb4fb180359b295c13afdf483a1939f51c233
d563fc2f42c688f701a7fd46edc379e5fb21101cedb53837cb25e43246849316
d77dc2a480eb9d8465ece5882ed690a31c5d4fe3cb190dce0b2c4caae8d51ec5
df1c461f89b42e3e2cd829c86c6a96fb3eb997d68ce14f65657a4c28a3fc38c4
df859cbe217a21de279a5d947d44dc7c06decaf3f414c561c0ed3ccd574ff3f5
e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca
e7198d60d8a3310bf459bd17548e3733257effa55e87cbfe8720b4e95b23c8c6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f313d12ea6124bd28fc4a6b7163d253bb83d5aeab5edce594880c5c3df475cbc
fb11430bad0503642a242e3c42be2690df96d11efc4f08e27b9b96f02480f8ee

naturoterapia.co.uk Open in urlscan Pro 2001:41d0:301:12::27 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

41 Requests

98 %HTTPS

29 %IPv6

5 Domains

6 Subdomains

7 IPs

2 Countries

1145 kBTransfer

2215 kBSize

0 Cookies

3 Outgoing links

Page URL History

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

naturoterapia.co.uk Open in urlscan Pro
2001:41d0:301:12::27 Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

98 %
HTTPS

29 %
IPv6

5
Domains

6
Subdomains

7
IPs

2
Countries

1145 kB
Transfer

2215 kB
Size

0
Cookies

41 HTTP transactions
2 data transactions