urlscan.io logo urlscan.io
SecurityTrails logo

www.doterra.com Open in urlscan Pro
45.60.16.13  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://essentialoilsvn.com/
Effective URL: https://www.doterra.com/US/en/site/alynn
Submission Tags: @ecarlesi possiblethreat #phishing Search All
Submission: On November 03 via api from AU — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 1 countries across 15 domains to perform 83 HTTP transactions. The main IP is 45.60.16.13, located in United States and belongs to INCAPSULA, US. The main domain is www.doterra.com. The Cisco Umbrella rank of the primary domain is 217342.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on February 27th 2023. Valid for: a year.
This is the only time www.doterra.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 15.197.142.173 16509 (AMAZON-02)
1 30 45.60.16.13 19551 (INCAPSULA)
9 52.92.180.41 16509 (AMAZON-02)
2 172.217.24.36 15169 (GOOGLE)
5 172.217.24.42 15169 (GOOGLE)
11 172.217.24.40 15169 (GOOGLE)
1 18.67.111.47 16509 (AMAZON-02)
1 54.149.243.64 16509 (AMAZON-02)
3 172.217.24.35 15169 (GOOGLE)
9 172.217.24.46 15169 (GOOGLE)
1 172.217.24.34 15169 (GOOGLE)
3 18.67.111.108 16509 (AMAZON-02)
2 35.201.112.186 396982 (GOOGLE-CL...)
1 74.125.200.154 15169 (GOOGLE)
3 35.186.194.58 15169 (GOOGLE)
2 172.64.144.121 13335 (CLOUDFLAR...)
1 172.64.148.35 13335 (CLOUDFLAR...)
83 16
1    15.197.142.173 (United States)

ASN16509 (AMAZON-02, US)
PTR: a4ec4c6ea1c92e2e6.awsglobalaccelerator.com
essentialoilsvn.com
30    45.60.16.13 (United States)

ASN19551 (INCAPSULA, US)
www.doterra.com
9    52.92.180.41 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-w.amazonaws.com
doterra-prod-media1.s3.amazonaws.com
2    172.217.24.36 (United States)

ASN15169 (GOOGLE, US)
PTR: hkg07s23-in-f4.1e100.net
www.google.com
5    172.217.24.42 (United States)

ASN15169 (GOOGLE, US)
PTR: hkg07s23-in-f10.1e100.net
fonts.googleapis.com
www.googleapis.com
11    172.217.24.40 (United States)

ASN15169 (GOOGLE, US)
PTR: hkg07s23-in-f8.1e100.net
www.googletagmanager.com
1    18.67.111.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-111-47.syd62.r.cloudfront.net
consent.trustarc.com
1    54.149.243.64 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-149-243-64.us-west-2.compute.amazonaws.com
mydoterra.queue-it.net
3    172.217.24.35 (United States)

ASN15169 (GOOGLE, US)
PTR: hkg07s23-in-f35.1e100.net
fonts.gstatic.com
www.gstatic.com
www.google.com.au
9    172.217.24.46 (United States)

ASN15169 (GOOGLE, US)
PTR: hkg07s23-in-f14.1e100.net
www.google-analytics.com
1    172.217.24.34 (United States)

ASN15169 (GOOGLE, US)
PTR: hkg07s23-in-f2.1e100.net
googleads.g.doubleclick.net
3    18.67.111.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-111-108.syd62.r.cloudfront.net
cdn.attn.tv
2    35.201.112.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com
edge.fullstory.com
1    74.125.200.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f154.1e100.net
stats.g.doubleclick.net
3    35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com
rs.fullstory.com
2    172.64.144.121 (United States)

ASN13335 (CLOUDFLARENET, US)
doterra.attn.tv
1    172.64.148.35 (United States)

ASN13335 (CLOUDFLARENET, US)
events.attentivemobile.com
Apex Domain
Subdomains		 Transfer
30 doterra.com
www.doterra.com — Cisco Umbrella Rank: 217342
1 MB
11 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
271 KB
9 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
9 amazonaws.com
doterra-prod-media1.s3.amazonaws.com — Cisco Umbrella Rank: 307276
1 MB
5 fullstory.com
edge.fullstory.com — Cisco Umbrella Rank: 2176
rs.fullstory.com — Cisco Umbrella Rank: 2183
78 KB
5 attn.tv
cdn.attn.tv — Cisco Umbrella Rank: 4008
doterra.attn.tv — Cisco Umbrella Rank: 404260
48 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
www.googleapis.com — Cisco Umbrella Rank: 22
3 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
2 KB
2 gstatic.com
fonts.gstatic.com
www.gstatic.com
235 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 google.com.au
www.google.com.au — Cisco Umbrella Rank: 28394
455 B
1 attentivemobile.com
events.attentivemobile.com — Cisco Umbrella Rank: 3802
249 B
1 queue-it.net
mydoterra.queue-it.net — Cisco Umbrella Rank: 450981
926 B
1 trustarc.com
consent.trustarc.com — Cisco Umbrella Rank: 3316
5 KB
1 essentialoilsvn.com
essentialoilsvn.com
297 B
83 15
Domain Requested by
30 www.doterra.com 1 redirects www.doterra.com
11 www.googletagmanager.com www.doterra.com
www.googletagmanager.com
www.google-analytics.com
9 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
9 doterra-prod-media1.s3.amazonaws.com www.doterra.com
3 rs.fullstory.com edge.fullstory.com
3 cdn.attn.tv www.googletagmanager.com
cdn.attn.tv
3 www.googleapis.com www.doterra.com
2 doterra.attn.tv www.doterra.com
2 edge.fullstory.com www.doterra.com
edge.fullstory.com
2 fonts.googleapis.com www.doterra.com
2 www.google.com www.doterra.com
1 www.google.com.au
1 events.attentivemobile.com cdn.attn.tv
1 stats.g.doubleclick.net www.google-analytics.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 www.gstatic.com www.google.com
1 fonts.gstatic.com fonts.googleapis.com
1 mydoterra.queue-it.net www.doterra.com
1 consent.trustarc.com www.doterra.com
1 essentialoilsvn.com 1 redirects
83 20

This site contains links to these domains. Also see Links.

Domain
facebook.com
www.instagram.com
www.pinterest.com
www.youtube.com
www.linkedin.com
media.doterra.com
Subject Issuer Validity Valid
*.doterra.com
Go Daddy Secure Certificate Authority - G2		 2023-02-27 -
2024-03-30		 a year crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-07-03		 9 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.trustarc.com
Amazon RSA 2048 M02		 2023-04-17 -
2024-05-14		 a year crt.sh
*.queue-it.net
Amazon RSA 2048 M02		 2023-01-20 -
2024-02-18		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.attn.tv
Amazon RSA 2048 M01		 2023-05-02 -
2024-05-29		 a year crt.sh
edge.fullstory.com
GTS CA 1D4		 2023-09-18 -
2023-12-17		 3 months crt.sh
rs.fullstory.com
GTS CA 1D4		 2023-09-13 -
2023-12-12		 3 months crt.sh
attn.tv
Cloudflare Inc ECC CA-3		 2023-10-03 -
2024-10-01		 a year crt.sh
attentivemobile.com
Cloudflare Inc ECC CA-3		 2023-10-03 -
2024-10-01		 a year crt.sh
*.google.com.au
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.doterra.com/US/en/site/alynn
Frame ID: C8AF2CF64715EDD018DBB05B696DDBC7
Requests: 83 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Business Site Home Page | dōTERRA Essential Oils

Page URL History Show full URLs

  1. http://essentialoilsvn.com/ HTTP 301
    http://www.doterra.com/US/en/site/alynn HTTP 301
    https://www.doterra.com/US/en/site/alynn Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+/(?:sys_master|hybr|_ui/(?:.*responsive/)?(?:desktop|common(?:/images|/img|/css|ico)?))/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • consent\.trustarc\.com
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

83
Requests

100 %
HTTPS

0 %
IPv6

15
Domains

20
Subdomains

16
IPs

1
Countries

3528 kB
Transfer

9418 kB
Size

30
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://essentialoilsvn.com/ HTTP 301
    http://www.doterra.com/US/en/site/alynn HTTP 301
    https://www.doterra.com/US/en/site/alynn Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

83 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request alynn
www.doterra.com/US/en/site/
Redirect Chain
  • http://essentialoilsvn.com/
  • http://www.doterra.com/US/en/site/alynn
  • https://www.doterra.com/US/en/site/alynn
242 KB
244 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.doterra.com/US/en/site/alynn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.16.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
291b672b873b213cbaacaf676499de6f079fffbfe8bd891ba4c67bd256ba0423
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache no-store
content-language
en-US
content-type
text/html;charset=UTF-8
date
Fri, 03 Nov 2023 12:55:04 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
strict-transport-security
max-age=31536000 ; includeSubDomains
x-cdn
Imperva
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-iinfo
13-37871495-37871497 nNNN RT(1699016104429 10) q(0 0 3 0) r(4 5) U12
x-xss-protection
1; mode=block

Redirect headers

Connection
close
Content-Length
0
Location
https://www.doterra.com/US/en/site/alynn
r-Lord-with-vpbrant-speake-to-to-sore-againe-at-
www.doterra.com/ 		234 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.doterra.com/r-Lord-with-vpbrant-speake-to-to-sore-againe-at-
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/alynn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.16.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
bon /
Resource Hash
16c6aa6f7a8d274a01b8b20215539a39ba9d01c5c9ee8a98be5d50495008a602

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/US/en/site/alynn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 12:55:05 GMT
content-encoding
gzip
server
bon
x-cdn
Imperva
content-type
text/javascript
access-control-allow-origin
*
x-iinfo
13-37871495-37871520 NNNN CT(3 2 0) RT(1699016104429 552) q(0 0 0 -1) r(0 1)
cache-control
max-age=60
server-timing
bon, total;dur=10.013239
content-length
77496
slick-theme_1.8.1-alt.min.css
www.doterra.com/_ui/desktop/common/css/ 		2 KB
959 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.doterra.com/_ui/desktop/common/css/slick-theme_1.8.1-alt.min.css?1466736
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/alynn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.16.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
528eb4900ccdd06e15447187e3b5e68f6563f7e4e4941cba627859b107441224

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/US/en/site/alynn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 12:55:05 GMT
content-encoding
gzip
last-modified
Wed, 25 Oct 2023 21:04:51 GMT
x-cdn
Imperva
etag
W/"2408-1698267891000"
content-type
text/css;charset=UTF-8
x-iinfo
13-37871495-37871516 2VNN RT(1699016104429 547) q(0 0 0 -1) r(0 7)
content-length
800
bootstrap-3-styles.css
www.doterra.com/_ui/desktop/common/css/ 		3 MB
332 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.doterra.com/_ui/desktop/common/css/bootstrap-3-styles.css?1466736
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/alynn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.16.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
b831e61b401667329faf3762f439d396cad0b2e381fbcb6baaa53da58e1ba885
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/US/en/site/alynn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 12:55:04 GMT
content-encoding
gzip
last-modified
Wed, 25 Oct 2023 21:08:19 GMT
x-cdn
Imperva
etag
W/"3346345-1698268099000"
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
x-iinfo
13-37871495-37871518 nNNY RT(1699016104429 550) q(0 0 0 -1) r(0 2) U9
accept-ranges
bytes
logo.svg
www.doterra.com/_ui/desktop/common/images/wqa/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.doterra.com/_ui/desktop/common/images/wqa/logo.svg
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/alynn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.16.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
da298619609610ffc1ea0a37f6cb56bb48123da37a8d5fd211463eea72fb1c32
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/US/en/site/alynn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
public
date
Fri, 03 Nov 2023 12:55:04 GMT
last-modified
Wed, 25 Oct 2023 21:04:51 GMT
x-cdn
Imperva
etag
W/"12333-1698267891000"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml;charset=UTF-8
x-iinfo
13-37871495-37871527 nNNY RT(1699016104429 976) q(0 0 0 -1) r(0 1) U2
cache-control
public,max-age=54321
accept-ranges
bytes
content-length
12333
expires
Thu, 01 Jan 1970 00:00:54 GMT
logo-small.svg
www.doterra.com/_ui/desktop/common/images/wqa/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.doterra.com/_ui/desktop/common/images/wqa/logo-small.svg
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/alynn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.16.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
ac1dbec7b37a039390412e39114b98ddff8512e132341556e3187b9a62fdafb1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/US/en/site/alynn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 12:55:05 GMT
content-encoding
gzip
last-modified
Wed, 25 Oct 2023 21:04:51 GMT
x-cdn
Imperva
etag
W/"2048-1698267891000"
content-type
image/svg+xml;charset=UTF-8
x-iinfo
13-37871495-0 0CNN RT(1699016104429 980) q(0 -1 -1 -1) r(0 -1)
content-length
1040
78547.jpg
doterra-prod-media1.s3.amazonaws.com/sys-master/root/h83/h7b/29909775941662/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doterra-prod-media1.s3.amazonaws.com/sys-master/root/h83/h7b/29909775941662/78547.jpg
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/alynn
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.92.180.41 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
3b758cb75799b9c91e868b4198c809de5f4a882f0b6d502c7275fe861bbc2f8f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Fri, 03 Nov 2023 12:55:06 GMT
x-amz-version-id
jvlYTQGZthxnuXt0m9sGUZ65eua5HJN8
Last-Modified
Mon, 23 Oct 2023 04:17:20 GMT
Server
AmazonS3
x-amz-request-id
9F0RVZG8SCXSMZ92
ETag
"7d81e5c25ec940eed7b24100524d12ed"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
1248165
x-amz-id-2
8OIjEYkph82GvxpytVafgq+qndkstoPIQryehFgv3BGrn/wTo8zUw9Q5Kqh0LL0opcQJBBNX3d8=
ecomm-header-webui.js
www.doterra.com/_ui/desktop/common/dist/ 		1 MB
286 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.doterra.com/_ui/desktop/common/dist/ecomm-header-webui.js?1466736
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/alynn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.16.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
8f319e9969c1d3b8179ea3f810d140eaf8ca459c3dc56a79bdca5eefd484a2f2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/US/en/site/alynn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 12:55:06 GMT
content-encoding
gzip
last-modified
Wed, 25 Oct 2023 21:07:54 GMT
x-cdn
Imperva
etag
W/"1213589-1698268074000"
content-type
application/javascript;charset=UTF-8
x-iinfo
13-37871495-37871100 2VNN RT(1699016104429 1300) q(0 0 0 -1) r(6 6)
content-length
292578
plugins.js
www.doterra.com/_ui/desktop/common/dist/ 		521 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.doterra.com/_ui/desktop/common/dist/plugins.js?1466736
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/alynn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.16.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
65b780bd79a6305ccd2217f3516dcd8df6b95b3094277124d2db8aa591e2f8b5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/US/en/site/alynn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 12:55:06 GMT
content-encoding
gzip
last-modified
Wed, 25 Oct 2023 21:07:54 GMT
x-cdn
Imperva
etag
W/"533262-1698268074000"
content-type
application/javascript;charset=UTF-8
x-iinfo
13-37871495-37871548 2VNN RT(1699016104429 1686) q(0 0 0 -1) r(0 5)
content-length
151618
webApplicationInjector.js
www.doterra.com/_ui/addons/smarteditaddon/shared/common/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.doterra.com/_ui/addons/smarteditaddon/shared/common/js/webApplicationInjector.js?1466736
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/alynn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.16.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
1bd2de019bf3aae2c5075117ddd86594b82b2f1e81cefc25eebde0d0e72c378f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/US/en/site/alynn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 12:55:06 GMT
content-encoding
gzip
last-modified
Wed, 25 Oct 2023 21:20:41 GMT
x-cdn
Imperva
etag
W/"7649-1698268841000"
content-type
application/javascript;charset=UTF-8
x-iinfo
13-37871495-37871555 2VNN RT(1699016104429 1698) q(0 0 0 -1) r(5 5)
content-length
3052
reprocessPage.js
www.doterra.com/_ui/addons/smarteditaddon/shared/common/js/ 		703 B
490 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.doterra.com/_ui/addons/smarteditaddon/shared/common/js/reprocessPage.js?1466736
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/alynn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.16.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
6a8b4abd7859dc24b02b18c670fee2bbd58bb58d8737b09d3d8576a2d52b4e7a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/US/en/site/alynn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 12:55:06 GMT
content-encoding
gzip
last-modified
Wed, 03 May 2023 01:07:18 GMT
x-cdn
Imperva
etag
W/"703-1683076038000"
content-type
application/javascript;charset=UTF-8
x-iinfo
13-37871495-0 0CNN RT(1699016104429 1699) q(0 -1 -1 -1) r(0 -1)
content-length
366
adjustComponentRenderingToSE.js
www.doterra.com/_ui/addons/smarteditaddon/shared/common/js/ 		2 KB
948 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.doterra.com/_ui/addons/smarteditaddon/shared/common/js/adjustComponentRenderingToSE.js?1466736
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/alynn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.16.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
d2765f5561cf42391e2322a8a3c6d54483907de0905b8e050fc8efdce92b6261

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/US/en/site/alynn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 12:55:06 GMT
content-encoding
gzip
last-modified
Wed, 03 May 2023 01:07:18 GMT
x-cdn
Imperva
etag
W/"1915-1683076038000"
content-type
application/javascript;charset=UTF-8
x-iinfo
13-37871495-0 0CNN RT(1699016104429 1701) q(0 -1 -1 -1) r(0 -1)
content-length
847
custom.js
www.doterra.com/_ui/desktop/common/dist/ 		66 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.doterra.com/_ui/desktop/common/dist/custom.js?1466736
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/alynn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.16.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
5aa04641c6c5f68ae6e636aac8babdc290f63d2860dbf3bea4a3596d1e7c7777

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/US/en/site/alynn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 12:55:06 GMT
content-encoding
gzip
last-modified
Wed, 25 Oct 2023 21:07:54 GMT
x-cdn
Imperva
etag
W/"67199-1698268074000"
content-type
application/javascript;charset=UTF-8
x-iinfo
13-37871495-37871572 2VNN RT(1699016104429 1702) q(0 2 2 -1) r(2 8)
content-length
15020
sharebuttons.js
www.doterra.com/_ui/desktop/common/js/custom/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.doterra.com/_ui/desktop/common/js/custom/sharebuttons.js?1466736
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/alynn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.16.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
1fd2538a8e53dddd545d7bb1644c8e8b85822858c7582bb6118e77487bc0f4ab

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/US/en/site/alynn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 12:55:06 GMT
content-encoding
gzip
last-modified
Wed, 25 Oct 2023 21:04:51 GMT
x-cdn
Imperva
etag
W/"10965-1698267891000"
content-type
application/javascript;charset=UTF-8
x-iinfo
13-37871495-37871516 2CNN RT(1699016104429 1688) q(0 0 0 -1) r(0 0)
content-length
3258
field-mask.js
www.doterra.com/_ui/desktop/common/js/custom/ 		3 KB
766 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.doterra.com/_ui/desktop/common/js/custom/field-mask.js?1466736
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/alynn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.16.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
d8d492e9940ea13f04fd72121c1bcc1daf6db4b23c3e86fafd220d78633c9061

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/US/en/site/alynn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 12:55:06 GMT
content-encoding
gzip
last-modified
Tue, 05 Sep 2023 17:51:11 GMT
x-cdn
Imperva
etag
W/"3009-1693936271000"
content-type
application/javascript;charset=UTF-8
x-iinfo
13-37871495-0 0CNN RT(1699016104429 1690) q(0 -1 -1 -1) r(0 -1)
content-length
591
global.js
www.doterra.com/_ui/desktop/common/js/custom/ 		236 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.doterra.com/_ui/desktop/common/js/custom/global.js?1466736
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/alynn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.16.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
c78bddc855c44518d1e4655487e44973b64b06c1b297abc80cf85678081f6acb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/US/en/site/alynn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 12:55:05 GMT
content-encoding
gzip
last-modified
Wed, 25 Oct 2023 21:04:51 GMT
x-cdn
Imperva
etag
W/"241534-1698267891000"
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=UTF-8
x-iinfo
13-37871495-37871518 pNNy RT(1699016104429 1691) q(0 0 0 -1) r(2 2) U9
accept-ranges
bytes
minicart.js
www.doterra.com/_ui/desktop/common/js/custom/ 		27 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.doterra.com/_ui/desktop/common/js/custom/minicart.js?1466736
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/alynn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.16.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
21fc6ef42e60f2a22a63f04573d544818e1105431eb7d09cdef3675e2986b178

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/US/en/site/alynn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 12:55:06 GMT
content-encoding
gzip
last-modified
Wed, 25 Oct 2023 21:04:51 GMT
x-cdn
Imperva
etag
W/"28055-1698267891000"
content-type
application/javascript;charset=UTF-8
x-iinfo
13-37871495-37871553 2CNN RT(1699016104429 1692) q(0 0 0 -1) r(0 0)
content-length
6295
lrp-datepicker.js
www.doterra.com/_ui/desktop/common/js/custom/ 		18 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.doterra.com/_ui/desktop/common/js/custom/lrp-datepicker.js?1466736
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/alynn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.16.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
df69996fbe9c962030014ac1843f60c9abedcf10660c68c9b5938b20a3424a8e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/US/en/site/alynn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 12:55:06 GMT
content-encoding
gzip
last-modified
Wed, 25 Oct 2023 21:04:51 GMT
x-cdn
Imperva
etag
W/"18727-1698267891000"
content-type
application/javascript;charset=UTF-8
x-iinfo
13-37871495-37871555 2CNN RT(1699016104429 1693) q(0 0 0 -1) r(0 0)
content-length
4013
wishlist.js
www.doterra.com/_ui/desktop/common/js/custom/ 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.doterra.com/_ui/desktop/common/js/custom/wishlist.js?1466736
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/alynn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.16.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
f9cdce57a785ac2b41fbddcf3d66928796438a8a7495f8baf96509cf43889371

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/US/en/site/alynn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 12:55:06 GMT
content-encoding
gzip
last-modified
Wed, 25 Oct 2023 21:04:51 GMT
x-cdn
Imperva
etag
W/"14821-1698267891000"
content-type
application/javascript;charset=UTF-8
x-iinfo
13-37871495-37871516 2VNN RT(1699016104429 1694) q(0 0 0 -1) r(1 1)
content-length
3296
gtm.js
www.doterra.com/_ui/desktop/common/js/custom/ 		770 B
406 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.doterra.com/_ui/desktop/common/js/custom/gtm.js?1466736
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/alynn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.16.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
4af65930458f430fb4db74f90a9e2242e326d2b80fbf9d1386b6c426a661ffe2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/US/en/site/alynn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 12:55:06 GMT
content-encoding
gzip
last-modified
Wed, 25 Oct 2023 21:04:51 GMT
x-cdn
Imperva
etag
W/"770-1698267891000"
content-type
application/javascript;charset=UTF-8
x-iinfo
13-37871495-37871560 2VNN RT(1699016104429 1695) q(0 0 0 -1) r(0 6)
content-length
247
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/alynn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f4.1e100.net
Software
GSE /
Resource Hash
fff8873af87167f34cabf6080d22915a1d24a0a58890d5e3ca3dcf0a9201b9f2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 12:55:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Fri, 03 Nov 2023 12:55:06 GMT
doterraFormValidation.js
www.doterra.com/_ui/desktop/common/js/custom/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.doterra.com/_ui/desktop/common/js/custom/doterraFormValidation.js?1466736
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/alynn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.16.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
1293064ef09cefcc669468aa5b44c867b8d8a6ac2705d90c3add7c38e46d055e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/US/en/site/alynn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 12:55:06 GMT
content-encoding
gzip
last-modified
Wed, 25 Oct 2023 21:04:51 GMT
x-cdn
Imperva
etag
W/"14728-1698267891000"
content-type
application/javascript;charset=UTF-8
x-iinfo
13-37871495-37871555 2CNN RT(1699016104429 1696) q(0 0 0 -1) r(0 0)
content-length
3949
replicated-cache-clear.js
www.doterra.com/_ui/desktop/common/js/custom/ 		2 KB
893 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.doterra.com/_ui/desktop/common/js/custom/replicated-cache-clear.js?1466736
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/alynn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.16.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
ffc74932e113b0da44e2ade790dcde73c071aa191c230ae370a09dbe57c62084

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/US/en/site/alynn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 12:55:06 GMT
content-encoding
gzip
last-modified
Tue, 05 Sep 2023 17:51:11 GMT
x-cdn
Imperva
etag
W/"1578-1693936271000"
content-type
application/javascript;charset=UTF-8
x-iinfo
13-37871495-0 0CNN RT(1699016104429 1697) q(0 -1 -1 -1) r(0 -1)
content-length
792
css
fonts.googleapis.com/ 		10 KB
766 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:300,400,600,700,800,900&display=swap
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/_ui/desktop/common/css/bootstrap-3-styles.css?1466736
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f10.1e100.net
Software
ESF /
Resource Hash
f6595a6cae5eae5be3d15f0f8a7a15ba74bc27f6140b101eb12ae167f598bddb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 03 Nov 2023 12:55:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 03 Nov 2023 12:51:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 03 Nov 2023 12:55:06 GMT
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:300,400,600,700,900&display=swap
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/_ui/desktop/common/css/bootstrap-3-styles.css?1466736
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f10.1e100.net
Software
ESF /
Resource Hash
02d7cb03b67e962ecbdd510a818e09f81b1d61c4136b81015806fc3c18271945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 03 Nov 2023 12:55:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 03 Nov 2023 12:55:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 03 Nov 2023 12:55:06 GMT
gtm.js
www.googletagmanager.com/ 		317 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PHX657
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/alynn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
36fad6bb7ec9f2052bcc4ed613257826aafd90dd87ad81544e6ae88b373dcd71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 12:55:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
102308
x-xss-protection
0
last-modified
Fri, 03 Nov 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 03 Nov 2023 12:55:06 GMT
notice
consent.trustarc.com/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/notice?domain=doterra-cm1.com&c=teconsent&noticeType=bb&js=nj&text=true&gtm=1&language=en_US
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/alynn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-47.syd62.r.cloudfront.net
Software
/
Resource Hash
0301ef9f0c3edb1b3d56138e434d0818d277f9421b110187490bb83f4cae8bf3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 11:56:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 df166554184adf2da43f53000107ac74.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P2
age
3491
x-cache
Hit from cloudfront
cloudfront-viewer-country
AU
content-length
4086
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
max-age=3600
cloudfront-viewer-country-region
NSW
timing-allow-origin
*
x-amz-cf-id
XINlv7eH4Jj6Co95m4D0lnx7B8D6-s7uQW78ZElH829L2wyDZ1Tm6A==
expires
Fri, 03 Nov 2023 12:56:55 GMT
1699016106262
mydoterra.queue-it.net/javascriptqueue/mydoterra/hybbogofeb2019/ 		391 B
926 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mydoterra.queue-it.net/javascriptqueue/mydoterra/hybbogofeb2019/1699016106262?t=https%3A%2F%2Fwww.doterra.com%2FUS%2Fen%2Fsite%2Falynn&ver=js2.0.20
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/alynn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.149.243.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-243-64.us-west-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
30a0cadd7d2b714e8c3841d041994ed01e1ccbd3964f13da872f7be0280da29e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 12:55:06 GMT
server
Kestrel
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
content-type
application/javascript
cache-control
no-store, no-cache
x-robots-tag
noindex
content-length
391
spinner-brand.svg
www.doterra.com/_ui/desktop/common/images/wqa/ 		87 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.doterra.com/_ui/desktop/common/images/wqa/spinner-brand.svg
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/_ui/desktop/common/css/bootstrap-3-styles.css?1466736
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.16.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
a16c46c30c67912b971cb8a8c63051a65a7b41fb8b235c69c4accabe4fe59a71

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/_ui/desktop/common/css/bootstrap-3-styles.css?1466736
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 12:55:06 GMT
content-encoding
gzip
last-modified
Tue, 05 Sep 2023 17:51:11 GMT
x-cdn
Imperva
etag
W/"89159-1693936271000"
content-type
image/svg+xml;charset=UTF-8
x-iinfo
13-37871495-0 0CNN RT(1699016104429 1714) q(0 -1 -1 -1) r(0 -1)
content-length
25794
lavenderDesktop.jpg
www.doterra.com/_ui/desktop/common/assets-doterra/images/replicated-site/ 		155 KB
156 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.doterra.com/_ui/desktop/common/assets-doterra/images/replicated-site/lavenderDesktop.jpg?1466736
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/_ui/desktop/common/css/bootstrap-3-styles.css?1466736
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.16.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
46fed4ad84f360e1ac10edb0abca0eac25d788f7c2e5f27a093d0043f466a0bd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/_ui/desktop/common/css/bootstrap-3-styles.css?1466736
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-iinfo
13-37871495-37871578 2CNN RT(1699016104429 1715) q(0 2 3 -1) r(3 3) U18
date
Fri, 03 Nov 2023 12:55:06 GMT
last-modified
Tue, 05 Sep 2023 17:51:11 GMT
x-cdn
Imperva
etag
W/"158700-1693936271000"
content-length
158700
content-type
image/jpeg;charset=UTF-8
8800579715102.jpg
doterra-prod-media1.s3.amazonaws.com/ha2/h64/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doterra-prod-media1.s3.amazonaws.com/ha2/h64/8800579715102.jpg
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/alynn
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.92.180.41 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
39932e4be1cf3bf23a1163f106d339ad9f053f2fe57850225416dddd4ee5d0a2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Fri, 03 Nov 2023 12:55:07 GMT
x-amz-version-id
pPlYoVU_pOYxJbKfV1LNXIQxFGdf33VR
x-amz-request-id
4HW0AGHMGSP0C4S7
x-amz-replication-status
REPLICA
x-amz-meta-file-mtime
1493835519000000000ns
x-amz-meta-file-atime
1657826537151382150ns
x-amz-meta-file-group
503
Content-Length
24660
x-amz-id-2
o3bPEYyy27xTgwYm4BlKB7+KHC3Ovic+vYPc1MCm2h0ZVw8pQ3DvecJjWkfW+hYgsIae0+oiN5g=
Last-Modified
Fri, 15 Jul 2022 15:36:33 GMT
Server
AmazonS3
x-amz-meta-file-permissions
100664
ETag
"3cfb059c41eeb038b67599956bb4b8ac"
x-amz-meta-user-agent
aws-datasync
Content-Type
image/jpeg
x-amz-meta-file-owner
503
Accept-Ranges
bytes
8800579682334.jpg
doterra-prod-media1.s3.amazonaws.com/h6a/hf9/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doterra-prod-media1.s3.amazonaws.com/h6a/hf9/8800579682334.jpg
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/alynn
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.92.180.41 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
78caf237e7bd6702310082aafc22ba202d2834996fa3c910d128f2302d4fd577

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Fri, 03 Nov 2023 12:55:07 GMT
x-amz-version-id
eraT1EfbJQGgIHvViS71.wQ78fBzwYkA
x-amz-request-id
4HWEEMWFVG4FM94E
x-amz-replication-status
REPLICA
x-amz-meta-file-mtime
1493835519000000000ns
x-amz-meta-file-atime
1657755271526097800ns
x-amz-meta-file-group
503
Content-Length
40753
x-amz-id-2
dSa68QFlvVi1YDEZFwUNsFsx10sY3nSaGlYcCq7TVn25fyatqo8b9E3rphQA5ce8xeq2O9xs1Rs=
Last-Modified
Fri, 15 Jul 2022 03:30:57 GMT
Server
AmazonS3
x-amz-meta-file-permissions
100664
ETag
"6b0de3ec161c8f14db8fb9111d77726b"
x-amz-meta-user-agent
aws-datasync
Content-Type
image/jpeg
x-amz-meta-file-owner
503
Accept-Ranges
bytes
8800579747870.jpg
doterra-prod-media1.s3.amazonaws.com/h04/h7a/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doterra-prod-media1.s3.amazonaws.com/h04/h7a/8800579747870.jpg
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/alynn
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.92.180.41 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
4e187cb6b712a0170d08099c3b8e6a0847f079c60ff446b3c1fb1b5dd50bd562

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Fri, 03 Nov 2023 12:55:07 GMT
x-amz-version-id
qY9yresc9D_fPncRH4KVjWF0uzIpCTON
x-amz-request-id
4HWBWT2R1N12Y3WF
x-amz-replication-status
REPLICA
x-amz-meta-file-mtime
1493835519000000000ns
x-amz-meta-file-atime
1657826537189382085ns
x-amz-meta-file-group
503
Content-Length
64260
x-amz-id-2
Otlj13bsUnzBT3PZQ9wjDBVcFkX+4q/8T845DwKY9b7EMv+aSqyvY1B40e5OkH77Hz6e0XFyOXw=
Last-Modified
Fri, 15 Jul 2022 22:24:31 GMT
Server
AmazonS3
x-amz-meta-file-permissions
100664
ETag
"b3d36b31562d543e1a0e8aed76866a71"
x-amz-meta-user-agent
aws-datasync
Content-Type
image/jpeg
x-amz-meta-file-owner
503
Accept-Ranges
bytes
icon-chevron-thin-down-blue-dark.svg
www.doterra.com/_ui/desktop/common/images/wqa/icons/ 		1 KB
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.doterra.com/_ui/desktop/common/images/wqa/icons/icon-chevron-thin-down-blue-dark.svg
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/_ui/desktop/common/css/bootstrap-3-styles.css?1466736
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.16.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
73e336238f841bb74b2f18ff731ca9e0b35f8432d39f5800c03beba526c18c07

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/_ui/desktop/common/css/bootstrap-3-styles.css?1466736
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 12:55:06 GMT
content-encoding
gzip
last-modified
Tue, 05 Sep 2023 17:51:11 GMT
x-cdn
Imperva
etag
W/"1269-1693936271000"
content-type
image/svg+xml;charset=UTF-8
x-iinfo
13-37871495-0 0CNN RT(1699016104429 1716) q(0 -1 -1 -1) r(0 -1)
content-length
634
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v29/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:300,400,600,700,800,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f35.1e100.net
Software
sffe /
Resource Hash
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.doterra.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 18:57:23 GMT
x-content-type-options
nosniff
age
64663
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48208
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Nov 2024 18:57:23 GMT
Parisienne.woff
www.doterra.com/_ui/desktop/common/assets-doterra/fonts/bootstrap/ 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.doterra.com/_ui/desktop/common/assets-doterra/fonts/bootstrap/Parisienne.woff
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/_ui/desktop/common/css/bootstrap-3-styles.css?1466736
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.16.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e5425d2498df638e89b36bafef56ce9677d1ae238fb04b8efdaa6896ef6a9f68
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.doterra.com/_ui/desktop/common/css/bootstrap-3-styles.css?1466736
Origin
https://www.doterra.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 12:55:05 GMT
last-modified
Tue, 05 Sep 2023 17:51:11 GMT
x-cdn
Imperva
etag
W/"33820-1693936271000"
x-frame-options
SAMEORIGIN
content-type
font/woff;charset=UTF-8
x-iinfo
13-37871495-37871516 2NNN RT(1699016104429 1717) q(0 1 1 -1) r(3 3) U12
x-incap-sess-cookie-hdr
pViBY6GhXmXGhzrl61eEDartRGUAAAAAcLmeqPs1iTB/kOtDlSWzZA==
accept-ranges
bytes
content-length
33820
13192617918494.png
doterra-prod-media1.s3.amazonaws.com/ha4/hca/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doterra-prod-media1.s3.amazonaws.com/ha4/hca/13192617918494.png
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/alynn
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.92.180.41 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
02bf0953172eb43ce25854e2c452fb15d21575ee597897a69f061309ad7238c5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Fri, 03 Nov 2023 12:55:07 GMT
x-amz-version-id
NeI9RfljbVXpCA_FWTETnX4e4eYw6w3e
x-amz-request-id
4HWEFJ4NV5F8CQ9Y
x-amz-replication-status
REPLICA
x-amz-meta-file-mtime
1561277478000000000ns
x-amz-meta-file-atime
1657792563448552091ns
x-amz-meta-file-group
503
Content-Length
4199
x-amz-id-2
3hxJY90IoXHxphKQ6H1L+kJeuV4zKQ/B/+ULCiyGCky5HaJFhx/XFEPc/gIGxuSAZwDLxDcvZu4=
Last-Modified
Fri, 15 Jul 2022 16:07:58 GMT
Server
AmazonS3
x-amz-meta-file-permissions
100664
ETag
"5c59848e2f0721b91e242a8419fbf8df"
x-amz-meta-user-agent
aws-datasync
Content-Type
image/png
x-amz-meta-file-owner
503
Accept-Ranges
bytes
13192618082334.png
doterra-prod-media1.s3.amazonaws.com/hd2/h79/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doterra-prod-media1.s3.amazonaws.com/hd2/h79/13192618082334.png
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/alynn
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.92.180.41 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
f066307d2ba5ed08fcb231085b174a3415d7e084b4956799f4b70cd328e8a8a0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Fri, 03 Nov 2023 12:55:07 GMT
x-amz-version-id
9c1Qo.co4BS.FE63dfkG5gtUTXJ_PRr8
x-amz-request-id
4HW147YDTDYXJNC3
x-amz-replication-status
REPLICA
x-amz-meta-file-mtime
1561277478000000000ns
x-amz-meta-file-atime
1657792563335552330ns
x-amz-meta-file-group
503
Content-Length
7408
x-amz-id-2
WL653FTqhdTo5gccLhOBqgZXYsKamSUXylYDmTAz0vy1GxDvEfnFjEKswxb29fswrbjDIR7FvNo=
Last-Modified
Fri, 15 Jul 2022 06:10:28 GMT
Server
AmazonS3
x-amz-meta-file-permissions
100664
ETag
"2b2e0b02d7b51838ac2e3c02eccd9528"
x-amz-meta-user-agent
aws-datasync
Content-Type
image/png
x-amz-meta-file-owner
503
Accept-Ranges
bytes
13192618016798.png
doterra-prod-media1.s3.amazonaws.com/h95/h65/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doterra-prod-media1.s3.amazonaws.com/h95/h65/13192618016798.png
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/alynn
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.92.180.41 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
e63be68d6cb16804453b518b8391225dc0e96a3e3fe816dba65bc072fb3a26a3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Fri, 03 Nov 2023 12:55:07 GMT
x-amz-version-id
Sh87tasW3rxVWyJrOWatdf0AcLy3gB.E
x-amz-request-id
4HW7DVME6G6TYF9D
x-amz-replication-status
REPLICA
x-amz-meta-file-mtime
1561277478000000000ns
x-amz-meta-file-atime
1657826333104728326ns
x-amz-meta-file-group
503
Content-Length
6264
x-amz-id-2
BwFd6AbePGGtFxaM2ucKLjLpywe9lZyPNelCLBbNhClyonDZ8lJo+1E55P4ANGE6GHg1pB04OT4=
Last-Modified
Fri, 15 Jul 2022 12:54:01 GMT
Server
AmazonS3
x-amz-meta-file-permissions
100664
ETag
"7b162a1ccde26c7296bace5b09f32197"
x-amz-meta-user-agent
aws-datasync
Content-Type
image/png
x-amz-meta-file-owner
503
Accept-Ranges
bytes
13192617787422.png
doterra-prod-media1.s3.amazonaws.com/h5e/h2d/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doterra-prod-media1.s3.amazonaws.com/h5e/h2d/13192617787422.png
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/alynn
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.92.180.41 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
82b851f9ae974acecd4494a1728c434bec91e750b240015d3b311e327056bd84

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Fri, 03 Nov 2023 12:55:07 GMT
x-amz-version-id
hobcbegZatCbIOk2f3ygxZfWlGPF2Rfm
x-amz-request-id
4HW3E8NBPK700XF0
x-amz-replication-status
REPLICA
x-amz-meta-file-mtime
1561277478000000000ns
x-amz-meta-file-atime
1657792563544551889ns
x-amz-meta-file-group
503
Content-Length
3819
x-amz-id-2
CvE5OsBFqPGqJAj6TxzgowfNhYR7Gzzx0Wo5XU5kSdmZSd92rR1FggnPfsFel4EUsAwF6AbacfM=
Last-Modified
Fri, 15 Jul 2022 20:38:31 GMT
Server
AmazonS3
x-amz-meta-file-permissions
100664
ETag
"48a4f69553feed4bf26b2872c3766ec4"
x-amz-meta-user-agent
aws-datasync
Content-Type
image/png
x-amz-meta-file-owner
503
Accept-Ranges
bytes
13192618803230.png
doterra-prod-media1.s3.amazonaws.com/hfd/h13/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doterra-prod-media1.s3.amazonaws.com/hfd/h13/13192618803230.png
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/alynn
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.92.180.41 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
5aa199ee93adca02f93e6e2fe8af17ac8ea17ebe91a03af8c145b837efea28c6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Fri, 03 Nov 2023 12:55:07 GMT
x-amz-version-id
bWZPWLSCUrhZIUbYSU2QOSM6VyBNS1Kw
x-amz-request-id
4HW61E6P8DXE96AJ
x-amz-replication-status
REPLICA
x-amz-meta-file-mtime
1561277479000000000ns
x-amz-meta-file-atime
1657792563621551727ns
x-amz-meta-file-group
503
Content-Length
4174
x-amz-id-2
q5qEClcCGvVw3Sf7MvCRrmGvV3KssSdDeeXJu9bAH4hToHJZTmCBxshuwgj5rOpoN8NFuEw3l2U=
Last-Modified
Fri, 15 Jul 2022 15:18:08 GMT
Server
AmazonS3
x-amz-meta-file-permissions
100664
ETag
"059b86c34fc8bb9b0f9b9c62b858a1c5"
x-amz-meta-user-agent
aws-datasync
Content-Type
image/png
x-amz-meta-file-owner
503
Accept-Ranges
bytes
js
www.googletagmanager.com/gtag/ 		263 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XW71K6YFHT&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PHX657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
2a7c2aeca8ad17cc518b0ad8dfc076ad485410a91489795687d284ef06be3bf3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 12:55:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90389
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 03 Nov 2023 12:55:06 GMT
a
www.googletagmanager.com/ 		0
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-PHX657&v=3&t=t&pid=1499052320&cv=205&rv=3b11&tc=87&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAACA&h=Ag&dl=www.doterra.com%2FUS%2Fen%2Fsite%2Falynn&tdp=GTM-PHX657;1674160;0;0;0&z=0
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/alynn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 12:55:06 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
td
www.googletagmanager.com/ 		0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/td?id=GTM-PHX657&v=3&t=t&pid=1499052320&cv=205&rv=3b11&tc=87&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAACA&h=Ag&dl=www.doterra.com%2FUS%2Fen%2Fsite%2Falynn&tdp=GTM-PHX657;1674160;0;0;0&z=0
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/alynn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f8.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 12:55:06 GMT
server
Golfe2
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-PHX657&v=3&t=t&pid=1499052320&cv=205&rv=3b11&tc=87&es=1&e=gtm.init&eid=0&u=AAAAAAAAAAAAAACA&h=Ag&tr=1paused&ti=2paused&z=0
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/alynn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 12:55:06 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/ 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-PHX657&v=3&t=t&pid=1499052320&cv=205&rv=3b11&tc=87&es=1&e=gtag.config&eid=1&u=AAAAAAAAAAAAAACA&h=Ag&tr=1googtag.1ytl.1lcl.1lcl.1lcl.1lcl.1cl.1lcl.1lcl.1fsl.1cl.1cl.1cl.1cl.1cl.1cl.1lcl.1lcl.1cl.1fsl.1cl.1cl.1cl.1lcl.1lcl.1cl.1cl.1cl.1html.5html.1html.5html.1html.5html&ti=2googtag.1ytl.1lcl.1lcl.1lcl.1lcl.1cl.1lcl.1lcl.1fsl.1cl.1cl.1cl.1cl.1cl.1cl.1lcl.1lcl.1cl.1fsl.1cl.1cl.1cl.1lcl.1lcl.1cl.1cl.1cl.1html.1html.1html.1html.1html.1html&z=0
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/alynn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 12:55:07 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/ 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-PHX657&v=3&t=t&pid=1499052320&cv=205&rv=3b11&tc=87&es=1&e=*&eid=3&u=AAAAAAAIAAAAAACI&h=Ag&tr=1gaawe&ti=1gaawe&z=0
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/alynn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 12:55:07 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/ 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-PHX657&v=3&t=t&pid=1499052320&cv=205&rv=3b11&tc=87&e=gtm.init&eid=0&u=AAAAAAAIAAAAAACI&h=Ag&tr=6paused&ti=2paused&z=0
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/alynn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 12:55:07 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
spinner.gif
www.doterra.com/_ui/desktop/common/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.doterra.com/_ui/desktop/common/images/spinner.gif
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/alynn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.16.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
d314e23674a93dcaa9bfb72041d7da79fdba406f2d042b416356da52dec4af55

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/US/en/site/alynn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-iinfo
13-37871495-0 0CNN RT(1699016104429 2242) q(0 -1 -1 -1) r(0 -1)
date
Fri, 03 Nov 2023 12:55:06 GMT
last-modified
Tue, 05 Sep 2023 17:51:11 GMT
x-cdn
Imperva
etag
W/"3990-1693936271000"
content-length
3990
content-type
image/gif;charset=UTF-8
videos
www.googleapis.com/youtube/v3/ 		465 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.googleapis.com/youtube/v3/videos?id=OEnKOk4ad0U&key=AIzaSyC3Hu7AUhct1i_5NLSWwrG3lgc50cCfLys%20&part=snippet
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/alynn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f10.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
07818b0854bb53af39ec11ca7338e0b047cc403bc96549e73f9617f6f8a2a527
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.doterra.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 12:55:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.doterra.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
212
x-xss-protection
0
videos
www.googleapis.com/youtube/v3/ 		465 B
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.googleapis.com/youtube/v3/videos?id=o_M4XsYaOxM&key=AIzaSyC3Hu7AUhct1i_5NLSWwrG3lgc50cCfLys%20&part=snippet
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/alynn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f10.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
07818b0854bb53af39ec11ca7338e0b047cc403bc96549e73f9617f6f8a2a527
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.doterra.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 12:55:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.doterra.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
212
x-xss-protection
0
videos
www.googleapis.com/youtube/v3/ 		465 B
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.googleapis.com/youtube/v3/videos?id=M7btq8eYavY&key=AIzaSyC3Hu7AUhct1i_5NLSWwrG3lgc50cCfLys%20&part=snippet
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/alynn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f10.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
07818b0854bb53af39ec11ca7338e0b047cc403bc96549e73f9617f6f8a2a527
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.doterra.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 12:55:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.doterra.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
212
x-xss-protection
0
recaptcha__en.js
www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/ 		467 KB
187 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f35.1e100.net
Software
sffe /
Resource Hash
c7f150e7d0ed3cf657e531221f2640209e6daebed0fbaa6ab7e430ce8eb56a37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.doterra.com/
Origin
https://www.doterra.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 16:27:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
332883
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
191376
x-xss-protection
0
last-modified
Mon, 30 Oct 2023 02:02:02 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 29 Oct 2024 16:27:03 GMT
fontawesome-webfont.woff2
www.doterra.com/_ui/desktop/common/assets-doterra/fonts/bootstrap/ 		65 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.doterra.com/_ui/desktop/common/assets-doterra/fonts/bootstrap/fontawesome-webfont.woff2?v=4.5.0
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/_ui/desktop/common/css/bootstrap-3-styles.css?1466736
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.16.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
4f2721fcaed5436f55432318b274d1542e96753b56c6ec6cdbd1c0fdd46bc66d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.doterra.com/_ui/desktop/common/css/bootstrap-3-styles.css?1466736
Origin
https://www.doterra.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 12:55:06 GMT
last-modified
Tue, 05 Sep 2023 17:51:11 GMT
x-cdn
Imperva
etag
W/"66624-1693936271000"
x-frame-options
SAMEORIGIN
content-type
font/woff2;charset=UTF-8
x-iinfo
13-37871495-37871518 pNNy RT(1699016104429 2398) q(0 0 0 -1) r(2 2) U12
x-incap-sess-cookie-hdr
XVnHR4kUOijGhzrl61eEDavtRGUAAAAArnOt2upV6z1taTdCQKdaxQ==
accept-ranges
bytes
content-length
66624
collect
www.google-analytics.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-XW71K6YFHT&gtm=45je3b11v886967153z871674160&_p=1699016106202&gcd=11l1l1l1l1&cid=19521990.1699016107&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699016106&sct=1&seg=0&dl=https%3A%2F%2Fwww.doterra.com%2FUS%2Fen%2Fsite%2Falynn&dt=Business%20Site%20Home%20Page%20%7C%20d%C5%8DTERRA%20Essential%20Oils&en=page_view&_fv=1&_nsi=1&_ss=1&ep.login_status=false&up.url_language_config=en&tfd=3465
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XW71K6YFHT&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 12:55:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.doterra.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-JP5T5508JH&gtm=45je3b11v886967153z871674160&_p=1699016106202&gcd=11l1l1l1l1&cid=19521990.1699016107&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699016107&sct=1&seg=0&dl=https%3A%2F%2Fwww.doterra.com%2FUS%2Fen%2Fsite%2Falynn&dt=Business%20Site%20Home%20Page%20%7C%20d%C5%8DTERRA%20Essential%20Oils&en=page_view&_fv=1&_ss=1&ep.login_status=false&up.url_language_config=en&tfd=3468
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XW71K6YFHT&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 12:55:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.doterra.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-XW71K6YFHT&gtm=45je3b11v886967153z871674160&_p=1699016106202&gcd=11l1l1l1l1&cid=19521990.1699016107&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1699016106&sct=1&seg=0&dl=https%3A%2F%2Fwww.doterra.com%2FUS%2Fen%2Fsite%2Falynn&dt=Business%20Site%20Home%20Page%20%7C%20d%C5%8DTERRA%20Essential%20Oils&en=wa_attribution&ep.login_status=false&ep.wa_attribution_type=RWP&ep.referrer_id=78547&ep.authentication_status=false&_et=6&up.wa_attribution_type_user=RWP&up.referrer_id_user=78547&tfd=3479
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XW71K6YFHT&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 12:55:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.doterra.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-XW71K6YFHT&gtm=45je3b11v886967153&_p=1699016106202&gcd=11l1l1l1l1&cid=19521990.1699016107&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=3&sid=1699016106&sct=1&seg=0&dl=https%3A%2F%2Fwww.doterra.com%2FUS%2Fen%2Fsite%2Falynn&dt=Business%20Site%20Home%20Page%20%7C%20d%C5%8DTERRA%20Essential%20Oils&en=scroll&ep.login_status=false&epn.percent_scrolled=90&_et=6&tfd=3485
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XW71K6YFHT&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 12:55:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.doterra.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
getBannerDetails
www.doterra.com/US/en/ 		143 B
644 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.doterra.com/US/en/getBannerDetails
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/alynn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.16.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
0d9c820b8513f379548801f1acab020d1a365b2274d5609c36dbd6a704ae21a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://www.doterra.com/US/en/site/alynn
X-Requested-With
XMLHttpRequest
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000 ; includeSubDomains
date
Fri, 03 Nov 2023 12:55:06 GMT
x-content-type-options
nosniff
x-cdn
Imperva
adrum_0
g:7516b3ce-4d29-4071-b1c7-f6736f7be664
x-frame-options
SAMEORIGIN
adrum_1
n:DoterraInternationalLLC436_74b2e163-6eaf-417e-b636-3cfd27438bfa
content-type
application/json;charset=UTF-8
adrum_2
i:6246932
x-iinfo
13-37871495-37871527 pNNy RT(1699016104429 2598) q(0 0 0 -1) r(2 2) U2
adrum_3
e:6
cache-control
no-cache, no-store
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PHX657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 03 Nov 2023 12:12:03 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
2584
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 03 Nov 2023 14:12:03 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/956873153/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/956873153/?random=1699016107265&cv=11&fst=1699016107265&bg=ffffff&guid=ON&async=1&gtm=45He3b11v71674160&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.doterra.com%2FUS%2Fen%2Fsite%2Falynn&hn=www.googleadservices.com&frm=0&tiba=Business%20Site%20Home%20Page%20%7C%20d%C5%8DTERRA%20Essential%20Oils&auid=1528192817.1699016107&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PHX657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f2.1e100.net
Software
cafe /
Resource Hash
d2ee0ab56e32cf4ab021728996c5f580de9d753d3eedac3b80960d9a8f967bca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 12:55:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1284
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dtag.js
cdn.attn.tv/doterra/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.attn.tv/doterra/dtag.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PHX657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-108.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
500955e5d7667b08ef55cb31f5a7ab9bb1800780eec91c05f4f0fcb326887774

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id
bMKJksVrSOkF5A5iWusqTlPgK7J.Qdtl
content-encoding
gzip
via
1.1 bc177ce25ddc555a7d303bc4d290a6ec.cloudfront.net (CloudFront)
date
Fri, 03 Nov 2023 12:53:55 GMT
x-amz-cf-pop
SYD62-P2
age
75
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 29 Jun 2023 13:30:40 GMT
server
AmazonS3
etag
W/"080a4c6969969a4dcb5fe63fb588aa1d"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=120
x-amz-cf-id
RamjH7gPCfckbnL3t4W98nbZ8qgyAjO4Dy55uwu1_HrXlypTCFdqnA==
fs.js
edge.fullstory.com/s/ 		246 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.fullstory.com/s/fs.js
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/alynn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ec6c32f505b11d2d98f6ab64c269714bc3bbefded1e5406b917c50690f32cf87

Request headers

Referer
https://www.doterra.com/
Origin
https://www.doterra.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 12:47:01 GMT
content-encoding
br
age
486
x-guploader-uploadid
ABPtcPr65HnjMvJEbDG8ze9qmQQZpNUG-FByNnngARlya5W4j6Mc9npFIb27fdSv5ZdcMtFTSsfhkcWllovWX99WwE-IZA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68931
last-modified
Wed, 25 Oct 2023 16:41:01 GMT
server
UploadServer
etag
"0cf58f078d514d3e43ffcfab6356e72c"
vary
Accept-Encoding
x-goog-generation
1698252061389984
x-goog-hash
crc32c=dKjUMw==, md5=DPWPB41RTT5D/8+rY1bnLA==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600,no-transform
x-goog-stored-content-length
68931
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 03 Nov 2023 13:47:01 GMT
collect
www.google-analytics.com/j/ 		4 B
71 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=457766648&t=pageview&_s=1&dl=https%3A%2F%2Fwww.doterra.com%2FUS%2Fen%2Fsite%2Falynn&ul=en-us&de=UTF-8&dt=Business%20Site%20Home%20Page%20%7C%20d%C5%8DTERRA%20Essential%20Oils&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAAI~&jid=1224314335&gjid=904276684&cid=19521990.1699016107&uid=anonymous&tid=UA-28403841-1&_gid=811515224.1699016107&_r=1&_slc=1&gtm=45He3b11n71PHX657v71674160&cd3=78547&cd4=RWP&cd5=78547&cd6=RWP&gcd=11l1l1l1l1&z=331486337
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.doterra.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 12:55:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.doterra.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		15 B
106 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=457766648&t=pageview&_s=1&dl=https%3A%2F%2Fwww.doterra.com%2FUS%2Fen%2Fsite%2Falynn&ul=en-us&de=UTF-8&dt=Business%20Site%20Home%20Page%20%7C%20d%C5%8DTERRA%20Essential%20Oils&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAAI~&jid=1254156260&gjid=869104446&cid=19521990.1699016107&tid=UA-28403841-10&_gid=811515224.1699016107&_r=1&_slc=1&gtm=45He3b11n71PHX657v71674160&gcd=11l1l1l1l1&z=1529052762
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
2b875652a31af580982af9055d6c2950ec6f4a753e22fe1d315dc7e56ced6605
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.doterra.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 12:55:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.doterra.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
web
edge.fullstory.com/s/settings/98984/v1/ 		20 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://edge.fullstory.com/s/settings/98984/v1/web
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
72bbb8c259cfa8e4d922ab418ec3a797932927b16cc6a0fd73bf9b3e9830e8d8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 12:48:39 GMT
content-encoding
gzip
age
388
x-guploader-uploadid
ABPtcPoO1sN4ItTlmyumVZSuYPhCZGmtNyDfdJWamXtvbA5_mtZGyXt42mf8ZE61OSMovPvBkLbgHfqPuudD6T0I_yLZkVONtlOB
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4497
last-modified
Fri, 03 Nov 2023 12:43:30 GMT
server
UploadServer
etag
"85d9a2baff5b76e88495f083f90c396b"
x-goog-generation
1699015410131454
x-goog-hash
crc32c=DILJPQ==, md5=hdmiuv9bduiElfCD+Qw5aw==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=900,no-transform
x-goog-stored-content-length
4497
accept-ranges
bytes
content-type
application/json
expires
Fri, 03 Nov 2023 13:03:39 GMT
js
www.googletagmanager.com/gtag/ 		230 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8T2XPNM14G&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
6c5b1a42f080ae21b68804a06673529da967c0dbfe467d765f48a3ce9e421f81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 12:55:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83355
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 03 Nov 2023 12:55:07 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-28403841-1&cid=19521990.1699016107&jid=1224314335&uid=anonymous&gjid=904276684&_gid=811515224.1699016107&_u=YCDACEAABAAAACAAI~&z=1586898502
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.doterra.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 03 Nov 2023 12:55:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.doterra.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
page
rs.fullstory.com/rec/ 		20 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/page
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
cdfa96a811d423c7c0bf9ddad0daee720bbc8917985654311a6c790d1177b0bb

Request headers

Referer
https://www.doterra.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.doterra.com
date
Fri, 03 Nov 2023 12:55:07 GMT
content-encoding
gzip
access-control-allow-credentials
true
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/json; charset=utf-8
r-Lord-with-vpbrant-speake-to-to-sore-againe-at-
www.doterra.com/ 		735 B
995 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.doterra.com/r-Lord-with-vpbrant-speake-to-to-sore-againe-at-?d=www.doterra.com
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/r-Lord-with-vpbrant-speake-to-to-sore-againe-at-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.16.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
bon /
Resource Hash
c1d4715100d625641cdcefb81385867c8860e408042829bb38346ae600108440

Request headers

Accept
application/json; charset=utf-8
Referer
https://www.doterra.com/US/en/site/alynn
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain; charset=utf-8

Response headers

date
Fri, 03 Nov 2023 12:55:06 GMT
server
bon
x-cdn
Imperva
content-type
application/json
access-control-allow-origin
*
x-iinfo
13-37871495-37871520 PNNN RT(1699016104429 2930) q(0 0 0 -1) r(0 0) U6
cache-control
no-cache, no-store
server-timing
bon, total;dur=5.685924999999999
content-length
735
unified-tag.js
cdn.attn.tv/tag/4-latest/ 		129 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_3bd5bff693
Requested by
Host: cdn.attn.tv
URL: https://cdn.attn.tv/doterra/dtag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-108.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3c460a9c7453acaa7f0bebd7e53ebc6170e26a83e4c6174859ac8a43bca1faa

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id
fMUBYcNZdj9JXr3SHCIo1U0CrFts1WWS
content-encoding
gzip
via
1.1 bc177ce25ddc555a7d303bc4d290a6ec.cloudfront.net (CloudFront)
date
Fri, 03 Nov 2023 12:53:53 GMT
x-amz-cf-pop
SYD62-P2
age
74
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 02 Nov 2023 21:08:30 GMT
server
AmazonS3
etag
W/"1a95920078d848e62bbdb6bac8d0a065"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300
x-amz-cf-id
lYSaELBHp5D1dsTBsEyD2FMQx1sGlQoN7_VgfEjo0cK7s-ZV-igwtQ==
/
doterra.attn.tv/d/ 		5 B
266 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://doterra.attn.tv/d/?attn_vid=1b22e838d16a40c9b87ad6380c5320a8
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/alynn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 12:55:08 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type
application/json
access-control-allow-origin
*
x-envoy-upstream-service-time
4
cf-ray
8204c510e98ea80d-SYD
alt-svc
h3=":443"; ma=86400
e
events.attentivemobile.com/ 		0
249 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events.attentivemobile.com/e?v=4.25.41_4751d710df&pd=https%3A%2F%2Fwww.doterra.com%2FUS%2Fen%2Fsite%2Falynn&u=1b22e838d16a40c9b87ad6380c5320a8&c=doterra&ceid=mbM&lt=1699016107623&tag=modern&cs=2099308299&t=v&r=&m=%7B%22source%22%3A%22a%22%7D&cb=1699016107628
Requested by
Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_3bd5bff693
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 12:55:07 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/png
access-control-expose-headers
Set-Cookie, X-Count, X-Token
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
cf-ray
8204c510ca585d25-SYD
alt-svc
h3=":443"; ma=86400
content-length
0
doterra.attn.tv.js
cdn.attn.tv/growth-tag-assets/client-configs/ 		0
383 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.attn.tv/growth-tag-assets/client-configs/doterra.attn.tv.js
Requested by
Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_3bd5bff693
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-108.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id
kGJjc2HxNgGNuk_7UqP1h9o.liqWLb8I
content-encoding
via
1.1 bc177ce25ddc555a7d303bc4d290a6ec.cloudfront.net (CloudFront)
date
Thu, 02 Nov 2023 16:27:27 GMT
last-modified
Mon, 17 Dec 2018 20:59:49 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
age
74367
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
x-cache
Error from cloudfront
content-type
text/javascript
accept-ranges
bytes
content-length
0
x-amz-cf-id
gWxwbvQ-2sfQV2h3h79vEZz1i5brdqrivEUAQzlpeRUic_Dl9SrmWA==
collect
www.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-8T2XPNM14G&gtm=45je3b11v9131064645&_p=1699016106202&gcd=11l1l1l1l2&ul=en-us&sr=1600x1200&cid=19521990.1699016107&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.doterra.com%2FUS%2Fen%2Fsite%2Falynn&dt=Business%20Site%20Home%20Page%20%7C%20d%C5%8DTERRA%20Essential%20Oils&sid=1699016107&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=4268
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8T2XPNM14G&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 12:55:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.doterra.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-PHX657&v=3&t=t&pid=1499052320&cv=205&rv=3b11&tc=87&es=1&e=gtag.config&eid=18&u=AgAAAAAIIAAAACCI&h=Ag&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 12:55:07 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
/
www.google.com/pagead/1p-user-list/956873153/ 		42 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/956873153/?random=1699016107265&cv=11&fst=1699012800000&bg=ffffff&guid=ON&async=1&gtm=45He3b11v71674160&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.doterra.com%2FUS%2Fen%2Fsite%2Falynn&frm=0&tiba=Business%20Site%20Home%20Page%20%7C%20d%C5%8DTERRA%20Essential%20Oils&fmt=3&is_vtc=1&cid=CAQSGwDICaaNulMVwoMZdTrd5su7trRogL10cXfOQQ&random=2070784722&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 12:55:07 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.au/pagead/1p-user-list/956873153/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/pagead/1p-user-list/956873153/?random=1699016107265&cv=11&fst=1699012800000&bg=ffffff&guid=ON&async=1&gtm=45He3b11v71674160&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.doterra.com%2FUS%2Fen%2Fsite%2Falynn&frm=0&tiba=Business%20Site%20Home%20Page%20%7C%20d%C5%8DTERRA%20Essential%20Oils&fmt=3&is_vtc=1&cid=CAQSGwDICaaNulMVwoMZdTrd5su7trRogL10cXfOQQ&random=2070784722&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f35.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 12:55:08 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-PHX657&v=3&t=t&pid=1499052320&cv=205&rv=3b11&tc=87&es=1&e=*&eid=19&u=AgAAAAAIIAAAACCI&h=Ag&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 12:55:08 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
unrenderedCreative
doterra.attn.tv/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://doterra.attn.tv/unrenderedCreative?v=4.25.41&r=&id=1b22e838d16a40c9b87ad6380c5320a8&pv=1&l=https%3A%2F%2Fwww.doterra.com%2FUS%2Fen%2Fsite%2Falynn&w=1600&h=1200&ss_ref=ORGANIC&f=2
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/alynn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.doterra.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 03 Nov 2023 12:55:09 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
12
cf-ray
8204c515ccb0a80d-SYD
alt-svc
h3=":443"; ma=86400
bundle
rs.fullstory.com/rec/ 		29 B
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/bundle?OrgId=98984&UserId=6153593096122368&SessionId=6590768799428608&PageId=1959512390268318512&Seq=1&PageStart=1699016107510&PrevBundleTime=0&LastActivity=877&IsNewSession=true
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
e0e2e99aa4cd3c9e304af1afbf6066db9efc07824c2bb3853650063e198e6d06

Request headers

Referer
https://www.doterra.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.doterra.com
date
Fri, 03 Nov 2023 12:55:09 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
content-type
application/json; charset=utf-8
collect
www.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-XW71K6YFHT&gtm=45je3b11v886967153z871674160&_p=1699016106202&gcd=11l1l1l1l1&cid=19521990.1699016107&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=4&sid=1699016106&sct=1&seg=0&dl=https%3A%2F%2Fwww.doterra.com%2FUS%2Fen%2Fsite%2Falynn&dt=Business%20Site%20Home%20Page%20%7C%20d%C5%8DTERRA%20Essential%20Oils&en=get_user_data&ep.login_status=false&ep.custom_client_id_event=19521990.1699016107&ep.authentication_status=false&_et=4&up.custom_client_id_user=19521990.1699016107&up.url_language_user=en&tfd=8485
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XW71K6YFHT&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.doterra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 12:55:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.doterra.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bundle
rs.fullstory.com/rec/ 		29 B
43 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/bundle?OrgId=98984&UserId=6153593096122368&SessionId=6590768799428608&PageId=1959512390268318512&Seq=2&PageStart=1699016107510&PrevBundleTime=1699016109167&LastActivity=4857&IsNewSession=true
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
75d01a0cc5ee3418c290de0e6013e755acade8930753a3960f8c78d3deca5fd4

Request headers

Referer
https://www.doterra.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.doterra.com
date
Fri, 03 Nov 2023 12:55:12 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
content-type
application/json; charset=utf-8

Verdicts & Comments Add Verdict or Comment

510 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture string| appKey undefined| adrumScript number| adrum-start-time object| adrum-config object| reese84 function| a1_0x47c1 function| a1_0x42b1 function| reese84interrogator function| initializeProtection function| protectionSubmitCaptcha object| mediator function| dataLayerEvent function| trackAddToWishList_gtm function| trackProductClick_gtm function| trackAddToCart_gtm function| trackRemoveFromCart_gtm function| trackSelectPromotion_gtm function| trackAddShippingMethodClick_gtm function| trackAddPaymentMethodClick_gtm object| dataLayer function| $ function| jQuery object| scriptElem string| MY_DOMAIN boolean| REQUIRE_USER_EXPRESSED_PERMISSION object| _STATE function| wrapCMSParagraphVideos function| processRunOnce function| processResponse function| runOnce function| getBehavior function| handleAPIResponse function| activateElement object| QueueIt function| queueClient object| myQueueClient object| queueit number| totalItemsMiniCart string| cartDataSite object| ACC object| trackingMethod object| csrfTokenInputElements boolean| isProductMappingEnabled boolean| browserCloseLogoutFlag boolean| HAS_SESSION_CART boolean| IS_ANONYMOUS_USER string| abandonCartText string| abandonLrpCartText object| localText string| countryName string| mockCardTokenization string| paymetricSourceUrl string| mysteryProductSku string| apiKey number| showModalGreenPopUpTimeout number| showModalGreenPopUpWait object| doUpdatesMarketList object| supportedEnrollmentMarkets object| bankroutingPattern object| billingZipPattern object| govIdMaxlength object| billingMobilePhonePattern object| billingMobilePhonePlaceholder object| billingMobileMaskPattern object| govIdPattern object| billingZipRegex object| billingZipMask object| truste string| contextPath string| baseURL string| currencySymbol string| commonResourcePath string| siteId string| bannerEnabled string| globalNavigationHideCountryList string| needToResetPassword string| passwordResetDaysLeft string| aromaCheck string| isAgentLoggedIn string| dotUserId string| sessionCartCode string| accountType boolean| queueItEnabled string| stateCode string| stateName string| postalCode string| countryCode string| isGigyaEnabledGlobally boolean| setPrimaryEmail boolean| showPortalModal object| regexEmail string| CCTServerAddress string| CCTPreChatSurvey string| CCTAccountManagementPreChatSurvey string| CCTTokenEx boolean| isAnonymousUser string| addressline1 string| addressline2 string| city object| lazySizesConfig object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| gtag object| $jscomp object| bootstrap object| bootbox function| moment function| Cookies object| lazySizes undefined| shareButtons function| shareButtonService function| downloadPDF function| shareButtonInit string| pattern string| placeholder function| fieldMaskInit function| setupFieldMask function| phoneMaskInit function| setPhonePattern function| dateMaskInit function| setDatePattern object| CARD_STATUS string| currentTabID string| isEnrollmentPage string| hasEnrollmentCartEntries number| currentEpochTime boolean| hideRegionBanner boolean| unsavedChanges boolean| rafNoThanksClicked undefined| forcedTargetUrl undefined| cartType undefined| lastFocusElm object| wishlistProcessing object| wellnessResubscribedStatus string| WELLNESS_RESCUBSCRIBED_CLICKED string| WELLNESS_RESCUBSCRIBED_RESUMED string| MSG_ERROR_CLASS_NAME string| MSG_INFORMATIONAL_CLASS_NAME string| MSG_HELPER_CLASS_NAME string| MSG_DIRECTIONAL_CLASS_NAME string| MSG_WARNING_CLASS_NAME string| MSG_SUCCESS_CLASS_NAME string| MSG_SPECIAL_CLASS_NAME string| NON_MSM_CLASS_NAME string| MODAL_GRAY_CLASS_NAME function| showGlobalErrorMessage function| showGlobalInfoMessage function| showGlobalHelperMessage function| showGlobalDirectionalMessage function| showGlobalWarningMessage function| showGlobalSuccessMessage function| showGlobalSpecialMessage function| showGlobalBasicMessage function| showModalNonMessage function| showModalGray string| loading string| RENDERED_BS_SELECT string| addErrorConstant string| quantityMessage string| loyaltyOrder string| onetimeOrder string| enrollmentOrder undefined| addressFormEcomm function| lsTest object| formForRecaptcha undefined| formidForRecaptcha function| onloadCallback function| setStorage function| getStorage function| removeStorage object| bcTempTitle function| updateBreadcrumb undefined| FTLModal undefined| FTLModal2 undefined| FTLMessage undefined| FTLMessage2 undefined| FTLOptions undefined| FTLOptions2 undefined| FTLTitle string| firstTimeLoggedIn function| createInputElement function| showLoadingSpinner function| hideLoadingSpinner function| tooltipCustom object| baseSelectOptions function| getStackTrace function| redirectToPage function| updateReferralCustomerPopUpValue function| addLoadingSpinnerAndSubmit function| checkHomepageSlider function| showShopFirstLoginPopup function| showEnrollNewMemberPopUpMessage string| enrollerFields function| disableEnrollerFields string| json boolean| addr_flag function| validateAddress function| onCloseAddressVerifyModal function| enableNoRecommendationTab function| enableRecommendationTab function| refactorAddress function| refactorPRAddress function| refactorPRUrbanizedAddress function| refactorPRRuralRouteAddress function| removeDisabled function| submitForm function| saveAddress function| updatePasswordPrompt function| stopUpdatePasswordPrompt function| redirectToMyCart function| enableCartCopMiniCart function| launchCartCop function| initBtnSelect string| userAgent boolean| isAndroid function| showFeedbackModal function| validateFeedbackModal object| ytElements object| videoModal function| ytRichSnippets function| videoRichSnippets undefined| tag undefined| firstScriptTag undefined| ytPlayer undefined| ytPlayed function| getVideoID function| initVideoAWS object| vimeoElements function| vimeoRichSnippets function| initVimeo function| getLabel function| initAnchors function| gaEvent function| passwordRequirements function| toggleShowHide function| toggleShowHideOnKeyDown function| isNumberKey function| isDouble function| limitVal function| showRemoveMessage function| removeProductMessaging function| removeProductMessagingHelp function| showGlobalBootboxMessage function| showModal function| swapNumber function| setPhoneNumber function| setPhoneType function| callOtpVerification function| callAuthyVerification function| formatPhoneNumber function| mergeLrpOrder function| mergeCart function| toggleHiddenSection function| aromaCheckLoginPopup function| siteLogoClick function| abandonCartMsg function| updateCreditBalanceSection function| toggleSSNChars function| addConventionProductOnly function| showProductCustomizeModal function| launchParentChildModal function| getProductCustomizeModalData function| renderProductCustomizeModal function| initProductQuantity function| showLTOLimitReached function| showExceedMaxPromotionLimit function| checkCustomizeQty function| verifyQuantityInput function| addParentItemOnly function| SimpleCustomizeParentProduct function| SimpleCustomizeChildProduct undefined| scrollPosition function| readSession function| getValOnly function| updateUser function| createTabID function| chkUserLoggedIn function| logoutFromBackend function| createSession function| generateUID function| changeKit function| calculateCardExpiryDate function| isEnrollToLRPValid function| enrollToLRPMinumumPVModal function| pvPromotionCheck function| upgradeAndRedirectToEnroll function| abandonCart function| checkOnloadModals function| checkTGNotificationModal function| showCustomerReferralModal function| setShowAgainFlag function| checkQuickGuideModal function| guidedTourInit function| setStorageForRetailCartLogin function| showRoutingModal function| setFullStoryEvent function| checkProductRows function| adjustRowsHeight function| resetProductRowHeight function| showAddressVerificationModal function| showAddressCompareModal function| populateFields function| backToEditAddress function| enteredAddressSelected function| recommendedAddressSelected function| compareFieldValues function| personalEnteredAddressSelected function| personalRecommendedAddressSelected function| ecommRecommendedAddressSelected function| compareInitialValues function| isValidEmailAddress function| promptForPrimaryEmail function| saveEmailSubmit function| showUniqueEmailModal function| checkUniqueEmailAddress function| saveEmailAddress function| skipUniqueEmailCheck function| showPortalPreviewModal function| checkProp65Warning function| showProp65WarningMessage function| copyToClipboard function| updateRegionList function| checkCardTypeAndRegionList function| wareHouseSwitcherChangeAction function| setDatePicker function| setNfrOtgContext function| warehouseToggleOnload function| updateSelectWithData function| updateSelectWithCardData function| updateZipWithMask function| zipCodeFormatter function| validatePostalCode function| checkCartContext function| setNFRTooltip function| setSelectorValue function| changeSwitcherInputFlagOnLoad function| changeSwitcherInputFlag function| showDefaultMarketBanner function| updateBannerData function| handleSelectChangeMarket function| editLRPTemplate function| closeRegionBanner function| marketChangeAction function| getDHyCSTempID function| updateDhyCSEnrollerInfo function| handleAddToCartResponse function| recommendedProductsDisplay function| showProductOverlay function| getElement function| resetLanguage function| completeExpressBodsModal function| checkBodsRequired function| resumeWellnessProgramModal function| showShippingDelayModal function| showShippingDelayModalGeneratedByBanner function| productMappingModal function| setnfrOtgFlagVal function| getDisplayedAccountType function| showMismatchedCartAndSiteSalesOrgsBox function| showNewAccountAuthPopup function| determineMarketMismatchContext function| copyTextToClipboard function| copyText function| setAriaExpandedValue object| alertQueue function| adaAlert function| processAlert function| enableDisableCrmTracker function| closeShareDropdown function| captureLastElement function| returnLastElementFocus function| renderProductHighlight undefined| ytPlay function| onYouTubeIframeAPIReady function| initMinicart function| updateMiniCartContent function| renderProductRow function| updateMiniCartContentOld function| clearMiniCart function| updateMiniCartIcon function| miniCartClicked function| miniCartLoginPopup function| handleRemoveAlert function| removeProductFromMinicart function| removeProductFromMinicartWithEntryNumber function| removeProductFromMinicartAjaxCall function| showMinicartSpinner function| hideMinicartSpinner function| checkForActiveCart function| verifyAddEnrollmentKit boolean| quickGuideHasBeenClicked function| getDatepickerTitle function| generateTableCaption function| saveLRPDateFlow function| addToWishlist function| moveToWishlist function| refreshDonationCheckbox function| addProductToWishlistCarousel function| removeProductFromWishlistCarousel function| createWishlistProductItem function| removeFromWishlist function| wishListQuery function| removeSessionProduct function| addSessionProduct function| getList function| bindWishlistIcons function| loadIcons function| loadIcon function| bindWishlistIconClick function| createWishListEntry function| removeEntry function| setIcons function| changeColor function| productClick_gtm function| addToCartClick_gtm function| addToWishlistClick_gtm function| removeFromCartClick_gtm function| addShippingMethodClick_gtm function| addPaymentMethodClick_gtm function| selectPromotionClick_gtm function| publish object| forms object| widgets function| formValidationService function| toggleRequiredGroup function| checkExpirationDate function| checkRequiredGroup function| formInit string| OrderContextInformationModal object| pathArray object| siteLogo function| showEnrollNewMemberPopUpMessageReplicatedSite object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| smartedit function| FontFaceObserver object| gaGlobal object| recaptcha object| searchResultsObject object| searchContentType object| searchSortType number| resultsPerPage boolean| filterOpened boolean| loadAjax function| resetLazyLoadObject function| renderFullResults function| renderFilterSortFullResults function| renderRecentSearch function| decodeURIComponentSafe function| checkLazyLoad function| getURLParameter function| filterCall function| getFilterList function| toggleNav function| shiftOffCanvasMenu string| globalGridClasses function| initiateSelectYourRegionPage function| sortByOrderNum function| sortByName function| findByCode function| extractLanguage function| validateLanguage function| extractRegion function| validateRegion string| IDLE_TIMEOUT number| TIMEOUT_CHECK_INVERVAL number| _idleMinutesCounter number| idleTime function| startTimeCheck function| checkIdleTime function| showIdleMessage function| formatTime object| AOS string| LANGUAGE_COOKIE string| DEFAULT_LANGUAGE object| LANGUAGES object| EMAIL_TEMPLATE_LANGUAGES string| REGION_COOKIE string| DEFAULT_REGION string| DEFAULT_PRIVACY_POLICY_LINK string| DEFAULT_TERMS_OF_USE_LINK object| REGIONS object| ZONES string| aName string| bName object| regionMap object| GooglebQhCsO boolean| _fs_debug string| _fs_host string| _fs_script string| _fs_org string| _fs_namespace function| FS object| gaplugins object| gaData string| _fs_loaded function| _fs_shutdown boolean| __attnLoaded object| attn_d0x0b_evt object| attentive string| __attentive_domain object| __attentive object| __attentive_cfg boolean| __poll_for_path_change string| attn_d0x0b_cfg

30 Cookies

Domain/Path Name / Value
www.doterra.com/US/en/site Name: fontBody
Value: fontBody-loaded
www.doterra.com/US/en/site Name: fontFA
Value: fontFA-loaded
www.doterra.com/ Name: JSESSIONID
Value: C93C0278D1C7CA51A1109CE5A831AC2E
www.doterra.com/ Name: JSESSIONID-B2BACC
Value: Y10-2c77c90a-5b8c-42eb-9e62-0ed6b23bf3f6
www.doterra.com/ Name: DOTERRAF5
Value: 979591268.10787.0000
.doterra.com/ Name: nlbi_661002
Value: qnXgYuWVFDsvogEwyFxrGQAAAAA1sNpO/1ySKHg69uby4Ttl
.doterra.com/ Name: visid_incap_661002
Value: Xy0SBTxwQ/qkFCKFM4N3jajtRGUAAAAAQUIPAAAAAABU0+tHOYtcyslz4N+rdarE
.doterra.com/ Name: incap_ses_974_661002
Value: AOVdFMYt6BzGhzrl61eEDajtRGUAAAAAfXQGpcSXe6yekjq+cqkUVw==
.doterra.com/ Name: notice_behavior
Value: none
mydoterra.queue-it.net/ Name: Queue-it-05f923e9-0405-4eaa-89e6-6bdef980487d
Value: WasRedirected=false&i=638346129066633911
.queue-it.net/ Name: Queue-it
Value: u=06a53874-1d0f-4d7b-a48b-4ee58dac5715
www.doterra.com/ Name: QueueITAccepted-SDFrts345E-V3_hybbogofeb2019
Value: EventId%3Dhybbogofeb2019%26QueueId%3D05f923e9-0405-4eaa-89e6-6bdef980487d%26RedirectType%3Dsafetynet%26IssueTime%3D1699016106%26Hash%3D923d7004085e928e3bbb0d77e6980ee28c648f998c5e7021a5ce8c1f21686b52
.doterra.com/ Name: _ga_JP5T5508JH
Value: GS1.1.1699016107.1.0.1699016107.0.0.0
.doterra.com/ Name: _ga_XW71K6YFHT
Value: GS1.1.1699016106.1.0.1699016107.0.0.0
.doterra.com/ Name: _gcl_au
Value: 1.1.1528192817.1699016107
.doterra.com/ Name: _ga
Value: GA1.2.19521990.1699016107
.doterra.com/ Name: _gid
Value: GA1.2.811515224.1699016107
.doterra.com/ Name: _gat_UA-28403841-1
Value: 1
.doterra.com/ Name: _gat_UA-28403841-10
Value: 1
.doterra.com/ Name: nlbi_661002_2147483392
Value: oJMnd/DLGSN8DwQTyFxrGQAAAAA2bjcbrFOHsot2dXKDem2j
.www.doterra.com/ Name: reese84
Value: 3:LvtnnmSBGhW6Pj2BxbWnyw==:Xex6a8ljtQneZgpeHeLgYXROm6wU5CDJ9y9k0xx7jIV4yA5qA74ZcgUHemzskOh9IEn2zmdNTPTushnkHQyMYciXvEWHz3YpzWhgUwHCQFTgFhUd6w1azGo5mfAnBHrtOeMEwlxApBNzSIPzPohdErfrNrpts1VGH3hxo0YhdH5DwogLc6LtX2wTxSgp8BSVpjqrrAmqOvNgPY63lNpxzWKK6rT4Bb8QLyhPiSPxzidEC5PBWXoM84aX7hzmJuGh6a3fs7OC6q+DEd6Kv82nTZj1fqpykJFN0R/KO6ONe3KXhHV4ilqAfTFJVeJ1KGI15KFwograpWWjrtGexWA4UGzJt6t45ujBK/aNIuvUnQUx8zJF9UTNvm/6IMyam4pTG6jPsoS7kJftlddwkoy8Rv2UKCjGCjKgwqcmbRFk3Hy8Ns4ppXQg2NYrAYLAHP/CE83EgbXzbPHaJepApPcpdXbo1bzr359y9Z0cWbcIybKaE/xRnjHsnAjVTC0CliIgNQzfGtsxsMAT38fqoixb52GLsWkdaG+HVw63EWcJvdjVeDHq1dZVjr+YIzb8T3s6UXneqIWb0ZJobKW4CvA2dw==:0KJ0UtTTtb1GdJYT6Ncbo1S/JLpjU9PDcWTc/POThYU=
www.doterra.com/ Name: __attentive_id
Value: 1b22e838d16a40c9b87ad6380c5320a8
www.doterra.com/ Name: _attn_
Value: eyJ1Ijoie1wiY29cIjoxNjk5MDE2MTA3NjI1LFwidW9cIjoxNjk5MDE2MTA3NjI1LFwibWFcIjoyMTkwMCxcImluXCI6ZmFsc2UsXCJ2YWxcIjpcIjFiMjJlODM4ZDE2YTQwYzliODdhZDYzODBjNTMyMGE4XCJ9In0=
www.doterra.com/ Name: __attentive_cco
Value: 1699016107627
.doterra.com/ Name: fs_uid
Value: #98984#6153593096122368:6590768799428608:::#/1730552107
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.doterra.com/ Name: _ga_8T2XPNM14G
Value: GS1.2.1699016107.1.0.1699016107.0.0.0
www.doterra.com/ Name: __attentive_pv
Value: 1
www.doterra.com/ Name: __attentive_ss_referrer
Value: ORGANIC
www.doterra.com/ Name: __attentive_dv
Value: 1

3 Console Messages

Source Level URL
Text
network error URL: https://www.googleapis.com/youtube/v3/videos?id=OEnKOk4ad0U&key=AIzaSyC3Hu7AUhct1i_5NLSWwrG3lgc50cCfLys%20&part=snippet
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.googleapis.com/youtube/v3/videos?id=o_M4XsYaOxM&key=AIzaSyC3Hu7AUhct1i_5NLSWwrG3lgc50cCfLys%20&part=snippet
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.googleapis.com/youtube/v3/videos?id=M7btq8eYavY&key=AIzaSyC3Hu7AUhct1i_5NLSWwrG3lgc50cCfLys%20&part=snippet
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.attn.tv
consent.trustarc.com
doterra-prod-media1.s3.amazonaws.com
doterra.attn.tv
edge.fullstory.com
essentialoilsvn.com
events.attentivemobile.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
mydoterra.queue-it.net
rs.fullstory.com
stats.g.doubleclick.net
www.doterra.com
www.google-analytics.com
www.google.com
www.google.com.au
www.googleapis.com
www.googletagmanager.com
www.gstatic.com
15.197.142.173
172.217.24.34
172.217.24.35
172.217.24.36
172.217.24.40
172.217.24.42
172.217.24.46
172.64.144.121
172.64.148.35
18.67.111.108
18.67.111.47
35.186.194.58
35.201.112.186
45.60.16.13
52.92.180.41
54.149.243.64
74.125.200.154
02bf0953172eb43ce25854e2c452fb15d21575ee597897a69f061309ad7238c5
02d7cb03b67e962ecbdd510a818e09f81b1d61c4136b81015806fc3c18271945
0301ef9f0c3edb1b3d56138e434d0818d277f9421b110187490bb83f4cae8bf3
07818b0854bb53af39ec11ca7338e0b047cc403bc96549e73f9617f6f8a2a527
0d9c820b8513f379548801f1acab020d1a365b2274d5609c36dbd6a704ae21a4
1293064ef09cefcc669468aa5b44c867b8d8a6ac2705d90c3add7c38e46d055e
16c6aa6f7a8d274a01b8b20215539a39ba9d01c5c9ee8a98be5d50495008a602
1bd2de019bf3aae2c5075117ddd86594b82b2f1e81cefc25eebde0d0e72c378f
1fd2538a8e53dddd545d7bb1644c8e8b85822858c7582bb6118e77487bc0f4ab
21fc6ef42e60f2a22a63f04573d544818e1105431eb7d09cdef3675e2986b178
291b672b873b213cbaacaf676499de6f079fffbfe8bd891ba4c67bd256ba0423
2a7c2aeca8ad17cc518b0ad8dfc076ad485410a91489795687d284ef06be3bf3
2b875652a31af580982af9055d6c2950ec6f4a753e22fe1d315dc7e56ced6605
30a0cadd7d2b714e8c3841d041994ed01e1ccbd3964f13da872f7be0280da29e
36fad6bb7ec9f2052bcc4ed613257826aafd90dd87ad81544e6ae88b373dcd71
39932e4be1cf3bf23a1163f106d339ad9f053f2fe57850225416dddd4ee5d0a2
3b758cb75799b9c91e868b4198c809de5f4a882f0b6d502c7275fe861bbc2f8f
46fed4ad84f360e1ac10edb0abca0eac25d788f7c2e5f27a093d0043f466a0bd
4af65930458f430fb4db74f90a9e2242e326d2b80fbf9d1386b6c426a661ffe2
4e187cb6b712a0170d08099c3b8e6a0847f079c60ff446b3c1fb1b5dd50bd562
4f2721fcaed5436f55432318b274d1542e96753b56c6ec6cdbd1c0fdd46bc66d
500955e5d7667b08ef55cb31f5a7ab9bb1800780eec91c05f4f0fcb326887774
528eb4900ccdd06e15447187e3b5e68f6563f7e4e4941cba627859b107441224
5aa04641c6c5f68ae6e636aac8babdc290f63d2860dbf3bea4a3596d1e7c7777
5aa199ee93adca02f93e6e2fe8af17ac8ea17ebe91a03af8c145b837efea28c6
65b780bd79a6305ccd2217f3516dcd8df6b95b3094277124d2db8aa591e2f8b5
6a8b4abd7859dc24b02b18c670fee2bbd58bb58d8737b09d3d8576a2d52b4e7a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c5b1a42f080ae21b68804a06673529da967c0dbfe467d765f48a3ce9e421f81
72bbb8c259cfa8e4d922ab418ec3a797932927b16cc6a0fd73bf9b3e9830e8d8
73e336238f841bb74b2f18ff731ca9e0b35f8432d39f5800c03beba526c18c07
75d01a0cc5ee3418c290de0e6013e755acade8930753a3960f8c78d3deca5fd4
78caf237e7bd6702310082aafc22ba202d2834996fa3c910d128f2302d4fd577
82b851f9ae974acecd4494a1728c434bec91e750b240015d3b311e327056bd84
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
8f319e9969c1d3b8179ea3f810d140eaf8ca459c3dc56a79bdca5eefd484a2f2
a16c46c30c67912b971cb8a8c63051a65a7b41fb8b235c69c4accabe4fe59a71
ac1dbec7b37a039390412e39114b98ddff8512e132341556e3187b9a62fdafb1
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b831e61b401667329faf3762f439d396cad0b2e381fbcb6baaa53da58e1ba885
c1d4715100d625641cdcefb81385867c8860e408042829bb38346ae600108440
c78bddc855c44518d1e4655487e44973b64b06c1b297abc80cf85678081f6acb
c7f150e7d0ed3cf657e531221f2640209e6daebed0fbaa6ab7e430ce8eb56a37
cdfa96a811d423c7c0bf9ddad0daee720bbc8917985654311a6c790d1177b0bb
d2765f5561cf42391e2322a8a3c6d54483907de0905b8e050fc8efdce92b6261
d2ee0ab56e32cf4ab021728996c5f580de9d753d3eedac3b80960d9a8f967bca
d314e23674a93dcaa9bfb72041d7da79fdba406f2d042b416356da52dec4af55
d8d492e9940ea13f04fd72121c1bcc1daf6db4b23c3e86fafd220d78633c9061
da298619609610ffc1ea0a37f6cb56bb48123da37a8d5fd211463eea72fb1c32
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df69996fbe9c962030014ac1843f60c9abedcf10660c68c9b5938b20a3424a8e
e0e2e99aa4cd3c9e304af1afbf6066db9efc07824c2bb3853650063e198e6d06
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c460a9c7453acaa7f0bebd7e53ebc6170e26a83e4c6174859ac8a43bca1faa
e5425d2498df638e89b36bafef56ce9677d1ae238fb04b8efdaa6896ef6a9f68
e63be68d6cb16804453b518b8391225dc0e96a3e3fe816dba65bc072fb3a26a3
ec6c32f505b11d2d98f6ab64c269714bc3bbefded1e5406b917c50690f32cf87
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f066307d2ba5ed08fcb231085b174a3415d7e084b4956799f4b70cd328e8a8a0
f6595a6cae5eae5be3d15f0f8a7a15ba74bc27f6140b101eb12ae167f598bddb
f9cdce57a785ac2b41fbddcf3d66928796438a8a7495f8baf96509cf43889371
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
ffc74932e113b0da44e2ade790dcde73c071aa191c230ae370a09dbe57c62084
fff8873af87167f34cabf6080d22915a1d24a0a58890d5e3ca3dcf0a9201b9f2