login.doterra.com Open in urlscan Pro
44.239.92.6 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://beta-doterra.myvoffice.com/
Effective URL:
https://login.doterra.com/us/en-us/sign-in
Submission: On May 31 via manual (May 31st 2023, 8:05:46 pm UTC) from AT — Scanned from DE

Summary HTTP 54 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 11 domains to perform 54 HTTP transactions. The main IP is 44.239.92.6, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is login.doterra.com. The Cisco Umbrella rank of the primary domain is 379969.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on December 27th 2022. Valid for: a year.

This is the only time login.doterra.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	45.60.243.189 45.60.243.189	19551 (INCAPSULA) (INCAPSULA)
4	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
1 1	54.88.149.194 54.88.149.194	14618 (AMAZON-AES) (AMAZON-AES)
16	44.239.92.6 44.239.92.6	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
10	143.204.98.46 143.204.98.46	16509 (AMAZON-02) (AMAZON-02)
3	143.204.98.31 143.204.98.31	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
8	13.225.78.57 13.225.78.57	16509 (AMAZON-02) (AMAZON-02)
1	44.241.10.12 44.241.10.12	16509 (AMAZON-02) (AMAZON-02)
54	12

2 45.60.243.189 (United States) 1 redirects

ASN19551 (INCAPSULA, US)

beta-doterra.myvoffice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.88.149.194 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: lb-d.us1.gigya.com

fidm.us1.gigya.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 44.239.92.6 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-92-6.us-west-2.compute.amazonaws.com

login.doterra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 143.204.98.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-46.fra50.r.cloudfront.net

sdk.login.doterra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.98.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-31.fra50.r.cloudfront.net

cdn.appdynamics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 13.225.78.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-57.fra2.r.cloudfront.net

consent.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.241.10.12 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-241-10-12.us-west-2.compute.amazonaws.com

pdx-col.eum-appdynamics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	doterra.com login.doterra.com — Cisco Umbrella Rank: 379969 sdk.login.doterra.com — Cisco Umbrella Rank: 508331	7 MB
8	trustarc.com consent.trustarc.com — Cisco Umbrella Rank: 2839	180 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49 region1.google-analytics.com — Cisco Umbrella Rank: 1866	21 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 70	212 KB
3	gstatic.com fonts.gstatic.com	75 KB
3	appdynamics.com cdn.appdynamics.com — Cisco Umbrella Rank: 3470	95 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 66	2 KB
2	myvoffice.com 1 redirects beta-doterra.myvoffice.com — Cisco Umbrella Rank: 482210	2 KB
1	eum-appdynamics.com pdx-col.eum-appdynamics.com — Cisco Umbrella Rank: 3995	730 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 111	353 B
1	gigya.com 1 redirects fidm.us1.gigya.com — Cisco Umbrella Rank: 148474	482 B
54	11

	Domain	Requested by
16	login.doterra.com	beta-doterra.myvoffice.com login.doterra.com sdk.login.doterra.com
10	sdk.login.doterra.com	login.doterra.com sdk.login.doterra.com cdn.appdynamics.com
8	consent.trustarc.com	cdn.appdynamics.com login.doterra.com
4	www.googletagmanager.com	beta-doterra.myvoffice.com www.googletagmanager.com cdn.appdynamics.com
3	fonts.gstatic.com	fonts.googleapis.com
3	cdn.appdynamics.com	login.doterra.com cdn.appdynamics.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.googleapis.com	cdn.appdynamics.com
2	region1.google-analytics.com	www.googletagmanager.com
2	beta-doterra.myvoffice.com	1 redirects
1	pdx-col.eum-appdynamics.com	cdn.appdynamics.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	fidm.us1.gigya.com	1 redirects
54	13

This site contains links to these domains. Also see Links.

Domain
www.doterra.com

Subject Issuer	Validity	Valid
*.myvoffice.com Go Daddy Secure Certificate Authority - G2	`2022-11-11` - `2023-11-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.login.doterra.com Go Daddy Secure Certificate Authority - G2	`2022-12-27` - `2024-01-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
sdk.login.doterra.com Amazon RSA 2048 M02	`2023-01-23` - `2024-02-21`	a year	crt.sh
*.appdynamics.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-17` - `2023-07-22`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.trustarc.com Amazon RSA 2048 M02	`2023-04-17` - `2024-05-14`	a year	crt.sh
*.eum-appdynamics.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-14` - `2023-07-15`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://login.doterra.com/us/en-us/sign-in
Frame ID: 397403A287EDC1F5BD6FB73662A17959
Requests: 48 HTTP requests in this frame

Frame: https://sdk.login.doterra.com/gs/webSdk/Api.aspx?apiKey=3_IeTHYO5iQqBz2VEw0sOh3dqMQj2cR1DamqynMcICUyquuiM8-63c7onnMkZyja7c&version=latest&build=13905
Frame ID: 7EBAD6EC344CA0FEADE9B3270687866D
Requests: 2 HTTP requests in this frame

Frame: https://sdk.login.doterra.com/gs/webSdk/Api.aspx?apiKey=3_IeTHYO5iQqBz2VEw0sOh3dqMQj2cR1DamqynMcICUyquuiM8-63c7onnMkZyja7c&version=latest&build=13905
Frame ID: 81978DFAFFB71CAACA54FC81D1C7FFDD
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-PHX657
Frame ID: B6A37C48DB5C84B7AAF7422A9545425A
Requests: 1 HTTP requests in this frame

Frame: https://consent.trustarc.com/get?name=crossdomain.html&domain=doterra-cm1.com
Frame ID: 480D5F3EC4D00E2BB7533E4789A63968
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login Page | dōTERRA Essential Oils

Page URL History Show full URLs

http://beta-doterra.myvoffice.com/ HTTP 302
https://beta-doterra.myvoffice.com/index.cfm Page URL
https://fidm.us1.gigya.com/oidc/op/v1.0/3_IeTHYO5iQqBz2VEw0sOh3dqMQj2cR1DamqynMcICUyquuiM8-63c7onnMkZyj... HTTP 302
https://login.doterra.com/op-proxy?context=us1_tk1.wNyA0tIAbPHbdpV08EHb8_5n0cKfB0Rnz0Z0VbGeCoM.1685564... Page URL
https://login.doterra.com/us/en-us/sign-in Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppDynamics (Analytics) Expand

Overall confidence: 100%
Detected patterns

adrum

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

TrustArc (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.trustarc\.com

Page Statistics

54
Requests

100 %
HTTPS

46 %
IPv6

11
Domains

13
Subdomains

12
IPs

3
Countries

8016 kB
Transfer

9768 kB
Size

24
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.doterra.com/GB/en_GB/cookie-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.doterra.com/
Title: Back

Search URL Search Domain Scan URL

URL: https://www.doterra.com/US/en/selectRegion/WC
Title: Enroll today

Search URL Search Domain Scan URL

URL: https://www.doterra.com/US/en/usa-online-privacy-notice
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.doterra.com/US/en/wellness-advocate-terms-and-conditions
Title: Terms of Use

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://beta-doterra.myvoffice.com/ HTTP 302
https://beta-doterra.myvoffice.com/index.cfm Page URL
https://fidm.us1.gigya.com/oidc/op/v1.0/3_IeTHYO5iQqBz2VEw0sOh3dqMQj2cR1DamqynMcICUyquuiM8-63c7onnMkZyja7c/authorize?scope=openid%20email%20profile&response_type=code&client_id=BhJDeNVWPPH1UqTCQn9y5EJo&redirect_uri=https%3A%2F%2Fbeta%2Ddoterra%2Emyvoffice%2Ecom%2Fcallback HTTP 302
https://login.doterra.com/op-proxy?context=us1_tk1.wNyA0tIAbPHbdpV08EHb8_5n0cKfB0Rnz0Z0VbGeCoM.1685564127&client_id=BhJDeNVWPPH1UqTCQn9y5EJo&mode=login&scope=openid+email+profile&gig_skipConsent=true Page URL
https://login.doterra.com/us/en-us/sign-in Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://beta-doterra.myvoffice.com/ HTTP 302
https://beta-doterra.myvoffice.com/index.cfm

Request Chain 2

https://fidm.us1.gigya.com/oidc/op/v1.0/3_IeTHYO5iQqBz2VEw0sOh3dqMQj2cR1DamqynMcICUyquuiM8-63c7onnMkZyja7c/authorize?scope=openid%20email%20profile&response_type=code&client_id=BhJDeNVWPPH1UqTCQn9y5EJo&redirect_uri=https%3A%2F%2Fbeta%2Ddoterra%2Emyvoffice%2Ecom%2Fcallback HTTP 302
https://login.doterra.com/op-proxy?context=us1_tk1.wNyA0tIAbPHbdpV08EHb8_5n0cKfB0Rnz0Z0VbGeCoM.1685564127&client_id=BhJDeNVWPPH1UqTCQn9y5EJo&mode=login&scope=openid+email+profile&gig_skipConsent=true

54 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

index.cfm
beta-doterra.myvoffice.com/
Redirect Chain

http://beta-doterra.myvoffice.com/
https://beta-doterra.myvoffice.com/index.cfm

1000 B
1 KB

282ms
266ms

Document
text/html

45.60.243.189
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://beta-doterra.myvoffice.com/index.cfm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.243.189 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Wed, 31 May 2023 20:05:26 GMT
p3p: CP='PUB OTRo'
server: Apache
x-cdn: Imperva
x-iinfo: 14-12825326-12823446 PNYy RT(1685563526440 18) q(0 0 0 -1) r(3 3) U12

Redirect headers

Content-Length: 96
Content-Type: text/html;charset=UTF-8
Date: Wed, 31 May 2023 20:05:26 GMT
Server: Apache
X-CDN: Imperva
X-Iinfo: 10-6885983-6885985 NNNN CT(168 -1 0) RT(1685563526082 0) q(0 0 2 3) r(4 4) U11
location: https://beta-doterra.myvoffice.com/index.cfm

GET
H2 200 gtm.js
www.googletagmanager.com/ 148 KB
55 KB 138ms
52ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KKCSWT4

Requested by

Host: beta-doterra.myvoffice.com
URL: https://beta-doterra.myvoffice.com/index.cfm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beta-doterra.myvoffice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 20:05:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55641
x-xss-protection: 0
last-modified: Wed, 31 May 2023 18:30:10 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 31 May 2023 20:05:26 GMT

GET
H2

200

op-proxy Show response
login.doterra.com/
Redirect Chain

https://fidm.us1.gigya.com/oidc/op/v1.0/3_IeTHYO5iQqBz2VEw0sOh3dqMQj2cR1DamqynMcICUyquuiM8-63c7onnMkZyja7c/authorize?scope=openid%20email%20profile&response_type=code&client_id=BhJDeNVWPPH1UqTCQn9y...
https://login.doterra.com/op-proxy?context=us1_tk1.wNyA0tIAbPHbdpV08EHb8_5n0cKfB0Rnz0Z0VbGeCoM.1685564127&client_id=BhJDeNVWPPH1UqTCQn9y5EJo&mode=login&scope=openid+email+profile&gig_skipConsent=true

3 KB
3 KB

584ms
176ms

Document
text/html

44.239.92.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.doterra.com/op-proxy?context=us1_tk1.wNyA0tIAbPHbdpV08EHb8_5n0cKfB0Rnz0Z0VbGeCoM.1685564127&client_id=BhJDeNVWPPH1UqTCQn9y5EJo&mode=login&scope=openid+email+profile&gig_skipConsent=true
Requested by: Host: beta-doterra.myvoffice.com
URL: https://beta-doterra.myvoffice.com/index.cfm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.239.92.6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-239-92-6.us-west-2.compute.amazonaws.com
Software: nginx/1.13.9 /
Resource Hash: 93a678c5d3f163f7d966709e9030350e034cee571b730e4cb4c3dfda2aadd92b

Request headers

Referer: https://beta-doterra.myvoffice.com/index.cfm
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-length: 3132
content-type: text/html
date: Wed, 31 May 2023 20:05:27 GMT
etag: "644aa405-c3c"
last-modified: Thu, 27 Apr 2023 16:34:13 GMT
server: nginx/1.13.9

Redirect headers

cache-control: private
content-length: 0
date: Wed, 31 May 2023 20:05:26 GMT
location: https://login.doterra.com/op-proxy?context=us1_tk1.wNyA0tIAbPHbdpV08EHb8_5n0cKfB0Rnz0Z0VbGeCoM.1685564127&client_id=BhJDeNVWPPH1UqTCQn9y5EJo&mode=login&scope=openid+email+profile&gig_skipConsent=true
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
x-callid: fcf73ddd5deb4c4cac65d53d5bf252a3
x-error-code: 0
x-robots-tag: none
x-server: us1d-nomad-t6
x-soa: true, Gator

GET
H2 200 analytics.js
www.google-analytics.com/ 51 KB
21 KB 129ms
38ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KKCSWT4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beta-doterra.myvoffice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 31 May 2023 19:04:54 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 3633
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Wed, 31 May 2023 21:04:54 GMT

GET
H2 200 js
www.googletagmanager.com/gtag/ 240 KB
82 KB 52ms
50ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XW71K6YFHT&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KKCSWT4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beta-doterra.myvoffice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 20:05:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84326
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 31 May 2023 20:05:27 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
261 B 54ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-XW71K6YFHT&gtm=45je35o0&_p=1044401460&cid=1162312248.1685563527&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1685563527&sct=1&seg=0&dl=https%3A%2F%2Fbeta-doterra.myvoffice.com%2Findex.cfm&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&ep.allowLinker=true&ep.cookieDomain=auto
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XW71K6YFHT&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beta-doterra.myvoffice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 May 2023 20:05:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://beta-doterra.myvoffice.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 48ms
18ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-JP5T5508JH&gtm=45je35o0&_p=1044401460&cid=1162312248.1685563527&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1685563527&sct=1&seg=0&dl=https%3A%2F%2Fbeta-doterra.myvoffice.com%2Findex.cfm&dt=&en=page_view&_fv=1&_ss=1&ep.allowLinker=true&ep.cookieDomain=auto
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XW71K6YFHT&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beta-doterra.myvoffice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 May 2023 20:05:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://beta-doterra.myvoffice.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect
www.google-analytics.com/j/ 4 B
216 B 46ms
45ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1044401460&t=pageview&_s=1&dl=https%3A%2F%2Fbeta-doterra.myvoffice.com%2Findex.cfm&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAAI~&jid=1908164500&gjid=834463883&cid=1162312248.1685563527&tid=UA-28403841-1&_gid=164791891.1685563527&_r=1&_slc=1&gtm=45He35o0n81KKCSWT4&z=612306481

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://beta-doterra.myvoffice.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 31 May 2023 20:05:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://beta-doterra.myvoffice.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect
www.google-analytics.com/j/ 3 B
70 B 45ms
45ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1044401460&t=pageview&_s=1&dl=https%3A%2F%2Fbeta-doterra.myvoffice.com%2Findex.cfm&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAAI~&jid=647298316&gjid=122465064&cid=1162312248.1685563527&tid=UA-28403841-10&_gid=164791891.1685563527&_r=1&_slc=1&gtm=45He35o0n81KKCSWT4&z=1710162613

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://beta-doterra.myvoffice.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 31 May 2023 20:05:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://beta-doterra.myvoffice.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect
stats.g.doubleclick.net/j/ 1 B
353 B 61ms
18ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-28403841-1&cid=1162312248.1685563527&jid=1908164500&gjid=834463883&_gid=164791891.1685563527&_u=YCDACEAABAAAACAAI~&z=353424554

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://beta-doterra.myvoffice.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 31 May 2023 20:05:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://beta-doterra.myvoffice.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gigya.js Show response
sdk.login.doterra.com/js/ 497 KB
164 KB 113ms
7ms Script
text/javascript 143.204.98.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.login.doterra.com/js/gigya.js?apikey=3_IeTHYO5iQqBz2VEw0sOh3dqMQj2cR1DamqynMcICUyquuiM8-63c7onnMkZyja7c
Requested by: Host: login.doterra.com
URL: https://login.doterra.com/op-proxy?context=us1_tk1.wNyA0tIAbPHbdpV08EHb8_5n0cKfB0Rnz0Z0VbGeCoM.1685564127&client_id=BhJDeNVWPPH1UqTCQn9y5EJo&mode=login&scope=openid+email+profile&gig_skipConsent=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-46.fra50.r.cloudfront.net
Software: /
Resource Hash: 9fdfc2f5f6b28d0a5cfa08a1da98b593fc0c10cdec4957320d9483430af5e15c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.doterra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 19:18:28 GMT
content-encoding: gzip
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-soa: true, Gator
x-amz-cf-pop: FRA50-C1
age: 2818
edge-cache-tag: siteid_7873911,ver_latest
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
edge-control: !no-store,max-age=1h
x-cache: Hit from cloudfront
x-error-code: 0
content-length: 166718
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-callid: a505cc24b322416ea90dd3dd10030053
cache-control: public, s-maxage=3600, max-age=900
x-server: us1d-nomad-t6
x-robots-tag: none
x-amz-cf-id: TiK0PUYzkeisZRVZiGjaPyzlzhVlhtIJkMbywbNPSXBjlcbQLXrOxQ==

GET
H2 200 adrum-21.7.0.3493.js Show response
cdn.appdynamics.com/adrum/ 103 KB
38 KB 75ms
8ms Script
application/javascript 143.204.98.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.appdynamics.com/adrum/adrum-21.7.0.3493.js
Requested by: Host: login.doterra.com
URL: https://login.doterra.com/op-proxy?context=us1_tk1.wNyA0tIAbPHbdpV08EHb8_5n0cKfB0Rnz0Z0VbGeCoM.1685564127&client_id=BhJDeNVWPPH1UqTCQn9y5EJo&mode=login&scope=openid+email+profile&gig_skipConsent=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-31.fra50.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: 802fe463fb2c5049f755d600c2add791806ba93cf67009d1f621119887e411d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.doterra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 13 May 2023 03:20:05 GMT
content-encoding: gzip
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 1615522
x-cache: Hit from cloudfront
last-modified: Wed, 21 Jul 2021 17:52:36 GMT
server: nginx/1.16.1
etag: W/"60f85ee4-19b76"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2678400, s-max-age=14400
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: WCNDkRNsAMIVKhzUzYqB1L1LJruLbG-rXXeO30jqlIxHFjLmFGEdbQ==

GET
H2 200 2.87d9b0cc.chunk.css
login.doterra.com/static/css/ 4 KB
4 KB 183ms
182ms Stylesheet
text/css 44.239.92.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.doterra.com/static/css/2.87d9b0cc.chunk.css
Requested by: Host: login.doterra.com
URL: https://login.doterra.com/op-proxy?context=us1_tk1.wNyA0tIAbPHbdpV08EHb8_5n0cKfB0Rnz0Z0VbGeCoM.1685564127&client_id=BhJDeNVWPPH1UqTCQn9y5EJo&mode=login&scope=openid+email+profile&gig_skipConsent=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.239.92.6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-239-92-6.us-west-2.compute.amazonaws.com
Software: nginx/1.13.9 /
Resource Hash: 2498b8344e8b3bfcbac6323e0b999a367d2b86adfb848a3a0b399508faefe097

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.doterra.com/op-proxy?context=us1_tk1.wNyA0tIAbPHbdpV08EHb8_5n0cKfB0Rnz0Z0VbGeCoM.1685564127&client_id=BhJDeNVWPPH1UqTCQn9y5EJo&mode=login&scope=openid+email+profile&gig_skipConsent=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 20:05:27 GMT
last-modified: Thu, 27 Apr 2023 16:34:13 GMT
server: nginx/1.13.9
accept-ranges: bytes
etag: "644aa405-f1d"
content-length: 3869
content-type: text/css

GET
H2 200 main.db28c196.chunk.css
login.doterra.com/static/css/ 29 KB
29 KB 184ms
183ms Stylesheet
text/css 44.239.92.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.doterra.com/static/css/main.db28c196.chunk.css
Requested by: Host: login.doterra.com
URL: https://login.doterra.com/op-proxy?context=us1_tk1.wNyA0tIAbPHbdpV08EHb8_5n0cKfB0Rnz0Z0VbGeCoM.1685564127&client_id=BhJDeNVWPPH1UqTCQn9y5EJo&mode=login&scope=openid+email+profile&gig_skipConsent=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.239.92.6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-239-92-6.us-west-2.compute.amazonaws.com
Software: nginx/1.13.9 /
Resource Hash: c072605f438fa31021670ee81ecb93f618a95daf5fa36b5b19b345cd97bc015c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.doterra.com/op-proxy?context=us1_tk1.wNyA0tIAbPHbdpV08EHb8_5n0cKfB0Rnz0Z0VbGeCoM.1685564127&client_id=BhJDeNVWPPH1UqTCQn9y5EJo&mode=login&scope=openid+email+profile&gig_skipConsent=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 20:05:27 GMT
last-modified: Thu, 27 Apr 2023 16:34:13 GMT
server: nginx/1.13.9
accept-ranges: bytes
etag: "644aa405-74cc"
content-length: 29900
content-type: text/css

GET
H2 200 2.213a449d.chunk.js Show response
login.doterra.com/static/js/ 2 MB
2 MB 360ms
359ms Script
application/javascript 44.239.92.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.doterra.com/static/js/2.213a449d.chunk.js
Requested by: Host: login.doterra.com
URL: https://login.doterra.com/op-proxy?context=us1_tk1.wNyA0tIAbPHbdpV08EHb8_5n0cKfB0Rnz0Z0VbGeCoM.1685564127&client_id=BhJDeNVWPPH1UqTCQn9y5EJo&mode=login&scope=openid+email+profile&gig_skipConsent=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.239.92.6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-239-92-6.us-west-2.compute.amazonaws.com
Software: nginx/1.13.9 /
Resource Hash: 7014a5733e7c1ff31953aa524e37ed8010b863e83a1bf56cc4265412cd8d0b82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.doterra.com/op-proxy?context=us1_tk1.wNyA0tIAbPHbdpV08EHb8_5n0cKfB0Rnz0Z0VbGeCoM.1685564127&client_id=BhJDeNVWPPH1UqTCQn9y5EJo&mode=login&scope=openid+email+profile&gig_skipConsent=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 20:05:27 GMT
last-modified: Thu, 27 Apr 2023 16:34:13 GMT
server: nginx/1.13.9
accept-ranges: bytes
etag: "644aa405-1c1abd"
content-length: 1841853
content-type: application/javascript

GET
H2 200 main.e04b2d52.chunk.js Show response
login.doterra.com/static/js/ 2 MB
2 MB 359ms
358ms Script
application/javascript 44.239.92.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.doterra.com/static/js/main.e04b2d52.chunk.js
Requested by: Host: login.doterra.com
URL: https://login.doterra.com/op-proxy?context=us1_tk1.wNyA0tIAbPHbdpV08EHb8_5n0cKfB0Rnz0Z0VbGeCoM.1685564127&client_id=BhJDeNVWPPH1UqTCQn9y5EJo&mode=login&scope=openid+email+profile&gig_skipConsent=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.239.92.6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-239-92-6.us-west-2.compute.amazonaws.com
Software: nginx/1.13.9 /
Resource Hash: f1958fb8d23774c01246c459eefd57962bf22026fd5f61b06c1a555539b2ed63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.doterra.com/op-proxy?context=us1_tk1.wNyA0tIAbPHbdpV08EHb8_5n0cKfB0Rnz0Z0VbGeCoM.1685564127&client_id=BhJDeNVWPPH1UqTCQn9y5EJo&mode=login&scope=openid+email+profile&gig_skipConsent=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 20:05:27 GMT
last-modified: Thu, 27 Apr 2023 16:34:13 GMT
server: nginx/1.13.9
accept-ranges: bytes
etag: "644aa405-18479c"
content-length: 1591196
content-type: application/javascript

GET
H2 200 sdk.config.get Show response
sdk.login.doterra.com/ 3 KB
2 KB 30ms
7ms Fetch
text/javascript 143.204.98.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.login.doterra.com/sdk.config.get?apiKey=3_IeTHYO5iQqBz2VEw0sOh3dqMQj2cR1DamqynMcICUyquuiM8-63c7onnMkZyja7c&httpStatusCodes=true
Requested by: Host: sdk.login.doterra.com
URL: https://sdk.login.doterra.com/js/gigya.js?apikey=3_IeTHYO5iQqBz2VEw0sOh3dqMQj2cR1DamqynMcICUyquuiM8-63c7onnMkZyja7c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-46.fra50.r.cloudfront.net
Software: /
Resource Hash: b178c0c21f9ebf10577522b92407819ab08c776b5e8cad6530a7d6366a7880d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.doterra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 20:03:30 GMT
content-encoding: gzip
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
x-soa: true, Gator
x-amz-cf-pop: FRA50-C1
age: 118
edge-cache-tag: siteid_7873911
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
edge-control: !no-store,max-age=1h
x-cache: Hit from cloudfront
x-error-code: 0
content-length: 1278
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-callid: d529a0d15c2741fb88a74b3e870c8b9f
cache-control: public, s-maxage=120, max-age=60
x-server: us1d-nomad-t10
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: V0H9EuNDzIKAG78mMCuLhrcAlT1sDRY0lj5YCGMYxE5XYhjfeeofJw==

GET
H2 200 Api.aspx Show response
sdk.login.doterra.com/gs/webSdk/ Frame 7EBA 121 KB
43 KB 11ms
11ms Document
text/html 143.204.98.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.login.doterra.com/gs/webSdk/Api.aspx?apiKey=3_IeTHYO5iQqBz2VEw0sOh3dqMQj2cR1DamqynMcICUyquuiM8-63c7onnMkZyja7c&version=latest&build=13905

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.7.0.3493.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-46.fra50.r.cloudfront.net

Software

Resource Hash

1df3f6a32fdec361838a66b238cbbecda490f6b5745d21841f261c92c9fbdb69

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://login.doterra.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2543
cache-control: public, s-maxage=3600, max-age=900
content-encoding: gzip
content-length: 43414
content-type: text/html; charset=utf-8
date: Wed, 31 May 2023 19:23:05 GMT
edge-cache-tag: siteid_7873911,ver_latest
edge-control: !no-store,max-age=1h
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-id: rHqGjm84cIZdDp8j-1nKf2Ywz27lfGaTzLXQoKLNmLMKNTWX0G--7A==
x-amz-cf-pop: FRA50-C1
x-cache: Hit from cloudfront
x-callid: 62601468f02842b5971a13439dbceb1c
x-error-code: 0
x-robots-tag: none
x-server: us1d-nomad-t5
x-soa: true, Gator

GET
H2 200 sdk.config.get Show response
sdk.login.doterra.com/ Frame 7EBA 3 KB
2 KB 8ms
8ms Fetch
text/javascript 143.204.98.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.login.doterra.com/sdk.config.get?apiKey=3_IeTHYO5iQqBz2VEw0sOh3dqMQj2cR1DamqynMcICUyquuiM8-63c7onnMkZyja7c&httpStatusCodes=true
Requested by: Host: sdk.login.doterra.com
URL: https://sdk.login.doterra.com/gs/webSdk/Api.aspx?apiKey=3_IeTHYO5iQqBz2VEw0sOh3dqMQj2cR1DamqynMcICUyquuiM8-63c7onnMkZyja7c&version=latest&build=13905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-46.fra50.r.cloudfront.net
Software: /
Resource Hash: b178c0c21f9ebf10577522b92407819ab08c776b5e8cad6530a7d6366a7880d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sdk.login.doterra.com/gs/webSdk/Api.aspx?apiKey=3_IeTHYO5iQqBz2VEw0sOh3dqMQj2cR1DamqynMcICUyquuiM8-63c7onnMkZyja7c&version=latest&build=13905
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 20:03:30 GMT
content-encoding: gzip
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-soa: true, Gator
x-amz-cf-pop: FRA50-C1
age: 118
edge-cache-tag: siteid_7873911
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
edge-control: !no-store,max-age=1h
x-cache: Hit from cloudfront
x-error-code: 0
content-length: 1278
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-callid: d529a0d15c2741fb88a74b3e870c8b9f
cache-control: public, s-maxage=120, max-age=60
x-server: us1d-nomad-t10
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: oqBNwi-Au9It6n7cO0RnBgahTkdFPwpLFDQCMXXvWVd7G3X3O9Sypw==

GET
H2 200 accounts.webSdkBootstrap Show response
sdk.login.doterra.com/ 199 B
1 KB 315ms
315ms XHR
text/javascript 143.204.98.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.login.doterra.com/accounts.webSdkBootstrap?apiKey=3_IeTHYO5iQqBz2VEw0sOh3dqMQj2cR1DamqynMcICUyquuiM8-63c7onnMkZyja7c&pageURL=https%3A%2F%2Flogin.doterra.com%2Fop-proxy%3Fcontext%3Dus1_tk1.wNyA0tIAbPHbdpV08EHb8_5n0cKfB0Rnz0Z0VbGeCoM.1685564127%26client_id%3DBhJDeNVWPPH1UqTCQn9y5EJo%26mode%3Dlogin%26scope%3Dopenid%2Bemail%2Bprofile%26gig_skipConsent%3Dtrue&sdk=js_latest&sdkBuild=13905&format=json
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.7.0.3493.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-46.fra50.r.cloudfront.net
Software: /
Resource Hash: 4daae0ae11c6436197e6068b9306d41d90483d9679ceee06a7001c9c9f5b3e31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.doterra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 20:05:27 GMT
content-encoding: gzip
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-soa: true, Gator
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
x-error-code: 0
content-length: 173
access-control-max-age: 86400
access-control-allow-methods: GET,PUT,DELETE,HEAD,OPTIONS,POST,PATCH
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://login.doterra.com
x-callid: 7283c8cb172c471d9bc83a59c29d7a00
cache-control: private
access-control-allow-credentials: true
x-server: us1d-nomad-t9
vary: Origin, Accept-Encoding
x-robots-tag: none
x-amz-cf-id: QL266LLnuIrAYUibTYvboZS--AtEVDAlASLRnATRdwLPDv_fK8aNRg==

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 269ms
47ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:100,200,300,400,600,700,800%7Csans-serif

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.7.0.3493.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.doterra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 31 May 2023 20:05:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 31 May 2023 20:05:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 May 2023 20:05:33 GMT

GET
H2 200 gigya.oidc.js
sdk.login.doterra.com/JS/ 20 KB
7 KB 294ms
293ms Script
text/javascript 143.204.98.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.login.doterra.com/JS/gigya.oidc.js?apiKey=3_IeTHYO5iQqBz2VEw0sOh3dqMQj2cR1DamqynMcICUyquuiM8-63c7onnMkZyja7c
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.7.0.3493.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-46.fra50.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.doterra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 20:05:32 GMT
content-encoding: gzip
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-soa: true, Gator
x-amz-cf-pop: FRA50-C1
edge-cache-tag: siteid_7873911,ver_latest
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
edge-control: !no-store,max-age=1h
x-cache: Miss from cloudfront
x-error-code: 0
content-length: 6496
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-callid: 6a1967aec3fc48ee9c41510c93453f31
cache-control: public, s-maxage=3600, max-age=900
x-server: us1d-nomad-t9
x-robots-tag: none
x-amz-cf-id: 3U19MPoYEUsWiVGm0xcsxEcbsl-oV24yGQkVT3zVIKoHp-rK3TjNcA==

GET
H2 200 logo.3a966673.svg
login.doterra.com/static/media/ 12 KB
12 KB 177ms
177ms Image
image/svg+xml 44.239.92.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.doterra.com/static/media/logo.3a966673.svg
Requested by: Host: login.doterra.com
URL: https://login.doterra.com/op-proxy?context=us1_tk1.wNyA0tIAbPHbdpV08EHb8_5n0cKfB0Rnz0Z0VbGeCoM.1685564127&client_id=BhJDeNVWPPH1UqTCQn9y5EJo&mode=login&scope=openid+email+profile&gig_skipConsent=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.239.92.6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-239-92-6.us-west-2.compute.amazonaws.com
Software: nginx/1.13.9 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.doterra.com/op-proxy?context=us1_tk1.wNyA0tIAbPHbdpV08EHb8_5n0cKfB0Rnz0Z0VbGeCoM.1685564127&client_id=BhJDeNVWPPH1UqTCQn9y5EJo&mode=login&scope=openid+email+profile&gig_skipConsent=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 20:05:32 GMT
last-modified: Thu, 27 Apr 2023 16:34:13 GMT
server: nginx/1.13.9
accept-ranges: bytes
etag: "644aa405-302d"
content-length: 12333
content-type: image/svg+xml

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v28/ 37 KB
0 125ms
39ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:100,200,300,400,600,700,800%7Csans-serif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://login.doterra.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 27 May 2023 18:18:02 GMT
x-content-type-options: nosniff
age: 352051
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46524
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 May 2024 18:18:02 GMT

GET
H2 200 Primary Request sign-in Show response
login.doterra.com/us/en-us/ 3 KB
3 KB 184ms
184ms Document
text/html 44.239.92.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.doterra.com/us/en-us/sign-in
Requested by: Host: sdk.login.doterra.com
URL: https://sdk.login.doterra.com/JS/gigya.oidc.js?apiKey=3_IeTHYO5iQqBz2VEw0sOh3dqMQj2cR1DamqynMcICUyquuiM8-63c7onnMkZyja7c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.239.92.6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-239-92-6.us-west-2.compute.amazonaws.com
Software: nginx/1.13.9 /
Resource Hash: 93a678c5d3f163f7d966709e9030350e034cee571b730e4cb4c3dfda2aadd92b

Request headers

Referer: https://login.doterra.com/op-proxy?context=us1_tk1.wNyA0tIAbPHbdpV08EHb8_5n0cKfB0Rnz0Z0VbGeCoM.1685564127&client_id=BhJDeNVWPPH1UqTCQn9y5EJo&mode=login&scope=openid+email+profile&gig_skipConsent=true
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-length: 3132
content-type: text/html
date: Wed, 31 May 2023 20:05:33 GMT
etag: "644aa405-c3c"
last-modified: Thu, 27 Apr 2023 16:34:13 GMT
server: nginx/1.13.9

GET
H2 200 gigya.js Show response
sdk.login.doterra.com/js/ 497 KB
163 KB 10ms
8ms Script
text/javascript 143.204.98.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.login.doterra.com/js/gigya.js?apikey=3_IeTHYO5iQqBz2VEw0sOh3dqMQj2cR1DamqynMcICUyquuiM8-63c7onnMkZyja7c
Requested by: Host: login.doterra.com
URL: https://login.doterra.com/us/en-us/sign-in
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-46.fra50.r.cloudfront.net
Software: /
Resource Hash: 9fdfc2f5f6b28d0a5cfa08a1da98b593fc0c10cdec4957320d9483430af5e15c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.doterra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 19:18:28 GMT
content-encoding: gzip
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-soa: true, Gator
x-amz-cf-pop: FRA50-C1
age: 2824
edge-cache-tag: siteid_7873911,ver_latest
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
edge-control: !no-store,max-age=1h
x-cache: Hit from cloudfront
x-error-code: 0
content-length: 166718
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-callid: a505cc24b322416ea90dd3dd10030053
cache-control: public, s-maxage=3600, max-age=900
x-server: us1d-nomad-t6
x-robots-tag: none
x-amz-cf-id: l9EATZQOmJ06QMDEr-L0PBfdc6UTtej6tPOkbXvH3no2buBAWV4KrQ==

GET
H2 200 adrum-21.7.0.3493.js Show response
cdn.appdynamics.com/adrum/ 103 KB
38 KB 11ms
9ms Script
application/javascript 143.204.98.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.appdynamics.com/adrum/adrum-21.7.0.3493.js
Requested by: Host: login.doterra.com
URL: https://login.doterra.com/us/en-us/sign-in
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-31.fra50.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: 802fe463fb2c5049f755d600c2add791806ba93cf67009d1f621119887e411d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.doterra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 13 May 2023 03:20:05 GMT
content-encoding: gzip
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 1615528
x-cache: Hit from cloudfront
last-modified: Wed, 21 Jul 2021 17:52:36 GMT
server: nginx/1.16.1
etag: W/"60f85ee4-19b76"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2678400, s-max-age=14400
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 8b4Vc7_dnnJdRuuTEN2OpdrT8G9oWD9Li7G6cpI6zXtzBUMx2lqKyQ==

GET
H2 200 2.87d9b0cc.chunk.css
login.doterra.com/static/css/ 4 KB
4 KB 184ms
182ms Stylesheet
text/css 44.239.92.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.doterra.com/static/css/2.87d9b0cc.chunk.css
Requested by: Host: login.doterra.com
URL: https://login.doterra.com/us/en-us/sign-in
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.239.92.6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-239-92-6.us-west-2.compute.amazonaws.com
Software: nginx/1.13.9 /
Resource Hash: 2498b8344e8b3bfcbac6323e0b999a367d2b86adfb848a3a0b399508faefe097

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.doterra.com/us/en-us/sign-in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 20:05:33 GMT
last-modified: Thu, 27 Apr 2023 16:34:13 GMT
server: nginx/1.13.9
accept-ranges: bytes
etag: "644aa405-f1d"
content-length: 3869
content-type: text/css

GET
H2 200 main.db28c196.chunk.css
login.doterra.com/static/css/ 29 KB
29 KB 185ms
183ms Stylesheet
text/css 44.239.92.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.doterra.com/static/css/main.db28c196.chunk.css
Requested by: Host: login.doterra.com
URL: https://login.doterra.com/us/en-us/sign-in
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.239.92.6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-239-92-6.us-west-2.compute.amazonaws.com
Software: nginx/1.13.9 /
Resource Hash: c072605f438fa31021670ee81ecb93f618a95daf5fa36b5b19b345cd97bc015c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.doterra.com/us/en-us/sign-in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 20:05:33 GMT
last-modified: Thu, 27 Apr 2023 16:34:13 GMT
server: nginx/1.13.9
accept-ranges: bytes
etag: "644aa405-74cc"
content-length: 29900
content-type: text/css

GET
H2 200 2.213a449d.chunk.js Show response
login.doterra.com/static/js/ 2 MB
2 MB 185ms
184ms Script
application/javascript 44.239.92.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.doterra.com/static/js/2.213a449d.chunk.js
Requested by: Host: login.doterra.com
URL: https://login.doterra.com/us/en-us/sign-in
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.239.92.6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-239-92-6.us-west-2.compute.amazonaws.com
Software: nginx/1.13.9 /
Resource Hash: 7014a5733e7c1ff31953aa524e37ed8010b863e83a1bf56cc4265412cd8d0b82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.doterra.com/us/en-us/sign-in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 20:05:33 GMT
last-modified: Thu, 27 Apr 2023 16:34:13 GMT
server: nginx/1.13.9
accept-ranges: bytes
etag: "644aa405-1c1abd"
content-length: 1841853
content-type: application/javascript

GET
H2 200 main.e04b2d52.chunk.js Show response
login.doterra.com/static/js/ 2 MB
2 MB 186ms
184ms Script
application/javascript 44.239.92.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.doterra.com/static/js/main.e04b2d52.chunk.js
Requested by: Host: login.doterra.com
URL: https://login.doterra.com/us/en-us/sign-in
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.239.92.6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-239-92-6.us-west-2.compute.amazonaws.com
Software: nginx/1.13.9 /
Resource Hash: f1958fb8d23774c01246c459eefd57962bf22026fd5f61b06c1a555539b2ed63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.doterra.com/us/en-us/sign-in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 20:05:33 GMT
last-modified: Thu, 27 Apr 2023 16:34:13 GMT
server: nginx/1.13.9
accept-ranges: bytes
etag: "644aa405-18479c"
content-length: 1591196
content-type: application/javascript

GET
H2 200 sdk.config.get Show response
sdk.login.doterra.com/ 3 KB
2 KB 9ms
9ms Fetch
text/javascript 143.204.98.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.login.doterra.com/sdk.config.get?apiKey=3_IeTHYO5iQqBz2VEw0sOh3dqMQj2cR1DamqynMcICUyquuiM8-63c7onnMkZyja7c&httpStatusCodes=true
Requested by: Host: sdk.login.doterra.com
URL: https://sdk.login.doterra.com/js/gigya.js?apikey=3_IeTHYO5iQqBz2VEw0sOh3dqMQj2cR1DamqynMcICUyquuiM8-63c7onnMkZyja7c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-46.fra50.r.cloudfront.net
Software: /
Resource Hash: 05e33bcc5d5d40901cee6316c90af55825967ef874e66f48593b62c54444b5a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.doterra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 20:05:30 GMT
content-encoding: gzip
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
x-soa: true, Gator
x-amz-cf-pop: FRA50-C1
age: 3
edge-cache-tag: siteid_7873911
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
edge-control: !no-store,max-age=1h
x-cache: Hit from cloudfront
x-error-code: 0
content-length: 1278
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-callid: 44247db069034d1a82b59396ab3f5d33
cache-control: public, s-maxage=120, max-age=60
x-server: us1d-nomad-t18
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: dvaQIv-I3GL2Uji4oMMbCh7kXy3AWe2LrBp2zzASldt-55Dq9pSVxA==

GET
H2 200 Api.aspx Show response
sdk.login.doterra.com/gs/webSdk/ Frame 8197 121 KB
43 KB 12ms
12ms Document
text/html 143.204.98.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.login.doterra.com/gs/webSdk/Api.aspx?apiKey=3_IeTHYO5iQqBz2VEw0sOh3dqMQj2cR1DamqynMcICUyquuiM8-63c7onnMkZyja7c&version=latest&build=13905

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.7.0.3493.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-46.fra50.r.cloudfront.net

Software

Resource Hash

1df3f6a32fdec361838a66b238cbbecda490f6b5745d21841f261c92c9fbdb69

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://login.doterra.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2549
cache-control: public, s-maxage=3600, max-age=900
content-encoding: gzip
content-length: 43414
content-type: text/html; charset=utf-8
date: Wed, 31 May 2023 19:23:05 GMT
edge-cache-tag: siteid_7873911,ver_latest
edge-control: !no-store,max-age=1h
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-id: ev4YQJHPbFW_WaqaDmHHVpMmpU0Plhi14p0wZAZjawRXXLYH0qViuA==
x-amz-cf-pop: FRA50-C1
x-cache: Hit from cloudfront
x-callid: 62601468f02842b5971a13439dbceb1c
x-error-code: 0
x-robots-tag: none
x-server: us1d-nomad-t5
x-soa: true, Gator

GET
H2 200 sdk.config.get Show response
sdk.login.doterra.com/ Frame 8197 3 KB
2 KB 10ms
9ms Fetch
text/javascript 143.204.98.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.login.doterra.com/sdk.config.get?apiKey=3_IeTHYO5iQqBz2VEw0sOh3dqMQj2cR1DamqynMcICUyquuiM8-63c7onnMkZyja7c&httpStatusCodes=true
Requested by: Host: sdk.login.doterra.com
URL: https://sdk.login.doterra.com/gs/webSdk/Api.aspx?apiKey=3_IeTHYO5iQqBz2VEw0sOh3dqMQj2cR1DamqynMcICUyquuiM8-63c7onnMkZyja7c&version=latest&build=13905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-46.fra50.r.cloudfront.net
Software: /
Resource Hash: 05e33bcc5d5d40901cee6316c90af55825967ef874e66f48593b62c54444b5a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sdk.login.doterra.com/gs/webSdk/Api.aspx?apiKey=3_IeTHYO5iQqBz2VEw0sOh3dqMQj2cR1DamqynMcICUyquuiM8-63c7onnMkZyja7c&version=latest&build=13905
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 20:05:30 GMT
content-encoding: gzip
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-soa: true, Gator
x-amz-cf-pop: FRA50-C1
age: 4
edge-cache-tag: siteid_7873911
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
edge-control: !no-store,max-age=1h
x-cache: Hit from cloudfront
x-error-code: 0
content-length: 1278
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-callid: 44247db069034d1a82b59396ab3f5d33
cache-control: public, s-maxage=120, max-age=60
x-server: us1d-nomad-t18
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: dQnmFc9Kiv0VWJ9wpbBKKwP0_nttugWNkqorhSOFjxPmkOAFwcDSbw==

GET
H2 200 css
fonts.googleapis.com/ 11 KB
797 B 50ms
49ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:100,200,300,400,600,700,800%7Csans-serif

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.7.0.3493.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3eb68ff9f7902b48385ba27cf4d38d2bef505e290116860d27420e53626e0d55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.doterra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 31 May 2023 20:05:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 31 May 2023 20:05:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 May 2023 20:05:38 GMT

GET
H2 200 notice Show response
consent.trustarc.com/ 16 KB
6 KB 48ms
10ms Script
text/javascript 13.225.78.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/notice?domain=doterra-cm1.com&c=teconsent&noticeType=bb&js=nj&text=true&language=en-us&gtm=1

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.7.0.3493.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-57.fra2.r.cloudfront.net

Software

Resource Hash

a2f5214552045686e9a28604107a5e164ee70e437cb9cda1bc59a8d5127b2d08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://login.doterra.com/
Origin: https://login.doterra.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 20:04:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 62
x-cache: Hit from cloudfront
cloudfront-viewer-country: DE
content-length: 6000
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=3600
cloudfront-viewer-country-region: HE
timing-allow-origin: *
x-amz-cf-id: a_0gcedsiZ5REERU_5eZ62i_a3wAw6qYntKmWDTVfWDL97kX71rrGw==
expires: Wed, 31 May 2023 21:04:36 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 213 KB
75 KB 48ms
47ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PHX657

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.7.0.3493.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

95d5f31245011f4bc0ddc1bb4d319308c1e0e07c7d9fcb796d6d4186ce5b89e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.doterra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 20:05:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76640
x-xss-protection: 0
last-modified: Wed, 31 May 2023 18:30:10 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 31 May 2023 20:05:38 GMT

GET
H3 200 ns.html Show response
www.googletagmanager.com/ Frame B6A3 268 B
114 B 51ms
49ms Document
text/html 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/ns.html?id=GTM-PHX657

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.7.0.3493.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d818a014761cd9516d1b3e296946e960d91f4c917bf42a808e67323a8b062da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://login.doterra.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
content-encoding: br
content-length: 92
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 20:05:38 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
vary: *
x-xss-protection: 0

GET
H2 200 logo.3a966673.svg
login.doterra.com/static/media/ 12 KB
12 KB 187ms
186ms Image
image/svg+xml 44.239.92.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.doterra.com/static/media/logo.3a966673.svg
Requested by: Host: login.doterra.com
URL: https://login.doterra.com/us/en-us/sign-in
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.239.92.6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-239-92-6.us-west-2.compute.amazonaws.com
Software: nginx/1.13.9 /
Resource Hash: da298619609610ffc1ea0a37f6cb56bb48123da37a8d5fd211463eea72fb1c32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.doterra.com/us/en-us/sign-in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 20:05:38 GMT
last-modified: Thu, 27 Apr 2023 16:34:13 GMT
server: nginx/1.13.9
accept-ranges: bytes
etag: "644aa405-302d"
content-length: 12333
content-type: image/svg+xml

GET
H2 200 logo-mobile.c2b7d3fc.svg
login.doterra.com/static/media/ 2 KB
2 KB 186ms
186ms Image
image/svg+xml 44.239.92.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.doterra.com/static/media/logo-mobile.c2b7d3fc.svg
Requested by: Host: login.doterra.com
URL: https://login.doterra.com/us/en-us/sign-in
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.239.92.6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-239-92-6.us-west-2.compute.amazonaws.com
Software: nginx/1.13.9 /
Resource Hash: ac1dbec7b37a039390412e39114b98ddff8512e132341556e3187b9a62fdafb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.doterra.com/us/en-us/sign-in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 20:05:38 GMT
last-modified: Thu, 27 Apr 2023 16:34:13 GMT
server: nginx/1.13.9
accept-ranges: bytes
etag: "644aa405-800"
content-length: 2048
content-type: image/svg+xml

GET
H2 200 doterra-o.3c5feeb0.png
login.doterra.com/static/media/ 15 KB
15 KB 188ms
187ms Image
image/png 44.239.92.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.doterra.com/static/media/doterra-o.3c5feeb0.png
Requested by: Host: login.doterra.com
URL: https://login.doterra.com/us/en-us/sign-in
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.239.92.6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-239-92-6.us-west-2.compute.amazonaws.com
Software: nginx/1.13.9 /
Resource Hash: ec6aedbe6a587050caf967e1d2c68de829a4ac7829c33b8afa2c2307e2e15e89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.doterra.com/us/en-us/sign-in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 20:05:38 GMT
last-modified: Thu, 27 Apr 2023 16:34:13 GMT
server: nginx/1.13.9
accept-ranges: bytes
etag: "644aa405-3d16"
content-length: 15638
content-type: image/png

GET
H2 200 banner-image-resized.f0ba27af.jpg
login.doterra.com/static/media/ 169 KB
169 KB 188ms
188ms Image
image/jpeg 44.239.92.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.doterra.com/static/media/banner-image-resized.f0ba27af.jpg
Requested by: Host: login.doterra.com
URL: https://login.doterra.com/static/css/main.db28c196.chunk.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.239.92.6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-239-92-6.us-west-2.compute.amazonaws.com
Software: nginx/1.13.9 /
Resource Hash: b66f8e1dd568200ac60ebaf6b3a37891a98a57efa69f179a95da6eea208ee975

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.doterra.com/static/css/main.db28c196.chunk.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 20:05:38 GMT
last-modified: Thu, 27 Apr 2023 16:34:13 GMT
server: nginx/1.13.9
accept-ranges: bytes
etag: "644aa405-2a279"
content-length: 172665
content-type: image/jpeg

GET
H2 200 checked.a24c97c3.svg
login.doterra.com/static/media/ 856 B
1011 B 353ms
353ms Image
image/svg+xml 44.239.92.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.doterra.com/static/media/checked.a24c97c3.svg
Requested by: Host: login.doterra.com
URL: https://login.doterra.com/static/css/main.db28c196.chunk.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.239.92.6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-239-92-6.us-west-2.compute.amazonaws.com
Software: nginx/1.13.9 /
Resource Hash: f0fd1af7da3c52992df6b4bf3bc4b3cb49bfb00c430bec7f8af6df21b5609b53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.doterra.com/static/css/main.db28c196.chunk.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 20:05:38 GMT
last-modified: Thu, 27 Apr 2023 16:34:13 GMT
server: nginx/1.13.9
accept-ranges: bytes
etag: "644aa405-358"
content-length: 856
content-type: image/svg+xml

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v28/ 45 KB
46 KB 39ms
38ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:100,200,300,400,600,700,800%7Csans-serif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://login.doterra.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 27 May 2023 18:18:02 GMT
x-content-type-options: nosniff
age: 352056
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46524
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 May 2024 18:18:02 GMT

GET
H2 200 1Ptug8zYS_SKggPNyCMIT5lu.woff2
fonts.gstatic.com/s/raleway/v28/ 30 KB
30 KB 40ms
40ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyCMIT5lu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:100,200,300,400,600,700,800%7Csans-serif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab47b8f50fe4195819b4af2ac0fffb2b3543502e11282d492d6cd73c124845cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://login.doterra.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 26 May 2023 04:32:40 GMT
x-content-type-options: nosniff
age: 487978
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30448
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 20:08:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 May 2024 04:32:40 GMT

GET
H2 200 get Show response
consent.trustarc.com/ Frame 480D 7 KB
2 KB 32ms
8ms Document
text/html 13.225.78.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/get?name=crossdomain.html&domain=doterra-cm1.com

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.7.0.3493.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-57.fra2.r.cloudfront.net

Software

Resource Hash

7fe7d9054d31a9874fb36aba6a3736c02799bdaab5fed3e007ff334bc4580732

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://login.doterra.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1855
cache-control: max-age=2592000
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Wed, 31 May 2023 19:34:43 GMT
expires: Fri, 30 Jun 2023 19:34:43 GMT
pragma: public
strict-transport-security: max-age=31536000; includeSubDomains
timing-allow-origin: *
vary: Origin
via: 1.1 d9bf8acc1da383db4531789bbb03ac06.cloudfront.net (CloudFront)
x-amz-cf-id: HyRUDxmZ8LVc2Q0nMkzWnhhnuKftkIMR8euJ2hwY6D6jIYm-_c5olQ==
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront

GET
H2 200 v1.7-164 Show response
consent.trustarc.com/asset/notice.js/v/ 78 KB
24 KB 12ms
12ms Script
text/javascript 13.225.78.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/asset/notice.js/v/v1.7-164

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.7.0.3493.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-57.fra2.r.cloudfront.net

Software

Resource Hash

fcd86e8b75ae82f035ff1f28433dacab9d367f838f707e4482e2f542c0037096

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://login.doterra.com/
Origin: https://login.doterra.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 19:09:24 GMT
content-encoding: gzip
via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA2-C2
age: 3374
x-cache: Hit from cloudfront
pragma: public
last-modified: Mon, 17 Apr 2023 03:19:03 GMT
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: juRzAaFqJRuQRCi3_fRMMAevkn-JqKhtP-LgfD7u0WUvOkQi8a_Qeg==
expires: Fri, 30 Jun 2023 19:09:24 GMT

GET
H2 200 log
consent.trustarc.com/ 43 B
428 B 65ms
42ms Image
image/gif 13.225.78.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/log?domain=doterra-cm1.com&country=de&state=&behavior=implied&session=513601f8-49b4-4b53-80c8-4056b11c6041&userType=NEW&c=343d

Requested by

Host: login.doterra.com
URL: https://login.doterra.com/us/en-us/sign-in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-57.fra2.r.cloudfront.net

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.doterra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 May 2023 20:05:38 GMT
via: 1.1 d9bf8acc1da383db4531789bbb03ac06.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA2-C2
vary: Origin
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
x-amz-cf-id: jsOXsouLGfmMrBCgvNs2u1FfIG2urNWFOpFLGs-zZdal_p1yNCDSQA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 notice Show response
consent.trustarc.com/ 17 KB
6 KB 9ms
8ms Script
text/javascript 13.225.78.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/notice?domain=doterra-cm1.com&country=de&js=nj2&c=teconsent&noticeType=bb&text=true&language=en-us&gtm=1

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.7.0.3493.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-57.fra2.r.cloudfront.net

Software

Resource Hash

3a10893c8f2da059ef85135fc8580044346d9053be468613946e556bdbc4b565

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://login.doterra.com/
Origin: https://login.doterra.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 20:04:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 62
x-cache: Hit from cloudfront
cloudfront-viewer-country: DE
content-length: 5097
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=3600
cloudfront-viewer-country-region: HE
timing-allow-origin: *
x-amz-cf-id: PrEZko_LNyXZu2GFbpeDWLvDx7iz3dMkLg-o-cUGEOtMEtyLK48WQA==
expires: Wed, 31 May 2023 21:04:36 GMT

GET
H2 200 get
consent.trustarc.com/ 174 KB
70 KB 9ms
8ms Font
application/octet-stream 13.225.78.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/get?name=Raleway-Regular.ttf

Requested by

Host: login.doterra.com
URL: https://login.doterra.com/us/en-us/sign-in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-57.fra2.r.cloudfront.net

Software

Resource Hash

20e4ae409ffbe8bfd2af14d7f717398408ae8b481005beccb83d62ef4052b681

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://login.doterra.com/
Origin: https://login.doterra.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: public
date: Wed, 31 May 2023 19:19:00 GMT
content-encoding: gzip
via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA2-C2
age: 2798
x-cache: Hit from cloudfront
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: d8ba4L6-oijrXpizGir1lJW20hc3uPxAE3mpUXOOAP_5bIMZppIj5w==
expires: Fri, 30 Jun 2023 19:19:00 GMT

GET
H2 200 get
consent.trustarc.com/ 175 KB
71 KB 11ms
11ms Font
application/octet-stream 13.225.78.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/get?name=Raleway-Bold.ttf

Requested by

Host: login.doterra.com
URL: https://login.doterra.com/us/en-us/sign-in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-57.fra2.r.cloudfront.net

Software

Resource Hash

ca9de8b3be7ccd4b80774a9c7dd56a98c49c276771c5957729b5958d1d579112

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://login.doterra.com/
Origin: https://login.doterra.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: public
date: Wed, 31 May 2023 19:41:48 GMT
content-encoding: gzip
via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA2-C2
age: 1430
x-cache: Hit from cloudfront
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: s8Ea1-d3nBrM1oEPSznJJl2H7BL8lrsRFpaULJE6d5F2IY2C_EHPRA==
expires: Fri, 30 Jun 2023 19:41:48 GMT

GET
H2 200 bannermsg
consent.trustarc.com/ 43 B
428 B 40ms
40ms Image
image/gif 13.225.78.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/bannermsg?action=views&domain=doterra-cm1.com&behavior=implied&country=de&language=en&rand=0.3519153756532656&session=513601f8-49b4-4b53-80c8-4056b11c6041&userType=NEW

Requested by

Host: login.doterra.com
URL: https://login.doterra.com/us/en-us/sign-in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-57.fra2.r.cloudfront.net

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.doterra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 May 2023 20:05:38 GMT
via: 1.1 d9bf8acc1da383db4531789bbb03ac06.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA2-C2
vary: Origin
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
x-amz-cf-id: t1rLf8uXsoZXBHzTcdullDOAQ5kvWbixFXM5EoJce8CNhYDgCOCR8A==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 adrum-ext.59191791453ae6311081a09b4cf33c2d.js Show response
cdn.appdynamics.com/ 51 KB
20 KB 9ms
9ms Script
application/javascript 143.204.98.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.appdynamics.com/adrum-ext.59191791453ae6311081a09b4cf33c2d.js
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.7.0.3493.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-31.fra50.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: e490994ad61a64454e06354b4c74756269548b48e8bd476b35762d713ccb8c86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.doterra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 10 May 2023 17:16:15 GMT
content-encoding: gzip
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 1824563
x-cache: Hit from cloudfront
last-modified: Wed, 21 Jul 2021 17:52:36 GMT
server: nginx/1.16.1
etag: W/"60f85ee4-ccbc"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2678400, s-max-age=14400
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ZqV6hJGn2ugW91dzm2dXX8we9C3DDSNJSP0IXxYgZ72mLKiQmT0QTw==

POST
H2 200 adrum Show response
pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABZ-ZVB/ 0
730 B 575ms
179ms XHR
text/html 44.241.10.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABZ-ZVB/adrum

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum-ext.59191791453ae6311081a09b4cf33c2d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.241.10.12 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-241-10-12.us-west-2.compute.amazonaws.com

Software

envoy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://login.doterra.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 31 May 2023 20:05:41 GMT
x-content-type-options: nosniff
server: envoy
vary: *
content-type: text/html
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
x-envoy-upstream-service-time: 0
access-control-allow-headers: origin, content-type, accept
expires: 0

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.myvoffice.com/	1970-01-20 20:57:02	Name: visid_incap_660965 Value: CYKcoz8qTvebfZ6Hpg1eDIaod2QAAAAAQUIPAAAAAABsLYyb5lV2j6JKOmU1bRa2
.myvoffice.com/	1969-12-31 23:59:59	Name: incap_ses_8219_660965 Value: vu6lHDFUmgg+f3uELsIPcoaod2QAAAAAto/F1Xt95pd1JKT02xQMXg==
beta-doterra.myvoffice.com/	1969-12-31 23:59:59	Name: SKIN Value: default
beta-doterra.myvoffice.com/	1969-12-31 23:59:59	Name: LANGUAGE Value: en_dot
beta-doterra.myvoffice.com/	1969-12-31 23:59:59	Name: NEWCONFIG Value: 0
beta-doterra.myvoffice.com/	1970-01-20 12:12:50	Name: IACTSESSION Value: 1
.myvoffice.com/	1970-01-20 21:48:43	Name: _ga_XW71K6YFHT Value: GS1.1.1685563527.1.0.1685563527.0.0.0
.myvoffice.com/	1970-01-20 21:48:43	Name: _ga_JP5T5508JH Value: GS1.1.1685563527.1.0.1685563527.0.0.0
.myvoffice.com/	1970-01-20 21:48:43	Name: _ga Value: GA1.2.1162312248.1685563527
.myvoffice.com/	1970-01-20 12:14:09	Name: _gid Value: GA1.2.164791891.1685563527
.myvoffice.com/	1970-01-20 12:12:43	Name: _gat_UA-28403841-1 Value: 1
.beta-doterra.myvoffice.com/	1970-01-20 21:48:43	Name: _ga Value: GA1.3.1162312248.1685563527
.beta-doterra.myvoffice.com/	1970-01-20 12:14:09	Name: _gid Value: GA1.3.164791891.1685563527
.beta-doterra.myvoffice.com/	1970-01-20 12:12:43	Name: _gat_UA-28403841-10 Value: 1
.login.doterra.com/	1969-12-31 23:59:59	Name: gig_canary Value: false
.login.doterra.com/	1969-12-31 23:59:59	Name: gig_canary_ver Value: 13905-3-28092675
.sdk.login.doterra.com/	1970-01-20 20:58:19	Name: gmid Value: gmid.ver4.AcbHPSM4ig.HgXMl9eRjkvDcabmJX9J5W09B_l6LYW9eYLm4DwJ4Yh9zGso1W8PW9aZwZ4Tor0I.vGytB6Vyl3knyXF65LXpuGXietqcrbgzyGentEa2iZ99aTvdPbxNJU_UKIk7IixnDa7K94OASWGlxNhpTxKxtw.sc3
.sdk.login.doterra.com/	1970-01-20 20:58:19	Name: ucid Value: Jvr_QIAQopbfwgCBQkjjWQ
.sdk.login.doterra.com/	1970-01-20 16:36:18	Name: hasGmid Value: ver4
.login.doterra.com/	1970-01-20 20:58:19	Name: gig_bootstrap_3_IeTHYO5iQqBz2VEw0sOh3dqMQj2cR1DamqynMcICUyquuiM8-63c7onnMkZyja7c Value: sdk_ver4
.doterra.com/	1970-01-20 12:15:36	Name: doterra_login_region Value: us
.doterra.com/	1970-01-20 12:15:36	Name: doterra_login_language Value: en-us
.login.doterra.com/	1970-01-20 12:12:45	Name: TAsessionID Value: 513601f8-49b4-4b53-80c8-4056b11c6041\|NEW
.login.doterra.com/	1969-12-31 23:59:59	Name: notice_behavior Value: implied,eu

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beta-doterra.myvoffice.com
cdn.appdynamics.com
consent.trustarc.com
fidm.us1.gigya.com
fonts.googleapis.com
fonts.gstatic.com
login.doterra.com
pdx-col.eum-appdynamics.com
region1.google-analytics.com
sdk.login.doterra.com
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
13.225.78.57
143.204.98.31
143.204.98.46
2001:4860:4802:32::36
2a00:1450:4001:802::2008
2a00:1450:4001:828::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:831::200a
2a00:1450:400c:c00::9d
44.239.92.6
44.241.10.12
45.60.243.189
54.88.149.194
05e33bcc5d5d40901cee6316c90af55825967ef874e66f48593b62c54444b5a9
1df3f6a32fdec361838a66b238cbbecda490f6b5745d21841f261c92c9fbdb69
20e4ae409ffbe8bfd2af14d7f717398408ae8b481005beccb83d62ef4052b681
2498b8344e8b3bfcbac6323e0b999a367d2b86adfb848a3a0b399508faefe097
3a10893c8f2da059ef85135fc8580044346d9053be468613946e556bdbc4b565
3eb68ff9f7902b48385ba27cf4d38d2bef505e290116860d27420e53626e0d55
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
4daae0ae11c6436197e6068b9306d41d90483d9679ceee06a7001c9c9f5b3e31
7014a5733e7c1ff31953aa524e37ed8010b863e83a1bf56cc4265412cd8d0b82
7fe7d9054d31a9874fb36aba6a3736c02799bdaab5fed3e007ff334bc4580732
802fe463fb2c5049f755d600c2add791806ba93cf67009d1f621119887e411d7
93a678c5d3f163f7d966709e9030350e034cee571b730e4cb4c3dfda2aadd92b
95d5f31245011f4bc0ddc1bb4d319308c1e0e07c7d9fcb796d6d4186ce5b89e5
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9fdfc2f5f6b28d0a5cfa08a1da98b593fc0c10cdec4957320d9483430af5e15c
a2f5214552045686e9a28604107a5e164ee70e437cb9cda1bc59a8d5127b2d08
ab47b8f50fe4195819b4af2ac0fffb2b3543502e11282d492d6cd73c124845cf
ac1dbec7b37a039390412e39114b98ddff8512e132341556e3187b9a62fdafb1
b178c0c21f9ebf10577522b92407819ab08c776b5e8cad6530a7d6366a7880d8
b66f8e1dd568200ac60ebaf6b3a37891a98a57efa69f179a95da6eea208ee975
c072605f438fa31021670ee81ecb93f618a95daf5fa36b5b19b345cd97bc015c
ca9de8b3be7ccd4b80774a9c7dd56a98c49c276771c5957729b5958d1d579112
d818a014761cd9516d1b3e296946e960d91f4c917bf42a808e67323a8b062da8
da298619609610ffc1ea0a37f6cb56bb48123da37a8d5fd211463eea72fb1c32
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e490994ad61a64454e06354b4c74756269548b48e8bd476b35762d713ccb8c86
ec6aedbe6a587050caf967e1d2c68de829a4ac7829c33b8afa2c2307e2e15e89
f0fd1af7da3c52992df6b4bf3bc4b3cb49bfb00c430bec7f8af6df21b5609b53
f1958fb8d23774c01246c459eefd57962bf22026fd5f61b06c1a555539b2ed63
fcd86e8b75ae82f035ff1f28433dacab9d367f838f707e4482e2f542c0037096

login.doterra.com Open in urlscan Pro 44.239.92.6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

54 Requests

100 %HTTPS

46 %IPv6

11 Domains

13 Subdomains

12 IPs

3 Countries

8016 kBTransfer

9768 kBSize

24 Cookies

5 Outgoing links

Page URL History

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

login.doterra.com Open in urlscan Pro
44.239.92.6 Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

100 %
HTTPS

46 %
IPv6

11
Domains

13
Subdomains

12
IPs

3
Countries

8016 kB
Transfer

9768 kB
Size

24
Cookies

54 HTTP transactions
0 data transactions