urlscan.io logo urlscan.io
SecurityTrails logo

www.doterra.com Open in urlscan Pro
45.60.14.13  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.doterra.com/
Effective URL: https://www.doterra.com/US/en
Submission: On April 03 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 2 countries across 9 domains to perform 66 HTTP transactions. The main IP is 45.60.14.13, located in United States and belongs to INCAPSULA, US. The main domain is www.doterra.com. The Cisco Umbrella rank of the primary domain is 234720.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on February 28th 2024. Valid for: a year.
This is the only time www.doterra.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

32    45.60.14.13 (United States)

ASN19551 (INCAPSULA, US)
www.doterra.com
9    52.92.207.113 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-w.amazonaws.com
doterra-prod-media1.s3.amazonaws.com
2    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    65.9.95.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-26.prg50.r.cloudfront.net
media.doterra.com
1    216.58.212.132 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f132.1e100.net
www.google.com
2    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    13.225.78.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-57.fra2.r.cloudfront.net
consent.trustarc.com
1    52.39.114.163 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-39-114-163.us-west-2.compute.amazonaws.com
mydoterra.queue-it.net
2    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    13.225.78.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-53.fra2.r.cloudfront.net
consent.trustarc.com
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
37 doterra.com
www.doterra.com — Cisco Umbrella Rank: 234720
media.doterra.com — Cisco Umbrella Rank: 408041
2 MB
9 amazonaws.com
doterra-prod-media1.s3.amazonaws.com — Cisco Umbrella Rank: 395273
799 KB
7 trustarc.com
consent.trustarc.com — Cisco Umbrella Rank: 3150
391 KB
5 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2709
www.google-analytics.com — Cisco Umbrella Rank: 35
21 KB
3 gstatic.com
fonts.gstatic.com
www.gstatic.com
278 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 43
205 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 38
2 KB
1 queue-it.net
mydoterra.queue-it.net — Cisco Umbrella Rank: 433247
925 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
879 B
66 9
Domain Requested by
32 www.doterra.com 1 redirects www.doterra.com
9 doterra-prod-media1.s3.amazonaws.com www.doterra.com
7 consent.trustarc.com www.doterra.com
consent.trustarc.com
5 media.doterra.com www.doterra.com
3 region1.google-analytics.com www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 fonts.gstatic.com fonts.googleapis.com
2 www.googletagmanager.com www.doterra.com
www.googletagmanager.com
2 fonts.googleapis.com www.doterra.com
1 www.gstatic.com www.google.com
1 mydoterra.queue-it.net www.doterra.com
1 www.google.com www.doterra.com
66 12
Subject Issuer Validity Valid
*.doterra.com
Go Daddy Secure Certificate Authority - G2		 2024-02-28 -
2025-03-31		 a year crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-07-03		 9 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.trustarc.com
Amazon RSA 2048 M02		 2024-03-16 -
2025-04-14		 a year crt.sh
*.queue-it.net
Amazon RSA 2048 M03		 2023-12-21 -
2025-01-19		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.doterra.com/US/en
Frame ID: CDC29A9B437D28BDBC97748D4BEF8658
Requests: 65 HTTP requests in this frame

Frame: https://consent.trustarc.com/get?name=crossdomain.html&domain=doterra-cm1.com
Frame ID: D1FC631F094FD1E9498A94867D564257
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Essential Oils Pure and Natural | doTERRA Essential Oils

Page URL History Show full URLs

  1. http://www.doterra.com/ HTTP 307
    https://www.doterra.com/ HTTP 302
    https://www.doterra.com/US/en Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+/(?:sys_master|hybr|_ui/(?:.*responsive/)?(?:desktop|common(?:/images|/img|/css|ico)?))/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • consent\.trustarc\.com
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

66
Requests

100 %
HTTPS

46 %
IPv6

9
Domains

12
Subdomains

13
IPs

2
Countries

3807 kB
Transfer

15389 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.doterra.com/ HTTP 307
    https://www.doterra.com/ HTTP 302
    https://www.doterra.com/US/en Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

66 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request en
www.doterra.com/US/
Redirect Chain
  • http://www.doterra.com/
  • https://www.doterra.com/
  • https://www.doterra.com/US/en
320 KB
323 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.doterra.com/US/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
eaece34a4b5aa2e189a33e1e0ddc1737c7e0cd22f40a6ba4e43388cf9b6e766c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache no-store
content-language
en-US
content-type
text/html;charset=UTF-8
date
Wed, 03 Apr 2024 15:11:46 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
strict-transport-security
max-age=31536000 ; includeSubDomains
x-cdn
Imperva
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-iinfo
9-8006133-7889336 pNNN RT(1712157106160 266) q(0 0 0 -1) r(2 2) U12
x-xss-protection
1; mode=block

Redirect headers

content-length
0
location
/US/en
server
BigIP
x-cdn
Imperva
x-iinfo
9-8006133-7889336 pNNN RT(1712157106160 45) q(0 0 0 3) r(1 1) U11
slick-theme_1.8.1-alt.min.css
www.doterra.com/_ui/desktop/common/css/ 		2 KB
943 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.doterra.com/_ui/desktop/common/css/slick-theme_1.8.1-alt.min.css?1506504
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
528eb4900ccdd06e15447187e3b5e68f6563f7e4e4941cba627859b107441224

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.doterra.com/US/en
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 15:11:46 GMT
content-encoding
gzip
last-modified
Wed, 27 Mar 2024 17:16:37 GMT
x-cdn
Imperva
etag
W/"2408-1711559797000"
content-type
text/css;charset=UTF-8
x-iinfo
9-8006133-0 0CNN RT(1712157106160 536) q(0 -1 -1 -1) r(0 -1)
content-length
800
bootstrap-3-styles.css
www.doterra.com/_ui/desktop/common/css/ 		3 MB
340 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.doterra.com/_ui/desktop/common/css/bootstrap-3-styles.css?1506504
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
29a820cfa2261826927a13a527a1edfb6653533c234589158d3b427eb3c3de30
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.doterra.com/US/en
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 15:11:46 GMT
content-encoding
gzip
last-modified
Wed, 27 Mar 2024 17:20:15 GMT
x-cdn
Imperva
etag
W/"3415418-1711560015000"
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
x-iinfo
9-8006133-7696440 pNNy RT(1712157106160 539) q(0 1 1 -1) r(2 2) U9
accept-ranges
bytes
logo.svg
www.doterra.com/_ui/desktop/common/images/wqa/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.doterra.com/_ui/desktop/common/images/wqa/logo.svg
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
da298619609610ffc1ea0a37f6cb56bb48123da37a8d5fd211463eea72fb1c32
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.doterra.com/US/en
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Wed, 03 Apr 2024 15:11:46 GMT
last-modified
Wed, 27 Mar 2024 17:16:37 GMT
x-cdn
Imperva
etag
W/"12333-1711559797000"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml;charset=UTF-8
x-iinfo
9-8006133-8006233 nNNY RT(1712157106160 719) q(0 0 0 -1) r(0 2) U2
cache-control
public,max-age=54321
accept-ranges
bytes
content-length
12333
expires
Thu, 01 Jan 1970 00:00:54 GMT
logo-small.svg
www.doterra.com/_ui/desktop/common/images/wqa/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.doterra.com/_ui/desktop/common/images/wqa/logo-small.svg
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
ac1dbec7b37a039390412e39114b98ddff8512e132341556e3187b9a62fdafb1

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.doterra.com/US/en
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 15:11:46 GMT
content-encoding
gzip
last-modified
Wed, 27 Mar 2024 17:16:37 GMT
x-cdn
Imperva
etag
W/"2048-1711559797000"
content-type
image/svg+xml;charset=UTF-8
x-iinfo
9-8006133-0 0CNN RT(1712157106160 721) q(0 -1 -1 -1) r(0 -1)
content-length
1040
700x509-april-metapwr-advantage-pomegranate-cherry-homepage.jpg
doterra-prod-media1.s3.amazonaws.com/sys-master/images/ha1/hba/30260010024990/ 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doterra-prod-media1.s3.amazonaws.com/sys-master/images/ha1/hba/30260010024990/700x509-april-metapwr-advantage-pomegranate-cherry-homepage.jpg
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.92.207.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
22cc5e115f87c4a8f05a5699ae201ac89c734e96a123c8115602edfe58513b9b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.doterra.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 03 Apr 2024 15:11:48 GMT
x-amz-version-id
njs_3aKz2rYe.nLxJ9_UYLgK8EBDbHiR
Last-Modified
Wed, 27 Mar 2024 20:06:14 GMT
Server
AmazonS3
x-amz-request-id
RG6CYV6E0089FDTJ
ETag
"9a4011ef7679aca7ea08d753ff78450d"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Cache-Control
public,max-age=31536000
x-amz-replication-status
COMPLETED
Accept-Ranges
bytes
Content-Length
58600
x-amz-id-2
LFsjwpZ8X9G0a5x5hY9ko/esf+t1G9/UFGgnR8Ki+37sD9NE5CBjlVX6/qRpDIYxK9AnBgG+9tw=
1600x733-april-metapwr-advantage-pomegranate-cherry-homepage.jpg
doterra-prod-media1.s3.amazonaws.com/sys-master/images/h63/hbb/30260010090526/ 		113 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doterra-prod-media1.s3.amazonaws.com/sys-master/images/h63/hbb/30260010090526/1600x733-april-metapwr-advantage-pomegranate-cherry-homepage.jpg
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.92.207.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
ee4442cd02731bb7bb4f0f827df72662587557a205333751a6a5105d72d1e1e3

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.doterra.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 03 Apr 2024 15:11:49 GMT
x-amz-version-id
kckcciKbP2jh4yJTSHk0tEyrZ02opaPH
Last-Modified
Wed, 27 Mar 2024 20:06:56 GMT
Server
AmazonS3
x-amz-request-id
4WF1MC0TH8DY6983
ETag
"0f6735373f485344afa4251d15b5253a"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Cache-Control
public,max-age=31536000
x-amz-replication-status
COMPLETED
Accept-Ranges
bytes
Content-Length
115712
x-amz-id-2
V4sSFSoafTI62LtgXMDJoYfGA8YNhVUWfYqJY/x7L8LNEdI0jWV3mQ5pHiNSs++oyVuD1uuUrWo=
700x509-april-natural-home-edit.jpg
doterra-prod-media1.s3.amazonaws.com/sys-master/images/h61/hbe/30260010156062/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doterra-prod-media1.s3.amazonaws.com/sys-master/images/h61/hbe/30260010156062/700x509-april-natural-home-edit.jpg
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.92.207.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
fe6e681b1ab520ab428adb845669db459354430973fe1944b84dba3ed907d90c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.doterra.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 03 Apr 2024 15:11:49 GMT
x-amz-version-id
8eBI536X8X.ONK.rC2QdsJp79RyR.DLt
Last-Modified
Wed, 27 Mar 2024 20:08:12 GMT
Server
AmazonS3
x-amz-request-id
4WFFZA75BTJ64DRH
ETag
"13ad3105a47c32e843ad997e2770e7c1"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Cache-Control
public,max-age=31536000
x-amz-replication-status
COMPLETED
Accept-Ranges
bytes
Content-Length
66362
x-amz-id-2
um83U6t/T4SqFLEFwlP6U8Mew3R35pRujgkS/A4QofNSJzRJLjnhXQYK2ZR8ddxwCAXQTQUKY5M=
700x509-april-using-your-oils.jpg
doterra-prod-media1.s3.amazonaws.com/sys-master/images/h72/hc1/30260010221598/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doterra-prod-media1.s3.amazonaws.com/sys-master/images/h72/hc1/30260010221598/700x509-april-using-your-oils.jpg
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.92.207.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
9e284abf396072e9d4cad67b177028af666d5b113b7acf17e944db166241b643

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.doterra.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 03 Apr 2024 15:11:49 GMT
x-amz-version-id
XC0cSF3S_hf5uRdukQo_80brHAKhA54U
Last-Modified
Wed, 27 Mar 2024 20:10:45 GMT
Server
AmazonS3
x-amz-request-id
4WF0KNPRJ08CQ0AF
ETag
"e2d524e654f2cb0d513fb85fd7893218"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Cache-Control
public,max-age=31536000
x-amz-replication-status
COMPLETED
Accept-Ranges
bytes
Content-Length
76305
x-amz-id-2
mxTV1vlj12mXWqCGRiht7YvmO+vHll43mS6YuoF5zrWdZZMhnpT1tyv1redVKQj0EuhDIereVAw=
css
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:300,400,600,700,800,900&display=swap
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/_ui/desktop/common/css/bootstrap-3-styles.css?1506504
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a52fc88c7aeced0171dc8e0edefb1dce07a41e1e95498a52b1f6e68e4f1dbaff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.doterra.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 03 Apr 2024 15:11:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 03 Apr 2024 15:11:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 03 Apr 2024 15:11:47 GMT
css
fonts.googleapis.com/ 		9 KB
719 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:300,400,600,700,900&display=swap
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/_ui/desktop/common/css/bootstrap-3-styles.css?1506504
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5b23ee534d7c1d1586664848f2fe0ecdbccea3664b292177c2dd7ebbacd847d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.doterra.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 03 Apr 2024 15:11:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 03 Apr 2024 15:11:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 03 Apr 2024 15:11:47 GMT
700x509-april-diffusing-spring.jpg
doterra-prod-media1.s3.amazonaws.com/sys-master/images/h20/hc2/30260010287134/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doterra-prod-media1.s3.amazonaws.com/sys-master/images/h20/hc2/30260010287134/700x509-april-diffusing-spring.jpg
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.92.207.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
878d3c1c2eab0f26cfe98cc787ba35642005424f7330c90c4ee580ca148c5a60

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.doterra.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 03 Apr 2024 15:11:49 GMT
x-amz-version-id
LQs3CYw.qn3aJV.GjDtIm6bwqH_46YLZ
Last-Modified
Wed, 27 Mar 2024 20:12:24 GMT
Server
AmazonS3
x-amz-request-id
4WF9X9WC8CDQHCXP
ETag
"6b81b2adbd077f33bfa70738e001da91"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Cache-Control
public,max-age=31536000
x-amz-replication-status
COMPLETED
Accept-Ranges
bytes
Content-Length
67483
x-amz-id-2
MxMhNFA3XNS2jcjbhrC7tGNYlqVkKrbh1NUQGJRyojZqz4lEBV7KCPfx8AvHFr28Bw1Da2ZrkGk=
ylang-ylang-sourcing.jpg
media.doterra.com/us/en/images/homepage/april/ 		221 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.doterra.com/us/en/images/homepage/april/ylang-ylang-sourcing.jpg
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-26.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
52027474c2a78ddeeb60a66236977fc355cbf460c846777da0c01d785667685c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.doterra.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 06:00:24 GMT
via
1.1 f3303a5632dc925c26253530523fa328.cloudfront.net (CloudFront)
last-modified
Wed, 27 Mar 2024 20:03:40 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
33084
x-amz-server-side-encryption
AES256
x-amz-meta-origin-date-iso8601
2024-03-27T20:01:32.830Z
etag
"f88adbaf39692b55dc1c88d0be197138"
content-type
image/jpeg
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
226247
x-amz-cf-id
qyDsSSbPTobAAmPDyUjrf-WmAyhH3dNnUVtnYoyfSUWVKhLVMfhuuw==
700x509-april-ylang-ylang-sourcing.jpg
doterra-prod-media1.s3.amazonaws.com/sys-master/images/hff/hce/30260010614814/ 		133 KB
133 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doterra-prod-media1.s3.amazonaws.com/sys-master/images/hff/hce/30260010614814/700x509-april-ylang-ylang-sourcing.jpg
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.92.207.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
5775c49031257ee24f95b153b9a3fab3c83baabbfe0889013cdebbf8af485919

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.doterra.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 03 Apr 2024 15:11:49 GMT
x-amz-version-id
DCinCCY2jlRcSqE5_7DZLrDfhi4pg0dE
Last-Modified
Wed, 27 Mar 2024 20:18:55 GMT
Server
AmazonS3
x-amz-request-id
4WF9X8BFKM8CCZWA
ETag
"87a4a8fd373faa451ae3bc6d4557c4b8"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Cache-Control
public,max-age=31536000
x-amz-replication-status
COMPLETED
Accept-Ranges
bytes
Content-Length
135801
x-amz-id-2
6I+dzZnVTniYS1leuch9RynDFKIw2AETQ0I0Xwo7qRlaeWkGD5UdEZatbc9mmkot4jbWKVtLXaA=
ecomm-header-webui.js
www.doterra.com/_ui/desktop/common/dist/ 		1 MB
286 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.doterra.com/_ui/desktop/common/dist/ecomm-header-webui.js?1506504
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
b6398b981d0e494d14c6af7deeda911bc2866b69a96815fae6aa7a43a3bbc9ee

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.doterra.com/US/en
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 15:11:47 GMT
content-encoding
gzip
last-modified
Wed, 27 Mar 2024 17:19:50 GMT
x-cdn
Imperva
etag
W/"1213563-1711559990000"
content-type
application/javascript;charset=UTF-8
x-iinfo
9-8006133-0 0CNN RT(1712157106160 995) q(0 -1 -1 -1) r(0 -1)
content-length
292608
plugins.js
www.doterra.com/_ui/desktop/common/dist/ 		521 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.doterra.com/_ui/desktop/common/dist/plugins.js?1506504
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
0493f6ef799f42eecd98a07cb6462cc264d46e793159ef4c539eaaf6a528badb

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.doterra.com/US/en
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 15:11:47 GMT
content-encoding
gzip
last-modified
Wed, 27 Mar 2024 17:19:49 GMT
x-cdn
Imperva
etag
W/"533322-1711559989000"
content-type
application/javascript;charset=UTF-8
x-iinfo
9-8006133-0 0CNN RT(1712157106160 999) q(0 -1 -1 -1) r(0 -1)
content-length
151634
webApplicationInjector.js
www.doterra.com/_ui/addons/smarteditaddon/shared/common/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.doterra.com/_ui/addons/smarteditaddon/shared/common/js/webApplicationInjector.js?1506504
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
1bd2de019bf3aae2c5075117ddd86594b82b2f1e81cefc25eebde0d0e72c378f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.doterra.com/US/en
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 15:11:47 GMT
content-encoding
gzip
last-modified
Wed, 27 Mar 2024 17:33:23 GMT
x-cdn
Imperva
etag
W/"7649-1711560803000"
content-type
application/javascript;charset=UTF-8
x-iinfo
9-8006133-0 0CNN RT(1712157106160 1026) q(0 -1 -1 -1) r(0 -1)
content-length
3052
reprocessPage.js
www.doterra.com/_ui/addons/smarteditaddon/shared/common/js/ 		703 B
488 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.doterra.com/_ui/addons/smarteditaddon/shared/common/js/reprocessPage.js?1506504
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
6a8b4abd7859dc24b02b18c670fee2bbd58bb58d8737b09d3d8576a2d52b4e7a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.doterra.com/US/en
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 15:11:47 GMT
content-encoding
gzip
last-modified
Wed, 03 May 2023 01:07:18 GMT
x-cdn
Imperva
etag
W/"703-1683076038000"
content-type
application/javascript;charset=UTF-8
x-iinfo
9-8006133-0 0CNN RT(1712157106160 1028) q(0 -1 -1 -1) r(0 -1)
content-length
366
adjustComponentRenderingToSE.js
www.doterra.com/_ui/addons/smarteditaddon/shared/common/js/ 		2 KB
946 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.doterra.com/_ui/addons/smarteditaddon/shared/common/js/adjustComponentRenderingToSE.js?1506504
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
d2765f5561cf42391e2322a8a3c6d54483907de0905b8e050fc8efdce92b6261

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.doterra.com/US/en
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 15:11:47 GMT
content-encoding
gzip
last-modified
Wed, 03 May 2023 01:07:18 GMT
x-cdn
Imperva
etag
W/"1915-1683076038000"
content-type
application/javascript;charset=UTF-8
x-iinfo
9-8006133-0 0CNN RT(1712157106160 1029) q(0 -1 -1 -1) r(0 -1)
content-length
847
custom.js
www.doterra.com/_ui/desktop/common/dist/ 		67 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.doterra.com/_ui/desktop/common/dist/custom.js?1506504
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
976cff801e9006b44e44d4f62f0cb97d820e82cbfa7710378ffa258b8e9af8f7

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.doterra.com/US/en
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 15:11:47 GMT
content-encoding
gzip
last-modified
Wed, 27 Mar 2024 17:19:49 GMT
x-cdn
Imperva
etag
W/"68144-1711559989000"
content-type
application/javascript;charset=UTF-8
x-iinfo
9-8006133-0 0CNN RT(1712157106160 1030) q(0 -1 -1 -1) r(0 -1)
content-length
15241
sharebuttons.js
www.doterra.com/_ui/desktop/common/js/custom/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.doterra.com/_ui/desktop/common/js/custom/sharebuttons.js?1506504
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
1fd2538a8e53dddd545d7bb1644c8e8b85822858c7582bb6118e77487bc0f4ab

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.doterra.com/US/en
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 15:11:47 GMT
content-encoding
gzip
last-modified
Wed, 27 Mar 2024 17:16:37 GMT
x-cdn
Imperva
etag
W/"10965-1711559797000"
content-type
application/javascript;charset=UTF-8
x-iinfo
9-8006133-0 0CNN RT(1712157106160 1005) q(0 -1 -1 -1) r(0 -1)
content-length
3258
field-mask.js
www.doterra.com/_ui/desktop/common/js/custom/ 		3 KB
714 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.doterra.com/_ui/desktop/common/js/custom/field-mask.js?1506504
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
d8d492e9940ea13f04fd72121c1bcc1daf6db4b23c3e86fafd220d78633c9061

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.doterra.com/US/en
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 15:11:47 GMT
content-encoding
gzip
last-modified
Fri, 22 Mar 2024 18:06:00 GMT
x-cdn
Imperva
etag
W/"3009-1711130760000"
content-type
application/javascript;charset=UTF-8
x-iinfo
9-8006133-0 0CNN RT(1712157106160 1008) q(0 -1 -1 -1) r(0 -1)
content-length
591
global.js
www.doterra.com/_ui/desktop/common/js/custom/ 		239 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.doterra.com/_ui/desktop/common/js/custom/global.js?1506504
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
55c576d7377e313c92040ab4a1ede6290c99eaa56140fe14e77646cb9acddaea
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.doterra.com/US/en
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 15:11:47 GMT
content-encoding
gzip
last-modified
Wed, 27 Mar 2024 17:16:37 GMT
x-cdn
Imperva
etag
W/"244278-1711559797000"
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=UTF-8
x-iinfo
9-8006133-7889336 pNNN RT(1712157106160 1010) q(0 0 0 -1) r(2 2) U9
accept-ranges
bytes
minicart.js
www.doterra.com/_ui/desktop/common/js/custom/ 		27 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.doterra.com/_ui/desktop/common/js/custom/minicart.js?1506504
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
d4e079f680e9a715eb69c3280260d3e938d3f7bb150e18f921be3759509b210c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.doterra.com/US/en
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 15:11:47 GMT
content-encoding
gzip
last-modified
Wed, 27 Mar 2024 17:16:37 GMT
x-cdn
Imperva
etag
W/"27989-1711559797000"
content-type
application/javascript;charset=UTF-8
x-iinfo
9-8006133-0 0CNN RT(1712157106160 1011) q(0 -1 -1 -1) r(0 -1)
content-length
6287
lrp-datepicker.js
www.doterra.com/_ui/desktop/common/js/custom/ 		26 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.doterra.com/_ui/desktop/common/js/custom/lrp-datepicker.js?1506504
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
a7ec241818f4cb3600703ef8f0d998ab39cdc7bb748ac50202acec4057d08cc6

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.doterra.com/US/en
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 15:11:47 GMT
content-encoding
gzip
last-modified
Wed, 27 Mar 2024 17:16:37 GMT
x-cdn
Imperva
etag
W/"26384-1711559797000"
content-type
application/javascript;charset=UTF-8
x-iinfo
9-8006133-0 0CNN RT(1712157106160 1013) q(0 -1 -1 -1) r(0 -1)
content-length
4308
wishlist.js
www.doterra.com/_ui/desktop/common/js/custom/ 		15 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.doterra.com/_ui/desktop/common/js/custom/wishlist.js?1506504
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
a51fabd4d6463a9c46784bfde384e90a771f420e511db43b985239bc40786d0b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.doterra.com/US/en
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 15:11:47 GMT
content-encoding
gzip
last-modified
Wed, 27 Mar 2024 17:16:37 GMT
x-cdn
Imperva
etag
W/"15002-1711559797000"
content-type
application/javascript;charset=UTF-8
x-iinfo
9-8006133-0 0CNN RT(1712157106160 1014) q(0 -1 -1 -1) r(0 -1)
content-length
3347
gtm.js
www.doterra.com/_ui/desktop/common/js/custom/ 		770 B
345 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.doterra.com/_ui/desktop/common/js/custom/gtm.js?1506504
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
4af65930458f430fb4db74f90a9e2242e326d2b80fbf9d1386b6c426a661ffe2

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.doterra.com/US/en
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 15:11:47 GMT
content-encoding
gzip
last-modified
Wed, 27 Mar 2024 17:16:37 GMT
x-cdn
Imperva
etag
W/"770-1711559797000"
content-type
application/javascript;charset=UTF-8
x-iinfo
9-8006133-0 0CNN RT(1712157106160 1016) q(0 -1 -1 -1) r(0 -1)
content-length
247
api.js
www.google.com/recaptcha/ 		1 KB
879 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f132.1e100.net
Software
GSE /
Resource Hash
40ac8a55c599f0528a72f6acb3e56402532766517c476d236c72fb1bd233206c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.doterra.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 15:11:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Wed, 03 Apr 2024 15:11:47 GMT
doterraFormValidation.js
www.doterra.com/_ui/desktop/common/js/custom/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.doterra.com/_ui/desktop/common/js/custom/doterraFormValidation.js?1506504
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
1293064ef09cefcc669468aa5b44c867b8d8a6ac2705d90c3add7c38e46d055e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.doterra.com/US/en
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 15:11:47 GMT
content-encoding
gzip
last-modified
Wed, 27 Mar 2024 17:16:37 GMT
x-cdn
Imperva
etag
W/"14728-1711559797000"
content-type
application/javascript;charset=UTF-8
x-iinfo
9-8006133-0 0CNN RT(1712157106160 1018) q(0 -1 -1 -1) r(0 -1)
content-length
3949
carousel.js
www.doterra.com/_ui/desktop/common/js/custom/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.doterra.com/_ui/desktop/common/js/custom/carousel.js?1506504
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e1077ba0a38815e87900fe96f1fdf972a2a06d27c6e36dcefe004053e47d610e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.doterra.com/US/en
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 15:11:47 GMT
content-encoding
gzip
last-modified
Fri, 22 Mar 2024 18:06:00 GMT
x-cdn
Imperva
etag
W/"8569-1711130760000"
content-type
application/javascript;charset=UTF-8
x-iinfo
9-8006133-0 0CNN RT(1712157106160 1024) q(0 -1 -1 -1) r(0 -1)
content-length
2378
gtm.js
www.googletagmanager.com/ 		350 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PHX657
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1361e529a669a11f280bb41f7e812bd115f686f887e63d1a46413b8b57198d99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.doterra.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 15:11:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
112263
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 03 Apr 2024 15:11:47 GMT
notice
consent.trustarc.com/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/notice?domain=doterra-cm1.com&c=teconsent&noticeType=bb&js=nj&text=true&gtm=1&language=en_US
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-57.fra2.r.cloudfront.net
Software
/
Resource Hash
6da003223b108e092b65bc1749a03d3518da4f406f640964d4d95edc4317f1b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.doterra.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 15:11:47 GMT
content-encoding
gzip
via
1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA2-C2
vary
Accept-Encoding, Origin
x-cache
Miss from cloudfront
content-type
text/javascript; charset=UTF-8
cache-control
max-age=3600
x-amz-cf-id
efKNJq0k0n88RpaqngyyssqXJtba-3U3Syx8o3akJS-EDqhVdBZhLg==
1712157107509
mydoterra.queue-it.net/javascriptqueue/mydoterra/hybbogofeb2019/ 		391 B
925 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mydoterra.queue-it.net/javascriptqueue/mydoterra/hybbogofeb2019/1712157107509?t=https%3A%2F%2Fwww.doterra.com%2FUS%2Fen&ver=js2.0.20
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.39.114.163 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-39-114-163.us-west-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
7b080590cade1f2a4cabfe2da8d2ba264ec87dbd0729d77a289178e0c8644092

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.doterra.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 03 Apr 2024 15:11:48 GMT
server
Kestrel
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
content-type
application/javascript
cache-control
no-store, no-cache
x-robots-tag
noindex
content-length
391
help-circle.svg
www.doterra.com/_ui/desktop/common/images/icons/ 		1 KB
668 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.doterra.com/_ui/desktop/common/images/icons/help-circle.svg
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/_ui/desktop/common/css/bootstrap-3-styles.css?1506504
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
00897f66b9703ed53dac29f0e5d2f60166419f1ba3240ed47573c56807e81964

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.doterra.com/_ui/desktop/common/css/bootstrap-3-styles.css?1506504
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 15:11:47 GMT
content-encoding
gzip
last-modified
Wed, 27 Mar 2024 17:16:37 GMT
x-cdn
Imperva
etag
W/"1072-1711559797000"
content-type
image/svg+xml;charset=UTF-8
x-iinfo
9-8006133-0 0CNN RT(1712157106160 1031) q(0 -1 -1 -1) r(0 -1)
content-length
569
my-account.svg
www.doterra.com/_ui/desktop/common/images/icons/ 		684 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.doterra.com/_ui/desktop/common/images/icons/my-account.svg
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/_ui/desktop/common/css/bootstrap-3-styles.css?1506504
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
2652b59eec1508044e94d8905534cde507894a9364d634d980ffe3af8101c107

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.doterra.com/_ui/desktop/common/css/bootstrap-3-styles.css?1506504
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 15:11:47 GMT
content-encoding
gzip
last-modified
Wed, 27 Mar 2024 17:16:37 GMT
x-cdn
Imperva
etag
W/"684-1711559797000"
content-type
image/svg+xml;charset=UTF-8
x-iinfo
9-8006133-0 0CNN RT(1712157106160 1032) q(0 -1 -1 -1) r(0 -1)
content-length
367
bag.svg
www.doterra.com/_ui/desktop/common/images/icons/ 		412 B
386 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.doterra.com/_ui/desktop/common/images/icons/bag.svg
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/_ui/desktop/common/css/bootstrap-3-styles.css?1506504
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
957a339b456d0dcc51a91b002d20abcb7f0843e9893496d0747c13148e7e7050

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.doterra.com/_ui/desktop/common/css/bootstrap-3-styles.css?1506504
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 15:11:47 GMT
content-encoding
gzip
last-modified
Wed, 27 Mar 2024 17:16:37 GMT
x-cdn
Imperva
etag
W/"412-1711559797000"
content-type
image/svg+xml;charset=UTF-8
x-iinfo
9-8006133-0 0CNN RT(1712157106160 1034) q(0 -1 -1 -1) r(0 -1)
content-length
288
natural-home-edit.jpg
media.doterra.com/us/en/images/homepage/april/ 		205 KB
206 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.doterra.com/us/en/images/homepage/april/natural-home-edit.jpg
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-26.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
19ac34edfee1c41a4f88f01d0f14db426de9ab2dbe0917f3b59d03fcb20c2b6e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.doterra.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 06:00:49 GMT
via
1.1 f3303a5632dc925c26253530523fa328.cloudfront.net (CloudFront)
last-modified
Wed, 27 Mar 2024 20:03:40 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
33059
x-amz-server-side-encryption
AES256
x-amz-meta-origin-date-iso8601
2024-03-27T19:56:20.736Z
etag
"04bf994b46b2fe9669049d8467588a6c"
content-type
image/jpeg
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
210378
x-amz-cf-id
4tgDib_opRNx1edfRfd0uZOiW813qK5Xof6DeAjkkER20LW7WGQGZQ==
using-your-products.jpg
media.doterra.com/us/en/images/homepage/april/ 		199 KB
199 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.doterra.com/us/en/images/homepage/april/using-your-products.jpg
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-26.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
24227981e7f08d28561dc44c0ea6065ddb531f87b5cd8890958e6be387f0502e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.doterra.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 06:00:50 GMT
via
1.1 f3303a5632dc925c26253530523fa328.cloudfront.net (CloudFront)
last-modified
Wed, 27 Mar 2024 20:03:40 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
33058
x-amz-server-side-encryption
AES256
x-amz-meta-origin-date-iso8601
2024-03-27T19:57:22.089Z
etag
"ff9d73aad6bb0ebd2ad43ced4913c017"
content-type
image/jpeg
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
203508
x-amz-cf-id
42l_Nd8Dx52CUsNp24bNED3iSLXvY1dyrWePws1nR-pi4f75PgEHZQ==
diffusing-spring.jpg
media.doterra.com/us/en/images/homepage/april/ 		188 KB
189 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.doterra.com/us/en/images/homepage/april/diffusing-spring.jpg
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-26.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
df3c989a3a59551153d5deee6b48259400d96388e1d3b5bd349bb6fcc82034c4

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.doterra.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 06:00:50 GMT
via
1.1 f3303a5632dc925c26253530523fa328.cloudfront.net (CloudFront)
last-modified
Wed, 27 Mar 2024 20:03:40 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
33058
x-amz-server-side-encryption
AES256
x-amz-meta-origin-date-iso8601
2024-03-27T19:57:06.309Z
etag
"9e9c24208733d0372b20c9a0fce878fc"
content-type
image/jpeg
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
193021
x-amz-cf-id
5A1TTcsXgwgLkb9rMst9shTEhzB2uKb6wAkHtt6zCNSRn67j9OggsA==
icon-chevron-thin-down-blue-dark.svg
www.doterra.com/_ui/desktop/common/images/wqa/icons/ 		1 KB
746 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.doterra.com/_ui/desktop/common/images/wqa/icons/icon-chevron-thin-down-blue-dark.svg
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/_ui/desktop/common/css/bootstrap-3-styles.css?1506504
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
73e336238f841bb74b2f18ff731ca9e0b35f8432d39f5800c03beba526c18c07

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.doterra.com/_ui/desktop/common/css/bootstrap-3-styles.css?1506504
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 15:11:47 GMT
content-encoding
gzip
last-modified
Fri, 22 Mar 2024 18:06:00 GMT
x-cdn
Imperva
etag
W/"1269-1711130760000"
content-type
image/svg+xml;charset=UTF-8
x-iinfo
9-8006133-0 0CNN RT(1712157106160 1035) q(0 -1 -1 -1) r(0 -1)
content-length
634
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v29/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:300,400,600,700,800,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://www.doterra.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 10:42:03 GMT
x-content-type-options
nosniff
age
361784
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48208
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Mar 2025 10:42:03 GMT
1Ptug8zYS_SKggPNyCMIT5lu.woff2
fonts.gstatic.com/s/raleway/v29/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyCMIT5lu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:300,400,600,700,800,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4db78ee993480c1714e1d5c9284d95988deda4844a546e83f2dd7846144d5632
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://www.doterra.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 00:08:08 GMT
x-content-type-options
nosniff
age
399819
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30744
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:01:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Mar 2025 00:08:08 GMT
700x361-metapwr-recharge-feature-march.jpg
doterra-prod-media1.s3.amazonaws.com/sys-master/images/h2a/h47/30179415130142/ 		144 KB
144 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doterra-prod-media1.s3.amazonaws.com/sys-master/images/h2a/h47/30179415130142/700x361-metapwr-recharge-feature-march.jpg
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.92.207.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
44268a8a5ff4200fc56b7954ac9e87ca3bb5f0967bc13d139253d83f81fcdf0c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.doterra.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 03 Apr 2024 15:11:49 GMT
x-amz-version-id
LuxjKlOdMfY5A9Qat5RBnekpPXQ6fCxH
Last-Modified
Wed, 28 Feb 2024 17:04:37 GMT
Server
AmazonS3
x-amz-request-id
4WF26GG28RHE6519
ETag
"8fdbe6bdf329f67e25f9faf5f87303a0"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Cache-Control
public,max-age=31536000
x-amz-replication-status
COMPLETED
Accept-Ranges
bytes
Content-Length
147347
x-amz-id-2
L1IfLG9BKGzMDs4xHIJBMnEFJRZdaiPVpv9Z+HVeNu4XgaGkzNnpRXgth0M9BS1Wg2hkZkstqSQ=
metapwr-advantage-pomegranate-cherry.mp4
media.doterra.com/us/en/images/homepage/april/ 		6 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://media.doterra.com/us/en/images/homepage/april/metapwr-advantage-pomegranate-cherry.mp4
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-26.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer
https://www.doterra.com/
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 06:01:00 GMT
via
1.1 f3303a5632dc925c26253530523fa328.cloudfront.net (CloudFront)
last-modified
Wed, 27 Mar 2024 20:05:01 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
33048
x-amz-server-side-encryption
AES256
x-amz-meta-origin-date-iso8601
2024-03-13T15:08:25.479Z
etag
"b1827fda8094deb82f11ce7c00b34f4f"
content-type
video/mp4
Content-Range
bytes 0-9368876/9368877
x-cache
Hit from cloudfront
accept-ranges
bytes
x-amz-cf-id
Lc4GY789dWKHum2SjFRLL5fO_u7RWfOzTY66teK6RK0sJ8IBWxxgOQ==
Content-Length
9368877
spinner.gif
www.doterra.com/_ui/desktop/common/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.doterra.com/_ui/desktop/common/images/spinner.gif
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
d314e23674a93dcaa9bfb72041d7da79fdba406f2d042b416356da52dec4af55

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.doterra.com/US/en
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-iinfo
9-8006133-0 0CNN RT(1712157106160 1123) q(0 -1 -1 -1) r(0 -1)
date
Wed, 03 Apr 2024 15:11:47 GMT
last-modified
Fri, 22 Mar 2024 18:06:00 GMT
x-cdn
Imperva
etag
W/"3990-1711130760000"
content-length
3990
content-type
image/gif;charset=UTF-8
icon-search-primary.svg
www.doterra.com/_ui/desktop/common/images/wqa/icons/ 		936 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.doterra.com/_ui/desktop/common/images/wqa/icons/icon-search-primary.svg
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/_ui/desktop/common/css/bootstrap-3-styles.css?1506504
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
20fc47c3718c49b8103585d7d2faf15826bab9b8cbefb1b591cdf977ead25978

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.doterra.com/_ui/desktop/common/css/bootstrap-3-styles.css?1506504
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 15:11:47 GMT
content-encoding
gzip
last-modified
Fri, 22 Mar 2024 18:06:00 GMT
x-cdn
Imperva
etag
W/"936-1711130760000"
content-type
image/svg+xml;charset=UTF-8
x-iinfo
9-8006133-0 0CNN RT(1712157106160 1124) q(0 -1 -1 -1) r(0 -1)
content-length
509
get
consent.trustarc.com/ Frame D1FC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/get?name=crossdomain.html&domain=doterra-cm1.com
Requested by
Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=doterra-cm1.com&c=teconsent&noticeType=bb&js=nj&text=true&gtm=1&language=en_US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-53.fra2.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.doterra.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
3371
cache-control
max-age=2592000
content-length
2178
content-type
text/html
date
Wed, 03 Apr 2024 14:15:36 GMT
pragma
public
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin
via
1.1 286eb4b50e0acf373dd03645aee00b7e.cloudfront.net (CloudFront)
x-amz-cf-id
v8VK6NJpUw3NwQVgee4IGBuCt3cBPPU2Q97AnLZpNZRj5nNrLPyrIQ==
x-amz-cf-pop
FRA2-C2
x-cache
Hit from cloudfront
v1.7-3185
consent.trustarc.com/asset/notice.js/v/ 		92 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/asset/notice.js/v/v1.7-3185
Requested by
Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=doterra-cm1.com&c=teconsent&noticeType=bb&js=nj&text=true&gtm=1&language=en_US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-57.fra2.r.cloudfront.net
Software
/
Resource Hash
7904d8846e66f0c538335e696b4e06fe1d1d10f8856e275316d409efda45ead9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.doterra.com/
Origin
https://www.doterra.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Wed, 03 Apr 2024 14:41:26 GMT
content-encoding
gzip
via
1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 19 Mar 2024 02:16:13 GMT
x-amz-cf-pop
FRA2-C2
age
1822
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=2592000
x-amz-cf-id
ZWNbGJ61sgWE9uGyXN0CpMMF6D76fAAduw9Wncm-wjqoKpcYLD3rpg==
log
consent.trustarc.com/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent.trustarc.com/log?domain=doterra-cm1.com&country=de&state=&behavior=implied&session=30a3ac8a-030a-4056-9eb3-736617199e49&userType=NEW&c=419e
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-57.fra2.r.cloudfront.net
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Content-Security-Policy object-src 'none'; frame-ancestors https://*.trustarc.com https://*.prod.internal.trustarc.com https://*.trustarc.eu https://*.prod.internal.trustarc.eu https://*.staging.internal.trustarc.com https://*.trustarc-svc.net https://*.truste-svc.net https://*.qa.truste-svc.net https://*.dev.truste-svc.net http://localhost:* https://*.nymity.com https://*.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.doterra.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 15:11:47 GMT
content-security-policy
object-src 'none'; frame-ancestors https://*.trustarc.com https://*.prod.internal.trustarc.com https://*.trustarc.eu https://*.prod.internal.trustarc.eu https://*.staging.internal.trustarc.com https://*.trustarc-svc.net https://*.truste-svc.net https://*.qa.truste-svc.net https://*.dev.truste-svc.net http://localhost:* https://*.nymity.com https://*.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA2-C2
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
cross-origin-opener-policy
cross-origin
expect-ct
enforce, max-age=60
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), camera=(), speaker=(), microphone=(), vibrate=()
x-amz-cf-id
mSDGvGvshu7GomXx56WJv1Iz7iGKN052iF3phKcax6Cmtrt7XSWbfQ==
expires
Mon, 26 Jul 1997 05:00:00 GMT
js
www.googletagmanager.com/gtag/ 		280 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XW71K6YFHT&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PHX657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
53ab1f544fdc6a063b7564f30b9d281cb2d78ac1c2c10c45aed28d5fe794914d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.doterra.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 15:11:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
97048
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 03 Apr 2024 15:11:47 GMT
ajax-loader.gif
www.doterra.com/_ui/desktop/common/css/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.doterra.com/_ui/desktop/common/css/ajax-loader.gif
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/_ui/desktop/common/css/slick-theme_1.8.1-alt.min.css?1506504
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.doterra.com/_ui/desktop/common/css/slick-theme_1.8.1-alt.min.css?1506504
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-iinfo
9-8006133-0 0CNN RT(1712157106160 1274) q(0 -1 -1 -1) r(0 -1)
date
Wed, 03 Apr 2024 15:11:47 GMT
last-modified
Wed, 27 Mar 2024 17:16:37 GMT
x-cdn
Imperva
etag
W/"4178-1711559797000"
content-length
4178
content-type
image/gif;charset=UTF-8
slick.woff
www.doterra.com/_ui/desktop/common/css/fonts/ 		1 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.doterra.com/_ui/desktop/common/css/fonts/slick.woff
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/_ui/desktop/common/css/slick-theme_1.8.1-alt.min.css?1506504
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.doterra.com/_ui/desktop/common/css/slick-theme_1.8.1-alt.min.css?1506504
Origin
https://www.doterra.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 15:11:47 GMT
last-modified
Wed, 27 Mar 2024 17:16:37 GMT
x-cdn
Imperva
etag
W/"1380-1711559797000"
x-frame-options
SAMEORIGIN
content-type
font/woff;charset=UTF-8
x-iinfo
9-8006133-8001644 2NNN RT(1712157106160 1282) q(0 0 0 -1) r(4 4) U12
x-incap-sess-cookie-hdr
S/dHd+DrS2o27tZgQV0GFbNxDWYAAAAAqxcbtHnYzpIDDmVQ4J9POw==
accept-ranges
bytes
content-length
1380
recaptcha__de.js
www.gstatic.com/recaptcha/releases/moV1mTgQ6S91nuTnmll4Y9yf/ 		502 KB
201 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/moV1mTgQ6S91nuTnmll4Y9yf/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa4ddb0e0c3bda5d6e61d56a544a7ff9ea3691eaa5126187daa6ed1875ba93e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.doterra.com/
Origin
https://www.doterra.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 14:10:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
90103
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
204859
x-xss-protection
0
last-modified
Mon, 25 Mar 2024 04:00:24 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 02 Apr 2025 14:10:04 GMT
getBannerDetails
www.doterra.com/US/en/ 		143 B
617 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.doterra.com/US/en/getBannerDetails
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
0d9c820b8513f379548801f1acab020d1a365b2274d5609c36dbd6a704ae21a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json
Accept
text/plain, */*; q=0.01
Referer
https://www.doterra.com/US/en
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000 ; includeSubDomains
date
Wed, 03 Apr 2024 15:11:47 GMT
x-content-type-options
nosniff
x-cdn
Imperva
x-frame-options
SAMEORIGIN
content-type
application/json;charset=UTF-8
x-iinfo
9-8006133-7889336 pNNN RT(1712157106160 1361) q(0 0 0 -1) r(2 2) U2
cache-control
no-cache, no-store
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
fontawesome-webfont.woff2
www.doterra.com/_ui/desktop/common/assets-doterra/fonts/bootstrap/ 		65 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.doterra.com/_ui/desktop/common/assets-doterra/fonts/bootstrap/fontawesome-webfont.woff2?v=4.5.0
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/_ui/desktop/common/css/bootstrap-3-styles.css?1506504
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.doterra.com/_ui/desktop/common/css/bootstrap-3-styles.css?1506504
Origin
https://www.doterra.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 15:11:47 GMT
last-modified
Fri, 22 Mar 2024 18:06:00 GMT
x-cdn
Imperva
etag
W/"66624-1711130760000"
x-frame-options
SAMEORIGIN
content-type
font/woff2;charset=UTF-8
x-iinfo
9-8006133-8006233 pNNy RT(1712157106160 1363) q(0 0 0 -1) r(2 2) U12
x-incap-sess-cookie-hdr
04KzDjd0lVQ27tZgQV0GFbNxDWYAAAAAO0R7jwEezzyBFftDHlgXRg==
accept-ranges
bytes
content-length
66624
collect
region1.google-analytics.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-XW71K6YFHT&gtm=45je4410v886967153z871674160za200&_p=1712157107491&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=254461504.1712157108&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1712157107&sct=1&seg=0&dl=https%3A%2F%2Fwww.doterra.com%2FUS%2Fen&dt=Essential%20Oils%20Pure%20and%20Natural%20%7C%20doTERRA%20Essential%20Oils&en=page_view&_fv=1&_nsi=1&_ss=1&ep.login_status=false&up.url_language_config=en&tfd=1468
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XW71K6YFHT&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.doterra.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 03 Apr 2024 15:11:48 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.doterra.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-JP5T5508JH&gtm=45je4410v886967153z871674160za200&_p=1712157107491&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=254461504.1712157108&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1712157107&sct=1&seg=0&dl=https%3A%2F%2Fwww.doterra.com%2FUS%2Fen&dt=Essential%20Oils%20Pure%20and%20Natural%20%7C%20doTERRA%20Essential%20Oils&en=page_view&_fv=1&_ss=1&ep.login_status=false&up.url_language_config=en&tfd=1470
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XW71K6YFHT&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.doterra.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 03 Apr 2024 15:11:48 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.doterra.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
get
consent.trustarc.com/ 		174 KB
175 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/get?name=Raleway-Regular.ttf
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-57.fra2.r.cloudfront.net
Software
/
Resource Hash
20e4ae409ffbe8bfd2af14d7f717398408ae8b481005beccb83d62ef4052b681
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.doterra.com/
Origin
https://www.doterra.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Wed, 03 Apr 2024 15:05:06 GMT
via
1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA2-C2
age
401
x-cache
Hit from cloudfront
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=2592000
content-length
178520
x-amz-cf-id
RuV6YRfKMenmZZJydf9EF4B5vxg0vtlTNbqfXoQgpHmnIYCk9ZiM0Q==
get
consent.trustarc.com/ 		175 KB
176 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/get?name=Raleway-Bold.ttf
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-57.fra2.r.cloudfront.net
Software
/
Resource Hash
ca9de8b3be7ccd4b80774a9c7dd56a98c49c276771c5957729b5958d1d579112
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.doterra.com/
Origin
https://www.doterra.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Wed, 03 Apr 2024 14:57:29 GMT
via
1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA2-C2
age
858
x-cache
Hit from cloudfront
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=2592000
content-length
179244
x-amz-cf-id
vkDlCOkWzvt1runLG_4pO_G5Up5xR-3OAjIY6vUWnUIekhr_cw0-QA==
bannermsg
consent.trustarc.com/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent.trustarc.com/bannermsg?action=views&domain=doterra-cm1.com&behavior=implied&country=de&language=en&rand=0.0968624754982308&session=30a3ac8a-030a-4056-9eb3-736617199e49&userType=NEW
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-57.fra2.r.cloudfront.net
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Content-Security-Policy object-src 'none'; frame-ancestors https://*.trustarc.com https://*.prod.internal.trustarc.com https://*.trustarc.eu https://*.prod.internal.trustarc.eu https://*.staging.internal.trustarc.com https://*.trustarc-svc.net https://*.truste-svc.net https://*.qa.truste-svc.net https://*.dev.truste-svc.net http://localhost:* https://*.nymity.com https://*.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.doterra.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 15:11:47 GMT
content-security-policy
object-src 'none'; frame-ancestors https://*.trustarc.com https://*.prod.internal.trustarc.com https://*.trustarc.eu https://*.prod.internal.trustarc.eu https://*.staging.internal.trustarc.com https://*.trustarc-svc.net https://*.truste-svc.net https://*.qa.truste-svc.net https://*.dev.truste-svc.net http://localhost:* https://*.nymity.com https://*.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA2-C2
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
cross-origin-opener-policy
cross-origin
expect-ct
enforce, max-age=60
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), camera=(), speaker=(), microphone=(), vibrate=()
x-amz-cf-id
QFESvJK0swpjVCg6JWw7mkekj7GyXJjHyXVOfMOf-Bl4rv39BUDC9w==
expires
Mon, 26 Jul 1997 05:00:00 GMT
700x409-april-lifelong-vitality-2024.jpg
doterra-prod-media1.s3.amazonaws.com/sys-master/images/h2f/hc8/30260010418206/ 		81 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doterra-prod-media1.s3.amazonaws.com/sys-master/images/h2f/hc8/30260010418206/700x409-april-lifelong-vitality-2024.jpg
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.92.207.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
c6e0a4dbe6e22001544c49acdb80d7c54eee84b820dbaf2d13193066cb29829c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.doterra.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 03 Apr 2024 15:11:49 GMT
x-amz-version-id
Rkdb8nM0OrMqJnANu0yTmfJ.s5mcwFJv
Last-Modified
Wed, 27 Mar 2024 20:15:12 GMT
Server
AmazonS3
x-amz-request-id
4WF3G10HDAP6YX4E
ETag
"7de19a8a81c2edfbcbd144c15c660c56"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Cache-Control
public,max-age=31536000
x-amz-replication-status
COMPLETED
Accept-Ranges
bytes
Content-Length
82996
x-amz-id-2
Zu48DOm/PYUI8fLUbj5k1iGTxBUUS9idRZNkDqQlnS0mLC3IP9MADf0qW184XxOv1Wn949MNEjo=
700x409-april-malama.jpg
doterra-prod-media1.s3.amazonaws.com/sys-master/images/h31/hc5/30260010352670/ 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doterra-prod-media1.s3.amazonaws.com/sys-master/images/h31/hc5/30260010352670/700x409-april-malama.jpg
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.92.207.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
44ed2a2c8dfef9ba817eb66f5ef20e19f07328e517bb0c82959b39d4d78d235d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.doterra.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 03 Apr 2024 15:11:49 GMT
x-amz-version-id
RBw1jnRXQ0Qe145fOFrx3557C9ZMh.m4
Last-Modified
Wed, 27 Mar 2024 20:13:47 GMT
Server
AmazonS3
x-amz-request-id
4WF8MDNVZJV59SCF
ETag
"094c8ec69c8958dbf618fe075f7244ec"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Cache-Control
public,max-age=31536000
x-amz-replication-status
COMPLETED
Accept-Ranges
bytes
Content-Length
62526
x-amz-id-2
QTvn6zRVb8QkGfWEqRgMEqXMsvJ1eKFBmhEGNEa+uh0d8MAIA6uIbSw0f2h/7tpCuFhbInTfcj0=
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PHX657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.doterra.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 03 Apr 2024 13:48:08 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5021
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 03 Apr 2024 15:48:08 GMT
favicon.ico
www.doterra.com/_ui/desktop/theme-green/images/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.doterra.com/_ui/desktop/theme-green/images/favicon.ico?1506504
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
337ff04561fbeee6eea3abc63756a5ece81433f5bc7a2cafeaee9b4b83317cd3

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.doterra.com/US/en
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-iinfo
9-8006133-0 0CNN RT(1712157106160 2645) q(0 -1 -1 -1) r(0 -1)
date
Wed, 03 Apr 2024 15:11:48 GMT
last-modified
Fri, 22 Mar 2024 18:06:00 GMT
x-cdn
Imperva
etag
W/"1595-1711130760000"
content-length
1049
content-type
image/x-icon;charset=UTF-8
collect
www.google-analytics.com/j/ 		3 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1021239870&t=pageview&_s=1&dl=https%3A%2F%2Fwww.doterra.com%2FUS%2Fen&ul=en-us&de=UTF-8&dt=Essential%20Oils%20Pure%20and%20Natural%20%7C%20doTERRA%20Essential%20Oils&sd=24-bit&sr=800x600&vp=1600x1113&je=0&_u=YCDACEABBAAAACAAI~&jid=737638562&gjid=1517026714&cid=254461504.1712157108&uid=anonymous&tid=UA-28403841-1&_gid=1186792581.1712157109&_r=1&_slc=1&gtm=45He4410n71PHX657v71674160za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=2119402402
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.doterra.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 03 Apr 2024 15:11:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.doterra.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-XW71K6YFHT&gtm=45je4410v886967153z871674160za200&_p=1712157107491&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=254461504.1712157108&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=2&sid=1712157107&sct=1&seg=0&dl=https%3A%2F%2Fwww.doterra.com%2FUS%2Fen&dt=Essential%20Oils%20Pure%20and%20Natural%20%7C%20doTERRA%20Essential%20Oils&en=get_user_data&ep.login_status=false&ep.custom_client_id_event=254461504.1712157108&ep.authentication_status=false&_et=7&up.custom_client_id_user=254461504.1712157108&up.url_language_user=en&tfd=6476
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XW71K6YFHT&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.doterra.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 03 Apr 2024 15:11:52 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.doterra.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

509 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 string| appKey undefined| adrumScript number| adrum-start-time object| adrum-config object| mediator function| dataLayerEvent function| trackAddToWishList_gtm function| trackProductClick_gtm function| trackAddToCart_gtm function| trackRemoveFromCart_gtm function| trackSelectPromotion_gtm function| trackAddShippingMethodClick_gtm function| trackAddPaymentMethodClick_gtm object| dataLayer function| $ function| jQuery object| scriptElem string| MY_DOMAIN boolean| REQUIRE_USER_EXPRESSED_PERMISSION object| _STATE number| _TRUSTARC_ATTEMPTS number| _TRUSTARC_ATTEMPS_MAX function| runOnce function| getBehavior function| handleAPIResponse function| activateElement function| enableVideos object| QueueIt function| queueClient object| myQueueClient object| queueit number| totalItemsMiniCart string| cartDataSite object| ACC object| trackingMethod object| csrfTokenInputElements boolean| isProductMappingEnabled boolean| browserCloseLogoutFlag boolean| HAS_SESSION_CART boolean| IS_ANONYMOUS_USER string| abandonCartText string| abandonLrpCartText string| enrollmentFeeSku string| countryName string| mockCardTokenization string| paymetricSourceUrl object| localText string| mysteryProductSku string| apiKey number| showModalGreenPopUpTimeout number| showModalGreenPopUpWait object| doUpdatesMarketList object| supportedEnrollmentMarkets object| bankroutingPattern object| billingZipPattern object| govIdMaxlength object| billingMobilePhonePattern object| billingMobilePhonePlaceholder object| billingMobileMaskPattern object| govIdPattern object| billingZipRegex object| billingZipMask string| contextPath string| baseURL string| currencySymbol string| commonResourcePath string| siteId string| bannerEnabled string| globalNavigationHideCountryList string| needToResetPassword string| passwordResetDaysLeft string| aromaCheck string| isAgentLoggedIn string| dotUserId string| sessionCartCode string| accountType boolean| queueItEnabled string| stateCode string| stateName string| postalCode string| countryCode string| isGigyaEnabledGlobally boolean| setPrimaryEmail boolean| showPortalModal object| regexEmail string| CCTServerAddress string| CCTPreChatSurvey string| CCTAccountManagementPreChatSurvey string| CCTTokenEx boolean| isAnonymousUser string| addressline1 string| addressline2 string| city object| lazySizesConfig object| $jscomp object| bootstrap object| bootbox function| moment function| Cookies object| lazySizes undefined| shareButtons function| shareButtonService function| downloadPDF function| shareButtonInit string| pattern string| placeholder function| fieldMaskInit function| setupFieldMask function| phoneMaskInit function| setPhonePattern function| dateMaskInit function| setDatePattern object| truste function| shouldRepop function| shouldResolveConsent string| userType object| $temp_box_overlay object| $temp_closebtn_style object| $temp_inner_iframe object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| CARD_STATUS string| currentTabID string| isEnrollmentPage string| hasEnrollmentCartEntries number| currentEpochTime boolean| hideRegionBanner boolean| unsavedChanges boolean| rafNoThanksClicked undefined| forcedTargetUrl undefined| cartType undefined| lastFocusElm object| wishlistProcessing object| wellnessResubscribedStatus string| WELLNESS_RESCUBSCRIBED_CLICKED string| WELLNESS_RESCUBSCRIBED_RESUMED string| MSG_ERROR_CLASS_NAME string| MSG_INFORMATIONAL_CLASS_NAME string| MSG_HELPER_CLASS_NAME string| MSG_DIRECTIONAL_CLASS_NAME string| MSG_WARNING_CLASS_NAME string| MSG_SUCCESS_CLASS_NAME string| MSG_SPECIAL_CLASS_NAME string| NON_MSM_CLASS_NAME string| MODAL_GRAY_CLASS_NAME function| showGlobalErrorMessage function| showGlobalInfoMessage function| showGlobalHelperMessage function| showGlobalDirectionalMessage function| showGlobalWarningMessage function| showGlobalSuccessMessage function| showGlobalSpecialMessage function| showGlobalBasicMessage function| showModalNonMessage function| showModalGray string| loading string| RENDERED_BS_SELECT string| addErrorConstant string| quantityMessage string| loyaltyOrder string| onetimeOrder string| enrollmentOrder undefined| addressFormEcomm string| cartEmail string| showFullCartDetails object| SLICK_WISHLIST_COMPONENT_SETTINGS function| lsTest object| formForRecaptcha undefined| formidForRecaptcha function| onloadCallback function| setStorage function| getStorage function| removeStorage object| bcTempTitle function| updateBreadcrumb undefined| FTLModal undefined| FTLModal2 undefined| FTLMessage undefined| FTLMessage2 undefined| FTLOptions undefined| FTLOptions2 undefined| FTLTitle string| firstTimeLoggedIn function| createInputElement function| showLoadingSpinner function| hideLoadingSpinner function| tooltipCustom object| baseSelectOptions function| getStackTrace function| redirectToPage function| updateReferralCustomerPopUpValue function| addLoadingSpinnerAndSubmit function| checkHomepageSlider function| showShopFirstLoginPopup function| showEnrollNewMemberPopUpMessage string| enrollerFields function| disableEnrollerFields string| json boolean| addr_flag function| validateAddress function| onCloseAddressVerifyModal function| enableNoRecommendationTab function| enableRecommendationTab function| refactorAddress function| refactorPRAddress function| refactorPRUrbanizedAddress function| refactorPRRuralRouteAddress function| removeDisabled function| submitForm function| convertFormToJSON function| saveAddress function| updatePasswordPrompt function| stopUpdatePasswordPrompt function| redirectToMyCart function| enableCartCopMiniCart function| launchCartCop function| initBtnSelect string| userAgent boolean| isAndroid function| showFeedbackModal function| validateFeedbackModal object| ytElements object| videoModal function| ytRichSnippets function| videoRichSnippets undefined| tag undefined| firstScriptTag undefined| ytPlayer undefined| ytPlayed function| getVideoID function| initVideoAWS object| vimeoElements function| vimeoRichSnippets function| initVimeo function| getLabel function| initAnchors function| gaEvent function| passwordRequirements function| toggleShowHide function| toggleShowHideOnKeyDown function| isNumberKey function| isDouble function| limitVal function| showRemoveMessage function| removeProductMessaging function| removeProductMessagingHelp function| showGlobalBootboxMessage function| showModal function| swapNumber function| setPhoneNumber function| setPhoneType function| callOtpVerification function| callAuthyVerification function| formatPhoneNumber function| mergeLrpOrder function| mergeCart function| toggleHiddenSection function| aromaCheckLoginPopup function| siteLogoClick function| abandonCartMsg function| updateCreditBalanceSection function| toggleSSNChars function| addConventionProductOnly function| showProductCustomizeModal function| launchParentChildModal function| getProductCustomizeModalData function| renderProductCustomizeModal function| initProductQuantity function| showLTOLimitReached function| showExceedMaxPromotionLimit function| checkCustomizeQty function| verifyQuantityInput function| addParentItemOnly function| SimpleCustomizeParentProduct function| SimpleCustomizeChildProduct undefined| scrollPosition function| readSession function| getValOnly function| updateUser function| createTabID function| chkUserLoggedIn function| logoutFromBackend function| createSession function| generateUID function| changeKit function| calculateCardExpiryDate function| isEnrollToLRPValid function| enrollToLRPMinumumPVModal function| pvPromotionCheck function| upgradeAndRedirectToEnroll function| abandonCart function| checkOnloadModals function| checkTGNotificationModal function| showCustomerReferralModal function| setShowAgainFlag function| checkQuickGuideModal function| guidedTourInit function| setStorageForRetailCartLogin function| showRoutingModal function| setFullStoryEvent function| checkProductRows function| adjustRowsHeight function| resetProductRowHeight function| showAddressVerificationModal function| showAddressCompareModal function| populateFields function| backToEditAddress function| enteredAddressSelected function| recommendedAddressSelected function| compareFieldValues function| personalEnteredAddressSelected function| personalRecommendedAddressSelected function| ecommRecommendedAddressSelected function| compareInitialValues function| isValidEmailAddress function| promptForPrimaryEmail function| saveEmailSubmit function| showUniqueEmailModal function| checkUniqueEmailAddress function| saveEmailAddress function| skipUniqueEmailCheck function| showPortalPreviewModal function| checkProp65Warning function| showProp65WarningMessage function| copyToClipboard function| updateRegionList function| checkCardTypeAndRegionList function| wareHouseSwitcherChangeAction function| setDatePicker function| setNfrOtgContext function| warehouseToggleOnload function| updateSelectWithData function| updateSelectWithCardData function| updateZipWithMask function| zipCodeFormatter function| validatePostalCode function| checkCartContext function| setNFRTooltip function| setSelectorValue function| changeSwitcherInputFlagOnLoad function| changeSwitcherInputFlag function| showDefaultMarketBanner function| updateBannerData function| handleSelectChangeMarket function| editLRPTemplate function| closeRegionBanner function| marketChangeAction function| getDHyCSTempID function| updateDhyCSEnrollerInfo function| handleAddToCartResponse function| recommendedProductsDisplay function| showProductOverlay function| getElement function| resetLanguage function| completeExpressBodsModal function| checkBodsRequired function| resumeWellnessProgramModal function| showShippingDelayModal function| showShippingDelayModalGeneratedByBanner function| productMappingModal function| setnfrOtgFlagVal function| getDisplayedAccountType function| showMismatchedCartAndSiteSalesOrgsBox function| showNewAccountAuthPopup function| determineMarketMismatchContext function| copyTextToClipboard function| copyText function| setAriaExpandedValue object| alertQueue function| adaAlert function| processAlert function| enableDisableCrmTracker function| closeShareDropdown function| captureLastElement function| returnLastElementFocus function| renderProductHighlight function| renderSubscriptionBanner function| validateGTMFunction undefined| ytPlay function| onYouTubeIframeAPIReady function| gtag function| initMinicart function| updateMiniCartContent function| renderProductRow function| updateMiniCartContentOld function| clearMiniCart function| updateMiniCartIcon function| miniCartClicked function| miniCartLoginPopup function| handleRemoveAlert function| removeProductFromMinicart function| removeProductFromMinicartWithEntryNumber function| removeProductFromMinicartAjaxCall function| showMinicartSpinner function| hideMinicartSpinner function| checkForActiveCart function| verifyAddEnrollmentKit boolean| quickGuideHasBeenClicked function| getDatepickerTitle function| generateTableCaption function| saveLRPDateFlow function| runDateAjax function| openSubscriptionDatePicker function| addToWishlist function| moveToWishlist function| refreshDonationCheckbox function| addProductToWishlistCarousel function| removeProductFromWishlistCarousel function| createWishlistProductItem function| removeFromWishlist function| wishListQuery function| removeSessionProduct function| addSessionProduct function| getList function| bindWishlistIcons function| loadIcons function| loadIcon function| bindWishlistIconClick function| createWishListEntry function| removeEntry function| setIcons function| changeColor function| productClick_gtm function| addToCartClick_gtm function| addToWishlistClick_gtm function| removeFromCartClick_gtm function| addShippingMethodClick_gtm function| addPaymentMethodClick_gtm function| selectPromotionClick_gtm function| publish object| forms object| widgets function| formValidationService function| toggleRequiredGroup function| checkExpirationDate function| checkRequiredGroup function| formInit string| OrderContextInformationModal object| slideTO function| initSlides function| slideInterval function| changeSlide object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| smartedit object| searchResultsObject object| searchContentType object| searchSortType number| resultsPerPage boolean| filterOpened boolean| loadAjax function| resetLazyLoadObject function| renderFullResults function| renderFilterSortFullResults function| renderRecentSearch function| decodeURIComponentSafe function| checkLazyLoad function| getURLParameter function| filterCall function| getFilterList function| toggleNav function| shiftOffCanvasMenu string| globalGridClasses function| initiateSelectYourRegionPage function| sortByOrderNum function| sortByName function| findByCode function| extractLanguage function| validateLanguage function| extractRegion function| validateRegion string| IDLE_TIMEOUT number| TIMEOUT_CHECK_INVERVAL number| _idleMinutesCounter number| idleTime function| startTimeCheck function| checkIdleTime function| showIdleMessage function| formatTime object| AOS string| LANGUAGE_COOKIE string| DEFAULT_LANGUAGE object| LANGUAGES object| EMAIL_TEMPLATE_LANGUAGES string| REGION_COOKIE string| DEFAULT_REGION string| DEFAULT_PRIVACY_POLICY_LINK string| DEFAULT_TERMS_OF_USE_LINK object| REGIONS object| ZONES string| aName string| bName object| regionMap function| _truste_eu object| PREF_MGR_API_DEBUG object| PrivacyManagerAPI object| TRUSTE_CMAPI_DEBUG function| FontFaceObserver object| gaGlobal object| recaptcha object| gaplugins object| gaData

19 Cookies

Domain/Path Name / Value
www.doterra.com/US Name: fontBody
Value: fontBody-loaded
www.doterra.com/US Name: fontFA
Value: fontFA-loaded
.doterra.com/ Name: nlbi_661002
Value: E7GFRoWM8TRT8lYjyFxrGQAAAACLacF1WfR+07bTVTlAyW0G
.doterra.com/ Name: visid_incap_661002
Value: 75x2CSvvQkCmqO5AdD27xLJxDWYAAAAAQUIPAAAAAAB/2l7OnWNm1RzudnuUQsGb
.doterra.com/ Name: incap_ses_1515_661002
Value: oJkHBqJ1Mwg27tZgQV0GFbJxDWYAAAAA7pZRnWqLkmcqUtpd+KIFww==
www.doterra.com/ Name: JSESSIONID
Value: B8290A6EF5E3B6D24298E5E06C477AAF
www.doterra.com/ Name: JSESSIONID-B2BACC
Value: Y6-1bc754aa-49b4-4f20-a167-419c33ca8345
www.doterra.com/ Name: DOTERRAF5
Value: 90595428.10787.0000
.doterra.com/ Name: TAsessionID
Value: 30a3ac8a-030a-4056-9eb3-736617199e49|NEW
.doterra.com/ Name: notice_behavior
Value: implied,eu
.doterra.com/ Name: _ga_JP5T5508JH
Value: GS1.1.1712157107.1.0.1712157107.0.0.0
.doterra.com/ Name: _ga_XW71K6YFHT
Value: GS1.1.1712157107.1.0.1712157107.0.0.0
www.doterra.com/ Name: US-cart
Value: a4354290-5f79-41e4-9096-b0f26f4222d1
mydoterra.queue-it.net/ Name: Queue-it-559fa46c-4cbb-470f-be16-6f36d3104aaf
Value: WasRedirected=false&i=638477539080745694
.queue-it.net/ Name: Queue-it
Value: u=050cc4f0-128c-4821-a912-c179a2d0fcf2
www.doterra.com/ Name: QueueITAccepted-SDFrts345E-V3_hybbogofeb2019
Value: EventId%3Dhybbogofeb2019%26QueueId%3D559fa46c-4cbb-470f-be16-6f36d3104aaf%26RedirectType%3Dsafetynet%26IssueTime%3D1712157108%26Hash%3D559575a46ebf04bf0277f1fa07ce76ae0f0d90f652f36768f0f6346899d3f263
.doterra.com/ Name: _ga
Value: GA1.2.254461504.1712157108
.doterra.com/ Name: _gid
Value: GA1.2.1186792581.1712157109
.doterra.com/ Name: _gat_UA-28403841-1
Value: 1

3 Console Messages

Source Level URL
Text
other warning URL: https://www.doterra.com/US/en
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.doterra.com/US/en
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.doterra.com/US/en
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

consent.trustarc.com
doterra-prod-media1.s3.amazonaws.com
fonts.googleapis.com
fonts.gstatic.com
media.doterra.com
mydoterra.queue-it.net
region1.google-analytics.com
www.doterra.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
13.225.78.53
13.225.78.57
2001:4860:4802:34::36
216.58.212.132
2a00:1450:4001:803::200e
2a00:1450:4001:810::2003
2a00:1450:4001:812::2003
2a00:1450:4001:829::200a
2a00:1450:4001:82f::2008
45.60.14.13
52.39.114.163
52.92.207.113
65.9.95.26
00897f66b9703ed53dac29f0e5d2f60166419f1ba3240ed47573c56807e81964
0493f6ef799f42eecd98a07cb6462cc264d46e793159ef4c539eaaf6a528badb
0d9c820b8513f379548801f1acab020d1a365b2274d5609c36dbd6a704ae21a4
1293064ef09cefcc669468aa5b44c867b8d8a6ac2705d90c3add7c38e46d055e
1361e529a669a11f280bb41f7e812bd115f686f887e63d1a46413b8b57198d99
19ac34edfee1c41a4f88f01d0f14db426de9ab2dbe0917f3b59d03fcb20c2b6e
1bd2de019bf3aae2c5075117ddd86594b82b2f1e81cefc25eebde0d0e72c378f
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1fd2538a8e53dddd545d7bb1644c8e8b85822858c7582bb6118e77487bc0f4ab
20e4ae409ffbe8bfd2af14d7f717398408ae8b481005beccb83d62ef4052b681
20fc47c3718c49b8103585d7d2faf15826bab9b8cbefb1b591cdf977ead25978
22cc5e115f87c4a8f05a5699ae201ac89c734e96a123c8115602edfe58513b9b
24227981e7f08d28561dc44c0ea6065ddb531f87b5cd8890958e6be387f0502e
2652b59eec1508044e94d8905534cde507894a9364d634d980ffe3af8101c107
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
29a820cfa2261826927a13a527a1edfb6653533c234589158d3b427eb3c3de30
337ff04561fbeee6eea3abc63756a5ece81433f5bc7a2cafeaee9b4b83317cd3
40ac8a55c599f0528a72f6acb3e56402532766517c476d236c72fb1bd233206c
44268a8a5ff4200fc56b7954ac9e87ca3bb5f0967bc13d139253d83f81fcdf0c
44ed2a2c8dfef9ba817eb66f5ef20e19f07328e517bb0c82959b39d4d78d235d
4af65930458f430fb4db74f90a9e2242e326d2b80fbf9d1386b6c426a661ffe2
4db78ee993480c1714e1d5c9284d95988deda4844a546e83f2dd7846144d5632
52027474c2a78ddeeb60a66236977fc355cbf460c846777da0c01d785667685c
528eb4900ccdd06e15447187e3b5e68f6563f7e4e4941cba627859b107441224
53ab1f544fdc6a063b7564f30b9d281cb2d78ac1c2c10c45aed28d5fe794914d
55c576d7377e313c92040ab4a1ede6290c99eaa56140fe14e77646cb9acddaea
5775c49031257ee24f95b153b9a3fab3c83baabbfe0889013cdebbf8af485919
5b23ee534d7c1d1586664848f2fe0ecdbccea3664b292177c2dd7ebbacd847d8
6a8b4abd7859dc24b02b18c670fee2bbd58bb58d8737b09d3d8576a2d52b4e7a
6da003223b108e092b65bc1749a03d3518da4f406f640964d4d95edc4317f1b7
73e336238f841bb74b2f18ff731ca9e0b35f8432d39f5800c03beba526c18c07
7904d8846e66f0c538335e696b4e06fe1d1d10f8856e275316d409efda45ead9
7b080590cade1f2a4cabfe2da8d2ba264ec87dbd0729d77a289178e0c8644092
878d3c1c2eab0f26cfe98cc787ba35642005424f7330c90c4ee580ca148c5a60
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
957a339b456d0dcc51a91b002d20abcb7f0843e9893496d0747c13148e7e7050
976cff801e9006b44e44d4f62f0cb97d820e82cbfa7710378ffa258b8e9af8f7
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9e284abf396072e9d4cad67b177028af666d5b113b7acf17e944db166241b643
a51fabd4d6463a9c46784bfde384e90a771f420e511db43b985239bc40786d0b
a52fc88c7aeced0171dc8e0edefb1dce07a41e1e95498a52b1f6e68e4f1dbaff
a7ec241818f4cb3600703ef8f0d998ab39cdc7bb748ac50202acec4057d08cc6
aa4ddb0e0c3bda5d6e61d56a544a7ff9ea3691eaa5126187daa6ed1875ba93e7
ac1dbec7b37a039390412e39114b98ddff8512e132341556e3187b9a62fdafb1
b6398b981d0e494d14c6af7deeda911bc2866b69a96815fae6aa7a43a3bbc9ee
c6e0a4dbe6e22001544c49acdb80d7c54eee84b820dbaf2d13193066cb29829c
ca9de8b3be7ccd4b80774a9c7dd56a98c49c276771c5957729b5958d1d579112
d2765f5561cf42391e2322a8a3c6d54483907de0905b8e050fc8efdce92b6261
d314e23674a93dcaa9bfb72041d7da79fdba406f2d042b416356da52dec4af55
d4e079f680e9a715eb69c3280260d3e938d3f7bb150e18f921be3759509b210c
d8d492e9940ea13f04fd72121c1bcc1daf6db4b23c3e86fafd220d78633c9061
da298619609610ffc1ea0a37f6cb56bb48123da37a8d5fd211463eea72fb1c32
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df3c989a3a59551153d5deee6b48259400d96388e1d3b5bd349bb6fcc82034c4
e1077ba0a38815e87900fe96f1fdf972a2a06d27c6e36dcefe004053e47d610e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
eaece34a4b5aa2e189a33e1e0ddc1737c7e0cd22f40a6ba4e43388cf9b6e766c
ee4442cd02731bb7bb4f0f827df72662587557a205333751a6a5105d72d1e1e3
fe6e681b1ab520ab428adb845669db459354430973fe1944b84dba3ed907d90c
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995