www.doterra.com Open in urlscan Pro
45.60.14.13 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.purchasedoterra.com/
Effective URL:
https://www.doterra.com/US/en/site//michellebonne
Submission: On June 11 via api (June 11th 2024, 7:03:57 am UTC) from US — Scanned from DE

Summary HTTP 65 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 13 IPs in 2 countries across 11 domains to perform 65 HTTP transactions. The main IP is 45.60.14.13, located in United States and belongs to INCAPSULA, US. The main domain is www.doterra.com. The Cisco Umbrella rank of the primary domain is 231290.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on February 28th 2024. Valid for: a year.

This is the only time www.doterra.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	15.197.142.173 15.197.142.173	16509 (AMAZON-02) (AMAZON-02)
2 34	45.60.14.13 45.60.14.13	19551 (INCAPSULA) (INCAPSULA)
1	142.250.186.132 142.250.186.132	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
6	18.238.243.123 18.238.243.123	16509 (AMAZON-02) (AMAZON-02)
1	35.161.188.241 35.161.188.241	16509 (AMAZON-02) (AMAZON-02)
8	52.92.187.57 52.92.187.57	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	18.238.243.14 18.238.243.14	16509 (AMAZON-02) (AMAZON-02)
5	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
65	13

1 15.197.142.173 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a4ec4c6ea1c92e2e6.awsglobalaccelerator.com

www.purchasedoterra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 45.60.14.13 (United States) 2 redirects

ASN19551 (INCAPSULA, US)

www.mydoterra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
my.doterra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.doterra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.238.243.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-243-123.ams58.r.cloudfront.net

consent.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.161.188.241 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-161-188-241.us-west-2.compute.amazonaws.com

mydoterra.queue-it.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.92.187.57 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-w.amazonaws.com

doterra-prod-media1.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.238.243.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-243-14.ams58.r.cloudfront.net

consent.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	doterra.com 1 redirects my.doterra.com www.doterra.com — Cisco Umbrella Rank: 231290	1 MB
8	amazonaws.com doterra-prod-media1.s3.amazonaws.com — Cisco Umbrella Rank: 364136	157 KB
7	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2406 www.google-analytics.com — Cisco Umbrella Rank: 65	21 KB
7	trustarc.com consent.trustarc.com — Cisco Umbrella Rank: 3275	391 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 70 www.googleapis.com — Cisco Umbrella Rank: 54	3 KB
2	gstatic.com fonts.gstatic.com www.gstatic.com	253 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	218 KB
2	mydoterra.com 1 redirects www.mydoterra.com	1 KB
1	queue-it.net mydoterra.queue-it.net — Cisco Umbrella Rank: 448748	924 B
1	google.com www.google.com — Cisco Umbrella Rank: 5	969 B
1	purchasedoterra.com 1 redirects www.purchasedoterra.com	332 B
65	11

	Domain	Requested by
31	www.doterra.com	www.mydoterra.com www.doterra.com
8	doterra-prod-media1.s3.amazonaws.com	www.doterra.com
7	consent.trustarc.com	www.doterra.com consent.trustarc.com
5	region1.google-analytics.com	www.googletagmanager.com
3	www.googleapis.com	www.doterra.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	www.doterra.com www.googletagmanager.com
2	fonts.googleapis.com	www.doterra.com
2	www.mydoterra.com	1 redirects
1	www.gstatic.com	www.google.com
1	fonts.gstatic.com	fonts.googleapis.com
1	mydoterra.queue-it.net	www.doterra.com
1	www.google.com	www.doterra.com
1	my.doterra.com	1 redirects
1	www.purchasedoterra.com	1 redirects
65	15

This site contains links to these domains. Also see Links.

Domain
submit-irm.trustarc.com
facebook.com
www.instagram.com
www.pinterest.com
www.youtube.com
www.linkedin.com
media.doterra.com

Subject Issuer	Validity	Valid
*.mydoterra.com Go Daddy Secure Certificate Authority - G2	`2024-04-19` - `2025-05-21`	a year	crt.sh
*.doterra.com Go Daddy Secure Certificate Authority - G2	`2024-02-28` - `2025-03-31`	a year	crt.sh
*.google.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
upload.video.google.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.trustarc.com Amazon RSA 2048 M02	`2024-03-16` - `2025-04-14`	a year	crt.sh
*.queue-it.net Amazon RSA 2048 M03	`2023-12-21` - `2025-01-19`	a year	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2024-04-22` - `2025-04-07`	a year	crt.sh
*.gstatic.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.doterra.com/US/en/site//michellebonne
Frame ID: 811DFDE9FC2075ECC43A8D8C7557DDA2
Requests: 64 HTTP requests in this frame

Frame: https://consent.trustarc.com/get?name=crossdomain.html&domain=doterra-cm1.com
Frame ID: 5FC8E925A7DBEA0D6B1A46C502AFF9E4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Business Site Home Page | doTERRA Essential Oils

Page URL History Show full URLs

http://www.purchasedoterra.com/ HTTP 307
https://www.purchasedoterra.com/ HTTP 307
http://www.purchasedoterra.com/ HTTP 301
http://www.mydoterra.com/michellebonne HTTP 307
https://www.mydoterra.com/michellebonne HTTP 301
https://www.mydoterra.com/michellebonne/ Page URL
http://my.doterra.com//michellebonne HTTP 307
https://my.doterra.com//michellebonne HTTP 302
https://www.doterra.com/US/en/site//michellebonne Page URL

Detected technologies

SAP Commerce Cloud (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

<[^>]+/(?:sys_master|hybr|_ui/(?:.*responsive/)?(?:desktop|common(?:/images|/img|/css|ico)?))/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

TrustArc (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.trustarc\.com

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

65
Requests

100 %
HTTPS

50 %
IPv6

11
Domains

15
Subdomains

13
IPs

2
Countries

2164 kB
Transfer

6866 kB
Size

29
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://submit-irm.trustarc.com/services/validation/201dc465-3091-4e5d-b684-8a2fbc1fd807
Title: here

Search URL Search Domain Scan URL

URL: https://facebook.com/100044339773672

Search URL Search Domain Scan URL

URL: https://www.instagram.com/doterra/?hl=en

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/doTERRA/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCOfpaxKnF8fqjRg05TGNHZQ

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/d-terra/

Search URL Search Domain Scan URL

URL: https://media.doterra.com/us/en/brochures/product-guide.pdf
Title: Product Guide

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.purchasedoterra.com/ HTTP 307
https://www.purchasedoterra.com/ HTTP 307
http://www.purchasedoterra.com/ HTTP 301
http://www.mydoterra.com/michellebonne HTTP 307
https://www.mydoterra.com/michellebonne HTTP 301
https://www.mydoterra.com/michellebonne/ Page URL
http://my.doterra.com//michellebonne HTTP 307
https://my.doterra.com//michellebonne HTTP 302
https://www.doterra.com/US/en/site//michellebonne Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.purchasedoterra.com/ HTTP 307
https://www.purchasedoterra.com/ HTTP 307
http://www.purchasedoterra.com/ HTTP 301
http://www.mydoterra.com/michellebonne HTTP 307
https://www.mydoterra.com/michellebonne HTTP 301
https://www.mydoterra.com/michellebonne/

65 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/
www.mydoterra.com/michellebonne/
Redirect Chain

http://www.purchasedoterra.com/
https://www.purchasedoterra.com/
http://www.purchasedoterra.com/
http://www.mydoterra.com/michellebonne
https://www.mydoterra.com/michellebonne
https://www.mydoterra.com/michellebonne/

99 B
622 B

296ms
295ms

Document
text/html

45.60.14.13
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mydoterra.com/michellebonne/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.13 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://shop.doterra.com;

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-security-policy: frame-ancestors 'self' https://shop.doterra.com;
content-type: text/html;charset=UTF-8
date: Tue, 11 Jun 2024 07:03:50 GMT
p3p: CP='PUB OTRo'
server: Apache
x-cdn: Imperva
x-iinfo: 18-95380012-95380026 PNYN RT(1718089429706 682) q(0 0 0 -1) r(3 3) U12

Redirect headers

content-length: 315
content-security-policy: frame-ancestors 'self' https://shop.doterra.com;
content-type: text/html; charset=iso-8859-1
date: Tue, 11 Jun 2024 07:03:50 GMT
location: https://www.mydoterra.com/michellebonne/
server: Apache
x-cdn: Imperva
x-iinfo: 18-95380012-95380026 NNNN CT(196 198 0) RT(1718089429706 44) q(0 0 4 0) r(6 6) U11

GET
H2

200

Primary Request michellebonne Show response
www.doterra.com/US/en/site//
Redirect Chain

http://my.doterra.com//michellebonne
https://my.doterra.com//michellebonne
https://www.doterra.com/US/en/site//michellebonne

245 KB
72 KB

342ms
318ms

Document
text/html

45.60.14.13
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.doterra.com/US/en/site//michellebonne

Requested by

Host: www.mydoterra.com
URL: https://www.mydoterra.com/michellebonne/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.13 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

49c9409934a2063b20130b94eef27542a14d242d580a81edf51dbf437e346f57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mydoterra.com/michellebonne/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

cache-control: no-cache no-store
content-encoding: gzip
content-language: en-US
content-type: text/html;charset=UTF-8
date: Tue, 11 Jun 2024 07:03:51 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
strict-transport-security: max-age=31536000 ; includeSubDomains
x-cdn: Imperva
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-iinfo: 14-71895413-71457337 pNYy RT(1718089430800 459) q(0 0 0 -1) r(3 3) U12
x-xss-protection: 1; mode=block

Redirect headers

content-length: 0
location: https://www.doterra.com/US/en/site//michellebonne
server: BigIP
x-cdn: Imperva
x-iinfo: 1014-71895413-71457337 pNNy RT(1718089430800 153) q(0 0 0 1) r(2 2) U11

GET
H2 200 slick-theme_1.8.1-alt.min.css
www.doterra.com/_ui/desktop/common/css/ 2 KB
940 B 72ms
71ms Stylesheet
text/css 45.60.14.13
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.doterra.com/_ui/desktop/common/css/slick-theme_1.8.1-alt.min.css?1523675
Requested by: Host: www.doterra.com
URL: https://www.doterra.com/US/en/site//michellebonne
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 528eb4900ccdd06e15447187e3b5e68f6563f7e4e4941cba627859b107441224

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.doterra.com/US/en/site//michellebonne
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 07:03:51 GMT
content-encoding: gzip
last-modified: Fri, 07 Jun 2024 20:57:29 GMT
x-cdn: Imperva
etag: W/"2408-1717793849000"
content-type: text/css;charset=UTF-8
x-iinfo: 14-71895413-0 0CNN RT(1718089430800 780) q(0 -1 -1 -1) r(0 -1)
content-length: 800

GET
H2 200 bootstrap-3-styles.css
www.doterra.com/_ui/desktop/common/css/ 2 MB
281 KB 258ms
257ms Stylesheet
text/css 45.60.14.13
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.doterra.com/_ui/desktop/common/css/bootstrap-3-styles.css?1523675

Requested by

Host: www.doterra.com
URL: https://www.doterra.com/US/en/site//michellebonne

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.13 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

cbd82764e7daf201d9c8bd02638782c3710ecc4957679ff2e2a263047e88ec52

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.doterra.com/US/en/site//michellebonne
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 07:03:51 GMT
content-encoding: gzip
last-modified: Fri, 07 Jun 2024 21:14:15 GMT
x-cdn: Imperva
etag: W/"2418725-1717794855000"
x-frame-options: SAMEORIGIN
content-type: text/css;charset=UTF-8
x-iinfo: 14-71895413-71676313 pNNy RT(1718089430800 783) q(0 0 0 -1) r(2 2) U9
accept-ranges: bytes

GET
H2 200 logo.svg
www.doterra.com/_ui/desktop/common/images/wqa/ 12 KB
5 KB 224ms
224ms Image
image/svg+xml 45.60.14.13
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.doterra.com/_ui/desktop/common/images/wqa/logo.svg

Requested by

Host: www.doterra.com
URL: https://www.doterra.com/US/en/site//michellebonne

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.13 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

da298619609610ffc1ea0a37f6cb56bb48123da37a8d5fd211463eea72fb1c32

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.doterra.com/US/en/site//michellebonne
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Tue, 11 Jun 2024 07:03:51 GMT
content-encoding: gzip
last-modified: Fri, 07 Jun 2024 20:57:29 GMT
x-cdn: Imperva
etag: W/"12333-1717793849000"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=UTF-8
x-iinfo: 14-71895413-71457337 pNYy RT(1718089430800 857) q(0 0 0 -1) r(2 2) U2
cache-control: public,max-age=54321
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:54 GMT

GET
H2 200 logo-small.svg
www.doterra.com/_ui/desktop/common/images/wqa/ 2 KB
1 KB 53ms
53ms Image
image/svg+xml 45.60.14.13
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.doterra.com/_ui/desktop/common/images/wqa/logo-small.svg
Requested by: Host: www.doterra.com
URL: https://www.doterra.com/US/en/site//michellebonne
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: ac1dbec7b37a039390412e39114b98ddff8512e132341556e3187b9a62fdafb1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.doterra.com/US/en/site//michellebonne
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 07:03:51 GMT
content-encoding: gzip
last-modified: Fri, 07 Jun 2024 20:57:29 GMT
x-cdn: Imperva
etag: W/"2048-1717793849000"
content-type: image/svg+xml;charset=UTF-8
x-iinfo: 14-71895413-0 0CNN RT(1718089430800 867) q(0 -1 -1 -1) r(0 -1)
content-length: 1040

GET
H2 200 LavenderDefaultProfilePicture.jpg
www.doterra.com/_ui/desktop/common/assets-doterra/images/replicated-site/ 8 KB
9 KB 46ms
46ms Image
image/jpeg 45.60.14.13
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.doterra.com/_ui/desktop/common/assets-doterra/images/replicated-site/LavenderDefaultProfilePicture.jpg
Requested by: Host: www.doterra.com
URL: https://www.doterra.com/US/en/site//michellebonne
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 9cebe70455a582abc5c41e22c2deca55d608ca704649176416b0cf567a8ce725

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.doterra.com/US/en/site//michellebonne
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-iinfo: 14-71895413-0 0CNN RT(1718089430800 913) q(0 -1 -1 -1) r(0 -1)
date: Tue, 11 Jun 2024 07:03:51 GMT
last-modified: Thu, 30 May 2024 21:16:23 GMT
x-cdn: Imperva
etag: W/"9648-1717103783000"
content-length: 8577
content-type: image/jpeg;charset=UTF-8

GET
H2 200 ecomm-header-webui.js Show response
www.doterra.com/_ui/desktop/common/dist/ 632 KB
136 KB 42ms
42ms Script
application/javascript 45.60.14.13
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.doterra.com/_ui/desktop/common/dist/ecomm-header-webui.js?1523675
Requested by: Host: www.doterra.com
URL: https://www.doterra.com/US/en/site//michellebonne
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e5450eb469806ee7b2728aa2fcdb1ac5b62127fad36061f481cbf2492cdbb47b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.doterra.com/US/en/site//michellebonne
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 07:03:51 GMT
content-encoding: gzip
last-modified: Fri, 07 Jun 2024 21:07:59 GMT
x-cdn: Imperva
etag: W/"1099416-1717794479000"
content-type: application/javascript;charset=UTF-8
x-iinfo: 14-71895413-0 0CNN RT(1718089430800 956) q(0 -1 -1 -1) r(0 -1)
content-length: 139515

GET
H2 200 plugins.js Show response
www.doterra.com/_ui/desktop/common/dist/ 469 KB
132 KB 74ms
74ms Script
application/javascript 45.60.14.13
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.doterra.com/_ui/desktop/common/dist/plugins.js?1523675
Requested by: Host: www.doterra.com
URL: https://www.doterra.com/US/en/site//michellebonne
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 6c491b79876d6c39a829db3781a742a647326bf9f82cc20a6be26792a7f7b4f8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.doterra.com/US/en/site//michellebonne
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 07:03:51 GMT
content-encoding: gzip
last-modified: Fri, 07 Jun 2024 21:07:59 GMT
x-cdn: Imperva
etag: W/"490487-1717794479000"
content-type: application/javascript;charset=UTF-8
x-iinfo: 14-71895413-0 0CNN RT(1718089430800 1043) q(0 -1 -1 -1) r(0 -1)
content-length: 134507

GET
H2 200 webApplicationInjector.js Show response
www.doterra.com/_ui/addons/smarteditaddon/shared/common/js/ 7 KB
3 KB 47ms
45ms Script
application/javascript 45.60.14.13
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.doterra.com/_ui/addons/smarteditaddon/shared/common/js/webApplicationInjector.js?1523675
Requested by: Host: www.doterra.com
URL: https://www.doterra.com/US/en/site//michellebonne
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 1bd2de019bf3aae2c5075117ddd86594b82b2f1e81cefc25eebde0d0e72c378f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.doterra.com/US/en/site//michellebonne
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 07:03:52 GMT
content-encoding: gzip
last-modified: Fri, 07 Jun 2024 21:14:15 GMT
x-cdn: Imperva
etag: W/"7649-1717794855000"
content-type: application/javascript;charset=UTF-8
x-iinfo: 14-71895413-0 0CNN RT(1718089430800 1376) q(0 -1 -1 -1) r(0 -1)
content-length: 3052

GET
H2 200 reprocessPage.js Show response
www.doterra.com/_ui/addons/smarteditaddon/shared/common/js/ 527 B
402 B 48ms
46ms Script
application/javascript 45.60.14.13
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.doterra.com/_ui/addons/smarteditaddon/shared/common/js/reprocessPage.js?1523675
Requested by: Host: www.doterra.com
URL: https://www.doterra.com/US/en/site//michellebonne
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 2677b7f3bb2e536f3e8175404c43f32b47a1dc4794e253ada74a4c129d3a79eb

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.doterra.com/US/en/site//michellebonne
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 07:03:52 GMT
content-encoding: gzip
last-modified: Wed, 03 May 2023 01:07:18 GMT
x-cdn: Imperva
etag: W/"703-1683076038000"
content-type: application/javascript;charset=UTF-8
x-iinfo: 14-71895413-0 0CNN RT(1718089430800 1377) q(0 -1 -1 -1) r(0 -1)
content-length: 278

GET
H2 200 adjustComponentRenderingToSE.js Show response
www.doterra.com/_ui/addons/smarteditaddon/shared/common/js/ 1017 B
628 B 41ms
40ms Script
application/javascript 45.60.14.13
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.doterra.com/_ui/addons/smarteditaddon/shared/common/js/adjustComponentRenderingToSE.js?1523675
Requested by: Host: www.doterra.com
URL: https://www.doterra.com/US/en/site//michellebonne
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 7d3dfdb295d4883d88dff5141c2fdd652979037f103bdd9d10975236e5e1163e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.doterra.com/US/en/site//michellebonne
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 07:03:52 GMT
content-encoding: gzip
last-modified: Wed, 03 May 2023 01:07:18 GMT
x-cdn: Imperva
etag: W/"1915-1683076038000"
content-type: application/javascript;charset=UTF-8
x-iinfo: 14-71895413-0 0CNN RT(1718089430800 1396) q(0 -1 -1 -1) r(0 -1)
content-length: 527

GET
H2 200 bootbox.custom.js Show response
www.doterra.com/_ui/desktop/common/js/custom/ 13 KB
4 KB 47ms
47ms Script
application/javascript 45.60.14.13
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.doterra.com/_ui/desktop/common/js/custom/bootbox.custom.js?1523675
Requested by: Host: www.doterra.com
URL: https://www.doterra.com/US/en/site//michellebonne
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 79a13356dfd0896ec23d163291fc033d8a2c2175a5b65edb365f8acf41a4ed49

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.doterra.com/US/en/site//michellebonne
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 07:03:52 GMT
content-encoding: gzip
last-modified: Fri, 07 Jun 2024 20:57:29 GMT
x-cdn: Imperva
etag: W/"31904-1717793849000"
content-type: application/javascript;charset=UTF-8
x-iinfo: 14-71895413-0 0CNN RT(1718089430800 1415) q(0 -1 -1 -1) r(0 -1)
content-length: 4272

GET
H2 200 global-variables.js Show response
www.doterra.com/_ui/desktop/common/dist/ 413 KB
89 KB 47ms
46ms Script
application/javascript 45.60.14.13
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.doterra.com/_ui/desktop/common/dist/global-variables.js?1523675
Requested by: Host: www.doterra.com
URL: https://www.doterra.com/US/en/site//michellebonne
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: af923402e0a697e8423887b2a9a41afccb006cc62f216abce1b0503bae24b0f8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.doterra.com/US/en/site//michellebonne
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 07:03:52 GMT
content-encoding: gzip
last-modified: Fri, 07 Jun 2024 21:07:59 GMT
x-cdn: Imperva
etag: W/"746347-1717794479000"
content-type: application/javascript;charset=UTF-8
x-iinfo: 14-71895413-0 0CNN RT(1718089430800 1420) q(0 -1 -1 -1) r(0 -1)
content-length: 90844

GET
H2 200 custom.js Show response
www.doterra.com/_ui/desktop/common/dist/ 95 KB
17 KB 53ms
52ms Script
application/javascript 45.60.14.13
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.doterra.com/_ui/desktop/common/dist/custom.js?1523675
Requested by: Host: www.doterra.com
URL: https://www.doterra.com/US/en/site//michellebonne
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e3eb924e7ca0e9e9257c5a28508548a64254d5b3d13e5872a0617eeb8b6f53c9

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.doterra.com/US/en/site//michellebonne
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 07:03:52 GMT
content-encoding: gzip
last-modified: Fri, 07 Jun 2024 21:07:59 GMT
x-cdn: Imperva
etag: W/"97058-1717794479000"
content-type: application/javascript;charset=UTF-8
x-iinfo: 14-71895413-0 0CNN RT(1718089430800 1449) q(0 -1 -1 -1) r(0 -1)
content-length: 17682

GET
H2 200 sharebuttons.js Show response
www.doterra.com/_ui/desktop/common/js/custom/ 6 KB
2 KB 40ms
40ms Script
application/javascript 45.60.14.13
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.doterra.com/_ui/desktop/common/js/custom/sharebuttons.js?1523675
Requested by: Host: www.doterra.com
URL: https://www.doterra.com/US/en/site//michellebonne
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 2692e8ade174c4a044c4151c9e10d5a0c7ed655e184cc034762b7d08432a96b0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.doterra.com/US/en/site//michellebonne
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 07:03:51 GMT
content-encoding: gzip
last-modified: Fri, 07 Jun 2024 20:57:29 GMT
x-cdn: Imperva
etag: W/"10965-1717793849000"
content-type: application/javascript;charset=UTF-8
x-iinfo: 14-71895413-0 0CNN RT(1718089430800 1120) q(0 -1 -1 -1) r(0 -1)
content-length: 1904

GET
H2 200 field-mask.js Show response
www.doterra.com/_ui/desktop/common/js/custom/ 2 KB
650 B 41ms
40ms Script
application/javascript 45.60.14.13
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.doterra.com/_ui/desktop/common/js/custom/field-mask.js?1523675
Requested by: Host: www.doterra.com
URL: https://www.doterra.com/US/en/site//michellebonne
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 5a179d646eedca0e9fb69e6a212c6021af0b966ad805ab574f252f56a1bc115f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.doterra.com/US/en/site//michellebonne
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 07:03:51 GMT
content-encoding: gzip
last-modified: Thu, 30 May 2024 21:16:24 GMT
x-cdn: Imperva
etag: W/"3009-1717103784000"
content-type: application/javascript;charset=UTF-8
x-iinfo: 14-71895413-0 0CNN RT(1718089430800 1130) q(0 -1 -1 -1) r(0 -1)
content-length: 525

GET
H2 200 global.js Show response
www.doterra.com/_ui/desktop/common/js/custom/ 242 KB
58 KB 225ms
225ms Script
application/javascript 45.60.14.13
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.doterra.com/_ui/desktop/common/js/custom/global.js?1523675

Requested by

Host: www.doterra.com
URL: https://www.doterra.com/US/en/site//michellebonne

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.13 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

cfdc59eb84988d50c7863b94bf86f2a4a74b4394fb252a743348e7e89634910c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.doterra.com/US/en/site//michellebonne
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 07:03:51 GMT
content-encoding: gzip
last-modified: Fri, 07 Jun 2024 20:57:29 GMT
x-cdn: Imperva
etag: W/"247585-1717793849000"
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=UTF-8
x-iinfo: 14-71895413-71676313 pNNy RT(1718089430800 1161) q(0 0 0 -1) r(2 2) U9
accept-ranges: bytes

GET
H2 200 minicart.js Show response
www.doterra.com/_ui/desktop/common/js/custom/ 27 KB
6 KB 44ms
44ms Script
application/javascript 45.60.14.13
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.doterra.com/_ui/desktop/common/js/custom/minicart.js?1523675
Requested by: Host: www.doterra.com
URL: https://www.doterra.com/US/en/site//michellebonne
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 13b037e029d4d7031ef25766dc931fcf1237c78f6d7abbd316708c70f002647c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.doterra.com/US/en/site//michellebonne
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 07:03:51 GMT
content-encoding: gzip
last-modified: Fri, 07 Jun 2024 20:57:29 GMT
x-cdn: Imperva
etag: W/"28065-1717793849000"
content-type: application/javascript;charset=UTF-8
x-iinfo: 14-71895413-0 0CNN RT(1718089430800 1193) q(0 -1 -1 -1) r(0 -1)
content-length: 6305

GET
H2 200 lrp-datepicker.js Show response
www.doterra.com/_ui/desktop/common/js/custom/ 12 KB
3 KB 47ms
46ms Script
application/javascript 45.60.14.13
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.doterra.com/_ui/desktop/common/js/custom/lrp-datepicker.js?1523675
Requested by: Host: www.doterra.com
URL: https://www.doterra.com/US/en/site//michellebonne
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e4a1598eedc16549b01ded8c5ab0a6a1615fc8263c3e9b42d506f2068a4f9edb

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.doterra.com/US/en/site//michellebonne
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 07:03:52 GMT
content-encoding: gzip
last-modified: Fri, 07 Jun 2024 20:57:29 GMT
x-cdn: Imperva
etag: W/"20328-1717793849000"
content-type: application/javascript;charset=UTF-8
x-iinfo: 14-71895413-0 0CNN RT(1718089430800 1252) q(0 -1 -1 -1) r(0 -1)
content-length: 3199

GET
H2 200 wishlist.js Show response
www.doterra.com/_ui/desktop/common/js/custom/ 15 KB
3 KB 41ms
41ms Script
application/javascript 45.60.14.13
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.doterra.com/_ui/desktop/common/js/custom/wishlist.js?1523675
Requested by: Host: www.doterra.com
URL: https://www.doterra.com/US/en/site//michellebonne
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: a51fabd4d6463a9c46784bfde384e90a771f420e511db43b985239bc40786d0b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.doterra.com/US/en/site//michellebonne
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 07:03:52 GMT
content-encoding: gzip
last-modified: Fri, 07 Jun 2024 20:57:29 GMT
x-cdn: Imperva
etag: W/"15002-1717793849000"
content-type: application/javascript;charset=UTF-8
x-iinfo: 14-71895413-0 0CNN RT(1718089430800 1311) q(0 -1 -1 -1) r(0 -1)
content-length: 3347

GET
H2 200 gtm.js Show response
www.doterra.com/_ui/desktop/common/js/custom/ 669 B
327 B 42ms
42ms Script
application/javascript 45.60.14.13
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.doterra.com/_ui/desktop/common/js/custom/gtm.js?1523675
Requested by: Host: www.doterra.com
URL: https://www.doterra.com/US/en/site//michellebonne
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 462b6d1fcbf080a7e71e2f4840d3e223659f286000ce632f97a2115b544fccab

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.doterra.com/US/en/site//michellebonne
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 07:03:52 GMT
content-encoding: gzip
last-modified: Fri, 07 Jun 2024 20:57:29 GMT
x-cdn: Imperva
etag: W/"770-1717793849000"
content-type: application/javascript;charset=UTF-8
x-iinfo: 14-71895413-0 0CNN RT(1718089430800 1354) q(0 -1 -1 -1) r(0 -1)
content-length: 227

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
969 B 132ms
48ms Script
text/javascript 142.250.186.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit

Requested by

Host: www.doterra.com
URL: https://www.doterra.com/US/en/site//michellebonne

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f4.1e100.net

Software

GSE /

Resource Hash

cae443bb12ea2b1c7d2bce65473561ff6d09b5a847f36af1666bc6d2bee29d6d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.doterra.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 07:03:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 11 Jun 2024 07:03:52 GMT

GET
H2 200 doterraFormValidation.js Show response
www.doterra.com/_ui/desktop/common/js/custom/ 10 KB
3 KB 44ms
42ms Script
application/javascript 45.60.14.13
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.doterra.com/_ui/desktop/common/js/custom/doterraFormValidation.js?1523675
Requested by: Host: www.doterra.com
URL: https://www.doterra.com/US/en/site//michellebonne
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 4a4e09b1820b881e691aad148463d58c5fae5a4f05344b1ea090c822aef44c44

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.doterra.com/US/en/site//michellebonne
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 07:03:52 GMT
content-encoding: gzip
last-modified: Fri, 07 Jun 2024 20:57:29 GMT
x-cdn: Imperva
etag: W/"14728-1717793849000"
content-type: application/javascript;charset=UTF-8
x-iinfo: 14-71895413-0 0CNN RT(1718089430800 1373) q(0 -1 -1 -1) r(0 -1)
content-length: 2870

GET
H2 200 replicated-cache-clear.js Show response
www.doterra.com/_ui/desktop/common/js/custom/ 1 KB
662 B 51ms
49ms Script
application/javascript 45.60.14.13
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.doterra.com/_ui/desktop/common/js/custom/replicated-cache-clear.js?1523675
Requested by: Host: www.doterra.com
URL: https://www.doterra.com/US/en/site//michellebonne
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 38fa4d8a2f543af4954d138e292797ff7c77fa0e2cb0babfea178ccf8dd9d5c2

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.doterra.com/US/en/site//michellebonne
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 07:03:51 GMT
content-encoding: gzip
last-modified: Thu, 30 May 2024 21:16:24 GMT
x-cdn: Imperva
etag: W/"1578-1717103784000"
content-type: application/javascript;charset=UTF-8
x-iinfo: 14-71895413-71895477 2CNN RT(1718089430800 1374) q(0 0 0 -1) r(0 0) U18
content-length: 555

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 190ms
48ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:300,400,600,700,800,900&display=swap

Requested by

Host: www.doterra.com
URL: https://www.doterra.com/_ui/desktop/common/css/bootstrap-3-styles.css?1523675

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6675e032f31692bdecbd23748a6b56fb54cdfbd577cc7b7b6fe42798a68faf22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.doterra.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Jun 2024 07:03:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 11 Jun 2024 07:03:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Jun 2024 07:03:52 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
719 B 190ms
49ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:300,400,600,700,900&display=swap

Requested by

Host: www.doterra.com
URL: https://www.doterra.com/_ui/desktop/common/css/bootstrap-3-styles.css?1523675

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5b5ab979271c81231292a60acd062fcb42555ec514cf83b1eec4130c14e9a92d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.doterra.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Jun 2024 07:03:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 11 Jun 2024 07:03:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Jun 2024 07:03:52 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 374 KB
117 KB 172ms
83ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PHX657

Requested by

Host: www.doterra.com
URL: https://www.doterra.com/US/en/site//michellebonne

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1b61206af9cd4dd29be3c0f240607bde50082aa0446cd3c5943f4adfb6817918

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.doterra.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 07:03:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119489
x-xss-protection: 0
last-modified: Tue, 11 Jun 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 11 Jun 2024 07:03:52 GMT

GET
H2 200 notice Show response
consent.trustarc.com/ 37 KB
12 KB 168ms
83ms Script
text/javascript 18.238.243.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/notice?domain=doterra-cm1.com&c=teconsent&noticeType=bb&js=nj&text=true&gtm=1&language=en_US

Requested by

Host: www.doterra.com
URL: https://www.doterra.com/US/en/site//michellebonne

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.243.123 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-243-123.ams58.r.cloudfront.net

Software

Resource Hash

50ac4d2ecc81d4e724bb922bee9c26a0ff9e26c22bc6b6e77e0cc88d8b9dd6c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.doterra.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 07:03:52 GMT
content-encoding: gzip
via: 1.1 1d10719558a2481e0d462e12964f647a.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: AMS58-P1
vary: Accept-Encoding, Origin
x-cache: Miss from cloudfront
content-type: text/javascript; charset=UTF-8
cache-control: max-age=3600
x-amz-cf-id: ECEo8xDIz9BszMyd1lJmZnpDDAmjnXmp1-Hgnhygj18qviX7q73muw==

GET
H2 200 1718089432171 Show response
mydoterra.queue-it.net/javascriptqueue/mydoterra/hybbogofeb2019/ 391 B
924 B 636ms
209ms Script
application/javascript 35.161.188.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mydoterra.queue-it.net/javascriptqueue/mydoterra/hybbogofeb2019/1718089432171?t=https%3A%2F%2Fwww.doterra.com%2FUS%2Fen%2Fsite%2F%2Fmichellebonne&ver=js2.0.20
Requested by: Host: www.doterra.com
URL: https://www.doterra.com/US/en/site//michellebonne
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.161.188.241 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-161-188-241.us-west-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: 3c1a646a50040b78f5f5d18a2a325e8c3c56f609a7206d6643baa6f447273138

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.doterra.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 07:03:52 GMT
server: Kestrel
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
content-type: application/javascript
cache-control: no-store, no-cache
x-robots-tag: noindex
content-length: 391

GET
H2 200 spinner-brand.svg
www.doterra.com/_ui/desktop/common/images/wqa/ 87 KB
26 KB 243ms
242ms Image
image/svg+xml 45.60.14.13
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.doterra.com/_ui/desktop/common/images/wqa/spinner-brand.svg

Requested by

Host: www.doterra.com
URL: https://www.doterra.com/_ui/desktop/common/css/bootstrap-3-styles.css?1523675

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.13 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

a16c46c30c67912b971cb8a8c63051a65a7b41fb8b235c69c4accabe4fe59a71

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.doterra.com/_ui/desktop/common/css/bootstrap-3-styles.css?1523675
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 07:03:51 GMT
content-encoding: gzip
last-modified: Thu, 30 May 2024 21:16:24 GMT
x-cdn: Imperva
etag: W/"89159-1717103784000"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=UTF-8
x-iinfo: 14-71895413-71676313 pNYy RT(1718089430800 1432) q(0 0 0 -1) r(2 2) U19
accept-ranges: bytes

GET
H2 200 lavenderDesktop.jpg
www.doterra.com/_ui/desktop/common/assets-doterra/images/replicated-site/ 155 KB
156 KB 548ms
548ms Image
image/jpeg 45.60.14.13
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.doterra.com/_ui/desktop/common/assets-doterra/images/replicated-site/lavenderDesktop.jpg?907
Requested by: Host: www.doterra.com
URL: https://www.doterra.com/_ui/desktop/common/css/bootstrap-3-styles.css?1523675
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 46fed4ad84f360e1ac10edb0abca0eac25d788f7c2e5f27a093d0043f466a0bd

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.doterra.com/_ui/desktop/common/css/bootstrap-3-styles.css?1523675
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-iinfo: 14-71895413-71895477 2VNN RT(1718089430800 1442) q(0 0 0 -1) r(5 5) U18
date: Tue, 11 Jun 2024 07:03:52 GMT
last-modified: Thu, 30 May 2024 21:16:23 GMT
x-cdn: Imperva
etag: W/"158700-1717103783000"
content-length: 158700
content-type: image/jpeg;charset=UTF-8

GET
H/1.1 200
OK 8800579715102.jpg
doterra-prod-media1.s3.amazonaws.com/ha2/h64/ 24 KB
25 KB 676ms
231ms Image
image/jpeg 52.92.187.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doterra-prod-media1.s3.amazonaws.com/ha2/h64/8800579715102.jpg
Requested by: Host: www.doterra.com
URL: https://www.doterra.com/US/en/site//michellebonne
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.92.187.57 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 39932e4be1cf3bf23a1163f106d339ad9f053f2fe57850225416dddd4ee5d0a2

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.doterra.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 07:03:53 GMT
x-amz-version-id: pPlYoVU_pOYxJbKfV1LNXIQxFGdf33VR
x-amz-request-id: JK4SENMCBF3CD1XG
x-amz-replication-status: REPLICA
x-amz-meta-file-mtime: 1493835519000000000ns
x-amz-meta-file-atime: 1657826537151382150ns
x-amz-meta-file-group: 503
Content-Length: 24660
x-amz-id-2: EjZYFMn3LcwO82pk/qDOBq8xL1u+7tvr34sUdH8L5ocjIBW2tVmGQ7AgO5A+irfgkhznFVWM4js=
Last-Modified: Fri, 15 Jul 2022 15:36:33 GMT
Server: AmazonS3
x-amz-meta-file-permissions: 100664
ETag: "3cfb059c41eeb038b67599956bb4b8ac"
x-amz-meta-user-agent: aws-datasync
Content-Type: image/jpeg
x-amz-meta-file-owner: 503
Accept-Ranges: bytes

GET
H/1.1 200
OK 8800579682334.jpg
doterra-prod-media1.s3.amazonaws.com/h6a/hf9/ 40 KB
40 KB 678ms
234ms Image
image/jpeg 52.92.187.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doterra-prod-media1.s3.amazonaws.com/h6a/hf9/8800579682334.jpg
Requested by: Host: www.doterra.com
URL: https://www.doterra.com/US/en/site//michellebonne
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.92.187.57 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 78caf237e7bd6702310082aafc22ba202d2834996fa3c910d128f2302d4fd577

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.doterra.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 07:03:53 GMT
x-amz-version-id: eraT1EfbJQGgIHvViS71.wQ78fBzwYkA
x-amz-request-id: JK4YBMVXQC3WJ0DG
x-amz-replication-status: REPLICA
x-amz-meta-file-mtime: 1493835519000000000ns
x-amz-meta-file-atime: 1657755271526097800ns
x-amz-meta-file-group: 503
Content-Length: 40753
x-amz-id-2: VkxBtzQ3dQ4ZQBituPAYmPrQXq/JOSq0FPeYWPjEtAS12yhYZ4nCtP1b0WHjKTSnaXLUZTE5o9o=
Last-Modified: Fri, 15 Jul 2022 03:30:57 GMT
Server: AmazonS3
x-amz-meta-file-permissions: 100664
ETag: "6b0de3ec161c8f14db8fb9111d77726b"
x-amz-meta-user-agent: aws-datasync
Content-Type: image/jpeg
x-amz-meta-file-owner: 503
Accept-Ranges: bytes

GET
H/1.1 200
OK 8800579747870.jpg
doterra-prod-media1.s3.amazonaws.com/h04/h7a/ 63 KB
63 KB 677ms
233ms Image
image/jpeg 52.92.187.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doterra-prod-media1.s3.amazonaws.com/h04/h7a/8800579747870.jpg
Requested by: Host: www.doterra.com
URL: https://www.doterra.com/US/en/site//michellebonne
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 52.92.187.57 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4e187cb6b712a0170d08099c3b8e6a0847f079c60ff446b3c1fb1b5dd50bd562

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.doterra.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 07:03:53 GMT
x-amz-version-id: qY9yresc9D_fPncRH4KVjWF0uzIpCTON
x-amz-request-id: JK4YN4VJMY1Z11FY
x-amz-replication-status: REPLICA
x-amz-meta-file-mtime: 1493835519000000000ns
x-amz-meta-file-atime: 1657826537189382085ns
x-amz-meta-file-group: 503
Content-Length: 64260
x-amz-id-2: S6GwG/ESYNfiOkUorFHPGBEt1mtbhxrF+Ds87PSH71ulj+kEcyZbSRdtk9UHGQ/OYJcx3lHM7RM=
Last-Modified: Fri, 15 Jul 2022 22:24:31 GMT
Server: AmazonS3
x-amz-meta-file-permissions: 100664
ETag: "b3d36b31562d543e1a0e8aed76866a71"
x-amz-meta-user-agent: aws-datasync
Content-Type: image/jpeg
x-amz-meta-file-owner: 503
Accept-Ranges: bytes

GET
H2 200 icon-chevron-thin-down-blue-dark.svg
www.doterra.com/_ui/desktop/common/images/wqa/icons/ 1 KB
748 B 70ms
69ms Image
image/svg+xml 45.60.14.13
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.doterra.com/_ui/desktop/common/images/wqa/icons/icon-chevron-thin-down-blue-dark.svg
Requested by: Host: www.doterra.com
URL: https://www.doterra.com/_ui/desktop/common/css/bootstrap-3-styles.css?1523675
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 73e336238f841bb74b2f18ff731ca9e0b35f8432d39f5800c03beba526c18c07

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.doterra.com/_ui/desktop/common/css/bootstrap-3-styles.css?1523675
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 07:03:52 GMT
content-encoding: gzip
last-modified: Thu, 30 May 2024 21:16:24 GMT
x-cdn: Imperva
etag: W/"1269-1717103784000"
content-type: image/svg+xml;charset=UTF-8
x-iinfo: 14-71895413-0 0CNN RT(1718089430800 1445) q(0 -1 -1 -1) r(0 -1)
content-length: 634

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v34/ 47 KB
48 KB 127ms
40ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:300,400,600,700,800,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://www.doterra.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 14:12:47 GMT
x-content-type-options: nosniff
age: 579065
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48336
x-xss-protection: 0
last-modified: Wed, 01 May 2024 20:31:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Jun 2025 14:12:47 GMT

GET
H2 200 Parisienne.woff
www.doterra.com/_ui/desktop/common/assets-doterra/fonts/bootstrap/ 33 KB
34 KB 519ms
519ms Font
font/woff 45.60.14.13
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.doterra.com/_ui/desktop/common/assets-doterra/fonts/bootstrap/Parisienne.woff

Requested by

Host: www.doterra.com
URL: https://www.doterra.com/_ui/desktop/common/css/bootstrap-3-styles.css?1523675

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.13 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

95dd87dc5ee491d6b9c12296e5bba946db258f8e5512020328738dc6bb002fb1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.doterra.com/_ui/desktop/common/css/bootstrap-3-styles.css?1523675
Origin: https://www.doterra.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 07:03:52 GMT
last-modified: Thu, 30 May 2024 21:16:23 GMT
x-cdn: Imperva
etag: W/"33820-1717103783000"
x-frame-options: SAMEORIGIN
content-type: font/woff;charset=UTF-8
x-iinfo: 14-71895413-71888991 2NNN RT(1718089430800 1455) q(0 0 0 -1) r(5 5) U12
accept-ranges: bytes
content-length: 33820

GET
H/1.1 200
OK 13192617918494.png
doterra-prod-media1.s3.amazonaws.com/ha4/hca/ 4 KB
5 KB 679ms
232ms Image
image/png 52.92.187.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doterra-prod-media1.s3.amazonaws.com/ha4/hca/13192617918494.png
Requested by: Host: www.doterra.com
URL: https://www.doterra.com/US/en/site//michellebonne
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.92.187.57 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 02bf0953172eb43ce25854e2c452fb15d21575ee597897a69f061309ad7238c5

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.doterra.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 07:03:53 GMT
x-amz-version-id: NeI9RfljbVXpCA_FWTETnX4e4eYw6w3e
x-amz-request-id: JK4RAEEMQV9N3NXE
x-amz-replication-status: REPLICA
x-amz-meta-file-mtime: 1561277478000000000ns
x-amz-meta-file-atime: 1657792563448552091ns
x-amz-meta-file-group: 503
Content-Length: 4199
x-amz-id-2: 2jnlEjzrqhmrMUWQRI/1YIKwPzULw5vY/4vJd2tjKdtmvWuFDs26MBaI380zd3bgoUzJ6JDq9hA=
Last-Modified: Fri, 15 Jul 2022 16:07:58 GMT
Server: AmazonS3
x-amz-meta-file-permissions: 100664
ETag: "5c59848e2f0721b91e242a8419fbf8df"
x-amz-meta-user-agent: aws-datasync
Content-Type: image/png
x-amz-meta-file-owner: 503
Accept-Ranges: bytes

GET
H/1.1 200
OK 13192618082334.png
doterra-prod-media1.s3.amazonaws.com/hd2/h79/ 7 KB
8 KB 896ms
225ms Image
image/png 52.92.187.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doterra-prod-media1.s3.amazonaws.com/hd2/h79/13192618082334.png
Requested by: Host: www.doterra.com
URL: https://www.doterra.com/US/en/site//michellebonne
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.92.187.57 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: f066307d2ba5ed08fcb231085b174a3415d7e084b4956799f4b70cd328e8a8a0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.doterra.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 07:03:54 GMT
x-amz-version-id: 9c1Qo.co4BS.FE63dfkG5gtUTXJ_PRr8
x-amz-request-id: YN22MWMMKZERK5TD
x-amz-replication-status: REPLICA
x-amz-meta-file-mtime: 1561277478000000000ns
x-amz-meta-file-atime: 1657792563335552330ns
x-amz-meta-file-group: 503
Content-Length: 7408
x-amz-id-2: YkW6D1QlntJNmCaCpa09LiOZ0KB3A6Cg1oNmGeskmOcgVS83if6pEIzurBrcYWy2Lh28zaJiBww=
Last-Modified: Fri, 15 Jul 2022 06:10:28 GMT
Server: AmazonS3
x-amz-meta-file-permissions: 100664
ETag: "2b2e0b02d7b51838ac2e3c02eccd9528"
x-amz-meta-user-agent: aws-datasync
Content-Type: image/png
x-amz-meta-file-owner: 503
Accept-Ranges: bytes

GET
H/1.1 200
OK 13192618016798.png
doterra-prod-media1.s3.amazonaws.com/h95/h65/ 6 KB
7 KB 900ms
226ms Image
image/png 52.92.187.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doterra-prod-media1.s3.amazonaws.com/h95/h65/13192618016798.png
Requested by: Host: www.doterra.com
URL: https://www.doterra.com/US/en/site//michellebonne
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.92.187.57 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: e63be68d6cb16804453b518b8391225dc0e96a3e3fe816dba65bc072fb3a26a3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.doterra.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 07:03:54 GMT
x-amz-version-id: Sh87tasW3rxVWyJrOWatdf0AcLy3gB.E
x-amz-request-id: YN278PSM4J9QK92M
x-amz-replication-status: REPLICA
x-amz-meta-file-mtime: 1561277478000000000ns
x-amz-meta-file-atime: 1657826333104728326ns
x-amz-meta-file-group: 503
Content-Length: 6264
x-amz-id-2: Pgv4LuqNLVA10R7IazRnfmSZh/6+AURTx8di0LualLGlTbj1UAjpWJ7C7N5NYPAYC2PxtZJdmHg=
Last-Modified: Fri, 15 Jul 2022 12:54:01 GMT
Server: AmazonS3
x-amz-meta-file-permissions: 100664
ETag: "7b162a1ccde26c7296bace5b09f32197"
x-amz-meta-user-agent: aws-datasync
Content-Type: image/png
x-amz-meta-file-owner: 503
Accept-Ranges: bytes

GET
H/1.1 200
OK 13192617787422.png
doterra-prod-media1.s3.amazonaws.com/h5e/h2d/ 4 KB
4 KB 644ms
229ms Image
image/png 52.92.187.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doterra-prod-media1.s3.amazonaws.com/h5e/h2d/13192617787422.png
Requested by: Host: www.doterra.com
URL: https://www.doterra.com/US/en/site//michellebonne
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.92.187.57 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 82b851f9ae974acecd4494a1728c434bec91e750b240015d3b311e327056bd84

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.doterra.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 07:03:53 GMT
x-amz-version-id: hobcbegZatCbIOk2f3ygxZfWlGPF2Rfm
x-amz-request-id: JK4TS295A2VPT5A1
x-amz-replication-status: REPLICA
x-amz-meta-file-mtime: 1561277478000000000ns
x-amz-meta-file-atime: 1657792563544551889ns
x-amz-meta-file-group: 503
Content-Length: 3819
x-amz-id-2: o0M8HyVAjSt/ZjCL2HBXcOh71etXGtma+gq/LQF3rbiBeuDT8c6UZbxRvnXiNcr0m+eAH+05nCA=
Last-Modified: Fri, 15 Jul 2022 20:38:31 GMT
Server: AmazonS3
x-amz-meta-file-permissions: 100664
ETag: "48a4f69553feed4bf26b2872c3766ec4"
x-amz-meta-user-agent: aws-datasync
Content-Type: image/png
x-amz-meta-file-owner: 503
Accept-Ranges: bytes

GET
H/1.1 200
OK 13192618803230.png
doterra-prod-media1.s3.amazonaws.com/hfd/h13/ 4 KB
5 KB 649ms
234ms Image
image/png 52.92.187.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doterra-prod-media1.s3.amazonaws.com/hfd/h13/13192618803230.png
Requested by: Host: www.doterra.com
URL: https://www.doterra.com/US/en/site//michellebonne
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.92.187.57 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5aa199ee93adca02f93e6e2fe8af17ac8ea17ebe91a03af8c145b837efea28c6

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.doterra.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 07:03:53 GMT
x-amz-version-id: bWZPWLSCUrhZIUbYSU2QOSM6VyBNS1Kw
x-amz-request-id: JK4W47T32G0S6CMP
x-amz-replication-status: REPLICA
x-amz-meta-file-mtime: 1561277479000000000ns
x-amz-meta-file-atime: 1657792563621551727ns
x-amz-meta-file-group: 503
Content-Length: 4174
x-amz-id-2: p7IzsR/rRBi5LEFXkPbGsLsUFzCv/BAvIOtPAjlUQCNOXUWmLiQKIU1obLSdH37z4bGlUPBirNI=
Last-Modified: Fri, 15 Jul 2022 15:18:08 GMT
Server: AmazonS3
x-amz-meta-file-permissions: 100664
ETag: "059b86c34fc8bb9b0f9b9c62b858a1c5"
x-amz-meta-user-agent: aws-datasync
Content-Type: image/png
x-amz-meta-file-owner: 503
Accept-Ranges: bytes

GET
H2 200 spinner.gif
www.doterra.com/_ui/desktop/common/images/ 4 KB
4 KB 40ms
40ms Image
image/gif 45.60.14.13
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.doterra.com/_ui/desktop/common/images/spinner.gif
Requested by: Host: www.doterra.com
URL: https://www.doterra.com/US/en/site//michellebonne
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: d314e23674a93dcaa9bfb72041d7da79fdba406f2d042b416356da52dec4af55

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.doterra.com/US/en/site//michellebonne
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-iinfo: 14-71895413-0 0CNN RT(1718089430800 1473) q(0 -1 -1 -1) r(0 -1)
date: Tue, 11 Jun 2024 07:03:52 GMT
last-modified: Thu, 30 May 2024 21:16:23 GMT
x-cdn: Imperva
etag: W/"3990-1717103783000"
content-length: 3990
content-type: image/gif;charset=UTF-8

GET
H2 403 videos Show response
www.googleapis.com/youtube/v3/ 465 B
550 B 147ms
51ms XHR
application/json 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleapis.com/youtube/v3/videos?id=OEnKOk4ad0U&key=AIzaSyC3Hu7AUhct1i_5NLSWwrG3lgc50cCfLys%20&part=snippet

Requested by

Host: www.doterra.com
URL: https://www.doterra.com/US/en/site//michellebonne

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

07818b0854bb53af39ec11ca7338e0b047cc403bc96549e73f9617f6f8a2a527

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.doterra.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 07:03:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.doterra.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 212
x-xss-protection: 0

GET
H2 403 videos Show response
www.googleapis.com/youtube/v3/ 465 B
283 B 156ms
61ms XHR
application/json 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleapis.com/youtube/v3/videos?id=o_M4XsYaOxM&key=AIzaSyC3Hu7AUhct1i_5NLSWwrG3lgc50cCfLys%20&part=snippet

Requested by

Host: www.doterra.com
URL: https://www.doterra.com/US/en/site//michellebonne

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

07818b0854bb53af39ec11ca7338e0b047cc403bc96549e73f9617f6f8a2a527

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.doterra.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 07:03:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.doterra.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 212
x-xss-protection: 0

GET
H2 403 videos Show response
www.googleapis.com/youtube/v3/ 465 B
283 B 150ms
55ms XHR
application/json 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleapis.com/youtube/v3/videos?id=M7btq8eYavY&key=AIzaSyC3Hu7AUhct1i_5NLSWwrG3lgc50cCfLys%20&part=snippet

Requested by

Host: www.doterra.com
URL: https://www.doterra.com/US/en/site//michellebonne

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

07818b0854bb53af39ec11ca7338e0b047cc403bc96549e73f9617f6f8a2a527

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.doterra.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 07:03:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.doterra.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 212
x-xss-protection: 0

GET
H2 200 getBannerDetails Show response
www.doterra.com/US/en/ 143 B
694 B 236ms
236ms XHR
application/json 45.60.14.13
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.doterra.com/US/en/getBannerDetails

Requested by

Host: www.doterra.com
URL: https://www.doterra.com/US/en/site//michellebonne

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.13 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

0d9c820b8513f379548801f1acab020d1a365b2274d5609c36dbd6a704ae21a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json
Accept: text/plain, */*; q=0.01
Referer: https://www.doterra.com/US/en/site//michellebonne
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000 ; includeSubDomains
date: Tue, 11 Jun 2024 07:03:51 GMT
x-content-type-options: nosniff
content-encoding: gzip
x-cdn: Imperva
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8
x-iinfo: 14-71895413-71457337 pNYy RT(1718089430800 1497) q(0 0 0 -1) r(2 2) U2
cache-control: no-cache, no-store
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/9pvHvq7kSOTqqZusUzJ6ewaF/ 515 KB
205 KB 127ms
39ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/9pvHvq7kSOTqqZusUzJ6ewaF/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdcf5ef19dcd3005f0369e3482b28be21a70496f2d045f5a4a15d64523018a1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.doterra.com/
Origin: https://www.doterra.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 02:21:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16915
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 209755
x-xss-protection: 0
last-modified: Mon, 03 Jun 2024 04:00:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Jun 2025 02:21:57 GMT

GET
H2 200 get
consent.trustarc.com/ Frame 5FC8 0
0 115ms
38ms Document
text/html 18.238.243.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/get?name=crossdomain.html&domain=doterra-cm1.com

Requested by

Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=doterra-cm1.com&c=teconsent&noticeType=bb&js=nj&text=true&gtm=1&language=en_US

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.243.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-243-14.ams58.r.cloudfront.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.doterra.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 497
cache-control: max-age=2592000
content-encoding: gzip
content-type: text/html
date: Tue, 11 Jun 2024 06:55:35 GMT
pragma: public
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Origin
via: 1.1 e6ef76f348359a0bc64c007ab009ebd2.cloudfront.net (CloudFront)
x-amz-cf-id: rsGqV_2JiLkPELYnYgTPIp_oPzRm2w505obZlEXLiO7WQehk4iQcbw==
x-amz-cf-pop: AMS58-P1
x-cache: Hit from cloudfront

GET
H2 200 v1.7-518 Show response
consent.trustarc.com/asset/notice.js/v/ 93 KB
27 KB 124ms
46ms Script
text/javascript 18.238.243.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/asset/notice.js/v/v1.7-518

Requested by

Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=doterra-cm1.com&c=teconsent&noticeType=bb&js=nj&text=true&gtm=1&language=en_US

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.243.123 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-243-123.ams58.r.cloudfront.net

Software

Resource Hash

3ff80193262277c622c6aca0b7e948f6820649d50bc83fe6414eedb1b38fdddd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.doterra.com/
Origin: https://www.doterra.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Tue, 11 Jun 2024 07:02:43 GMT
content-encoding: gzip
via: 1.1 941049c97e511f86acc1525badae21c2.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 16 May 2024 02:51:23 GMT
x-amz-cf-pop: AMS58-P1
age: 70
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=2592000
x-amz-cf-id: 81mZmOBkYDS4sn4c9-8aN6x8IVaIkKDM9OqoaXmKiBViFS8whmTjUw==

GET
H2 200 log
consent.trustarc.com/ 43 B
1 KB 72ms
72ms Image
image/gif 18.238.243.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/log?domain=doterra-cm1.com&country=de&state=&behavior=implied&session=48b5e134-ff69-494a-a46e-0558fd3b928a&userType=NEW&c=e244

Requested by

Host: www.doterra.com
URL: https://www.doterra.com/US/en/site//michellebonne

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.243.123 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-243-123.ams58.r.cloudfront.net

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'; frame-ancestors https://.trustarc.com https://.prod.internal.trustarc.com https://.trustarc.eu https://.prod.internal.trustarc.eu https://.staging.internal.trustarc.com https://.trustarc-svc.net https://.truste-svc.net https://.qa.truste-svc.net https://.dev.truste-svc.net http://localhost: https://.nymity.com https://.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.doterra.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 07:03:52 GMT
content-security-policy: object-src 'none'; frame-ancestors https://*.trustarc.com https://*.prod.internal.trustarc.com https://*.trustarc.eu https://*.prod.internal.trustarc.eu https://*.staging.internal.trustarc.com https://*.trustarc-svc.net https://*.truste-svc.net https://*.qa.truste-svc.net https://*.dev.truste-svc.net http://localhost:* https://*.nymity.com https://*.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1d10719558a2481e0d462e12964f647a.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: AMS58-P1
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
cross-origin-opener-policy: cross-origin
expect-ct: enforce, max-age=60
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), camera=(), speaker=(), microphone=(), vibrate=()
x-amz-cf-id: nQft1-AIknJj6soyU5u9sqFmKnrr7NSXiFTylMHcRO7c98Td3yWXtA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 300 KB
101 KB 72ms
72ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XW71K6YFHT&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PHX657

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f1bd45636847cb94be6357e1ac47a841618e929f21304acde85c2cdac6f97d32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.doterra.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 07:03:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 103200
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 11 Jun 2024 07:03:52 GMT

GET
H2 200 fontawesome-webfont.woff2
www.doterra.com/_ui/desktop/common/assets-doterra/fonts/bootstrap/ 65 KB
66 KB 227ms
227ms Font
font/woff2 45.60.14.13
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.doterra.com/_ui/desktop/common/assets-doterra/fonts/bootstrap/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: www.doterra.com
URL: https://www.doterra.com/_ui/desktop/common/css/bootstrap-3-styles.css?1523675

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.13 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.doterra.com/_ui/desktop/common/css/bootstrap-3-styles.css?1523675
Origin: https://www.doterra.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 07:03:52 GMT
last-modified: Thu, 30 May 2024 21:16:23 GMT
x-cdn: Imperva
etag: W/"66624-1717103783000"
x-frame-options: SAMEORIGIN
content-type: font/woff2;charset=UTF-8
x-iinfo: 14-71895413-71676313 pNNy RT(1718089430800 1689) q(0 0 0 -1) r(2 2) U2
accept-ranges: bytes
content-length: 66624

GET
H2 200 get
consent.trustarc.com/ 174 KB
175 KB 47ms
46ms Font
application/octet-stream 18.238.243.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/get?name=Raleway-Regular.ttf

Requested by

Host: www.doterra.com
URL: https://www.doterra.com/US/en/site//michellebonne

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.243.123 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-243-123.ams58.r.cloudfront.net

Software

Resource Hash

20e4ae409ffbe8bfd2af14d7f717398408ae8b481005beccb83d62ef4052b681

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.doterra.com/
Origin: https://www.doterra.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Tue, 11 Jun 2024 06:10:48 GMT
via: 1.1 941049c97e511f86acc1525badae21c2.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: AMS58-P1
age: 3184
x-cache: Hit from cloudfront
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=2592000
content-length: 178520
x-amz-cf-id: T6HeQs5LX5OqfxSzRVdZ_8Y6Ue2QoBtqNMnJYF9uBEDdqpBAZCxS9Q==

GET
H2 200 get
consent.trustarc.com/ 175 KB
176 KB 47ms
46ms Font
application/octet-stream 18.238.243.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/get?name=Raleway-Bold.ttf

Requested by

Host: www.doterra.com
URL: https://www.doterra.com/US/en/site//michellebonne

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.243.123 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-243-123.ams58.r.cloudfront.net

Software

Resource Hash

ca9de8b3be7ccd4b80774a9c7dd56a98c49c276771c5957729b5958d1d579112

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.doterra.com/
Origin: https://www.doterra.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Tue, 11 Jun 2024 06:05:16 GMT
via: 1.1 941049c97e511f86acc1525badae21c2.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: AMS58-P1
age: 3516
x-cache: Hit from cloudfront
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=2592000
content-length: 179244
x-amz-cf-id: tdHwhLLe4ZIcBH4fXZlnSdZYxvGlU3awdP_hEXkvrcqp_ta7nEm7lw==

GET
H2 200 bannermsg
consent.trustarc.com/ 43 B
1 KB 76ms
75ms Image
image/gif 18.238.243.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/bannermsg?action=views&domain=doterra-cm1.com&behavior=implied&country=de&language=en&rand=0.754171736600824&session=48b5e134-ff69-494a-a46e-0558fd3b928a&userType=NEW

Requested by

Host: www.doterra.com
URL: https://www.doterra.com/US/en/site//michellebonne

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.243.123 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-243-123.ams58.r.cloudfront.net

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'; frame-ancestors https://.trustarc.com https://.prod.internal.trustarc.com https://.trustarc.eu https://.prod.internal.trustarc.eu https://.staging.internal.trustarc.com https://.trustarc-svc.net https://.truste-svc.net https://.qa.truste-svc.net https://.dev.truste-svc.net http://localhost: https://.nymity.com https://.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.doterra.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 07:03:52 GMT
content-security-policy: object-src 'none'; frame-ancestors https://*.trustarc.com https://*.prod.internal.trustarc.com https://*.trustarc.eu https://*.prod.internal.trustarc.eu https://*.staging.internal.trustarc.com https://*.trustarc-svc.net https://*.truste-svc.net https://*.qa.truste-svc.net https://*.dev.truste-svc.net http://localhost:* https://*.nymity.com https://*.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1d10719558a2481e0d462e12964f647a.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: AMS58-P1
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
cross-origin-opener-policy: cross-origin
expect-ct: enforce, max-age=60
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), camera=(), speaker=(), microphone=(), vibrate=()
x-amz-cf-id: pRN-eGD3kaTR4vykHDAOYRmAaQeOZvh67-zkd_jeP5JEg1YxEBtjbg==
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 136ms
50ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-XW71K6YFHT&gtm=45je4650h1v886967153z871674160za200zb71674160&_p=1718089432162&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=736284066.1718089433&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718089432&sct=1&seg=0&dl=https%3A%2F%2Fwww.doterra.com%2FUS%2Fen%2Fsite%2F%2Fmichellebonne&dt=Business%20Site%20Home%20Page%20%7C%20doTERRA%20Essential%20Oils&en=page_view&_fv=1&_nsi=1&_ss=1&ep.login_status=false&up.url_language_config=en&tfd=1920
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XW71K6YFHT&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.doterra.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 07:03:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.doterra.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 135ms
50ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-JP5T5508JH&gtm=45je4650h1v886967153z871674160za200zb71674160&_p=1718089432162&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=736284066.1718089433&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718089432&sct=1&seg=0&dl=https%3A%2F%2Fwww.doterra.com%2FUS%2Fen%2Fsite%2F%2Fmichellebonne&dt=Business%20Site%20Home%20Page%20%7C%20doTERRA%20Essential%20Oils&en=page_view&_fv=1&_ss=1&ep.login_status=false&up.url_language_config=en&tfd=1922
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XW71K6YFHT&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.doterra.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 07:03:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.doterra.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
245 B 121ms
49ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-XW71K6YFHT&gtm=45je4650h1v886967153z871674160za200zb71674160&_p=1718089432162&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=736284066.1718089433&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&sid=1718089432&sct=1&seg=0&dl=https%3A%2F%2Fwww.doterra.com%2FUS%2Fen%2Fsite%2F%2Fmichellebonne&dt=Business%20Site%20Home%20Page%20%7C%20doTERRA%20Essential%20Oils&en=wa_attribution&ep.login_status=false&ep.wa_attribution_type=RWP&ep.referrer_id=6765&ep.authentication_status=false&ep.wa_attribution_source=&_et=4&up.wa_attribution_type_user=RWP&up.referrer_id_user=6765&tfd=1935
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XW71K6YFHT&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.doterra.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 07:03:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.doterra.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 111ms
50ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-XW71K6YFHT&gtm=45je4650h1v886967153za200zb71674160&_p=1718089432162&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=736284066.1718089433&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=3&sid=1718089432&sct=1&seg=0&dl=https%3A%2F%2Fwww.doterra.com%2FUS%2Fen%2Fsite%2F%2Fmichellebonne&dt=Business%20Site%20Home%20Page%20%7C%20doTERRA%20Essential%20Oils&en=scroll&ep.login_status=false&epn.percent_scrolled=90&_et=9&tfd=1945
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XW71K6YFHT&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.doterra.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 07:03:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.doterra.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 128ms
39ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PHX657

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.doterra.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 11 Jun 2024 05:41:03 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4970
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 11 Jun 2024 07:41:03 GMT

GET
H2 200 favicon.ico
www.doterra.com/_ui/desktop/theme-green/images/ 1 KB
1 KB 41ms
41ms Other
image/x-icon 45.60.14.13
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.doterra.com/_ui/desktop/theme-green/images/favicon.ico?1523675
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 337ff04561fbeee6eea3abc63756a5ece81433f5bc7a2cafeaee9b4b83317cd3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.doterra.com/US/en/site//michellebonne
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-iinfo: 14-71895413-0 0CNN RT(1718089430800 2309) q(0 -1 -1 -1) r(0 -1)
date: Tue, 11 Jun 2024 07:03:53 GMT
last-modified: Thu, 30 May 2024 21:16:24 GMT
x-cdn: Imperva
etag: W/"1595-1717103784000"
content-length: 1049
content-type: image/x-icon;charset=UTF-8

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
208 B 49ms
48ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1387746870&t=pageview&_s=1&dl=https%3A%2F%2Fwww.doterra.com%2FUS%2Fen%2Fsite%2F%2Fmichellebonne&ul=de-de&de=UTF-8&dt=Business%20Site%20Home%20Page%20%7C%20doTERRA%20Essential%20Oils&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAAI~&jid=268888386&gjid=1496528438&cid=736284066.1718089433&uid=anonymous&tid=UA-28403841-1&_gid=1734577384.1718089433&_r=1&_slc=1&gtm=45He4650n71PHX657v71674160za200&cd3=6765&cd4=RWP&cd5=6765&cd6=RWP&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&npa=1&z=249039288

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.doterra.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 07:03:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.doterra.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 47ms
47ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-XW71K6YFHT&gtm=45je4650h1v886967153z871674160za200zb71674160&_p=1718089432162&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=736284066.1718089433&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=4&sid=1718089432&sct=1&seg=0&dl=https%3A%2F%2Fwww.doterra.com%2FUS%2Fen%2Fsite%2F%2Fmichellebonne&dt=Business%20Site%20Home%20Page%20%7C%20doTERRA%20Essential%20Oils&en=get_user_data&ep.login_status=false&ep.custom_client_id_event=736284066.1718089433&ep.authentication_status=false&_et=10&up.custom_client_id_user=736284066.1718089433&up.url_language_user=en&tfd=6946
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XW71K6YFHT&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.doterra.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 07:03:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.doterra.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

470 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.doterra.com/US/en/site/	1970-01-21 06:50:49	Name: fontBody Value: fontBody-loaded
www.doterra.com/US/en/site/	1970-01-21 06:50:49	Name: fontFA Value: fontFA-loaded
.mydoterra.com/	1970-01-21 05:59:54	Name: visid_incap_660953 Value: 3PoANpf3Re6d4iAo5zes+dX2Z2YAAAAAQUIPAAAAAADFWGRGg9L9xREdWFX0Ktp6
.mydoterra.com/	1969-12-31 23:59:59	Name: incap_ses_728_660953 Value: q+Z3dNbuTjITFO1HN2AaCtb2Z2YAAAAAdk6Xcrd2BCGfyYAZuV/z7g==
.mydoterra.com/	1970-01-20 21:43:43	Name: cfid Value: abcd56aa-a8f4-433b-a585-b756574b51c6
.mydoterra.com/	1970-01-20 21:43:43	Name: cftoken Value: 0
www.mydoterra.com/	1970-01-20 21:14:56	Name: cfid Value: abcd56aa-a8f4-433b-a585-b756574b51c6
www.mydoterra.com/	1970-01-20 21:14:56	Name: cftoken Value: 0
www.mydoterra.com/	1969-12-31 23:59:59	Name: SKIN Value: default
www.mydoterra.com/	1969-12-31 23:59:59	Name: LANGUAGE Value: en_dot
.doterra.com/	1969-12-31 23:59:59	Name: nlbi_661002 Value: d+dWYysJJU8YcLeRyFxrGQAAAABGxxx+VxoHeEuy+6k9129A
.doterra.com/	1970-01-21 05:59:54	Name: visid_incap_661002 Value: jo1bw07uTzu8HZ/fcnrg+Nb2Z2YAAAAAQUIPAAAAAAC+GaqFEzojriDW6V2u7HrZ
.doterra.com/	1969-12-31 23:59:59	Name: incap_ses_728_661002 Value: 4D5YTJpiLRztHe1HN2AaCtf2Z2YAAAAArcy74EYuYo4YSgz8RvXSIQ==
www.doterra.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: 99D2809AACE9DF6C1490642A61E94E29
www.doterra.com/	1969-12-31 23:59:59	Name: JSESSIONID-B2BACC Value: Y10-c43531a6-b8b4-49ab-83d3-610b4c706b9b
www.doterra.com/	1969-12-31 23:59:59	Name: DOTERRAF5 Value: 2120704100.10787.0000
.doterra.com/	1969-12-31 23:59:59	Name: doterra_login_language Value:
.doterra.com/	1969-12-31 23:59:59	Name: doterra_login_region Value:
.doterra.com/	1970-01-20 21:14:51	Name: TAsessionID Value: 48b5e134-ff69-494a-a46e-0558fd3b928a\|NEW
.doterra.com/	1969-12-31 23:59:59	Name: notice_behavior Value: implied,eu
www.doterra.com/	1970-01-20 21:58:01	Name: US-cart Value: b87cc2c4-50f8-46a6-affc-4b5dc52f7d93
.doterra.com/	1970-01-21 06:50:49	Name: _ga_JP5T5508JH Value: GS1.1.1718089432.1.0.1718089432.0.0.0
.doterra.com/	1970-01-21 06:50:49	Name: _ga_XW71K6YFHT Value: GS1.1.1718089432.1.0.1718089432.0.0.0
mydoterra.queue-it.net/	1970-01-20 21:14:53	Name: Queue-it-f14dbe6f-9a36-4415-aea8-c905e9d4a84e Value: WasRedirected=false&i=638536862327102920
.queue-it.net/	1970-01-21 06:00:25	Name: Queue-it Value: u=06ce5c74-2a97-4007-ad60-92b992ef4242
www.doterra.com/	1970-01-20 21:14:50	Name: QueueITAccepted-SDFrts345E-V3_hybbogofeb2019 Value: EventId%3Dhybbogofeb2019%26QueueId%3Df14dbe6f-9a36-4415-aea8-c905e9d4a84e%26RedirectType%3Dsafetynet%26IssueTime%3D1718089432%26Hash%3D7ce987e7152be8b33c2da95967ebf4be15b946f9853ed196439388275395f450
.doterra.com/	1970-01-21 06:50:49	Name: _ga Value: GA1.2.736284066.1718089433
.doterra.com/	1970-01-20 21:16:15	Name: _gid Value: GA1.2.1734577384.1718089433
.doterra.com/	1970-01-20 21:14:49	Name: _gat_UA-28403841-1 Value: 1

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.googleapis.com/youtube/v3/videos?id=OEnKOk4ad0U&key=AIzaSyC3Hu7AUhct1i_5NLSWwrG3lgc50cCfLys%20&part=snippet Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.googleapis.com/youtube/v3/videos?id=M7btq8eYavY&key=AIzaSyC3Hu7AUhct1i_5NLSWwrG3lgc50cCfLys%20&part=snippet Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.googleapis.com/youtube/v3/videos?id=o_M4XsYaOxM&key=AIzaSyC3Hu7AUhct1i_5NLSWwrG3lgc50cCfLys%20&part=snippet Message: Failed to load resource: the server responded with a status of 403 ()
other	warning	URL: https://www.doterra.com/US/en/site//michellebonne Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.doterra.com/US/en/site//michellebonne Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.doterra.com/US/en/site//michellebonne Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://shop.doterra.com;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

consent.trustarc.com
doterra-prod-media1.s3.amazonaws.com
fonts.googleapis.com
fonts.gstatic.com
my.doterra.com
mydoterra.queue-it.net
region1.google-analytics.com
www.doterra.com
www.google-analytics.com
www.google.com
www.googleapis.com
www.googletagmanager.com
www.gstatic.com
www.mydoterra.com
www.purchasedoterra.com
142.250.186.132
15.197.142.173
18.238.243.123
18.238.243.14
2001:4860:4802:34::36
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::200a
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2008
2a00:1450:4001:831::200a
35.161.188.241
45.60.14.13
52.92.187.57
02bf0953172eb43ce25854e2c452fb15d21575ee597897a69f061309ad7238c5
07818b0854bb53af39ec11ca7338e0b047cc403bc96549e73f9617f6f8a2a527
0d9c820b8513f379548801f1acab020d1a365b2274d5609c36dbd6a704ae21a4
13b037e029d4d7031ef25766dc931fcf1237c78f6d7abbd316708c70f002647c
1b61206af9cd4dd29be3c0f240607bde50082aa0446cd3c5943f4adfb6817918
1bd2de019bf3aae2c5075117ddd86594b82b2f1e81cefc25eebde0d0e72c378f
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
20e4ae409ffbe8bfd2af14d7f717398408ae8b481005beccb83d62ef4052b681
2677b7f3bb2e536f3e8175404c43f32b47a1dc4794e253ada74a4c129d3a79eb
2692e8ade174c4a044c4151c9e10d5a0c7ed655e184cc034762b7d08432a96b0
337ff04561fbeee6eea3abc63756a5ece81433f5bc7a2cafeaee9b4b83317cd3
38fa4d8a2f543af4954d138e292797ff7c77fa0e2cb0babfea178ccf8dd9d5c2
39932e4be1cf3bf23a1163f106d339ad9f053f2fe57850225416dddd4ee5d0a2
3c1a646a50040b78f5f5d18a2a325e8c3c56f609a7206d6643baa6f447273138
3ff80193262277c622c6aca0b7e948f6820649d50bc83fe6414eedb1b38fdddd
462b6d1fcbf080a7e71e2f4840d3e223659f286000ce632f97a2115b544fccab
46fed4ad84f360e1ac10edb0abca0eac25d788f7c2e5f27a093d0043f466a0bd
47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098
49c9409934a2063b20130b94eef27542a14d242d580a81edf51dbf437e346f57
4a4e09b1820b881e691aad148463d58c5fae5a4f05344b1ea090c822aef44c44
4e187cb6b712a0170d08099c3b8e6a0847f079c60ff446b3c1fb1b5dd50bd562
50ac4d2ecc81d4e724bb922bee9c26a0ff9e26c22bc6b6e77e0cc88d8b9dd6c0
528eb4900ccdd06e15447187e3b5e68f6563f7e4e4941cba627859b107441224
5a179d646eedca0e9fb69e6a212c6021af0b966ad805ab574f252f56a1bc115f
5aa199ee93adca02f93e6e2fe8af17ac8ea17ebe91a03af8c145b837efea28c6
5b5ab979271c81231292a60acd062fcb42555ec514cf83b1eec4130c14e9a92d
6675e032f31692bdecbd23748a6b56fb54cdfbd577cc7b7b6fe42798a68faf22
6c491b79876d6c39a829db3781a742a647326bf9f82cc20a6be26792a7f7b4f8
73e336238f841bb74b2f18ff731ca9e0b35f8432d39f5800c03beba526c18c07
78caf237e7bd6702310082aafc22ba202d2834996fa3c910d128f2302d4fd577
79a13356dfd0896ec23d163291fc033d8a2c2175a5b65edb365f8acf41a4ed49
7d3dfdb295d4883d88dff5141c2fdd652979037f103bdd9d10975236e5e1163e
82b851f9ae974acecd4494a1728c434bec91e750b240015d3b311e327056bd84
95dd87dc5ee491d6b9c12296e5bba946db258f8e5512020328738dc6bb002fb1
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9cebe70455a582abc5c41e22c2deca55d608ca704649176416b0cf567a8ce725
a16c46c30c67912b971cb8a8c63051a65a7b41fb8b235c69c4accabe4fe59a71
a51fabd4d6463a9c46784bfde384e90a771f420e511db43b985239bc40786d0b
ac1dbec7b37a039390412e39114b98ddff8512e132341556e3187b9a62fdafb1
af923402e0a697e8423887b2a9a41afccb006cc62f216abce1b0503bae24b0f8
ca9de8b3be7ccd4b80774a9c7dd56a98c49c276771c5957729b5958d1d579112
cae443bb12ea2b1c7d2bce65473561ff6d09b5a847f36af1666bc6d2bee29d6d
cbd82764e7daf201d9c8bd02638782c3710ecc4957679ff2e2a263047e88ec52
cfdc59eb84988d50c7863b94bf86f2a4a74b4394fb252a743348e7e89634910c
d314e23674a93dcaa9bfb72041d7da79fdba406f2d042b416356da52dec4af55
da298619609610ffc1ea0a37f6cb56bb48123da37a8d5fd211463eea72fb1c32
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3eb924e7ca0e9e9257c5a28508548a64254d5b3d13e5872a0617eeb8b6f53c9
e4a1598eedc16549b01ded8c5ab0a6a1615fc8263c3e9b42d506f2068a4f9edb
e5450eb469806ee7b2728aa2fcdb1ac5b62127fad36061f481cbf2492cdbb47b
e63be68d6cb16804453b518b8391225dc0e96a3e3fe816dba65bc072fb3a26a3
f066307d2ba5ed08fcb231085b174a3415d7e084b4956799f4b70cd328e8a8a0
f1bd45636847cb94be6357e1ac47a841618e929f21304acde85c2cdac6f97d32
fdcf5ef19dcd3005f0369e3482b28be21a70496f2d045f5a4a15d64523018a1d
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

www.doterra.com Open in urlscan Pro 45.60.14.13 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

65 Requests

100 %HTTPS

50 %IPv6

11 Domains

15 Subdomains

13 IPs

2 Countries

2164 kBTransfer

6866 kBSize

29 Cookies

7 Outgoing links

Page URL History

Redirected requests

65 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.doterra.com Open in urlscan Pro
45.60.14.13 Public Scan

Screenshot
Live screenshot

Full Image

65
Requests

100 %
HTTPS

50 %
IPv6

11
Domains

15
Subdomains

13
IPs

2
Countries

2164 kB
Transfer

6866 kB
Size

29
Cookies

65 HTTP transactions
0 data transactions