urlscan.io logo urlscan.io
SecurityTrails logo

www.mydoterra.com Open in urlscan Pro
45.60.14.13  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://aromabalanz.ch/
Effective URL: https://www.mydoterra.com/aromabalanz/
Submission: On October 14 via api from CH — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 4 countries across 11 domains to perform 46 HTTP transactions. The main IP is 45.60.14.13, located in United States and belongs to INCAPSULA, US. The main domain is www.mydoterra.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on April 19th 2024. Valid for: a year.
This is the only time www.mydoterra.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 2001:1600:0:a... 29222 (INFOMANIA...)
22 45.60.14.13 19551 (INCAPSULA)
4 104.18.10.207 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
7 13.224.189.92 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
4 104.17.25.14 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 216.58.206.35 15169 (GOOGLE)
1 45.60.243.189 19551 (INCAPSULA)
1 18.245.46.28 16509 (AMAZON-02)
46 10
2    2001:1600:0:aaaa::2:14 (Switzerland)

ASN29222 (INFOMANIAK-AS, CH)
aromabalanz.ch
aromabalanz.com
22    45.60.14.13 (United States)

ASN19551 (INCAPSULA, US)
www.mydoterra.com
4    104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
2    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    13.224.189.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-92.fra2.r.cloudfront.net
consent.trustarc.com
2    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
4    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    216.58.206.35 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f3.1e100.net
fonts.gstatic.com
1    45.60.243.189 (United States)

ASN19551 (INCAPSULA, US)
doterra.myvoffice.com
1    18.245.46.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-28.fra56.r.cloudfront.net
media.doterra.com
Apex Domain
Subdomains		 Transfer
22 mydoterra.com
www.mydoterra.com
309 KB
7 trustarc.com
consent.trustarc.com — Cisco Umbrella Rank: 3434
391 KB
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220
23 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
ajax.googleapis.com — Cisco Umbrella Rank: 412
71 KB
4 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1113
119 KB
2 gstatic.com
fonts.gstatic.com
40 KB
1 doterra.com
media.doterra.com — Cisco Umbrella Rank: 529700
34 KB
1 myvoffice.com
doterra.myvoffice.com
681 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
87 KB
1 aromabalanz.com
aromabalanz.com
202 B
1 aromabalanz.ch
aromabalanz.ch
184 B
46 11
Domain Requested by
22 www.mydoterra.com www.mydoterra.com
ajax.googleapis.com
7 consent.trustarc.com www.mydoterra.com
consent.trustarc.com
4 cdnjs.cloudflare.com www.mydoterra.com
4 maxcdn.bootstrapcdn.com www.mydoterra.com
maxcdn.bootstrapcdn.com
2 fonts.gstatic.com fonts.googleapis.com
2 ajax.googleapis.com www.mydoterra.com
2 fonts.googleapis.com www.mydoterra.com
1 media.doterra.com www.mydoterra.com
1 doterra.myvoffice.com www.mydoterra.com
1 www.googletagmanager.com www.mydoterra.com
1 aromabalanz.com 1 redirects
1 aromabalanz.ch 1 redirects
46 12
Subject Issuer Validity Valid
*.mydoterra.com
Go Daddy Secure Certificate Authority - G2		 2024-04-19 -
2025-05-21		 a year crt.sh
bootstrapcdn.com
WE1		 2024-09-20 -
2024-12-19		 3 months crt.sh
upload.video.google.com
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh
*.trustarc.com
Amazon RSA 2048 M02		 2024-03-16 -
2025-04-14		 a year crt.sh
cdnjs.cloudflare.com
WE1		 2024-09-28 -
2024-12-27		 3 months crt.sh
*.google-analytics.com
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh
*.gstatic.com
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh
*.myvoffice.com
Go Daddy Secure Certificate Authority - G2		 2023-10-30 -
2024-11-20		 a year crt.sh
*.doterra.com
Go Daddy Secure Certificate Authority - G2		 2024-02-28 -
2025-03-31		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.mydoterra.com/aromabalanz/
Frame ID: 8965DA13EC412B6D9A095F23DD626C2F
Requests: 45 HTTP requests in this frame

Frame: https://consent.trustarc.com/get?name=crossdomain.html&domain=doterra-cm1.com
Frame ID: CEDFC0C461CFF93D4C9F147C55F6D0AE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sheila Maniam-Seiler | My Doterra

Page URL History Show full URLs

  1. https://aromabalanz.ch/ HTTP 301
    http://aromabalanz.com/ HTTP 307
    https://aromabalanz.com/ HTTP 301
    https://www.mydoterra.com/aromabalanz/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
  • \bangular.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • /_Incapsula_Resource
Overall confidence: 100%
Detected patterns
  • consent\.trustarc\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

46
Requests

100 %
HTTPS

36 %
IPv6

11
Domains

12
Subdomains

10
IPs

4
Countries

1756 kB
Transfer

2497 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://aromabalanz.ch/ HTTP 301
    http://aromabalanz.com/ HTTP 307
    https://aromabalanz.com/ HTTP 301
    https://www.mydoterra.com/aromabalanz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.mydoterra.com/aromabalanz/
Redirect Chain
  • https://aromabalanz.ch/
  • http://aromabalanz.com/
  • https://aromabalanz.com/
  • https://www.mydoterra.com/aromabalanz/
12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mydoterra.com/aromabalanz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache /
Resource Hash
0be2e3c16afe60c6e1310e3bad1e14b2a3b0ec88641869e770cf0d0670927833
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://shop.doterra.com;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-security-policy
frame-ancestors 'self' https://shop.doterra.com;
content-type
text/html;charset=UTF-8
date
Mon, 14 Oct 2024 10:23:29 GMT
p3p
CP='PUB OTRo'
server
Apache
x-cdn
Imperva
x-iinfo
10-31933109-31933118 NNYN CT(167 341 0) RT(1728901408031 43) q(0 0 5 0) r(8 8) U12

Redirect headers

content-length
287
content-type
text/html; charset=utf-8
date
Mon, 14 Oct 2024 10:23:28 GMT
location
https://www.mydoterra.com/aromabalanz/#/
server
gunicorn
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/aromabalanz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.mydoterra.com/

Response headers

cdn-status
200
content-encoding
br
cf-cache-status
HIT
etag
W/"269550530cc127b6aa5a35925a7de6ce"
age
794114
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 14 Oct 2024 10:23:29 GMT
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-cachedat
03/18/2024 12:28:12
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
7a1c9dbc32c16186eedda7c8c11c4540
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.04
cf-ray
8d26dab34aa0bc0b-ZRH
access-control-allow-origin
*
cdn-edgestorageid
1078
server
cloudflare
cdn-requestcountrycode
DE
css
fonts.googleapis.com/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/aromabalanz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c3061c3788ad5783ef8a5d10c454bafe7eb942c48200dccc852cc6d3c9f303d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.mydoterra.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 14 Oct 2024 10:23:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 14 Oct 2024 10:23:30 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 14 Oct 2024 09:12:38 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/ 		757 B
792 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Parisienne
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/aromabalanz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d1ec32cc9ef8973e80694965d612621669486d134c836aa49ca4894f13e28863
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.mydoterra.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 14 Oct 2024 10:23:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 14 Oct 2024 10:23:30 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 14 Oct 2024 10:18:55 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		118 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/aromabalanz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.mydoterra.com/

Response headers

cdn-status
200
content-encoding
gzip
cf-cache-status
HIT
etag
W/"ec3bb52a00e176a7181d454dffaea219"
age
6903793
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 14 Oct 2024 10:23:29 GMT
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-cachedat
10/31/2023 19:15:06
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
c83fee2ffb8cb55535eaeb2520d7c34a
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.04
cf-ray
8d26dab34a9bbc0b-ZRH
access-control-allow-origin
*
cdn-edgestorageid
940
server
cloudflare
cdn-requestcountrycode
US
base.css
www.mydoterra.com/custom/DefaultTheme/styles/ 		45 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mydoterra.com/custom/DefaultTheme/styles/base.css
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/aromabalanz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
73acb5e8adb18a3e34339d5ba277ec25e3e5f1e1c012835da4ff7b3ea94d6a4f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.mydoterra.com/aromabalanz/

Response headers

x-iinfo
10-31933109-0 0CNN RT(1728901408031 1453) q(0 -1 -1 -1) r(0 -1)
content-encoding
gzip
etag
"b46c-55785bdbb7840"
x-cdn
Imperva
content-length
8633
date
Mon, 14 Oct 2024 10:23:29 GMT
last-modified
Thu, 24 Aug 2017 20:33:29 GMT
content-type
text/css
overrides.css
www.mydoterra.com/custom/DefaultTheme/eur/en/css/ 		60 B
167 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mydoterra.com/custom/DefaultTheme/eur/en/css/overrides.css
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/aromabalanz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
c2296278ebe9c08e7188bd192d8402674e6e32d03b8702c101d7fe1138db13f6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.mydoterra.com/aromabalanz/

Response headers

x-iinfo
10-31933109-31927543 2CNN RT(1728901408031 1455) q(0 0 0 -1) r(0 0) U18
content-encoding
gzip
etag
"4b-61f9328f40c00"
x-cdn
Imperva
content-length
64
date
Mon, 14 Oct 2024 10:23:29 GMT
last-modified
Tue, 13 Aug 2024 16:32:48 GMT
content-type
text/css
notice
consent.trustarc.com/ 		37 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/notice?domain=doterra-cm1.com&c=teconsent&noticeType=bb&js=nj&text=true
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/aromabalanz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-92.fra2.r.cloudfront.net
Software
/
Resource Hash
15ff086e89b03e1437f4a007c2e3a278b30dd6a005f83a73b7c3fabf4742832e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.mydoterra.com
Referer
https://www.mydoterra.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=3600
access-control-expose-headers
*
content-encoding
gzip
via
1.1 5a5b94c62ea85e0c0d78b169589b08b4.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amz-cf-id
x7nsf2Q3jAUEQXxLvIen0bMTXfER0UDCdKAzq6wV1ky9-_VNZD8v_Q==
date
Mon, 14 Oct 2024 10:23:30 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
x-amz-cf-pop
FRA2-C1
angular.min.js
ajax.googleapis.com/ajax/libs/angularjs/1.2.19/ 		104 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/angularjs/1.2.19/angular.min.js
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/aromabalanz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2bb5eb93141002fda502969d8933f1468e9214522b54c3d5874060f178620a96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.mydoterra.com/

Response headers

content-encoding
gzip
age
525789
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Wed, 08 Oct 2025 08:20:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 08:20:21 GMT
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
39543
x-xss-protection
0
server
sffe
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/aromabalanz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.mydoterra.com/

Response headers

content-encoding
gzip
age
343046
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Fri, 10 Oct 2025 11:06:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 10 Oct 2024 11:06:04 GMT
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
30244
x-xss-protection
0
server
sffe
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/aromabalanz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.mydoterra.com/

Response headers

cdn-status
200
content-encoding
br
cf-cache-status
HIT
etag
W/"5869c96cc8f19086aee625d670d741f9"
age
10913852
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 14 Oct 2024 10:23:29 GMT
last-modified
Mon, 25 Jan 2021 22:04:00 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-cachedat
03/18/2024 12:13:26
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
3e4803ebcd67682eccd326d11a83c865
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.04
cf-ray
8d26dab34a9dbc0b-ZRH
access-control-allow-origin
*
cdn-edgestorageid
1047
server
cloudflare
cdn-requestcountrycode
DE
angular-route.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.19/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.19/angular-route.min.js
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/aromabalanz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97dc1b09cc47d58053751719f8bbb810020eeb5ad617b0fe3502fc1ca04c6ccb
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.mydoterra.com/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03d24-f5d"
age
2828129
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dn6SDY9%2FiWO3vhgw4g4ZB3JrBsvKcrsGfED0dqX3ErqRrGzReNJj977dnydvZhULZgd92Oyxf3kxT5wCwqWyJC6wk%2FPTFLDLXMCIJpAYdNo%2BSp1j1Rqy%2FZGCJ7KsFd4SR3seCzBf"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sat, 04 Oct 2025 10:23:29 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 14 Oct 2024 10:23:29 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:04:52 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8d26dab359d1bb10-ZRH
accept-ranges
bytes
access-control-allow-origin
*
content-length
1675
server
cloudflare
angular-resource.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.19/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.19/angular-resource.min.js
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/aromabalanz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3191b032c7b3b5757a69c2f86aa7202f149db2d57193bb3538c393928bb2135
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.mydoterra.com/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03d24-cff"
age
492038
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=McsA1EUs18zqRY3NBI88XDOooq219Xh2lugKVv6bQccpJ36qryXy2yE3VoT3N%2B%2FxKpiTNMIbIjJ12oFSgCbsv6lLyiDjpO92GeftTPBFx2ED0Zwfo89Lo%2BdJvz4nWXMwpMxrm4FP"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sat, 04 Oct 2025 10:23:29 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 14 Oct 2024 10:23:29 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:04:52 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8d26dab38a2cbb10-ZRH
accept-ranges
bytes
access-control-allow-origin
*
content-length
1507
server
cloudflare
angular-sanitize.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.19/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.19/angular-sanitize.min.js
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/aromabalanz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6934ed9da5c03a8ebf35411fae11ecb9e9f9d5f973a56036f3112651f3823c9a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.mydoterra.com/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03d24-115c"
age
931156
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fcIEFo5Lk%2F9WUo49ygEHgWwXMtyEqyBQlrlqvFx6XRFC7ys41d7jQAJDCnducPRFP4G8Cwm9g48KLit6dQMyrTAgsijzwvP%2F0%2B1PrJrccjt9%2BBflyNgUnP2S6UJNQnPOaFlEDiG7"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sat, 04 Oct 2025 10:23:29 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 14 Oct 2024 10:23:29 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:04:52 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8d26dab3ba6dbb10-ZRH
accept-ranges
bytes
access-control-allow-origin
*
content-length
2115
server
cloudflare
ui-bootstrap-tpls.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-bootstrap/0.12.1/ 		64 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-bootstrap/0.12.1/ui-bootstrap-tpls.min.js
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/aromabalanz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
390e12a57f4ff47bc24866532dc585354b8240a678cfaaf17e885ec7e71f5c18
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.mydoterra.com/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03d23-fea3"
age
877087
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IKg2tfZzFVdAJPFEH%2FKo5b4hw7iLKvHj7%2BXNxSST1vWXMY1KnVjPeutdzuv7Jvor4E6e85DJHVG%2FTxdYiysvxIVRL7RbRIkDqMAPlh81XfSraG36r7sRlVXEjANsnbLRqVHafOiG"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sat, 04 Oct 2025 10:23:29 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 14 Oct 2024 10:23:29 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:04:51 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8d26dab3ca8cbb10-ZRH
accept-ranges
bytes
access-control-allow-origin
*
content-length
15677
server
cloudflare
mm-foundation-tpls-0.5.1.min.js
www.mydoterra.com/custom/DefaultTheme/lib/angular-foundation/ 		48 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mydoterra.com/custom/DefaultTheme/lib/angular-foundation/mm-foundation-tpls-0.5.1.min.js
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/aromabalanz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e54031af9e37007e48ee124df9280204b9fe29e12aa194c14978914415ca42c8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.mydoterra.com/aromabalanz/

Response headers

x-iinfo
10-31933109-0 0CNN RT(1728901408031 1456) q(0 -1 -1 -1) r(0 -1)
content-encoding
gzip
etag
"c27c-61f9328f40c00"
x-cdn
Imperva
content-length
13676
date
Mon, 14 Oct 2024 10:23:29 GMT
last-modified
Tue, 13 Aug 2024 16:32:48 GMT
content-type
application/javascript
angulartics.js
www.mydoterra.com/custom/DefaultTheme/lib/angulartics-0.17.2/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mydoterra.com/custom/DefaultTheme/lib/angulartics-0.17.2/angulartics.js
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/aromabalanz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
d8020ab3fb0d1d24847e1f1573738c752f2d105f0538eafa525e337a7c0486a3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.mydoterra.com/aromabalanz/

Response headers

x-iinfo
10-31933109-0 0CNN RT(1728901408031 1457) q(0 -1 -1 -1) r(0 -1)
content-encoding
gzip
etag
"2528-61f9328f40c00"
x-cdn
Imperva
content-length
1858
date
Mon, 14 Oct 2024 10:23:29 GMT
last-modified
Tue, 13 Aug 2024 16:32:48 GMT
content-type
application/javascript
angulartics-ga.js
www.mydoterra.com/custom/DefaultTheme/lib/angulartics-0.17.2/ 		2 KB
661 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mydoterra.com/custom/DefaultTheme/lib/angulartics-0.17.2/angulartics-ga.js
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/aromabalanz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
55fdbb2dcb6251cf3ed8e0aaf6df3be022bf49f3d2b342981c93c2aade834947

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.mydoterra.com/aromabalanz/

Response headers

x-iinfo
10-31933109-0 0cNN RT(1728901408031 1458) q(0 -1 -1 -1) r(0 -1)
content-encoding
gzip
etag
"d5b-61f9328f40c00"
x-cdn
Imperva
content-length
562
date
Mon, 14 Oct 2024 10:23:29 GMT
last-modified
Tue, 13 Aug 2024 16:32:48 GMT
content-type
application/javascript
app.js
www.mydoterra.com/custom/DefaultTheme/eur/en/js/ 		392 B
355 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mydoterra.com/custom/DefaultTheme/eur/en/js/app.js
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/aromabalanz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
568c15a22dae575f16358b495f44421b2d584e5a5e45477ec272e5fddf9ec9e3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.mydoterra.com/aromabalanz/

Response headers

x-iinfo
10-31933109-31927551 2CNN RT(1728901408031 1459) q(0 0 0 -1) r(0 0) U18
content-encoding
gzip
etag
"1b0-61f9328f40c00"
x-cdn
Imperva
content-length
227
date
Mon, 14 Oct 2024 10:23:28 GMT
last-modified
Tue, 13 Aug 2024 16:32:48 GMT
content-type
application/javascript
controllers.js
www.mydoterra.com/custom/DefaultTheme/eur/en/js/ 		3 KB
1014 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mydoterra.com/custom/DefaultTheme/eur/en/js/controllers.js
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/aromabalanz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
fcd6bd21e563612fe1e95e112e19707763ac106336df1cb02ac5e9a1513d013b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.mydoterra.com/aromabalanz/

Response headers

x-iinfo
10-31933109-31927543 2CNN RT(1728901408031 1459) q(0 0 0 -1) r(0 0) U18
content-encoding
gzip
etag
"166f-61f9328f40c00"
x-cdn
Imperva
content-length
908
date
Mon, 14 Oct 2024 10:23:29 GMT
last-modified
Tue, 13 Aug 2024 16:32:48 GMT
content-type
application/javascript
services.js
www.mydoterra.com/custom/DefaultTheme/eur/en/js/ 		893 B
583 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mydoterra.com/custom/DefaultTheme/eur/en/js/services.js
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/aromabalanz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
81aafb31636bce952e5b841606e9b39e39fa93094d34b9f7350488134ac51786

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.mydoterra.com/aromabalanz/

Response headers

x-iinfo
10-31933109-31927546 2CNN RT(1728901408031 1460) q(0 0 0 -1) r(0 0) U18
content-encoding
gzip
etag
"60a-61f9328f40c00"
x-cdn
Imperva
content-length
478
date
Mon, 14 Oct 2024 10:23:28 GMT
last-modified
Tue, 13 Aug 2024 16:32:48 GMT
content-type
application/javascript
directives.js
www.mydoterra.com/custom/DefaultTheme/eur/en/js/ 		749 B
508 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mydoterra.com/custom/DefaultTheme/eur/en/js/directives.js
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/aromabalanz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
0a163b77181a4a5663b3178f26a3719ff8c5e8435573d94cf7cccb198a81a270

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.mydoterra.com/aromabalanz/

Response headers

x-iinfo
10-31933109-31932264 2CNN RT(1728901408031 1461) q(0 0 0 -1) r(0 0) U18
content-encoding
gzip
etag
"66e-61f9328f40c00"
x-cdn
Imperva
content-length
404
date
Mon, 14 Oct 2024 10:23:29 GMT
last-modified
Tue, 13 Aug 2024 16:32:48 GMT
content-type
application/javascript
base.js
www.mydoterra.com/custom/DefaultTheme/eur/en/js/ 		2 KB
698 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mydoterra.com/custom/DefaultTheme/eur/en/js/base.js
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/aromabalanz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
6063a6420352aaf0a01352f14e30c33fb0cc542df679665697873ec767fb52c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.mydoterra.com/aromabalanz/

Response headers

x-iinfo
10-31933109-31928657 2CNN RT(1728901408031 1462) q(0 0 0 -1) r(0 0) U18
content-encoding
gzip
etag
"bd6-61f9328f40c00"
x-cdn
Imperva
content-length
593
date
Mon, 14 Oct 2024 10:23:29 GMT
last-modified
Tue, 13 Aug 2024 16:32:48 GMT
content-type
application/javascript
_Incapsula_Resource
www.mydoterra.com/ 		85 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mydoterra.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=796894140
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/aromabalanz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
87834ae8360de57dae50cdd3189986eeea62aecd7bc9c7d8ca168a75c2e5aa66

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.mydoterra.com/aromabalanz/

Response headers

x-robots-tag
noindex
cache-control
no-cache, no-store
content-encoding
gzip
content-length
20593
content-type
application/javascript
gtm.js
www.googletagmanager.com/ 		249 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KKCSWT4
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/aromabalanz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
06c899e0bd8dba507cf855a5b9df52613c89aeed7ca7fe82e015819a93d1cb00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.mydoterra.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Mon, 14 Oct 2024 10:23:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 14 Oct 2024 10:23:30 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 14 Oct 2024 09:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
88455
x-xss-protection
0
server
Google Tag Manager
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f3.1e100.net
Software
sffe /
Resource Hash
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.mydoterra.com
Referer
https://fonts.googleapis.com/

Response headers

age
549271
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 08 Oct 2025 01:48:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 01:48:59 GMT
last-modified
Thu, 14 Dec 2023 02:00:39 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18668
x-xss-protection
0
server
sffe
_Incapsula_Resource
www.mydoterra.com/ 		1 B
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mydoterra.com/_Incapsula_Resource?SWKMTFSR=1&e=0.991379373917799
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/aromabalanz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.mydoterra.com/aromabalanz/

Response headers

x-robots-tag
noindex
cache-control
no-cache, no-store
content-length
1
content-type
text/plain
main.html
www.mydoterra.com/aromabalanz/templates/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.mydoterra.com/aromabalanz/templates/main.html
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.2.19/angular.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache /
Resource Hash
36113d1be5938b4a336773775bf3ed52e1c3f9aa85833337092c345fcd5769cf
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://shop.doterra.com;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://www.mydoterra.com/aromabalanz/

Response headers

x-iinfo
10-31933109-31933118 PNYN RT(1728901408031 2912) q(0 0 0 -1) r(2 2) U12
content-security-policy
frame-ancestors 'self' https://shop.doterra.com;
content-encoding
gzip
x-cdn
Imperva
p3p
CP='PUB OTRo'
date
Mon, 14 Oct 2024 10:23:31 GMT
content-type
text/html;charset=UTF-8
server
Apache
get
consent.trustarc.com/ Frame CEDF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/get?name=crossdomain.html&domain=doterra-cm1.com
Requested by
Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=doterra-cm1.com&c=teconsent&noticeType=bb&js=nj&text=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-92.fra2.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.mydoterra.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age
3390
cache-control
max-age=2592000
content-encoding
gzip
content-type
text/html
date
Mon, 14 Oct 2024 09:27:01 GMT
pragma
public
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding Origin
via
1.1 172e63b20fb363ed969de28ae3937e20.cloudfront.net (CloudFront)
x-amz-cf-id
4ySCuEtsOcM1ukF8rVTuCCg44klGvqVgPUhfGviktFT1sN2F9r1cvA==
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
v1.7-504
consent.trustarc.com/asset/notice.js/v/ 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/asset/notice.js/v/v1.7-504
Requested by
Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=doterra-cm1.com&c=teconsent&noticeType=bb&js=nj&text=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-92.fra2.r.cloudfront.net
Software
/
Resource Hash
ea452041e2a080dde60b253797884b42af24197c86bcb0514d2526908d11f1d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.mydoterra.com
Referer
https://www.mydoterra.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=2592000
access-control-expose-headers
*
content-encoding
gzip
pragma
public
age
2510
via
1.1 5a5b94c62ea85e0c0d78b169589b08b4.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
dh3uKjV8JD-EiGOs_NW9LqG61n-xeGTipTtlCd6ib4LW4nynPbCVuA==
date
Mon, 14 Oct 2024 09:41:41 GMT
content-type
text/javascript
last-modified
Wed, 9 Oct 2024 01:59:13 GMT
vary
Accept-Encoding
x-amz-cf-pop
FRA2-C1
log
consent.trustarc.com/ 		43 B
429 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent.trustarc.com/log?domain=doterra-cm1.com&country=ch&state=&behavior=implied&session=9479c921-44bd-4a22-b9a8-d9b42fc2b8b0&userType=NEW&c=f2c0&referer=https://www.mydoterra.com&language=de
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/aromabalanz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-92.fra2.r.cloudfront.net
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.mydoterra.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
via
1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
expires
Mon, 26 Jul 1997 05:00:00 GMT
x-cache
Miss from cloudfront
content-length
43
x-amz-cf-id
pfyAbXTBbhbzvDiY70AYGysGFVnRzETD8lwK5igThbAi7ul0A1DRdw==
date
Mon, 14 Oct 2024 10:23:31 GMT
content-type
image/gif
x-amz-cf-pop
FRA2-C1
vary
Origin
template.json
www.mydoterra.com/custom/DefaultTheme/eur/en/models/ 		3 KB
991 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.mydoterra.com/custom/DefaultTheme/eur/en/models/template.json
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.2.19/angular.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache /
Resource Hash
0f6ad7a14392a21c30b291d6cfef93ec3977c7facfdbe0f0184d7b7840e39043
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://shop.doterra.com;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://www.mydoterra.com/aromabalanz/

Response headers

x-iinfo
10-31933109-31933118 PNYN RT(1728901408031 3465) q(0 0 0 -1) r(2 2) U12
content-security-policy
frame-ancestors 'self' https://shop.doterra.com;
content-encoding
gzip
etag
"ae1-61f9328f40c00"
x-cdn
Imperva
accept-ranges
bytes
date
Mon, 14 Oct 2024 10:23:32 GMT
last-modified
Tue, 13 Aug 2024 16:32:48 GMT
content-type
application/json
server
Apache
content.json
www.mydoterra.com/custom/DefaultTheme/eur/en/models/ 		27 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.mydoterra.com/custom/DefaultTheme/eur/en/models/content.json
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.2.19/angular.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache /
Resource Hash
ff9d4359aecbd6b32294cb923a3bc2a8fa6ac7013a780c06314437360d44c935
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://shop.doterra.com;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://www.mydoterra.com/aromabalanz/

Response headers

x-iinfo
10-31933109-31933238 NNYY CT(172 352 0) RT(1728901408031 3467) q(0 0 0 -1) r(2 4) U12
content-security-policy
frame-ancestors 'self' https://shop.doterra.com;
content-encoding
gzip
etag
"6ae4-61f9328f40c00"
x-cdn
Imperva
accept-ranges
bytes
date
Mon, 14 Oct 2024 10:23:32 GMT
last-modified
Tue, 13 Aug 2024 16:32:48 GMT
content-type
application/json
server
Apache
home.html
www.mydoterra.com/aromabalanz/partials/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.mydoterra.com/aromabalanz/partials/home.html
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.2.19/angular.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache /
Resource Hash
29df36502dac0ac904887f0a7d5535897d2f50738e21acc76004bb47c72bd9a9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://shop.doterra.com;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://www.mydoterra.com/aromabalanz/

Response headers

x-iinfo
10-31933109-31933240 NNYY CT(172 350 0) RT(1728901408031 3468) q(0 0 0 -1) r(3 3) U12
content-security-policy
frame-ancestors 'self' https://shop.doterra.com;
content-encoding
gzip
x-cdn
Imperva
p3p
CP='PUB OTRo'
date
Mon, 14 Oct 2024 10:23:32 GMT
content-type
text/html;charset=UTF-8
server
Apache
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.mydoterra.com
Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Response headers

cdn-status
200
cf-cache-status
HIT
etag
"af7ae505a9eed503f8b8e6982036873e"
age
10876732
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 14 Oct 2024 10:23:32 GMT
content-type
font/woff2
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat
10/31/2023 19:08:24
cdn-cache
HIT
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
ca39b907be1b18682ef836f006450cd4
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.04
cf-ray
8d26dac0faa1bc60-ZRH
accept-ranges
bytes
access-control-allow-origin
*
content-length
77160
cdn-edgestorageid
752
server
cloudflare
cdn-requestcountrycode
DE
logo.png
www.mydoterra.com/custom/DefaultTheme/img/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mydoterra.com/custom/DefaultTheme/img/logo.png
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/aromabalanz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
c887ec65ddb0d346b2448fd1bc6594c879fa4c3c239b8e9131994fbc6b8bd183

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.mydoterra.com/aromabalanz/

Response headers

x-iinfo
10-31933109-31932264 2CNN RT(1728901408031 3759) q(0 0 0 -1) r(0 0) U18
content-length
26573
etag
"8c0e-61f9328f40c00"
date
Mon, 14 Oct 2024 10:23:31 GMT
last-modified
Tue, 13 Aug 2024 16:32:48 GMT
content-type
image/png
x-cdn
Imperva
get
consent.trustarc.com/ 		174 KB
175 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/get?name=Raleway-Regular.ttf
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/aromabalanz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-92.fra2.r.cloudfront.net
Software
/
Resource Hash
20e4ae409ffbe8bfd2af14d7f717398408ae8b481005beccb83d62ef4052b681
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.mydoterra.com
Referer
https://www.mydoterra.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=2592000
access-control-expose-headers
*
pragma
public
age
1072
via
1.1 5a5b94c62ea85e0c0d78b169589b08b4.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
178520
x-amz-cf-id
TqacTLw2DxPDQdfyyRzighVGmyUU1YYsfmnzHhhWtL278ot08Bfm2g==
date
Mon, 14 Oct 2024 10:05:40 GMT
content-type
application/octet-stream
x-amz-cf-pop
FRA2-C1
get
consent.trustarc.com/ 		175 KB
176 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/get?name=Raleway-Bold.ttf
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/aromabalanz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-92.fra2.r.cloudfront.net
Software
/
Resource Hash
ca9de8b3be7ccd4b80774a9c7dd56a98c49c276771c5957729b5958d1d579112
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.mydoterra.com
Referer
https://www.mydoterra.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=2592000
access-control-expose-headers
*
pragma
public
age
3289
via
1.1 5a5b94c62ea85e0c0d78b169589b08b4.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
179244
x-amz-cf-id
4MnsfVFxt2E-u3153N7bSg3pgvQ_e2D7aUwguVsSMLt-43vuapMqqw==
date
Mon, 14 Oct 2024 09:28:43 GMT
content-type
application/octet-stream
x-amz-cf-pop
FRA2-C1
bannermsg
consent.trustarc.com/ 		43 B
429 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent.trustarc.com/bannermsg?action=views&domain=doterra-cm1.com&behavior=implied&country=ch&language=de&rand=0.3852628865233203&session=9479c921-44bd-4a22-b9a8-d9b42fc2b8b0&userType=NEW&referer=https://www.mydoterra.com
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/aromabalanz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-92.fra2.r.cloudfront.net
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.mydoterra.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
via
1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
expires
Mon, 26 Jul 1997 05:00:00 GMT
x-cache
Miss from cloudfront
content-length
43
x-amz-cf-id
xQTkwsmr7KMLGOLYsyDFCyhNEk6sg__4tXMVCJqt4SQAPmHvHLpMVA==
date
Mon, 14 Oct 2024 10:23:32 GMT
content-type
image/gif
x-amz-cf-pop
FRA2-C1
vary
Origin
SheilaJPEG.jpg
doterra.myvoffice.com/users/903/3106903/ 		677 KB
681 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doterra.myvoffice.com/users/903/3106903/SheilaJPEG.jpg
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/aromabalanz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.243.189 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache /
Resource Hash
e5c511e4450649de8a9c932981df28ec594af26eabf9ad5822153445cd56d645
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://shop.doterra.com;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.mydoterra.com/

Response headers

x-iinfo
11-31275995-31275324 2NNN RT(1728901412166 52) q(0 0 0 13) r(8 8) U18
content-security-policy
frame-ancestors 'self' https://shop.doterra.com;
etag
"a95e7-58774d4668d40"
x-cdn
Imperva
accept-ranges
bytes
content-length
693735
date
Mon, 14 Oct 2024 10:23:33 GMT
last-modified
Fri, 26 Apr 2019 20:32:13 GMT
content-type
image/jpeg
server
Apache
lavenderDesktop.jpg
www.mydoterra.com/custom/DefaultTheme/img/backgrounds/ 		155 KB
155 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mydoterra.com/custom/DefaultTheme/img/backgrounds/lavenderDesktop.jpg
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/custom/DefaultTheme/styles/base.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
46fed4ad84f360e1ac10edb0abca0eac25d788f7c2e5f27a093d0043f466a0bd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.mydoterra.com/custom/DefaultTheme/styles/base.css

Response headers

x-iinfo
10-31933109-0 0cNN RT(1728901408031 3997) q(0 -1 -1 -1) r(0 -1)
content-length
158700
etag
"26f66-61f9328f40c00"
date
Mon, 14 Oct 2024 10:23:32 GMT
last-modified
Tue, 13 Aug 2024 16:32:48 GMT
content-type
image/jpeg
x-cdn
Imperva
why429x286.jpg
www.mydoterra.com/custom/DefaultTheme/img/thumbs/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mydoterra.com/custom/DefaultTheme/img/thumbs/why429x286.jpg
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/aromabalanz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
78caf237e7bd6702310082aafc22ba202d2834996fa3c910d128f2302d4fd577

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.mydoterra.com/aromabalanz/

Response headers

x-iinfo
10-31933109-0 0CNN RT(1728901408031 4074) q(0 -1 -1 -1) r(0 -1)
content-length
40753
etag
"a2d3-61f9328f40c00"
date
Mon, 14 Oct 2024 10:23:32 GMT
last-modified
Tue, 13 Aug 2024 16:32:48 GMT
content-type
image/jpeg
x-cdn
Imperva
what429x286.jpg
www.mydoterra.com/custom/DefaultTheme/img/thumbs/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mydoterra.com/custom/DefaultTheme/img/thumbs/what429x286.jpg
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/aromabalanz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
39932e4be1cf3bf23a1163f106d339ad9f053f2fe57850225416dddd4ee5d0a2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.mydoterra.com/aromabalanz/

Response headers

x-iinfo
10-31933109-0 0CNN RT(1728901408031 4075) q(0 -1 -1 -1) r(0 -1)
content-length
24660
etag
"6415-61f9328f40c00"
date
Mon, 14 Oct 2024 10:23:32 GMT
last-modified
Tue, 13 Aug 2024 16:32:48 GMT
content-type
image/jpeg
x-cdn
Imperva
hh-429x286.jpg
media.doterra.com/gb/images/replicated-site/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.doterra.com/gb/images/replicated-site/hh-429x286.jpg
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/aromabalanz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-28.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
46dfb2ce6d6a0a3a5d237aa10e0f80a16579c24d334f357077f0c95465c7bfc5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.mydoterra.com/

Response headers

x-cache
Hit from cloudfront
etag
"786b529c190c0220dec8e976b7803c2e"
age
17486
via
1.1 f0393fc6725f4d719cff14263a50d286.cloudfront.net (CloudFront)
accept-ranges
bytes
x-amz-meta-origin-date-iso8601
2019-11-26T20:59:02.176Z
content-length
34579
x-amz-cf-id
KkWklzMuY2XVewZYodd4tRx9mrXuc6ERvrazFqDHKoFsOTvLKDMOJg==
date
Mon, 14 Oct 2024 05:39:42 GMT
content-type
image/jpeg
last-modified
Tue, 26 Nov 2019 21:25:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P9
E21i_d3kivvAkxhLEVZpQyhwDw.woff2
fonts.gstatic.com/s/parisienne/v13/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/parisienne/v13/E21i_d3kivvAkxhLEVZpQyhwDw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Parisienne
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f3.1e100.net
Software
sffe /
Resource Hash
cf3c285d1ec1ee935746c475ca71e20d9f1fc3b5d62166e2523acdd0737e239c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.mydoterra.com
Referer
https://fonts.googleapis.com/

Response headers

age
555309
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 08 Oct 2025 00:08:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 00:08:23 GMT
last-modified
Mon, 09 May 2022 18:42:00 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
22600
x-xss-protection
0
server
sffe
favicon.png
www.mydoterra.com/custom/DefaultTheme/img/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.mydoterra.com/custom/DefaultTheme/img/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
337ff04561fbeee6eea3abc63756a5ece81433f5bc7a2cafeaee9b4b83317cd3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.mydoterra.com/aromabalanz/

Response headers

x-iinfo
10-31933109-0 0CNN RT(1728901408031 7021) q(0 -1 -1 -1) r(0 -1)
content-length
1049
etag
"63b-61f9328f40c00"
date
Mon, 14 Oct 2024 10:23:35 GMT
last-modified
Tue, 13 Aug 2024 16:32:48 GMT
content-type
image/png
x-cdn
Imperva

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| MY_DOMAIN boolean| REQUIRE_USER_EXPRESSED_PERMISSION object| _STATE function| runOnce function| getBehavior function| handleAPIResponse function| activateElement object| dataLayer object| angular number| ng339 function| $ function| jQuery object| angulartics object| app string| dist_id object| _0x5d12 function| _0x25d1 object| numberA object| truste function| shouldRepop function| shouldResolveConsent string| userType object| $temp_box_overlay object| $temp_closebtn_style object| $temp_inner_iframe object| google_tag_manager object| google_tag_data function| _truste_eu object| PREF_MGR_API_DEBUG object| PrivacyManagerAPI object| TRUSTE_CMAPI_DEBUG number| homeHeightPercentage number| homeHeightOffsetFactor

13 Cookies

Domain/Path Name / Value
.mydoterra.com/ Name: cfid
Value: e2a7bd63-820c-415f-82c6-efe9ba058198
.mydoterra.com/ Name: cftoken
Value: 0
www.mydoterra.com/ Name: cfid
Value: e2a7bd63-820c-415f-82c6-efe9ba058198
www.mydoterra.com/ Name: cftoken
Value: 0
www.mydoterra.com/ Name: MYCOUNTRY
Value: EO
www.mydoterra.com/ Name: LANGUAGE
Value: en_uk
www.mydoterra.com/ Name: REPLICATEDSITE_OWNERID
Value: 253359
.mydoterra.com/ Name: visid_incap_660953
Value: Qr/wWWAcSHuJJL4ItTm/ECDxDGcAAAAAQUIPAAAAAAAJXIA1TYPdZ8KkxBhPRCVr
.mydoterra.com/ Name: incap_ses_447_660953
Value: 0cBHf1rf+RDzxH+nUhA0BiDxDGcAAAAAAfIYj7nHF5BxGrV7nqRQBQ==
.mydoterra.com/ Name: TAsessionID
Value: 9479c921-44bd-4a22-b9a8-d9b42fc2b8b0|NEW
.mydoterra.com/ Name: notice_behavior
Value: implied,eu
www.mydoterra.com/ Name: FIRST_PWS_HIT
Value: 0
www.mydoterra.com/ Name: SKIN
Value: default

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' https://shop.doterra.com;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
aromabalanz.ch
aromabalanz.com
cdnjs.cloudflare.com
consent.trustarc.com
doterra.myvoffice.com
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
media.doterra.com
www.googletagmanager.com
www.mydoterra.com
104.17.25.14
104.18.10.207
13.224.189.92
18.245.46.28
2001:1600:0:aaaa::2:14
216.58.206.35
2a00:1450:4001:812::200a
2a00:1450:4001:827::2008
2a00:1450:4001:830::200a
45.60.14.13
45.60.243.189
06c899e0bd8dba507cf855a5b9df52613c89aeed7ca7fe82e015819a93d1cb00
0a163b77181a4a5663b3178f26a3719ff8c5e8435573d94cf7cccb198a81a270
0be2e3c16afe60c6e1310e3bad1e14b2a3b0ec88641869e770cf0d0670927833
0f6ad7a14392a21c30b291d6cfef93ec3977c7facfdbe0f0184d7b7840e39043
15ff086e89b03e1437f4a007c2e3a278b30dd6a005f83a73b7c3fabf4742832e
20e4ae409ffbe8bfd2af14d7f717398408ae8b481005beccb83d62ef4052b681
29df36502dac0ac904887f0a7d5535897d2f50738e21acc76004bb47c72bd9a9
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2bb5eb93141002fda502969d8933f1468e9214522b54c3d5874060f178620a96
337ff04561fbeee6eea3abc63756a5ece81433f5bc7a2cafeaee9b4b83317cd3
36113d1be5938b4a336773775bf3ed52e1c3f9aa85833337092c345fcd5769cf
390e12a57f4ff47bc24866532dc585354b8240a678cfaaf17e885ec7e71f5c18
39932e4be1cf3bf23a1163f106d339ad9f053f2fe57850225416dddd4ee5d0a2
46dfb2ce6d6a0a3a5d237aa10e0f80a16579c24d334f357077f0c95465c7bfc5
46fed4ad84f360e1ac10edb0abca0eac25d788f7c2e5f27a093d0043f466a0bd
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
55fdbb2dcb6251cf3ed8e0aaf6df3be022bf49f3d2b342981c93c2aade834947
568c15a22dae575f16358b495f44421b2d584e5a5e45477ec272e5fddf9ec9e3
6063a6420352aaf0a01352f14e30c33fb0cc542df679665697873ec767fb52c3
6934ed9da5c03a8ebf35411fae11ecb9e9f9d5f973a56036f3112651f3823c9a
73acb5e8adb18a3e34339d5ba277ec25e3e5f1e1c012835da4ff7b3ea94d6a4f
78caf237e7bd6702310082aafc22ba202d2834996fa3c910d128f2302d4fd577
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
81aafb31636bce952e5b841606e9b39e39fa93094d34b9f7350488134ac51786
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
87834ae8360de57dae50cdd3189986eeea62aecd7bc9c7d8ca168a75c2e5aa66
97dc1b09cc47d58053751719f8bbb810020eeb5ad617b0fe3502fc1ca04c6ccb
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
b3191b032c7b3b5757a69c2f86aa7202f149db2d57193bb3538c393928bb2135
c2296278ebe9c08e7188bd192d8402674e6e32d03b8702c101d7fe1138db13f6
c3061c3788ad5783ef8a5d10c454bafe7eb942c48200dccc852cc6d3c9f303d4
c887ec65ddb0d346b2448fd1bc6594c879fa4c3c239b8e9131994fbc6b8bd183
ca9de8b3be7ccd4b80774a9c7dd56a98c49c276771c5957729b5958d1d579112
cf3c285d1ec1ee935746c475ca71e20d9f1fc3b5d62166e2523acdd0737e239c
d1ec32cc9ef8973e80694965d612621669486d134c836aa49ca4894f13e28863
d8020ab3fb0d1d24847e1f1573738c752f2d105f0538eafa525e337a7c0486a3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e54031af9e37007e48ee124df9280204b9fe29e12aa194c14978914415ca42c8
e5c511e4450649de8a9c932981df28ec594af26eabf9ad5822153445cd56d645
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
ea452041e2a080dde60b253797884b42af24197c86bcb0514d2526908d11f1d5
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fcd6bd21e563612fe1e95e112e19707763ac106336df1cb02ac5e9a1513d013b
ff9d4359aecbd6b32294cb923a3bc2a8fa6ac7013a780c06314437360d44c935