urlscan.io logo urlscan.io
SecurityTrails logo

www.mydoterra.com Open in urlscan Pro
45.60.14.13  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.sonjas-aromazauber.de/
Effective URL: https://www.mydoterra.com/sonjaott1/
Submission: On April 21 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 10 domains to perform 46 HTTP transactions. The main IP is 45.60.14.13, located in United States and belongs to INCAPSULA, US. The main domain is www.mydoterra.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on April 21st 2023. Valid for: a year.
This is the only time www.mydoterra.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 85.13.152.27 34788 (NMM-AS D)
1 1 45.60.102.13 19551 (INCAPSULA)
1 23 45.60.14.13 19551 (INCAPSULA)
4 104.18.11.207 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
6 13.225.78.57 16509 (AMAZON-02)
4 104.17.25.14 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 13.225.78.35 16509 (AMAZON-02)
1 45.60.243.189 19551 (INCAPSULA)
1 18.245.46.44 16509 (AMAZON-02)
46 10
1    85.13.152.27 (Germany)

ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE)
PTR: dd35008.kasserver.com
www.sonjas-aromazauber.de
1    45.60.102.13 (United States)

ASN19551 (INCAPSULA, US)
mydoterra.com
23    45.60.14.13 (United States)

ASN19551 (INCAPSULA, US)
www.mydoterra.com
4    104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
4    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
ajax.googleapis.com
6    13.225.78.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-57.fra2.r.cloudfront.net
consent.trustarc.com
4    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    13.225.78.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-35.fra2.r.cloudfront.net
consent.trustarc.com
1    45.60.243.189 (United States)

ASN19551 (INCAPSULA, US)
doterra.myvoffice.com
1    18.245.46.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-44.fra56.r.cloudfront.net
media.doterra.com
Apex Domain
Subdomains		 Transfer
24 mydoterra.com
mydoterra.com
www.mydoterra.com
309 KB
7 trustarc.com
consent.trustarc.com — Cisco Umbrella Rank: 3211
391 KB
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
23 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
ajax.googleapis.com — Cisco Umbrella Rank: 363
71 KB
4 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1139
114 KB
2 gstatic.com
fonts.gstatic.com
41 KB
1 doterra.com
media.doterra.com — Cisco Umbrella Rank: 472552
34 KB
1 myvoffice.com
doterra.myvoffice.com
31 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
79 KB
1 sonjas-aromazauber.de
www.sonjas-aromazauber.de
100 B
46 10
Domain Requested by
23 www.mydoterra.com 1 redirects www.mydoterra.com
ajax.googleapis.com
7 consent.trustarc.com www.mydoterra.com
consent.trustarc.com
4 cdnjs.cloudflare.com www.mydoterra.com
4 maxcdn.bootstrapcdn.com www.mydoterra.com
maxcdn.bootstrapcdn.com
2 fonts.gstatic.com fonts.googleapis.com
2 ajax.googleapis.com www.mydoterra.com
2 fonts.googleapis.com www.mydoterra.com
1 media.doterra.com
1 doterra.myvoffice.com
1 www.googletagmanager.com www.mydoterra.com
1 mydoterra.com 1 redirects
1 www.sonjas-aromazauber.de 1 redirects
46 12
Subject Issuer Validity Valid
*.mydoterra.com
Go Daddy Secure Certificate Authority - G2		 2023-04-21 -
2024-05-22		 a year crt.sh
bootstrapcdn.com
GTS CA 1P5		 2024-03-27 -
2024-06-25		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
*.trustarc.com
Amazon RSA 2048 M02		 2024-03-16 -
2025-04-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
*.myvoffice.com
Go Daddy Secure Certificate Authority - G2		 2023-10-30 -
2024-11-20		 a year crt.sh
*.doterra.com
Go Daddy Secure Certificate Authority - G2		 2024-02-28 -
2025-03-31		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.mydoterra.com/sonjaott1/
Frame ID: 775844A877E13F23A80417EF5706658C
Requests: 45 HTTP requests in this frame

Frame: https://consent.trustarc.com/get?name=crossdomain.html&domain=doterra-cm1.com
Frame ID: 3D652CF0218FC404BD070BFF7AFC417F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sonja Ott | My Doterra

Page URL History Show full URLs

  1. https://www.sonjas-aromazauber.de/ HTTP 301
    http://mydoterra.com/sonjaott1 HTTP 307
    https://mydoterra.com/sonjaott1 HTTP 302
    http://www.mydoterra.com/sonjaott1 HTTP 307
    https://www.mydoterra.com/sonjaott1 HTTP 301
    https://www.mydoterra.com/sonjaott1/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
  • \bangular.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • /_Incapsula_Resource
Overall confidence: 100%
Detected patterns
  • consent\.trustarc\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

46
Requests

100 %
HTTPS

25 %
IPv6

10
Domains

12
Subdomains

10
IPs

3
Countries

1094 kB
Transfer

1882 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.sonjas-aromazauber.de/ HTTP 301
    http://mydoterra.com/sonjaott1 HTTP 307
    https://mydoterra.com/sonjaott1 HTTP 302
    http://www.mydoterra.com/sonjaott1 HTTP 307
    https://www.mydoterra.com/sonjaott1 HTTP 301
    https://www.mydoterra.com/sonjaott1/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.mydoterra.com/sonjaott1/
Redirect Chain
  • https://www.sonjas-aromazauber.de/
  • http://mydoterra.com/sonjaott1
  • https://mydoterra.com/sonjaott1
  • http://www.mydoterra.com/sonjaott1
  • https://www.mydoterra.com/sonjaott1
  • https://www.mydoterra.com/sonjaott1/
12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mydoterra.com/sonjaott1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache /
Resource Hash
41010d84bd5aa0be4238024228750abe46bb6c96c7e964ab0183468aed0936f2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://shop.doterra.com;

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-security-policy
frame-ancestors 'self' https://shop.doterra.com;
content-type
text/html;charset=UTF-8
date
Sun, 21 Apr 2024 16:21:37 GMT
p3p
CP='PUB OTRo'
server
Apache
x-cdn
Imperva
x-iinfo
7-64387724-64387727 PNYN RT(1713716495674 729) q(0 0 0 -1) r(2 2) U12

Redirect headers

content-length
311
content-security-policy
frame-ancestors 'self' https://shop.doterra.com;
content-type
text/html; charset=iso-8859-1
date
Sun, 21 Apr 2024 16:21:37 GMT
location
https://www.mydoterra.com/sonjaott1/
server
Apache
x-cdn
Imperva
x-iinfo
7-64387724-64387727 NNNN CT(171 358 0) RT(1713716495674 11) q(0 0 6 0) r(7 7) U11
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/sonjaott1/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.mydoterra.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 16:21:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
1078
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
2621168
cdn-cachedat
03/18/2024 12:28:12
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"269550530cc127b6aa5a35925a7de6ce"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
5e4d53437a90cba0ca0545e9504ae32b
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
877eb54e3c469f17-FRA
cdn-requestpullsuccess
True
css
fonts.googleapis.com/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/sonjaott1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c3061c3788ad5783ef8a5d10c454bafe7eb942c48200dccc852cc6d3c9f303d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.mydoterra.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 21 Apr 2024 16:21:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 21 Apr 2024 14:52:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 21 Apr 2024 16:21:37 GMT
css
fonts.googleapis.com/ 		757 B
456 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Parisienne
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/sonjaott1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d1ec32cc9ef8973e80694965d612621669486d134c836aa49ca4894f13e28863
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.mydoterra.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 21 Apr 2024 16:21:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 21 Apr 2024 16:17:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 21 Apr 2024 16:21:37 GMT
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/sonjaott1/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.mydoterra.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 16:21:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
940
age
1453052
cdn-cachedat
10/31/2023 19:15:06
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"ec3bb52a00e176a7181d454dffaea219"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
c83fee2ffb8cb55535eaeb2520d7c34a
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
877eb54e3c489f17-FRA
cdn-requestpullsuccess
True
base.css
www.mydoterra.com/custom/DefaultTheme/styles/ 		45 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mydoterra.com/custom/DefaultTheme/styles/base.css
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/sonjaott1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
73acb5e8adb18a3e34339d5ba277ec25e3e5f1e1c012835da4ff7b3ea94d6a4f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.mydoterra.com/sonjaott1/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 16:21:36 GMT
content-encoding
gzip
last-modified
Thu, 24 Aug 2017 20:33:29 GMT
x-cdn
Imperva
etag
"b46c-55785bdbb7840"
content-type
text/css
x-iinfo
7-64387724-0 0CNN RT(1713716495674 1012) q(0 -1 -1 -1) r(0 -1)
content-length
8633
overrides.css
www.mydoterra.com/custom/DefaultTheme/deu/de/css/ 		60 B
185 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mydoterra.com/custom/DefaultTheme/deu/de/css/overrides.css
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/sonjaott1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
c2296278ebe9c08e7188bd192d8402674e6e32d03b8702c101d7fe1138db13f6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.mydoterra.com/sonjaott1/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 16:21:36 GMT
content-encoding
gzip
last-modified
Thu, 21 Mar 2024 18:06:35 GMT
x-cdn
Imperva
etag
"4b-6142f915be0c0"
content-type
text/css
x-iinfo
7-64387724-0 0CNN RT(1713716495674 1017) q(0 -1 -1 -1) r(0 -1)
content-length
64
notice
consent.trustarc.com/ 		37 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/notice?domain=doterra-cm1.com&c=teconsent&noticeType=bb&js=nj&text=true
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/sonjaott1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-57.fra2.r.cloudfront.net
Software
/
Resource Hash
84bb6520bfa2ddc4d93a76bf857a6dd4693eb2c256a5051305c2ae2832bc12c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.mydoterra.com/
Origin
https://www.mydoterra.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 16:21:37 GMT
content-encoding
gzip
via
1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA2-C2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=3600
x-amz-cf-id
ZHfNLIwnKbTPr_rF9zPEzq7CPhzg6zs3eKhDPFVrxCLRtNm87m-3uw==
angular.min.js
ajax.googleapis.com/ajax/libs/angularjs/1.2.19/ 		104 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/angularjs/1.2.19/angular.min.js
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/sonjaott1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2bb5eb93141002fda502969d8933f1468e9214522b54c3d5874060f178620a96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.mydoterra.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 21:53:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
498475
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39543
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Apr 2025 21:53:42 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/sonjaott1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.mydoterra.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 06:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
209301
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30244
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Apr 2025 06:13:16 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/sonjaott1/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.mydoterra.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 16:21:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
1053
age
3358834
cdn-cachedat
10/31/2023 19:27:53
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:00 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"5869c96cc8f19086aee625d670d741f9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
1a04ea32b2f4b219188fda8349c8680c
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
877eb54e3c449f17-FRA
cdn-requestpullsuccess
True
angular-route.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.19/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.19/angular-route.min.js
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/sonjaott1/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97dc1b09cc47d58053751719f8bbb810020eeb5ad617b0fe3502fc1ca04c6ccb
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.mydoterra.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 16:21:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3365962
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1675
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-f5d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6%2Bq%2BomzNSKaJXioU9c1nJ7vpiPJ4w2kuOTA0GM3i1z04VH6vQQFh9mtX5JgHZy0C8SrCplxfyfuVLASeMBMdTYNHJ9sPXSbF532RL9EX8XqZrKx5Vu0HcZGF4YxSaYKNN%2BIVbpMg"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
877eb54e3d411905-FRA
expires
Fri, 11 Apr 2025 16:21:37 GMT
angular-resource.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.19/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.19/angular-resource.min.js
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/sonjaott1/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3191b032c7b3b5757a69c2f86aa7202f149db2d57193bb3538c393928bb2135
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.mydoterra.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 16:21:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
848308
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1507
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-cff"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=quXkGyHHOQPOvv5cN9roa4zWj4PvIChR166BchBq9bGO7efAp%2FyxfIPbD3i73jqhD8J6HEJno03fQW%2FC74MK4DB7fk2YgI%2FOkwUjR4TZ3%2BqSkdkjkRtkv3J3P7F5dhlblXBDdb7O"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
877eb54e3d461905-FRA
expires
Fri, 11 Apr 2025 16:21:37 GMT
angular-sanitize.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.19/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.19/angular-sanitize.min.js
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/sonjaott1/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6934ed9da5c03a8ebf35411fae11ecb9e9f9d5f973a56036f3112651f3823c9a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.mydoterra.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 16:21:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3365962
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2115
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-115c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=04hJ5zjvEy9nXcMlwaWW2idmclSvr51YpqD3jr5o14k%2BsZsn8d0oo6XTGaQoZvssrdY9CxS78XCBAVbRbVrQ3JxgMa0OocrHa9g%2FhmnM%2F%2FeknBaTccE%2BwLuqGTdH7bnhCcNlO7Qw"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
877eb54e3d471905-FRA
expires
Fri, 11 Apr 2025 16:21:37 GMT
ui-bootstrap-tpls.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-bootstrap/0.12.1/ 		64 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-bootstrap/0.12.1/ui-bootstrap-tpls.min.js
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/sonjaott1/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
390e12a57f4ff47bc24866532dc585354b8240a678cfaaf17e885ec7e71f5c18
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.mydoterra.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 16:21:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
321873
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
15677
last-modified
Mon, 04 May 2020 16:04:51 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d23-fea3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zbFaLIsuoKh9ay7eCNQjVfPib%2BVfM%2FFRRWWg%2B1Q9Y1oxvYj3CqexQYBokZ8cOfb95S%2FhOgA38sCmzNJlukgzkTTeHg10txzJqJdwIwn9nfh2bduYJvWFjpLQz4VL0qDIFcfgWOdD"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
877eb54e3d4a1905-FRA
expires
Fri, 11 Apr 2025 16:21:37 GMT
mm-foundation-tpls-0.5.1.min.js
www.mydoterra.com/custom/DefaultTheme/lib/angular-foundation/ 		48 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mydoterra.com/custom/DefaultTheme/lib/angular-foundation/mm-foundation-tpls-0.5.1.min.js
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/sonjaott1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e54031af9e37007e48ee124df9280204b9fe29e12aa194c14978914415ca42c8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.mydoterra.com/sonjaott1/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 16:21:36 GMT
content-encoding
gzip
last-modified
Thu, 21 Mar 2024 18:06:35 GMT
x-cdn
Imperva
etag
"c27c-6142f915be0c0"
content-type
application/javascript
x-iinfo
7-64387724-0 0CNN RT(1713716495674 1021) q(0 -1 -1 -1) r(0 -1)
content-length
13676
angulartics.js
www.mydoterra.com/custom/DefaultTheme/lib/angulartics-0.17.2/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mydoterra.com/custom/DefaultTheme/lib/angulartics-0.17.2/angulartics.js
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/sonjaott1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
d8020ab3fb0d1d24847e1f1573738c752f2d105f0538eafa525e337a7c0486a3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.mydoterra.com/sonjaott1/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 16:21:36 GMT
content-encoding
gzip
last-modified
Thu, 21 Mar 2024 18:06:35 GMT
x-cdn
Imperva
etag
"2528-6142f915be0c0"
content-type
application/javascript
x-iinfo
7-64387724-0 0CNN RT(1713716495674 1027) q(0 -1 -1 -1) r(0 -1)
content-length
1858
angulartics-ga.js
www.mydoterra.com/custom/DefaultTheme/lib/angulartics-0.17.2/ 		2 KB
661 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mydoterra.com/custom/DefaultTheme/lib/angulartics-0.17.2/angulartics-ga.js
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/sonjaott1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
55fdbb2dcb6251cf3ed8e0aaf6df3be022bf49f3d2b342981c93c2aade834947

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.mydoterra.com/sonjaott1/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 16:21:36 GMT
content-encoding
gzip
last-modified
Thu, 21 Mar 2024 18:06:35 GMT
x-cdn
Imperva
etag
"d5b-6142f915be0c0"
content-type
application/javascript
x-iinfo
7-64387724-0 0CNN RT(1713716495674 1031) q(0 -1 -1 -1) r(0 -1)
content-length
562
app.js
www.mydoterra.com/custom/DefaultTheme/deu/de/js/ 		392 B
325 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mydoterra.com/custom/DefaultTheme/deu/de/js/app.js
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/sonjaott1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
568c15a22dae575f16358b495f44421b2d584e5a5e45477ec272e5fddf9ec9e3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.mydoterra.com/sonjaott1/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 16:21:36 GMT
content-encoding
gzip
last-modified
Thu, 21 Mar 2024 18:06:35 GMT
x-cdn
Imperva
etag
"1b0-6142f915be0c0"
content-type
application/javascript
x-iinfo
7-64387724-0 0CNN RT(1713716495674 1034) q(0 -1 -1 -1) r(0 -1)
content-length
227
controllers.js
www.mydoterra.com/custom/DefaultTheme/deu/de/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mydoterra.com/custom/DefaultTheme/deu/de/js/controllers.js
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/sonjaott1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
df1fcb8e0ab23d7ec54a33d5314bf3348c1a522499d8ff3c01163a4d0f738f8d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.mydoterra.com/sonjaott1/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 16:21:36 GMT
content-encoding
gzip
last-modified
Thu, 21 Mar 2024 18:06:35 GMT
x-cdn
Imperva
etag
"16dc-6142f915be0c0"
content-type
application/javascript
x-iinfo
7-64387724-0 0CNN RT(1713716495674 1037) q(0 -1 -1 -1) r(0 -1)
content-length
935
services.js
www.mydoterra.com/custom/DefaultTheme/deu/de/js/ 		893 B
577 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mydoterra.com/custom/DefaultTheme/deu/de/js/services.js
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/sonjaott1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
81aafb31636bce952e5b841606e9b39e39fa93094d34b9f7350488134ac51786

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.mydoterra.com/sonjaott1/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 16:21:36 GMT
content-encoding
gzip
last-modified
Thu, 21 Mar 2024 18:06:35 GMT
x-cdn
Imperva
etag
"60a-6142f915be0c0"
content-type
application/javascript
x-iinfo
7-64387724-0 0CNN RT(1713716495674 1040) q(0 -1 -1 -1) r(0 -1)
content-length
478
directives.js
www.mydoterra.com/custom/DefaultTheme/deu/de/js/ 		749 B
503 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mydoterra.com/custom/DefaultTheme/deu/de/js/directives.js
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/sonjaott1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
0a163b77181a4a5663b3178f26a3719ff8c5e8435573d94cf7cccb198a81a270

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.mydoterra.com/sonjaott1/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 16:21:36 GMT
content-encoding
gzip
last-modified
Thu, 21 Mar 2024 18:06:35 GMT
x-cdn
Imperva
etag
"66e-6142f915be0c0"
content-type
application/javascript
x-iinfo
7-64387724-0 0CNN RT(1713716495674 1044) q(0 -1 -1 -1) r(0 -1)
content-length
404
base.js
www.mydoterra.com/custom/DefaultTheme/deu/de/js/ 		2 KB
692 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mydoterra.com/custom/DefaultTheme/deu/de/js/base.js
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/sonjaott1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
6063a6420352aaf0a01352f14e30c33fb0cc542df679665697873ec767fb52c3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.mydoterra.com/sonjaott1/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 16:21:36 GMT
content-encoding
gzip
last-modified
Thu, 21 Mar 2024 18:06:35 GMT
x-cdn
Imperva
etag
"bd6-6142f915be0c0"
content-type
application/javascript
x-iinfo
7-64387724-0 0CNN RT(1713716495674 1048) q(0 -1 -1 -1) r(0 -1)
content-length
593
_Incapsula_Resource
www.mydoterra.com/ 		141 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mydoterra.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=2&cb=1054476988
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/sonjaott1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
a7ffb8db20b8c75c7ced9562a7481a5fe70a10eaeb6f5929dadd75e387214212

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.mydoterra.com/sonjaott1/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache, no-store
content-encoding
gzip
x-robots-tag
noindex
content-length
20223
content-type
application/javascript
gtm.js
www.googletagmanager.com/ 		226 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KKCSWT4
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/sonjaott1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4731efe2c4f1e83308d6a98eb280e4de7d95e493d49778e14f74490a6bc6e5e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.mydoterra.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 16:21:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80890
x-xss-protection
0
last-modified
Sun, 21 Apr 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 21 Apr 2024 16:21:37 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://www.mydoterra.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 00:32:18 GMT
x-content-type-options
nosniff
age
143359
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18668
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:00:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 20 Apr 2025 00:32:18 GMT
main.html
www.mydoterra.com/sonjaott1/templates/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.mydoterra.com/sonjaott1/templates/main.html
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.2.19/angular.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache /
Resource Hash
027f96a5c444a61f8c4717d7bb2c3ad80cd979441d04aac872a3aca6a3c47180
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://shop.doterra.com;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://www.mydoterra.com/sonjaott1/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 16:21:37 GMT
content-security-policy
frame-ancestors 'self' https://shop.doterra.com;
content-encoding
gzip
server
Apache
x-cdn
Imperva
content-type
text/html;charset=UTF-8
p3p
CP='PUB OTRo'
x-iinfo
7-64387724-64387727 PNYN RT(1713716495674 1113) q(0 0 0 -1) r(3 3) U12
_Incapsula_Resource
www.mydoterra.com/ 		1 B
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mydoterra.com/_Incapsula_Resource?SWKMTFSR=1&e=0.30358098820054624
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/sonjaott1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.mydoterra.com/sonjaott1/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
1
content-type
text/plain
get
consent.trustarc.com/ Frame 3D65 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/get?name=crossdomain.html&domain=doterra-cm1.com
Requested by
Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=doterra-cm1.com&c=teconsent&noticeType=bb&js=nj&text=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-35.fra2.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.mydoterra.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
3241
cache-control
max-age=2592000
content-encoding
gzip
content-type
text/html
date
Sun, 21 Apr 2024 15:27:36 GMT
pragma
public
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding Origin
via
1.1 7158aa4ac648947d564b98d9769b5b2a.cloudfront.net (CloudFront)
x-amz-cf-id
2gqKj9orTvFSxj2gETl4-PZVRGbAjjaFoGdzYlE6FZv8pd_oX9Eguw==
x-amz-cf-pop
FRA2-C2
x-cache
Hit from cloudfront
v1.7-3185
consent.trustarc.com/asset/notice.js/v/ 		92 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/asset/notice.js/v/v1.7-3185
Requested by
Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=doterra-cm1.com&c=teconsent&noticeType=bb&js=nj&text=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-57.fra2.r.cloudfront.net
Software
/
Resource Hash
7904d8846e66f0c538335e696b4e06fe1d1d10f8856e275316d409efda45ead9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.mydoterra.com/
Origin
https://www.mydoterra.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Sun, 21 Apr 2024 15:58:54 GMT
content-encoding
gzip
via
1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 19 Mar 2024 02:16:13 GMT
x-amz-cf-pop
FRA2-C2
age
1364
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=2592000
x-amz-cf-id
9-lVjw60eJ-jlfIOONw48DZbqyEeAlyOQPYPauUQZX3XsdjVZ0SlRw==
log
consent.trustarc.com/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent.trustarc.com/log?domain=doterra-cm1.com&country=de&state=&behavior=implied&session=e2c2a82f-7cad-4bde-920e-6ee015e5e066&userType=NEW&c=5e40
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/sonjaott1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-57.fra2.r.cloudfront.net
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Content-Security-Policy object-src 'none'; frame-ancestors https://*.trustarc.com https://*.prod.internal.trustarc.com https://*.trustarc.eu https://*.prod.internal.trustarc.eu https://*.staging.internal.trustarc.com https://*.trustarc-svc.net https://*.truste-svc.net https://*.qa.truste-svc.net https://*.dev.truste-svc.net http://localhost:* https://*.nymity.com https://*.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.mydoterra.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 16:21:37 GMT
content-security-policy
object-src 'none'; frame-ancestors https://*.trustarc.com https://*.prod.internal.trustarc.com https://*.trustarc.eu https://*.prod.internal.trustarc.eu https://*.staging.internal.trustarc.com https://*.trustarc-svc.net https://*.truste-svc.net https://*.qa.truste-svc.net https://*.dev.truste-svc.net http://localhost:* https://*.nymity.com https://*.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA2-C2
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
cross-origin-opener-policy
cross-origin
expect-ct
enforce, max-age=60
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), camera=(), speaker=(), microphone=(), vibrate=()
x-amz-cf-id
XDflAQBbfjbBTLNpCwcV6HJWIFRyRRY5jc8xG98IUZP9YARjC2Peyg==
expires
Mon, 26 Jul 1997 05:00:00 GMT
get
consent.trustarc.com/ 		174 KB
175 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/get?name=Raleway-Regular.ttf
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/sonjaott1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-57.fra2.r.cloudfront.net
Software
/
Resource Hash
20e4ae409ffbe8bfd2af14d7f717398408ae8b481005beccb83d62ef4052b681
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.mydoterra.com/
Origin
https://www.mydoterra.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Sun, 21 Apr 2024 15:57:23 GMT
via
1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA2-C2
age
1454
x-cache
Hit from cloudfront
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=2592000
content-length
178520
x-amz-cf-id
shfc2zYgu4Ec8QjStc-W4OEcy1tPmtSKEwYygdO8o678wdBMYPUOaA==
get
consent.trustarc.com/ 		175 KB
176 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/get?name=Raleway-Bold.ttf
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/sonjaott1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-57.fra2.r.cloudfront.net
Software
/
Resource Hash
ca9de8b3be7ccd4b80774a9c7dd56a98c49c276771c5957729b5958d1d579112
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.mydoterra.com/
Origin
https://www.mydoterra.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Sun, 21 Apr 2024 16:04:08 GMT
via
1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA2-C2
age
1049
x-cache
Hit from cloudfront
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=2592000
content-length
179244
x-amz-cf-id
loCI1-8cpKAJ4c4g7voJuQWSLTks7lAaEZlN0hAYSJIeloOwHxS1YA==
bannermsg
consent.trustarc.com/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent.trustarc.com/bannermsg?action=views&domain=doterra-cm1.com&behavior=implied&country=de&language=de&rand=0.9727837396523502&session=e2c2a82f-7cad-4bde-920e-6ee015e5e066&userType=NEW
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/sonjaott1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-57.fra2.r.cloudfront.net
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Content-Security-Policy object-src 'none'; frame-ancestors https://*.trustarc.com https://*.prod.internal.trustarc.com https://*.trustarc.eu https://*.prod.internal.trustarc.eu https://*.staging.internal.trustarc.com https://*.trustarc-svc.net https://*.truste-svc.net https://*.qa.truste-svc.net https://*.dev.truste-svc.net http://localhost:* https://*.nymity.com https://*.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.mydoterra.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 16:21:37 GMT
content-security-policy
object-src 'none'; frame-ancestors https://*.trustarc.com https://*.prod.internal.trustarc.com https://*.trustarc.eu https://*.prod.internal.trustarc.eu https://*.staging.internal.trustarc.com https://*.trustarc-svc.net https://*.truste-svc.net https://*.qa.truste-svc.net https://*.dev.truste-svc.net http://localhost:* https://*.nymity.com https://*.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA2-C2
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
cross-origin-opener-policy
cross-origin
expect-ct
enforce, max-age=60
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), camera=(), speaker=(), microphone=(), vibrate=()
x-amz-cf-id
BSAz9wqTbzCtYx3fyEVeZ3haFMjrra7bmCo9dm6awFHJYF5PuIXcqA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
favicon.png
www.mydoterra.com/custom/DefaultTheme/img/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.mydoterra.com/custom/DefaultTheme/img/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
337ff04561fbeee6eea3abc63756a5ece81433f5bc7a2cafeaee9b4b83317cd3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.mydoterra.com/sonjaott1/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-iinfo
7-64387724-0 0CNN RT(1713716495674 1219) q(0 -1 -1 -1) r(0 -1)
date
Sun, 21 Apr 2024 16:21:36 GMT
last-modified
Thu, 21 Mar 2024 18:06:35 GMT
x-cdn
Imperva
etag
"63b-6142f915be0c0"
content-length
1049
content-type
image/png
template.json
www.mydoterra.com/custom/DefaultTheme/deu/de/models/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.mydoterra.com/custom/DefaultTheme/deu/de/models/template.json
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.2.19/angular.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache /
Resource Hash
fc5120bcaf7821b1460825cc483409fbbf8e3a3ed58e3c119649763ca58283a4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://shop.doterra.com;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://www.mydoterra.com/sonjaott1/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 16:21:38 GMT
content-security-policy
frame-ancestors 'self' https://shop.doterra.com;
content-encoding
gzip
last-modified
Thu, 21 Mar 2024 18:06:35 GMT
server
Apache
x-cdn
Imperva
etag
"afd-6142f915be0c0"
content-type
application/json
x-iinfo
7-64387724-64387727 PNYN RT(1713716495674 1394) q(0 0 0 -1) r(2 2) U12
accept-ranges
bytes
content.json
www.mydoterra.com/custom/DefaultTheme/deu/de/models/ 		28 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.mydoterra.com/custom/DefaultTheme/deu/de/models/content.json
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.2.19/angular.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache /
Resource Hash
b5fdd1237aa38a54ffdc3505b8c8c2daa4624fc7260f37fcc1a63336efbba9d8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://shop.doterra.com;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://www.mydoterra.com/sonjaott1/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 16:21:38 GMT
content-security-policy
frame-ancestors 'self' https://shop.doterra.com;
content-encoding
gzip
last-modified
Thu, 21 Mar 2024 18:06:35 GMT
server
Apache
x-cdn
Imperva
etag
"6e83-6142f915be0c0"
content-type
application/json
x-iinfo
7-64387724-64387900 NNYY CT(171 349 0) RT(1713716495674 1398) q(0 0 0 -1) r(2 4) U12
accept-ranges
bytes
home.html
www.mydoterra.com/sonjaott1/partials/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.mydoterra.com/sonjaott1/partials/home.html
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.2.19/angular.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache /
Resource Hash
5553b6e44164e0375fa12215ad333521d9b5c1c2a836cdbc88eacb2c2a22d442
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://shop.doterra.com;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://www.mydoterra.com/sonjaott1/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 16:21:38 GMT
content-security-policy
frame-ancestors 'self' https://shop.doterra.com;
content-encoding
gzip
server
Apache
x-cdn
Imperva
content-type
text/html;charset=UTF-8
p3p
CP='PUB OTRo'
x-iinfo
7-64387724-64387902 NNYY CT(168 343 0) RT(1713716495674 1402) q(0 0 0 -1) r(3 3) U12
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://www.mydoterra.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 16:21:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
752
age
3372464
cdn-cachedat
10/31/2023 19:08:24
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
77160
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
"af7ae505a9eed503f8b8e6982036873e"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
ca39b907be1b18682ef836f006450cd4
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
877eb550aca0037c-FRA
cdn-requestpullsuccess
True
logo.png
www.mydoterra.com/custom/DefaultTheme/img/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mydoterra.com/custom/DefaultTheme/img/logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
c887ec65ddb0d346b2448fd1bc6594c879fa4c3c239b8e9131994fbc6b8bd183

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.mydoterra.com/sonjaott1/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-iinfo
7-64387724-0 0CNN RT(1713716495674 1588) q(0 -1 -1 -1) r(0 -1)
date
Sun, 21 Apr 2024 16:21:37 GMT
last-modified
Thu, 21 Mar 2024 18:06:35 GMT
x-cdn
Imperva
etag
"8c0e-6142f915be0c0"
content-length
26573
content-type
image/png
PHOTO_2022_11_02_21_08_46.jpg
doterra.myvoffice.com/users/094/46114712094/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doterra.myvoffice.com/users/094/46114712094/PHOTO_2022_11_02_21_08_46.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.243.189 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
12a6f75a1d0feb8d5e138d0ad829ae880a9f5c6e8020e532dd11a262bd31d50b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.mydoterra.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 16:21:38 GMT
last-modified
Thu, 03 Nov 2022 18:22:48 GMT
x-cdn
Imperva
etag
"7aab-5ec950b604484"
content-type
image/jpeg
x-iinfo
4-62456046-62444324 2CNN RT(1713716498459 15) q(0 0 0 0) r(0 0) U18
cache-control
max-age=14860, public
x-incap-sess-cookie-hdr
jBHUSAfhzgSc8+sqieGMBhI9JWYAAAAAGQKk4xEVRVOQZn6qY2UyGA==
content-length
31403
expires
Sun, 21 Apr 2024 20:29:18 GMT
lavenderDesktop.jpg
www.mydoterra.com/custom/DefaultTheme/img/backgrounds/ 		155 KB
155 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mydoterra.com/custom/DefaultTheme/img/backgrounds/lavenderDesktop.jpg
Requested by
Host: www.mydoterra.com
URL: https://www.mydoterra.com/custom/DefaultTheme/styles/base.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
46fed4ad84f360e1ac10edb0abca0eac25d788f7c2e5f27a093d0043f466a0bd

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.mydoterra.com/custom/DefaultTheme/styles/base.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-iinfo
7-64387724-0 0CNN RT(1713716495674 1681) q(0 -1 -1 -1) r(0 -1)
date
Sun, 21 Apr 2024 16:21:37 GMT
last-modified
Thu, 21 Mar 2024 18:06:35 GMT
x-cdn
Imperva
etag
"26f66-6142f915be0c0"
content-length
158700
content-type
image/jpeg
why429x286.jpg
www.mydoterra.com/custom/DefaultTheme/img/thumbs/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mydoterra.com/custom/DefaultTheme/img/thumbs/why429x286.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
78caf237e7bd6702310082aafc22ba202d2834996fa3c910d128f2302d4fd577

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.mydoterra.com/sonjaott1/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-iinfo
7-64387724-0 0CNN RT(1713716495674 1766) q(0 -1 -1 -1) r(0 -1)
date
Sun, 21 Apr 2024 16:21:37 GMT
last-modified
Thu, 21 Mar 2024 18:06:35 GMT
x-cdn
Imperva
etag
"a2d3-6142f915be0c0"
content-length
40753
content-type
image/jpeg
what429x286.jpg
www.mydoterra.com/custom/DefaultTheme/img/thumbs/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mydoterra.com/custom/DefaultTheme/img/thumbs/what429x286.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
39932e4be1cf3bf23a1163f106d339ad9f053f2fe57850225416dddd4ee5d0a2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.mydoterra.com/sonjaott1/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-iinfo
7-64387724-0 0CNN RT(1713716495674 1768) q(0 -1 -1 -1) r(0 -1)
date
Sun, 21 Apr 2024 16:21:37 GMT
last-modified
Thu, 21 Mar 2024 18:06:35 GMT
x-cdn
Imperva
etag
"6415-6142f915be0c0"
content-length
24660
content-type
image/jpeg
hh-429x286.jpg
media.doterra.com/gb/images/replicated-site/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.doterra.com/gb/images/replicated-site/hh-429x286.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-44.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
46dfb2ce6d6a0a3a5d237aa10e0f80a16579c24d334f357077f0c95465c7bfc5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.mydoterra.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 06:43:45 GMT
via
1.1 e47c87f8fd9c4c08ac7559d0bcc2b4c2.cloudfront.net (CloudFront)
last-modified
Tue, 26 Nov 2019 21:25:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P9
age
34674
etag
"786b529c190c0220dec8e976b7803c2e"
x-amz-meta-origin-date-iso8601
2019-11-26T20:59:02.176Z
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
34579
x-amz-cf-id
KldQm9FalSHiv33zX71oLqOv6N5dzwns0UT-4pbAluq0XqlZbLsW3g==
E21i_d3kivvAkxhLEVZpQyhwDw.woff2
fonts.gstatic.com/s/parisienne/v13/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/parisienne/v13/E21i_d3kivvAkxhLEVZpQyhwDw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Parisienne
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf3c285d1ec1ee935746c475ca71e20d9f1fc3b5d62166e2523acdd0737e239c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://www.mydoterra.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 20:57:34 GMT
x-content-type-options
nosniff
age
501844
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22600
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:42:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Apr 2025 20:57:34 GMT

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| MY_DOMAIN boolean| REQUIRE_USER_EXPRESSED_PERMISSION object| _STATE function| runOnce function| getBehavior function| handleAPIResponse function| activateElement object| dataLayer object| angular number| ng339 function| $ function| jQuery object| angulartics object| app string| dist_id object| truste function| shouldRepop function| shouldResolveConsent string| userType object| $temp_box_overlay object| $temp_closebtn_style object| $temp_inner_iframe function| _truste_eu object| PREF_MGR_API_DEBUG object| PrivacyManagerAPI object| TRUSTE_CMAPI_DEBUG object| google_tag_manager object| google_tag_data number| homeHeightPercentage number| homeHeightOffsetFactor

14 Cookies

Domain/Path Name / Value
.mydoterra.com/ Name: visid_incap_660953
Value: zQMQn9M/TvmZ/+L0H7v9ng89JWYAAAAAQUIPAAAAAAB6pEpQKCA6ynie16fCrYUs
.mydoterra.com/ Name: incap_ses_304_660953
Value: VucPGJhiDwQYj14JbQY4BBA9JWYAAAAAfX4k/5e2N16eqey8hYVicA==
.mydoterra.com/ Name: incap_ses_7228_660953
Value: c2wLQKjEDh9hyKbBtgNPZBA9JWYAAAAAtjNVXY72RvJxu2yj/evjxg==
.mydoterra.com/ Name: cfid
Value: 2c26b369-5523-4fc6-97be-7ce0c2098865
.mydoterra.com/ Name: cftoken
Value: 0
www.mydoterra.com/ Name: cfid
Value: 2c26b369-5523-4fc6-97be-7ce0c2098865
www.mydoterra.com/ Name: cftoken
Value: 0
www.mydoterra.com/ Name: MYCOUNTRY
Value: DEU
www.mydoterra.com/ Name: LANGUAGE
Value: de
www.mydoterra.com/ Name: REPLICATEDSITE_OWNERID
Value: 13616732
.mydoterra.com/ Name: TAsessionID
Value: e2c2a82f-7cad-4bde-920e-6ee015e5e066|NEW
.mydoterra.com/ Name: notice_behavior
Value: implied,eu
www.mydoterra.com/ Name: FIRST_PWS_HIT
Value: 0
www.mydoterra.com/ Name: SKIN
Value: default

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' https://shop.doterra.com;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
consent.trustarc.com
doterra.myvoffice.com
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
media.doterra.com
mydoterra.com
www.googletagmanager.com
www.mydoterra.com
www.sonjas-aromazauber.de
104.17.25.14
104.18.11.207
13.225.78.35
13.225.78.57
18.245.46.44
2a00:1450:4001:812::200a
2a00:1450:4001:827::2003
2a00:1450:4001:82f::2008
45.60.102.13
45.60.14.13
45.60.243.189
85.13.152.27
027f96a5c444a61f8c4717d7bb2c3ad80cd979441d04aac872a3aca6a3c47180
0a163b77181a4a5663b3178f26a3719ff8c5e8435573d94cf7cccb198a81a270
12a6f75a1d0feb8d5e138d0ad829ae880a9f5c6e8020e532dd11a262bd31d50b
20e4ae409ffbe8bfd2af14d7f717398408ae8b481005beccb83d62ef4052b681
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2bb5eb93141002fda502969d8933f1468e9214522b54c3d5874060f178620a96
337ff04561fbeee6eea3abc63756a5ece81433f5bc7a2cafeaee9b4b83317cd3
390e12a57f4ff47bc24866532dc585354b8240a678cfaaf17e885ec7e71f5c18
39932e4be1cf3bf23a1163f106d339ad9f053f2fe57850225416dddd4ee5d0a2
41010d84bd5aa0be4238024228750abe46bb6c96c7e964ab0183468aed0936f2
46dfb2ce6d6a0a3a5d237aa10e0f80a16579c24d334f357077f0c95465c7bfc5
46fed4ad84f360e1ac10edb0abca0eac25d788f7c2e5f27a093d0043f466a0bd
4731efe2c4f1e83308d6a98eb280e4de7d95e493d49778e14f74490a6bc6e5e7
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5553b6e44164e0375fa12215ad333521d9b5c1c2a836cdbc88eacb2c2a22d442
55fdbb2dcb6251cf3ed8e0aaf6df3be022bf49f3d2b342981c93c2aade834947
568c15a22dae575f16358b495f44421b2d584e5a5e45477ec272e5fddf9ec9e3
6063a6420352aaf0a01352f14e30c33fb0cc542df679665697873ec767fb52c3
6934ed9da5c03a8ebf35411fae11ecb9e9f9d5f973a56036f3112651f3823c9a
73acb5e8adb18a3e34339d5ba277ec25e3e5f1e1c012835da4ff7b3ea94d6a4f
78caf237e7bd6702310082aafc22ba202d2834996fa3c910d128f2302d4fd577
7904d8846e66f0c538335e696b4e06fe1d1d10f8856e275316d409efda45ead9
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
81aafb31636bce952e5b841606e9b39e39fa93094d34b9f7350488134ac51786
84bb6520bfa2ddc4d93a76bf857a6dd4693eb2c256a5051305c2ae2832bc12c9
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
97dc1b09cc47d58053751719f8bbb810020eeb5ad617b0fe3502fc1ca04c6ccb
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
a7ffb8db20b8c75c7ced9562a7481a5fe70a10eaeb6f5929dadd75e387214212
b3191b032c7b3b5757a69c2f86aa7202f149db2d57193bb3538c393928bb2135
b5fdd1237aa38a54ffdc3505b8c8c2daa4624fc7260f37fcc1a63336efbba9d8
c2296278ebe9c08e7188bd192d8402674e6e32d03b8702c101d7fe1138db13f6
c3061c3788ad5783ef8a5d10c454bafe7eb942c48200dccc852cc6d3c9f303d4
c887ec65ddb0d346b2448fd1bc6594c879fa4c3c239b8e9131994fbc6b8bd183
ca9de8b3be7ccd4b80774a9c7dd56a98c49c276771c5957729b5958d1d579112
cf3c285d1ec1ee935746c475ca71e20d9f1fc3b5d62166e2523acdd0737e239c
d1ec32cc9ef8973e80694965d612621669486d134c836aa49ca4894f13e28863
d8020ab3fb0d1d24847e1f1573738c752f2d105f0538eafa525e337a7c0486a3
df1fcb8e0ab23d7ec54a33d5314bf3348c1a522499d8ff3c01163a4d0f738f8d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e54031af9e37007e48ee124df9280204b9fe29e12aa194c14978914415ca42c8
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fc5120bcaf7821b1460825cc483409fbbf8e3a3ed58e3c119649763ca58283a4