URL: https://www.doterra.com/US/en/site/kristinam
Submission: On March 14 via manual from US — Scanned from ES

Summary

This website contacted 12 IPs in 2 countries across 10 domains to perform 60 HTTP transactions. The main IP is 45.60.14.13, located in United States and belongs to INCAPSULA, US. The main domain is www.doterra.com. The Cisco Umbrella rank of the primary domain is 184982.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on February 23rd 2021. Valid for: a year.
This is the only time www.doterra.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
37 doterra.com
www.doterra.com — Cisco Umbrella Rank: 184982
2 MB
6 trustarc.com
consent.trustarc.com — Cisco Umbrella Rank: 2869
38 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
www.googleapis.com — Cisco Umbrella Rank: 29
4 KB
3 gstatic.com
fonts.gstatic.com
www.gstatic.com
218 KB
2 levelaccess.net
cdn.levelaccess.net — Cisco Umbrella Rank: 8293
api.levelaccess.net
58 KB
2 appdynamics.com
cdn.appdynamics.com — Cisco Umbrella Rank: 2799
35 KB
1 eum-appdynamics.com
col.eum-appdynamics.com — Cisco Umbrella Rank: 1999
1016 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 54
80 KB
1 queue-it.net
mydoterra.queue-it.net — Cisco Umbrella Rank: 279529
925 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
992 B
60 10
Domain Requested by
37 www.doterra.com www.doterra.com
cdn.appdynamics.com
cdn.levelaccess.net
6 consent.trustarc.com www.doterra.com
consent.trustarc.com
3 www.googleapis.com cdn.appdynamics.com
3 fonts.googleapis.com www.doterra.com
client
2 fonts.gstatic.com fonts.googleapis.com
2 cdn.appdynamics.com www.doterra.com
cdn.appdynamics.com
1 api.levelaccess.net cdn.appdynamics.com
1 col.eum-appdynamics.com cdn.appdynamics.com
1 cdn.levelaccess.net www.googletagmanager.com
1 www.gstatic.com www.google.com
1 www.googletagmanager.com www.doterra.com
1 mydoterra.queue-it.net www.doterra.com
1 www.google.com www.doterra.com
60 13
Subject Issuer Validity Valid
*.doterra.com
Go Daddy Secure Certificate Authority - G2
2021-02-23 -
2022-03-27
a year crt.sh
*.appdynamics.com
DigiCert TLS RSA SHA256 2020 CA1
2021-06-21 -
2022-07-22
a year crt.sh
www.google.com
GTS CA 1C3
2022-02-28 -
2022-05-23
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-02-17 -
2022-05-12
3 months crt.sh
*.trustarc.com
Go Daddy Secure Certificate Authority - G2
2020-05-21 -
2022-07-17
2 years crt.sh
*.queue-it.net
Amazon
2021-12-21 -
2023-01-18
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-02-17 -
2022-05-12
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-02-17 -
2022-05-12
3 months crt.sh
cdn.levelaccess.net
Amazon
2022-01-30 -
2023-02-27
a year crt.sh
*.eum-appdynamics.com
DigiCert TLS RSA SHA256 2020 CA1
2021-06-14 -
2022-07-15
a year crt.sh
api.levelaccess.net
Amazon
2022-01-30 -
2023-02-28
a year crt.sh

This page contains 2 frames:

Primary Page: https://www.doterra.com/US/en/site/kristinam
Frame ID: 8FD4FB8830401B7A55491B2E59917B6F
Requests: 59 HTTP requests in this frame

Frame: https://consent.trustarc.com/get?name=crossdomain.html&domain=doterra-cm1.com
Frame ID: F7C80532C98570A3481ACECE3DA815B4
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Business Site Home Page | dōTERRA Essential Oils

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+/(?:sys_master|hybr|_ui/(?:.*responsive/)?(?:desktop|common(?:/images|/img|/css|ico)?))/

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • adrum

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • consent\.trustarc\.com

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

60
Requests

100 %
HTTPS

58 %
IPv6

10
Domains

13
Subdomains

12
IPs

2
Countries

2818 kB
Transfer

5943 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

60 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request kristinam
www.doterra.com/US/en/site/
240 KB
242 KB
Document
General
Full URL
https://www.doterra.com/US/en/site/kristinam
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache/2.4.6 (Red Hat Enterprise Linux) /
Resource Hash
9093968699cd4f6db3e46db22b087618cdfccb89973705022e2f2042cf989c66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
es-ES,es;q=0.9

Response headers

date
Mon, 14 Mar 2022 23:06:08 GMT
server
Apache/2.4.6 (Red Hat Enterprise Linux)
x-frame-options
SAMEORIGIN
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
cache-control
no-cache no-store
strict-transport-security
max-age=31536000 ; includeSubDomains
x-xss-protection
1; mode=block
x-content-type-options
nosniff
content-type
text/html;charset=UTF-8
content-language
en-US
x-cdn
Imperva
x-iinfo
13-147234086-147234087 nNNN RT(1647299921070 0) q(0 0 3 0) r(5 5) U12
adrum-4.3.1.0.js
cdn.appdynamics.com/adrum/
43 KB
17 KB
Script
General
Full URL
https://cdn.appdynamics.com/adrum/adrum-4.3.1.0.js
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/kristinam
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.115.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-115-39.txl50.r.cloudfront.net
Software
nginx/1.16.1 /
Resource Hash
43deb04a30d8b678b66aea7c0836d7e5e18b69b9dc9f7ec6e685e355f686fcbf

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.doterra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 09:22:48 GMT
content-encoding
gzip
age
2382952
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 04 May 2017 00:09:29 GMT
server
nginx/1.16.1
etag
W/"590a7139-ad2e"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
via
1.1 4786bcd6a5ee692459814ef0ab252684.cloudfront.net (CloudFront)
cache-control
public, max-age=2678400, s-max-age=14400
x-amz-cf-pop
TXL50-P4
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
g-xu_CkkLHORj_2J0KGhsg5lhPeQDJUrPKO20i6ZWPGNj5-P3mu45Q==
slick-theme_1.8.1.min.css
www.doterra.com/_ui/desktop/common/css/
2 KB
949 B
Stylesheet
General
Full URL
https://www.doterra.com/_ui/desktop/common/css/slick-theme_1.8.1.min.css?1057936
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/kristinam
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
528eb4900ccdd06e15447187e3b5e68f6563f7e4e4941cba627859b107441224

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.doterra.com/US/en/site/kristinam
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 23:18:42 GMT
content-encoding
gzip
last-modified
Fri, 11 Mar 2022 17:42:24 GMT
x-cdn
Imperva
etag
W/"2408-1647020544000"
content-type
text/css;charset=UTF-8
x-iinfo
13-147234183-147233806 2VNN RT(1647299921624 0) q(0 0 0 -1) r(6 6)
content-length
800
bootstrap-3-styles.css
www.doterra.com/_ui/desktop/common/css/
2 MB
212 KB
Stylesheet
General
Full URL
https://www.doterra.com/_ui/desktop/common/css/bootstrap-3-styles.css?1057936
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/kristinam
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache/2.4.6 (Red Hat Enterprise Linux) /
Resource Hash
11016ffdfabe02191d6ccfd3fc9b6302e980f94da94ffa699715d0d840b52062
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.doterra.com/US/en/site/kristinam
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 23:06:09 GMT
content-encoding
gzip
last-modified
Fri, 11 Mar 2022 17:44:52 GMT
server
Apache/2.4.6 (Red Hat Enterprise Linux)
etag
W/"1673179-1647020692000"
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
x-iinfo
13-147234184-147234185 nNNN RT(1647299921627 0) q(0 0 3 -1) r(4 4) U9
accept-ranges
bytes
x-cdn
Imperva
logo.svg
www.doterra.com/_ui/desktop/common/images/wqa/
20 KB
21 KB
Image
General
Full URL
https://www.doterra.com/_ui/desktop/common/images/wqa/logo.svg
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/kristinam
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache/2.4.6 (Red Hat Enterprise Linux) /
Resource Hash
6258cb0d1a0e764d2759b94a5e2143ba7860850c4a9d2abc1583ea62936b66d9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.doterra.com/US/en/site/kristinam
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Mon, 14 Mar 2022 23:06:10 GMT
last-modified
Mon, 07 Mar 2022 09:15:44 GMT
server
Apache/2.4.6 (Red Hat Enterprise Linux)
etag
W/"20691-1646644544000"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml;charset=UTF-8
x-iinfo
13-147234390-147234185 pNNN RT(1647299922922 0) q(0 1 1 -1) r(3 3) U2
cache-control
public,max-age=54321
accept-ranges
bytes
content-length
20691
x-cdn
Imperva
expires
Thu, 01 Jan 1970 00:00:54 GMT
logo-small.svg
www.doterra.com/_ui/desktop/common/images/wqa/
4 KB
2 KB
Image
General
Full URL
https://www.doterra.com/_ui/desktop/common/images/wqa/logo-small.svg
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/kristinam
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
5afbbb8d5abc6e27981c58b4462b8466e0186fb1130fae2b3eb6f4e158061689

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.doterra.com/US/en/site/kristinam
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 23:18:42 GMT
content-encoding
gzip
last-modified
Mon, 07 Mar 2022 09:15:44 GMT
x-cdn
Imperva
etag
W/"4148-1646644544000"
content-type
image/svg+xml;charset=UTF-8
x-iinfo
13-147234391-0 0CNN RT(1647299922923 0) q(0 -1 -1 -1) r(0 -1)
content-length
1956
1376362.jpg
www.doterra.com/medias/
418 KB
419 KB
Image
General
Full URL
https://www.doterra.com/medias/1376362.jpg?context=bWFzdGVyfHJvb3R8NDU4ODMyfGltYWdlL2pwZWd8aDk3L2hkMC8yODAyMjA0NDk1MDU1OC5qcGd8YWRhNWFjMDEwMTUxMTM5OGVhNjllYjNiNmMzZDcyODllZGFiMTQ1YzAwOGM0NzhjYjI3NGJiMTdlN2Q2MTQzZg
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/kristinam
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e1fbd41b3f9dcaecd8fa144472d9aacc1a49dae6fcde7a76927601b2cc456b74

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.doterra.com/US/en/site/kristinam
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 23:18:42 GMT
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
x-cdn
Imperva
etag
e6056993a6c9887aa27017b7d1c82e46
content-type
image/jpeg
x-iinfo
13-147234393-0 0CNN RT(1647299922925 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=31524641, public
content-length
428137
expires
Tue, 14 Mar 2023 20:09:23 GMT
ecomm-header-webui.js
www.doterra.com/_ui/desktop/common/dist/
147 KB
45 KB
Script
General
Full URL
https://www.doterra.com/_ui/desktop/common/dist/ecomm-header-webui.js?1057936
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/kristinam
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
29d6e437c73a41cb8b24285f13c57c31df470b095bccfe765622b32e07da0b67

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.doterra.com/US/en/site/kristinam
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 23:18:42 GMT
content-encoding
gzip
last-modified
Fri, 11 Mar 2022 17:44:27 GMT
x-cdn
Imperva
etag
W/"150927-1647020667000"
content-type
text/javascript;charset=UTF-8
x-iinfo
13-147234294-147233806 2VNN RT(1647299922279 0) q(0 0 0 -1) r(2 2)
content-length
46309
plugins.js
www.doterra.com/_ui/desktop/common/dist/
521 KB
148 KB
Script
General
Full URL
https://www.doterra.com/_ui/desktop/common/dist/plugins.js?1057936
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/kristinam
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
020bf2e0ef448b05d18a16fcb68d21c6179b550f82c1b287c86e8fe48c9f40fd

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.doterra.com/US/en/site/kristinam
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 23:18:42 GMT
content-encoding
gzip
last-modified
Fri, 11 Mar 2022 17:44:17 GMT
x-cdn
Imperva
etag
W/"533264-1647020657000"
content-type
text/javascript;charset=UTF-8
x-iinfo
13-147234311-147233806 2VNN RT(1647299922476 0) q(0 0 0 -1) r(2 2)
content-length
151616
webApplicationInjector.js
www.doterra.com/_ui/addons/smarteditaddon/shared/common/js/
8 KB
8 KB
Script
General
Full URL
https://www.doterra.com/_ui/addons/smarteditaddon/shared/common/js/webApplicationInjector.js?1057936
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/kristinam
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache/2.4.6 (Red Hat Enterprise Linux) /
Resource Hash
dc09c3fc4aab87e37e3b5c533526bdf8bd27c28db3573b641df2abd2b02abeb8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.doterra.com/US/en/site/kristinam
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 23:06:10 GMT
last-modified
Mon, 14 Mar 2022 15:12:45 GMT
server
Apache/2.4.6 (Red Hat Enterprise Linux)
etag
W/"7912-1647270765646"
x-frame-options
SAMEORIGIN
content-type
text/javascript;charset=UTF-8
x-iinfo
13-147234394-147234464 2NNN RT(1647299922926 0) q(0 3 3 -1) r(3 8)
accept-ranges
bytes
content-length
7912
x-cdn
Imperva
reprocessPage.js
www.doterra.com/_ui/addons/smarteditaddon/shared/common/js/
703 B
491 B
Script
General
Full URL
https://www.doterra.com/_ui/addons/smarteditaddon/shared/common/js/reprocessPage.js?1057936
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/kristinam
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
7ab5367f0039773f77fb519cf799a69cb5c567b50d95d42f0fa89928d266ed70

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.doterra.com/US/en/site/kristinam
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 23:18:42 GMT
content-encoding
gzip
last-modified
Fri, 10 Jan 2020 01:04:26 GMT
x-cdn
Imperva
etag
W/"703-1578618266000"
content-type
text/javascript;charset=UTF-8
x-iinfo
13-147234395-0 0CNN RT(1647299922927 0) q(0 -1 -1 -1) r(0 -1)
content-length
368
adjustComponentRenderingToSE.js
www.doterra.com/_ui/addons/smarteditaddon/shared/common/js/
2 KB
923 B
Script
General
Full URL
https://www.doterra.com/_ui/addons/smarteditaddon/shared/common/js/adjustComponentRenderingToSE.js?1057936
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/kristinam
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
5a1cf84f88664fc6171a5aef150838d2e63831334a17a03c972aca3c2519c32f

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.doterra.com/US/en/site/kristinam
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 23:18:42 GMT
content-encoding
gzip
last-modified
Fri, 10 Jan 2020 01:04:26 GMT
x-cdn
Imperva
etag
W/"1877-1578618266000"
content-type
text/javascript;charset=UTF-8
x-iinfo
13-147234399-0 0CNN RT(1647299922944 0) q(0 -1 -1 -1) r(0 -1)
content-length
823
custom.js
www.doterra.com/_ui/desktop/common/dist/
73 KB
15 KB
Script
General
Full URL
https://www.doterra.com/_ui/desktop/common/dist/custom.js?1057936
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/kristinam
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
ddb831d3901fc6517d6ddf85113e31d73dbc08a69f8ce15423b582245e41b084

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.doterra.com/US/en/site/kristinam
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 23:18:43 GMT
content-encoding
gzip
last-modified
Fri, 11 Mar 2022 17:44:17 GMT
x-cdn
Imperva
etag
W/"74920-1647020657000"
content-type
text/javascript;charset=UTF-8
x-iinfo
13-147234400-147234478 2VNN RT(1647299922945 0) q(0 4 4 -1) r(4 8)
content-length
15555
sharebuttons.js
www.doterra.com/_ui/desktop/common/js/custom/
10 KB
3 KB
Script
General
Full URL
https://www.doterra.com/_ui/desktop/common/js/custom/sharebuttons.js?1057936
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/kristinam
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
5dcd3cb5cf2878a5644b6dd602c5adfbfbe83e0a1949049e1b233270005e212e

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.doterra.com/US/en/site/kristinam
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 23:18:43 GMT
content-encoding
gzip
last-modified
Fri, 11 Mar 2022 17:42:24 GMT
x-cdn
Imperva
etag
W/"10723-1647020544000"
content-type
text/javascript;charset=UTF-8
x-iinfo
13-147234342-147234343 2VNN RT(1647299922681 0) q(0 0 0 -1) r(0 7)
content-length
3232
field-mask.js
www.doterra.com/_ui/desktop/common/js/custom/
3 KB
695 B
Script
General
Full URL
https://www.doterra.com/_ui/desktop/common/js/custom/field-mask.js?1057936
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/kristinam
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
d8d492e9940ea13f04fd72121c1bcc1daf6db4b23c3e86fafd220d78633c9061

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.doterra.com/US/en/site/kristinam
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 23:18:43 GMT
content-encoding
gzip
last-modified
Thu, 10 Mar 2022 22:35:07 GMT
x-cdn
Imperva
etag
W/"3009-1646951707000"
content-type
text/javascript;charset=UTF-8
x-iinfo
13-147234347-147234348 2VNN RT(1647299922695 0) q(0 0 0 -1) r(0 7)
content-length
591
global.js
www.doterra.com/_ui/desktop/common/js/custom/
213 KB
51 KB
Script
General
Full URL
https://www.doterra.com/_ui/desktop/common/js/custom/global.js?1057936
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/kristinam
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache/2.4.6 (Red Hat Enterprise Linux) /
Resource Hash
f1a0c9d1906872528ac89079af13fbbe68cdb62b48fca7535c08deaba832b4c1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.doterra.com/US/en/site/kristinam
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 23:06:10 GMT
content-encoding
gzip
last-modified
Fri, 11 Mar 2022 17:42:24 GMT
server
Apache/2.4.6 (Red Hat Enterprise Linux)
etag
W/"218032-1647020544000"
x-frame-options
SAMEORIGIN
content-type
text/javascript;charset=UTF-8
x-iinfo
13-147234384-147234185 pNNN RT(1647299922914 0) q(0 0 0 -1) r(1 1) U9
accept-ranges
bytes
x-cdn
Imperva
minicart.js
www.doterra.com/_ui/desktop/common/js/custom/
25 KB
6 KB
Script
General
Full URL
https://www.doterra.com/_ui/desktop/common/js/custom/minicart.js?1057936
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/kristinam
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
353eda99a3acd3c7034f8f9c1117f85fe117c7e1e6af0f2a19712e683a675c96

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.doterra.com/US/en/site/kristinam
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 23:18:43 GMT
content-encoding
gzip
last-modified
Fri, 11 Mar 2022 17:42:24 GMT
x-cdn
Imperva
etag
W/"25766-1647020544000"
content-type
text/javascript;charset=UTF-8
x-iinfo
13-147234385-147233806 2VNN RT(1647299922917 0) q(0 0 0 -1) r(1 1)
content-length
5883
lrp-datepicker.js
www.doterra.com/_ui/desktop/common/js/custom/
17 KB
4 KB
Script
General
Full URL
https://www.doterra.com/_ui/desktop/common/js/custom/lrp-datepicker.js?1057936
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/kristinam
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
6302f69094bf2089230791cf874c6e45e21d621b3678bf0a49d73b387ccf641a

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.doterra.com/US/en/site/kristinam
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 23:18:43 GMT
content-encoding
gzip
last-modified
Fri, 11 Mar 2022 17:42:24 GMT
x-cdn
Imperva
etag
W/"17590-1647020544000"
content-type
text/javascript;charset=UTF-8
x-iinfo
13-147234386-147234387 2VNN RT(1647299922919 0) q(0 0 0 -1) r(0 4)
content-length
3725
api.js
www.google.com/recaptcha/
909 B
992 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/kristinam
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
530202c63ead494a9c3068a77da8009ef70462a9ba38d9095aa2646617bc6257
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.doterra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 23:18:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
579
x-xss-protection
1; mode=block
expires
Mon, 14 Mar 2022 23:18:43 GMT
doterraFormValidation.js
www.doterra.com/_ui/desktop/common/js/custom/
14 KB
4 KB
Script
General
Full URL
https://www.doterra.com/_ui/desktop/common/js/custom/doterraFormValidation.js?1057936
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/kristinam
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
1293064ef09cefcc669468aa5b44c867b8d8a6ac2705d90c3add7c38e46d055e

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.doterra.com/US/en/site/kristinam
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 23:18:43 GMT
content-encoding
gzip
last-modified
Fri, 11 Mar 2022 17:42:24 GMT
x-cdn
Imperva
etag
W/"14728-1647020544000"
content-type
text/javascript;charset=UTF-8
x-iinfo
13-147234388-147233812 2VNN RT(1647299922920 0) q(0 0 0 -1) r(4 4)
content-length
3949
replicated-cache-clear.js
www.doterra.com/_ui/desktop/common/js/custom/
2 KB
916 B
Script
General
Full URL
https://www.doterra.com/_ui/desktop/common/js/custom/replicated-cache-clear.js?1057936
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/kristinam
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
ffc74932e113b0da44e2ade790dcde73c071aa191c230ae370a09dbe57c62084

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.doterra.com/US/en/site/kristinam
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 23:18:42 GMT
content-encoding
gzip
last-modified
Mon, 07 Mar 2022 09:15:44 GMT
x-cdn
Imperva
etag
W/"1578-1646644544000"
content-type
text/javascript;charset=UTF-8
x-iinfo
13-147234389-0 0CNN RT(1647299922922 0) q(0 -1 -1 -1) r(0 -1)
content-length
792
css
fonts.googleapis.com/
10 KB
710 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Raleway:300,400,600,700,800,900&display=swap
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/_ui/desktop/common/css/bootstrap-3-styles.css?1057936
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a9c9e2b6ac83ef12264aa68a5a310a028c02c2f06779d8aa43ab8f5a00a0b9d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.doterra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 23:18:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 14 Mar 2022 23:18:42 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 14 Mar 2022 23:18:42 GMT
css
fonts.googleapis.com/
8 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Raleway:300,400,600,700,900&display=swap
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/_ui/desktop/common/css/bootstrap-3-styles.css?1057936
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dffc3f95523ce0497df3776675491c617d3918aa0c73049b3632307a99fd7a81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.doterra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 23:18:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 14 Mar 2022 23:18:42 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 14 Mar 2022 23:18:42 GMT
notice
consent.trustarc.com/
12 KB
5 KB
Script
General
Full URL
https://consent.trustarc.com/notice?domain=doterra-cm1.com&c=teconsent&noticeType=bb&js=nj&text=true&gtm=1&language=en_US
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/kristinam
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-47.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
903d6db802db18eef0e4475093adce881e76ff76dccb90c1929679acf6682806
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.doterra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 22:29:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2926
x-cache
Hit from cloudfront
cloudfront-viewer-country
ES
vary
Accept-Encoding, Origin
content-length
4693
x-xss-protection
1; mode=block
server
nginx
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript;charset=UTF-8
via
1.1 c9ca35e5541827c5873bfdb59f015b20.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
DUS51-P2
timing-allow-origin
*
x-amz-cf-id
t2vk6fLnN38rJdSKwIGZGB3sepJELW9e762Gc7Bx3ONnpryb3xcS6g==
expires
Mon, 14 Mar 2022 23:29:56 GMT
1647299922920
mydoterra.queue-it.net/javascriptqueue/mydoterra/hybbogofeb2019/
391 B
925 B
Script
General
Full URL
https://mydoterra.queue-it.net/javascriptqueue/mydoterra/hybbogofeb2019/1647299922920?t=https%3A%2F%2Fwww.doterra.com%2FUS%2Fen%2Fsite%2Fkristinam&ver=js2.0.20
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/kristinam
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.200.199.71 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-200-199-71.us-west-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
686c168a7fe6565fca6420e6c5b4aa939f75d4b2d69d04d994534445dc1de3e8

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.doterra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 23:18:43 GMT
server
Kestrel
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
content-type
application/javascript
cache-control
no-store, no-cache
x-robots-tag
noindex
content-length
391
gtm.js
www.googletagmanager.com/
231 KB
80 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PHX657
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/kristinam
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
eeca538d5db91bdbe7af563931b20be4620e1820f2cb10161b64ccdde6edb8b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.doterra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 23:18:43 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
81020
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 22:38:16 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 14 Mar 2022 23:18:43 GMT
spinner.gif
www.doterra.com/_ui/desktop/common/images/
4 KB
4 KB
Image
General
Full URL
https://www.doterra.com/_ui/desktop/common/images/spinner.gif
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/kristinam
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
d314e23674a93dcaa9bfb72041d7da79fdba406f2d042b416356da52dec4af55

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.doterra.com/US/en/site/kristinam
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-iinfo
13-147234404-0 0CNN RT(1647299922981 0) q(0 -1 -1 -1) r(0 -1)
date
Mon, 14 Mar 2022 23:18:42 GMT
last-modified
Mon, 07 Mar 2022 09:15:44 GMT
x-cdn
Imperva
etag
W/"3990-1646644544000"
content-length
3990
content-type
image/gif;charset=UTF-8
spinner-brand.svg
www.doterra.com/_ui/desktop/common/images/wqa/
87 KB
25 KB
Image
General
Full URL
https://www.doterra.com/_ui/desktop/common/images/wqa/spinner-brand.svg
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/_ui/desktop/common/css/bootstrap-3-styles.css?1057936
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
a16c46c30c67912b971cb8a8c63051a65a7b41fb8b235c69c4accabe4fe59a71

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.doterra.com/_ui/desktop/common/css/bootstrap-3-styles.css?1057936
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 23:18:42 GMT
content-encoding
gzip
last-modified
Mon, 07 Mar 2022 09:15:44 GMT
x-cdn
Imperva
etag
W/"89159-1646644544000"
content-type
image/svg+xml;charset=UTF-8
x-iinfo
13-147234405-0 0CNN RT(1647299922983 0) q(0 -1 -1 -1) r(0 -1)
content-length
25794
lavenderDesktop.jpg
www.doterra.com/_ui/desktop/common/assets-doterra/images/replicated-site/
155 KB
155 KB
Image
General
Full URL
https://www.doterra.com/_ui/desktop/common/assets-doterra/images/replicated-site/lavenderDesktop.jpg?1057936
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/_ui/desktop/common/css/bootstrap-3-styles.css?1057936
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
46fed4ad84f360e1ac10edb0abca0eac25d788f7c2e5f27a093d0043f466a0bd

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.doterra.com/_ui/desktop/common/css/bootstrap-3-styles.css?1057936
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-iinfo
13-147234406-0 0CNN RT(1647299922985 0) q(0 -1 -1 -1) r(0 -1)
date
Mon, 14 Mar 2022 23:18:42 GMT
last-modified
Mon, 07 Mar 2022 09:15:43 GMT
x-cdn
Imperva
etag
W/"158700-1646644543000"
content-length
158700
content-type
image/jpeg;charset=UTF-8
/
www.doterra.com/medias/
24 KB
24 KB
Image
General
Full URL
https://www.doterra.com/medias/?context=bWFzdGVyfHJvb3R8MjQ2NjB8aW1hZ2UvanBlZ3xoYTIvaDY0Lzg4MDA1Nzk3MTUxMDIuanBnfDNmMTJmNjdhZjY2NmZmYjlhY2U2ZDAyZTNjNGJkMDk5YWY2Y2IwZDMyNDhmMmEwYTJlZjQwNGVjOTVlNjU3NDc
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/kristinam
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
39932e4be1cf3bf23a1163f106d339ad9f053f2fe57850225416dddd4ee5d0a2

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.doterra.com/US/en/site/kristinam
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 23:18:42 GMT
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
x-cdn
Imperva
etag
312e63f8bf780e0d4f5fcd3a326fd7e3
content-type
image/jpeg
x-iinfo
13-147234407-0 0CNN RT(1647299922987 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=31524640, public
content-length
24660
expires
Tue, 14 Mar 2023 20:09:22 GMT
/
www.doterra.com/medias/
39 KB
39 KB
Image
General
Full URL
https://www.doterra.com/medias/?context=bWFzdGVyfHJvb3R8NDA3NTN8aW1hZ2UvanBlZ3xoNmEvaGY5Lzg4MDA1Nzk2ODIzMzQuanBnfDZmNGUxZDMwYzFlMjI4ODA3Y2FjNWZhOTE0Y2ViNjZkNzBlNzY0YmQ3YmJhYTJiYmM2ZTc3ZjAzM2FlYThiZjg
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/kristinam
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
ae4285836d306f4a28377647ff92977fb53276f0ca2815b83e7753f8dbc4eb87

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.doterra.com/US/en/site/kristinam
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 23:18:42 GMT
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
x-cdn
Imperva
etag
a03e4d85a3656e2bc36815f04d5db871
content-type
image/jpeg
x-iinfo
13-147234408-0 0CNN RT(1647299922988 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=31524640, public
content-length
39925
expires
Tue, 14 Mar 2023 20:09:22 GMT
/
www.doterra.com/medias/
60 KB
61 KB
Image
General
Full URL
https://www.doterra.com/medias/?context=bWFzdGVyfHJvb3R8NjQyNjB8aW1hZ2UvanBlZ3xoMDQvaDdhLzg4MDA1Nzk3NDc4NzAuanBnfGQ5ODY4ZmVjZjk5OTVjY2Y4NjhiZDVmMGEwMzdjYzhmZmE2MjZmOWJkN2U5ZmQ2MzJjNWExNTk0ZmY4MzE0MjM
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/kristinam
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
efe6dd07552fd37a7c95a7a797037b67c5e7403a44cb70f98c5f5f256cce1cf6

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.doterra.com/US/en/site/kristinam
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 23:18:42 GMT
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
x-cdn
Imperva
etag
9951ba5016949013a98fa8649c32f074
content-type
image/jpeg
x-iinfo
13-147234409-0 0CNN RT(1647299922989 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=31524640, public
content-length
61821
expires
Tue, 14 Mar 2023 20:09:22 GMT
icon-chevron-thin-down-blue-dark.svg
www.doterra.com/_ui/desktop/common/images/wqa/icons/
1 KB
734 B
Image
General
Full URL
https://www.doterra.com/_ui/desktop/common/images/wqa/icons/icon-chevron-thin-down-blue-dark.svg
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/_ui/desktop/common/css/bootstrap-3-styles.css?1057936
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
73e336238f841bb74b2f18ff731ca9e0b35f8432d39f5800c03beba526c18c07

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.doterra.com/_ui/desktop/common/css/bootstrap-3-styles.css?1057936
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 23:18:42 GMT
content-encoding
gzip
last-modified
Mon, 07 Mar 2022 09:15:44 GMT
x-cdn
Imperva
etag
W/"1269-1646644544000"
content-type
image/svg+xml;charset=UTF-8
x-iinfo
13-147234410-0 0CNN RT(1647299922990 0) q(0 -1 -1 -1) r(0 -1)
content-length
634
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v26/
46 KB
46 KB
Font
General
Full URL
https://fonts.gstatic.com/s/raleway/v26/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:300,400,600,700,800,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.doterra.com
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Mar 2022 06:13:05 GMT
x-content-type-options
nosniff
age
579938
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47312
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:15:33 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 08 Mar 2023 06:13:05 GMT
Parisienne.woff
www.doterra.com/_ui/desktop/common/assets-doterra/fonts/bootstrap/
33 KB
33 KB
Font
General
Full URL
https://www.doterra.com/_ui/desktop/common/assets-doterra/fonts/bootstrap/Parisienne.woff
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/_ui/desktop/common/css/bootstrap-3-styles.css?1057936
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache/2.4.6 (Red Hat Enterprise Linux) /
Resource Hash
95dd87dc5ee491d6b9c12296e5bba946db258f8e5512020328738dc6bb002fb1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.doterra.com/_ui/desktop/common/css/bootstrap-3-styles.css?1057936
Origin
https://www.doterra.com
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 23:06:10 GMT
last-modified
Thu, 10 Mar 2022 22:35:07 GMT
server
Apache/2.4.6 (Red Hat Enterprise Linux)
etag
W/"33820-1646951707000"
x-frame-options
SAMEORIGIN
content-type
application/font-woff
x-iinfo
13-147234411-147233806 2NNN RT(1647299922990 0) q(0 1 1 -1) r(3 3) U12
accept-ranges
bytes
content-length
33820
x-cdn
Imperva
1Ptug8zYS_SKggPNyCMIT5lu.woff2
fonts.gstatic.com/s/raleway/v26/
30 KB
30 KB
Font
General
Full URL
https://fonts.gstatic.com/s/raleway/v26/1Ptug8zYS_SKggPNyCMIT5lu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:300,400,600,700,800,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a3cd7ed9675ce72c00f36cfca4673fa578a3747a6165e4e99617d7ea81bb8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.doterra.com
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Mar 2022 07:05:32 GMT
x-content-type-options
nosniff
age
490391
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30340
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:15:59 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Mar 2023 07:05:32 GMT
WR19-1x1-156x156-facebook.png
www.doterra.com/medias/
3 KB
3 KB
Image
General
Full URL
https://www.doterra.com/medias/WR19-1x1-156x156-facebook.png?context=bWFzdGVyfHJvb3R8NDE5OXxpbWFnZS9wbmd8aGE0L2hjYS8xMzE5MjYxNzkxODQ5NC5wbmd8N2I4ZjIzNGQ4ZWZhM2VmMzUwOGUzNjQ2Njk3MGFlNzQ1MWEyNTE2ZWFiZDA3MmRlMjhhMWRlZWUxMTM2NTkzZA
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/kristinam
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
74c21265caa56322747815ba839d5eda6900975098bd6beb90bd9b3046712488

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.doterra.com/US/en/site/kristinam
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 23:18:43 GMT
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
x-cdn
Imperva
etag
8f7df93e8da9c0fa67c5037edb32cc8b
content-type
image/png
x-iinfo
13-147234413-0 0CNN RT(1647299923012 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=31524511, public
content-length
2604
expires
Tue, 14 Mar 2023 20:07:14 GMT
WR19-1x1-156x156-instagram.png
www.doterra.com/medias/
6 KB
6 KB
Image
General
Full URL
https://www.doterra.com/medias/WR19-1x1-156x156-instagram.png?context=bWFzdGVyfHJvb3R8NzQwOHxpbWFnZS9wbmd8aGQyL2g3OS8xMzE5MjYxODA4MjMzNC5wbmd8YTFhYzE4MTYwOThiM2VjNWY4N2E2MjllNjNkZjgyNjk5NmNmMDllZTQ5NGM0MmI5ZjVlYWE1NTM4M2ZlYWY3ZA
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/kristinam
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
494244e4c215bcb210e085e4277a502e16b611026b910468d94855eb3b57562e

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.doterra.com/US/en/site/kristinam
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 23:18:43 GMT
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
x-cdn
Imperva
etag
92ad2e18aac58916554433368676a547
content-type
image/png
x-iinfo
13-147234414-0 0CNN RT(1647299923014 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=31524512, public
content-length
6009
expires
Tue, 14 Mar 2023 20:07:15 GMT
WR19-1x1-156x156-pinterest.png
www.doterra.com/medias/
4 KB
5 KB
Image
General
Full URL
https://www.doterra.com/medias/WR19-1x1-156x156-pinterest.png?context=bWFzdGVyfHJvb3R8NjI2NHxpbWFnZS9wbmd8aDk1L2g2NS8xMzE5MjYxODAxNjc5OC5wbmd8MTA0YTY4YWY3N2I4NmMyODFmYzhlODZjMGYwYTI2NDI5NzM3MGEwMzMwN2QxMGM5MmY0MDg5MjNjNDc4ZDFkOQ
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/kristinam
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
c85a6e7b8e999564c1ffb3613ccfafdf9fdae02444672383b72378d9343f94dc

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.doterra.com/US/en/site/kristinam
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 23:18:43 GMT
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
x-cdn
Imperva
etag
a950c3582c7507e3095f9644bb6e7e4c
content-type
image/png
x-iinfo
13-147234415-0 0CNN RT(1647299923015 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=31524511, public
content-length
4593
expires
Tue, 14 Mar 2023 20:07:14 GMT
WR19-1x1-156x156-youtube.png
www.doterra.com/medias/
3 KB
3 KB
Image
General
Full URL
https://www.doterra.com/medias/WR19-1x1-156x156-youtube.png?context=bWFzdGVyfHJvb3R8MzgxOXxpbWFnZS9wbmd8aDVlL2gyZC8xMzE5MjYxNzc4NzQyMi5wbmd8YWI0NWFiYTc2NTMxMjBkN2ZkYTg0MWNkZTRhNWY4NWNjMmI4ZWQ0OTRmZmZjMDUzOGE2Yzg2OGUxMjVmYjczNA
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/kristinam
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
2fb08dcb3c927add9a9550da50c3a681341bec6a7c1452a1260f3e26fa67b354

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.doterra.com/US/en/site/kristinam
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 23:18:43 GMT
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
x-cdn
Imperva
etag
48f5357942b194d1e81aba7192f35d20
content-type
image/png
x-iinfo
13-147234417-0 0CNN RT(1647299923017 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=31524511, public
content-length
3242
expires
Tue, 14 Mar 2023 20:07:14 GMT
WR19-1x1-156x156-linkedin.png
www.doterra.com/medias/
1 KB
1 KB
Image
General
Full URL
https://www.doterra.com/medias/WR19-1x1-156x156-linkedin.png?context=bWFzdGVyfHJvb3R8NDE3NHxpbWFnZS9wbmd8aGZkL2gxMy8xMzE5MjYxODgwMzIzMC5wbmd8NGIxYzdjOWM3M2ZhOTMyMzE5ZDFhNjMxOGQwMjM3N2QyYTQxMDE4MGZhNzIxNTcxMzRjYWViYWJkZGYzYTUzNg
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/kristinam
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
03b8f236b3a885e2da4bac58d384bbc1877a7961d2d8039305ab7adb8e188c24

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.doterra.com/US/en/site/kristinam
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 23:18:43 GMT
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
x-cdn
Imperva
etag
88ea44a793f901c7c2d094493d9dfe74
content-type
image/png
x-iinfo
13-147234418-0 0CNN RT(1647299923018 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=31524512, public
content-length
1187
expires
Tue, 14 Mar 2023 20:07:15 GMT
get
consent.trustarc.com/ Frame F7C8
7 KB
2 KB
Document
General
Full URL
https://consent.trustarc.com/get?name=crossdomain.html&domain=doterra-cm1.com
Requested by
Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=doterra-cm1.com&c=teconsent&noticeType=bb&js=nj&text=true&gtm=1&language=en_US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-47.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
7fe7d9054d31a9874fb36aba6a3736c02799bdaab5fed3e007ff334bc4580732
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
es-ES,es;q=0.9
Referer
https://www.doterra.com/

Response headers

content-type
text/html;charset=UTF-8
date
Mon, 14 Mar 2022 23:06:36 GMT
server
nginx
pragma
public
expires
Wed, 13 Apr 2022 23:06:36 GMT
cache-control
max-age=2592000
timing-allow-origin
*
content-encoding
gzip
vary
Accept-Encoding Origin
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
via
1.1 c9ca35e5541827c5873bfdb59f015b20.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
sdTvxhEOlCWtbTvPq2cRyXbfTCDihgEiiUyRZua-chKLFnqFEcI66Q==
age
727
v1.7-458
consent.trustarc.com/asset/notice.js/v/
75 KB
24 KB
Script
General
Full URL
https://consent.trustarc.com/asset/notice.js/v/v1.7-458
Requested by
Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=doterra-cm1.com&c=teconsent&noticeType=bb&js=nj&text=true&gtm=1&language=en_US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-47.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
b62c80a53749bed7d1e8d6a4798f744e4701e66c8383e301621ad8839b24b09c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.doterra.com/
Origin
https://www.doterra.com
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 22:57:18 GMT
content-encoding
gzip
vary
Accept-Encoding
age
1285
x-cache
Hit from cloudfront
pragma
public
access-control-allow-origin
*
last-modified
Mon, 21 Feb 2022 05:49:07 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript
via
1.1 3a42f75e219a9a44a54979112dcb25dc.cloudfront.net (CloudFront)
access-control-expose-headers
*
cache-control
max-age=2592000
x-amz-cf-pop
DUS51-P2
timing-allow-origin
*
x-amz-cf-id
Tjgxp-iazWNIjgLeOXsv1ZZK2CnIFASmrs4bvcVcHASDjw29MFRSwA==
expires
Wed, 13 Apr 2022 22:57:18 GMT
log
consent.trustarc.com/
43 B
440 B
Image
General
Full URL
https://consent.trustarc.com/log?domain=doterra-cm1.com&country=es&state=&behavior=implied&c=617d
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/kristinam
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-47.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.doterra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 23:18:43 GMT
via
1.1 c9ca35e5541827c5873bfdb59f015b20.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
DUS51-P2
vary
Origin
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security
max-age=31536000; includeSubDomains
content-length
43
x-amz-cf-id
1zeRFyBaogPLnZe1WX9F85I5u2nRWM_8N6k-0cgql0tDlQOkk0Njng==
expires
Mon, 26 Jul 1997 05:00:00 GMT
notice
consent.trustarc.com/
16 KB
5 KB
Script
General
Full URL
https://consent.trustarc.com/notice?domain=doterra-cm1.com&country=es&js=nj2&c=teconsent&noticeType=bb&text=true&gtm=1&language=en_US
Requested by
Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=doterra-cm1.com&c=teconsent&noticeType=bb&js=nj&text=true&gtm=1&language=en_US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-47.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
19644a27712772d5a996fee457ffdfad2d411d4841331d1a920520d139664bd0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.doterra.com/
Origin
https://www.doterra.com
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 22:29:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2926
x-cache
Hit from cloudfront
cloudfront-viewer-country
ES
vary
Accept-Encoding
content-length
4877
x-xss-protection
1; mode=block
access-control-allow-origin
*
server
nginx
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript;charset=UTF-8
via
1.1 3a42f75e219a9a44a54979112dcb25dc.cloudfront.net (CloudFront)
access-control-expose-headers
*
cache-control
max-age=3600
x-amz-cf-pop
DUS51-P2
timing-allow-origin
*
x-amz-cf-id
vbC3Upsc3P3KtphnFc8bhS6EqioqA2kXd8jJiHQQR8dgZTEGucgQHQ==
expires
Mon, 14 Mar 2022 23:29:57 GMT
videos
www.googleapis.com/youtube/v3/
465 B
283 B
XHR
General
Full URL
https://www.googleapis.com/youtube/v3/videos?id=OEnKOk4ad0U&key=AIzaSyC3Hu7AUhct1i_5NLSWwrG3lgc50cCfLys%20&part=snippet
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.3.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
07818b0854bb53af39ec11ca7338e0b047cc403bc96549e73f9617f6f8a2a527
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.doterra.com/
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 23:18:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.doterra.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
vary
Origin, X-Origin, Referer
content-length
212
x-xss-protection
0
videos
www.googleapis.com/youtube/v3/
465 B
283 B
XHR
General
Full URL
https://www.googleapis.com/youtube/v3/videos?id=o_M4XsYaOxM&key=AIzaSyC3Hu7AUhct1i_5NLSWwrG3lgc50cCfLys%20&part=snippet
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.3.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
07818b0854bb53af39ec11ca7338e0b047cc403bc96549e73f9617f6f8a2a527
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.doterra.com/
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 23:18:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.doterra.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
vary
Origin, X-Origin, Referer
content-length
212
x-xss-protection
0
videos
www.googleapis.com/youtube/v3/
465 B
643 B
XHR
General
Full URL
https://www.googleapis.com/youtube/v3/videos?id=M7btq8eYavY&key=AIzaSyC3Hu7AUhct1i_5NLSWwrG3lgc50cCfLys%20&part=snippet
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.3.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
07818b0854bb53af39ec11ca7338e0b047cc403bc96549e73f9617f6f8a2a527
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.doterra.com/
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 23:18:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.doterra.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
vary
Origin, X-Origin, Referer
content-length
212
x-xss-protection
0
recaptcha__es.js
www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/
360 KB
142 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/recaptcha__es.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3da922ad3f1ea9213c6288f9ab2c98b3eee151afa55964c0085670c1a6713c25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.doterra.com/
Origin
https://www.doterra.com
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 18:02:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18982
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
144822
x-xss-protection
0
last-modified
Mon, 07 Mar 2022 05:02:21 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 14 Mar 2023 18:02:21 GMT
css
fonts.googleapis.com/
3 KB
651 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Raleway:500,700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dd66522f8de733cd07d977e79092a520e77ffc2ad241b3bc2ba20ac639a628b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.doterra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 23:18:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 14 Mar 2022 23:18:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 14 Mar 2022 23:18:43 GMT
bannermsg
consent.trustarc.com/
43 B
468 B
Image
General
Full URL
https://consent.trustarc.com/bannermsg?action=views&domain=doterra-cm1.com&behavior=implied&country=es&language=en&rand=0.3127604585015087
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/US/en/site/kristinam
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-47.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.doterra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 23:18:43 GMT
via
1.1 c9ca35e5541827c5873bfdb59f015b20.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
DUS51-P2
x-cache
Miss from cloudfront
vary
Origin
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
server
nginx
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache
x-amz-cf-id
_rDsNLv5D4o8FDjROgTHn6nMg9QNw5mGpXItl1kVMM6SlB07-yhwvA==
expires
Mon, 14 Mar 2022 23:18:42 GMT
getBannerDetails
www.doterra.com/US/en/
143 B
590 B
XHR
General
Full URL
https://www.doterra.com/US/en/getBannerDetails
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.3.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache/2.4.6 (Red Hat Enterprise Linux) /
Resource Hash
0d9c820b8513f379548801f1acab020d1a365b2274d5609c36dbd6a704ae21a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://www.doterra.com/US/en/site/kristinam
X-Requested-With
XMLHttpRequest
ADRUM
isAjax:true
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 14 Mar 2022 23:04:11 GMT
x-content-type-options
nosniff
x-cdn
Imperva
adrum_1
n:DoterraInternationalLLC436_74b2e163-6eaf-417e-b636-3cfd27438bfa
adrum_2
i:4190277
x-iinfo
13-147234568-147234185 pNNN RT(1647299923834 0) q(0 0 0 -1) r(2 2) U2
adrum_3
e:8
x-xss-protection
1; mode=block
pragma
no-cache
server
Apache/2.4.6 (Red Hat Enterprise Linux)
adrum_0
g:7257859f-973d-45fe-8cb2-95dae2413472
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000 ; includeSubDomains
content-type
application/json;charset=UTF-8
cache-control
no-cache, no-store
expires
Thu, 01 Jan 1970 00:00:00 GMT
adrum-ext.4d2b0f335973eea91d9eb690f40ef388.js
cdn.appdynamics.com/
47 KB
19 KB
Script
General
Full URL
https://cdn.appdynamics.com/adrum-ext.4d2b0f335973eea91d9eb690f40ef388.js
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.3.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.115.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-115-39.txl50.r.cloudfront.net
Software
nginx/1.16.1 /
Resource Hash
3e89c9518b9f459131bade1463fd2af975259c18e7d1f0d4dfd1c4f975be2ecd

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.doterra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Feb 2022 17:28:00 GMT
content-encoding
gzip
age
1317043
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 28 Jun 2017 03:32:05 GMT
server
nginx/1.16.1
etag
W/"59532335-ba2d"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
via
1.1 4786bcd6a5ee692459814ef0ab252684.cloudfront.net (CloudFront)
cache-control
public, max-age=2678400, s-max-age=14400
x-amz-cf-pop
TXL50-P4
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
2kQcNuN1gDnYmxYD6v47I05Z2fRWGtPv66tvnKzBJTyuEpyUE5CPeg==
access.js
cdn.levelaccess.net/accessjs/YW1wMTI2OTg/
439 KB
57 KB
Script
General
Full URL
https://cdn.levelaccess.net/accessjs/YW1wMTI2OTg/access.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PHX657
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:de00:1:fb61:2b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8b2ffd0631f5842d2e8b6219f51369b211616ba6af60fb051dc61aabe4128516

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.doterra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
KtitXALCzgNYGiPtZw3Qa98X8VwkXxn9
Content-Encoding
gzip
ETag
"6f845ab47427e54e38962ab001422ed3"
Age
797
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
58208
Last-Modified
Wed, 23 Feb 2022 17:35:35 GMT
Server
AmazonS3
Date
Mon, 14 Mar 2022 23:10:31 GMT
Content-Type
application/javascript
Via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
Cache-Control
max-age=900
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
kP65vVvrj-dMjbYZ3YbqnDVKTE9alZWdVLX0HMgLpU4gLideUcCsUg==
icon-chevron-thin-down-white.svg
www.doterra.com/_ui/desktop/common/images/wqa/icons/
1 KB
803 B
Image
General
Full URL
https://www.doterra.com/_ui/desktop/common/images/wqa/icons/icon-chevron-thin-down-white.svg
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/_ui/desktop/common/css/bootstrap-3-styles.css?1057936
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
9ca16c68b72397b230893dd5c9fe202243a151d7072373322b45e1902ff0b9f4

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.doterra.com/_ui/desktop/common/css/bootstrap-3-styles.css?1057936
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 23:18:44 GMT
content-encoding
gzip
last-modified
Mon, 07 Mar 2022 09:15:44 GMT
x-cdn
Imperva
etag
W/"1269-1646644544000"
content-type
image/svg+xml;charset=UTF-8
x-iinfo
13-147234588-0 0CNN RT(1647299924039 0) q(0 -1 -1 -1) r(0 -1)
content-length
634
cross-white.svg
www.doterra.com/_ui/desktop/common/images/icons/
404 B
532 B
Image
General
Full URL
https://www.doterra.com/_ui/desktop/common/images/icons/cross-white.svg
Requested by
Host: www.doterra.com
URL: https://www.doterra.com/_ui/desktop/common/css/bootstrap-3-styles.css?1057936
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache/2.4.6 (Red Hat Enterprise Linux) /
Resource Hash
a35cce3396a02dd18268deb9fffc0970699e71ebf3464c185713009aa4a49ebc
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.doterra.com/_ui/desktop/common/css/bootstrap-3-styles.css?1057936
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 23:06:11 GMT
last-modified
Fri, 11 Mar 2022 17:42:24 GMT
server
Apache/2.4.6 (Red Hat Enterprise Linux)
etag
W/"404-1647020544000"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml;charset=UTF-8
x-iinfo
13-147234589-147234478 2NNN RT(1647299924040 0) q(0 0 0 -1) r(1 1)
accept-ranges
bytes
content-length
404
x-cdn
Imperva
adrum
col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-AAE-DSS/
0
1016 B
XHR
General
Full URL
https://col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-AAE-DSS/adrum
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum-ext.4d2b0f335973eea91d9eb690f40ef388.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.13.142.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-13-142-199.us-west-2.compute.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.doterra.com/
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 23:18:45 GMT
x-content-type-options
nosniff
server
envoy
vary
*
content-type
text/html
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
x-envoy-upstream-service-time
0
Connection
keep-alive
access-control-allow-headers
origin, content-type, accept
Content-Length
0
expires
0
1376362.jpg
www.doterra.com/medias/
418 KB
419 KB
Image
General
Full URL
https://www.doterra.com/medias/1376362.jpg?context=bWFzdGVyfHJvb3R8NDU4ODMyfGltYWdlL2pwZWd8aDk3L2hkMC8yODAyMjA0NDk1MDU1OC5qcGd8YWRhNWFjMDEwMTUxMTM5OGVhNjllYjNiNmMzZDcyODllZGFiMTQ1YzAwOGM0NzhjYjI3NGJiMTdlN2Q2MTQzZg
Requested by
Host: cdn.levelaccess.net
URL: https://cdn.levelaccess.net/accessjs/YW1wMTI2OTg/access.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e1fbd41b3f9dcaecd8fa144472d9aacc1a49dae6fcde7a76927601b2cc456b74

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.doterra.com/US/en/site/kristinam
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 23:18:46 GMT
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
x-cdn
Imperva
etag
e6056993a6c9887aa27017b7d1c82e46
content-type
image/jpeg
x-iinfo
13-147235128-0 0CNN RT(1647299926938 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=31524637, public
content-length
428137
expires
Tue, 14 Mar 2023 20:09:23 GMT
1376362.jpg
www.doterra.com/medias/
418 KB
418 KB
Image
General
Full URL
https://www.doterra.com/medias/1376362.jpg?context=bWFzdGVyfHJvb3R8NDU4ODMyfGltYWdlL2pwZWd8aDk3L2hkMC8yODAyMjA0NDk1MDU1OC5qcGd8YWRhNWFjMDEwMTUxMTM5OGVhNjllYjNiNmMzZDcyODllZGFiMTQ1YzAwOGM0NzhjYjI3NGJiMTdlN2Q2MTQzZg
Requested by
Host: cdn.levelaccess.net
URL: https://cdn.levelaccess.net/accessjs/YW1wMTI2OTg/access.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.13 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e1fbd41b3f9dcaecd8fa144472d9aacc1a49dae6fcde7a76927601b2cc456b74

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.doterra.com/US/en/site/kristinam
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 23:18:47 GMT
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
x-cdn
Imperva
etag
e6056993a6c9887aa27017b7d1c82e46
content-type
image/jpeg
x-iinfo
13-147235170-0 0CNN RT(1647299927016 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=31524636, public
content-length
428137
expires
Tue, 14 Mar 2023 20:09:23 GMT
results
api.levelaccess.net/analytics/3.0/
0
321 B
XHR
General
Full URL
https://api.levelaccess.net/analytics/3.0/results
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.3.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4457:4600:e73c:4fa5:7350:dee9 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.doterra.com/
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 14 Mar 2022 23:18:47 GMT
x-content-type-options
nosniff
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
0
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-expose-headers
Origin, X-Requested-With, Content-Type, Accept

Verdicts & Comments Add Verdict or Comment

444 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone object| oncontextlost object| oncontextrestored string| appKey object| adrumScript number| adrum-start-time object| adrum-config object| ADRUM object| mediator function| $ function| jQuery object| scriptElem string| MY_DOMAIN boolean| REQUIRE_USER_EXPRESSED_PERMISSION object| _STATE function| wrapCMSParagraphVideos function| processRunOnce function| processResponse function| runOnce function| getBehavior function| handleAPIResponse function| activateElement object| QueueIt function| queueClient object| myQueueClient object| queueit object| dataLayer number| totalItemsMiniCart string| cartDataSite object| ACC object| trackingMethod object| csrfTokenInputElements boolean| isProductMappingEnabled boolean| browserCloseLogoutFlag boolean| HAS_SESSION_CART boolean| IS_ANONYMOUS_USER string| abandonCartText string| abandonLrpCartText object| localText string| countryName string| mockCardTokenization string| paymetricSourceUrl string| mysteryProductSku string| apiKey number| showModalGreenPopUpTimeout number| showModalGreenPopUpWait object| doUpdatesMarketList object| supportedEnrollmentMarkets object| bankroutingPattern object| billingZipPattern object| govIdMaxlength object| billingMobilePhonePattern object| billingMobilePhonePlaceholder object| billingMobileMaskPattern object| govIdPattern object| billingZipRegex object| billingZipMask string| contextPath string| baseURL string| currencySymbol string| commonResourcePath string| siteId string| bannerEnabled string| globalNavigationHideCountryList string| needToResetPassword string| passwordResetDaysLeft string| aromaCheck string| isAgentLoggedIn string| dotUserId string| accountType boolean| queueItEnabled string| stateCode string| stateName string| postalCode string| countryCode string| isGigyaEnabledGlobally boolean| setPrimaryEmail boolean| showPortalModal object| regexEmail string| CCTServerAddress string| CCTPreChatSurvey string| CCTAccountManagementPreChatSurvey string| CCTTokenEx boolean| isAnonymousUser string| addressline1 string| addressline2 string| city object| lazySizesConfig object| $jscomp object| bootstrap object| bootbox function| moment function| Cookies object| lazySizes function| handleUpdateProgressTrackerData object| truste function| shouldRepop function| shouldResolveConsent object| $temp_box_overlay object| $temp_closebtn_style object| $temp_inner_iframe object| google_tag_manager function| postscribe object| google_tag_manager_external string| GoogleAnalyticsObject function| ga function| _truste_eu object| PREF_MGR_API_DEBUG object| PrivacyManagerAPI object| TRUSTE_CMAPI_DEBUG undefined| shareButtons function| shareButtonService function| downloadPDF function| shareButtonInit string| pattern string| placeholder function| fieldMaskInit function| setupFieldMask function| phoneMaskInit function| setPhonePattern function| dateMaskInit function| setDatePattern object| CARD_STATUS string| currentTabID string| isEnrollmentPage string| hasEnrollmentCartEntries number| currentEpochTime boolean| hideRegionBanner boolean| unsavedChanges undefined| forcedTargetUrl undefined| cartType object| wellnessResubscribedStatus string| WELLNESS_RESCUBSCRIBED_CLICKED string| WELLNESS_RESCUBSCRIBED_RESUMED string| MSG_ERROR_CLASS_NAME string| MSG_INFORMATIONAL_CLASS_NAME string| MSG_HELPER_CLASS_NAME string| MSG_DIRECTIONAL_CLASS_NAME string| MSG_WARNING_CLASS_NAME string| MSG_SUCCESS_CLASS_NAME string| MSG_SPECIAL_CLASS_NAME string| NON_MSM_CLASS_NAME string| MODAL_GRAY_CLASS_NAME function| showGlobalErrorMessage function| showGlobalInfoMessage function| showGlobalHelperMessage function| showGlobalDirectionalMessage function| showGlobalWarningMessage function| showGlobalSuccessMessage function| showGlobalSpecialMessage function| showGlobalBasicMessage function| showModalNonMessage function| showModalGray string| loading string| RENDERED_BS_SELECT string| addErrorConstant string| quantityMessage string| loyaltyOrder string| onetimeOrder string| enrollmentOrder function| lsTest object| formForRecaptcha undefined| formidForRecaptcha function| onloadCallback function| setStorage function| getStorage function| removeStorage object| bcTempTitle function| updateBreadcrumb undefined| FTLModal undefined| FTLModal2 undefined| FTLMessage undefined| FTLMessage2 undefined| FTLOptions undefined| FTLOptions2 undefined| FTLTitle string| firstTimeLoggedIn function| createInputElement function| showLoadingSpinner function| hideLoadingSpinner object| baseSelectOptions function| redirectToPage function| updateReferralCustomerPopUpValue function| addLoadingSpinnerAndSubmit function| checkHomepageSlider function| showShopFirstLoginPopup function| showEnrollNewMemberPopUpMessage string| enrollerFields function| disableEnrollerFields string| json boolean| addr_flag function| validateAddress function| refactorAddress function| refactorPRAddress function| refactorPRUrbanizedAddress function| refactorPRRuralRouteAddress function| removeDisabled function| submitForm function| saveAddress function| updatePasswordPrompt function| stopUpdatePasswordPrompt function| redirectToMyCart function| enableCartCopMiniCart function| launchCartCop function| initBtnSelect string| userAgent boolean| isAndroid function| showFeedbackModal function| validateFeedbackModal object| ytElements object| videoModal function| ytRichSnippets function| videoRichSnippets undefined| tag undefined| firstScriptTag undefined| ytPlayer undefined| ytPlayed function| getVideoID function| initVideoAWS object| vimeoElements function| vimeoRichSnippets function| initVimeo function| getLabel function| initAnchors function| gaEvent function| passwordRequirements function| toggleShowHide function| toggleShowHideOnKeyDown function| isNumberKey function| isDouble function| limitVal function| showRemoveMessage function| removeProductMessaging function| showGlobalBootboxMessage function| showModal function| swapNumber function| setPhoneNumber function| setPhoneType function| callOtpVerification function| callAuthyVerification function| formatPhoneNumber function| mergeLrpOrder function| mergeCart function| toggleHiddenSection function| aromaCheckLoginPopup function| siteLogoClick function| abandonCartMsg function| updateCreditBalanceSection function| toggleSSNChars function| addConventionProductOnly function| showProductCustomizeModal function| launchParentChildModal function| getProductCustomizeModalData function| renderProductCustomizeModal function| initProductQuantity function| showLTOLimitReached function| showExceedMaxPromotionLimit function| checkCustomizeQty function| verifyQuantityInput function| addParentItemOnly function| SimpleCustomizeParentProduct function| SimpleCustomizeChildProduct undefined| scrollPosition function| readSession function| getValOnly function| updateUser function| createTabID function| chkUserLoggedIn function| logoutFromBackend function| createSession function| generateUID function| changeKit function| calculateCardExpiryDate function| pvPromotionCheck function| upgradeAndRedirectToEnroll function| abandonCart function| checkOnloadModals function| checkQuickGuideModal function| guidedTourInit function| setStorageForRetailCartLogin function| showRoutingModal function| setFullStoryEvent function| checkProductRows function| adjustRowsHeight function| resetProductRowHeight function| showAddressCompareModal function| populateFields function| backToEditAddress function| enteredAddressSelected function| recommendedAddressSelected function| compareFieldValues function| personalEnteredAddressSelected function| personalRecommendedAddressSelected function| compareInitialValues function| isValidEmailAddress function| promptForPrimaryEmail function| saveEmailSubmit function| showUniqueEmailModal function| checkUniqueEmailAddress function| saveEmailAddress function| skipUniqueEmailCheck function| showPortalPreviewModal function| checkProp65Warning function| showProp65WarningMessage function| copyToClipboard function| updateRegionList function| checkCardTypeAndRegionList function| wareHouseSwitcherChangeAction function| setDatePicker function| setNfrOtgContext function| warehouseToggleOnload function| updateSelectWithData function| updateSelectWithCardData function| updateZipWithMask function| zipCodeFormatter function| validatePostalCode function| checkCartContext function| setNFRTooltip function| setSelectorValue function| changeSwitcherInputFlagOnLoad function| changeSwitcherInputFlag function| showDefaultMarketBanner function| updateBannerData function| handleSelectChangeMarket function| editLRPTemplate function| closeRegionBanner function| marketChangeAction function| getDHyCSTempID function| updateDhyCSEnrollerInfo function| handleAddToCartResponse function| recommendedProductsDisplay function| showProductOverlay function| resetLanguage function| completeExpressBodsModal function| checkBodsRequired function| resumeWellnessProgramModal function| showShippingDelayModal function| showShippingDelayModalGeneratedByBanner function| productMappingModal function| setnfrOtgFlagVal function| getDisplayedAccountType function| showMismatchedCartAndSiteSalesOrgsBox function| showNewAccountAuthPopup function| determineMarketMismatchContext function| copyTextToClipboard function| copyText function| setAriaExpandedValue object| alertQueue function| adaAlert function| processAlert undefined| ytPlay function| onYouTubeIframeAPIReady function| initMinicart function| updateMiniCartContent function| renderProductRow function| updateMiniCartContentOld function| clearMiniCart function| updateMiniCartIcon function| miniCartClicked function| miniCartLoginPopup function| handleRemoveAlert function| removeProductFromMinicart function| removeProductFromMinicartWithEntryNumber function| removeProductFromMinicartAjaxCall function| showMinicartSpinner function| hideMinicartSpinner function| checkForActiveCart function| verifyAddEnrollmentKit boolean| quickGuideHasBeenClicked function| saveLRPDateFlow object| forms object| widgets function| formValidationService function| toggleRequiredGroup function| checkExpirationDate function| checkRequiredGroup function| formInit string| OrderContextInformationModal object| pathArray object| siteLogo function| showEnrollNewMemberPopUpMessageReplicatedSite object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| smartedit object| searchResultsObject object| searchContentType object| searchSortType number| resultsPerPage boolean| filterOpened boolean| loadAjax function| resetLazyLoadObject function| renderFullResults function| renderFilterSortFullResults function| renderRecentSearch function| decodeURIComponentSafe function| checkLazyLoad function| getURLParameter function| filterCall function| getFilterList function| toggleNav function| shiftOffCanvasMenu string| globalGridClasses function| initiateSelectYourRegionPage function| sortByOrderNum function| sortByName function| findByCode function| extractLanguage function| validateLanguage function| extractRegion function| validateRegion string| IDLE_TIMEOUT number| TIMEOUT_CHECK_INVERVAL number| _idleMinutesCounter number| idleTime function| startTimeCheck function| checkIdleTime function| showIdleMessage function| formatTime object| AOS string| LANGUAGE_COOKIE string| DEFAULT_LANGUAGE object| LANGUAGES object| EMAIL_TEMPLATE_LANGUAGES string| REGION_COOKIE string| DEFAULT_REGION string| DEFAULT_PRIVACY_POLICY_LINK string| DEFAULT_TERMS_OF_USE_LINK object| REGIONS object| ZONES string| aName string| bName object| regionMap object| preferredMarket function| $jscomp$lookupPolyfilledValue object| LevelAccess_AccessJS_AccessEngine object| LevelAccess_AccessJS_FixPackage object| LevelAccess_AccessJS_OrgDetails object| LevelAccess_AccessJS string| AccNamePrototypeNameSpace object| LevelAccess_CalcNames

8 Cookies

Domain/Path Name / Value
www.doterra.com/ Name: JSESSIONID
Value: A5675047F7026BEB5CECD172B98F9931.prodhybapp12
www.doterra.com/ Name: JSESSIONID-B2BACC
Value: Y12-8145e48e-fc44-4676-83a0-61ffda32a163
.doterra.com/ Name: visid_incap_661002
Value: MlIa+3xgRDWZN7BD7+R6JVHNL2IAAAAAQUIPAAAAAAD4k/URqttsS5sGE5XBZt0a
.doterra.com/ Name: incap_ses_1396_661002
Value: 8YBVEyq//BowZqVo/JZfE1HNL2IAAAAAAUOMkcDu84zK40JZuOhwwA==
.doterra.com/ Name: notice_behavior
Value: implied,eu
mydoterra.queue-it.net/ Name: Queue-it-c8fa3e39-bf78-4112-a444-8b3eb145bc80
Value: WasRedirected=false&i=637828967234287141
.queue-it.net/ Name: Queue-it
Value: u=4cca6bd7-f626-435b-9c43-23484c2423ae
www.doterra.com/ Name: QueueITAccepted-SDFrts345E-V3_hybbogofeb2019
Value: EventId%3Dhybbogofeb2019%26QueueId%3Dc8fa3e39-bf78-4112-a444-8b3eb145bc80%26RedirectType%3Dsafetynet%26IssueTime%3D1647299923%26Hash%3Db4c17657ca6d833f00bba745ba57bc11043df5cf8a64dd9e0639f1393f5e6117

3 Console Messages

Source Level URL
Text
network error URL: https://www.googleapis.com/youtube/v3/videos?id=M7btq8eYavY&key=AIzaSyC3Hu7AUhct1i_5NLSWwrG3lgc50cCfLys%20&part=snippet
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.googleapis.com/youtube/v3/videos?id=o_M4XsYaOxM&key=AIzaSyC3Hu7AUhct1i_5NLSWwrG3lgc50cCfLys%20&part=snippet
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.googleapis.com/youtube/v3/videos?id=OEnKOk4ad0U&key=AIzaSyC3Hu7AUhct1i_5NLSWwrG3lgc50cCfLys%20&part=snippet
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.levelaccess.net
cdn.appdynamics.com
cdn.levelaccess.net
col.eum-appdynamics.com
consent.trustarc.com
fonts.googleapis.com
fonts.gstatic.com
mydoterra.queue-it.net
www.doterra.com
www.google.com
www.googleapis.com
www.googletagmanager.com
www.gstatic.com
108.157.4.47
18.64.115.39
2600:1f18:4457:4600:e73c:4fa5:7350:dee9
2600:9000:2156:de00:1:fb61:2b80:93a1
2a00:1450:4001:803::2003
2a00:1450:4001:808::2008
2a00:1450:4001:80f::2004
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::200a
45.60.14.13
52.13.142.199
54.200.199.71
020bf2e0ef448b05d18a16fcb68d21c6179b550f82c1b287c86e8fe48c9f40fd
03b8f236b3a885e2da4bac58d384bbc1877a7961d2d8039305ab7adb8e188c24
07818b0854bb53af39ec11ca7338e0b047cc403bc96549e73f9617f6f8a2a527
0d9c820b8513f379548801f1acab020d1a365b2274d5609c36dbd6a704ae21a4
11016ffdfabe02191d6ccfd3fc9b6302e980f94da94ffa699715d0d840b52062
1293064ef09cefcc669468aa5b44c867b8d8a6ac2705d90c3add7c38e46d055e
19644a27712772d5a996fee457ffdfad2d411d4841331d1a920520d139664bd0
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
29d6e437c73a41cb8b24285f13c57c31df470b095bccfe765622b32e07da0b67
2fb08dcb3c927add9a9550da50c3a681341bec6a7c1452a1260f3e26fa67b354
353eda99a3acd3c7034f8f9c1117f85fe117c7e1e6af0f2a19712e683a675c96
39932e4be1cf3bf23a1163f106d339ad9f053f2fe57850225416dddd4ee5d0a2
3da922ad3f1ea9213c6288f9ab2c98b3eee151afa55964c0085670c1a6713c25
3e89c9518b9f459131bade1463fd2af975259c18e7d1f0d4dfd1c4f975be2ecd
43deb04a30d8b678b66aea7c0836d7e5e18b69b9dc9f7ec6e685e355f686fcbf
46fed4ad84f360e1ac10edb0abca0eac25d788f7c2e5f27a093d0043f466a0bd
494244e4c215bcb210e085e4277a502e16b611026b910468d94855eb3b57562e
528eb4900ccdd06e15447187e3b5e68f6563f7e4e4941cba627859b107441224
530202c63ead494a9c3068a77da8009ef70462a9ba38d9095aa2646617bc6257
5a1cf84f88664fc6171a5aef150838d2e63831334a17a03c972aca3c2519c32f
5afbbb8d5abc6e27981c58b4462b8466e0186fb1130fae2b3eb6f4e158061689
5dcd3cb5cf2878a5644b6dd602c5adfbfbe83e0a1949049e1b233270005e212e
6258cb0d1a0e764d2759b94a5e2143ba7860850c4a9d2abc1583ea62936b66d9
6302f69094bf2089230791cf874c6e45e21d621b3678bf0a49d73b387ccf641a
686c168a7fe6565fca6420e6c5b4aa939f75d4b2d69d04d994534445dc1de3e8
73e336238f841bb74b2f18ff731ca9e0b35f8432d39f5800c03beba526c18c07
74c21265caa56322747815ba839d5eda6900975098bd6beb90bd9b3046712488
7ab5367f0039773f77fb519cf799a69cb5c567b50d95d42f0fa89928d266ed70
7fe7d9054d31a9874fb36aba6a3736c02799bdaab5fed3e007ff334bc4580732
83a3cd7ed9675ce72c00f36cfca4673fa578a3747a6165e4e99617d7ea81bb8c
8b2ffd0631f5842d2e8b6219f51369b211616ba6af60fb051dc61aabe4128516
903d6db802db18eef0e4475093adce881e76ff76dccb90c1929679acf6682806
9093968699cd4f6db3e46db22b087618cdfccb89973705022e2f2042cf989c66
95dd87dc5ee491d6b9c12296e5bba946db258f8e5512020328738dc6bb002fb1
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9ca16c68b72397b230893dd5c9fe202243a151d7072373322b45e1902ff0b9f4
a16c46c30c67912b971cb8a8c63051a65a7b41fb8b235c69c4accabe4fe59a71
a35cce3396a02dd18268deb9fffc0970699e71ebf3464c185713009aa4a49ebc
a9c9e2b6ac83ef12264aa68a5a310a028c02c2f06779d8aa43ab8f5a00a0b9d8
ae4285836d306f4a28377647ff92977fb53276f0ca2815b83e7753f8dbc4eb87
b62c80a53749bed7d1e8d6a4798f744e4701e66c8383e301621ad8839b24b09c
c85a6e7b8e999564c1ffb3613ccfafdf9fdae02444672383b72378d9343f94dc
d314e23674a93dcaa9bfb72041d7da79fdba406f2d042b416356da52dec4af55
d8d492e9940ea13f04fd72121c1bcc1daf6db4b23c3e86fafd220d78633c9061
dc09c3fc4aab87e37e3b5c533526bdf8bd27c28db3573b641df2abd2b02abeb8
dd66522f8de733cd07d977e79092a520e77ffc2ad241b3bc2ba20ac639a628b1
ddb831d3901fc6517d6ddf85113e31d73dbc08a69f8ce15423b582245e41b084
dffc3f95523ce0497df3776675491c617d3918aa0c73049b3632307a99fd7a81
e1fbd41b3f9dcaecd8fa144472d9aacc1a49dae6fcde7a76927601b2cc456b74
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eeca538d5db91bdbe7af563931b20be4620e1820f2cb10161b64ccdde6edb8b1
efe6dd07552fd37a7c95a7a797037b67c5e7403a44cb70f98c5f5f256cce1cf6
f1a0c9d1906872528ac89079af13fbbe68cdb62b48fca7535c08deaba832b4c1
ffc74932e113b0da44e2ade790dcde73c071aa191c230ae370a09dbe57c62084