work.headspace.com Open in urlscan Pro
18.66.139.5 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://work.headspace.com/ubs/member-enroll
Submission: On January 31 via api (January 31st 2022, 2:54:48 pm UTC) from CH — Scanned from DE

Summary HTTP 59 Redirects Behaviour Indicators

Summary

This website contacted 32 IPs in 3 countries across 29 domains to perform 59 HTTP transactions. The main IP is 18.66.139.5, located in United States and belongs to AMAZON-02, US. The main domain is work.headspace.com. The Cisco Umbrella rank of the primary domain is 698555.
TLS certificate: Issued by Amazon on September 8th 2021. Valid for: a year.

This is the only time work.headspace.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	18.66.139.5 18.66.139.5	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:54::84 2a04:4e42:54::84	54113 (FASTLY) (FASTLY)
2	2a03:5f80:a::... 2a03:5f80:a::b212:e7d1	50952 (DATAIX-AS...) (DATAIX-AS Peering Ltd.)
1	2606:4700::68... 2606:4700::6811:d2cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.244.142.80 35.244.142.80	15169 (GOOGLE) (GOOGLE)
1	35.186.249.72 35.186.249.72	15169 (GOOGLE) (GOOGLE)
1 2	52.3.98.112 52.3.98.112	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:224... 2600:9000:2240:b000:a:b27c:d040:93a1	16509 (AMAZON-02) (AMAZON-02)
1	35.201.76.231 35.201.76.231	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:36::36	15169 (GOOGLE) (GOOGLE)
2	2600:9000:225... 2600:9000:225a:4200:0:cc59:3900:93a1	16509 (AMAZON-02) (AMAZON-02)
1 8	184.30.24.193 184.30.24.193	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6811:71b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:45b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:15bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:b749	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:710... 2a02:26f0:7100:19a::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	18.66.2.21 18.66.2.21	16509 (AMAZON-02) (AMAZON-02)
1	34.95.127.121 34.95.127.121	15169 (GOOGLE) (GOOGLE)
1	18.64.79.82 18.64.79.82	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
1	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2 2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
2 2	18.66.122.122 18.66.122.122	16509 (AMAZON-02) (AMAZON-02)
2	52.23.87.46 52.23.87.46	14618 (AMAZON-AES) (AMAZON-AES)
1	3.232.242.170 3.232.242.170	14618 (AMAZON-AES) (AMAZON-AES)
2	52.222.236.12 52.222.236.12	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:c9cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	54.90.25.171 54.90.25.171	14618 (AMAZON-AES) (AMAZON-AES)
59	32

12 18.66.139.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-5.fra60.r.cloudfront.net

work.headspace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:54::84 (United States)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:5f80:a::b212:e7d1 (Russian Federation)

ASN50952 (DATAIX-AS Peering Ltd., RU)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d2cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.142.80 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 80.142.244.35.bc.googleusercontent.com

cdn.pdst.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.249.72 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 72.249.186.35.bc.googleusercontent.com

d.impactradius-event.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.3.98.112 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-98-112.compute-1.amazonaws.com

trkn.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2240:b000:a:b27c:d040:93a1 (United States)

ASN16509 (AMAZON-02, US)

ext.chtbl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.76.231 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 231.76.201.35.bc.googleusercontent.com

headspace.pxf.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)

us-central1-adaptive-growth.cloudfunctions.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:225a:4200:0:cc59:3900:93a1 (United States)

ASN16509 (AMAZON-02, US)

web.chtbl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 184.30.24.193 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-193.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.pinterest.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:71b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:45b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:b749 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:19a::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.2.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-2-21.txl50.r.cloudfront.net

api.prod.headspace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.127.121 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 121.127.95.34.bc.googleusercontent.com

www.ojrq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.64.79.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-79-82.txl50.r.cloudfront.net

vidassets.terminus.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.122.122 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-122.fra60.r.cloudfront.net

wec-assets.terminus.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.23.87.46 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-23-87-46.compute-1.amazonaws.com

wec-assets-api.terminus.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.232.242.170 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-242-170.compute-1.amazonaws.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.236.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-12.fra56.r.cloudfront.net

static.headspace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:c9cc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.90.25.171 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-90-25-171.compute-1.amazonaws.com

logx.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	headspace.com work.headspace.com — Cisco Umbrella Rank: 698555 api.prod.headspace.com — Cisco Umbrella Rank: 95107 static.headspace.com — Cisco Umbrella Rank: 394866	995 KB
5	terminus.services 2 redirects vidassets.terminus.services — Cisco Umbrella Rank: 14796 wec-assets.terminus.services — Cisco Umbrella Rank: 18235 wec-assets-api.terminus.services — Cisco Umbrella Rank: 18210	12 KB
4	pinterest.de www.pinterest.de — Cisco Umbrella Rank: 26282	15 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 546 www.linkedin.com — Cisco Umbrella Rank: 647 px4.ads.linkedin.com — Cisco Umbrella Rank: 5501	3 KB
4	pinterest.com 1 redirects ct.pinterest.com — Cisco Umbrella Rank: 823 www.pinterest.com — Cisco Umbrella Rank: 1200	2 KB
3	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 641 logx.optimizely.com — Cisco Umbrella Rank: 1235	2 KB
3	chtbl.com ext.chtbl.com — Cisco Umbrella Rank: 11598 web.chtbl.com — Cisco Umbrella Rank: 11297	5 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 329	1015 B
2	cloudfunctions.net us-central1-adaptive-growth.cloudfunctions.net — Cisco Umbrella Rank: 2865
2	trkn.us 1 redirects trkn.us — Cisco Umbrella Rank: 2773	1 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1098	5 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 701	19 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	120 KB
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 4302	921 B
1	hubspot.com track.hubspot.com — Cisco Umbrella Rank: 2675	964 B
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 3497	244 B
1	google.de www.google.de — Cisco Umbrella Rank: 5557	548 B
1	google.com www.google.com — Cisco Umbrella Rank: 13	548 B
1	ojrq.net www.ojrq.net — Cisco Umbrella Rank: 8054	448 B
1	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 46	2 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 106	15 KB
1	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 7555	144 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2564	16 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2549	20 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 4000	3 KB
1	pxf.io headspace.pxf.io — Cisco Umbrella Rank: 464680	782 B
1	impactradius-event.com d.impactradius-event.com — Cisco Umbrella Rank: 2727	13 KB
1	pdst.fm cdn.pdst.fm — Cisco Umbrella Rank: 2829	6 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2729	946 B
59	29

	Domain	Requested by
12	work.headspace.com	work.headspace.com
4	www.pinterest.de	s.pinimg.com work.headspace.com
3	api.prod.headspace.com	work.headspace.com
3	ct.pinterest.com	s.pinimg.com work.headspace.com
2	logx.optimizely.com	work.headspace.com
2	static.headspace.com	work.headspace.com
2	wec-assets-api.terminus.services	work.headspace.com
2	wec-assets.terminus.services	2 redirects
2	match.adsrvr.org	2 redirects
2	px.ads.linkedin.com	2 redirects
2	web.chtbl.com	ext.chtbl.com
2	us-central1-adaptive-growth.cloudfunctions.net	cdn.pdst.fm
2	trkn.us	1 redirects work.headspace.com
2	snap.licdn.com	www.googletagmanager.com js.hsadspixel.net
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	www.googletagmanager.com	work.headspace.com www.googletagmanager.com
1	api.hubapi.com	work.headspace.com
1	track.hubspot.com
1	www.pinterest.com	1 redirects
1	api.ipify.org	work.headspace.com
1	www.google.de	work.headspace.com
1	www.google.com	work.headspace.com
1	px4.ads.linkedin.com	work.headspace.com
1	www.linkedin.com	1 redirects
1	vidassets.terminus.services	www.googletagmanager.com
1	www.ojrq.net	work.headspace.com
1	cdn.optimizely.com	work.headspace.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	js.hsforms.net	www.googletagmanager.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	headspace.pxf.io	d.impactradius-event.com
1	ext.chtbl.com	work.headspace.com
1	d.impactradius-event.com	work.headspace.com
1	cdn.pdst.fm	work.headspace.com
1	js.hs-scripts.com	www.googletagmanager.com
59	38

This site contains no links.

Subject Issuer	Validity	Valid
*.headspace.com Amazon	`2021-09-08` - `2022-10-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-27` - `2022-08-05`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-04` - `2022-07-03`	a year	crt.sh
cdn.pdst.fm GTS CA 1D4	`2021-12-21` - `2022-03-21`	3 months	crt.sh
*.impactradius-event.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-10` - `2023-01-06`	a year	crt.sh
ext.chtbl.com Amazon	`2021-12-25` - `2023-01-22`	a year	crt.sh
*.pxf.io Sectigo RSA Domain Validation Secure Server CA	`2021-07-09` - `2022-07-24`	a year	crt.sh
misc.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
web.chtbl.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
cdn.optimizely.com DigiCert SHA2 Secure Server CA	`2021-02-17` - `2022-02-21`	a year	crt.sh
*.ojrq.net Sectigo RSA Domain Validation Secure Server CA	`2022-01-10` - `2023-01-07`	a year	crt.sh
*.terminus.services Amazon	`2021-11-16` - `2022-12-14`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2021-01-19` - `2022-02-19`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2021-06-26` - `2022-06-25`	a year	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2021-06-07` - `2022-06-06`	a year	crt.sh
logx.optimizely.com Amazon	`2021-08-23` - `2022-09-21`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://work.headspace.com/ubs/member-enroll
Frame ID: 3B89A28D8A0917CFA78AD6EB865EDD08
Requests: 51 HTTP requests in this frame

Frame: https://www.pinterest.de/ct.html
Frame ID: 0C107CEA71E3CF819D2990FDE095433F
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Headspace for Work

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Impact (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

d\.impactradius-event\.com

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

Page Statistics

59
Requests

93 %
HTTPS

51 %
IPv6

29
Domains

38
Subdomains

32
IPs

3
Countries

1400 kB
Transfer

4362 kB
Size

38
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://trkn.us/pixel/conv/ppt=11045;g=landing_page;gid=32736;ord=[uniqueid]?gtmcb=822964903 HTTP 302
https://trkn.us/pixel/conv/ppt=11045;g=landing_page;gid=32736;ord=[uniqueid]?gtmcb=822964903;ip=185.213.155.163;cuidchk=1

Request Chain 33

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2401233&time=1643640883448&url=https%3A%2F%2Fwork.headspace.com%2Fubs%2Fmember-enroll HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2401233%26time%3D1643640883448%26url%3Dhttps%253A%252F%252Fwork.headspace.com%252Fubs%252Fmember-enroll%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2401233&time=1643640883448&url=https%3A%2F%2Fwork.headspace.com%2Fubs%2Fmember-enroll&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2401233&time=1643640883448&url=https%3A%2F%2Fwork.headspace.com%2Fubs%2Fmember-enroll&liSync=true&e_ipv6=AQJVXPqLjxWwzQAAAX6woYrU9plCVnWVzf1uCKGMY3cKbZcsLhNon9LKHTLr_cbxaUqI1Qau

Request Chain 36

https://match.adsrvr.org/track/cmf/generic?ttd_pid=id17evj&ttd_tpi=1&ttd_puid=f0c9017a-7514-4b1e-b253-eddc086a1230|0d6d687c-8184-4851-96b5-3b8d25534fa8 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=id17evj&ttd_tpi=1&ttd_puid=f0c9017a-7514-4b1e-b253-eddc086a1230|0d6d687c-8184-4851-96b5-3b8d25534fa8 HTTP 302
https://wec-assets.terminus.services/s.gif?d=f0c9017a-7514-4b1e-b253-eddc086a1230|0d6d687c-8184-4851-96b5-3b8d25534fa8&t=73b2839c-bd12-4be7-8dfb-12f676466c2c HTTP 301
https://wec-assets-api.terminus.services/v1/s.gif

Request Chain 37

https://wec-assets.terminus.services/f0c9017a-7514-4b1e-b253-eddc086a1230/t.gif?d=0d6d687c-8184-4851-96b5-3b8d25534fa8&s=6de06d28-f441-4868-afc6-bdf1fb4f1da0&p=https%3A%2F%2Fwork.headspace.com%2Fubs%2Fmember-enroll&cb=1643640883545&t=Headspace%20for%20Work&r=&e=page_viewed&u=139c047a-3c15-4aa6-86cd-f5ad8a678454-1643640883545 HTTP 301
https://wec-assets-api.terminus.services/v1/f0c9017a-7514-4b1e-b253-eddc086a1230/t.gif

Request Chain 49

https://www.pinterest.com/ct.html HTTP 302
https://www.pinterest.de/ct.html

59 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request member-enroll Show response
work.headspace.com/ubs/ 6 KB
3 KB 653ms
624ms Document
text/html 18.66.139.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://work.headspace.com/ubs/member-enroll
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-5.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 577cbe8a0151c6b7d40aa3a2b97a17c1f66cd0e011f29203153c2f9e9e01a65b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html
last-modified: Fri, 28 Jan 2022 23:27:58 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: jr4_ffA16FM68vAvxXTsSD5oYC2e1xyc
server: AmazonS3
content-encoding: gzip
date: Mon, 31 Jan 2022 14:54:42 GMT
etag: W/"870289121a035e67106dfe9272c1add7"
vary: Accept-Encoding
x-cache: Error from cloudfront
via: 1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: 2VceQXp9O3xbchubshlnlKk_Jtsi8FnEEJxWJ8VomkTDKUAUFbeyzw==
age: 29

GET
H2 200 8.7604d660.chunk.css
work.headspace.com/static/css/ 5 KB
2 KB 630ms
629ms Stylesheet
text/css 18.66.139.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://work.headspace.com/static/css/8.7604d660.chunk.css
Requested by: Host: work.headspace.com
URL: https://work.headspace.com/ubs/member-enroll
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-5.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f9bb2f065cf180deec647f0fe1dd59cf3965a30bbf10beb8c7444c4ffb6e80aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://work.headspace.com/ubs/member-enroll
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: vZfh2kCZmdhOrlDWRwPTX1cp6rmHNcB.
content-encoding: gzip
etag: W/"2509f8739655f49e31566d85e5741179"
last-modified: Fri, 28 Jan 2022 23:28:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
via: 1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
date: Mon, 31 Jan 2022 14:54:44 GMT
x-amz-cf-id: 82cBK1GhdmFpF0W3HDR8XAhKUPDzQhM8JiefjXV8rVkaoJqU9t-n2A==

GET
H2 200 app.15e7012f.chunk.css
work.headspace.com/static/css/ 5 KB
904 B 629ms
628ms Stylesheet
text/css 18.66.139.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://work.headspace.com/static/css/app.15e7012f.chunk.css
Requested by: Host: work.headspace.com
URL: https://work.headspace.com/ubs/member-enroll
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-5.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bf9127a642fc28d8b7c1fdc2a1d62a08cce36bbffb5ec6cec7da9fa5310905c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://work.headspace.com/ubs/member-enroll
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: 3PQNiIfmDT0ZiEA063cITjI0UYQq1BPL
content-encoding: gzip
etag: W/"5da011557b0e7c90daf6884a605bf421"
last-modified: Fri, 28 Jan 2022 23:28:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
via: 1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
date: Mon, 31 Jan 2022 14:54:44 GMT
x-amz-cf-id: cno3n_MCnrDvY4Zw3ZZQcITp_buoaWHeGRCrA_Ci3Hdf6UAU47_Nig==

GET
H2 200 8.4dca8ae6.chunk.js Show response
work.headspace.com/static/js/ 2 MB
559 KB 647ms
646ms Script
application/javascript 18.66.139.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://work.headspace.com/static/js/8.4dca8ae6.chunk.js
Requested by: Host: work.headspace.com
URL: https://work.headspace.com/ubs/member-enroll
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-5.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 802dae8c942c13acd3fe137a55f2241e71eb039a1e4076a91a96d2a89aae756a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://work.headspace.com/ubs/member-enroll
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: rJ6nQliCElSMYphtRN1WKYRMHrvZlAAJ
content-encoding: gzip
etag: W/"fbead001f1b03f1d370c06e6aaad0cc0"
last-modified: Fri, 28 Jan 2022 23:28:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
date: Mon, 31 Jan 2022 14:54:44 GMT
x-amz-cf-id: O_JY4WI4b_dFbWVDGOy18izksoTRY-bVDrBKZQq2_Avn7ZKUDWQLRw==

GET
H2 200 app.1377a67f.chunk.js Show response
work.headspace.com/static/js/ 812 KB
191 KB 632ms
632ms Script
application/javascript 18.66.139.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://work.headspace.com/static/js/app.1377a67f.chunk.js
Requested by: Host: work.headspace.com
URL: https://work.headspace.com/ubs/member-enroll
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-5.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6e26dfa1be98fb1bbf600b74abf10f1746754c2b4e25e0f10773f4ae1377af90

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://work.headspace.com/ubs/member-enroll
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: 0ya9i7ke2FrV6jXWqP6nICB8OLI.sXAD
content-encoding: gzip
etag: W/"fd2fae44d3900b87ce5b30552dbd88b2"
last-modified: Fri, 28 Jan 2022 23:28:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
date: Mon, 31 Jan 2022 14:54:44 GMT
x-amz-cf-id: cogxcz-4xjG3WhdaW0pSW8fvGfYvyALf8rDyKJDZD_DmeResREx2wQ==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 282 KB
82 KB 251ms
49ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M92JXMV

Requested by

Host: work.headspace.com
URL: https://work.headspace.com/ubs/member-enroll

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

073e02fa903a6a7c34d21fdb54dc0ac7463557defa85fd443249fb977d5f38b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 14:54:42 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83183
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 31 Jan 2022 14:54:42 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 89ms
25ms Script
application/javascript 2a04:4e42:54::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M92JXMV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:54::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 14:54:42 GMT
fastly-restarts: 1
x-cdn: fastly
etag: "c4a0eea377c5e0da574e46f4d6e838e5"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
content-length: 1142
access-control-expose-headers: X-CDN

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 389ms
97ms Script
application/x-javascript 2a03:5f80:a::b212:e7d1
DATAIX-AS Peering...

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M92JXMV
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:5f80:a::b212:e7d1 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 31 Jan 2022 14:54:43 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 19:17:49 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=70752
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2 200 4137181.js Show response
js.hs-scripts.com/ 1 KB
946 B 159ms
141ms Script
application/javascript 2606:4700::6811:d2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/4137181.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M92JXMV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34a0c96135c98560add605d2e1a173384a94cdf276ba88b6fcde368e29af8b66

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 14:54:43 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
x-hubspot-correlation-id: e671edfb-1903-4b04-b12b-e4ee2dc0f5f5
last-modified: Mon, 31 Jan 2022 14:41:23 GMT
server: cloudflare
x-trace: 2B7815B5D2FFFEDD2C6E7DDB4E7972A98768C16C28000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://work.headspace.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 6d63c6ddfb909031-FRA
expires: Mon, 31 Jan 2022 14:55:43 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 57ms
56ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-761327634

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M92JXMV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d281581c9c95ed4233d02a4ba8a13b5dd08b30f01325c1250f0f44a7485d951f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 14:54:42 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39497
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 31 Jan 2022 14:54:42 GMT

GET
H2 200 ping.min.js Show response
cdn.pdst.fm/ 26 KB
6 KB 65ms
16ms Script
application/javascript 35.244.142.80
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pdst.fm/ping.min.js
Requested by: Host: work.headspace.com
URL: https://work.headspace.com/ubs/member-enroll
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.142.80 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 80.142.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 14:46:35 GMT
content-encoding: gzip
age: 487
x-guploader-uploadid: ADPycdvIoPpxcJ6mBYk0s200BJRCG79AltfTXVWFVwel7hIklPdIiUd_2LyjDFkPZeYyEp7QshTHO7p2OhbRLZn-WuI
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5774
last-modified: Fri, 28 May 2021 20:34:03 GMT
server: UploadServer
etag: "d001d1c9f5a942fa5524eeacb047e819"
vary: Accept-Encoding
x-goog-hash: crc32c=oKoi/w==, md5=0AHRyfWpQvpVJO6ssEfoGQ==
x-goog-generation: 1622234043862937
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 5774
accept-ranges: bytes
content-type: application/javascript;
expires: Mon, 31 Jan 2022 15:46:35 GMT

GET
H2 200 A2816351-2c6d-442e-a206-0844e1aebf7b1.js Show response
d.impactradius-event.com/ 41 KB
13 KB 60ms
17ms Script
text/javascript 35.186.249.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.impactradius-event.com/A2816351-2c6d-442e-a206-0844e1aebf7b1.js
Requested by: Host: work.headspace.com
URL: https://work.headspace.com/ubs/member-enroll
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.249.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 72.249.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 5d5baba0cd20d28cd5771aa8ff4cf75407962e9ee2f2f4cc7f6c2539c52790b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 14:51:24 GMT
content-encoding: gzip
age: 198
x-guploader-uploadid: ADPycds5h2aaWlpg8pTaGEYp87D5QjQjINKpAx7BrUKvtGaFOGSf1UrS_y5UfSZSQc_KX7MR62T0gl4blcyo_mQ_kDM
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 12944
last-modified: Wed, 01 Sep 2021 17:46:33 GMT
server: UploadServer
etag: "d6ddc98d4bed3b8d060e3bcc7e6fc54a"
vary: Accept-Encoding
x-goog-hash: crc32c=Th/nxw==, md5=1t3JjUvtO40GDjvMfm/FSg==
x-goog-generation: 1630518392950008
cache-control: public,max-age=900,s-maxage=300
x-goog-stored-content-length: 12944
accept-ranges: bytes
content-type: text/javascript; charset=utf-8
expires: Mon, 31 Jan 2022 14:56:24 GMT

GET
H/1.1

200
OK

ppt=11045;g=landing_page;gid=32736;ord=[uniqueid]
trkn.us/pixel/conv/
Redirect Chain

https://trkn.us/pixel/conv/ppt=11045;g=landing_page;gid=32736;ord=[uniqueid]?gtmcb=822964903
https://trkn.us/pixel/conv/ppt=11045;g=landing_page;gid=32736;ord=[uniqueid]?gtmcb=822964903;ip=185.213.155.163;cuidchk=1

42 B
780 B

947ms
946ms

Image
image/gif

52.3.98.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trkn.us/pixel/conv/ppt=11045;g=landing_page;gid=32736;ord=[uniqueid]?gtmcb=822964903;ip=185.213.155.163;cuidchk=1

Requested by

Host: work.headspace.com
URL: https://work.headspace.com/ubs/member-enroll

Protocol

HTTP/1.1

Server

52.3.98.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-3-98-112.compute-1.amazonaws.com

Software

Apache /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 14:54:43 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 9 Nov 1980 12:59:00 GMT
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date: Mon, 31 Jan 2022 14:54:43 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: /pixel/conv/ppt=11045;g=landing_page;gid=32736;ord=[uniqueid]?gtmcb=822964903;ip=185.213.155.163;cuidchk=1
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 0

GET
H2 200 trackable.js Show response
ext.chtbl.com/ 4 KB
4 KB 84ms
7ms Script
application/javascript 2600:9000:2240:b000:a:b27c:d040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ext.chtbl.com/trackable.js
Requested by: Host: work.headspace.com
URL: https://work.headspace.com/ubs/member-enroll
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:b000:a:b27c:d040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27dc4f62298834987d3d8e5608c1af94c82ee3d18ee31858d39e0202697b5308

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 14:34:22 GMT
via: 1.1 6fd3ab2be93b19c970fb371964d46d94.cloudfront.net (CloudFront)
last-modified: Fri, 12 Feb 2021 20:28:32 GMT
server: AmazonS3
age: 1221
etag: "4a494dbb82444463b6fd8bff0e5593d6"
x-cache: Hit from cloudfront
content-type: application/javascript;charset=UTF-8
cache-control: max-age=3600
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-length: 4092
x-amz-cf-id: 4hXcQ4KOTJaFziA1IUt1bgPymIbxEugtQeJQtoY46FpbHhoZZ54wCw==

POST
H2 200 13686 Show response
headspace.pxf.io/xc/2958222/1067607/ 114 B
782 B 62ms
21ms XHR
application/json 35.201.76.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://headspace.pxf.io/xc/2958222/1067607/13686
Requested by: Host: d.impactradius-event.com
URL: https://d.impactradius-event.com/A2816351-2c6d-442e-a206-0844e1aebf7b1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.76.231 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.76.201.35.bc.googleusercontent.com
Software: /
Resource Hash: 1d207766390de8db009865a9d028a9087db9944eadd4e677ead5f9556e23994d

Request headers

Referer: https://work.headspace.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 14:54:42 GMT
via: 1.1 google
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
access-control-allow-origin: https://work.headspace.com
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 31 Jan 2022 14:54:42 GMT

POST
H3 204 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ 0
0 175ms
143ms Fetch
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Requested by: Host: cdn.pdst.fm
URL: https://cdn.pdst.fm/ping.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: application/json
Referer: https://work.headspace.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 31 Jan 2022 14:54:43 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
server: Google Frontend
access-control-allow-headers: Content-Type, Accept
x-powered-by: Express
access-control-allow-methods: GET, POST
content-type: text/html
access-control-allow-origin: *
x-cloud-trace-context: e6dd48fe6402bd635ddd028b4d5c3223
function-execution-id: dukkdzvdylzg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

OPTIONS
H2 200 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ Frame 0
0 190ms
132ms Preflight
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://work.headspace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-type: text/html; charset=utf-8
etag: W/"2-ROqGvmcGDXooyAXFZHZ+i4au1yQ"
function-execution-id: ar2179v0shjz
x-powered-by: Express
x-cloud-trace-context: 654616ec0748a0c2f96e830d18602bfa
content-encoding: gzip
date: Mon, 31 Jan 2022 14:54:43 GMT
server: Google Frontend
cache-control: private
content-length: 22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 track Show response
web.chtbl.com/ 49 B
380 B 220ms
219ms XHR
application/json 2600:9000:225a:4200:0:cc59:3900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web.chtbl.com/track
Requested by: Host: ext.chtbl.com
URL: https://ext.chtbl.com/trackable.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225a:4200:0:cc59:3900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: uvicorn /
Resource Hash: bb30148d9df7671c14f2cd5be91e6b7a1488932efb740a80b66f39052744c168

Request headers

Referer: https://work.headspace.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type: application/json;charset=UTF-8

Response headers

date: Mon, 31 Jan 2022 14:54:43 GMT
via: 1.1 a2255db944717fedb0da0026622f7e7a.cloudfront.net (CloudFront)
server: uvicorn
x-amz-cf-pop: TXL50-P1
vary: Origin
access-control-allow-methods: OPTIONS,POST
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
access-control-allow-headers: *
content-length: 49
x-amz-cf-id: HMUuuOh9V0Fj6Mp4HWLKVXNIQusaa-V9zYvMooO2hS8GA_3jN34NjQ==

OPTIONS
H2 200 track
web.chtbl.com/ Frame 0
0 305ms
222ms Preflight
application/json 2600:9000:225a:4200:0:cc59:3900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web.chtbl.com/track
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225a:4200:0:cc59:3900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: uvicorn /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://work.headspace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 49
date: Mon, 31 Jan 2022 14:54:43 GMT
server: uvicorn
access-control-allow-methods: OPTIONS,POST
access-control-allow-headers: *
access-control-allow-origin: *
vary: Origin
x-cache: Miss from cloudfront
via: 1.1 a2255db944717fedb0da0026622f7e7a.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P1
x-amz-cf-id: Xo6Ym0lNgjf-K8M73hjfaKW9rG3HFx3PzUiz5a-Mlu9M9WLS6iEaQA==

GET
H2 200 main.32155010.js Show response
s.pinimg.com/ct/lib/ 52 KB
18 KB 24ms
24ms Script
application/javascript 2a04:4e42:54::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.32155010.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:54::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 14:54:42 GMT
content-encoding: gzip
fastly-restarts: 1
x-cdn: fastly
etag: "fd86de14455274a7c147dc95b77e18e3"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
content-length: 18298
access-control-expose-headers: X-CDN

GET
H2 200 / Show response
ct.pinterest.com/user/ 481 B
826 B 97ms
33ms XHR
application/json 184.30.24.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2613695941317&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1643640882981

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.32155010.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-193.deploy.static.akamaitechnologies.com

Software

Resource Hash

ae74584031b2f110e0643a0481c25197f1b30124f47449ce9414919377c99a13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 14:54:43 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cdn: akamai
akamai-grn: 0.9e247e68.1643640883.482bdbd7
x-envoy-upstream-service-time: 0
x-pinterest-rid: 7744271297927507
pin-unauth: dWlkPVl6WTNaalptTnpjdE1EVXhPUzAwTWpNNExUazRZalF0TldZeFkyUTNZamhpT0RJeQ
access-control-allow-origin: https://work.headspace.com
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: application/json; charset=utf-8
pragma: no-cache
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
content-length: 342
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
334 B 96ms
36ms Image
image/gif 184.30.24.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613695941317&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwork.headspace.com%2Fubs%2Fmember-enroll%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2232155010%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1643640882985

Requested by

Host: work.headspace.com
URL: https://work.headspace.com/ubs/member-enroll

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-193.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 14:54:43 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.9e247e68.1643640883.482bdbda
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 2829631986904774
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
581 B 107ms
47ms Image
image/gif 184.30.24.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2613695941317&pd=%7B%22np%22%3A%22gtm%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwork.headspace.com%2Fubs%2Fmember-enroll%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2232155010%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1643640882986

Requested by

Host: work.headspace.com
URL: https://work.headspace.com/ubs/member-enroll

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-193.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 14:54:43 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.9e247e68.1643640883.482bdbe4
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
content-length: 35
x-pinterest-rid: 1580903226316819
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
3 KB 57ms
36ms Script
application/javascript 2606:4700::6811:71b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4137181.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:71b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78a88b38cd5143f136506a09ddd5911e109b4960b41c59acaf84696b12cbe6f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 14:54:43 GMT
via: 1.1 0920aeb1eced22df07c9ece1cab0a554.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 212
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.263/bundles/pixels-release.js&cfRay=6d63c1b28bf79018-IAD
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Mon, 31 Jan 2022 01:20:51 UTC
server: cloudflare
etag: W/"44929f5996c89154c598e0d6b2db6dfa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: btixHLv80iuUeBFW.WSHuvdv5D78LgXM
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 6d63c6df0bf28fef-FRA
x-amz-cf-id: 52be33B5fbNt7eM4_0R2dfAjUy5rWrABowEREe1tcwk9_vjg6UWYUQ==
x-hs-target-asset: adsscriptloaderstatic/static-1.263/bundles/pixels-release.js

GET
H2 200 4137181.js Show response
js.hs-analytics.net/analytics/1643640600000/ 62 KB
20 KB 224ms
206ms Script
text/javascript 2606:4700::6811:45b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1643640600000/4137181.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4137181.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:45b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86b90f5d0e091d3cdcd8d8e816934bcd962a1864968c720220a4d84387e7e9f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 14:54:43 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: SG3ED0CMJWKXDS1X
x-amz-server-side-encryption: AES256
cf-ray: 6d63c6deffe69158-FRA
x-amz-id-2: igPPLCAHQ2l8nCKecOxWyv1f90hp0XLxA2Mxw85Z7RK06uBZuF0M56k97CymDDKIyA1d0nQ+b3U=
last-modified: Mon, 19 Jul 2021 14:48:20 GMT
server: cloudflare
etag: W/"edb1b06fd51b5c385351756756facb8d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
content-type: text/javascript
expires: Mon, 31 Jan 2022 14:59:43 GMT

GET
H2 200 4137181.js Show response
js.hs-banner.com/ 60 KB
16 KB 462ms
442ms Script
text/javascript 2606:4700::6812:15bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/4137181.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4137181.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c59811a7ea9f24ccb0e501d9428285014aaf3c0216dc6946bfcd85e567cc7292

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 14:54:43 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: 6HFSKAXBN0G9KWQ9
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-id-2: k1nFxbxJnV6XcqX+Ec6RkbDaVKMCCMJWXmMrYnhtcAyM/Rzba/O9UwdcRUB14qDrVFhqptDjCZk=
timing-allow-origin: *
last-modified: Fri, 03 Sep 2021 19:53:41 GMT
server: cloudflare
etag: W/"ab61e284e3f6c26719fbbabfd0437f62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: h1GyMhtM.QhLBN8a3nFZYRbzD6jdRCrZ
access-control-allow-origin: https://get.headspace.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 6d63c6defdd29122-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Mon, 31 Jan 2022 14:59:43 GMT

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 568 KB
144 KB 181ms
71ms Script
application/javascript 2606:4700::6811:b749
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M92JXMV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b749 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b16e381941da3ec765e79130a8accf57ac390f50c7ce2f817a8ed86cd87cb26f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 14:54:43 GMT
via: 1.1 4ee1745ee3cece0fab563f5a32ba165a.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 28 Jan 2022 01:52:17 UTC
server: cloudflare
etag: W/"8dafdb120106bc3ce0c776fe7a621c0b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vzzT6ZqWDPkhtlk4DM0z1jLAOTG9vW6TUvI3xToQxPfQQNdAq9WfS3imD%2Bf5RaY1ru0FiUTG63LXZ%2FzOeWs4uJ2DP3CjRs856X%2BVlIpcPiJn398GUJEo1A13R7nsHdJ7gz8mFJU5kIu6LzdZ"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: JnqjyHdxGve0lYlCorntYyf0hoXUhCL6
access-control-allow-origin: *
cache-control: s-maxage=600, max-age=0
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 6d63c6dfbb5b8fd4-FRA
x-amz-cf-id: nAwmyp2y4SC9eE8e4FnVY-RK1A5vN912Zav5O0VZY4OD7ReMI78ZNg==
x-hs-target-asset: FormsNext/static-5.447/bundles/project_with_deps.js

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 156ms
56ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-761327634

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

63158f73aa9f4d442cf349762c6beac9fcf35c14c3376888e728164acfde3b86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 14:54:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14855
x-xss-protection: 0
server: cafe
etag: 17539559064140624452
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 31 Jan 2022 14:54:43 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/761327634/ 2 KB
2 KB 138ms
51ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/761327634/?random=1643640883195&cv=9&fst=1643640883195&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1q0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwork.headspace.com%2Fubs%2Fmember-enroll&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e9b997b16fb8d55ab8bf1efc026ab4e9b998a2aaa5b6d06242c8e76ce7ec6a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 14:54:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1022
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5yzHE9FfzkZeL6QPjF7Ww.json Show response
cdn.optimizely.com/datafiles/ 6 KB
2 KB 162ms
128ms XHR
application/json 2a02:26f0:7100:19a::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/datafiles/5yzHE9FfzkZeL6QPjF7Ww.json

Requested by

Host: work.headspace.com
URL: https://work.headspace.com/static/js/8.4dca8ae6.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:19a::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8a75cf5940b4c633f28bd9aefa5cb518de73ac565674d8b80e67d3d646265370

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: DJVbPNu4jIFzJwu_1zCgDxMz4jKV.VuW
content-encoding: gzip
etag: "270319977f4048b29ab49f619f005210"
x-amz-request-id: J6JRBNM6HYV8KAVN
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 179
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET, HEAD, OPTIONS
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="5";dur=0,cdnip;desc="2a02:26f0:7100:19a::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
vary: Accept-Encoding
content-length: 1227
x-amz-id-2: 9cKVUJ2rFN5/oZOnE9ljsjzqMgyTBqCc4FA+5wRvik4ohueq5l8Ymp4cM3thVHJEIEkvsN9Q6Tw=
last-modified: Thu, 13 Jan 2022 20:32:04 GMT
server: AmazonS3
date: Mon, 31 Jan 2022 14:54:43 GMT
access-control-max-age: 604800
strict-transport-security: max-age=15768000
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=118
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *

GET
H2 200 ubs Show response
api.prod.headspace.com/b2b/org/ 795 B
1 KB 257ms
193ms XHR
application/json 18.66.2.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.prod.headspace.com/b2b/org/ubs
Requested by: Host: work.headspace.com
URL: https://work.headspace.com/static/js/8.4dca8ae6.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.2.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-21.txl50.r.cloudfront.net
Software: envoy /
Resource Hash: 456e966709c44dedf8989f4362884672925c7cc3881dc6a108f9d617777c1ac0

Request headers

Accept: application/json, text/plain, */*
Referer: https://work.headspace.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 14:54:43 GMT
via: 1.1 99d54fc6a14abf3079ffadd5aa7c99de.cloudfront.net (CloudFront)
server: envoy
x-amz-cf-pop: TXL50-P1
vary: origin
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://work.headspace.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization,Authorization,tags
cache-control: no-cache
x-envoy-upstream-service-time: 21
accept-ranges: bytes
content-length: 795
x-amz-cf-id: KL8GEib3HrAQfAgqADHNF53c1nLf0Es9af8rOHdC7bMj8620EMTauA==

GET
H2 200 spinner-24.b26fe655.svg Show response
work.headspace.com/static/media/ 899 B
1 KB 693ms
692ms Fetch
image/svg+xml 18.66.139.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://work.headspace.com/static/media/spinner-24.b26fe655.svg
Requested by: Host: work.headspace.com
URL: https://work.headspace.com/static/js/8.4dca8ae6.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-5.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6109d0834e16cc17f5b31608e4d7301a5b1f182dafa8a0bd332bf63190ca1277

Request headers

Referer: https://work.headspace.com/ubs/member-enroll
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
sentry-trace: 683250ce4e454150b8eb8e8227dbdcbe-8ab8da77fa0da8f7-0

Response headers

x-amz-version-id: tCFl_p7rs4vfoIgQ4taLm3HXkeEzIAjU
via: 1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
etag: "b26fe6555895b9fcaad2845d24b00d6f"
last-modified: Fri, 28 Jan 2022 23:28:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-type: image/svg+xml
date: Mon, 31 Jan 2022 14:54:44 GMT
accept-ranges: bytes
content-length: 899
x-amz-cf-id: Hj2_Ob_hVp7UX8DlhvUS5GnOo7KMNula1xpKFrFQ2-ZrC4zhByjvcQ==

GET
H2 200 /
www.ojrq.net/p/ 50 B
448 B 65ms
21ms Image
image/gif 34.95.127.121
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ojrq.net/p/?return=&cid=13686&tpsync=no
Requested by: Host: work.headspace.com
URL: https://work.headspace.com/ubs/member-enroll
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.127.121 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 121.127.95.34.bc.googleusercontent.com
Software: /
Resource Hash: ec34cd386427fe6deacf99f4fdbeea4b1d1ed25f505411650d7ceaa843a7fc63

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 14:54:43 GMT
via: 1.1 google
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50
expires: Mon, 31 Jan 2022 14:54:43 GMT

GET
H2 200 t.js Show response
vidassets.terminus.services/f0c9017a-7514-4b1e-b253-eddc086a1230/ 35 KB
12 KB 91ms
20ms Script
application/javascript 18.64.79.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vidassets.terminus.services/f0c9017a-7514-4b1e-b253-eddc086a1230/t.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M92JXMV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.64.79.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-64-79-82.txl50.r.cloudfront.net

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

9178d19c46b5a36fc8d4de24aa7fef3b62e7f69c259f4e81ee3f2d5aba263216

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 14:15:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2373
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 26 Jan 2022 16:55:37 GMT
server: nginx/1.10.3 (Ubuntu)
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript;charset=utf-8
via: 1.1 f03ada864fbb3bc735df571a1aa182ec.cloudfront.net (CloudFront)
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Authorization
cache-control: public, s-maxage=2700
x-amz-cf-pop: TXL50-P2
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Authorization
x-amz-cf-id: 8Zjxk6ForqJNRhKsOcIPsN-RSq5hVDCL_USvNUxXGJe4MjkIl-uLCA==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2401233&time=1643640883448&url=https%3A%2F%2Fwork.headspace.com%2Fubs%2Fmember-enroll
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2401233%26time%3D1643640883448%26url%3Dhttps%253A%252F%252Fwork.headspace.com%252...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2401233&time=1643640883448&url=https%3A%2F%2Fwork.headspace.com%2Fubs%2Fmember-enroll&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2401233&time=1643640883448&url=https%3A%2F%2Fwork.headspace.com%2Fubs%2Fmember-enroll&liSync=true&e_ipv6=AQJVXPqLjxWwzQAAAX6woYrU9plCVnWVzf1uCKGM...

0
371 B

337ms
142ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2401233&time=1643640883448&url=https%3A%2F%2Fwork.headspace.com%2Fubs%2Fmember-enroll&liSync=true&e_ipv6=AQJVXPqLjxWwzQAAAX6woYrU9plCVnWVzf1uCKGMY3cKbZcsLhNon9LKHTLr_cbxaUqI1Qau
Requested by: Host: work.headspace.com
URL: https://work.headspace.com/ubs/member-enroll
Protocol: H2
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 14:54:44 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
server: Play
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-ltx1
x-li-proto: http/2
x-li-pop: prod-lva1
content-type: application/javascript
content-length: 0
x-li-uuid: MdWDA61izxbAUAXwqyoAAA==

Redirect headers

date: Mon, 31 Jan 2022 14:54:43 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: DA4A523404C549BDB25AD304EB317E39 Ref B: FRAEDGE1520 Ref C: 2022-01-31T14:54:43Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2401233&time=1643640883448&url=https%3A%2F%2Fwork.headspace.com%2Fubs%2Fmember-enroll&liSync=true&e_ipv6=AQJVXPqLjxWwzQAAAX6woYrU9plCVnWVzf1uCKGMY3cKbZcsLhNon9LKHTLr_cbxaUqI1Qau
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
x-li-uuid: AAXW4fcGFu/Mp8tU8/hyzg==

GET
H2 200 /
www.google.com/pagead/1p-user-list/761327634/ 42 B
548 B 138ms
53ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/761327634/?random=1643640883195&cv=9&fst=1643637600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1q0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwork.headspace.com%2Fubs%2Fmember-enroll&async=1&fmt=3&is_vtc=1&random=1955090393&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: work.headspace.com
URL: https://work.headspace.com/ubs/member-enroll

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 14:54:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/761327634/ 42 B
548 B 139ms
52ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/761327634/?random=1643640883195&cv=9&fst=1643637600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1q0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwork.headspace.com%2Fubs%2Fmember-enroll&async=1&fmt=3&is_vtc=1&random=1955090393&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: work.headspace.com
URL: https://work.headspace.com/ubs/member-enroll

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 14:54:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

s.gif
wec-assets-api.terminus.services/v1/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=id17evj&ttd_tpi=1&ttd_puid=f0c9017a-7514-4b1e-b253-eddc086a1230|0d6d687c-8184-4851-96b5-3b8d25534fa8
https://match.adsrvr.org/track/cmb/generic?ttd_pid=id17evj&ttd_tpi=1&ttd_puid=f0c9017a-7514-4b1e-b253-eddc086a1230|0d6d687c-8184-4851-96b5-3b8d25534fa8
https://wec-assets.terminus.services/s.gif?d=f0c9017a-7514-4b1e-b253-eddc086a1230|0d6d687c-8184-4851-96b5-3b8d25534fa8&t=73b2839c-bd12-4be7-8dfb-12f676466c2c
https://wec-assets-api.terminus.services/v1/s.gif

43 B
161 B

146ms
98ms

Image
image/gif

52.23.87.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wec-assets-api.terminus.services/v1/s.gif
Requested by: Host: work.headspace.com
URL: https://work.headspace.com/ubs/member-enroll
Protocol: H2
Server: 52.23.87.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-23-87-46.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 14:54:43 GMT
x-envoy-upstream-service-time: 1
server: istio-envoy
content-length: 43
vary: Origin
content-type: image/gif

Redirect headers

date: Mon, 31 Jan 2022 14:52:25 GMT
via: 1.1 8ac93eaf91328abbc6951d3fbab21e80.cloudfront.net (CloudFront)
server: awselb/2.0
age: 138
x-cache: Hit from cloudfront
content-type: text/html
location: https://wec-assets-api.terminus.services:443/v1/s.gif
x-amz-cf-pop: FRA60-P2
content-length: 134
x-amz-cf-id: SnFj0HalYHa8p4eDKm4zdBP18r8QFD0UJMaPnKjg8Kjh19VZ68Y9ew==

GET
H2

200

t.gif
wec-assets-api.terminus.services/v1/f0c9017a-7514-4b1e-b253-eddc086a1230/
Redirect Chain

https://wec-assets.terminus.services/f0c9017a-7514-4b1e-b253-eddc086a1230/t.gif?d=0d6d687c-8184-4851-96b5-3b8d25534fa8&s=6de06d28-f441-4868-afc6-bdf1fb4f1da0&p=https%3A%2F%2Fwork.headspace.com%2Fub...
https://wec-assets-api.terminus.services/v1/f0c9017a-7514-4b1e-b253-eddc086a1230/t.gif

43 B
162 B

302ms
97ms

Image
image/gif

52.23.87.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wec-assets-api.terminus.services/v1/f0c9017a-7514-4b1e-b253-eddc086a1230/t.gif
Requested by: Host: work.headspace.com
URL: https://work.headspace.com/ubs/member-enroll
Protocol: H2
Server: 52.23.87.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-23-87-46.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://work.headspace.com/ubs/member-enroll
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 14:54:43 GMT
x-envoy-upstream-service-time: 1
server: istio-envoy
content-length: 43
vary: Origin
content-type: image/gif

Redirect headers

date: Mon, 31 Jan 2022 14:41:17 GMT
via: 1.1 8ac93eaf91328abbc6951d3fbab21e80.cloudfront.net (CloudFront)
server: awselb/2.0
age: 806
x-cache: Hit from cloudfront
content-type: text/html
location: https://wec-assets-api.terminus.services:443/v1/f0c9017a-7514-4b1e-b253-eddc086a1230/t.gif
x-amz-cf-pop: FRA60-P2
content-length: 134
x-amz-cf-id: mjzJjKPvqHoLt60ZrrIqsbBw9PzQD4JqRAXPTlvIkyBJkkERKNEK1A==

GET
H/1.1 200
OK / Show response
api.ipify.org/ 15 B
244 B 305ms
100ms XHR
text/plain 3.232.242.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/
Requested by: Host: work.headspace.com
URL: https://work.headspace.com/static/js/8.4dca8ae6.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.232.242.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-232-242-170.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 731d2ea0cac1e5642467e124a24d6700de0cf54171c0360f98eca37aaefb172c

Request headers

Accept: application/json, text/plain, */*
Referer: https://work.headspace.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 31 Jan 2022 14:54:43 GMT
Via: 1.1 vegur
Server: Cowboy
Vary: Origin
Content-Type: text/plain
Access-Control-Allow-Origin: https://work.headspace.com
Connection: keep-alive
Content-Length: 15

GET
H2 200 headspace-logo-circle.acd5e30f.svg Show response
work.headspace.com/static/media/ 542 B
936 B 621ms
620ms Fetch
image/svg+xml 18.66.139.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://work.headspace.com/static/media/headspace-logo-circle.acd5e30f.svg
Requested by: Host: work.headspace.com
URL: https://work.headspace.com/static/js/8.4dca8ae6.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-5.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b2d2ec185087f20688fe04cb4b9bce60a67ddd075711cea7b3fa5acc1ceb4512

Request headers

Referer: https://work.headspace.com/ubs/member-enroll
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
sentry-trace: 683250ce4e454150b8eb8e8227dbdcbe-91968c7787e61477-0

Response headers

x-amz-version-id: ypsKkNkd.6IcN8oqSKb41Ln1irbbPN7_
via: 1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
etag: "acd5e30fd98110263474a354bc900a78"
last-modified: Fri, 28 Jan 2022 23:28:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-type: image/svg+xml
date: Mon, 31 Jan 2022 14:54:45 GMT
accept-ranges: bytes
content-length: 542
x-amz-cf-id: ymMXvQRN5FQ6FFCEzWL-v9V41xUgNMHzIW_COrGc6J560mJxSdCtgQ==

GET
H2 200 caretDown.888c761c.svg Show response
work.headspace.com/static/media/ 331 B
725 B 627ms
626ms Fetch
image/svg+xml 18.66.139.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://work.headspace.com/static/media/caretDown.888c761c.svg
Requested by: Host: work.headspace.com
URL: https://work.headspace.com/static/js/8.4dca8ae6.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-5.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f13f07bebbfa8268bef96f25932582ac40323126ce699f841724075d49676ec2

Request headers

Referer: https://work.headspace.com/ubs/member-enroll
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
sentry-trace: 683250ce4e454150b8eb8e8227dbdcbe-b892459d79ace575-0

Response headers

x-amz-version-id: 0_jnah7ZMuCL0cQGFwdyv9a2a4ceTyUQ
via: 1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
etag: "888c761c5ee3a3dfb7b23d5d1eb8b3ae"
last-modified: Fri, 28 Jan 2022 23:28:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-type: image/svg+xml
date: Mon, 31 Jan 2022 14:54:45 GMT
accept-ranges: bytes
content-length: 331
x-amz-cf-id: h0QnMp2e0wNY28c2WZc3PITi8vGXw6AspiZR9RNhtzJKCwVyCBOg9Q==

GET
H2 200 light-gray-check.0e0940af.svg Show response
work.headspace.com/static/media/ 740 B
1 KB 620ms
620ms Fetch
image/svg+xml 18.66.139.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://work.headspace.com/static/media/light-gray-check.0e0940af.svg
Requested by: Host: work.headspace.com
URL: https://work.headspace.com/static/js/8.4dca8ae6.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-5.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6812909d8232f968935472b79243599c857a5ee23ae9c6bd7726d89c5aabcfe3

Request headers

Referer: https://work.headspace.com/ubs/member-enroll
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
sentry-trace: 683250ce4e454150b8eb8e8227dbdcbe-b3371c8a5914f9bc-0

Response headers

x-amz-version-id: STF78XdPkERaR4V9geRvvdv3P6HxbsqS
via: 1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
etag: "0e0940afab79475463902ff1c94b2e47"
last-modified: Fri, 28 Jan 2022 23:28:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-type: image/svg+xml
date: Mon, 31 Jan 2022 14:54:45 GMT
accept-ranges: bytes
content-length: 740
x-amz-cf-id: ljA7brODAT7zwfCv-B5f7q3bmmzR6CUS-K91nq3YVTfCHUBOfHNSng==

GET
H2 200 3319.logo.919c9709f302d9e5d4b541a3c60c88f4.png
work.headspace.com/logos/ 6 KB
7 KB 634ms
633ms Image
image/png 18.66.139.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://work.headspace.com/logos/3319.logo.919c9709f302d9e5d4b541a3c60c88f4.png
Requested by: Host: work.headspace.com
URL: https://work.headspace.com/ubs/member-enroll
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-5.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9571e379e619b964940830caedd1bed0a510aa88ab48b78c38efa01ce1b7f2ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://work.headspace.com/ubs/member-enroll
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: uTW26qQNSFNhDJSJ8sPsxnQkf.AsZu6V
via: 1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
etag: "b8675dc36c382f48f3d63f9966b2611b"
last-modified: Thu, 28 May 2020 15:53:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-type: image/png
date: Mon, 31 Jan 2022 14:54:45 GMT
accept-ranges: bytes
content-length: 6423
x-amz-cf-id: _tne-LCrVi-ryPU9VdEjkx7Ci5v0gKzjT1bzy62xHBCI9NiSY-B4Bg==

GET
H2 200 left-side-footer-illustration.f6731c5a.png
work.headspace.com/static/media/ 92 KB
92 KB 628ms
628ms Image
image/png 18.66.139.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://work.headspace.com/static/media/left-side-footer-illustration.f6731c5a.png
Requested by: Host: work.headspace.com
URL: https://work.headspace.com/ubs/member-enroll
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-5.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0b4b4085b2a455ce1f9c0bff993b4e63712564f98fa8c5e6fbf1c283b64900a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://work.headspace.com/ubs/member-enroll
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: i.BOCWHIlLWY2r4ghkP.FHX7Vb1CTsWv
via: 1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
etag: "f6731c5a714e31f8118fe04b49690ddd"
last-modified: Fri, 28 Jan 2022 23:28:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-type: image/png
date: Mon, 31 Jan 2022 14:54:45 GMT
accept-ranges: bytes
content-length: 93816
x-amz-cf-id: 2ZpI2pDhGCNhwpRnI9odrx0mKdTonwqwe668DNbl7eh3ZC6XLZcb-g==

GET
H2 200 right-side-footer-illustration.41e72c3e.png
work.headspace.com/static/media/ 92 KB
93 KB 627ms
627ms Image
image/png 18.66.139.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://work.headspace.com/static/media/right-side-footer-illustration.41e72c3e.png
Requested by: Host: work.headspace.com
URL: https://work.headspace.com/ubs/member-enroll
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-5.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4bd718af8476bf7589ec552bad98ef0a83555fefd824fb354ddc86a7fccb9b45

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://work.headspace.com/ubs/member-enroll
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: n8oDArXMFJXo6llYv7Ulm_3cejaCwYCE
via: 1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
etag: "41e72c3ea102dfe2fe736ed33ec208b3"
last-modified: Fri, 28 Jan 2022 23:28:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-type: image/png
date: Mon, 31 Jan 2022 14:54:45 GMT
accept-ranges: bytes
content-length: 94324
x-amz-cf-id: kMvL3Qn0px_xpxj1f7buk_ClhXS6o5mpWIIt2GoDEwsn7omvBDCV5g==

GET
H2 200 apercu_bold.woff2
static.headspace.com/fonts/apercu/ 21 KB
21 KB 53ms
10ms Font
binary/octet-stream 52.222.236.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.headspace.com/fonts/apercu/apercu_bold.woff2
Requested by: Host: work.headspace.com
URL: https://work.headspace.com/static/css/app.15e7012f.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-12.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 88a83d6555af69a761e9d9c92ec7b587a1de45c95e4365ab8ef3d0abeb823ff0

Request headers

Referer: https://work.headspace.com/
Origin: https://work.headspace.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
etag: "051d6e318abfad4e63ce09e483b5faee"
age: 469600
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 3600
content-length: 21048
last-modified: Wed, 10 Nov 2021 13:20:31 GMT
server: AmazonS3
date: Wed, 26 Jan 2022 04:28:04 GMT
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
access-control-expose-headers: ETag
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-amz-cf-id: nE3-GFJJN6JLTk1D-MhsOpKPInxymjvi_sNof5wg105WHKbwxJfvwg==

GET
H2 200 apercu_regular.woff2
static.headspace.com/fonts/apercu/ 20 KB
21 KB 52ms
9ms Font
binary/octet-stream 52.222.236.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.headspace.com/fonts/apercu/apercu_regular.woff2
Requested by: Host: work.headspace.com
URL: https://work.headspace.com/static/css/app.15e7012f.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-12.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e918a3fcb44e725952c49774404f5564c0e5bf79fe03fdd78ec2034561153672

Request headers

Referer: https://work.headspace.com/
Origin: https://work.headspace.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
etag: "59469dee6787197930bd94880c1ecc00"
age: 574724
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 3600
content-length: 20864
last-modified: Wed, 10 Nov 2021 13:20:32 GMT
server: AmazonS3
date: Mon, 24 Jan 2022 23:16:00 GMT
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
access-control-expose-headers: ETag
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-amz-cf-id: CAieVaC3JGiv5vAP202GZkKyDxjf4fv_aPiBJT4Io1vrZlkn9fqeIQ==

POST
H2 200 get-country-code-by-ip Show response
api.prod.headspace.com/b2b/v2/ 2 B
405 B 199ms
198ms XHR
text/html 18.66.2.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.prod.headspace.com/b2b/v2/get-country-code-by-ip
Requested by: Host: work.headspace.com
URL: https://work.headspace.com/static/js/8.4dca8ae6.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.2.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-21.txl50.r.cloudfront.net
Software: envoy /
Resource Hash: 6814ef46f686990cf4e946f966167b0507e1d642c44e51f61bffb0bba2d4672b

Request headers

Accept: application/json, text/plain, */*
Referer: https://work.headspace.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 31 Jan 2022 14:54:44 GMT
via: 1.1 99d54fc6a14abf3079ffadd5aa7c99de.cloudfront.net (CloudFront)
server: envoy
x-amz-cf-pop: TXL50-P1
vary: origin
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
access-control-allow-origin: https://work.headspace.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization,Authorization,tags
cache-control: no-cache
x-envoy-upstream-service-time: 25
content-length: 2
x-amz-cf-id: oeg8l1qlgAmQcBLcNk5am1R6UNrr8t_U1RFKUfL1WzjlXSwJ6lyiLQ==

OPTIONS
H2 204 get-country-code-by-ip
api.prod.headspace.com/b2b/v2/ Frame 0
0 166ms
166ms Preflight 18.66.2.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.prod.headspace.com/b2b/v2/get-country-code-by-ip
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.2.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-21.txl50.r.cloudfront.net
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://work.headspace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 31 Jan 2022 14:54:44 GMT
access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,X-HS-No-Cache,Platform-Origin,hs-languagepreference
access-control-allow-methods: POST
access-control-allow-origin: https://work.headspace.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization,Authorization,tags
access-control-max-age: 86400
cache-control: no-cache
server: envoy
x-envoy-upstream-service-time: 0
x-cache: Miss from cloudfront
via: 1.1 99d54fc6a14abf3079ffadd5aa7c99de.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P1
x-amz-cf-id: XLnh7xj-29S62-rVbI5LafjFEbhU9tbbk5Rl3IThZnwmssO1hwlExg==

GET
H2

200

ct.html Show response
www.pinterest.de/ Frame 0C10
Redirect Chain

https://www.pinterest.com/ct.html
https://www.pinterest.de/ct.html

413 B
4 KB

238ms
237ms

Document
text/html

184.30.24.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.de/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.32155010.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-193.deploy.static.akamaitechnologies.com

Software

Resource Hash

189d6bd5f044f9e6ea0f6b540a40a3790f5a559618b7a45be00bf21b23c4985c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-315504778a191b2430162a0ace9fa73e' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com .live-video.net; media-src 'self' .pinimg.com blob: data: .live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1480430978434705; frame-ancestors *
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://work.headspace.com/

Response headers

x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-ua-compatible: IE=edge
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
p3p: CP="This is not a P3P policy. See https://www.pinterest.com/_/_/help/articles/pinterest-and-p3p for more info."
content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-315504778a191b2430162a0ace9fa73e' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1480430978434705; frame-ancestors *
content-security-policy-report-only: script-src 'nonce-315504778a191b2430162a0ace9fa73e' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
link: <https://i.pinimg.com>; rel=preconnect; crossorigin=anonymous, <https://s.pinimg.com>; rel=preconnect; crossorigin=anonymous, <https://v.pinimg.com>; rel=preconnect; crossorigin=anonymous
trailer: x-pinterest-sli-streamed-response-type
x-envoy-upstream-service-time: 122
pinterest-generated-by: coreapp-webapp-prod-0a011ba5
content-encoding: gzip
pinterest-version: 665e291
referrer-policy: origin
x-pinterest-rid: 1480430978434705
date: Mon, 31 Jan 2022 14:54:44 GMT
content-length: 280
akamai-grn: 0.9e247e68.1643640884.482bea11
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload

Redirect headers

x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-ua-compatible: IE=edge
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
location: https://www.pinterest.de/ct.html
trailer: x-pinterest-sli-streamed-response-type
x-envoy-upstream-service-time: 124
pinterest-generated-by: coreapp-webapp-prod-0a0112ca
content-encoding: gzip
pinterest-version: 665e291
referrer-policy: origin
x-pinterest-rid: 2615367359136316
date: Mon, 31 Jan 2022 14:54:44 GMT
akamai-grn: 0.9e247e68.1643640884.482be7c4
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
964 B 160ms
139ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1792297217&v=1.1&a=4137181&pu=https%3A%2F%2Fwork.headspace.com%2Fubs%2Fmember-enroll&t=Headspace+for+Work&cts=1643640884403&vi=b93839f86258b3e8ca539e6a2234a7a1&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 14:54:44 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 6a335c6d-a124-41ff-8d95-9e9f74c06907
cf-ray: 6d63c6e7ac3f5b68-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6a6BUZOIX%2BIJJ9dI8eo%2Be26zVNldSui5sdRYg1HKQCcBluX3x%2F6CmZdvcgc1dvPvP7BN4oYByvmyLSLr8fYrTYlOfEYH2fA6696YFhepdTUB1vgbgscV8vDOb1m9%2FKdW4tGZjIQSYFcjAr1O8mYc"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ 118 B
921 B 175ms
150ms XHR
application/json 2606:4700::6811:c9cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=4137181

Requested by

Host: work.headspace.com
URL: https://work.headspace.com/static/js/8.4dca8ae6.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c9cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2667f1fa29067f2c7a402a5b8385db1371f1926ead5a79666d17022ef661048a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 14:54:44 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 8d14448b-3e91-4b75-a298-f0058ac272dc
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-trace: 2B214997B23889183F69BCDCF31C743B20A0E72DFA000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=McrkHBbfhd3yDFL0kZg5VkVHNeIL3B62H3ZczVK8PlY9YUcFgKoYJmsDD1QpfKjBA%2BHuR2MyelLqe2aF2OWTaN3BQPJ00P0fNywMCKOg79qyqzVs2VgLcv4rtcjjEfND97m7mIKg3CBbaiL6"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://work.headspace.com
access-control-allow-credentials: false
cf-ray: 6d63c6e7bdb8900a-FRA
access-control-allow-headers: *

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 104ms
104ms Script
application/x-javascript 2a03:5f80:a::b212:e7d1
DATAIX-AS Peering...

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:5f80:a::b212:e7d1 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 31 Jan 2022 14:54:44 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 19:17:49 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=70751
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

OPTIONS
H/1.1 200
OK events
logx.optimizely.com/v1/ Frame 0
0 442ms
101ms Preflight
text/plain 54.90.25.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.90.25.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-90-25-171.compute-1.amazonaws.com
Software: nginx/1.17.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://work.headspace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: https://work.headspace.com
Access-Control-Max-Age: 1800
Allow: POST,OPTIONS
Content-Type: text/plain
Date: Mon, 31 Jan 2022 14:54:45 GMT
Server: nginx/1.17.2
X-Request-Id: ad6a7a4a-4dcd-4f3c-ae92-11726d7a14d7
Content-Length: 13
Connection: keep-alive

POST
H/1.1 204
No Content events Show response
logx.optimizely.com/v1/ 0
363 B 103ms
103ms XHR
text/plain 54.90.25.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: work.headspace.com
URL: https://work.headspace.com/static/js/8.4dca8ae6.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.90.25.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-90-25-171.compute-1.amazonaws.com
Software: nginx/1.17.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://work.headspace.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

Date: Mon, 31 Jan 2022 14:54:45 GMT
Server: nginx/1.17.2
Content-Type: text/plain
Access-Control-Allow-Origin: https://work.headspace.com
Access-Control-Expose-Headers: X-Results-Data-Source
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-Request-Id: 4bfc2c57-8afd-4a9f-ac43-a1fb0a7f426e

POST
H2 204 /
www.pinterest.de/_/_/csp_report/ Frame 0C10 0
4 KB 139ms
139ms Other
text/plain 184.30.24.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.de/_/_/csp_report/?rid=1480430978434705

Requested by

Host: work.headspace.com
URL: https://work.headspace.com/ubs/member-enroll

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-193.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-fd15b2eec552548b9c16c55f6ad8869e' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com .live-video.net; media-src 'self' .pinimg.com blob: data: .live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=8243016329432704; frame-ancestors 'self' , script-src 'nonce-fd15b2eec552548b9c16c55f6ad8869e' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=8243016329432704
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pinterest.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-fd15b2eec552548b9c16c55f6ad8869e' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=8243016329432704; frame-ancestors 'self' , script-src 'nonce-fd15b2eec552548b9c16c55f6ad8869e' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=8243016329432704
x-content-type-options: nosniff
x-cdn: akamai
akamai-grn: 0.9e247e68.1643640884.482bec46
content-security-policy-report-only: script-src 'nonce-fd15b2eec552548b9c16c55f6ad8869e' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time: 38
vary: User-Agent, Accept-Encoding
x-pinterest-rid: 8243016329432704
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pinterest-version: 665e291
referrer-policy: origin
x-frame-options: SAMEORIGIN
date: Mon, 31 Jan 2022 14:54:45 GMT
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by: coreapp-webapp-prod-0a011009

POST
H2 204 /
www.pinterest.de/_/_/csp_report/ Frame 0C10 0
4 KB 132ms
132ms Other
text/plain 184.30.24.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.de/_/_/csp_report/?reportonly

Requested by

Host: work.headspace.com
URL: https://work.headspace.com/ubs/member-enroll

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-193.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-e483fa1cad5e0b289d87411fcbb1b032' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com .live-video.net; media-src 'self' .pinimg.com blob: data: .live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=3105496023359159; frame-ancestors 'self' , script-src 'nonce-e483fa1cad5e0b289d87411fcbb1b032' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=3105496023359159
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pinterest.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-e483fa1cad5e0b289d87411fcbb1b032' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=3105496023359159; frame-ancestors 'self' , script-src 'nonce-e483fa1cad5e0b289d87411fcbb1b032' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=3105496023359159
x-content-type-options: nosniff
x-cdn: akamai
akamai-grn: 0.9e247e68.1643640884.482bec49
content-security-policy-report-only: script-src 'nonce-e483fa1cad5e0b289d87411fcbb1b032' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time: 28
vary: User-Agent, Accept-Encoding
x-pinterest-rid: 3105496023359159
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pinterest-version: 665e291
referrer-policy: origin
x-frame-options: SAMEORIGIN
date: Mon, 31 Jan 2022 14:54:45 GMT
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by: coreapp-webapp-prod-0a011362

POST
H2 204 /
www.pinterest.de/_/_/csp_report/ Frame 0C10 0
4 KB 131ms
131ms Other
text/plain 184.30.24.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.de/_/_/csp_report/?reportonly

Requested by

Host: work.headspace.com
URL: https://work.headspace.com/ubs/member-enroll

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-193.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-6542d5a0865b1d32dd0abd22e82b92b2' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com .live-video.net; media-src 'self' .pinimg.com blob: data: .live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=4887241671351350; frame-ancestors 'self' , script-src 'nonce-6542d5a0865b1d32dd0abd22e82b92b2' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=4887241671351350
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pinterest.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-6542d5a0865b1d32dd0abd22e82b92b2' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=4887241671351350; frame-ancestors 'self' , script-src 'nonce-6542d5a0865b1d32dd0abd22e82b92b2' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=4887241671351350
x-content-type-options: nosniff
x-cdn: akamai
akamai-grn: 0.9e247e68.1643640884.482bec4a
content-security-policy-report-only: script-src 'nonce-6542d5a0865b1d32dd0abd22e82b92b2' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time: 24
vary: User-Agent, Accept-Encoding
x-pinterest-rid: 4887241671351350
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pinterest-version: 665e291
referrer-policy: origin
x-frame-options: SAMEORIGIN
date: Mon, 31 Jan 2022 14:54:45 GMT
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by: coreapp-webapp-prod-0a01170e

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

38 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.headspace.com/	1970-01-20 02:43:36	Name: _gcl_au Value: 1.1.1834005407.1643640883
.headspace.com/	1969-12-31 23:59:59	Name: IR_gbd Value: headspace.com
.headspace.com/	1969-12-31 23:59:59	Name: IR_13686 Value: 1643640882923%7C2958222%7C1643640882923%7C%7C
work.headspace.com/	1970-01-20 09:19:36	Name: __pdst Value: 34a3049aa1234792bb93b79cb14ac9b1
work.headspace.com/	1970-01-20 09:19:36	Name: _wchtbl_uid Value: 415544c1-0939-4663-b3ae-869e1ea2aeb7
work.headspace.com/	1969-12-31 23:59:59	Name: _wchtbl_sid Value: b26cbf79-96e6-4599-bb75-d9f77726083b
.pxf.io/	1970-01-20 17:50:48	Name: brwsr Value: b9302ec6-82a5-11ec-8199-833fb4e6fde0
headspace.pxf.io/	1970-01-20 04:53:12	Name: irld Value: L3WGSeWyZ5Qjv0Go1Ae0EoX6owj-09X3Q2VSk2M0VtIQ1nQYb
.pxf.io/	1970-01-20 00:35:27	Name: irtps Value: 1
.headspace.com/	1970-01-20 17:50:48	Name: IR_PI Value: b9302ec6-82a5-11ec-8199-833fb4e6fde0%7C1643727282923
.work.headspace.com/	1970-01-20 09:19:36	Name: _pin_unauth Value: dWlkPVl6WTNaalptTnpjdE1EVXhPUzAwTWpNNExUazRZalF0TldZeFkyUTNZamhpT0RJeQ
.ct.pinterest.com/	1970-01-20 09:19:36	Name: _pinterest_ct_ua Value: "TWc9PSZ2VC84RWpjcFZ3SGFrUkhVVWNwT2I2SEtMRk00Sk4zMmZHWVZPOXRXaW5EQTZQaTNPU0NhWC85d0c1OXBlQmJlbXhPVFJrNnUya01FR1MxaWU1a1BWWXNmSjdFRHNmSjZSdWZmTHhXYWJEST0meWVIaU5BQUY2L04yVC94OElYcWRkUHRzS0I4PQ=="
.trkn.us/	1970-01-20 09:19:36	Name: barometric[cuid] Value: cuid_dc511103-e0b1-45c0-9434-193bd1934c9c
.doubleclick.net/	1970-01-20 00:34:01	Name: test_cookie Value: CheckForPermission
.headspace.com/	1970-01-20 09:19:36	Name: lang Value: en
.headspace.com/	1970-01-20 09:19:36	Name: b2b.opt Value: a254a6e1-a6e2-4ce6-9753-353365d8f093
work.headspace.com/	1970-01-20 00:34:04	Name: _wchtbl_do_not_process Value: 1
work.headspace.com/	1970-01-20 00:34:04	Name: _wchtbl_pixel_sync Value: 0
.ojrq.net/	1970-01-20 17:50:48	Name: brwsr Value: b97b417b-82a5-11ec-8ab7-bfe1d2a0aeb4
work.headspace.com/	1970-01-20 09:19:36	Name: d-a8e6 Value: 0d6d687c-8184-4851-96b5-3b8d25534fa8
work.headspace.com/	1970-01-20 00:34:01	Name: s-9da4 Value: 6de06d28-f441-4868-afc6-bdf1fb4f1da0
.linkedin.com/	1970-01-20 01:17:12	Name: UserMatchHistory Value: AQI2F28LoSrLzQAAAX6woYlg6TXqvbP4q67EJzsN2l8Mra0AVEiGCP70MTce-8IWseJb3an0OUBj8w
.linkedin.com/	1970-01-20 01:17:12	Name: AnalyticsSyncHistory Value: AQKnwduIdbKG7wAAAX6woYlg0x-roKfcwZ6fk-qjDOVY8rgQRs8s43VsQtEn_FxGX3jlKPsy2VQnCpDrSCl2cA
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 18:05:54	Name: bcookie Value: "v=2&25446a54-57f7-4085-8f0b-0cf3f0c022f6"
.linkedin.com/	1970-01-20 00:35:27	Name: lidc Value: "b=TGST04:s=T:r=T:a=T:p=T:g=2634:u=1:x=1:i=1643640883:t=1643727283:v=2:sig=AQGN0vWPsAoKikeLAvoa7oqh2OlBaUV6"
.adsrvr.org/	1970-01-20 09:19:36	Name: TDID Value: 73b2839c-bd12-4be7-8dfb-12f676466c2c
.adsrvr.org/	1970-01-20 09:19:36	Name: TDCPM Value: CAEYBSABKAIyCwia3pqOi7WyOhAFOAE.
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 18:05:54	Name: bscookie Value: "v=1&202201311454432449b78c-75ce-4202-8827-a5435a9ce100AQHQiIW6d7EefCNSx9TcAICRrcuu4SEl"
.linkedin.com/	1970-01-20 17:58:16	Name: li_gc Value: MTswOzE2NDM2NDA4ODM7MjswMjHS6cjmzeoLs4sQRRoidmXfMvKkof12BoazrfzGmMSKvA==
.headspace.com/	1970-01-20 09:19:36	Name: countryCode Value: DE
.headspace.com/	1970-01-20 09:55:36	Name: __hstc Value: 61811763.b93839f86258b3e8ca539e6a2234a7a1.1643640884400.1643640884400.1643640884400.1
.headspace.com/	1970-01-20 09:55:36	Name: hubspotutk Value: b93839f86258b3e8ca539e6a2234a7a1
.headspace.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.headspace.com/	1970-01-20 00:34:02	Name: __hssc Value: 61811763.1.1643640884401
.hubspot.com/	1970-01-20 00:34:02	Name: __cf_bm Value: cLaE2mL.38ROoX6VO3CcDtkDB2q1h7OwVEJ6.KHOmMM-1643640884-0-AfUJjX9QFkVJk7G5HfuDdVLqZZDrbkCmdSaCNyUYaXPsuQvyRGdHK8wmCXLsz34mi3bLzloJXK+o5rDQXVQyOPA=
www.pinterest.de/	1970-01-20 09:12:24	Name: _pinterest_sess Value: TWc9PSY3ZSttSXRzWEt4NUN3RDd0VW1EVE5nZ05hNHJSUUNZeDRiUWJrcWlsQVhiTlBDdmtwUkl1QmdGT0p5akdvUFJheWRram8zbHpPeXVYdlBXZkN5RHpiUW05bWVsaSt2V0Z4RjFKRTJPaXpQdz0mWlBMbWtqLytXTFpiNzEyc0M3cnpYOFdoeWJZPQ==

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'nonce-315504778a191b2430162a0ace9fa73e' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .online.tableau.com .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .online.tableau.com .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubapi.com
api.ipify.org
api.prod.headspace.com
cdn.optimizely.com
cdn.pdst.fm
ct.pinterest.com
d.impactradius-event.com
ext.chtbl.com
googleads.g.doubleclick.net
headspace.pxf.io
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hsforms.net
logx.optimizely.com
match.adsrvr.org
px.ads.linkedin.com
px4.ads.linkedin.com
s.pinimg.com
snap.licdn.com
static.headspace.com
track.hubspot.com
trkn.us
us-central1-adaptive-growth.cloudfunctions.net
vidassets.terminus.services
web.chtbl.com
wec-assets-api.terminus.services
wec-assets.terminus.services
work.headspace.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.ojrq.net
www.pinterest.com
www.pinterest.de
108.174.10.14
142.250.186.34
18.64.79.82
18.66.122.122
18.66.139.5
18.66.2.21
184.30.24.193
2001:4860:4802:36::36
2600:9000:2240:b000:a:b27c:d040:93a1
2600:9000:225a:4200:0:cc59:3900:93a1
2606:4700::6811:45b0
2606:4700::6811:71b0
2606:4700::6811:b749
2606:4700::6811:c9cc
2606:4700::6811:d2cc
2606:4700::6812:15bf
2606:4700::6813:9a53
2620:1ec:21::14
2a00:1450:4001:828::2003
2a00:1450:4001:830::2002
2a00:1450:4001:831::2004
2a00:1450:4001:831::2008
2a02:26f0:7100:19a::13b8
2a03:5f80:a::b212:e7d1
2a04:4e42:54::84
3.232.242.170
34.95.127.121
35.186.249.72
35.201.76.231
35.244.142.80
52.222.236.12
52.223.40.198
52.23.87.46
52.3.98.112
54.90.25.171
073e02fa903a6a7c34d21fdb54dc0ac7463557defa85fd443249fb977d5f38b2
0b4b4085b2a455ce1f9c0bff993b4e63712564f98fa8c5e6fbf1c283b64900a9
0e9b997b16fb8d55ab8bf1efc026ab4e9b998a2aaa5b6d06242c8e76ce7ec6a0
189d6bd5f044f9e6ea0f6b540a40a3790f5a559618b7a45be00bf21b23c4985c
1d207766390de8db009865a9d028a9087db9944eadd4e677ead5f9556e23994d
2667f1fa29067f2c7a402a5b8385db1371f1926ead5a79666d17022ef661048a
27dc4f62298834987d3d8e5608c1af94c82ee3d18ee31858d39e0202697b5308
34a0c96135c98560add605d2e1a173384a94cdf276ba88b6fcde368e29af8b66
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
456e966709c44dedf8989f4362884672925c7cc3881dc6a108f9d617777c1ac0
4bd718af8476bf7589ec552bad98ef0a83555fefd824fb354ddc86a7fccb9b45
577cbe8a0151c6b7d40aa3a2b97a17c1f66cd0e011f29203153c2f9e9e01a65b
5d5baba0cd20d28cd5771aa8ff4cf75407962e9ee2f2f4cc7f6c2539c52790b7
6109d0834e16cc17f5b31608e4d7301a5b1f182dafa8a0bd332bf63190ca1277
63158f73aa9f4d442cf349762c6beac9fcf35c14c3376888e728164acfde3b86
6812909d8232f968935472b79243599c857a5ee23ae9c6bd7726d89c5aabcfe3
6814ef46f686990cf4e946f966167b0507e1d642c44e51f61bffb0bba2d4672b
6e26dfa1be98fb1bbf600b74abf10f1746754c2b4e25e0f10773f4ae1377af90
731d2ea0cac1e5642467e124a24d6700de0cf54171c0360f98eca37aaefb172c
78a88b38cd5143f136506a09ddd5911e109b4960b41c59acaf84696b12cbe6f3
802dae8c942c13acd3fe137a55f2241e71eb039a1e4076a91a96d2a89aae756a
83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d
86b90f5d0e091d3cdcd8d8e816934bcd962a1864968c720220a4d84387e7e9f9
88a83d6555af69a761e9d9c92ec7b587a1de45c95e4365ab8ef3d0abeb823ff0
8a75cf5940b4c633f28bd9aefa5cb518de73ac565674d8b80e67d3d646265370
9178d19c46b5a36fc8d4de24aa7fef3b62e7f69c259f4e81ee3f2d5aba263216
9571e379e619b964940830caedd1bed0a510aa88ab48b78c38efa01ce1b7f2ef
ae74584031b2f110e0643a0481c25197f1b30124f47449ce9414919377c99a13
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b16e381941da3ec765e79130a8accf57ac390f50c7ce2f817a8ed86cd87cb26f
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b2d2ec185087f20688fe04cb4b9bce60a67ddd075711cea7b3fa5acc1ceb4512
bb30148d9df7671c14f2cd5be91e6b7a1488932efb740a80b66f39052744c168
bf9127a642fc28d8b7c1fdc2a1d62a08cce36bbffb5ec6cec7da9fa5310905c5
c59811a7ea9f24ccb0e501d9428285014aaf3c0216dc6946bfcd85e567cc7292
cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342
d281581c9c95ed4233d02a4ba8a13b5dd08b30f01325c1250f0f44a7485d951f
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e918a3fcb44e725952c49774404f5564c0e5bf79fe03fdd78ec2034561153672
ec34cd386427fe6deacf99f4fdbeea4b1d1ed25f505411650d7ceaa843a7fc63
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f13f07bebbfa8268bef96f25932582ac40323126ce699f841724075d49676ec2
f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e
f9bb2f065cf180deec647f0fe1dd59cf3965a30bbf10beb8c7444c4ffb6e80aa
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

work.headspace.com Open in urlscan Pro 18.66.139.5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

59 Requests

93 %HTTPS

51 %IPv6

29 Domains

38 Subdomains

32 IPs

3 Countries

1400 kBTransfer

4362 kBSize

38 Cookies

0 Outgoing links

Redirected requests

59 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

work.headspace.com Open in urlscan Pro
18.66.139.5 Public Scan

Screenshot
Live screenshot

Full Image

59
Requests

93 %
HTTPS

51 %
IPv6

29
Domains

38
Subdomains

32
IPs

3
Countries

1400 kB
Transfer

4362 kB
Size

38
Cookies

59 HTTP transactions
0 data transactions