www.headspace.com Open in urlscan Pro
52.222.190.58 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://get.headspace.com/e2t/c/*W7NGvQR2brt41VQqm8s6P2cBd0/*W67lnX03RRW65W8gCS5b3R2JT10/5/f18dQhb0Sjvl8XJ8bxN8L4s_THyjJqM...
Effective URL:
https://www.headspace.com/how-it-works?utm_source=hs_email&utm_medium=email&utm_content=88170478&_hsenc=p2ANqtz-_zw4dY67kf...
Submission: On May 19 via api (May 19th 2020, 5:57:33 pm UTC) from US

Summary HTTP 46 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 26 IPs in 5 countries across 17 domains to perform 46 HTTP transactions. The main IP is 52.222.190.58, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is www.headspace.com.
TLS certificate: Issued by Amazon on October 29th 2019. Valid for: a year.

This is the only time www.headspace.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:4700::68... 2606:4700::6811:77b4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	52.222.190.58 52.222.190.58	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2a0::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a04:4e42:3::621 2a04:4e42:3::621	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:84e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.42.16.219 23.42.16.219	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
1	54.230.183.53 54.230.183.53	16509 (AMAZON-02) (AMAZON-02)
2	52.222.190.114 52.222.190.114	16509 (AMAZON-02) (AMAZON-02)
1	23.45.99.37 23.45.99.37	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2600:9000:201... 2600:9000:2016:8600:12:94b3:c380:93a1	16509 (AMAZON-02) (AMAZON-02)
3	152.199.23.241 152.199.23.241	15133 (EDGECAST) (EDGECAST)
1	2a04:4e42:200... 2a04:4e42:200::645	54113 (FASTLY) (FASTLY)
2	2a02:26f0:6c0... 2a02:26f0:6c00:2a3::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.84.50.78 52.84.50.78	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:81d::200e	15169 (GOOGLE) (GOOGLE)
1	54.230.55.43 54.230.55.43	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:3::645 2a04:4e42:3::645	54113 (FASTLY) (FASTLY)
1	34.231.143.6 34.231.143.6	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:207... 2600:9000:2070:f600:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02)
3	23.210.248.189 23.210.248.189	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a04:4e42:400... 2a04:4e42:400::645	54113 (FASTLY) (FASTLY)
2	2600:9000:209... 2600:9000:2093:d000:11:f728:3040:93a1	16509 (AMAZON-02) (AMAZON-02)
1	54.68.149.50 54.68.149.50	16509 (AMAZON-02) (AMAZON-02)
46	26

2 2606:4700::6811:77b4 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

get.headspace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 52.222.190.58 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-190-58.ham50.r.cloudfront.net

www.headspace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2a0::13b8 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::621 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:84e5 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.42.16.219 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-42-16-219.deploy.static.akamaitechnologies.com

cdn-akamai.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.183.53 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-183-53.ham50.r.cloudfront.net

cdn.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.190.114 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-190-114.ham50.r.cloudfront.net

static.headspace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.99.37 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a23-45-99-37.deploy.static.akamaitechnologies.com

a11673470095.cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2016:8600:12:94b3:c380:93a1 (United States)

ASN16509 (AMAZON-02, US)

images.ctfassets.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 152.199.23.241 (United States)

ASN15133 (EDGECAST, US)

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::645 (Ascension Island)

ASN54113 (FASTLY, US)

jssdkcdns.mparticle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:2a3::1931 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.84.50.78 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-50-78.ham50.r.cloudfront.net

d1fc8wv8zag5ca.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.55.43 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-55-43.ham50.r.cloudfront.net

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::645 (Ascension Island)

ASN54113 (FASTLY, US)

identity.mparticle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.231.143.6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-143-6.compute-1.amazonaws.com

logx.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2070:f600:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.210.248.189 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-189.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:400::645 (Ascension Island)

ASN54113 (FASTLY, US)

jssdks.mparticle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2093:d000:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02, US)

api2.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.68.149.50 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-68-149-50.us-west-2.compute.amazonaws.com

api.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	headspace.com 1 redirects get.headspace.com www.headspace.com static.headspace.com	858 KB
5	mparticle.com jssdkcdns.mparticle.com identity.mparticle.com jssdks.mparticle.com	412 KB
3	pinterest.com ct.pinterest.com	1 KB
3	tiqcdn.com tags.tiqcdn.com	18 KB
3	ctfassets.net images.ctfassets.net	35 KB
3	branch.io cdn.branch.io api2.branch.io	24 KB
3	optimizely.com cdn.optimizely.com a11673470095.cdn.optimizely.com logx.optimizely.com	90 KB
2	amplitude.com cdn.amplitude.com api.amplitude.com	23 KB
2	pinimg.com s.pinimg.com	17 KB
1	app.link app.link	727 B
1	google-analytics.com www.google-analytics.com	18 KB
1	criteo.net static.criteo.net	10 KB
1	cloudfront.net d1fc8wv8zag5ca.cloudfront.net	26 KB
1	googletagmanager.com www.googletagmanager.com	48 KB
1	mookie1.com cdn-akamai.mookie1.com	7 KB
1	cloudflare.com cdnjs.cloudflare.com	697 B
1	polyfill.io cdn.polyfill.io	643 B
46	17

	Domain	Requested by
11	www.headspace.com	get.headspace.com www.headspace.com
3	jssdks.mparticle.com	www.headspace.com
3	ct.pinterest.com	www.headspace.com
3	tags.tiqcdn.com	cdn-akamai.mookie1.com tags.tiqcdn.com
3	images.ctfassets.net	www.headspace.com
2	api2.branch.io	www.headspace.com
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	static.headspace.com	www.headspace.com
2	get.headspace.com	1 redirects
1	api.amplitude.com	www.headspace.com
1	app.link	cdn.branch.io
1	logx.optimizely.com	www.headspace.com
1	identity.mparticle.com	www.headspace.com
1	cdn.amplitude.com	jssdkcdns.mparticle.com
1	www.google-analytics.com	jssdkcdns.mparticle.com
1	static.criteo.net	www.googletagmanager.com
1	d1fc8wv8zag5ca.cloudfront.net	get.headspace.com
1	jssdkcdns.mparticle.com	get.headspace.com
1	a11673470095.cdn.optimizely.com	cdn.optimizely.com
1	cdn.branch.io	www.headspace.com
1	www.googletagmanager.com	www.headspace.com
1	cdn-akamai.mookie1.com	www.headspace.com
1	cdnjs.cloudflare.com	www.headspace.com
1	cdn.polyfill.io	www.headspace.com
1	cdn.optimizely.com	www.headspace.com
46	25

This site contains links to these domains. Also see Links.

Domain
help.headspace.com
my.headspace.com
hdspce.co
www.instagram.com
twitter.com
www.facebook.com
www.youtube.com
www.linkedin.com

Subject Issuer	Validity	Valid
get.headspace.com CloudFlare Inc ECC CA-2	`2020-01-11` - `2020-10-09`	9 months	crt.sh
*.headspace.com Amazon	`2019-10-29` - `2020-11-29`	a year	crt.sh
cdn.optimizely.com DigiCert SHA2 Secure Server CA	`2020-01-20` - `2021-03-20`	a year	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-04-16` - `2021-04-17`	a year	crt.sh
cloudflare.com CloudFlare Inc ECC CA-2	`2020-01-07` - `2020-10-09`	9 months	crt.sh
cdn-akamai.mookie1.com DigiCert SHA2 Secure Server CA	`2020-01-07` - `2021-01-07`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-04-28` - `2020-07-21`	3 months	crt.sh
*.branch.io DigiCert SHA2 Secure Server CA	`2018-12-05` - `2020-12-08`	2 years	crt.sh
*.cdn.optimizely.com GeoTrust RSA CA 2018	`2020-03-05` - `2021-06-04`	a year	crt.sh
images.ctfassets.net Amazon	`2020-04-17` - `2021-05-17`	a year	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2020-03-17` - `2022-06-17`	2 years	crt.sh
jssdkcdns.mparticle.com Let's Encrypt Authority X3	`2020-05-06` - `2020-08-04`	3 months	crt.sh
*.pinterest.com DigiCert SHA2 High Assurance Server CA	`2019-06-05` - `2020-07-22`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2020-03-30` - `2020-06-28`	3 months	crt.sh
cdn.amplitude.com Amazon	`2019-12-16` - `2021-01-16`	a year	crt.sh
identity.mparticle.com Go Daddy Secure Certificate Authority - G2	`2019-05-27` - `2021-07-17`	2 years	crt.sh
logx.optimizely.com DigiCert SHA2 High Assurance Server CA	`2018-10-01` - `2020-10-05`	2 years	crt.sh
appipv4.link Amazon	`2019-08-19` - `2020-09-19`	a year	crt.sh
jssdks.mparticle.com Let's Encrypt Authority X3	`2020-05-06` - `2020-08-04`	3 months	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2020-02-18` - `2022-02-13`	2 years	crt.sh

This page contains 3 frames:

Primary Page: https://www.headspace.com/how-it-works?utm_source=hs_email&utm_medium=email&utm_content=88170478&_hsenc=p2ANqtz-_zw4dY67kfX8a8Gwc_ERMi-EhUgbMcsMvNr6Gcfntdtnhx-IUSTzzsJ1hx28BY7Ow7MMeBdNBrY-EJHDJvaimdaBkX4ivd65EcTCOh09hRA_vRlJU&_hsmi=88170478
Frame ID: 179F85B197AED49548A83FE0F8F0B1FE
Requests: 45 HTTP requests in this frame

Frame: https://a11673470095.cdn.optimizely.com/client_storage/a11673470095.html
Frame ID: A769EF764DDD586CC74DC23805C2DFFF
Requests: 1 HTTP requests in this frame

Frame: https://tags.tiqcdn.com/utag/xaxis/-headspace/prod/mobile.html?order_id=&order_total=0.00&order_subtotal=0.00&lbData_MP1=&refAction=email-hs_email&refContent=88170478&order_currency=USD&xaxis_title=How%20Does%20Headspace%20Work%3F&xaxis_hash=&xaxis_domain=www.headspace.com&xaxis_pathname=%2Fhow-it-works&xaxis_url=https%3A%2F%2Fwww.headspace.com%2Fhow-it-works%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D88170478%26_hsenc%3Dp2ANqtz-_zw4dY67kfX8a8Gwc_ERMi-EhUgbMcsMvNr6Gcfntdtnhx-IUSTzzsJ1hx28BY7Ow7MMeBdNBrY-EJHDJvaimdaBkX4ivd65EcTCOh09hRA_vRlJU%26_hsmi%3D88170478&xaxis_referrer=
Frame ID: 85C4BB12F5F74A63B1795432B20CC7CA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://get.headspace.com/e2t/c/*W7NGvQR2brt41VQqm8s6P2cBd0/*W67lnX03RRW65W8gCS5b3R2JT10/5/f18dQhb0Sjv... Page URL
https://get.headspace.com/events/public/v1/track/c/*W7NGvQR2brt41VQqm8s6P2cBd0/*W67lnX03RRW65W8gCS5b3R... HTTP 307
https://www.headspace.com/how-it-works?utm_source=hs_email&utm_medium=email&utm_content=88170478&_hsen... Page URL

Detected technologies

Contentful (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<[^>]+(?:https?:)?\/\/(?:assets|downloads|images|videos)\.(?:ct?fassets\.net|contentful\.com)/i

Amplitude (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /cdn\.amplitude\.com/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /optimizely\.com.*\.js/i

Tealium (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /^(?:https?:)?\/\/tags\.tiqcdn\.com\//i

Page Statistics

46
Requests

100 %
HTTPS

56 %
IPv6

17
Domains

25
Subdomains

26
IPs

5
Countries

1590 kB
Transfer

4315 kB
Size

10
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://help.headspace.com/hc/en-us
Title: Help

Search URL Search Domain Scan URL

URL: https://my.headspace.com/discover/packs
Title: the entire Headspace Library

Search URL Search Domain Scan URL

URL: https://hdspce.co/2G9hram

Search URL Search Domain Scan URL

URL: https://www.instagram.com/headspace/

Search URL Search Domain Scan URL

URL: https://twitter.com/Headspace

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Headspace

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/Getsomeheadspace

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/headspace-meditation-limited

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://get.headspace.com/e2t/c/*W7NGvQR2brt41VQqm8s6P2cBd0/*W67lnX03RRW65W8gCS5b3R2JT10/5/f18dQhb0Sjvl8XJ8bxN8L4s_THyjJqMQBpmsd7tfRN3hHh8GVMsQMVnQ9Qq8--HBkW8ZPQgZ32RQfMW5nJfZH8Wm1rSW8V2Wtf2MVBKQW55FfM92MznrNW567bYV5lKvt_N5420y5JVPYMVVVW1H32p-C3W4cMfVr3Kqlz7W2KFZxK3Z7d2QN4gb1YLMMQxXW80gSRf97rB1bW8yfS-15J52WbW5CHLC93cXcm2N5xf33pfN4dPW6QPhJx1sV08BW9bp-qN5DjGjQW8n_pss8lFM9lW4tMrBX34pjwXVY6fnx3g22vKW9bqdL198yNPSW93NfNG8B7sS3W6L-KHJ3N1L5lW27cSqM3Htl40W5Dk3J524rdn8W3dqy4y7fS1TJW4pQ6ZP5hkmhfN8XMlxrwZy_fVcZLWR86l4pCW8xVfcq9dtq-4W6YPj-n8hTsJtW7NMlq67tGspgN7fG8ygWDM00W2vD9JX8KbWRJW933G1B56fpFgW4FzkLJ7_BS-fVJ2Scq4F4srpW4L1Mmr4JXQH_V1P91B627Pd8103 Page URL
https://get.headspace.com/events/public/v1/track/c/*W7NGvQR2brt41VQqm8s6P2cBd0/*W67lnX03RRW65W8gCS5b3R2JT10/5/f18dQhb0Sjvl8XJ8bxN8L4s_THyjJqMQBpmsd7tfRN3hHh8GVMsQMVnQ9Qq8--HBkW8ZPQgZ32RQfMW5nJfZH8Wm1rSW8V2Wtf2MVBKQW55FfM92MznrNW567bYV5lKvt_N5420y5JVPYMVVVW1H32p-C3W4cMfVr3Kqlz7W2KFZxK3Z7d2QN4gb1YLMMQxXW80gSRf97rB1bW8yfS-15J52WbW5CHLC93cXcm2N5xf33pfN4dPW6QPhJx1sV08BW9bp-qN5DjGjQW8n_pss8lFM9lW4tMrBX34pjwXVY6fnx3g22vKW9bqdL198yNPSW93NfNG8B7sS3W6L-KHJ3N1L5lW27cSqM3Htl40W5Dk3J524rdn8W3dqy4y7fS1TJW4pQ6ZP5hkmhfN8XMlxrwZy_fVcZLWR86l4pCW8xVfcq9dtq-4W6YPj-n8hTsJtW7NMlq67tGspgN7fG8ygWDM00W2vD9JX8KbWRJW933G1B56fpFgW4FzkLJ7_BS-fVJ2Scq4F4srpW4L1Mmr4JXQH_V1P91B627Pd8103?_ud=30dfac16-98bf-410d-9d38-6ae88ece885e&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
https://www.headspace.com/how-it-works?utm_source=hs_email&utm_medium=email&utm_content=88170478&_hsenc=p2ANqtz-_zw4dY67kfX8a8Gwc_ERMi-EhUgbMcsMvNr6Gcfntdtnhx-IUSTzzsJ1hx28BY7Ow7MMeBdNBrY-EJHDJvaimdaBkX4ivd65EcTCOh09hRA_vRlJU&_hsmi=88170478 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 f18dQhb0Sjvl8XJ8bxN8L4s_THyjJqMQBpmsd7tfRN3hHh8GVMsQMVnQ9Qq8--HBkW8ZPQgZ32RQfMW5nJfZH8Wm1rSW8V2Wtf2MVBKQW55FfM92MznrNW567bYV5lKvt_N5420y5JVPYMVVVW1H32p-C3W4cMfVr3Kqlz7W2KFZxK3Z7d2QN4gb1YLMMQxXW80gS... Show response
get.headspace.com/e2t/c/*W7NGvQR2brt41VQqm8s6P2cBd0/*W67lnX03RRW65W8gCS5b3R2JT10/5/ 9 KB
3 KB 114ms
86ms Document
text/html 2606:4700::6811:77b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://get.headspace.com/e2t/c/*W7NGvQR2brt41VQqm8s6P2cBd0/*W67lnX03RRW65W8gCS5b3R2JT10/5/f18dQhb0Sjvl8XJ8bxN8L4s_THyjJqMQBpmsd7tfRN3hHh8GVMsQMVnQ9Qq8--HBkW8ZPQgZ32RQfMW5nJfZH8Wm1rSW8V2Wtf2MVBKQW55FfM92MznrNW567bYV5lKvt_N5420y5JVPYMVVVW1H32p-C3W4cMfVr3Kqlz7W2KFZxK3Z7d2QN4gb1YLMMQxXW80gSRf97rB1bW8yfS-15J52WbW5CHLC93cXcm2N5xf33pfN4dPW6QPhJx1sV08BW9bp-qN5DjGjQW8n_pss8lFM9lW4tMrBX34pjwXVY6fnx3g22vKW9bqdL198yNPSW93NfNG8B7sS3W6L-KHJ3N1L5lW27cSqM3Htl40W5Dk3J524rdn8W3dqy4y7fS1TJW4pQ6ZP5hkmhfN8XMlxrwZy_fVcZLWR86l4pCW8xVfcq9dtq-4W6YPj-n8hTsJtW7NMlq67tGspgN7fG8ygWDM00W2vD9JX8KbWRJW933G1B56fpFgW4FzkLJ7_BS-fVJ2Scq4F4srpW4L1Mmr4JXQH_V1P91B627Pd8103
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:77b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b767b1370e3d8c832168c3d642ae2f477c93c582648910ad6374ee865a583f6

Request headers

:method: GET
:authority: get.headspace.com
:scheme: https
:path: /e2t/c/*W7NGvQR2brt41VQqm8s6P2cBd0/*W67lnX03RRW65W8gCS5b3R2JT10/5/f18dQhb0Sjvl8XJ8bxN8L4s_THyjJqMQBpmsd7tfRN3hHh8GVMsQMVnQ9Qq8--HBkW8ZPQgZ32RQfMW5nJfZH8Wm1rSW8V2Wtf2MVBKQW55FfM92MznrNW567bYV5lKvt_N5420y5JVPYMVVVW1H32p-C3W4cMfVr3Kqlz7W2KFZxK3Z7d2QN4gb1YLMMQxXW80gSRf97rB1bW8yfS-15J52WbW5CHLC93cXcm2N5xf33pfN4dPW6QPhJx1sV08BW9bp-qN5DjGjQW8n_pss8lFM9lW4tMrBX34pjwXVY6fnx3g22vKW9bqdL198yNPSW93NfNG8B7sS3W6L-KHJ3N1L5lW27cSqM3Htl40W5Dk3J524rdn8W3dqy4y7fS1TJW4pQ6ZP5hkmhfN8XMlxrwZy_fVcZLWR86l4pCW8xVfcq9dtq-4W6YPj-n8hTsJtW7NMlq67tGspgN7fG8ygWDM00W2vD9JX8KbWRJW933G1B56fpFgW4FzkLJ7_BS-fVJ2Scq4F4srpW4L1Mmr4JXQH_V1P91B627Pd8103
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Tue, 19 May 2020 17:57:12 GMT
content-type: text/html;charset=utf-8
set-cookie: __cfduid=dbdc9c2c2777b7b2c7d800b54fadbd6261589911032; expires=Thu, 18-Jun-20 17:57:12 GMT; path=/; domain=.get.headspace.com; HttpOnly; SameSite=Lax __cfruid=d246cafa1b3695677afc300e3429fa6cb494f8b5-1589911032; path=/; domain=.get.headspace.com; HttpOnly; Secure; SameSite=None
cf-ray: 595fb2f1bf46d6f1-FRA
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
server: cloudflare
content-encoding: br
cf-request-id: 02cfae2b130000d6f114bd8200000001

GET
H2

200

Primary Request how-it-works Show response
www.headspace.com/
Redirect Chain

https://get.headspace.com/events/public/v1/track/c/*W7NGvQR2brt41VQqm8s6P2cBd0/*W67lnX03RRW65W8gCS5b3R2JT10/5/f18dQhb0Sjvl8XJ8bxN8L4s_THyjJqMQBpmsd7tfRN3hHh8GVMsQMVnQ9Qq8--HBkW8ZPQgZ32RQfMW5nJfZH8W...
https://www.headspace.com/how-it-works?utm_source=hs_email&utm_medium=email&utm_content=88170478&_hsenc=p2ANqtz-_zw4dY67kfX8a8Gwc_ERMi-EhUgbMcsMvNr6Gcfntdtnhx-IUSTzzsJ1hx28BY7Ow7MMeBdNBrY-EJHDJvaim...

139 KB
29 KB

938ms
485ms

Document
text/html

52.222.190.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.headspace.com/how-it-works?utm_source=hs_email&utm_medium=email&utm_content=88170478&_hsenc=p2ANqtz-_zw4dY67kfX8a8Gwc_ERMi-EhUgbMcsMvNr6Gcfntdtnhx-IUSTzzsJ1hx28BY7Ow7MMeBdNBrY-EJHDJvaimdaBkX4ivd65EcTCOh09hRA_vRlJU&_hsmi=88170478

Requested by

Host: get.headspace.com
URL: https://get.headspace.com/e2t/c/*W7NGvQR2brt41VQqm8s6P2cBd0/*W67lnX03RRW65W8gCS5b3R2JT10/5/f18dQhb0Sjvl8XJ8bxN8L4s_THyjJqMQBpmsd7tfRN3hHh8GVMsQMVnQ9Qq8--HBkW8ZPQgZ32RQfMW5nJfZH8Wm1rSW8V2Wtf2MVBKQW55FfM92MznrNW567bYV5lKvt_N5420y5JVPYMVVVW1H32p-C3W4cMfVr3Kqlz7W2KFZxK3Z7d2QN4gb1YLMMQxXW80gSRf97rB1bW8yfS-15J52WbW5CHLC93cXcm2N5xf33pfN4dPW6QPhJx1sV08BW9bp-qN5DjGjQW8n_pss8lFM9lW4tMrBX34pjwXVY6fnx3g22vKW9bqdL198yNPSW93NfNG8B7sS3W6L-KHJ3N1L5lW27cSqM3Htl40W5Dk3J524rdn8W3dqy4y7fS1TJW4pQ6ZP5hkmhfN8XMlxrwZy_fVcZLWR86l4pCW8xVfcq9dtq-4W6YPj-n8hTsJtW7NMlq67tGspgN7fG8ygWDM00W2vD9JX8KbWRJW933G1B56fpFgW4FzkLJ7_BS-fVJ2Scq4F4srpW4L1Mmr4JXQH_V1P91B627Pd8103

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.222.190.58 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-190-58.ham50.r.cloudfront.net

Software

/ Next.js 7.0.3

Resource Hash

37518ff78f2e7be901e84e14ba4cfef3218f9e108ba0d9affac3dad5b6bb3b27

Security Headers

Name	Value
Content-Security-Policy	connect-src .cloudfront.net .headspace.com api.amplitude.com api.branch.io api.chilipiper.com api-js.mixpanel.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com gum.criteo.com identity.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com rum.optimizely.com sdk.iad-01.braze.com sentry.io static.zuora.com stats.g.doubleclick.net www.facebook.com www.google-analytics.com 'self'; default-src .headspace.com data:; font-src .headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src .headspace.com a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com bid.g.doubleclick.net forms.hsforms.com gum.criteo.com static.criteo.net tags.tiqcdn.com widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' ; media-src .headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src .cloudfront.net .headspace.com a.quora.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link blob: cdn-akamai.mookie1.com cdn.amplitude.com cdn.branch.io cdn.lr-ingest.io cdn.optimizely.com cdn.polyfill.io cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net forms.hsforms.com googleads.g.doubleclick.net https://static.zuora.com js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-scripts.com js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com tags.tiqcdn.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; style-src .headspace.com cdn.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://sentry.io/api/1532173/security/?sentry_key=ac60cf3a3f0240d487fa18d834ea627b&sentry_environment=production
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.headspace.com
:scheme: https
:path: /how-it-works?utm_source=hs_email&utm_medium=email&utm_content=88170478&_hsenc=p2ANqtz-_zw4dY67kfX8a8Gwc_ERMi-EhUgbMcsMvNr6Gcfntdtnhx-IUSTzzsJ1hx28BY7Ow7MMeBdNBrY-EJHDJvaimdaBkX4ivd65EcTCOh09hRA_vRlJU&_hsmi=88170478
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://get.headspace.com/e2t/c/*W7NGvQR2brt41VQqm8s6P2cBd0/*W67lnX03RRW65W8gCS5b3R2JT10/5/f18dQhb0Sjvl8XJ8bxN8L4s_THyjJqMQBpmsd7tfRN3hHh8GVMsQMVnQ9Qq8--HBkW8ZPQgZ32RQfMW5nJfZH8Wm1rSW8V2Wtf2MVBKQW55FfM92MznrNW567bYV5lKvt_N5420y5JVPYMVVVW1H32p-C3W4cMfVr3Kqlz7W2KFZxK3Z7d2QN4gb1YLMMQxXW80gSRf97rB1bW8yfS-15J52WbW5CHLC93cXcm2N5xf33pfN4dPW6QPhJx1sV08BW9bp-qN5DjGjQW8n_pss8lFM9lW4tMrBX34pjwXVY6fnx3g22vKW9bqdL198yNPSW93NfNG8B7sS3W6L-KHJ3N1L5lW27cSqM3Htl40W5Dk3J524rdn8W3dqy4y7fS1TJW4pQ6ZP5hkmhfN8XMlxrwZy_fVcZLWR86l4pCW8xVfcq9dtq-4W6YPj-n8hTsJtW7NMlq67tGspgN7fG8ygWDM00W2vD9JX8KbWRJW933G1B56fpFgW4FzkLJ7_BS-fVJ2Scq4F4srpW4L1Mmr4JXQH_V1P91B627Pd8103

Response headers

status: 200
content-type: text/html; charset=utf-8
date: Tue, 19 May 2020 17:57:13 GMT
set-cookie: AWSALB=BscK+rlrrXc8/MacXY8v+c6bKxzrLx3d+X51pJ7rQEpX8giINqWQPE/LUyI9PBQgTBlUOpiJYZymEbJAAdrfvNNrkqIaM2/Pq257gHRRQeAVO4kzGxnJsWgVygjU; Expires=Tue, 26 May 2020 17:57:13 GMT; Path=/ AWSALBCORS=BscK+rlrrXc8/MacXY8v+c6bKxzrLx3d+X51pJ7rQEpX8giINqWQPE/LUyI9PBQgTBlUOpiJYZymEbJAAdrfvNNrkqIaM2/Pq257gHRRQeAVO4kzGxnJsWgVygjU; Expires=Tue, 26 May 2020 17:57:13 GMT; Path=/; SameSite=None; Secure _sp_id.8a05=d226b761-1067-4117-9e9d-bf47d4c819bd.1589911033.0.1589911033..450dfb36-699d-4965-b198-7d4fe015cba3; Max-Age=31536; Domain=.headspace.com; Path=/; Expires=Wed, 20 May 2020 02:42:49 GMT; Secure countryCode=SE; Max-Age=31536; Domain=.headspace.com; Path=/; Expires=Wed, 20 May 2020 02:42:49 GMT; Secure cookiePolicyMarketing=not-set; Max-Age=7776; Domain=.headspace.com; Path=/; Expires=Tue, 19 May 2020 20:06:49 GMT; Secure cookiePolicyAnalytics=not-set; Max-Age=7776; Domain=.headspace.com; Path=/; Expires=Tue, 19 May 2020 20:06:49 GMT; Secure lang=en; Max-Age=31536; Domain=.headspace.com; Path=/; Expires=Wed, 20 May 2020 02:42:49 GMT; Secure
vary: Origin Accept-Encoding
feature-policy: geolocation 'none'; microphone 'none';
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: same-origin
content-security-policy: connect-src *.cloudfront.net *.headspace.com api.amplitude.com api.branch.io api.chilipiper.com api-js.mixpanel.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com gum.criteo.com identity.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com rum.optimizely.com sdk.iad-01.braze.com sentry.io static.zuora.com stats.g.doubleclick.net www.facebook.com www.google-analytics.com 'self'; default-src *.headspace.com data:; font-src *.headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src *.headspace.com a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com bid.g.doubleclick.net forms.hsforms.com gum.criteo.com static.criteo.net tags.tiqcdn.com widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' *; media-src *.headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src *.cloudfront.net *.headspace.com a.quora.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link blob: cdn-akamai.mookie1.com cdn.amplitude.com cdn.branch.io cdn.lr-ingest.io cdn.optimizely.com cdn.polyfill.io cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net forms.hsforms.com googleads.g.doubleclick.net https://static.zuora.com js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-scripts.com js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com tags.tiqcdn.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; style-src *.headspace.com cdn.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://sentry.io/api/1532173/security/?sentry_key=ac60cf3a3f0240d487fa18d834ea627b&sentry_environment=production
x-powered-by: Next.js 7.0.3
etag: "22b66-SsEYPa5wYSJXhi1GDPQ8ftrcd6c"
content-encoding: gzip
access-control-allow-headers: authorization,content-type,x-requested-with
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-credentials: true
x-cache: Miss from cloudfront
via: 1.1 e53b47c398fced59a0a7e03d97bc21f1.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C2
x-amz-cf-id: PdWrTdITWu6XkukpiN4w9VOtLxBUOB_2NjeHRp5weACiW8jHidkAyQ==

Redirect headers

status: 307
date: Tue, 19 May 2020 17:57:12 GMT
location: https://www.headspace.com/how-it-works?utm_source=hs_email&utm_medium=email&utm_content=88170478&_hsenc=p2ANqtz-_zw4dY67kfX8a8Gwc_ERMi-EhUgbMcsMvNr6Gcfntdtnhx-IUSTzzsJ1hx28BY7Ow7MMeBdNBrY-EJHDJvaimdaBkX4ivd65EcTCOh09hRA_vRlJU&_hsmi=88170478
cf-ray: 595fb2f24967d6f1-FRA
link: <https://www.headspace.com/how-it-works?utm_source=hs_email&utm_medium=email&utm_content=88170478&_hsenc=p2ANqtz-_zw4dY67kfX8a8Gwc_ERMi-EhUgbMcsMvNr6Gcfntdtnhx-IUSTzzsJ1hx28BY7Ow7MMeBdNBrY-EJHDJvaimdaBkX4ivd65EcTCOh09hRA_vRlJU&_hsmi=88170478>; rel="canonical"
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-robots-tag: none
server: cloudflare
cf-request-id: 02cfae2b710000d6f114be2200000001

GET
H2 200 catch-all.js Show response
www.headspace.com/_next/static/rqyw2sppT1g1gXXpLYSYc/pages/ 666 KB
228 KB 571ms
568ms Script
application/javascript 52.222.190.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.headspace.com/_next/static/rqyw2sppT1g1gXXpLYSYc/pages/catch-all.js

Requested by

Host: www.headspace.com
URL: https://www.headspace.com/how-it-works?utm_source=hs_email&utm_medium=email&utm_content=88170478&_hsenc=p2ANqtz-_zw4dY67kfX8a8Gwc_ERMi-EhUgbMcsMvNr6Gcfntdtnhx-IUSTzzsJ1hx28BY7Ow7MMeBdNBrY-EJHDJvaimdaBkX4ivd65EcTCOh09hRA_vRlJU&_hsmi=88170478

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.222.190.58 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-190-58.ham50.r.cloudfront.net

Software

Resource Hash

7a446bf526f15f1f5ab59f007613e8661963552a60f4de6a4b22dcec92131dec

Security Headers

Name	Value
Content-Security-Policy	connect-src .cloudfront.net .headspace.com api.amplitude.com api.branch.io api.chilipiper.com api-js.mixpanel.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com gum.criteo.com identity.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com rum.optimizely.com sdk.iad-01.braze.com sentry.io static.zuora.com stats.g.doubleclick.net www.facebook.com www.google-analytics.com 'self'; default-src .headspace.com data:; font-src .headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src .headspace.com a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com bid.g.doubleclick.net forms.hsforms.com gum.criteo.com static.criteo.net tags.tiqcdn.com widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' ; media-src .headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src .cloudfront.net .headspace.com a.quora.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link blob: cdn-akamai.mookie1.com cdn.amplitude.com cdn.branch.io cdn.lr-ingest.io cdn.optimizely.com cdn.polyfill.io cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net forms.hsforms.com googleads.g.doubleclick.net https://static.zuora.com js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-scripts.com js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com tags.tiqcdn.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; style-src .headspace.com cdn.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://sentry.io/api/1532173/security/?sentry_key=ac60cf3a3f0240d487fa18d834ea627b&sentry_environment=production
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.headspace.com/how-it-works?utm_source=hs_email&utm_medium=email&utm_content=88170478&_hsenc=p2ANqtz-_zw4dY67kfX8a8Gwc_ERMi-EhUgbMcsMvNr6Gcfntdtnhx-IUSTzzsJ1hx28BY7Ow7MMeBdNBrY-EJHDJvaimdaBkX4ivd65EcTCOh09hRA_vRlJU&_hsmi=88170478
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 19 May 2020 17:57:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: HAM50-C2
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
status: 200
vary: Origin, Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 13 May 2020 20:19:35 GMT
x-frame-options: SAMEORIGIN
etag: W/"a6808-1720fb143d8"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
via: 1.1 e53b47c398fced59a0a7e03d97bc21f1.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation 'none'; microphone 'none';
content-security-policy: connect-src *.cloudfront.net *.headspace.com api.amplitude.com api.branch.io api.chilipiper.com api-js.mixpanel.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com gum.criteo.com identity.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com rum.optimizely.com sdk.iad-01.braze.com sentry.io static.zuora.com stats.g.doubleclick.net www.facebook.com www.google-analytics.com 'self'; default-src *.headspace.com data:; font-src *.headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src *.headspace.com a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com bid.g.doubleclick.net forms.hsforms.com gum.criteo.com static.criteo.net tags.tiqcdn.com widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' *; media-src *.headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src *.cloudfront.net *.headspace.com a.quora.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link blob: cdn-akamai.mookie1.com cdn.amplitude.com cdn.branch.io cdn.lr-ingest.io cdn.optimizely.com cdn.polyfill.io cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net forms.hsforms.com googleads.g.doubleclick.net https://static.zuora.com js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-scripts.com js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com tags.tiqcdn.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; style-src *.headspace.com cdn.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://sentry.io/api/1532173/security/?sentry_key=ac60cf3a3f0240d487fa18d834ea627b&sentry_environment=production
accept-ranges: bytes
access-control-allow-headers: authorization,content-type,x-requested-with
x-amz-cf-id: HOEt-A2f4dlrIkpizsLyLIyqQCZElVGNo99AAz_T3AFKHTwts0Wzxg==
access-control-allow-credentials: true

GET
H2 200 _app.js Show response
www.headspace.com/_next/static/rqyw2sppT1g1gXXpLYSYc/pages/ 627 KB
212 KB 405ms
403ms Script
application/javascript 52.222.190.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.headspace.com/_next/static/rqyw2sppT1g1gXXpLYSYc/pages/_app.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.222.190.58 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-190-58.ham50.r.cloudfront.net

Software

Resource Hash

a34c19524cc510c06cab6bb21fc8d6974e13203ff1727626d137a73f88cb2e41

Security Headers

Name	Value
Content-Security-Policy	connect-src .cloudfront.net .headspace.com api.amplitude.com api.branch.io api.chilipiper.com api-js.mixpanel.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com gum.criteo.com identity.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com rum.optimizely.com sdk.iad-01.braze.com sentry.io static.zuora.com stats.g.doubleclick.net www.facebook.com www.google-analytics.com 'self'; default-src .headspace.com data:; font-src .headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src .headspace.com a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com bid.g.doubleclick.net forms.hsforms.com gum.criteo.com static.criteo.net tags.tiqcdn.com widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' ; media-src .headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src .cloudfront.net .headspace.com a.quora.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link blob: cdn-akamai.mookie1.com cdn.amplitude.com cdn.branch.io cdn.lr-ingest.io cdn.optimizely.com cdn.polyfill.io cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net forms.hsforms.com googleads.g.doubleclick.net https://static.zuora.com js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-scripts.com js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com tags.tiqcdn.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; style-src .headspace.com cdn.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://sentry.io/api/1532173/security/?sentry_key=ac60cf3a3f0240d487fa18d834ea627b&sentry_environment=production
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.headspace.com/how-it-works?utm_source=hs_email&utm_medium=email&utm_content=88170478&_hsenc=p2ANqtz-_zw4dY67kfX8a8Gwc_ERMi-EhUgbMcsMvNr6Gcfntdtnhx-IUSTzzsJ1hx28BY7Ow7MMeBdNBrY-EJHDJvaimdaBkX4ivd65EcTCOh09hRA_vRlJU&_hsmi=88170478
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 19 May 2020 17:57:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: HAM50-C2
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
status: 200
vary: Origin, Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 13 May 2020 20:19:35 GMT
x-frame-options: SAMEORIGIN
etag: W/"9cdc9-1720fb143d8"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
via: 1.1 e53b47c398fced59a0a7e03d97bc21f1.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation 'none'; microphone 'none';
content-security-policy: connect-src *.cloudfront.net *.headspace.com api.amplitude.com api.branch.io api.chilipiper.com api-js.mixpanel.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com gum.criteo.com identity.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com rum.optimizely.com sdk.iad-01.braze.com sentry.io static.zuora.com stats.g.doubleclick.net www.facebook.com www.google-analytics.com 'self'; default-src *.headspace.com data:; font-src *.headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src *.headspace.com a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com bid.g.doubleclick.net forms.hsforms.com gum.criteo.com static.criteo.net tags.tiqcdn.com widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' *; media-src *.headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src *.cloudfront.net *.headspace.com a.quora.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link blob: cdn-akamai.mookie1.com cdn.amplitude.com cdn.branch.io cdn.lr-ingest.io cdn.optimizely.com cdn.polyfill.io cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net forms.hsforms.com googleads.g.doubleclick.net https://static.zuora.com js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-scripts.com js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com tags.tiqcdn.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; style-src *.headspace.com cdn.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://sentry.io/api/1532173/security/?sentry_key=ac60cf3a3f0240d487fa18d834ea627b&sentry_environment=production
accept-ranges: bytes
access-control-allow-headers: authorization,content-type,x-requested-with
x-amz-cf-id: 6hDnySMp1y6gCL-gXLZQEaEHmxsz6Ezq2mJIvWpHL9sOmqqvHHUvjA==
access-control-allow-credentials: true

GET
H2 200 _error.js Show response
www.headspace.com/_next/static/rqyw2sppT1g1gXXpLYSYc/pages/ 20 KB
9 KB 1057ms
1055ms Script
application/javascript 52.222.190.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.headspace.com/_next/static/rqyw2sppT1g1gXXpLYSYc/pages/_error.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.222.190.58 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-190-58.ham50.r.cloudfront.net

Software

Resource Hash

6a66bf2110b9409a61c2c0b40c95991dd78f5cc34d8c4429785b3501841cb54a

Security Headers

Name	Value
Content-Security-Policy	connect-src .cloudfront.net .headspace.com api.amplitude.com api.branch.io api.chilipiper.com api-js.mixpanel.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com gum.criteo.com identity.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com rum.optimizely.com sdk.iad-01.braze.com sentry.io static.zuora.com stats.g.doubleclick.net www.facebook.com www.google-analytics.com 'self'; default-src .headspace.com data:; font-src .headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src .headspace.com a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com bid.g.doubleclick.net forms.hsforms.com gum.criteo.com static.criteo.net tags.tiqcdn.com widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' ; media-src .headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src .cloudfront.net .headspace.com a.quora.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link blob: cdn-akamai.mookie1.com cdn.amplitude.com cdn.branch.io cdn.lr-ingest.io cdn.optimizely.com cdn.polyfill.io cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net forms.hsforms.com googleads.g.doubleclick.net https://static.zuora.com js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-scripts.com js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com tags.tiqcdn.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; style-src .headspace.com cdn.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://sentry.io/api/1532173/security/?sentry_key=ac60cf3a3f0240d487fa18d834ea627b&sentry_environment=production
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.headspace.com/how-it-works?utm_source=hs_email&utm_medium=email&utm_content=88170478&_hsenc=p2ANqtz-_zw4dY67kfX8a8Gwc_ERMi-EhUgbMcsMvNr6Gcfntdtnhx-IUSTzzsJ1hx28BY7Ow7MMeBdNBrY-EJHDJvaimdaBkX4ivd65EcTCOh09hRA_vRlJU&_hsmi=88170478
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 19 May 2020 17:57:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: HAM50-C2
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
status: 200
vary: Origin, Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 13 May 2020 20:19:35 GMT
x-frame-options: SAMEORIGIN
etag: W/"509c-1720fb143d8"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
via: 1.1 e53b47c398fced59a0a7e03d97bc21f1.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation 'none'; microphone 'none';
content-security-policy: connect-src *.cloudfront.net *.headspace.com api.amplitude.com api.branch.io api.chilipiper.com api-js.mixpanel.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com gum.criteo.com identity.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com rum.optimizely.com sdk.iad-01.braze.com sentry.io static.zuora.com stats.g.doubleclick.net www.facebook.com www.google-analytics.com 'self'; default-src *.headspace.com data:; font-src *.headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src *.headspace.com a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com bid.g.doubleclick.net forms.hsforms.com gum.criteo.com static.criteo.net tags.tiqcdn.com widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' *; media-src *.headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src *.cloudfront.net *.headspace.com a.quora.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link blob: cdn-akamai.mookie1.com cdn.amplitude.com cdn.branch.io cdn.lr-ingest.io cdn.optimizely.com cdn.polyfill.io cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net forms.hsforms.com googleads.g.doubleclick.net https://static.zuora.com js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-scripts.com js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com tags.tiqcdn.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; style-src *.headspace.com cdn.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://sentry.io/api/1532173/security/?sentry_key=ac60cf3a3f0240d487fa18d834ea627b&sentry_environment=production
accept-ranges: bytes
access-control-allow-headers: authorization,content-type,x-requested-with
x-amz-cf-id: eEbqFvPT6AO0dG39EE4allMGo_Iy8lr-uVYG63IsGpNTMNbeMcbYYw==
access-control-allow-credentials: true

GET
H2 200 webpack-23a190b45fc653bfb291.js Show response
www.headspace.com/_next/static/runtime/ 2 KB
4 KB 1051ms
1049ms Script
application/javascript 52.222.190.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.headspace.com/_next/static/runtime/webpack-23a190b45fc653bfb291.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.222.190.58 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-190-58.ham50.r.cloudfront.net

Software

Resource Hash

a09bdb333bae465de4250fe824f3e1142cb07e22ab746e63f7f7ef999653e8ff

Security Headers

Name	Value
Content-Security-Policy	connect-src .cloudfront.net .headspace.com api.amplitude.com api.branch.io api.chilipiper.com api-js.mixpanel.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com gum.criteo.com identity.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com rum.optimizely.com sdk.iad-01.braze.com sentry.io static.zuora.com stats.g.doubleclick.net www.facebook.com www.google-analytics.com 'self'; default-src .headspace.com data:; font-src .headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src .headspace.com a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com bid.g.doubleclick.net forms.hsforms.com gum.criteo.com static.criteo.net tags.tiqcdn.com widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' ; media-src .headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src .cloudfront.net .headspace.com a.quora.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link blob: cdn-akamai.mookie1.com cdn.amplitude.com cdn.branch.io cdn.lr-ingest.io cdn.optimizely.com cdn.polyfill.io cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net forms.hsforms.com googleads.g.doubleclick.net https://static.zuora.com js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-scripts.com js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com tags.tiqcdn.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; style-src .headspace.com cdn.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://sentry.io/api/1532173/security/?sentry_key=ac60cf3a3f0240d487fa18d834ea627b&sentry_environment=production
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.headspace.com/how-it-works?utm_source=hs_email&utm_medium=email&utm_content=88170478&_hsenc=p2ANqtz-_zw4dY67kfX8a8Gwc_ERMi-EhUgbMcsMvNr6Gcfntdtnhx-IUSTzzsJ1hx28BY7Ow7MMeBdNBrY-EJHDJvaimdaBkX4ivd65EcTCOh09hRA_vRlJU&_hsmi=88170478
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 19 May 2020 17:57:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: HAM50-C2
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
status: 200
vary: Origin, Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 13 May 2020 20:19:35 GMT
x-frame-options: SAMEORIGIN
etag: W/"92e-1720fb143d8"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
via: 1.1 e53b47c398fced59a0a7e03d97bc21f1.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation 'none'; microphone 'none';
content-security-policy: connect-src *.cloudfront.net *.headspace.com api.amplitude.com api.branch.io api.chilipiper.com api-js.mixpanel.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com gum.criteo.com identity.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com rum.optimizely.com sdk.iad-01.braze.com sentry.io static.zuora.com stats.g.doubleclick.net www.facebook.com www.google-analytics.com 'self'; default-src *.headspace.com data:; font-src *.headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src *.headspace.com a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com bid.g.doubleclick.net forms.hsforms.com gum.criteo.com static.criteo.net tags.tiqcdn.com widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' *; media-src *.headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src *.cloudfront.net *.headspace.com a.quora.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link blob: cdn-akamai.mookie1.com cdn.amplitude.com cdn.branch.io cdn.lr-ingest.io cdn.optimizely.com cdn.polyfill.io cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net forms.hsforms.com googleads.g.doubleclick.net https://static.zuora.com js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-scripts.com js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com tags.tiqcdn.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; style-src *.headspace.com cdn.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://sentry.io/api/1532173/security/?sentry_key=ac60cf3a3f0240d487fa18d834ea627b&sentry_environment=production
accept-ranges: bytes
access-control-allow-headers: authorization,content-type,x-requested-with
x-amz-cf-id: 1cn1RHg6IMvQss_4zkp1LpJrT3y-JeV_sOt3yA5yYn7J_hwiuHfMmg==
access-control-allow-credentials: true

GET
H2 200 commons.6b0a8655cac3ff2daafc.js Show response
www.headspace.com/_next/static/chunks/ 875 KB
298 KB 1112ms
1110ms Script
application/javascript 52.222.190.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.headspace.com/_next/static/chunks/commons.6b0a8655cac3ff2daafc.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.222.190.58 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-190-58.ham50.r.cloudfront.net

Software

Resource Hash

513ec264d0d9bcb4883b5fc9c3d5660aff4364f2f56b50bfc78add86d707a199

Security Headers

Name	Value
Content-Security-Policy	connect-src .cloudfront.net .headspace.com api.amplitude.com api.branch.io api.chilipiper.com api-js.mixpanel.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com gum.criteo.com identity.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com rum.optimizely.com sdk.iad-01.braze.com sentry.io static.zuora.com stats.g.doubleclick.net www.facebook.com www.google-analytics.com 'self'; default-src .headspace.com data:; font-src .headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src .headspace.com a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com bid.g.doubleclick.net forms.hsforms.com gum.criteo.com static.criteo.net tags.tiqcdn.com widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' ; media-src .headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src .cloudfront.net .headspace.com a.quora.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link blob: cdn-akamai.mookie1.com cdn.amplitude.com cdn.branch.io cdn.lr-ingest.io cdn.optimizely.com cdn.polyfill.io cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net forms.hsforms.com googleads.g.doubleclick.net https://static.zuora.com js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-scripts.com js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com tags.tiqcdn.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; style-src .headspace.com cdn.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://sentry.io/api/1532173/security/?sentry_key=ac60cf3a3f0240d487fa18d834ea627b&sentry_environment=production
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.headspace.com/how-it-works?utm_source=hs_email&utm_medium=email&utm_content=88170478&_hsenc=p2ANqtz-_zw4dY67kfX8a8Gwc_ERMi-EhUgbMcsMvNr6Gcfntdtnhx-IUSTzzsJ1hx28BY7Ow7MMeBdNBrY-EJHDJvaimdaBkX4ivd65EcTCOh09hRA_vRlJU&_hsmi=88170478
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 19 May 2020 17:57:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: HAM50-C2
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
status: 200
vary: Origin, Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 13 May 2020 20:19:35 GMT
x-frame-options: SAMEORIGIN
etag: W/"daa7e-1720fb143d8"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
via: 1.1 e53b47c398fced59a0a7e03d97bc21f1.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation 'none'; microphone 'none';
content-security-policy: connect-src *.cloudfront.net *.headspace.com api.amplitude.com api.branch.io api.chilipiper.com api-js.mixpanel.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com gum.criteo.com identity.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com rum.optimizely.com sdk.iad-01.braze.com sentry.io static.zuora.com stats.g.doubleclick.net www.facebook.com www.google-analytics.com 'self'; default-src *.headspace.com data:; font-src *.headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src *.headspace.com a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com bid.g.doubleclick.net forms.hsforms.com gum.criteo.com static.criteo.net tags.tiqcdn.com widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' *; media-src *.headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src *.cloudfront.net *.headspace.com a.quora.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link blob: cdn-akamai.mookie1.com cdn.amplitude.com cdn.branch.io cdn.lr-ingest.io cdn.optimizely.com cdn.polyfill.io cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net forms.hsforms.com googleads.g.doubleclick.net https://static.zuora.com js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-scripts.com js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com tags.tiqcdn.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; style-src *.headspace.com cdn.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://sentry.io/api/1532173/security/?sentry_key=ac60cf3a3f0240d487fa18d834ea627b&sentry_environment=production
accept-ranges: bytes
access-control-allow-headers: authorization,content-type,x-requested-with
x-amz-cf-id: 5fuF2erF7vdIefVnzaCw1L8qR7-ynK5LHRRkuh6ECJjyqOb9tMGPiQ==
access-control-allow-credentials: true

GET
H2 200 main-2fc14f1bd6470e644656.js Show response
www.headspace.com/_next/static/runtime/ 11 KB
7 KB 531ms
529ms Script
application/javascript 52.222.190.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.headspace.com/_next/static/runtime/main-2fc14f1bd6470e644656.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.222.190.58 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-190-58.ham50.r.cloudfront.net

Software

Resource Hash

a82c8493d477e2ef23955dcc9e1a0dcd9553dc7fa954040c0b31b3f168502a5e

Security Headers

Name	Value
Content-Security-Policy	connect-src .cloudfront.net .headspace.com api.amplitude.com api.branch.io api.chilipiper.com api-js.mixpanel.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com gum.criteo.com identity.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com rum.optimizely.com sdk.iad-01.braze.com sentry.io static.zuora.com stats.g.doubleclick.net www.facebook.com www.google-analytics.com 'self'; default-src .headspace.com data:; font-src .headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src .headspace.com a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com bid.g.doubleclick.net forms.hsforms.com gum.criteo.com static.criteo.net tags.tiqcdn.com widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' ; media-src .headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src .cloudfront.net .headspace.com a.quora.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link blob: cdn-akamai.mookie1.com cdn.amplitude.com cdn.branch.io cdn.lr-ingest.io cdn.optimizely.com cdn.polyfill.io cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net forms.hsforms.com googleads.g.doubleclick.net https://static.zuora.com js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-scripts.com js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com tags.tiqcdn.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; style-src .headspace.com cdn.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://sentry.io/api/1532173/security/?sentry_key=ac60cf3a3f0240d487fa18d834ea627b&sentry_environment=production
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.headspace.com/how-it-works?utm_source=hs_email&utm_medium=email&utm_content=88170478&_hsenc=p2ANqtz-_zw4dY67kfX8a8Gwc_ERMi-EhUgbMcsMvNr6Gcfntdtnhx-IUSTzzsJ1hx28BY7Ow7MMeBdNBrY-EJHDJvaimdaBkX4ivd65EcTCOh09hRA_vRlJU&_hsmi=88170478
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 19 May 2020 17:57:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: HAM50-C2
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
status: 200
vary: Origin, Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 13 May 2020 20:19:35 GMT
x-frame-options: SAMEORIGIN
etag: W/"2af4-1720fb143d8"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
via: 1.1 e53b47c398fced59a0a7e03d97bc21f1.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation 'none'; microphone 'none';
content-security-policy: connect-src *.cloudfront.net *.headspace.com api.amplitude.com api.branch.io api.chilipiper.com api-js.mixpanel.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com gum.criteo.com identity.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com rum.optimizely.com sdk.iad-01.braze.com sentry.io static.zuora.com stats.g.doubleclick.net www.facebook.com www.google-analytics.com 'self'; default-src *.headspace.com data:; font-src *.headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src *.headspace.com a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com bid.g.doubleclick.net forms.hsforms.com gum.criteo.com static.criteo.net tags.tiqcdn.com widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' *; media-src *.headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src *.cloudfront.net *.headspace.com a.quora.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link blob: cdn-akamai.mookie1.com cdn.amplitude.com cdn.branch.io cdn.lr-ingest.io cdn.optimizely.com cdn.polyfill.io cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net forms.hsforms.com googleads.g.doubleclick.net https://static.zuora.com js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-scripts.com js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com tags.tiqcdn.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; style-src *.headspace.com cdn.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://sentry.io/api/1532173/security/?sentry_key=ac60cf3a3f0240d487fa18d834ea627b&sentry_environment=production
accept-ranges: bytes
access-control-allow-headers: authorization,content-type,x-requested-with
x-amz-cf-id: XcWzh9PNXvzm_D7d5OXqQFGMW2pxS5yCyRu7FYjeianTMvMwDqBRzw==
access-control-allow-credentials: true

GET
H2 200 styles.d2defb26bc99ce4b771a.js Show response
www.headspace.com/_next/static/chunks/ 105 B
3 KB 1114ms
1112ms Script
application/javascript 52.222.190.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.headspace.com/_next/static/chunks/styles.d2defb26bc99ce4b771a.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.222.190.58 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-190-58.ham50.r.cloudfront.net

Software

Resource Hash

c5a6611959ec6019bff42082fdea52f51798ff3bd70fb0f124a07ae542252064

Security Headers

Name	Value
Content-Security-Policy	connect-src .cloudfront.net .headspace.com api.amplitude.com api.branch.io api.chilipiper.com api-js.mixpanel.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com gum.criteo.com identity.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com rum.optimizely.com sdk.iad-01.braze.com sentry.io static.zuora.com stats.g.doubleclick.net www.facebook.com www.google-analytics.com 'self'; font-src .headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src .headspace.com a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com bid.g.doubleclick.net forms.hsforms.com gum.criteo.com static.criteo.net tags.tiqcdn.com widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' ; media-src .headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src .cloudfront.net .headspace.com a.quora.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link blob: cdn-akamai.mookie1.com cdn.amplitude.com cdn.branch.io cdn.lr-ingest.io cdn.optimizely.com cdn.polyfill.io cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net forms.hsforms.com googleads.g.doubleclick.net https://static.zuora.com js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-scripts.com js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com tags.tiqcdn.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; style-src *.headspace.com cdn.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://sentry.io/api/1532173/security/?sentry_key=ac60cf3a3f0240d487fa18d834ea627b&sentry_environment=production
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.headspace.com/how-it-works?utm_source=hs_email&utm_medium=email&utm_content=88170478&_hsenc=p2ANqtz-_zw4dY67kfX8a8Gwc_ERMi-EhUgbMcsMvNr6Gcfntdtnhx-IUSTzzsJ1hx28BY7Ow7MMeBdNBrY-EJHDJvaimdaBkX4ivd65EcTCOh09hRA_vRlJU&_hsmi=88170478
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 19 May 2020 17:57:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: HAM50-C2
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
status: 200
vary: Origin, Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 13 May 2020 20:19:35 GMT
x-frame-options: SAMEORIGIN
etag: W/"69-1720fb143d8"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
via: 1.1 e53b47c398fced59a0a7e03d97bc21f1.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation 'none'; microphone 'none';
content-security-policy: connect-src *.cloudfront.net *.headspace.com api.amplitude.com api.branch.io api.chilipiper.com api-js.mixpanel.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com gum.criteo.com identity.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com rum.optimizely.com sdk.iad-01.braze.com sentry.io static.zuora.com stats.g.doubleclick.net www.facebook.com www.google-analytics.com 'self'; font-src *.headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src *.headspace.com a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com bid.g.doubleclick.net forms.hsforms.com gum.criteo.com static.criteo.net tags.tiqcdn.com widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' *; media-src *.headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src *.cloudfront.net *.headspace.com a.quora.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link blob: cdn-akamai.mookie1.com cdn.amplitude.com cdn.branch.io cdn.lr-ingest.io cdn.optimizely.com cdn.polyfill.io cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net forms.hsforms.com googleads.g.doubleclick.net https://static.zuora.com js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-scripts.com js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com tags.tiqcdn.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; style-src *.headspace.com cdn.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://sentry.io/api/1532173/security/?sentry_key=ac60cf3a3f0240d487fa18d834ea627b&sentry_environment=production
accept-ranges: bytes
access-control-allow-headers: authorization,content-type,x-requested-with
x-amz-cf-id: 5RhAyjS4TUFyNDsH-xH_LlA9Rw5KQkZVpRXtLaFMtf5TUDXfu2qMDQ==
access-control-allow-credentials: true

GET
H2 200 styles.15ca4063.chunk.css
www.headspace.com/_next/static/css/ 13 KB
5 KB 1130ms
1128ms Stylesheet
text/css 52.222.190.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.headspace.com/_next/static/css/styles.15ca4063.chunk.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.222.190.58 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-190-58.ham50.r.cloudfront.net

Software

Resource Hash

b5d18443c635b7a16ef48219eb5f507cbc1331e1543c3bbc317cf2f26f47e8c0

Security Headers

Name	Value
Content-Security-Policy	connect-src .cloudfront.net .headspace.com api.amplitude.com api.branch.io api.chilipiper.com api-js.mixpanel.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com gum.criteo.com identity.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com rum.optimizely.com sdk.iad-01.braze.com sentry.io static.zuora.com stats.g.doubleclick.net www.facebook.com www.google-analytics.com 'self'; default-src .headspace.com data:; font-src .headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src .headspace.com a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com bid.g.doubleclick.net forms.hsforms.com gum.criteo.com static.criteo.net tags.tiqcdn.com widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' ; media-src .headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src .cloudfront.net .headspace.com a.quora.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link blob: cdn-akamai.mookie1.com cdn.amplitude.com cdn.branch.io cdn.lr-ingest.io cdn.optimizely.com cdn.polyfill.io cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net forms.hsforms.com googleads.g.doubleclick.net https://static.zuora.com js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-scripts.com js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com tags.tiqcdn.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; style-src .headspace.com cdn.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://sentry.io/api/1532173/security/?sentry_key=ac60cf3a3f0240d487fa18d834ea627b&sentry_environment=production
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.headspace.com/how-it-works?utm_source=hs_email&utm_medium=email&utm_content=88170478&_hsenc=p2ANqtz-_zw4dY67kfX8a8Gwc_ERMi-EhUgbMcsMvNr6Gcfntdtnhx-IUSTzzsJ1hx28BY7Ow7MMeBdNBrY-EJHDJvaimdaBkX4ivd65EcTCOh09hRA_vRlJU&_hsmi=88170478
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 19 May 2020 17:57:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: HAM50-C2
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
status: 200
vary: Origin, Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 13 May 2020 20:19:35 GMT
x-frame-options: SAMEORIGIN
etag: W/"347b-1720fb143d8"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: text/css; charset=UTF-8
via: 1.1 e53b47c398fced59a0a7e03d97bc21f1.cloudfront.net (CloudFront)
cache-control: public, max-age=0
feature-policy: geolocation 'none'; microphone 'none';
content-security-policy: connect-src *.cloudfront.net *.headspace.com api.amplitude.com api.branch.io api.chilipiper.com api-js.mixpanel.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com gum.criteo.com identity.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com rum.optimizely.com sdk.iad-01.braze.com sentry.io static.zuora.com stats.g.doubleclick.net www.facebook.com www.google-analytics.com 'self'; default-src *.headspace.com data:; font-src *.headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src *.headspace.com a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com bid.g.doubleclick.net forms.hsforms.com gum.criteo.com static.criteo.net tags.tiqcdn.com widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' *; media-src *.headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src *.cloudfront.net *.headspace.com a.quora.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link blob: cdn-akamai.mookie1.com cdn.amplitude.com cdn.branch.io cdn.lr-ingest.io cdn.optimizely.com cdn.polyfill.io cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net forms.hsforms.com googleads.g.doubleclick.net https://static.zuora.com js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-scripts.com js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com tags.tiqcdn.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; style-src *.headspace.com cdn.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://sentry.io/api/1532173/security/?sentry_key=ac60cf3a3f0240d487fa18d834ea627b&sentry_environment=production
accept-ranges: bytes
access-control-allow-headers: authorization,content-type,x-requested-with
x-amz-cf-id: -bEJF4bSNZ8qqUPQvYmz6uPvsJbs1pZuwzd93XYCk7M0hhF6V-ZTUQ==
access-control-allow-credentials: true

GET
H2 200 11673470095.js Show response
cdn.optimizely.com/js/ 292 KB
89 KB 23ms
6ms Script
text/javascript 2a02:26f0:6c00:2a0::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/11673470095.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a0::13b8 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ed701b7b3e481a10fba82b402a62c68e275d4a098c3518df7747961ec1115744

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: ylEsX9xsCchbGy8d.uFJeXrgp3lMPQKr
content-encoding: gzip
etag: "e70c88ea0f4357657b605c7777cebf29"
x-amz-request-id: 0E5D9DA6B5B0C32E
status: 200
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET, HEAD
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="5";dur=0,cdnip;desc="2a02:26f0:6c00:2a0::13b8";dur=0,cdnmap;desc="";dur=0,proto;desc="h2";dur=0
vary: Accept-Encoding
content-length: 90563
x-amz-id-2: 2xFm9ODCrLOCriQH7U0+J0VpZ13cDLLVPlSn3/vaU6FodqR3Sor4usNSCIg1koH+71nljzs6wmY=
last-modified: Fri, 15 May 2020 20:37:14 GMT
server: AmazonS3
date: Tue, 19 May 2020 17:57:13 GMT
access-control-max-age: 86400
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
x-amz-meta-revision: 646
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 logo.svg
www.headspace.com/static/images/ 4 KB
4 KB 375ms
373ms Image
image/svg+xml 52.222.190.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.headspace.com/static/images/logo.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.222.190.58 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-190-58.ham50.r.cloudfront.net

Software

Resource Hash

1814b26be6374891fe3ebd2dc02797861ceca8c7836c6c037e06a35e94780e9b

Security Headers

Name	Value
Content-Security-Policy	connect-src .cloudfront.net .headspace.com api.amplitude.com api.branch.io api.chilipiper.com api-js.mixpanel.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com gum.criteo.com identity.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com rum.optimizely.com sdk.iad-01.braze.com sentry.io static.zuora.com stats.g.doubleclick.net www.facebook.com www.google-analytics.com 'self'; font-src .headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src .headspace.com a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com bid.g.doubleclick.net forms.hsforms.com gum.criteo.com static.criteo.net tags.tiqcdn.com widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' ; media-src .headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src .cloudfront.net .headspace.com a.quora.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link blob: cdn-akamai.mookie1.com cdn.amplitude.com cdn.branch.io cdn.lr-ingest.io cdn.optimizely.com cdn.polyfill.io cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net forms.hsforms.com googleads.g.doubleclick.net https://static.zuora.com js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-scripts.com js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com tags.tiqcdn.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; style-src *.headspace.com cdn.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://sentry.io/api/1532173/security/?sentry_key=ac60cf3a3f0240d487fa18d834ea627b&sentry_environment=production
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.headspace.com/how-it-works?utm_source=hs_email&utm_medium=email&utm_content=88170478&_hsenc=p2ANqtz-_zw4dY67kfX8a8Gwc_ERMi-EhUgbMcsMvNr6Gcfntdtnhx-IUSTzzsJ1hx28BY7Ow7MMeBdNBrY-EJHDJvaimdaBkX4ivd65EcTCOh09hRA_vRlJU&_hsmi=88170478
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 19 May 2020 17:57:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: HAM50-C2
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
status: 200
vary: Origin, Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 13 May 2020 20:19:35 GMT
x-frame-options: SAMEORIGIN
etag: W/"1004-1720fb143d8"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/svg+xml
via: 1.1 e53b47c398fced59a0a7e03d97bc21f1.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
feature-policy: geolocation 'none'; microphone 'none';
content-security-policy: connect-src *.cloudfront.net *.headspace.com api.amplitude.com api.branch.io api.chilipiper.com api-js.mixpanel.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com gum.criteo.com identity.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com rum.optimizely.com sdk.iad-01.braze.com sentry.io static.zuora.com stats.g.doubleclick.net www.facebook.com www.google-analytics.com 'self'; font-src *.headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src *.headspace.com a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com bid.g.doubleclick.net forms.hsforms.com gum.criteo.com static.criteo.net tags.tiqcdn.com widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' *; media-src *.headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src *.cloudfront.net *.headspace.com a.quora.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link blob: cdn-akamai.mookie1.com cdn.amplitude.com cdn.branch.io cdn.lr-ingest.io cdn.optimizely.com cdn.polyfill.io cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net forms.hsforms.com googleads.g.doubleclick.net https://static.zuora.com js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-scripts.com js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com tags.tiqcdn.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; style-src *.headspace.com cdn.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://sentry.io/api/1532173/security/?sentry_key=ac60cf3a3f0240d487fa18d834ea627b&sentry_environment=production
accept-ranges: bytes
access-control-allow-headers: authorization,content-type,x-requested-with
x-amz-cf-id: nw-Jkte_sLKhJiDbzaDBqYiILd8NC3bMWWABy4ZGorSWYYXijS0LXQ==
access-control-allow-credentials: true

GET
H2 200 polyfill.min.js Show response
cdn.polyfill.io/v2/ 222 B
643 B 26ms
8ms Script
text/javascript 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.min.js?features=IntersectionObserver%2CArray.from

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 581718
detected-user-agent: Chrome/74.0.3729
status: 200
request_came_from_shield: FRA
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=8, HIT-CLUSTER, fastly;desc="Edge time";dur=1
content-length: 126
referrer-policy: origin-when-cross-origin
last-modified: Tue, 12 May 2020 15:19:12 GMT
date: Tue, 19 May 2020 17:57:14 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/74.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 svg4everybody.min.js Show response
cdnjs.cloudflare.com/ajax/libs/svg4everybody/1.0.0/ 970 B
697 B 18ms
17ms Script
application/javascript 2606:4700::6810:84e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/svg4everybody/1.0.0/svg4everybody.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da4fae0ee0fcb340c3d5944c2916e04b610c1b27bf569218fd8b9004d5cac504

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 19 May 2020 17:57:15 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 26664889
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 02cfae34b900009742d4152200000001
served-in-seconds: 0.000
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:26:56 GMT
server: cloudflare
etag: W/"5afd4ae0-3ca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 595fb3012d959742-FRA
expires: Sun, 09 May 2021 17:57:15 GMT

GET
H/1.1 200
OK LightningBolt.js Show response
cdn-akamai.mookie1.com/LB/ 25 KB
7 KB 189ms
64ms Script
application/x-javascript 23.42.16.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-akamai.mookie1.com/LB/LightningBolt.js
Requested by: Host: www.headspace.com
URL: https://www.headspace.com/how-it-works?utm_source=hs_email&utm_medium=email&utm_content=88170478&_hsenc=p2ANqtz-_zw4dY67kfX8a8Gwc_ERMi-EhUgbMcsMvNr6Gcfntdtnhx-IUSTzzsJ1hx28BY7Ow7MMeBdNBrY-EJHDJvaimdaBkX4ivd65EcTCOh09hRA_vRlJU&_hsmi=88170478
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.42.16.219 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-42-16-219.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 379090e9be167f3d4ada299b739f43067ea015807f6bc31a3c18b0b877aa986a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 19 May 2020 17:57:15 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Connection: keep-alive
Content-Length: 6731
Last-Modified: Wed, 08 Apr 2020 13:43:02 GMT
Server: AkamaiNetStorage
ETag: "061684841fcb99aa4d546e0839546086:1586353382.216789"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 20 May 2020 17:57:15 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 171 KB
48 KB 60ms
40ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M92JXMV&gtm_auth=16iCHRn1z7748mckvKDXyw&gtm_preview=env-2&gtm_cookies_win=x

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e2be2ad5ccba99fb42dbe0a3049bb1ee8fc9a3314fc5f3eecb58d652799c9450

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 19 May 2020 17:57:15 GMT
content-encoding: br
vary: *
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49021
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK branch-latest.min.js Show response
cdn.branch.io/ 77 KB
23 KB 902ms
225ms Script
text/javascript 54.230.183.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.branch.io/branch-latest.min.js
Requested by: Host: www.headspace.com
URL: https://www.headspace.com/how-it-works?utm_source=hs_email&utm_medium=email&utm_content=88170478&_hsenc=p2ANqtz-_zw4dY67kfX8a8Gwc_ERMi-EhUgbMcsMvNr6Gcfntdtnhx-IUSTzzsJ1hx28BY7Ow7MMeBdNBrY-EJHDJvaimdaBkX4ivd65EcTCOh09hRA_vRlJU&_hsmi=88170478
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.230.183.53 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-53.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6ce0af26a33dbf8034a0f13214bff3065273f56b42c341a81b18bbd72e9ae976

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: lBD18HpOfsX1wwpc_Qxr_kNzc3sKN8wd
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Mon, 06 Apr 2020 19:26:50 GMT
Server: AmazonS3
Age: 287
ETag: "679c46452ad6065e9fc48f5cc0478185"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 3f7bd14926d2704d3a00300bdc9dae98.cloudfront.net (CloudFront)
Cache-Control: max-age=300
Date: Tue, 19 May 2020 17:52:29 GMT
X-Amz-Cf-Pop: HAM50-C3
Content-Length: 23130
X-Amz-Cf-Id: pBQCq0m5TiemT-BKkzjaDipUdKHBeHxlAuuzu-LD9d03YbkRF_VxcQ==

GET
H2 200 icons.svg
www.headspace.com/static/ 34 KB
15 KB 820ms
819ms Other
image/svg+xml 52.222.190.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.headspace.com/static/icons.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.222.190.58 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-190-58.ham50.r.cloudfront.net

Software

Resource Hash

d89b63406de97fcad69446cdc0456ec7f3132d5aa946a83f41089d8971e5267a

Security Headers

Name	Value
Content-Security-Policy	connect-src .cloudfront.net .headspace.com api.amplitude.com api.branch.io api.chilipiper.com api-js.mixpanel.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com gum.criteo.com identity.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com rum.optimizely.com sdk.iad-01.braze.com sentry.io static.zuora.com stats.g.doubleclick.net www.facebook.com www.google-analytics.com 'self'; default-src .headspace.com data:; font-src .headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src .headspace.com a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com bid.g.doubleclick.net forms.hsforms.com gum.criteo.com static.criteo.net tags.tiqcdn.com widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' ; media-src .headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src .cloudfront.net .headspace.com a.quora.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link blob: cdn-akamai.mookie1.com cdn.amplitude.com cdn.branch.io cdn.lr-ingest.io cdn.optimizely.com cdn.polyfill.io cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net forms.hsforms.com googleads.g.doubleclick.net https://static.zuora.com js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-scripts.com js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com tags.tiqcdn.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; style-src .headspace.com cdn.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://sentry.io/api/1532173/security/?sentry_key=ac60cf3a3f0240d487fa18d834ea627b&sentry_environment=production
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.headspace.com/how-it-works?utm_source=hs_email&utm_medium=email&utm_content=88170478&_hsenc=p2ANqtz-_zw4dY67kfX8a8Gwc_ERMi-EhUgbMcsMvNr6Gcfntdtnhx-IUSTzzsJ1hx28BY7Ow7MMeBdNBrY-EJHDJvaimdaBkX4ivd65EcTCOh09hRA_vRlJU&_hsmi=88170478
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 19 May 2020 17:57:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: HAM50-C2
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
status: 200
vary: Origin, Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 13 May 2020 20:19:35 GMT
x-frame-options: SAMEORIGIN
etag: W/"892a-1720fb143d8"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/svg+xml
via: 1.1 e53b47c398fced59a0a7e03d97bc21f1.cloudfront.net (CloudFront)
cache-control: public, max-age=0
feature-policy: geolocation 'none'; microphone 'none';
content-security-policy: connect-src *.cloudfront.net *.headspace.com api.amplitude.com api.branch.io api.chilipiper.com api-js.mixpanel.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com gum.criteo.com identity.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com rum.optimizely.com sdk.iad-01.braze.com sentry.io static.zuora.com stats.g.doubleclick.net www.facebook.com www.google-analytics.com 'self'; default-src *.headspace.com data:; font-src *.headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src *.headspace.com a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com bid.g.doubleclick.net forms.hsforms.com gum.criteo.com static.criteo.net tags.tiqcdn.com widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' *; media-src *.headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src *.cloudfront.net *.headspace.com a.quora.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link blob: cdn-akamai.mookie1.com cdn.amplitude.com cdn.branch.io cdn.lr-ingest.io cdn.optimizely.com cdn.polyfill.io cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net forms.hsforms.com googleads.g.doubleclick.net https://static.zuora.com js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-scripts.com js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com tags.tiqcdn.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; style-src *.headspace.com cdn.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://sentry.io/api/1532173/security/?sentry_key=ac60cf3a3f0240d487fa18d834ea627b&sentry_environment=production
accept-ranges: bytes
access-control-allow-headers: authorization,content-type,x-requested-with
x-amz-cf-id: dntzWmtqfv0C4dKLp5cIAESGQuYg5N4MvTlYmMYzx3yeM7yrqd_bnQ==
access-control-allow-credentials: true

GET
DATA 200
OK truncated
/ 26 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 apercu_regular.woff2
static.headspace.com/fonts/apercu/ 20 KB
21 KB 719ms
267ms Font
application/font-woff2 52.222.190.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.headspace.com/fonts/apercu/apercu_regular.woff2
Requested by: Host: www.headspace.com
URL: https://www.headspace.com/how-it-works?utm_source=hs_email&utm_medium=email&utm_content=88170478&_hsenc=p2ANqtz-_zw4dY67kfX8a8Gwc_ERMi-EhUgbMcsMvNr6Gcfntdtnhx-IUSTzzsJ1hx28BY7Ow7MMeBdNBrY-EJHDJvaimdaBkX4ivd65EcTCOh09hRA_vRlJU&_hsmi=88170478
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.190.114 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-190-114.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e918a3fcb44e725952c49774404f5564c0e5bf79fe03fdd78ec2034561153672

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
Origin: https://www.headspace.com

Response headers

date: Fri, 15 May 2020 00:32:06 GMT
via: 1.1 0e4b604319ca1dc81c333441f110c482.cloudfront.net (CloudFront)
age: 408310
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 20864
last-modified: Tue, 26 Nov 2019 18:20:22 GMT
server: AmazonS3
etag: "59469dee6787197930bd94880c1ecc00"
access-control-max-age: 3600
access-control-allow-methods: GET
x-amz-version-id: null
access-control-allow-origin: *
access-control-expose-headers: ETag
x-amz-cf-pop: HAM50-C2
accept-ranges: bytes
content-type: application/font-woff2
x-amz-cf-id: llLQPFemqPVBKy21a5UQ5LN4Hx-XpdjyNezreGhOmGRwWOkErs5rSw==

GET
H2 200 apercu_bold.woff2
static.headspace.com/fonts/apercu/ 21 KB
21 KB 872ms
420ms Font
binary/octet-stream 52.222.190.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.headspace.com/fonts/apercu/apercu_bold.woff2
Requested by: Host: www.headspace.com
URL: https://www.headspace.com/how-it-works?utm_source=hs_email&utm_medium=email&utm_content=88170478&_hsenc=p2ANqtz-_zw4dY67kfX8a8Gwc_ERMi-EhUgbMcsMvNr6Gcfntdtnhx-IUSTzzsJ1hx28BY7Ow7MMeBdNBrY-EJHDJvaimdaBkX4ivd65EcTCOh09hRA_vRlJU&_hsmi=88170478
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.190.114 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-190-114.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 88a83d6555af69a761e9d9c92ec7b587a1de45c95e4365ab8ef3d0abeb823ff0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
Origin: https://www.headspace.com

Response headers

date: Fri, 15 May 2020 00:32:06 GMT
via: 1.1 0e4b604319ca1dc81c333441f110c482.cloudfront.net (CloudFront)
age: 408310
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 21048
last-modified: Thu, 10 Oct 2019 16:39:26 GMT
server: AmazonS3
etag: "051d6e318abfad4e63ce09e483b5faee"
access-control-max-age: 3600
access-control-allow-methods: GET
x-amz-version-id: null
access-control-allow-origin: *
access-control-expose-headers: ETag
x-amz-cf-pop: HAM50-C2
accept-ranges: bytes
content-type: binary/octet-stream
x-amz-cf-id: M6s0QGlms2Umn77TOOPTzsWxsltighTPycP2yDR0GOXVG5wyrJCkDg==

GET
H2 200 a11673470095.html
a11673470095.cdn.optimizely.com/client_storage/ Frame A769 0
0 221ms
73ms Document
text/html 23.45.99.37
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://a11673470095.cdn.optimizely.com/client_storage/a11673470095.html

Requested by

Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/11673470095.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.45.99.37 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a23-45-99-37.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

:method: GET
:authority: a11673470095.cdn.optimizely.com
:scheme: https
:path: /client_storage/a11673470095.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
x-amz-id-2: LCHQE3uPKtcem/EPkIvCLE2EO7JaN8JFdgRlIFCUMIsD9kMesTo5v6Pqd0RGUef666Hp3weeckg=
x-amz-request-id: 45B8FAE1143160BB
x-amz-replication-status: COMPLETED
last-modified: Fri, 15 May 2020 20:37:09 GMT
etag: "5f5857d32a698180290751f30b93bc42"
cache-control: max-age=120
x-amz-meta-pci_enabled: False
content-encoding: gzip
x-amz-version-id: r0pxeefOsZTtkNPN_QpeJcP_ZEl4Ugwc
accept-ranges: bytes
content-type: text/html; charset=utf-8
content-length: 795
server: AmazonS3
vary: Accept-Encoding
date: Tue, 19 May 2020 17:57:15 GMT
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="44";dur=0,cdnip;desc="23.45.99.37";dur=0,cdnmap;desc="a4343.x.akamaiedge.net";dur=0,proto;desc="h2";dur=0
strict-transport-security: max-age=15768000

GET
H2 200 image__1_.png
images.ctfassets.net/v3n26e09qg2r/43ZROdiKzCMe0w4CgEGYye/57784402d25343e34b4f96c2f1ef06a7/ 5 KB
5 KB 306ms
264ms Image
image/png 2600:9000:2016:8600:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/v3n26e09qg2r/43ZROdiKzCMe0w4CgEGYye/57784402d25343e34b4f96c2f1ef06a7/image__1_.png
Requested by: Host: www.headspace.com
URL: https://www.headspace.com/how-it-works?utm_source=hs_email&utm_medium=email&utm_content=88170478&_hsenc=p2ANqtz-_zw4dY67kfX8a8Gwc_ERMi-EhUgbMcsMvNr6Gcfntdtnhx-IUSTzzsJ1hx28BY7Ow7MMeBdNBrY-EJHDJvaimdaBkX4ivd65EcTCOh09hRA_vRlJU&_hsmi=88170478
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2016:8600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 6283b003dfef95a8d485a4943efda9a1f89587bea1887eb58509b9a98341e56f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 19 May 2020 17:57:16 GMT
via: 1.1 32f0eb698e97ecf6204fd04046b31899.cloudfront.net (CloudFront)
last-modified: Wed, 13 Mar 2019 05:32:10 GMT
server: Contentful Images API
x-amz-cf-pop: HAM50-C2
etag: "11e5d6bbe00a5e3e587031b92f5eb200"
status: 200
x-cache: Miss from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 4945
x-amz-cf-id: 4SlFEz3VmPEwT1T_yMlVC3SqJvewFeQF4IZzOfp4w7ZIjTeo2mLG2Q==

GET
H2 200 am-i-doing-this-right-1108x1108.png
images.ctfassets.net/v3n26e09qg2r/5kMfmTt9xCIKmuaEO048iC/dceba4dcf6d3d820678db9ab0ddb582f/ 28 KB
28 KB 68ms
26ms Image
image/webp 2600:9000:2016:8600:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/v3n26e09qg2r/5kMfmTt9xCIKmuaEO048iC/dceba4dcf6d3d820678db9ab0ddb582f/am-i-doing-this-right-1108x1108.png?w=500&fm=webp
Requested by: Host: www.headspace.com
URL: https://www.headspace.com/how-it-works?utm_source=hs_email&utm_medium=email&utm_content=88170478&_hsenc=p2ANqtz-_zw4dY67kfX8a8Gwc_ERMi-EhUgbMcsMvNr6Gcfntdtnhx-IUSTzzsJ1hx28BY7Ow7MMeBdNBrY-EJHDJvaimdaBkX4ivd65EcTCOh09hRA_vRlJU&_hsmi=88170478
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2016:8600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: a45790d7b34260022c1179bead948faa2d6732bbff39d1bc9e9cfa6586708f0e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 19 May 2020 07:28:41 GMT
via: 1.1 32f0eb698e97ecf6204fd04046b31899.cloudfront.net (CloudFront)
last-modified: Tue, 14 Apr 2020 18:50:23 GMT
server: Contentful Images API
age: 37714
etag: "032ae8bf0c8e9c49191950743767a726"
status: 200
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: HAM50-C2
content-length: 28372
x-amz-cf-id: hoCBU-366R4yOkl6qufClHoVcpGyZGmfPzMJJRBASgCDmHO24HTYZw==

GET
H2 200 how-it-works.jpg
images.ctfassets.net/v3n26e09qg2r/3MR5smMmzK2OecSmEKIg4Q/8bdc85bcd4f40fcb597c2c38887c986c/ 2 KB
2 KB 73ms
32ms Image
image/webp 2600:9000:2016:8600:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/v3n26e09qg2r/3MR5smMmzK2OecSmEKIg4Q/8bdc85bcd4f40fcb597c2c38887c986c/how-it-works.jpg?w=200&fm=webp
Requested by: Host: www.headspace.com
URL: https://www.headspace.com/how-it-works?utm_source=hs_email&utm_medium=email&utm_content=88170478&_hsenc=p2ANqtz-_zw4dY67kfX8a8Gwc_ERMi-EhUgbMcsMvNr6Gcfntdtnhx-IUSTzzsJ1hx28BY7Ow7MMeBdNBrY-EJHDJvaimdaBkX4ivd65EcTCOh09hRA_vRlJU&_hsmi=88170478
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2016:8600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 9ed2b5d5888f32e1740ce2347473ee33f93eb49743c81bc286951c5eba885050

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 18 May 2020 18:33:52 GMT
via: 1.1 32f0eb698e97ecf6204fd04046b31899.cloudfront.net (CloudFront)
last-modified: Tue, 21 Apr 2020 08:01:53 GMT
server: Contentful Images API
age: 84203
etag: "b683618e9d801678a3e5495db67065e5"
status: 200
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: HAM50-C2
content-length: 1776
x-amz-cf-id: 6YCxN1RvKh6TTH4vWHgbU11hyDWeP28rwXDqVP_YbUWeqR1UqaIO_Q==

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/xaxis/headspace.com/prod/ 22 KB
8 KB 123ms
31ms Script
text/javascript 152.199.23.241
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/xaxis/headspace.com/prod/utag.js
Requested by: Host: cdn-akamai.mookie1.com
URL: https://cdn-akamai.mookie1.com/LB/LightningBolt.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ska/F756) /
Resource Hash: 38086780da1ae241464c5c6c6797e7625057d352c4de31c56017aaa67a56a8d7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 19 May 2020 17:57:15 GMT
content-encoding: gzip
last-modified: Fri, 24 Apr 2020 20:44:25 GMT
server: ECAcc (ska/F756)
age: 38
etag: "2672278831"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=300
accept-ranges: bytes
content-length: 7661
expires: Tue, 19 May 2020 18:02:15 GMT

GET
H2 200 mparticle.js Show response
jssdkcdns.mparticle.com/js/v2/580aa567c0d972439cf41d95730011ed/ 951 KB
411 KB 30ms
8ms Script
application/javascript 2a04:4e42:200::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://jssdkcdns.mparticle.com/js/v2/580aa567c0d972439cf41d95730011ed/mparticle.js
Requested by: Host: get.headspace.com
URL: https://get.headspace.com/e2t/c/*W7NGvQR2brt41VQqm8s6P2cBd0/*W67lnX03RRW65W8gCS5b3R2JT10/5/f18dQhb0Sjvl8XJ8bxN8L4s_THyjJqMQBpmsd7tfRN3hHh8GVMsQMVnQ9Qq8--HBkW8ZPQgZ32RQfMW5nJfZH8Wm1rSW8V2Wtf2MVBKQW55FfM92MznrNW567bYV5lKvt_N5420y5JVPYMVVVW1H32p-C3W4cMfVr3Kqlz7W2KFZxK3Z7d2QN4gb1YLMMQxXW80gSRf97rB1bW8yfS-15J52WbW5CHLC93cXcm2N5xf33pfN4dPW6QPhJx1sV08BW9bp-qN5DjGjQW8n_pss8lFM9lW4tMrBX34pjwXVY6fnx3g22vKW9bqdL198yNPSW93NfNG8B7sS3W6L-KHJ3N1L5lW27cSqM3Htl40W5Dk3J524rdn8W3dqy4y7fS1TJW4pQ6ZP5hkmhfN8XMlxrwZy_fVcZLWR86l4pCW8xVfcq9dtq-4W6YPj-n8hTsJtW7NMlq67tGspgN7fG8ygWDM00W2vD9JX8KbWRJW933G1B56fpFgW4FzkLJ7_BS-fVJ2Scq4F4srpW4L1Mmr4JXQH_V1P91B627Pd8103
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::645 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 67f9544afd856cd9e5c20eb98be05c3a4203de9ef9e48123645388213b4461ac

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 19 May 2020 17:57:15 GMT
content-encoding: gzip
age: 1810
x-origin-name: fastlyshield--shield_ssl_cache_dca17769_DCA
x-cache: HIT, HIT
status: 200
x-cache-hits: 1, 1
content-length: 420462
x-served-by: cache-dca17769-DCA, cache-fra19151-FRA
server: Kestrel
x-timer: S1589911036.781291,VS0,VE1
vary: Accept, Accept-Encoding
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 19 May 2020 18:27:05 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
752 B 151ms
133ms Script
application/javascript 2a02:26f0:6c00:2a3::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M92JXMV&gtm_auth=16iCHRn1z7748mckvKDXyw&gtm_preview=env-2&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2a3::1931 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: 9b154c614752acfcba108c51c9540acd198d9a673563d013eb0b481e5fa70b60

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-encoding: gzip
x-cdn: akamai
etag: "bf115431d0c25afe5078372c501b4d66"
vary: Accept-Encoding, Origin
content-type: application/javascript
status: 200
cache-control: max-age=7200
x-fallback: 9d00cc12-2.16.186.126
accept-ranges: bytes
content-length: 585

GET
H/1.1 200
OK sp.js Show response
d1fc8wv8zag5ca.cloudfront.net/2.6.1/ 73 KB
26 KB 902ms
225ms Script
application/javascript 52.84.50.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1fc8wv8zag5ca.cloudfront.net/2.6.1/sp.js
Requested by: Host: get.headspace.com
URL: https://get.headspace.com/e2t/c/*W7NGvQR2brt41VQqm8s6P2cBd0/*W67lnX03RRW65W8gCS5b3R2JT10/5/f18dQhb0Sjvl8XJ8bxN8L4s_THyjJqMQBpmsd7tfRN3hHh8GVMsQMVnQ9Qq8--HBkW8ZPQgZ32RQfMW5nJfZH8Wm1rSW8V2Wtf2MVBKQW55FfM92MznrNW567bYV5lKvt_N5420y5JVPYMVVVW1H32p-C3W4cMfVr3Kqlz7W2KFZxK3Z7d2QN4gb1YLMMQxXW80gSRf97rB1bW8yfS-15J52WbW5CHLC93cXcm2N5xf33pfN4dPW6QPhJx1sV08BW9bp-qN5DjGjQW8n_pss8lFM9lW4tMrBX34pjwXVY6fnx3g22vKW9bqdL198yNPSW93NfNG8B7sS3W6L-KHJ3N1L5lW27cSqM3Htl40W5Dk3J524rdn8W3dqy4y7fS1TJW4pQ6ZP5hkmhfN8XMlxrwZy_fVcZLWR86l4pCW8xVfcq9dtq-4W6YPj-n8hTsJtW7NMlq67tGspgN7fG8ygWDM00W2vD9JX8KbWRJW933G1B56fpFgW4FzkLJ7_BS-fVJ2Scq4F4srpW4L1Mmr4JXQH_V1P91B627Pd8103
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.84.50.78 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-50-78.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5cfd7a812a15d3765357ffb2a9b187008c34aff5b77556ba032de395f437ba40

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 29 Apr 2020 16:28:16 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Thu, 14 Apr 2016 15:30:15 GMT
Server: AmazonS3
Age: 1733341
ETag: "867a18e9267c612557bd7e89a1a485f4"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 e028ce7d5e71301b0e973ef66c9bbff9.cloudfront.net (CloudFront)
Cache-Control: max-age=315360000
X-Amz-Cf-Pop: HAM50-C2
Accept-Ranges: bytes
Content-Length: 25905
X-Amz-Cf-Id: OmBs97fe0VUgSH6PlqALyIJnF2A-ak77YSe64aj8idO7nhJBdxYcVA==

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 29 KB
10 KB 57ms
22ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/ld.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M92JXMV&gtm_auth=16iCHRn1z7748mckvKDXyw&gtm_preview=env-2&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 6a60018cab3d38d035188490d869d5dc1283a7dd115917226df457ca92887f7f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 19 May 2020 17:57:15 GMT
content-encoding: gzip
last-modified: Mon, 16 Dec 2019 15:00:50 GMT
server: nginx
etag: W/"5df79c22-7533"
status: 200
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Wed, 20 May 2020 17:57:15 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/580aa567c0d972439cf41d95730011ed/mparticle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 3656
date: Tue, 19 May 2020 16:56:19 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18433
expires: Tue, 19 May 2020 18:56:19 GMT

GET
H2 200 amplitude-4.2.1-min.gz.js Show response
cdn.amplitude.com/libs/ 68 KB
23 KB 720ms
267ms Script
application/javascript 54.230.55.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/amplitude-4.2.1-min.gz.js
Requested by: Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/580aa567c0d972439cf41d95730011ed/mparticle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.230.55.43 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-55-43.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 56e81c364da2cf5172aa095f02558ee2f440585d21cbe8d6746a0e473c0c8e2c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Mar 2020 09:07:41 GMT
content-encoding: gzip
age: 4351776
x-cache: Hit from cloudfront
status: 200
content-length: 23404
last-modified: Mon, 21 Oct 2019 15:45:35 GMT
server: AmazonS3
etag: "addb3457c5f65c867ae2be9606542893"
x-amz-version-id: 2PesFonHu677Rw5PZ53UUToyHVzesxrU
via: 1.1 73bc1d640c0c6e18c08ecc8b7ae0c8d1.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: HAM50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: H5yElyfQxzN9MlREWpE0vBfNpczj2X9DDB3Dcb75n2BKD-oqtA2qLA==

POST
H2 200 identify Show response
identity.mparticle.com/v1/ 176 B
263 B 123ms
123ms XHR
application/json 2a04:4e42:3::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.mparticle.com/v1/identify

Requested by

Host: www.headspace.com
URL: https://www.headspace.com/_next/static/rqyw2sppT1g1gXXpLYSYc/pages/_app.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::645 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Kestrel /

Resource Hash

08f1a375985466b619fb9371ef0100eec694ba2a13d03c76b21c531a5f858da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

x-mp-key: 580aa567c0d972439cf41d95730011ed
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 19 May 2020 17:57:16 GMT
content-encoding: gzip
status: 200
server: Kestrel
x-timer: S1589911036.060423,VS0,VE117
x-origin-name: 4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by: cache-fra19179-FRA
vary: Accept-Encoding
x-cache: MISS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
strict-transport-security: max-age=900
accept-ranges: bytes
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 main.497c546a.js Show response
s.pinimg.com/ct/lib/ 48 KB
17 KB 144ms
144ms Script
application/javascript 2a02:26f0:6c00:2a3::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.497c546a.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2a3::1931 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: ffedbc3bb69866027705be1b0d108d7a89ccff90f1a8ee41618dac21e79473e6

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-encoding: gzip
x-cdn: akamai
etag: "f6cce5f69749ac01d6218cb91309b30d"
vary: Accept-Encoding, Origin
content-type: application/javascript
status: 200
cache-control: max-age=1209600
x-fallback: 9d00cda8-2.16.186.126
accept-ranges: bytes
content-length: 16847

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/xaxis/-headspace/prod/ 34 KB
10 KB 214ms
214ms Script
text/javascript 152.199.23.241
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/xaxis/-headspace/prod/utag.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/xaxis/headspace.com/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (lab/4F4D) /
Resource Hash: becaacd484e24beb84e74eefd4926847a13f11f66ab42ebbcfd2ff8a2f296259

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 19 May 2020 17:57:16 GMT
content-encoding: gzip
last-modified: Thu, 14 May 2020 19:19:36 GMT
server: ECAcc (lab/4F4D)
age: 22
etag: "2641068622"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=300
accept-ranges: bytes
content-length: 9950
expires: Tue, 19 May 2020 18:02:16 GMT

POST
H/1.1 204
No Content events Show response
logx.optimizely.com/v1/ 0
362 B 540ms
136ms XHR
text/plain 34.231.143.6
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: www.headspace.com
URL: https://www.headspace.com/_next/static/rqyw2sppT1g1gXXpLYSYc/pages/_app.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.231.143.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-231-143-6.compute-1.amazonaws.com
Software: nginx/1.17.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 19 May 2020 17:57:16 GMT
Server: nginx/1.17.2
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.headspace.com
Access-Control-Expose-Headers: X-Results-Data-Source
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-Request-Id: d7408545-635b-4a4e-a442-bdecc2e1f46d

GET
H/1.1 200
OK _r Show response
app.link/ 90 B
727 B 214ms
170ms Script
text/javascript 2600:9000:2070:f600:19:9934:6a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.link/_r?sdk=web2.53.1&branch_key=key_live_mcdUiF9uYBpZ5OEBEK0jqoflzzlbD4dt&callback=branch_callback__0

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2070:f600:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty/1.13.6.2 / Express

Resource Hash

4b02d0256aa25c6d39649ed18059dca04bb6a124133c7e0b48ee8659ca59cc9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 19 May 2020 17:57:16 GMT
Via: 1.1 91bfa1bdba15fba4281ea367ab656f54.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Server: openresty/1.13.6.2
X-Amz-Cf-Pop: HAM50-C3
X-Powered-By: Express
X-Cache: Miss from cloudfront
Content-Type: text/javascript; charset=utf-8
Connection: keep-alive
Content-Length: 90
ETag: W/"5a-n77DrHOe9VjhmG5Dpz4DvtvARfU"
X-Amz-Cf-Id: cCNKnzK7OTdpInG7Z79LwkOKBAXLm9bhAjnjaRJ8scM2BQUmU-mYdw==

GET
H2 200 / Show response
ct.pinterest.com/user/ 35 B
413 B 357ms
242ms XHR
image/gif 23.210.248.189
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2613695941317&ov=%7B%22np%22%3A%22gtm%22%7D&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1589911036092

Requested by

Host: www.headspace.com
URL: https://www.headspace.com/_next/static/rqyw2sppT1g1gXXpLYSYc/pages/_app.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.189 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-189.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pin-unauth: OWJhMDI4M2UtNmRkZi00MDg0LWEyNWUtYjJjOWZiNWRmYzEw
date: Tue, 19 May 2020 17:57:16 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-cdn: akamai
status: 200
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: https://www.headspace.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
content-length: 35
x-pinterest-rid: 3930051006273978
pragma: no-cache

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
282 B 371ms
256ms Image
image/gif 23.210.248.189
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613695941317&ov=%7B%22np%22%3A%22gtm%22%7D&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.headspace.com%2Fhow-it-works%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D88170478%26_hsenc%3Dp2ANqtz-_zw4dY67kfX8a8Gwc_ERMi-EhUgbMcsMvNr6Gcfntdtnhx-IUSTzzsJ1hx28BY7Ow7MMeBdNBrY-EJHDJvaimdaBkX4ivd65EcTCOh09hRA_vRlJU%26_hsmi%3D88170478%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22497c546a%22%7D&cb=1589911036093

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.189 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-189.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 May 2020 17:57:16 GMT
x-cdn: akamai
status: 200
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
content-length: 35
x-pinterest-rid: 2479818551659667
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
525 B 360ms
245ms Image
image/gif 23.210.248.189
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2613695941317&pd=%7B%22np%22%3A%22gtm%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.headspace.com%2Fhow-it-works%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D88170478%26_hsenc%3Dp2ANqtz-_zw4dY67kfX8a8Gwc_ERMi-EhUgbMcsMvNr6Gcfntdtnhx-IUSTzzsJ1hx28BY7Ow7MMeBdNBrY-EJHDJvaimdaBkX4ivd65EcTCOh09hRA_vRlJU%26_hsmi%3D88170478%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22497c546a%22%7D&cb=1589911036093

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.189 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-189.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 May 2020 17:57:16 GMT
x-cdn: akamai
status: 200
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 4
content-length: 35
x-pinterest-rid: 2902086649614000
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 202 Events Show response
jssdks.mparticle.com/v2/JS/580aa567c0d972439cf41d95730011ed/ 42 B
119 B 49ms
14ms XHR
application/json 2a04:4e42:400::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://jssdks.mparticle.com/v2/JS/580aa567c0d972439cf41d95730011ed/Events
Requested by: Host: www.headspace.com
URL: https://www.headspace.com/_next/static/rqyw2sppT1g1gXXpLYSYc/pages/_app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::645 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: c6619eb8e0e6ce1c28b7deac6d9d5815625fde524fe2c34f9e6122d6f91ff623

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 19 May 2020 17:57:16 GMT
content-encoding: gzip
status: 202
server: Kestrel
x-timer: S1589911036.227328,VS0,VE3
x-origin-name: 7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-served-by: cache-fra19174-FRA
vary: Accept-Encoding
x-cache: MISS
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes
via: 1.1 varnish
x-cache-hits: 0

POST
H2 202 Forwarding Show response
jssdks.mparticle.com/v1/JS/580aa567c0d972439cf41d95730011ed/ 0
59 B 47ms
13ms XHR
text/plain 2a04:4e42:400::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://jssdks.mparticle.com/v1/JS/580aa567c0d972439cf41d95730011ed/Forwarding
Requested by: Host: www.headspace.com
URL: https://www.headspace.com/_next/static/rqyw2sppT1g1gXXpLYSYc/pages/_app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::645 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 19 May 2020 17:57:16 GMT
via: 1.1 varnish
server: Kestrel
x-timer: S1589911036.227466,VS0,VE3
status: 202
x-served-by: cache-fra19174-FRA
x-origin-name: 7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache: MISS
access-control-allow-origin: *
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

POST
H2 202 Events Show response
jssdks.mparticle.com/v2/JS/580aa567c0d972439cf41d95730011ed/ 42 B
285 B 45ms
12ms XHR
application/json 2a04:4e42:400::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://jssdks.mparticle.com/v2/JS/580aa567c0d972439cf41d95730011ed/Events
Requested by: Host: www.headspace.com
URL: https://www.headspace.com/_next/static/rqyw2sppT1g1gXXpLYSYc/pages/_app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::645 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: c6619eb8e0e6ce1c28b7deac6d9d5815625fde524fe2c34f9e6122d6f91ff623

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 19 May 2020 17:57:16 GMT
content-encoding: gzip
status: 202
server: Kestrel
x-timer: S1589911036.227461,VS0,VE3
x-origin-name: 7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-served-by: cache-fra19174-FRA
vary: Accept-Encoding
x-cache: MISS
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 mobile.html
tags.tiqcdn.com/utag/xaxis/-headspace/prod/ Frame 85C4 0
0 31ms
30ms Document
text/html 152.199.23.241
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/xaxis/-headspace/prod/mobile.html?order_id=&order_total=0.00&order_subtotal=0.00&lbData_MP1=&refAction=email-hs_email&refContent=88170478&order_currency=USD&xaxis_title=How%20Does%20Headspace%20Work%3F&xaxis_hash=&xaxis_domain=www.headspace.com&xaxis_pathname=%2Fhow-it-works&xaxis_url=https%3A%2F%2Fwww.headspace.com%2Fhow-it-works%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D88170478%26_hsenc%3Dp2ANqtz-_zw4dY67kfX8a8Gwc_ERMi-EhUgbMcsMvNr6Gcfntdtnhx-IUSTzzsJ1hx28BY7Ow7MMeBdNBrY-EJHDJvaimdaBkX4ivd65EcTCOh09hRA_vRlJU%26_hsmi%3D88170478&xaxis_referrer=
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/xaxis/-headspace/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ska/F769) /
Resource Hash

Request headers

:method: GET
:authority: tags.tiqcdn.com
:scheme: https
:path: /utag/xaxis/-headspace/prod/mobile.html?order_id=&order_total=0.00&order_subtotal=0.00&lbData_MP1=&refAction=email-hs_email&refContent=88170478&order_currency=USD&xaxis_title=How%20Does%20Headspace%20Work%3F&xaxis_hash=&xaxis_domain=www.headspace.com&xaxis_pathname=%2Fhow-it-works&xaxis_url=https%3A%2F%2Fwww.headspace.com%2Fhow-it-works%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D88170478%26_hsenc%3Dp2ANqtz-_zw4dY67kfX8a8Gwc_ERMi-EhUgbMcsMvNr6Gcfntdtnhx-IUSTzzsJ1hx28BY7Ow7MMeBdNBrY-EJHDJvaimdaBkX4ivd65EcTCOh09hRA_vRlJU%26_hsmi%3D88170478&xaxis_referrer=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
content-encoding: gzip
accept-ranges: bytes
age: 751
cache-control: max-age=3600
content-type: text/html
date: Tue, 19 May 2020 17:57:16 GMT
etag: "4281920267"
expires: Tue, 19 May 2020 18:57:16 GMT
last-modified: Fri, 24 Apr 2020 20:46:24 GMT
server: ECAcc (ska/F769)
vary: Accept-Encoding
x-cache: HIT
content-length: 299

POST
H2 200 open Show response
api2.branch.io/v1/ 271 B
559 B 207ms
175ms XHR
application/json 2600:9000:2093:d000:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/open
Requested by: Host: www.headspace.com
URL: https://www.headspace.com/_next/static/rqyw2sppT1g1gXXpLYSYc/pages/_app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2093:d000:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.13.6.2 /
Resource Hash: 95255988e8a7982c890362a1fc3cca95a1a77702e7d3b4f7a79cfa8e1d9cf8ef

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 19 May 2020 17:57:16 GMT
via: 1.1 afb36b97df2ff6c76fed5bd6ee23619b.cloudfront.net (CloudFront)
server: openresty/1.13.6.2
x-amz-cf-pop: HAM50-C1
status: 200
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
content-length: 271
x-amz-cf-id: xtG-9QVxwta0Jk2K0IVufK8QE1rIOjDsbXATM80e4OkeqmGlQzk5SQ==

POST
H2 200 pageview Show response
api2.branch.io/v1/ 29 B
361 B 188ms
188ms XHR
application/json 2600:9000:2093:d000:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/pageview
Requested by: Host: www.headspace.com
URL: https://www.headspace.com/_next/static/rqyw2sppT1g1gXXpLYSYc/pages/_app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2093:d000:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.13.6.2 / Express
Resource Hash: c3dd5a6fff633c6393dca21ce74cd6dc95265943575b43d2d9616f020eea68fa

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 19 May 2020 17:57:16 GMT
via: 1.1 afb36b97df2ff6c76fed5bd6ee23619b.cloudfront.net (CloudFront)
server: openresty/1.13.6.2
x-amz-cf-pop: HAM50-C1
x-powered-by: Express
etag: W/"1d-0Z1F50chJJpy5srE0HvlOYosSzw"
status: 200
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 29
x-amz-cf-id: jhyvcbfM3RMcqH_iGda8dFQQzTD7g_TFj7eWLchmpCXN3sYC7qiNmQ==

POST
H2 200 / Show response
api.amplitude.com/ 7 B
167 B 618ms
215ms XHR
text/html 54.68.149.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: www.headspace.com
URL: https://www.headspace.com/_next/static/rqyw2sppT1g1gXXpLYSYc/pages/_app.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.68.149.50 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-68-149-50.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

status: 200
date: Tue, 19 May 2020 17:57:17 GMT
access-control-allow-origin: *
content-length: 7
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

Verdicts & Comments Add Verdict or Comment

120 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.headspace.com/	1970-01-19 09:38:32	Name: _sp_ses.8a05 Value: *
.tiqcdn.com/	1970-01-19 18:24:07	Name: x_axis_main Value: v_id:01722e152158003f1bf59bfef10800071025706900b08$_sn:1$_se:1$_ss:1$_st:1589912836249$ses_id:1589911036249%3Bexp-session$_pn:1%3Bexp-session
.headspace.com/	1970-01-20 03:09:43	Name: _sp_id.8a05 Value: 1dcfa7f0-b15e-4bbd-abda-9b890b6645ae.1589911037.1.1589911037.1589911037.3628dd21-77cc-4ba2-b80a-62b102a83bc6
.headspace.com/	1970-01-23 01:14:31	Name: amplitude_id_2c0e8b630e65ea00889d07e47d2bb68d_testheadspace.com Value: eyJkZXZpY2VJZCI6ImJmMGZlOGQyLWVlZTgtNDEzYy1hNGIxLTc3YWFkMzRiMGQyOFIiLCJ1c2VySWQiOm51bGwsIm9wdE91dCI6ZmFsc2UsInNlc3Npb25JZCI6MTU4OTkxMTAzNjY5NSwibGFzdEV2ZW50VGltZSI6MTU4OTkxMTAzNjY5MywiZXZlbnRJZCI6MCwiaWRlbnRpZnlJZCI6MSwic2VxdWVuY2VOdW1iZXIiOjF9
.headspace.com/	1970-01-19 18:24:07	Name: _pin_unauth Value: OWJhMDI4M2UtNmRkZi00MDg0LWEyNWUtYjJjOWZiNWRmYzEw
.headspace.com/	1970-01-19 18:24:07	Name: mprtcl-v4_B0C8D5EC Value: {'gs':{'ie':1\|'dt':'580aa567c0d972439cf41d95730011ed'\|'cgid':'ee8cbebf-0d9b-4b1c-9155-0c1aa24aec7b'\|'das':'869d0e7c-4846-4f9b-8afb-73fde71c3f00'\|'csm':'WyItNjg2OTc1NDI4NTI4MjYwNTM4OCJd'\|'sid':'9177C5DA-6870-4C99-A163-0962A18DE94D'\|'les':1589911035925\|'ssd':1589911035923}\|'l':0\|'-6869754285282605388':{'fst':1589911036182}\|'cu':'-6869754285282605388'}
.headspace.com/	1970-01-19 09:39:57	Name: _gid Value: GA1.2.417494432.1589911036
.headspace.com/	1970-01-20 03:09:43	Name: _ga Value: GA1.2.155745302.1589911036
www.headspace.com/	1970-01-19 09:48:35	Name: AWSALBCORS Value: L5R6gNLCEUvnlHy95cZL7db0UjG8VgmuP1AffVpQm8O6RBFxaa+y8AcJetFHi9qGzcQ/d801oL3BHmqxkFXvI5rO7YTedPqm/wQgTdDvlzxJ4IUJLK1hC3Z1zR34
www.headspace.com/	1970-01-19 09:48:35	Name: AWSALB Value: L5R6gNLCEUvnlHy95cZL7db0UjG8VgmuP1AffVpQm8O6RBFxaa+y8AcJetFHi9qGzcQ/d801oL3BHmqxkFXvI5rO7YTedPqm/wQgTdDvlzxJ4IUJLK1hC3Z1zR34

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://get.headspace.com/e2t/c/W7NGvQR2brt41VQqm8s6P2cBd0/W67lnX03RRW65W8gCS5b3R2JT10/5/f18dQhb0Sjvl8XJ8bxN8L4s_THyjJqMQBpmsd7tfRN3hHh8GVMsQMVnQ9Qq8--HBkW8ZPQgZ32RQfMW5nJfZH8Wm1rSW8V2Wtf2MVBKQW55FfM92MznrNW567bYV5lKvt_N5420y5JVPYMVVVW1H32p-C3W4cMfVr3Kqlz7W2KFZxK3Z7d2QN4gb1YLMMQxXW80gSRf97rB1bW8yfS-15J52WbW5CHLC93cXcm2N5xf33pfN4dPW6QPhJx1sV08BW9bp-qN5DjGjQW8n_pss8lFM9lW4tMrBX34pjwXVY6fnx3g22vKW9bqdL198yNPSW93NfNG8B7sS3W6L-KHJ3N1L5lW27cSqM3Htl40W5Dk3J524rdn8W3dqy4y7fS1TJW4pQ6ZP5hkmhfN8XMlxrwZy_fVcZLWR86l4pCW8xVfcq9dtq-4W6YPj-n8hTsJtW7NMlq67tGspgN7fG8ygWDM00W2vD9JX8KbWRJW933G1B56fpFgW4FzkLJ7_BS-fVJ2Scq4F4srpW4L1Mmr4JXQH_V1P91B627Pd8103(Line 13) Message: toS
console-api	log	URL: https://www.headspace.com/_next/static/rqyw2sppT1g1gXXpLYSYc/pages/_app.js(Line 24) Message: GTM PTag v1.2; tagId: 2613695941317
console-api	log	URL: https://www.headspace.com/_next/static/rqyw2sppT1g1gXXpLYSYc/pages/_app.js(Line 24) Message: Firing Pinterest event: pagevisit
console-api	log	URL: https://www.headspace.com/_next/static/rqyw2sppT1g1gXXpLYSYc/pages/_app.js(Line 24) Message: Event Data:
console-api	log	URL: https://www.headspace.com/_next/static/rqyw2sppT1g1gXXpLYSYc/pages/_app.js(Line 24) Message: [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a11673470095.cdn.optimizely.com
api.amplitude.com
api2.branch.io
app.link
cdn-akamai.mookie1.com
cdn.amplitude.com
cdn.branch.io
cdn.optimizely.com
cdn.polyfill.io
cdnjs.cloudflare.com
ct.pinterest.com
d1fc8wv8zag5ca.cloudfront.net
get.headspace.com
identity.mparticle.com
images.ctfassets.net
jssdkcdns.mparticle.com
jssdks.mparticle.com
logx.optimizely.com
s.pinimg.com
static.criteo.net
static.headspace.com
tags.tiqcdn.com
www.google-analytics.com
www.googletagmanager.com
www.headspace.com
152.199.23.241
23.210.248.189
23.42.16.219
23.45.99.37
2600:9000:2016:8600:12:94b3:c380:93a1
2600:9000:2070:f600:19:9934:6a80:93a1
2600:9000:2093:d000:11:f728:3040:93a1
2606:4700::6810:84e5
2606:4700::6811:77b4
2a00:1450:4001:801::2008
2a00:1450:4001:81d::200e
2a02:2638::3
2a02:26f0:6c00:2a0::13b8
2a02:26f0:6c00:2a3::1931
2a04:4e42:200::645
2a04:4e42:3::621
2a04:4e42:3::645
2a04:4e42:400::645
34.231.143.6
52.222.190.114
52.222.190.58
52.84.50.78
54.230.183.53
54.230.55.43
54.68.149.50
08f1a375985466b619fb9371ef0100eec694ba2a13d03c76b21c531a5f858da8
1814b26be6374891fe3ebd2dc02797861ceca8c7836c6c037e06a35e94780e9b
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
37518ff78f2e7be901e84e14ba4cfef3218f9e108ba0d9affac3dad5b6bb3b27
379090e9be167f3d4ada299b739f43067ea015807f6bc31a3c18b0b877aa986a
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
38086780da1ae241464c5c6c6797e7625057d352c4de31c56017aaa67a56a8d7
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
4b02d0256aa25c6d39649ed18059dca04bb6a124133c7e0b48ee8659ca59cc9c
513ec264d0d9bcb4883b5fc9c3d5660aff4364f2f56b50bfc78add86d707a199
56e81c364da2cf5172aa095f02558ee2f440585d21cbe8d6746a0e473c0c8e2c
5cfd7a812a15d3765357ffb2a9b187008c34aff5b77556ba032de395f437ba40
6283b003dfef95a8d485a4943efda9a1f89587bea1887eb58509b9a98341e56f
67f9544afd856cd9e5c20eb98be05c3a4203de9ef9e48123645388213b4461ac
6a60018cab3d38d035188490d869d5dc1283a7dd115917226df457ca92887f7f
6a66bf2110b9409a61c2c0b40c95991dd78f5cc34d8c4429785b3501841cb54a
6ce0af26a33dbf8034a0f13214bff3065273f56b42c341a81b18bbd72e9ae976
7a446bf526f15f1f5ab59f007613e8661963552a60f4de6a4b22dcec92131dec
88a83d6555af69a761e9d9c92ec7b587a1de45c95e4365ab8ef3d0abeb823ff0
95255988e8a7982c890362a1fc3cca95a1a77702e7d3b4f7a79cfa8e1d9cf8ef
9b154c614752acfcba108c51c9540acd198d9a673563d013eb0b481e5fa70b60
9b767b1370e3d8c832168c3d642ae2f477c93c582648910ad6374ee865a583f6
9ed2b5d5888f32e1740ce2347473ee33f93eb49743c81bc286951c5eba885050
a09bdb333bae465de4250fe824f3e1142cb07e22ab746e63f7f7ef999653e8ff
a34c19524cc510c06cab6bb21fc8d6974e13203ff1727626d137a73f88cb2e41
a45790d7b34260022c1179bead948faa2d6732bbff39d1bc9e9cfa6586708f0e
a82c8493d477e2ef23955dcc9e1a0dcd9553dc7fa954040c0b31b3f168502a5e
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b5d18443c635b7a16ef48219eb5f507cbc1331e1543c3bbc317cf2f26f47e8c0
becaacd484e24beb84e74eefd4926847a13f11f66ab42ebbcfd2ff8a2f296259
c3dd5a6fff633c6393dca21ce74cd6dc95265943575b43d2d9616f020eea68fa
c5a6611959ec6019bff42082fdea52f51798ff3bd70fb0f124a07ae542252064
c6619eb8e0e6ce1c28b7deac6d9d5815625fde524fe2c34f9e6122d6f91ff623
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
d89b63406de97fcad69446cdc0456ec7f3132d5aa946a83f41089d8971e5267a
da4fae0ee0fcb340c3d5944c2916e04b610c1b27bf569218fd8b9004d5cac504
e2be2ad5ccba99fb42dbe0a3049bb1ee8fc9a3314fc5f3eecb58d652799c9450
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e918a3fcb44e725952c49774404f5564c0e5bf79fe03fdd78ec2034561153672
ed701b7b3e481a10fba82b402a62c68e275d4a098c3518df7747961ec1115744
ffedbc3bb69866027705be1b0d108d7a89ccff90f1a8ee41618dac21e79473e6

www.headspace.com Open in urlscan Pro 52.222.190.58 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

46 Requests

100 %HTTPS

56 %IPv6

17 Domains

25 Subdomains

26 IPs

5 Countries

1590 kBTransfer

4315 kBSize

10 Cookies

8 Outgoing links

Page URL History

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.headspace.com Open in urlscan Pro
52.222.190.58 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

100 %
HTTPS

56 %
IPv6

17
Domains

25
Subdomains

26
IPs

5
Countries

1590 kB
Transfer

4315 kB
Size

10
Cookies

46 HTTP transactions
1 data transactions