work.headspace.com Open in urlscan Pro
52.85.115.69 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://work.headspace.com/sabic/member-enroll
Submission Tags: falconsandbox
Submission: On March 17 via api (March 17th 2021, 5:27:24 pm UTC) from US

Summary HTTP 71 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 36 IPs in 3 countries across 32 domains to perform 71 HTTP transactions. The main IP is 52.85.115.69, located in United States and belongs to AMAZON-02, US. The main domain is work.headspace.com.
TLS certificate: Issued by Amazon on October 1st 2020. Valid for: a year.

This is the only time work.headspace.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	52.85.115.69 52.85.115.69	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
3	13.226.159.37 13.226.159.37	16509 (AMAZON-02) (AMAZON-02)
2	13.226.159.92 13.226.159.92	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42::645 2a04:4e42::645	54113 (FASTLY) (FASTLY)
2	2a04:4e42:9::84 2a04:4e42:9::84	54113 (FASTLY) (FASTLY)
2	2a02:26f0:710... 2a02:26f0:7100:481::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	13.226.156.70 13.226.156.70	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6811:d6cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:20:... 2606:4700:20::681a:c5f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.244.142.80 35.244.142.80	15169 (GOOGLE) (GOOGLE)
3	52.85.115.56 52.85.115.56	16509 (AMAZON-02) (AMAZON-02)
1 2	52.70.122.68 52.70.122.68	14618 (AMAZON-AES) (AMAZON-AES)
1 2	2620:119:50e1... 2620:119:50e1:101::6cae:b25	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:22::14 2620:1ec:22::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	35.188.42.15 35.188.42.15	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:15bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:73b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:43b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:b649	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
4	184.30.24.193 184.30.24.193	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:600... 2a04:4e42:600::645	54113 (FASTLY) (FASTLY)
1	13.226.156.182 13.226.156.182	16509 (AMAZON-02) (AMAZON-02)
1	13.226.159.19 13.226.159.19	16509 (AMAZON-02) (AMAZON-02)
1	50.19.96.218 50.19.96.218	14618 (AMAZON-AES) (AMAZON-AES)
2 2	18.200.32.159 18.200.32.159	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:218... 2600:9000:2182:200:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:710... 2a02:26f0:7100:19b::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a04:4e42:200... 2a04:4e42:200::645	54113 (FASTLY) (FASTLY)
2	2600:9000:218... 2600:9000:2182:3000:11:f728:3040:93a1	16509 (AMAZON-02) (AMAZON-02)
2	52.72.27.138 52.72.27.138	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6811:cbcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
71	36

13 52.85.115.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-115-69.hel50.r.cloudfront.net

work.headspace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.226.159.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-37.dus51.r.cloudfront.net

api.prod.headspace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.226.159.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-92.dus51.r.cloudfront.net

static.headspace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::645 (United States)

ASN54113 (FASTLY, US)

jssdkcdns.mparticle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:9::84 (United States)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:7100:481::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.156.70 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-226-156-70.dus51.r.cloudfront.net

d1fc8wv8zag5ca.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::621 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d6cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:c5f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.equalweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.142.80 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 80.142.244.35.bc.googleusercontent.com

cdn.pdst.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.85.115.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-115-56.hel50.r.cloudfront.net

vidassets.terminus.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.70.122.68 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-122-68.compute-1.amazonaws.com

trkn.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e1:101::6cae:b25 (United States) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:22::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.188.42.15 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 15.42.188.35.bc.googleusercontent.com

sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:73b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:43b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:b649 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.30.24.193 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-193.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:600::645 (United States)

ASN54113 (FASTLY, US)

identity.mparticle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.156.182 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-156-182.dus51.r.cloudfront.net

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.159.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-19.dus51.r.cloudfront.net

cdn.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.19.96.218 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-19-96-218.compute-1.amazonaws.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.200.32.159 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-32-159.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:200:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:19b::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a04:4e42:200::645 (United States)

ASN54113 (FASTLY, US)

jssdks.mparticle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2182:3000:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02, US)

api2.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.72.27.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-27-138.compute-1.amazonaws.com

errors.client.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:cbcc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	headspace.com work.headspace.com api.prod.headspace.com static.headspace.com	942 KB
7	mparticle.com jssdkcdns.mparticle.com identity.mparticle.com jssdks.mparticle.com	632 KB
6	equalweb.com cdn.equalweb.com	26 KB
4	pinterest.com ct.pinterest.com	2 KB
3	optimizely.com cdn.optimizely.com errors.client.optimizely.com	91 KB
3	branch.io cdn.branch.io api2.branch.io	25 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	3 KB
3	terminus.services vidassets.terminus.services	4 KB
2	adsrvr.org 2 redirects match.adsrvr.org	1014 B
2	sentry.io sentry.io	896 B
2	trkn.us 1 redirects trkn.us	1 KB
2	licdn.com snap.licdn.com	4 KB
2	pinimg.com s.pinimg.com	18 KB
2	googletagmanager.com www.googletagmanager.com	100 KB
1	hubspot.com track.hubspot.com	848 B
1	hubapi.com api.hubapi.com	1001 B
1	google-analytics.com www.google-analytics.com	19 KB
1	app.link app.link	739 B
1	google.de www.google.de	552 B
1	google.com www.google.com	552 B
1	ipify.org api.ipify.org	242 B
1	amplitude.com cdn.amplitude.com	19 KB
1	doubleclick.net googleads.g.doubleclick.net	2 KB
1	googleadservices.com www.googleadservices.com	13 KB
1	hsforms.net js.hsforms.net	129 KB
1	hs-analytics.net js.hs-analytics.net	19 KB
1	hsadspixel.net js.hsadspixel.net	3 KB
1	hs-banner.com js.hs-banner.com	15 KB
1	pdst.fm cdn.pdst.fm	6 KB
1	hs-scripts.com js.hs-scripts.com	939 B
1	jsdelivr.net cdn.jsdelivr.net	26 KB
1	cloudfront.net 1 redirects d1fc8wv8zag5ca.cloudfront.net	412 B
71	32

	Domain	Requested by
13	work.headspace.com	work.headspace.com
6	cdn.equalweb.com	work.headspace.com
4	jssdks.mparticle.com	work.headspace.com
4	ct.pinterest.com	work.headspace.com
3	vidassets.terminus.services	www.googletagmanager.com work.headspace.com
3	api.prod.headspace.com	work.headspace.com
2	errors.client.optimizely.com	work.headspace.com
2	api2.branch.io	work.headspace.com
2	match.adsrvr.org	2 redirects
2	identity.mparticle.com	work.headspace.com
2	sentry.io	work.headspace.com
2	px.ads.linkedin.com	1 redirects work.headspace.com
2	trkn.us	1 redirects work.headspace.com
2	snap.licdn.com	www.googletagmanager.com js.hsadspixel.net
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	static.headspace.com	work.headspace.com
2	www.googletagmanager.com	work.headspace.com www.googletagmanager.com
1	track.hubspot.com
1	api.hubapi.com	work.headspace.com
1	cdn.optimizely.com	jssdkcdns.mparticle.com
1	www.google-analytics.com	jssdkcdns.mparticle.com
1	app.link	cdn.branch.io
1	www.google.de	work.headspace.com
1	www.google.com	work.headspace.com
1	api.ipify.org	work.headspace.com
1	cdn.branch.io	jssdkcdns.mparticle.com
1	cdn.amplitude.com	jssdkcdns.mparticle.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	js.hsforms.net	www.googletagmanager.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	www.linkedin.com	1 redirects
1	cdn.pdst.fm	work.headspace.com
1	js.hs-scripts.com	www.googletagmanager.com
1	cdn.jsdelivr.net	work.headspace.com
1	d1fc8wv8zag5ca.cloudfront.net	1 redirects
1	jssdkcdns.mparticle.com	work.headspace.com
71	39

This site contains links to these domains. Also see Links.

Domain
www.headspace.com

Subject Issuer	Validity	Valid
*.headspace.com Amazon	`2020-10-01` - `2021-11-02`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
jssdkcdns.mparticle.com R3	`2021-03-02` - `2021-05-31`	3 months	crt.sh
*.pinterest.com DigiCert SHA2 High Assurance Server CA	`2020-07-16` - `2021-08-04`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-03-09` - `2021-04-17`	a month	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-04` - `2021-08-04`	a year	crt.sh
cdn.pdst.fm GTS CA 1D2	`2021-03-10` - `2021-06-08`	3 months	crt.sh
*.terminus.services Amazon	`2020-12-16` - `2022-01-14`	a year	crt.sh
trkn.us Go Daddy Secure Certificate Authority - G2	`2021-01-19` - `2022-02-20`	a year	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-01-06` - `2021-07-05`	6 months	crt.sh
sentry.io DigiCert SHA2 Secure Server CA	`2020-06-02` - `2022-06-07`	2 years	crt.sh
www.googleadservices.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
cdn.amplitude.com Amazon	`2020-11-18` - `2021-12-17`	a year	crt.sh
*.branch.io DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-25`	a year	crt.sh
identity.mparticle.com Go Daddy Secure Certificate Authority - G2	`2019-05-27` - `2021-07-17`	2 years	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2021-01-19` - `2022-02-19`	a year	crt.sh
www.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
appipv4.link Amazon	`2020-07-22` - `2021-08-22`	a year	crt.sh
cdn.optimizely.com DigiCert SHA2 Secure Server CA	`2021-02-17` - `2022-02-21`	a year	crt.sh
jssdks.mparticle.com R3	`2021-03-02` - `2021-05-31`	3 months	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2020-07-03` - `2021-07-03`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2020-07-27` - `2021-07-27`	a year	crt.sh
errors.client.optimizely.com Amazon	`2020-09-02` - `2021-10-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://work.headspace.com/sabic/member-enroll
Frame ID: C421681B6A0397DDBFFE9A72FABE8015
Requests: 68 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i
headers server /^AmazonS3$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon S3 (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

headers server /^AmazonS3$/i

Amplitude (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /cdn\.amplitude\.com/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /optimizely\.com.*\.js/i

Page Statistics

71
Requests

100 %
HTTPS

62 %
IPv6

32
Domains

39
Subdomains

36
IPs

3
Countries

2100 kB
Transfer

5745 kB
Size

17
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.headspace.com/terms-and-conditions
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: https://www.headspace.com/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://d1fc8wv8zag5ca.cloudfront.net/2.6.1/sp.js HTTP 301
https://cdn.jsdelivr.net/gh/snowplow/sp-js-assets@2.6.1/sp.js

Request Chain 17

https://trkn.us/pixel/conv/ppt=11045;g=landing_page;gid=32736;ord=[uniqueid]?gtmcb=1734629843 HTTP 302
https://trkn.us/pixel/conv/ppt=11045;g=landing_page;gid=32736;ord=[uniqueid]?gtmcb=1734629843;ip=89.249.64.203;cuidchk=1

Request Chain 18

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2401233&time=1616002023391&url=https%3A%2F%2Fwork.headspace.com%2Fsabic%2Fmember-enroll HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2401233%26time%3D1616002023391%26url%3Dhttps%253A%252F%252Fwork.headspace.com%252Fsabic%252Fmember-enroll%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2401233&time=1616002023391&url=https%3A%2F%2Fwork.headspace.com%2Fsabic%2Fmember-enroll&liSync=true

Request Chain 49

https://match.adsrvr.org/track/cmf/generic?ttd_pid=terminus&ttd_tpi=1&ttd_puid=f0c9017a-7514-4b1e-b253-eddc086a1230|d070da58-6e80-4122-bc43-7acaa62fdc3f HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=terminus&ttd_tpi=1&ttd_puid=f0c9017a-7514-4b1e-b253-eddc086a1230|d070da58-6e80-4122-bc43-7acaa62fdc3f HTTP 302
https://vidassets.terminus.services/s.gif?d=f0c9017a-7514-4b1e-b253-eddc086a1230|d070da58-6e80-4122-bc43-7acaa62fdc3f&t=f01155c7-1e39-4517-9c61-75ef9667916a

71 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request member-enroll Show response
work.headspace.com/sabic/ 6 KB
3 KB 765ms
659ms Document
text/html 52.85.115.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://work.headspace.com/sabic/member-enroll
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.115.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-115-69.hel50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6954401d2f139f2751155e87d1dd88ae672532dee243678aa314ae97c1579a0e

Request headers

:method: GET
:authority: work.headspace.com
:scheme: https
:path: /sabic/member-enroll
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html
last-modified: Wed, 10 Mar 2021 22:23:55 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: NQlAd6vQ9tJ4LFwwRSFVnqF.woryuZ4H
server: AmazonS3
content-encoding: gzip
date: Wed, 17 Mar 2021 17:26:11 GMT
etag: W/"af92b011e49dea3eddb89354bab4b9c5"
vary: Accept-Encoding
x-cache: Error from cloudfront
via: 1.1 8e2fc74f111e14140c534c3cd41f10e1.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL50-C2
x-amz-cf-id: oD9Vs7Kndxkm-L4_IoNw3jsHhxvrn7xZwkT3irJpF4Jbr18FyzH1Lg==
age: 52

GET
H2 200 8.b1db07dc.chunk.css
work.headspace.com/static/css/ 5 KB
2 KB 46ms
45ms Stylesheet
text/css 52.85.115.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://work.headspace.com/static/css/8.b1db07dc.chunk.css
Requested by: Host: work.headspace.com
URL: https://work.headspace.com/sabic/member-enroll
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.115.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-115-69.hel50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dc10f4b1bf7def7bdf9168f7742ce196e9f4ca624ebc32a721f3f050e105f923

Request headers

Referer: https://work.headspace.com/sabic/member-enroll
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: BOE3Wug8oOGouTESNBzEYpGzlrV3CyTL
content-encoding: gzip
etag: W/"ed7c4609c9d69e99a7eac3e6248ff5d5"
last-modified: Wed, 10 Mar 2021 22:23:56 GMT
server: AmazonS3
age: 43
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 8e2fc74f111e14140c534c3cd41f10e1.cloudfront.net (CloudFront)
date: Wed, 17 Mar 2021 17:26:20 GMT
x-amz-cf-pop: HEL50-C2
x-amz-cf-id: TunqKF6mGo1o4rOghvtz-XOfycib07SyVjNg1FMRDu9EaJYkkoZwnA==

GET
H2 200 app.15e7012f.chunk.css
work.headspace.com/static/css/ 5 KB
879 B 124ms
123ms Stylesheet
text/css 52.85.115.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://work.headspace.com/static/css/app.15e7012f.chunk.css
Requested by: Host: work.headspace.com
URL: https://work.headspace.com/sabic/member-enroll
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.115.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-115-69.hel50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bf9127a642fc28d8b7c1fdc2a1d62a08cce36bbffb5ec6cec7da9fa5310905c5

Request headers

Referer: https://work.headspace.com/sabic/member-enroll
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 3kbUIlqYbLdVtPkhbg76qJFB5Zj34i55
content-encoding: gzip
etag: W/"5da011557b0e7c90daf6884a605bf421"
last-modified: Wed, 10 Mar 2021 22:23:56 GMT
server: AmazonS3
age: 43
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 8e2fc74f111e14140c534c3cd41f10e1.cloudfront.net (CloudFront)
date: Wed, 17 Mar 2021 17:26:20 GMT
x-amz-cf-pop: HEL50-C2
x-amz-cf-id: mE6k5yS-W1-onwhFN-aO3WN5PLsLRFSA5z6RoL9TcaSpmefWdAC11A==

GET
H2 200 8.2e789f9e.chunk.js Show response
work.headspace.com/static/js/ 2 MB
441 KB 124ms
123ms Script
application/javascript 52.85.115.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://work.headspace.com/static/js/8.2e789f9e.chunk.js
Requested by: Host: work.headspace.com
URL: https://work.headspace.com/sabic/member-enroll
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.115.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-115-69.hel50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e746c4df83ba52b89a9fa0ab82d8be7cb39ba97aa51d2c1b18a408313d141e92

Request headers

Referer: https://work.headspace.com/sabic/member-enroll
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: xYVJAoQVVfoQ31D0Yf3gxrFtJGNGiCKL
content-encoding: gzip
etag: W/"3f812bc62dd037ccab9dc559cbaa1564"
last-modified: Wed, 10 Mar 2021 22:23:56 GMT
server: AmazonS3
age: 43
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 8e2fc74f111e14140c534c3cd41f10e1.cloudfront.net (CloudFront)
date: Wed, 17 Mar 2021 17:26:20 GMT
x-amz-cf-pop: HEL50-C2
x-amz-cf-id: WFRqRe1_xcYloU_ljPPpan3KDF98w6AVIMtxhjpHNOtA6eh6L8Mu_A==

GET
H2 200 app.6e0f4753.chunk.js Show response
work.headspace.com/static/js/ 658 KB
140 KB 51ms
50ms Script
application/javascript 52.85.115.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://work.headspace.com/static/js/app.6e0f4753.chunk.js
Requested by: Host: work.headspace.com
URL: https://work.headspace.com/sabic/member-enroll
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.115.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-115-69.hel50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 472b8c252d7466f9c70d08d124d653bc5b32f458eb2441be1e33fa810e07920e

Request headers

Referer: https://work.headspace.com/sabic/member-enroll
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: BgencBnfNxLSSWNsGf7upK2Kk3mtL.eQ
content-encoding: gzip
etag: W/"4a5d515abde4d8ec18ca899bffee82b9"
last-modified: Wed, 10 Mar 2021 22:23:56 GMT
server: AmazonS3
age: 43
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 8e2fc74f111e14140c534c3cd41f10e1.cloudfront.net (CloudFront)
date: Wed, 17 Mar 2021 17:26:20 GMT
x-amz-cf-pop: HEL50-C2
x-amz-cf-id: TD530NaWr4Htgj-PwTZ0TNVpLt6_pulfSK_BjSqtmsbmfB3KyG0nMQ==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 209 KB
61 KB 49ms
28ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M92JXMV

Requested by

Host: work.headspace.com
URL: https://work.headspace.com/sabic/member-enroll

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7d73d6e77b15314d228674201d618ea71e460b0d20bd04d7fed4d17bc7d51933

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 17:27:03 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62216
x-xss-protection: 0
last-modified: Wed, 17 Mar 2021 15:34:12 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 17 Mar 2021 17:27:03 GMT

GET
H2 200 spinner-24.b26fe655.svg Show response
work.headspace.com/static/media/ 899 B
1 KB 46ms
46ms XHR
image/svg+xml 52.85.115.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://work.headspace.com/static/media/spinner-24.b26fe655.svg
Requested by: Host: work.headspace.com
URL: https://work.headspace.com/static/js/8.2e789f9e.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.115.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-115-69.hel50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6109d0834e16cc17f5b31608e4d7301a5b1f182dafa8a0bd332bf63190ca1277

Request headers

Referer: https://work.headspace.com/sabic/member-enroll
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 5BDrKsoobqLfPvB1Tjcg5uS9Nla_NYTi
via: 1.1 8e2fc74f111e14140c534c3cd41f10e1.cloudfront.net (CloudFront)
etag: "b26fe6555895b9fcaad2845d24b00d6f"
last-modified: Wed, 10 Mar 2021 22:23:58 GMT
server: AmazonS3
age: 40
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/svg+xml
date: Wed, 17 Mar 2021 17:26:24 GMT
x-amz-cf-pop: HEL50-C2
accept-ranges: bytes
content-length: 899
x-amz-cf-id: OobKP51TRkQEvfrW53oLTws5bSjYulsqNaUXecu-mK1bb2sV7OtmiA==

GET
H2 200 sabic Show response
api.prod.headspace.com/b2b/org/ 655 B
1 KB 188ms
158ms XHR
application/json 13.226.159.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.prod.headspace.com/b2b/org/sabic
Requested by: Host: work.headspace.com
URL: https://work.headspace.com/static/js/8.2e789f9e.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-37.dus51.r.cloudfront.net
Software: envoy /
Resource Hash: 4610777083fedee35c96531fab10f150b66afe246e1d6dd16a0d2715a1632099

Request headers

Accept: application/json, text/plain, */*
Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 17:27:03 GMT
via: 1.1 f12c01365a7e1bcbb4b6d5b856516527.cloudfront.net (CloudFront)
server: envoy
x-amz-cf-pop: DUS51-C1
vary: origin
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://work.headspace.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization,Authorization,tags
cache-control: no-cache
x-envoy-upstream-service-time: 6
accept-ranges: bytes
content-length: 655
x-amz-cf-id: DmA2-dNbuyIJq7dh3i1Ktklsametdakoxx8irxtDwbgFPxLiU-TrJQ==

GET
H2 200 apercu_regular.woff2
static.headspace.com/fonts/apercu/ 20 KB
21 KB 63ms
24ms Font
application/font-woff2 13.226.159.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.headspace.com/fonts/apercu/apercu_regular.woff2
Requested by: Host: work.headspace.com
URL: https://work.headspace.com/static/css/app.15e7012f.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-92.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e918a3fcb44e725952c49774404f5564c0e5bf79fe03fdd78ec2034561153672

Request headers

Origin: https://work.headspace.com
Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 06:17:22 GMT
via: 1.1 962c9e2b0aa7dee39ccec2b38fda120f.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 126582
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 20864
last-modified: Tue, 26 Nov 2019 18:20:22 GMT
server: AmazonS3
etag: "59469dee6787197930bd94880c1ecc00"
access-control-max-age: 3600
access-control-allow-methods: GET
x-amz-version-id: null
access-control-allow-origin: *
access-control-expose-headers: ETag
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: application/font-woff2
x-amz-cf-id: VJ_SK0NJtNvOEa-EreQYzoZrZf4dHmtPOmLNSQbOpNYlg2ySNmL6yA==

GET
H2 200 mparticle.js Show response
jssdkcdns.mparticle.com/js/v2/580aa567c0d972439cf41d95730011ed/ 1 MB
631 KB 49ms
15ms Script
application/javascript 2a04:4e42::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://jssdkcdns.mparticle.com/js/v2/580aa567c0d972439cf41d95730011ed/mparticle.js
Requested by: Host: work.headspace.com
URL: https://work.headspace.com/sabic/member-enroll
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 403b8e120fffbca91a742a2267aca42e09b2ff7b3785f3e8259600b38f214572

Request headers

Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 17:27:03 GMT
via: 1.1 varnish, 1.1 varnish
age: 1124
x-origin-name: fastlyshield--shield_ssl_cache_dca17722_DCA
x-cache: HIT, HIT
x-cache-hits: 2, 1
content-encoding: gzip
content-length: 645555
x-served-by: cache-dca17722-DCA, cache-hhn4061-HHN
server: Kestrel
x-timer: S1616002023.404404,VS0,VE1
vary: Accept, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 17 Mar 2021 18:08:19 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 45ms
14ms Script
application/javascript 2a04:4e42:9::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M92JXMV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:9::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3b55e27038f70b1b7cfae4116bf09fe3faf8cb97795673d1fd338113d0c0d53f

Request headers

Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 17:27:03 GMT
fastly-restarts: 1
x-cdn: fastly
etag: "7dfd742fa9951f09da578c3e4cfc7d96"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
content-length: 1142
access-control-expose-headers: X-CDN

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 24ms
7ms Script
application/x-javascript 2a02:26f0:7100:481::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M92JXMV
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:481::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 17 Mar 2021 17:27:03 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jan 2021 22:14:03 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=62954
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1855

GET
H2

200

sp.js Show response
cdn.jsdelivr.net/gh/snowplow/sp-js-assets@2.6.1/
Redirect Chain

https://d1fc8wv8zag5ca.cloudfront.net/2.6.1/sp.js
https://cdn.jsdelivr.net/gh/snowplow/sp-js-assets@2.6.1/sp.js

73 KB
26 KB

22ms
7ms

Script
application/javascript

2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/snowplow/sp-js-assets@2.6.1/sp.js

Requested by

Host: work.headspace.com
URL: https://work.headspace.com/sabic/member-enroll

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5cfd7a812a15d3765357ffb2a9b187008c34aff5b77556ba032de395f437ba40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 1178404
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 25901
etag: W/"12579-3khG3dcbrywPtGpRg2Bjh3qMeMY"
x-served-by: cache-fra19164-FRA, cache-hhn4031-HHN
date: Wed, 17 Mar 2021 17:27:03 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

Redirect headers

Date: Wed, 17 Mar 2021 15:43:42 GMT
Via: 1.1 f6bd96409cae11d77ed75457d756ef80.cloudfront.net (CloudFront)
Server: AmazonS3
Age: 6202
X-Cache: Hit from cloudfront
Location: https://cdn.jsdelivr.net/gh/snowplow/sp-js-assets@2.6.1/sp.js
Connection: keep-alive
X-Amz-Cf-Pop: DUS51-C1
Content-Length: 0
X-Amz-Cf-Id: HdBk8Dgihg4cmwJPZX0mPpSVXLGH4WMSTKptI7FjJNjWeMODI5NA5Q==

GET
H2 200 4137181.js Show response
js.hs-scripts.com/ 1 KB
939 B 35ms
16ms Script
application/javascript 2606:4700::6811:d6cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/4137181.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M92JXMV
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:d6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69feee27939cfcbb8d73b19fbd4b6732c0e77f42300be38104b49c2d21b8ad80

Request headers

Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 17:27:03 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 51
cf-polished: origSize=1430
cf-request-id: 08e2d317dc00004e375bbec000000001
cf-bgj: minify
server: cloudflare
x-trace: 2B715795507C14D0F726D29534346F9491665F7A94000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://work.headspace.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 6317ee062d7f4e37-FRA
expires: Wed, 17 Mar 2021 17:28:03 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 99 KB
39 KB 19ms
17ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-761327634

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M92JXMV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e78ac85222b94c54b410dd6c4dcd60ac01f12d7d77bc153aa75f00179f1bf7c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 17:27:03 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39782
x-xss-protection: 0
expires: Wed, 17 Mar 2021 17:27:03 GMT

GET
H2 200 accessibility.js Show response
cdn.equalweb.com/core/2.0.7/ 34 KB
12 KB 40ms
17ms Script
application/javascript 2606:4700:20::681a:c5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.equalweb.com/core/2.0.7/accessibility.js

Requested by

Host: work.headspace.com
URL: https://work.headspace.com/sabic/member-enroll

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

000497d098847c13d6d87e046fdabe2b78971aadb7948d46dc473eabd730f954

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Origin: https://work.headspace.com
Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 17:27:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1486368
access-control-allow-methods: GET
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 19 Mar 2020 09:54:48 GMT
server: cloudflare
x-frame-options: deny
etag: W/"024f26cd4fdd51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TynVTtsvOYSKIAIYuzVxrpoHwBjmA6MH5h1gPiBnLXSyDp8WZZtsdN0x2CYpf4W%2F5n9P1je7NdHfT%2FdHR1XCXlQu9szYYipMI1tuPziGFRUSluMzO1%2BUKE3V%2FIjf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2204800
access-control-allow-credentials: true
cf-request-id: 08e2d317e0000053646f30c000000001
cf-ray: 6317ee0639a65364-FRA

GET
H2 200 ping.min.js Show response
cdn.pdst.fm/ 26 KB
6 KB 25ms
7ms Script
application/javascript 35.244.142.80
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pdst.fm/ping.min.js
Requested by: Host: work.headspace.com
URL: https://work.headspace.com/sabic/member-enroll
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.142.80 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 80.142.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 651bb26936af19984c786a0f494947ef827d782e88fe26dbc3b80970c0fa61fc

Request headers

Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 17:05:56 GMT
content-encoding: gzip
age: 1267
x-guploader-uploadid: ABg5-Uz7BtN6vDMTwN029AQYMvKXWaxLCCrfZ6QODFRWjIaCxaAg_ISq0kizBhsOaBUpBaPHym_veBHs3EFxbH5LnfPqasa79Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 5768
last-modified: Thu, 28 Jan 2021 01:58:32 GMT
server: UploadServer
etag: "a7fbcd01c958e894a82f35084a94bd0a"
vary: Accept-Encoding
x-goog-hash: crc32c=MwlZnw==, md5=p/vNAclY6JSoLzUISpS9Cg==
x-goog-generation: 1611799112374780
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 5768
accept-ranges: bytes
content-type: application/javascript;
expires: Wed, 17 Mar 2021 18:05:56 GMT

GET
H2 200 t.js Show response
vidassets.terminus.services/f0c9017a-7514-4b1e-b253-eddc086a1230/ 4 KB
2 KB 137ms
46ms Script
application/javascript 52.85.115.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vidassets.terminus.services/f0c9017a-7514-4b1e-b253-eddc086a1230/t.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M92JXMV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.115.56 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-115-56.hel50.r.cloudfront.net

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

0e4b8d24a97bf67e39fcebe6b138ff9db6a5a01b38b3f2d2d2ab0ee90f44a729

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 17:02:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1780
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 02 Mar 2021 17:36:56 GMT
server: nginx/1.10.3 (Ubuntu)
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript;charset=utf-8
via: 1.1 3fcabc15a7f22952dcacfedd3d2b6a15.cloudfront.net (CloudFront)
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Authorization
cache-control: public, s-maxage=2700
x-amz-cf-pop: HEL50-C2
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Authorization
x-amz-cf-id: 9gJOdCyB3WQU-PGgZ7R91lVyj23HjclQI4Mg1icLrveSqHJuJafybA==

GET
H/1.1

200
OK

ppt=11045;g=landing_page;gid=32736;ord=[uniqueid]
trkn.us/pixel/conv/
Redirect Chain

https://trkn.us/pixel/conv/ppt=11045;g=landing_page;gid=32736;ord=[uniqueid]?gtmcb=1734629843
https://trkn.us/pixel/conv/ppt=11045;g=landing_page;gid=32736;ord=[uniqueid]?gtmcb=1734629843;ip=89.249.64.203;cuidchk=1

42 B
758 B

114ms
114ms

Image
image/gif

52.70.122.68
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trkn.us/pixel/conv/ppt=11045;g=landing_page;gid=32736;ord=[uniqueid]?gtmcb=1734629843;ip=89.249.64.203;cuidchk=1

Requested by

Host: work.headspace.com
URL: https://work.headspace.com/sabic/member-enroll

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.70.122.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-70-122-68.compute-1.amazonaws.com

Software

Apache /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 Mar 2021 17:27:03 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 9 Nov 1980 12:59:00 GMT
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date: Wed, 17 Mar 2021 17:27:03 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: /pixel/conv/ppt=11045;g=landing_page;gid=32736;ord=[uniqueid]?gtmcb=1734629843;ip=89.249.64.203;cuidchk=1
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 0

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2401233&time=1616002023391&url=https%3A%2F%2Fwork.headspace.com%2Fsabic%2Fmember-enroll
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2401233%26time%3D1616002023391%26url%3Dhttps%253A%252F%252Fwork.headspace.com%252...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2401233&time=1616002023391&url=https%3A%2F%2Fwork.headspace.com%2Fsabic%2Fmember-enroll&liSync=true

0
80 B

186ms
186ms

Image
application/javascript

2620:119:50e1:101::6cae:b25
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2401233&time=1616002023391&url=https%3A%2F%2Fwork.headspace.com%2Fsabic%2Fmember-enroll&liSync=true
Requested by: Host: work.headspace.com
URL: https://work.headspace.com/sabic/member-enroll
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:119:50e1:101::6cae:b25 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 17:27:04 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-proto: http/2
x-li-pop: prod-esv5
content-type: application/javascript
content-length: 0
x-li-uuid: g7iJckcxbRaQck0lqCsAAA==

Redirect headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
linkedin-action: 1
content-length: 0
x-li-uuid: FhLfZkcxbRaAZuo1MisAAA==
pragma: no-cache
x-li-pop: afd-prod-lor1
x-msedge-ref: Ref A: B6E1FED63B5D4DCEAC524276262A41CE Ref B: VIEEDGE1312 Ref C: 2021-03-17T17:27:03Z
date: Wed, 17 Mar 2021 17:27:03 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options: sameorigin
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2401233&time=1616002023391&url=https%3A%2F%2Fwork.headspace.com%2Fsabic%2Fmember-enroll&liSync=true
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK / Show response
sentry.io/api/1449872/store/ 41 B
448 B 451ms
113ms Fetch
application/json 35.188.42.15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1449872/store/?sentry_key=e3428f32a47e48f4abe62295ae2ab559&sentry_version=7

Requested by

Host: work.headspace.com
URL: https://work.headspace.com/static/js/8.2e789f9e.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

6961282a0a21bf91045a9ffea42eecd00144487d7308d65a717fedc04c8459d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 17 Mar 2021 17:27:03 GMT
vary: Origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json
access-control-allow-origin: https://work.headspace.com
access-control-expose-headers: x-sentry-rate-limits, retry-after, x-sentry-error
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 41

GET
H2 200 4137181.js Show response
js.hs-banner.com/ 59 KB
15 KB 37ms
22ms Script
text/javascript 2606:4700::6812:15bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/4137181.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4137181.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2ff2cd7c43fdd5cff4da93c47d920e8e6c3a346331ad3f3f99293ed67fb3a6d

Request headers

Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 17:27:03 GMT
content-encoding: br
cf-cache-status: HIT
age: 51
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-request-id: EWW5HGK8K6PY4010
x-amz-id-2: ZzhKoU3Kz34L4toBT00QYyiRprfVTime+grQ55qdkKDXW6YHjRXRerTVDWswSn574jGyrmzymRE=
timing-allow-origin: *
last-modified: Tue, 09 Mar 2021 21:16:40 GMT
server: cloudflare
etag: W/"4fc778fd07aedc680221bdd25cb29fda"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: h1XTGeIHFmYH0.q9kqQQquaVUySjbfBy
access-control-allow-origin: https://work.headspace.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-request-id: 08e2d317fc0000dfc729a6d000000001
cf-ray: 6317ee065c02dfc7-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Wed, 17 Mar 2021 17:31:12 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 5 KB
3 KB 40ms
21ms Script
application/javascript 2606:4700::6811:73b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4137181.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:73b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90c1bee45241702400aa35f37b755606b12d43257a7590f0d3c5a9a3c0cc1587

Request headers

Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 17:27:03 GMT
via: 1.1 e3e94284a800d30d02bd662be67e1bf2.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 240
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.230/bundles/pixels-release.js&cfRay=6317e827cae02b29-IAD
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 08e2d3180000002b1e613f4000000001
last-modified: Tue, 16 Mar 2021 01:00:01 UTC
server: cloudflare
etag: W/"3e819a21033e1bf8f79bafffad03b850"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: X1hednjk2pXbV1By5RA5iSMlmelj5rSx
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
cf-ray: 6317ee066c4f2b1e-FRA
x-amz-cf-id: 0PU-q5TThRdP3DUJhJMjHyfo_FlTc4EpMQLtDgbLfiib3HKD6nomdA==

GET
H2 200 4137181.js Show response
js.hs-analytics.net/analytics/1616001900000/ 61 KB
19 KB 40ms
22ms Script
text/javascript 2606:4700::6811:43b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1616001900000/4137181.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4137181.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:43b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1565400ba255e196474774040ea6798e1a2fe6cb55d0425d8f643732f7509c0

Request headers

Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 17:27:03 GMT
content-encoding: br
cf-cache-status: HIT
age: 51
x-amz-server-side-encryption: AES256
x-amz-request-id: 6S399DHBNPPKWXWJ
x-amz-id-2: ixBxNqNvbV2K+3QeEvl2dQ5hMb7iBJbZnp8UcoBAF7SU9sG3Q749ihAvRGm2TtYQ+zAoTpFHUxg=
last-modified: Tue, 23 Feb 2021 22:21:44 GMT
server: cloudflare
etag: W/"f2fe8378c1b54102df608272e9f7dd89"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
x-amz-version-id: null
cf-request-id: 08e2d318000000975a8315e000000001
cf-ray: 6317ee066f99975a-FRA
expires: Wed, 17 Mar 2021 17:31:12 GMT

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 525 KB
129 KB 53ms
37ms Script
application/javascript 2606:4700::6811:b649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M92JXMV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b649 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7eb794dfec53cf6015660dcfc09d5454681f25777c187dce636723390e776d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 17:27:03 GMT
via: 1.1 4638ed8bcd9a9c4a4ffe655049a6e058.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 289
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08e2d3180300004ab5f83a1000000001
last-modified: Tue, 16 Mar 2021 09:23:29 UTC
server: cloudflare
etag: W/"9d668cfc7c391b8538a113832f54ab8d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nLiJkAnEaFWW06w1Igtz2dhDZ6Ii0sBLJbG5Z6eIUB9Mlwn2slzZD%2FsCasfh9ly5godx%2FHWJHa7MCG4Ucoew1GFB6RzgxMOh56mUy0u00LipDIQTquwxKYPOfQ%3D%3D"}],"group":"cf-nel"}
x-amz-version-id: Im9LyHkEZJN8A9pTrxephGQMCSB7CbwW
access-control-allow-origin: *
cache-control: s-maxage=600, max-age=0
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
cf-ray: 6317ee066bcf4ab5-FRA
x-amz-cf-id: q9rgZ5csQjc6yGLJFrz48v-uq6Zkn4gFH1UCg7ppsifOm1QwVP9yAg==

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 33 KB
13 KB 44ms
18ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-761327634

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

f7e080e9ae385a460cde752e7d042550150be9feeeab579e75c0dffba5e347d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 17:27:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13101
x-xss-protection: 0
server: cafe
etag: 4078013535117804118
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 17 Mar 2021 17:27:03 GMT

GET
H2 200 main.2a04f3ee.js Show response
s.pinimg.com/ct/lib/ 48 KB
17 KB 22ms
21ms Script
application/javascript 2a04:4e42:9::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.2a04f3ee.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:9::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1a6d2c0675a46c16261ab620e5eda102fdfb5d085391347db3306bf872a90664

Request headers

Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 17:27:03 GMT
content-encoding: gzip
fastly-restarts: 1
x-cdn: fastly
etag: "248210fef24a364a0e167a9a4db13563"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
content-length: 17102
access-control-expose-headers: X-CDN

GET
H2 200 default.css Show response
cdn.equalweb.com/style/ 11 KB
3 KB 13ms
12ms Fetch
text/css 2606:4700:20::681a:c5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.equalweb.com/style/default.css

Requested by

Host: work.headspace.com
URL: https://work.headspace.com/static/js/8.2e789f9e.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f74fa887d8e3b14f4cdfcefa0dbf17ee9e35deff437d8e4701822f4fb5ca592

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 17:27:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1486368
access-control-allow-methods: GET
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Feb 2021 13:58:41 GMT
server: cloudflare
x-frame-options: deny
etag: W/"80fe94527ebd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Jt%2Bkouo8a34p1%2F5vSky1RZjTGZis%2FDFJSuOM4rOQnIsawYmwoJXFv%2BJcWYbY0LqKO8dksvXGBNXEo11CJD5XKmG4ARR1BZnRG6d7I%2FoFwIEXKSeMWJU%2FaY4gnbeX"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2204800
access-control-allow-credentials: true
cf-request-id: 08e2d3180a000053649b30b000000001
cf-ray: 6317ee067a2c5364-FRA

GET
H2 200 btncolor.css Show response
cdn.equalweb.com/style/ 105 B
423 B 13ms
12ms Fetch
text/css 2606:4700:20::681a:c5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.equalweb.com/style/btncolor.css

Requested by

Host: work.headspace.com
URL: https://work.headspace.com/static/js/8.2e789f9e.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46b6596e9fdedae08a61fed7b7512700c383b8eb822239d6691fa49e1eb372de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 17:27:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1486368
access-control-allow-methods: GET
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 11 Feb 2019 11:16:31 GMT
server: cloudflare
x-frame-options: deny
etag: W/"3f26cd3dfbc1d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MaeZMSKh%2FX2bQn0P8NXEt8eB5H8DHXhQsmpAu7d1pKYkVcBLV4v1XRssl%2BMFFqJwU%2F3lLl1dDN29aXzLflPouPfD%2BRauil8TWDak76J39DQhRJaXM%2BKo0UHwTFCA"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2204800
access-control-allow-credentials: true
cf-request-id: 08e2d3180a00005364aab2a000000001
cf-ray: 6317ee067a2d5364-FRA

GET
H2 200 locale.js Show response
cdn.equalweb.com/assets/scripts/ 28 KB
9 KB 16ms
15ms Fetch
application/javascript 2606:4700:20::681a:c5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.equalweb.com/assets/scripts/locale.js

Requested by

Host: work.headspace.com
URL: https://work.headspace.com/static/js/8.2e789f9e.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

563e201e90916977a81cccba0a6e0b574edda3420f692dc076589539bea1967a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 17:27:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1486368
access-control-allow-methods: GET
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Feb 2021 12:12:18 GMT
server: cloudflare
x-frame-options: deny
etag: W/"07d4766fbd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4inW7YbQfwBRSZm64joxHZwSJhLU37sfZvg7nvB5XyhYRcDDX0gfzg4pJyvJF9U9itlFFoGhDvOgzapJXAwXBB0t2XP8CjuXZlNA0HxTSP8yJ1btEf2oREpLbdJr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2204800
access-control-allow-credentials: true
cf-request-id: 08e2d3180a00005364a33a2000000001
cf-ray: 6317ee067a2f5364-FRA

GET
H2 200 / Show response
ct.pinterest.com/user/ 57 B
519 B 56ms
35ms XHR
application/json 184.30.24.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2613695941317&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1616002023456

Requested by

Host: work.headspace.com
URL: https://work.headspace.com/static/js/8.2e789f9e.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-193.deploy.static.akamaitechnologies.com

Software

Resource Hash

97f2a7de8ee34ba39b204787cb7186545101c11acd513323ab02339b8154a0f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 17:27:03 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cdn: akamai
access-control-allow-origin: https://work.headspace.com
x-envoy-upstream-service-time: 1
x-pinterest-rid: 5101061639886129
pin-unauth: dWlkPU1UQmxNems1TXpndE1qVm1OUzAwTXpNeUxUbGlOekV0TURBMk9UVmxabUV6WkRZNA
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: application/json; charset=utf-8
pragma: no-cache
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
content-length: 69
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
301 B 57ms
38ms Image
image/gif 184.30.24.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613695941317&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwork.headspace.com%2Fsabic%2Fmember-enroll%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%222a04f3ee%22%7D&cb=1616002023458

Requested by

Host: work.headspace.com
URL: https://work.headspace.com/sabic/member-enroll

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-193.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Mar 2021 17:27:03 GMT
referrer-policy: origin
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 4
content-length: 35
x-pinterest-rid: 1148147048028295
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
545 B 60ms
41ms Image
image/gif 184.30.24.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2613695941317&pd=%7B%22np%22%3A%22gtm%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwork.headspace.com%2Fsabic%2Fmember-enroll%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%222a04f3ee%22%7D&cb=1616002023459

Requested by

Host: work.headspace.com
URL: https://work.headspace.com/sabic/member-enroll

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-193.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Mar 2021 17:27:03 GMT
referrer-policy: origin
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 4
content-length: 35
x-pinterest-rid: 8551636015262640
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 13.svg Show response
cdn.equalweb.com/assets/images/ 770 B
789 B 13ms
12ms Fetch
image/svg+xml 2606:4700:20::681a:c5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.equalweb.com/assets/images/13.svg

Requested by

Host: work.headspace.com
URL: https://work.headspace.com/static/js/8.2e789f9e.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

849e732a51bc624ebe86de5a5c50932e5d8c88618c5442e4d881b0f152001052

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 17:27:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1486368
access-control-allow-methods: GET
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 03 Feb 2020 08:42:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"68d35d46ddad51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8Z%2BwGmrLh1k24naWGrT%2FtZ4F53s0CXx4Y4LrcYvGr0riBHECtTRB0y2%2BYN85bhD%2BEcJArFXgInVunOiUiQBbL12b4UAfAiexq7305WtZOBaoNI5UhQ8oqbML0%2B9v"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2204800
access-control-allow-credentials: true
cf-request-id: 08e2d3182a00005364bc9a2000000001
cf-ray: 6317ee06aa845364-FRA

GET
H2 200 custombtnstyle.css Show response
cdn.equalweb.com/style/ 4 KB
1 KB 14ms
13ms Fetch
text/css 2606:4700:20::681a:c5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.equalweb.com/style/custombtnstyle.css

Requested by

Host: work.headspace.com
URL: https://work.headspace.com/static/js/8.2e789f9e.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2f930658634b1bee750fdc6c453faacd9e79849856324dcc211b0627f4a059a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 17:27:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1486368
access-control-allow-methods: GET
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Tue, 10 Mar 2020 09:11:26 GMT
server: cloudflare
x-frame-options: deny
etag: W/"0b350e0bbf6d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=P4nTcMfGygBIUGrvqXN9p2Pxddz7AK%2BL3Mj9X6ZfZELaSn56NxZhj8cnDROeycSDNa4mYqdMzHQz8oCKJVoyBYBO4aBYGrDXgCnx80d7g4PP%2FVXH20V6QPArLCl7"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2204800
access-control-allow-credentials: true
cf-request-id: 08e2d3182a000053641daa7000000001
cf-ray: 6317ee06aa865364-FRA

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/761327634/ 2 KB
2 KB 38ms
18ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/761327634/?random=1616002023501&cv=9&fst=1616002023501&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwork.headspace.com%2Fsabic%2Fmember-enroll&tiba=Headspace%20for%20Work&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b8c7d777516c4e40d7289ca18c1a0c08866f516bd18651b9158fea3741c9c81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Mar 2021 17:27:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1035
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 identify
identity.mparticle.com/v1/ 0
0 100ms
13ms Preflight 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.mparticle.com/v1/identify

Protocol

Server

2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-mp-key
Origin: https://work.headspace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Kestrel
access-control-allow-headers: content-type,x-mp-key
access-control-allow-origin: *
x-origin-name: 4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
accept-ranges: bytes
date: Wed, 17 Mar 2021 17:27:03 GMT
via: 1.1 varnish
age: 2439
x-served-by: cache-hhn4058-HHN
x-cache: HIT
x-cache-hits: 613
x-timer: S1616002024.632499,VS0,VE0
strict-transport-security: max-age=900

GET
H2 200 amplitude-7.2.1-min.gz.js Show response
cdn.amplitude.com/libs/ 59 KB
19 KB 45ms
15ms Script
application/javascript 13.226.156.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/amplitude-7.2.1-min.gz.js
Requested by: Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/580aa567c0d972439cf41d95730011ed/mparticle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.156.182 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-182.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1e8af1c8306411c684130fcf7d46fa10b1906898bcc781a822e5d4a38ae2cce8

Request headers

Origin: https://work.headspace.com
Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 06:24:34 GMT
content-encoding: gzip
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 2890950
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 19222
access-control-allow-origin: *
last-modified: Tue, 22 Sep 2020 19:51:25 GMT
server: AmazonS3
etag: "e7ee6bc7f428f90fb1b1ed0e94b9f835"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: rtLe8nVXDx8sL7XBGT5sDlFBE.TwGFEn
via: 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: 6VhwhnpNbzh1m6YHlUA3sLIrX7A5-SP4uQkkrJhf5LWeY8Pm_L2DYA==

GET
H/1.1 200
OK branch-latest.min.js Show response
cdn.branch.io/ 79 KB
24 KB 48ms
16ms Script
text/javascript 13.226.159.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.branch.io/branch-latest.min.js
Requested by: Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/580aa567c0d972439cf41d95730011ed/mparticle.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-19.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bbd2df6e58f0812e9283321aac64b6c7ed5ebd0077e83432f2f819a0b034d2e9

Request headers

Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 6Cdh9NU1ON9cKNB2jBN_G0b4Tiu_S4Aj
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Thu, 04 Mar 2021 23:37:43 GMT
Server: AmazonS3
Age: 89
ETag: "6cda0ef7387562b5cd0274e72d8814f4"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 0c17d43ed0068cac968c920774378b84.cloudfront.net (CloudFront)
Cache-Control: max-age=300
Date: Wed, 17 Mar 2021 17:25:35 GMT
X-Amz-Cf-Pop: DUS51-C1
Content-Length: 23796
X-Amz-Cf-Id: ZJosfaHFcf_XuYWPRNkcyKPmJa9BUhwwpRef3TCHVqdt94Y2t0gXYg==

POST
H2 200 identify Show response
identity.mparticle.com/v1/ 176 B
272 B 124ms
123ms XHR
application/json 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.mparticle.com/v1/identify

Requested by

Host: work.headspace.com
URL: https://work.headspace.com/static/js/8.2e789f9e.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Kestrel /

Resource Hash

95f5834a72d5cc6caf4b628dca94d720de25272b5718c9850c339ee8c6641398

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

x-mp-key: 580aa567c0d972439cf41d95730011ed
Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 17 Mar 2021 17:27:03 GMT
content-encoding: gzip
server: Kestrel
x-timer: S1616002024.647152,VS0,VE110
x-origin-name: 4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by: cache-hhn4058-HHN
vary: Accept-Encoding
x-cache: MISS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
strict-transport-security: max-age=900
accept-ranges: bytes
via: 1.1 varnish
x-cache-hits: 0

POST
H2 204 / Show response
ct.pinterest.com/md/ 0
242 B 53ms
35ms XHR
text/plain 184.30.24.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/md/

Requested by

Host: work.headspace.com
URL: https://work.headspace.com/static/js/8.2e789f9e.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-193.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 17 Mar 2021 17:27:03 GMT
referrer-policy: origin
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 1
x-pinterest-rid: 1014166682565579
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 icons.svg
work.headspace.com/static/ 6 KB
3 KB 667ms
666ms Other
text/html 52.85.115.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://work.headspace.com/static/icons.svg
Requested by: Host: work.headspace.com
URL: https://work.headspace.com/static/js/8.2e789f9e.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.115.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-115-69.hel50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6954401d2f139f2751155e87d1dd88ae672532dee243678aa314ae97c1579a0e

Request headers

Referer: https://work.headspace.com/sabic/member-enroll
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: NQlAd6vQ9tJ4LFwwRSFVnqF.woryuZ4H
content-encoding: gzip
etag: W/"af92b011e49dea3eddb89354bab4b9c5"
last-modified: Wed, 10 Mar 2021 22:23:55 GMT
server: AmazonS3
age: 54
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Error from cloudfront
content-type: text/html
via: 1.1 8e2fc74f111e14140c534c3cd41f10e1.cloudfront.net (CloudFront)
date: Wed, 17 Mar 2021 17:26:11 GMT
x-amz-cf-pop: HEL50-C2
x-amz-cf-id: wO4jyzNS1AEOTqnEaJeTBMV2WWlpG82LgXgTZDWfOz43i6uv-FADPQ==

GET
H2 200 headspace-logo-circle.acd5e30f.svg Show response
work.headspace.com/static/media/ 542 B
937 B 49ms
48ms XHR
image/svg+xml 52.85.115.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://work.headspace.com/static/media/headspace-logo-circle.acd5e30f.svg
Requested by: Host: work.headspace.com
URL: https://work.headspace.com/static/js/8.2e789f9e.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.115.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-115-69.hel50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b2d2ec185087f20688fe04cb4b9bce60a67ddd075711cea7b3fa5acc1ceb4512

Request headers

Referer: https://work.headspace.com/sabic/member-enroll
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: u9zu3ZTPNhVn9ep_d7MJD72XlnOHoqQF
via: 1.1 8e2fc74f111e14140c534c3cd41f10e1.cloudfront.net (CloudFront)
etag: "acd5e30fd98110263474a354bc900a78"
last-modified: Wed, 10 Mar 2021 22:23:57 GMT
server: AmazonS3
age: 40
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/svg+xml
date: Wed, 17 Mar 2021 17:26:24 GMT
x-amz-cf-pop: HEL50-C2
accept-ranges: bytes
content-length: 542
x-amz-cf-id: dyeEUP2aKPzelfS1ajqQDyC150y4jaZkLsnkRdYqTD5rN6phNsExMw==

GET
H2 200 caretDown.888c761c.svg Show response
work.headspace.com/static/media/ 331 B
728 B 45ms
45ms XHR
image/svg+xml 52.85.115.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://work.headspace.com/static/media/caretDown.888c761c.svg
Requested by: Host: work.headspace.com
URL: https://work.headspace.com/static/js/8.2e789f9e.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.115.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-115-69.hel50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f13f07bebbfa8268bef96f25932582ac40323126ce699f841724075d49676ec2

Request headers

Referer: https://work.headspace.com/sabic/member-enroll
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: ddImvW02j_UexkhRrIZFXobHW64UhAcT
via: 1.1 8e2fc74f111e14140c534c3cd41f10e1.cloudfront.net (CloudFront)
etag: "888c761c5ee3a3dfb7b23d5d1eb8b3ae"
last-modified: Wed, 10 Mar 2021 22:23:57 GMT
server: AmazonS3
age: 40
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/svg+xml
date: Wed, 17 Mar 2021 17:26:24 GMT
x-amz-cf-pop: HEL50-C2
accept-ranges: bytes
content-length: 331
x-amz-cf-id: QC9MeixtISSQ5nQI5JMAyBk0H1JuNxQHF9y74OG3LqCZrro0HIL-Sg==

GET
H2 200 light-gray-check.0e0940af.svg Show response
work.headspace.com/static/media/ 740 B
1 KB 55ms
55ms XHR
image/svg+xml 52.85.115.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://work.headspace.com/static/media/light-gray-check.0e0940af.svg
Requested by: Host: work.headspace.com
URL: https://work.headspace.com/static/js/8.2e789f9e.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.115.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-115-69.hel50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6812909d8232f968935472b79243599c857a5ee23ae9c6bd7726d89c5aabcfe3

Request headers

Referer: https://work.headspace.com/sabic/member-enroll
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: ngQpKXuegFk6sdTUkvwlD3P353gL95Tv
via: 1.1 8e2fc74f111e14140c534c3cd41f10e1.cloudfront.net (CloudFront)
etag: "0e0940afab79475463902ff1c94b2e47"
last-modified: Wed, 10 Mar 2021 22:23:57 GMT
server: AmazonS3
age: 40
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/svg+xml
date: Wed, 17 Mar 2021 17:26:24 GMT
x-amz-cf-pop: HEL50-C2
accept-ranges: bytes
content-length: 740
x-amz-cf-id: 3Yb-aOFz69ZakycxsLXKe5LrKCj7XUAhD5LTVn2zOEdQYoQNgzD0sA==

GET
H2 200 3938.logo.e6b31727f73a33874a95d54d31f3379c.jpeg
work.headspace.com/logos/ 119 KB
120 KB 911ms
910ms Image
image/jpeg 52.85.115.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://work.headspace.com/logos/3938.logo.e6b31727f73a33874a95d54d31f3379c.jpeg
Requested by: Host: work.headspace.com
URL: https://work.headspace.com/sabic/member-enroll
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.115.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-115-69.hel50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 967ca8c71728e94ff222e695b5652231ff885b451e4016eb8c389666a0a71bf2

Request headers

Referer: https://work.headspace.com/sabic/member-enroll
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 17 Mar 2021 17:27:05 GMT
via: 1.1 8e2fc74f111e14140c534c3cd41f10e1.cloudfront.net (CloudFront)
last-modified: Tue, 01 Dec 2020 20:44:43 GMT
server: AmazonS3
x-amz-cf-pop: HEL50-C2
etag: "1b7a830ca6fcf665842a2d382621d493"
x-cache: Miss from cloudfront
x-amz-version-id: zcgOAkvkepQ4achM7fHUh2RcSgaS7_D1
accept-ranges: bytes
content-type: image/jpeg
content-length: 121880
x-amz-cf-id: 4ViZID3bfCdW4KWJK6lCSHV1ZuXWj9SQmIdU_3tTF3AeLGzPZO3QPw==

GET
H2 200 left-side-footer-illustration.f6731c5a.png
work.headspace.com/static/media/ 92 KB
92 KB 46ms
45ms Image
image/png 52.85.115.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://work.headspace.com/static/media/left-side-footer-illustration.f6731c5a.png
Requested by: Host: work.headspace.com
URL: https://work.headspace.com/sabic/member-enroll
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.115.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-115-69.hel50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0b4b4085b2a455ce1f9c0bff993b4e63712564f98fa8c5e6fbf1c283b64900a9

Request headers

Referer: https://work.headspace.com/sabic/member-enroll
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: kzrFKDidCIEbrNXFig.o9f7G7PTAAhdS
via: 1.1 8e2fc74f111e14140c534c3cd41f10e1.cloudfront.net (CloudFront)
etag: "f6731c5a714e31f8118fe04b49690ddd"
last-modified: Wed, 10 Mar 2021 22:23:57 GMT
server: AmazonS3
age: 40
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
date: Wed, 17 Mar 2021 17:26:24 GMT
x-amz-cf-pop: HEL50-C2
accept-ranges: bytes
content-length: 93816
x-amz-cf-id: inkbQQGjIwtYMkgpwHotY_qxA99OHkSvykaYg1p1yHREaWWZ9cGX3w==

GET
H2 200 right-side-footer-illustration.41e72c3e.png
work.headspace.com/static/media/ 92 KB
93 KB 50ms
49ms Image
image/png 52.85.115.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://work.headspace.com/static/media/right-side-footer-illustration.41e72c3e.png
Requested by: Host: work.headspace.com
URL: https://work.headspace.com/sabic/member-enroll
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.115.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-115-69.hel50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4bd718af8476bf7589ec552bad98ef0a83555fefd824fb354ddc86a7fccb9b45

Request headers

Referer: https://work.headspace.com/sabic/member-enroll
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: wvSegIHokdeXnHTYWTdS.s4aCy6vHvsZ
via: 1.1 8e2fc74f111e14140c534c3cd41f10e1.cloudfront.net (CloudFront)
etag: "41e72c3ea102dfe2fe736ed33ec208b3"
last-modified: Wed, 10 Mar 2021 22:23:58 GMT
server: AmazonS3
age: 40
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
date: Wed, 17 Mar 2021 17:26:24 GMT
x-amz-cf-pop: HEL50-C2
accept-ranges: bytes
content-length: 94324
x-amz-cf-id: TyvWa1PqQs6r6u1Zx4E5tdjspSQrrqs1XUnv_UBVZIkszW71BxXawg==

GET
H/1.1 200
OK / Show response
api.ipify.org/ 13 B
242 B 421ms
112ms XHR
text/plain 50.19.96.218
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/
Requested by: Host: work.headspace.com
URL: https://work.headspace.com/static/js/8.2e789f9e.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.19.96.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-19-96-218.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: ba84a0f2529e6941e849c5e5a1c560770faa15fc4c5019673ed20962a04f9bb5

Request headers

Accept: application/json, text/plain, */*
Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 17 Mar 2021 17:27:03 GMT
Via: 1.1 vegur
Server: Cowboy
Vary: Origin
Content-Type: text/plain
Access-Control-Allow-Origin: https://work.headspace.com
Connection: keep-alive
Content-Length: 13

POST
H/1.1 200
OK / Show response
sentry.io/api/1449872/store/ 41 B
448 B 375ms
113ms Fetch
application/json 35.188.42.15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1449872/store/?sentry_key=e3428f32a47e48f4abe62295ae2ab559&sentry_version=7

Requested by

Host: work.headspace.com
URL: https://work.headspace.com/static/js/8.2e789f9e.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3023971b7857053996e2f60db04ebe673f6be0d47ad27e3390cd513bd0f5f82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 17 Mar 2021 17:27:03 GMT
vary: Origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json
access-control-allow-origin: https://work.headspace.com
access-control-expose-headers: retry-after, x-sentry-error, x-sentry-rate-limits
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 41

GET
H2

200

s.gif
vidassets.terminus.services/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=terminus&ttd_tpi=1&ttd_puid=f0c9017a-7514-4b1e-b253-eddc086a1230|d070da58-6e80-4122-bc43-7acaa62fdc3f
https://match.adsrvr.org/track/cmb/generic?ttd_pid=terminus&ttd_tpi=1&ttd_puid=f0c9017a-7514-4b1e-b253-eddc086a1230|d070da58-6e80-4122-bc43-7acaa62fdc3f
https://vidassets.terminus.services/s.gif?d=f0c9017a-7514-4b1e-b253-eddc086a1230|d070da58-6e80-4122-bc43-7acaa62fdc3f&t=f01155c7-1e39-4517-9c61-75ef9667916a

42 B
682 B

129ms
128ms

Image
image/gif

52.85.115.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vidassets.terminus.services/s.gif?d=f0c9017a-7514-4b1e-b253-eddc086a1230|d070da58-6e80-4122-bc43-7acaa62fdc3f&t=f01155c7-1e39-4517-9c61-75ef9667916a

Requested by

Host: work.headspace.com
URL: https://work.headspace.com/sabic/member-enroll

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.115.56 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-115-56.hel50.r.cloudfront.net

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 17:07:03 GMT
via: 1.1 3fcabc15a7f22952dcacfedd3d2b6a15.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 1202
x-cache: Hit from cloudfront
content-length: 42
last-modified: Tue, 02 Mar 2021 17:36:56 GMT
server: nginx/1.10.3 (Ubuntu)
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Authorization
cache-control: public, s-maxage=2700
x-amz-cf-pop: HEL50-C2
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Authorization
x-amz-cf-id: e6Erx0xGZYm9w-H6KEaPD7kZeuCYoH1NKqxDwH0dIulBwkbob9d_zg==

Redirect headers

pragma: no-cache
date: Wed, 17 Mar 2021 17:27:03 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://vidassets.terminus.services/s.gif?d=f0c9017a-7514-4b1e-b253-eddc086a1230|d070da58-6e80-4122-bc43-7acaa62fdc3f&t=f01155c7-1e39-4517-9c61-75ef9667916a
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 343

GET
H2 200 t.gif
vidassets.terminus.services/f0c9017a-7514-4b1e-b253-eddc086a1230/ 42 B
692 B 44ms
44ms Image
image/gif 52.85.115.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vidassets.terminus.services/f0c9017a-7514-4b1e-b253-eddc086a1230/t.gif?d=d070da58-6e80-4122-bc43-7acaa62fdc3f&s=aa95dbba-efb7-4bd2-8540-e86f287c5d5f&p=https%3A%2F%2Fwork.headspace.com%2Fsabic%2Fmember-enroll&cb=1616002023592

Requested by

Host: work.headspace.com
URL: https://work.headspace.com/sabic/member-enroll

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.115.56 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-115-56.hel50.r.cloudfront.net

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 16:49:45 GMT
via: 1.1 3fcabc15a7f22952dcacfedd3d2b6a15.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 2244
x-cache: Hit from cloudfront
content-length: 42
last-modified: Tue, 02 Mar 2021 17:36:56 GMT
server: nginx/1.10.3 (Ubuntu)
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Authorization
cache-control: public, s-maxage=2700
x-amz-cf-pop: HEL50-C2
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Authorization
x-amz-cf-id: ZDGdMp7gbrKZQbWYOHzg3HiWYRkri2Xrd8ePYr3bQMjPqh2Rz_x_ug==

GET
H2 200 apercu_bold.woff2
static.headspace.com/fonts/apercu/ 21 KB
21 KB 42ms
42ms Font
binary/octet-stream 13.226.159.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.headspace.com/fonts/apercu/apercu_bold.woff2
Requested by: Host: work.headspace.com
URL: https://work.headspace.com/static/css/app.15e7012f.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-92.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 88a83d6555af69a761e9d9c92ec7b587a1de45c95e4365ab8ef3d0abeb823ff0

Request headers

Origin: https://work.headspace.com
Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 20:59:13 GMT
via: 1.1 962c9e2b0aa7dee39ccec2b38fda120f.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 160070
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 21048
last-modified: Thu, 10 Oct 2019 16:39:26 GMT
server: AmazonS3
etag: "051d6e318abfad4e63ce09e483b5faee"
access-control-max-age: 3600
access-control-allow-methods: GET
x-amz-version-id: null
access-control-allow-origin: *
access-control-expose-headers: ETag
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: binary/octet-stream
x-amz-cf-id: tqaauwU9OarmfkaZdb60kZ8T4oZ88aC1q0gtaQpAUhtrmlKGwb1MMA==

GET
H2 200 /
www.google.com/pagead/1p-user-list/761327634/ 42 B
552 B 42ms
21ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/761327634/?random=1616002023501&cv=9&fst=1616000400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwork.headspace.com%2Fsabic%2Fmember-enroll&tiba=Headspace%20for%20Work&async=1&fmt=3&is_vtc=1&random=1623697390&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: work.headspace.com
URL: https://work.headspace.com/sabic/member-enroll

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Mar 2021 17:27:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/761327634/ 42 B
552 B 59ms
36ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/761327634/?random=1616002023501&cv=9&fst=1616000400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwork.headspace.com%2Fsabic%2Fmember-enroll&tiba=Headspace%20for%20Work&async=1&fmt=3&is_vtc=1&random=1623697390&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: work.headspace.com
URL: https://work.headspace.com/sabic/member-enroll

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Mar 2021 17:27:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK _r Show response
app.link/ 90 B
739 B 213ms
180ms Script
text/javascript 2600:9000:2182:200:19:9934:6a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.link/_r?sdk=web2.58.0&branch_key=key_live_mcdUiF9uYBpZ5OEBEK0jqoflzzlbD4dt&callback=branch_callback__0

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:200:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty / Express

Resource Hash

868c1a32e6c2cf6d45417d6bfcd9d4828a9f9ee4c5e525e3382fc7ec1dacdc39

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 17 Mar 2021 17:27:03 GMT
Via: 1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Server: openresty
X-Amz-Cf-Pop: DUS51-C1
X-Powered-By: Express
X-Cache: Miss from cloudfront
Content-Type: text/javascript; charset=utf-8
Connection: keep-alive
Content-Length: 90
ETag: W/"5a-1cpVsFglLypjGUKWUzRxwrTL1ng"
X-Amz-Cf-Id: n9YCVY5aPNt8u6Bm9EeQMePETliu8mhIW2vn-ystDKxk2bNEi3BlZA==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 26ms
5ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/580aa567c0d972439cf41d95730011ed/mparticle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 5068
date: Wed, 17 Mar 2021 16:02:35 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Wed, 17 Mar 2021 18:02:35 GMT

GET
H2 200 11673470095.js Show response
cdn.optimizely.com/js/ 301 KB
91 KB 32ms
12ms Script
text/javascript 2a02:26f0:7100:19b::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/11673470095.js

Requested by

Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/580aa567c0d972439cf41d95730011ed/mparticle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:19b::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c0648ec5c532e05b46a62e00096437d63ea60799547eb0a9445e56b7253b5fd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: jcXdQu9Ytg4MAWZhhP6VrWbkdYYZKYrt
content-encoding: gzip
etag: "305c89084f1565dd59d54db6a0d168d3"
x-amz-request-id: AC480C4DCEFF5633
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 730
x-amz-replication-status: PENDING
access-control-allow-methods: GET, HEAD
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="5";dur=0,cdnip;desc="2a02:26f0:7100:19b::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
vary: Accept-Encoding
content-length: 92536
x-amz-id-2: KncxRPLAeYMkOx+mZ7Azg0FIYPZbTLTP14vdggcMxaRVzdYFrt33UWagp5cW2Ask1L6nnJU5KMg=
last-modified: Wed, 10 Feb 2021 00:38:14 GMT
server: AmazonS3
date: Wed, 17 Mar 2021 17:27:03 GMT
access-control-max-age: 86400
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

POST
H2 202 Events Show response
jssdks.mparticle.com/v2/JS/580aa567c0d972439cf41d95730011ed/ 42 B
148 B 46ms
16ms XHR
application/json 2a04:4e42:200::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://jssdks.mparticle.com/v2/JS/580aa567c0d972439cf41d95730011ed/Events
Requested by: Host: work.headspace.com
URL: https://work.headspace.com/static/js/8.2e789f9e.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 2bd1c2c58a219fba9d5a68c1a699ef4fab1e337441b194cefa459c69188edf2a

Request headers

Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 17 Mar 2021 17:27:03 GMT
content-encoding: gzip
server: Kestrel
x-timer: S1616002024.831190,VS0,VE3
x-origin-name: 7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-served-by: cache-fra19130-FRA
vary: Accept-Encoding
x-cache: MISS
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes
via: 1.1 varnish
x-cache-hits: 0

POST
H2 202 Forwarding Show response
jssdks.mparticle.com/v1/JS/580aa567c0d972439cf41d95730011ed/ 0
196 B 44ms
15ms XHR
text/plain 2a04:4e42:200::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://jssdks.mparticle.com/v1/JS/580aa567c0d972439cf41d95730011ed/Forwarding
Requested by: Host: work.headspace.com
URL: https://work.headspace.com/static/js/8.2e789f9e.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 17 Mar 2021 17:27:03 GMT
via: 1.1 varnish
server: Kestrel
x-timer: S1616002024.831183,VS0,VE3
x-served-by: cache-fra19130-FRA
x-origin-name: 7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache: MISS
access-control-allow-origin: *
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

POST
H2 202 Forwarding Show response
jssdks.mparticle.com/v1/JS/580aa567c0d972439cf41d95730011ed/ 0
58 B 44ms
16ms XHR
text/plain 2a04:4e42:200::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://jssdks.mparticle.com/v1/JS/580aa567c0d972439cf41d95730011ed/Forwarding
Requested by: Host: work.headspace.com
URL: https://work.headspace.com/static/js/8.2e789f9e.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 17 Mar 2021 17:27:03 GMT
via: 1.1 varnish
server: Kestrel
x-timer: S1616002024.831146,VS0,VE2
x-served-by: cache-fra19130-FRA
x-origin-name: 7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache: MISS
access-control-allow-origin: *
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

POST
H2 202 Events Show response
jssdks.mparticle.com/v2/JS/580aa567c0d972439cf41d95730011ed/ 42 B
120 B 55ms
27ms XHR
application/json 2a04:4e42:200::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://jssdks.mparticle.com/v2/JS/580aa567c0d972439cf41d95730011ed/Events
Requested by: Host: work.headspace.com
URL: https://work.headspace.com/static/js/8.2e789f9e.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 2bd1c2c58a219fba9d5a68c1a699ef4fab1e337441b194cefa459c69188edf2a

Request headers

Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 17 Mar 2021 17:27:03 GMT
content-encoding: gzip
server: Kestrel
x-timer: S1616002024.832055,VS0,VE13
x-origin-name: 7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-served-by: cache-fra19130-FRA
vary: Accept-Encoding
x-cache: MISS
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes
via: 1.1 varnish
x-cache-hits: 0

POST
H2 200 open Show response
api2.branch.io/v1/ 271 B
586 B 193ms
171ms XHR
application/json 2600:9000:2182:3000:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/open
Requested by: Host: work.headspace.com
URL: https://work.headspace.com/static/js/8.2e789f9e.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:3000:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a18c109fac63c822ca2735b5205988a007ed8741cfc37a8d098f5ee235b923c0

Request headers

Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 17 Mar 2021 17:27:04 GMT
via: 1.1 d0be2eec997f966c9c7eb03ae2f75c30.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
x-branch-request-id: 561b97704b3642a7b46cae9cfe367870-2021031717
content-length: 271
x-amz-cf-id: W9CEXQIWWrkkDCAtCctMTB4yLmRR292TmCiPxYHQA_FPFE5tuLTMDg==

POST
H2 200 get-country-code-by-ip Show response
api.prod.headspace.com/b2b/v2/ 2 B
405 B 166ms
166ms XHR
text/html 13.226.159.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.prod.headspace.com/b2b/v2/get-country-code-by-ip
Requested by: Host: work.headspace.com
URL: https://work.headspace.com/static/js/8.2e789f9e.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-37.dus51.r.cloudfront.net
Software: envoy /
Resource Hash: 6814ef46f686990cf4e946f966167b0507e1d642c44e51f61bffb0bba2d4672b

Request headers

Accept: application/json, text/plain, */*
Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Wed, 17 Mar 2021 17:27:04 GMT
via: 1.1 f12c01365a7e1bcbb4b6d5b856516527.cloudfront.net (CloudFront)
server: envoy
x-amz-cf-pop: DUS51-C1
vary: origin
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
access-control-allow-origin: https://work.headspace.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization,Authorization,tags
cache-control: no-cache
x-envoy-upstream-service-time: 4
content-length: 2
x-amz-cf-id: USy0M2mjbQG8pGMKA_bI15OmdfvSI9WnDKP95j7PM81Pq4t2moQ76A==

OPTIONS
H2 200 get-country-code-by-ip
api.prod.headspace.com/b2b/v2/ 0
0 160ms
159ms Preflight 13.226.159.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.prod.headspace.com/b2b/v2/get-country-code-by-ip
Protocol: H2
Server: 13.226.159.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-37.dus51.r.cloudfront.net
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://work.headspace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
date: Wed, 17 Mar 2021 17:27:04 GMT
access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,X-HS-No-Cache,Platform-Origin,hs-languagepreference
access-control-allow-methods: POST
access-control-allow-origin: https://work.headspace.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization,Authorization,tags
access-control-max-age: 86400
cache-control: no-cache
server: envoy
x-envoy-upstream-service-time: 1
x-cache: Miss from cloudfront
via: 1.1 f12c01365a7e1bcbb4b6d5b856516527.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: z1VWeulT5pUyTBjFFTIU16t89sL0nww6y9HEIMqoE38nC26iOOLTsQ==

POST
H2 200 pageview Show response
api2.branch.io/v1/ 29 B
389 B 177ms
177ms XHR
application/json 2600:9000:2182:3000:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/pageview
Requested by: Host: work.headspace.com
URL: https://work.headspace.com/static/js/8.2e789f9e.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:3000:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: c3dd5a6fff633c6393dca21ce74cd6dc95265943575b43d2d9616f020eea68fa

Request headers

Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 17 Mar 2021 17:27:04 GMT
via: 1.1 d0be2eec997f966c9c7eb03ae2f75c30.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-powered-by: Express
etag: W/"1d-0Z1F50chJJpy5srE0HvlOYosSzw"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: b8c7b498bf9b48b4b1a3360df494da41-2021031717
content-length: 29
x-amz-cf-id: q3E88WEx46f4SR4BNTXQ3JtbwmAtHhZMX7B7_E3_QIDRTFByUNnXKw==

OPTIONS
H/1.1 200
OK log
errors.client.optimizely.com/ 0
0 413ms
103ms Preflight
text/plain 52.72.27.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Protocol: HTTP/1.1
Server: 52.72.27.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-27-138.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://work.headspace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Accept,Origin
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: https://work.headspace.com
Access-Control-Max-Age: 1800
Allow: POST,OPTIONS
Content-Type: text/plain
Date: Wed, 17 Mar 2021 17:27:05 GMT
Content-Length: 13
Connection: keep-alive

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ 118 B
1001 B 132ms
117ms XHR
application/json 2606:4700::6811:cbcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=4137181

Requested by

Host: work.headspace.com
URL: https://work.headspace.com/static/js/8.2e789f9e.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cbcc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8922e8ac1c640e8fdb835080d44f0058a3b7520ae331b79ec88f89c9f8a4305a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 17:27:04 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08e2d31d6000004ea4e9be2000000001
server: cloudflare
x-trace: 2B6FEE43520A57D59707D654618D88BD76AB838F3C000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6elS0aJZ%2FQ7YVCv5RvTZs6IK%2Ba717GOxeY4lDcszPwGPozhnZDtW2s0Y7Wo4BtE4rTriaxANPWSd5ucJIUxHdtv9WsOV3a%2BG7tR7lSOg1rsiALS6MrRG7kTtGg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://work.headspace.com
access-control-allow-credentials: false
cf-ray: 6317ee0effab4ea4-FRA
access-control-allow-headers: *

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
848 B 51ms
36ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2176140176&v=1.1&a=4137181&pu=https%3A%2F%2Fwork.headspace.com%2Fsabic%2Fmember-enroll&t=Headspace+for+Work&cts=1616002024788&vi=2e1a6c898e02123a162945574a8b02ad&nc=true&u=61811763.2e1a6c898e02123a162945574a8b02ad.1616002024784.1616002024784.1616002024784.1&b=61811763.1.1616002024784

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 17:27:04 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 6317ee0f08e51f2d-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
cf-request-id: 08e2d31d6b00001f2d5e1b0000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=K6FRhp77pMSPoewSLju0oBCAUxvQ1u4wm5TlyqI36fdHaU6nYGEIj6La5j1RYUEvHvdzVhsN3hYFUBquPGYXs4XLg4D6ve%2FXjp9Jy3CN94n6ynXrx2AGbHCUrOumhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

POST
H/1.1 204
No Content log Show response
errors.client.optimizely.com/ 0
244 B 103ms
103ms XHR
text/plain 52.72.27.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Requested by: Host: work.headspace.com
URL: https://work.headspace.com/static/js/8.2e789f9e.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.27.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-27-138.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: https://work.headspace.com
Access-Control-Expose-Headers
Access-Control-Allow-Credentials: true
Connection: keep-alive
Date: Wed, 17 Mar 2021 17:27:05 GMT
Content-Type: text/plain

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 13ms
13ms Script
application/x-javascript 2a02:26f0:7100:481::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:481::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer: https://work.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 17 Mar 2021 17:27:04 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jan 2021 22:14:03 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=62953
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1855

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.headspace.com/	1970-01-19 16:53:23	Name: __hssc Value: 61811763.1.1616002024784
.headspace.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.headspace.com/	1970-01-20 02:14:58	Name: hubspotutk Value: 2e1a6c898e02123a162945574a8b02ad
.headspace.com/	1970-01-20 01:38:58	Name: countryCode Value: DE
.work.headspace.com/	1970-01-19 16:54:48	Name: _gid Value: GA1.3.1072931595.1616002024
.work.headspace.com/	1970-01-20 10:24:34	Name: _ga Value: GA1.3.268389088.1616002024
.headspace.com/	1970-01-19 19:02:58	Name: _gcl_au Value: 1.1.73192074.1616002023
.headspace.com/	1970-01-20 01:38:58	Name: mprtcl-v4_B0C8D5EC Value: {'gs':{'ie':1\|'dt':'580aa567c0d972439cf41d95730011ed'\|'cgid':'34a1e416-8eb2-4ec7-b392-d266c0e2c5c9'\|'das':'c7b63ef3-2725-404b-aafb-3bd9b2ee6d24'\|'csm':'WyItMzY5ODk1MzU5Nzc5ODM1MTg1NiJd'\|'sid':'06F87E2F-330E-4843-8D61-D6872B041D39'\|'les':1616002023535\|'ssd':1616002023533}\|'l':0\|'-3698953597798351856':{'fst':1616002023778}\|'cu':'-3698953597798351856'}
.headspace.com/	1970-01-20 10:24:34	Name: _sp_id.8a05 Value: 49ca402f-5fc7-4c25-985a-7a9c97504d33.1616002024.1.1616002024.1616002024.48b6a4a9-afff-4bf3-9772-0c5270487d8f
.headspace.com/	1970-01-19 16:53:23	Name: _sp_ses.8a05 Value: *
.headspace.com/	1970-01-23 08:29:22	Name: amp_2c0e8b Value: X__rMPzcPObDG_EHtIQjh6...1f10jk0a6.1f10jk0a6.0.0.0
work.headspace.com/	1970-01-20 01:38:58	Name: d-a8e6 Value: d070da58-6e80-4122-bc43-7acaa62fdc3f
.work.headspace.com/	1970-01-20 01:38:58	Name: _pin_unauth Value: dWlkPU1UQmxNems1TXpndE1qVm1OUzAwTXpNeUxUbGlOekV0TURBMk9UVmxabUV6WkRZNA
work.headspace.com/	1970-01-20 01:38:58	Name: __pdst Value: f8b4823e1b844e27be90060c09a2b7a0
work.headspace.com/	1970-01-19 16:53:22	Name: s-9da4 Value: aa95dbba-efb7-4bd2-8540-e86f287c5d5f
.headspace.com/	1970-01-20 02:14:58	Name: __hstc Value: 61811763.2e1a6c898e02123a162945574a8b02ad.1616002024784.1616002024784.1616002024784.1
.headspace.com/	1970-01-20 01:38:58	Name: lang Value: en

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://work.headspace.com/static/js/8.2e789f9e.chunk.js(Line 1) Message: %c[IND]%c You are running %cWindows%c Operating system, %cChrome%c browser, version: %c89 color: White; background: #17384c; font-weight: bold; padding: 3px; border-radius:3px 0 0 3px; color: Black; background: #50e590; font-weight: bold; padding: 3px color: White; background: #17384c; font-weight: bold; padding: 3px; color: Black; background: #50e590; font-weight: bold; padding: 3px color: White; background: #17384c; font-weight: bold; padding: 3px; color: Black; background: #50e590; font-weight: bold; padding: 3px color: White; background: #17384c; font-weight: bold; padding: 3px; border-radius:0 3px 3px 0
console-api	log	URL: https://work.headspace.com/static/js/8.2e789f9e.chunk.js(Line 1) Message: %c[IND]%c Version %c2.0.7%c color: White; background: #17384c; font-weight: bold; padding: 3px; border-radius:3px 0 0 3px; color: Black; background: #50e590; font-weight: bold; padding: 3px color: White; background: #17384c; font-weight: bold; padding: 3px; border-radius:0 3px 3px 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubapi.com
api.ipify.org
api.prod.headspace.com
api2.branch.io
app.link
cdn.amplitude.com
cdn.branch.io
cdn.equalweb.com
cdn.jsdelivr.net
cdn.optimizely.com
cdn.pdst.fm
ct.pinterest.com
d1fc8wv8zag5ca.cloudfront.net
errors.client.optimizely.com
googleads.g.doubleclick.net
identity.mparticle.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hsforms.net
jssdkcdns.mparticle.com
jssdks.mparticle.com
match.adsrvr.org
px.ads.linkedin.com
s.pinimg.com
sentry.io
snap.licdn.com
static.headspace.com
track.hubspot.com
trkn.us
vidassets.terminus.services
work.headspace.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
13.226.156.182
13.226.156.70
13.226.159.19
13.226.159.37
13.226.159.92
142.250.186.130
18.200.32.159
184.30.24.193
2600:9000:2182:200:19:9934:6a80:93a1
2600:9000:2182:3000:11:f728:3040:93a1
2606:4700:20::681a:c5f
2606:4700::6811:43b0
2606:4700::6811:73b0
2606:4700::6811:b649
2606:4700::6811:cbcc
2606:4700::6811:d6cc
2606:4700::6812:15bf
2606:4700::6813:9b53
2620:119:50e1:101::6cae:b25
2620:1ec:22::14
2a00:1450:4001:800::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:827::2008
2a02:26f0:7100:19b::13b8
2a02:26f0:7100:481::25ea
2a04:4e42:1b::621
2a04:4e42:200::645
2a04:4e42:600::645
2a04:4e42:9::84
2a04:4e42::645
35.188.42.15
35.244.142.80
50.19.96.218
52.70.122.68
52.72.27.138
52.85.115.56
52.85.115.69
000497d098847c13d6d87e046fdabe2b78971aadb7948d46dc473eabd730f954
0b4b4085b2a455ce1f9c0bff993b4e63712564f98fa8c5e6fbf1c283b64900a9
0b8c7d777516c4e40d7289ca18c1a0c08866f516bd18651b9158fea3741c9c81
0e4b8d24a97bf67e39fcebe6b138ff9db6a5a01b38b3f2d2d2ab0ee90f44a729
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
0f74fa887d8e3b14f4cdfcefa0dbf17ee9e35deff437d8e4701822f4fb5ca592
1a6d2c0675a46c16261ab620e5eda102fdfb5d085391347db3306bf872a90664
1e8af1c8306411c684130fcf7d46fa10b1906898bcc781a822e5d4a38ae2cce8
2bd1c2c58a219fba9d5a68c1a699ef4fab1e337441b194cefa459c69188edf2a
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3b55e27038f70b1b7cfae4116bf09fe3faf8cb97795673d1fd338113d0c0d53f
403b8e120fffbca91a742a2267aca42e09b2ff7b3785f3e8259600b38f214572
4610777083fedee35c96531fab10f150b66afe246e1d6dd16a0d2715a1632099
46b6596e9fdedae08a61fed7b7512700c383b8eb822239d6691fa49e1eb372de
472b8c252d7466f9c70d08d124d653bc5b32f458eb2441be1e33fa810e07920e
4bd718af8476bf7589ec552bad98ef0a83555fefd824fb354ddc86a7fccb9b45
563e201e90916977a81cccba0a6e0b574edda3420f692dc076589539bea1967a
5cfd7a812a15d3765357ffb2a9b187008c34aff5b77556ba032de395f437ba40
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
6109d0834e16cc17f5b31608e4d7301a5b1f182dafa8a0bd332bf63190ca1277
651bb26936af19984c786a0f494947ef827d782e88fe26dbc3b80970c0fa61fc
6812909d8232f968935472b79243599c857a5ee23ae9c6bd7726d89c5aabcfe3
6814ef46f686990cf4e946f966167b0507e1d642c44e51f61bffb0bba2d4672b
6954401d2f139f2751155e87d1dd88ae672532dee243678aa314ae97c1579a0e
6961282a0a21bf91045a9ffea42eecd00144487d7308d65a717fedc04c8459d8
69feee27939cfcbb8d73b19fbd4b6732c0e77f42300be38104b49c2d21b8ad80
7d73d6e77b15314d228674201d618ea71e460b0d20bd04d7fed4d17bc7d51933
849e732a51bc624ebe86de5a5c50932e5d8c88618c5442e4d881b0f152001052
868c1a32e6c2cf6d45417d6bfcd9d4828a9f9ee4c5e525e3382fc7ec1dacdc39
88a83d6555af69a761e9d9c92ec7b587a1de45c95e4365ab8ef3d0abeb823ff0
8922e8ac1c640e8fdb835080d44f0058a3b7520ae331b79ec88f89c9f8a4305a
90c1bee45241702400aa35f37b755606b12d43257a7590f0d3c5a9a3c0cc1587
95f5834a72d5cc6caf4b628dca94d720de25272b5718c9850c339ee8c6641398
967ca8c71728e94ff222e695b5652231ff885b451e4016eb8c389666a0a71bf2
97f2a7de8ee34ba39b204787cb7186545101c11acd513323ab02339b8154a0f9
a18c109fac63c822ca2735b5205988a007ed8741cfc37a8d098f5ee235b923c0
a2ff2cd7c43fdd5cff4da93c47d920e8e6c3a346331ad3f3f99293ed67fb3a6d
b1565400ba255e196474774040ea6798e1a2fe6cb55d0425d8f643732f7509c0
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b2d2ec185087f20688fe04cb4b9bce60a67ddd075711cea7b3fa5acc1ceb4512
b2f930658634b1bee750fdc6c453faacd9e79849856324dcc211b0627f4a059a
ba84a0f2529e6941e849c5e5a1c560770faa15fc4c5019673ed20962a04f9bb5
bbd2df6e58f0812e9283321aac64b6c7ed5ebd0077e83432f2f819a0b034d2e9
bf9127a642fc28d8b7c1fdc2a1d62a08cce36bbffb5ec6cec7da9fa5310905c5
c0648ec5c532e05b46a62e00096437d63ea60799547eb0a9445e56b7253b5fd1
c3dd5a6fff633c6393dca21ce74cd6dc95265943575b43d2d9616f020eea68fa
c7eb794dfec53cf6015660dcfc09d5454681f25777c187dce636723390e776d4
dc10f4b1bf7def7bdf9168f7742ce196e9f4ca624ebc32a721f3f050e105f923
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e3023971b7857053996e2f60db04ebe673f6be0d47ad27e3390cd513bd0f5f82
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e746c4df83ba52b89a9fa0ab82d8be7cb39ba97aa51d2c1b18a408313d141e92
e78ac85222b94c54b410dd6c4dcd60ac01f12d7d77bc153aa75f00179f1bf7c4
e918a3fcb44e725952c49774404f5564c0e5bf79fe03fdd78ec2034561153672
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f13f07bebbfa8268bef96f25932582ac40323126ce699f841724075d49676ec2
f7e080e9ae385a460cde752e7d042550150be9feeeab579e75c0dffba5e347d4

work.headspace.com Open in urlscan Pro 52.85.115.69 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

71 Requests

100 %HTTPS

62 %IPv6

32 Domains

39 Subdomains

36 IPs

3 Countries

2100 kBTransfer

5745 kBSize

17 Cookies

2 Outgoing links

Redirected requests

71 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

work.headspace.com Open in urlscan Pro
52.85.115.69 Public Scan

Screenshot
Live screenshot

Full Image

71
Requests

100 %
HTTPS

62 %
IPv6

32
Domains

39
Subdomains

36
IPs

3
Countries

2100 kB
Transfer

5745 kB
Size

17
Cookies

71 HTTP transactions
0 data transactions