urlscan.io logo urlscan.io
SecurityTrails logo

www.headspace.com Open in urlscan Pro
52.222.190.106  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.headspace.com/work
Submission: On May 08 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 30 IPs in 6 countries across 24 domains to perform 62 HTTP transactions. The main IP is 52.222.190.106, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is www.headspace.com.
TLS certificate: Issued by Amazon on October 29th 2019. Valid for: a year.
This is the only time www.headspace.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 52.222.190.106 16509 (AMAZON-02)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a04:4e42:1b:... 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.222.190.19 16509 (AMAZON-02)
3 13.224.197.59 16509 (AMAZON-02)
1 23.45.99.37 20940 (AKAMAI-ASN1)
1 35.188.42.15 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a04:4e42:600... 54113 (FASTLY)
2 2a04:4e42:3::84 54113 (FASTLY)
1 2a02:26f0:eb:... 20940 (AKAMAI-ASN1)
1 143.204.101.9 16509 (AMAZON-02)
1 2a02:2638:1::3 44788 (ASN-CRITE...)
1 2600:9000:201... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 52.73.154.230 14618 (AMAZON-AES)
2 2600:9000:20e... 16509 (AMAZON-02)
11 2600:9000:201... 16509 (AMAZON-02)
1 2 2a05:f500:10:... 14413 (LINKEDIN)
1 1 2a05:f500:10:... 14413 (LINKEDIN)
1 2a00:1450:400... 15169 (GOOGLE)
1 13.224.186.36 16509 (AMAZON-02)
1 2a04:4e42:1b:... 54113 (FASTLY)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 151.101.36.84 54113 (FASTLY)
3 2a04:4e42:400... 54113 (FASTLY)
3 2606:4700::68... 13335 (CLOUDFLAR...)
62 30
11    52.222.190.106 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-190-106.ham50.r.cloudfront.net
www.headspace.com
1    2a02:26f0:6c00:183::13b8 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
cdn.optimizely.com
1    2606:4700::6811:d2cc (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
1    2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)
cdn.polyfill.io
1    2606:4700::6810:84e5 (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    52.222.190.19 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-190-19.ham50.r.cloudfront.net
cdn.branch.io
3    13.224.197.59 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-197-59.fra2.r.cloudfront.net
static.headspace.com
1    23.45.99.37 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a23-45-99-37.deploy.static.akamaitechnologies.com
a11673470095.cdn.optimizely.com
1    35.188.42.15 (United States)

ASN15169 (GOOGLE, US)
PTR: 15.42.188.35.bc.googleusercontent.com
sentry.io
1    2606:4700::6811:45b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
1    2a04:4e42:600::729 (Ascension Island)

ASN54113 (FASTLY, US)
jssdkcdns.mparticle.com
2    2a04:4e42:3::84 (Ascension Island)

ASN54113 (FASTLY, US)
s.pinimg.com
1    2a02:26f0:eb:385::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
snap.licdn.com
1    143.204.101.9 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-9.fra50.r.cloudfront.net
d1fc8wv8zag5ca.cloudfront.net
1    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    2600:9000:2016:7a00:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)
app.link
1    2606:4700::6811:b649 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsforms.net
1    52.73.154.230 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-154-230.compute-1.amazonaws.com
logx.optimizely.com
2    2600:9000:20eb:ec00:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02, US)
api2.branch.io
11    2600:9000:2016:b000:12:94b3:c380:93a1 (United States)

ASN16509 (AMAZON-02, US)
images.ctfassets.net
2    2a05:f500:10:101::b93f:9105 (Ireland)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
1    2a05:f500:10:101::b93f:9101 (Ireland)

ASN14413 (LINKEDIN, US)
www.linkedin.com
1    2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    13.224.186.36 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-186-36.fra2.r.cloudfront.net
cdn.amplitude.com
1    2a04:4e42:1b::645 (Ascension Island)

ASN54113 (FASTLY, US)
identity.mparticle.com
2    2606:4700::6810:5805 (United States)

ASN13335 (CLOUDFLARENET, US)
forms.hsforms.com
3    151.101.36.84 (Amsterdam, Netherlands)

ASN54113 (FASTLY, US)
ct.pinterest.com
3    2a04:4e42:400::729 (Ascension Island)

ASN54113 (FASTLY, US)
jssdks.mparticle.com
3    2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)
track.hubspot.com
Domain Requested by
11 images.ctfassets.net www.headspace.com
11 www.headspace.com www.headspace.com
3 track.hubspot.com
3 jssdks.mparticle.com www.headspace.com
3 ct.pinterest.com www.headspace.com
3 static.headspace.com www.headspace.com
js.hsforms.net
2 forms.hsforms.com js.hsforms.net
2 px.ads.linkedin.com 1 redirects www.headspace.com
2 api2.branch.io www.headspace.com
2 s.pinimg.com www.googletagmanager.com
s.pinimg.com
1 identity.mparticle.com www.headspace.com
1 cdn.amplitude.com jssdkcdns.mparticle.com
1 www.google-analytics.com jssdkcdns.mparticle.com
1 www.linkedin.com 1 redirects
1 logx.optimizely.com www.headspace.com
1 js.hsforms.net www.googletagmanager.com
1 app.link cdn.branch.io
1 static.criteo.net www.googletagmanager.com
1 d1fc8wv8zag5ca.cloudfront.net www.headspace.com
1 snap.licdn.com www.googletagmanager.com
1 jssdkcdns.mparticle.com www.headspace.com
1 js.hs-analytics.net js.hs-scripts.com
1 sentry.io js.hs-scripts.com
1 a11673470095.cdn.optimizely.com cdn.optimizely.com
1 cdn.branch.io www.headspace.com
1 www.googletagmanager.com www.headspace.com
1 cdnjs.cloudflare.com www.headspace.com
1 cdn.polyfill.io www.headspace.com
1 js.hs-scripts.com www.headspace.com
1 cdn.optimizely.com www.headspace.com
0 js.hs-banner.com Failed js.hs-scripts.com
62 31
Subject Issuer Validity Valid
*.headspace.com
Amazon		 2019-10-29 -
2020-11-29		 a year crt.sh
cdn.optimizely.com
DigiCert SHA2 Secure Server CA		 2020-01-20 -
2021-03-20		 a year crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-04-07 -
2020-10-09		 6 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-04-16 -
2021-04-17		 a year crt.sh
cloudflare.com
CloudFlare Inc ECC CA-2		 2020-01-07 -
2020-10-09		 9 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-04-15 -
2020-07-08		 3 months crt.sh
*.branch.io
DigiCert SHA2 Secure Server CA		 2018-12-05 -
2020-12-08		 2 years crt.sh
*.cdn.optimizely.com
GeoTrust RSA CA 2018		 2020-03-05 -
2021-06-04		 a year crt.sh
sentry.io
DigiCert SHA2 Secure Server CA		 2017-03-24 -
2020-06-21		 3 years crt.sh
b3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-05-07 -
2021-05-05		 a year crt.sh
*.pinterest.com
DigiCert SHA2 High Assurance Server CA		 2019-06-05 -
2020-07-22		 a year crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2019-04-01 -
2021-05-07		 2 years crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2019-07-17 -
2020-07-05		 a year crt.sh
*.criteo.net
DigiCert ECC Secure Server CA		 2020-03-30 -
2020-06-28		 3 months crt.sh
appipv4.link
Amazon		 2019-08-19 -
2020-09-19		 a year crt.sh
logx.optimizely.com
DigiCert SHA2 High Assurance Server CA		 2018-10-01 -
2020-10-05		 2 years crt.sh
images.ctfassets.net
Amazon		 2020-04-17 -
2021-05-17		 a year crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2020-03-04 -
2020-09-04		 6 months crt.sh
cdn.amplitude.com
Amazon		 2019-12-16 -
2021-01-16		 a year crt.sh
identity.mparticle.com
Go Daddy Secure Certificate Authority - G2		 2019-05-27 -
2021-07-17		 2 years crt.sh
hubspot.com
CloudFlare Inc ECC CA-2		 2020-04-28 -
2020-10-09		 5 months crt.sh

This page contains 2 frames:

Primary Page: https://www.headspace.com/work
Frame ID: A97B2C28C8FF73918FED07500F016E76
Requests: 62 HTTP requests in this frame

Frame: https://a11673470095.cdn.optimizely.com/client_storage/a11673470095.html
Frame ID: 86ABE5A26709F32FD1F58A087FC21CE2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<[^>]+(?:https?:)?\/\/(?:assets|downloads|images|videos)\.(?:ct?fassets\.net|contentful\.com)/i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
Overall confidence: 100%
Detected patterns
  • script /cdn\.amplitude\.com/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /optimizely\.com.*\.js/i

Page Statistics

62
Requests

97 %
HTTPS

70 %
IPv6

24
Domains

31
Subdomains

30
IPs

6
Countries

2855 kB
Transfer

6484 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1472474&url=https%3A%2F%2Fwww.headspace.com%2Fwork&time=1588947507176 HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1472474%26url%3Dhttps%253A%252F%252Fwww.headspace.com%252Fwork%26time%3D1588947507176%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1472474&url=https%3A%2F%2Fwww.headspace.com%2Fwork&time=1588947507176&liSync=true

62 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request work
www.headspace.com/ 		124 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.headspace.com/work
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.190.106 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-190-106.ham50.r.cloudfront.net
Software
/ Next.js 7.0.3
Resource Hash
4840b4b22194bc94206efbf4fcc345cf928e76b05ac86582cf35caf087f3aff6
Security Headers
Name Value
Content-Security-Policy connect-src *.cloudfront.net *.headspace.com api.amplitude.com api.branch.io api.chilipiper.com api-js.mixpanel.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com gum.criteo.com identity.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com rum.optimizely.com sdk.iad-01.braze.com sentry.io static.zuora.com stats.g.doubleclick.net www.facebook.com www.google-analytics.com 'self'; font-src *.headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src *.headspace.com a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com bid.g.doubleclick.net forms.hsforms.com gum.criteo.com static.criteo.net widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' *; media-src *.headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src *.cloudfront.net *.headspace.com a.quora.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link blob: cdn.amplitude.com cdn.branch.io cdn.lr-ingest.io cdn.optimizely.com cdn.polyfill.io cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net forms.hsforms.com googleads.g.doubleclick.net https://static.zuora.com js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-scripts.com js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; style-src *.headspace.com cdn.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://sentry.io/api/1532173/security/?sentry_key=ac60cf3a3f0240d487fa18d834ea627b&sentry_environment=production
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.headspace.com
:scheme
https
:path
/work
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
content-type
text/html; charset=utf-8
date
Fri, 08 May 2020 14:18:23 GMT
set-cookie
AWSALB=n0ZeplXSZGQCt+Ir1ojTTEqtpTzoJUjs1uNv8Xh7BlE65dMiPjdhTQDn9kkAklyBy1+vXe7BPMeVwTtC26H2qJ9RXlOqcYkE7rE38cRZPpBQDbNGtFhZOniDUYah; Expires=Fri, 15 May 2020 14:18:23 GMT; Path=/ AWSALBCORS=n0ZeplXSZGQCt+Ir1ojTTEqtpTzoJUjs1uNv8Xh7BlE65dMiPjdhTQDn9kkAklyBy1+vXe7BPMeVwTtC26H2qJ9RXlOqcYkE7rE38cRZPpBQDbNGtFhZOniDUYah; Expires=Fri, 15 May 2020 14:18:23 GMT; Path=/; SameSite=None; Secure _sp_id.8a05=d350736b-da1e-4f2d-a92c-59c62a6d4fa2.1588947504.0.1588947504..1fd030e6-8e22-40b8-a9c1-ea1626252018; Max-Age=31536; Domain=.headspace.com; Path=/; Expires=Fri, 08 May 2020 23:03:59 GMT; Secure countryCode=PL; Max-Age=31536; Domain=.headspace.com; Path=/; Expires=Fri, 08 May 2020 23:03:59 GMT; Secure cookiePolicyMarketing=not-set; Max-Age=7776; Domain=.headspace.com; Path=/; Expires=Fri, 08 May 2020 16:27:59 GMT; Secure cookiePolicyAnalytics=not-set; Max-Age=7776; Domain=.headspace.com; Path=/; Expires=Fri, 08 May 2020 16:27:59 GMT; Secure lang=en; Max-Age=31536; Domain=.headspace.com; Path=/; Expires=Fri, 08 May 2020 23:03:59 GMT; Secure
vary
Origin Accept-Encoding
feature-policy
geolocation 'none'; microphone 'none';
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
x-content-type-options
nosniff
x-xss-protection
1; mode=block
referrer-policy
same-origin
content-security-policy
connect-src *.cloudfront.net *.headspace.com api.amplitude.com api.branch.io api.chilipiper.com api-js.mixpanel.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com gum.criteo.com identity.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com rum.optimizely.com sdk.iad-01.braze.com sentry.io static.zuora.com stats.g.doubleclick.net www.facebook.com www.google-analytics.com 'self'; font-src *.headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src *.headspace.com a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com bid.g.doubleclick.net forms.hsforms.com gum.criteo.com static.criteo.net widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' *; media-src *.headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src *.cloudfront.net *.headspace.com a.quora.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link blob: cdn.amplitude.com cdn.branch.io cdn.lr-ingest.io cdn.optimizely.com cdn.polyfill.io cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net forms.hsforms.com googleads.g.doubleclick.net https://static.zuora.com js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-scripts.com js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; style-src *.headspace.com cdn.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://sentry.io/api/1532173/security/?sentry_key=ac60cf3a3f0240d487fa18d834ea627b&sentry_environment=production
x-powered-by
Next.js 7.0.3
etag
"1eeca-J3+P7xnNAquSjTRwIANXDqaag00"
content-encoding
gzip
access-control-allow-headers
authorization,content-type,x-requested-with
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
access-control-allow-credentials
true
x-cache
Miss from cloudfront
via
1.1 76f038ba37b9e8fa604be08778b9f787.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C2
x-amz-cf-id
ZAe65RFQ00xErRvxE4b7sFezIegObPBOwfskdzqNHSqXM8Rw3wE_aw==
work-contact-form-pages.js
www.headspace.com/_next/static/T0mizZm~wfmSPrHxg039_/pages/ 		665 KB
227 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.headspace.com/_next/static/T0mizZm~wfmSPrHxg039_/pages/work-contact-form-pages.js
Requested by
Host: www.headspace.com
URL: https://www.headspace.com/work
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.190.106 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-190-106.ham50.r.cloudfront.net
Software
/
Resource Hash
1a50c31648bcdc01d9894801399f22696479893764a57de0fed34f32e8622c02
Security Headers
Name Value
Content-Security-Policy connect-src *.cloudfront.net *.headspace.com api.amplitude.com api.branch.io api.chilipiper.com api-js.mixpanel.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com gum.criteo.com identity.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com rum.optimizely.com sdk.iad-01.braze.com sentry.io static.zuora.com stats.g.doubleclick.net www.facebook.com www.google-analytics.com 'self'; font-src *.headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src *.headspace.com a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com bid.g.doubleclick.net forms.hsforms.com gum.criteo.com static.criteo.net widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' *; media-src *.headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src *.cloudfront.net *.headspace.com a.quora.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link blob: cdn.amplitude.com cdn.branch.io cdn.lr-ingest.io cdn.optimizely.com cdn.polyfill.io cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net forms.hsforms.com googleads.g.doubleclick.net https://static.zuora.com js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-scripts.com js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; style-src *.headspace.com cdn.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://sentry.io/api/1532173/security/?sentry_key=ac60cf3a3f0240d487fa18d834ea627b&sentry_environment=production
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.headspace.com/work
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 08 May 2020 14:18:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
HAM50-C2
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
status
200
vary
Origin, Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 08 May 2020 05:09:06 GMT
x-frame-options
SAMEORIGIN
etag
W/"a65a4-171f2afe550"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
application/javascript; charset=UTF-8
via
1.1 76f038ba37b9e8fa604be08778b9f787.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000, immutable
feature-policy
geolocation 'none'; microphone 'none';
content-security-policy
connect-src *.cloudfront.net *.headspace.com api.amplitude.com api.branch.io api.chilipiper.com api-js.mixpanel.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com gum.criteo.com identity.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com rum.optimizely.com sdk.iad-01.braze.com sentry.io static.zuora.com stats.g.doubleclick.net www.facebook.com www.google-analytics.com 'self'; font-src *.headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src *.headspace.com a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com bid.g.doubleclick.net forms.hsforms.com gum.criteo.com static.criteo.net widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' *; media-src *.headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src *.cloudfront.net *.headspace.com a.quora.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link blob: cdn.amplitude.com cdn.branch.io cdn.lr-ingest.io cdn.optimizely.com cdn.polyfill.io cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net forms.hsforms.com googleads.g.doubleclick.net https://static.zuora.com js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-scripts.com js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; style-src *.headspace.com cdn.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://sentry.io/api/1532173/security/?sentry_key=ac60cf3a3f0240d487fa18d834ea627b&sentry_environment=production
accept-ranges
bytes
access-control-allow-headers
authorization,content-type,x-requested-with
x-amz-cf-id
bn9trL_413zSuEHBpbAyF7moWCyBXlKjJpwikmpjHZVteuNxPJ_N5w==
access-control-allow-credentials
true
_app.js
www.headspace.com/_next/static/T0mizZm~wfmSPrHxg039_/pages/ 		633 KB
213 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.headspace.com/_next/static/T0mizZm~wfmSPrHxg039_/pages/_app.js
Requested by
Host: www.headspace.com
URL: https://www.headspace.com/work
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.190.106 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-190-106.ham50.r.cloudfront.net
Software
/
Resource Hash
2780f58181645ea2d23da05929fc61a78b8535d89e1586b05b1608b25eb0ea70
Security Headers
Name Value
Content-Security-Policy connect-src *.cloudfront.net *.headspace.com api.amplitude.com api.branch.io api.chilipiper.com api-js.mixpanel.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com gum.criteo.com identity.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com rum.optimizely.com sdk.iad-01.braze.com sentry.io static.zuora.com stats.g.doubleclick.net www.facebook.com www.google-analytics.com 'self'; font-src *.headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src *.headspace.com a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com bid.g.doubleclick.net forms.hsforms.com gum.criteo.com static.criteo.net widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' *; media-src *.headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src *.cloudfront.net *.headspace.com a.quora.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link blob: cdn.amplitude.com cdn.branch.io cdn.lr-ingest.io cdn.optimizely.com cdn.polyfill.io cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net forms.hsforms.com googleads.g.doubleclick.net https://static.zuora.com js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-scripts.com js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; style-src *.headspace.com cdn.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://sentry.io/api/1532173/security/?sentry_key=ac60cf3a3f0240d487fa18d834ea627b&sentry_environment=production
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.headspace.com/work
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 08 May 2020 14:18:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
HAM50-C2
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
status
200
vary
Origin, Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 08 May 2020 05:09:06 GMT
x-frame-options
SAMEORIGIN
etag
W/"9e525-171f2afe550"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
application/javascript; charset=UTF-8
via
1.1 76f038ba37b9e8fa604be08778b9f787.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000, immutable
feature-policy
geolocation 'none'; microphone 'none';
content-security-policy
connect-src *.cloudfront.net *.headspace.com api.amplitude.com api.branch.io api.chilipiper.com api-js.mixpanel.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com gum.criteo.com identity.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com rum.optimizely.com sdk.iad-01.braze.com sentry.io static.zuora.com stats.g.doubleclick.net www.facebook.com www.google-analytics.com 'self'; font-src *.headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src *.headspace.com a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com bid.g.doubleclick.net forms.hsforms.com gum.criteo.com static.criteo.net widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' *; media-src *.headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src *.cloudfront.net *.headspace.com a.quora.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link blob: cdn.amplitude.com cdn.branch.io cdn.lr-ingest.io cdn.optimizely.com cdn.polyfill.io cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net forms.hsforms.com googleads.g.doubleclick.net https://static.zuora.com js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-scripts.com js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; style-src *.headspace.com cdn.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://sentry.io/api/1532173/security/?sentry_key=ac60cf3a3f0240d487fa18d834ea627b&sentry_environment=production
accept-ranges
bytes
access-control-allow-headers
authorization,content-type,x-requested-with
x-amz-cf-id
xmJ6YGyfPKRHkANmg4scDE33TnpvByudOmhgksLhdH4MJKa5SlZExg==
access-control-allow-credentials
true
_error.js
www.headspace.com/_next/static/T0mizZm~wfmSPrHxg039_/pages/ 		13 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.headspace.com/_next/static/T0mizZm~wfmSPrHxg039_/pages/_error.js
Requested by
Host: www.headspace.com
URL: https://www.headspace.com/work
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.190.106 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-190-106.ham50.r.cloudfront.net
Software
/
Resource Hash
83be795dd0a6f7120b07316dbf6629cd1c7c29f7b71199498d41a990cc90cb29
Security Headers
Name Value
Content-Security-Policy connect-src *.cloudfront.net *.headspace.com api.amplitude.com api.branch.io api.chilipiper.com api-js.mixpanel.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com gum.criteo.com identity.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com rum.optimizely.com sdk.iad-01.braze.com sentry.io static.zuora.com stats.g.doubleclick.net www.facebook.com www.google-analytics.com 'self'; default-src *.headspace.com data:; font-src *.headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src *.headspace.com a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com bid.g.doubleclick.net forms.hsforms.com gum.criteo.com static.criteo.net widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' *; media-src *.headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src *.cloudfront.net *.headspace.com a.quora.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link blob: cdn.amplitude.com cdn.branch.io cdn.lr-ingest.io cdn.optimizely.com cdn.polyfill.io cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net forms.hsforms.com googleads.g.doubleclick.net https://static.zuora.com js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-scripts.com js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; style-src *.headspace.com cdn.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://sentry.io/api/1532173/security/?sentry_key=ac60cf3a3f0240d487fa18d834ea627b&sentry_environment=production
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.headspace.com/work
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 08 May 2020 14:18:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
HAM50-C2
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
status
200
vary
Origin, Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 08 May 2020 05:09:06 GMT
x-frame-options
SAMEORIGIN
etag
W/"3538-171f2afe550"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
application/javascript; charset=UTF-8
via
1.1 76f038ba37b9e8fa604be08778b9f787.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000, immutable
feature-policy
geolocation 'none'; microphone 'none';
content-security-policy
connect-src *.cloudfront.net *.headspace.com api.amplitude.com api.branch.io api.chilipiper.com api-js.mixpanel.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com gum.criteo.com identity.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com rum.optimizely.com sdk.iad-01.braze.com sentry.io static.zuora.com stats.g.doubleclick.net www.facebook.com www.google-analytics.com 'self'; default-src *.headspace.com data:; font-src *.headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src *.headspace.com a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com bid.g.doubleclick.net forms.hsforms.com gum.criteo.com static.criteo.net widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' *; media-src *.headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src *.cloudfront.net *.headspace.com a.quora.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link blob: cdn.amplitude.com cdn.branch.io cdn.lr-ingest.io cdn.optimizely.com cdn.polyfill.io cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net forms.hsforms.com googleads.g.doubleclick.net https://static.zuora.com js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-scripts.com js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; style-src *.headspace.com cdn.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://sentry.io/api/1532173/security/?sentry_key=ac60cf3a3f0240d487fa18d834ea627b&sentry_environment=production
accept-ranges
bytes
access-control-allow-headers
authorization,content-type,x-requested-with
x-amz-cf-id
nmfaY1RHGQKoXNfA4GtY3QlXeKThEwu94VshiMqUUw1GlK46mViKDg==
access-control-allow-credentials
true
webpack-2a0e887285c530deb5a5.js
www.headspace.com/_next/static/runtime/ 		2 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.headspace.com/_next/static/runtime/webpack-2a0e887285c530deb5a5.js
Requested by
Host: www.headspace.com
URL: https://www.headspace.com/work
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.190.106 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-190-106.ham50.r.cloudfront.net
Software
/
Resource Hash
3b5c6af63a8644be621801360d461a2b8b06d74cc0d80d7c9f90b280f9e642b0
Security Headers
Name Value
Content-Security-Policy connect-src *.cloudfront.net *.headspace.com api.amplitude.com api.branch.io api.chilipiper.com api-js.mixpanel.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com gum.criteo.com identity.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com rum.optimizely.com sdk.iad-01.braze.com sentry.io static.zuora.com stats.g.doubleclick.net www.facebook.com www.google-analytics.com 'self'; default-src *.headspace.com data:; font-src *.headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src *.headspace.com a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com bid.g.doubleclick.net forms.hsforms.com gum.criteo.com static.criteo.net widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' *; media-src *.headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src *.cloudfront.net *.headspace.com a.quora.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link blob: cdn.amplitude.com cdn.branch.io cdn.lr-ingest.io cdn.optimizely.com cdn.polyfill.io cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net forms.hsforms.com googleads.g.doubleclick.net https://static.zuora.com js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-scripts.com js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; style-src *.headspace.com cdn.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://sentry.io/api/1532173/security/?sentry_key=ac60cf3a3f0240d487fa18d834ea627b&sentry_environment=production
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.headspace.com/work
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 08 May 2020 14:18:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
HAM50-C2
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
status
200
vary
Origin, Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 08 May 2020 05:09:06 GMT
x-frame-options
SAMEORIGIN
etag
W/"92e-171f2afe550"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
application/javascript; charset=UTF-8
via
1.1 76f038ba37b9e8fa604be08778b9f787.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000, immutable
feature-policy
geolocation 'none'; microphone 'none';
content-security-policy
connect-src *.cloudfront.net *.headspace.com api.amplitude.com api.branch.io api.chilipiper.com api-js.mixpanel.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com gum.criteo.com identity.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com rum.optimizely.com sdk.iad-01.braze.com sentry.io static.zuora.com stats.g.doubleclick.net www.facebook.com www.google-analytics.com 'self'; default-src *.headspace.com data:; font-src *.headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src *.headspace.com a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com bid.g.doubleclick.net forms.hsforms.com gum.criteo.com static.criteo.net widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' *; media-src *.headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src *.cloudfront.net *.headspace.com a.quora.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link blob: cdn.amplitude.com cdn.branch.io cdn.lr-ingest.io cdn.optimizely.com cdn.polyfill.io cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net forms.hsforms.com googleads.g.doubleclick.net https://static.zuora.com js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-scripts.com js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; style-src *.headspace.com cdn.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://sentry.io/api/1532173/security/?sentry_key=ac60cf3a3f0240d487fa18d834ea627b&sentry_environment=production
accept-ranges
bytes
access-control-allow-headers
authorization,content-type,x-requested-with
x-amz-cf-id
Bp22jLbQpHjv_7Vs7tbzDLIAVJf5qknkPY8eQmkF83XicRNbYixQCA==
access-control-allow-credentials
true
commons.6860b2b5eb131419139a.js
www.headspace.com/_next/static/chunks/ 		874 KB
298 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.headspace.com/_next/static/chunks/commons.6860b2b5eb131419139a.js
Requested by
Host: www.headspace.com
URL: https://www.headspace.com/work
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.190.106 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-190-106.ham50.r.cloudfront.net
Software
/
Resource Hash
79cd71efb26a20f716981308313bd54e8fbf123918cee3b87fd4c8b6b395b7c3
Security Headers
Name Value
Content-Security-Policy connect-src *.cloudfront.net *.headspace.com api.amplitude.com api.branch.io api.chilipiper.com api-js.mixpanel.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com gum.criteo.com identity.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com rum.optimizely.com sdk.iad-01.braze.com sentry.io static.zuora.com stats.g.doubleclick.net www.facebook.com www.google-analytics.com 'self'; font-src *.headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src *.headspace.com a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com bid.g.doubleclick.net forms.hsforms.com gum.criteo.com static.criteo.net widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' *; media-src *.headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src *.cloudfront.net *.headspace.com a.quora.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link blob: cdn.amplitude.com cdn.branch.io cdn.lr-ingest.io cdn.optimizely.com cdn.polyfill.io cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net forms.hsforms.com googleads.g.doubleclick.net https://static.zuora.com js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-scripts.com js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; style-src *.headspace.com cdn.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://sentry.io/api/1532173/security/?sentry_key=ac60cf3a3f0240d487fa18d834ea627b&sentry_environment=production
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.headspace.com/work
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 08 May 2020 14:18:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
HAM50-C2
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
status
200
vary
Origin, Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 08 May 2020 05:09:06 GMT
x-frame-options
SAMEORIGIN
etag
W/"da90f-171f2afe550"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
application/javascript; charset=UTF-8
via
1.1 76f038ba37b9e8fa604be08778b9f787.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000, immutable
feature-policy
geolocation 'none'; microphone 'none';
content-security-policy
connect-src *.cloudfront.net *.headspace.com api.amplitude.com api.branch.io api.chilipiper.com api-js.mixpanel.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com gum.criteo.com identity.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com rum.optimizely.com sdk.iad-01.braze.com sentry.io static.zuora.com stats.g.doubleclick.net www.facebook.com www.google-analytics.com 'self'; font-src *.headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src *.headspace.com a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com bid.g.doubleclick.net forms.hsforms.com gum.criteo.com static.criteo.net widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' *; media-src *.headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src *.cloudfront.net *.headspace.com a.quora.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link blob: cdn.amplitude.com cdn.branch.io cdn.lr-ingest.io cdn.optimizely.com cdn.polyfill.io cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net forms.hsforms.com googleads.g.doubleclick.net https://static.zuora.com js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-scripts.com js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; style-src *.headspace.com cdn.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://sentry.io/api/1532173/security/?sentry_key=ac60cf3a3f0240d487fa18d834ea627b&sentry_environment=production
accept-ranges
bytes
access-control-allow-headers
authorization,content-type,x-requested-with
x-amz-cf-id
Be6p4m3z4xvVm5IKeQdb25aMy7s-UXNWEUodtqtyWBgxk-tAmb6WkA==
access-control-allow-credentials
true
main-778e86c17fb93fc8bdb4.js
www.headspace.com/_next/static/runtime/ 		11 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.headspace.com/_next/static/runtime/main-778e86c17fb93fc8bdb4.js
Requested by
Host: www.headspace.com
URL: https://www.headspace.com/work
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.190.106 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-190-106.ham50.r.cloudfront.net
Software
/
Resource Hash
beee3c0796e430062b19ef63fb87bc0b63d98459aa33ff2ef07200a865cb2589
Security Headers
Name Value
Content-Security-Policy connect-src *.cloudfront.net *.headspace.com api.amplitude.com api.branch.io api.chilipiper.com api-js.mixpanel.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com gum.criteo.com identity.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com rum.optimizely.com sdk.iad-01.braze.com sentry.io static.zuora.com stats.g.doubleclick.net www.facebook.com www.google-analytics.com 'self'; font-src *.headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src *.headspace.com a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com bid.g.doubleclick.net forms.hsforms.com gum.criteo.com static.criteo.net widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' *; media-src *.headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src *.cloudfront.net *.headspace.com a.quora.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link blob: cdn.amplitude.com cdn.branch.io cdn.lr-ingest.io cdn.optimizely.com cdn.polyfill.io cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net forms.hsforms.com googleads.g.doubleclick.net https://static.zuora.com js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-scripts.com js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; style-src *.headspace.com cdn.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://sentry.io/api/1532173/security/?sentry_key=ac60cf3a3f0240d487fa18d834ea627b&sentry_environment=production
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.headspace.com/work
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 08 May 2020 14:18:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
HAM50-C2
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
status
200
vary
Origin, Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 08 May 2020 05:09:06 GMT
x-frame-options
SAMEORIGIN
etag
W/"2af4-171f2afe550"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
application/javascript; charset=UTF-8
via
1.1 76f038ba37b9e8fa604be08778b9f787.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000, immutable
feature-policy
geolocation 'none'; microphone 'none';
content-security-policy
connect-src *.cloudfront.net *.headspace.com api.amplitude.com api.branch.io api.chilipiper.com api-js.mixpanel.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com gum.criteo.com identity.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com rum.optimizely.com sdk.iad-01.braze.com sentry.io static.zuora.com stats.g.doubleclick.net www.facebook.com www.google-analytics.com 'self'; font-src *.headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src *.headspace.com a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com bid.g.doubleclick.net forms.hsforms.com gum.criteo.com static.criteo.net widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' *; media-src *.headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src *.cloudfront.net *.headspace.com a.quora.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link blob: cdn.amplitude.com cdn.branch.io cdn.lr-ingest.io cdn.optimizely.com cdn.polyfill.io cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net forms.hsforms.com googleads.g.doubleclick.net https://static.zuora.com js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-scripts.com js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; style-src *.headspace.com cdn.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://sentry.io/api/1532173/security/?sentry_key=ac60cf3a3f0240d487fa18d834ea627b&sentry_environment=production
accept-ranges
bytes
access-control-allow-headers
authorization,content-type,x-requested-with
x-amz-cf-id
jjBXRuKkJwWlHe_xqOBHG6OyfVYTp7bRA4VwisPmFoY6x3LkOI8a5A==
access-control-allow-credentials
true
styles.d2defb26bc99ce4b771a.js
www.headspace.com/_next/static/chunks/ 		105 B
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.headspace.com/_next/static/chunks/styles.d2defb26bc99ce4b771a.js
Requested by
Host: www.headspace.com
URL: https://www.headspace.com/work
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.190.106 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-190-106.ham50.r.cloudfront.net
Software
/
Resource Hash
c5a6611959ec6019bff42082fdea52f51798ff3bd70fb0f124a07ae542252064
Security Headers
Name Value
Content-Security-Policy connect-src *.cloudfront.net *.headspace.com api.amplitude.com api.branch.io api.chilipiper.com api-js.mixpanel.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com gum.criteo.com identity.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com rum.optimizely.com sdk.iad-01.braze.com sentry.io static.zuora.com stats.g.doubleclick.net www.facebook.com www.google-analytics.com 'self'; font-src *.headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src *.headspace.com a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com bid.g.doubleclick.net forms.hsforms.com gum.criteo.com static.criteo.net widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' *; media-src *.headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src *.cloudfront.net *.headspace.com a.quora.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link blob: cdn.amplitude.com cdn.branch.io cdn.lr-ingest.io cdn.optimizely.com cdn.polyfill.io cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net forms.hsforms.com googleads.g.doubleclick.net https://static.zuora.com js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-scripts.com js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; style-src *.headspace.com cdn.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://sentry.io/api/1532173/security/?sentry_key=ac60cf3a3f0240d487fa18d834ea627b&sentry_environment=production
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.headspace.com/work
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 08 May 2020 14:18:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
HAM50-C2
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
status
200
vary
Origin, Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 08 May 2020 05:09:06 GMT
x-frame-options
SAMEORIGIN
etag
W/"69-171f2afe550"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
application/javascript; charset=UTF-8
via
1.1 76f038ba37b9e8fa604be08778b9f787.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000, immutable
feature-policy
geolocation 'none'; microphone 'none';
content-security-policy
connect-src *.cloudfront.net *.headspace.com api.amplitude.com api.branch.io api.chilipiper.com api-js.mixpanel.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com gum.criteo.com identity.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com rum.optimizely.com sdk.iad-01.braze.com sentry.io static.zuora.com stats.g.doubleclick.net www.facebook.com www.google-analytics.com 'self'; font-src *.headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src *.headspace.com a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com bid.g.doubleclick.net forms.hsforms.com gum.criteo.com static.criteo.net widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' *; media-src *.headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src *.cloudfront.net *.headspace.com a.quora.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link blob: cdn.amplitude.com cdn.branch.io cdn.lr-ingest.io cdn.optimizely.com cdn.polyfill.io cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net forms.hsforms.com googleads.g.doubleclick.net https://static.zuora.com js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-scripts.com js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; style-src *.headspace.com cdn.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://sentry.io/api/1532173/security/?sentry_key=ac60cf3a3f0240d487fa18d834ea627b&sentry_environment=production
accept-ranges
bytes
access-control-allow-headers
authorization,content-type,x-requested-with
x-amz-cf-id
GUHGM_QytBJu_eUpCqu0qdTLxWjdw2xIl6M-fWXmmhU5ZU8Nnie79Q==
access-control-allow-credentials
true
styles.15ca4063.chunk.css
www.headspace.com/_next/static/css/ 		13 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.headspace.com/_next/static/css/styles.15ca4063.chunk.css
Requested by
Host: www.headspace.com
URL: https://www.headspace.com/work
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.190.106 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-190-106.ham50.r.cloudfront.net
Software
/
Resource Hash
b5d18443c635b7a16ef48219eb5f507cbc1331e1543c3bbc317cf2f26f47e8c0
Security Headers
Name Value
Content-Security-Policy connect-src *.cloudfront.net *.headspace.com api.amplitude.com api.branch.io api.chilipiper.com api-js.mixpanel.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com gum.criteo.com identity.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com rum.optimizely.com sdk.iad-01.braze.com sentry.io static.zuora.com stats.g.doubleclick.net www.facebook.com www.google-analytics.com 'self'; font-src *.headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src *.headspace.com a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com bid.g.doubleclick.net forms.hsforms.com gum.criteo.com static.criteo.net widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' *; media-src *.headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src *.cloudfront.net *.headspace.com a.quora.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link blob: cdn.amplitude.com cdn.branch.io cdn.lr-ingest.io cdn.optimizely.com cdn.polyfill.io cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net forms.hsforms.com googleads.g.doubleclick.net https://static.zuora.com js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-scripts.com js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; style-src *.headspace.com cdn.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://sentry.io/api/1532173/security/?sentry_key=ac60cf3a3f0240d487fa18d834ea627b&sentry_environment=production
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.headspace.com/work
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 08 May 2020 14:18:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
HAM50-C2
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
status
200
vary
Origin, Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 08 May 2020 05:09:06 GMT
x-frame-options
SAMEORIGIN
etag
W/"347b-171f2afe550"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
text/css; charset=UTF-8
via
1.1 76f038ba37b9e8fa604be08778b9f787.cloudfront.net (CloudFront)
cache-control
public, max-age=0
feature-policy
geolocation 'none'; microphone 'none';
content-security-policy
connect-src *.cloudfront.net *.headspace.com api.amplitude.com api.branch.io api.chilipiper.com api-js.mixpanel.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com gum.criteo.com identity.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com rum.optimizely.com sdk.iad-01.braze.com sentry.io static.zuora.com stats.g.doubleclick.net www.facebook.com www.google-analytics.com 'self'; font-src *.headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src *.headspace.com a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com bid.g.doubleclick.net forms.hsforms.com gum.criteo.com static.criteo.net widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' *; media-src *.headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src *.cloudfront.net *.headspace.com a.quora.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link blob: cdn.amplitude.com cdn.branch.io cdn.lr-ingest.io cdn.optimizely.com cdn.polyfill.io cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net forms.hsforms.com googleads.g.doubleclick.net https://static.zuora.com js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-scripts.com js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; style-src *.headspace.com cdn.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://sentry.io/api/1532173/security/?sentry_key=ac60cf3a3f0240d487fa18d834ea627b&sentry_environment=production
accept-ranges
bytes
access-control-allow-headers
authorization,content-type,x-requested-with
x-amz-cf-id
80esBF5tUje4_JCsfkpV6sHaR8uNEUNPxzI24rCAZGv5b-A68c3oJA==
access-control-allow-credentials
true
11673470095.js
cdn.optimizely.com/js/ 		285 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.optimizely.com/js/11673470095.js
Requested by
Host: www.headspace.com
URL: https://www.headspace.com/work
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:183::13b8 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
AmazonS3 /
Resource Hash
06ea8be3d64ff082bb99b1526f9c8a6962f95c2b092264e7f0153193f1cd4ff7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-meta-pci_enabled
False
x-amz-version-id
.eRFxEYDSeXHbKIS4hWR7F5aMXmiZlyn
content-encoding
gzip
etag
"75b1c4bb31c03fd216c7b73e3b90c93c"
x-amz-request-id
D265CC7B1EC93E91
status
200
x-amz-replication-status
COMPLETED
access-control-allow-methods
GET, HEAD
server-timing
cdn;desc="AkamaiION";dur=0,rtt;desc="4";dur=0,cdnip;desc="2a02:26f0:6c00:183::13b8";dur=0,cdnmap;desc="";dur=0,proto;desc="h2";dur=0
vary
Accept-Encoding
content-length
88466
x-amz-id-2
e8eKX1v2IfiR0kI3JpGtoIjkGwDCc78Urotn44FP4SLOS6YucOcPUp5lid8kZ8bq0wKxx7MZ7Eg=
last-modified
Wed, 19 Jun 2019 17:57:15 GMT
server
AmazonS3
date
Fri, 08 May 2020 14:18:24 GMT
access-control-max-age
86400
strict-transport-security
max-age=15768000
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
x-amz-meta-revision
cache-control
max-age=120
x-amz-meta-revision
634
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
logo.svg
www.headspace.com/static/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.headspace.com/static/images/logo.svg
Requested by
Host: www.headspace.com
URL: https://www.headspace.com/work
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.190.106 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-190-106.ham50.r.cloudfront.net
Software
/
Resource Hash
1814b26be6374891fe3ebd2dc02797861ceca8c7836c6c037e06a35e94780e9b
Security Headers
Name Value
Content-Security-Policy connect-src *.cloudfront.net *.headspace.com api.amplitude.com api.branch.io api.chilipiper.com api-js.mixpanel.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com gum.criteo.com identity.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com rum.optimizely.com sdk.iad-01.braze.com sentry.io static.zuora.com stats.g.doubleclick.net www.facebook.com www.google-analytics.com 'self'; font-src *.headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src *.headspace.com a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com bid.g.doubleclick.net forms.hsforms.com gum.criteo.com static.criteo.net widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' *; media-src *.headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src *.cloudfront.net *.headspace.com a.quora.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link blob: cdn.amplitude.com cdn.branch.io cdn.lr-ingest.io cdn.optimizely.com cdn.polyfill.io cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net forms.hsforms.com googleads.g.doubleclick.net https://static.zuora.com js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-scripts.com js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; style-src *.headspace.com cdn.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://sentry.io/api/1532173/security/?sentry_key=ac60cf3a3f0240d487fa18d834ea627b&sentry_environment=production
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.headspace.com/work
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 08 May 2020 14:18:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
HAM50-C2
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
status
200
vary
Origin, Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 08 May 2020 05:09:06 GMT
x-frame-options
SAMEORIGIN
etag
W/"1004-171f2afe550"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
image/svg+xml
via
1.1 76f038ba37b9e8fa604be08778b9f787.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
feature-policy
geolocation 'none'; microphone 'none';
content-security-policy
connect-src *.cloudfront.net *.headspace.com api.amplitude.com api.branch.io api.chilipiper.com api-js.mixpanel.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com gum.criteo.com identity.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com rum.optimizely.com sdk.iad-01.braze.com sentry.io static.zuora.com stats.g.doubleclick.net www.facebook.com www.google-analytics.com 'self'; font-src *.headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src *.headspace.com a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com bid.g.doubleclick.net forms.hsforms.com gum.criteo.com static.criteo.net widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' *; media-src *.headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src *.cloudfront.net *.headspace.com a.quora.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link blob: cdn.amplitude.com cdn.branch.io cdn.lr-ingest.io cdn.optimizely.com cdn.polyfill.io cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net forms.hsforms.com googleads.g.doubleclick.net https://static.zuora.com js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-scripts.com js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; style-src *.headspace.com cdn.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://sentry.io/api/1532173/security/?sentry_key=ac60cf3a3f0240d487fa18d834ea627b&sentry_environment=production
accept-ranges
bytes
access-control-allow-headers
authorization,content-type,x-requested-with
x-amz-cf-id
rtcta1bnFcWL9_2t-PoT2LT7u06lFI2TAG3RuOisG3auToE7mkxJgQ==
access-control-allow-credentials
true
4137181.js
js.hs-scripts.com/ 		793 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/4137181.js
Requested by
Host: www.headspace.com
URL: https://www.headspace.com/work
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:d2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
547a47ed5945e3b9d6fd12658c09b2ef7e6e68443f5888353dfe2bcc28ebb9cb

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 08 May 2020 14:18:24 GMT
content-encoding
br
cf-cache-status
EXPIRED
server
cloudflare
x-trace
2B3C5C40948DA4CDEFF4B3612F85C987597C62038D000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
status
200
access-control-max-age
3600
cache-control
public, max-age=60
access-control-allow-credentials
true
cf-ray
5903cf50df29175e-FRA
cf-request-id
02963fe6830000175e02b5b200000001
expires
Fri, 08 May 2020 14:19:24 GMT
polyfill.min.js
cdn.polyfill.io/v2/ 		222 B
607 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.polyfill.io/v2/polyfill.min.js?features=IntersectionObserver%2CArray.from
Requested by
Host: www.headspace.com
URL: https://www.headspace.com/work
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
513572
detected-user-agent
Chrome/74.0.3729
status
200
request_came_from_shield
HHN
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT-CLUSTER, fastly;desc="Edge time";dur=1
content-length
126
referrer-policy
origin-when-cross-origin
last-modified
Fri, 01 May 2020 23:15:12 GMT
date
Fri, 08 May 2020 14:18:24 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/74.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
svg4everybody.min.js
cdnjs.cloudflare.com/ajax/libs/svg4everybody/1.0.0/ 		970 B
697 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/svg4everybody/1.0.0/svg4everybody.min.js
Requested by
Host: www.headspace.com
URL: https://www.headspace.com/work
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da4fae0ee0fcb340c3d5944c2916e04b610c1b27bf569218fd8b9004d5cac504
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 08 May 2020 14:18:24 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
25701358
status
200
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id
02963fe6830000d725b1b82200000001
served-in-seconds
0.000
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:26:56 GMT
server
cloudflare
etag
W/"5afd4ae0-3ca"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
5903cf50dfa3d725-FRA
expires
Wed, 28 Apr 2021 14:18:24 GMT
gtm.js
www.googletagmanager.com/ 		158 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M92JXMV&gtm_auth=16iCHRn1z7748mckvKDXyw&gtm_preview=env-2&gtm_cookies_win=x
Requested by
Host: www.headspace.com
URL: https://www.headspace.com/work
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
67dba3e7c90011a60255d716b830dcdd630f5fa1709700273340c853463ad979
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 08 May 2020 14:18:24 GMT
content-encoding
br
vary
*
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43773
x-xss-protection
0
pragma
no-cache
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Jan 1990 00:00:00 GMT
branch-latest.min.js
cdn.branch.io/ 		77 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.branch.io/branch-latest.min.js
Requested by
Host: www.headspace.com
URL: https://www.headspace.com/work
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.190.19 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-190-19.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6ce0af26a33dbf8034a0f13214bff3065273f56b42c341a81b18bbd72e9ae976

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
lBD18HpOfsX1wwpc_Qxr_kNzc3sKN8wd
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Mon, 06 Apr 2020 19:26:50 GMT
Server
AmazonS3
Age
224
ETag
"679c46452ad6065e9fc48f5cc0478185"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Via
1.1 8f9305e858931aa6ae96c1310e7ea597.cloudfront.net (CloudFront)
Cache-Control
max-age=300
Date
Fri, 08 May 2020 14:14:42 GMT
X-Amz-Cf-Pop
HAM50-C2
Content-Length
23130
X-Amz-Cf-Id
4XR7Y0t_DBTp15k7jGpyzrD_Bt8nEeEdO9ZbTl1eK4wUL8XQFn9crw==
icons.svg
www.headspace.com/static/ 		34 KB
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.headspace.com/static/icons.svg
Requested by
Host: www.headspace.com
URL: https://www.headspace.com/work
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.190.106 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-190-106.ham50.r.cloudfront.net
Software
/
Resource Hash
d89b63406de97fcad69446cdc0456ec7f3132d5aa946a83f41089d8971e5267a
Security Headers
Name Value
Content-Security-Policy connect-src *.cloudfront.net *.headspace.com api.amplitude.com api.branch.io api.chilipiper.com api-js.mixpanel.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com gum.criteo.com identity.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com rum.optimizely.com sdk.iad-01.braze.com sentry.io static.zuora.com stats.g.doubleclick.net www.facebook.com www.google-analytics.com 'self'; font-src *.headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src *.headspace.com a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com bid.g.doubleclick.net forms.hsforms.com gum.criteo.com static.criteo.net widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' *; media-src *.headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src *.cloudfront.net *.headspace.com a.quora.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link blob: cdn.amplitude.com cdn.branch.io cdn.lr-ingest.io cdn.optimizely.com cdn.polyfill.io cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net forms.hsforms.com googleads.g.doubleclick.net https://static.zuora.com js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-scripts.com js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; style-src *.headspace.com cdn.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://sentry.io/api/1532173/security/?sentry_key=ac60cf3a3f0240d487fa18d834ea627b&sentry_environment=production
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.headspace.com/work
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 08 May 2020 14:18:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
HAM50-C2
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
status
200
vary
Origin, Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 08 May 2020 05:09:06 GMT
x-frame-options
SAMEORIGIN
etag
W/"892a-171f2afe550"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
image/svg+xml
via
1.1 76f038ba37b9e8fa604be08778b9f787.cloudfront.net (CloudFront)
cache-control
public, max-age=0
feature-policy
geolocation 'none'; microphone 'none';
content-security-policy
connect-src *.cloudfront.net *.headspace.com api.amplitude.com api.branch.io api.chilipiper.com api-js.mixpanel.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com gum.criteo.com identity.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com rum.optimizely.com sdk.iad-01.braze.com sentry.io static.zuora.com stats.g.doubleclick.net www.facebook.com www.google-analytics.com 'self'; font-src *.headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src *.headspace.com a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com bid.g.doubleclick.net forms.hsforms.com gum.criteo.com static.criteo.net widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' *; media-src *.headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src *.cloudfront.net *.headspace.com a.quora.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link blob: cdn.amplitude.com cdn.branch.io cdn.lr-ingest.io cdn.optimizely.com cdn.polyfill.io cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net forms.hsforms.com googleads.g.doubleclick.net https://static.zuora.com js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-scripts.com js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; style-src *.headspace.com cdn.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://sentry.io/api/1532173/security/?sentry_key=ac60cf3a3f0240d487fa18d834ea627b&sentry_environment=production
accept-ranges
bytes
access-control-allow-headers
authorization,content-type,x-requested-with
x-amz-cf-id
UGukw9aypRf7nBWlE4EAG7VaM3swZLgMkuDJC8OaGbv5kySgrI9vNQ==
access-control-allow-credentials
true
truncated
/ 		26 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
apercu_regular.woff2
static.headspace.com/fonts/apercu/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.headspace.com/fonts/apercu/apercu_regular.woff2
Requested by
Host: www.headspace.com
URL: https://www.headspace.com/work
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.197.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-197-59.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e918a3fcb44e725952c49774404f5564c0e5bf79fe03fdd78ec2034561153672

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
Origin
https://www.headspace.com

Response headers

date
Tue, 05 May 2020 08:00:01 GMT
via
1.1 34f50889bc574f1edeb41dd758962a5b.cloudfront.net (CloudFront)
age
281904
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
20864
last-modified
Tue, 26 Nov 2019 18:20:22 GMT
server
AmazonS3
etag
"59469dee6787197930bd94880c1ecc00"
access-control-max-age
3600
access-control-allow-methods
GET
x-amz-version-id
null
access-control-allow-origin
*
access-control-expose-headers
ETag
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
application/font-woff2
x-amz-cf-id
3H6R9SFhun0LY2eVbf2d2ntJV40Rrv7nn8GH36oipP3RW84SxnZ-GA==
apercu_bold.woff2
static.headspace.com/fonts/apercu/ 		0
0
a11673470095.html
a11673470095.cdn.optimizely.com/client_storage/ Frame 86AB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a11673470095.cdn.optimizely.com/client_storage/a11673470095.html
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/11673470095.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.99.37 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-45-99-37.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

:method
GET
:authority
a11673470095.cdn.optimizely.com
:scheme
https
:path
/client_storage/a11673470095.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
x-amz-id-2
3nHYUU1G8h8muUVpC0Yw8h2myJwkpF4wNEetFfX6WNO6oGkaK8LaR06ve/wn8jEWHBVjhT3/A5s=
x-amz-request-id
7DE80CD6D97445F4
x-amz-replication-status
COMPLETED
last-modified
Wed, 19 Jun 2019 17:57:11 GMT
etag
"79aa03a77c34657759dacbc3ad5a8d8b"
cache-control
max-age=120
x-amz-meta-pci_enabled
False
content-encoding
gzip
x-amz-version-id
cr8BSK5a4z7I7_i8jrI9FysEk557uLRJ
accept-ranges
bytes
content-type
text/html; charset=utf-8
content-length
719
server
AmazonS3
vary
Accept-Encoding
date
Fri, 08 May 2020 14:18:25 GMT
server-timing
cdn;desc="AkamaiION";dur=0,rtt;desc="32";dur=0,cdnip;desc="23.45.99.37";dur=0,cdnmap;desc="a4343.x.akamaiedge.net";dur=0,proto;desc="h2";dur=0
strict-transport-security
max-age=15768000
apercu_bold.woff
static.headspace.com/fonts/apercu/ 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.headspace.com/fonts/apercu/apercu_bold.woff
Requested by
Host: www.headspace.com
URL: https://www.headspace.com/work
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.197.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-197-59.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
48037043f6325258027cc41e2f029baf9eb296c74f525bb4f52e44765abbbcfe

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
Origin
https://www.headspace.com

Response headers

x-amz-version-id
null
via
1.1 34f50889bc574f1edeb41dd758962a5b.cloudfront.net (CloudFront)
etag
"49daf60d0b4958c9eb667f43e7296b5a"
age
242338
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
26992
last-modified
Thu, 10 Oct 2019 16:39:26 GMT
server
AmazonS3
date
Tue, 05 May 2020 18:59:28 GMT
access-control-max-age
3600
access-control-allow-methods
GET
content-type
application/font-woff
access-control-allow-origin
*
access-control-expose-headers
ETag
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
fkXqzwjHHPFw4_mSJjWTnbFXmFzX4GPuS8ajkEQuuCCAuGXxvo182w==
/
sentry.io/api/1532173/security/ 		0
416 B 		Other
General
Check archive.org
Download Go to
Full URL
https://sentry.io/api/1532173/security/?sentry_key=ac60cf3a3f0240d487fa18d834ea627b&sentry_environment=production
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4137181.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.42.15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
15.42.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/csp-report

Response headers

Date
Fri, 08 May 2020 14:18:25 GMT
vary
Origin
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/javascript
access-control-allow-origin
https://www.headspace.com
access-control-expose-headers
x-sentry-rate-limits, retry-after, x-sentry-error
x-envoy-upstream-service-time
0
Connection
keep-alive
Content-Length
0
4137181.js
js.hs-banner.com/ 		0
0
4137181.js
js.hs-analytics.net/analytics/1588947300000/ 		60 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1588947300000/4137181.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4137181.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:45b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d8d4521059ff4a94383de47f36b38bf78490a3b4ea56caa1100944e9618b63c

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 08 May 2020 14:18:25 GMT
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
160E037DEF4B9747
x-amz-server-side-encryption
AES256
cf-ray
5903cf52f98316f2-FRA
status
200
x-amz-id-2
kUt53kGl+TmMCQ+r+JvNj7lpXw7OrElS1w78cJCmDDcb4Qw8/f1ir0GLXOCFd7B431BhmTNI9+4=
last-modified
Wed, 06 May 2020 14:06:39 GMT
server
cloudflare
etag
W/"3138aa22096ff46d5dce94076978375f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
null
cache-control
max-age=300, public
access-control-allow-credentials
false
cf-request-id
02963fe7dc000016f23db8d200000001
content-type
text/javascript
expires
Fri, 08 May 2020 14:23:25 GMT
mparticle.js
jssdkcdns.mparticle.com/js/v2/580aa567c0d972439cf41d95730011ed/ 		1 MB
499 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jssdkcdns.mparticle.com/js/v2/580aa567c0d972439cf41d95730011ed/mparticle.js
Requested by
Host: www.headspace.com
URL: https://www.headspace.com/work
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::729 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
1da0a407ba51a303859c1fdf4b3437295dd822c6599ea76b4e6eb406e62f8165

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 08 May 2020 14:18:25 GMT
content-encoding
gzip
age
2892
x-origin-name
fastlyshield--shield_ssl_cache_dca17721_DCA
x-cache
HIT, HIT
status
200
x-cache-hits
1, 1
content-length
510709
x-served-by
cache-dca17721-DCA, cache-fra19167-FRA
server
Kestrel
x-timer
S1588947505.284940,VS0,VE1
vary
Accept, Accept-Encoding
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 08 May 2020 14:30:12 GMT
core.js
s.pinimg.com/ct/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M92JXMV&gtm_auth=16iCHRn1z7748mckvKDXyw&gtm_preview=env-2&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::84 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9b154c614752acfcba108c51c9540acd198d9a673563d013eb0b481e5fa70b60

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 08 May 2020 14:18:25 GMT
fastly-restarts
1
x-cdn
fastly
status
200
etag
"bf115431d0c25afe5078372c501b4d66"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=7200
content-length
1142
access-control-expose-headers
X-CDN
insight.min.js
snap.licdn.com/li.lms-analytics/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M92JXMV&gtm_auth=16iCHRn1z7748mckvKDXyw&gtm_preview=env-2&gtm_cookies_win=x
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:eb:385::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 08 May 2020 14:18:25 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Oct 2019 16:41:31 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=12835
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1576
sp.js
d1fc8wv8zag5ca.cloudfront.net/2.6.1/ 		73 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1fc8wv8zag5ca.cloudfront.net/2.6.1/sp.js
Requested by
Host: www.headspace.com
URL: https://www.headspace.com/work
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.9 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-9.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5cfd7a812a15d3765357ffb2a9b187008c34aff5b77556ba032de395f437ba40

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 04 Mar 2020 15:51:54 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Thu, 14 Apr 2016 15:30:15 GMT
Server
AmazonS3
Age
5610392
ETag
"867a18e9267c612557bd7e89a1a485f4"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
Cache-Control
max-age=315360000
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Length
25905
X-Amz-Cf-Id
I3T6i6UnXctxEDc7PdMVsqpm72acMJhjMRkuA7A_6NPNnV4Q9R1bXQ==
ld.js
static.criteo.net/js/ld/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/ld.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M92JXMV&gtm_auth=16iCHRn1z7748mckvKDXyw&gtm_preview=env-2&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
6a60018cab3d38d035188490d869d5dc1283a7dd115917226df457ca92887f7f

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 08 May 2020 14:18:25 GMT
content-encoding
gzip
last-modified
Mon, 16 Dec 2019 15:00:50 GMT
server
nginx
etag
W/"5df79c22-7533"
status
200
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Sat, 09 May 2020 14:18:25 GMT
_r
app.link/ 		90 B
727 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.link/_r?sdk=web2.53.1&branch_key=key_live_mcdUiF9uYBpZ5OEBEK0jqoflzzlbD4dt&callback=branch_callback__0
Requested by
Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2016:7a00:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.13.6.2 / Express
Resource Hash
1cb68dc3f5bc1c961ee3e1b6ea1dd1b0c00043ac4eaaad3e94a3cae4c206a51d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 08 May 2020 14:18:25 GMT
Via
1.1 dabb0767cb7bc0fc02f46ee84ad4dbd9.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Server
openresty/1.13.6.2
X-Amz-Cf-Pop
HAM50-C2
X-Powered-By
Express
X-Cache
Miss from cloudfront
Content-Type
text/javascript; charset=utf-8
Connection
keep-alive
Content-Length
90
ETag
W/"5a-NyDPJHGi+UbLoK0NGcvdXwLrDyw"
X-Amz-Cf-Id
3fBae1EG6-I4E_Gp3xx8nFJCmQUJ5KJozG1T6EX6lI7sRtI-lCCmGw==
v2.js
js.hsforms.net/forms/ 		420 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsforms.net/forms/v2.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M92JXMV&gtm_auth=16iCHRn1z7748mckvKDXyw&gtm_preview=env-2&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f10d9e8a1b6cd2053981c3516932d9c839508aa8aad7b771fe1befd41c4fcd0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 08 May 2020 14:18:26 GMT
via
1.1 7a99ed3f39c18af8fe138a695e5f657d.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
age
9760
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
x-amz-replication-status
COMPLETED
content-encoding
br
content-type
application/javascript; charset=utf-8
cf-request-id
02963fec0700009742488af200000001
last-modified
Thu, 02 Apr 2020 11:26:06 GMT
server
cloudflare
etag
W/"b8f7568d1d43ecd1f80fc324e2262b4c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-version-id
co0qKfCpgkPIBTcGinYN9wtDopmNgKEf
access-control-allow-origin
*
cache-control
s-maxage=86400, max-age=0
x-amz-cf-pop
IAD89-C1
cf-ray
5903cf59ae4d9742-FRA
x-amz-cf-id
tZD0Mnfq3h5mktlFbz-0d9nIdN8-1_GQ_WtyRojCYxvpnIbeI8NG_g==
events
logx.optimizely.com/v1/ 		0
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logx.optimizely.com/v1/events
Requested by
Host: www.headspace.com
URL: https://www.headspace.com/_next/static/T0mizZm~wfmSPrHxg039_/pages/_app.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.154.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-154-230.compute-1.amazonaws.com
Software
nginx/1.17.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 08 May 2020 14:18:26 GMT
Server
nginx/1.17.2
Content-Type
text/plain
Access-Control-Allow-Origin
https://www.headspace.com
Access-Control-Expose-Headers
X-Results-Data-Source
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
X-Request-Id
c9a18050-aaf4-4dce-850c-5315a14c3af9
open
api2.branch.io/v1/ 		271 B
558 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api2.branch.io/v1/open
Requested by
Host: www.headspace.com
URL: https://www.headspace.com/_next/static/T0mizZm~wfmSPrHxg039_/pages/_app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:ec00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.13.6.2 /
Resource Hash
c23fecd2cbcad7d47031409bb5807186b93cf67b88e96af4ca90e408b2201491

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 08 May 2020 14:18:27 GMT
via
1.1 0e75d8f2d484ce463fc04f5c422aa179.cloudfront.net (CloudFront)
server
openresty/1.13.6.2
x-amz-cf-pop
FRA2-C1
status
200
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache
content-length
271
x-amz-cf-id
CZHvVgIIsi6zO7hwTA_cOctZ0el96t7ILMI0O8vkCcNSKfJKyXzxoQ==
CV-WebBanner__1_.png
images.ctfassets.net/v3n26e09qg2r/4Mi6ih1woIOsPkxvJawuM4/4a955eed1b3cc857df5a16af5353f53c/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/v3n26e09qg2r/4Mi6ih1woIOsPkxvJawuM4/4a955eed1b3cc857df5a16af5353f53c/CV-WebBanner__1_.png
Requested by
Host: www.headspace.com
URL: https://www.headspace.com/work
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2016:b000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
2175260d780a0949fc91c239e2035e1e271460e0309667ee95d66034590199ca

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 May 2020 21:30:42 GMT
via
1.1 3ef9a20d3fa6ab2cb9dbcc2f635621ce.cloudfront.net (CloudFront)
last-modified
Sat, 14 Mar 2020 20:20:09 GMT
server
Contentful Images API
age
64293
etag
"f07fc523f29bc4a105cbb5ac97160837"
status
200
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
HAM50-C2
content-length
1028
x-amz-cf-id
35rbBi9fehVDdgeYgtT7D_4X0nhWiVcILb5Q0C_lYLMHgI-xdaLPlA==
bg-work.svg
images.ctfassets.net/v3n26e09qg2r/OgxSc55x2mCSO2g04kWAw/dc0e23ab0987b6851d1fca9c9e85f092/ 		28 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/v3n26e09qg2r/OgxSc55x2mCSO2g04kWAw/dc0e23ab0987b6851d1fca9c9e85f092/bg-work.svg
Requested by
Host: www.headspace.com
URL: https://www.headspace.com/work
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2016:b000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
b2c775f0cecdbc00155e3939c46399321960e88d162a2a6956d64af9114e4f42

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 08 May 2020 10:05:37 GMT
content-encoding
gzip
last-modified
Mon, 27 Nov 2017 18:57:07 GMT
server
Contentful Images API
age
15171
status
200
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
HAM50-C2
x-amz-cf-id
PRtvx3sAj7ZWS3cf6cmfJIMC79UgBP9Af4Xu2YN6lbuX6PufJTte-w==
via
1.1 3ef9a20d3fa6ab2cb9dbcc2f635621ce.cloudfront.net (CloudFront)
Iphone1.svg
images.ctfassets.net/v3n26e09qg2r/1etVjP4XzFGoo7qGRJmdjz/ced9477442d4826db9a95508f7b85cda/ 		1 MB
748 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/v3n26e09qg2r/1etVjP4XzFGoo7qGRJmdjz/ced9477442d4826db9a95508f7b85cda/Iphone1.svg
Requested by
Host: www.headspace.com
URL: https://www.headspace.com/work
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2016:b000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
bde272d1505d25f910bf22f39f2e020e625a441f66d095cd7db85334abab01a8

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 08 May 2020 06:35:05 GMT
content-encoding
gzip
last-modified
Sat, 23 Mar 2019 00:11:41 GMT
server
Contentful Images API
age
27803
status
200
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
HAM50-C2
x-amz-cf-id
VQfAN6HqNYRo_65SZpoZR_Rea_R15oPNejEHDWDbt84_DsHuLGFJhQ==
via
1.1 3ef9a20d3fa6ab2cb9dbcc2f635621ce.cloudfront.net (CloudFront)
Posters.svg
images.ctfassets.net/v3n26e09qg2r/5y3Ii7gbYi1QW0EaDZOnY4/380fc9162f1926e42c84958c38752ff3/ 		287 KB
215 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/v3n26e09qg2r/5y3Ii7gbYi1QW0EaDZOnY4/380fc9162f1926e42c84958c38752ff3/Posters.svg
Requested by
Host: www.headspace.com
URL: https://www.headspace.com/work
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2016:b000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
6caea26ac295336ac74cd2dd73c010004e5d16f3b94d93b89f2dc2ebcd1fffd6

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 08 May 2020 10:05:37 GMT
content-encoding
gzip
last-modified
Sat, 23 Mar 2019 00:11:17 GMT
server
Contentful Images API
age
15171
status
200
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
HAM50-C2
x-amz-cf-id
VDWL3Q01RMGGRazo1WBebuV5USHCLKufUJWDoNqPhzkRfUy7pfyO0A==
via
1.1 3ef9a20d3fa6ab2cb9dbcc2f635621ce.cloudfront.net (CloudFront)
3.svg
images.ctfassets.net/v3n26e09qg2r/5x8bMdlpz28E93zAZiWQKd/4e491e39d9786cb80461bbeb9f396337/ 		93 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/v3n26e09qg2r/5x8bMdlpz28E93zAZiWQKd/4e491e39d9786cb80461bbeb9f396337/3.svg
Requested by
Host: www.headspace.com
URL: https://www.headspace.com/work
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2016:b000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
9b16fbc2497a2b828c01ea900e146e764a70ce74daab0e2eebd3bfe11419670c

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 May 2020 18:44:26 GMT
content-encoding
gzip
last-modified
Sat, 23 Mar 2019 00:04:37 GMT
server
Contentful Images API
age
70442
status
200
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
HAM50-C2
x-amz-cf-id
nzDpSdTL3ntdP8kUMVJD4tddVUzqr13GKe5Uidh_X7EE2GL9CPemZA==
via
1.1 3ef9a20d3fa6ab2cb9dbcc2f635621ce.cloudfront.net (CloudFront)
Artboard_4_copy_7_LogosFinal.svg
images.ctfassets.net/v3n26e09qg2r/VvdMBhmkJM1nLlCv7rlkM/f958ea827d155d1e104d6e6949767772/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/v3n26e09qg2r/VvdMBhmkJM1nLlCv7rlkM/f958ea827d155d1e104d6e6949767772/Artboard_4_copy_7_LogosFinal.svg
Requested by
Host: www.headspace.com
URL: https://www.headspace.com/work
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2016:b000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
c55d70ef4e716b54b040a717fd011cc5b5747042d8c3db050d642f7ce7f75a78

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 May 2020 18:44:27 GMT
content-encoding
gzip
last-modified
Fri, 12 Apr 2019 21:09:46 GMT
server
Contentful Images API
age
70441
status
200
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
HAM50-C2
x-amz-cf-id
0031PJoHpQaKpOs5uSEAfanqIy76BXp6ixACnrDQJzGL5do38Y_EVg==
via
1.1 3ef9a20d3fa6ab2cb9dbcc2f635621ce.cloudfront.net (CloudFront)
Artboard_4_copy_8_LogosFinal.svg
images.ctfassets.net/v3n26e09qg2r/7pjj1hWQj3Bg6mfHZwcMz/297e86a350ad793e0042f723010de6f7/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/v3n26e09qg2r/7pjj1hWQj3Bg6mfHZwcMz/297e86a350ad793e0042f723010de6f7/Artboard_4_copy_8_LogosFinal.svg
Requested by
Host: www.headspace.com
URL: https://www.headspace.com/work
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2016:b000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
4cc2ecbb3b26051ee44a564eb916368ee39d9f562b1cf88090c7b274d95d4640

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 08 May 2020 01:37:00 GMT
content-encoding
gzip
last-modified
Fri, 12 Apr 2019 21:09:27 GMT
server
Contentful Images API
age
45688
status
200
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
HAM50-C2
x-amz-cf-id
wIPTQniaO-alOePrEFxsPBqZH8Soy8fP66GRNh9o91lr2ILl3erIUQ==
via
1.1 3ef9a20d3fa6ab2cb9dbcc2f635621ce.cloudfront.net (CloudFront)
Artboard_4_copy_9_LogosFinal.svg
images.ctfassets.net/v3n26e09qg2r/11gak7JBy5suHIyeQKLdiQ/f8503e2600cd0048b5dfd97ab328153a/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/v3n26e09qg2r/11gak7JBy5suHIyeQKLdiQ/f8503e2600cd0048b5dfd97ab328153a/Artboard_4_copy_9_LogosFinal.svg
Requested by
Host: www.headspace.com
URL: https://www.headspace.com/work
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2016:b000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
a7dcdc41368ec9c729343c718548ca7a3644c1f5da1ae6f45c69422d872c5dbc

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 May 2020 18:44:27 GMT
content-encoding
gzip
last-modified
Fri, 12 Apr 2019 21:10:06 GMT
server
Contentful Images API
age
70441
status
200
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
HAM50-C2
x-amz-cf-id
VkHIIu9jS59ESPwVUv9rRBGrG8KfehVyWjoGm3RDsi5I21PLvA7q0g==
via
1.1 3ef9a20d3fa6ab2cb9dbcc2f635621ce.cloudfront.net (CloudFront)
Artboard_4_copy_10_LogosFinal.svg
images.ctfassets.net/v3n26e09qg2r/1qh9TH0fMG3WO7dhLh9L1b/454498596aeb08b394b7de29da0f51f1/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/v3n26e09qg2r/1qh9TH0fMG3WO7dhLh9L1b/454498596aeb08b394b7de29da0f51f1/Artboard_4_copy_10_LogosFinal.svg
Requested by
Host: www.headspace.com
URL: https://www.headspace.com/work
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2016:b000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
152bec71b3c897ff7ffa4b43ebc0623a3d36cb4384dc7e801f6a7a659cc7c4ff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 May 2020 14:21:44 GMT
content-encoding
gzip
last-modified
Fri, 12 Apr 2019 21:29:59 GMT
server
Contentful Images API
age
86204
status
200
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
HAM50-C2
x-amz-cf-id
um2pHgwPHJuXwAPtMOZTek1ZocCNuxz2d4PY4pbu5tr4ve3zt4e6eg==
via
1.1 3ef9a20d3fa6ab2cb9dbcc2f635621ce.cloudfront.net (CloudFront)
Artboard_4_copy_11_LogosFinal.svg
images.ctfassets.net/v3n26e09qg2r/1BGGH2hKvanekPq036MrI5/e2ab811b0634333d5e65fc61ce03f45c/ 		1 KB
976 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/v3n26e09qg2r/1BGGH2hKvanekPq036MrI5/e2ab811b0634333d5e65fc61ce03f45c/Artboard_4_copy_11_LogosFinal.svg
Requested by
Host: www.headspace.com
URL: https://www.headspace.com/work
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2016:b000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
117e341ef8c8e96316f9923f4df81d50a746160b81b87e54ddc3310acab7034d

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 08 May 2020 08:28:40 GMT
content-encoding
gzip
last-modified
Fri, 12 Apr 2019 21:10:35 GMT
server
Contentful Images API
age
20988
status
200
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
HAM50-C2
x-amz-cf-id
YjfTTx-jabk2cMrCXNKMcaomE_jcUwC0fJXajEvyOmlaeXW3nJB8GQ==
via
1.1 3ef9a20d3fa6ab2cb9dbcc2f635621ce.cloudfront.net (CloudFront)
Artboard_4_copy_12_LogosFinal.svg
images.ctfassets.net/v3n26e09qg2r/5f8OFPm9JIlZs1CYdFYx9Q/bd3d3fbed7727710b1c2fd2c88310ffe/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/v3n26e09qg2r/5f8OFPm9JIlZs1CYdFYx9Q/bd3d3fbed7727710b1c2fd2c88310ffe/Artboard_4_copy_12_LogosFinal.svg
Requested by
Host: www.headspace.com
URL: https://www.headspace.com/work
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2016:b000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
872871132bc8e078b8cce93654bba3103cd70ea0eb6733faa23da971b18f4664

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 08 May 2020 07:11:05 GMT
content-encoding
gzip
last-modified
Fri, 12 Apr 2019 21:30:28 GMT
server
Contentful Images API
age
25643
status
200
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
HAM50-C2
x-amz-cf-id
V57afQhkmrXmKQmIchHpBW7kHoI0HxsLbDjiHQuVbZ2-aYdjeM-g9w==
via
1.1 3ef9a20d3fa6ab2cb9dbcc2f635621ce.cloudfront.net (CloudFront)
main.497c546a.js
s.pinimg.com/ct/lib/ 		48 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.497c546a.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::84 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ffedbc3bb69866027705be1b0d108d7a89ccff90f1a8ee41618dac21e79473e6

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 08 May 2020 14:18:27 GMT
fastly-restarts
1
x-cdn
fastly
status
200
etag
"f6cce5f69749ac01d6218cb91309b30d"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=1209600
content-length
49278
access-control-expose-headers
X-CDN
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1472474&url=https%3A%2F%2Fwww.headspace.com%2Fwork&time=1588947507176
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1472474%26url%3Dhttps%253A%252F%252Fwww.headspace.com%252Fwork%26time%3D158894750...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1472474&url=https%3A%2F%2Fwww.headspace.com%2Fwork&time=1588947507176&liSync=true
0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1472474&url=https%3A%2F%2Fwww.headspace.com%2Fwork&time=1588947507176&liSync=true
Requested by
Host: www.headspace.com
URL: https://www.headspace.com/work
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:f500:10:101::b93f:9105 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 08 May 2020 14:18:27 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lva1
status
200
x-li-proto
http/2
x-li-pop
prod-efr5
content-type
application/javascript
content-length
0
x-li-uuid
iJ2R/lYTDRaQ0YEThysAAA==

Redirect headers

date
Fri, 08 May 2020 14:18:27 GMT
x-content-type-options
nosniff
linkedin-action
1
status
302
x-li-pop
prod-efr5
content-length
0
x-li-uuid
uX8x6FYTDRaApZMwGisAAA==
pragma
no-cache
server
Play
cache-control
no-cache, no-store
x-frame-options
sameorigin
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security
max-age=2592000
x-li-fabric
prod-lva1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1472474&url=https%3A%2F%2Fwww.headspace.com%2Fwork&time=1588947507176&liSync=true
x-xss-protection
1; mode=block
x-li-proto
http/2
content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
expires
Thu, 01 Jan 1970 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/580aa567c0d972439cf41d95730011ed/mparticle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Apr 2020 21:54:13 GMT
server
Golfe2
age
4928
date
Fri, 08 May 2020 12:56:19 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18433
expires
Fri, 08 May 2020 14:56:19 GMT
amplitude-4.2.1-min.gz.js
cdn.amplitude.com/libs/ 		68 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.amplitude.com/libs/amplitude-4.2.1-min.gz.js
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/580aa567c0d972439cf41d95730011ed/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.186.36 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-36.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
56e81c364da2cf5172aa095f02558ee2f440585d21cbe8d6746a0e473c0c8e2c

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 16:45:11 GMT
content-encoding
gzip
age
768797
x-cache
Hit from cloudfront
status
200
content-length
23404
last-modified
Mon, 21 Oct 2019 15:45:35 GMT
server
AmazonS3
etag
"addb3457c5f65c867ae2be9606542893"
x-amz-version-id
2PesFonHu677Rw5PZ53UUToyHVzesxrU
via
1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
l1KoFNymueBvjQM1RtpAhIBVxgerCixP3AQI6dztQDO5fpk1zFOJIA==
identify
identity.mparticle.com/v1/ 		175 B
270 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Requested by
Host: www.headspace.com
URL: https://www.headspace.com/_next/static/T0mizZm~wfmSPrHxg039_/pages/_app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::645 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
9a2873f40be4b39781547400abef69740ef097c33a4b929184ecb3b38704802f
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

x-mp-key
580aa567c0d972439cf41d95730011ed
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 08 May 2020 14:18:27 GMT
content-encoding
gzip
status
200
server
Kestrel
x-timer
S1588947508.521616,VS0,VE110
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by
cache-hhn4041-HHN
vary
Accept-Encoding
x-cache
MISS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
strict-transport-security
max-age=900
accept-ranges
bytes
via
1.1 varnish
x-cache-hits
0
pageview
api2.branch.io/v1/ 		29 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api2.branch.io/v1/pageview
Requested by
Host: www.headspace.com
URL: https://www.headspace.com/_next/static/T0mizZm~wfmSPrHxg039_/pages/_app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:ec00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.13.6.2 / Express
Resource Hash
c3dd5a6fff633c6393dca21ce74cd6dc95265943575b43d2d9616f020eea68fa

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 08 May 2020 14:18:27 GMT
via
1.1 0e75d8f2d484ce463fc04f5c422aa179.cloudfront.net (CloudFront)
server
openresty/1.13.6.2
x-amz-cf-pop
FRA2-C1
x-powered-by
Express
etag
W/"1d-0Z1F50chJJpy5srE0HvlOYosSzw"
status
200
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
content-length
29
x-amz-cf-id
lweXkBr5x8wInbG0_PSczYFjJvf992uU_JoFDxQaq7fJK9jfjEjPCQ==
31b4e209-2ea2-4c95-890a-367ae8725b18
forms.hsforms.com/embed/v3/form/4137181/ 		50 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.hsforms.com/embed/v3/form/4137181/31b4e209-2ea2-4c95-890a-367ae8725b18?callback=hs_reqwest_0&hutk=
Requested by
Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5805 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d54cd28a28704db37f6b7f1a1ab9eff7a4f9e3b3381645cdb6818d3f497bb03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 08 May 2020 14:18:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
status
200
content-disposition
attachment; filename=no-rfd.txt
vary
Accept-Encoding
cf-request-id
02963ff1a700009772a5957200000001
server
cloudflare
x-trace
2B6B81FAB5C510C642E27A0E30E6B9C6A88F9C00A4000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript;charset=utf-8
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
cf-ray
5903cf62ac049772-FRA
31b4e209-2ea2-4c95-890a-367ae8725b18
forms.hsforms.com/embed/v3/form/4137181/ 		50 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.hsforms.com/embed/v3/form/4137181/31b4e209-2ea2-4c95-890a-367ae8725b18?callback=hs_reqwest_1&hutk=
Requested by
Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5805 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a76cb8935cf0dbe858ec32d8de54bd4e475f0bfc6a764fdcaf72a6741c1b6a62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 08 May 2020 14:18:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
status
200
content-disposition
attachment; filename=no-rfd.txt
vary
Accept-Encoding
cf-request-id
02963ff1a700009772a5958200000001
server
cloudflare
x-trace
2BE7A61AB88E6AE7347E9696235D452D8A29C8E5C6000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript;charset=utf-8
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
cf-ray
5903cf62ac059772-FRA
/
ct.pinterest.com/user/ 		35 B
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?tid=2613695941317&ov=%7B%22np%22%3A%22gtm%22%7D&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1588947507626
Requested by
Host: www.headspace.com
URL: https://www.headspace.com/_next/static/T0mizZm~wfmSPrHxg039_/pages/_app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.36.84 Amsterdam, Netherlands, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pin-unauth
OWY1YTlhYjEtY2UzOS00N2RhLThjZjUtY2E3NWI5ZDUxY2Nm
date
Fri, 08 May 2020 14:18:27 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-cdn
fastly
status
200
content-type
image/gif
access-control-allow-origin
https://www.headspace.com
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
x-pinterest-rid
4226306000068123
x-envoy-upstream-service-time
1
content-length
35
pragma
no-cache
/
ct.pinterest.com/v3/ 		35 B
87 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.pinterest.com/v3/?tid=2613695941317&ov=%7B%22np%22%3A%22gtm%22%7D&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.headspace.com%2Fwork%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22497c546a%22%7D&cb=1588947507666
Requested by
Host: www.headspace.com
URL: https://www.headspace.com/work
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.36.84 Amsterdam, Netherlands, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 May 2020 14:18:27 GMT
x-cdn
fastly
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
5
x-pinterest-rid
8653806442984921
content-length
35
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/ 		35 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2613695941317&pd=%7B%22np%22%3A%22gtm%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.headspace.com%2Fwork%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22497c546a%22%7D&cb=1588947507666
Requested by
Host: www.headspace.com
URL: https://www.headspace.com/work
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.36.84 Amsterdam, Netherlands, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 May 2020 14:18:27 GMT
x-cdn
fastly
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
5
x-pinterest-rid
9232131869445555
content-length
35
expires
Sat, 01 Jan 2000 00:00:00 GMT
Events
jssdks.mparticle.com/v2/JS/580aa567c0d972439cf41d95730011ed/ 		41 B
120 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v2/JS/580aa567c0d972439cf41d95730011ed/Events
Requested by
Host: www.headspace.com
URL: https://www.headspace.com/_next/static/T0mizZm~wfmSPrHxg039_/pages/_app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::729 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
f6f7756552460f3503c77f4c81ab37c5149acf3796f12ed8186b403cd906e528

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 08 May 2020 14:18:27 GMT
content-encoding
gzip
status
202
server
Kestrel
x-timer
S1588947508.883201,VS0,VE53
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-served-by
cache-fra19161-FRA
vary
Accept-Encoding
x-cache
MISS
content-type
application/json
access-control-allow-origin
*
accept-ranges
bytes
via
1.1 varnish
x-cache-hits
0
Forwarding
jssdks.mparticle.com/v1/JS/580aa567c0d972439cf41d95730011ed/ 		0
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v1/JS/580aa567c0d972439cf41d95730011ed/Forwarding
Requested by
Host: www.headspace.com
URL: https://www.headspace.com/_next/static/T0mizZm~wfmSPrHxg039_/pages/_app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::729 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 08 May 2020 14:18:27 GMT
via
1.1 varnish
server
Kestrel
x-timer
S1588947508.883187,VS0,VE2
status
202
x-served-by
cache-fra19161-FRA
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
x-cache-hits
0
Events
jssdks.mparticle.com/v2/JS/580aa567c0d972439cf41d95730011ed/ 		41 B
147 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v2/JS/580aa567c0d972439cf41d95730011ed/Events
Requested by
Host: www.headspace.com
URL: https://www.headspace.com/_next/static/T0mizZm~wfmSPrHxg039_/pages/_app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::729 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
f6f7756552460f3503c77f4c81ab37c5149acf3796f12ed8186b403cd906e528

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 08 May 2020 14:18:27 GMT
content-encoding
gzip
status
202
server
Kestrel
x-timer
S1588947508.883173,VS0,VE2
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-served-by
cache-fra19161-FRA
vary
Accept-Encoding
x-cache
MISS
content-type
application/json
access-control-allow-origin
*
accept-ranges
bytes
via
1.1 varnish
x-cache-hits
0
apercu_regular_italic.woff2
static.headspace.com/fonts/apercu/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.headspace.com/fonts/apercu/apercu_regular_italic.woff2
Requested by
Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.197.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-197-59.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8ef65cb32b20f7cd9b9578875bc5fb52f69bc48f8ceae4c695202490f88b034

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
Origin
https://www.headspace.com

Response headers

date
Tue, 05 May 2020 07:38:53 GMT
via
1.1 34f50889bc574f1edeb41dd758962a5b.cloudfront.net (CloudFront)
age
283176
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
22596
last-modified
Thu, 10 Oct 2019 16:39:26 GMT
server
AmazonS3
etag
"ec2e41772793e9c8e89606d925e8475c"
access-control-max-age
3600
access-control-allow-methods
GET
x-amz-version-id
null
access-control-allow-origin
*
access-control-expose-headers
ETag
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
binary/octet-stream
x-amz-cf-id
Fisa-aYKZz03-Uq4LTo5Xq67EvA4J2nWoMACA19X-v7XOH5Gk6Fhjg==
__ptq.gif
track.hubspot.com/ 		45 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1126678966&v=1.1&a=4137181&rcu=https%3A%2F%2Fwww.headspace.com%2Fwork&pu=https%3A%2F%2Fwww.headspace.com%2Fwork&t=Meditation+in+the+Office+-+Workplace+Wellness+with+Headspace&cts=1588947508426&vi=dae5ae9555a0f53e8a6de188a3ed0b9c&nc=true&ce=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray
5903cf67ef501f25-FRA
date
Fri, 08 May 2020 14:18:28 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI CUR ADM OUR NOR STA NID"
status
200
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/gif
content-length
45
cf-request-id
02963ff4ee00001f2522ad2200000001
x-robots-tag
none
__ptq.gif
track.hubspot.com/ 		45 B
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=15&fi=31b4e209-2ea2-4c95-890a-367ae8725b18&fci=4e915ffa-1899-4275-9333-7021d4c827ac&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1126678966&v=1.1&a=4137181&rcu=https%3A%2F%2Fwww.headspace.com%2Fwork&pu=https%3A%2F%2Fwww.headspace.com%2Fwork&t=Meditation+in+the+Office+-+Workplace+Wellness+with+Headspace&cts=1588947508435&vi=dae5ae9555a0f53e8a6de188a3ed0b9c&nc=true&ce=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray
5903cf67ef521f25-FRA
date
Fri, 08 May 2020 14:18:28 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI CUR ADM OUR NOR STA NID"
status
200
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/gif
content-length
45
cf-request-id
02963ff4ef00001f2522ad3200000001
x-robots-tag
none
__ptq.gif
track.hubspot.com/ 		45 B
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=15&fi=31b4e209-2ea2-4c95-890a-367ae8725b18&fci=4a9fd312-80fc-4ee3-934b-1f593f892a57&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1126678966&v=1.1&a=4137181&rcu=https%3A%2F%2Fwww.headspace.com%2Fwork&pu=https%3A%2F%2Fwww.headspace.com%2Fwork&t=Meditation+in+the+Office+-+Workplace+Wellness+with+Headspace&cts=1588947508459&vi=dae5ae9555a0f53e8a6de188a3ed0b9c&nc=true&ce=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray
5903cf67ef531f25-FRA
date
Fri, 08 May 2020 14:18:28 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI CUR ADM OUR NOR STA NID"
status
200
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/gif
content-length
45
cf-request-id
02963ff4ef00001f2522ad4200000001
x-robots-tag
none

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.headspace.com
URL
https://static.headspace.com/fonts/apercu/apercu_bold.woff2
Domain
js.hs-banner.com
URL
https://js.hs-banner.com/4137181.js

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| dataLayer undefined| _ object| optimizely object| branch object| __NEXT_DATA__ function| __NEXT_REGISTER_PAGE object| google_tag_manager object| webpackJsonp object| mParticle function| pintrk string| _linkedin_data_partner_id object| GlobalSnowplowNamespace function| snowplow object| __core-js_shared__ object| next function| setImmediate function| clearImmediate object| __SENTRY__ object| __NEXT_REDUX_STORE__ function| jQuery object| _hsq object| _paq boolean| _hstc_loaded function| lintrk boolean| _already_called_lintrk object| Snowplow object| criteo_q object| mpGoogleAnalyticsKit object| mpAmplitudeKit object| mpOptimizelyKit object| regeneratorRuntime string| PAGE string| VALUE string| USERTIMING string| HITTYPE boolean| isTesting string| GoogleAnalyticsObject function| ga object| amplitude function| bindToWindowOnError object| globalRoot function| hns object| hubspot object| hbspt object| __hsRoot object| hspreserve undefined| React undefined| reqwest function| OutpostErrorReporter undefined| Pikaday function| hns2 function| hmerge undefined| I18n undefined| ReactDOM undefined| require undefined| requirejs undefined| define undefined| exports undefined| module undefined| bootstrap object| HSFR function| hs_reqwest_0 function| hs_reqwest_1 object| google_tag_data object| gaplugins object| gaGlobal object| gaData boolean| _hstc_ran object| _hsp string| __hsUserToken number| expireDateTime

7 Cookies

Domain/Path Name / Value
.headspace.com/ Name: _gid
Value: GA1.2.284724484.1588947508
.headspace.com/ Name: amplitude_id_2c0e8b630e65ea00889d07e47d2bb68d_testheadspace.com
Value: eyJkZXZpY2VJZCI6ImY0NGZhODZiLTFkOTMtNGVlMS1hZDg4LTI4ZmNmNDgzMDI2OVIiLCJ1c2VySWQiOm51bGwsIm9wdE91dCI6ZmFsc2UsInNlc3Npb25JZCI6MTU4ODk0NzUwODAwMiwibGFzdEV2ZW50VGltZSI6MTU4ODk0NzUwODAwMiwiZXZlbnRJZCI6MCwiaWRlbnRpZnlJZCI6MCwic2VxdWVuY2VOdW1iZXIiOjB9
.headspace.com/ Name: _pin_unauth
Value: OWY1YTlhYjEtY2UzOS00N2RhLThjZjUtY2E3NWI5ZDUxY2Nm
.headspace.com/ Name: _sp_id.8a05
Value: cf86e492-8382-496a-a39a-973da34ca0ac.1588947507.1.1588947507.1588947507.a6118ab7-f7c8-4948-a535-243f000497d4
.headspace.com/ Name: mprtcl-v4_B0C8D5EC
Value: {'gs':{'ie':1|'dt':'580aa567c0d972439cf41d95730011ed'|'cgid':'dac6fdcf-db80-40b1-85e8-4cf5ae1ecd14'|'das':'8eee52fc-694f-4e15-a267-1e7218e66778'|'csm':'WyI0MDcxMjAyMzEzMDkxNTk1NjIzIl0='|'sid':'D2D34B82-10C1-4B4F-99CE-EFE4BC440B9C'|'les':1588947507378|'ssd':1588947507376}|'l':0|'4071202313091595623':{'fst':1588947507685}|'cu':'4071202313091595623'}
.headspace.com/ Name: _ga
Value: GA1.2.2069870713.1588947508
.headspace.com/ Name: _sp_ses.8a05
Value: *

4 Console Messages

Source Level URL
Text
console-api log URL: https://www.googletagmanager.com/gtm.js?id=GTM-M92JXMV&gtm_auth=16iCHRn1z7748mckvKDXyw&gtm_preview=env-2&gtm_cookies_win=x(Line 1314)
Message:
GTM PTag v1.2; tagId: 2613695941317
console-api log URL: https://www.headspace.com/_next/static/T0mizZm~wfmSPrHxg039_/pages/_app.js(Line 24)
Message:
Firing Pinterest event: pagevisit
console-api log URL: https://www.headspace.com/_next/static/T0mizZm~wfmSPrHxg039_/pages/_app.js(Line 24)
Message:
Event Data:
console-api log URL: https://www.headspace.com/_next/static/T0mizZm~wfmSPrHxg039_/pages/_app.js(Line 24)
Message:
[object Object]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy connect-src *.cloudfront.net *.headspace.com api.amplitude.com api.branch.io api.chilipiper.com api-js.mixpanel.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com gum.criteo.com identity.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com rum.optimizely.com sdk.iad-01.braze.com sentry.io static.zuora.com stats.g.doubleclick.net www.facebook.com www.google-analytics.com 'self'; font-src *.headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src *.headspace.com a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com bid.g.doubleclick.net forms.hsforms.com gum.criteo.com static.criteo.net widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' *; media-src *.headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src *.cloudfront.net *.headspace.com a.quora.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link blob: cdn.amplitude.com cdn.branch.io cdn.lr-ingest.io cdn.optimizely.com cdn.polyfill.io cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net forms.hsforms.com googleads.g.doubleclick.net https://static.zuora.com js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-scripts.com js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; style-src *.headspace.com cdn.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://sentry.io/api/1532173/security/?sentry_key=ac60cf3a3f0240d487fa18d834ea627b&sentry_environment=production
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a11673470095.cdn.optimizely.com
api2.branch.io
app.link
cdn.amplitude.com
cdn.branch.io
cdn.optimizely.com
cdn.polyfill.io
cdnjs.cloudflare.com
ct.pinterest.com
d1fc8wv8zag5ca.cloudfront.net
forms.hsforms.com
identity.mparticle.com
images.ctfassets.net
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsforms.net
jssdkcdns.mparticle.com
jssdks.mparticle.com
logx.optimizely.com
px.ads.linkedin.com
s.pinimg.com
sentry.io
snap.licdn.com
static.criteo.net
static.headspace.com
track.hubspot.com
www.google-analytics.com
www.googletagmanager.com
www.headspace.com
www.linkedin.com
js.hs-banner.com
static.headspace.com
13.224.186.36
13.224.197.59
143.204.101.9
151.101.36.84
23.45.99.37
2600:9000:2016:7a00:19:9934:6a80:93a1
2600:9000:2016:b000:12:94b3:c380:93a1
2600:9000:20eb:ec00:11:f728:3040:93a1
2606:4700::6810:5805
2606:4700::6810:84e5
2606:4700::6811:45b0
2606:4700::6811:b649
2606:4700::6811:d2cc
2606:4700::6813:9a53
2a00:1450:4001:809::2008
2a00:1450:4001:81b::200e
2a02:2638:1::3
2a02:26f0:6c00:183::13b8
2a02:26f0:eb:385::25ea
2a04:4e42:1b::621
2a04:4e42:1b::645
2a04:4e42:3::84
2a04:4e42:400::729
2a04:4e42:600::729
2a05:f500:10:101::b93f:9101
2a05:f500:10:101::b93f:9105
35.188.42.15
52.222.190.106
52.222.190.19
52.73.154.230
06ea8be3d64ff082bb99b1526f9c8a6962f95c2b092264e7f0153193f1cd4ff7
0f10d9e8a1b6cd2053981c3516932d9c839508aa8aad7b771fe1befd41c4fcd0
117e341ef8c8e96316f9923f4df81d50a746160b81b87e54ddc3310acab7034d
152bec71b3c897ff7ffa4b43ebc0623a3d36cb4384dc7e801f6a7a659cc7c4ff
1814b26be6374891fe3ebd2dc02797861ceca8c7836c6c037e06a35e94780e9b
1a50c31648bcdc01d9894801399f22696479893764a57de0fed34f32e8622c02
1cb68dc3f5bc1c961ee3e1b6ea1dd1b0c00043ac4eaaad3e94a3cae4c206a51d
1da0a407ba51a303859c1fdf4b3437295dd822c6599ea76b4e6eb406e62f8165
2175260d780a0949fc91c239e2035e1e271460e0309667ee95d66034590199ca
2780f58181645ea2d23da05929fc61a78b8535d89e1586b05b1608b25eb0ea70
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3b5c6af63a8644be621801360d461a2b8b06d74cc0d80d7c9f90b280f9e642b0
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3d54cd28a28704db37f6b7f1a1ab9eff7a4f9e3b3381645cdb6818d3f497bb03
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
48037043f6325258027cc41e2f029baf9eb296c74f525bb4f52e44765abbbcfe
4840b4b22194bc94206efbf4fcc345cf928e76b05ac86582cf35caf087f3aff6
4cc2ecbb3b26051ee44a564eb916368ee39d9f562b1cf88090c7b274d95d4640
4d8d4521059ff4a94383de47f36b38bf78490a3b4ea56caa1100944e9618b63c
547a47ed5945e3b9d6fd12658c09b2ef7e6e68443f5888353dfe2bcc28ebb9cb
56e81c364da2cf5172aa095f02558ee2f440585d21cbe8d6746a0e473c0c8e2c
5cfd7a812a15d3765357ffb2a9b187008c34aff5b77556ba032de395f437ba40
67dba3e7c90011a60255d716b830dcdd630f5fa1709700273340c853463ad979
6a60018cab3d38d035188490d869d5dc1283a7dd115917226df457ca92887f7f
6caea26ac295336ac74cd2dd73c010004e5d16f3b94d93b89f2dc2ebcd1fffd6
6ce0af26a33dbf8034a0f13214bff3065273f56b42c341a81b18bbd72e9ae976
79cd71efb26a20f716981308313bd54e8fbf123918cee3b87fd4c8b6b395b7c3
83be795dd0a6f7120b07316dbf6629cd1c7c29f7b71199498d41a990cc90cb29
872871132bc8e078b8cce93654bba3103cd70ea0eb6733faa23da971b18f4664
9a2873f40be4b39781547400abef69740ef097c33a4b929184ecb3b38704802f
9b154c614752acfcba108c51c9540acd198d9a673563d013eb0b481e5fa70b60
9b16fbc2497a2b828c01ea900e146e764a70ce74daab0e2eebd3bfe11419670c
a76cb8935cf0dbe858ec32d8de54bd4e475f0bfc6a764fdcaf72a6741c1b6a62
a7dcdc41368ec9c729343c718548ca7a3644c1f5da1ae6f45c69422d872c5dbc
b2c775f0cecdbc00155e3939c46399321960e88d162a2a6956d64af9114e4f42
b5d18443c635b7a16ef48219eb5f507cbc1331e1543c3bbc317cf2f26f47e8c0
bde272d1505d25f910bf22f39f2e020e625a441f66d095cd7db85334abab01a8
beee3c0796e430062b19ef63fb87bc0b63d98459aa33ff2ef07200a865cb2589
c23fecd2cbcad7d47031409bb5807186b93cf67b88e96af4ca90e408b2201491
c3dd5a6fff633c6393dca21ce74cd6dc95265943575b43d2d9616f020eea68fa
c55d70ef4e716b54b040a717fd011cc5b5747042d8c3db050d642f7ce7f75a78
c5a6611959ec6019bff42082fdea52f51798ff3bd70fb0f124a07ae542252064
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
d89b63406de97fcad69446cdc0456ec7f3132d5aa946a83f41089d8971e5267a
d8ef65cb32b20f7cd9b9578875bc5fb52f69bc48f8ceae4c695202490f88b034
da4fae0ee0fcb340c3d5944c2916e04b610c1b27bf569218fd8b9004d5cac504
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e918a3fcb44e725952c49774404f5564c0e5bf79fe03fdd78ec2034561153672
f6f7756552460f3503c77f4c81ab37c5149acf3796f12ed8186b403cd906e528
ffedbc3bb69866027705be1b0d108d7a89ccff90f1a8ee41618dac21e79473e6