www.headspace.com Open in urlscan Pro
65.9.77.25 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://links.info.headspace.com/ls/click?upn=giV3R-2FnsWqklE7WBU-2BSY5cnyNANMjx2qzMfoW3u6gWZhKG5w5tS61RXicaTJBs5dT-2F17UAG-2BR3d...
Effective URL:
https://www.headspace.com/de/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&utm_campaign=Dear_HS_F...
Submission: On September 15 via api (September 15th 2021, 10:04:51 am UTC) from BE — Scanned from DE

Summary HTTP 83 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 37 IPs in 4 countries across 28 domains to perform 83 HTTP transactions. The main IP is 65.9.77.25, located in United States and belongs to AMAZON-02, US. The main domain is www.headspace.com.
TLS certificate: Issued by Amazon on September 8th 2021. Valid for: a year.

This is the only time www.headspace.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.8.249.118 52.8.249.118	16509 (AMAZON-02) (AMAZON-02)
1 13	65.9.77.25 65.9.77.25	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:fb:... 2a02:26f0:fb:597::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a04:4e42::282 2a04:4e42::282	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.22.65.192 2.22.65.192	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:400d:806::2008	15169 (GOOGLE) (GOOGLE)
1	13.225.78.23 13.225.78.23	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:215... 2600:9000:2156:5a00:12:94b3:c380:93a1	16509 (AMAZON-02) (AMAZON-02)
2	65.9.77.16 65.9.77.16	16509 (AMAZON-02) (AMAZON-02)
1	104.89.17.148 104.89.17.148	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.232.184.65 34.232.184.65	14618 (AMAZON-AES) (AMAZON-AES)
1	65.9.71.78 65.9.71.78	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:20e... 2600:9000:20eb:ba00:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2.21.140.252 2.21.140.252	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2600:1480:400... 2600:1480:4000:41::	33905 (AKAMAI-AMS) (AKAMAI-AMS)
1	35.244.142.80 35.244.142.80	15169 (GOOGLE) (GOOGLE)
2	65.9.71.93 65.9.71.93	16509 (AMAZON-02) (AMAZON-02)
1	35.186.249.72 35.186.249.72	15169 (GOOGLE) (GOOGLE)
3	2a04:4e42:600... 2a04:4e42:600::645	54113 (FASTLY) (FASTLY)
1 2	54.224.71.103 54.224.71.103	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700:10:... 2606:4700:10::6816:94f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.120.195.249 34.120.195.249	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:36::36	15169 (GOOGLE) (GOOGLE)
1	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
4	199.232.193.208 199.232.193.208	54113 (FASTLY) (FASTLY)
2	2606:4700:303... 2606:4700:3037::6815:4e07	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.227.230.187 35.227.230.187	15169 (GOOGLE) (GOOGLE)
1	65.9.65.116 65.9.65.116	16509 (AMAZON-02) (AMAZON-02)
1	52.222.206.178 52.222.206.178	16509 (AMAZON-02) (AMAZON-02)
4	2.21.141.169 2.21.141.169	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.201.76.231 35.201.76.231	15169 (GOOGLE) (GOOGLE)
1	52.73.201.133 52.73.201.133	14618 (AMAZON-AES) (AMAZON-AES)
1	52.31.195.39 52.31.195.39	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400d:807::200e	15169 (GOOGLE) (GOOGLE)
8	2a04:4e42:400... 2a04:4e42:400::645	54113 (FASTLY) (FASTLY)
3	2600:9000:215... 2600:9000:2156:fc00:11:f728:3040:93a1	16509 (AMAZON-02) (AMAZON-02)
83	37

1 52.8.249.118 (San Jose, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-8-249-118.us-west-1.compute.amazonaws.com

links.info.headspace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 65.9.77.25 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

www.headspace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:fb:597::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::282 (United States)

ASN54113 (FASTLY, US)

cdn.polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.22.65.192 (London, United Kingdom)

ASN16625 (AKAMAI-AS, US)
PTR: a2-22-65-192.deploy.static.akamaitechnologies.com

cdn-akamai.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:806::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-23.fra2.r.cloudfront.net

cdn.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:5a00:12:94b3:c380:93a1 (United States)

ASN16509 (AMAZON-02, US)

images.ctfassets.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.77.16 (United States)

ASN16509 (AMAZON-02, US)

static.headspace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.89.17.148 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-17-148.deploy.static.akamaitechnologies.com

a11673470095.cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.232.184.65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-184-65.compute-1.amazonaws.com

logx.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.71.78 (United States)

ASN16509 (AMAZON-02, US)

assets.ctfassets.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20eb:ba00:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.21.140.252 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-140-252.deploy.static.akamaitechnologies.com

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1480:4000:41:: (United States)

ASN33905 (AKAMAI-AMS, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.142.80 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 80.142.244.35.bc.googleusercontent.com

cdn.pdst.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.71.93 (United States)

ASN16509 (AMAZON-02, US)

vidassets.terminus.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.249.72 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 72.249.186.35.bc.googleusercontent.com

d.impactradius-event.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:600::645 (United States)

ASN54113 (FASTLY, US)

jssdkcdns.mparticle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
identity.mparticle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.224.71.103 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-224-71-103.compute-1.amazonaws.com

trkn.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:94f (United States)

ASN13335 (CLOUDFLARENET, US)

js.appboycdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.195.249 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o28532.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)

us-central1-adaptive-growth.cloudfunctions.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 199.232.193.208 (United States)

ASN54113 (FASTLY, US)

sdk.iad-02.braze.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::6815:4e07 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.230.187 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 187.230.227.35.bc.googleusercontent.com

us-gmtdmp.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.65.116 (United States)

ASN16509 (AMAZON-02, US)

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.206.178 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-206-178.fra56.r.cloudfront.net

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.21.141.169 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-169.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.76.231 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 231.76.201.35.bc.googleusercontent.com

headspace.pxf.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.73.201.133 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-201-133.compute-1.amazonaws.com

logs-01.loggly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.195.39 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-195-39.eu-west-1.compute.amazonaws.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:807::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a04:4e42:400::645 (United States)

ASN54113 (FASTLY, US)

jssdks.mparticle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2156:fc00:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02, US)

api2.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	headspace.com 2 redirects links.info.headspace.com www.headspace.com static.headspace.com	1017 KB
11	mparticle.com jssdkcdns.mparticle.com identity.mparticle.com jssdks.mparticle.com	588 KB
7	tiqcdn.com tags.tiqcdn.com	29 KB
4	pinterest.com ct.pinterest.com	2 KB
4	braze.com sdk.iad-02.braze.com	6 KB
4	branch.io cdn.branch.io api2.branch.io Failed	25 KB
4	optimizely.com cdn.optimizely.com a11673470095.cdn.optimizely.com logx.optimizely.com	123 KB
3	adsrvr.org match.adsrvr.org js.adsrvr.org insight.adsrvr.org	3 KB
2	fontawesome.com use.fontawesome.com	8 KB
2	cloudfunctions.net us-central1-adaptive-growth.cloudfunctions.net
2	sentry.io o28532.ingest.sentry.io
2	trkn.us 1 redirects trkn.us	1 KB
2	terminus.services vidassets.terminus.services	3 KB
2	pinimg.com s.pinimg.com	19 KB
2	app.link app.link	1 KB
2	ctfassets.net images.ctfassets.net assets.ctfassets.net	15 KB
2	mookie1.com cdn-akamai.mookie1.com us-gmtdmp.mookie1.com	8 KB
1	google-analytics.com www.google-analytics.com	20 KB
1	loggly.com logs-01.loggly.com
1	amplitude.com cdn.amplitude.com api2.amplitude.com Failed	19 KB
1	pxf.io headspace.pxf.io Failed	459 B
1	appboycdn.com js.appboycdn.com	46 KB
1	impactradius-event.com d.impactradius-event.com	13 KB
1	pdst.fm cdn.pdst.fm	6 KB
1	googletagmanager.com www.googletagmanager.com	75 KB
1	cloudflare.com cdnjs.cloudflare.com	1 KB
1	polyfill.io cdn.polyfill.io	619 B
0	chtbl.com Failed ext.chtbl.com Failed
83	28

	Domain	Requested by
13	www.headspace.com	1 redirects www.headspace.com
8	jssdks.mparticle.com	www.headspace.com
7	tags.tiqcdn.com	cdn-akamai.mookie1.com tags.tiqcdn.com
4	ct.pinterest.com	www.headspace.com
4	sdk.iad-02.braze.com	www.headspace.com
3	api2.branch.io	www.headspace.com
2	identity.mparticle.com	www.headspace.com
2	use.fontawesome.com	js.appboycdn.com use.fontawesome.com
2	us-central1-adaptive-growth.cloudfunctions.net	www.headspace.com
2	o28532.ingest.sentry.io	www.headspace.com
2	trkn.us	1 redirects www.headspace.com
2	vidassets.terminus.services	www.googletagmanager.com www.headspace.com
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	app.link	cdn.branch.io
2	static.headspace.com	www.headspace.com
2	cdn.optimizely.com	www.headspace.com
1	www.google-analytics.com	jssdkcdns.mparticle.com
1	insight.adsrvr.org	js.adsrvr.org
1	logs-01.loggly.com	www.headspace.com
1	cdn.amplitude.com	jssdkcdns.mparticle.com
1	js.adsrvr.org	tags.tiqcdn.com
1	us-gmtdmp.mookie1.com	tags.tiqcdn.com
1	match.adsrvr.org	www.headspace.com
1	headspace.pxf.io	www.headspace.com d.impactradius-event.com
1	js.appboycdn.com	www.headspace.com
1	jssdkcdns.mparticle.com	www.headspace.com
1	d.impactradius-event.com	www.headspace.com
1	cdn.pdst.fm	www.headspace.com
1	assets.ctfassets.net	www.headspace.com
1	logx.optimizely.com	cdn.optimizely.com
1	a11673470095.cdn.optimizely.com	cdn.optimizely.com
1	images.ctfassets.net	www.headspace.com
1	cdn.branch.io	www.headspace.com
1	www.googletagmanager.com	www.headspace.com
1	cdn-akamai.mookie1.com	www.headspace.com
1	cdnjs.cloudflare.com	www.headspace.com
1	cdn.polyfill.io	www.headspace.com
1	links.info.headspace.com	1 redirects
0	api2.amplitude.com Failed	www.headspace.com
0	ext.chtbl.com Failed	www.headspace.com
83	40

This site contains links to these domains. Also see Links.

Domain
help.headspace.com

Subject Issuer	Validity	Valid
*.headspace.com Amazon	`2021-09-08` - `2022-10-07`	a year	crt.sh
cdn.optimizely.com DigiCert SHA2 Secure Server CA	`2021-02-17` - `2022-02-21`	a year	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2020	`2021-06-04` - `2022-07-06`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
cdn-akamai.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-09` - `2022-01-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.branch.io DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-25`	a year	crt.sh
images.ctfassets.net Amazon	`2021-03-19` - `2022-04-17`	a year	crt.sh
*.cdn.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-02` - `2022-06-07`	a year	crt.sh
logx.optimizely.com Amazon	`2021-08-23` - `2022-09-21`	a year	crt.sh
assets.ctfassets.net Amazon	`2021-03-18` - `2022-04-16`	a year	crt.sh
appipv4.link Amazon	`2021-06-24` - `2022-07-23`	a year	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2021-04-19` - `2022-04-27`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-26` - `2022-08-05`	a year	crt.sh
cdn.pdst.fm GTS CA 1D4	`2021-08-28` - `2021-11-26`	3 months	crt.sh
*.terminus.services Amazon	`2020-12-16` - `2022-01-14`	a year	crt.sh
*.impactradius-event.com Sectigo RSA Domain Validation Secure Server CA	`2021-01-06` - `2022-01-06`	a year	crt.sh
jssdkcdns.mparticle.com R3	`2021-08-29` - `2021-11-27`	3 months	crt.sh
trkn.us Go Daddy Secure Certificate Authority - G2	`2021-01-19` - `2022-02-20`	a year	crt.sh
*.ingest.sentry.io R3	`2021-08-25` - `2021-11-23`	3 months	crt.sh
misc.google.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.iad-02.braze.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-03` - `2022-06-04`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh
cdn.amplitude.com Amazon	`2020-11-18` - `2021-12-17`	a year	crt.sh
identity.mparticle.com Go Daddy Secure Certificate Authority - G2	`2021-07-07` - `2022-08-08`	a year	crt.sh
*.pxf.io Sectigo RSA Domain Validation Secure Server CA	`2021-07-09` - `2022-07-24`	a year	crt.sh
logs-01.loggly.com Starfield Secure Certificate Authority - G2	`2020-03-06` - `2022-04-10`	2 years	crt.sh
jssdks.mparticle.com R3	`2021-08-29` - `2021-11-27`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.headspace.com/de/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&utm_campaign=Dear_HS_FreeINTL&utm_content=h1
Frame ID: 24E4C68F4D1545811589C67F640B5824
Requests: 70 HTTP requests in this frame

Frame: https://a11673470095.cdn.optimizely.com/client_storage/a11673470095.html
Frame ID: 0707631A26BC5520461D2281119D581F
Requests: 1 HTTP requests in this frame

Frame: https://tags.tiqcdn.com/utag/xaxis/-headspace/prod/mobile.html?order_id=&order_total=0.00&order_subtotal=0.00&lbData_MP1=&refAction=email-lifecycle&refContent=h1&refCampaign=dear_hs_freeintl&order_currency=USD&xaxis_title=Kasse%20%E2%80%93%20Headspace&xaxis_hash=&xaxis_domain=www.headspace.com&xaxis_pathname=%2Fde%2Fcheckout&xaxis_url=https%3A%2F%2Fwww.headspace.com%2Fde%2Fcheckout%3FvoucherCode%3DDEARHS40INT%26utm_medium%3Demail%26utm_source%3Dlifecycle%26utm_campaign%3DDear_HS_FreeINTL%26utm_content%3Dh1&xaxis_referrer=
Frame ID: 7A1F7E66A32BA456DD3827D4461538D9
Requests: 7 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=l33hyq2&ref=&upid=ixxn8go&upv=1.1.0
Frame ID: 69548431378B2420C371768AA00465F6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Kasse – Headspace

Page URL History Show full URLs

https://links.info.headspace.com/ls/click?upn=giV3R-2FnsWqklE7WBU-2BSY5cnyNANMjx2qzMfoW3u6gWZhKG5w5tS61RXicaT... HTTP 302
https://www.headspace.com/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&utm_c... HTTP 302
https://www.headspace.com/de/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&ut... Page URL

Detected technologies

Contentful (CMS) Expand

Overall confidence: 100%
Detected patterns

<[^>]+(?:https?:)?//(?:assets|downloads|images|videos)\.(?:ct?fassets\.net|contentful\.com)

Amplitude (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.amplitude\.com

Braze (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

js\.appboycdn\.com/web-sdk/([\d.]+)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Impact (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

d\.impactradius-event\.com

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

^https?://cdn\.polyfill\.io/
/polyfill\.min\.js

Tealium (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

^(?:https?:)?//tags\.tiqcdn\.com/

Page Statistics

83
Requests

94 %
HTTPS

38 %
IPv6

28
Domains

40
Subdomains

37
IPs

4
Countries

2026 kB
Transfer

5885 kB
Size

31
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://help.headspace.com/hc/de/articles/115008364988-How-do-I-cancel-my-subscription-
Title: Jederzeit kündbar.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://links.info.headspace.com/ls/click?upn=giV3R-2FnsWqklE7WBU-2BSY5cnyNANMjx2qzMfoW3u6gWZhKG5w5tS61RXicaTJBs5dT-2F17UAG-2BR3dFNT3YQ7BzQ4EnVGpdM-2FQV6vvv5KNY5JwjbzZaOEb2Hy8LzKe7UPnh4-2FHMR102gbBi-2BQ-2B2LdCVhjh44z-2BFq1klWE56NqjIyJrsnVYTpdXdeqClchrkS-2FAkVnhjpATwcMYQPAi9eOL7lg-3D-3D6XI9_D6EEwwgiBvnoi2eBK60n4b7fZldJUo3FcedhW-2FCJqepxAWr-2Fn4-2BrDIq3gYsJAWDfDNrpNqgXflxW-2Bt-2FyA5NpdciUqCNrL1k-2FWObSnL9WafvxU4ytr2G8XUwTj-2Btra7Y81VkGQ3cz78GqI0UARTXC2DlRLoPf3tXMq-2Bjph8M1nnlVMDmGJfqy-2FD5-2B9kc1Z0WyZlYTs33RQhJJn-2BAZOWBErkqR0cQWelY8HEWm4MzupJad0LG83gzLNukoPR1qR2Gz6BVYRRX-2Ft9kYhfD7-2Bg0E9lgSoP3gHuSBgkKSKNot6VnMcND0D-2F-2BlT0JKcLMQl4bCZCQhXWCb0X7i3OrAqa9b-2B2ytLyQLg6wSEW-2F1spmJdXQZDOJmRTI887k6hpSgURcihr4IVIRfSY68cwxgtqHByYaIOItpI4ER5ktP-2BYODx6ONCYwIXTnDL4Go1jBAcsiCV1TPfdEOkaDkr4sFawo-2BDi16BSaAapuWhtYK2fndSrwLoOJ11ZQq59GERnklj1ljMYyRcmRNSnLjdAFAOuT6UzimjsWmsYj0jwFrTiNmfzROMFviqgMqZ4VZg5MCgx1tcSt3zgOQTFNCFXArTyh-2FjgvJw4YFSON5c5Mtsj3bETHWltH8oK-2F7D9oY7o4tEwpy2y4AuN9ahuX4ayHYVEqAXbEu-2BN1AQamlNm4zKywaHMy45vyKchRO7oCT2OV-2BPQgYuejd3ypIFtPyyX7Wyiks21Od2xHfOGX9qXqE1dPvOCI-3D HTTP 302
https://www.headspace.com/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&utm_campaign=Dear_HS_FreeINTL&utm_content=h1 HTTP 302
https://www.headspace.com/de/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&utm_campaign=Dear_HS_FreeINTL&utm_content=h1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://trkn.us/pixel/conv/ppt=11045;g=landing_page;gid=32736;ord=[uniqueid]?gtmcb=1199116019 HTTP 302
https://trkn.us/pixel/conv/ppt=11045;g=landing_page;gid=32736;ord=[uniqueid]?gtmcb=1199116019;ip=136.243.198.84;cuidchk=1

83 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request checkout Show response
www.headspace.com/de/
Redirect Chain

https://links.info.headspace.com/ls/click?upn=giV3R-2FnsWqklE7WBU-2BSY5cnyNANMjx2qzMfoW3u6gWZhKG5w5tS61RXicaTJBs5dT-2F17UAG-2BR3dFNT3YQ7BzQ4EnVGpdM-2FQV6vvv5KNY5JwjbzZaOEb2Hy8LzKe7UPnh4-2FHMR102gbB...
https://www.headspace.com/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&utm_campaign=Dear_HS_FreeINTL&utm_content=h1
https://www.headspace.com/de/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&utm_campaign=Dear_HS_FreeINTL&utm_content=h1

41 KB
15 KB

565ms
564ms

Document
text/html

65.9.77.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.headspace.com/de/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&utm_campaign=Dear_HS_FreeINTL&utm_content=h1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.77.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Next.js 7.0.3

Resource Hash

7e4e42c0076b5b36d666af73c75014f0db103ae1e5e9b07102555bcfed45678d

Security Headers

Name	Value
Content-Security-Policy	connect-src .cloudfront.net .headspace.com .liadm.com access.equalweb.com api-js.mixpanel.com api.amplitude.com api.branch.io api.chilipiper.com api.hubapi.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.equalweb.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com forms.hsforms.com .googletagmanager.com gum.criteo.com headspace.pxf.io identity.mparticle.com jssdkcdns.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com sdk.iad-01.braze.com sdk.iad-02.braze.com sentry.io static.zuora.com stats.g.doubleclick.net tags.w55c.net us-central1-adaptive-growth.cloudfunctions.net www.facebook.com www.google-analytics.com 'self'; default-src .headspace.com data:; font-src .headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src .headspace.com 9990894.fls.doubleclick.net a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com apps.rokt.com bid.g.doubleclick.net cdn-akamai.mookie1.com forms.hsforms.com gum.criteo.com static.criteo.net tags.tiqcdn.com widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' ; media-src .headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src .cloudfront.net .doubleclick.net .headspace.com a.quora.com analytics.tiktok.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link apps.rokt.com b-code.liadm.com bat.bing.com blob: cdn-akamai.mookie1.com cdn.amplitude.com cdn.branch.io cdn.equalweb.com cdn.lr-ingest.io cdn.optimizely.com .polyfill.io cdn.pdst.fm cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net d.impactradius-event.com forms.hsforms.com https://static.zuora.com js.adsrvr.org js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsadspixel.net js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sc-static.net sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com tags.tiqcdn.com tpc.googlesyndication.com tr.snapchat.com unpkg.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com https://vidassets.terminus.services https://trkn.us 'self' 'unsafe-eval' 'unsafe-inline'; style-src .headspace.com *.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://o28532.ingest.sentry.io/api/5545147/security/?sentry_key=d4047b73c3604221abf88979a98b9193&sentry_environment=production
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.headspace.com
:scheme: https
:path: /de/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&utm_campaign=Dear_HS_FreeINTL&utm_content=h1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
cookie: AWSALB=bSyfJClh4KRz+44h1p9Orw/gZBysg2MvkNglfat8IJULLyb+YYQT9a80PIuwhxR6c9k/aZVirObvwpjOU9lE59zRMJ7KpxlYixOvl1BW8C6pLlkFcfR/WaPovs27; AWSALBCORS=bSyfJClh4KRz+44h1p9Orw/gZBysg2MvkNglfat8IJULLyb+YYQT9a80PIuwhxR6c9k/aZVirObvwpjOU9lE59zRMJ7KpxlYixOvl1BW8C6pLlkFcfR/WaPovs27; _sp_id.8a05=1e28fb56-a123-4467-b8b9-f64e115e5918.1631700261.0.1631700261..d46f3596-838d-4579-b045-8fcb96de0299; countryCode=DE; cookiePolicyMarketing=not-set; cookiePolicyAnalytics=not-set
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=utf-8
date: Wed, 15 Sep 2021 10:04:21 GMT
set-cookie: AWSALB=ZVJv33ljAD+XVW9hCdvDqPi8evVxx/sspKOQKTm3GGGUZhgwztI4fLzFJ5ckIfJmCLI1i9pPlNofkTbBo9YShzaNdhT/ZgjxC8UdiyHVO0tcGYWa0BzyD0tPZLI5; Expires=Wed, 22 Sep 2021 10:04:21 GMT; Path=/ AWSALBCORS=ZVJv33ljAD+XVW9hCdvDqPi8evVxx/sspKOQKTm3GGGUZhgwztI4fLzFJ5ckIfJmCLI1i9pPlNofkTbBo9YShzaNdhT/ZgjxC8UdiyHVO0tcGYWa0BzyD0tPZLI5; Expires=Wed, 22 Sep 2021 10:04:21 GMT; Path=/; SameSite=None; Secure lang=de; Max-Age=31536; Domain=.headspace.com; Path=/; Expires=Wed, 15 Sep 2021 18:49:57 GMT; Secure voucherCode=%22DEARHS40INT%22; Max-Age=31536; Domain=.headspace.com; Path=/; Expires=Wed, 15 Sep 2021 18:49:57 GMT; Secure
vary: Origin Accept-Encoding
feature-policy: geolocation 'none'; microphone 'none';
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: same-origin
content-security-policy: connect-src *.cloudfront.net *.headspace.com *.liadm.com access.equalweb.com api-js.mixpanel.com api.amplitude.com api.branch.io api.chilipiper.com api.hubapi.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.equalweb.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com forms.hsforms.com *.googletagmanager.com gum.criteo.com headspace.pxf.io identity.mparticle.com jssdkcdns.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com sdk.iad-01.braze.com sdk.iad-02.braze.com sentry.io static.zuora.com stats.g.doubleclick.net tags.w55c.net us-central1-adaptive-growth.cloudfunctions.net www.facebook.com www.google-analytics.com 'self'; default-src *.headspace.com data:; font-src *.headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src *.headspace.com 9990894.fls.doubleclick.net a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com apps.rokt.com bid.g.doubleclick.net cdn-akamai.mookie1.com forms.hsforms.com gum.criteo.com static.criteo.net tags.tiqcdn.com widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' *; media-src *.headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src *.cloudfront.net *.doubleclick.net *.headspace.com a.quora.com analytics.tiktok.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link apps.rokt.com b-code.liadm.com bat.bing.com blob: cdn-akamai.mookie1.com cdn.amplitude.com cdn.branch.io cdn.equalweb.com cdn.lr-ingest.io cdn.optimizely.com *.polyfill.io cdn.pdst.fm cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net d.impactradius-event.com forms.hsforms.com https://static.zuora.com js.adsrvr.org js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsadspixel.net js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sc-static.net sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com tags.tiqcdn.com tpc.googlesyndication.com tr.snapchat.com unpkg.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com https://vidassets.terminus.services https://trkn.us 'self' 'unsafe-eval' 'unsafe-inline'; style-src *.headspace.com *.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://o28532.ingest.sentry.io/api/5545147/security/?sentry_key=d4047b73c3604221abf88979a98b9193&sentry_environment=production
x-powered-by: Next.js 7.0.3
etag: "a5a5-VfwX+YM7bsrZ0Ejl5NwxNXyFDJU"
content-encoding: gzip
access-control-allow-headers: authorization,content-type,x-requested-with
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-credentials: true
x-cache: Miss from cloudfront
via: 1.1 38785d3727bf0cfa7ca4399bb481ee5a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: MATvLCyiwJ_4DELEQ96ggrZgBCcjbq8bjcnauKnJyeY8H6XxAK1EEg==

Redirect headers

content-type: text/html; charset=utf-8
content-length: 364
location: https://www.headspace.com/de/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&utm_campaign=Dear_HS_FreeINTL&utm_content=h1
date: Wed, 15 Sep 2021 10:04:20 GMT
set-cookie: AWSALB=bSyfJClh4KRz+44h1p9Orw/gZBysg2MvkNglfat8IJULLyb+YYQT9a80PIuwhxR6c9k/aZVirObvwpjOU9lE59zRMJ7KpxlYixOvl1BW8C6pLlkFcfR/WaPovs27; Expires=Wed, 22 Sep 2021 10:04:20 GMT; Path=/ AWSALBCORS=bSyfJClh4KRz+44h1p9Orw/gZBysg2MvkNglfat8IJULLyb+YYQT9a80PIuwhxR6c9k/aZVirObvwpjOU9lE59zRMJ7KpxlYixOvl1BW8C6pLlkFcfR/WaPovs27; Expires=Wed, 22 Sep 2021 10:04:20 GMT; Path=/; SameSite=None; Secure _sp_id.8a05=1e28fb56-a123-4467-b8b9-f64e115e5918.1631700261.0.1631700261..d46f3596-838d-4579-b045-8fcb96de0299; Max-Age=31536; Domain=.headspace.com; Path=/; Expires=Wed, 15 Sep 2021 18:49:56 GMT; Secure countryCode=DE; Max-Age=31536; Domain=.headspace.com; Path=/; Expires=Wed, 15 Sep 2021 18:49:56 GMT; Secure cookiePolicyMarketing=not-set; Max-Age=7776; Domain=.headspace.com; Path=/; Expires=Wed, 15 Sep 2021 12:13:56 GMT; Secure cookiePolicyAnalytics=not-set; Max-Age=7776; Domain=.headspace.com; Path=/; Expires=Wed, 15 Sep 2021 12:13:56 GMT; Secure
vary: Origin, Accept
feature-policy: geolocation 'none'; microphone 'none';
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: same-origin
content-security-policy: connect-src *.cloudfront.net *.headspace.com *.liadm.com access.equalweb.com api-js.mixpanel.com api.amplitude.com api.branch.io api.chilipiper.com api.hubapi.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.equalweb.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com forms.hsforms.com *.googletagmanager.com gum.criteo.com headspace.pxf.io identity.mparticle.com jssdkcdns.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com sdk.iad-01.braze.com sdk.iad-02.braze.com sentry.io static.zuora.com stats.g.doubleclick.net tags.w55c.net us-central1-adaptive-growth.cloudfunctions.net www.facebook.com www.google-analytics.com 'self'; default-src *.headspace.com data:; font-src *.headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src *.headspace.com 9990894.fls.doubleclick.net a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com apps.rokt.com bid.g.doubleclick.net cdn-akamai.mookie1.com forms.hsforms.com gum.criteo.com static.criteo.net tags.tiqcdn.com widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' *; media-src *.headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src *.cloudfront.net *.doubleclick.net *.headspace.com a.quora.com analytics.tiktok.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link apps.rokt.com b-code.liadm.com bat.bing.com blob: cdn-akamai.mookie1.com cdn.amplitude.com cdn.branch.io cdn.equalweb.com cdn.lr-ingest.io cdn.optimizely.com *.polyfill.io cdn.pdst.fm cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net d.impactradius-event.com forms.hsforms.com https://static.zuora.com js.adsrvr.org js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsadspixel.net js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sc-static.net sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com tags.tiqcdn.com tpc.googlesyndication.com tr.snapchat.com unpkg.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com https://vidassets.terminus.services https://trkn.us 'self' 'unsafe-eval' 'unsafe-inline'; style-src *.headspace.com *.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://o28532.ingest.sentry.io/api/5545147/security/?sentry_key=d4047b73c3604221abf88979a98b9193&sentry_environment=production
access-control-allow-headers: authorization,content-type,x-requested-with
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-credentials: true
x-cache: Miss from cloudfront
via: 1.1 38785d3727bf0cfa7ca4399bb481ee5a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: CtnPose4g3elW2tv_dVYE3RazoNO6aiDtmxPKcbncMqFLqTDD5ZSiA==

GET
H2 200 checkout.js Show response
www.headspace.com/_next/static/SOQmvjCRIlq4eCLd29Rk_/pages/ 823 KB
271 KB 434ms
433ms Script
application/javascript 65.9.77.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.headspace.com/_next/static/SOQmvjCRIlq4eCLd29Rk_/pages/checkout.js

Requested by

Host: www.headspace.com
URL: https://www.headspace.com/de/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&utm_campaign=Dear_HS_FreeINTL&utm_content=h1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.77.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

cdc77072cd500c9d585f13411bccbc5e5be01e1c938799719eab05a45168af67

Security Headers

Name	Value
Content-Security-Policy	connect-src .cloudfront.net .headspace.com .liadm.com access.equalweb.com api-js.mixpanel.com api.amplitude.com api.branch.io api.chilipiper.com api.hubapi.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.equalweb.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com forms.hsforms.com .googletagmanager.com gum.criteo.com headspace.pxf.io identity.mparticle.com jssdkcdns.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com sdk.iad-01.braze.com sdk.iad-02.braze.com sentry.io static.zuora.com stats.g.doubleclick.net tags.w55c.net us-central1-adaptive-growth.cloudfunctions.net www.facebook.com www.google-analytics.com 'self'; default-src .headspace.com data:; font-src .headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src .headspace.com 9990894.fls.doubleclick.net a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com apps.rokt.com bid.g.doubleclick.net cdn-akamai.mookie1.com forms.hsforms.com gum.criteo.com static.criteo.net tags.tiqcdn.com widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' ; media-src .headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src .cloudfront.net .doubleclick.net .headspace.com a.quora.com analytics.tiktok.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link apps.rokt.com b-code.liadm.com bat.bing.com blob: cdn-akamai.mookie1.com cdn.amplitude.com cdn.branch.io cdn.equalweb.com cdn.lr-ingest.io cdn.optimizely.com .polyfill.io cdn.pdst.fm cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net d.impactradius-event.com forms.hsforms.com https://static.zuora.com js.adsrvr.org js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsadspixel.net js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sc-static.net sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com tags.tiqcdn.com tpc.googlesyndication.com tr.snapchat.com unpkg.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com https://vidassets.terminus.services https://trkn.us 'self' 'unsafe-eval' 'unsafe-inline'; style-src .headspace.com *.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://o28532.ingest.sentry.io/api/5545147/security/?sentry_key=d4047b73c3604221abf88979a98b9193&sentry_environment=production
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /_next/static/SOQmvjCRIlq4eCLd29Rk_/pages/checkout.js
pragma: no-cache
cookie: _sp_id.8a05=1e28fb56-a123-4467-b8b9-f64e115e5918.1631700261.0.1631700261..d46f3596-838d-4579-b045-8fcb96de0299; countryCode=DE; cookiePolicyMarketing=not-set; cookiePolicyAnalytics=not-set; AWSALB=ZVJv33ljAD+XVW9hCdvDqPi8evVxx/sspKOQKTm3GGGUZhgwztI4fLzFJ5ckIfJmCLI1i9pPlNofkTbBo9YShzaNdhT/ZgjxC8UdiyHVO0tcGYWa0BzyD0tPZLI5; AWSALBCORS=ZVJv33ljAD+XVW9hCdvDqPi8evVxx/sspKOQKTm3GGGUZhgwztI4fLzFJ5ckIfJmCLI1i9pPlNofkTbBo9YShzaNdhT/ZgjxC8UdiyHVO0tcGYWa0BzyD0tPZLI5; lang=de; voucherCode=%22DEARHS40INT%22
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.headspace.com
referer: https://www.headspace.com/de/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&utm_campaign=Dear_HS_FreeINTL&utm_content=h1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.headspace.com/de/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&utm_campaign=Dear_HS_FreeINTL&utm_content=h1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 10:04:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: AMS1-C1
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
vary: Origin Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 01 Sep 2021 21:02:39 GMT
x-frame-options: SAMEORIGIN
etag: W/"cddd8-17ba32bc198"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
via: 1.1 38785d3727bf0cfa7ca4399bb481ee5a.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation 'none'; microphone 'none';
content-security-policy: connect-src *.cloudfront.net *.headspace.com *.liadm.com access.equalweb.com api-js.mixpanel.com api.amplitude.com api.branch.io api.chilipiper.com api.hubapi.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.equalweb.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com forms.hsforms.com *.googletagmanager.com gum.criteo.com headspace.pxf.io identity.mparticle.com jssdkcdns.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com sdk.iad-01.braze.com sdk.iad-02.braze.com sentry.io static.zuora.com stats.g.doubleclick.net tags.w55c.net us-central1-adaptive-growth.cloudfunctions.net www.facebook.com www.google-analytics.com 'self'; default-src *.headspace.com data:; font-src *.headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src *.headspace.com 9990894.fls.doubleclick.net a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com apps.rokt.com bid.g.doubleclick.net cdn-akamai.mookie1.com forms.hsforms.com gum.criteo.com static.criteo.net tags.tiqcdn.com widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' *; media-src *.headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src *.cloudfront.net *.doubleclick.net *.headspace.com a.quora.com analytics.tiktok.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link apps.rokt.com b-code.liadm.com bat.bing.com blob: cdn-akamai.mookie1.com cdn.amplitude.com cdn.branch.io cdn.equalweb.com cdn.lr-ingest.io cdn.optimizely.com *.polyfill.io cdn.pdst.fm cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net d.impactradius-event.com forms.hsforms.com https://static.zuora.com js.adsrvr.org js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsadspixel.net js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sc-static.net sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com tags.tiqcdn.com tpc.googlesyndication.com tr.snapchat.com unpkg.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com https://vidassets.terminus.services https://trkn.us 'self' 'unsafe-eval' 'unsafe-inline'; style-src *.headspace.com *.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://o28532.ingest.sentry.io/api/5545147/security/?sentry_key=d4047b73c3604221abf88979a98b9193&sentry_environment=production
set-cookie: AWSALB=YoxWW43+wWXY8rDzHSCHQJccEQceFmFt1O36x7ufHx72w6LC2VKcYGdxT9LUHkVdKJwkwZFR8sFDpvY6tp3Lht1KmydKaLETkjQuSRz4SkR1HaHuisa7H3rx8uQj; Expires=Wed, 22 Sep 2021 10:04:21 GMT; Path=/ AWSALBCORS=YoxWW43+wWXY8rDzHSCHQJccEQceFmFt1O36x7ufHx72w6LC2VKcYGdxT9LUHkVdKJwkwZFR8sFDpvY6tp3Lht1KmydKaLETkjQuSRz4SkR1HaHuisa7H3rx8uQj; Expires=Wed, 22 Sep 2021 10:04:21 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
access-control-allow-headers: authorization,content-type,x-requested-with
x-amz-cf-id: Ejb-T4abId4dn1QLYGJodpeFX3tk9u4SBDXM15lO_1HU88-9KJbYog==
access-control-allow-credentials: true

GET
H2 200 _app.js Show response
www.headspace.com/_next/static/SOQmvjCRIlq4eCLd29Rk_/pages/ 711 KB
238 KB 573ms
571ms Script
application/javascript 65.9.77.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.headspace.com/_next/static/SOQmvjCRIlq4eCLd29Rk_/pages/_app.js

Requested by

Host: www.headspace.com
URL: https://www.headspace.com/de/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&utm_campaign=Dear_HS_FreeINTL&utm_content=h1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.77.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

6df90936e520f1b1e442b4911b2191eff9dde7a954ba582b51f0080e0a3cab7f

Security Headers

Name	Value
Content-Security-Policy	connect-src .cloudfront.net .headspace.com .liadm.com access.equalweb.com api-js.mixpanel.com api.amplitude.com api.branch.io api.chilipiper.com api.hubapi.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.equalweb.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com forms.hsforms.com .googletagmanager.com gum.criteo.com headspace.pxf.io identity.mparticle.com jssdkcdns.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com sdk.iad-01.braze.com sdk.iad-02.braze.com sentry.io static.zuora.com stats.g.doubleclick.net tags.w55c.net us-central1-adaptive-growth.cloudfunctions.net www.facebook.com www.google-analytics.com 'self'; default-src .headspace.com data:; font-src .headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src .headspace.com 9990894.fls.doubleclick.net a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com apps.rokt.com bid.g.doubleclick.net cdn-akamai.mookie1.com forms.hsforms.com gum.criteo.com static.criteo.net tags.tiqcdn.com widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' ; media-src .headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src .cloudfront.net .doubleclick.net .headspace.com a.quora.com analytics.tiktok.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link apps.rokt.com b-code.liadm.com bat.bing.com blob: cdn-akamai.mookie1.com cdn.amplitude.com cdn.branch.io cdn.equalweb.com cdn.lr-ingest.io cdn.optimizely.com .polyfill.io cdn.pdst.fm cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net d.impactradius-event.com forms.hsforms.com https://static.zuora.com js.adsrvr.org js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsadspixel.net js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sc-static.net sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com tags.tiqcdn.com tpc.googlesyndication.com tr.snapchat.com unpkg.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com https://vidassets.terminus.services https://trkn.us 'self' 'unsafe-eval' 'unsafe-inline'; style-src .headspace.com *.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://o28532.ingest.sentry.io/api/5545147/security/?sentry_key=d4047b73c3604221abf88979a98b9193&sentry_environment=production
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /_next/static/SOQmvjCRIlq4eCLd29Rk_/pages/_app.js
pragma: no-cache
cookie: _sp_id.8a05=1e28fb56-a123-4467-b8b9-f64e115e5918.1631700261.0.1631700261..d46f3596-838d-4579-b045-8fcb96de0299; countryCode=DE; cookiePolicyMarketing=not-set; cookiePolicyAnalytics=not-set; AWSALB=ZVJv33ljAD+XVW9hCdvDqPi8evVxx/sspKOQKTm3GGGUZhgwztI4fLzFJ5ckIfJmCLI1i9pPlNofkTbBo9YShzaNdhT/ZgjxC8UdiyHVO0tcGYWa0BzyD0tPZLI5; AWSALBCORS=ZVJv33ljAD+XVW9hCdvDqPi8evVxx/sspKOQKTm3GGGUZhgwztI4fLzFJ5ckIfJmCLI1i9pPlNofkTbBo9YShzaNdhT/ZgjxC8UdiyHVO0tcGYWa0BzyD0tPZLI5; lang=de; voucherCode=%22DEARHS40INT%22
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.headspace.com
referer: https://www.headspace.com/de/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&utm_campaign=Dear_HS_FreeINTL&utm_content=h1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.headspace.com/de/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&utm_campaign=Dear_HS_FreeINTL&utm_content=h1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 10:04:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: AMS1-C1
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
vary: Origin Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 01 Sep 2021 21:02:39 GMT
x-frame-options: SAMEORIGIN
etag: W/"b1be6-17ba32bc198"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
via: 1.1 38785d3727bf0cfa7ca4399bb481ee5a.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation 'none'; microphone 'none';
content-security-policy: connect-src *.cloudfront.net *.headspace.com *.liadm.com access.equalweb.com api-js.mixpanel.com api.amplitude.com api.branch.io api.chilipiper.com api.hubapi.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.equalweb.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com forms.hsforms.com *.googletagmanager.com gum.criteo.com headspace.pxf.io identity.mparticle.com jssdkcdns.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com sdk.iad-01.braze.com sdk.iad-02.braze.com sentry.io static.zuora.com stats.g.doubleclick.net tags.w55c.net us-central1-adaptive-growth.cloudfunctions.net www.facebook.com www.google-analytics.com 'self'; default-src *.headspace.com data:; font-src *.headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src *.headspace.com 9990894.fls.doubleclick.net a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com apps.rokt.com bid.g.doubleclick.net cdn-akamai.mookie1.com forms.hsforms.com gum.criteo.com static.criteo.net tags.tiqcdn.com widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' *; media-src *.headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src *.cloudfront.net *.doubleclick.net *.headspace.com a.quora.com analytics.tiktok.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link apps.rokt.com b-code.liadm.com bat.bing.com blob: cdn-akamai.mookie1.com cdn.amplitude.com cdn.branch.io cdn.equalweb.com cdn.lr-ingest.io cdn.optimizely.com *.polyfill.io cdn.pdst.fm cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net d.impactradius-event.com forms.hsforms.com https://static.zuora.com js.adsrvr.org js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsadspixel.net js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sc-static.net sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com tags.tiqcdn.com tpc.googlesyndication.com tr.snapchat.com unpkg.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com https://vidassets.terminus.services https://trkn.us 'self' 'unsafe-eval' 'unsafe-inline'; style-src *.headspace.com *.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://o28532.ingest.sentry.io/api/5545147/security/?sentry_key=d4047b73c3604221abf88979a98b9193&sentry_environment=production
set-cookie: AWSALB=wek27Xlfnar5gW+yqcwww44GCXxhT2ixz0F6Cgga/1lscUXNQ5ylqb+KNtDZ6pUY+pwZcYgIB+3da5BI95iv8YW/6whvksSYnZVzr8i8fllCVomzqI8uq9apG8+k; Expires=Wed, 22 Sep 2021 10:04:22 GMT; Path=/ AWSALBCORS=wek27Xlfnar5gW+yqcwww44GCXxhT2ixz0F6Cgga/1lscUXNQ5ylqb+KNtDZ6pUY+pwZcYgIB+3da5BI95iv8YW/6whvksSYnZVzr8i8fllCVomzqI8uq9apG8+k; Expires=Wed, 22 Sep 2021 10:04:22 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
access-control-allow-headers: authorization,content-type,x-requested-with
x-amz-cf-id: eIuwv58lpH9LSy5pszNQyJk6A3q94rDf6gY0PiXoUjlvoE52OAwBxg==
access-control-allow-credentials: true

GET
H2 200 _error.js Show response
www.headspace.com/_next/static/SOQmvjCRIlq4eCLd29Rk_/pages/ 20 KB
10 KB 429ms
427ms Script
application/javascript 65.9.77.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.headspace.com/_next/static/SOQmvjCRIlq4eCLd29Rk_/pages/_error.js

Requested by

Host: www.headspace.com
URL: https://www.headspace.com/de/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&utm_campaign=Dear_HS_FreeINTL&utm_content=h1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.77.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

46b9fc43a318016380b49ec78a7dd122f801772ec1cb4658c41c01780127c3e1

Security Headers

Name	Value
Content-Security-Policy	connect-src .cloudfront.net .headspace.com .liadm.com access.equalweb.com api-js.mixpanel.com api.amplitude.com api.branch.io api.chilipiper.com api.hubapi.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.equalweb.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com forms.hsforms.com .googletagmanager.com gum.criteo.com headspace.pxf.io identity.mparticle.com jssdkcdns.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com sdk.iad-01.braze.com sdk.iad-02.braze.com sentry.io static.zuora.com stats.g.doubleclick.net tags.w55c.net us-central1-adaptive-growth.cloudfunctions.net www.facebook.com www.google-analytics.com 'self'; default-src .headspace.com data:; font-src .headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src .headspace.com 9990894.fls.doubleclick.net a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com apps.rokt.com bid.g.doubleclick.net cdn-akamai.mookie1.com forms.hsforms.com gum.criteo.com static.criteo.net tags.tiqcdn.com widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' ; media-src .headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src .cloudfront.net .doubleclick.net .headspace.com a.quora.com analytics.tiktok.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link apps.rokt.com b-code.liadm.com bat.bing.com blob: cdn-akamai.mookie1.com cdn.amplitude.com cdn.branch.io cdn.equalweb.com cdn.lr-ingest.io cdn.optimizely.com .polyfill.io cdn.pdst.fm cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net d.impactradius-event.com forms.hsforms.com https://static.zuora.com js.adsrvr.org js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsadspixel.net js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sc-static.net sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com tags.tiqcdn.com tpc.googlesyndication.com tr.snapchat.com unpkg.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com https://vidassets.terminus.services https://trkn.us 'self' 'unsafe-eval' 'unsafe-inline'; style-src .headspace.com *.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://o28532.ingest.sentry.io/api/5545147/security/?sentry_key=d4047b73c3604221abf88979a98b9193&sentry_environment=production
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /_next/static/SOQmvjCRIlq4eCLd29Rk_/pages/_error.js
pragma: no-cache
cookie: _sp_id.8a05=1e28fb56-a123-4467-b8b9-f64e115e5918.1631700261.0.1631700261..d46f3596-838d-4579-b045-8fcb96de0299; countryCode=DE; cookiePolicyMarketing=not-set; cookiePolicyAnalytics=not-set; AWSALB=ZVJv33ljAD+XVW9hCdvDqPi8evVxx/sspKOQKTm3GGGUZhgwztI4fLzFJ5ckIfJmCLI1i9pPlNofkTbBo9YShzaNdhT/ZgjxC8UdiyHVO0tcGYWa0BzyD0tPZLI5; AWSALBCORS=ZVJv33ljAD+XVW9hCdvDqPi8evVxx/sspKOQKTm3GGGUZhgwztI4fLzFJ5ckIfJmCLI1i9pPlNofkTbBo9YShzaNdhT/ZgjxC8UdiyHVO0tcGYWa0BzyD0tPZLI5; lang=de; voucherCode=%22DEARHS40INT%22
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.headspace.com
referer: https://www.headspace.com/de/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&utm_campaign=Dear_HS_FreeINTL&utm_content=h1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.headspace.com/de/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&utm_campaign=Dear_HS_FreeINTL&utm_content=h1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 10:04:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: AMS1-C1
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
vary: Origin Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 01 Sep 2021 21:02:39 GMT
x-frame-options: SAMEORIGIN
etag: W/"50fc-17ba32bc198"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
via: 1.1 38785d3727bf0cfa7ca4399bb481ee5a.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation 'none'; microphone 'none';
content-security-policy: connect-src *.cloudfront.net *.headspace.com *.liadm.com access.equalweb.com api-js.mixpanel.com api.amplitude.com api.branch.io api.chilipiper.com api.hubapi.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.equalweb.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com forms.hsforms.com *.googletagmanager.com gum.criteo.com headspace.pxf.io identity.mparticle.com jssdkcdns.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com sdk.iad-01.braze.com sdk.iad-02.braze.com sentry.io static.zuora.com stats.g.doubleclick.net tags.w55c.net us-central1-adaptive-growth.cloudfunctions.net www.facebook.com www.google-analytics.com 'self'; default-src *.headspace.com data:; font-src *.headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src *.headspace.com 9990894.fls.doubleclick.net a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com apps.rokt.com bid.g.doubleclick.net cdn-akamai.mookie1.com forms.hsforms.com gum.criteo.com static.criteo.net tags.tiqcdn.com widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' *; media-src *.headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src *.cloudfront.net *.doubleclick.net *.headspace.com a.quora.com analytics.tiktok.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link apps.rokt.com b-code.liadm.com bat.bing.com blob: cdn-akamai.mookie1.com cdn.amplitude.com cdn.branch.io cdn.equalweb.com cdn.lr-ingest.io cdn.optimizely.com *.polyfill.io cdn.pdst.fm cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net d.impactradius-event.com forms.hsforms.com https://static.zuora.com js.adsrvr.org js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsadspixel.net js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sc-static.net sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com tags.tiqcdn.com tpc.googlesyndication.com tr.snapchat.com unpkg.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com https://vidassets.terminus.services https://trkn.us 'self' 'unsafe-eval' 'unsafe-inline'; style-src *.headspace.com *.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://o28532.ingest.sentry.io/api/5545147/security/?sentry_key=d4047b73c3604221abf88979a98b9193&sentry_environment=production
set-cookie: AWSALB=q8dHu9RFKWrQTbapc7e8NWDxlTGtiT0EhYsmkfXgf1hz/MXujUzBH2+U4d/WQgsB57XOe9IsT6BDDulUVN0rbkbORNVhgOoIgVCCIWD8QiST0achgPbKQOd65dfl; Expires=Wed, 22 Sep 2021 10:04:21 GMT; Path=/ AWSALBCORS=q8dHu9RFKWrQTbapc7e8NWDxlTGtiT0EhYsmkfXgf1hz/MXujUzBH2+U4d/WQgsB57XOe9IsT6BDDulUVN0rbkbORNVhgOoIgVCCIWD8QiST0achgPbKQOd65dfl; Expires=Wed, 22 Sep 2021 10:04:21 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
access-control-allow-headers: authorization,content-type,x-requested-with
x-amz-cf-id: nfxTOLBlluyqF9JIPRyDNinI8LDMy-UBhOqCHs_ppBlLpyJTxhfO5Q==
access-control-allow-credentials: true

GET
H2 200 76.12ae6b095f0057313c35.js Show response
www.headspace.com/_next/static/chunks/ 245 KB
80 KB 447ms
445ms Script
application/javascript 65.9.77.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.headspace.com/_next/static/chunks/76.12ae6b095f0057313c35.js

Requested by

Host: www.headspace.com
URL: https://www.headspace.com/de/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&utm_campaign=Dear_HS_FreeINTL&utm_content=h1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.77.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

0b2155f5d188e4a429f2a25400a9ec8087f198b167347619e6f002d4c9189bed

Security Headers

Name	Value
Content-Security-Policy	connect-src .cloudfront.net .headspace.com .liadm.com access.equalweb.com api-js.mixpanel.com api.amplitude.com api.branch.io api.chilipiper.com api.hubapi.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.equalweb.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com forms.hsforms.com .googletagmanager.com gum.criteo.com headspace.pxf.io identity.mparticle.com jssdkcdns.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com sdk.iad-01.braze.com sdk.iad-02.braze.com sentry.io static.zuora.com stats.g.doubleclick.net tags.w55c.net us-central1-adaptive-growth.cloudfunctions.net www.facebook.com www.google-analytics.com 'self'; default-src .headspace.com data:; font-src .headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src .headspace.com 9990894.fls.doubleclick.net a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com apps.rokt.com bid.g.doubleclick.net cdn-akamai.mookie1.com forms.hsforms.com gum.criteo.com static.criteo.net tags.tiqcdn.com widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' ; media-src .headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src .cloudfront.net .doubleclick.net .headspace.com a.quora.com analytics.tiktok.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link apps.rokt.com b-code.liadm.com bat.bing.com blob: cdn-akamai.mookie1.com cdn.amplitude.com cdn.branch.io cdn.equalweb.com cdn.lr-ingest.io cdn.optimizely.com .polyfill.io cdn.pdst.fm cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net d.impactradius-event.com forms.hsforms.com https://static.zuora.com js.adsrvr.org js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsadspixel.net js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sc-static.net sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com tags.tiqcdn.com tpc.googlesyndication.com tr.snapchat.com unpkg.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com https://vidassets.terminus.services https://trkn.us 'self' 'unsafe-eval' 'unsafe-inline'; style-src .headspace.com *.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://o28532.ingest.sentry.io/api/5545147/security/?sentry_key=d4047b73c3604221abf88979a98b9193&sentry_environment=production
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /_next/static/chunks/76.12ae6b095f0057313c35.js
pragma: no-cache
cookie: _sp_id.8a05=1e28fb56-a123-4467-b8b9-f64e115e5918.1631700261.0.1631700261..d46f3596-838d-4579-b045-8fcb96de0299; countryCode=DE; cookiePolicyMarketing=not-set; cookiePolicyAnalytics=not-set; AWSALB=ZVJv33ljAD+XVW9hCdvDqPi8evVxx/sspKOQKTm3GGGUZhgwztI4fLzFJ5ckIfJmCLI1i9pPlNofkTbBo9YShzaNdhT/ZgjxC8UdiyHVO0tcGYWa0BzyD0tPZLI5; AWSALBCORS=ZVJv33ljAD+XVW9hCdvDqPi8evVxx/sspKOQKTm3GGGUZhgwztI4fLzFJ5ckIfJmCLI1i9pPlNofkTbBo9YShzaNdhT/ZgjxC8UdiyHVO0tcGYWa0BzyD0tPZLI5; lang=de; voucherCode=%22DEARHS40INT%22
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.headspace.com
referer: https://www.headspace.com/de/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&utm_campaign=Dear_HS_FreeINTL&utm_content=h1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.headspace.com/de/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&utm_campaign=Dear_HS_FreeINTL&utm_content=h1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 10:04:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: AMS1-C1
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
vary: Origin Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 01 Sep 2021 21:02:39 GMT
x-frame-options: SAMEORIGIN
etag: W/"3d58f-17ba32bc198"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
via: 1.1 38785d3727bf0cfa7ca4399bb481ee5a.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation 'none'; microphone 'none';
content-security-policy: connect-src *.cloudfront.net *.headspace.com *.liadm.com access.equalweb.com api-js.mixpanel.com api.amplitude.com api.branch.io api.chilipiper.com api.hubapi.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.equalweb.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com forms.hsforms.com *.googletagmanager.com gum.criteo.com headspace.pxf.io identity.mparticle.com jssdkcdns.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com sdk.iad-01.braze.com sdk.iad-02.braze.com sentry.io static.zuora.com stats.g.doubleclick.net tags.w55c.net us-central1-adaptive-growth.cloudfunctions.net www.facebook.com www.google-analytics.com 'self'; default-src *.headspace.com data:; font-src *.headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src *.headspace.com 9990894.fls.doubleclick.net a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com apps.rokt.com bid.g.doubleclick.net cdn-akamai.mookie1.com forms.hsforms.com gum.criteo.com static.criteo.net tags.tiqcdn.com widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' *; media-src *.headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src *.cloudfront.net *.doubleclick.net *.headspace.com a.quora.com analytics.tiktok.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link apps.rokt.com b-code.liadm.com bat.bing.com blob: cdn-akamai.mookie1.com cdn.amplitude.com cdn.branch.io cdn.equalweb.com cdn.lr-ingest.io cdn.optimizely.com *.polyfill.io cdn.pdst.fm cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net d.impactradius-event.com forms.hsforms.com https://static.zuora.com js.adsrvr.org js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsadspixel.net js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sc-static.net sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com tags.tiqcdn.com tpc.googlesyndication.com tr.snapchat.com unpkg.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com https://vidassets.terminus.services https://trkn.us 'self' 'unsafe-eval' 'unsafe-inline'; style-src *.headspace.com *.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://o28532.ingest.sentry.io/api/5545147/security/?sentry_key=d4047b73c3604221abf88979a98b9193&sentry_environment=production
set-cookie: AWSALB=+DaBL8y4WkpUfaSqcZih5CvlruQyZ8fn/fQbelGPMFbM6x3ce3S8s9J1Yo9rNlvOW1J9UxrgNEfoqKexXKXCGyvyMQAEEC06rltr9UrIDHCpfSdcl2pngBsbce7g; Expires=Wed, 22 Sep 2021 10:04:21 GMT; Path=/ AWSALBCORS=+DaBL8y4WkpUfaSqcZih5CvlruQyZ8fn/fQbelGPMFbM6x3ce3S8s9J1Yo9rNlvOW1J9UxrgNEfoqKexXKXCGyvyMQAEEC06rltr9UrIDHCpfSdcl2pngBsbce7g; Expires=Wed, 22 Sep 2021 10:04:21 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
access-control-allow-headers: authorization,content-type,x-requested-with
x-amz-cf-id: dnL54bY7UWBcMzcADAvxfjXW0pB6Ku8ZmC883alYJ_lDYS6IRBppHA==
access-control-allow-credentials: true

GET
H2 200 webpack-74f2245b5cfb0f8d6568.js Show response
www.headspace.com/_next/static/runtime/ 2 KB
4 KB 452ms
450ms Script
application/javascript 65.9.77.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.headspace.com/_next/static/runtime/webpack-74f2245b5cfb0f8d6568.js

Requested by

Host: www.headspace.com
URL: https://www.headspace.com/de/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&utm_campaign=Dear_HS_FreeINTL&utm_content=h1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.77.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

077e04a287daf74625503e9168cd2ffc1c86c5d1a1d6dd3257f9a7f6130cb627

Security Headers

Name	Value
Content-Security-Policy	connect-src .cloudfront.net .headspace.com .liadm.com access.equalweb.com api-js.mixpanel.com api.amplitude.com api.branch.io api.chilipiper.com api.hubapi.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.equalweb.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com forms.hsforms.com .googletagmanager.com gum.criteo.com headspace.pxf.io identity.mparticle.com jssdkcdns.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com sdk.iad-01.braze.com sdk.iad-02.braze.com sentry.io static.zuora.com stats.g.doubleclick.net tags.w55c.net us-central1-adaptive-growth.cloudfunctions.net www.facebook.com www.google-analytics.com 'self'; default-src .headspace.com data:; font-src .headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src .headspace.com 9990894.fls.doubleclick.net a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com apps.rokt.com bid.g.doubleclick.net cdn-akamai.mookie1.com forms.hsforms.com gum.criteo.com static.criteo.net tags.tiqcdn.com widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' ; media-src .headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src .cloudfront.net .doubleclick.net .headspace.com a.quora.com analytics.tiktok.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link apps.rokt.com b-code.liadm.com bat.bing.com blob: cdn-akamai.mookie1.com cdn.amplitude.com cdn.branch.io cdn.equalweb.com cdn.lr-ingest.io cdn.optimizely.com .polyfill.io cdn.pdst.fm cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net d.impactradius-event.com forms.hsforms.com https://static.zuora.com js.adsrvr.org js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsadspixel.net js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sc-static.net sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com tags.tiqcdn.com tpc.googlesyndication.com tr.snapchat.com unpkg.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com https://vidassets.terminus.services https://trkn.us 'self' 'unsafe-eval' 'unsafe-inline'; style-src .headspace.com *.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://o28532.ingest.sentry.io/api/5545147/security/?sentry_key=d4047b73c3604221abf88979a98b9193&sentry_environment=production
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /_next/static/runtime/webpack-74f2245b5cfb0f8d6568.js
pragma: no-cache
cookie: _sp_id.8a05=1e28fb56-a123-4467-b8b9-f64e115e5918.1631700261.0.1631700261..d46f3596-838d-4579-b045-8fcb96de0299; countryCode=DE; cookiePolicyMarketing=not-set; cookiePolicyAnalytics=not-set; AWSALB=ZVJv33ljAD+XVW9hCdvDqPi8evVxx/sspKOQKTm3GGGUZhgwztI4fLzFJ5ckIfJmCLI1i9pPlNofkTbBo9YShzaNdhT/ZgjxC8UdiyHVO0tcGYWa0BzyD0tPZLI5; AWSALBCORS=ZVJv33ljAD+XVW9hCdvDqPi8evVxx/sspKOQKTm3GGGUZhgwztI4fLzFJ5ckIfJmCLI1i9pPlNofkTbBo9YShzaNdhT/ZgjxC8UdiyHVO0tcGYWa0BzyD0tPZLI5; lang=de; voucherCode=%22DEARHS40INT%22
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.headspace.com
referer: https://www.headspace.com/de/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&utm_campaign=Dear_HS_FreeINTL&utm_content=h1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.headspace.com/de/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&utm_campaign=Dear_HS_FreeINTL&utm_content=h1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 10:04:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: AMS1-C1
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
vary: Origin Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 01 Sep 2021 21:02:39 GMT
x-frame-options: SAMEORIGIN
etag: W/"92e-17ba32bc198"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
via: 1.1 38785d3727bf0cfa7ca4399bb481ee5a.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation 'none'; microphone 'none';
content-security-policy: connect-src *.cloudfront.net *.headspace.com *.liadm.com access.equalweb.com api-js.mixpanel.com api.amplitude.com api.branch.io api.chilipiper.com api.hubapi.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.equalweb.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com forms.hsforms.com *.googletagmanager.com gum.criteo.com headspace.pxf.io identity.mparticle.com jssdkcdns.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com sdk.iad-01.braze.com sdk.iad-02.braze.com sentry.io static.zuora.com stats.g.doubleclick.net tags.w55c.net us-central1-adaptive-growth.cloudfunctions.net www.facebook.com www.google-analytics.com 'self'; default-src *.headspace.com data:; font-src *.headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src *.headspace.com 9990894.fls.doubleclick.net a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com apps.rokt.com bid.g.doubleclick.net cdn-akamai.mookie1.com forms.hsforms.com gum.criteo.com static.criteo.net tags.tiqcdn.com widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' *; media-src *.headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src *.cloudfront.net *.doubleclick.net *.headspace.com a.quora.com analytics.tiktok.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link apps.rokt.com b-code.liadm.com bat.bing.com blob: cdn-akamai.mookie1.com cdn.amplitude.com cdn.branch.io cdn.equalweb.com cdn.lr-ingest.io cdn.optimizely.com *.polyfill.io cdn.pdst.fm cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net d.impactradius-event.com forms.hsforms.com https://static.zuora.com js.adsrvr.org js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsadspixel.net js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sc-static.net sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com tags.tiqcdn.com tpc.googlesyndication.com tr.snapchat.com unpkg.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com https://vidassets.terminus.services https://trkn.us 'self' 'unsafe-eval' 'unsafe-inline'; style-src *.headspace.com *.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://o28532.ingest.sentry.io/api/5545147/security/?sentry_key=d4047b73c3604221abf88979a98b9193&sentry_environment=production
set-cookie: AWSALB=S8vkdsCFLNfqU/AENo5YNnDBetcqzUjC//YluLvvu8AVFZiXCrKcMhDOd0qRArLoI9Sokdk1+NZ5VLxImNBr4X8cx4JXTTePhnIZgbnD+9jBk97MY9u8O3zrp0xo; Expires=Wed, 22 Sep 2021 10:04:21 GMT; Path=/ AWSALBCORS=S8vkdsCFLNfqU/AENo5YNnDBetcqzUjC//YluLvvu8AVFZiXCrKcMhDOd0qRArLoI9Sokdk1+NZ5VLxImNBr4X8cx4JXTTePhnIZgbnD+9jBk97MY9u8O3zrp0xo; Expires=Wed, 22 Sep 2021 10:04:21 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
access-control-allow-headers: authorization,content-type,x-requested-with
x-amz-cf-id: oqxQXZRq6C0gwLgzb487p2BuJG6dKHaImcUeHUHZzr0q8ijbbBLS8w==
access-control-allow-credentials: true

GET
H2 200 commons.9e4e8bb454a0de8cb20b.js Show response
www.headspace.com/_next/static/chunks/ 962 KB
318 KB 560ms
558ms Script
application/javascript 65.9.77.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.headspace.com/_next/static/chunks/commons.9e4e8bb454a0de8cb20b.js

Requested by

Host: www.headspace.com
URL: https://www.headspace.com/de/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&utm_campaign=Dear_HS_FreeINTL&utm_content=h1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.77.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

61b1e143ce9661c52d6d7505b618101f4e36b82834c30dd99676509fe1130bc6

Security Headers

Name	Value
Content-Security-Policy	connect-src .cloudfront.net .headspace.com .liadm.com access.equalweb.com api-js.mixpanel.com api.amplitude.com api.branch.io api.chilipiper.com api.hubapi.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.equalweb.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com forms.hsforms.com .googletagmanager.com gum.criteo.com headspace.pxf.io identity.mparticle.com jssdkcdns.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com sdk.iad-01.braze.com sdk.iad-02.braze.com sentry.io static.zuora.com stats.g.doubleclick.net tags.w55c.net us-central1-adaptive-growth.cloudfunctions.net www.facebook.com www.google-analytics.com 'self'; default-src .headspace.com data:; font-src .headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src .headspace.com 9990894.fls.doubleclick.net a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com apps.rokt.com bid.g.doubleclick.net cdn-akamai.mookie1.com forms.hsforms.com gum.criteo.com static.criteo.net tags.tiqcdn.com widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' ; media-src .headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src .cloudfront.net .doubleclick.net .headspace.com a.quora.com analytics.tiktok.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link apps.rokt.com b-code.liadm.com bat.bing.com blob: cdn-akamai.mookie1.com cdn.amplitude.com cdn.branch.io cdn.equalweb.com cdn.lr-ingest.io cdn.optimizely.com .polyfill.io cdn.pdst.fm cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net d.impactradius-event.com forms.hsforms.com https://static.zuora.com js.adsrvr.org js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsadspixel.net js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sc-static.net sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com tags.tiqcdn.com tpc.googlesyndication.com tr.snapchat.com unpkg.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com https://vidassets.terminus.services https://trkn.us 'self' 'unsafe-eval' 'unsafe-inline'; style-src .headspace.com *.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://o28532.ingest.sentry.io/api/5545147/security/?sentry_key=d4047b73c3604221abf88979a98b9193&sentry_environment=production
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /_next/static/chunks/commons.9e4e8bb454a0de8cb20b.js
pragma: no-cache
cookie: _sp_id.8a05=1e28fb56-a123-4467-b8b9-f64e115e5918.1631700261.0.1631700261..d46f3596-838d-4579-b045-8fcb96de0299; countryCode=DE; cookiePolicyMarketing=not-set; cookiePolicyAnalytics=not-set; AWSALB=ZVJv33ljAD+XVW9hCdvDqPi8evVxx/sspKOQKTm3GGGUZhgwztI4fLzFJ5ckIfJmCLI1i9pPlNofkTbBo9YShzaNdhT/ZgjxC8UdiyHVO0tcGYWa0BzyD0tPZLI5; AWSALBCORS=ZVJv33ljAD+XVW9hCdvDqPi8evVxx/sspKOQKTm3GGGUZhgwztI4fLzFJ5ckIfJmCLI1i9pPlNofkTbBo9YShzaNdhT/ZgjxC8UdiyHVO0tcGYWa0BzyD0tPZLI5; lang=de; voucherCode=%22DEARHS40INT%22
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.headspace.com
referer: https://www.headspace.com/de/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&utm_campaign=Dear_HS_FreeINTL&utm_content=h1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.headspace.com/de/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&utm_campaign=Dear_HS_FreeINTL&utm_content=h1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 10:04:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: AMS1-C1
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
vary: Origin Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 01 Sep 2021 21:02:39 GMT
x-frame-options: SAMEORIGIN
etag: W/"f062a-17ba32bc198"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
via: 1.1 38785d3727bf0cfa7ca4399bb481ee5a.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation 'none'; microphone 'none';
content-security-policy: connect-src *.cloudfront.net *.headspace.com *.liadm.com access.equalweb.com api-js.mixpanel.com api.amplitude.com api.branch.io api.chilipiper.com api.hubapi.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.equalweb.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com forms.hsforms.com *.googletagmanager.com gum.criteo.com headspace.pxf.io identity.mparticle.com jssdkcdns.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com sdk.iad-01.braze.com sdk.iad-02.braze.com sentry.io static.zuora.com stats.g.doubleclick.net tags.w55c.net us-central1-adaptive-growth.cloudfunctions.net www.facebook.com www.google-analytics.com 'self'; default-src *.headspace.com data:; font-src *.headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src *.headspace.com 9990894.fls.doubleclick.net a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com apps.rokt.com bid.g.doubleclick.net cdn-akamai.mookie1.com forms.hsforms.com gum.criteo.com static.criteo.net tags.tiqcdn.com widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' *; media-src *.headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src *.cloudfront.net *.doubleclick.net *.headspace.com a.quora.com analytics.tiktok.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link apps.rokt.com b-code.liadm.com bat.bing.com blob: cdn-akamai.mookie1.com cdn.amplitude.com cdn.branch.io cdn.equalweb.com cdn.lr-ingest.io cdn.optimizely.com *.polyfill.io cdn.pdst.fm cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net d.impactradius-event.com forms.hsforms.com https://static.zuora.com js.adsrvr.org js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsadspixel.net js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sc-static.net sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com tags.tiqcdn.com tpc.googlesyndication.com tr.snapchat.com unpkg.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com https://vidassets.terminus.services https://trkn.us 'self' 'unsafe-eval' 'unsafe-inline'; style-src *.headspace.com *.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://o28532.ingest.sentry.io/api/5545147/security/?sentry_key=d4047b73c3604221abf88979a98b9193&sentry_environment=production
set-cookie: AWSALB=07IxDMhSBRIi+q1H8Z+TlBG4X9nh87p3MfnMjV+e/vImXiV2l1471tXHBFLLXBmLLMuu3TlR8jSf6k8XRAOy2Mvz2bDy7hQzVfL3VPtXfsjqJIgY4cdcemgNlfq7; Expires=Wed, 22 Sep 2021 10:04:22 GMT; Path=/ AWSALBCORS=07IxDMhSBRIi+q1H8Z+TlBG4X9nh87p3MfnMjV+e/vImXiV2l1471tXHBFLLXBmLLMuu3TlR8jSf6k8XRAOy2Mvz2bDy7hQzVfL3VPtXfsjqJIgY4cdcemgNlfq7; Expires=Wed, 22 Sep 2021 10:04:22 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
access-control-allow-headers: authorization,content-type,x-requested-with
x-amz-cf-id: 3I09PFTGhHpCRUw0Z2JL8du-Gocm5jhdyI9w6gZIgs6lpb9v6Vr0Vw==
access-control-allow-credentials: true

GET
H2 200 styles.8012285c9f217aa89415.js Show response
www.headspace.com/_next/static/chunks/ 104 B
3 KB 571ms
569ms Script
application/javascript 65.9.77.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.headspace.com/_next/static/chunks/styles.8012285c9f217aa89415.js

Requested by

Host: www.headspace.com
URL: https://www.headspace.com/de/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&utm_campaign=Dear_HS_FreeINTL&utm_content=h1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.77.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

79668ec8205a0b81003126c6125047be7b37b76ab9c125178c52ad02b935f2d4

Security Headers

Name	Value
Content-Security-Policy	connect-src .cloudfront.net .headspace.com .liadm.com access.equalweb.com api-js.mixpanel.com api.amplitude.com api.branch.io api.chilipiper.com api.hubapi.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.equalweb.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com forms.hsforms.com .googletagmanager.com gum.criteo.com headspace.pxf.io identity.mparticle.com jssdkcdns.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com sdk.iad-01.braze.com sdk.iad-02.braze.com sentry.io static.zuora.com stats.g.doubleclick.net tags.w55c.net us-central1-adaptive-growth.cloudfunctions.net www.facebook.com www.google-analytics.com 'self'; default-src .headspace.com data:; font-src .headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src .headspace.com 9990894.fls.doubleclick.net a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com apps.rokt.com bid.g.doubleclick.net cdn-akamai.mookie1.com forms.hsforms.com gum.criteo.com static.criteo.net tags.tiqcdn.com widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' ; media-src .headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src .cloudfront.net .doubleclick.net .headspace.com a.quora.com analytics.tiktok.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link apps.rokt.com b-code.liadm.com bat.bing.com blob: cdn-akamai.mookie1.com cdn.amplitude.com cdn.branch.io cdn.equalweb.com cdn.lr-ingest.io cdn.optimizely.com .polyfill.io cdn.pdst.fm cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net d.impactradius-event.com forms.hsforms.com https://static.zuora.com js.adsrvr.org js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsadspixel.net js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sc-static.net sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com tags.tiqcdn.com tpc.googlesyndication.com tr.snapchat.com unpkg.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com https://vidassets.terminus.services https://trkn.us 'self' 'unsafe-eval' 'unsafe-inline'; style-src .headspace.com *.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://o28532.ingest.sentry.io/api/5545147/security/?sentry_key=d4047b73c3604221abf88979a98b9193&sentry_environment=production
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /_next/static/chunks/styles.8012285c9f217aa89415.js
pragma: no-cache
cookie: _sp_id.8a05=1e28fb56-a123-4467-b8b9-f64e115e5918.1631700261.0.1631700261..d46f3596-838d-4579-b045-8fcb96de0299; countryCode=DE; cookiePolicyMarketing=not-set; cookiePolicyAnalytics=not-set; AWSALB=ZVJv33ljAD+XVW9hCdvDqPi8evVxx/sspKOQKTm3GGGUZhgwztI4fLzFJ5ckIfJmCLI1i9pPlNofkTbBo9YShzaNdhT/ZgjxC8UdiyHVO0tcGYWa0BzyD0tPZLI5; AWSALBCORS=ZVJv33ljAD+XVW9hCdvDqPi8evVxx/sspKOQKTm3GGGUZhgwztI4fLzFJ5ckIfJmCLI1i9pPlNofkTbBo9YShzaNdhT/ZgjxC8UdiyHVO0tcGYWa0BzyD0tPZLI5; lang=de; voucherCode=%22DEARHS40INT%22
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.headspace.com
referer: https://www.headspace.com/de/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&utm_campaign=Dear_HS_FreeINTL&utm_content=h1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.headspace.com/de/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&utm_campaign=Dear_HS_FreeINTL&utm_content=h1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 10:04:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: AMS1-C1
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
vary: Origin Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 01 Sep 2021 21:02:39 GMT
x-frame-options: SAMEORIGIN
etag: W/"68-17ba32bc198"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
via: 1.1 38785d3727bf0cfa7ca4399bb481ee5a.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation 'none'; microphone 'none';
content-security-policy: connect-src *.cloudfront.net *.headspace.com *.liadm.com access.equalweb.com api-js.mixpanel.com api.amplitude.com api.branch.io api.chilipiper.com api.hubapi.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.equalweb.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com forms.hsforms.com *.googletagmanager.com gum.criteo.com headspace.pxf.io identity.mparticle.com jssdkcdns.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com sdk.iad-01.braze.com sdk.iad-02.braze.com sentry.io static.zuora.com stats.g.doubleclick.net tags.w55c.net us-central1-adaptive-growth.cloudfunctions.net www.facebook.com www.google-analytics.com 'self'; default-src *.headspace.com data:; font-src *.headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src *.headspace.com 9990894.fls.doubleclick.net a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com apps.rokt.com bid.g.doubleclick.net cdn-akamai.mookie1.com forms.hsforms.com gum.criteo.com static.criteo.net tags.tiqcdn.com widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' *; media-src *.headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src *.cloudfront.net *.doubleclick.net *.headspace.com a.quora.com analytics.tiktok.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link apps.rokt.com b-code.liadm.com bat.bing.com blob: cdn-akamai.mookie1.com cdn.amplitude.com cdn.branch.io cdn.equalweb.com cdn.lr-ingest.io cdn.optimizely.com *.polyfill.io cdn.pdst.fm cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net d.impactradius-event.com forms.hsforms.com https://static.zuora.com js.adsrvr.org js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsadspixel.net js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sc-static.net sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com tags.tiqcdn.com tpc.googlesyndication.com tr.snapchat.com unpkg.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com https://vidassets.terminus.services https://trkn.us 'self' 'unsafe-eval' 'unsafe-inline'; style-src *.headspace.com *.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://o28532.ingest.sentry.io/api/5545147/security/?sentry_key=d4047b73c3604221abf88979a98b9193&sentry_environment=production
set-cookie: AWSALB=iM9N+uiYAtevMTNXZd+LXEIXoYgv1cVyN7Mde/jCQHdZJ7g7MjGkrEBc7ywapLI26T6rmESluWPOGC5woKt0wek3dd6nRZmEeSXHO1e6FbWu4mgmYnIpqa+cy4kG; Expires=Wed, 22 Sep 2021 10:04:22 GMT; Path=/ AWSALBCORS=iM9N+uiYAtevMTNXZd+LXEIXoYgv1cVyN7Mde/jCQHdZJ7g7MjGkrEBc7ywapLI26T6rmESluWPOGC5woKt0wek3dd6nRZmEeSXHO1e6FbWu4mgmYnIpqa+cy4kG; Expires=Wed, 22 Sep 2021 10:04:22 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
access-control-allow-headers: authorization,content-type,x-requested-with
x-amz-cf-id: XdQR1nNVnVQ_xrB82TMNe0nQbWpbUba1D_Ff09sGi32tldxFeGN45A==
access-control-allow-credentials: true

GET
H2 200 main-9f52296128d7b8768096.js Show response
www.headspace.com/_next/static/runtime/ 11 KB
7 KB 576ms
575ms Script
application/javascript 65.9.77.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.headspace.com/_next/static/runtime/main-9f52296128d7b8768096.js

Requested by

Host: www.headspace.com
URL: https://www.headspace.com/de/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&utm_campaign=Dear_HS_FreeINTL&utm_content=h1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.77.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

557141ddae65604f97536d6cd13c00858b7d6576baf01e8c13c7f55a374672ca

Security Headers

Name	Value
Content-Security-Policy	connect-src .cloudfront.net .headspace.com .liadm.com access.equalweb.com api-js.mixpanel.com api.amplitude.com api.branch.io api.chilipiper.com api.hubapi.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.equalweb.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com forms.hsforms.com .googletagmanager.com gum.criteo.com headspace.pxf.io identity.mparticle.com jssdkcdns.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com sdk.iad-01.braze.com sdk.iad-02.braze.com sentry.io static.zuora.com stats.g.doubleclick.net tags.w55c.net us-central1-adaptive-growth.cloudfunctions.net www.facebook.com www.google-analytics.com 'self'; default-src .headspace.com data:; font-src .headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src .headspace.com 9990894.fls.doubleclick.net a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com apps.rokt.com bid.g.doubleclick.net cdn-akamai.mookie1.com forms.hsforms.com gum.criteo.com static.criteo.net tags.tiqcdn.com widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' ; media-src .headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src .cloudfront.net .doubleclick.net .headspace.com a.quora.com analytics.tiktok.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link apps.rokt.com b-code.liadm.com bat.bing.com blob: cdn-akamai.mookie1.com cdn.amplitude.com cdn.branch.io cdn.equalweb.com cdn.lr-ingest.io cdn.optimizely.com .polyfill.io cdn.pdst.fm cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net d.impactradius-event.com forms.hsforms.com https://static.zuora.com js.adsrvr.org js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsadspixel.net js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sc-static.net sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com tags.tiqcdn.com tpc.googlesyndication.com tr.snapchat.com unpkg.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com https://vidassets.terminus.services https://trkn.us 'self' 'unsafe-eval' 'unsafe-inline'; style-src .headspace.com *.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://o28532.ingest.sentry.io/api/5545147/security/?sentry_key=d4047b73c3604221abf88979a98b9193&sentry_environment=production
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /_next/static/runtime/main-9f52296128d7b8768096.js
pragma: no-cache
cookie: _sp_id.8a05=1e28fb56-a123-4467-b8b9-f64e115e5918.1631700261.0.1631700261..d46f3596-838d-4579-b045-8fcb96de0299; countryCode=DE; cookiePolicyMarketing=not-set; cookiePolicyAnalytics=not-set; AWSALB=ZVJv33ljAD+XVW9hCdvDqPi8evVxx/sspKOQKTm3GGGUZhgwztI4fLzFJ5ckIfJmCLI1i9pPlNofkTbBo9YShzaNdhT/ZgjxC8UdiyHVO0tcGYWa0BzyD0tPZLI5; AWSALBCORS=ZVJv33ljAD+XVW9hCdvDqPi8evVxx/sspKOQKTm3GGGUZhgwztI4fLzFJ5ckIfJmCLI1i9pPlNofkTbBo9YShzaNdhT/ZgjxC8UdiyHVO0tcGYWa0BzyD0tPZLI5; lang=de; voucherCode=%22DEARHS40INT%22
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.headspace.com
referer: https://www.headspace.com/de/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&utm_campaign=Dear_HS_FreeINTL&utm_content=h1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.headspace.com/de/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&utm_campaign=Dear_HS_FreeINTL&utm_content=h1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 10:04:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: AMS1-C1
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
vary: Origin Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 01 Sep 2021 21:02:39 GMT
x-frame-options: SAMEORIGIN
etag: W/"2afa-17ba32bc198"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
via: 1.1 38785d3727bf0cfa7ca4399bb481ee5a.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation 'none'; microphone 'none';
content-security-policy: connect-src *.cloudfront.net *.headspace.com *.liadm.com access.equalweb.com api-js.mixpanel.com api.amplitude.com api.branch.io api.chilipiper.com api.hubapi.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.equalweb.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com forms.hsforms.com *.googletagmanager.com gum.criteo.com headspace.pxf.io identity.mparticle.com jssdkcdns.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com sdk.iad-01.braze.com sdk.iad-02.braze.com sentry.io static.zuora.com stats.g.doubleclick.net tags.w55c.net us-central1-adaptive-growth.cloudfunctions.net www.facebook.com www.google-analytics.com 'self'; default-src *.headspace.com data:; font-src *.headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src *.headspace.com 9990894.fls.doubleclick.net a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com apps.rokt.com bid.g.doubleclick.net cdn-akamai.mookie1.com forms.hsforms.com gum.criteo.com static.criteo.net tags.tiqcdn.com widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' *; media-src *.headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src *.cloudfront.net *.doubleclick.net *.headspace.com a.quora.com analytics.tiktok.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link apps.rokt.com b-code.liadm.com bat.bing.com blob: cdn-akamai.mookie1.com cdn.amplitude.com cdn.branch.io cdn.equalweb.com cdn.lr-ingest.io cdn.optimizely.com *.polyfill.io cdn.pdst.fm cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net d.impactradius-event.com forms.hsforms.com https://static.zuora.com js.adsrvr.org js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsadspixel.net js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sc-static.net sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com tags.tiqcdn.com tpc.googlesyndication.com tr.snapchat.com unpkg.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com https://vidassets.terminus.services https://trkn.us 'self' 'unsafe-eval' 'unsafe-inline'; style-src *.headspace.com *.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://o28532.ingest.sentry.io/api/5545147/security/?sentry_key=d4047b73c3604221abf88979a98b9193&sentry_environment=production
set-cookie: AWSALB=NhBYrPWV+2xo5WbTTI3Zto/yj3T0i0+rARdUjtbPkL+Z1gg80AYmRh77yKaowMdbiZb2HX5pT2e+0H+iuH16ZJG52GIYnACpwuSP6m/pZvsCSkm9IM/Kz/zONS4A; Expires=Wed, 22 Sep 2021 10:04:22 GMT; Path=/ AWSALBCORS=NhBYrPWV+2xo5WbTTI3Zto/yj3T0i0+rARdUjtbPkL+Z1gg80AYmRh77yKaowMdbiZb2HX5pT2e+0H+iuH16ZJG52GIYnACpwuSP6m/pZvsCSkm9IM/Kz/zONS4A; Expires=Wed, 22 Sep 2021 10:04:22 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
access-control-allow-headers: authorization,content-type,x-requested-with
x-amz-cf-id: ezrWgywbtP-yYdsGFin78mcuOCyiYUTgZmQj4jx4Ld-ZpCpVJMOOPA==
access-control-allow-credentials: true

GET
H2 200 styles.aee4112c.chunk.css
www.headspace.com/_next/static/css/ 13 KB
6 KB 576ms
576ms Stylesheet
text/css 65.9.77.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.headspace.com/_next/static/css/styles.aee4112c.chunk.css

Requested by

Host: www.headspace.com
URL: https://www.headspace.com/de/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&utm_campaign=Dear_HS_FreeINTL&utm_content=h1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.77.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

b5d18443c635b7a16ef48219eb5f507cbc1331e1543c3bbc317cf2f26f47e8c0

Security Headers

Name	Value
Content-Security-Policy	connect-src .cloudfront.net .headspace.com .liadm.com access.equalweb.com api-js.mixpanel.com api.amplitude.com api.branch.io api.chilipiper.com api.hubapi.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.equalweb.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com forms.hsforms.com .googletagmanager.com gum.criteo.com headspace.pxf.io identity.mparticle.com jssdkcdns.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com sdk.iad-01.braze.com sdk.iad-02.braze.com sentry.io static.zuora.com stats.g.doubleclick.net tags.w55c.net us-central1-adaptive-growth.cloudfunctions.net www.facebook.com www.google-analytics.com 'self'; default-src .headspace.com data:; font-src .headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src .headspace.com 9990894.fls.doubleclick.net a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com apps.rokt.com bid.g.doubleclick.net cdn-akamai.mookie1.com forms.hsforms.com gum.criteo.com static.criteo.net tags.tiqcdn.com widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' ; media-src .headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src .cloudfront.net .doubleclick.net .headspace.com a.quora.com analytics.tiktok.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link apps.rokt.com b-code.liadm.com bat.bing.com blob: cdn-akamai.mookie1.com cdn.amplitude.com cdn.branch.io cdn.equalweb.com cdn.lr-ingest.io cdn.optimizely.com .polyfill.io cdn.pdst.fm cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net d.impactradius-event.com forms.hsforms.com https://static.zuora.com js.adsrvr.org js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsadspixel.net js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sc-static.net sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com tags.tiqcdn.com tpc.googlesyndication.com tr.snapchat.com unpkg.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com https://vidassets.terminus.services https://trkn.us 'self' 'unsafe-eval' 'unsafe-inline'; style-src .headspace.com *.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://o28532.ingest.sentry.io/api/5545147/security/?sentry_key=d4047b73c3604221abf88979a98b9193&sentry_environment=production
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /_next/static/css/styles.aee4112c.chunk.css
pragma: no-cache
cookie: _sp_id.8a05=1e28fb56-a123-4467-b8b9-f64e115e5918.1631700261.0.1631700261..d46f3596-838d-4579-b045-8fcb96de0299; countryCode=DE; cookiePolicyMarketing=not-set; cookiePolicyAnalytics=not-set; AWSALB=ZVJv33ljAD+XVW9hCdvDqPi8evVxx/sspKOQKTm3GGGUZhgwztI4fLzFJ5ckIfJmCLI1i9pPlNofkTbBo9YShzaNdhT/ZgjxC8UdiyHVO0tcGYWa0BzyD0tPZLI5; AWSALBCORS=ZVJv33ljAD+XVW9hCdvDqPi8evVxx/sspKOQKTm3GGGUZhgwztI4fLzFJ5ckIfJmCLI1i9pPlNofkTbBo9YShzaNdhT/ZgjxC8UdiyHVO0tcGYWa0BzyD0tPZLI5; lang=de; voucherCode=%22DEARHS40INT%22
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.headspace.com
referer: https://www.headspace.com/de/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&utm_campaign=Dear_HS_FreeINTL&utm_content=h1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.headspace.com/de/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&utm_campaign=Dear_HS_FreeINTL&utm_content=h1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 10:04:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: AMS1-C1
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
vary: Origin Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 01 Sep 2021 21:02:39 GMT
x-frame-options: SAMEORIGIN
etag: W/"347b-17ba32bc198"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: text/css; charset=UTF-8
via: 1.1 38785d3727bf0cfa7ca4399bb481ee5a.cloudfront.net (CloudFront)
cache-control: public, max-age=0
feature-policy: geolocation 'none'; microphone 'none';
content-security-policy: connect-src *.cloudfront.net *.headspace.com *.liadm.com access.equalweb.com api-js.mixpanel.com api.amplitude.com api.branch.io api.chilipiper.com api.hubapi.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.equalweb.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com forms.hsforms.com *.googletagmanager.com gum.criteo.com headspace.pxf.io identity.mparticle.com jssdkcdns.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com sdk.iad-01.braze.com sdk.iad-02.braze.com sentry.io static.zuora.com stats.g.doubleclick.net tags.w55c.net us-central1-adaptive-growth.cloudfunctions.net www.facebook.com www.google-analytics.com 'self'; default-src *.headspace.com data:; font-src *.headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src *.headspace.com 9990894.fls.doubleclick.net a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com apps.rokt.com bid.g.doubleclick.net cdn-akamai.mookie1.com forms.hsforms.com gum.criteo.com static.criteo.net tags.tiqcdn.com widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' *; media-src *.headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src *.cloudfront.net *.doubleclick.net *.headspace.com a.quora.com analytics.tiktok.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link apps.rokt.com b-code.liadm.com bat.bing.com blob: cdn-akamai.mookie1.com cdn.amplitude.com cdn.branch.io cdn.equalweb.com cdn.lr-ingest.io cdn.optimizely.com *.polyfill.io cdn.pdst.fm cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net d.impactradius-event.com forms.hsforms.com https://static.zuora.com js.adsrvr.org js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsadspixel.net js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sc-static.net sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com tags.tiqcdn.com tpc.googlesyndication.com tr.snapchat.com unpkg.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com https://vidassets.terminus.services https://trkn.us 'self' 'unsafe-eval' 'unsafe-inline'; style-src *.headspace.com *.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://o28532.ingest.sentry.io/api/5545147/security/?sentry_key=d4047b73c3604221abf88979a98b9193&sentry_environment=production
set-cookie: AWSALB=hO7kyBU/THHgBwH3bufNLGCUcTnA7g73xCChBJx4ZUZPmKPGumyiy4SGqh4f68NFM9QNXAR8rD5/b73meIZxRoiYQ7N2g3pC1T2GhMuMUn9qOk2Qijpnoued2mJ9; Expires=Wed, 22 Sep 2021 10:04:22 GMT; Path=/ AWSALBCORS=hO7kyBU/THHgBwH3bufNLGCUcTnA7g73xCChBJx4ZUZPmKPGumyiy4SGqh4f68NFM9QNXAR8rD5/b73meIZxRoiYQ7N2g3pC1T2GhMuMUn9qOk2Qijpnoued2mJ9; Expires=Wed, 22 Sep 2021 10:04:22 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
access-control-allow-headers: authorization,content-type,x-requested-with
x-amz-cf-id: h5G2g2v87m6rDr2rIm0_s4dYBKv6Jchn9RXCWU46ltnBc1yn8xzOUA==
access-control-allow-credentials: true

GET
H2 200 11673470095.js Show response
cdn.optimizely.com/js/ 317 KB
96 KB 5062ms
21ms Script
text/javascript 2a02:26f0:fb:597::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/11673470095.js

Requested by

Host: www.headspace.com
URL: https://www.headspace.com/de/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&utm_campaign=Dear_HS_FreeINTL&utm_content=h1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:597::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c1b213328df11db0ea126599fd3ab9f93333e84cd1685f97392bb178f4859152

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: _9RSA_pev.Ly4ArQuXedMdAdVDSUT5IO
content-encoding: gzip
etag: "a8159b3de7d4050580bbf2b3eca5c52d"
x-amz-request-id: R6J4NJR72F2CQES3
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 1527
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET, HEAD
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="11";dur=0,cdnip;desc="2a02:26f0:fb:597::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
vary: Accept-Encoding
content-length: 96902
x-amz-id-2: rJ4ftvsX0qjJQdQWL7jx4Kij+r11/WspcQbjsPiyTMxXR+v03Y8w38kvBK9FSBPFMtrZL5SmWoY=
last-modified: Fri, 13 Aug 2021 17:51:09 GMT
server: AmazonS3
date: Wed, 15 Sep 2021 10:04:26 GMT
access-control-max-age: 86400
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 logo.svg
www.headspace.com/static/images/ 4 KB
5 KB 435ms
434ms Image
image/svg+xml 65.9.77.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.headspace.com/static/images/logo.svg

Requested by

Host: www.headspace.com
URL: https://www.headspace.com/de/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&utm_campaign=Dear_HS_FreeINTL&utm_content=h1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.77.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

1814b26be6374891fe3ebd2dc02797861ceca8c7836c6c037e06a35e94780e9b

Security Headers

Name	Value
Content-Security-Policy	connect-src .cloudfront.net .headspace.com .liadm.com access.equalweb.com api-js.mixpanel.com api.amplitude.com api.branch.io api.chilipiper.com api.hubapi.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.equalweb.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com forms.hsforms.com .googletagmanager.com gum.criteo.com headspace.pxf.io identity.mparticle.com jssdkcdns.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com sdk.iad-01.braze.com sdk.iad-02.braze.com sentry.io static.zuora.com stats.g.doubleclick.net tags.w55c.net us-central1-adaptive-growth.cloudfunctions.net www.facebook.com www.google-analytics.com 'self'; default-src .headspace.com data:; font-src .headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src .headspace.com 9990894.fls.doubleclick.net a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com apps.rokt.com bid.g.doubleclick.net cdn-akamai.mookie1.com forms.hsforms.com gum.criteo.com static.criteo.net tags.tiqcdn.com widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' ; media-src .headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src .cloudfront.net .doubleclick.net .headspace.com a.quora.com analytics.tiktok.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link apps.rokt.com b-code.liadm.com bat.bing.com blob: cdn-akamai.mookie1.com cdn.amplitude.com cdn.branch.io cdn.equalweb.com cdn.lr-ingest.io cdn.optimizely.com .polyfill.io cdn.pdst.fm cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net d.impactradius-event.com forms.hsforms.com https://static.zuora.com js.adsrvr.org js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsadspixel.net js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sc-static.net sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com tags.tiqcdn.com tpc.googlesyndication.com tr.snapchat.com unpkg.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com https://vidassets.terminus.services https://trkn.us 'self' 'unsafe-eval' 'unsafe-inline'; style-src .headspace.com *.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://o28532.ingest.sentry.io/api/5545147/security/?sentry_key=d4047b73c3604221abf88979a98b9193&sentry_environment=production
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /static/images/logo.svg
pragma: no-cache
cookie: _sp_id.8a05=1e28fb56-a123-4467-b8b9-f64e115e5918.1631700261.0.1631700261..d46f3596-838d-4579-b045-8fcb96de0299; countryCode=DE; cookiePolicyMarketing=not-set; cookiePolicyAnalytics=not-set; lang=de; voucherCode=%22DEARHS40INT%22; AWSALB=hO7kyBU/THHgBwH3bufNLGCUcTnA7g73xCChBJx4ZUZPmKPGumyiy4SGqh4f68NFM9QNXAR8rD5/b73meIZxRoiYQ7N2g3pC1T2GhMuMUn9qOk2Qijpnoued2mJ9; AWSALBCORS=hO7kyBU/THHgBwH3bufNLGCUcTnA7g73xCChBJx4ZUZPmKPGumyiy4SGqh4f68NFM9QNXAR8rD5/b73meIZxRoiYQ7N2g3pC1T2GhMuMUn9qOk2Qijpnoued2mJ9; optimizelyEndUserId=oeu1631700266768r0.6605377232840228
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.headspace.com
referer: https://www.headspace.com/de/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&utm_campaign=Dear_HS_FreeINTL&utm_content=h1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.headspace.com/de/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&utm_campaign=Dear_HS_FreeINTL&utm_content=h1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 10:04:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: AMS1-C1
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
vary: Origin Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 01 Sep 2021 21:02:40 GMT
x-frame-options: SAMEORIGIN
etag: W/"1004-17ba32bc580"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/svg+xml
via: 1.1 38785d3727bf0cfa7ca4399bb481ee5a.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
feature-policy: geolocation 'none'; microphone 'none';
content-security-policy: connect-src *.cloudfront.net *.headspace.com *.liadm.com access.equalweb.com api-js.mixpanel.com api.amplitude.com api.branch.io api.chilipiper.com api.hubapi.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.equalweb.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com forms.hsforms.com *.googletagmanager.com gum.criteo.com headspace.pxf.io identity.mparticle.com jssdkcdns.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com sdk.iad-01.braze.com sdk.iad-02.braze.com sentry.io static.zuora.com stats.g.doubleclick.net tags.w55c.net us-central1-adaptive-growth.cloudfunctions.net www.facebook.com www.google-analytics.com 'self'; default-src *.headspace.com data:; font-src *.headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src *.headspace.com 9990894.fls.doubleclick.net a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com apps.rokt.com bid.g.doubleclick.net cdn-akamai.mookie1.com forms.hsforms.com gum.criteo.com static.criteo.net tags.tiqcdn.com widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' *; media-src *.headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src *.cloudfront.net *.doubleclick.net *.headspace.com a.quora.com analytics.tiktok.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link apps.rokt.com b-code.liadm.com bat.bing.com blob: cdn-akamai.mookie1.com cdn.amplitude.com cdn.branch.io cdn.equalweb.com cdn.lr-ingest.io cdn.optimizely.com *.polyfill.io cdn.pdst.fm cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net d.impactradius-event.com forms.hsforms.com https://static.zuora.com js.adsrvr.org js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsadspixel.net js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sc-static.net sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com tags.tiqcdn.com tpc.googlesyndication.com tr.snapchat.com unpkg.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com https://vidassets.terminus.services https://trkn.us 'self' 'unsafe-eval' 'unsafe-inline'; style-src *.headspace.com *.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://o28532.ingest.sentry.io/api/5545147/security/?sentry_key=d4047b73c3604221abf88979a98b9193&sentry_environment=production
set-cookie: AWSALB=8O+y/b98Ng/nqdfZ2Qxl/Dod1IldFaoUGZrSfN+5T/SLdjcDeSdLzjD+liO2ZZKgQj7oyntLjYYNHIcAS7vnDYwtCarEBfnhllzmx9k3tDn1JPQ+c3F+YDJrBOXj; Expires=Wed, 22 Sep 2021 10:04:27 GMT; Path=/ AWSALBCORS=8O+y/b98Ng/nqdfZ2Qxl/Dod1IldFaoUGZrSfN+5T/SLdjcDeSdLzjD+liO2ZZKgQj7oyntLjYYNHIcAS7vnDYwtCarEBfnhllzmx9k3tDn1JPQ+c3F+YDJrBOXj; Expires=Wed, 22 Sep 2021 10:04:27 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
access-control-allow-headers: authorization,content-type,x-requested-with
x-amz-cf-id: 7olIflZzmm2bp3erFMVY7y6WwHUtFRpjBEHKjdy3GOMtCJ-xSxN0mg==
access-control-allow-credentials: true

GET
H2 200 polyfill.min.js Show response
cdn.polyfill.io/v2/ 222 B
619 B 5051ms
19ms Script
text/javascript 2a04:4e42::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.min.js?features=IntersectionObserver%2CArray.from

Requested by

Host: www.headspace.com
URL: https://www.headspace.com/de/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&utm_campaign=Dear_HS_FreeINTL&utm_content=h1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 77819
detected-user-agent: Chrome/92.0.4515
server-timing: HIT-REFRESH, fastly;desc="Edge time";dur=459, HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT-CLUSTER, fastly;desc="Edge time";dur=1
content-length: 126
referrer-policy: origin-when-cross-origin
last-modified: Sat, 11 Sep 2021 15:48:04 GMT
date: Wed, 15 Sep 2021 10:04:27 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/92.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 svg4everybody.min.js Show response
cdnjs.cloudflare.com/ajax/libs/svg4everybody/1.0.0/ 970 B
1 KB 5045ms
16ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/svg4everybody/1.0.0/svg4everybody.min.js

Requested by

Host: www.headspace.com
URL: https://www.headspace.com/de/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&utm_campaign=Dear_HS_FreeINTL&utm_content=h1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da4fae0ee0fcb340c3d5944c2916e04b610c1b27bf569218fd8b9004d5cac504

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 10:04:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 566812
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 480
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:51 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ff3-3ca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fYcMljT%2Bpsx5LIah335kgawS0A%2B%2FHFpb6SVWhRtNHP4viUurchlFI86SMgzThYoby1Cumm%2BMXjlfqQODiNxMEsNEKHVLD%2BksaH7wZvMjBr5SUFd7mYSa9o0iIGkeaq91%2FrOW8jVL7auFj2zoS2VyAGPw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 68f1080adf2f3248-FRA
expires: Mon, 05 Sep 2022 10:04:31 GMT

GET
H/1.1 200
OK LightningBolt.js Show response
cdn-akamai.mookie1.com/LB/ 26 KB
7 KB 5122ms
39ms Script
application/x-javascript 2.22.65.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-akamai.mookie1.com/LB/LightningBolt.js
Requested by: Host: www.headspace.com
URL: https://www.headspace.com/de/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&utm_campaign=Dear_HS_FreeINTL&utm_content=h1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.22.65.192 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-22-65-192.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 82133327f478879bc23bbd8e643e69a63b11aa06755b0cf693e2ff58b66f3567

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 15 Sep 2021 10:04:31 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Connection: keep-alive
Content-Length: 6828
Last-Modified: Wed, 08 Sep 2021 19:30:22 GMT
Server: AkamaiNetStorage
ETag: "9e959c8a933a55a60dac86d4dc68675c:1631129422.036656"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Thu, 16 Sep 2021 10:04:31 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 263 KB
75 KB 5124ms
46ms Script
application/javascript 2a00:1450:400d:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M92JXMV&gtm_auth=16iCHRn1z7748mckvKDXyw&gtm_preview=env-2&gtm_cookies_win=x

Requested by

Host: www.headspace.com
URL: https://www.headspace.com/de/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&utm_campaign=Dear_HS_FreeINTL&utm_content=h1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5aaad8363b0eb343c243cfa69c17706a13b31d8097a7edfac63ecd09d0a36b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 10:04:31 GMT
content-encoding: br
vary: *
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 76168
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 branch-latest.min.js Show response
cdn.branch.io/ 79 KB
24 KB 5038ms
8ms Script
text/javascript 13.225.78.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.branch.io/branch-latest.min.js
Requested by: Host: www.headspace.com
URL: https://www.headspace.com/de/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&utm_campaign=Dear_HS_FreeINTL&utm_content=h1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-23.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b1f23d8732d8e2a4f2e983d5bf52c680226ec20d3b3453a7d8de4ef4e28aa7a5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: JY0psBu036ThLrIRNRIc72jv8LxR45nr
content-encoding: gzip
last-modified: Thu, 19 Aug 2021 21:28:14 GMT
server: AmazonS3
age: 189
etag: "494b4c270c41c5456742136e682b1007"
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
cache-control: max-age=300
date: Wed, 15 Sep 2021 10:01:23 GMT
x-amz-cf-pop: FRA2-C2
content-length: 23861
x-amz-cf-id: -bSVEmTbnetwvEcZu486cMfKx4TlXEKN7s4PUtdQLQjlgN-Q17wHGw==

GET
H2 200 icons.svg
www.headspace.com/static/ 34 KB
16 KB 156ms
156ms Other
image/svg+xml 65.9.77.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.headspace.com/static/icons.svg

Requested by

Host: www.headspace.com
URL: https://www.headspace.com/de/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&utm_campaign=Dear_HS_FreeINTL&utm_content=h1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.77.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

d89b63406de97fcad69446cdc0456ec7f3132d5aa946a83f41089d8971e5267a

Security Headers

Name	Value
Content-Security-Policy	connect-src .cloudfront.net .headspace.com .liadm.com access.equalweb.com api-js.mixpanel.com api.amplitude.com api.branch.io api.chilipiper.com api.hubapi.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.equalweb.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com forms.hsforms.com .googletagmanager.com gum.criteo.com headspace.pxf.io identity.mparticle.com jssdkcdns.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com sdk.iad-01.braze.com sdk.iad-02.braze.com sentry.io static.zuora.com stats.g.doubleclick.net tags.w55c.net us-central1-adaptive-growth.cloudfunctions.net www.facebook.com www.google-analytics.com 'self'; default-src .headspace.com data:; font-src .headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src .headspace.com 9990894.fls.doubleclick.net a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com apps.rokt.com bid.g.doubleclick.net cdn-akamai.mookie1.com forms.hsforms.com gum.criteo.com static.criteo.net tags.tiqcdn.com widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' ; media-src .headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src .cloudfront.net .doubleclick.net .headspace.com a.quora.com analytics.tiktok.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link apps.rokt.com b-code.liadm.com bat.bing.com blob: cdn-akamai.mookie1.com cdn.amplitude.com cdn.branch.io cdn.equalweb.com cdn.lr-ingest.io cdn.optimizely.com .polyfill.io cdn.pdst.fm cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net d.impactradius-event.com forms.hsforms.com https://static.zuora.com js.adsrvr.org js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsadspixel.net js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sc-static.net sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com tags.tiqcdn.com tpc.googlesyndication.com tr.snapchat.com unpkg.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com https://vidassets.terminus.services https://trkn.us 'self' 'unsafe-eval' 'unsafe-inline'; style-src .headspace.com *.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://o28532.ingest.sentry.io/api/5545147/security/?sentry_key=d4047b73c3604221abf88979a98b9193&sentry_environment=production
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /static/icons.svg
pragma: no-cache
cookie: _sp_id.8a05=1e28fb56-a123-4467-b8b9-f64e115e5918.1631700261.0.1631700261..d46f3596-838d-4579-b045-8fcb96de0299; countryCode=DE; cookiePolicyMarketing=not-set; cookiePolicyAnalytics=not-set; lang=de; voucherCode=%22DEARHS40INT%22; AWSALB=hO7kyBU/THHgBwH3bufNLGCUcTnA7g73xCChBJx4ZUZPmKPGumyiy4SGqh4f68NFM9QNXAR8rD5/b73meIZxRoiYQ7N2g3pC1T2GhMuMUn9qOk2Qijpnoued2mJ9; AWSALBCORS=hO7kyBU/THHgBwH3bufNLGCUcTnA7g73xCChBJx4ZUZPmKPGumyiy4SGqh4f68NFM9QNXAR8rD5/b73meIZxRoiYQ7N2g3pC1T2GhMuMUn9qOk2Qijpnoued2mJ9; optimizelyEndUserId=oeu1631700266768r0.6605377232840228
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: same-origin
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.headspace.com
referer: https://www.headspace.com/de/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&utm_campaign=Dear_HS_FreeINTL&utm_content=h1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.headspace.com/de/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&utm_campaign=Dear_HS_FreeINTL&utm_content=h1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 10:04:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: AMS1-C1
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
vary: Origin Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 01 Sep 2021 21:02:39 GMT
x-frame-options: SAMEORIGIN
etag: W/"892a-17ba32bc198"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/svg+xml
via: 1.1 38785d3727bf0cfa7ca4399bb481ee5a.cloudfront.net (CloudFront)
cache-control: public, max-age=0
feature-policy: geolocation 'none'; microphone 'none';
content-security-policy: connect-src *.cloudfront.net *.headspace.com *.liadm.com access.equalweb.com api-js.mixpanel.com api.amplitude.com api.branch.io api.chilipiper.com api.hubapi.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.equalweb.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com forms.hsforms.com *.googletagmanager.com gum.criteo.com headspace.pxf.io identity.mparticle.com jssdkcdns.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com sdk.iad-01.braze.com sdk.iad-02.braze.com sentry.io static.zuora.com stats.g.doubleclick.net tags.w55c.net us-central1-adaptive-growth.cloudfunctions.net www.facebook.com www.google-analytics.com 'self'; default-src *.headspace.com data:; font-src *.headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src *.headspace.com 9990894.fls.doubleclick.net a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com apps.rokt.com bid.g.doubleclick.net cdn-akamai.mookie1.com forms.hsforms.com gum.criteo.com static.criteo.net tags.tiqcdn.com widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' *; media-src *.headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src *.cloudfront.net *.doubleclick.net *.headspace.com a.quora.com analytics.tiktok.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link apps.rokt.com b-code.liadm.com bat.bing.com blob: cdn-akamai.mookie1.com cdn.amplitude.com cdn.branch.io cdn.equalweb.com cdn.lr-ingest.io cdn.optimizely.com *.polyfill.io cdn.pdst.fm cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net d.impactradius-event.com forms.hsforms.com https://static.zuora.com js.adsrvr.org js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsadspixel.net js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sc-static.net sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com tags.tiqcdn.com tpc.googlesyndication.com tr.snapchat.com unpkg.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com https://vidassets.terminus.services https://trkn.us 'self' 'unsafe-eval' 'unsafe-inline'; style-src *.headspace.com *.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://o28532.ingest.sentry.io/api/5545147/security/?sentry_key=d4047b73c3604221abf88979a98b9193&sentry_environment=production
set-cookie: AWSALB=QEIH11EgAe14lRsWFnLcfbQEJd2RtakTyR5/L0dxinDZRUXJL1puFGLXLlZ07sV5gf1HIA0uCnvnfewt/xEkvz9rLVqa3NmfPn6jmtrM6pr0hL0TbyNg7gj0dpOL; Expires=Wed, 22 Sep 2021 10:04:26 GMT; Path=/ AWSALBCORS=QEIH11EgAe14lRsWFnLcfbQEJd2RtakTyR5/L0dxinDZRUXJL1puFGLXLlZ07sV5gf1HIA0uCnvnfewt/xEkvz9rLVqa3NmfPn6jmtrM6pr0hL0TbyNg7gj0dpOL; Expires=Wed, 22 Sep 2021 10:04:26 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
access-control-allow-headers: authorization,content-type,x-requested-with
x-amz-cf-id: GVL13yk512zsl3O5bwdOdPKaHrEfSYJjv1vBBaC3WrlUkFgldymxxA==
access-control-allow-credentials: true

GET
H2 200 Background-Clouds__2_.svg
images.ctfassets.net/v3n26e09qg2r/5vfRPDqCpdkTE1ZrHRO8WZ/0cbbca94a976e4a7ce47dcc293eedc99/ 7 KB
4 KB 5038ms
9ms Image
image/svg+xml 2600:9000:2156:5a00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/v3n26e09qg2r/5vfRPDqCpdkTE1ZrHRO8WZ/0cbbca94a976e4a7ce47dcc293eedc99/Background-Clouds__2_.svg
Requested by: Host: www.headspace.com
URL: https://www.headspace.com/de/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&utm_campaign=Dear_HS_FreeINTL&utm_content=h1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5a00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 4c9d08694e6a9b37959c98b34742b29ce2946fb254d7c467174604d1acea46b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.headspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 13:06:18 GMT
content-encoding: gzip
last-modified: Wed, 05 Jun 2019 20:28:11 GMT
server: Contentful Images API
age: 75494
etag: W/"0352b9d0c7239ca74aaf3ce1cca7a20d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: DJoUrOeZdKxZgmkcOfqeMt56RPmylBECeNPzyeejvoCFgIvFWDYBTQ==
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)

GET
H2 200 apercu_bold.woff2
static.headspace.com/fonts/apercu/ 21 KB
21 KB 5072ms
15ms Font
binary/octet-stream 65.9.77.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.headspace.com/fonts/apercu/apercu_bold.woff2
Requested by: Host: www.headspace.com
URL: https://www.headspace.com/_next/static/css/styles.aee4112c.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 88a83d6555af69a761e9d9c92ec7b587a1de45c95e4365ab8ef3d0abeb823ff0

Request headers

Referer
Origin: https://www.headspace.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 18:32:57 GMT
via: 1.1 f32f19f2f9b3c0c60a4ff31c809ed008.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 574295
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 21048
last-modified: Wed, 23 Jun 2021 20:16:49 GMT
server: AmazonS3
etag: "051d6e318abfad4e63ce09e483b5faee"
access-control-max-age: 3600
access-control-allow-methods: GET
x-amz-version-id: null
access-control-allow-origin: *
access-control-expose-headers: ETag
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-type: binary/octet-stream
x-amz-cf-id: hcqFz44yOOPT3e6LJeZjHZTxKsU3uQtbX1un7bEarF_HRRLMwONHrg==

GET
H2 200 apercu_regular.woff2
static.headspace.com/fonts/apercu/ 20 KB
21 KB 5079ms
22ms Font
binary/octet-stream 65.9.77.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.headspace.com/fonts/apercu/apercu_regular.woff2
Requested by: Host: www.headspace.com
URL: https://www.headspace.com/_next/static/css/styles.aee4112c.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e918a3fcb44e725952c49774404f5564c0e5bf79fe03fdd78ec2034561153672

Request headers

Referer
Origin: https://www.headspace.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 f32f19f2f9b3c0c60a4ff31c809ed008.cloudfront.net (CloudFront)
etag: "59469dee6787197930bd94880c1ecc00"
age: 487476
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 3600
content-length: 20864
last-modified: Wed, 23 Jun 2021 20:16:50 GMT
server: AmazonS3
date: Tue, 14 Sep 2021 20:58:27 GMT
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
access-control-expose-headers: ETag
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-amz-cf-id: YrpI05mvA2KAxIgCfYz8DANkwfGLu85gScwmEdtDi6rEY4oGGgJKgQ==

GET
H2 200 a11673470095.html Show response
a11673470095.cdn.optimizely.com/client_storage/ Frame 0707 2 KB
1 KB 5305ms
120ms Document
text/html 104.89.17.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://a11673470095.cdn.optimizely.com/client_storage/a11673470095.html

Requested by

Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/11673470095.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.89.17.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-89-17-148.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

6096fb681df9fc1d6d45e697d59dbac845802a33200791b1a220abed9e438617

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

:method: GET
:authority: a11673470095.cdn.optimizely.com
:scheme: https
:path: /client_storage/a11673470095.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

x-amz-id-2: hAmO8ACtCn/sTpZpp3P1s2cxJ1EZI2CJmvhpRf9EucN8v1q9gvbMVnNx5FvrTCmoQUYfUsMa+7E=
x-amz-request-id: 65S9Y23A7JMKJC8W
x-amz-replication-status: COMPLETED
last-modified: Fri, 13 Aug 2021 17:51:04 GMT
etag: "56cf7fb416ac2c9bea482bdca36f2627"
x-amz-server-side-encryption: AES256
x-amz-meta-pci_enabled: False
content-encoding: gzip
x-amz-version-id: TTyyja22NO60uxhUGhpAVBtTfVV5pL8o
accept-ranges: bytes
content-type: text/html; charset=utf-8
server: AmazonS3
content-length: 795
vary: Accept-Encoding
cache-control: max-age=120
date: Wed, 15 Sep 2021 10:04:32 GMT
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="5";dur=0,cdnip;desc="104.89.17.148";dur=0,cdnmap;desc="a4728.x.akamaiedge.net";dur=0,proto;desc="h2";dur=0
strict-transport-security: max-age=15768000

POST
H/1.1 204
No Content events Show response
logx.optimizely.com/v1/ 0
362 B 5409ms
100ms XHR
text/plain 34.232.184.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/11673470095.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.232.184.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-184-65.compute-1.amazonaws.com
Software: nginx/1.17.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 15 Sep 2021 10:04:33 GMT
Server: nginx/1.17.2
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.headspace.com
Access-Control-Expose-Headers: X-Results-Data-Source
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-Request-Id: 4ae894a4-750b-4abc-a3ca-687dfa8fe05a

GET
H2 200 6JoyVA6LBBoHeYweVqfBvw.json Show response
cdn.optimizely.com/datafiles/ 205 KB
26 KB 48ms
16ms XHR
application/json 2a02:26f0:fb:597::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/datafiles/6JoyVA6LBBoHeYweVqfBvw.json

Requested by

Host: www.headspace.com
URL: https://www.headspace.com/_next/static/SOQmvjCRIlq4eCLd29Rk_/pages/_app.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:597::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3ef828591af092ccfd840d5068af68575c955bdc591afd573e33412a2b3fee5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: HncRJR_NIdpBOlyJ6Rn0XINx2Btc1IxR
content-encoding: gzip
etag: "1ee4916c1babbe7d9e7821c0c29db9ad"
x-amz-request-id: SQRRM6XAYKNH1JDC
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 9089
x-amz-replication-status: PENDING
access-control-allow-methods: GET, HEAD, OPTIONS
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="13";dur=0,cdnip;desc="2a02:26f0:fb:597::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
vary: Accept-Encoding
content-length: 25561
x-amz-id-2: IqBK49A67fs7e4AceFZhIM1fnGRXv5CJzPWcqmolZUgxF2kenddtDCDNRQ9TQVr7IIdTlPsLiBo=
last-modified: Tue, 14 Sep 2021 21:01:03 GMT
server: AmazonS3
date: Wed, 15 Sep 2021 10:04:27 GMT
access-control-max-age: 604800
strict-transport-security: max-age=15768000
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=118
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *

GET
H2 200 checkout-cart__1_.json Show response
assets.ctfassets.net/v3n26e09qg2r/5Ekai4u4BcI2q5qRGqlWZb/08c732359a57a4cc00b68964ee6c8074/ 192 KB
12 KB 5042ms
12ms XHR
application/json 65.9.71.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ctfassets.net/v3n26e09qg2r/5Ekai4u4BcI2q5qRGqlWZb/08c732359a57a4cc00b68964ee6c8074/checkout-cart__1_.json
Requested by: Host: www.headspace.com
URL: https://www.headspace.com/_next/static/SOQmvjCRIlq4eCLd29Rk_/pages/_app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 21adb9773da91b0dfc6dc611c50c846de377422419808f6257e59eb1506a3f8e

Request headers

Accept: application/json, text/plain, */*
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: 7M8Q4KjcdUMOkx7K7Q.GoRyBN9vSYShe
content-encoding: gzip
etag: W/"6455b7ad7c22dc4d20b239811d80e510"
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Wed, 05 Jun 2019 20:35:55 GMT
server: AmazonS3
date: Wed, 15 Sep 2021 10:04:33 GMT
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/json
via: 1.1 3dd91613764eafe7ad199013ce202443.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-id: E-RA9Ai9UCJEHnhggM30U4pt4bUYUK6KLMQRIUmunEKfsfF0f1Mcig==

GET
H2 200 _r Show response
app.link/ 90 B
569 B 5192ms
163ms Script
text/javascript 2600:9000:20eb:ba00:19:9934:6a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.link/_r?sdk=web2.58.3&branch_key=key_live_mcdUiF9uYBpZ5OEBEK0jqoflzzlbD4dt&callback=branch_callback__0

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:ba00:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty / Express

Resource Hash

afb27fa4ade625287ad0eedaf83dc3f5b2929854e8c8c0c3e736ca7b8a26b390

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 10:04:36 GMT
via: 1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: openresty
x-amz-cf-pop: FRA2-C1
x-powered-by: Express
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
content-length: 90
etag: W/"5a-GoFdefpss8LUjNcl0ya9Ftu5Ykg"
x-amz-cf-id: wNwhEDOAqG6v1ReDoEhQxPjlzERVi11vdKzG6grXeP71uggeeCNfTg==

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/xaxis/headspace.com/prod/ 22 KB
8 KB 5071ms
28ms Script
application/x-javascript 2.21.140.252
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/xaxis/headspace.com/prod/utag.js
Requested by: Host: cdn-akamai.mookie1.com
URL: https://cdn-akamai.mookie1.com/LB/LightningBolt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.140.252 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-252.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 38086780da1ae241464c5c6c6797e7625057d352c4de31c56017aaa67a56a8d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 10:04:36 GMT
content-encoding: gzip
last-modified: Fri, 24 Apr 2020 20:44:26 GMT
server: AkamaiNetStorage
etag: "17d412667d5f3cb595179dff08ee0023:1587761066.887298"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 7661
expires: Wed, 15 Sep 2021 10:09:36 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
833 B 5177ms
126ms Script
application/javascript 2600:1480:4000:41::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M92JXMV&gtm_auth=16iCHRn1z7748mckvKDXyw&gtm_preview=env-2&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1480:4000:41:: , United States, ASN33905 (AKAMAI-AMS, NL),
Reverse DNS
Software: /
Resource Hash: 48c68c466497c98078950e24f7d499d9b6aedc16c8a980535226a14f32feb55f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-encoding: gzip
x-cdn: akamai
etag: "be0de9f37bc515448fb9440e478cda10"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
x-fallback: 4a3f72b6-2.16.187.100
accept-ranges: bytes
content-length: 585
access-control-expose-headers: X-CDN

GET
H2 200 ping.min.js Show response
cdn.pdst.fm/ 26 KB
6 KB 5034ms
7ms Script
application/javascript 35.244.142.80
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pdst.fm/ping.min.js
Requested by: Host: www.headspace.com
URL: https://www.headspace.com/de/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&utm_campaign=Dear_HS_FreeINTL&utm_content=h1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.142.80 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 80.142.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 09:51:37 GMT
content-encoding: gzip
age: 780
x-guploader-uploadid: ADPycdtJzuye2pv5upghY9MN7aF0TPvH00Jo3crqR8zN-XoUellrgjsYOBjYIUeVc8rCG0rJBMAj_BT8J7CXjlWElNySkuTknw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 5774
last-modified: Fri, 28 May 2021 20:34:03 GMT
server: UploadServer
etag: "d001d1c9f5a942fa5524eeacb047e819"
vary: Accept-Encoding
x-goog-hash: crc32c=oKoi/w==, md5=0AHRyfWpQvpVJO6ssEfoGQ==
x-goog-generation: 1622234043862937
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 5774
accept-ranges: bytes
content-type: application/javascript;
expires: Wed, 15 Sep 2021 10:51:37 GMT

GET
H2 200 t.js Show response
vidassets.terminus.services/f0c9017a-7514-4b1e-b253-eddc086a1230/ 4 KB
2 KB 5039ms
8ms Script
application/javascript 65.9.71.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vidassets.terminus.services/f0c9017a-7514-4b1e-b253-eddc086a1230/t.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M92JXMV&gtm_auth=16iCHRn1z7748mckvKDXyw&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.71.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

0e4b8d24a97bf67e39fcebe6b138ff9db6a5a01b38b3f2d2d2ab0ee90f44a729

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 10:02:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 227
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 08 Sep 2021 19:22:48 GMT
server: nginx/1.10.3 (Ubuntu)
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript;charset=utf-8
via: 1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Authorization
cache-control: public, s-maxage=2700
x-amz-cf-pop: FRA56-C1
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Authorization
x-amz-cf-id: OkFpKPMUu1SFEGdebl9-RYXqFKW5Qo9tyRws4oNQHCr81V1AtdX4DQ==

GET
H2 200 A2816351-2c6d-442e-a206-0844e1aebf7b1.js Show response
d.impactradius-event.com/ 41 KB
13 KB 5032ms
7ms Script
text/javascript 35.186.249.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.impactradius-event.com/A2816351-2c6d-442e-a206-0844e1aebf7b1.js
Requested by: Host: www.headspace.com
URL: https://www.headspace.com/de/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&utm_campaign=Dear_HS_FreeINTL&utm_content=h1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.249.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 72.249.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 5d5baba0cd20d28cd5771aa8ff4cf75407962e9ee2f2f4cc7f6c2539c52790b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 10:03:45 GMT
content-encoding: gzip
age: 52
x-guploader-uploadid: ADPycdsGS6sIGM2y_7QRiMtJ67-ekP41-ZOekEFKcvchSM5WbN_8oOs-CoMuDyBh4sPwQLM0GE3cejONnfrhxz8CO1NjOBwzVA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 12944
last-modified: Wed, 01 Sep 2021 17:46:33 GMT
server: UploadServer
etag: "d6ddc98d4bed3b8d060e3bcc7e6fc54a"
vary: Accept-Encoding
x-goog-hash: crc32c=Th/nxw==, md5=1t3JjUvtO40GDjvMfm/FSg==
x-goog-generation: 1630518392950008
cache-control: public,max-age=900,s-maxage=300
x-goog-stored-content-length: 12944
accept-ranges: bytes
content-type: text/javascript; charset=utf-8
expires: Wed, 15 Sep 2021 10:08:45 GMT

GET
H2 200 mparticle.js Show response
jssdkcdns.mparticle.com/js/v2/580aa567c0d972439cf41d95730011ed/ 1 MB
587 KB 5053ms
10ms Script
application/javascript 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://jssdkcdns.mparticle.com/js/v2/580aa567c0d972439cf41d95730011ed/mparticle.js
Requested by: Host: www.headspace.com
URL: https://www.headspace.com/de/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&utm_campaign=Dear_HS_FreeINTL&utm_content=h1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: c602c156d8eeea37fea7baf1209430c29ac8c8ba31bb380f8be93328219f4d4d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 10:04:37 GMT
via: 1.1 varnish, 1.1 varnish
age: 1939
x-origin-name: fastlyshield--shield_ssl_cache_dca17733_DCA
x-cache: HIT, HIT
x-cache-hits: 1, 1
content-encoding: gzip
content-length: 600473
x-served-by: cache-dca17733-DCA, cache-fra19164-FRA
server: Kestrel
x-timer: S1631700277.029528,VS0,VE1
vary: Accept, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 15 Sep 2021 10:32:18 GMT

GET
H/1.1

200
OK

ppt=11045;g=landing_page;gid=32736;ord=[uniqueid]
trkn.us/pixel/conv/
Redirect Chain

https://trkn.us/pixel/conv/ppt=11045;g=landing_page;gid=32736;ord=[uniqueid]?gtmcb=1199116019
https://trkn.us/pixel/conv/ppt=11045;g=landing_page;gid=32736;ord=[uniqueid]?gtmcb=1199116019;ip=136.243.198.84;cuidchk=1

42 B
780 B

121ms
121ms

Image
image/gif

54.224.71.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trkn.us/pixel/conv/ppt=11045;g=landing_page;gid=32736;ord=[uniqueid]?gtmcb=1199116019;ip=136.243.198.84;cuidchk=1

Requested by

Host: www.headspace.com
URL: https://www.headspace.com/de/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&utm_campaign=Dear_HS_FreeINTL&utm_content=h1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.224.71.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-224-71-103.compute-1.amazonaws.com

Software

Apache /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 15 Sep 2021 10:04:37 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 9 Nov 1980 12:59:00 GMT
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date: Wed, 15 Sep 2021 10:04:37 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: /pixel/conv/ppt=11045;g=landing_page;gid=32736;ord=[uniqueid]?gtmcb=1199116019;ip=136.243.198.84;cuidchk=1
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 0

GET
H2 200 appboy.min.js Show response
js.appboycdn.com/web-sdk/2.3/ 183 KB
46 KB 5055ms
23ms Script
application/javascript 2606:4700:10::6816:94f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.appboycdn.com/web-sdk/2.3/appboy.min.js
Requested by: Host: www.headspace.com
URL: https://www.headspace.com/de/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&utm_campaign=Dear_HS_FreeINTL&utm_content=h1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:94f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f55914bb3477a565f202a4ed40360d0d41f4ea441d7767411879e97733ec4ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 10:04:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 17 Jun 2019 21:36:18 GMT
server: cloudflare
age: 6053
etag: W/"bb1d5dd629a880f64d97d8a1bb1de8a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 68f1082b5a715b9e-FRA
x-amz-request-id: 14W7CYD0328HD1AS
x-amz-id-2: MAF7Nvuvt5r8z5RdrTQhhaB2sVYLVShCyCFXI94f+h2DCqrbWGe+xdhL/ZHdGmAxjTQOqviqeUo=

POST
H2 429 /
o28532.ingest.sentry.io/api/5545147/security/ 0
0 5135ms
9ms Other
application/json 34.120.195.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://o28532.ingest.sentry.io/api/5545147/security/?sentry_key=d4047b73c3604221abf88979a98b9193&sentry_environment=production
Requested by: Host: www.headspace.com
URL: https://www.headspace.com/de/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&utm_campaign=Dear_HS_FreeINTL&utm_content=h1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 249.195.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/csp-report

Response headers

access-control-allow-origin: https://www.headspace.com
access-control-expose-headers: x-sentry-rate-limits, retry-after, x-sentry-error

GET trackable.js
ext.chtbl.com/ 0
0

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/xaxis/-headspace/prod/ 26 KB
9 KB 21ms
20ms Script
application/x-javascript 2.21.140.252
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/xaxis/-headspace/prod/utag.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/xaxis/headspace.com/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.140.252 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-252.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 92a609a291717d26e9d1c5c41268c081d434e258cee7d91ce300d3239f70464e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 10:04:36 GMT
content-encoding: gzip
last-modified: Mon, 01 Jun 2020 14:12:39 GMT
server: AkamaiNetStorage
etag: "a4a2fde6a94811e35c65967dae066ce4:1591020759.368155"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 8755
expires: Wed, 15 Sep 2021 10:09:36 GMT

GET
H2 200 mobile.html Show response
tags.tiqcdn.com/utag/xaxis/-headspace/prod/ Frame 7A1F 424 B
621 B 21ms
20ms Document
text/html 2.21.140.252
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/xaxis/-headspace/prod/mobile.html?order_id=&order_total=0.00&order_subtotal=0.00&lbData_MP1=&refAction=email-lifecycle&refContent=h1&refCampaign=dear_hs_freeintl&order_currency=USD&xaxis_title=Kasse%20%E2%80%93%20Headspace&xaxis_hash=&xaxis_domain=www.headspace.com&xaxis_pathname=%2Fde%2Fcheckout&xaxis_url=https%3A%2F%2Fwww.headspace.com%2Fde%2Fcheckout%3FvoucherCode%3DDEARHS40INT%26utm_medium%3Demail%26utm_source%3Dlifecycle%26utm_campaign%3DDear_HS_FreeINTL%26utm_content%3Dh1&xaxis_referrer=
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/xaxis/-headspace/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.140.252 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-252.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cb4bc8a812f362397af876b6fef272b51f50286d06155e3d8f2c86fb205a9a20

Request headers

:method: GET
:authority: tags.tiqcdn.com
:scheme: https
:path: /utag/xaxis/-headspace/prod/mobile.html?order_id=&order_total=0.00&order_subtotal=0.00&lbData_MP1=&refAction=email-lifecycle&refContent=h1&refCampaign=dear_hs_freeintl&order_currency=USD&xaxis_title=Kasse%20%E2%80%93%20Headspace&xaxis_hash=&xaxis_domain=www.headspace.com&xaxis_pathname=%2Fde%2Fcheckout&xaxis_url=https%3A%2F%2Fwww.headspace.com%2Fde%2Fcheckout%3FvoucherCode%3DDEARHS40INT%26utm_medium%3Demail%26utm_source%3Dlifecycle%26utm_campaign%3DDear_HS_FreeINTL%26utm_content%3Dh1&xaxis_referrer=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-type: text/html
etag: "d765bba55e00a04cf5cf7d9200edba21:1587761191.996828"
last-modified: Fri, 24 Apr 2020 20:46:31 GMT
server: AkamaiNetStorage
content-length: 424
cache-control: max-age=3600
expires: Wed, 15 Sep 2021 11:04:36 GMT
date: Wed, 15 Sep 2021 10:04:36 GMT

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/xaxis/-headspace/prod/ Frame 7A1F 26 KB
9 KB 15ms
15ms Script
application/x-javascript 2.21.140.252
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/xaxis/-headspace/prod/utag.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/xaxis/-headspace/prod/mobile.html?order_id=&order_total=0.00&order_subtotal=0.00&lbData_MP1=&refAction=email-lifecycle&refContent=h1&refCampaign=dear_hs_freeintl&order_currency=USD&xaxis_title=Kasse%20%E2%80%93%20Headspace&xaxis_hash=&xaxis_domain=www.headspace.com&xaxis_pathname=%2Fde%2Fcheckout&xaxis_url=https%3A%2F%2Fwww.headspace.com%2Fde%2Fcheckout%3FvoucherCode%3DDEARHS40INT%26utm_medium%3Demail%26utm_source%3Dlifecycle%26utm_campaign%3DDear_HS_FreeINTL%26utm_content%3Dh1&xaxis_referrer=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.140.252 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-252.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 92a609a291717d26e9d1c5c41268c081d434e258cee7d91ce300d3239f70464e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tags.tiqcdn.com/utag/xaxis/-headspace/prod/mobile.html?order_id=&order_total=0.00&order_subtotal=0.00&lbData_MP1=&refAction=email-lifecycle&refContent=h1&refCampaign=dear_hs_freeintl&order_currency=USD&xaxis_title=Kasse%20%E2%80%93%20Headspace&xaxis_hash=&xaxis_domain=www.headspace.com&xaxis_pathname=%2Fde%2Fcheckout&xaxis_url=https%3A%2F%2Fwww.headspace.com%2Fde%2Fcheckout%3FvoucherCode%3DDEARHS40INT%26utm_medium%3Demail%26utm_source%3Dlifecycle%26utm_campaign%3DDear_HS_FreeINTL%26utm_content%3Dh1&xaxis_referrer=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 10:04:37 GMT
content-encoding: gzip
last-modified: Mon, 01 Jun 2020 14:12:39 GMT
server: AkamaiNetStorage
etag: "a4a2fde6a94811e35c65967dae066ce4:1591020759.368155"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 8755
expires: Wed, 15 Sep 2021 10:09:37 GMT

OPTIONS
H2 200 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ Frame 0
0 5157ms
121ms Preflight
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Protocol: H2
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.headspace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-type: text/html; charset=utf-8
etag: W/"2-ROqGvmcGDXooyAXFZHZ+i4au1yQ"
function-execution-id: hmustesl89r3
x-powered-by: Express
x-cloud-trace-context: 2b015a852d2b14511b97e252ff8b6c27
content-encoding: gzip
date: Wed, 15 Sep 2021 10:04:42 GMT
server: Google Frontend
cache-control: private
content-length: 22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 204 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ 0
0 173ms
172ms Fetch
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Requested by: Host: www.headspace.com
URL: https://www.headspace.com/_next/static/SOQmvjCRIlq4eCLd29Rk_/pages/_app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: application/json
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 15 Sep 2021 10:04:42 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
server: Google Frontend
access-control-allow-headers: Content-Type, Accept
x-powered-by: Express
access-control-allow-methods: GET, POST
content-type: text/html
access-control-allow-origin: *
x-cloud-trace-context: 6d09e5395822919cbd5696c57b1bbb1b
function-execution-id: jsadvrqwucn0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST 13686
headspace.pxf.io/xc/2958222/1067607/ 0
0

GET
H2 503 generic
match.adsrvr.org/track/cmf/ 27 B
27 B 5940ms
848ms Image
text/html 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=terminus&ttd_tpi=1&ttd_puid=f0c9017a-7514-4b1e-b253-eddc086a1230|05d3412e-3d93-498d-99de-1bce62e640b5
Requested by: Host: www.headspace.com
URL: https://www.headspace.com/de/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&utm_campaign=Dear_HS_FreeINTL&utm_content=h1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 6468ac9f9bca964f3910fc967b80781c1c8634300e36f95ae49056d91a2734bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 10:04:42 GMT
cache-control: no-cache, must-revalidate
content-type: text/html
content-length: 27
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 t.gif
vidassets.terminus.services/f0c9017a-7514-4b1e-b253-eddc086a1230/ 42 B
693 B 8ms
8ms Image
image/gif 65.9.71.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vidassets.terminus.services/f0c9017a-7514-4b1e-b253-eddc086a1230/t.gif?d=05d3412e-3d93-498d-99de-1bce62e640b5&s=db3c8f96-bc3c-4094-8cc7-de7a5deb0fa1&p=https%3A%2F%2Fwww.headspace.com%2Fde%2Fcheckout%3FvoucherCode%3DDEARHS40INT%26utm_medium%3Demail%26utm_source%3Dlifecycle%26utm_campaign%3DDear_HS_FreeINTL%26utm_content%3Dh1&cb=1631700277031

Requested by

Host: www.headspace.com
URL: https://www.headspace.com/de/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&utm_campaign=Dear_HS_FreeINTL&utm_content=h1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.71.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 09:32:45 GMT
via: 1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 1915
x-cache: Hit from cloudfront
content-length: 42
last-modified: Wed, 08 Sep 2021 19:22:48 GMT
server: nginx/1.10.3 (Ubuntu)
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Authorization
cache-control: public, s-maxage=2700
x-amz-cf-pop: FRA56-C1
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Authorization
x-amz-cf-id: APx1RGc6zAdswv_TSg0S3dyVHCEvbipGrJqaxrFzH-OGxLGyufcOwQ==

GET
H2 200 utag.1.js Show response
tags.tiqcdn.com/utag/xaxis/-headspace/prod/ Frame 7A1F 2 KB
1 KB 32ms
32ms Script
application/x-javascript 2.21.140.252
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/xaxis/-headspace/prod/utag.1.js?utv=ut4.46.202005122012
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/xaxis/-headspace/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.140.252 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-252.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6feb16f03d42566e28f3ead5529ec1c622ababf6d3c979c4c45274fcb4f259c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tags.tiqcdn.com/utag/xaxis/-headspace/prod/mobile.html?order_id=&order_total=0.00&order_subtotal=0.00&lbData_MP1=&refAction=email-lifecycle&refContent=h1&refCampaign=dear_hs_freeintl&order_currency=USD&xaxis_title=Kasse%20%E2%80%93%20Headspace&xaxis_hash=&xaxis_domain=www.headspace.com&xaxis_pathname=%2Fde%2Fcheckout&xaxis_url=https%3A%2F%2Fwww.headspace.com%2Fde%2Fcheckout%3FvoucherCode%3DDEARHS40INT%26utm_medium%3Demail%26utm_source%3Dlifecycle%26utm_campaign%3DDear_HS_FreeINTL%26utm_content%3Dh1&xaxis_referrer=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 10:04:37 GMT
content-encoding: gzip
last-modified: Tue, 12 May 2020 20:12:47 GMT
server: AkamaiNetStorage
etag: "c728350239d2f3233deecdf377e4b003:1589314367.365627"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1229
expires: Thu, 30 Sep 2021 10:04:37 GMT

GET
H2 200 utag.2.js Show response
tags.tiqcdn.com/utag/xaxis/-headspace/prod/ Frame 7A1F 3 KB
2 KB 34ms
34ms Script
application/x-javascript 2.21.140.252
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/xaxis/-headspace/prod/utag.2.js?utv=ut4.46.202006011412
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/xaxis/-headspace/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.140.252 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-252.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 3e2221da47e68bd19d81f63ba304e093a3850fed1626121a481a61559ff00006

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tags.tiqcdn.com/utag/xaxis/-headspace/prod/mobile.html?order_id=&order_total=0.00&order_subtotal=0.00&lbData_MP1=&refAction=email-lifecycle&refContent=h1&refCampaign=dear_hs_freeintl&order_currency=USD&xaxis_title=Kasse%20%E2%80%93%20Headspace&xaxis_hash=&xaxis_domain=www.headspace.com&xaxis_pathname=%2Fde%2Fcheckout&xaxis_url=https%3A%2F%2Fwww.headspace.com%2Fde%2Fcheckout%3FvoucherCode%3DDEARHS40INT%26utm_medium%3Demail%26utm_source%3Dlifecycle%26utm_campaign%3DDear_HS_FreeINTL%26utm_content%3Dh1&xaxis_referrer=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 10:04:37 GMT
content-encoding: gzip
last-modified: Thu, 14 May 2020 18:07:36 GMT
server: AkamaiNetStorage
etag: "f8d40af5cb008c3e799af606346b2dbc:1589479656.163676"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1479
expires: Thu, 30 Sep 2021 10:04:37 GMT

GET
H2 200 _r Show response
app.link/ 90 B
572 B 162ms
162ms Script
text/javascript 2600:9000:20eb:ba00:19:9934:6a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.link/_r?sdk=web2.58.3&branch_key=key_live_mcdUiF9uYBpZ5OEBEK0jqoflzzlbD4dt&callback=branch_callback__1

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:ba00:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty / Express

Resource Hash

928605333a50c82bed187a0a32cea70aa25ff9c99e405c173aa16b1084df0030

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 10:04:37 GMT
via: 1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: openresty
x-amz-cf-pop: FRA2-C1
x-powered-by: Express
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
content-length: 90
etag: W/"5a-jrq7CnI3M05+RbQHMnvr0W2ZqNY"
x-amz-cf-id: vTQgeX-ZCUkF52GKNlFtvQ6nIj-VxjYwBtW0mjyBhC29K6tmmEf9bw==

OPTIONS
H2 200 /
sdk.iad-02.braze.com/api/v3/data/ Frame 0
0 5433ms
382ms Preflight 199.232.193.208
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-02.braze.com/api/v3/data/

Protocol

Server

199.232.193.208 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
Origin: https://www.headspace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
access-control-allow-origin: *
access-control-allow-methods: POST, GET
access-control-expose-headers
access-control-max-age: 7200
access-control-allow-headers: content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
content-encoding: gzip
accept-ranges: bytes
date: Wed, 15 Sep 2021 10:04:42 GMT
via: 1.1 varnish
x-served-by: cache-fra19183-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1631700282.136100,VS0,VE375
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains

OPTIONS
H2 200 sync
sdk.iad-02.braze.com/api/v3/content_cards/ Frame 0
0 5432ms
382ms Preflight 199.232.193.208
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-02.braze.com/api/v3/content_cards/sync

Protocol

Server

199.232.193.208 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-requested-with
Origin: https://www.headspace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
access-control-allow-origin: *
access-control-allow-methods: POST, GET
access-control-expose-headers
access-control-max-age: 7200
access-control-allow-headers: content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-requested-with
content-encoding: gzip
accept-ranges: bytes
date: Wed, 15 Sep 2021 10:04:42 GMT
via: 1.1 varnish
x-served-by: cache-fra19183-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1631700282.136131,VS0,VE376
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 7f85a56ba4.css
use.fontawesome.com/ 1 KB
1 KB 5049ms
16ms Stylesheet
text/css 2606:4700:3037::6815:4e07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/7f85a56ba4.css
Requested by: Host: js.appboycdn.com
URL: https://js.appboycdn.com/web-sdk/2.3/appboy.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e92913c2b11fc1e9e7c4f84628362d1c9660e7f7e88904d124c9ebbbef9d4e48

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 10:04:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1122
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: MWFFP00J4FN56JFH
x-amz-id-2: 5/bOKr313dKi97KTRRannnbDKb5WWOZXzqOg4bws+qaziPjRH+6pNsddmlQ6sG5z8q6p2P5PBcA=
last-modified: Wed, 30 Jun 2021 21:14:33 GMT
server: cloudflare
etag: W/"8360eb270b919a1fb4776bc448d9ed14"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kZP2esksw7CYv97d4kVVZEjzZj9MkyXgPB3uh7y8qYwB%2BZgWluYgchzjcNKDiKW9GChVw1pnLFxz8f6S%2B2Uw%2FdjDlnmBXPzoUM0i2hgAfj6yPTNup601JSL1Mco5V7W0g8CngqgO6iiLHpArIPeA0CtT"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1800
cf-ray: 68f1084b1e591f25-FRA

POST
H2 201 / Show response
sdk.iad-02.braze.com/api/v3/data/ 23 KB
6 KB 465ms
465ms XHR
application/json 199.232.193.208
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-02.braze.com/api/v3/data/

Requested by

Host: www.headspace.com
URL: https://www.headspace.com/_next/static/SOQmvjCRIlq4eCLd29Rk_/pages/_app.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.193.208 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

eeac84afab5aed10820c5c61700cef328660d3bb73df2e19ae1bf43b22f9f092

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-Braze-Api-Key: 18011459-1937-4026-89fe-f1d1e575c3d3
X-Braze-TriggersRequest: true
X-Braze-DataRequest: true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type: application/json
Accept-Language: de-DE,de;q=0.9
Referer
X-Requested-With: XMLHttpRequest

Response headers

date: Wed, 15 Sep 2021 10:04:42 GMT
content-encoding: gzip
access-control-allow-origin: *
x-cache: MISS
access-control-max-age: 7200
strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: 7c83451b-133d-4ed6-b43c-303257fc0c19
x-served-by: cache-fra19183-FRA
x-runtime: 0.084944
server: nginx
x-timer: S1631700283.519022,VS0,VE458
etag: W/"eeac84afab5aed10820c5c61700cef32"
vary: Origin,Accept-Encoding
access-control-allow-methods: POST, GET
content-type: application/json
via: 1.1 varnish
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
accept-ranges: bytes
x-cache-hits: 0

POST
H2 201 sync Show response
sdk.iad-02.braze.com/api/v3/content_cards/ 59 B
276 B 107ms
107ms XHR
application/json 199.232.193.208
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-02.braze.com/api/v3/content_cards/sync

Requested by

Host: www.headspace.com
URL: https://www.headspace.com/_next/static/SOQmvjCRIlq4eCLd29Rk_/pages/_app.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.193.208 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

56ed64ba1a0f1af7b481c5ae8ea4124175048757a70b7e2defa1038edf0c8cf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-Braze-Api-Key: 18011459-1937-4026-89fe-f1d1e575c3d3
X-Braze-DataRequest: true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type: application/json
Accept-Language: de-DE,de;q=0.9
Referer
X-Requested-With: XMLHttpRequest
X-Braze-ContentCardsRequest: true

Response headers

date: Wed, 15 Sep 2021 10:04:42 GMT
content-encoding: gzip
access-control-allow-origin: *
x-cache: MISS
access-control-max-age: 7200
strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: 492cff11-5b9b-4578-8ed1-63d1b0ce51cf
x-served-by: cache-fra19183-FRA
x-runtime: 0.005849
server: nginx
x-timer: S1631700283.519111,VS0,VE101
etag: W/"56ed64ba1a0f1af7b481c5ae8ea41241"
vary: Origin,Accept-Encoding
access-control-allow-methods: POST, GET
content-type: application/json
via: 1.1 varnish
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 activity
us-gmtdmp.mookie1.com/t/v2/ Frame 7A1F 43 B
606 B 5169ms
108ms Image
image/gif 35.227.230.187
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_868906&src.rand=[timestamp]&src.query=voucherCode%3DDEARHS40INT%26utm_medium%3Demail%26utm_source%3Dlifecycle%26utm_campaign%3DDear_HS_FreeINTL%26utm_content%3Dh1&src.url=https%3A%2F%2Fwww.headspace.com%2Fde%2Fcheckout%3FvoucherCode%3DDEARHS40INT%26utm_medium%3Demail%26utm_source%3Dlifecycle%26utm_campaign%3DDear_HS_FreeINTL%26utm_content%3Dh1&src.hash=&src.domain=www.headspace.com&src.pathname=%2Fde%2Fcheckout&src.migparam1=voucherCode%3DDEARHS40INT%26utm_medium%3Demail%26utm_source%3Dlifecycle%26utm_campaign%3DDear_HS_FreeINTL%26utm_content%3Dh1&src.migparam2=https%3A%2F%2Fwww.headspace.com%2Fde%2Fcheckout%3FvoucherCode%3DDEARHS40INT%26utm_medium%3Demail%26utm_source%3Dlifecycle%26utm_campaign%3DDear_HS_FreeINTL%26utm_content%3Dh1&src.migparam3=&src.migparam4=www.headspace.com&src.migparam5=%2Fde%2Fcheckout
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/xaxis/-headspace/prod/mobile.html?order_id=&order_total=0.00&order_subtotal=0.00&lbData_MP1=&refAction=email-lifecycle&refContent=h1&refCampaign=dear_hs_freeintl&order_currency=USD&xaxis_title=Kasse%20%E2%80%93%20Headspace&xaxis_hash=&xaxis_domain=www.headspace.com&xaxis_pathname=%2Fde%2Fcheckout&xaxis_url=https%3A%2F%2Fwww.headspace.com%2Fde%2Fcheckout%3FvoucherCode%3DDEARHS40INT%26utm_medium%3Demail%26utm_source%3Dlifecycle%26utm_campaign%3DDear_HS_FreeINTL%26utm_content%3Dh1&xaxis_referrer=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.230.187 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 187.230.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tags.tiqcdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 10:04:42 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ Frame 7A1F 4 KB
2 KB 5037ms
7ms Script
application/x-javascript 65.9.65.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/xaxis/-headspace/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.65.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tags.tiqcdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 15 Sep 2021 02:00:17 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 29066
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 910fc18161f0602555cc5b6397ca26f3.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56-C1
X-Amz-Cf-Id: j73PkBb-Te2KsIPcWA8nVdOrj2PvW3bJLfEN2Z1zH2jSe3bqFjDWwA==

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ Frame 7A1F 2 B
202 B 14ms
14ms Script
application/x-javascript 2.21.140.252
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=xaxis/-headspace/202006011412&cb=1631700277091
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/xaxis/-headspace/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.140.252 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-252.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tags.tiqcdn.com/utag/xaxis/-headspace/prod/mobile.html?order_id=&order_total=0.00&order_subtotal=0.00&lbData_MP1=&refAction=email-lifecycle&refContent=h1&refCampaign=dear_hs_freeintl&order_currency=USD&xaxis_title=Kasse%20%E2%80%93%20Headspace&xaxis_hash=&xaxis_domain=www.headspace.com&xaxis_pathname=%2Fde%2Fcheckout&xaxis_url=https%3A%2F%2Fwww.headspace.com%2Fde%2Fcheckout%3FvoucherCode%3DDEARHS40INT%26utm_medium%3Demail%26utm_source%3Dlifecycle%26utm_campaign%3DDear_HS_FreeINTL%26utm_content%3Dh1&xaxis_referrer=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 10:04:37 GMT
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type: application/x-javascript
cache-control: max-age=600
accept-ranges: bytes
content-length: 2
expires: Wed, 15 Sep 2021 10:14:37 GMT

OPTIONS
H2 204 identify
identity.mparticle.com/v1/ Frame 0
0 5037ms
6ms Preflight 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.mparticle.com/v1/identify

Protocol

Server

2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-mp-key
Origin: https://www.headspace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Kestrel
access-control-allow-headers: content-type,x-mp-key
access-control-allow-origin: *
x-origin-name: 4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
accept-ranges: bytes
date: Wed, 15 Sep 2021 10:04:42 GMT
via: 1.1 varnish
age: 89
x-served-by: cache-fra19181-FRA
x-cache: HIT
x-cache-hits: 8
x-timer: S1631700282.164587,VS0,VE0
strict-transport-security: max-age=900

GET
H2 200 amplitude-7.2.1-min.gz.js Show response
cdn.amplitude.com/libs/ 59 KB
19 KB 5041ms
10ms Script
application/javascript 52.222.206.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/amplitude-7.2.1-min.gz.js
Requested by: Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/580aa567c0d972439cf41d95730011ed/mparticle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.206.178 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-206-178.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1e8af1c8306411c684130fcf7d46fa10b1906898bcc781a822e5d4a38ae2cce8

Request headers

Referer
Origin: https://www.headspace.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 20:54:23 GMT
content-encoding: gzip
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 652220
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 19222
access-control-allow-origin: *
last-modified: Tue, 22 Sep 2020 19:51:25 GMT
server: AmazonS3
etag: "e7ee6bc7f428f90fb1b1ed0e94b9f835"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: rtLe8nVXDx8sL7XBGT5sDlFBE.TwGFEn
via: 1.1 bfad099b4e1fa2ec7d21876e0293dc20.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: YNDR-phuabzutzVcYH1gUX_I6efu7euIGIOp_Lw47jEyDdvhojnOiQ==

POST
H2 200 identify Show response
identity.mparticle.com/v1/ 175 B
262 B 116ms
112ms XHR
application/json 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.mparticle.com/v1/identify

Requested by

Host: www.headspace.com
URL: https://www.headspace.com/_next/static/SOQmvjCRIlq4eCLd29Rk_/pages/_app.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e7ed189ae3869ddb3cf2c6f3330ff1eb211b13c409d5963cd9632a2a6c3dd69e

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

x-mp-key: 580aa567c0d972439cf41d95730011ed
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 15 Sep 2021 10:04:42 GMT
content-encoding: gzip
server: Kestrel
x-timer: S1631700282.176025,VS0,VE106
x-origin-name: 4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by: cache-fra19181-FRA
vary: Accept-Encoding
x-cache: MISS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
strict-transport-security: max-age=900
accept-ranges: bytes
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 main.e7fd5392.js Show response
s.pinimg.com/ct/lib/ 53 KB
19 KB 119ms
118ms Script
application/javascript 2600:1480:4000:41::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.e7fd5392.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1480:4000:41:: , United States, ASN33905 (AKAMAI-AMS, NL),
Reverse DNS
Software: /
Resource Hash: 330ad082fc0156cb33905081e0ec51703cd42af60a30a7d20aee333daa68bf20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-encoding: gzip
x-cdn: akamai
etag: "30ff292a4ebc0e59d7e191b6f654384a"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
x-fallback: 4a3f7348-2.16.187.100
accept-ranges: bytes
content-length: 18816
access-control-expose-headers: X-CDN

POST open
api2.branch.io/v1/ 0
0

GET
H2 200 / Show response
ct.pinterest.com/user/ 493 B
826 B 5093ms
41ms XHR
application/json 2.21.141.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2613695941317&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1631700277282

Requested by

Host: www.headspace.com
URL: https://www.headspace.com/_next/static/SOQmvjCRIlq4eCLd29Rk_/pages/_app.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.141.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-141-169.deploy.static.akamaitechnologies.com

Software

Resource Hash

20fd937dd145754a357d9b74f62992d77b7921cbcf64367b71f8f3047df30d5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 10:04:42 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cdn: akamai
akamai-grn: 0.4699645f.1631700282.a97ec832
x-envoy-upstream-service-time: 1
x-pinterest-rid: 2912039346143960
pin-unauth: dWlkPVpHWTFNV001TWpZdE5ETmhNUzAwTTJRMkxUZzJNV0l0WmpkbFlUWXlOalpsWldOaA
access-control-allow-origin: https://www.headspace.com
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: application/json; charset=utf-8
pragma: no-cache
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
content-length: 342
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
334 B 5125ms
75ms Image
image/gif 2.21.141.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613695941317&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.headspace.com%2Fde%2Fcheckout%3FvoucherCode%3DDEARHS40INT%26utm_medium%3Demail%26utm_source%3Dlifecycle%26utm_campaign%3DDear_HS_FreeINTL%26utm_content%3Dh1%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22e7fd5392%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1631700277283

Requested by

Host: www.headspace.com
URL: https://www.headspace.com/de/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&utm_campaign=Dear_HS_FreeINTL&utm_content=h1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.141.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-141-169.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 10:04:42 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.4699645f.1631700282.a97ec845
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 1059469314563767
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
579 B 5125ms
75ms Image
image/gif 2.21.141.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2613695941317&pd=%7B%22np%22%3A%22gtm%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.headspace.com%2Fde%2Fcheckout%3FvoucherCode%3DDEARHS40INT%26utm_medium%3Demail%26utm_source%3Dlifecycle%26utm_campaign%3DDear_HS_FreeINTL%26utm_content%3Dh1%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22e7fd5392%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1631700277284

Requested by

Host: www.headspace.com
URL: https://www.headspace.com/de/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&utm_campaign=Dear_HS_FreeINTL&utm_content=h1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.141.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-141-169.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 10:04:42 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.4699645f.1631700282.a97ec853
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
content-length: 35
x-pinterest-rid: 1696526405934339
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 13686
headspace.pxf.io/bc/2958222/1067607/ 0
459 B 62ms
20ms Ping
text/plain 35.201.76.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://headspace.pxf.io/bc/2958222/1067607/13686
Requested by: Host: d.impactradius-event.com
URL: https://d.impactradius-event.com/A2816351-2c6d-442e-a206-0844e1aebf7b1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.76.231 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.76.201.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 10:04:42 GMT
via: 1.1 google
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Wed, 15 Sep 2021 10:04:42 GMT

GET
H/1.1 200
OK 1*1.gif
logs-01.loggly.com/inputs/9b965af4-52fb-46fa-be1b-8dc5fb0aad05/tag/jsinsight/ 0
0 5441ms
107ms Image
text/html 52.73.201.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://logs-01.loggly.com/inputs/9b965af4-52fb-46fa-be1b-8dc5fb0aad05/tag/jsinsight/1*1.gif?ver=U10&acid=A2816351-2c6d-442e-a206-0844e1aebf7b1&type=UTT&msg=NaN%3A%204%2C%20status%3A%200%2C%20ts%3A%201631700277023%2C%20time%3A%205002%2C%20text%3A%20%2C%20url%3A%20https%3A%2F%2Fheadspace.pxf.io%2Fxc%2F2958222%2F1067607%2F13686&event=doXHR%20problem&agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F92.0.4515.159%20Safari%2F537.36
Requested by: Host: www.headspace.com
URL: https://www.headspace.com/de/checkout?voucherCode=DEARHS40INT&utm_medium=email&utm_source=lifecycle&utm_campaign=Dear_HS_FreeINTL&utm_content=h1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.201.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-201-133.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Authorization,Host,Content-Type,X-Forwarded-For,X-LOGGLY-TAG,X-Real-IP

GET
H2 200 font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ 30 KB
7 KB 15ms
14ms Stylesheet
text/css 2606:4700:3037::6815:4e07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/7f85a56ba4.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://use.fontawesome.com/7f85a56ba4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 10:04:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6098239
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: BVYNR017DZMX3ZD5
x-amz-id-2: QGjj4hxJUhuaeVUZXRjN85iZvcJa67QWP4rmwsnDS8rLQDMUxrDVFqF/Bir2ZYZv+FIyO3nBxiU=
last-modified: Wed, 30 Jun 2021 15:26:48 GMT
server: cloudflare
etag: W/"36082410df2ef7f83932219089dc1443"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2B6HlcX3MNAeviuYbQmmh%2BEUmzm4fNvzVuRnJyIeFKb5IC31s%2F4pXcf7%2BrKGhs4Ci8eOvZ70ofaP2JyXpwnw0VCe8GHc92NVt%2BSpy1Q3sIOqG5isuXrNNXcbZVkGSmMZgHVV9pkBk0DhIlCIS55wt%2B7y"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 68f1084b3e801f25-FRA

POST
H2 429 /
o28532.ingest.sentry.io/api/5545147/security/ 0
0 9ms
9ms Other
application/json 34.120.195.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://o28532.ingest.sentry.io/api/5545147/security/?sentry_key=d4047b73c3604221abf88979a98b9193&sentry_environment=production
Requested by: Host: www.headspace.com
URL: https://www.headspace.com/_next/static/SOQmvjCRIlq4eCLd29Rk_/pages/_app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 249.195.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/csp-report

Response headers

access-control-allow-origin: https://www.headspace.com
access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after

POST /
api2.amplitude.com/ 0
0

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 6954 0
182 B 5208ms
131ms Document
text/html 52.31.195.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=l33hyq2&ref=&upid=ixxn8go&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.195.39 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-195-39.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: insight.adsrvr.org
:scheme: https
:path: /track/up?adv=l33hyq2&ref=&upid=ixxn8go&upv=1.1.0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tags.tiqcdn.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tags.tiqcdn.com/

Response headers

date: Wed, 15 Sep 2021 10:04:47 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 5094ms
21ms Script
text/javascript 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/580aa567c0d972439cf41d95730011ed/mparticle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 1460
date: Wed, 15 Sep 2021 09:40:27 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Wed, 15 Sep 2021 11:40:27 GMT

POST
H2 202 Events Show response
jssdks.mparticle.com/v2/JS/580aa567c0d972439cf41d95730011ed/ 41 B
293 B 5049ms
8ms XHR
application/json 2a04:4e42:400::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://jssdks.mparticle.com/v2/JS/580aa567c0d972439cf41d95730011ed/Events
Requested by: Host: www.headspace.com
URL: https://www.headspace.com/_next/static/SOQmvjCRIlq4eCLd29Rk_/pages/_app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 4b2e9de364194dad74dc6ef7c0f9e81a2695b6925c8c51d38137bcd436e1663c

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 15 Sep 2021 10:04:47 GMT
content-encoding: gzip
server: Kestrel
x-timer: S1631700287.347857,VS0,VE2
x-origin-name: 7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-served-by: cache-fra19134-FRA
vary: Accept-Encoding
x-cache: MISS
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes
via: 1.1 varnish
x-cache-hits: 0

POST
H2 202 Forwarding Show response
jssdks.mparticle.com/v1/JS/580aa567c0d972439cf41d95730011ed/ 0
59 B 5050ms
11ms XHR
text/plain 2a04:4e42:400::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://jssdks.mparticle.com/v1/JS/580aa567c0d972439cf41d95730011ed/Forwarding
Requested by: Host: www.headspace.com
URL: https://www.headspace.com/_next/static/SOQmvjCRIlq4eCLd29Rk_/pages/_app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 15 Sep 2021 10:04:47 GMT
via: 1.1 varnish
server: Kestrel
x-timer: S1631700287.350788,VS0,VE2
x-served-by: cache-fra19134-FRA
x-origin-name: 7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache: MISS
access-control-allow-origin: *
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

POST
H2 202 Forwarding Show response
jssdks.mparticle.com/v1/JS/580aa567c0d972439cf41d95730011ed/ 0
58 B 5052ms
13ms XHR
text/plain 2a04:4e42:400::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://jssdks.mparticle.com/v1/JS/580aa567c0d972439cf41d95730011ed/Forwarding
Requested by: Host: www.headspace.com
URL: https://www.headspace.com/_next/static/SOQmvjCRIlq4eCLd29Rk_/pages/_app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 15 Sep 2021 10:04:47 GMT
via: 1.1 varnish
server: Kestrel
x-timer: S1631700287.350836,VS0,VE4
x-served-by: cache-fra19134-FRA
x-origin-name: 7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache: MISS
access-control-allow-origin: *
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

POST
H2 202 Events Show response
jssdks.mparticle.com/v2/JS/580aa567c0d972439cf41d95730011ed/ 41 B
127 B 5053ms
14ms XHR
application/json 2a04:4e42:400::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://jssdks.mparticle.com/v2/JS/580aa567c0d972439cf41d95730011ed/Events
Requested by: Host: www.headspace.com
URL: https://www.headspace.com/_next/static/SOQmvjCRIlq4eCLd29Rk_/pages/_app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 4b2e9de364194dad74dc6ef7c0f9e81a2695b6925c8c51d38137bcd436e1663c

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 15 Sep 2021 10:04:47 GMT
content-encoding: gzip
server: Kestrel
x-timer: S1631700287.352098,VS0,VE4
x-origin-name: 7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-served-by: cache-fra19134-FRA
vary: Accept-Encoding
x-cache: MISS
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes
via: 1.1 varnish
x-cache-hits: 0

POST
H2 202 Events Show response
jssdks.mparticle.com/v2/JS/580aa567c0d972439cf41d95730011ed/ 41 B
127 B 5050ms
11ms XHR
application/json 2a04:4e42:400::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://jssdks.mparticle.com/v2/JS/580aa567c0d972439cf41d95730011ed/Events
Requested by: Host: www.headspace.com
URL: https://www.headspace.com/_next/static/SOQmvjCRIlq4eCLd29Rk_/pages/_app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 4b2e9de364194dad74dc6ef7c0f9e81a2695b6925c8c51d38137bcd436e1663c

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 15 Sep 2021 10:04:47 GMT
content-encoding: gzip
server: Kestrel
x-timer: S1631700287.350865,VS0,VE3
x-origin-name: 7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-served-by: cache-fra19134-FRA
vary: Accept-Encoding
x-cache: MISS
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes
via: 1.1 varnish
x-cache-hits: 0

POST /
api2.amplitude.com/ 0
0

POST
H2 202 Forwarding Show response
jssdks.mparticle.com/v1/JS/580aa567c0d972439cf41d95730011ed/ 0
58 B 5052ms
19ms XHR
text/plain 2a04:4e42:400::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://jssdks.mparticle.com/v1/JS/580aa567c0d972439cf41d95730011ed/Forwarding
Requested by: Host: www.headspace.com
URL: https://www.headspace.com/_next/static/SOQmvjCRIlq4eCLd29Rk_/pages/_app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 15 Sep 2021 10:04:47 GMT
via: 1.1 varnish
server: Kestrel
x-timer: S1631700287.352049,VS0,VE9
x-served-by: cache-fra19134-FRA
x-origin-name: 7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache: MISS
access-control-allow-origin: *
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

POST
H2 202 Forwarding Show response
jssdks.mparticle.com/v1/JS/580aa567c0d972439cf41d95730011ed/ 0
58 B 5045ms
12ms XHR
text/plain 2a04:4e42:400::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://jssdks.mparticle.com/v1/JS/580aa567c0d972439cf41d95730011ed/Forwarding
Requested by: Host: www.headspace.com
URL: https://www.headspace.com/_next/static/SOQmvjCRIlq4eCLd29Rk_/pages/_app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 15 Sep 2021 10:04:47 GMT
via: 1.1 varnish
server: Kestrel
x-timer: S1631700287.351015,VS0,VE4
x-served-by: cache-fra19134-FRA
x-origin-name: 7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache: MISS
access-control-allow-origin: *
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

POST
H2 202 Forwarding Show response
jssdks.mparticle.com/v1/JS/580aa567c0d972439cf41d95730011ed/ 0
58 B 5044ms
12ms XHR
text/plain 2a04:4e42:400::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://jssdks.mparticle.com/v1/JS/580aa567c0d972439cf41d95730011ed/Forwarding
Requested by: Host: www.headspace.com
URL: https://www.headspace.com/_next/static/SOQmvjCRIlq4eCLd29Rk_/pages/_app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 15 Sep 2021 10:04:47 GMT
via: 1.1 varnish
server: Kestrel
x-timer: S1631700287.351071,VS0,VE3
x-served-by: cache-fra19134-FRA
x-origin-name: 7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache: MISS
access-control-allow-origin: *
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

POST
H2 204 / Show response
ct.pinterest.com/md/ 0
274 B 77ms
38ms XHR
text/plain 2.21.141.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/md/

Requested by

Host: www.headspace.com
URL: https://www.headspace.com/_next/static/SOQmvjCRIlq4eCLd29Rk_/pages/_app.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.141.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-141-169.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 10:04:42 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.4699645f.1631700282.a97ec91c
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 1
x-pinterest-rid: 1263296668779849
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 open Show response
api2.branch.io/v1/ 271 B
586 B 183ms
183ms XHR
application/json 2600:9000:2156:fc00:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/open
Requested by: Host: www.headspace.com
URL: https://www.headspace.com/_next/static/SOQmvjCRIlq4eCLd29Rk_/pages/_app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:fc00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bd2604e47dbcabb89b92bd371caa0c31bc0e820e5265ea697f53eb73fc252751

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 15 Sep 2021 10:04:42 GMT
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
x-branch-request-id: b3ea90cc6f8d462a8929bd765f5f736f-2021091510
content-length: 271
x-amz-cf-id: iTTNtIyz8DbZRXC_cMP43rs1lx5bxdGRQeJOz7-bGZU9c-mYgz3e_g==

POST
H2 200 custom Show response
api2.branch.io/v2/event/ 2 B
316 B 162ms
162ms XHR
application/json 2600:9000:2156:fc00:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v2/event/custom
Requested by: Host: www.headspace.com
URL: https://www.headspace.com/_next/static/SOQmvjCRIlq4eCLd29Rk_/pages/_app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:fc00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 15 Sep 2021 10:04:42 GMT
x-branch-event-extra: {}
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-branch-request-id: a5ebb901b01d4b31be521d2d4f1a7b66-2021091510
content-length: 2
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
x-amz-cf-id: _neXjNiH6B3OiM_e8CjxKTKgnS3Wq2kJwM38b-sPYrXaFPixF3JRNA==

POST
H2 200 pageview Show response
api2.branch.io/v1/ 29 B
386 B 174ms
174ms XHR
application/json 2600:9000:2156:fc00:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/pageview
Requested by: Host: www.headspace.com
URL: https://www.headspace.com/_next/static/SOQmvjCRIlq4eCLd29Rk_/pages/_app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:fc00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: c3dd5a6fff633c6393dca21ce74cd6dc95265943575b43d2d9616f020eea68fa

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 15 Sep 2021 10:04:42 GMT
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
etag: W/"1d-0Z1F50chJJpy5srE0HvlOYosSzw"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: 8c26eb8cf82a474a89b57ad7e7a1e542-2021091510
content-length: 29
x-amz-cf-id: klH1pbqM3AmEy09Hdzp5lqv21usezfr4zubHA46DPJBJN90YDpAAtQ==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ext.chtbl.com
URL: https://ext.chtbl.com/trackable.js

Domain: headspace.pxf.io
URL: https://headspace.pxf.io/xc/2958222/1067607/13686

Domain: api2.branch.io
URL: https://api2.branch.io/v1/open

Domain: api2.amplitude.com
URL: https://api2.amplitude.com/

Domain: api2.amplitude.com
URL: https://api2.amplitude.com/

Verdicts & Comments Add Verdict or Comment

126 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.headspace.com/	1970-01-19 21:15:31	Name: _sp_id.8a05 Value: 1e28fb56-a123-4467-b8b9-f64e115e5918.1631700261.0.1631700261..d46f3596-838d-4579-b045-8fcb96de0299
.headspace.com/	1970-01-19 21:15:31	Name: countryCode Value: DE
.headspace.com/	1970-01-19 21:15:08	Name: cookiePolicyMarketing Value: not-set
.headspace.com/	1970-01-19 21:15:08	Name: cookiePolicyAnalytics Value: not-set
.headspace.com/	1970-01-19 21:15:31	Name: lang Value: de
.headspace.com/	1970-01-19 21:15:31	Name: voucherCode Value: %22DEARHS40INT%22
.headspace.com/	1970-01-20 01:34:12	Name: optimizelyEndUserId Value: oeu1631700266768r0.6605377232840228
www.headspace.com/	1970-01-19 21:25:05	Name: AWSALB Value: 8O+y/b98Ng/nqdfZ2Qxl/Dod1IldFaoUGZrSfN+5T/SLdjcDeSdLzjD+liO2ZZKgQj7oyntLjYYNHIcAS7vnDYwtCarEBfnhllzmx9k3tDn1JPQ+c3F+YDJrBOXj
www.headspace.com/	1970-01-19 21:25:05	Name: AWSALBCORS Value: 8O+y/b98Ng/nqdfZ2Qxl/Dod1IldFaoUGZrSfN+5T/SLdjcDeSdLzjD+liO2ZZKgQj7oyntLjYYNHIcAS7vnDYwtCarEBfnhllzmx9k3tDn1JPQ+c3F+YDJrBOXj
.headspace.com/	1970-01-19 23:24:36	Name: _gcl_au Value: 1.1.1408203743.1631700272
www.headspace.com/	1970-01-20 06:00:36	Name: __pdst Value: 5fd0abc4af024c32a82aa3a35f83f03e
.app.link/	1970-01-20 06:00:36	Name: _s Value: X5Eb8leDtdJPR69z6Wn4K0AiczymOySlW5kTc4V%2BxLwtUKC839LFP1UodeJLGGhq
.headspace.com/	1969-12-31 23:59:59	Name: IR_gbd Value: headspace.com
.headspace.com/	1969-12-31 23:59:59	Name: IR_13686 Value: 1631700277023%7C2958222%7C1631700277023%7C%7C
www.headspace.com/	1970-01-20 06:00:36	Name: d-a8e6 Value: 05d3412e-3d93-498d-99de-1bce62e640b5
www.headspace.com/	1970-01-19 21:15:01	Name: s-9da4 Value: db3c8f96-bc3c-4094-8cc7-de7a5deb0fa1
.headspace.com/	1970-01-27 04:33:59	Name: ab.storage.sessionId.18011459-1937-4026-89fe-f1d1e575c3d3 Value: %7B%22g%22%3A%22da7d3720-ec80-6684-4d55-eaf748a5e9d2%22%2C%22e%22%3A1631702077068%2C%22c%22%3A1631700277068%2C%22l%22%3A1631700277068%7D
.headspace.com/	1970-01-27 04:33:59	Name: ab.storage.deviceId.18011459-1937-4026-89fe-f1d1e575c3d3 Value: %7B%22g%22%3A%222b7b1a5d-df6c-5579-6919-353ab8ded21d%22%2C%22c%22%3A1631700277070%2C%22l%22%3A1631700277070%7D
.trkn.us/	1970-01-20 06:00:36	Name: barometric[cuid] Value: cuid_82cd3afa-1fcf-4865-ac93-98d92c3dab4e
.headspace.com/	1970-01-20 14:31:48	Name: IR_PI Value: 1631700277023.zhcbrh7yrd%7C1631786677023
.pxf.io/	1970-01-20 14:31:48	Name: brwsr Value: 58700e09-160c-11ec-aa8d-4dc937371914
headspace.pxf.io/	1970-01-20 01:34:12	Name: irld Value: LW3TQqkWF%3Aw16zS3y5RXGmUE%3A3qyXIm0BrWz0yYRyUL2XORnY
.mookie1.com/	1970-01-20 06:43:48	Name: id Value: 10609495560170421901
.mookie1.com/	1970-01-20 06:43:48	Name: mdata Value: 1\|10609495560170421901\|1631700282208
.mookie1.com/	1970-01-20 06:43:48	Name: ov Value: 542e543336e69d6b8b1b4e7d08020f48
.headspace.com/	1970-01-20 06:00:36	Name: mprtcl-v4_B0C8D5EC Value: {'gs':{'ie':1\|'dt':'580aa567c0d972439cf41d95730011ed'\|'cgid':'e1231838-a921-4a66-8908-9d0562b91279'\|'das':'7d39d692-06de-490b-8a23-611539709e8b'\|'csm':'WyIxNTIxNzE2NDE1NDIyMDM5MDg5Il0='\|'sid':'35AA0D49-D88A-415D-A5C8-AF56694B8925'\|'les':1631700277132\|'ssd':1631700277130}\|'l':0\|'1521716415422039089':{'fst':1631700282288}\|'cu':'1521716415422039089'}
.headspace.com/	1970-01-23 12:51:00	Name: amp_2c0e8b Value: HBYDIQ5Ef6m5keQEjXjrzW...1ffkekqrv.1ffkekqu3.1.1.2
.headspace.com/	1970-01-20 06:00:36	Name: _pin_unauth Value: dWlkPVpHWTFNV001TWpZdE5ETmhNUzAwTTJRMkxUZzJNV0l0WmpkbFlUWXlOalpsWldOaA
.ct.pinterest.com/	1970-01-20 06:00:36	Name: _pinterest_ct_ua Value: "TWc9PSZtUjFXcVArRHp5dnpRa3BvZzI2emd2Z2xoNEtkNEQ5UVNuR1NSV0xmVU9Qd2VNSTVMbzJsSHl5VEs4U0I3cDdIcVVPSFhYTGdzY2VQZ05vTFJRR0pDSG10cmZtcEJidVlLcC8vUDgwOCsyND0mKzVMSFBhM1ZZYWQzVE9ndGFxeTJXMjBVS2FZPQ=="
.headspace.com/	1970-01-20 14:46:12	Name: _ga Value: GA1.2.709761029.1631700287
.headspace.com/	1970-01-19 21:16:26	Name: _gid Value: GA1.2.323586569.1631700287

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	Message: Refused to load the script 'https://ext.chtbl.com/trackable.js' because it violates the following Content Security Policy directive: "script-src .cloudfront.net .doubleclick.net .headspace.com a.quora.com analytics.tiktok.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link apps.rokt.com b-code.liadm.com bat.bing.com blob: cdn-akamai.mookie1.com cdn.amplitude.com cdn.branch.io cdn.equalweb.com cdn.lr-ingest.io cdn.optimizely.com .polyfill.io cdn.pdst.fm cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net d.impactradius-event.com forms.hsforms.com https://static.zuora.com js.adsrvr.org js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsadspixel.net js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sc-static.net sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com tags.tiqcdn.com tpc.googlesyndication.com tr.snapchat.com unpkg.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com https://vidassets.terminus.services https://trkn.us 'self' 'unsafe-eval' 'unsafe-inline'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
network	error	URL: https://o28532.ingest.sentry.io/api/5545147/security/?sentry_key=d4047b73c3604221abf88979a98b9193&sentry_environment=production Message: Failed to load resource: the server responded with a status of 429 ()
security	error	URL: https://www.headspace.com/_next/static/SOQmvjCRIlq4eCLd29Rk_/pages/_app.js(Line 23) Message: Refused to connect to 'https://api2.amplitude.com/' because it violates the following Content Security Policy directive: "connect-src .cloudfront.net .headspace.com .liadm.com access.equalweb.com api-js.mixpanel.com api.amplitude.com api.branch.io api.chilipiper.com api.hubapi.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.equalweb.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com forms.hsforms.com .googletagmanager.com gum.criteo.com headspace.pxf.io identity.mparticle.com jssdkcdns.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com sdk.iad-01.braze.com sdk.iad-02.braze.com sentry.io static.zuora.com stats.g.doubleclick.net tags.w55c.net us-central1-adaptive-growth.cloudfunctions.net www.facebook.com www.google-analytics.com 'self'".
network	error	URL: https://o28532.ingest.sentry.io/api/5545147/security/?sentry_key=d4047b73c3604221abf88979a98b9193&sentry_environment=production Message: Failed to load resource: the server responded with a status of 429 ()
security	error	URL: https://www.headspace.com/_next/static/SOQmvjCRIlq4eCLd29Rk_/pages/_app.js(Line 23) Message: Refused to connect to 'https://api2.amplitude.com/' because it violates the following Content Security Policy directive: "connect-src .cloudfront.net .headspace.com .liadm.com access.equalweb.com api-js.mixpanel.com api.amplitude.com api.branch.io api.chilipiper.com api.hubapi.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.equalweb.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com forms.hsforms.com .googletagmanager.com gum.criteo.com headspace.pxf.io identity.mparticle.com jssdkcdns.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com sdk.iad-01.braze.com sdk.iad-02.braze.com sentry.io static.zuora.com stats.g.doubleclick.net tags.w55c.net us-central1-adaptive-growth.cloudfunctions.net www.facebook.com www.google-analytics.com 'self'".
network	error	URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=terminus&ttd_tpi=1&ttd_puid=f0c9017a-7514-4b1e-b253-eddc086a1230\|05d3412e-3d93-498d-99de-1bce62e640b5 Message: Failed to load resource: the server responded with a status of 503 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	connect-src .cloudfront.net .headspace.com .liadm.com access.equalweb.com api-js.mixpanel.com api.amplitude.com api.branch.io api.chilipiper.com api.hubapi.com api2.branch.io app.getsentry.com assets.ctfassets.net cdn.contentful.com cdn.equalweb.com cdn.optimizely.com ct.pinterest.com errors.client.optimizely.com forms.hsforms.com .googletagmanager.com gum.criteo.com headspace.pxf.io identity.mparticle.com jssdkcdns.mparticle.com jssdks.mparticle.com logx.optimizely.com preview.contentful.com rum.optimizely.com sdk.iad-01.braze.com sdk.iad-02.braze.com sentry.io static.zuora.com stats.g.doubleclick.net tags.w55c.net us-central1-adaptive-growth.cloudfunctions.net www.facebook.com www.google-analytics.com 'self'; default-src .headspace.com data:; font-src .headspace.com data: fonts.gstatic.com use.fontawesome.com use.typekit.net 'self'; frame-src .headspace.com 9990894.fls.doubleclick.net a11673470095.cdn.optimizely.com accounts.google.com apisandbox.zuora.com apps.rokt.com bid.g.doubleclick.net cdn-akamai.mookie1.com forms.hsforms.com gum.criteo.com static.criteo.net tags.tiqcdn.com widget.us.criteo.com www.facebook.com www.gstatic.com www.youtube.com www.zuora.com 'self'; img-src data: 'self' ; media-src .headspace.com assets.ctfassets.net blob: downloads.ctfassets.net 'self'; script-src .cloudfront.net .doubleclick.net .headspace.com a.quora.com analytics.tiktok.com analytics.twitter.com api.branch.io apis.google.com apisandboxstatic.zuora.com app.link apps.rokt.com b-code.liadm.com bat.bing.com blob: cdn-akamai.mookie1.com cdn.amplitude.com cdn.branch.io cdn.equalweb.com cdn.lr-ingest.io cdn.optimizely.com .polyfill.io cdn.pdst.fm cdn.ravenjs.com cdnjs.cloudflare.com connect.facebook.net d.impactradius-event.com forms.hsforms.com https://static.zuora.com js.adsrvr.org js.appboycdn.com js.chilipiper.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsadspixel.net js.hsforms.net jssdkcdn.mparticle.com jssdkcdns.mparticle.com platform.twitter.com s.pinimg.com sc-static.net sjs.bizographics.com snap.licdn.com sslwidget.criteo.com static.ads-twitter.com static.criteo.net static.zuora.com tags.tiqcdn.com tpc.googlesyndication.com tr.snapchat.com unpkg.com widget.us.criteo.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.redditstatic.com https://vidassets.terminus.services https://trkn.us 'self' 'unsafe-eval' 'unsafe-inline'; style-src .headspace.com *.polyfill.io cdnjs.cloudflare.com cloudfront.net https://fonts.googleapis.com platform.twitter.com static.zuora.com translate.googleapis.com use.fontawesome.com www.google.com 'self' 'unsafe-inline'; report-uri https://o28532.ingest.sentry.io/api/5545147/security/?sentry_key=d4047b73c3604221abf88979a98b9193&sentry_environment=production
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a11673470095.cdn.optimizely.com
api2.amplitude.com
api2.branch.io
app.link
assets.ctfassets.net
cdn-akamai.mookie1.com
cdn.amplitude.com
cdn.branch.io
cdn.optimizely.com
cdn.pdst.fm
cdn.polyfill.io
cdnjs.cloudflare.com
ct.pinterest.com
d.impactradius-event.com
ext.chtbl.com
headspace.pxf.io
identity.mparticle.com
images.ctfassets.net
insight.adsrvr.org
js.adsrvr.org
js.appboycdn.com
jssdkcdns.mparticle.com
jssdks.mparticle.com
links.info.headspace.com
logs-01.loggly.com
logx.optimizely.com
match.adsrvr.org
o28532.ingest.sentry.io
s.pinimg.com
sdk.iad-02.braze.com
static.headspace.com
tags.tiqcdn.com
trkn.us
us-central1-adaptive-growth.cloudfunctions.net
us-gmtdmp.mookie1.com
use.fontawesome.com
vidassets.terminus.services
www.google-analytics.com
www.googletagmanager.com
www.headspace.com
api2.amplitude.com
api2.branch.io
ext.chtbl.com
headspace.pxf.io
104.89.17.148
13.225.78.23
199.232.193.208
2.21.140.252
2.21.141.169
2.22.65.192
2001:4860:4802:36::36
2600:1480:4000:41::
2600:9000:20eb:ba00:19:9934:6a80:93a1
2600:9000:2156:5a00:12:94b3:c380:93a1
2600:9000:2156:fc00:11:f728:3040:93a1
2606:4700:10::6816:94f
2606:4700:3037::6815:4e07
2606:4700::6810:125e
2a00:1450:400d:806::2008
2a00:1450:400d:807::200e
2a02:26f0:fb:597::13b8
2a04:4e42:400::645
2a04:4e42:600::645
2a04:4e42::282
34.120.195.249
34.232.184.65
35.186.249.72
35.201.76.231
35.227.230.187
35.244.142.80
52.222.206.178
52.31.195.39
52.73.201.133
52.8.249.118
54.224.71.103
65.9.65.116
65.9.71.78
65.9.71.93
65.9.77.16
65.9.77.25
76.223.111.131
077e04a287daf74625503e9168cd2ffc1c86c5d1a1d6dd3257f9a7f6130cb627
0b2155f5d188e4a429f2a25400a9ec8087f198b167347619e6f002d4c9189bed
0e4b8d24a97bf67e39fcebe6b138ff9db6a5a01b38b3f2d2d2ab0ee90f44a729
1814b26be6374891fe3ebd2dc02797861ceca8c7836c6c037e06a35e94780e9b
1e8af1c8306411c684130fcf7d46fa10b1906898bcc781a822e5d4a38ae2cce8
20fd937dd145754a357d9b74f62992d77b7921cbcf64367b71f8f3047df30d5b
21adb9773da91b0dfc6dc611c50c846de377422419808f6257e59eb1506a3f8e
330ad082fc0156cb33905081e0ec51703cd42af60a30a7d20aee333daa68bf20
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
38086780da1ae241464c5c6c6797e7625057d352c4de31c56017aaa67a56a8d7
3e2221da47e68bd19d81f63ba304e093a3850fed1626121a481a61559ff00006
3ef828591af092ccfd840d5068af68575c955bdc591afd573e33412a2b3fee5a
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46b9fc43a318016380b49ec78a7dd122f801772ec1cb4658c41c01780127c3e1
48c68c466497c98078950e24f7d499d9b6aedc16c8a980535226a14f32feb55f
4b2e9de364194dad74dc6ef7c0f9e81a2695b6925c8c51d38137bcd436e1663c
4c9d08694e6a9b37959c98b34742b29ce2946fb254d7c467174604d1acea46b5
4f55914bb3477a565f202a4ed40360d0d41f4ea441d7767411879e97733ec4ec
557141ddae65604f97536d6cd13c00858b7d6576baf01e8c13c7f55a374672ca
56ed64ba1a0f1af7b481c5ae8ea4124175048757a70b7e2defa1038edf0c8cf1
5aaad8363b0eb343c243cfa69c17706a13b31d8097a7edfac63ecd09d0a36b44
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
5d5baba0cd20d28cd5771aa8ff4cf75407962e9ee2f2f4cc7f6c2539c52790b7
6096fb681df9fc1d6d45e697d59dbac845802a33200791b1a220abed9e438617
61b1e143ce9661c52d6d7505b618101f4e36b82834c30dd99676509fe1130bc6
6468ac9f9bca964f3910fc967b80781c1c8634300e36f95ae49056d91a2734bf
6df90936e520f1b1e442b4911b2191eff9dde7a954ba582b51f0080e0a3cab7f
6feb16f03d42566e28f3ead5529ec1c622ababf6d3c979c4c45274fcb4f259c7
79668ec8205a0b81003126c6125047be7b37b76ab9c125178c52ad02b935f2d4
7e4e42c0076b5b36d666af73c75014f0db103ae1e5e9b07102555bcfed45678d
82133327f478879bc23bbd8e643e69a63b11aa06755b0cf693e2ff58b66f3567
88a83d6555af69a761e9d9c92ec7b587a1de45c95e4365ab8ef3d0abeb823ff0
928605333a50c82bed187a0a32cea70aa25ff9c99e405c173aa16b1084df0030
92a609a291717d26e9d1c5c41268c081d434e258cee7d91ce300d3239f70464e
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
afb27fa4ade625287ad0eedaf83dc3f5b2929854e8c8c0c3e736ca7b8a26b390
b1f23d8732d8e2a4f2e983d5bf52c680226ec20d3b3453a7d8de4ef4e28aa7a5
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b5d18443c635b7a16ef48219eb5f507cbc1331e1543c3bbc317cf2f26f47e8c0
bd2604e47dbcabb89b92bd371caa0c31bc0e820e5265ea697f53eb73fc252751
c1b213328df11db0ea126599fd3ab9f93333e84cd1685f97392bb178f4859152
c3dd5a6fff633c6393dca21ce74cd6dc95265943575b43d2d9616f020eea68fa
c602c156d8eeea37fea7baf1209430c29ac8c8ba31bb380f8be93328219f4d4d
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
cb4bc8a812f362397af876b6fef272b51f50286d06155e3d8f2c86fb205a9a20
cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342
cdc77072cd500c9d585f13411bccbc5e5be01e1c938799719eab05a45168af67
d89b63406de97fcad69446cdc0456ec7f3132d5aa946a83f41089d8971e5267a
da4fae0ee0fcb340c3d5944c2916e04b610c1b27bf569218fd8b9004d5cac504
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ed189ae3869ddb3cf2c6f3330ff1eb211b13c409d5963cd9632a2a6c3dd69e
e918a3fcb44e725952c49774404f5564c0e5bf79fe03fdd78ec2034561153672
e92913c2b11fc1e9e7c4f84628362d1c9660e7f7e88904d124c9ebbbef9d4e48
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
eeac84afab5aed10820c5c61700cef328660d3bb73df2e19ae1bf43b22f9f092
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

www.headspace.com Open in urlscan Pro 65.9.77.25 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

83 Requests

94 %HTTPS

38 %IPv6

28 Domains

40 Subdomains

37 IPs

4 Countries

2026 kBTransfer

5885 kBSize

31 Cookies

1 Outgoing links

Page URL History

Redirected requests

83 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.headspace.com Open in urlscan Pro
65.9.77.25 Public Scan

Screenshot
Live screenshot

Full Image

83
Requests

94 %
HTTPS

38 %
IPv6

28
Domains

40
Subdomains

37
IPs

4
Countries

2026 kB
Transfer

5885 kB
Size

31
Cookies

83 HTTP transactions
0 data transactions