soul-cycle.com

.com crawl

First seen 2026-04-14 · Last seen 2026-05-09 · ok HTTP/1.1 200 3425 ms crawled 2026-05-08

US · 18.165.140.92 · AS16509 Amazon.com, Inc.

Reputation 100/100

sector health type homepage

HTML metadata

Title: Find Cycling Classes Near You or Ride at Home - SoulCycle
Description: We offer high-intensity indoor cycling workouts designed to strengthen your mind, body, and soul. Spin your body in a cycling class near you or ride at home.
Language: en

Technology

CDN: Amazon CloudFront
Server: envoy
CMS: Next.js

Analytics

Amplitude
Google Analytics

Third-party hosts loaded (7)

soul-cdn.com×18
images.ctfassets.net×9
api.amplitude.com×1
api.taplytics.com×1
cdn.optimizely.com×1
web-story.storyly.io×1
www.google-analytics.com×1

Social

Contact

Email

yoursoulmatters@soul-cycle.com

Address

609 Greenwich Street, 10014, New York, NY, USA

Registration

Registrar

GoDaddy.com, LLC

Created

2006-04-03

Expires

2029-04-03 1049 days left

Updated

2026-04-04

Name servers

ns-122.awsdns-15.com
ns-1234.awsdns-26.org
ns-1942.awsdns-50.co.uk
ns-631.awsdns-14.net

DNS records live

NS

ns-122.awsdns-15.com
ns-1234.awsdns-26.org
ns-1942.awsdns-50.co.uk
ns-631.awsdns-14.net

MX

Show 8 MX records

0 aspmx.l.google.com
10 alt1.aspmx.l.google.com
10 noreply.qemailserver.com
20 alt2.aspmx.l.google.com
30 aspmx2.googlemail.com
30 aspmx3.googlemail.com
30 aspmx4.googlemail.com
30 aspmx5.googlemail.com

TXT

Show 4 TXT records

facebook-domain-verification=qenjatkhky0gdqxbn3bjwuwa7ztxhg
google-site-verification=_abfbhsGJB8d-PeJ1nnzgnySE4Bmg19kB-s5oMN9SVg
ZOOM_verify_ZU1ageHSRp-1HUO6EGlfLQ
apple-domain-verification=ob6M7nanAmJyVaxu

Email authentication strong

SPF

v=spf1 include:_spf.google.com ip4:159.135.231.190 ip4:50.31.156.96/27 ip4:104.245.209.192/26 a:production.na01.soulcycle.demandware.net include:mail.zendesk.com ~all

softfail (~all)

DMARC

v=DMARC1; p=reject; sp=none; pct=100; ri=86400; rua=mailto:souladmin@soul-cycle.com

policy: reject (enforced) · sp=none

DKIM

google: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCZZJwx/6oEZYJXEM5DEVsBRZlHpVW6dbD4qX5Am30+dWeEcm34UftCdRrX0AqcdATIRnu4P2hI0eqCP2bv+D…

selectors probed

Certificate (current)

Amazon RSA 2048 M04

from 2026-01-14 to 2027-02-12

Expires in 268 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.soul-cycle.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Permissions Policy

Header values

referrer-policy: origin-when-cross-origin
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * data: blob: 'unsafe-inline';
strict-transport-security: max-age=63072000; includeSubDomains; preload

Links to (6)

Linked from (2)

wellworthy.com×2
helenazhang.com×2