urlscan.io logo urlscan.io
SecurityTrails logo

design.fresha.com Open in urlscan Pro
63.33.17.94  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://design.fresha.com/
Effective URL: https://design.fresha.com/
Submission: On November 27 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 10 domains to perform 40 HTTP transactions. The main IP is 63.33.17.94, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is design.fresha.com.
TLS certificate: Issued by R3 on November 18th 2023. Valid for: 3 months.
This is the only time design.fresha.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 54.195.237.234 16509 (AMAZON-02)
1 16 63.33.17.94 16509 (AMAZON-02)
3 13.32.27.54 16509 (AMAZON-02)
3 2a04:4e42:600... 54113 (FASTLY)
4 104.18.72.113 13335 (CLOUDFLAR...)
2 2a02:26f0:480... 20940 (AKAMAI-ASN1)
4 4 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
2 54.229.135.139 16509 (AMAZON-02)
5 35.186.247.156 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.92.35.138 16509 (AMAZON-02)
2 2600:9000:236... 16509 (AMAZON-02)
1 104.16.53.111 13335 (CLOUDFLAR...)
40 12
1    54.195.237.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-237-234.eu-west-1.compute.amazonaws.com
design.fresha.com
16    63.33.17.94 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-17-94.eu-west-1.compute.amazonaws.com
design.fresha.com
3    13.32.27.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-54.fra56.r.cloudfront.net
cdn.zeroheight.com
3    2a04:4e42:600::622 (United States)

ASN54113 (FASTLY, US)
fast.appcues.com
4    104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)
static.zdassets.com
ekr.zdassets.com
2    2a02:26f0:480:f::213:7edd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
4    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
2    54.229.135.139 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-135-139.eu-west-1.compute.amazonaws.com
api.zeroheight.com
5    35.186.247.156 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 156.247.186.35.bc.googleusercontent.com
sentry.io
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    52.92.35.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1-r-w.amazonaws.com
zeroheight.s3.eu-west-1.amazonaws.com
2    2600:9000:236e:ea00:6:85a:8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn-static.fresha.com
1    104.16.53.111 (None, )

ASN13335 (CLOUDFLARENET, US)
zeroheightsupport.zendesk.com
Apex Domain
Subdomains		 Transfer
19 fresha.com
design.fresha.com
cdn-static.fresha.com
445 KB
5 sentry.io
sentry.io — Cisco Umbrella Rank: 171
555 B
5 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 377
www.linkedin.com — Cisco Umbrella Rank: 629
px4.ads.linkedin.com — Cisco Umbrella Rank: 6003
5 KB
5 zeroheight.com
cdn.zeroheight.com — Cisco Umbrella Rank: 322668
api.zeroheight.com — Cisco Umbrella Rank: 427760
2 MB
4 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 2137
ekr.zdassets.com — Cisco Umbrella Rank: 2470
277 KB
3 appcues.com
fast.appcues.com — Cisco Umbrella Rank: 4667
135 KB
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 778
7 KB
1 zendesk.com
zeroheightsupport.zendesk.com — Cisco Umbrella Rank: 445668
1 KB
1 amazonaws.com
zeroheight.s3.eu-west-1.amazonaws.com — Cisco Umbrella Rank: 475792
22 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
40 10
Domain Requested by
17 design.fresha.com 2 redirects design.fresha.com
cdn.zeroheight.com
5 sentry.io cdn.zeroheight.com
3 px.ads.linkedin.com 3 redirects
3 static.zdassets.com design.fresha.com
static.zdassets.com
3 fast.appcues.com design.fresha.com
fast.appcues.com
3 cdn.zeroheight.com design.fresha.com
2 cdn-static.fresha.com design.fresha.com
2 api.zeroheight.com cdn.zeroheight.com
2 snap.licdn.com design.fresha.com
snap.licdn.com
1 zeroheightsupport.zendesk.com static.zdassets.com
1 zeroheight.s3.eu-west-1.amazonaws.com design.fresha.com
1 fonts.googleapis.com cdn.zeroheight.com
1 px4.ads.linkedin.com design.fresha.com
1 www.linkedin.com 1 redirects
1 ekr.zdassets.com static.zdassets.com
40 15

This site contains links to these domains. Also see Links.

Domain
terms.zeroheight.com
shedul.slack.com
Subject Issuer Validity Valid
design.fresha.com
R3		 2023-11-18 -
2024-02-16		 3 months crt.sh
cdn.zeroheight.com
Amazon RSA 2048 M03		 2023-09-11 -
2024-10-09		 a year crt.sh
fast.appcues.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-05 -
2024-09-05		 a year crt.sh
zdassets.com
E1		 2023-10-23 -
2024-01-21		 3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-02-01 -
2024-01-31		 a year crt.sh
*.api.zeroheight.com
Amazon RSA 2048 M01		 2023-08-31 -
2024-09-27		 a year crt.sh
sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-08 -
2024-09-07		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.s3-eu-west-1.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-12		 a year crt.sh
*.fresha.com
Amazon RSA 2048 M01		 2023-07-17 -
2024-08-14		 a year crt.sh
zeroheightsupport.zendesk.com
Cloudflare Inc ECC CA-3		 2023-01-27 -
2024-01-26		 a year crt.sh

This page contains 2 frames:

Primary Page: https://design.fresha.com/
Frame ID: CC76FFAC03F71B0C44560F7591ACBEBB
Requests: 36 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-0345ad6.js
Frame ID: D21384C5021358E99050075186EEAA9F
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Fresha Design System

Page URL History Show full URLs

  1. http://design.fresha.com/ HTTP 301
    https://design.fresha.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /(?:([\d.])+/)?highlight(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

40
Requests

95 %
HTTPS

36 %
IPv6

10
Domains

15
Subdomains

12
IPs

4
Countries

3432 kB
Transfer

13910 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://design.fresha.com/ HTTP 301
    https://design.fresha.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5115098&time=1701094005403&url=https%3A%2F%2Fdesign.fresha.com%2F HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5115098&time=1701094005403&url=https%3A%2F%2Fdesign.fresha.com%2F&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D5115098%26time%3D1701094005403%26url%3Dhttps%253A%252F%252Fdesign.fresha.com%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5115098&time=1701094005403&url=https%3A%2F%2Fdesign.fresha.com%2F&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5115098&time=1701094005403&url=https%3A%2F%2Fdesign.fresha.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQJHUEoP9kDMOgAAAYwRGp7ZnvIsL4rfIxe2eN-0Uv-TyR4mXrGaT5Ohrysz6yWqJe7CzDmfedEB
Request Chain 37
  • https://design.fresha.com/uploads/hQDdmHy5UJ9QS4beDgztpQ.png HTTP 302
  • https://cdn.zeroheight.com/images/hQDdmHy5UJ9QS4beDgztpQ.png?Policy=eyJTdGF0ZW1lbnQiOlt7IlJlc291cmNlIjoiaHR0cHM6Ly9jZG4uemVyb2hlaWdodC5jb20vaW1hZ2VzL2hRRGRtSHk1VUo5UVM0YmVEZ3p0cFEucG5nIiwiQ29uZGl0aW9uIjp7IkRhdGVMZXNzVGhhbiI6eyJBV1M6RXBvY2hUaW1lIjoxNzAxMTgwNDA3fX19XX0_&Signature=sQ4tTFgjD~2lqO9XTJZDoEKaUQQZxy2IjeW5wsfKX7-ARNsD~V4wvLiSQo3pT2Jz8sOgMOyTLKV4Ds5NrvT0-P6QkXzDlOIE-bPhCNLO~Qm31FmqRgdwmAyYJSdM9zSjoZjrntnJpYsNuUSd9K4pyt5vkyyeHYhYSggqXqXr06yqVLfS2hZA789Rwy-HrhVgVT769GPZc6uDFaXGgJPAGZTnHLxlDU4vnyuiAmX6g0nFHNlB4CrNcn9LvKdFehFwVhDI5K~p1P-09Ti6hJavNTkw1sJjaBwKj6ggF5T1PDnQNCGmhlX-dKTqIvqqTnEDTsEveE2O2x6r2NjU3a5~9Q__&Key-Pair-Id=KDUNFXWNWK45P

40 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
design.fresha.com/
Redirect Chain
  • http://design.fresha.com/
  • https://design.fresha.com/
77 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://design.fresha.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.17.94 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-17-94.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
82e2b6d5c5fd166fe43e391b49573acb05fbbc649d6ca5685e08d8b0a7a48e6d
Security Headers
Name Value
Content-Security-Policy default-src https: 'self'; connect-src *.hotjar.com:* vc.hotjar.io:* surveystats.hotjar.io wss://*.hotjar.com wss://api.appcues.net:* https: 'self' wss://*.zeroheight.dev:* wss://replay.uxtweak.com:* *.google-analytics.com *.analytics.google.com *.googletagmanager.com; font-src 'self' data: script.hotjar.com https:; img-src 'self' https: data: blob: script.hotjar.com *.google-analytics.com *.googletagmanager.com; object-src 'none'; script-src 'self' https: js.stripe.c 'unsafe-eval' static.hotjar.com script.hotjar.com js.stripe.com maps.googleapis.com public.profitwell.com fast.appcues.com static.zdassets.com *.googletagmanager.com js.hs-scripts.com snap.licdn.com js.hs-banner.com js.hs-analytics.net js.hsforms.net js.usemessages.com js.hsadspixel.net cdn.amplitude.com www.google-analytics.com static.ads-twitter.com ethn.io *.ads.linkedin.com *.google.com *.facebook.net 'nonce-JKIlPe05Ithzj/ONR8mRs9q3CzUZmECZx+ftapKERWI=' 'unsafe-inline'; style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
default-src https: 'self'; connect-src *.hotjar.com:* vc.hotjar.io:* surveystats.hotjar.io wss://*.hotjar.com wss://api.appcues.net:* https: 'self' wss://*.zeroheight.dev:* wss://replay.uxtweak.com:* *.google-analytics.com *.analytics.google.com *.googletagmanager.com; font-src 'self' data: script.hotjar.com https:; img-src 'self' https: data: blob: script.hotjar.com *.google-analytics.com *.googletagmanager.com; object-src 'none'; script-src 'self' https: js.stripe.c 'unsafe-eval' static.hotjar.com script.hotjar.com js.stripe.com maps.googleapis.com public.profitwell.com fast.appcues.com static.zdassets.com *.googletagmanager.com js.hs-scripts.com snap.licdn.com js.hs-banner.com js.hs-analytics.net js.hsforms.net js.usemessages.com js.hsadspixel.net cdn.amplitude.com www.google-analytics.com static.ads-twitter.com ethn.io *.ads.linkedin.com *.google.com *.facebook.net 'nonce-JKIlPe05Ithzj/ONR8mRs9q3CzUZmECZx+ftapKERWI=' 'unsafe-inline'; style-src 'self' https: 'unsafe-inline'
Content-Type
text/html; charset=utf-8
Date
Mon, 27 Nov 2023 14:06:45 GMT
ETag
W/"82e2b6d5c5fd166fe43e391b49573acb"
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Frame-Options
sameorigin
X-Permitted-Cross-Domain-Policies
none
X-Request-Id
02bf9fca-6685-4c65-91cc-8c4a33d3b162
X-Runtime
0.477443
X-XSS-Protection
1; mode=block
ZH-Product-Name
zeroheight
x-rack-cors
miss; no-origin

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Mon, 27 Nov 2023 14:06:44 GMT
Location
https://design.fresha.com/
Server
nginx
plugin-c5806030a7bbf4291531b5267046ee57f3195691ce2bc7e3b0a6c28ae9a46aa3.css
design.fresha.com/the-other-assets/ 		75 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://design.fresha.com/the-other-assets/plugin-c5806030a7bbf4291531b5267046ee57f3195691ce2bc7e3b0a6c28ae9a46aa3.css
Requested by
Host: design.fresha.com
URL: https://design.fresha.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.17.94 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-17-94.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c5806030a7bbf4291531b5267046ee57f3195691ce2bc7e3b0a6c28ae9a46aa3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://design.fresha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 14:06:45 GMT
Content-Encoding
gzip
Last-Modified
Mon, 27 Nov 2023 13:26:37 GMT
ETag
W/"6564990d-12bf2"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
ZH-Product-Name
zeroheight
Connection
keep-alive
style.css
cdn.zeroheight.com/1.5.9.4607/ 		423 KB
53 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.zeroheight.com/1.5.9.4607/style.css?version=1.5.9.4607
Requested by
Host: design.fresha.com
URL: https://design.fresha.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-54.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5b403ce7b584ddf58909f31e37f0f23f99b0f183f8407277ac74ef1fa5e8330e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://design.fresha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 13:32:37 GMT
content-encoding
br
via
1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
x-amz-expiration
expiry-date="Fri, 12 Jan 2024 00:00:00 GMT", rule-id="DeleteBundlesAfterDays"
last-modified
Mon, 27 Nov 2023 13:26:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
2049
etag
W/"5bbb43b4e222e109ddf05d9b7b71e192"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
Tg37a2qbB-Th-MrpSP7Z4TRbHsXGDsDo0mjf4iThM4zwtWQtypIh0g==
SpaceGrotesk.css
design.fresha.com/fonts/ 		635 B
879 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://design.fresha.com/fonts/SpaceGrotesk.css
Requested by
Host: design.fresha.com
URL: https://design.fresha.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.17.94 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-17-94.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
9d6bc673da8459803b24621dd2a278e425c6aca2b32490c46c20163b1849d6db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://design.fresha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 14:06:45 GMT
Last-Modified
Mon, 27 Nov 2023 13:26:37 GMT
ETag
"6564990d-27b"
Content-Type
text/css
ZH-Product-Name
zeroheight
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
635
119582.js
fast.appcues.com/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.appcues.com/119582.js
Requested by
Host: design.fresha.com
URL: https://design.fresha.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
26dc59909444bfa53f3bf11d38f9c0ee8b7cff86fa92761567a2c62cffb3b474

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://design.fresha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 14:06:45 GMT
content-encoding
gzip
via
1.1 varnish
age
65
x-cache
HIT
content-length
5212
x-request-id
F5t_7Re5VTORWFNRu5yj
x-served-by
cache-fra-eddf8230118-FRA
server
Cowboy
x-timer
S1701094005.292321,VS0,VE1
vary
accept-encoding, Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=120,public
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With,Authorization
x-cache-hits
1
snippet.js
static.zdassets.com/ekr/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/snippet.js?key=4e92de70-6fb3-4abf-81a3-b1598809f1ba
Requested by
Host: design.fresha.com
URL: https://design.fresha.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://design.fresha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 14:06:45 GMT
x-amz-version-id
hKEbdq289Xo7bHrM.yPFOdJ37r5nFwfe
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
AENNNW4RTVV2KN9D
age
55
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
ULqr8Gt/e7TCEkuSp5UAhjxXjJP6/3z8RAZWCFhCJmu2LPko/1kucw0zJ0dJOUmsaCtiUWSSkb4=
last-modified
Wed, 09 Aug 2023 01:01:02 GMT
server
cloudflare
etag
W/"42d94c325a0b012e41f9c3907853625a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K6PBko2AQ9macl715o%2BX%2FDOUzs1kPmLVmoxa%2B%2F7PrzMrmjSMnhAPI8CdY8YIJaACadDQCetzFCFY1UQ604u4UgaCmNRjnuR3MgU0%2FLU7%2FnZriZJX4n9TshvPgga52OVsVTAnugA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=3600, s-maxage=60
cf-ray
82caeefcf9c2690d-FRA
highlight.min.js
design.fresha.com/ 		45 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://design.fresha.com/highlight.min.js
Requested by
Host: design.fresha.com
URL: https://design.fresha.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.17.94 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-17-94.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
fc17e22241e51e856285975ce9316e8fb3262744d6716b0c5e4783170862d33c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://design.fresha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 14:06:45 GMT
Content-Encoding
gzip
Last-Modified
Mon, 27 Nov 2023 13:26:37 GMT
ETag
W/"6564990d-b3b3"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
ZH-Product-Name
zeroheight
Connection
keep-alive
app.js
cdn.zeroheight.com/1.5.9.4607/ 		9 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.zeroheight.com/1.5.9.4607/app.js?version=1.5.9.4607
Requested by
Host: design.fresha.com
URL: https://design.fresha.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-54.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01fe82d3df6d581626c2fe16a07aa7a45730c129072aa79ddce733e5e163c0fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://design.fresha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 13:32:37 GMT
content-encoding
br
via
1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
x-amz-expiration
expiry-date="Fri, 12 Jan 2024 00:00:00 GMT", rule-id="DeleteBundlesAfterDays"
last-modified
Mon, 27 Nov 2023 13:26:08 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
2049
etag
W/"90811775ae7a7c7ee89349fa190b4af6-2"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
Qs6s3RVmcQl1NgTtMfcjtkdZq6i8jums7JEMwFP3unBiRHewXTiqQA==
appcues.main.9caf09c9c021266a607b1663238eb48ad65a532e.js
fast.appcues.com/generic/main/4.60.44/ 		448 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.appcues.com/generic/main/4.60.44/appcues.main.9caf09c9c021266a607b1663238eb48ad65a532e.js
Requested by
Host: fast.appcues.com
URL: https://fast.appcues.com/119582.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2ab6f2bec683a84bda77d65a4bd3ffc0c3b2da7e38905350317df99be1dd9a84

Request headers

Referer
https://design.fresha.com/
Origin
https://design.fresha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 14:06:45 GMT
content-encoding
gzip
via
1.1 varnish
x-amz-request-id
0KPN6V9VJTPYGC9B
age
331449
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
129318
x-amz-id-2
PdkZGeTgkq/r8upXvMlks777jN9Rm+PmxC7b2K5bVtQN/ySWrVqYBjUa4wqdIwoV2HENZZCpbhI=
x-served-by
cache-fra-eddf8230057-FRA
last-modified
Thu, 23 Nov 2023 17:48:20 GMT
server
AmazonS3
x-timer
S1701094005.366258,VS0,VE0
etag
"4eb920a13eb0b945816ccf68cd1d1d51"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With,Authorization
x-cache-hits
12
4e92de70-6fb3-4abf-81a3-b1598809f1ba
ekr.zdassets.com/compose/ 		950 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ekr.zdassets.com/compose/4e92de70-6fb3-4abf-81a3-b1598809f1ba
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=4e92de70-6fb3-4abf-81a3-b1598809f1ba
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
039e8e3b7f4b654f19ebd75c4fca71440bd6f0e614f6d422129cbc26a3434b78
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://design.fresha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 14:06:45 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
content-encoding
br
status
200 OK
cdn-cache-control
max-age=60
x-xss-protection
1; mode=block
x-request-id
82c8d25bc9ac69e3-SEA, 82c8d25bc9ac69e3-SEA
x-runtime
0.004282
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"039e8e3b7f4b654f19ebd75c4fca7144"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=li%2F371Xv%2FZxXnukVIiF%2F9GHnvGUXfhPGj%2FA0%2FpU6HmaYUAxQbd9nFhRewfxU8%2Bv1Ry0qyae6jzeQrs6%2BAV5BwNWD972rResD7xWSldeIP8IFmxRhhlTC%2B7AO6IfcVQV39Bg%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary
Accept, Origin, Accept-Encoding
cache-control
max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type
application/json; charset=utf-8
x-zendesk-zorg
yes
cf-ray
82caeefdb881199b-FRA
insight.min.js
snap.licdn.com/li.lms-analytics/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: design.fresha.com
URL: https://design.fresha.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f88f89a0cead9c36ddbe19508f32f64bd91e94e92b6006dd575e8d0deb317d7f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://design.fresha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 14:06:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 15 Nov 2023 09:07:27 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=42716
accept-ranges
bytes
content-length
3840
insight.old.min.js
snap.licdn.com/li.lms-analytics/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5b3086a886aa8649ecbf496ac913a1aa443926cd2fff610be2d136c9598bcd8b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://design.fresha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 14:06:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 15 Oct 2023 08:32:45 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=84818
accept-ranges
bytes
content-length
3272
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5115098&time=1701094005403&url=https%3A%2F%2Fdesign.fresha.com%2F
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5115098&time=1701094005403&url=https%3A%2F%2Fdesign.fresha.com%2F&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D5115098%26time%3D1701094005403%26url%3Dhttps%253A%252F%252Fdesign.fresha.com%252F...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5115098&time=1701094005403&url=https%3A%2F%2Fdesign.fresha.com%2F&cookiesTest=true&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5115098&time=1701094005403&url=https%3A%2F%2Fdesign.fresha.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQJHUEoP9kDMOgAAAYwRGp7ZnvIsL4rfIxe2eN-0Uv-...
0
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5115098&time=1701094005403&url=https%3A%2F%2Fdesign.fresha.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQJHUEoP9kDMOgAAAYwRGp7ZnvIsL4rfIxe2eN-0Uv-TyR4mXrGaT5Ohrysz6yWqJe7CzDmfedEB
Requested by
Host: design.fresha.com
URL: https://design.fresha.com/27e3488e9/p/88cfab-fresha-design-system
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://design.fresha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 14:06:45 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: FDAE29DB85F34C2BB3CEC9D579F5CE9D Ref B: FRAEDGE1305 Ref C: 2023-11-27T14:06:46Z
linkedin-action
1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
content-type
application/javascript
x-li-fabric
prod-lor1
x-cache
CONFIG_NOCACHE
x-li-proto
http/2
content-length
0
x-li-uuid
AAYLIs//qsfHhZTdwGArjA==

Redirect headers

date
Mon, 27 Nov 2023 14:06:45 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 9638C0CE39CF4A399A01D4E8546AF6D2 Ref B: FRAEDGE1917 Ref C: 2023-11-27T14:06:46Z
linkedin-action
1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lor1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5115098&time=1701094005403&url=https%3A%2F%2Fdesign.fresha.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQJHUEoP9kDMOgAAAYwRGp7ZnvIsL4rfIxe2eN-0Uv-TyR4mXrGaT5Ohrysz6yWqJe7CzDmfedEB
x-cache
CONFIG_NOCACHE
x-li-proto
http/2
content-length
0
x-li-uuid
AAYLIs/8ZEjAvJ03Lz+VXQ==
container.9caf09c9c021266a607b1663238eb48ad65a532e.css
fast.appcues.com/generic/main/4.60.44/ 		16 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fast.appcues.com/generic/main/4.60.44/container.9caf09c9c021266a607b1663238eb48ad65a532e.css
Requested by
Host: fast.appcues.com
URL: https://fast.appcues.com/generic/main/4.60.44/appcues.main.9caf09c9c021266a607b1663238eb48ad65a532e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c2f5a697cf483b8a50b286ec9481c2767bcc448ad563047894e7e623de8049eb

Request headers

Referer
https://design.fresha.com/
Origin
https://design.fresha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 14:06:45 GMT
content-encoding
gzip
via
1.1 varnish
x-amz-request-id
QYQN8X1X7F58TFYN
age
331475
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
1992
x-amz-id-2
ZbeiUi/ts6WHTJ6HbjgBbiP6Tx4/1N60F35+U13CLJBdyUlq6npQIKykn5HEG1xUowV0c8xjQ2Y=
x-served-by
cache-fra-eddf8230057-FRA
last-modified
Thu, 23 Nov 2023 17:48:20 GMT
server
AmazonS3
x-timer
S1701094005.475281,VS0,VE0
etag
"5be05ce494e7cac41d062a0b12a1657c"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/css; charset=utf-8;
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With,Authorization
x-cache-hits
11626
view
api.zeroheight.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.zeroheight.com/view
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.135.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-135-139.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://design.fresha.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent,X-Amzn-Trace-Id
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Mon, 27 Nov 2023 14:06:46 GMT
x-amz-apigw-id
PD5SgHX9DoEERnA=
x-amzn-requestid
f8e424c4-bfd2-4973-b452-caf3b171009f
/
sentry.io/api/1297203/envelope/ 		2 B
57 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.io/api/1297203/envelope/?sentry_key=2cda59db5cb04520a5bffe1736d73cee&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.51.2
Requested by
Host: cdn.zeroheight.com
URL: https://cdn.zeroheight.com/1.5.9.4607/app.js?version=1.5.9.4607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.247.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.247.186.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://design.fresha.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 27 Nov 2023 14:06:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
/
sentry.io/api/1297203/envelope/ 		2 B
57 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.io/api/1297203/envelope/?sentry_key=2cda59db5cb04520a5bffe1736d73cee&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.51.2
Requested by
Host: cdn.zeroheight.com
URL: https://cdn.zeroheight.com/1.5.9.4607/app.js?version=1.5.9.4607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.247.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.247.186.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://design.fresha.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 27 Nov 2023 14:06:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
/
sentry.io/api/1297203/envelope/ 		2 B
324 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.io/api/1297203/envelope/?sentry_key=2cda59db5cb04520a5bffe1736d73cee&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.51.2
Requested by
Host: cdn.zeroheight.com
URL: https://cdn.zeroheight.com/1.5.9.4607/app.js?version=1.5.9.4607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.247.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.247.186.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://design.fresha.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 27 Nov 2023 14:06:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
load_blocks
design.fresha.com/api/styleguide/ 		1 MB
121 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://design.fresha.com/api/styleguide/load_blocks
Requested by
Host: cdn.zeroheight.com
URL: https://cdn.zeroheight.com/1.5.9.4607/app.js?version=1.5.9.4607
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.17.94 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-17-94.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6d3ea8f0b977f2398f0767dd22eb304987f51d9f471bff61cd8078fc85286264
Security Headers
Name Value
Content-Security-Policy default-src https: 'self'; connect-src *.hotjar.com:* vc.hotjar.io:* surveystats.hotjar.io wss://*.hotjar.com wss://api.appcues.net:* https: 'self' wss://*.zeroheight.dev:* wss://replay.uxtweak.com:* *.google-analytics.com *.analytics.google.com *.googletagmanager.com; font-src 'self' data: script.hotjar.com https:; img-src 'self' https: data: blob: script.hotjar.com *.google-analytics.com *.googletagmanager.com; object-src 'none'; script-src 'self' https: js.stripe.c 'unsafe-eval' static.hotjar.com script.hotjar.com js.stripe.com maps.googleapis.com public.profitwell.com fast.appcues.com static.zdassets.com *.googletagmanager.com js.hs-scripts.com snap.licdn.com js.hs-banner.com js.hs-analytics.net js.hsforms.net js.usemessages.com js.hsadspixel.net cdn.amplitude.com www.google-analytics.com static.ads-twitter.com ethn.io *.ads.linkedin.com *.google.com *.facebook.net; style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

X-CSRF-Token
NNbn92r8ppPmbHojUgrKMaVPRc8uZKtI9SMuThKSLe8s5C3i5/YWb6pWVKCYTwKt4bQMXroqzi8rqzqShmLs+Q==
accept-language
de-DE,de;q=0.9
Authorization
Token token="Rl5Uh2ZQNA_klFIYEKbqPw"
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
*/*
Referer
https://design.fresha.com/
X-Requested-With
XMLHttpRequest

Response headers

x-rack-cors
miss; no-path
Date
Mon, 27 Nov 2023 14:06:46 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src https: 'self'; connect-src *.hotjar.com:* vc.hotjar.io:* surveystats.hotjar.io wss://*.hotjar.com wss://api.appcues.net:* https: 'self' wss://*.zeroheight.dev:* wss://replay.uxtweak.com:* *.google-analytics.com *.analytics.google.com *.googletagmanager.com; font-src 'self' data: script.hotjar.com https:; img-src 'self' https: data: blob: script.hotjar.com *.google-analytics.com *.googletagmanager.com; object-src 'none'; script-src 'self' https: js.stripe.c 'unsafe-eval' static.hotjar.com script.hotjar.com js.stripe.com maps.googleapis.com public.profitwell.com fast.appcues.com static.zdassets.com *.googletagmanager.com js.hs-scripts.com snap.licdn.com js.hs-banner.com js.hs-analytics.net js.hsforms.net js.usemessages.com js.hsadspixel.net cdn.amplitude.com www.google-analytics.com static.ads-twitter.com ethn.io *.ads.linkedin.com *.google.com *.facebook.net; style-src 'self' https: 'unsafe-inline'
Content-Encoding
gzip
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
ZH-Product-Name
zeroheight
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
c7f14aa4-3ded-4d24-8bb7-90c0ad53fa38
X-Runtime
0.401746
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
ETag
W/"6d3ea8f0b977f2398f0767dd22eb3049"
X-Download-Options
noopen
Vary
Accept-Encoding, Accept
X-Frame-Options
sameorigin
Content-Type
application/json; charset=utf-8
Cache-Control
max-age=0, private, must-revalidate
load_pages
design.fresha.com/api/styleguide/ 		1 MB
139 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://design.fresha.com/api/styleguide/load_pages
Requested by
Host: cdn.zeroheight.com
URL: https://cdn.zeroheight.com/1.5.9.4607/app.js?version=1.5.9.4607
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.17.94 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-17-94.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
61cea4afc0a46c96ce6536b7cca7330c03c3252675d424a46f3abd35af708711
Security Headers
Name Value
Content-Security-Policy default-src https: 'self'; connect-src *.hotjar.com:* vc.hotjar.io:* surveystats.hotjar.io wss://*.hotjar.com wss://api.appcues.net:* https: 'self' wss://*.zeroheight.dev:* wss://replay.uxtweak.com:* *.google-analytics.com *.analytics.google.com *.googletagmanager.com; font-src 'self' data: script.hotjar.com https:; img-src 'self' https: data: blob: script.hotjar.com *.google-analytics.com *.googletagmanager.com; object-src 'none'; script-src 'self' https: js.stripe.c 'unsafe-eval' static.hotjar.com script.hotjar.com js.stripe.com maps.googleapis.com public.profitwell.com fast.appcues.com static.zdassets.com *.googletagmanager.com js.hs-scripts.com snap.licdn.com js.hs-banner.com js.hs-analytics.net js.hsforms.net js.usemessages.com js.hsadspixel.net cdn.amplitude.com www.google-analytics.com static.ads-twitter.com ethn.io *.ads.linkedin.com *.google.com *.facebook.net; style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

X-CSRF-Token
NNbn92r8ppPmbHojUgrKMaVPRc8uZKtI9SMuThKSLe8s5C3i5/YWb6pWVKCYTwKt4bQMXroqzi8rqzqShmLs+Q==
accept-language
de-DE,de;q=0.9
Authorization
Token token="Rl5Uh2ZQNA_klFIYEKbqPw"
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
*/*
Referer
https://design.fresha.com/
X-Requested-With
XMLHttpRequest

Response headers

x-rack-cors
miss; no-path
Date
Mon, 27 Nov 2023 14:06:47 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src https: 'self'; connect-src *.hotjar.com:* vc.hotjar.io:* surveystats.hotjar.io wss://*.hotjar.com wss://api.appcues.net:* https: 'self' wss://*.zeroheight.dev:* wss://replay.uxtweak.com:* *.google-analytics.com *.analytics.google.com *.googletagmanager.com; font-src 'self' data: script.hotjar.com https:; img-src 'self' https: data: blob: script.hotjar.com *.google-analytics.com *.googletagmanager.com; object-src 'none'; script-src 'self' https: js.stripe.c 'unsafe-eval' static.hotjar.com script.hotjar.com js.stripe.com maps.googleapis.com public.profitwell.com fast.appcues.com static.zdassets.com *.googletagmanager.com js.hs-scripts.com snap.licdn.com js.hs-banner.com js.hs-analytics.net js.hsforms.net js.usemessages.com js.hsadspixel.net cdn.amplitude.com www.google-analytics.com static.ads-twitter.com ethn.io *.ads.linkedin.com *.google.com *.facebook.net; style-src 'self' https: 'unsafe-inline'
Content-Encoding
gzip
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
ZH-Product-Name
zeroheight
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
ddb3bdc4-72e8-48f0-a8c6-a051092d281f
X-Runtime
1.358856
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
ETag
W/"61cea4afc0a46c96ce6536b7cca7330c"
X-Download-Options
noopen
Vary
Accept-Encoding, Accept
X-Frame-Options
sameorigin
Content-Type
application/json; charset=utf-8
Cache-Control
max-age=0, private, must-revalidate
load_integration_content
design.fresha.com/api/styleguide/ 		26 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://design.fresha.com/api/styleguide/load_integration_content
Requested by
Host: cdn.zeroheight.com
URL: https://cdn.zeroheight.com/1.5.9.4607/app.js?version=1.5.9.4607
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.17.94 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-17-94.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
10e88a70290cac831932a7d0e89c6f2e252133ccb7028fd1d3e2b5e061064ec6
Security Headers
Name Value
Content-Security-Policy default-src https: 'self'; connect-src *.hotjar.com:* vc.hotjar.io:* surveystats.hotjar.io wss://*.hotjar.com wss://api.appcues.net:* https: 'self' wss://*.zeroheight.dev:* wss://replay.uxtweak.com:* *.google-analytics.com *.analytics.google.com *.googletagmanager.com; font-src 'self' data: script.hotjar.com https:; img-src 'self' https: data: blob: script.hotjar.com *.google-analytics.com *.googletagmanager.com; object-src 'none'; script-src 'self' https: js.stripe.c 'unsafe-eval' static.hotjar.com script.hotjar.com js.stripe.com maps.googleapis.com public.profitwell.com fast.appcues.com static.zdassets.com *.googletagmanager.com js.hs-scripts.com snap.licdn.com js.hs-banner.com js.hs-analytics.net js.hsforms.net js.usemessages.com js.hsadspixel.net cdn.amplitude.com www.google-analytics.com static.ads-twitter.com ethn.io *.ads.linkedin.com *.google.com *.facebook.net; style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://design.fresha.com/
X-CSRF-Token
NNbn92r8ppPmbHojUgrKMaVPRc8uZKtI9SMuThKSLe8s5C3i5/YWb6pWVKCYTwKt4bQMXroqzi8rqzqShmLs+Q==
accept-language
de-DE,de;q=0.9
Authorization
Token token="Rl5Uh2ZQNA_klFIYEKbqPw"
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

x-rack-cors
miss; no-path
Date
Mon, 27 Nov 2023 14:06:46 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src https: 'self'; connect-src *.hotjar.com:* vc.hotjar.io:* surveystats.hotjar.io wss://*.hotjar.com wss://api.appcues.net:* https: 'self' wss://*.zeroheight.dev:* wss://replay.uxtweak.com:* *.google-analytics.com *.analytics.google.com *.googletagmanager.com; font-src 'self' data: script.hotjar.com https:; img-src 'self' https: data: blob: script.hotjar.com *.google-analytics.com *.googletagmanager.com; object-src 'none'; script-src 'self' https: js.stripe.c 'unsafe-eval' static.hotjar.com script.hotjar.com js.stripe.com maps.googleapis.com public.profitwell.com fast.appcues.com static.zdassets.com *.googletagmanager.com js.hs-scripts.com snap.licdn.com js.hs-banner.com js.hs-analytics.net js.hsforms.net js.usemessages.com js.hsadspixel.net cdn.amplitude.com www.google-analytics.com static.ads-twitter.com ethn.io *.ads.linkedin.com *.google.com *.facebook.net; style-src 'self' https: 'unsafe-inline'
Content-Encoding
gzip
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
ZH-Product-Name
zeroheight
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
4e1a907b-599a-4eae-b1d6-8e48228f8007
X-Runtime
0.158371
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
ETag
W/"10e88a70290cac831932a7d0e89c6f2e"
X-Download-Options
noopen
Vary
Accept-Encoding, Accept
X-Frame-Options
sameorigin
Content-Type
application/json; charset=utf-8
Cache-Control
max-age=0, private, must-revalidate
inline_token_mention
design.fresha.com/api/token_management/ 		28 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://design.fresha.com/api/token_management/inline_token_mention?styleguide_id=90029
Requested by
Host: cdn.zeroheight.com
URL: https://cdn.zeroheight.com/1.5.9.4607/app.js?version=1.5.9.4607
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.17.94 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-17-94.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
dfbee1df5fdfdfe4af07881090899e35d84128c90f7ad3a121b3b28c00e3c809
Security Headers
Name Value
Content-Security-Policy default-src https: 'self'; connect-src *.hotjar.com:* vc.hotjar.io:* surveystats.hotjar.io wss://*.hotjar.com wss://api.appcues.net:* https: 'self' wss://*.zeroheight.dev:* wss://replay.uxtweak.com:* *.google-analytics.com *.analytics.google.com *.googletagmanager.com; font-src 'self' data: script.hotjar.com https:; img-src 'self' https: data: blob: script.hotjar.com *.google-analytics.com *.googletagmanager.com; object-src 'none'; script-src 'self' https: js.stripe.c 'unsafe-eval' static.hotjar.com script.hotjar.com js.stripe.com maps.googleapis.com public.profitwell.com fast.appcues.com static.zdassets.com *.googletagmanager.com js.hs-scripts.com snap.licdn.com js.hs-banner.com js.hs-analytics.net js.hsforms.net js.usemessages.com js.hsadspixel.net cdn.amplitude.com www.google-analytics.com static.ads-twitter.com ethn.io *.ads.linkedin.com *.google.com *.facebook.net; style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://design.fresha.com/
X-CSRF-Token
NNbn92r8ppPmbHojUgrKMaVPRc8uZKtI9SMuThKSLe8s5C3i5/YWb6pWVKCYTwKt4bQMXroqzi8rqzqShmLs+Q==
accept-language
de-DE,de;q=0.9
Authorization
Token token="Rl5Uh2ZQNA_klFIYEKbqPw"
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

x-rack-cors
miss; no-origin
Date
Mon, 27 Nov 2023 14:06:46 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src https: 'self'; connect-src *.hotjar.com:* vc.hotjar.io:* surveystats.hotjar.io wss://*.hotjar.com wss://api.appcues.net:* https: 'self' wss://*.zeroheight.dev:* wss://replay.uxtweak.com:* *.google-analytics.com *.analytics.google.com *.googletagmanager.com; font-src 'self' data: script.hotjar.com https:; img-src 'self' https: data: blob: script.hotjar.com *.google-analytics.com *.googletagmanager.com; object-src 'none'; script-src 'self' https: js.stripe.c 'unsafe-eval' static.hotjar.com script.hotjar.com js.stripe.com maps.googleapis.com public.profitwell.com fast.appcues.com static.zdassets.com *.googletagmanager.com js.hs-scripts.com snap.licdn.com js.hs-banner.com js.hs-analytics.net js.hsforms.net js.usemessages.com js.hsadspixel.net cdn.amplitude.com www.google-analytics.com static.ads-twitter.com ethn.io *.ads.linkedin.com *.google.com *.facebook.net; style-src 'self' https: 'unsafe-inline'
Content-Encoding
gzip
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
ZH-Product-Name
zeroheight
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
bf472edd-5ebe-4fd1-8013-c0f3096f5213
X-Runtime
0.017239
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
ETag
W/"dfbee1df5fdfdfe4af07881090899e35"
X-Download-Options
noopen
Vary
Accept-Encoding, Accept
X-Frame-Options
sameorigin
Content-Type
application/json; charset=utf-8
Cache-Control
max-age=0, private, must-revalidate
load_token_blocks
design.fresha.com/api/styleguide/ 		19 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://design.fresha.com/api/styleguide/load_token_blocks?id=90029&share_link=true
Requested by
Host: cdn.zeroheight.com
URL: https://cdn.zeroheight.com/1.5.9.4607/app.js?version=1.5.9.4607
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.17.94 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-17-94.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a7ca1cb79aab5e64134322235db28c9bc620ded4666b48f791b4a5ddef1bc59f
Security Headers
Name Value
Content-Security-Policy default-src https: 'self'; connect-src *.hotjar.com:* vc.hotjar.io:* surveystats.hotjar.io wss://*.hotjar.com wss://api.appcues.net:* https: 'self' wss://*.zeroheight.dev:* wss://replay.uxtweak.com:* *.google-analytics.com *.analytics.google.com *.googletagmanager.com; font-src 'self' data: script.hotjar.com https:; img-src 'self' https: data: blob: script.hotjar.com *.google-analytics.com *.googletagmanager.com; object-src 'none'; script-src 'self' https: js.stripe.c 'unsafe-eval' static.hotjar.com script.hotjar.com js.stripe.com maps.googleapis.com public.profitwell.com fast.appcues.com static.zdassets.com *.googletagmanager.com js.hs-scripts.com snap.licdn.com js.hs-banner.com js.hs-analytics.net js.hsforms.net js.usemessages.com js.hsadspixel.net cdn.amplitude.com www.google-analytics.com static.ads-twitter.com ethn.io *.ads.linkedin.com *.google.com *.facebook.net; style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://design.fresha.com/
X-CSRF-Token
NNbn92r8ppPmbHojUgrKMaVPRc8uZKtI9SMuThKSLe8s5C3i5/YWb6pWVKCYTwKt4bQMXroqzi8rqzqShmLs+Q==
accept-language
de-DE,de;q=0.9
Authorization
Token token="Rl5Uh2ZQNA_klFIYEKbqPw"
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

x-rack-cors
miss; no-origin
Date
Mon, 27 Nov 2023 14:06:46 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src https: 'self'; connect-src *.hotjar.com:* vc.hotjar.io:* surveystats.hotjar.io wss://*.hotjar.com wss://api.appcues.net:* https: 'self' wss://*.zeroheight.dev:* wss://replay.uxtweak.com:* *.google-analytics.com *.analytics.google.com *.googletagmanager.com; font-src 'self' data: script.hotjar.com https:; img-src 'self' https: data: blob: script.hotjar.com *.google-analytics.com *.googletagmanager.com; object-src 'none'; script-src 'self' https: js.stripe.c 'unsafe-eval' static.hotjar.com script.hotjar.com js.stripe.com maps.googleapis.com public.profitwell.com fast.appcues.com static.zdassets.com *.googletagmanager.com js.hs-scripts.com snap.licdn.com js.hs-banner.com js.hs-analytics.net js.hsforms.net js.usemessages.com js.hsadspixel.net cdn.amplitude.com www.google-analytics.com static.ads-twitter.com ethn.io *.ads.linkedin.com *.google.com *.facebook.net; style-src 'self' https: 'unsafe-inline'
Content-Encoding
gzip
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
ZH-Product-Name
zeroheight
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
4b48ea52-5110-4259-ad4b-34a23eb6ba03
X-Runtime
0.062702
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
ETag
W/"a7ca1cb79aab5e64134322235db28c9b"
X-Download-Options
noopen
Vary
Accept-Encoding, Accept
X-Frame-Options
sameorigin
Content-Type
application/json; charset=utf-8
Cache-Control
max-age=0, private, must-revalidate
themes
design.fresha.com/api/styleguide/90029/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://design.fresha.com/api/styleguide/90029/themes?
Requested by
Host: cdn.zeroheight.com
URL: https://cdn.zeroheight.com/1.5.9.4607/app.js?version=1.5.9.4607
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.17.94 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-17-94.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ba8da408cdfb86612b0ea3efdad75249e47a37c2e07ccbbc29a42418686444f4
Security Headers
Name Value
Content-Security-Policy default-src https: 'self'; connect-src *.hotjar.com:* vc.hotjar.io:* surveystats.hotjar.io wss://*.hotjar.com wss://api.appcues.net:* https: 'self' wss://*.zeroheight.dev:* wss://replay.uxtweak.com:* *.google-analytics.com *.analytics.google.com *.googletagmanager.com; font-src 'self' data: script.hotjar.com https:; img-src 'self' https: data: blob: script.hotjar.com *.google-analytics.com *.googletagmanager.com; object-src 'none'; script-src 'self' https: js.stripe.c 'unsafe-eval' static.hotjar.com script.hotjar.com js.stripe.com maps.googleapis.com public.profitwell.com fast.appcues.com static.zdassets.com *.googletagmanager.com js.hs-scripts.com snap.licdn.com js.hs-banner.com js.hs-analytics.net js.hsforms.net js.usemessages.com js.hsadspixel.net cdn.amplitude.com www.google-analytics.com static.ads-twitter.com ethn.io *.ads.linkedin.com *.google.com *.facebook.net; style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://design.fresha.com/
X-CSRF-Token
NNbn92r8ppPmbHojUgrKMaVPRc8uZKtI9SMuThKSLe8s5C3i5/YWb6pWVKCYTwKt4bQMXroqzi8rqzqShmLs+Q==
accept-language
de-DE,de;q=0.9
Authorization
Token token="Rl5Uh2ZQNA_klFIYEKbqPw"
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

x-rack-cors
miss; no-origin
Date
Mon, 27 Nov 2023 14:06:46 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src https: 'self'; connect-src *.hotjar.com:* vc.hotjar.io:* surveystats.hotjar.io wss://*.hotjar.com wss://api.appcues.net:* https: 'self' wss://*.zeroheight.dev:* wss://replay.uxtweak.com:* *.google-analytics.com *.analytics.google.com *.googletagmanager.com; font-src 'self' data: script.hotjar.com https:; img-src 'self' https: data: blob: script.hotjar.com *.google-analytics.com *.googletagmanager.com; object-src 'none'; script-src 'self' https: js.stripe.c 'unsafe-eval' static.hotjar.com script.hotjar.com js.stripe.com maps.googleapis.com public.profitwell.com fast.appcues.com static.zdassets.com *.googletagmanager.com js.hs-scripts.com snap.licdn.com js.hs-banner.com js.hs-analytics.net js.hsforms.net js.usemessages.com js.hsadspixel.net cdn.amplitude.com www.google-analytics.com static.ads-twitter.com ethn.io *.ads.linkedin.com *.google.com *.facebook.net; style-src 'self' https: 'unsafe-inline'
Content-Encoding
gzip
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
ZH-Product-Name
zeroheight
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
48d9dfb0-a64f-4d05-bb10-b538d3dd987f
X-Runtime
0.037430
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
ETag
W/"ba8da408cdfb86612b0ea3efdad75249"
X-Download-Options
noopen
Vary
Accept-Encoding, Accept
X-Frame-Options
sameorigin
Content-Type
application/json; charset=utf-8
Cache-Control
max-age=0, private, must-revalidate
themes
design.fresha.com/api/styleguide/90029/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://design.fresha.com/api/styleguide/90029/themes?
Requested by
Host: cdn.zeroheight.com
URL: https://cdn.zeroheight.com/1.5.9.4607/app.js?version=1.5.9.4607
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.17.94 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-17-94.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ba8da408cdfb86612b0ea3efdad75249e47a37c2e07ccbbc29a42418686444f4
Security Headers
Name Value
Content-Security-Policy default-src https: 'self'; connect-src *.hotjar.com:* vc.hotjar.io:* surveystats.hotjar.io wss://*.hotjar.com wss://api.appcues.net:* https: 'self' wss://*.zeroheight.dev:* wss://replay.uxtweak.com:* *.google-analytics.com *.analytics.google.com *.googletagmanager.com; font-src 'self' data: script.hotjar.com https:; img-src 'self' https: data: blob: script.hotjar.com *.google-analytics.com *.googletagmanager.com; object-src 'none'; script-src 'self' https: js.stripe.c 'unsafe-eval' static.hotjar.com script.hotjar.com js.stripe.com maps.googleapis.com public.profitwell.com fast.appcues.com static.zdassets.com *.googletagmanager.com js.hs-scripts.com snap.licdn.com js.hs-banner.com js.hs-analytics.net js.hsforms.net js.usemessages.com js.hsadspixel.net cdn.amplitude.com www.google-analytics.com static.ads-twitter.com ethn.io *.ads.linkedin.com *.google.com *.facebook.net; style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://design.fresha.com/
X-CSRF-Token
NNbn92r8ppPmbHojUgrKMaVPRc8uZKtI9SMuThKSLe8s5C3i5/YWb6pWVKCYTwKt4bQMXroqzi8rqzqShmLs+Q==
accept-language
de-DE,de;q=0.9
Authorization
Token token="Rl5Uh2ZQNA_klFIYEKbqPw"
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

x-rack-cors
miss; no-origin
Date
Mon, 27 Nov 2023 14:06:46 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src https: 'self'; connect-src *.hotjar.com:* vc.hotjar.io:* surveystats.hotjar.io wss://*.hotjar.com wss://api.appcues.net:* https: 'self' wss://*.zeroheight.dev:* wss://replay.uxtweak.com:* *.google-analytics.com *.analytics.google.com *.googletagmanager.com; font-src 'self' data: script.hotjar.com https:; img-src 'self' https: data: blob: script.hotjar.com *.google-analytics.com *.googletagmanager.com; object-src 'none'; script-src 'self' https: js.stripe.c 'unsafe-eval' static.hotjar.com script.hotjar.com js.stripe.com maps.googleapis.com public.profitwell.com fast.appcues.com static.zdassets.com *.googletagmanager.com js.hs-scripts.com snap.licdn.com js.hs-banner.com js.hs-analytics.net js.hsforms.net js.usemessages.com js.hsadspixel.net cdn.amplitude.com www.google-analytics.com static.ads-twitter.com ethn.io *.ads.linkedin.com *.google.com *.facebook.net; style-src 'self' https: 'unsafe-inline'
Content-Encoding
gzip
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
ZH-Product-Name
zeroheight
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
7a01088c-2f78-43b8-8964-97c4154aad45
X-Runtime
0.031058
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
ETag
W/"ba8da408cdfb86612b0ea3efdad75249"
X-Download-Options
noopen
Vary
Accept-Encoding, Accept
X-Frame-Options
sameorigin
Content-Type
application/json; charset=utf-8
Cache-Control
max-age=0, private, must-revalidate
css2
fonts.googleapis.com/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2
Requested by
Host: cdn.zeroheight.com
URL: https://cdn.zeroheight.com/1.5.9.4607/app.js?version=1.5.9.4607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://design.fresha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
view
api.zeroheight.com/ 		28 B
446 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.zeroheight.com/view
Requested by
Host: cdn.zeroheight.com
URL: https://cdn.zeroheight.com/1.5.9.4607/app.js?version=1.5.9.4607
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.135.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-135-139.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a55cdbdee33189e33d7d91aee0487d88a6d5ba6b4e457859bfe2239ce671565f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

Referer
https://design.fresha.com/
accept-language
de-DE,de;q=0.9
Authorization
Token token="Rl5Uh2ZQNA_klFIYEKbqPw"
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 27 Nov 2023 14:06:46 GMT
mode
cors
referrer-policy
no-referrer
x-content-type-options
nosniff
x-amzn-requestid
4d2281cf-654d-4b90-84a3-49addd0c066d
x-amzn-trace-id
Root=1-6564a276-05576a5972dcaa4e6aba7355;Sampled=0;lineage=54010710:0
x-frame-options
deny
access-control-allow-methods
OPTIONS,POST,GET
content-type
application/json
access-control-allow-origin
*
credentials
omit
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization
content-length
28
x-amz-apigw-id
PD5ShF3njoEENug=
/
sentry.io/api/1297203/envelope/ 		2 B
60 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.io/api/1297203/envelope/?sentry_key=2cda59db5cb04520a5bffe1736d73cee&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.51.2
Requested by
Host: cdn.zeroheight.com
URL: https://cdn.zeroheight.com/1.5.9.4607/app.js?version=1.5.9.4607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.247.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.247.186.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://design.fresha.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 27 Nov 2023 14:06:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
2
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
/
sentry.io/api/1297203/envelope/ 		2 B
57 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.io/api/1297203/envelope/?sentry_key=2cda59db5cb04520a5bffe1736d73cee&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.51.2
Requested by
Host: cdn.zeroheight.com
URL: https://cdn.zeroheight.com/1.5.9.4607/app.js?version=1.5.9.4607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.247.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.247.186.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://design.fresha.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 27 Nov 2023 14:06:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
spin.gif
design.fresha.com/images/zhapp/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://design.fresha.com/images/zhapp/spin.gif
Requested by
Host: design.fresha.com
URL: https://design.fresha.com/27e3488e9/p/88cfab-fresha-design-system
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.17.94 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-17-94.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
00ce3cf487e823d14a89eab41ece2d3deadb0545ab404cacc2a22ecd796b04ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://design.fresha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 14:06:46 GMT
Last-Modified
Mon, 27 Nov 2023 13:26:37 GMT
ETag
"6564990d-7c9f"
Content-Type
image/gif
ZH-Product-Name
zeroheight
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
31903
full-logo-350.png
design.fresha.com/images/zhapp/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://design.fresha.com/images/zhapp/full-logo-350.png
Requested by
Host: design.fresha.com
URL: https://design.fresha.com/27e3488e9/p/88cfab-fresha-design-system
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.17.94 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-17-94.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
3d94835ab2a852468ac15cace920aa5aec4fd25734869739111f87b062dcd7b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://design.fresha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 14:06:46 GMT
Last-Modified
Mon, 27 Nov 2023 13:26:37 GMT
ETag
"6564990d-1267"
Content-Type
image/png
ZH-Product-Name
zeroheight
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4711
multidrag.png
design.fresha.com/images/zhapp/ 		523 B
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://design.fresha.com/images/zhapp/multidrag.png
Requested by
Host: design.fresha.com
URL: https://design.fresha.com/27e3488e9/p/88cfab-fresha-design-system
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.17.94 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-17-94.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
92f9c5adcb1361309d91e0587b85b10fa3279396e9aa791f2759e7be5514c3eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://design.fresha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 14:06:46 GMT
Last-Modified
Mon, 27 Nov 2023 13:26:37 GMT
ETag
"6564990d-20b"
Content-Type
image/png
ZH-Product-Name
zeroheight
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
523
logo.png
zeroheight.s3.eu-west-1.amazonaws.com/zeroheight-huddle/logos/44202/90029/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zeroheight.s3.eu-west-1.amazonaws.com/zeroheight-huddle/logos/44202/90029/logo.png?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIA3AVNYHQK63XCNSNR%2F20231127%2Feu-west-1%2Fs3%2Faws4_request&X-Amz-Date=20231127T140644Z&X-Amz-Expires=86400&X-Amz-SignedHeaders=host&X-Amz-Signature=ca3a3625a99d0b03a0fdfb1b92357a22892731e254dc1e16c0b3cfdcb599c818
Requested by
Host: design.fresha.com
URL: https://design.fresha.com/27e3488e9/p/88cfab-fresha-design-system
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.92.35.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
6282f891948662e2dc4dfc90fe9018ddd2bfadc2c3e6b7531f0a398362ce1065

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://design.fresha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 14:06:47 GMT
x-amz-version-id
nvkBeAACv097nIn3nPB9O7N7soy304WK
Last-Modified
Thu, 18 Aug 2022 11:48:07 GMT
Server
AmazonS3
x-amz-request-id
Z2WQPB26JK0XJ379
ETag
"02e38089928eaf5b3a7393d927ec41db"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
22586
x-amz-id-2
1neyJAPAspppvnQ8cu4z9Z6ydDbBwpN5aPCy5O36Wv8SnQpIROCtJ0UTox/eYPwmgiq5+ZIs9Fk=
published_releases
design.fresha.com/api/styleguide/90029/ 		36 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://design.fresha.com/api/styleguide/90029/published_releases
Requested by
Host: cdn.zeroheight.com
URL: https://cdn.zeroheight.com/1.5.9.4607/app.js?version=1.5.9.4607
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.17.94 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-17-94.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
cc3b4ffee8c8f1e62a17ebb1653ed2d9b98a86fd33fd0ad91c048df6cb2b257f
Security Headers
Name Value
Content-Security-Policy default-src https: 'self'; connect-src *.hotjar.com:* vc.hotjar.io:* surveystats.hotjar.io wss://*.hotjar.com wss://api.appcues.net:* https: 'self' wss://*.zeroheight.dev:* wss://replay.uxtweak.com:* *.google-analytics.com *.analytics.google.com *.googletagmanager.com; font-src 'self' data: script.hotjar.com https:; img-src 'self' https: data: blob: script.hotjar.com *.google-analytics.com *.googletagmanager.com; object-src 'none'; script-src 'self' https: js.stripe.c 'unsafe-eval' static.hotjar.com script.hotjar.com js.stripe.com maps.googleapis.com public.profitwell.com fast.appcues.com static.zdassets.com *.googletagmanager.com js.hs-scripts.com snap.licdn.com js.hs-banner.com js.hs-analytics.net js.hsforms.net js.usemessages.com js.hsadspixel.net cdn.amplitude.com www.google-analytics.com static.ads-twitter.com ethn.io *.ads.linkedin.com *.google.com *.facebook.net; style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://design.fresha.com/
X-CSRF-Token
NNbn92r8ppPmbHojUgrKMaVPRc8uZKtI9SMuThKSLe8s5C3i5/YWb6pWVKCYTwKt4bQMXroqzi8rqzqShmLs+Q==
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
Authorization
Token token="Rl5Uh2ZQNA_klFIYEKbqPw"
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-rack-cors
miss; no-origin
Date
Mon, 27 Nov 2023 14:06:46 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src https: 'self'; connect-src *.hotjar.com:* vc.hotjar.io:* surveystats.hotjar.io wss://*.hotjar.com wss://api.appcues.net:* https: 'self' wss://*.zeroheight.dev:* wss://replay.uxtweak.com:* *.google-analytics.com *.analytics.google.com *.googletagmanager.com; font-src 'self' data: script.hotjar.com https:; img-src 'self' https: data: blob: script.hotjar.com *.google-analytics.com *.googletagmanager.com; object-src 'none'; script-src 'self' https: js.stripe.c 'unsafe-eval' static.hotjar.com script.hotjar.com js.stripe.com maps.googleapis.com public.profitwell.com fast.appcues.com static.zdassets.com *.googletagmanager.com js.hs-scripts.com snap.licdn.com js.hs-banner.com js.hs-analytics.net js.hsforms.net js.usemessages.com js.hsadspixel.net cdn.amplitude.com www.google-analytics.com static.ads-twitter.com ethn.io *.ads.linkedin.com *.google.com *.facebook.net; style-src 'self' https: 'unsafe-inline'
Content-Encoding
gzip
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
ZH-Product-Name
zeroheight
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
28aed125-4736-45b8-b811-fbff21248916
X-Runtime
0.032809
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
ETag
W/"cc3b4ffee8c8f1e62a17ebb1653ed2d9"
X-Download-Options
noopen
Vary
Accept-Encoding, Accept
X-Frame-Options
sameorigin
Content-Type
application/json; charset=utf-8
Cache-Control
max-age=0, private, must-revalidate
web-widget-main-0345ad6.js
static.zdassets.com/web_widget/classic/latest/ Frame D213 		923 KB
265 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-main-0345ad6.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=4e92de70-6fb3-4abf-81a3-b1598809f1ba
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5147cf5352bb6f99d31467dfec38f9573476d093433cda65441668df8617bbc
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 14:06:46 GMT
x-amz-version-id
4cbhc1.6rLf_h9ym68WJ6KIAscXI23.M
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
5NGBX16WRWF7DSW1
age
1607151
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
+Ajtx2ABzNKgYpFlxKPmlS5D70waiNiWHkGseVNjR6Do+j/+xqVDmte+7SY+9KbOzSYQYXTFMdI=
last-modified
Mon, 06 Nov 2023 00:49:00 GMT
server
cloudflare
etag
W/"d21ab80a38e205ddac2cf2e5ff41ab5d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8dJDa%2BUO9Dx3E2phGG%2BuE07NwDdO9WeuL6YK9sL9GlCeOrLteQPGY5Lb5BBBGTgFRqEIsmSvbIFZ%2FE4LJIQ840F1pz565MlMfSGgRKVSspbWeoihEwNtc%2FfyFpUbkydSMWWVUNE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
82caef018e84690d-FRA
expires
Tue, 05 Nov 2024 00:48:59 GMT
RoobertPRO-Regular.woff2
cdn-static.fresha.com/design-system/ 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn-static.fresha.com/design-system/RoobertPRO-Regular.woff2
Requested by
Host: design.fresha.com
URL: https://design.fresha.com/27e3488e9/p/88cfab-fresha-design-system
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:ea00:6:85a:8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ffa43f1835b27c152691725b9d05fdc75953226e5ef720eef0540856c6bfca17

Request headers

Referer
https://design.fresha.com/
Origin
https://design.fresha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
YZHLt88qVLO0H68A3e.YCPpZzTqTPh_b
date
Mon, 27 Nov 2023 14:06:47 GMT
via
1.1 6fd3ab2be93b19c970fb371964d46d94.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43592
last-modified
Wed, 10 Aug 2022 14:02:59 GMT
server
AmazonS3
etag
"55f8580efd765ab8b1dcfa6052291cca"
access-control-max-age
3000
access-control-allow-methods
GET, POST, HEAD
content-type
binary/octet-stream
access-control-allow-origin
https://design.fresha.com
access-control-expose-headers
Location, Content-Length
vary
Accept-Encoding,Origin
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
6kD24a5BE2VbbuFHccA-c1GjCKdN7jeQG5KBvQa52p-Fcyr9K-vv7w==
en-us-json-0345ad6.js
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame D213 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-0345ad6.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-0345ad6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 14:06:46 GMT
x-amz-version-id
I_EA8shgdUVnTYVtPsngXZhS4fZlnaal
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
6XPQPMJFK9HBZXFD
age
1607147
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
JvJpRMIj/6/0z21uaK+Ba8XdKfIScSBfHFS1sNGDsLDUXNrIdadmDAOEv2Tsewra7C2GJHB9RhY=
last-modified
Mon, 06 Nov 2023 00:49:02 GMT
server
cloudflare
etag
W/"6eb45e96a7cbb4b8ca10897f3cf09981"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FIsfb7PciPFE8OD%2BECyfil1mK4%2B0egnN2JVytnnthq9Xwud%2BDi7ls9JNfi0aCzlF8VRJT1OBo6naPsHos%2B3BI53uwkAjsOpyXdGJiml42yPrYlz958LrzZnJYJe%2FF62hkwnWK24%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
82caef03889f690d-FRA
expires
Tue, 05 Nov 2024 00:49:01 GMT
config
zeroheightsupport.zendesk.com/embeddable/ Frame D213 		523 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://zeroheightsupport.zendesk.com/embeddable/config
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-0345ad6.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
654da56377a2ff75f0b3f891adf221dda88492d2215623dd3af3bf4fd30af339

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 14:06:46 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server
embeddable-app-server-55bf69765f-rbkms
x-cached
MISS
x-request-id
82caef040d266921-FRA
x-runtime
0.001877
last-modified
Mon, 27 Nov 2023 14:05:28 GMT
server
cloudflare
access-control-max-age
7200
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yf9yjOBjEgMG%2BNHDoIzvFsQbWj%2FX%2F4fgwX7WpfSlSTL%2Bm%2FseP2OV0otFfsL5gFKeLZ9LNYmY5whRHd91qh2h0AXNpeB3k57FBH9SdE9jaq3CjnxHsM8ZDkSPAZ%2FmsdjYRdR0uGuEKIzbkWFwJ0WP"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control
public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary
Origin, Accept-Encoding
cf-ray
82caef040d266921-FRA
hQDdmHy5UJ9QS4beDgztpQ.png
cdn.zeroheight.com/images/
Redirect Chain
  • https://design.fresha.com/uploads/hQDdmHy5UJ9QS4beDgztpQ.png
  • https://cdn.zeroheight.com/images/hQDdmHy5UJ9QS4beDgztpQ.png?Policy=eyJTdGF0ZW1lbnQiOlt7IlJlc291cmNlIjoiaHR0cHM6Ly9jZG4uemVyb2hlaWdodC5jb20vaW1hZ2VzL2hRRGRtSHk1VUo5UVM0YmVEZ3p0cFEucG5nIiwiQ29uZGl0a...
619 KB
620 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.zeroheight.com/images/hQDdmHy5UJ9QS4beDgztpQ.png?Policy=eyJTdGF0ZW1lbnQiOlt7IlJlc291cmNlIjoiaHR0cHM6Ly9jZG4uemVyb2hlaWdodC5jb20vaW1hZ2VzL2hRRGRtSHk1VUo5UVM0YmVEZ3p0cFEucG5nIiwiQ29uZGl0aW9uIjp7IkRhdGVMZXNzVGhhbiI6eyJBV1M6RXBvY2hUaW1lIjoxNzAxMTgwNDA3fX19XX0_&Signature=sQ4tTFgjD~2lqO9XTJZDoEKaUQQZxy2IjeW5wsfKX7-ARNsD~V4wvLiSQo3pT2Jz8sOgMOyTLKV4Ds5NrvT0-P6QkXzDlOIE-bPhCNLO~Qm31FmqRgdwmAyYJSdM9zSjoZjrntnJpYsNuUSd9K4pyt5vkyyeHYhYSggqXqXr06yqVLfS2hZA789Rwy-HrhVgVT769GPZc6uDFaXGgJPAGZTnHLxlDU4vnyuiAmX6g0nFHNlB4CrNcn9LvKdFehFwVhDI5K~p1P-09Ti6hJavNTkw1sJjaBwKj6ggF5T1PDnQNCGmhlX-dKTqIvqqTnEDTsEveE2O2x6r2NjU3a5~9Q__&Key-Pair-Id=KDUNFXWNWK45P
Protocol
H2
Server
13.32.27.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-54.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4c816ff3c0b4a1867628d6a4d18bb4b46682cd5790b138c2b9d147da4e27685a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://design.fresha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 09:44:53 GMT
x-amz-version-id
BL9mqstnXPTjb3pyc80sECqqCTeBTeqo
via
1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
last-modified
Thu, 18 Aug 2022 11:30:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
15715
etag
"aba50cd1146140ed4b03eab0d50867b3"
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
633924
x-amz-cf-id
8uKfnGrh0vn0gOkI_RZsfzmxOieJM8BF7QF17GVSpgMOarubWJK54A==

Redirect headers

x-rack-cors
miss; no-origin
Date
Mon, 27 Nov 2023 14:06:47 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src https: 'self'; connect-src *.hotjar.com:* vc.hotjar.io:* surveystats.hotjar.io wss://*.hotjar.com wss://api.appcues.net:* https: 'self' wss://*.zeroheight.dev:* wss://replay.uxtweak.com:* *.google-analytics.com *.analytics.google.com *.googletagmanager.com; font-src 'self' data: script.hotjar.com https:; img-src 'self' https: data: blob: script.hotjar.com *.google-analytics.com *.googletagmanager.com; object-src 'none'; script-src 'self' https: js.stripe.c 'unsafe-eval' static.hotjar.com script.hotjar.com js.stripe.com maps.googleapis.com public.profitwell.com fast.appcues.com static.zdassets.com *.googletagmanager.com js.hs-scripts.com snap.licdn.com js.hs-banner.com js.hs-analytics.net js.hsforms.net js.usemessages.com js.hsadspixel.net cdn.amplitude.com www.google-analytics.com static.ads-twitter.com ethn.io *.ads.linkedin.com *.google.com *.facebook.net; style-src 'self' https: 'unsafe-inline'
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
ZH-Product-Name
zeroheight
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
5b2f39cf-3859-409a-a34c-a65f0730021f
X-Runtime
0.006680
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
X-Download-Options
noopen
X-Frame-Options
sameorigin
Content-Type
text/html; charset=utf-8
Location
https://cdn.zeroheight.com/images/hQDdmHy5UJ9QS4beDgztpQ.png?Policy=eyJTdGF0ZW1lbnQiOlt7IlJlc291cmNlIjoiaHR0cHM6Ly9jZG4uemVyb2hlaWdodC5jb20vaW1hZ2VzL2hRRGRtSHk1VUo5UVM0YmVEZ3p0cFEucG5nIiwiQ29uZGl0aW9uIjp7IkRhdGVMZXNzVGhhbiI6eyJBV1M6RXBvY2hUaW1lIjoxNzAxMTgwNDA3fX19XX0_&Signature=sQ4tTFgjD~2lqO9XTJZDoEKaUQQZxy2IjeW5wsfKX7-ARNsD~V4wvLiSQo3pT2Jz8sOgMOyTLKV4Ds5NrvT0-P6QkXzDlOIE-bPhCNLO~Qm31FmqRgdwmAyYJSdM9zSjoZjrntnJpYsNuUSd9K4pyt5vkyyeHYhYSggqXqXr06yqVLfS2hZA789Rwy-HrhVgVT769GPZc6uDFaXGgJPAGZTnHLxlDU4vnyuiAmX6g0nFHNlB4CrNcn9LvKdFehFwVhDI5K~p1P-09Ti6hJavNTkw1sJjaBwKj6ggF5T1PDnQNCGmhlX-dKTqIvqqTnEDTsEveE2O2x6r2NjU3a5~9Q__&Key-Pair-Id=KDUNFXWNWK45P
Cache-Control
no-cache
RoobertPRO-SemiBold.woff2
cdn-static.fresha.com/design-system/ 		43 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn-static.fresha.com/design-system/RoobertPRO-SemiBold.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:ea00:6:85a:8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ba65a26a40a70473419f639afbbb8efb620fb84067694e01590f9652700837cc

Request headers

Referer
https://design.fresha.com/
Origin
https://design.fresha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 14:06:48 GMT
x-amz-version-id
69DR2SW0L01.YvLRskJNyAekR.sy8ZXD
via
1.1 6fd3ab2be93b19c970fb371964d46d94.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
content-length
44200
last-modified
Wed, 10 Aug 2022 14:03:00 GMT
server
AmazonS3
etag
"5dadad1fc76273d84c9193b3deaf5c7c"
access-control-max-age
3000
access-control-allow-methods
GET, POST, HEAD
content-type
binary/octet-stream
access-control-allow-origin
https://design.fresha.com
access-control-expose-headers
Location, Content-Length
vary
Origin
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
SzTlcdrOycD0ORx68OOYhH9d_Oyfhm5KNXVtpEPGjHVer1tJ6nByeA==

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| documentPictureInPicture function| forgeryToken boolean| showCookieBanner string| SENTRY_DSN string| SENTRY_ENVIRONMENT object| dataLayer object| AppcuesSettings object| AppcuesBundleSettings object| Appcues object| zEWebpackACJsonp function| zE function| zEmbed function| setWidgetSettings function| styleLauncher function| onWidgetOpen function| linkStyleDocument function| hasBeenUpdated function| addCustomCSSRules function| customizeWidget object| zESettings string| _linkedin_partner_id object| _linkedin_data_partner_ids function| lintrk string| APP_VERSION string| APP_MODE object| USER_INFO string| DEFAULT_DOMAIN object| AVAILABLE_PLANS object| USER_ATTACHMENTS_WHITELIST number| USER_ATTACHMENTS_BATCH_LIMIT string| USER_ATTACHMENTS_MAX_FILE_SIZE string| FIGMA_CLIENT_ID string| ZEPLIN_CLIENT_ID boolean| KEEP_OPEN object| styleguideDetails string| STRIPE_KEY object| process object| hljs boolean| _already_called_lintrk object| regeneratorRuntime object| __SENTRY__ object| Backbone function| Quill object| less object| jsonlint function| _ boolean| loadingFigmaImages boolean| zEACLoaded function| $zopim object| _be

10 Cookies

Domain/Path Name / Value
design.fresha.com/ Name: loc_code
Value: DE
.fresha.com/ Name: viewer_uid
Value: TXEvaUgyUi9ndTRWdzh4Z0pNOUdZWVFhWUxsK0dwRmU1dkpwYm5IM0RhYVJrNTU5TmthVUR1Y0hqSFVDS3VkODdqZGYrMDhQclRaMnJ1alBqWGlYN3dqbTVNWWhVZnRDV2cySElIYWZoMmFqYzZaZ2FSMnNCSjhDN3VKTit1K2orN1VKaGZ6OHk2elBUV2k4TkxkMTBRPT0tLVlCRHFVRWs5SGc5RW1LUEpPd2FsQnc9PQ%3D%3D--939fbf2faa2a93f29df58ff9a668fc50b9d00ded
.linkedin.com/ Name: li_sugr
Value: fa0769b0-06d1-47e5-b334-5fbbceefda06
.linkedin.com/ Name: bcookie
Value: "v=2&6d70a8a6-b4b0-4133-8cd0-cd86d2bd1fa6"
.linkedin.com/ Name: lidc
Value: "b=OGST01:s=O:r=O:a=O:p=O:g=3105:u=1:x=1:i=1701094005:t=1701180405:v=2:sig=AQHX1q49f9o7KMVqyfeLYlep2jA2LdPW"
.linkedin.com/ Name: UserMatchHistory
Value: AQJ9cv0AKJJSMgAAAYwRGp03KSGKGT5DI9na63xTchy3ddnnKflVNTmSB9XZ62BPufGXdXRzQNRc1A
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQLWfurLTSKHUwAAAYwRGp031WY_dz2xQBrBlZAVeQYrp9iAr6xK2U_Za1qOAHg9SnqJ0-FxV9CS3-5ABFPLXQ
.www.linkedin.com/ Name: bscookie
Value: "v=1&20231127140646d6a28318-1afd-4b1f-8a34-bbe45f730111AQE8DibT53wLYNjDUZdKN_UJfTJXsJnw"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MDEwOTQwMDY7MjswMjFXwdiT745Yx34CwTY10pik7savt4JukVnAivsWicnwZA==
.design.fresha.com/ Name: _zh_session
Value: Z21NZXVNZVdZZ05UUWZrcVZjanllUm9DOC9oS21YSysrbU5DYzUydUJpRThVVlNMVG9WK2lyOU1MR0N6ODA0dHFCclFUZUI1WDdMamZhZG5YbUs4dmY1RVN6ZmEzWFR3ZjFoQmhrNndHMWpwR2Q5YUErSUpTQStVUWRQUzZYTHBqMnZ5S3pod1F1RkhKTWt0dllKMXV3PT0tLTB1MzZzQitYRzhWdWdJeWlXOFkvNmc9PQ%3D%3D--14c8f643685d3ebb0a0d3389407d69fe94602609

3 Console Messages

Source Level URL
Text
network error URL: https://fonts.googleapis.com/css2
Message:
Failed to load resource: the server responded with a status of 400 ()
deprecation warning URL: https://cdn.zeroheight.com/1.5.9.4607/app.js?version=1.5.9.4607(Line 1)
Message:
Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation warning URL: https://cdn.zeroheight.com/1.5.9.4607/app.js?version=1.5.9.4607(Line 1)
Message:
Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src https: 'self'; connect-src *.hotjar.com:* vc.hotjar.io:* surveystats.hotjar.io wss://*.hotjar.com wss://api.appcues.net:* https: 'self' wss://*.zeroheight.dev:* wss://replay.uxtweak.com:* *.google-analytics.com *.analytics.google.com *.googletagmanager.com; font-src 'self' data: script.hotjar.com https:; img-src 'self' https: data: blob: script.hotjar.com *.google-analytics.com *.googletagmanager.com; object-src 'none'; script-src 'self' https: js.stripe.c 'unsafe-eval' static.hotjar.com script.hotjar.com js.stripe.com maps.googleapis.com public.profitwell.com fast.appcues.com static.zdassets.com *.googletagmanager.com js.hs-scripts.com snap.licdn.com js.hs-banner.com js.hs-analytics.net js.hsforms.net js.usemessages.com js.hsadspixel.net cdn.amplitude.com www.google-analytics.com static.ads-twitter.com ethn.io *.ads.linkedin.com *.google.com *.facebook.net 'nonce-JKIlPe05Ithzj/ONR8mRs9q3CzUZmECZx+ftapKERWI=' 'unsafe-inline'; style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.zeroheight.com
cdn-static.fresha.com
cdn.zeroheight.com
design.fresha.com
ekr.zdassets.com
fast.appcues.com
fonts.googleapis.com
px.ads.linkedin.com
px4.ads.linkedin.com
sentry.io
snap.licdn.com
static.zdassets.com
www.linkedin.com
zeroheight.s3.eu-west-1.amazonaws.com
zeroheightsupport.zendesk.com
104.16.53.111
104.18.72.113
13.107.42.14
13.32.27.54
2600:9000:236e:ea00:6:85a:8c0:93a1
2620:1ec:21::14
2a00:1450:4001:82a::200a
2a02:26f0:480:f::213:7edd
2a04:4e42:600::622
35.186.247.156
52.92.35.138
54.195.237.234
54.229.135.139
63.33.17.94
00ce3cf487e823d14a89eab41ece2d3deadb0545ab404cacc2a22ecd796b04ae
01fe82d3df6d581626c2fe16a07aa7a45730c129072aa79ddce733e5e163c0fb
039e8e3b7f4b654f19ebd75c4fca71440bd6f0e614f6d422129cbc26a3434b78
10e88a70290cac831932a7d0e89c6f2e252133ccb7028fd1d3e2b5e061064ec6
26dc59909444bfa53f3bf11d38f9c0ee8b7cff86fa92761567a2c62cffb3b474
2ab6f2bec683a84bda77d65a4bd3ffc0c3b2da7e38905350317df99be1dd9a84
3d94835ab2a852468ac15cace920aa5aec4fd25734869739111f87b062dcd7b8
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4c816ff3c0b4a1867628d6a4d18bb4b46682cd5790b138c2b9d147da4e27685a
5b3086a886aa8649ecbf496ac913a1aa443926cd2fff610be2d136c9598bcd8b
5b403ce7b584ddf58909f31e37f0f23f99b0f183f8407277ac74ef1fa5e8330e
61cea4afc0a46c96ce6536b7cca7330c03c3252675d424a46f3abd35af708711
6282f891948662e2dc4dfc90fe9018ddd2bfadc2c3e6b7531f0a398362ce1065
654da56377a2ff75f0b3f891adf221dda88492d2215623dd3af3bf4fd30af339
6d3ea8f0b977f2398f0767dd22eb304987f51d9f471bff61cd8078fc85286264
82e2b6d5c5fd166fe43e391b49573acb05fbbc649d6ca5685e08d8b0a7a48e6d
92f9c5adcb1361309d91e0587b85b10fa3279396e9aa791f2759e7be5514c3eb
9d6bc673da8459803b24621dd2a278e425c6aca2b32490c46c20163b1849d6db
9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01
a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e
a55cdbdee33189e33d7d91aee0487d88a6d5ba6b4e457859bfe2239ce671565f
a7ca1cb79aab5e64134322235db28c9bc620ded4666b48f791b4a5ddef1bc59f
ba65a26a40a70473419f639afbbb8efb620fb84067694e01590f9652700837cc
ba8da408cdfb86612b0ea3efdad75249e47a37c2e07ccbbc29a42418686444f4
c2f5a697cf483b8a50b286ec9481c2767bcc448ad563047894e7e623de8049eb
c5147cf5352bb6f99d31467dfec38f9573476d093433cda65441668df8617bbc
c5806030a7bbf4291531b5267046ee57f3195691ce2bc7e3b0a6c28ae9a46aa3
cc3b4ffee8c8f1e62a17ebb1653ed2d9b98a86fd33fd0ad91c048df6cb2b257f
dfbee1df5fdfdfe4af07881090899e35d84128c90f7ad3a121b3b28c00e3c809
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f88f89a0cead9c36ddbe19508f32f64bd91e94e92b6006dd575e8d0deb317d7f
fc17e22241e51e856285975ce9316e8fb3262744d6716b0c5e4783170862d33c
ffa43f1835b27c152691725b9d05fdc75953226e5ef720eef0540856c6bfca17