urlscan.io logo urlscan.io
SecurityTrails logo

tulyskinandbody.com Open in urlscan Pro
172.67.136.139  Public Scan

Go To Rescan Add Verdict Report
URL: https://tulyskinandbody.com/
Submission: On December 05 via api from US — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 12 HTTP transactions. The main IP is 172.67.136.139, located in United States and belongs to CLOUDFLARENET, US. The main domain is tulyskinandbody.com.
TLS certificate: Issued by WE1 on December 3rd 2024. Valid for: 3 months.
This is the only time tulyskinandbody.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 172.67.136.139 13335 (CLOUDFLAR...)
6 18.173.205.91 16509 (AMAZON-02)
1 52.28.53.180 16509 (AMAZON-02)
1 142.250.185.100 15169 (GOOGLE)
1 52.28.218.5 16509 (AMAZON-02)
12 5
3    172.67.136.139 (United States)

ASN13335 (CLOUDFLARENET, US)
tulyskinandbody.com
6    18.173.205.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-205-91.fra56.r.cloudfront.net
static.salonized.com
1    52.28.53.180 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-53-180.eu-central-1.compute.amazonaws.com
widget.salonized.com
1    142.250.185.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f4.1e100.net
www.google.com
1    52.28.218.5 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-218-5.eu-central-1.compute.amazonaws.com
widget.salonized.com
Apex Domain
Subdomains		 Transfer
8 salonized.com
static.salonized.com — Cisco Umbrella Rank: 703179
widget.salonized.com — Cisco Umbrella Rank: 577722
894 KB
3 tulyskinandbody.com
tulyskinandbody.com
12 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 3
12 3
Domain Requested by
6 static.salonized.com tulyskinandbody.com
static.salonized.com
3 tulyskinandbody.com tulyskinandbody.com
2 widget.salonized.com tulyskinandbody.com
widget.salonized.com
1 www.google.com tulyskinandbody.com
12 4

This site contains links to these domains. Also see Links.

Domain
www.salonized.com
Subject Issuer Validity Valid
tulyskinandbody.com
WE1		 2024-12-03 -
2025-03-03		 3 months crt.sh
*.salonized.com
Amazon RSA 2048 M02		 2024-11-26 -
2025-12-25		 a year crt.sh
www.google.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://tulyskinandbody.com/
Frame ID: CB2042A704A294769A1BD50D3A2B9034
Requests: 10 HTTP requests in this frame

Frame: https://www.google.com/maps/embed/v1/place?q=%2C%2C&key=AIzaSyCfo9PDIIU8AE4VJH-H6DidUnwU6cU6Puw
Frame ID: 33F149A54EC5953F7B5F9344FFC2E67A
Requests: 1 HTTP requests in this frame

Frame: https://widget.salonized.com/button?color=%23FF6575&language=nl&name=booking
Frame ID: D99E881AFD21CF7CFB1B2B31C7438F0E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

TÚLY skin and body - Blaricum

Page Statistics

12
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

5
IPs

2
Countries

905 kB
Transfer

1449 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
tulyskinandbody.com/ 		16 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tulyskinandbody.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.136.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b70ad0f7af7749f403c71f0151797f8a51fc899b6d3c0c73dc87a3fecb26b74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8ed3328d3eb7f80d-DUS
content-encoding
zstd
content-type
text/html; charset=utf-8
date
Thu, 05 Dec 2024 10:01:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TPoj%2BkQUMZfw56vRv%2BdL0ya0t03PEg%2BVbmlqVf%2BJd0TWHk826KnGFxLJYC%2BJ1bnBRQJb%2ByhAD%2BaQGdNxUNuUG1nmlsIrDfUYFZZKTfyOYpq0o1%2BgPqn97RQQ4xGLWb2m7LxgF%2Btu"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=26290&min_rtt=18972&rtt_var=14911&sent=6&recv=8&lost=0&retrans=0&sent_bytes=3991&recv_bytes=2261&delivery_rate=203486&cwnd=254&unsent_bytes=0&cid=0ad8022f878469c6&ts=229&x=0"
vary
Origin
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-request-id
926347c0-a1ef-4eaf-ba41-6a46f86d4c81
x-runtime
0.045455
x-xss-protection
0
microsite-new-9c53955f054365dff933e154298be375d5f1970ba6f2bd7dca4010d97e6c5b58.css
static.salonized.com/assets/ 		105 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.salonized.com/assets/microsite-new-9c53955f054365dff933e154298be375d5f1970ba6f2bd7dca4010d97e6c5b58.css
Requested by
Host: tulyskinandbody.com
URL: https://tulyskinandbody.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-91.fra56.r.cloudfront.net
Software
/
Resource Hash
9c53955f054365dff933e154298be375d5f1970ba6f2bd7dca4010d97e6c5b58
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tulyskinandbody.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
age
19284
via
1.1 2148953aab7910c366395376a0db1450.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
12925
x-amz-cf-id
b9KbCcltu9mFux-s_ZeHVD7EvK0n9F7QElm3fS0aJiUI2JDKwGd_fg==
date
Thu, 05 Dec 2024 04:40:30 GMT
content-type
text/css
last-modified
Wed, 04 Dec 2024 08:46:06 GMT
vary
Accept-Encoding,Origin
x-amz-cf-pop
FRA56-P12
success-page-92327dabde7e503f550397c6ee0eca4551719251f305ce411ddff67e28755cf5.css
static.salonized.com/assets/ 		2 KB
971 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.salonized.com/assets/success-page-92327dabde7e503f550397c6ee0eca4551719251f305ce411ddff67e28755cf5.css
Requested by
Host: tulyskinandbody.com
URL: https://tulyskinandbody.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-91.fra56.r.cloudfront.net
Software
/
Resource Hash
92327dabde7e503f550397c6ee0eca4551719251f305ce411ddff67e28755cf5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tulyskinandbody.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
age
21931
via
1.1 2148953aab7910c366395376a0db1450.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
631
x-amz-cf-id
1oxROvXNzLggSXNUFnTtq56H0XUHH-lxAkx8Et0hxea9bSK3AgRs9g==
date
Thu, 05 Dec 2024 03:56:23 GMT
content-type
text/css
last-modified
Wed, 04 Dec 2024 08:46:05 GMT
vary
Accept-Encoding,Origin
x-amz-cf-pop
FRA56-P12
microsite-6e29b94a0290d1cd8ab47526f0c020ac6269d7826da6f39b8f00ee45d1be757d.js
static.salonized.com/assets/ 		569 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.salonized.com/assets/microsite-6e29b94a0290d1cd8ab47526f0c020ac6269d7826da6f39b8f00ee45d1be757d.js
Requested by
Host: tulyskinandbody.com
URL: https://tulyskinandbody.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-91.fra56.r.cloudfront.net
Software
/
Resource Hash
6e29b94a0290d1cd8ab47526f0c020ac6269d7826da6f39b8f00ee45d1be757d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tulyskinandbody.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
age
21945
via
1.1 2148953aab7910c366395376a0db1450.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
148140
x-amz-cf-id
2zuk47bVRhZUz8E1ayN3b8pvtDRNLjv1hhXXFelt-5DqodkIASpotA==
date
Thu, 05 Dec 2024 03:56:09 GMT
content-type
application/javascript
last-modified
Wed, 04 Dec 2024 08:50:45 GMT
vary
Accept-Encoding,Origin
x-amz-cf-pop
FRA56-P12
email-decode.min.js
tulyskinandbody.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tulyskinandbody.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: tulyskinandbody.com
URL: https://tulyskinandbody.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.136.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tulyskinandbody.com/

Response headers

x-frame-options
DENY
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"6740aa56-4d7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NXNJis2atlyRdeYl2O0Miul2nqm6IZWbhyvCzOBXrx7bOz7n6fQ%2B%2B9GSw%2F%2F%2Bb6jv4fl82BDgjF8yrUR1eaZHK1Rx5%2BZgyGCJ6Ck%2FzSiQI08jdlIDHg7a%2BJ86VR7hbnxi%2Fb1DTzQb"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8ed3328e5ac9f80d-DUS
expires
Sat, 07 Dec 2024 10:01:53 GMT
date
Thu, 05 Dec 2024 10:01:53 GMT
content-type
application/javascript
last-modified
Fri, 22 Nov 2024 15:59:18 GMT
server
cloudflare
vary
Accept-Encoding
loader.js
widget.salonized.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.salonized.com/loader.js
Requested by
Host: tulyskinandbody.com
URL: https://tulyskinandbody.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.53.180 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-53-180.eu-central-1.compute.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash
8a9eec07810561934f72a0a36212c03e3957fae056e86e561471ff8cc75a76c2
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.intercomcdn.com https://*.mixpanel.com; connect-src 'self' https://api.salonized.com https://unleash-edge.external.salonized.com *.salonized.com *.doubleclick.net https://browser-intake-datadoghq.eu *.browser-intake-datadoghq.eu *.logs.datadoghq.eu https://cdn.tiny.cloud https://player.vimeo.com https://*.intercom.io/ https://*.intercomcdn.com/ wss://*.intercom.io/ https://*.ingest.sentry.io https://api.cloudinary.com https://*.mixpanel.com https://*.google-analytics.com https://*.s3.amazonaws.com/ https://bam.eu01.nr-data.net https://api.stripe.com https://checkout.stripe.com https://*.google.com https://google.com; font-src 'self' data: *; frame-src 'self' *.salonized.com https://js.stripe.com/ https://hooks.stripe.com https://checkout.stripe.com https://intercom-sheets.com/ https://demodesk.com/ https://player.vimeo.com; img-src 'self' data: * https://*.stripe.com; manifest-src 'self' *.salonized.com; media-src 'self' https://js.intercomcdn.com/; object-src 'self'; script-src 'self' data: * blob: * 'unsafe-inline' 'unsafe-eval' *.salonized.com https://*.intercom.io https://js.intercomcdn.com/ www.googletagmanager.com static.intercomassets.com google-analytics.com https://js-agent.newrelic.com https://bam-cell.nr-data.net https://bam.nr-data.net https://js.stripe.com https://checkout.stripe.com https://www.datadoghq-browser-agent.com; style-src 'self' 'unsafe-inline' *.salonized.com https://cdn.tiny.cloud https://player.vimeo.com; worker-src 'self' blob: *.logs.datadoghq.com *.logs.datadoghq.eu;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tulyskinandbody.com/

Response headers

content-security-policy
default-src 'self' https://*.intercomcdn.com https://*.mixpanel.com; connect-src 'self' https://api.salonized.com https://unleash-edge.external.salonized.com *.salonized.com *.doubleclick.net https://browser-intake-datadoghq.eu *.browser-intake-datadoghq.eu *.logs.datadoghq.eu https://cdn.tiny.cloud https://player.vimeo.com https://*.intercom.io/ https://*.intercomcdn.com/ wss://*.intercom.io/ https://*.ingest.sentry.io https://api.cloudinary.com https://*.mixpanel.com https://*.google-analytics.com https://*.s3.amazonaws.com/ https://bam.eu01.nr-data.net https://api.stripe.com https://checkout.stripe.com https://*.google.com https://google.com; font-src 'self' data: *; frame-src 'self' *.salonized.com https://js.stripe.com/ https://hooks.stripe.com https://checkout.stripe.com https://intercom-sheets.com/ https://demodesk.com/ https://player.vimeo.com; img-src 'self' data: * https://*.stripe.com; manifest-src 'self' *.salonized.com; media-src 'self' https://js.intercomcdn.com/; object-src 'self'; script-src 'self' data: * blob: * 'unsafe-inline' 'unsafe-eval' *.salonized.com https://*.intercom.io https://js.intercomcdn.com/ www.googletagmanager.com static.intercomassets.com google-analytics.com https://js-agent.newrelic.com https://bam-cell.nr-data.net https://bam.nr-data.net https://js.stripe.com https://checkout.stripe.com https://www.datadoghq-browser-agent.com; style-src 'self' 'unsafe-inline' *.salonized.com https://cdn.tiny.cloud https://player.vimeo.com; worker-src 'self' blob: *.logs.datadoghq.com *.logs.datadoghq.eu;
content-encoding
gzip
etag
W/"674ec9e7-349d"
date
Thu, 05 Dec 2024 10:01:54 GMT
content-type
application/javascript
last-modified
Tue, 03 Dec 2024 09:05:43 GMT
server
nginx/1.21.4
vary
Accept-Encoding
place
www.google.com/maps/embed/v1/ Frame 33F1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/maps/embed/v1/place?q=%2C%2C&key=AIzaSyCfo9PDIIU8AE4VJH-H6DidUnwU6cU6Puw
Requested by
Host: tulyskinandbody.com
URL: https://tulyskinandbody.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f4.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tulyskinandbody.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
184
content-type
text/plain; charset=UTF-8
date
Thu, 05 Dec 2024 10:01:54 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
scaffolding on HTTPServer2
vary
Origin X-Origin Referer
x-content-type-options
nosniff
x-robots-tag
noindex,nofollow
x-xss-protection
0
microsite-header-950d07bd1a766efc533d303462b0574e3d71a314fb5b3b644c993002c410b8c1.jpg
static.salonized.com/assets/ 		646 KB
647 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.salonized.com/assets/microsite-header-950d07bd1a766efc533d303462b0574e3d71a314fb5b3b644c993002c410b8c1.jpg
Requested by
Host: tulyskinandbody.com
URL: https://tulyskinandbody.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-91.fra56.r.cloudfront.net
Software
/
Resource Hash
950d07bd1a766efc533d303462b0574e3d71a314fb5b3b644c993002c410b8c1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tulyskinandbody.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
age
18012
via
1.1 2148953aab7910c366395376a0db1450.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
661550
x-amz-cf-id
zlKgacL8NsDX6pm4xEEMJhN32L8K1cm-uxw1saV4p8lUkoFHQy2rqQ==
date
Thu, 05 Dec 2024 05:01:42 GMT
content-type
image/jpeg
last-modified
Wed, 04 Dec 2024 08:46:05 GMT
vary
Origin
x-amz-cf-pop
FRA56-P12
Eina02_Bold.otf
static.salonized.com/fonts/ 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.salonized.com/fonts/Eina02_Bold.otf
Requested by
Host: static.salonized.com
URL: https://static.salonized.com/assets/success-page-92327dabde7e503f550397c6ee0eca4551719251f305ce411ddff67e28755cf5.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-91.fra56.r.cloudfront.net
Software
/
Resource Hash
7fbdec712d9d02ed403b19845370cb8f94b410f78e4cbca343a8f9beb3b7d83a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://tulyskinandbody.com
Referer
https://static.salonized.com/assets/success-page-92327dabde7e503f550397c6ee0eca4551719251f305ce411ddff67e28755cf5.css

Response headers

access-control-max-age
3628800
access-control-expose-headers
Version, X-Reload, Content-Disposition, x-datadog-trace-id, x-datadog-parent-id, x-datadog-sampling-priority, x-datadog-origin, x-datadog-sampled
access-control-allow-methods
GET
x-cache
Miss from cloudfront
x-amz-cf-id
9rDfILOHIhT2H3OJIZH_GxonQ18YKEkZOncu9D1aV6qtt8uYmCXUZg==
date
Thu, 05 Dec 2024 10:01:54 GMT
content-type
application/vnd.oasis.opendocument.formula-template
last-modified
Wed, 04 Dec 2024 08:46:05 GMT
vary
Origin
access-control-allow-headers
x-requested-with
strict-transport-security
max-age=63072000; includeSubDomains
access-control-allow-credentials
true
via
1.1 6331d4bbb4ca00ba6bb24a0730ab986c.cloudfront.net (CloudFront)
access-control-allow-origin
*
content-length
41596
x-amz-cf-pop
FRA56-P12
Eina02_Regular.otf
static.salonized.com/fonts/ 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.salonized.com/fonts/Eina02_Regular.otf
Requested by
Host: static.salonized.com
URL: https://static.salonized.com/assets/success-page-92327dabde7e503f550397c6ee0eca4551719251f305ce411ddff67e28755cf5.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-91.fra56.r.cloudfront.net
Software
/
Resource Hash
7a242ec25e9621ba1c1c7bfbf372e3e98ac4b65b9f6da7e1a0c497d271dd923c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://tulyskinandbody.com
Referer
https://static.salonized.com/assets/success-page-92327dabde7e503f550397c6ee0eca4551719251f305ce411ddff67e28755cf5.css

Response headers

access-control-max-age
3628800
access-control-expose-headers
Version, X-Reload, Content-Disposition, x-datadog-trace-id, x-datadog-parent-id, x-datadog-sampling-priority, x-datadog-origin, x-datadog-sampled
access-control-allow-methods
GET
x-cache
Miss from cloudfront
x-amz-cf-id
1l_6SxLgTksrR8H0F_TXS-XqXrgukdmueqbbCq9S6wbAmPAHy8V-Jg==
date
Thu, 05 Dec 2024 10:01:54 GMT
content-type
application/vnd.oasis.opendocument.formula-template
last-modified
Wed, 04 Dec 2024 08:46:05 GMT
vary
Origin
access-control-allow-headers
x-requested-with
strict-transport-security
max-age=63072000; includeSubDomains
access-control-allow-credentials
true
via
1.1 6331d4bbb4ca00ba6bb24a0730ab986c.cloudfront.net (CloudFront)
access-control-allow-origin
*
content-length
41772
x-amz-cf-pop
FRA56-P12
button
widget.salonized.com/ Frame D99E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.salonized.com/button?color=%23FF6575&language=nl&name=booking
Requested by
Host: widget.salonized.com
URL: https://widget.salonized.com/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.218.5 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-218-5.eu-central-1.compute.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.intercomcdn.com https://*.mixpanel.com; connect-src 'self' https://api.salonized.com https://unleash-edge.external.salonized.com *.salonized.com *.doubleclick.net https://browser-intake-datadoghq.eu *.browser-intake-datadoghq.eu *.logs.datadoghq.eu https://cdn.tiny.cloud https://player.vimeo.com https://*.intercom.io/ https://*.intercomcdn.com/ wss://*.intercom.io/ https://*.ingest.sentry.io https://api.cloudinary.com https://*.mixpanel.com https://*.google-analytics.com https://*.s3.amazonaws.com/ https://bam.eu01.nr-data.net https://api.stripe.com https://checkout.stripe.com https://*.google.com https://google.com; font-src 'self' data: *; frame-src 'self' *.salonized.com https://js.stripe.com/ https://hooks.stripe.com https://checkout.stripe.com https://intercom-sheets.com/ https://demodesk.com/ https://player.vimeo.com; img-src 'self' data: * https://*.stripe.com; manifest-src 'self' *.salonized.com; media-src 'self' https://js.intercomcdn.com/; object-src 'self'; script-src 'self' data: * blob: * 'unsafe-inline' 'unsafe-eval' *.salonized.com https://*.intercom.io https://js.intercomcdn.com/ www.googletagmanager.com static.intercomassets.com google-analytics.com https://js-agent.newrelic.com https://bam-cell.nr-data.net https://bam.nr-data.net https://js.stripe.com https://checkout.stripe.com https://www.datadoghq-browser-agent.com; style-src 'self' 'unsafe-inline' *.salonized.com https://cdn.tiny.cloud https://player.vimeo.com; worker-src 'self' blob: *.logs.datadoghq.com *.logs.datadoghq.eu;

Request headers

Referer
https://tulyskinandbody.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-security-policy
default-src 'self' https://*.intercomcdn.com https://*.mixpanel.com; connect-src 'self' https://api.salonized.com https://unleash-edge.external.salonized.com *.salonized.com *.doubleclick.net https://browser-intake-datadoghq.eu *.browser-intake-datadoghq.eu *.logs.datadoghq.eu https://cdn.tiny.cloud https://player.vimeo.com https://*.intercom.io/ https://*.intercomcdn.com/ wss://*.intercom.io/ https://*.ingest.sentry.io https://api.cloudinary.com https://*.mixpanel.com https://*.google-analytics.com https://*.s3.amazonaws.com/ https://bam.eu01.nr-data.net https://api.stripe.com https://checkout.stripe.com https://*.google.com https://google.com; font-src 'self' data: *; frame-src 'self' *.salonized.com https://js.stripe.com/ https://hooks.stripe.com https://checkout.stripe.com https://intercom-sheets.com/ https://demodesk.com/ https://player.vimeo.com; img-src 'self' data: * https://*.stripe.com; manifest-src 'self' *.salonized.com; media-src 'self' https://js.intercomcdn.com/; object-src 'self'; script-src 'self' data: * blob: * 'unsafe-inline' 'unsafe-eval' *.salonized.com https://*.intercom.io https://js.intercomcdn.com/ www.googletagmanager.com static.intercomassets.com google-analytics.com https://js-agent.newrelic.com https://bam-cell.nr-data.net https://bam.nr-data.net https://js.stripe.com https://checkout.stripe.com https://www.datadoghq-browser-agent.com; style-src 'self' 'unsafe-inline' *.salonized.com https://cdn.tiny.cloud https://player.vimeo.com; worker-src 'self' blob: *.logs.datadoghq.com *.logs.datadoghq.eu;
content-type
text/html
date
Thu, 05 Dec 2024 10:01:54 GMT
etag
W/"674ec9e7-e94"
last-modified
Tue, 03 Dec 2024 09:05:43 GMT
server
nginx/1.21.4
vary
Accept-Encoding
favicon.ico
tulyskinandbody.com/ 		15 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://tulyskinandbody.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.136.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb8567b9ab721cda417c7616b65768635f528751375dc961eae346c7c58eeca2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tulyskinandbody.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ldmk9HTyBT8FSDisnzO82lLNcgK8%2BCqJzxz%2FZRPE2OmrFXmig0xSnAQkjfIIWrNew7VBMIf2dqXJs6TvcfDvUCBTNZSBiXp1SFmJzaOlwZTioKxTcw5v%2BE877N6%2B2xU%2BWd59cAtB"}],"group":"cf-nel","max_age":604800}
cf-ray
8ed332967944f80d-DUS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=24055&min_rtt=17538&rtt_var=3232&sent=22&recv=21&lost=0&retrans=0&sent_bytes=12488&recv_bytes=2562&delivery_rate=433407&cwnd=257&unsent_bytes=0&cid=0ad8022f878469c6&ts=1658&x=0"
date
Thu, 05 Dec 2024 10:01:55 GMT
content-type
image/vnd.microsoft.icon
last-modified
Wed, 04 Dec 2024 08:46:05 GMT
vary
Origin, Accept-Encoding
server
cloudflare

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| ContentSizeObserver function| $ function| jQuery object| jQuery1113012565409630026547 function| dependencyLib function| Inputmask object| intlTelInputGlobals function| intlTelInput object| Salonized string| widgetUrl string| buttonUrl object| szBooking

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 0