urlscan.io logo urlscan.io
SecurityTrails logo

spg.tayo.cloud Open in urlscan Pro
2606:4700:20::ac43:49fc  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://spg.tayo.cloud/
Effective URL: https://spg.tayo.cloud/
Submission: On December 20 via manual from CH — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 12 domains to perform 25 HTTP transactions. The main IP is 2606:4700:20::ac43:49fc, located in United States and belongs to CLOUDFLARENET, US. The main domain is spg.tayo.cloud.
TLS certificate: Issued by WE1 on December 18th 2024. Valid for: 3 months.
This is the only time spg.tayo.cloud was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

6    2606:4700:20::ac43:49fc (United States)

ASN13335 (CLOUDFLARENET, US)
spg.tayo.cloud
1    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)
fastly.jsdelivr.net
3    2606:4700::6811:f7cb (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    142.250.186.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f4.1e100.net
www.google.com
3    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:2646:6200:3:a062:89c0:21 (United States)

ASN16509 (AMAZON-02, US)
d2fa3djn9x2ko7.cloudfront.net
2    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net
fonts.gstatic.com
2    3.5.54.35 (Zurich, Switzerland)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.eu-central-2.amazonaws.com
tayo-cloud-app.s3.eu-central-2.amazonaws.com
1    108.138.7.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-72.fra56.r.cloudfront.net
zkzjhn2xqyxv.statuspage.io
Apex Domain
Subdomains		 Transfer
6 tayo.cloud
spg.tayo.cloud
188 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
region1.google-analytics.com — Cisco Umbrella Rank: 3353
22 KB
3 gstatic.com
www.gstatic.com
fonts.gstatic.com
362 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
276 KB
3 unpkg.com
unpkg.com — Cisco Umbrella Rank: 740
234 KB
2 amazonaws.com
tayo-cloud-app.s3.eu-central-2.amazonaws.com
2 MB
1 statuspage.io
zkzjhn2xqyxv.statuspage.io
2 KB
1 cloudfront.net
d2fa3djn9x2ko7.cloudfront.net
8 MB
1 google.com
www.google.com — Cisco Umbrella Rank: 3
995 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
37 KB
1 jsdelivr.net
fastly.jsdelivr.net — Cisco Umbrella Rank: 50945
51 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
25 12
Domain Requested by
6 spg.tayo.cloud 2 redirects d2fa3djn9x2ko7.cloudfront.net
3 region1.google-analytics.com www.googletagmanager.com
3 www.googletagmanager.com spg.tayo.cloud
www.googletagmanager.com
3 unpkg.com 1 redirects spg.tayo.cloud
2 tayo-cloud-app.s3.eu-central-2.amazonaws.com
2 fonts.gstatic.com fonts.googleapis.com
2 www.google-analytics.com spg.tayo.cloud
www.google-analytics.com
1 zkzjhn2xqyxv.statuspage.io d2fa3djn9x2ko7.cloudfront.net
1 www.gstatic.com www.google.com
1 d2fa3djn9x2ko7.cloudfront.net spg.tayo.cloud
1 www.google.com spg.tayo.cloud
1 cdnjs.cloudflare.com spg.tayo.cloud
1 fastly.jsdelivr.net spg.tayo.cloud
1 fonts.googleapis.com spg.tayo.cloud
25 14

This site contains links to these domains. Also see Links.

Domain
youtu.be
tayo-software.com
Subject Issuer Validity Valid
tayo.cloud
WE1		 2024-12-18 -
2025-03-18		 3 months crt.sh
upload.video.google.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3		 2024-07-30 -
2025-08-31		 a year crt.sh
unpkg.com
WE1		 2024-12-12 -
2025-03-12		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-11-26 -
2025-02-24		 3 months crt.sh
*.google.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.google-analytics.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
*.gstatic.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.statuspage.io
Amazon RSA 2048 M02		 2024-09-18 -
2025-10-18		 a year crt.sh

This page contains 1 frames:

Primary Page: https://spg.tayo.cloud/
Frame ID: 0B2BDAD6C49CC257443A6408A4D73247
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

SPG myHome - Accueil

Page URL History Show full URLs

  1. http://spg.tayo.cloud/ HTTP 307
    https://spg.tayo.cloud/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

25
Requests

88 %
HTTPS

64 %
IPv6

12
Domains

14
Subdomains

14
IPs

4
Countries

11447 kB
Transfer

13578 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://spg.tayo.cloud/ HTTP 307
    https://spg.tayo.cloud/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js HTTP 302
  • https://unpkg.com/@lottiefiles/lottie-player@2.0.12/dist/lottie-player.js
Request Chain 19
  • https://spg.tayo.cloud/instances/34/public/theme/2922945_66041b5a045fd3.56660575_SPG-Logo-RVB.png HTTP 302
  • https://tayo-cloud-app.s3.eu-central-2.amazonaws.com/instances/34/public/theme/2922945_66041b5a045fd3.56660575_SPG-Logo-RVB.png?response-content-disposition=attachment&X-Amz-Content-Sha256=UNSIGNED-PAYLOAD&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAJRPO3A3HRSCWLFDQ%2F20241220%2Feu-central-2%2Fs3%2Faws4_request&X-Amz-Date=20241220T142411Z&X-Amz-SignedHeaders=host&X-Amz-Expires=300&X-Amz-Signature=5333bfb391989ea73cc4edc5fd29ec5fcdfb2e916bf1dd962c526ce216771002
Request Chain 20
  • https://spg.tayo.cloud/instances/34/public/theme/2264741_646e44ef0f9f77.45070277_page_d-accueil_1500x1500.png HTTP 302
  • https://tayo-cloud-app.s3.eu-central-2.amazonaws.com/instances/34/public/theme/2264741_646e44ef0f9f77.45070277_page_d-accueil_1500x1500.png?response-content-disposition=attachment&X-Amz-Content-Sha256=UNSIGNED-PAYLOAD&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAJRPO3A3HRSCWLFDQ%2F20241220%2Feu-central-2%2Fs3%2Faws4_request&X-Amz-Date=20241220T142412Z&X-Amz-SignedHeaders=host&X-Amz-Expires=300&X-Amz-Signature=95e6feb76095ed0a05bd0d156e41545e3376f214c3aa7bac34827b1e2891b959

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
spg.tayo.cloud/
Redirect Chain
  • http://spg.tayo.cloud/
  • https://spg.tayo.cloud/
5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spg.tayo.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26de8af48081b3a3e3105595c77701aa9c3c712888c5f5d5a4ca88898daf1908
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: 'self'; img-src https: data: blob: *; media-src *; font-src 'self' fonts.gstatic.com cdn.jsdelivr.net fastly.jsdelivr.net; connect-src 'self' blob: https: ws: wss: *.google-analytics.com *.pusher.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.jsdelivr.net fastly.jsdelivr.net cdnjs.cloudflare.com *.cloudfront.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com *.googletagmanager.com *.google.com *.gstatic.com *.pusher.com unpkg.com cdnjs.cloudflare.com mozilla.github.io *.cloudfront.net *.newrelic.com *.nr-data.net cdn.jsdelivr.net fastly.jsdelivr.net *.statuspage.io; frame-src 'self' *.google.com *.youtube.com *.geo.admin.ch *.quicksight.aws.amazon.com; worker-src 'self' blob: cdn.jsdelivr.net fastly.jsdelivr.net; frame-ancestors 'self' *.immob10.ch *.allthings.me;
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN ALLOW-FROM 'self' *.immob10.ch *.allthings.me
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
8f504b4cac9b2c3d-FRA
content-encoding
br
content-security-policy
default-src 'self' blob: 'self'; img-src https: data: blob: *; media-src *; font-src 'self' fonts.gstatic.com cdn.jsdelivr.net fastly.jsdelivr.net; connect-src 'self' blob: https: ws: wss: *.google-analytics.com *.pusher.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.jsdelivr.net fastly.jsdelivr.net cdnjs.cloudflare.com *.cloudfront.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com *.googletagmanager.com *.google.com *.gstatic.com *.pusher.com unpkg.com cdnjs.cloudflare.com mozilla.github.io *.cloudfront.net *.newrelic.com *.nr-data.net cdn.jsdelivr.net fastly.jsdelivr.net *.statuspage.io; frame-src 'self' *.google.com *.youtube.com *.geo.admin.ch *.quicksight.aws.amazon.com; worker-src 'self' blob: cdn.jsdelivr.net fastly.jsdelivr.net; frame-ancestors 'self' *.immob10.ch *.allthings.me;
content-type
text/html; charset=UTF-8
date
Fri, 20 Dec 2024 14:24:07 GMT
feature-policy
camera 'self'; fullscreen 'self'; geolocation 'self'; sync-xhr *;
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6dyHQOK9KIdsmtCKoOpWBy93JQUztTcUcNScXbuWDNCzeIFWcWdIzDVcvkwRX%2BtzSzbtKAuNdutlH6J6yWVdV9iJF6Xx6o%2FyMyNirB3P5xyGFvFW3H6%2BaglLzE8n11USDR1uvvSw8Nett8QW"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=31635&min_rtt=28735&rtt_var=8177&sent=6&recv=11&lost=0&retrans=0&sent_bytes=3987&recv_bytes=2347&delivery_rate=135151&cwnd=80&unsent_bytes=0&cid=21be936d4d199dc4&ts=98&x=0"
strict-transport-security
max-age=0; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff nosniff
x-frame-options
SAMEORIGIN ALLOW-FROM 'self' *.immob10.ch *.allthings.me
x-xss-protection
1; mode=block 1; mode=block

Redirect headers

Location
https://spg.tayo.cloud/
Non-Authoritative-Reason
HttpsUpgrades
css
fonts.googleapis.com/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans|Material+Icons
Requested by
Host: spg.tayo.cloud
URL: https://spg.tayo.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a00e7be36bdfaf61f746c53910061e071ff151ce12ea4bc4c72f9728a370a76a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 20 Dec 2024 14:24:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 14:24:07 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 20 Dec 2024 14:24:07 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
materialdesignicons.min.css
fastly.jsdelivr.net/npm/@mdi/font@latest/css/ 		339 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fastly.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css
Requested by
Host: spg.tayo.cloud
URL: https://spg.tayo.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
03fe3caba05e65b14e4035139eee89b12be87cd0bcf342ac3886770eec3a9962
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"54a02-OVjZUfBzAil15Q3gxxGhe/obcD8"
age
4507
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Fri, 20 Dec 2024 14:24:07 GMT
content-type
text/css; charset=utf-8
x-served-by
cache-fra-etou8220021-FRA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
51594
x-jsd-version
7.4.47
pdf.min.js
unpkg.com/pdfjs-dist@3.11.174/build/ 		313 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/pdfjs-dist@3.11.174/build/pdf.min.js
Requested by
Host: spg.tayo.cloud
URL: https://spg.tayo.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f7cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b5799e6f8c680663207ac5b42ee14eed2a406fa7af48f50c154f0c0b1566946
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
cf-cache-status
HIT
etag
"4e204-pGQaJibzltAnJJjoh+oJ5NAT5JM"
age
4528909
x-content-type-options
nosniff
date
Fri, 20 Dec 2024 14:24:07 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01JBB854KRKZZARJ0DBKMT7MHK-fra
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
8f504b4e0f9d367d-FRA
access-control-allow-origin
*
server
cloudflare
html2canvas.min.js
cdnjs.cloudflare.com/ajax/libs/html2canvas/1.4.1/ 		194 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/html2canvas/1.4.1/html2canvas.min.js
Requested by
Host: spg.tayo.cloud
URL: https://spg.tayo.cloud/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e87e550794322e574a1fda0c1549a3c70dae5a93d9113417a429016838eab8cb
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"61ec4640-92fd"
age
66857
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l3acY%2BCsjIHBghmOStv%2Bm7uRMwZhUBhU%2FKTq97GB%2F8p0yrSVdCfr2tNL9L%2BPjv5yPxzMTf7ecb5GWRV0rU8OrQPknVF5KQDk%2BQWGMs2h0SI9puO6v%2FqUQGEwo1KAfg9kQjm3JfMl"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 14:24:07 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Fri, 20 Dec 2024 14:24:07 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 22 Jan 2022 18:00:32 GMT
vary
Accept-Encoding
priority
u=1,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8f504b4dc88d233d-ZRH
accept-ranges
bytes
access-control-allow-origin
*
content-length
37629
server
cloudflare
api.js
www.google.com/recaptcha/ 		1 KB
995 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=vueRecaptchaApiLoaded&render=explicit
Requested by
Host: spg.tayo.cloud
URL: https://spg.tayo.cloud/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f4.1e100.net
Software
ESF /
Resource Hash
500a2afe5da8ea71181d5d9a3b7d684489b2c9c78fba641770157bb6d80eb5c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Fri, 20 Dec 2024 14:24:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Fri, 20 Dec 2024 14:24:07 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
js
www.googletagmanager.com/gtag/ 		295 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-L2HP3TTLNP
Requested by
Host: spg.tayo.cloud
URL: https://spg.tayo.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
269842da37d5924456c06b8dd74354c9c30a165faab65aa0f665a2235a899999
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 20 Dec 2024 14:24:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 14:24:07 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
103552
x-xss-protection
0
server
Google Tag Manager
app.js
d2fa3djn9x2ko7.cloudfront.net/app/js/ 		8 MB
8 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2fa3djn9x2ko7.cloudfront.net/app/js/app.js?id=0dc374f7872441cd131a5b2330214ca7
Requested by
Host: spg.tayo.cloud
URL: https://spg.tayo.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2646:6200:3:a062:89c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5fb10e570b44eab8e74e4906e0c8f100bcabba0ab98a816486830590c7c05bbf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

etag
"2ea0c4728f232b4f24f537c2b0e66331-2"
via
1.1 f192553c835240a9b5df520fb7ffd876.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Miss from cloudfront
content-length
8151099
x-amz-cf-id
_X6Ikmmd3emlEcc0bao81nUW99r6AOIX7Yjso9_kmTA3oXCsu1Exsw==
date
Fri, 20 Dec 2024 14:24:08 GMT
content-type
application/javascript
last-modified
Fri, 20 Dec 2024 11:15:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P5
x-amz-server-side-encryption
AES256
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: spg.tayo.cloud
URL: https://spg.tayo.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
age
6162
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Fri, 20 Dec 2024 14:41:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 12:41:25 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
gtm.js
www.googletagmanager.com/ 		206 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NGRS343
Requested by
Host: spg.tayo.cloud
URL: https://spg.tayo.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c1bbd0fe97b71a55f4ab66ab7e38c042ae2bdf5f001d8abeb7c9aaf4078ea026
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Fri, 20 Dec 2024 14:24:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 14:24:07 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 20 Dec 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
74454
x-xss-protection
0
server
Google Tag Manager
lottie-player.js
unpkg.com/@lottiefiles/lottie-player@2.0.12/dist/
Redirect Chain
  • https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js
  • https://unpkg.com/@lottiefiles/lottie-player@2.0.12/dist/lottie-player.js
375 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/@lottiefiles/lottie-player@2.0.12/dist/lottie-player.js
Requested by
Host: spg.tayo.cloud
URL: https://spg.tayo.cloud/
Protocol
H2
Server
2606:4700::6811:f7cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b396c6847f916f93b353dddc9245b056ad900d115cfb589e7909ba996eaf70af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
cf-cache-status
HIT
etag
"5dbed-iuWY+SuF72GOkOASnVf7lMj2w7g"
age
1671310
x-content-type-options
nosniff
date
Fri, 20 Dec 2024 14:24:07 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01JE0DC8SEP0H4P7RMEDBT67ES-fra
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
8f504b4f2893367d-FRA
access-control-allow-origin
*
server
cloudflare

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, s-maxage=600, max-age=60
location
/@lottiefiles/lottie-player@2.0.12/dist/lottie-player.js
content-encoding
br
cf-cache-status
HIT
age
9
x-content-type-options
nosniff
via
1.1 fly.io
cf-ray
8f504b4ed85a367d-FRA
access-control-allow-origin
*
date
Fri, 20 Dec 2024 14:24:07 GMT
content-type
text/plain; charset=utf-8
vary
Accept, Accept-Encoding
fly-request-id
01JFJ78A3QCJVVG6S3JJKYVCM7-fra
server
cloudflare
recaptcha__de_ch.js
www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/ 		549 KB
218 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__de_ch.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=vueRecaptchaApiLoaded&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05a0db63e5a369d2e0d5ca2e48ded24f591f792362904f5b94ae1f73122453a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://spg.tayo.cloud
Referer

Response headers

content-encoding
gzip
age
187735
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Thu, 18 Dec 2025 10:15:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 10:15:12 GMT
last-modified
Tue, 10 Dec 2024 23:05:10 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
222489
x-xss-protection
0
server
sffe
collect
www.google-analytics.com/j/ 		3 B
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1815265716&t=pageview&_s=1&dl=https%3A%2F%2Fspg.tayo.cloud%2F&ul=de-ch&de=UTF-8&dt=Tayo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1654621127&gjid=420315695&cid=1600909905.1734704648&tid=UA-106097690-1&_gid=1775004223.1734704648&_r=1&_slc=1&z=1706974864
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 14:24:07 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://spg.tayo.cloud
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
3
server
Golfe2
js
www.googletagmanager.com/gtag/ 		295 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-L2HP3TTLNP&l=dataLayer&cx=c&gtm=45He4cc1v835028260za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NGRS343
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a68660a993029b524836d82a4c8fd62a88b9b2bac9d07f69fcf54c0b4a6ec056
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 20 Dec 2024 14:24:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 14:24:08 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
103676
x-xss-protection
0
server
Google Tag Manager
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-L2HP3TTLNP&gtm=45je4cc1v873096671z8835028260za200zb835028260&_p=1734704647476&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1600909905.1734704648&ul=de-ch&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1734704648&sct=1&seg=0&dl=https%3A%2F%2Fspg.tayo.cloud%2F&dt=Tayo&en=page_view&_fv=1&_ss=1&tfd=1015
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L2HP3TTLNP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://spg.tayo.cloud
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 14:24:08 GMT
content-type
text/plain
server
Golfe2
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-L2HP3TTLNP&gtm=45je4cc1v873096671za200zb835028260&_p=1734704647476&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1600909905.1734704648&ul=de-ch&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAC&_s=2&sid=1734704648&sct=1&seg=1&dl=https%3A%2F%2Fspg.tayo.cloud%2F&dt=Tayo&en=page_view&_ee=1&_et=2&tfd=1019
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L2HP3TTLNP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://spg.tayo.cloud
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 14:24:08 GMT
content-type
text/plain
server
Golfe2
app
spg.tayo.cloud/api/v1/public/ 		500 KB
145 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://spg.tayo.cloud/api/v1/public/app
Requested by
Host: d2fa3djn9x2ko7.cloudfront.net
URL: https://d2fa3djn9x2ko7.cloudfront.net/app/js/app.js?id=0dc374f7872441cd131a5b2330214ca7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8057a47f11040c0a6b621b925009457370d9605f86c870801ef4b96ea713b20b
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: 'self'; img-src https: data: blob: *; media-src *; font-src 'self' fonts.gstatic.com cdn.jsdelivr.net fastly.jsdelivr.net; connect-src 'self' blob: https: ws: wss: *.google-analytics.com *.pusher.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.jsdelivr.net fastly.jsdelivr.net cdnjs.cloudflare.com *.cloudfront.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com *.googletagmanager.com *.google.com *.gstatic.com *.pusher.com unpkg.com cdnjs.cloudflare.com mozilla.github.io *.cloudfront.net *.newrelic.com *.nr-data.net cdn.jsdelivr.net fastly.jsdelivr.net *.statuspage.io; frame-src 'self' *.google.com *.youtube.com *.geo.admin.ch *.quicksight.aws.amazon.com; worker-src 'self' blob: cdn.jsdelivr.net fastly.jsdelivr.net; frame-ancestors 'self' *.immob10.ch *.allthings.me;
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, ALLOW-FROM 'self' *.immob10.ch *.allthings.me
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://spg.tayo.cloud/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vC%2B8zAAFsviclQrUyxorltIagq30L0Ll1wOTJ%2B8RDpgcX7WI%2FEdd6qTtoX1Nm8rRAzGOV0w29lGQ0c9Yi9ucUXPblAZeJ3VpMwgm4Vs5hQSATI6zP0SejtxVSBBEcz80smNx47VFDiUmsx8O"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff, nosniff
server-timing
cfL4;desc="?proto=TCP&rtt=34272&min_rtt=28735&rtt_var=7400&sent=22&recv=17&lost=0&retrans=0&sent_bytes=11749&recv_bytes=2913&delivery_rate=225716&cwnd=84&unsent_bytes=0&cid=21be936d4d199dc4&ts=4582&x=0"
date
Fri, 20 Dec 2024 14:24:11 GMT
content-type
application/json
feature-policy
camera 'self'; fullscreen 'self'; geolocation 'self'; sync-xhr *;
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, ALLOW-FROM 'self' *.immob10.ch *.allthings.me
strict-transport-security
max-age=0; includeSubDomains; preload
content-security-policy
default-src 'self' blob: 'self'; img-src https: data: blob: *; media-src *; font-src 'self' fonts.gstatic.com cdn.jsdelivr.net fastly.jsdelivr.net; connect-src 'self' blob: https: ws: wss: *.google-analytics.com *.pusher.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.jsdelivr.net fastly.jsdelivr.net cdnjs.cloudflare.com *.cloudfront.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com *.googletagmanager.com *.google.com *.gstatic.com *.pusher.com unpkg.com cdnjs.cloudflare.com mozilla.github.io *.cloudfront.net *.newrelic.com *.nr-data.net cdn.jsdelivr.net fastly.jsdelivr.net *.statuspage.io; frame-src 'self' *.google.com *.youtube.com *.geo.admin.ch *.quicksight.aws.amazon.com; worker-src 'self' blob: cdn.jsdelivr.net fastly.jsdelivr.net; frame-ancestors 'self' *.immob10.ch *.allthings.me;
cache-control
no-cache, private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
x-ratelimit-remaining
99
cf-ray
8f504b681a242c3d-FRA
x-xss-protection
1; mode=block, 1; mode=block
x-ratelimit-limit
100
server
cloudflare
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans|Material+Icons
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://spg.tayo.cloud
Referer
https://fonts.googleapis.com/

Response headers

age
277615
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 17 Dec 2025 09:17:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 09:17:16 GMT
last-modified
Thu, 14 Dec 2023 02:00:39 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18668
x-xss-protection
0
server
sffe
favicon
spg.tayo.cloud/ 		31 KB
33 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://spg.tayo.cloud/favicon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42374fb42dab1303e9186258bb4435e3774e9eb694624334e00abd512d833bfa
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: 'self'; img-src https: data: blob: *; media-src *; font-src 'self' fonts.gstatic.com cdn.jsdelivr.net fastly.jsdelivr.net; connect-src 'self' blob: https: ws: wss: *.google-analytics.com *.pusher.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.jsdelivr.net fastly.jsdelivr.net cdnjs.cloudflare.com *.cloudfront.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com *.googletagmanager.com *.google.com *.gstatic.com *.pusher.com unpkg.com cdnjs.cloudflare.com mozilla.github.io *.cloudfront.net *.newrelic.com *.nr-data.net cdn.jsdelivr.net fastly.jsdelivr.net *.statuspage.io; frame-src 'self' *.google.com *.youtube.com *.geo.admin.ch *.quicksight.aws.amazon.com; worker-src 'self' blob: cdn.jsdelivr.net fastly.jsdelivr.net; frame-ancestors 'self' *.immob10.ch *.allthings.me;
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, ALLOW-FROM 'self' *.immob10.ch *.allthings.me
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://spg.tayo.cloud/

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0RIbvPjPa3Dr8AmrQBt%2BohU0zeHKH1fk%2FED4iuBoFc5LftdMuUyyF1wPD%2BXDgUVlUqgu1DrpnVxnre8hTVyZDCGA3xytLbhclTiIi1Lh5ik8%2BVWrqFTJaLCWRWE%2FOm5yPIXzHwvYS151XWTF"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff, nosniff
server-timing
cfL4;desc="?proto=TCP&rtt=32953&min_rtt=28735&rtt_var=1239&sent=123&recv=44&lost=0&retrans=0&sent_bytes=130272&recv_bytes=2913&delivery_rate=1029586&cwnd=84&unsent_bytes=9079&cid=21be936d4d199dc4&ts=4633&x=0"
date
Fri, 20 Dec 2024 14:24:11 GMT
content-type
image/png
feature-policy
camera 'self'; fullscreen 'self'; geolocation 'self'; sync-xhr *;
x-frame-options
SAMEORIGIN, ALLOW-FROM 'self' *.immob10.ch *.allthings.me
strict-transport-security
max-age=0; includeSubDomains; preload
content-security-policy
default-src 'self' blob: 'self'; img-src https: data: blob: *; media-src *; font-src 'self' fonts.gstatic.com cdn.jsdelivr.net fastly.jsdelivr.net; connect-src 'self' blob: https: ws: wss: *.google-analytics.com *.pusher.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.jsdelivr.net fastly.jsdelivr.net cdnjs.cloudflare.com *.cloudfront.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com *.googletagmanager.com *.google.com *.gstatic.com *.pusher.com unpkg.com cdnjs.cloudflare.com mozilla.github.io *.cloudfront.net *.newrelic.com *.nr-data.net cdn.jsdelivr.net fastly.jsdelivr.net *.statuspage.io; frame-src 'self' *.google.com *.youtube.com *.geo.admin.ch *.quicksight.aws.amazon.com; worker-src 'self' blob: cdn.jsdelivr.net fastly.jsdelivr.net; frame-ancestors 'self' *.immob10.ch *.allthings.me;
cache-control
no-cache, private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
cf-ray
8f504b68ba852c3d-FRA
x-xss-protection
1; mode=block, 1; mode=block
server
cloudflare
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 		125 KB
125 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans|Material+Icons
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://spg.tayo.cloud
Referer
https://fonts.googleapis.com/

Response headers

age
169446
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 18 Dec 2025 15:20:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 15:20:05 GMT
last-modified
Mon, 08 Apr 2024 19:04:47 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
128352
x-xss-protection
0
server
sffe
2922945_66041b5a045fd3.56660575_SPG-Logo-RVB.png
tayo-cloud-app.s3.eu-central-2.amazonaws.com/instances/34/public/theme/
Redirect Chain
  • https://spg.tayo.cloud/instances/34/public/theme/2922945_66041b5a045fd3.56660575_SPG-Logo-RVB.png
  • https://tayo-cloud-app.s3.eu-central-2.amazonaws.com/instances/34/public/theme/2922945_66041b5a045fd3.56660575_SPG-Logo-RVB.png?response-content-disposition=attachment&X-Amz-Content-Sha256=UNSIGNED...
31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tayo-cloud-app.s3.eu-central-2.amazonaws.com/instances/34/public/theme/2922945_66041b5a045fd3.56660575_SPG-Logo-RVB.png?response-content-disposition=attachment&X-Amz-Content-Sha256=UNSIGNED-PAYLOAD&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAJRPO3A3HRSCWLFDQ%2F20241220%2Feu-central-2%2Fs3%2Faws4_request&X-Amz-Date=20241220T142411Z&X-Amz-SignedHeaders=host&X-Amz-Expires=300&X-Amz-Signature=5333bfb391989ea73cc4edc5fd29ec5fcdfb2e916bf1dd962c526ce216771002
Protocol
HTTP/1.1
Server
3.5.54.35 Zurich, Switzerland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.eu-central-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
42374fb42dab1303e9186258bb4435e3774e9eb694624334e00abd512d833bfa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

x-amz-id-2
ApPF82oxC+i19qLaSzE7j8nneFHliIP/q+AuprY2z99RmwSWsJgXKWDvVQ628pNrVxqDJmr13aTV351/jRvJ6ymZpqcTbXl7
x-amz-replication-status
COMPLETED
ETag
"6ecd4f9d85c0c294922c2d136e12eb8a"
x-amz-version-id
P44PbukLZ9VqtB9kMnT2lldBAs_mNlfU
x-amz-request-id
NP2GH4C6VJV4YT7E
Accept-Ranges
bytes
Content-Length
32187
Date
Fri, 20 Dec 2024 14:24:13 GMT
Last-Modified
Wed, 27 Mar 2024 13:12:59 GMT
Content-Disposition
attachment
Server
AmazonS3
Content-Type
image/png
x-amz-server-side-encryption
AES256

Redirect headers

cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3r8WBe5TJSo7dBXtIPchmhXozWDEKl4AbsmCzpOjJF9Y9BrnmITNoQmSbwbEo8TGckZfmWade6E3uxzYtQhJ7IKLj9QbXeTXC5E6udRrCAE3KmJQQoDKdKpYNv5qcOox3DZIrZa557U8ulro"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff, nosniff
server-timing
cfL4;desc="?proto=TCP&rtt=45927&min_rtt=28735&rtt_var=8626&sent=176&recv=97&lost=0&retrans=0&sent_bytes=194949&recv_bytes=3248&delivery_rate=889551&cwnd=107&unsent_bytes=0&cid=21be936d4d199dc4&ts=4889&x=0"
date
Fri, 20 Dec 2024 14:24:11 GMT
content-type
text/html; charset=utf-8
feature-policy
camera 'self'; fullscreen 'self'; geolocation 'self'; sync-xhr *;
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, ALLOW-FROM 'self' *.immob10.ch *.allthings.me
strict-transport-security
max-age=0; includeSubDomains; preload
content-security-policy
default-src 'self' blob: 'self'; img-src https: data: blob: *; media-src *; font-src 'self' fonts.gstatic.com cdn.jsdelivr.net fastly.jsdelivr.net; connect-src 'self' blob: https: ws: wss: *.google-analytics.com *.pusher.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.jsdelivr.net fastly.jsdelivr.net cdnjs.cloudflare.com *.cloudfront.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com *.googletagmanager.com *.google.com *.gstatic.com *.pusher.com unpkg.com cdnjs.cloudflare.com mozilla.github.io *.cloudfront.net *.newrelic.com *.nr-data.net cdn.jsdelivr.net fastly.jsdelivr.net *.statuspage.io; frame-src 'self' *.google.com *.youtube.com *.geo.admin.ch *.quicksight.aws.amazon.com; worker-src 'self' blob: cdn.jsdelivr.net fastly.jsdelivr.net; frame-ancestors 'self' *.immob10.ch *.allthings.me;
cache-control
no-cache, private
location
https://tayo-cloud-app.s3.eu-central-2.amazonaws.com/instances/34/public/theme/2922945_66041b5a045fd3.56660575_SPG-Logo-RVB.png?response-content-disposition=attachment&X-Amz-Content-Sha256=UNSIGNED-PAYLOAD&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAJRPO3A3HRSCWLFDQ%2F20241220%2Feu-central-2%2Fs3%2Faws4_request&X-Amz-Date=20241220T142411Z&X-Amz-SignedHeaders=host&X-Amz-Expires=300&X-Amz-Signature=5333bfb391989ea73cc4edc5fd29ec5fcdfb2e916bf1dd962c526ce216771002
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
cf-ray
8f504b6a6b4c2c3d-FRA
x-xss-protection
1; mode=block, 1; mode=block
server
cloudflare
2264741_646e44ef0f9f77.45070277_page_d-accueil_1500x1500.png
tayo-cloud-app.s3.eu-central-2.amazonaws.com/instances/34/public/theme/
Redirect Chain
  • https://spg.tayo.cloud/instances/34/public/theme/2264741_646e44ef0f9f77.45070277_page_d-accueil_1500x1500.png
  • https://tayo-cloud-app.s3.eu-central-2.amazonaws.com/instances/34/public/theme/2264741_646e44ef0f9f77.45070277_page_d-accueil_1500x1500.png?response-content-disposition=attachment&X-Amz-Content-Sha...
2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tayo-cloud-app.s3.eu-central-2.amazonaws.com/instances/34/public/theme/2264741_646e44ef0f9f77.45070277_page_d-accueil_1500x1500.png?response-content-disposition=attachment&X-Amz-Content-Sha256=UNSIGNED-PAYLOAD&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAJRPO3A3HRSCWLFDQ%2F20241220%2Feu-central-2%2Fs3%2Faws4_request&X-Amz-Date=20241220T142412Z&X-Amz-SignedHeaders=host&X-Amz-Expires=300&X-Amz-Signature=95e6feb76095ed0a05bd0d156e41545e3376f214c3aa7bac34827b1e2891b959
Protocol
HTTP/1.1
Server
3.5.54.35 Zurich, Switzerland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.eu-central-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
775021c415d5458798735d53b38e150f2ea54378a0cf82d20299c47ffe4a7c16

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

x-amz-id-2
4k6MiJeu3IEjjha0HZ7I8AL5fC2ppAKjGkqoJN0wCAXvTmj9ZsIqITFblF19r43bqxE6COI1cKGt7hoXq2zE3oHYUMULRwyT
x-amz-replication-status
COMPLETED
ETag
"507c3c962f89c90c714f370aa8d3cbb1"
x-amz-version-id
kD1Pz6ZQtQLO.HM23EuZAwoAFuDZ1ak6
x-amz-request-id
NP2RCXDT70WKCRWB
x-amz-storage-class
INTELLIGENT_TIERING
Accept-Ranges
bytes
Content-Length
2331205
Date
Fri, 20 Dec 2024 14:24:13 GMT
Last-Modified
Wed, 24 May 2023 17:10:08 GMT
Content-Disposition
attachment
Server
AmazonS3
Content-Type
image/png
x-amz-server-side-encryption
AES256

Redirect headers

cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B9WUCeqvv%2By1FFQuKUpzwRl%2FpNp%2FfUMjg2qEPTjQfeZM3wCAAgz1ZkoiaTbFfxLGHPrkTWYwtx3QhIYL4pLtDN1mcuCPZHHTKCY5FKf0tKoTKHBGMCkAyXyCEYa3n9Stu%2FeH1GXsunp4JlP0"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff, nosniff
server-timing
cfL4;desc="?proto=TCP&rtt=45927&min_rtt=28735&rtt_var=8626&sent=180&recv=97&lost=0&retrans=0&sent_bytes=198121&recv_bytes=3248&delivery_rate=889551&cwnd=107&unsent_bytes=0&cid=21be936d4d199dc4&ts=4911&x=0"
date
Fri, 20 Dec 2024 14:24:12 GMT
content-type
text/html; charset=utf-8
feature-policy
camera 'self'; fullscreen 'self'; geolocation 'self'; sync-xhr *;
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, ALLOW-FROM 'self' *.immob10.ch *.allthings.me
strict-transport-security
max-age=0; includeSubDomains; preload
content-security-policy
default-src 'self' blob: 'self'; img-src https: data: blob: *; media-src *; font-src 'self' fonts.gstatic.com cdn.jsdelivr.net fastly.jsdelivr.net; connect-src 'self' blob: https: ws: wss: *.google-analytics.com *.pusher.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.jsdelivr.net fastly.jsdelivr.net cdnjs.cloudflare.com *.cloudfront.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com *.googletagmanager.com *.google.com *.gstatic.com *.pusher.com unpkg.com cdnjs.cloudflare.com mozilla.github.io *.cloudfront.net *.newrelic.com *.nr-data.net cdn.jsdelivr.net fastly.jsdelivr.net *.statuspage.io; frame-src 'self' *.google.com *.youtube.com *.geo.admin.ch *.quicksight.aws.amazon.com; worker-src 'self' blob: cdn.jsdelivr.net fastly.jsdelivr.net; frame-ancestors 'self' *.immob10.ch *.allthings.me;
cache-control
no-cache, private
location
https://tayo-cloud-app.s3.eu-central-2.amazonaws.com/instances/34/public/theme/2264741_646e44ef0f9f77.45070277_page_d-accueil_1500x1500.png?response-content-disposition=attachment&X-Amz-Content-Sha256=UNSIGNED-PAYLOAD&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAJRPO3A3HRSCWLFDQ%2F20241220%2Feu-central-2%2Fs3%2Faws4_request&X-Amz-Date=20241220T142412Z&X-Amz-SignedHeaders=host&X-Amz-Expires=300&X-Amz-Signature=95e6feb76095ed0a05bd0d156e41545e3376f214c3aa7bac34827b1e2891b959
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
cf-ray
8f504b6a6b4e2c3d-FRA
x-xss-protection
1; mode=block, 1; mode=block
server
cloudflare
tayo_permanent_alerts
spg.tayo.cloud/api/v2/public/ 		54 B
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spg.tayo.cloud/api/v2/public/tayo_permanent_alerts?getLastPermanentAlert
Requested by
Host: d2fa3djn9x2ko7.cloudfront.net
URL: https://d2fa3djn9x2ko7.cloudfront.net/app/js/app.js?id=0dc374f7872441cd131a5b2330214ca7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee86ebc27a2d6836c5d3f6621074cecd86111382aeed87cc6ed201773dcb47b5
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: 'self'; img-src https: data: blob: *; media-src *; font-src 'self' fonts.gstatic.com cdn.jsdelivr.net fastly.jsdelivr.net; connect-src 'self' blob: https: ws: wss: *.google-analytics.com *.pusher.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.jsdelivr.net fastly.jsdelivr.net cdnjs.cloudflare.com *.cloudfront.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com *.googletagmanager.com *.google.com *.gstatic.com *.pusher.com unpkg.com cdnjs.cloudflare.com mozilla.github.io *.cloudfront.net *.newrelic.com *.nr-data.net cdn.jsdelivr.net fastly.jsdelivr.net *.statuspage.io; frame-src 'self' *.google.com *.youtube.com *.geo.admin.ch *.quicksight.aws.amazon.com; worker-src 'self' blob: cdn.jsdelivr.net fastly.jsdelivr.net; frame-ancestors 'self' *.immob10.ch *.allthings.me;
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, ALLOW-FROM 'self' *.immob10.ch *.allthings.me
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://spg.tayo.cloud/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i4ozc1hSiAGvrmLDRa%2BQVsS%2FTAnFjXiaqMFkEcwyaCUEfLqb8ShXi1lsCKu4EQqvFcsu5bs0hMB%2FlJhbj15hfSZMn1Z380PLfUTSlbvRzNdxNYBpABb5zlfCKc6kX9i%2BcxjiFLKtHqgsYeXq"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff, nosniff
server-timing
cfL4;desc="?proto=TCP&rtt=45927&min_rtt=28735&rtt_var=8626&sent=185&recv=97&lost=0&retrans=0&sent_bytes=202244&recv_bytes=3248&delivery_rate=889551&cwnd=107&unsent_bytes=0&cid=21be936d4d199dc4&ts=4916&x=0"
date
Fri, 20 Dec 2024 14:24:12 GMT
content-type
application/json
feature-policy
camera 'self'; fullscreen 'self'; geolocation 'self'; sync-xhr *;
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, ALLOW-FROM 'self' *.immob10.ch *.allthings.me
strict-transport-security
max-age=0; includeSubDomains; preload
content-security-policy
default-src 'self' blob: 'self'; img-src https: data: blob: *; media-src *; font-src 'self' fonts.gstatic.com cdn.jsdelivr.net fastly.jsdelivr.net; connect-src 'self' blob: https: ws: wss: *.google-analytics.com *.pusher.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.jsdelivr.net fastly.jsdelivr.net cdnjs.cloudflare.com *.cloudfront.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com *.googletagmanager.com *.google.com *.gstatic.com *.pusher.com unpkg.com cdnjs.cloudflare.com mozilla.github.io *.cloudfront.net *.newrelic.com *.nr-data.net cdn.jsdelivr.net fastly.jsdelivr.net *.statuspage.io; frame-src 'self' *.google.com *.youtube.com *.geo.admin.ch *.quicksight.aws.amazon.com; worker-src 'self' blob: cdn.jsdelivr.net fastly.jsdelivr.net; frame-ancestors 'self' *.immob10.ch *.allthings.me;
cache-control
no-cache, private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
x-ratelimit-remaining
98
cf-ray
8f504b6a6b492c3d-FRA
x-xss-protection
1; mode=block, 1; mode=block
x-ratelimit-limit
100
server
cloudflare
components.json
zkzjhn2xqyxv.statuspage.io/api/v2/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://zkzjhn2xqyxv.statuspage.io/api/v2/components.json
Requested by
Host: d2fa3djn9x2ko7.cloudfront.net
URL: https://d2fa3djn9x2ko7.cloudfront.net/app/js/app.js?id=0dc374f7872441cd131a5b2330214ca7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-72.fra56.r.cloudfront.net
Software
AtlassianEdge /
Resource Hash
d8823a389f0ad9fd3c794ebb738cc0707ea8664622640fa0502545fa640ffb49
Security Headers
Name Value
Strict-Transport-Security max-age=259200
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer

Response headers

content-encoding
br
etag
W/"d8823a389f0ad9fd3c794ebb738cc070"
x-permitted-cross-domain-policies
none
report-to
{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": "endpoint-1", "include_subdomains": true, "max_age": 600}
x-content-type-options
nosniff
x-statuspage-version
f112972eb3dfe0cc7baeb70f5056ffcc7cc8df6c
server-timing
atl-edge;dur=63,atl-edge-internal;dur=4,atl-edge-upstream;dur=61,atl-edge-pop;desc="aws-us-east-1"
x-cache
Miss from cloudfront
x-amz-cf-id
0cs6qVAPrrB7J7VkcO3U3DtfGLUzcfvwPfLHJ5rqtEPI7urgtXvgOQ==
date
Fri, 20 Dec 2024 14:24:12 GMT
content-type
application/json; charset=utf-8
vary
Accept,Accept-Encoding
x-runtime
0.038723
atl-request-id
2fa8f593-517a-413e-82d0-b1c4b5cd6b7e
strict-transport-security
max-age=259200
x-statuspage-skip-logging
true
cache-control
max-age=3, public
nel
{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
via
1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-pollinator-metadata-service
status-page-web-pages
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA56-P6
atl-traceid
2fa8f593517a413e82d0b1c4b5cd6b7e
server
AtlassianEdge
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-L2HP3TTLNP&gtm=45je4cc1v873096671za200zb835028260&_p=1734704647476&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1600909905.1734704648&ul=de-ch&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=3&sid=1734704648&sct=1&seg=1&dl=https%3A%2F%2Fspg.tayo.cloud%2F&dt=Tayo&en=scroll&epn.percent_scrolled=90&_et=1&tfd=6020
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L2HP3TTLNP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://spg.tayo.cloud
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 14:24:13 GMT
content-type
text/plain
server
Golfe2

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| pdfjsLib object| pdfjs-dist/build/pdf function| html2canvas function| gtag object| dataLayer string| GoogleAnalyticsObject function| ga object| lottie_player object| lottie-player object| reactiveElementVersions object| litHtmlVersions object| litElementVersions object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager function| onYouTubeIframeAPIReady object| recaptcha object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| Pusher object| fabric function| $bu_getBrowser function| vueRecaptchaApiLoaded object| __svelte function| axios object| helper function| __ object| bus

5 Cookies

Domain/Path Name / Value
.tayo.cloud/ Name: _gid
Value: GA1.2.1775004223.1734704648
.tayo.cloud/ Name: _gat
Value: 1
.tayo.cloud/ Name: _ga
Value: GA1.1.1600909905.1734704648
.tayo.cloud/ Name: _ga_L2HP3TTLNP
Value: GS1.1.1734704648.1.1.1734704648.0.0.0
spg.tayo.cloud/ Name: locale
Value: fr

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' blob: 'self'; img-src https: data: blob: *; media-src *; font-src 'self' fonts.gstatic.com cdn.jsdelivr.net fastly.jsdelivr.net; connect-src 'self' blob: https: ws: wss: *.google-analytics.com *.pusher.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.jsdelivr.net fastly.jsdelivr.net cdnjs.cloudflare.com *.cloudfront.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com *.googletagmanager.com *.google.com *.gstatic.com *.pusher.com unpkg.com cdnjs.cloudflare.com mozilla.github.io *.cloudfront.net *.newrelic.com *.nr-data.net cdn.jsdelivr.net fastly.jsdelivr.net *.statuspage.io; frame-src 'self' *.google.com *.youtube.com *.geo.admin.ch *.quicksight.aws.amazon.com; worker-src 'self' blob: cdn.jsdelivr.net fastly.jsdelivr.net; frame-ancestors 'self' *.immob10.ch *.allthings.me;
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN ALLOW-FROM 'self' *.immob10.ch *.allthings.me
X-Xss-Protection 1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
d2fa3djn9x2ko7.cloudfront.net
fastly.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
region1.google-analytics.com
spg.tayo.cloud
tayo-cloud-app.s3.eu-central-2.amazonaws.com
unpkg.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
zkzjhn2xqyxv.statuspage.io
104.17.25.14
108.138.7.72
142.250.186.132
142.250.186.35
2001:4860:4802:34::36
2600:9000:2646:6200:3:a062:89c0:21
2606:4700:20::ac43:49fc
2606:4700::6811:f7cb
2a00:1450:4001:80e::200a
2a00:1450:4001:810::2003
2a00:1450:4001:828::2008
2a00:1450:4001:82a::200e
2a04:4e42:200::485
3.5.54.35
03fe3caba05e65b14e4035139eee89b12be87cd0bcf342ac3886770eec3a9962
05a0db63e5a369d2e0d5ca2e48ded24f591f792362904f5b94ae1f73122453a5
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
269842da37d5924456c06b8dd74354c9c30a165faab65aa0f665a2235a899999
26de8af48081b3a3e3105595c77701aa9c3c712888c5f5d5a4ca88898daf1908
42374fb42dab1303e9186258bb4435e3774e9eb694624334e00abd512d833bfa
500a2afe5da8ea71181d5d9a3b7d684489b2c9c78fba641770157bb6d80eb5c1
5b5799e6f8c680663207ac5b42ee14eed2a406fa7af48f50c154f0c0b1566946
5fb10e570b44eab8e74e4906e0c8f100bcabba0ab98a816486830590c7c05bbf
775021c415d5458798735d53b38e150f2ea54378a0cf82d20299c47ffe4a7c16
8057a47f11040c0a6b621b925009457370d9605f86c870801ef4b96ea713b20b
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
a00e7be36bdfaf61f746c53910061e071ff151ce12ea4bc4c72f9728a370a76a
a68660a993029b524836d82a4c8fd62a88b9b2bac9d07f69fcf54c0b4a6ec056
b396c6847f916f93b353dddc9245b056ad900d115cfb589e7909ba996eaf70af
c1bbd0fe97b71a55f4ab66ab7e38c042ae2bdf5f001d8abeb7c9aaf4078ea026
d8823a389f0ad9fd3c794ebb738cc0707ea8664622640fa0502545fa640ffb49
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
e87e550794322e574a1fda0c1549a3c70dae5a93d9113417a429016838eab8cb
ee86ebc27a2d6836c5d3f6621074cecd86111382aeed87cc6ed201773dcb47b5