hexpress.fr Open in urlscan Pro
62.171.154.121 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://hexpress.fr/
Submission: On June 07 via api (June 7th 2024, 10:21:55 am UTC) from LU — Scanned from FR

Summary HTTP 26 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 7 domains to perform 26 HTTP transactions. The main IP is 62.171.154.121, located in Nuremberg, Germany and belongs to CONTABO, DE. The main domain is hexpress.fr.
TLS certificate: Issued by ZeroSSL ECC Domain Secure Site CA on April 16th 2024. Valid for: 3 months.

This is the only time hexpress.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	62.171.154.121 62.171.154.121	51167 (CONTABO) (CONTABO)
8	172.67.201.102 172.67.201.102	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2606:4700:440... 2606:4700:4400::6812:2ae3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	172.217.18.4 172.217.18.4	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
26	7

1 62.171.154.121 (Nuremberg, Germany)

ASN51167 (CONTABO, DE)
PTR: vmi861669.contaboserver.net

hexpress.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.67.201.102 (United States)

ASN13335 (CLOUDFLARENET, US)

api.linke.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:4400::6812:2ae3 (United States)

ASN13335 (CLOUDFLARENET, US)

linketo.fra1.cdn.digitaloceanspaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.cdnly.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

t2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

maps.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.4 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	linke.to api.linke.to	133 KB
7	gstatic.com t2.gstatic.com fonts.gstatic.com	88 KB
6	digitaloceanspaces.com linketo.fra1.cdn.digitaloceanspaces.com	555 KB
2	cdnly.org www.cdnly.org	10 KB
2	google.com 1 redirects maps.google.com — Cisco Umbrella Rank: 2301 www.google.com — Cisco Umbrella Rank: 5	297 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 70	69 KB
1	hexpress.fr hexpress.fr	2 KB
26	7

	Domain	Requested by
8	api.linke.to	hexpress.fr api.linke.to
6	linketo.fra1.cdn.digitaloceanspaces.com	hexpress.fr
4	t2.gstatic.com	hexpress.fr
3	fonts.gstatic.com	fonts.googleapis.com
2	www.cdnly.org	api.linke.to
1	fonts.googleapis.com	api.linke.to
1	www.google.com	hexpress.fr
1	maps.google.com	1 redirects
1	hexpress.fr
26	9

This site contains no links.

Subject Issuer	Validity	Valid
hexpress.fr ZeroSSL ECC Domain Secure Site CA	`2024-04-16` - `2024-07-15`	3 months	crt.sh
linke.to GTS CA 1P5	`2024-05-04` - `2024-08-02`	3 months	crt.sh
*.fra1.cdn.digitaloceanspaces.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-04` - `2025-06-20`	a year	crt.sh
*.gstatic.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.google.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.cdnly.org E1	`2024-06-01` - `2024-08-30`	3 months	crt.sh
upload.video.google.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://hexpress.fr/
Frame ID: 72C06A563E5A9B37B526670AD25A2DB5
Requests: 25 HTTP requests in this frame

Frame: https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1s100+Av.+Pierre+Semard,+95400+Villiers-le-Bel,+France!6i13
Frame ID: 8E77959FA306CBA9776961AEBF01D067
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home made

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

Page Statistics

26
Requests

100 %
HTTPS

63 %
IPv6

7
Domains

9
Subdomains

7
IPs

2
Countries

857 kB
Transfer

1505 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://maps.google.com/maps?q=100+Av.+Pierre+Semard%2C+95400+Villiers-le-Bel%2C+France&t=&z=13&ie=UTF8&iwloc=&output=embed HTTP 301
https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1s100+Av.+Pierre+Semard,+95400+Villiers-le-Bel,+France!6i13

26 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
hexpress.fr/ 7 KB
2 KB 1607ms
1491ms Document
text/html 62.171.154.121
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://hexpress.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 62.171.154.121 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi861669.contaboserver.net
Software: Caddy Apache /
Resource Hash: f46f15dfb6131b1efa26c96d7c4f6a92868e68c0178c5510fb850c6d4e7e63eb

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 1733
content-type: text/html; charset=UTF-8
date: Fri, 07 Jun 2024 10:21:47 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: Caddy Apache
vary: Accept-Encoding

GET
H3 200 swiper.css
api.linke.to/css/ 16 KB
5 KB 109ms
53ms Stylesheet
text/css 172.67.201.102
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.linke.to/css/swiper.css
Requested by: Host: hexpress.fr
URL: https://hexpress.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.201.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53182fe5e57652234189008985051f79510e7ba93b5506aaa8a1593cc4eb6241

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer: https://hexpress.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 07 Jun 2024 10:21:49 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7154
alt-svc: h3=":443"; ma=86400
content-length: 4582
last-modified: Sat, 16 Sep 2023 22:42:27 GMT
server: cloudflare
etag: "4056-605819f9dc90a-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WcFhxACXS0x2r92RkohCwSXTNFqSDf8x5nLjaPLV1JwMF7tk6V6SgDE6M6djCjQvfO0IqiQY4Dqo9%2FFuSnAuA%2FLsxgj3RvOD6da%2F2BVhXDAQj5nkh527QXaNrqD0iLQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88ffeadf18fbd38f-CDG

GET
H3 200 page.css
api.linke.to/css/ 25 KB
6 KB 108ms
53ms Stylesheet
text/css 172.67.201.102
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.linke.to/css/page.css?19
Requested by: Host: hexpress.fr
URL: https://hexpress.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.201.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 288704ed378252f3c43d73b5c89ed06b37df5667d8005caceb00758163891f87

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer: https://hexpress.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 07 Jun 2024 10:21:49 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7154
alt-svc: h3=":443"; ma=86400
content-length: 6023
last-modified: Sat, 16 Sep 2023 22:40:35 GMT
server: cloudflare
etag: "6377-6058198ef949c-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DoRYwCS4l3Lh0RNEsJGaRqOywR2FbCfWfICG1GzzRy6c9SAsCkB%2F2lSRgtX3P668RL2NfULveLYdH6yxDy7OaV7I9G%2BXSyYWwXMjQnRe7qlQbERwq66GdLlJjLekGq4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88ffeadf18f9d38f-CDG

GET
H3 200 xi.css
api.linke.to/css/ 107 KB
17 KB 84ms
30ms Stylesheet
text/css 172.67.201.102
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.linke.to/css/xi.css
Requested by: Host: hexpress.fr
URL: https://hexpress.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.201.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fd0333226f5adc6cb6345bfad8481bad753187ba7160b1b6261d12ca63cde45

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer: https://hexpress.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 07 Jun 2024 10:21:49 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7154
alt-svc: h3=":443"; ma=86400
content-length: 16639
last-modified: Sat, 16 Sep 2023 22:41:12 GMT
server: cloudflare
etag: "1aabe-605819b23d9b6-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g0hVbBZPw5rAfz5ACll%2FuMIVWioXnGaUYJapg0A4aDtFkuqgQJDFCoNBYa7DBEbGKPkcLrnPyWMhWXpP%2BKXiQpf6uUfF08N1RVwMB3Tv0pGGxNvqW6wh2SKi801NteI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88ffeadf18fad38f-CDG

GET
H2 200 3871-16953765460.jpg
linketo.fra1.cdn.digitaloceanspaces.com/ 33 KB
33 KB 147ms
30ms Image
image/jpeg 2606:4700:4400::6812:2ae3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://linketo.fra1.cdn.digitaloceanspaces.com/3871-16953765460.jpg

Requested by

Host: hexpress.fr
URL: https://hexpress.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2ae3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1aa9bd305a097ac3dc5d78f986e4752134774513a08968b1e976aa17dd6c6ac1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer: https://hexpress.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 07 Jun 2024 10:21:49 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-amz-request-id: tx00000819d588cfbce1040-0065f03cb8-e72ab2ce-fra1b
age: 1536
x-envoy-upstream-healthchecked-cluster
content-length: 33518
cf-bgj: h2pri
last-modified: Fri, 22 Sep 2023 09:55:47 GMT
server: cloudflare
etag: "050b283cee62d6d2ee821d0d722be3bb"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/jpeg
x-do-cdn-uuid: b63446d1-cf47-4294-9187-19dd04f41040
cache-control: max-age=3600
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 88ffeadf8c1f9ef7-CDG

GET
H2 200 3871-16955949120.jpg
linketo.fra1.cdn.digitaloceanspaces.com/ 67 KB
67 KB 214ms
97ms Image
image/jpeg 2606:4700:4400::6812:2ae3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://linketo.fra1.cdn.digitaloceanspaces.com/3871-16955949120.jpg

Requested by

Host: hexpress.fr
URL: https://hexpress.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2ae3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56f0aa14b101146c0ef3c85f6d5b45db2deba2441f8bfa6b78701c56dbbcaed3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer: https://hexpress.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 07 Jun 2024 10:21:49 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: MISS
x-amz-request-id: tx0000010e135ca1fa03d5a-006662df3d-fb80dc75-fra1b
x-envoy-upstream-healthchecked-cluster
content-length: 68672
last-modified: Sun, 24 Sep 2023 22:35:12 GMT
server: cloudflare
etag: "665054ee7922544e4cbfe56ab1c58be1"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/jpeg
x-do-cdn-uuid: b63446d1-cf47-4294-9187-19dd04f41040
x-rgw-object-type: Normal
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 88ffeadf8c229ef7-CDG

GET
H2 200 3871-16955949870.jpg
linketo.fra1.cdn.digitaloceanspaces.com/ 67 KB
67 KB 220ms
119ms Image
image/webp 2606:4700:4400::6812:2ae3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://linketo.fra1.cdn.digitaloceanspaces.com/3871-16955949870.jpg

Requested by

Host: hexpress.fr
URL: https://hexpress.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2ae3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea4d156663f575b6b945232e05397dc24cc0d1d20ddb1aa226bce787c23a97fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer: https://hexpress.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 07 Jun 2024 10:21:49 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: MISS
x-amz-request-id: tx0000049bb1ca60fc08c35-006662df3d-fb8d243e-fra1b
x-envoy-upstream-healthchecked-cluster
content-length: 68344
last-modified: Sun, 24 Sep 2023 22:36:28 GMT
server: cloudflare
etag: "ffe9a3ad5ce087144a97c5927c444fb0"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/webp
x-do-cdn-uuid: b63446d1-cf47-4294-9187-19dd04f41040
x-rgw-object-type: Normal
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 88ffeadf8c219ef7-CDG

GET
H2 200 faviconV2
t2.gstatic.com/ 2 KB
2 KB 126ms
42ms Image
image/png 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://www.instagram.com/hexpress.france/&size=48

Requested by

Host: hexpress.fr
URL: https://hexpress.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

effd3b51501b8947e5d87fb0804cccaf8a9bfa9e1ccff522f096bb2a7c95fa2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer: https://hexpress.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 07 Jun 2024 10:21:49 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1658
x-xss-protection: 0
last-modified: Fri, 22 Jul 2022 17:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://static.cdninstagram.com/rsrc.php/v3/yR/r/lam-fZmwmvn.png
expires: Fri, 14 Jun 2024 10:21:49 GMT

GET
H2 200 faviconV2
t2.gstatic.com/ 825 B
1 KB 125ms
41ms Image
image/png 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://www.tiktok.com/@hexpress.france?_t=8fu0OSIF9Bg&_r=1&size=48

Requested by

Host: hexpress.fr
URL: https://hexpress.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2173c2fa443ed98da2ec5ffe35f80452043596d0afbf30634a88cf2464935aa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer: https://hexpress.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 07 Jun 2024 10:21:49 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 825
x-xss-protection: 0
last-modified: Thu, 20 Sep 2018 21:46:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://www.tiktok.com/favicon.ico
expires: Fri, 14 Jun 2024 10:21:49 GMT

GET
H2 200 faviconV2
t2.gstatic.com/ 2 KB
2 KB 127ms
44ms Image
image/png 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://www.snapchat.com/add/hexpress.france?share_id=YfN04DJHVxw&locale=fr-FR&size=48

Requested by

Host: hexpress.fr
URL: https://hexpress.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

401092feff62976edbbca08c23bd3e75441036e4e43636e2f500181414c82b67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer: https://hexpress.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 07 Jun 2024 10:21:49 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2201
x-xss-protection: 0
last-modified: Fri, 22 May 2020 08:07:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://static.snapchat.com/favicon.ico
expires: Fri, 14 Jun 2024 10:21:49 GMT

GET
H2 200 3871-16962326520.jpg
linketo.fra1.cdn.digitaloceanspaces.com/ 55 KB
55 KB 218ms
120ms Image
image/jpeg 2606:4700:4400::6812:2ae3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://linketo.fra1.cdn.digitaloceanspaces.com/3871-16962326520.jpg

Requested by

Host: hexpress.fr
URL: https://hexpress.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2ae3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e4415ad52a4b6302f3c07816ee2c36aca104dc5a1c3ecb42105df9600214a7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer: https://hexpress.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 07 Jun 2024 10:21:49 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: MISS
x-amz-request-id: tx00000f1c92c62d5e147c3-006662df3d-fb7dd843-fra1b
x-envoy-upstream-healthchecked-cluster
content-length: 55884
last-modified: Mon, 02 Oct 2023 07:44:12 GMT
server: cloudflare
etag: "507d6c60eea7d358aa7086373796e01f"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/jpeg
x-do-cdn-uuid: b63446d1-cf47-4294-9187-19dd04f41040
x-rgw-object-type: Normal
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 88ffeadf8c259ef7-CDG

GET
H2 200 faviconV2
t2.gstatic.com/ 617 B
755 B 45ms
44ms Image
image/png 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://www.ubereats.com/fr/store/h-express/3T8orSQPQ9yERnTbhuZaBg&size=48

Requested by

Host: hexpress.fr
URL: https://hexpress.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20caf0c21b718c6bdcb00bac06f6b920add0fb35f8d98c7891745a91c92a6bd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer: https://hexpress.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 07 Jun 2024 10:21:49 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 617
x-xss-protection: 0
last-modified: Mon, 01 Jul 2019 23:18:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://d3i4yxtzktqr9n.cloudfront.net/web-eats-v2/7fbeef105999ace5.png
expires: Fri, 14 Jun 2024 10:21:49 GMT

GET
H2 200 3871-16955951660.jpg
linketo.fra1.cdn.digitaloceanspaces.com/ 60 KB
61 KB 151ms
143ms Image
image/jpeg 2606:4700:4400::6812:2ae3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://linketo.fra1.cdn.digitaloceanspaces.com/3871-16955951660.jpg

Requested by

Host: hexpress.fr
URL: https://hexpress.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2ae3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0580bca588c081ea7c66d029fd96aeb4de0a7d9685ffa792ad6c574cc0d744d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer: https://hexpress.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 07 Jun 2024 10:21:49 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: MISS
x-amz-request-id: tx00000723dc9e7242f4f32-006662df3d-fb8d246b-fra1b
x-envoy-upstream-healthchecked-cluster
content-length: 61568
last-modified: Sun, 24 Sep 2023 22:39:27 GMT
server: cloudflare
etag: "1c35009e1a9e53908768c20fe85d13e4"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/jpeg
x-do-cdn-uuid: b63446d1-cf47-4294-9187-19dd04f41040
x-rgw-object-type: Normal
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 88ffeadf8c249ef7-CDG

GET
H3 200 qrc.js Show response
api.linke.to/js/ 64 KB
16 KB 89ms
52ms Script
application/javascript 172.67.201.102
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.linke.to/js/qrc.js?7
Requested by: Host: hexpress.fr
URL: https://hexpress.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.201.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ab18aebf611267b5632aa43400194a47883fba3809afa25842a08cace4a9e5b

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer: https://hexpress.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 07 Jun 2024 10:21:49 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7153
alt-svc: h3=":443"; ma=86400
content-length: 15845
last-modified: Sat, 16 Sep 2023 22:37:43 GMT
server: cloudflare
etag: "1009e-605818eba7b98-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6xx5Lb%2FKtbPRBXP47aq5%2BdHhlX%2FdcYgc6NBt8eey8oSdYh9f6Y1bZK8c2ViNNmlW78JI1w26Br6P65YHzC7pQNxb8BliS9c%2BjkPhfeNeSdIO9ZwFNAOIxge0VcbNiEs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88ffeadf18f6d38f-CDG

GET
H3 200 page.js Show response
api.linke.to/js/ 8 KB
3 KB 89ms
52ms Script
application/javascript 172.67.201.102
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.linke.to/js/page.js?5
Requested by: Host: hexpress.fr
URL: https://hexpress.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.201.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ffb620b4a449cc7b7cefa70fe7b172b8751f106de437eb12a7e2172329b1748

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer: https://hexpress.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 07 Jun 2024 10:21:49 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7153
alt-svc: h3=":443"; ma=86400
content-length: 2737
last-modified: Sat, 16 Sep 2023 22:37:14 GMT
server: cloudflare
etag: "20b4-605818cfcfcbd-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0RYQlk92NB6cm3Ol6F8%2BrGaJombC%2F0xhPYWr8Ms6FKZXdj9yo3Sq%2F7D%2BMW9VW5fAlQBAR4me%2Br31f3na%2FaQmrwXvpD78CMPmO40IwEtzwrnWYzc9xQ1Ap2vqdveduVU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88ffeadf18f8d38f-CDG

GET
H3 200 vcard.js Show response
api.linke.to/js/ 5 KB
2 KB 80ms
43ms Script
application/javascript 172.67.201.102
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.linke.to/js/vcard.js?8
Requested by: Host: hexpress.fr
URL: https://hexpress.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.201.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b55eae12689bb4ce7efc235b1eeafd074a27324b663ac442743a547001e6b02

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer: https://hexpress.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 07 Jun 2024 10:21:49 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7153
alt-svc: h3=":443"; ma=86400
content-length: 2058
last-modified: Sun, 17 Sep 2023 09:43:14 GMT
server: cloudflare
etag: "1503-6058adac482ec-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4FwHUpv1zL5xulNt6ds80SrRwFRjB0UuCzUY3%2BOkYP%2FFiZuIg1CWJE5l91oMyrgeZD5feOqeGV6tsBMc4hlYFbMcDSVarbxFD1wGDAOGusKebYFIu3UA2nyyucbK3b8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88ffeadf18f4d38f-CDG

GET
H3 200 swiper.js Show response
api.linke.to/js/ 140 KB
39 KB 42ms
42ms Script
application/javascript 172.67.201.102
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.linke.to/js/swiper.js
Requested by: Host: hexpress.fr
URL: https://hexpress.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.201.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51bfab1367271216fd85184c5d8275934513798b6f27fc8190246c2ad31811bc

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer: https://hexpress.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 07 Jun 2024 10:21:49 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5258
alt-svc: h3=":443"; ma=86400
content-length: 39667
last-modified: Sat, 16 Sep 2023 22:38:36 GMT
server: cloudflare
etag: "2310f-6058191de02af-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B6pubNkhuKI0iMY65QijKWoXwUxbqG9ELyP3lqV5X%2FQK5eDgcQ3xGozcpgpQj9nSOpO7ZoHzq3Y90kzkE%2FFR57MHbSkbOZYagNvRnru%2BtddE34u69lYan0gWy8P0PUI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88ffeadf791ed38f-CDG

GET
H3

200

embed
www.google.com/maps/ Frame 8E77
Redirect Chain

https://maps.google.com/maps?q=100+Av.+Pierre+Semard%2C+95400+Villiers-le-Bel%2C+France&t=&z=13&ie=UTF8&iwloc=&output=embed
https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1s100+Av.+Pierre+Semard,+95400+Villiers-le-Bel,+France!6i13

0
0

670ms
605ms

Document
text/html

172.217.18.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1s100+Av.+Pierre+Semard,+95400+Villiers-le-Bel,+France!6i13

Requested by

Host: hexpress.fr
URL: https://hexpress.fr/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.4 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f4.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-Bjm6_jgpYdca4z59KQOgYA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer: https://hexpress.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 974
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-Bjm6_jgpYdca4z59KQOgYA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-type: text/html; charset=UTF-8
date: Fri, 07 Jun 2024 10:21:50 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: scaffolding on HTTPServer2
vary: Accept-Language Origin X-Origin Referer
x-content-type-options: nosniff
x-robots-tag: noindex,nofollow
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 07 Jun 2024 10:21:49 GMT
location: https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1s100+Av.+Pierre+Semard,+95400+Villiers-le-Bel,+France!6i13
server: scaffolding on HTTPServer2
vary: Origin X-Origin Referer
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 3871-16953764770.jpg
linketo.fra1.cdn.digitaloceanspaces.com/ 270 KB
271 KB 33ms
33ms Image
image/jpeg 2606:4700:4400::6812:2ae3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://linketo.fra1.cdn.digitaloceanspaces.com/3871-16953764770.jpg

Requested by

Host: hexpress.fr
URL: https://hexpress.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2ae3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ece6a17c85d44318bca2334c31a90673a8e23fcf3ea923d315c814009bba639

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer: https://hexpress.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 07 Jun 2024 10:21:49 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-amz-request-id: tx000007bcf141c41282cfa-0065f204b3-e72b424b-fra1b
age: 1536
x-envoy-upstream-healthchecked-cluster
content-length: 276913
cf-bgj: h2pri
last-modified: Fri, 22 Sep 2023 09:54:38 GMT
server: cloudflare
etag: "544871d9ad4e27457708ff689f1c414a"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/jpeg
x-do-cdn-uuid: b63446d1-cf47-4294-9187-19dd04f41040
cache-control: max-age=3600
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 88ffeadfcc659ef7-CDG

GET
H2 200 cblue.png
www.cdnly.org/asset/ 8 KB
9 KB 122ms
31ms Image
image/png 2606:4700:4400::6812:2ae3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cdnly.org/asset/cblue.png

Requested by

Host: api.linke.to
URL: https://api.linke.to/css/page.css?19

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2ae3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2edcb8fcfbad1b18af16bb5307dbbf1041fbaacb45d2b3d41f8d95d582007f76

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer: https://api.linke.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 07 Jun 2024 10:21:49 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-amz-request-id: tx00000af6f6c9ebacd4274-0065f1c768-e71a9ec6-fra1b
age: 1602
x-envoy-upstream-healthchecked-cluster
content-length: 8400
last-modified: Wed, 16 Nov 2022 20:43:49 GMT
server: cloudflare
etag: "615b1a6427308ef750f9ec1a103271be"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/png
x-do-cdn-uuid: b63446d1-cf47-4294-9187-19dd04f41040
x-rgw-object-type: Normal
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 88ffeae05d566efc-CDG

GET
H3 200 icons.ttf
api.linke.to/css/fonts/ 74 KB
44 KB 387ms
358ms Font
font/ttf 172.67.201.102
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.linke.to/css/fonts/icons.ttf
Requested by: Host: api.linke.to
URL: https://api.linke.to/css/page.css?19
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.201.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f093a9f17580f1326a0e5a1a528fde485735a818ef982fa910e3c3034cb48d7

Request headers

Referer: https://api.linke.to/css/page.css?19
Origin: https://hexpress.fr
Accept-Language: fr-FR,fr;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 07 Jun 2024 10:21:49 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 16 Sep 2023 23:09:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"12954-605820099b916"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yQZfmdOIsg6n2a%2BMJk2LZnoNBH7Wy8OWZt5q3GSaJ3jgCMWZe05uVMKYMKu4ABgcLnzYxuNX5MG%2Bn0pOdLnJxGI85jCHIXAVCBGp%2FlSXstg5gp6Mhfei9N6pftwKgvk%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 88ffeae00a9ed5f1-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 css2
fonts.googleapis.com/ 403 KB
69 KB 126ms
55ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@400;600;700&family=Noto+Sans:wght@400;600;700&family=Saira+Condensed:wght@400;600;700&family=Playfair+Display:wght@400;600;700&family=Josefin+Sans:wght@400;600;700&family=Roboto:wght@400;500;700&family=Crimson+Text:wght@400;600;700&family=Inconsolata:wght@400;600;700&family=Libre+Baskerville:wght@400;600;700&family=Klee+One:wght@400;600;700&family=Roboto+Condensed:wght@400;600;700&family=Montserrat:wght@400;500;700&family=Roboto+Mono:wght@400;600;700&family=Edu+SA+Beginner:wght@400;600;700&family=Radley:wght@400;600;700&family=PT+Serif:wght@400;600;700&family=Lato:wght@400;600;700&family=Dancing+Script:wght@400;600;700&family=Charm:wght@400;600;700&family=Prompt:wght@400;600;700&family=Montserrat+Alternates:wght@400;600;700&family=Lobster+Two:wght@400;600;700&family=Nunito:wght@400;600;700&family=Comic+Neue:wght@400;600;700&family=Josefin+Slab:wght@400;600;700&family=Open+Sans:wght@400;600;700&family=Arima+Madurai:wght@400;600;700&family=Kaushan+Script:wght@400;600;700&family=UnifrakturMaguntia:wght@400;600;700&family=Big+Shoulders+Display:wght@400;600;700&family=Jost:wght@400;600;700&family=Pinyon+Script:wght@400;600;700&family=Albert+Sans:wght@400;600;700&family=Amatic+SC:wght@400;600;700&family=Big+Shoulders+Inline+Text:wght@400;600;700&family=Outfit:wght@400;600;700&family=Averia+Serif+Libre:wght@400;600;700&family=Tillana:wght@400;600;700&family=Rubik:wght@400;600;700&family=Grenze+Gotisch:wght@400;600;700&family=Almendra:wght@400;600;700&family=Sansita+Swashed:wght@400;600;700&family=Andika:wght@400;600;700&family=Expletus+Sans:wght@400;600;700&family=Atma:wght@400;600;700&family=Mukta+Mahee:wght@400;600;700&family=Baloo+Bhai+2:wght@400;600;700&family=Bellota:wght@400;600;700&family=Alumni+Sans:wght@400;600;700&family=Space+Grotesk:wght@400;600;700&display=swap

Requested by

Host: api.linke.to
URL: https://api.linke.to/js/page.js?5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3c26872902ea84928e02aa13ce26ad60e36da10800e50db5d679668a2982445d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer: https://hexpress.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 07 Jun 2024 10:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 07 Jun 2024 10:21:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 Jun 2024 10:21:49 GMT

GET
H2 200 neIVzD2ms4wxr6GvjeD0X88SHPyX2xYGGS6axq0r.woff2
fonts.gstatic.com/s/averiaseriflibre/v18/ 37 KB
37 KB 153ms
68ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/averiaseriflibre/v18/neIVzD2ms4wxr6GvjeD0X88SHPyX2xYGGS6axq0r.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;600;700&family=Noto+Sans:wght@400;600;700&family=Saira+Condensed:wght@400;600;700&family=Playfair+Display:wght@400;600;700&family=Josefin+Sans:wght@400;600;700&family=Roboto:wght@400;500;700&family=Crimson+Text:wght@400;600;700&family=Inconsolata:wght@400;600;700&family=Libre+Baskerville:wght@400;600;700&family=Klee+One:wght@400;600;700&family=Roboto+Condensed:wght@400;600;700&family=Montserrat:wght@400;500;700&family=Roboto+Mono:wght@400;600;700&family=Edu+SA+Beginner:wght@400;600;700&family=Radley:wght@400;600;700&family=PT+Serif:wght@400;600;700&family=Lato:wght@400;600;700&family=Dancing+Script:wght@400;600;700&family=Charm:wght@400;600;700&family=Prompt:wght@400;600;700&family=Montserrat+Alternates:wght@400;600;700&family=Lobster+Two:wght@400;600;700&family=Nunito:wght@400;600;700&family=Comic+Neue:wght@400;600;700&family=Josefin+Slab:wght@400;600;700&family=Open+Sans:wght@400;600;700&family=Arima+Madurai:wght@400;600;700&family=Kaushan+Script:wght@400;600;700&family=UnifrakturMaguntia:wght@400;600;700&family=Big+Shoulders+Display:wght@400;600;700&family=Jost:wght@400;600;700&family=Pinyon+Script:wght@400;600;700&family=Albert+Sans:wght@400;600;700&family=Amatic+SC:wght@400;600;700&family=Big+Shoulders+Inline+Text:wght@400;600;700&family=Outfit:wght@400;600;700&family=Averia+Serif+Libre:wght@400;600;700&family=Tillana:wght@400;600;700&family=Rubik:wght@400;600;700&family=Grenze+Gotisch:wght@400;600;700&family=Almendra:wght@400;600;700&family=Sansita+Swashed:wght@400;600;700&family=Andika:wght@400;600;700&family=Expletus+Sans:wght@400;600;700&family=Atma:wght@400;600;700&family=Mukta+Mahee:wght@400;600;700&family=Baloo+Bhai+2:wght@400;600;700&family=Bellota:wght@400;600;700&family=Alumni+Sans:wght@400;600;700&family=Space+Grotesk:wght@400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8bf86817a6640963f007f339deb57f8c4e2b282431f92aaa5e64957d5745090d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hexpress.fr
Accept-Language: fr-FR,fr;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Tue, 04 Jun 2024 14:24:34 GMT
x-content-type-options: nosniff
age: 244635
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37772
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:46:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Jun 2025 14:24:34 GMT

GET
H2 200 neIWzD2ms4wxr6GvjeD0X88SHPyX2xYOoguP.woff2
fonts.gstatic.com/s/averiaseriflibre/v18/ 36 KB
37 KB 115ms
30ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/averiaseriflibre/v18/neIWzD2ms4wxr6GvjeD0X88SHPyX2xYOoguP.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0c7758f065f8d31b21083afd8f8e468e9067e19139cb072470c6b289c4a341c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hexpress.fr
Accept-Language: fr-FR,fr;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 07 Jun 2024 04:11:17 GMT
x-content-type-options: nosniff
age: 22232
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37324
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:51:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Jun 2025 04:11:17 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 176ms
92ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hexpress.fr
Accept-Language: fr-FR,fr;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Tue, 04 Jun 2024 14:29:41 GMT
x-content-type-options: nosniff
age: 244328
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Jun 2025 14:29:41 GMT

GET
H2 200 favicon.ico
www.cdnly.org/asset/ 9 KB
1 KB 33ms
33ms Other
image/x-icon 2606:4700:4400::6812:2ae3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cdnly.org/asset/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2ae3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f52b5a60850523bb911d5ce12854dbab116c7636c800f7d825936127076fdfa8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer: https://hexpress.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 07 Jun 2024 10:21:50 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: tx000009e62e72564e16f58-0065f1fd14-e7235a32-fra1b
age: 89
x-envoy-upstream-healthchecked-cluster
last-modified: Wed, 09 Nov 2022 21:53:13 GMT
server: cloudflare
etag: W/"e5b26c77e1dc512367080c985d6d4452"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/x-icon
x-do-cdn-uuid: b63446d1-cf47-4294-9187-19dd04f41040
x-rgw-object-type: Normal
cache-control: max-age=3600
cf-ray: 88ffeae559bc6efc-CDG

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			hexpress.fr/	1969-12-31 23:59:59	Name: KESSID Value: k6acckb00s69lcr2a8d9c18ing
			.www.cdnly.org/	1970-01-20 21:09:17	Name: __cf_bm Value: j5PFKriPJzYMFYQ96FEH3qdLO7hhHz.XOaknw5sdWdc-1717755709-1.0.1.1-7hqmkc9MCSXe86p9Dof1wPlUQedfBIymnYyIiIsDm3UUpTZrZqmedXKgkjpxiU_FgJgTRjMrAujgM0UoRJlQ8Q

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://hexpress.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hexpress.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.linke.to
fonts.googleapis.com
fonts.gstatic.com
hexpress.fr
linketo.fra1.cdn.digitaloceanspaces.com
maps.google.com
t2.gstatic.com
www.cdnly.org
www.google.com
172.217.18.4
172.67.201.102
2606:4700:4400::6812:2ae3
2a00:1450:4001:809::200e
2a00:1450:4001:80b::200a
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2003
62.171.154.121
1aa9bd305a097ac3dc5d78f986e4752134774513a08968b1e976aa17dd6c6ac1
1e4415ad52a4b6302f3c07816ee2c36aca104dc5a1c3ecb42105df9600214a7a
20caf0c21b718c6bdcb00bac06f6b920add0fb35f8d98c7891745a91c92a6bd6
2173c2fa443ed98da2ec5ffe35f80452043596d0afbf30634a88cf2464935aa4
288704ed378252f3c43d73b5c89ed06b37df5667d8005caceb00758163891f87
2ab18aebf611267b5632aa43400194a47883fba3809afa25842a08cace4a9e5b
2edcb8fcfbad1b18af16bb5307dbbf1041fbaacb45d2b3d41f8d95d582007f76
2ffb620b4a449cc7b7cefa70fe7b172b8751f106de437eb12a7e2172329b1748
3c26872902ea84928e02aa13ce26ad60e36da10800e50db5d679668a2982445d
3f093a9f17580f1326a0e5a1a528fde485735a818ef982fa910e3c3034cb48d7
3fd0333226f5adc6cb6345bfad8481bad753187ba7160b1b6261d12ca63cde45
401092feff62976edbbca08c23bd3e75441036e4e43636e2f500181414c82b67
4ece6a17c85d44318bca2334c31a90673a8e23fcf3ea923d315c814009bba639
51bfab1367271216fd85184c5d8275934513798b6f27fc8190246c2ad31811bc
53182fe5e57652234189008985051f79510e7ba93b5506aaa8a1593cc4eb6241
56f0aa14b101146c0ef3c85f6d5b45db2deba2441f8bfa6b78701c56dbbcaed3
6b55eae12689bb4ce7efc235b1eeafd074a27324b663ac442743a547001e6b02
8bf86817a6640963f007f339deb57f8c4e2b282431f92aaa5e64957d5745090d
b0580bca588c081ea7c66d029fd96aeb4de0a7d9685ffa792ad6c574cc0d744d
ea4d156663f575b6b945232e05397dc24cc0d1d20ddb1aa226bce787c23a97fc
effd3b51501b8947e5d87fb0804cccaf8a9bfa9e1ccff522f096bb2a7c95fa2c
f0c7758f065f8d31b21083afd8f8e468e9067e19139cb072470c6b289c4a341c
f46f15dfb6131b1efa26c96d7c4f6a92868e68c0178c5510fb850c6d4e7e63eb
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f52b5a60850523bb911d5ce12854dbab116c7636c800f7d825936127076fdfa8

hexpress.fr Open in urlscan Pro 62.171.154.121 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

26 Requests

100 %HTTPS

63 %IPv6

7 Domains

9 Subdomains

7 IPs

2 Countries

857 kBTransfer

1505 kBSize

2 Cookies

0 Outgoing links

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

2 Cookies

2 Console Messages

Indicators

hexpress.fr Open in urlscan Pro
62.171.154.121 Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

100 %
HTTPS

63 %
IPv6

7
Domains

9
Subdomains

7
IPs

2
Countries

857 kB
Transfer

1505 kB
Size

2
Cookies

26 HTTP transactions
0 data transactions