hexatransfer.com

HTML metadata

Title

HexaTransfer — Send Large Files Securely with End-to-End Encryption

Description

Transfer files up to 10 GB for free with end-to-end encryption. No account required. Your files are encrypted in your browser before upload — no one else can read them.

Language

en

Canonical

https://hexatransfer.com/en

Translations

ar
de
en
es
fr
hi
it
ja
ko
nl
pl
pt
ru
tr
zh

Open Graph

url: https://hexatransfer.com/en
title: HexaTransfer — Send Large Files Securely with End-to-End Encryption
locale: en
site name: HexaTransfer
description: Transfer files up to 10 GB for free with end-to-end encryption. No account required. Your files are encrypted in your browser before upload — no one else can read them.

Technology

Server: nginx

Registration

Registrar

Realtime Register B.V.

Created

2026-03-22

Expires

2027-03-22 305 days left

Updated

2026-03-22

Name servers

ns1.gaprod.fr
ns2.gaprod.fr

DNS records live

NS

ns1.cp1.gaprod.fr
ns2.cp1.gaprod.fr

Verified for

Google

Email authentication no MX

SPF

v=spf1 ip4:5.135.210.9 -all

strict (-all)

DMARC

v=DMARC1; p=quarantine; rua=mailto:billy.rousseau@dwenolagroup.com; adkim=s; aspf=s

policy: quarantine

DKIM

default: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyhyKDiBsYIXsV4u6w99mYJnUhrHABHCaySZCRangaUE9joCIgceG0wxHgJiQmO7eADlPlfVW5FICGJ…
mail: v=DKIM1; h=sha256; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA18GU6tWdVVhJgNH0mCIlmdI4lqrh0U3OdVcYa4qYvMu9H117OjsoK2GAJ4HRctGn7ip8…

selectors probed

Certificate (current)

E8

from 2026-04-11 to 2026-07-10

Expires in 50 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://hexatransfer.com/en

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
weak frame protection
weak content type protection

Header values

referrer-policy: no-referrer, no-referrer
x-frame-options: DENY, DENY
permissions-policy: camera=(), microphone=(), geolocation=()
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; font-src 'self' data:; img-src 'self' data:; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self'
strict-transport-security: max-age=63072000; includeSubDomains; preload

Links to (1)

gaprod.fr×1

Linked from (2)

dwenola.com×1
gaprod.fr×1