hexens.io

HTML metadata

Title

Blockchain Security & Smart Contract Audit Services | Hexens

Description

Hexens is the blockchain security firm trusted by protocols that can't afford to get hacked. 200+ engagements. Zero client exploits. Request a quote today.

Language

en

Canonical

https://hexens.io

Feeds

Open Graph

title: Hexens — Elite Cybersecurity for Blockchain and Emerging Technology
description: The blockchain security firm trusted by the protocols that can't afford to get hacked. Two teams per engagement. 300+ audits. Zero client exploits — ever.

Technology

CDN: Cloudflare
CMS: Next.js

Analytics

Cloudflare Insights

Third-party hosts loaded (1)

static.cloudflareinsights.com×1

Social

Contact

Email

Address

71-75 Shelton Street, Covent Garden, WC2H 9JQ, London, GB

DNS records live

NS

johnny.ns.cloudflare.com
maxine.ns.cloudflare.com

MX

1 aspmx.l.google.com
10 alt3.aspmx.l.google.com
10 alt4.aspmx.l.google.com
5 alt1.aspmx.l.google.com
5 alt2.aspmx.l.google.com

TXT

Show 6 TXT records

atlassian-domain-verification=kwAkIDuqnh91qguCOhFpvCf8bSEe2d/ZWH3ypIKCrdSeyLyqED2fHeEU7amgqpUX
atlassian-sending-domain-verification=35459d82-8773-4d00-8069-cbde652cdf67
google-site-verification=Gzu_2SNJhVnRjOTipNxzBHAwDoTHJW8AxTfFgMNrUlI
google-site-verification=VYzlwDvu4Qqi-iruS9XoTjJ9N6jzsG-xXAKXLIGgd_k
D1860583
anthropic-domain-verification-jka7c2=ZYZoQYEj9AcBQX1CBlsGAmk72

Email authentication strong

SPF

v=spf1 mx a include:_spf.google.com ~all

softfail (~all)

DMARC

v=DMARC1;p=reject;pct=100;rua=mailto:dmarc@s8gwjjhg.uriports.com; ruf=mailto:dmarc@s8gwjjhg.uriports.com;fo=1:d:s;

policy: reject (enforced)

DKIM

google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxiY5E6LCw9hDOFm5dVUPgyl1wMu/LZfPUJsHNZyP2r4UpoEt8XoIYtsJ56TiqS61sFTINNV8SZASD5…
k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…

selectors probed

Certificate (current)

WE1

from 2026-03-25 to 2026-06-23

Expires in 35 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://hexens.io/

present

strict-transport-security
content-security-policy
content-security-policy-report-only
x-content-type-options
permissions-policy
cross-origin-opener-policy
cross-origin-embedder-policy

findings

short HSTS max-age
missing frame protection
missing Referrer Policy

Header values

permissions-policy: geolocation=(), camera=(), microphone=()
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=2592000; includeSubDomains; preload
cross-origin-opener-policy: unsafe-none
cross-origin-embedder-policy: unsafe-none
content-security-policy-report-only: default-src 'self'; frame-src 'self' https://www.googletagmanager.com https://td.doubleclick.net https://challenges.cloudflare.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.googletagmanager.com https://static.cloudflareinsights.com https://challenges.cloudflare.com; style-src 'self' 'unsafe-inline' www.gstatic.com; img-src 'self' https://*.hexens.io www.googletagmanager.com blob: data:; font-src 'self'; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors 'self'; connect-src 'self' https://*.google-analytics.com https://*.ingest.sentry.io https://glide.r.xyz https://*.cloudflare.com; report-to default; report-uri https://s8gwjjhg.uriports.com/reports/report;

Links to (14)

Linked from (1)

chain4travel.com×2