URL: https://hexa.watch/0.13535491929679
Submission: On May 25 via api from US — Scanned from FR

Summary

This website contacted 8 IPs in 4 countries across 7 domains to perform 24 HTTP transactions. The main IP is 172.67.160.42, located in United States and belongs to CLOUDFLARENET, US. The main domain is hexa.watch. The Cisco Umbrella rank of the primary domain is 745880.
TLS certificate: Issued by WE1 on April 13th 2025. Valid for: 3 months.
This is the only time hexa.watch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 172.67.160.42 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.21.5.190 13335 (CLOUDFLAR...)
2 139.45.196.64 9002 (RETN-AS R...)
1 142.250.184.195 15169 (GOOGLE)
1 172.64.146.234 13335 (CLOUDFLAR...)
24 8
Apex Domain
Subdomains
Transfer
16 hexa.watch
hexa.watch — Cisco Umbrella Rank: 745880
hello.hexa.watch
564 KB
2 x3os.com
x3os.com — Cisco Umbrella Rank: 26759
5 KB
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 7918
507 B
1 gstatic.com
fonts.gstatic.com
47 KB
1 bvtpk.com
bvtpk.com — Cisco Umbrella Rank: 75367
42 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 54
1 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 605
7 KB
24 7
Domain Requested by
13 hexa.watch hexa.watch
static.cloudflareinsights.com
3 hello.hexa.watch hexa.watch
hello.hexa.watch
2 x3os.com bvtpk.com
1 my.rtmark.net bvtpk.com
1 fonts.gstatic.com fonts.googleapis.com
1 bvtpk.com hexa.watch
1 fonts.googleapis.com hexa.watch
1 static.cloudflareinsights.com hexa.watch
24 8

This site contains no links.

Subject Issuer Validity Valid
hexa.watch
WE1
2025-04-13 -
2025-07-12
3 months crt.sh
cloudflareinsights.com
WE1
2025-04-27 -
2025-07-26
3 months crt.sh
upload.video.google.com
WE2
2025-04-29 -
2025-07-22
3 months crt.sh
bvtpk.com
WE1
2025-05-14 -
2025-08-12
3 months crt.sh
x3os.com
R10
2025-04-22 -
2025-07-21
3 months crt.sh
*.gstatic.com
WE2
2025-04-29 -
2025-07-22
3 months crt.sh
my.rtmark.net
WE1
2025-05-02 -
2025-07-31
3 months crt.sh

This page contains 1 frames:

Primary Page: https://hexa.watch/0.13535491929679
Frame ID: 2492DD4918F237DADF333BE386AA432E
Requests: 23 HTTP requests in this frame

Screenshot

Page Title

404 - Page Not Found | Hexa Watch

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Page Statistics

24
Requests

96 %
HTTPS

29 %
IPv6

7
Domains

8
Subdomains

8
IPs

4
Countries

668 kB
Transfer

2302 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 0.13535491929679
hexa.watch/
6 KB
3 KB
Document
General
Full URL
https://hexa.watch/0.13535491929679
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53c8badeabef4db613b150bc774fd0cdbcd647c2301f8a1befb07676d428b950

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
94529bb9cadb02d5-CDG
content-encoding
zstd
content-type
text/html
date
Sun, 25 May 2025 05:24:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FIYz3lzl8BNXcetl4YCyp7iw0g0BqUnMp7wfwbTHOE17mX7j%2FL1AJ9MY9ze6kFpDqMR%2BFngQG89F%2B05GFISqNx6hhcm6v5ZEKedQiDhuCil6O1eviL81ozmwXZBs"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfCacheStatus;desc="DYNAMIC" cfL4;desc="?proto=QUIC&rtt=15891&min_rtt=14866&rtt_var=3292&sent=10&recv=11&lost=0&retrans=0&sent_bytes=3640&recv_bytes=3342&delivery_rate=176099&cwnd=12000&unsent_bytes=0&cid=dc878e37a3d71e2a&ts=114&x=80"
speculation-rules
"/cdn-cgi/speculation"
vary
Origin accept-encoding
speculation
hexa.watch/cdn-cgi/
128 B
750 B
Other
General
Full URL
https://hexa.watch/cdn-cgi/speculation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://hexa.watch
Referer
https://hexa.watch/0.13535491929679

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules
"/cdn-cgi/speculation"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FHIV09i6UWSTbc38TbagfyvSD%2Bx8SYUCu%2FktGOCxJ9WUIITL5V0ap%2BbzwwEv7w%2Fgc0AvF65KBT6pG%2FoCTLb%2F1Nr%2B0wTUsHwycQ3kYiTiRlyV47VoDaIYl%2Fm11amj"}],"group":"cf-nel","max_age":604800}
cf-ray
94529bba8adc02d5-CDG
access-control-allow-origin
https://hexa.watch
alt-svc
h3=":443"; ma=86400
content-length
128
server-timing
cfL4;desc="?proto=QUIC&rtt=15720&min_rtt=14866&rtt_var=2147&sent=18&recv=18&lost=0&retrans=0&sent_bytes=6569&recv_bytes=5105&delivery_rate=186964&cwnd=12000&unsent_bytes=0&cid=dc878e37a3d71e2a&ts=156&x=80"
date
Sun, 25 May 2025 05:24:45 GMT
content-type
application/speculationrules+json
vary
Origin, Accept-Encoding
server
cloudflare
react-vendor-3id7yE0M-1748041315611.js
hexa.watch/assets/js/
158 KB
52 KB
Script
General
Full URL
https://hexa.watch/assets/js/react-vendor-3id7yE0M-1748041315611.js
Requested by
Host: hexa.watch
URL: https://hexa.watch/0.13535491929679
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c3b2552af77d8456fae9ede88b6c73d804e424468467b84b34591241ced86d8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://hexa.watch
Referer
https://hexa.watch/0.13535491929679

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=10800
content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"161402-1748041396507"
speculation-rules
"/cdn-cgi/speculation"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WGc%2FdAbkhnRQ5QP5PJo1h%2FWNLxh7oYieTWv08sFuW1ApCzBZzH1a%2BgmATI5zuUp02%2FZSwpF5GLjnw7IPoXUCbjgx%2FROtivhjqZG4bdJGnx6UyBNQo3c42uP%2B0e%2Bq"}],"group":"cf-nel","max_age":604800}
cf-ray
94529bba8add02d5-CDG
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=15720&min_rtt=14866&rtt_var=2147&sent=31&recv=19&lost=0&retrans=0&sent_bytes=18592&recv_bytes=5411&delivery_rate=186964&cwnd=12000&unsent_bytes=0&cid=dc878e37a3d71e2a&ts=175&x=80"
date
Sun, 25 May 2025 05:24:45 GMT
content-type
text/javascript
last-modified
Fri, 23 May 2025 23:03:16 GMT
vary
Origin, accept-encoding
server
cloudflare
ui-vendor-DTB4_ESJ-1748041315611.js
hexa.watch/assets/js/
78 KB
27 KB
Script
General
Full URL
https://hexa.watch/assets/js/ui-vendor-DTB4_ESJ-1748041315611.js
Requested by
Host: hexa.watch
URL: https://hexa.watch/0.13535491929679
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
520909111e747a2aeb0315d7daf14cbfe010e91b79ba558b6419bb2313754ff1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://hexa.watch
Referer
https://hexa.watch/0.13535491929679

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=10800
content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"80219-1748041396515"
speculation-rules
"/cdn-cgi/speculation"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jqhHVmxSpq48%2FJLSfPKGhMrwZLgrKu%2BZsepZq7bHG%2B7Is0TqTiuhYBey6PoDChPYsw%2FizOA4zLqBA21mdPeySfejbbWr8dZMvu0rD1YBS0LfzF04oDvfMnF%2BORH0"}],"group":"cf-nel","max_age":604800}
cf-ray
94529bba8ae002d5-CDG
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=19059&min_rtt=14866&rtt_var=5927&sent=40&recv=22&lost=0&retrans=0&sent_bytes=28654&recv_bytes=5540&delivery_rate=203539&cwnd=16800&unsent_bytes=0&cid=dc878e37a3d71e2a&ts=186&x=80"
date
Sun, 25 May 2025 05:24:45 GMT
content-type
text/javascript
last-modified
Fri, 23 May 2025 23:03:16 GMT
vary
Origin, accept-encoding
server
cloudflare
utils-vendor-CBjSPeJR-1748041315611.js
hexa.watch/assets/js/
168 KB
55 KB
Script
General
Full URL
https://hexa.watch/assets/js/utils-vendor-CBjSPeJR-1748041315611.js
Requested by
Host: hexa.watch
URL: https://hexa.watch/0.13535491929679
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a26ada860568c552de4aa0bce7c69fbb5698d593445ca88eac41cfd3fd2efa63

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://hexa.watch
Referer
https://hexa.watch/0.13535491929679

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=10800
content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"171701-1748041396511"
speculation-rules
"/cdn-cgi/speculation"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K3F0G975V9hp4pG15apz1PzO1EkGWdthIc31VadfDdHkHDYgYCDvcF65A67EW7H7%2BEgFDXffxW%2FsaJrnZh007slh1u1NAlxG54z6TYP0HJjweKV6hFngsdMJw8uj"}],"group":"cf-nel","max_age":604800}
cf-ray
94529bba8ade02d5-CDG
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=15720&min_rtt=14866&rtt_var=2147&sent=25&recv=19&lost=0&retrans=0&sent_bytes=11854&recv_bytes=5411&delivery_rate=186964&cwnd=12000&unsent_bytes=0&cid=dc878e37a3d71e2a&ts=173&x=80"
date
Sun, 25 May 2025 05:24:45 GMT
content-type
text/javascript
last-modified
Fri, 23 May 2025 23:03:16 GMT
vary
Origin, accept-encoding
server
cloudflare
index-DfbuzrSc-1748041315611.css
hexa.watch/assets/css/
153 KB
25 KB
Stylesheet
General
Full URL
https://hexa.watch/assets/css/index-DfbuzrSc-1748041315611.css
Requested by
Host: hexa.watch
URL: https://hexa.watch/0.13535491929679
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff7866c2f4aa33675af11580c62e6d57259e2755917868fe5a39d41fdc4fa7d2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://hexa.watch
Referer
https://hexa.watch/0.13535491929679

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=10800
content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"156421-1748041396503"
speculation-rules
"/cdn-cgi/speculation"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hU5cxSl8zGw2GhaxXzuNoMAs0wyHdtPYs8iq8vRkhUNEXWhIehrneVV5fRdDfcEIeJaqysw%2BozRTK5hS8FVnie5LpTcRTaVvZU3sAZfi76t03ctM98FsaboLmX%2F8"}],"group":"cf-nel","max_age":604800}
cf-ray
94529bba8adf02d5-CDG
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=19059&min_rtt=14866&rtt_var=5927&sent=40&recv=22&lost=0&retrans=0&sent_bytes=28654&recv_bytes=5540&delivery_rate=203539&cwnd=16800&unsent_bytes=0&cid=dc878e37a3d71e2a&ts=185&x=80"
date
Sun, 25 May 2025 05:24:45 GMT
content-type
text/css
last-modified
Fri, 23 May 2025 23:03:16 GMT
vary
Origin, accept-encoding
server
cloudflare
rocket-loader.min.js
hexa.watch/cdn-cgi/scripts/7d0fa10a/cloudflare-static/
12 KB
4 KB
Script
General
Full URL
https://hexa.watch/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: hexa.watch
URL: https://hexa.watch/0.13535491929679
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://hexa.watch/0.13535491929679

Response headers

cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
etag
W/"682eb544-302c"
speculation-rules
"/cdn-cgi/speculation"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xTCk7cgN8wQIxU5D9GnPzMuiPlb57UhDr%2FKovFEjw%2BZ4mIdKQ4hJgrsz%2Bt22lVWRKzuLJCokKTTbMeVk8NXppO2IvCaB%2BvfLQlzJDzSgR9%2FP%2B54uJ8zqi3CyigfL"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
94529bba9ae102d5-CDG
expires
Tue, 27 May 2025 05:24:45 GMT
date
Sun, 25 May 2025 05:24:45 GMT
content-type
application/javascript
last-modified
Thu, 22 May 2025 05:25:24 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
DENY
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/
19 KB
7 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: hexa.watch
URL: https://hexa.watch/0.13535491929679
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://hexa.watch
Referer
https://hexa.watch/

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2024.6.1"
cross-origin-resource-policy
cross-origin
cf-ray
94529bbaccb4d611-CDG
access-control-allow-origin
*
date
Sun, 25 May 2025 05:24:45 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
vary
Accept-Encoding
server
cloudflare
css2
fonts.googleapis.com/
14 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@200;300;400;500;600;700&display=swap
Requested by
Host: hexa.watch
URL: https://hexa.watch/assets/css/index-DfbuzrSc-1748041315611.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6d19f505e1487f568ee8fecf1a7b0ce6b1030739833a116e6c890ac75f23fc3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://hexa.watch/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 25 May 2025 05:24:46 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 25 May 2025 05:24:46 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sun, 25 May 2025 03:25:56 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
registerSW.js
hexa.watch/
134 B
790 B
Script
General
Full URL
https://hexa.watch/registerSW.js
Requested by
Host: hexa.watch
URL: https://hexa.watch/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9742073ef7fc795e7673d98f272992843298426a0ffd8cb3507784df5143608b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://hexa.watch/0.13535491929679

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=10800
content-encoding
zstd
cf-cache-status
REVALIDATED
etag
W/"134-1748041396503"
speculation-rules
"/cdn-cgi/speculation"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IHJHzpW7QKuEu7yf7UsEmG96GlPh3ASWpMOH%2FwHqmLjVOELyKeotQSB5Lrx40VAyXVldsxKTf5Bi1E6TdYi0OaqfY0O26Mlbm5lNpOQNYbLIhuGBUtEUjKgfAyqs"}],"group":"cf-nel","max_age":604800}
cf-ray
94529bbc1ae302d5-CDG
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=15730&min_rtt=14688&rtt_var=435&sent=178&recv=77&lost=0&retrans=0&sent_bytes=180388&recv_bytes=8809&delivery_rate=4796515&cwnd=92400&unsent_bytes=0&cid=dc878e37a3d71e2a&ts=426&x=80"
date
Sun, 25 May 2025 05:24:46 GMT
content-type
text/javascript
last-modified
Fri, 23 May 2025 23:03:16 GMT
vary
Origin, Accept-Encoding
server
cloudflare
index-BVt_gRsA-1748041315611.js
hexa.watch/assets/js/
0
0

script.js
hello.hexa.watch/
3 KB
2 KB
Script
General
Full URL
https://hello.hexa.watch/script.js
Requested by
Host: hexa.watch
URL: https://hexa.watch/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c376228742ceac455f8061c197b54bff05c6f86566e9a67f91ebb54f1fd661df
Security Headers
Name Value
Content-Security-Policy default-src 'self';img-src * data:;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self' undefined

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://hexa.watch/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"a17-1952c1ea628"
age
81554
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uG0FV29Ow17QB8cf0Fl48w7G86uSPNFpjA%2Fir4cz70H1Oc0zwW%2F%2F8CDYG8BW%2BXLMnuxVwoBbhzguMt0OwGJOauYnbmDYXLXvBwHxN2hNt4onCZ7xdd6Y4ee02NzCM9%2FaLR9t"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=15730&min_rtt=14688&rtt_var=435&sent=175&recv=77&lost=0&retrans=0&sent_bytes=177948&recv_bytes=8809&delivery_rate=4796515&cwnd=92400&unsent_bytes=0&cid=dc878e37a3d71e2a&ts=425&x=80"
date
Sun, 25 May 2025 05:24:46 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Sat, 22 Feb 2025 05:26:01 GMT
vary
Accept-Encoding
x-served-by
hello.hexa.watch
content-security-policy
default-src 'self';img-src * data:;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self' undefined
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
public, max-age=86400, must-revalidate
x-dns-prefetch-control
on
speculation-rules
"/cdn-cgi/speculation"
cf-ray
94529bbc2ae402d5-CDG
access-control-allow-origin
*
server
cloudflare
tag.min.js
bvtpk.com/
100 KB
42 KB
Script
General
Full URL
https://bvtpk.com/tag.min.js
Requested by
Host: hexa.watch
URL: https://hexa.watch/0.13535491929679
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f1a56d473f278998911bea621a90b668158b512fb86f7729024201dfc81ab9a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://hexa.watch/

Response headers

access-control-max-age
86400
content-encoding
gzip
cf-cache-status
HIT
age
1553
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9iH6HUNW66GkuMoa8XLA7VDkM%2B7M1MOp7%2BWfS8LY21lLPQxaV1TcsEwZLwO7kqPZlYl%2FaWcHYujHQ%2Bj28gXHYp0w6f%2BNOxfB2RYOCLxpItXQR9Vx515lGF2d74Y%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=15132&min_rtt=14994&rtt_var=5900&sent=9&recv=7&lost=0&retrans=0&sent_bytes=3606&recv_bytes=3051&delivery_rate=177372&cwnd=12000&unsent_bytes=0&cid=089d9936553383c8&ts=34&x=80"
date
Sun, 25 May 2025 05:24:46 GMT
content-type
application/javascript
last-modified
Sun, 25 May 2025 04:58:52 GMT
vary
accept-encoding
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
public, max-age=600, s-maxage=1800
timing-allow-origin
*
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
x-trace-id
1fe63d41bb4587f4db10347b1cb50602
cf-ray
94529bbc8adda105-CDG
access-control-allow-origin
*
server
cloudflare
icon-192.png
hexa.watch/pwa/
5 KB
2 KB
Other
General
Full URL
https://hexa.watch/pwa/icon-192.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b72d152b568a028093567eddef23c106475894736caa986961a31240ab709dd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://hexa.watch/0.13535491929679

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=10800
content-encoding
zstd
cf-cache-status
REVALIDATED
speculation-rules
"/cdn-cgi/speculation"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JAh5O2Pu3DQH2%2FyLQ6d9jMv7Zas20VzB%2FSlMz70GhKk6JNRvNBR99dAeTiYCd24uAhcVBthPolO3u4S600DzE%2FGkGn3ntNJlE3DF%2B0RtbvU5fgLGMFp23o0uE0oW"}],"group":"cf-nel","max_age":604800}
cf-ray
94529bbc6ae502d5-CDG
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=15764&min_rtt=14688&rtt_var=964&sent=579&recv=108&lost=0&retrans=0&sent_bytes=654396&recv_bytes=10850&delivery_rate=8573857&cwnd=199200&unsent_bytes=0&cid=dc878e37a3d71e2a&ts=474&x=80"
date
Sun, 25 May 2025 05:24:46 GMT
content-type
text/html
vary
Origin, accept-encoding
server
cloudflare
index-BVt_gRsA-1748041315611.js
hexa.watch/assets/js/
1 MB
372 KB
Script
General
Full URL
https://hexa.watch/assets/js/index-BVt_gRsA-1748041315611.js
Requested by
Host: hexa.watch
URL: https://hexa.watch/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
878c6a8208148533f8af72fbbf9805724783a1a44291cac4b4d82312e9a4e723

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://hexa.watch
Referer
https://hexa.watch/0.13535491929679

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=10800
content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"1457220-1748041396515"
speculation-rules
"/cdn-cgi/speculation"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ngy59NDTA059QQogI%2Bq%2FgNSZREoUGobeXwxpxSpZdB5HGnWtQ0wJ08edbzwvAY6yGXZ38HrtSgTcEOe0BXPoPEvUb1taivaqjHzXv%2FL3usen0cmYM%2BO39nJVYEuz"}],"group":"cf-nel","max_age":604800}
cf-ray
94529bbc6ae602d5-CDG
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=15423&min_rtt=14688&rtt_var=374&sent=412&recv=107&lost=0&retrans=0&sent_bytes=455222&recv_bytes=10802&delivery_rate=8880678&cwnd=193200&unsent_bytes=0&cid=dc878e37a3d71e2a&ts=468&x=80"
date
Sun, 25 May 2025 05:24:46 GMT
content-type
text/javascript
last-modified
Fri, 23 May 2025 23:03:16 GMT
vary
Origin, accept-encoding
server
cloudflare
favicon.ico
hexa.watch/
103 KB
13 KB
Other
General
Full URL
https://hexa.watch/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21e7ca1eb1ed414362d1d691ec77fae0f9bcf18a2aad1283e3e5f86d21bdeb33

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://hexa.watch/0.13535491929679

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=10800
content-encoding
zstd
cf-cache-status
REVALIDATED
etag
W/"105677-1748041354626"
speculation-rules
"/cdn-cgi/speculation"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=99APzYgwOLFmIC0lW3OB6cvZkQifSy8oXe%2FQ3V8UlpVKi7EHYVG9kdv2dxxZDK1KUBta71ozyGkK467MGFU8yKLI8oFDFrQCbY9eixJRoozfDPsHZanI51jY601U"}],"group":"cf-nel","max_age":604800}
cf-ray
94529bbccae702d5-CDG
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=15409&min_rtt=14688&rtt_var=300&sent=744&recv=145&lost=0&retrans=0&sent_bytes=847198&recv_bytes=12875&delivery_rate=15355951&cwnd=342000&unsent_bytes=0&cid=dc878e37a3d71e2a&ts=543&x=80"
date
Sun, 25 May 2025 05:24:46 GMT
content-type
image/x-icon
last-modified
Fri, 23 May 2025 23:02:34 GMT
vary
Origin, Accept-Encoding
server
cloudflare
/
x3os.com/5/9365999/
4 KB
3 KB
XHR
General
Full URL
https://x3os.com/5/9365999/?oo=1&js_build=iclick-v1.1138.0&dmn=bvtpk.com&tt=2&ix=0
Requested by
Host: bvtpk.com
URL: https://bvtpk.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.196.64 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
90c832b8a43ad6b6f3d765a9ee1f477e808164ec8c572b38e7eee21a8c947920

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://hexa.watch/

Response headers

access-control-max-age
86400
content-encoding
gzip
access-control-allow-methods
GET, POST, OPTIONS
expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
date
Sun, 25 May 2025 05:24:46 GMT
content-type
application/json
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch"
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma
no-cache, no-cache
access-control-allow-credentials
true
x-trace-id
54e9840f30f15ac298ad07cfaccd0d93
access-control-allow-origin
https://hexa.watch
server
nginx
send
hello.hexa.watch/api/
319 B
1 KB
Fetch
General
Full URL
https://hello.hexa.watch/api/send
Requested by
Host: hello.hexa.watch
URL: https://hello.hexa.watch/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc44101bc1e3822a5866846c00d835893e183a389b7cdf254b65939faba33f39
Security Headers
Name Value
Content-Security-Policy default-src 'self';img-src * data:;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self' undefined

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://hexa.watch/

Response headers

access-control-max-age
86400
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vduOyfLeKJH7293w%2FO%2FqyRNkLN8ufPt4vfrALI0BHImgDLpgBaWfcXQdz2WGJkSRWS517g42Ak2CHNU0t%2FchetdITYmwWPagGzA9SjyFNiqH1B4b%2FcY3ftdgZdB0BmNAZgcO"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, DELETE, POST, PUT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=17841&min_rtt=15239&rtt_var=3463&sent=14&recv=14&lost=0&retrans=0&sent_bytes=4663&recv_bytes=3914&delivery_rate=147585&cwnd=12000&unsent_bytes=0&cid=52337b404d74401e&ts=265&x=80"
date
Sun, 25 May 2025 05:24:46 GMT
content-type
application/json
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Router-Segment-Prefetch
x-served-by
hello.hexa.watch
access-control-allow-headers
*
content-security-policy
default-src 'self';img-src * data:;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self' undefined
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control
on
cf-ray
94529bbfcab46f8a-CDG
access-control-allow-origin
*
server
cloudflare
rum
hexa.watch/cdn-cgi/
0
140 B
XHR
General
Full URL
https://hexa.watch/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
application/json
Referer
https://hexa.watch/0.13535491929679

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-methods
POST,OPTIONS
cf-ray
94529bbe7ae802d5-CDG
access-control-allow-origin
https://hexa.watch
date
Sun, 25 May 2025 05:24:46 GMT
vary
Origin
server
cloudflare
x-frame-options
DENY
UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
fonts.gstatic.com/s/inter/v18/
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@200;300;400;500;600;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
sffe /
Resource Hash
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://hexa.watch
Referer
https://fonts.googleapis.com/

Response headers

age
120496
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 23 May 2026 19:56:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 23 May 2025 19:56:30 GMT
last-modified
Mon, 29 Jul 2024 22:51:01 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48444
x-xss-protection
0
server
sffe
hexa-logo.png
hexa.watch/
5 KB
6 KB
Image
General
Full URL
https://hexa.watch/hexa-logo.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf57a0a00b3080fb808c5ddcf92a2c4293164f719882d291faa234ca8e3e6fe8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://hexa.watch/0.13535491929679

Response headers

cf-cache-status
HIT
etag
W/"5485-1748041354638"
age
6100
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x5uzzbUd4b8%2FTOAvnmpcc69Z8s5IsmB%2F%2FjaH3tjbLQ2tZXKkYGADF0pu2Ts7omE4ic96dGn0y9wrkzPyeItsHaZM26K9SqywOStgwvhh3YscZOOKjlBP1UHxRyfV"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=15666&min_rtt=14688&rtt_var=850&sent=764&recv=151&lost=0&retrans=0&sent_bytes=861054&recv_bytes=15537&delivery_rate=15355951&cwnd=342000&unsent_bytes=0&cid=dc878e37a3d71e2a&ts=802&x=80"
date
Sun, 25 May 2025 05:24:46 GMT
content-type
image/png
last-modified
Fri, 23 May 2025 23:02:34 GMT
vary
Origin, Accept-Encoding
cache-control
max-age=10800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules
"/cdn-cgi/speculation"
cf-ray
94529bbe8ae902d5-CDG
accept-ranges
bytes
content-length
5485
server
cloudflare
send
hello.hexa.watch/api/
0
0
Preflight
General
Full URL
https://hello.hexa.watch/api/send
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';img-src * data:;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self' undefined

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://hexa.watch
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET, DELETE, POST, PUT
access-control-allow-origin
*
access-control-max-age
86400
allow
OPTIONS, POST
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
94529bbf2ab36f8a-CDG
content-security-policy
default-src 'self';img-src * data:;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self' undefined
date
Sun, 25 May 2025 05:24:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mvqo4UY00e45VN2peYcDa0KP2fTNR7lZ9Bw7bzUUGdMHlVmRJsH4XZCyABgHCv061emUSnpMxjzlbTegK9Mu56JwFbMM8POmQAXtM9jzmPb%2BtM6JPzo%2FhmQxnT3Bgghh1eCU"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=17924&min_rtt=15239&rtt_var=4395&sent=11&recv=12&lost=0&retrans=0&sent_bytes=3693&recv_bytes=3309&delivery_rate=147585&cwnd=12000&unsent_bytes=0&cid=52337b404d74401e&ts=197&x=80"
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Router-Segment-Prefetch
x-dns-prefetch-control
on
x-served-by
hello.hexa.watch
gid.js
my.rtmark.net/
65 B
507 B
XHR
General
Full URL
https://my.rtmark.net/gid.js?userId=0081d4d5426d465beaa6b37f0fb118f6
Requested by
Host: bvtpk.com
URL: https://bvtpk.com/tag.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.234 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7002383cad672e70e89d02bd388bbfb53dcb84585cf6db836d4596950d6ba5b8
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://hexa.watch/

Response headers

access-control-expose-headers
Authorization
content-encoding
gzip
cf-cache-status
DYNAMIC
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sun, 25 May 2025 05:24:46 GMT
content-type
application/json; charset=utf-8
priority
u=1,i
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security
max-age=1
timing-allow-origin
*
access-control-allow-credentials
true
cf-ray
94529bc04c7c9ee6-CDG
access-control-allow-origin
https://hexa.watch
server
cloudflare
/
x3os.com/
3 KB
3 KB
Fetch
General
Full URL
https://x3os.com/?rb=2e-xNUC6XHTUm4nfOpTJFE3LfS24GWoW-AREte7T3pyTDuAMshaB_p8-VmCBVZZEx9l7KJg1tXQ7Pmh1-8APJKZ0b1iRS-13c2okheO7lVY4_4xlF2p4X_BlR52f8UYgL0i-6IEhyPRUrr6hFw8ldG4QCSylSiDYVGvrRxPfCvbquF3hd_cNZV8IzrnU8sJbnigkpklpeu_K_yj38VMYqYsDVhRnIyYScV3eHlMGb-_bLaGtTA3enZHS4uk65BS8l4sLWA9KjRWEWEWy9SXUbx8tUIOTAUxnQM7W4Y3bKQYoZI54rhUsT6NFX9dbEQLvCq0u5SCZNmE%3D&request_ab2=0&zoneid=9365999&js_build=iclick-v1.1138.0&jsp=1&fs=0&cf=0&sw=1600&sh=1200&wih=1200&wiw=1600&ww=1600&wh=1285&sah=1200&wx=1570&wy=1170&cw=1600&wfc=0&pl=https%3A%2F%2Fhexa.watch%2F0.13535491929679&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&btz=Europe%2FParis&bto=-120&tt=2&wgl=Intel%20Iris%20OpenGL%20Engine&js_build=iclick-v1.1138.0&navlng=fr-FR&vsbl=true&pnt=0&pnrc=0&bml=1&bmi=1&bs=7e13e2bf-8e9e-4dff-9114-2813b33324b5&wasm=1&userId=0081d4d5426d465beaa6b37f0fb118f6&is_mobile=false&m=link
Requested by
Host: bvtpk.com
URL: https://bvtpk.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.196.64 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
ce64ecf3f783c0dc4485382c8675ffedbc94033a9de22e3c74d12fc599627475
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://hexa.watch/

Response headers

access-control-max-age
86400
content-encoding
gzip
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
expires
Tue, 11 Jan 1994 10:00:00 GMT
date
Sun, 25 May 2025 05:24:46 GMT
content-type
application/json
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
strict-transport-security
max-age=1
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*, *
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma
no-cache
access-control-allow-credentials
true
x-trace-id
d5bf41009039b529f96b7cbd88ca8cc1
access-control-allow-origin
https://hexa.watch
server
nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hexa.watch
URL
https://hexa.watch/assets/js/index-BVt_gRsA-1748041315611.js

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| __cfQR object| __cfBeacon function| checkAndLoadAds boolean| __cfRLUnblockHandlers object| umami object| aae1032s51g object| zfgformats object| __ds3dcv__ object| i1jaj1t6zz object| zfgstorage function| onClickTrigger boolean| zfgloadedpopup string| __reactRouterVersion object| __mediaSourceObjects boolean| MotionIsMounted boolean| zfgonclickfirst function| _8k7n32lppge object| syncCallbacks string| isSyncing

5 Cookies

Domain/Path Name / Value
x3os.com/ Name: OAID
Value: 0081d4d5426d465beaa6b37f0fb118f6
x3os.com/ Name: oaidts
Value: 1748150686
my.rtmark.net/ Name: ID
Value: 0081d4d5426d465beaa6b37f0fb118f6
hexa.watch/ Name: prefetchAd_9365999
Value: true
x3os.com/ Name: syncedCookie
Value: true

2 Console Messages

Source Level URL
Text
rendering warning URL: https://hexa.watch/0.13535491929679
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A040EF17FC260000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://hexa.watch/0.13535491929679
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A000F017FC260000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bvtpk.com
fonts.googleapis.com
fonts.gstatic.com
hello.hexa.watch
hexa.watch
my.rtmark.net
static.cloudflareinsights.com
x3os.com
hexa.watch
104.21.5.190
139.45.196.64
142.250.184.195
172.64.146.234
172.67.160.42
2606:4700::6810:4f49
2a00:1450:4001:800::200a
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
21e7ca1eb1ed414362d1d691ec77fae0f9bcf18a2aad1283e3e5f86d21bdeb33
520909111e747a2aeb0315d7daf14cbfe010e91b79ba558b6419bb2313754ff1
53c8badeabef4db613b150bc774fd0cdbcd647c2301f8a1befb07676d428b950
6d19f505e1487f568ee8fecf1a7b0ce6b1030739833a116e6c890ac75f23fc3b
7002383cad672e70e89d02bd388bbfb53dcb84585cf6db836d4596950d6ba5b8
7b72d152b568a028093567eddef23c106475894736caa986961a31240ab709dd
7c3b2552af77d8456fae9ede88b6c73d804e424468467b84b34591241ced86d8
7f1a56d473f278998911bea621a90b668158b512fb86f7729024201dfc81ab9a
878c6a8208148533f8af72fbbf9805724783a1a44291cac4b4d82312e9a4e723
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
90c832b8a43ad6b6f3d765a9ee1f477e808164ec8c572b38e7eee21a8c947920
9742073ef7fc795e7673d98f272992843298426a0ffd8cb3507784df5143608b
a26ada860568c552de4aa0bce7c69fbb5698d593445ca88eac41cfd3fd2efa63
bc44101bc1e3822a5866846c00d835893e183a389b7cdf254b65939faba33f39
bf57a0a00b3080fb808c5ddcf92a2c4293164f719882d291faa234ca8e3e6fe8
c376228742ceac455f8061c197b54bff05c6f86566e9a67f91ebb54f1fd661df
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ce64ecf3f783c0dc4485382c8675ffedbc94033a9de22e3c74d12fc599627475
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
ff7866c2f4aa33675af11580c62e6d57259e2755917868fe5a39d41fdc4fa7d2