indexo.dev

moneyhaxx.ch

.ch crawl

First seen 2026-05-27 · Last seen 2026-05-31 · ok HTTP/1.1 200 1294 ms crawled 2026-05-30

CH · 149.126.4.119 · AS47302 cyon AG

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
MoneyHaxx - Eine Plattform mit Tipps zum Sparen, Investieren und Budget berechnen
Description
MoneyHaxx bietet Tipps und Hacks für alle, die keine Geldsorgen haben wollen. Mit dem Budgetrechner erhältst du ein Grobbudget für deine Ausgaben. An unseren Events erfährst du mehr übers Sparen und Investieren. In Zusammenarbeit mit Schweizer Kantonalbanken.
Language
de

Technology

CMS
Next.js
Analytics
  • Google Tag Manager

Third-party hosts loaded (1)

  • www.googletagmanager.com×1

Social

DNS records live

NS
  • ns1.cyon.ch
  • ns2.cyon.ch
MX
  • 0 mail.moneyhaxx.ch
Verified for
  • Google

Email authentication partial

SPF
v=spf1 include:spf.protection.cyon.net -all
strict (-all)
DMARC
v=DMARC1; p=none;
policy: none (monitoring only)
DKIM
  • default: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6uJA5VTs4tEyVcBkqS2ZmVLwLDyS1Ogd/h6cr1pGz1EtrjFvk4h9QI+B6lAzfp/chPz1D3MoFlFPoM…
  • k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…
selectors probed

Certificate (current)

R12
from 2026-03-28 to 2026-06-27
Expires in 26 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.moneyhaxx.ch/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Permissions Policy
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.googletagmanager.com https://*.google.com https://*.gstatic.com https://www.googleadservices.com/ https://td.doubleclick.net https://*.facebook.net https://*.tiktok.com https://*.typeform.com; style-src 'self' 'unsafe-inline' https://*.typeform.com; img-src 'self' blob: data: https://dcaf7zclae17o.cloudfront.net https://*.s3.eu-central-2.amazonaws.com https://*.giphy.com https://i.ytimg.com https://www.facebook.com; media-src 'self' https://dcaf7zclae17o.cloudfront.net https://*.s3.eu-central-2.amazonaws.com; font-src 'self' data:; connect-src 'self' http://localhost:* https://*.moneyhaxx.recommender.ch https://*.moneyhaxx.ch https://chatbot.intern.stu.jaywalker.ch https://*.google-analytics.com https://*.google.com https://*.tiktok.com https://*.typeform.com;object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors 'self' https://www.typeform.com; frame-src 'self' https://form.typeform.com ht
strict-transport-security
max-age=63072000; includeSubDomains; preload

Links to (4)

Linked from (2)