niza.io

HTML metadata

Title

Niza Global

Description

More Profits, Lower Fees Transfer funds globally with a 0% Fee. Get your Personal/Business IBAN within a day and exchange funds to crypto within seconds.

Generator

NextJS

Canonical

https://niza.io

Translations

de
en
es
fr
hi
it
nl
pt
ru
tr
vi
zh

Open Graph

url: https://niza.io
title: Niza Global
locale: en
site name: Niza Global
description: More Profits, Lower Fees Transfer funds globally with a 0% Fee. Get your Personal/Business IBAN within a day and exchange funds to crypto within seconds.

Technology

CDN: Cloudflare
CMS: Next.js

Analytics

Google Tag Manager

Third-party hosts loaded (2)

static.zdassets.com×1
www.googletagmanager.com×1

DNS records live

NS

jo.ns.cloudflare.com
quincy.ns.cloudflare.com

MX

10 mx1-hosting.jellyfish.systems
10 mx2-hosting.jellyfish.systems

TXT

f0095018235b8109a2bf9f65674a1784b6971ed6

Verified for

Google

Email authentication strong

SPF

v=spf1 +a +mx +ip4:162.213.251.201 +ip4:162.213.251.202 +ip4:162.213.251.203 include:spf.web-hosting.com  include:mail.zendesk.com ~all

softfail (~all)

DMARC

v=DMARC1; p=reject; sp=reject; pct=100; ri=86400

policy: reject (enforced) · sp=reject

DKIM

s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx8vnJZUrCnfhZnw2daQnNi8x1erCeF5mKJ7TMltr1el9DBzkoEOocF9kcYG0s56/SQjRTsyjTisyYZHG5U…
s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA47wltW0D625G5zuipn7853iQt8GlIWQkdStP7vidx5ip1jpgGIeDx0GEl8XRpvxCLjI4ff+ZSkbyZfk9/3…

selectors probed

Certificate (current)

WE1

from 2026-03-19 to 2026-06-17

Expires in 27 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://niza.io/en

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy
cross-origin-opener-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: sameorigin
permissions-policy: accelerometer=(self "https://*.sumsub.com"), autoplay=(self), camera=(self "https://*.sumsub.com"), cross-origin-isolated=(), display-capture=(self "https://*.sumsub.com"), encrypted-media=(), fullscreen=(self), geolocation=(self "https://*.sumsub.com"), gyroscope=(self "https://*.sumsub.com"), magnetometer=(), microphone=(self "https://*.sumsub.com"), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), xr-spatial-tracking=()
x-content-type-options: nosniff
content-security-policy: default-src 'self' app.niza.io https://public.storage.niza.io; script-src 'self'; script-src-elem 'self' www.google.com www.gstatic.com www.googletagmanager.com connect.facebook.net https://static.ads-twitter.com https://vercel.live https://hcaptcha.com https://*.hcaptcha.com https://recaptcha.net *.sumsub.com https://static.zdassets.com https://*.zopim.com https://*.smooch.io 'unsafe-inline'; font-src 'self' https://vercel.live https://assets.vercel.com; worker-src 'self' blob:; connect-src 'self' app.niza.io wss://app.niza.io:* wss://ws2.niza.io wss://ws.kraken.com/v2 wss://wbs.mexc.com/ws https://vercel.live www.googletagmanager.com https://www.google.com/recaptcha/ wss://ws-us3.pusher.com https://*.google-analytics.com https://hcaptcha.com https://*.hcaptcha.com *.sumsub.com api.sumsub.com https://static.zdassets.com https://ekr.zdassets.com https://nizaglobal.zendesk.com wss://*.smooch.io https://*.smooch.io; style-src 'self' https://vercel.live https://hcaptcha.com https://
strict-transport-security: max-age=63072000
cross-origin-opener-policy: same-origin-allow-popups

Links to (2)

apple.com×2
google.com×2

Linked from (1)

turbotoken.io×2