indexo.dev

nunchuk.io

.io crawl

First seen 2026-04-12 · Last seen 2026-05-08 · ok HTTP/1.1 200 1171 ms crawled 2026-05-04

US · 104.26.14.66 · AS13335 Cloudflare, Inc.

Reputation 100/100

Classifying

HTML metadata

Title
Nunchuk - Secure Your Bitcoin for Generations
Description
The first Bitcoin inheritance solution designed to outlive the company that created it. Built on the most advanced multisig platform. Trust-minimized. Zero KYC.
Language
en
Feeds

Open Graph

url
https://nunchuk.io/
title
Nunchuk - Secure Your Bitcoin for Generations
site name
Nunchuk
description
The first Bitcoin inheritance solution designed to outlive the company that created it. Built on the most advanced multisig platform. Trust-minimized. Zero KYC.

Technology

CDN
Cloudflare
CMS
Next.js
Fonts
  • Google Fonts

Third-party hosts loaded (4)

  • www-nunchuk-picked-bullfrog.s3.ap-southeast-1.amazonaws.com×39
  • fonts.gstatic.com×2
  • accounts.google.com×1
  • fonts.googleapis.com×1

Social

DNS records live

NS
  • bayan.ns.cloudflare.com
  • teagan.ns.cloudflare.com
MX
  • 1 aspmx.l.google.com
  • 10 alt3.aspmx.l.google.com
  • 10 alt4.aspmx.l.google.com
  • 5 alt1.aspmx.l.google.com
  • 5 alt2.aspmx.l.google.com
TXT
Show 6 TXT records
  • detectify-verification=b3eda404a87f39c8ceb05784abb3dab8
  • google-site-verification=6tClemmxmZ86wLu5Th8WxQgERc9B4xcEcZKXNJWgkmA
  • google-site-verification=UZ8P0oIor3R-W-MHTiNNtg41eNZbO-iZ0zwfkug76bI
  • google-site-verification=Whsik1XtZHWZiEjXF5qKq2F3xKln_2uN-a0dzJqICUc
  • v=spf1 include:mailgun.org include:amazonses.com include:_spf.google.com include:spf.brevo.com mx -all
  • brevo-code:c73ede00f5dd1e08ed27b78de41f8d50

Certificate (current)

WE1
from 2026-04-13 to 2026-07-12
Expires in 54 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://nunchuk.io/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
DENY
x-content-type-options
nosniff
content-security-policy
default-src 'self' *.nunchuk.io *.segment.com *.squarecdn.com *.google.com *.squareupsandbox.com *.stripe.com *.cloudflare.com; script-src 'self' 'unsafe-inline' *.nunchuk.io vercel.live *.segment.com *.stripe.com *.squarecdn.com *.squareupsandbox.com *.google.com *.cloudflare.com; style-src 'self' 'unsafe-inline' *.nunchuk.io *.squarecdn.com *.stripe.com *.cloudflare.com; style-src-elem 'self' 'unsafe-inline' fonts.gstatic.com fonts.googleapis.com *.google.com *.squarecdn.com *.nunchuk.io *.stripe.com *.cloudflare.com; img-src 'self' data: blob: https: mxc: *.squarecdn.com *.nunchuk.io *.stripe.com *.cloudflare.com; font-src 'self' fonts.gstatic.com *.squarecdn.com *.nunchuk.io *.cloudfront.net *.stripe.com *.cloudflare.com; frame-src 'self' vercel.live *.google.com *.youtube.com *.squarecdn.com *.nunchuk.io *.stripe.com *.squareupsandbox.com *.cloudflare.com; frame-ancestors 'none'; connect-src 'self' https:
strict-transport-security
max-age=63072000; includeSubDomains; preload

Links to (13)

Linked from (4)