indexo.dev

collexchange.co.uk

.uk crawl

First seen 2026-04-27 · Last seen 2026-05-18 · ok HTTP/1.1 200 1548 ms crawled 2026-05-04

GB · 209.97.181.17 · AS14061 DigitalOcean, LLC

Reputation 95/100 weak security headers

Classifying

HTML metadata

Title
Militaria Auction | Buy and Sell Militaria Online | Collexchange
Description
Collexchange is an affordable, online militaria auction site that facilitates trade between militaria buyers and sellers – all on one, easy to use platform.
Language
en

Technology

Server
nginx
CMS
Gatsby
Analytics
  • Google Tag Manager
Fonts
  • Google Fonts

Third-party hosts loaded (5)

  • fonts.googleapis.com×5
  • cdn.popt.in×1
  • s7.addthis.com×1
  • static.addtoany.com×1
  • www.googletagmanager.com×1

Contact

Email
Phone
Address
Company no. 14032478. VAT registered no. 434 2359 07 © Collexchange 2025. All Rights Reserved.

Registration

Registrar
123-Reg Limited t/a 123-reg
Created
2022-03-09
Expires
2027-03-09 293 days left
Updated
2026-03-10
Name servers
  • ns75.domaincontrol.com.
  • ns76.domaincontrol.com.

DNS records live

NS
  • ns75.domaincontrol.com
  • ns76.domaincontrol.com
MX
  • 0 collexchange-co-uk.mail.protection.outlook.com
TXT
  • google-site-verification=A065ol51M0k-jDDBQB5Tp1Jvvj-KkKKqZBIrFlCtkdo
  • MS=ms86768454
  • v=spf1 include:spf.protection.outlook.com include:_spf.smtp.com -all

Certificate (current)

R13
from 2026-04-19 to 2026-07-18
Expires in 59 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 45/100 Checked live page: https://www.collexchange.co.uk/

present
  • content-security-policy-report-only
  • x-frame-options
  • x-content-type-options
findings
  • missing HSTS
  • missing Content Security Policy
  • weak frame protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
SAMEORIGIN, SAMEORIGIN
x-content-type-options
nosniff
content-security-policy-report-only
font-src *.gstatic.com 'self' data: *.doubleclick.net *.facebook.com *.fontawesome.com https://fonts.bunny.net https://fonts.gstatic.com *.cloudflare.com *.popt.in *.amazonaws.com *.on.aws *.cloudfront.net *.fonts.googleapis.com data: *.yotpo.com *.googleapis.com data: 'self' 'unsafe-inline'; form-action secure.authorize.net test.authorize.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.facebook.com *.yotpo.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com secure.authorize.net test.authorize.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.p

Links to (1)

Linked from (1)