indexo.dev

kapowtoys.co.uk

.uk crawl

First seen 2026-04-16 · Last seen 2026-05-14 · ok HTTP/1.1 200 1578 ms crawled 2026-05-11

GB · 91.192.194.130 · AS15510 Compuweb Communications Services Limited

Reputation 100/100

sector entertainment type homepage

HTML metadata

Title
Kapow Toys – Toys and Collectables
Description
Kapow Toys offer a huge selection of toys, action figures, statues, collectables and merchandise from Transformers, Star wars, Marvel, TV shows, Movies and much more.
Language
en-GB
Canonical
https://www.kapowtoys.co.uk/
Translations
  • de
  • en
  • es
  • fr

Open Graph

url
https://www.kapowtoys.co.uk
title
Kapow Toys - Toys and Collectables
description
Kapow Toys offer a huge selection of toys, action figures, statues, collectables and merchandise from Transformers, Star wars, Marvel, TV shows, Movies and much more.

Technology

Server
Apache
CMS
WordPress
Analytics
  • Google Tag Manager

Third-party hosts loaded (4)

  • www.googletagmanager.com×1
  • www.kapowtoys.de×1
  • www.kapowtoys.es×1
  • www.kapowtoys.fr×1

Registration

Registrar
123-Reg Limited t/a 123-reg
Created
2008-05-10
Expires
2027-05-10 354 days left
Updated
2026-05-11
Name servers
  • ns-1259.awsdns-29.org.
  • ns-1826.awsdns-36.co.uk.
  • ns-27.awsdns-03.com.
  • ns-979.awsdns-58.net.

DNS records live

NS
  • ns-1259.awsdns-29.org
  • ns-1826.awsdns-36.co.uk
  • ns-27.awsdns-03.com
  • ns-979.awsdns-58.net
MX
  • 1 aspmx.l.google.com
  • 10 aspmx2.googlemail.com
  • 10 aspmx3.googlemail.com
  • 5 alt1.aspmx.l.google.com
  • 5 alt2.aspmx.l.google.com

Email authentication strong

SPF
v=spf1 include:_spf.google.com include:spf.mailjet.com include:amazonses.com a mx ~all
softfail (~all)
DMARC
v=DMARC1; p=reject; pct=100; rua=mailto:dmarc@kapowtoys.co.uk
policy: reject (enforced)
DKIM
  • google: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCuu6FYDTkkSi537CqbMiE0/B67fYV8HbzaxPng/LXD3VuGg5skgkLbybogP0FI4RbLS3IIcZPteZK3w8csn9…
selectors probed

Certificate (current)

R13
from 2026-03-29 to 2026-06-27
Expires in 37 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.kapowtoys.co.uk/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
findings
  • short HSTS max-age
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Permissions Policy
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
default-src 'self' static-eu.payments-amazon.com payments.amazon.co.uk payments-uk.amazon.com payments.amazon.com payments-uk-sandbox.amazon.com payments-eu.amazon.com centinelapi.cardinalcommerce.com writer.cardinalcommerce.com geo.cardinalcommerce.com kg668dbov0.execute-api.us-east-1.amazonaws.com *.google-analytics.com www.googletagmanager.com https://stats.tools; script-src 'self' 'unsafe-inline' 'unsafe-eval' static-eu.payments-amazon.com payments-uk-sandbox.amazon.com www.google.com www.gstatic.com songbird.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googletagmanager.com https://data.stats.tools x.klarnacdn.net js.klarna.com; object-src 'self'; style-src 'self' 'unsafe-inline' fonts.googleapis.com translate.googleapis.com; img-src 'self' cdn.kapow.commerce.toby image.kapowtoys.co.uk m.media-amazon.com images-na.ssl-images-amazon.com static-eu.payments-amazon.com d23yuld0pofhhw.cloudfront.net *.google-analytics.com www.googletagmanager.com da
strict-transport-security
max-age=86400

Links to (3)

Linked from (4)