stonexbullion.com

HTML metadata

Title

Buy and sell precious metals online ▷ StoneX Bullion

Description

Buy precious metals safely and easily from the test winner ✓ Large selection of gold, silver, platinum coins and bars ✓ Fair prices ► Invest now!

Language

en

Canonical

https://stonexbullion.com/en/

Translations

de
en
es
fr
it
pl

Open Graph

url: https://stonexbullion.com/en/
title: Buy and sell precious metals online ▷ StoneX Bullion
site name: StonexBullion
description: Buy precious metals safely and easily from the test winner ✓ Large selection of gold, silver, platinum coins and bars ✓ Fair prices ► Invest now!

Technology

CDN: Cloudflare
CMS: Nuxt

Registration

Registrar

GoDaddy.com, LLC

Created

2020-03-20

Expires

2027-03-20 303 days left

Updated

2026-03-21

Name servers

pdns03.domaincontrol.com
pdns04.domaincontrol.com

DNS records live

NS

pdns03.domaincontrol.com
pdns04.domaincontrol.com

MX

10 mxb-003e4a01.gslb.pphosted.com
5 mxa-003e4a01.gslb.pphosted.com

TXT

Target: 0ed1fe018a5ea3d2c8d6bb43478d9ae3cd2053d679
v=DMARC1; p=none; fo=1; rua=mailto:dmarc_rua@emaildefense.proofpoint.com; ruf=mailto:dmarc_ruf@emaildefense.proofpoint.com

Verified for

Google
Microsoft 365

Email authentication strong

SPF

v=spf1 include:%{ir}.%{v}.%{d}.spf.has.pphosted.com ~all

softfail (~all)

DMARC

v=DMARC1; p=reject; fo=1; rua=mailto:dmarc_rua@emaildefense.proofpoint.com; ruf=mailto:dmarc_ruf@emaildefense.proofpoint.com

policy: reject (enforced)

DKIM

s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvRS7DS8MAm7Kn7Z0yT1itPmdEgfP4dBCnSYIE0dPCUGc3ueOIs75+Z/II32e6JxZjCWBQhXVhX7G2vHZeZ…
s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxq56o6dqFL7e5CXui6CZhbZBGtCLGFReeK4IQOpnpYS1jZuFhp0xTENRqrOJ2ksxKKnw7o09heBW5clhjA…

selectors probed

Certificate (current)

WE1

from 2026-04-24 to 2026-07-23

Expires in 64 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://stonexbullion.com/en/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy
cross-origin-opener-policy
cross-origin-resource-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: camera=(), display-capture=(), fullscreen=(self), geolocation=(), microphone=(self)
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://cdn.stonexbullion.com/ https://stonexbullion.com; img-src 'self' data: https://cdn.stonexbullion.com/ https://stonexbullion.com *.googletagmanager.com *.googlesyndication.com *.google.com *.gstatic.com *.clarity.ms *.bing.com *.doubleclick.net *.ytimg.com *.contentsquare.net https://www.googleadservices.com https://cdn.jsdelivr.net https://storage.googleapis.com https://bat.bing.net https://bat.r.msn.com; manifest-src 'self' https://stonexbullion.com https://cdn.stonexbullion.com/; style-src 'self' 'unsafe-inline' https://stonexbullion.com https://cdn.stonexbullion.com/ *.googletagmanager.com *.googleapis.com https://cdn-prod.securiti.ai https://cdn-prod.eu.securiti.ai; child-src blob:; worker-src blob:; font-src 'self' https://cdn.stonexbullion.com/ https://stonexbullion.com fonts.gstatic.com; connect-src 'self' https://stonexbullion.com https://cdn.stonexbullion.com/ https://o1167127.ingest.sentry.io https://cdn.cookielaw.org https://pagead2.googlesyndicati
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site

Links to (1)

trustpilot.com×1