Is stockx.com legit?

85
/ 100
Trusted
Industry: Marketplace

StockX appears to be a trusted platform for buying and selling collectible items, showing strong foundational security and a long operational history. While a direct access error was noted and contact info wasn't immediately obvious, these minor concerns don't overshadow its otherwise robust online presence and security measures.

Marketplace average: 74/100 · based on 15 sites

Checked: April 18, 2026 at 8:25 AM UTC · Refresh

Is stockx.com a scam? Here's what we found.

Security 95/100

The site boasts a modern and secure connection with TLS 1.3, a valid SSL certificate from Google, and robust content security policies, essential for protecting user data during transactions.

Identity 90/100

With over two decades of operation, StockX has a well-established online identity. Its domain registration through Amazon Registrar, Inc. further adds to its credibility and stability.

Reputation 90/100

Holding a high Tranco Rank and a clean slate on DNS blacklists, StockX demonstrates a strong and positive reputation, indicative of a widely recognized and well-regarded platform in its niche.

Transparency 75/100

While legal pages are present and a social media link exists, the 403 error and lack of obvious contact information on the homepage could make it difficult for users to quickly resolve issues or seek support.

Compliance 95/100

The presence of both a privacy policy and terms of service pages indicates that StockX takes its legal obligations seriously, a crucial aspect for any platform handling consumer data and transactions.

Infrastructure 95/100

The site's infrastructure is solid, utilizing Cloudflare for DNS, multiple IP resolutions, and comprehensive email authentication including SPF and DMARC, ensuring reliable and secure communication.

Signals Detected

[+]
Tranco Rank: Rank #5917

This is a well-known, high-traffic website

[?]
Structured Data: None found

No structured data markup found

[?]
Trustpilot: No Trustpilot profile

This business has no Trustpilot presence — not unusual for smaller or newer companies

[+]
Domain Age: 23 years, 1 months

Domain created 2002-07-23T07:02:00Z (23 years, 1 months ago)

[?]
Registrar: Amazon Registrar, Inc.

Registered through Amazon Registrar, Inc.

[+]
Domain Expiry: 2026-07-23T07:02:00Z

Expires in 95 days

[+]
DNSSEC: unsigned

DNSSEC status from WHOIS

[+]
SSL Certificate: Valid

Valid certificate, expires in 58 days

[?]
Certificate Issuer: Google Trust Services

Certificate issued by Google Trust Services

[+]
TLS Version: TLS 1.3

Connection uses TLS 1.3

[?]
Branding: Basic

Site has a favicon but no social sharing metadata

[?]
Sitemap: Not found

No sitemap found — common for smaller sites

[+]
DNS Resolution: 4 IP(s)

Resolves to: 2606:4700::6810:6d09, 2606:4700::6810:6e09, 104.16.109.9, 104.16.110.9

[+]
Email (MX Records): 7 record(s)

Mail servers: mxb-0070af01.gslb.pphosted.com., mxa-0070af01.gslb.pphosted.com., aspmx.l.google.com., alt3.aspmx.l.google.com., alt1.aspmx.l.google.com., alt2.aspmx.l.google.com., alt4.aspmx.l.google.com.

[+]
SPF Record: Present

Domain has SPF email authentication configured

[+]
DMARC Record: Present

Domain has DMARC email authentication configured

[+]
Name Servers: 2 server(s)

DNS providers: peyton.ns.cloudflare.com., ivy.ns.cloudflare.com.

[+]
robots.txt: Present

robots.txt has 186 directives and references a sitemap

[+]
DNS Blacklists: Clean

Not found on any DNS blacklists

[~]
Website Status: HTTP 403

Website returned status 403

[~]
Contact Info: Not found

No obvious contact information found on homepage

[+]
Legal Pages: Privacy & Terms found

Website has both privacy policy and terms of service pages

[?]
Social Media Presence: 1 platform

Website links to one social media platform

[+]
HSTS Header: Present

Site enforces HTTPS via HSTS

[+]
Content Security Policy: Present

Site has Content Security Policy configured

[+]
Clickjacking Protection: Present

X-Frame-Options: SAMEORIGIN

[?]
Server: cloudflare

Web server: cloudflare

[+]
Google Web Risk: Clean

No threats detected by Google Web Risk

[?]
Certificate Transparency: 761 certificates

761 certificates found across 37 subdomains — large or long-established domain

[?]
Web Archive: Unable to check

Could not query Wayback Machine

[+]
Page Load Time: 49ms

Fast page load

Embed This Badge

Own this site? Show visitors your trust score.

Trust badge for stockx.com
<a href="https://verified.fyi/review/stockx.com"><img src="https://verified.fyi/badge/stockx.com?size=medium&style=full&theme=dark" alt="stockx.com trust score — verified.fyi" /></a>
[![stockx.com trust score](https://verified.fyi/badge/stockx.com?size=medium&style=full&theme=dark)](https://verified.fyi/review/stockx.com)

Stay Safe Online

Good habits to protect yourself, no matter the scan result.

Use a password manager

Never reuse passwords across sites.

Enable two-factor authentication

Add a second layer of security to your accounts.

Check before you buy

Always verify unfamiliar stores before entering payment info.

For anyone looking to buy or sell collectible sneakers, streetwear, and other high-demand items, the question of 'Is StockX legit?' often comes up. As a prominent player in the online marketplace space, StockX operates differently than your average e-commerce site; it's a 'stock market of things' where prices are driven by real-time market conditions. This model, while innovative, often leads users to carefully consider its trustworthiness. Our analysis reveals that StockX stands on solid ground. Unlike many niche marketplaces that might have a fleeting presence, StockX boasts a domain age of over 23 years. This longevity is a significant trust signal, especially in a market segment often susceptible to fly-by-night operations. A well-established history means they've had time to build infrastructure, processes, and consumer confidence. Security is paramount when dealing with high-value transactions, and StockX's setup reflects this. They use modern TLS 1.3 encryption and have a robust content security policy, which are standard for any legitimate online business handling sensitive user and payment data. While the initial 403 HTTP status and less-than-obvious contact information on the homepage are points for improvement, these are relatively minor compared to the core infrastructure and long-standing operational history. For a marketplace dealing in authenticating goods, strong customer support channels are expected. However, the overall robust technical foundation and clear legal documentation like privacy policies and terms of service typically indicate a serious and compliant business. When using such platforms, always familiarize yourself with their buyer and seller protection policies to ensure a smooth and secure experience.