ndpromos.com

.com crawl

First seen 2026-04-23 · Last seen 2026-05-14 · ok HTTP/1.1 200 4174 ms crawled 2026-05-17

US · 199.0.184.165 · AS22885 ADVERTISING SPECIALTY INSTITUTE, INC.

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title: Home - N & D SPORTS
Description: Nick's Enterprises Inc from Hamden CT USA Looking for promotional products, advertising specialties and business gifts? You've come to the right site! Whether you are looking for a specific item or just browsing for ideas, our site is your one-stop source.
Language: en
Canonical: https://ndpromos.com

Open Graph

url: https://ndpromos.com
title: Home - N & D SPORTS
description: Nick's Enterprises Inc from Hamden CT USA Looking for promotional products, advertising specialties and business gifts? You've come to the right site! Whether you are looking for a specific item or just browsing for ideas, our site is your one-stop source.

Technology

CDN: Cloudflare

Social widgets

YouTube Embed

Third-party hosts loaded (7)

cdn.asicentral.com×25
cdnjs.cloudflare.com×12
commonmedia.asicentral.com×4
ajax.googleapis.com×1
maxcdn.bootstrapcdn.com×1
translate.google.com×1
www.youtube.com×1

Contact

Phone

Registration

Registrar

Tucows Domains Inc.

Created

2016-06-28

Expires

2026-06-28 39 days left

Updated

2025-06-26

Name servers

ns1.nexcess.net
ns2.nexcess.net
ns3.nexcess.net
ns4.nexcess.net

DNS records live

NS

ns1.nexcess.net
ns2.nexcess.net
ns3.nexcess.net
ns4.nexcess.net

MX

10 mail.ndpromos.com

Email authentication weak

SPF

v=spf1 +a +mx +ip4:8.29.154.37 include:relay.mailchannels.net ~all

softfail (~all)

DMARC

not published

DKIM

default: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxi7dSvIVBlC8nKCWEEDJMIVlHCQwq2H4oJEfz2+CPpJY46WbbbKPld7u2CCD7JYZa0Jaa8hGSbTZef…

selectors probed

Certificate (current)

from 2026-04-10 to 2026-07-09

Expires in 51 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://ndpromos.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy
cross-origin-opener-policy
cross-origin-embedder-policy
cross-origin-resource-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SameOrigin
permissions-policy: fullscreen=(),accelerometer=(),autoplay=(),camera=(),display-capture=(),encrypted-media=(),geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),sync-xhr=(self),usb=(),web-share=(),xr-spatial-tracking=()
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' *.espwebsite.com; frame-src 'self' https: http: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: http: ; style-src 'self' 'unsafe-inline' https: http: ; object-src 'self'; child-src 'self' https: http: ; font-src 'self' data: https: http: ; base-uri 'self' https: ; default-src 'self' https: http: ; form-action 'self' https: http: ; img-src 'self' data: https: http: ; connect-src 'self' https: wss: http: ; manifest-src 'self'; worker-src blob:
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy: unsafe-none
cross-origin-embedder-policy: unsafe-none
cross-origin-resource-policy: same-site

Links to (2)

google.com×2
giftafeeling.com×1

Linked from (1)

nanddsports.com×2