zp-a.com — domain check, WHOIS, DNS & reputation

HTML metadata

Title: Z Promotions, Columbus, OH - Z Promotions, Columbus, OH
Description: Z Promotions from Pickerington OH USA Z Promotions, Columbus, OH, Looking for promotional products, advertising specialties and business gifts? You've come to the right site! Whether you are looking for a specific item or just browsing for ideas, our site is your one-stop source.
Language: en
Canonical: https://zp-a.espwebsite.com

Open Graph

url: https://zp-a.com
title: Z Promotions, Columbus, OH - Z Promotions, Columbus, OH
description: Z Promotions from Pickerington OH USA Z Promotions, Columbus, OH, Looking for promotional products, advertising specialties and business gifts? You've come to the right site! Whether you are looking for a specific item or just browsing for ideas, our site is your one-stop source.

Technology

CDN: Cloudflare
Stack: ASP.NET

Third-party hosts loaded (8)

cdn.asicentral.com×23
cdnjs.cloudflare.com×12
commonmedia.asicentral.com×2
ajax.googleapis.com×1
form.jotform.us×1
maxcdn.bootstrapcdn.com×1
translate.google.com×1
zp-a.espwebsite.com×1

Contact

Phone

Registration

Registrar

DomainPeople, Inc.

Created

2006-05-22

Expires

2029-05-22 1084 days left

Updated

2025-05-23

Name servers

carrera.ns.cloudflare.com
todd.ns.cloudflare.com

DNS records live

NS

carrera.ns.cloudflare.com
todd.ns.cloudflare.com

MX

0 zpa-com0e.mail.protection.outlook.com

Email authentication strong

SPF

v=spf1 include:_spf.zp-a_com._d.easydmarc.pro -all

strict (-all)

DMARC

v=DMARC1;p=reject;rua=mailto:2e08c28298@rua.easydmarc.us,mailto:re+cr5beeyvl3o@dmarc.postmarkapp.com;ruf=mailto:2e08c28298@ruf.easydmarc.us;fo=1;

policy: reject (enforced)

DKIM

selector2: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDm3mqQKgKCn/QiuT9bj/4HQb47pNJZOt6KXD05GVTOu++YLgjWMzzJyIFrEOk9s4qPakqwvx5HHYcYEeIIhs…

selectors probed

Certificate (current)

E7

from 2026-04-11 to 2026-07-10

Expires in 38 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://zp-a.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy
cross-origin-opener-policy
cross-origin-embedder-policy
cross-origin-resource-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SameOrigin
permissions-policy: fullscreen=(),accelerometer=(),autoplay=(),camera=(),display-capture=(),encrypted-media=(),geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),sync-xhr=(self),usb=(),web-share=(),xr-spatial-tracking=()
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' *.espwebsite.com; frame-src 'self' https: http: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: http: ; style-src 'self' 'unsafe-inline' https: http: ; object-src 'self'; child-src 'self' https: http: ; font-src 'self' data: https: http: ; base-uri 'self' https: ; default-src 'self' https: http: ; form-action 'self' https: http: ; img-src 'self' data: https: http: ; connect-src 'self' https: wss: http: ; manifest-src 'self'; worker-src blob:
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy: unsafe-none
cross-origin-embedder-policy: unsafe-none
cross-origin-resource-policy: same-site

Linked from (1)

nawbocbus.org×1