bema.no

HTML metadata

Technology

Server

Apache

Analytics

• Google Tag Manager

Third-party hosts loaded (2)

• policy.app.cookieinformation.com×1
• www.googletagmanager.com×1

Social

• facebook
• linkedin

Contact

Email

• bema@bema.no
• bemaoslo@bema.no

Phone

• +4737252950
• +4722088820

DNS records live

NS

• ns1.hyp.net
• ns2.hyp.net
• ns3.hyp.net

MX

• 0 bema-no.mail.protection.outlook.com

Verified for

• Microsoft 365

Email authentication partial

SPF

v=spf1 ip4:80.239.119.178 ip4:77.88.106.3 include:spf.protection.outlook.com include:servers.mcsv.net include:smtp.axia-asp.no ~all

softfail (~all)

DMARC

v=DMARC1; p=none; rua=mailto:dmarc_agg@vali.email

policy: none (monitoring only)

DKIM

• selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC9L18JyaHSzH8k751mLkpQL4EJZ+zKCyWqdDS+maXGHjk/3hEtjcjUF2URilKcIj0FQ95lDYY80Eg/UtnAi7…
• k1: k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDbNrX2cY/GUKIFx2G/1I00ftdAj713WP9AQ1xir85i89sA2guU0ta4UX1Xzm06XIU6iBP41VwmPwBGRNofhBVR+e6WHUo…
• k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 65/100 Checked live page: https://www.bema.no/

present

• content-security-policy
• x-frame-options
• x-content-type-options

findings

• missing HSTS
• CSP allows unsafe inline scripts/styles
• missing Referrer Policy
• missing Permissions Policy

Links to (18)

• valeoservice.com×1
• tecalliance.net×1
• osram.com×1
• optimal-germany.com×1
• ngkntk.com×1
• national-auto.co.uk×1
• motip.com×1
• mobil.no×1
• mann-filter.com×1
• mahle.com×1
• linkedin.com×1
• jvc.com×1
• facebook.com×1
• dayco.com×1
• crcind.com×1
• coretrek.no×1
• carlube.co.uk×1
• bremsi.com×1

Linked from (1)

• norskbildelkatalog.no×1