bmm.com.co
bmm.com.co
HTML metadata
Technology
- CDN
- Cloudflare
- Analytics
-
- Google Tag Manager
Third-party hosts loaded (3)
- d3jwfft71tldss.cloudfront.net×47
- maps.googleapis.com×1
- www.googletagmanager.com×1
Social
Contact
DNS records live
- NS
-
- ada.ns.cloudflare.com
- gabe.ns.cloudflare.com
- MX
-
- 0 bmm-com-co.mail.protection.outlook.com
- TXT
-
Show 8 TXT records
_c1zld5enu2oi2iqtmk4mh8yqoiph1uv_h831rg5joed5o6o1puvgsc5svp5vr5q_sbn6r3j41hkno1x5bkek6ajno8vlfs4_ttxpg2z7jhxf2p5d2d2rezgyubuiqga_u5xitsmc5qa9yu0t2z3byzkuac95nqgamazonses:nNpfWdMIS4kDGJvqAhJtDczdDaLKpxhxNw4EERp+pKM=ebf0427d-02a2-4db4-9bf6-6d5ffede7556sophos-domain-verification=b91be2a82007918cbca89e11dd510e72080ae23771653cfb2a16bcede5c30417
- Verified for
-
- Microsoft
- Microsoft 365
Email authentication partial
- SPF
-
v=spf1 ip4:190.144.148.104 ip4:179.50.79.104 include:spf1.masivapp.com include:_spf.us.sendclean.net include:spf.remarkety.com include:amazonses.com include:spf.protection.outlook.com -allstrict (-all) - DMARC
-
v=DMARC1; p=none; rua=mailto:dmarc_agg@ibesecurity.com;policy: none (monitoring only) - DKIM
-
Show 5 DKIM selectors
- selector1:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw60tlGawd3Sg86Wfhcp6GU1FrUcA28p092vuWeqQem295jXty0I3KPsdR7NTbSMQEoQLZVeLZ4k2pL… - selector2:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxmjpvXJbBs4VI9s49Fb61JNSZRoh6uLnrUFoPfvpbpl+z7Yno2e/d7vqR+1fV8e5wHu47cnrPMQDUv… - s1:
k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwtS3Z9qSo9IOIVPhonk45zA+SqcwwQZ/gOqYplrjkXdo7c48zaCpM2lY0nsl2v0m7jvHtM3t/q5+HHbgl7… - s2:
k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCuMByOYo3aEWY2vhx2GoPusDQu5R4ZV2JhZe2nrWjmhGw8Foot+NzwrXL1RV3A9ZRjIaLQ1GJm5Mf1jUqwoC7aJ7… - smtpapi:
k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDPtW5iwpXVPiH5FzJ7Nrl8USzuY9zqqzjE0D1r04xDN6qwziDnmgcFNNfMewVKN2D1O+2J9N14hRprzByFwfQW76…
selectors probed - selector1:
Certificate (current)
DigiCert EV RSA CA G2
Expires in 28 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- missing Permissions Policy
Header values
- referrer-policy
strict-origin-when-cross-origin- x-frame-options
SAMEORIGIN- x-content-type-options
nosniff- content-security-policy
default-src 'self'; script-src 'self' 'unsafe-eval' 'strict-dynamic' 'nonce-IWMHFI4DlE'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://squizlabs.github.io/HTML_CodeSniffer/build/HTMLCS.css; object-src data: 'unsafe-eval'; base-uri 'self'; connect-src 'self' https://tag.navdmp.com https://usr.navdmp.com https://cdn.navdmp.com https://web.bmm.com.co https://integraciones.bmm.com.co https://www.google.com https://maps.googleapis.com https://socialplugin.facebook.net https://www.bmm.com.co https://www.facebook.com https://www.google-analytics.com/ https://analytics.google.com https://web.bmm.com.co https://bmm-co-integration.modyo.be https://d3jwfft71tldss.cloudfront.net/ https://stats.g.doubleclick.net; font-src 'self' https://d3jwfft71tldss.cloudfront.net/ https://fonts.gstatic.com; frame-src 'self' https://www.googletagmanager.com/ https://www.facebook.com https://docs.google.com/ https://www.youtube.com/ https://d3jwfft71tldss.cloudfront.net/ https://td.doublecl- strict-transport-security
max-age=31536000; includeSubDomains; preload