bms.dk

HTML metadata

Technology

Server

Microsoft-IIS

Analytics

• Google Tag Manager

Third-party hosts loaded (4)

• cdn.jsdelivr.net×3
• cdnjs.cloudflare.com×1
• www.google.com×1
• www.googletagmanager.com×1

Social

• linkedin
• facebook
• instagram

Contact

Address

Sofiendalsvej 94A, 1.DK-9200 Aalborg SV

DNS records live

NS

• ns.xtracon.dk
• ns2.xtracon.dk

MX

• 10 eu-esec-01.heimdalsecurity.com
• 10 eu-esec-02.heimdalsecurity.com

TXT

• mandrill_verify.Id2XZAEw5HCaY7LxtlDtrQ
• 9pfjzr6vcz0jn3q57t6x80lw37m51cbh
• _4qo6wbkeq3lu8t6c9ck28bvkyla8r8e

Verified for

• Google
• Microsoft 365

Email authentication partial

SPF

v=spf1 mx a include:_spf.xtracon.dk include:_spf.bms.dk include:spf-esec.heimdalsecurity.com -all

strict (-all)

DMARC

v=DMARC1; p=none;

policy: none (monitoring only)

DKIM

• s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsn/1qwaaIH/s/hR4q6UrhTzg1n3ovVItaVMzWUIHAIu2VdAXwvebVu+h0zpO5FiP4vGBhnj0SoUMV7q4p5…
• s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz2bA+6n4HjAQWpTIQvcdN57FGt+HD4UgWJksjLqb2DmIEV3G346sAjyXRKXZi1X5s8JIa2Brl1lCMdZULr…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 40/100 Checked live page: https://bms.dk/

present

• x-frame-options

findings

• missing HSTS
• missing Content Security Policy
• missing content type protection
• missing Referrer Policy
• missing Permissions Policy

Links to (5)

• whistleblowersoftware.com×1
• linkedin.com×1
• instagram.com×1
• facebook.com×1
• digitalpartners.dk×1

Linked from (1)

• mileagebook.com×1