security-session.cz

HTML metadata

Title

Security Session'18

Description

Security Session '16

Language

cs-CZ

Open Graph

url

http://security-session.cz

title

Security Session Conference

sitename

Security Session '18

description

Security Session je nekomerční konference, na které se dozvíte o novinkách a aktuálních problémech v oblasti bezpečnosti mobilních a informačních technologií.

Technology

Server

openresty

jQuery

1.11.1 known XSS (<3.5)

Fonts

• Google Fonts

Third-party hosts loaded (2)

• fonts.googleapis.com×2
• maps.google.com×1

Social

• facebook
• twitter
• youtube

DNS records live

NS

• ns1.websupport.sk
• ns2.websupport.sk
• ns3.websupport.sk

MX

• 10 mx10.websupport.cz
• 100 mx20.websupport.cz

TXT

• spf2.0/pra a mx include:_sid.m1.websupport.sk ?all

Email authentication weak

SPF

v=spf1 a mx include:_spf.m1.websupport.sk ?all

neutral (?all)

DMARC

not published

DKIM

• k1: k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDbNrX2cY/GUKIFx2G/1I00ftdAj713WP9AQ1xir85i89sA2guU0ta4UX1Xzm06XIU6iBP41VwmPwBGRNofhBVR+e6WHUo…
• mail: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDAlT1jaWzL8NxwgcM/jftoK9iUVQNuWQoo302EP+GzmjhQBVC7dckckYdS3VDVLKEoHRLVO67wyEOZVMxPuy…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 30/100 Checked live page: https://security-session.cz/

findings

• missing HSTS
• missing Content Security Policy
• missing frame protection
• missing content type protection
• missing Referrer Policy
• missing Permissions Policy

Links to (12)

• youtube.com×1
• yelp.com×1
• wolfhunt.cz×1
• vutbr.cz×1
• twitter.com×1
• slideshare.net×1
• security-portal.cz×1
• restauracevelorex.cz×1
• metron.cz×1
• facebook.com×1
• eepurl.com×1
• avast.com×1

Linked from (1)

• security-portal.cz×1