sodalitas.at

HTML metadata

Title: Kath. Bildungshaus Sodalitas | Dom v Tinjah
Description: Das Katholische Bildungshaus Sodalitas versteht sich als Haus der Bildung, des Dialoges, der Kunst und der Begegnung. Katoliški dom prosvete Sodalitas je hiša izobraževanja, dialoga, umetnosti in srečanja.
Language: de

Open Graph

title: Kath. Bildungshaus Sodalitas | Dom v Tinjah
description: Das Katholische Bildungshaus Sodalitas versteht sich als Haus der Bildung, des Dialoges, der Kunst und der Begegnung. Katoliški dom prosvete Sodalitas je hiša izobraževanja, dialoga, umetnosti in srečanja.

Technology

Server: Apache
jQuery: 3.4.1 known XSS (<3.5)

Analytics

Google Analytics

Fonts

Google Fonts

Third-party hosts loaded (6)

fonts.googleapis.com×2
ajax.googleapis.com×1
code.jquery.com×1
fonts.gstatic.com×1
www.google-analytics.com×1
www.google.com×1

Contact

Email

office@sodalitas.at

Phone

+4342392642

DNS records live

NS

ns1.easyname.eu
ns2.easyname.eu

MX

0 sodalitas-at.mail.protection.outlook.com

Verified for

Microsoft 365

Email authentication partial

SPF

v=spf1 include:spf.protection.outlook.com -all

strict (-all)

DMARC

v=DMARC1; p=none;

policy: none (monitoring only)

DKIM

selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvauScxTLBBxX1lX8A663Xm4Off2m/N1caCjEmG7g29HR7lAcb0lmdu4WrGCsZjohCo3FbzYy+OVmn8…
selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvwAU7Y+je8+2XVx2k0Wtzr9+lHGOHVt94Zj3pjl27ZV2sbuwCxRhv7CVVRD3CF9XRd5tAPjkt08Ppl…

selectors probed

Certificate (current)

R12

from 2026-04-01 to 2026-06-30

Expires in 29 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.sodalitas.at/home/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Referrer Policy
missing Permissions Policy

Header values

x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://*.gstatic.com https://*.googleapis.com https://www.google-analytics.com https://*.google.com https://*.google.at https://*.fbcdn.net https://*.facebook.com https://*.jquery.com https://*.doubleclick.net; script-src 'self' 'unsafe-eval' https://www.google.com https://www.google-analytics.com https://*.googleapis.com https://*.gstatic.com https://*.jquery.com https://*.fbcdn.net https://*.facebook.com 'sha256-ojso65MaILocn7KN7v1ksS3r5qA+FNkO5WEihujd5bk=' 'sha256-+idMax0iRVFQbFFaEEUuAwXsiLrEtNozWL5zLkPV+LU=' 'sha256-Qmp8G4vTWgyUx7pcQkcJ25Cu/Vkr/zQi1XesMrHPiXg=' 'sha256-4PPo0xBDO3PLRZJSWPGxieYMplJ9l7AwkCfbCu35Jn0='; style-src 'self' 'unsafe-inline' https://*.googleapis.com https://*.gstatic.com; img-src 'self' data: https://*.fbcdn.net https://*.doubleclick.net https://www.google-analytics.com; font-src 'self' https://*.googleapis.com https://*.gstatic.com;
strict-transport-security: max-age=31536000