aral.de

HTML metadata

Title: Aral: Tanken, E-Auto laden, Waschen & Einkaufen
Description: An der Ladestation das Elektroauto laden, zur Autowäsche in die Waschanlage, einkaufen oder einfach nur tanken & Kaffee genießen - willkommen bei Aral!
Language: de
Canonical: https://www.aral.de/de/global/retail.html

Open Graph

url: https://www.aral.de/de/global/retail.html
title: Aral: Tanken, E-Auto laden, Waschen & Einkaufen
locale: de
site name: Home
description: An der Ladestation das Elektroauto laden, zur Autowäsche in die Waschanlage, einkaufen oder einfach nur tanken & Kaffee genießen - willkommen bei Aral!

Technology

CDN: Amazon CloudFront
Server: Apache

Analytics

Google Analytics

Ads

Meta Pixel

Third-party hosts loaded (2)

connect.facebook.net×1
www.google-analytics.com×1

Social

Contact

Address: st noch bis zum 02.08.2026

Registration

Updated

2024-12-11

Name servers

damon.ns.cloudflare.com.
dns1.ednsglobal.net.
dns2.ednsglobal.net.
dns3.ednsglobal.net.
dns4.ednsglobal.net.
naomi.ns.cloudflare.com.

DNS records live

NS

damon.ns.cloudflare.com
dns1.ednsglobal.net
dns2.ednsglobal.net
dns3.ednsglobal.net
dns4.ednsglobal.net
naomi.ns.cloudflare.com

MX

10 aral-de.mail.protection.outlook.com
50 aral-de.mail.protection.outlook.com

TXT

Show 8 TXT records

pardot242293=1f1ab881cd2f01828c5b2bb6eb7a6b9fcdd2ec37a3e0c87c5eb9c07fa2667a65
pardot902921=1fd2b0948c5bbc35ac6e1d2bbf3be71148a4654f45111cd88d4286867270ed5d
pardot902921=bb6335bfda7943c338a1a9adda2e7aeb2efd0bf5a6a5579d64e41752ccd0013c
sI20yDb0i5fmQGI5KskAhzd7jkqPsFWM2kShKXrHAAWx1Q4YT88xLshscpzDhS4qjTb3ZQls8RwMDD0uVvTpow==
MS=ms51824374
SFMC-RPVfOsbKQCkJf69puMnSbXYoEVZCIWLdnlCvGBly
VjWpNWgAEsrV96CPD51XCWRX+K/3dWQLiYACR4urcH0Csxba/B5P2rHBTUBk0R44dZVYVvQKT1o1KUjHIHwX+Q==
_ztkfkzb0jrzl1hzo3z0ag0jwjmgbuhv

Email authentication strong

SPF

v=spf1 include:_u.aral.de._spf.smart.ondmarc.com ~all

softfail (~all)

DMARC

v=DMARC1; p=reject; pct=100; sp=reject; rua=mailto:a0605431@inbox.ondmarc.com; ruf=mailto:a0605431@inbox.ondmarc.com; adkim=r; aspf=r; fo=0; rf=afrf; ri=3600

policy: reject (enforced) · sp=reject

DKIM

selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoltQCu1vNSKBp73kWea4Vkjfvpe99MeyuFt3AW5uaa9akZrpSOOgK33PenbKYhN7ALO9ysHMdLgZ3W…

selectors probed

Certificate (current)

DigiCert Global G2 TLS RSA SHA256 2020 CA1

from 2026-01-06 to 2026-08-16

Expires in 88 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 95/100 Checked live page: https://www.aral.de/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy
cross-origin-opener-policy
cross-origin-embedder-policy
cross-origin-resource-policy

findings

CSP allows unsafe inline scripts/styles

Header values

referrer-policy: no-referrer-when-downgrade
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), usb=(), vr=(), wake-lock=(), xr-spatial-tracking=()
x-content-type-options: nosniff
content-security-policy: default-src https: data: blob: 'self'; upgrade-insecure-requests; script-src 'unsafe-inline' 'unsafe-eval' https: data: blob: 'self'; style-src 'unsafe-inline' 'unsafe-eval' https: data: blob: 'self'; img-src 'unsafe-inline' 'unsafe-eval' https: data: blob: 'self'
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy: unsafe-none
cross-origin-embedder-policy: same-origin-allow-popups
cross-origin-resource-policy: same-site

Links to (6)

Linked from (2)

autohof.de×2
530jahre.de×1