avl.com

HTML metadata

Title

AVL Home | AVL

Description

AVL is one of the world’s leading mobility technology companies for development, simulation and testing in the automotive industry, and in other sectors.

Language

en

Generator

Drupal 11 (https://www.drupal.org); Commerce 3; 1xDXP (https://www.1xinternet.com)

Canonical

https://www.avl.com/en

Translations

de
de-at
de-de
en
en-ar
en-at
en-au
en-br
en-ca
en-cn
en-cz
en-de
en-es
en-fr
en-gb
en-hr
en-hu
en-id
en-in
en-it
en-jp
en-kr
en-mx
en-my
en-pl
en-ro
en-se
en-si
en-th
en-tr
en-us
en-vn
ja
ja-jp
ko
ko-kr

Open Graph

url: https://www.avl.com/en/home
title: AVL Home
site name: AVL
description: AVL is one of the world’s leading mobility technology companies for development, simulation and testing in the automotive industry, and in other sectors.

Technology

CMS: Drupal

Cookie consent

Cookiebot

Third-party hosts loaded (2)

cdn.jsdelivr.net×1
consent.cookiebot.com×1

Contact

Address: st GmbHHans-List-Platz 1, 8020

Registration

Registrar

Ascio Technologies, Inc. Danmark - Filial af Ascio technologies, Inc. USA

Created

1997-06-16

Expires

2026-06-15 26 days left

Updated

2025-07-09

Name servers

dns4.a1.net
dns5.a1.net

DNS records live

NS

dns4.a1.net
dns5.a1.net

MX

10 avl-com.mail.protection.outlook.com

TXT

Show 19 TXT records

docker-verification=62649d7b-dc04-45a8-8eb5-682e51ee058d
6f4s424kwjz6sh14w13qktqvgjcvl87p
ENUubSJT3eIgzEeON_Re
adobe-idp-site-verification=2f13a2568b8d5cd3f55570255566f4b7feca23fa4ba7da9a2e28dbaaf4a2db2d
apple-domain-verification=hOApBnvZJ3ZL5yKpod5tbsQ2r3ds2RwHypYO3pmyut4
atlassian-domain-verification=ofy0KgM4aj2hiyBTsuwviIKf9NSXT1Os/LwVAABxKSbA3ecsyBFsqpWk9CKxh2oc
google-gws-recovery-domain-verification=42491732
QuoVadis=5b8bab11-53fc-4067-9ba8-de1b0d29590f
xq9s2xqq53slxrm0193yc227pf0wkgz3
autodesk-domain-verification=J6aTVFnTi6F0hPdze41e
teamviewer-sso-verification=1746cfdcd29d41a28359c3686931552c
khg9y8lmgkr48zsjtqwq9hwtkq1n7xb7
figma-domain-verification=e529f62520d2cca5cde45bf03596ef25a26027b81fb923a04e26dde97c5bfd01-1745831795
postman-domain-verification=2e57af0e5ac799d8d03f8a401ce58db3b51bd27566ccd8c5c51c0d40a0123bfdf7b7dcb8840895f4ad5194c732b708294da76b18f7c4d3553e18d6b488003658
atlassian-sending-domain-verification=5a91aa98-d99b-4dac-9e7b-ffe86b8dfc5e
_smchwzdogtw3nx3m6yduea7eb8fe4le
google-site-verification=KAbH7-r1B1jYGD7-mFybYf-o1JEBOcGKt2BjoLxmo7I
google-site-verification=Bw3xl__ZCVVaelZ0CKnf4v-JY9uW-Ej1Doa8YwPWj1s
google-site-verification=SXyWIT0m_W3K5crwjz0NvdWhXHhr4wUtPoPrUERwLBI

Email authentication strong

SPF

v=spf1 include:_spf.concurcompleat.com include:_spf.salesforce.com include:spf.protection.outlook.com a:smtpw.cytric.net ip4:3.127.192.228 include:_spf-dc57.sapsf.eu ip4:213.33.67.99 ip4:213.33.67.100 ~all

softfail (~all)

DMARC

v=DMARC1; p=reject; rua=mailto:dmarc_agg@vali.email,mailto:dmarcrua@avl.email; ruf=mailto:dmarcruf@avl.email; fo=1

policy: reject (enforced)

DKIM

Show 4 DKIM selectors

selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3+I/I1BwWKRo6fqhNj6i/izVPDlu2T3O2MFbHUtKw3l+Wj8kMqRCwxbDhe8HpfeubBDAMP+mlUBBS0…
selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyydNKHZHYl5lwj0rymMlCtaOjBQjy/uiZhjB1ApWOQwkBLIvP/HtaziDpAgCgsuVROjXuYtn2wix4s…
s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwKxRo0eScVvSYoe1PnZipD2FyncP5sdvyuuR1I20YM151ewkUwORoYxSnJ/qNrCW20NoxBApk53xWsVTop…
s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArpAH6KImmb8Ed0vFj4WnQW8xr+T7IggMewhxxeflmH0Yy6Paf0p9oIrm863KcD5Wao0f3wpZO66mW1hCm3…

selectors probed

Certificate (current)

Thawte TLS RSA CA G1

from 2025-11-21 to 2026-12-23

Expires in 217 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.avl.com/en

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Referrer Policy
missing Permissions Policy

Header values

x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: default-src 'self' blob: *.avl.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com *.doubleclick.net *.facebook.net *.cookiebot.com *.googleapis.com *.adsymptotic.com *.linkedin.com snap.licdn.com *.facebook.com *.avl.com *.cloudflare.com cdn.jsdelivr.net js.stripe.com polyfill.io *.googletagmanager.com *.hotjar.com app.sli.do *.vbrick.com *.google.com *.google.es *.google.at *.google.de *.bing.com *.creators-expedition.com *.imaginativeenterprising-intelligent.com *.mouseflow.com *.clarity.ms *.publuu.com *.buzzsprout.com *.lfeeder.com cdn.ckeditor.com; object-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com *.doubleclick.net *.facebook.net *.cookiebot.com fonts.googleapis.com p.adsymptotic.com *.linkedin.com *.licdn.com *.facebook.com *.avl.com cdnjs.cloudflare.com cdn.jsdelivr.net *.stripe.com polyfill.io *.google.com *.google.es *.google.at *.google.de; style-src 'self' 'unsafe-inline' *.cloudflare.com; img-src 'self' data: avl.com www.avl.com
strict-transport-security: max-age=31557600

Links to (1)

avlracetech.com×2