yello.de

HTML metadata

Title: Yello – Strom und mehr gute Energie für zuhause
Description: Dein Stromanbieter, der Energie einfach macht! Yello. Ob Ökostrom, Wärme oder smarte Tarife ✅ Faire Preise ✅ Online per App.
Language: de
Canonical: https://www.yello.de/

Open Graph

url: https://www.yello.de/
title: Yello – Strom und mehr gute Energie für zuhause
description: Dein Stromanbieter, der Energie einfach macht! Yello. Ob Ökostrom, Wärme oder smarte Tarife ✅ Faire Preise ✅ Online per App.

Technology

CDN: Azure Front Door
CMS: Gatsby

Analytics

Google Tag Manager

Cookie consent

OneTrust

Third-party hosts loaded (6)

images.ctfassets.net×28
www.googletagmanager.com×2
cai-cdn-yello-a8e7a6a5ccf6ffg7.z01.azurefd.net×1
cdn.cookielaw.org×1
integrations.etrusted.com×1
responder.wt-safetag.com×1

Social

Registration

Updated

2025-08-12

Name servers

nss01.enbw.com.
nss02.enbw.com.
nss03.enbw.com.
nss04.enbw.com.

DNS records live

NS

nss01.enbw.com
nss02.enbw.com
nss03.enbw.com
nss04.enbw.com

MX

10 yello-de.mail.protection.outlook.com

TXT

Show 18 TXT records

_touoy3menfqh0meocgqxl9xha4wtecl
google-site-verification=C9vMHe6vUK8zQnZgRVZYktsupg7tbX_z4uR0AObip4E
google-site-verification=CKPdiKYdcYN9BZPXVp-myl0eFRYg_X53gg8bL0mwoHo
kcdcqnKh2utpsSnOvAIEbbRE9bImYExjEFjo6XVszmw=
docker-verification=6c8ebcf3-5795-4ff3-8182-06224978e042
8qzdffw8lpmkgb9ljgd1478ldk716xct
v=spf1 include:spf.enbw.com include:_spf.zimpel.de ip4:40.68.173.244 -all
mongodb-site-verification=DYnlHJ8Lc3isPa2vEMUvwHFBhfQkLAV5
MS=ms22529094
google-site-verification=-PIA3ps2FqymvoBla99H4IY4eSNwyBN9CV40oMgHenM
nuO+xDj58cM+y4bo4KwyBZTwcqCwWgmUVwZn9cX8Ik0ZskhG++o9s5k0pY4oIzxBZ2sgGLS1Ll5+RhTMm0/+5w==
apple-domain-verification=WrYU0879aN4E7EbP
adobe-sign-verification=b5ace2cc94009c135f325b1375eddf
yello-prod2.azurewebsites.net
ciscocidomainverification=52dccd68a41a87ded6c9bf349a5119e613fc04d717f5b929cc08043b2f37649c
yello-prod.azurewebsites.net
n7m17h9hdq2sz74ssygbdlhsk43kxpwr
byj5pmp3vwmxyvw6p74m9wl3yg57p1qq

Certificate (current)

GeoTrust TLS RSA CA G1

from 2025-10-02 to 2026-10-18

Expires in 151 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.yello.de/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Referrer Policy

Header values

x-frame-options: Deny
permissions-policy: fullscreen=*, geolocation=*, autoplay=self, sync-xhr=self, accelerometer=(), ambient-light-sensor=(), camera=(), interest-cohort=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: track.yello.de *.cloudfront.net *.doubleclick.net *.googleadservices.com *.google.de *.googleapis.com *.tagmanager.google.com tpc.googlesyndication.com *.adform.net *.adjust.com *.dwin1.com *.awin1.com *.zenaps.com *.adfarm1.adition.com *.thunderhead.com t.nativendo.de *.youtube.com *.ytimg.com *.instagram.com *.twimg.com *.ytimg.com *.mapbox.com *.mapbox localhost r.df-srv.de analytics-udg.netdna-ssl.com connect.facebook.net amplify.outbrain.com *.redintelligence.net zenloop-website-overlay-production.s3.amazonaws.com hal9000.redintelligence.net cdn.cookielaw.org the.sciencebehindecommerce.com *.pso-vertrieb.de yello-freunde-werben.de geolocation.onetrust.com *.ctfassets.net widget.cammio.me cdn.trkkn.com static.heyflow.app snap.licdn.com s.pinimg.com *.linkedin.com website-overlay.zenloop.com *.linkedin.oribi.io *.qualtrics.com integrations.etrusted.com integrations.etrusted.site *.adservice.google.com *.twiago.com *.adform.
strict-transport-security: max-age=31536000