Scan-Fakten als JSON anzeigen
{
"schema": "https://saferpage.de/schemas/public-scan-facts.v1",
"claim_boundary": "Öffentliche Rohdaten enthalten nur Scan-Fakten, Statuswerte, Evidence-Grenzen und feste Detail-/Hintergrund-Links. Betreiber-Hintergrund, Planungen, Checklisten, Code und allgemeine Empfehlungen stehen auf separaten Seiten.",
"current_evidence_policy": {
"schema": "https://saferpage.de/schemas/public-scan-current-evidence-policy.v1",
"status": "current_scan_fields_only",
"summary": "Der Fakten-JSON exportiert nur Felder, die im gespeicherten aktuellen Scan wirklich vorhanden sind. Fehlende neue Evidence wird nicht aus alten Testergebnisformaten nachgebaut.",
"guardrails": [
"Keine synthetischen Boundary-Fallbacks fuer alte Scans",
"Keine Nachbewertung alter Testergebnisse im Fakten-JSON",
"Keine Betreiber-Empfehlung im Report-JSON"
]
},
"host": "dwpbank.de",
"normalized_url": "https://dwpbank.de/",
"score": 49,
"verdict": {
"color": "red",
"label": "riskant",
"score": 49
},
"scan_id": "1b7aa875-5d2f-4b97-8f4a-510db23869e5",
"created_at": "2026-06-19 09:24:17.215598+02",
"evidence": {
"dns": {
"ok": true,
"addresses": [
"109.71.72.194",
"2a05:cc00::72:194:10"
],
"duration_ms": 0
},
"tls": {
"ok": true,
"cipher": "TLS_AES_256_GCM_SHA384",
"issuer": [
[
[
"countryName",
"US"
]
],
[
[
"organizationName",
"DigiCert Inc"
]
],
[
[
"commonName",
"DigiCert EV RSA CA G2"
]
]
],
"subject": [
[
[
"jurisdictionCountryName",
"DE"
]
],
[
[
"jurisdictionStateOrProvinceName",
"Hessen"
]
],
[
[
"jurisdictionLocalityName",
"Frankfurt am Main"
]
],
[
[
"businessCategory",
"Private Organization"
]
],
[
[
"serialNumber",
"HRB 56913"
]
],
[
[
"countryName",
"DE"
]
],
[
[
"stateOrProvinceName",
"Hessen"
]
],
[
[
"localityName",
"Frankfurt am Main"
]
],
[
[
"organizationName",
"Deutsche WertpapierService Bank AG"
]
],
[
[
"commonName",
"www.dwpbank.de"
]
]
],
"version": "TLSv1.3",
"not_after": "Dec 3 23:59:59 2026 GMT",
"hostname_matches": true,
"days_until_expiry": 167,
"subject_alt_names": [
"www.dwpbank.de",
"dwpbank.de"
],
"issuer_common_name": "DigiCert EV RSA CA G2"
},
"http": {
"ok": true,
"status": 200,
"headers": {
"age": "1401",
"via": "1.1 srv-a-go.c-2237.maxcluster.net (Varnish/7.7)",
"date": "Fri, 19 Jun 2026 07:24:01 GMT",
"vary": "Accept-Encoding",
"server": "nginx/1.28.0",
"x-varnish": "159942329 159057893",
"connection": "close",
"x-cacheable": "YES:Forced",
"content-type": "text/html; charset=UTF-8",
"accept-ranges": "bytes",
"content-length": "215384",
"referrer-policy": "same-origin",
"x-frame-options": "SAMEORIGIN",
"x-xss-protection": "1; mode=block",
"permissions-policy": "fullscreen=(self \"https://www.youtube.com\" \"https://www.youtube-nocookie.com\"), picture-in-picture=(self \"https://www.youtube.com\" \"https://www.youtube-nocookie.com\"), autoplay=(self \"https://www.youtube.com\" \"https://www.youtube-nocookie.com\"), encrypted-media=(self \"https://www.youtube.com\" \"https://www.youtube-nocookie.com\"), accelerometer=(), camera=(), geolocation=(self), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), usb=()",
"content-security-policy": "default-src 'self'; script-src 'report-sample' 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://yoast.com https://www.youtube.com https://player.podigee-cdn.net/ https://cdn.jsdelivr.net/; style-src 'report-sample' 'self' 'unsafe-inline' https://fonts.googleapis.com https://player.podigee-cdn.net/ https://use.fontawesome.com/; object-src 'none'; base-uri 'self'; connect-src 'self' https://my.yoast.com; font-src 'self' https://fonts.gstatic.com/ https://use.fontawesome.com/ data:; frame-src 'self' blob: https://dwpbank.softgarden.io https://www.youtube-nocookie.com https://www.youtube.com/ https://maps.google.com/ https://www.google.com/ https://player.vimeo.com/ https://i.vimeocdn.com/ https://w.soundcloud.com/ https://player.podigee-cdn.net/; img-src 'self' data: https://i.ytimg.com https://www.kununu.com; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;",
"strict-transport-security": "max-age=31536000; includeSubDomains"
},
"body_size": 200000,
"final_url": "https://www.dwpbank.de/",
"duration_ms": 127
},
"scanner": {
"bot_url": "https://saferpage.de/bot",
"context": "crawler",
"user_agent": "SaferPageCrawler/0.3 (+https://saferpage.de/bot; schedules passive DACH website checks; report examples: https://saferpage.de/tests; kostenloser Report: <a href=\"https://saferpage.de/dwpbank.de\">https://saferpage.de/dwpbank.de</a>)",
"default_user_agent": "SaferPageBot/0.2 (+https://saferpage.de/bot; passive website safety check; no attack tests)"
},
"domain_records": {
"mx": true,
"caa": false,
"spf": true,
"dmarc": true,
"dnssec": false,
"records": {
"mx": [
"10 pmx.dwpbank.de."
],
"ns": [
"ns1.izb.net.",
"ns2.izb.net."
],
"caa": [],
"txt": [
"atlassian-domain-verification=24IcmsZmDSMJN0CSGTOl1JGzRU/wW09tlRpq2C9lpOsh9dZsmpQawHbPO9Rl6mt/",
"v=spf1 include:spf.sendinblue.com include:spf1.services-syntax.com include:f-i.de ip4:212.34.64.0/19 ip4:185.153.64.0/22 ip4:109.71.72.0/22 ip6:2a05:cc00::/29 mx -all",
"_g8t76mjwkl2enegt6rovrvbsjolw2um",
"_telesec-domain-validation=359585_2026-03-25_fOEfdXibd9cDQqjczBhUuZLj1aAZCP3msH5306JHtqW0wfC1dW",
"swisssign-check=ZjhcIcdyaDQU61PEY_AO5qhiID8",
"Sendinblue-code:c5445fb081358493d30d9a936d662b16",
"swisssign-check=rxi-qFHlhco8at6UxWNdmhW-tZg"
],
"cname": [],
"dmarc": [
"v=DMARC1; p=reject; sp=none; rua=mailto:dmarc@dwpbank.de!10m; ruf=mailto:dmarc@dwpbank.de!10m; rf=afrf; pct=100; ri=86400; aspf=r; adkim=r"
],
"dnskey_present": false
},
"spf_includes": [
"spf.sendinblue.com",
"spf1.services-syntax.com",
"f-i.de"
],
"verifications": [
"atlassian"
]
},
"googlebot_http": {
"ok": true,
"status": 200,
"headers": {
"age": "1401",
"via": "1.1 srv-a-go.c-2237.maxcluster.net (Varnish/7.7)",
"date": "Fri, 19 Jun 2026 07:24:01 GMT",
"vary": "Accept-Encoding",
"server": "nginx/1.28.0",
"x-varnish": "159779400 159057893",
"connection": "close",
"x-cacheable": "YES:Forced",
"content-type": "text/html; charset=UTF-8",
"accept-ranges": "bytes",
"content-length": "215384",
"referrer-policy": "same-origin",
"x-frame-options": "SAMEORIGIN",
"x-xss-protection": "1; mode=block",
"permissions-policy": "fullscreen=(self \"https://www.youtube.com\" \"https://www.youtube-nocookie.com\"), picture-in-picture=(self \"https://www.youtube.com\" \"https://www.youtube-nocookie.com\"), autoplay=(self \"https://www.youtube.com\" \"https://www.youtube-nocookie.com\"), encrypted-media=(self \"https://www.youtube.com\" \"https://www.youtube-nocookie.com\"), accelerometer=(), camera=(), geolocation=(self), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), usb=()",
"content-security-policy": "default-src 'self'; script-src 'report-sample' 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://yoast.com https://www.youtube.com https://player.podigee-cdn.net/ https://cdn.jsdelivr.net/; style-src 'report-sample' 'self' 'unsafe-inline' https://fonts.googleapis.com https://player.podigee-cdn.net/ https://use.fontawesome.com/; object-src 'none'; base-uri 'self'; connect-src 'self' https://my.yoast.com; font-src 'self' https://fonts.gstatic.com/ https://use.fontawesome.com/ data:; frame-src 'self' blob: https://dwpbank.softgarden.io https://www.youtube-nocookie.com https://www.youtube.com/ https://maps.google.com/ https://www.google.com/ https://player.vimeo.com/ https://i.vimeocdn.com/ https://w.soundcloud.com/ https://player.podigee-cdn.net/; img-src 'self' data: https://i.ytimg.com https://www.kununu.com; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;",
"strict-transport-security": "max-age=31536000; includeSubDomains"
},
"body_size": 200000,
"final_url": "https://www.dwpbank.de/",
"duration_ms": 126
},
"ai_search_policy_evidence": {
"files": [
{
"id": "robots_txt",
"url": "https://www.dwpbank.de/robots.txt",
"label": "robots.txt",
"reason": "",
"status": "found",
"body_size": 122,
"truncated": false,
"body_sha256": "55a257ff8412a78390fce18400cf20a276e407a6b60993343bc8f6d87b9d9022",
"duration_ms": 184,
"http_status": 200,
"ai_bot_policy": {
"bot_directives": [],
"explicit_ai_bots": [],
"explicit_ai_bot_count": 0,
"wildcard_directive_count": 1,
"wildcard_directives_sample": [
{
"value": "/vv-marktplatz-roadshow-hamburg-hdjhgj97iug/",
"directive": "disallow"
}
]
},
"relevant_lines": [
"User-agent: *",
"Disallow: /vv-marktplatz-roadshow-hamburg-hdjhgj97iug/",
"Sitemap: https://www.dwpbank.de/sitemap_index.xml"
]
},
{
"id": "llms_txt",
"url": "https://www.dwpbank.de/llms.txt",
"label": "llms.txt",
"reason": "",
"status": "found",
"body_size": 9830,
"truncated": false,
"body_sha256": "1f3e54a4f15033ac85f2e6cb1c3b84adfb526a4e6f575c6383642c0150d81f77",
"duration_ms": 131,
"http_status": 200,
"relevant_lines": [
"# dwpbank: Deutsche WertpapierService Bank AG",
"> Die dwpbank ist der führende Dienstleister für Wertpapierservices in Deutschland\\. Gestalten Sie mit uns das Wertpapiergeschäft der Zukunft\\.",
"Generated by Yoast SEO v27.8, this is an llms.txt file, meant for consumption by LLMs.",
"## Seiten",
"- [Unternehmen](https://www.dwpbank.de/unternehmen/): Die Deutsche WertpapierService Bank AG \\(dwpbank\\) ist der führende Dienstleister für Wertpapierservices in Deutschland\\. Unse",
"- [Kontakt](https://www.dwpbank.de/kontakt/)",
"- [Datenschutzgrundsätze](https://www.dwpbank.de/datenschutz/): Vielen Dank für Ihren Besuch auf den Webseiten der Deutschen WertpapierService Bank AG \\(dwpbank\\) und Ihr Interesse",
"- [Leistungen](https://www.dwpbank.de/leistungen/): Im Wertpapiergeschäft bietet die dwpbank entlang des gesamten Wegs einer Wertpapierorder Services und Produkte\\.",
"- [WP3](https://www.dwpbank.de/wp3/): Im Wertpapiergeschäft bietet die dwpbank entlang des gesamten Wegs einer Wertpapierorder Services und Produkte\\.",
"- [Karriere](https://www.dwpbank.de/karriere/): Deine Karriere bei der dwpbank: Freue dich auf spannende Jobs, individuelle Entwicklungsmöglichkeiten, flexible Arbeitsmodelle und a",
"- [Nachhaltigkeit in der dwpbank](https://www.dwpbank.de/unternehmen/nachhaltigkeit-in-der-dwpbank/): Mit Weitsicht handeln: Erfahren Sie, wie die dwpbank Nachhaltigkeit ganzheitli",
"- [Presse](https://www.dwpbank.de/presse/)",
"- [Veranstaltungen](https://www.dwpbank.de/aktuelles/veranstaltungen/): Als Experten für Wertpapierservices sprechen wir bei Fachkonferenzen, bieten Webinare an und stehen im ständ",
"- [Executive Summit 2025](https://www.dwpbank.de/executive-summit-2025/)",
"## Beiträge",
"- [Risikomanagement in Banken: Was wir vom Fliegen lernen](https://www.dwpbank.de/magazin/insights/risikomanagement-in-banken-was-wir-vom-fliegen-lernen/): Wie im Cockpit gilt auch"
]
},
{
"id": "ai_txt",
"url": "https://www.dwpbank.de/.well-known/ai.txt",
"label": "AI Policy",
"reason": "http_error",
"status": "missing",
"body_size": 0,
"truncated": false,
"body_sha256": "",
"duration_ms": 1325,
"http_status": 404,
"relevant_lines": []
},
{
"id": "ai_policy_txt",
"url": "https://www.dwpbank.de/.well-known/ai-policy.txt",
"label": "AI Policy",
"reason": "http_error",
"status": "missing",
"body_size": 0,
"truncated": false,
"body_sha256": "",
"duration_ms": 582,
"http_status": 404,
"relevant_lines": []
},
{
"id": "ward_txt",
"url": "https://www.dwpbank.de/.well-known/ward.txt",
"label": "WARD Policy",
"reason": "http_error",
"status": "missing",
"body_size": 0,
"truncated": false,
"body_sha256": "",
"duration_ms": 605,
"http_status": 404,
"relevant_lines": []
}
],
"origin": "https://www.dwpbank.de",
"schema": "https://saferpage.de/schemas/ai-search-policy-evidence.v1",
"status": "checked",
"metrics": {
"file_count": 5,
"found_file_count": 2,
"policy_file_count": 1,
"explicit_ai_bot_count": 0
},
"summary": "2 von 5 Policy-Datei(en) gefunden; 0 explizite KI-Bot-Regel(n) in robots.txt.",
"available": true,
"guardrails": [
"Nur feste Same-Origin-Policy-Dateien",
"Keine Off-Host-Redirects",
"64-KB-Body-Limit",
"Öffentlich nur Hash, Status und kurze relevante Zeilen"
],
"known_ai_bots": [
"GPTBot",
"ChatGPT-User",
"Google-Extended",
"ClaudeBot",
"PerplexityBot",
"CCBot"
],
"explicit_ai_bots": [],
"policy_file_count": 1,
"llms_ward_policy_status": "policy_file_found",
"robots_ai_policy_status": "generic_robots_policy"
},
"adtech_transparency_evidence": {
"files": [
{
"id": "ads_txt",
"url": "https://www.dwpbank.de/ads.txt",
"label": "ads.txt",
"reason": "http_error",
"status": "missing",
"body_size": 0,
"truncated": false,
"body_sha256": "",
"duration_ms": 1619,
"http_status": 404,
"ads_txt_policy": [],
"relevant_lines": [],
"sellers_json_policy": []
},
{
"id": "app_ads_txt",
"url": "https://www.dwpbank.de/app-ads.txt",
"label": "app-ads.txt",
"reason": "http_error",
"status": "missing",
"body_size": 0,
"truncated": false,
"body_sha256": "",
"duration_ms": 648,
"http_status": 404,
"ads_txt_policy": [],
"relevant_lines": [],
"sellers_json_policy": []
},
{
"id": "sellers_json",
"url": "https://www.dwpbank.de/sellers.json",
"label": "sellers.json",
"reason": "http_error",
"status": "missing",
"body_size": 0,
"truncated": false,
"body_sha256": "",
"duration_ms": 653,
"http_status": 404,
"ads_txt_policy": [],
"relevant_lines": [],
"sellers_json_policy": []
}
],
"origin": "https://www.dwpbank.de",
"schema": "https://saferpage.de/schemas/adtech-transparency-evidence.v1",
"status": "checked",
"metrics": {
"file_count": 3,
"direct_count": 0,
"reseller_count": 0,
"found_file_count": 0,
"ads_txt_entry_count": 0,
"exchange_domain_count": 0,
"app_ads_txt_entry_count": 0,
"sellers_json_seller_count": 0
},
"summary": "0 von 3 AdTech-Transparenzdatei(en) gefunden; 0 DIRECT- und 0 RESELLER-Zeile(n).",
"available": true,
"guardrails": [
"Nur feste Same-Origin-AdTech-Dateien",
"Keine Off-Host-Redirects",
"64-KB-Body-Limit",
"Öffentlich nur Hash, Status, Zähler und kurze relevante Zeilen"
],
"direct_count": 0,
"ads_txt_found": false,
"reseller_count": 0,
"app_ads_txt_found": false,
"sellers_json_found": false,
"ads_txt_entry_count": 0,
"exchange_domain_count": 0,
"sellers_json_parse_ok": false,
"app_ads_txt_entry_count": 0,
"sellers_json_seller_count": 0
},
"security_trust_policy_evidence": {
"files": [
{
"id": "security_txt",
"url": "https://www.dwpbank.de/.well-known/security.txt",
"label": "security.txt",
"reason": "http_error",
"status": "missing",
"body_size": 0,
"truncated": false,
"body_sha256": "",
"duration_ms": 1600,
"http_status": 404,
"relevant_lines": [],
"security_txt_policy": []
},
{
"id": "security_txt_legacy",
"url": "https://www.dwpbank.de/security.txt",
"label": "security.txt legacy",
"reason": "http_error",
"status": "missing",
"body_size": 0,
"truncated": false,
"body_sha256": "",
"duration_ms": 712,
"http_status": 404,
"relevant_lines": [],
"security_txt_policy": []
}
],
"origin": "https://www.dwpbank.de",
"schema": "https://saferpage.de/schemas/security-trust-policy-evidence.v1",
"status": "checked",
"metrics": {
"file_count": 2,
"field_count": 0,
"contact_count": 0,
"found_file_count": 0,
"preferred_well_known_found": 0
},
"summary": "0 von 2 security.txt-Ziel(en) gefunden; 0 Kontaktfeld(er), 0 strukturierte Feld(er).",
"available": true,
"guardrails": [
"Nur feste Same-Origin-security.txt-Ziele",
"Keine Off-Host-Redirects",
"64-KB-Body-Limit",
"Öffentlich nur Hash, Status und kurze relevante Zeilen"
],
"field_count": 0,
"contact_count": 0,
"fields_present": [],
"policy_present": false,
"expires_present": false,
"encryption_present": false,
"security_txt_found": false,
"preferred_well_known_found": false
}
},
"findings": [
{
"id": "known_vulnerability_advisory",
"title": "CVE-2025-53859: Buffer overread in the ngx_mail_smtp_module",
"public": true,
"version": "1.28.0",
"audience": "nutzer",
"category": "vulnerability",
"severity": "info",
"confirmed": true,
"technology": "nginx",
"advisory_id": "CVE-2025-53859",
"user_importance": 135,
"importance_label": "Wichtig für Nutzer"
},
{
"id": "known_vulnerability_advisory",
"title": "CVE-2026-1642: SSL upstream injection",
"public": true,
"version": "1.28.0",
"audience": "nutzer",
"category": "vulnerability",
"severity": "warning",
"confirmed": true,
"technology": "nginx",
"advisory_id": "CVE-2026-1642",
"user_importance": 135,
"importance_label": "Wichtig für Nutzer"
},
{
"id": "known_vulnerability_advisory",
"title": "CVE-2026-27651: NULL pointer dereference while using CRAM-MD5 or APOP",
"public": true,
"version": "1.28.0",
"audience": "nutzer",
"category": "vulnerability",
"severity": "info",
"confirmed": true,
"technology": "nginx",
"advisory_id": "CVE-2026-27651",
"user_importance": 135,
"importance_label": "Wichtig für Nutzer"
},
{
"id": "known_vulnerability_advisory",
"title": "CVE-2026-27654: Buffer overflow in ngx_http_dav_module",
"public": true,
"version": "1.28.0",
"audience": "nutzer",
"category": "vulnerability",
"severity": "warning",
"confirmed": true,
"technology": "nginx",
"advisory_id": "CVE-2026-27654",
"user_importance": 135,
"importance_label": "Wichtig für Nutzer"
},
{
"id": "known_vulnerability_advisory",
"title": "CVE-2026-27784: Buffer overflow in the ngx_http_mp4_module",
"public": true,
"version": "1.28.0",
"audience": "nutzer",
"category": "vulnerability",
"severity": "warning",
"confirmed": true,
"technology": "nginx",
"advisory_id": "CVE-2026-27784",
"user_importance": 135,
"importance_label": "Wichtig für Nutzer"
},
{
"id": "known_vulnerability_advisory",
"title": "CVE-2026-28753: Injection in auth_http and XCLIENT",
"public": true,
"version": "1.28.0",
"audience": "nutzer",
"category": "vulnerability",
"severity": "warning",
"confirmed": true,
"technology": "nginx",
"advisory_id": "CVE-2026-28753",
"user_importance": 135,
"importance_label": "Wichtig für Nutzer"
},
{
"id": "known_vulnerability_advisory",
"title": "CVE-2026-28755: OCSP result bypass in stream",
"public": true,
"version": "1.28.0",
"audience": "nutzer",
"category": "vulnerability",
"severity": "warning",
"confirmed": true,
"technology": "nginx",
"advisory_id": "CVE-2026-28755",
"user_importance": 135,
"importance_label": "Wichtig für Nutzer"
},
{
"id": "known_vulnerability_advisory",
"title": "CVE-2026-32647: Buffer overflow in the ngx_http_mp4_module",
"public": true,
"version": "1.28.0",
"audience": "nutzer",
"category": "vulnerability",
"severity": "warning",
"confirmed": true,
"technology": "nginx",
"advisory_id": "CVE-2026-32647",
"user_importance": 135,
"importance_label": "Wichtig für Nutzer"
},
{
"id": "known_vulnerability_advisory",
"title": "CVE-2026-40460: HTTP/3 address spoofing",
"public": true,
"version": "1.28.0",
"audience": "nutzer",
"category": "vulnerability",
"severity": "warning",
"confirmed": true,
"technology": "nginx",
"advisory_id": "CVE-2026-40460",
"user_importance": 135,
"importance_label": "Wichtig für Nutzer"
},
{
"id": "known_vulnerability_advisory",
"title": "CVE-2026-40701: resolver use-after-free in OCSP",
"public": true,
"version": "1.28.0",
"audience": "nutzer",
"category": "vulnerability",
"severity": "warning",
"confirmed": true,
"technology": "nginx",
"advisory_id": "CVE-2026-40701",
"user_importance": 135,
"importance_label": "Wichtig für Nutzer"
},
{
"id": "known_vulnerability_advisory",
"title": "CVE-2026-42934: Buffer overread in the ngx_http_charset_module",
"public": true,
"version": "1.28.0",
"audience": "nutzer",
"category": "vulnerability",
"severity": "info",
"confirmed": true,
"technology": "nginx",
"advisory_id": "CVE-2026-42934",
"user_importance": 135,
"importance_label": "Wichtig für Nutzer"
},
{
"id": "known_vulnerability_advisory",
"title": "CVE-2026-42945: Buffer overflow in the ngx_http_rewrite_module",
"public": true,
"version": "1.28.0",
"audience": "nutzer",
"category": "vulnerability",
"severity": "warning",
"confirmed": true,
"technology": "nginx",
"advisory_id": "CVE-2026-42945",
"user_importance": 135,
"importance_label": "Wichtig für Nutzer"
},
{
"id": "known_vulnerability_advisory",
"title": "CVE-2026-42946: Buffer overread in the ngx_http_scgi_module and ngx_http_uwsgi_module",
"public": true,
"version": "1.28.0",
"audience": "nutzer",
"category": "vulnerability",
"severity": "warning",
"confirmed": true,
"technology": "nginx",
"advisory_id": "CVE-2026-42946",
"user_importance": 135,
"importance_label": "Wichtig für Nutzer"
},
{
"id": "known_vulnerability_advisory",
"title": "CVE-2026-9256: Buffer overflow in the ngx_http_rewrite_module",
"public": true,
"version": "1.28.0",
"audience": "nutzer",
"category": "vulnerability",
"severity": "warning",
"confirmed": true,
"technology": "nginx",
"advisory_id": "CVE-2026-9256",
"user_importance": 135,
"importance_label": "Wichtig für Nutzer"
},
{
"id": "pre_consent_tracking_cookies",
"title": "Tracking-Cookies vor Einwilligung gesetzt",
"public": true,
"source": "chromium_cookie_inventory",
"cookies": [
"_pk_id.1.dae4",
"_pk_ses.1.dae4"
],
"audience": "nutzer",
"category": "privacy",
"severity": "warning",
"evidence_items": [
"_pk_id.1.dae4",
"_pk_ses.1.dae4"
],
"user_importance": 128,
"importance_label": "Wichtig für Nutzer"
},
{
"id": "long_lived_tracking_cookie",
"count": 1,
"title": "Langlebige Tracking-/Marketing-Cookies",
"public": true,
"audience": "nutzer",
"category": "privacy",
"severity": "warning",
"evidence_items": [
"1 im Scan gezählt"
],
"user_importance": 122,
"importance_label": "Wichtig für Nutzer"
},
{
"id": "consent_no_reject_option",
"title": "Cookie-Hinweis ohne klare Ablehnen-Option",
"public": true,
"audience": "nutzer",
"category": "privacy",
"severity": "warning",
"evidence_items": [
"Sichtbare Banner-Controls: Akzeptieren 0, Ablehnen 0, Einstellungen 1"
],
"user_importance": 121,
"importance_label": "Wichtig für Nutzer"
},
{
"id": "external_canonical",
"title": "Canonical zeigt auf fremde Domain",
"public": true,
"audience": "nutzer",
"category": "seo",
"severity": "warning",
"canonical_url": "https://www.dwpbank.de/",
"evidence_items": [
"https://www.dwpbank.de/"
],
"user_importance": 118,
"importance_label": "Wichtig für Nutzer"
},
{
"id": "beacon_api_usage",
"count": 2,
"title": "Beacon-/Keepalive-Telemetrie erkannt",
"public": true,
"audience": "nutzer",
"category": "privacy",
"severity": "warning",
"evidence_items": [
"Beacon-/Keepalive-Telemetrie im Browser-Lauf erkannt"
],
"user_importance": 116,
"importance_label": "Wichtig für Nutzer"
},
{
"id": "external_link_spam",
"title": "Sehr viele externe Links erkannt",
"public": true,
"audience": "nutzer",
"category": "seo",
"severity": "warning",
"evidence_items": [
"184 externe Links auf der Startseite"
],
"user_importance": 116,
"importance_label": "Wichtig für Nutzer"
},
{
"id": "browser_keystroke_listener_signals",
"count": 128,
"title": "Viele Tastatur-/Eingabe-Listener im Browser erkannt",
"public": true,
"audience": "nutzer",
"category": "privacy",
"severity": "info",
"evidence_items": [
"Tastatur-Eingabe-Listener (Session-Replay-nah) im Browser-Lauf erkannt"
],
"user_importance": 110,
"importance_label": "Wichtig für Nutzer"
},
{
"id": "long_lived_cookie",
"count": 1,
"title": "Langlebige Cookies erkannt",
"public": true,
"audience": "nutzer",
"category": "privacy",
"severity": "info",
"evidence_items": [
"Cookie mit sehr langer Laufzeit erkannt (Details im Cookie-Inventar)"
],
"user_importance": 104,
"importance_label": "Wichtig für Nutzer"
},
{
"id": "csp_unsafe_inline",
"title": "CSP erlaubt unsafe-inline für Skripte",
"public": true,
"audience": "nutzer",
"category": "security_headers",
"severity": "warning",
"user_importance": 96,
"importance_label": "Wichtig für Nutzer"
},
{
"id": "csp_unsafe_eval",
"title": "CSP erlaubt eval-nahe Skriptausführung",
"public": true,
"audience": "nutzer",
"category": "security_headers",
"severity": "warning",
"user_importance": 94,
"importance_label": "Wichtig für Nutzer"
},
{
"id": "privacy_policy_update_date_missing",
"title": "Stand der Datenschutzerklärung nicht klar erkennbar",
"public": true,
"audience": "nutzer",
"category": "privacy",
"severity": "info",
"user_importance": 94,
"importance_label": "Wichtig für Nutzer"
},
{
"id": "image_alt_missing",
"count": 7,
"title": "Bilder ohne Alternativtext",
"public": true,
"audience": "nutzer",
"category": "accessibility",
"severity": "info",
"evidence_items": [
"https://www.dwpbank.de/wp-content/uploads/2021/01/dwpbank-Logo_2022.png",
"https://www.dwpbank.de/wp-content/uploads/2026/01/dwpbank_GastbeitragVitaliaSafronova_Webseite_Magazin_Beitragsbild_728x728px.jpg",
"https://www.dwpbank.de/wp-content/uploads/2025/12/251210_dwpbank_Thumbnail_Weihnachtsgruss2025_728x728px.jpg",
"https://www.dwpbank.de/wp-content/uploads/2025/12/dwpbank_Ex-Summit_Nachbericht-3_Website_Magazin_Beitragsbild_728x728px.png",
"https://www.dwpbank.de/wp-content/uploads/2025/12/dwpbank_Ex-Summit_Nachbericht-2_Website_Magazin_Beitragsbild_728x728px-1.png",
"https://www.dwpbank.de/wp-content/uploads/2025/12/dwpbank_Ex-Summit_Nachbericht_Webseite_Magazin_Beitragsbild_728x728px.png",
"https://www.dwpbank.de/wp-content/uploads/2025/12/251117_dwpbank_Beitragsbild1_AkquiseLM_610x728px.jpg"
],
"user_importance": 82,
"importance_label": "Wichtig für Nutzer"
},
{
"id": "large_html_response",
"title": "HTML-Antwort ist groß",
"public": true,
"audience": "nutzer",
"category": "performance",
"severity": "info",
"evidence_items": [
"HTML-Größe: 200000 Bytes"
],
"user_importance": 82,
"importance_label": "Wichtig für Nutzer"
},
{
"id": "compression_missing",
"title": "Komprimierung nicht erkannt",
"public": true,
"audience": "betreiber",
"category": "performance",
"severity": "info",
"evidence_items": [
"HTTP-Antwort ohne gzip/br-Komprimierung (kein Content-Encoding-Header)"
],
"user_importance": 76,
"importance_label": "Technischer Hinweis"
},
{
"id": "too_many_render_blocking_assets",
"title": "Viele potenziell blockierende Assets",
"public": true,
"audience": "betreiber",
"category": "performance",
"severity": "info",
"evidence_items": [
"Viele render-blockierende CSS/JS-Ressourcen im <head> der Startseite"
],
"user_importance": 74,
"importance_label": "Technischer Hinweis"
},
{
"id": "missing_x_content_type_options",
"title": "X-Content-Type-Options fehlt",
"public": true,
"audience": "betreiber",
"category": "security_headers",
"severity": "warning",
"evidence_items": [
"HTTP-Header „X-Content-Type-Options\" fehlt in der Antwort der Startseite"
],
"user_importance": 70,
"importance_label": "Technischer Hinweis"
},
{
"id": "missing_cross_origin_embedder_policy",
"title": "Cross-Origin-Embedder-Policy fehlt",
"public": true,
"audience": "betreiber",
"category": "security_headers",
"severity": "info",
"evidence_items": [
"HTTP-Header „Cross-Origin-Embedder-Policy\" fehlt in der Antwort der Startseite"
],
"user_importance": 68,
"importance_label": "Technischer Hinweis"
},
{
"id": "missing_cross_origin_opener_policy",
"title": "Cross-Origin-Opener-Policy fehlt",
"public": true,
"audience": "betreiber",
"category": "security_headers",
"severity": "info",
"evidence_items": [
"HTTP-Header „Cross-Origin-Opener-Policy\" fehlt in der Antwort der Startseite"
],
"user_importance": 66,
"importance_label": "Technischer Hinweis"
},
{
"id": "missing_cross_origin_resource_policy",
"title": "Cross-Origin-Resource-Policy fehlt",
"public": true,
"audience": "betreiber",
"category": "security_headers",
"severity": "info",
"evidence_items": [
"HTTP-Header „Cross-Origin-Resource-Policy\" fehlt in der Antwort der Startseite"
],
"user_importance": 64,
"importance_label": "Technischer Hinweis"
},
{
"id": "consent_banner_dark_pattern_risk",
"count": 1,
"title": "Consent-Banner mit Dark-Pattern-/UX-Risiko",
"public": true,
"audience": "betreiber",
"category": "privacy",
"severity": "warning",
"evidence_items": [
"Banner-UX: Akzeptieren 0 vs. Ablehnen 0 – Ablehnen weniger prominent/gleichwertig"
],
"user_importance": 60,
"importance_label": "Technischer Hinweis"
},
{
"id": "unknown_vendor_jurisdiction",
"title": "Anbieter-Jurisdiktion nicht klar ableitbar",
"public": true,
"audience": "betreiber",
"category": "privacy",
"severity": "info",
"evidence_items": [
"Drittanbieter mit unklarer Anbieter-Jurisdiktion / möglichem Drittlandtransfer"
],
"user_importance": 30,
"importance_label": "Technischer Hinweis"
}
],
"audit_modules": [
{
"id": "privacy_consent",
"color": "red",
"score": 32,
"title": "Datenschutz, Cookies & Consent",
"source": "Browser, HTTP-Header, HTML und Consent-/Cookie-Heuristik",
"status": "kritisch",
"evidence": "0 Tracking-Script(s), 3 Cookie(s) vor Einwilligung, 2 Tracking-Cookie(s), Ablehnen-Option: nein, Consent-Audit: 32."
},
{
"id": "cookie_inventory",
"color": "orange",
"score": 57,
"title": "Cookie-Inventar",
"source": "HTTP-Set-Cookie und Chromium-Cookies beim ersten Seitenaufruf",
"status": "auffällig",
"evidence": "3 Cookie(s), 2 Tracking-/Werbe-Cookie(s), 0 Drittanbieter-Cookie(s), 2 langlebig, 0 sehr lang."
},
{
"id": "seo_integrity",
"color": "orange",
"score": 64,
"title": "SEO-Integrität & Cloaking",
"source": "HTML-Inhalt, strukturierte Daten, Links und Googlebot-Vergleich",
"status": "auffällig",
"evidence": "2 SEO-Spam-Hinweis(e), 0 Cloaking-Hinweis(e)."
},
{
"id": "security_tls",
"color": "orange",
"score": 64,
"title": "Sicherheit, TLS & Header",
"source": "DNS, TLS, HTTP-Status, Zertifikat und Security-Header",
"status": "auffällig",
"evidence": "1 Infrastruktur-Hinweis(e), Security-Header: 5/9 vorhanden, 4 fehlen, externe Skript-Hosts: 0."
},
{
"id": "accessibility_usability",
"color": "orange",
"score": 68,
"title": "Barrierefreiheit & Usability",
"source": "Passives HTML-Sample: Bilder, Formulare, Buttons, Sprache, Headings und Viewport",
"status": "auffällig",
"evidence": "7 Bild(er) ohne alt, 0 Formularfeld(er) ohne Beschriftung, 0 Button(s) ohne Namen."
},
{
"id": "browser_evidence",
"color": "orange",
"score": 69,
"title": "Browser-Nachweis",
"source": "Headless Chromium mit Screenshot- und Request-Telemetrie",
"status": "auffällig",
"evidence": "116 Request(s), 1 Drittanbieter-Domain(s), davon 0 datenschutzrelevant, 3 Browser-Cookie(s), Transfer-Prüfbedarf: 0, Referrer-/URL-Leaks: 0, Fingerprinting-/Replay-Hinweise: 1."
},
{
"id": "performance_mobile",
"color": "yellow",
"score": 82,
"title": "Performance & mobile Nutzbarkeit",
"source": "HTTP-Antwort, HTML-Größe, Komprimierung und mobile Basis",
"status": "prüfen",
"evidence": "Performance-Score 82, Antwortzeit 127 ms."
},
{
"id": "tracking_pixels_beacons",
"color": "yellow",
"score": 82,
"title": "Tracking-Pixel & Beacons",
"source": "HTML-Pixel, Link-Ping-Attribute, Chromium-Requests und Browser-API-Instrumentierung",
"status": "prüfen",
"evidence": "0 Pixel-/Bildtracking-Hinweis(e), 2 Beacon-/Telemetry-Hinweis(e), 0 Link-Ping(s)."
},
{
"id": "forms_payments",
"color": "yellow",
"score": 84,
"title": "Formulare, Login & Zahlung",
"source": "HTML-Formulare, Eingabefelder, Zahlungsanbieter und Kontextlinks",
"status": "prüfen",
"evidence": "Aus diesem Rohfeld wird im Report keine zusätzliche Scan-Feststellung abgeleitet; Betreiberkontext und Umsetzungshinweise stehen auf separaten Seiten."
},
{
"id": "consent_journey",
"color": "green",
"score": 100,
"title": "Consent-Journey-Matrix",
"source": "Chromium-Zustände: Erstaufruf, Reject, Accept und GPC",
"status": "unauffällig",
"evidence": "Consent-Journey: 0 neue Datenschutz-Domain(s) nach Ablehnen, 0 nach Akzeptieren, 0 im GPC-Aufruf."
},
{
"id": "embedded_content",
"color": "green",
"score": 100,
"title": "Externe Inhalte & Widgets",
"source": "HTML-Embeds und Chromium-Drittanbieter-Requests",
"status": "unauffällig",
"evidence": "0 externe Embed-/Widget-Dienst(e), 0 davon im ersten Browseraufruf geladen."
},
{
"id": "script_supply_chain",
"color": "green",
"score": 100,
"title": "Externe Skripte & SRI",
"source": "HTML-Script-Tags, Anbieterklassifikation und SRI-Attribute",
"status": "unauffällig",
"evidence": "0 externe Skript(e) von 0 Host(s), 0 ohne SRI, 0 Tracking-/Tag-nahe Skript(e)."
},
{
"id": "google_third_parties",
"color": "green",
"score": 100,
"title": "Google-Dienste & Drittanbieter",
"source": "Chromium-Requests, Anbieterklassifikation und Google Consent Mode Heuristik",
"status": "unauffällig",
"evidence": "Keine Google-Domain, keine Google-Tracking-ID und keine datenschutzrelevanten Drittanbieter im passiven Check erkannt."
},
{
"id": "operator_transparency",
"color": "green",
"score": 100,
"title": "Impressum, Kontakt & Datenschutzerklärung",
"source": "Deutschsprachige Betreiber- und Datenschutzhinweis-Erkennung",
"status": "unauffällig",
"evidence": "Impressum: ja, Datenschutz: ja, Kontakt: ja."
},
{
"id": "pii_exposure",
"color": "green",
"score": 100,
"title": "PII, URL-Parameter & Datenleck-Schutz",
"source": "URL-Parameter, interne Links, HTML-Formulare, Browser-Drittanbieter und Dateneingabe-Kontext",
"status": "unauffällig",
"evidence": "0 PII-/Datenleck-Hinweis(e) aus URL-, Formular- und Browserkontext."
},
{
"id": "referrer_url_leaks",
"color": "green",
"score": 100,
"title": "Referrer & URL-Leaks",
"source": "Chromium-Request-Telemetrie ohne gespeicherte Parameterwerte",
"status": "unauffällig",
"evidence": "0 Drittanbieter-Domain(s) mit Referrer-/URL-Leak-Prüfbedarf, 0 sensible Query-Kontexte."
},
{
"id": "site_coverage",
"color": "green",
"score": 100,
"title": "Seitenabdeckung & Crawl",
"source": "Startseiten-Links, Compliance-Links und begrenzter interner Zusatzabruf",
"status": "unauffällig",
"evidence": "30 interne Linkziele erkannt, 4 priorisierte Unterseite(n) abgerufen."
}
],
"ai_search_policy_evidence": {
"files": [
{
"id": "robots_txt",
"url": "https://www.dwpbank.de/robots.txt",
"label": "robots.txt",
"reason": "",
"status": "found",
"body_size": 122,
"truncated": false,
"body_sha256": "55a257ff8412a78390fce18400cf20a276e407a6b60993343bc8f6d87b9d9022",
"duration_ms": 184,
"http_status": 200,
"ai_bot_policy": {
"bot_directives": [],
"explicit_ai_bots": [],
"explicit_ai_bot_count": 0,
"wildcard_directive_count": 1,
"wildcard_directives_sample": [
{
"value": "/vv-marktplatz-roadshow-hamburg-hdjhgj97iug/",
"directive": "disallow"
}
]
},
"relevant_lines": [
"User-agent: *",
"Disallow: /vv-marktplatz-roadshow-hamburg-hdjhgj97iug/",
"Sitemap: https://www.dwpbank.de/sitemap_index.xml"
]
},
{
"id": "llms_txt",
"url": "https://www.dwpbank.de/llms.txt",
"label": "llms.txt",
"reason": "",
"status": "found",
"body_size": 9830,
"truncated": false,
"body_sha256": "1f3e54a4f15033ac85f2e6cb1c3b84adfb526a4e6f575c6383642c0150d81f77",
"duration_ms": 131,
"http_status": 200,
"relevant_lines": [
"# dwpbank: Deutsche WertpapierService Bank AG",
"> Die dwpbank ist der führende Dienstleister für Wertpapierservices in Deutschland\\. Gestalten Sie mit uns das Wertpapiergeschäft der Zukunft\\.",
"Generated by Yoast SEO v27.8, this is an llms.txt file, meant for consumption by LLMs.",
"## Seiten",
"- [Unternehmen](https://www.dwpbank.de/unternehmen/): Die Deutsche WertpapierService Bank AG \\(dwpbank\\) ist der führende Dienstleister für Wertpapierservices in Deutschland\\. Unse",
"- [Kontakt](https://www.dwpbank.de/kontakt/)",
"- [Datenschutzgrundsätze](https://www.dwpbank.de/datenschutz/): Vielen Dank für Ihren Besuch auf den Webseiten der Deutschen WertpapierService Bank AG \\(dwpbank\\) und Ihr Interesse",
"- [Leistungen](https://www.dwpbank.de/leistungen/): Im Wertpapiergeschäft bietet die dwpbank entlang des gesamten Wegs einer Wertpapierorder Services und Produkte\\.",
"- [WP3](https://www.dwpbank.de/wp3/): Im Wertpapiergeschäft bietet die dwpbank entlang des gesamten Wegs einer Wertpapierorder Services und Produkte\\.",
"- [Karriere](https://www.dwpbank.de/karriere/): Deine Karriere bei der dwpbank: Freue dich auf spannende Jobs, individuelle Entwicklungsmöglichkeiten, flexible Arbeitsmodelle und a",
"- [Nachhaltigkeit in der dwpbank](https://www.dwpbank.de/unternehmen/nachhaltigkeit-in-der-dwpbank/): Mit Weitsicht handeln: Erfahren Sie, wie die dwpbank Nachhaltigkeit ganzheitli",
"- [Presse](https://www.dwpbank.de/presse/)",
"- [Veranstaltungen](https://www.dwpbank.de/aktuelles/veranstaltungen/): Als Experten für Wertpapierservices sprechen wir bei Fachkonferenzen, bieten Webinare an und stehen im ständ",
"- [Executive Summit 2025](https://www.dwpbank.de/executive-summit-2025/)",
"## Beiträge",
"- [Risikomanagement in Banken: Was wir vom Fliegen lernen](https://www.dwpbank.de/magazin/insights/risikomanagement-in-banken-was-wir-vom-fliegen-lernen/): Wie im Cockpit gilt auch"
]
},
{
"id": "ai_txt",
"url": "https://www.dwpbank.de/.well-known/ai.txt",
"label": "AI Policy",
"reason": "http_error",
"status": "missing",
"body_size": 0,
"truncated": false,
"body_sha256": "",
"duration_ms": 1325,
"http_status": 404,
"relevant_lines": []
},
{
"id": "ai_policy_txt",
"url": "https://www.dwpbank.de/.well-known/ai-policy.txt",
"label": "AI Policy",
"reason": "http_error",
"status": "missing",
"body_size": 0,
"truncated": false,
"body_sha256": "",
"duration_ms": 582,
"http_status": 404,
"relevant_lines": []
},
{
"id": "ward_txt",
"url": "https://www.dwpbank.de/.well-known/ward.txt",
"label": "WARD Policy",
"reason": "http_error",
"status": "missing",
"body_size": 0,
"truncated": false,
"body_sha256": "",
"duration_ms": 605,
"http_status": 404,
"relevant_lines": []
}
],
"origin": "https://www.dwpbank.de",
"schema": "https://saferpage.de/schemas/ai-search-policy-evidence.v1",
"status": "checked",
"metrics": {
"file_count": 5,
"found_file_count": 2,
"policy_file_count": 1,
"explicit_ai_bot_count": 0
},
"summary": "2 von 5 Policy-Datei(en) gefunden; 0 explizite KI-Bot-Regel(n) in robots.txt.",
"available": true,
"guardrails": [
"Nur feste Same-Origin-Policy-Dateien",
"Keine Off-Host-Redirects",
"64-KB-Body-Limit",
"Öffentlich nur Hash, Status und kurze relevante Zeilen"
],
"known_ai_bots": [
"GPTBot",
"ChatGPT-User",
"Google-Extended",
"ClaudeBot",
"PerplexityBot",
"CCBot"
],
"explicit_ai_bots": [],
"policy_file_count": 1,
"llms_ward_policy_status": "policy_file_found",
"robots_ai_policy_status": "generic_robots_policy"
},
"adtech_transparency_evidence": {
"files": [
{
"id": "ads_txt",
"url": "https://www.dwpbank.de/ads.txt",
"label": "ads.txt",
"reason": "http_error",
"status": "missing",
"body_size": 0,
"truncated": false,
"body_sha256": "",
"duration_ms": 1619,
"http_status": 404,
"ads_txt_policy": [],
"relevant_lines": [],
"sellers_json_policy": []
},
{
"id": "app_ads_txt",
"url": "https://www.dwpbank.de/app-ads.txt",
"label": "app-ads.txt",
"reason": "http_error",
"status": "missing",
"body_size": 0,
"truncated": false,
"body_sha256": "",
"duration_ms": 648,
"http_status": 404,
"ads_txt_policy": [],
"relevant_lines": [],
"sellers_json_policy": []
},
{
"id": "sellers_json",
"url": "https://www.dwpbank.de/sellers.json",
"label": "sellers.json",
"reason": "http_error",
"status": "missing",
"body_size": 0,
"truncated": false,
"body_sha256": "",
"duration_ms": 653,
"http_status": 404,
"ads_txt_policy": [],
"relevant_lines": [],
"sellers_json_policy": []
}
],
"origin": "https://www.dwpbank.de",
"schema": "https://saferpage.de/schemas/adtech-transparency-evidence.v1",
"status": "checked",
"metrics": {
"file_count": 3,
"direct_count": 0,
"reseller_count": 0,
"found_file_count": 0,
"ads_txt_entry_count": 0,
"exchange_domain_count": 0,
"app_ads_txt_entry_count": 0,
"sellers_json_seller_count": 0
},
"summary": "0 von 3 AdTech-Transparenzdatei(en) gefunden; 0 DIRECT- und 0 RESELLER-Zeile(n).",
"available": true,
"guardrails": [
"Nur feste Same-Origin-AdTech-Dateien",
"Keine Off-Host-Redirects",
"64-KB-Body-Limit",
"Öffentlich nur Hash, Status, Zähler und kurze relevante Zeilen"
],
"direct_count": 0,
"ads_txt_found": false,
"reseller_count": 0,
"app_ads_txt_found": false,
"sellers_json_found": false,
"ads_txt_entry_count": 0,
"exchange_domain_count": 0,
"sellers_json_parse_ok": false,
"app_ads_txt_entry_count": 0,
"sellers_json_seller_count": 0
},
"security_trust_policy_evidence": {
"files": [
{
"id": "security_txt",
"url": "https://www.dwpbank.de/.well-known/security.txt",
"label": "security.txt",
"reason": "http_error",
"status": "missing",
"body_size": 0,
"truncated": false,
"body_sha256": "",
"duration_ms": 1600,
"http_status": 404,
"relevant_lines": [],
"security_txt_policy": []
},
{
"id": "security_txt_legacy",
"url": "https://www.dwpbank.de/security.txt",
"label": "security.txt legacy",
"reason": "http_error",
"status": "missing",
"body_size": 0,
"truncated": false,
"body_sha256": "",
"duration_ms": 712,
"http_status": 404,
"relevant_lines": [],
"security_txt_policy": []
}
],
"origin": "https://www.dwpbank.de",
"schema": "https://saferpage.de/schemas/security-trust-policy-evidence.v1",
"status": "checked",
"metrics": {
"file_count": 2,
"field_count": 0,
"contact_count": 0,
"found_file_count": 0,
"preferred_well_known_found": 0
},
"summary": "0 von 2 security.txt-Ziel(en) gefunden; 0 Kontaktfeld(er), 0 strukturierte Feld(er).",
"available": true,
"guardrails": [
"Nur feste Same-Origin-security.txt-Ziele",
"Keine Off-Host-Redirects",
"64-KB-Body-Limit",
"Öffentlich nur Hash, Status und kurze relevante Zeilen"
],
"field_count": 0,
"contact_count": 0,
"fields_present": [],
"policy_present": false,
"expires_present": false,
"encryption_present": false,
"security_txt_found": false,
"preferred_well_known_found": false
},
"site_coverage_analysis": {
"color": "green",
"pages": [
{
"url": "https://www.dwpbank.de/datenschutz",
"path": "/datenschutz",
"text": "Datenschutz",
"source": "homepage_link",
"category": "datenschutz",
"priority": 100
},
{
"url": "https://www.dwpbank.de/impressum",
"path": "/impressum",
"text": "Impressum",
"source": "homepage_link",
"category": "impressum",
"priority": 96
},
{
"url": "https://www.dwpbank.de/kontakt",
"path": "/kontakt",
"text": "Kontakt",
"source": "homepage_link",
"category": "kontakt",
"priority": 90
},
{
"url": "https://www.dwpbank.de/presse",
"path": "/presse",
"text": "Presse",
"source": "homepage_link",
"category": "kontakt",
"priority": 90
},
{
"url": "https://www.dwpbank.de/magazin/technologie/anleger-koennen-direkt-vom-girokonto-investieren",
"path": "/magazin/technologie/anleger-koennen-direkt-vom-girokonto-investieren",
"text": "",
"source": "sitemap",
"category": "login",
"priority": 76
},
{
"url": "https://www.dwpbank.de/magazin/insights/sparkassentag-2025-wertvoller-austausch-mit-unseren-kunden",
"path": "/magazin/insights/sparkassentag-2025-wertvoller-austausch-mit-unseren-kunden",
"text": "",
"source": "sitemap",
"category": "checkout",
"priority": 74
},
{
"url": "https://www.dwpbank.de/magazin/regulatorik/service-fuer-ermaessigung-von-quellensteuern-auf-finnische-dividendenzahlungen",
"path": "/magazin/regulatorik/service-fuer-ermaessigung-von-quellensteuern-auf-finnische-dividendenzahlungen",
"text": "",
"source": "sitemap",
"category": "checkout",
"priority": 74
},
{
"url": "https://www.dwpbank.de/sparkassentag-2023-wiederanlagemanagement-der-dwpbank",
"path": "/sparkassentag-2023-wiederanlagemanagement-der-dwpbank",
"text": "",
"source": "sitemap",
"category": "checkout",
"priority": 74
},
{
"url": "https://www.dwpbank.de/magazin/markt/roadshow-depotwaerts",
"path": "/magazin/markt/roadshow-depotwaerts",
"text": "",
"source": "homepage_link+sitemap",
"category": "checkout",
"priority": 70
},
{
"url": "https://www.dwpbank.de/",
"path": "/",
"text": "",
"source": "sitemap",
"category": "unterseite",
"priority": 24
},
{
"url": "https://www.dwpbank.de/aktuelles",
"path": "/aktuelles",
"text": "",
"source": "sitemap",
"category": "unterseite",
"priority": 24
},
{
"url": "https://www.dwpbank.de/aktuelles/veranstaltungen/wertpapierservice-im-fokus-der-executive-summit-am-27-und-28-september-2022",
"path": "/aktuelles/veranstaltungen/wertpapierservice-im-fokus-der-executive-summit-am-27-und-28-september-2022",
"text": "",
"source": "sitemap",
"category": "unterseite",
"priority": 24
}
],
"score": 100,
"status": "unauffällig",
"summary": "30 interne Linkziele erkannt (120 aus Sitemap), 4 priorisierte Unterseite(n) zusätzlich abgerufen.",
"findings": [
{
"id": "privacy_policy_update_date_missing",
"title": "Stand der Datenschutzerklärung nicht klar erkennbar",
"public": true,
"category": "privacy",
"severity": "info"
}
],
"robots_ok": true,
"categories": {
"login": 1,
"kontakt": 2,
"checkout": 4,
"impressum": 1,
"unterseite": 21,
"datenschutz": 1
},
"sample_limit": 4,
"sampled_count": 4,
"sampled_pages": [
{
"ok": true,
"url": "https://www.dwpbank.de/datenschutz",
"path": "/datenschutz",
"audit": {
"form_count": 1,
"finding_ids": [
"consent_no_reject_option"
],
"cookie_count": 0,
"imprint_found": true,
"consent_hint_found": true,
"reject_option_found": false,
"privacy_policy_found": true,
"tracking_script_count": 0,
"pre_consent_cookie_count": 0,
"pre_consent_tracking_cookie_count": 0
},
"forms": 1,
"title": "Datenschutzgrundsätze | dwpbank",
"status": 200,
"category": "datenschutz",
"duration_ms": 331,
"privacy_hint": true,
"privacy_policy_audit": {
"url": "https://www.dwpbank.de/datenschutz",
"color": "green",
"found": [
"Verantwortlicher / Anbieter",
"Kontakt / Datenschutzkontakt",
"Zwecke der Verarbeitung",
"Rechtsgrundlagen",
"Betroffenenrechte",
"Speicherfrist / Löschung",
"Empfänger / Auftragsverarbeiter",
"Cookies / Tracking",
"Widerruf / Opt-out",
"Beschwerde bei Aufsichtsbehörde",
"Drittlandtransfer",
"Datenschutzkontakt / DPO-Hinweis",
"Verständliche Satzlänge"
],
"score": 93,
"checks": [
{
"id": "controller_identity",
"found": true,
"label": "Verantwortlicher / Anbieter"
},
{
"id": "contact",
"found": true,
"label": "Kontakt / Datenschutzkontakt"
},
{
"id": "purposes",
"found": true,
"label": "Zwecke der Verarbeitung"
},
{
"id": "legal_basis",
"found": true,
"label": "Rechtsgrundlagen"
},
{
"id": "rights",
"found": true,
"label": "Betroffenenrechte"
},
{
"id": "retention",
"found": true,
"label": "Speicherfrist / Löschung"
},
{
"id": "recipients",
"found": true,
"label": "Empfänger / Auftragsverarbeiter"
},
{
"id": "cookies_tracking",
"found": true,
"label": "Cookies / Tracking"
},
{
"id": "withdrawal",
"found": true,
"label": "Widerruf / Opt-out"
},
{
"id": "complaint_authority",
"found": true,
"label": "Beschwerde bei Aufsichtsbehörde"
},
{
"id": "third_country_transfer",
"found": true,
"label": "Drittlandtransfer"
},
{
"id": "update_date",
"found": false,
"label": "Stand / Aktualitätsdatum",
"detail": ""
},
{
"id": "dpo_contact",
"found": true,
"label": "Datenschutzkontakt / DPO-Hinweis"
},
{
"id": "readability",
"found": true,
"label": "Verständliche Satzlänge",
"detail": "10.1 Wörter/Satz"
}
],
"status": "unauffällig",
"missing": [
"Stand / Aktualitätsdatum"
],
"summary": "13 von 14 zentralen Datenschutz-Bausteinen erkannt.",
"findings": [
{
"id": "privacy_policy_update_date_missing",
"title": "Stand der Datenschutzerklärung nicht klar erkennbar",
"public": true,
"category": "privacy",
"severity": "info"
}
],
"available": true,
"freshness": {
"stale": false,
"age_days": null,
"last_updated": "",
"update_date_found": false
},
"word_count": 6652,
"readability": {
"hard_to_read": false,
"sentence_count": 658,
"avg_sentence_words": 10.1
},
"missing_count": 1,
"dpo_contact_found": true
}
},
{
"ok": true,
"url": "https://www.dwpbank.de/impressum",
"path": "/impressum",
"audit": {
"form_count": 1,
"finding_ids": [
"privacy_policy_too_thin"
],
"cookie_count": 0,
"imprint_found": true,
"consent_hint_found": false,
"reject_option_found": false,
"privacy_policy_found": true,
"tracking_script_count": 0,
"pre_consent_cookie_count": 0,
"pre_consent_tracking_cookie_count": 0
},
"forms": 1,
"title": "Impressum | dwpbank",
"status": 200,
"category": "impressum",
"duration_ms": 417,
"privacy_hint": true,
"privacy_policy_audit": []
},
{
"ok": true,
"url": "https://www.dwpbank.de/kontakt",
"path": "/kontakt",
"audit": {
"form_count": 2,
"finding_ids": [
"privacy_policy_too_thin"
],
"cookie_count": 0,
"imprint_found": true,
"consent_hint_found": false,
"reject_option_found": false,
"privacy_policy_found": true,
"tracking_script_count": 0,
"pre_consent_cookie_count": 0,
"pre_consent_tracking_cookie_count": 0
},
"forms": 2,
"title": "Kontakt | dwpbank",
"status": 200,
"category": "kontakt",
"duration_ms": 472,
"privacy_hint": true,
"privacy_policy_audit": []
},
{
"ok": true,
"url": "https://www.dwpbank.de/presse",
"path": "/presse",
"audit": {
"form_count": 2,
"finding_ids": [
"imprint_missing",
"privacy_policy_too_thin"
],
"cookie_count": 0,
"imprint_found": false,
"consent_hint_found": false,
"reject_option_found": false,
"privacy_policy_found": true,
"tracking_script_count": 0,
"pre_consent_cookie_count": 0,
"pre_consent_tracking_cookie_count": 0
},
"forms": 2,
"title": "Presse | dwpbank",
"status": 200,
"category": "kontakt",
"duration_ms": 359,
"privacy_hint": true,
"privacy_policy_audit": []
}
],
"robots_checked": true,
"sitemap_sources": [
"https://www.dwpbank.de/sitemap_index.xml",
"https://www.dwpbank.de/sitemap.xml",
"https://www.dwpbank.de/post-sitemap.xml",
"https://www.dwpbank.de/page-sitemap.xml",
"https://www.dwpbank.de/mitarbeiter-story-sitemap.xml"
],
"sitemap_available": true,
"sitemap_url_count": 120,
"homepage_link_count": 184,
"internal_link_count": 30,
"privacy_policy_audit": {
"url": "https://www.dwpbank.de/datenschutz",
"color": "green",
"found": [
"Verantwortlicher / Anbieter",
"Kontakt / Datenschutzkontakt",
"Zwecke der Verarbeitung",
"Rechtsgrundlagen",
"Betroffenenrechte",
"Speicherfrist / Löschung",
"Empfänger / Auftragsverarbeiter",
"Cookies / Tracking",
"Widerruf / Opt-out",
"Beschwerde bei Aufsichtsbehörde",
"Drittlandtransfer",
"Datenschutzkontakt / DPO-Hinweis",
"Verständliche Satzlänge"
],
"score": 93,
"checks": [
{
"id": "controller_identity",
"found": true,
"label": "Verantwortlicher / Anbieter"
},
{
"id": "contact",
"found": true,
"label": "Kontakt / Datenschutzkontakt"
},
{
"id": "purposes",
"found": true,
"label": "Zwecke der Verarbeitung"
},
{
"id": "legal_basis",
"found": true,
"label": "Rechtsgrundlagen"
},
{
"id": "rights",
"found": true,
"label": "Betroffenenrechte"
},
{
"id": "retention",
"found": true,
"label": "Speicherfrist / Löschung"
},
{
"id": "recipients",
"found": true,
"label": "Empfänger / Auftragsverarbeiter"
},
{
"id": "cookies_tracking",
"found": true,
"label": "Cookies / Tracking"
},
{
"id": "withdrawal",
"found": true,
"label": "Widerruf / Opt-out"
},
{
"id": "complaint_authority",
"found": true,
"label": "Beschwerde bei Aufsichtsbehörde"
},
{
"id": "third_country_transfer",
"found": true,
"label": "Drittlandtransfer"
},
{
"id": "update_date",
"found": false,
"label": "Stand / Aktualitätsdatum",
"detail": ""
},
{
"id": "dpo_contact",
"found": true,
"label": "Datenschutzkontakt / DPO-Hinweis"
},
{
"id": "readability",
"found": true,
"label": "Verständliche Satzlänge",
"detail": "10.1 Wörter/Satz"
}
],
"status": "unauffällig",
"missing": [
"Stand / Aktualitätsdatum"
],
"summary": "13 von 14 zentralen Datenschutz-Bausteinen erkannt.",
"findings": [
{
"id": "privacy_policy_update_date_missing",
"title": "Stand der Datenschutzerklärung nicht klar erkennbar",
"public": true,
"category": "privacy",
"severity": "info"
}
],
"available": true,
"freshness": {
"stale": false,
"age_days": null,
"last_updated": "",
"update_date_found": false
},
"word_count": 6652,
"readability": {
"hard_to_read": false,
"sentence_count": 658,
"avg_sentence_words": 10.1
},
"missing_count": 1,
"dpo_contact_found": true
},
"sitemap_source_count": 5,
"provider_disclosure_audit": {
"color": "green",
"found": [
"Matomo"
],
"score": 100,
"checks": [
{
"id": "analytics_matomo",
"found": true,
"category": "analytics",
"evidence": [
"_pk_id.1.dae4",
"_pk_ses.1.dae4"
],
"keywords": [
"matomo",
"piwik"
],
"provider": "Matomo",
"category_label": "Analytics"
}
],
"status": "unauffällig",
"missing": [],
"summary": "1 von 1 technisch erkannten Anbieter(n) wurden in der Datenschutzerklärung erwähnt.",
"available": true,
"missing_count": 0,
"detected_count": 1,
"mentioned_count": 1
},
"important_categories_found": [
"datenschutz",
"impressum",
"kontakt"
],
"sampled_tracking_page_count": 0,
"sampled_form_privacy_gap_count": 0,
"sitemap_candidate_source_count": 2
},
"page_analysis": {
"h1": [],
"h2": [
"<a href=\"https://www.dwpbank.de/presse/neue-modulare-depotwelt-der-dwpbank/\"><b>Neue Depotwelt für</b> nachhaltiges Wachstum</a>",
"<a href=\"https://www.dwpbank.de/magazin/markt/von-der-theorie-in-die-praxis-s-neo-und-die-depotwelt-der-dwpbank/\">Gezielte <b>Positionierung</b></a>",
"<a href=\"https://www.dwpbank.de/magazin/insights/risikomanagement-in-banken-was-wir-vom-fliegen-lernen/\">Sicherheit entsteht <b>im Team</b></a>",
"<a href=\"https://www.dwpbank.de/magazin/regulatorik/finanzmarktregulierung/\">Regulatorik 2026<br><b>im Überblick</b></a>",
"<b>Die Wertpapierplattform für</b> den Finanzplatz Deutschland",
"<b>Wir sind</b> Wertpapierservice",
"<b>Mehr als ein</b> Finanzinstitut",
"Transaction Next -<br>Das Neueste zum Wertpapiergeschäft",
"Mehr entdecken"
],
"title": "Exzellente Wertpapierservices für Ihren Erfolg | dwpbank",
"keywords": [
[
"dwpbank",
21
],
[
"regulatorik",
10
],
[
"übersicht",
9
],
[
"neue",
9
],
[
"sparkassen",
9
],
[
"wertpapiergeschäft",
8
],
[
"executive",
8
],
[
"summit",
8
],
[
"zukunft",
7
],
[
"ihre",
7
]
],
"language": "de",
"description": "Die dwpbank ist der führende Dienstleister für Wertpapierservices in Deutschland. Gestalten Sie mit uns das Wertpapiergeschäft der Zukunft.",
"favicon_url": "https://www.dwpbank.de/wp-content/uploads/2021/01/cropped-dwpbank-Favicon-400x400.png",
"link_counts": {
"external": 10,
"internal": 174
},
"preview_image": "/cache/screenshots/dwpbank.de-160x150-4fa7e2b94b009a34e4.png",
"screenshot_url": "/cache/screenshots/dwpbank.de-160x150-4fa7e2b94b009a34e4.png",
"external_scripts": [],
"browser_final_url": "https://www.dwpbank.de/",
"meta_preview_image": "https://www.dwpbank.de/wp-content/uploads/2025/12/251211_dwpbank_Header_Depotmodelle_1140x456px.jpg",
"screenshot_renderer": "playwright-chromium",
"external_link_targets": [
{
"host": "dwpbank.softgarden.io",
"count": 3,
"examples": [
{
"href": "https://dwpbank.softgarden.io/de/vacancies",
"text": "Stellenangebote"
},
{
"href": "https://dwpbank.softgarden.io/de/vacancies",
"text": "Stellenangebote"
},
{
"href": "https://dwpbank.softgarden.io/de/vacancies",
"text": "Stellenangebote"
}
],
"nofollow": 0,
"strength": "strong",
"follow_count": 3
},
{
"host": "extranet.dwpbank.de",
"count": 2,
"examples": [
{
"href": "https://extranet.dwpbank.de/",
"text": "WPWissenInfo"
},
{
"href": "https://extranet.dwpbank.de/",
"text": "WPWissenInfo"
}
],
"nofollow": 0,
"strength": "strong",
"follow_count": 2
},
{
"host": "de.linkedin.com",
"count": 1,
"examples": [
{
"href": "https://de.linkedin.com/company/dwpbank",
"text": "LinkedIn"
}
],
"nofollow": 0,
"strength": "strong",
"follow_count": 1
},
{
"host": "kununu.com",
"count": 1,
"examples": [
{
"href": "https://www.kununu.com/de/dwpbank-deutsche-wertpapierservice-bank",
"text": "kununu"
}
],
"nofollow": 0,
"strength": "weak",
"follow_count": 1
},
{
"host": "twitter.com",
"count": 1,
"examples": [
{
"href": "https://twitter.com/dwpbank",
"text": "X"
}
],
"nofollow": 0,
"strength": "weak",
"follow_count": 1
},
{
"host": "xing.com",
"count": 1,
"examples": [
{
"href": "https://www.xing.com/pages/dwpbank",
"text": "XING"
}
],
"nofollow": 0,
"strength": "weak",
"follow_count": 1
},
{
"host": "youtube.com",
"count": 1,
"examples": [
{
"href": "https://www.youtube.com/channel/UCau_1jQIkUP_WhjXqlt1rqQ",
"text": "YouTube"
}
],
"nofollow": 0,
"strength": "weak",
"follow_count": 1
}
]
},
"browser_analysis": {
"cookies": {
"items": [
{
"name": "borlabs-cookie",
"domain": "www.dwpbank.de",
"secure": true,
"expires": 1813389842,
"http_only": false,
"same_site": "Lax"
},
{
"name": "_pk_id.1.dae4",
"domain": "www.dwpbank.de",
"secure": false,
"expires": 1815809042,
"http_only": false,
"same_site": "Lax"
},
{
"name": "_pk_ses.1.dae4",
"domain": "www.dwpbank.de",
"secure": false,
"expires": 1781855642,
"http_only": false,
"same_site": "Lax"
}
],
"total": 3,
"third_party": 0
},
"storage": {
"total": 2,
"local_storage_keys": [
"elementor"
],
"tracking_key_hints": [],
"local_storage_total": 1,
"session_storage_keys": [
"elementor"
],
"session_storage_total": 1
},
"findings": [
{
"id": "unknown_vendor_jurisdiction",
"title": "Anbieter-Jurisdiktion nicht klar ableitbar",
"public": true,
"category": "privacy",
"severity": "info"
},
{
"id": "browser_keystroke_listener_signals",
"count": 128,
"title": "Viele Tastatur-/Eingabe-Listener im Browser erkannt",
"public": true,
"category": "privacy",
"severity": "info"
},
{
"id": "beacon_api_usage",
"count": 2,
"title": "Beacon-/Keepalive-Telemetrie erkannt",
"public": true,
"category": "privacy",
"severity": "warning"
}
],
"renderer": "playwright-chromium",
"final_url": "https://www.dwpbank.de/",
"consent_ui": {
"accept_controls": [],
"accept_max_area": 0,
"reject_controls": [],
"reject_max_area": 0,
"settings_controls": [
{
"tag": "a",
"top": 882,
"area": 2704,
"left": 24,
"text": "Cookie-Einstellungen bearbeiten",
"color": "rgb(255, 255, 255)",
"width": 52,
"height": 52,
"background": "rgb(30, 51, 132)",
"font_weight": "400"
}
],
"first_layer_summary": "Akzeptieren 0 / Ablehnen 0 / Einstellungen 1",
"cookie_context_found": true,
"reject_less_prominent": false,
"visible_control_count": 15,
"reject_prominence_ratio": 0
},
"gpc_signal": {
"error": "",
"enabled": true,
"storage": {
"total": 2,
"tracking_key_hints": [],
"local_storage_total": 1,
"session_storage_total": 1
},
"cookie_count": 3,
"request_count": 116,
"sec_gpc_header": true,
"navigator_value": true,
"contacted_domains": [
{
"host": "dwpbank.de",
"count": 115,
"category": "other",
"provider": "dwpbank.de",
"third_party": false,
"category_label": "Sonstige",
"resource_types": {
"font": 8,
"ping": 1,
"fetch": 1,
"image": 26,
"script": 43,
"document": 1,
"stylesheet": 35
}
},
{
"host": "use.fontawesome.com",
"count": 1,
"category": "other",
"provider": "use.fontawesome.com",
"third_party": true,
"category_label": "Sonstige",
"resource_types": {
"stylesheet": 1
}
}
],
"contacted_domain_count": 2,
"privacy_relevant_domains": [],
"third_party_cookie_count": 0,
"third_party_domain_count": 1,
"privacy_relevant_domain_count": 0
},
"screenshot": {
"fit": "contain",
"width": 160,
"height": 150,
"source_width": 1024,
"source_height": 960,
"source_capture": "full_page",
"capture_version": "contain-v4-viewport-transparency-160x150"
},
"consent_apis": {
"cmpapi": false,
"tcfapi": false,
"onetrust": false,
"cookiebot": false,
"data_layer": false,
"cmp_detected": false,
"usercentrics": false,
"google_tag_data": false
},
"accept_signal": {
"error": "",
"enabled": false,
"storage": {
"total": 0,
"tracking_key_hints": [],
"local_storage_total": 0,
"session_storage_total": 0
},
"clicked_text": "",
"accept_clicked": false,
"accept_available": false,
"contacted_domains": [],
"contacted_domain_count": 0,
"new_domains_after_accept": [],
"privacy_relevant_domains": [],
"third_party_domain_count": 0,
"cookie_count_after_accept": 0,
"cookie_count_before_accept": 0,
"request_count_after_accept": 0,
"storage_count_after_accept": 0,
"request_count_before_accept": 0,
"new_cookie_count_after_accept": 0,
"privacy_relevant_domain_count": 0,
"new_request_count_after_accept": 0,
"third_party_cookie_count_after_accept": 0,
"storage_tracking_hint_count_after_accept": 0,
"new_privacy_relevant_domains_after_accept": [],
"new_privacy_relevant_domain_count_after_accept": 0
},
"request_count": 116,
"top_providers": [
{
"provider": "use.fontawesome.com",
"request_count": 1
}
],
"request_samples": [
{
"host": "use.fontawesome.com",
"method": "GET",
"referrer": null,
"has_query": false,
"path_depth": 4,
"query_keys": [],
"third_party": true,
"resource_type": "stylesheet",
"query_key_count": 0,
"url_value_param_count": 0,
"sensitive_query_key_count": 0,
"target_url_value_param_count": 0
}
],
"cmp_consent_state": {
"tcf": {
"api_found": false,
"vendor_li": [],
"cmp_loaded": false,
"cmp_status": "",
"purpose_li": [],
"event_status": "",
"gdpr_applies": null,
"ping_success": false,
"policy_version": "",
"vendor_consents": [],
"vendor_li_count": 0,
"purpose_consents": [],
"purpose_li_count": 0,
"tc_string_length": 0,
"tc_string_present": false,
"vendor_consent_count": 0,
"purpose_consent_count": 0
},
"onetrust": {
"found": false,
"active_groups": [],
"active_group_count": 0
},
"cookiebot": {
"found": false,
"declined": false,
"consented": false,
"has_response": false,
"consent_marketing": null,
"consent_statistics": null,
"consent_preferences": null
},
"usercentrics": {
"found": false,
"has_response": false,
"services_count": 0,
"accepted_services_count": 0
}
},
"contacted_domains": [
{
"host": "dwpbank.de",
"count": 115,
"category": "other",
"provider": "dwpbank.de",
"third_party": false,
"category_label": "Sonstige",
"resource_types": {
"font": 8,
"ping": 1,
"fetch": 1,
"image": 26,
"script": 43,
"document": 1,
"stylesheet": 35
}
},
{
"host": "use.fontawesome.com",
"count": 1,
"category": "other",
"provider": "use.fontawesome.com",
"third_party": true,
"category_label": "Sonstige",
"resource_types": {
"stylesheet": 1
}
}
],
"privacy_api_metrics": {
"api_calls": {
"beacon_count": 1,
"mutation_observer_count": 5,
"keyboard_input_listener_count": 128
},
"beacon_count": 1,
"webgl_read_count": 0,
"canvas_read_count": 0,
"audio_context_count": 0,
"canvas_export_count": 0,
"fetch_keepalive_count": 0,
"webgl_parameter_count": 0,
"mutation_observer_count": 5,
"keyboard_input_listener_count": 128
},
"tcf_consent_analysis": {
"color": "green",
"score": 100,
"status": "unauffällig",
"summary": "TCF-Decoder: 0 Zweck(e) mit Consent/LI-Signal, 0 Vendor-Consent(s), 0 Vendor-LI-Signal(e).",
"findings": [],
"api_found": false,
"available": false,
"cmp_loaded": false,
"cmp_status": "",
"event_status": "",
"gdpr_applies": null,
"ping_success": false,
"purpose_rows": [
{
"id": 1,
"label": "Informationen auf einem Gerät speichern und/oder abrufen",
"status": "nicht_erlaubt",
"risk_level": "niedrig",
"consent_granted": false,
"legitimate_interest_granted": false
},
{
"id": 2,
"label": "Einfache Anzeigen auswählen",
"status": "nicht_erlaubt",
"risk_level": "niedrig",
"consent_granted": false,
"legitimate_interest_granted": false
},
{
"id": 3,
"label": "Personalisiertes Anzeigen-Profil erstellen",
"status": "nicht_erlaubt",
"risk_level": "niedrig",
"consent_granted": false,
"legitimate_interest_granted": false
},
{
"id": 4,
"label": "Personalisierte Anzeigen auswählen",
"status": "nicht_erlaubt",
"risk_level": "niedrig",
"consent_granted": false,
"legitimate_interest_granted": false
},
{
"id": 5,
"label": "Personalisiertes Inhalts-Profil erstellen",
"status": "nicht_erlaubt",
"risk_level": "niedrig",
"consent_granted": false,
"legitimate_interest_granted": false
},
{
"id": 6,
"label": "Personalisierte Inhalte auswählen",
"status": "nicht_erlaubt",
"risk_level": "niedrig",
"consent_granted": false,
"legitimate_interest_granted": false
},
{
"id": 7,
"label": "Anzeigen-Leistung messen",
"status": "nicht_erlaubt",
"risk_level": "niedrig",
"consent_granted": false,
"legitimate_interest_granted": false
},
{
"id": 8,
"label": "Inhalte-Leistung messen",
"status": "nicht_erlaubt",
"risk_level": "niedrig",
"consent_granted": false,
"legitimate_interest_granted": false
},
{
"id": 9,
"label": "Marktforschung zur Generierung von Erkenntnissen nutzen",
"status": "nicht_erlaubt",
"risk_level": "niedrig",
"consent_granted": false,
"legitimate_interest_granted": false
},
{
"id": 10,
"label": "Produkte entwickeln und verbessern",
"status": "nicht_erlaubt",
"risk_level": "niedrig",
"consent_granted": false,
"legitimate_interest_granted": false
},
{
"id": 11,
"label": "Begrenzte Daten zur Anzeigen-Auswahl verwenden",
"status": "nicht_erlaubt",
"risk_level": "niedrig",
"consent_granted": false,
"legitimate_interest_granted": false
}
],
"vendor_li_ids": [],
"policy_version": "",
"vendor_li_count": 0,
"purpose_li_count": 0,
"tc_string_length": 0,
"tc_string_present": false,
"vendor_consent_ids": [],
"granted_purpose_rows": [],
"vendor_consent_count": 0,
"purpose_consent_count": 0,
"high_risk_purpose_count": 0,
"medium_risk_purpose_count": 0
},
"viewport_transparency": {
"samples": [
{
"tag": "a",
"top": 882,
"href": "#",
"left": 24,
"text": "Cookie-Einstellungen bearbeiten",
"width": 52,
"height": 52,
"category": "cookie_consent"
}
],
"available": true,
"sample_count": 1,
"claim_boundary": "Sichtbarkeits-Evidence aus dem ersten Headless-Chromium-Viewport; keine Aussage ueber Footer nach Scrollen, Loginbereiche oder rechtliche Vollstaendigkeit.",
"viewport_width": 1024,
"category_counts": {
"cookie_consent": 1
},
"contact_visible": false,
"imprint_visible": false,
"viewport_height": 960,
"cookie_consent_visible": true,
"privacy_notice_visible": false
},
"consent_journey_matrix": {
"color": "green",
"items": [
{
"host": "use.fontawesome.com",
"states": {
"gpc": 1,
"default": 1
},
"category": "other",
"provider": "use.fontawesome.com",
"category_label": "Sonstige",
"privacy_relevant": false,
"total_request_count": 2
}
],
"score": 100,
"states": [
{
"id": "default",
"label": "Erstaufruf",
"description": "Kontakte ohne Nutzeraktion",
"domain_count": 1,
"request_count": 1,
"privacy_relevant_domain_count": 0
},
{
"id": "reject_new",
"label": "Nach Ablehnen neu",
"description": "Neue Kontakte nach Ablehnen-Klick",
"domain_count": 0,
"request_count": 0,
"privacy_relevant_domain_count": 0
},
{
"id": "accept_new",
"label": "Nach Akzeptieren neu",
"description": "Neue Kontakte nach Akzeptieren-Klick",
"domain_count": 0,
"request_count": 0,
"privacy_relevant_domain_count": 0
},
{
"id": "gpc",
"label": "GPC-Aufruf",
"description": "Kontakte bei Global Privacy Control",
"domain_count": 1,
"request_count": 1,
"privacy_relevant_domain_count": 0
}
],
"status": "unauffällig",
"summary": "Consent-Journey: 0 neue Datenschutz-Domain(s) nach Ablehnen, 0 nach Akzeptieren, 0 im GPC-Aufruf.",
"gpc_privacy_relevant_domain_count": 0,
"accept_privacy_relevant_domain_count": 0,
"reject_privacy_relevant_domain_count": 0
},
"consent_state_evidence": {
"rows": [
{
"id": "default",
"label": "Erstaufruf",
"status": "ohne Nutzeraktion",
"evidence": "Baseline aus erstem Chromium-Aufruf ohne Banner-Interaktion.",
"risk_level": "niedrig",
"cookie_count": 3,
"domain_count": 2,
"request_count": 116,
"storage_total": 2,
"new_cookie_count": 3,
"third_party_cookie_count": 0,
"storage_tracking_hint_count": 0,
"privacy_relevant_domain_count": 0
},
{
"id": "reject",
"label": "Nach Ablehnen",
"status": "nicht verfügbar",
"evidence": "",
"risk_level": "niedrig",
"cookie_count": 3,
"domain_count": 0,
"request_count": 0,
"storage_total": 2,
"new_cookie_count": 0,
"third_party_cookie_count": 0,
"storage_tracking_hint_count": 0,
"privacy_relevant_domain_count": 0
},
{
"id": "accept",
"label": "Nach Akzeptieren",
"status": "nicht ausgeführt",
"evidence": "",
"risk_level": "niedrig",
"cookie_count": 0,
"domain_count": 0,
"request_count": 0,
"storage_total": 0,
"new_cookie_count": 0,
"third_party_cookie_count": 0,
"storage_tracking_hint_count": 0,
"privacy_relevant_domain_count": 0
},
{
"id": "gpc",
"label": "GPC-Aufruf",
"status": "aktiv",
"evidence": "Navigator-GPC und Sec-GPC wurden im gesonderten Browserlauf gesetzt.",
"risk_level": "niedrig",
"cookie_count": 3,
"domain_count": 2,
"request_count": 116,
"storage_total": 2,
"new_cookie_count": 0,
"third_party_cookie_count": 0,
"storage_tracking_hint_count": 0,
"privacy_relevant_domain_count": 0
}
],
"color": "green",
"score": 100,
"status": "unauffällig",
"summary": "Consent-State-Evidence: 4 Zustände verglichen, 0 hoch auffällig, 0 mittel auffällig.",
"findings": [],
"available": true,
"high_count": 0,
"medium_count": 0
},
"contacted_domain_count": 2,
"fingerprinting_analysis": {
"color": "yellow",
"score": 88,
"checks": [
{
"id": "canvas",
"ok": true,
"count": 0,
"label": "Canvas-Auslese",
"detail": "0 Pixel-Lesezugriff(e), 0 Export(e)."
},
{
"id": "webgl",
"ok": true,
"count": 0,
"label": "WebGL-Merkmale",
"detail": "0 Parameterzugriff(e), 0 Pixel-Lesezugriff(e)."
},
{
"id": "audio",
"ok": true,
"count": 0,
"label": "AudioContext",
"detail": "0 AudioContext/OfflineAudioContext-Aufruf(e)."
},
{
"id": "session_replay",
"ok": true,
"count": 0,
"label": "Session-Replay-Anbieter",
"detail": "Keine bekannten Anbieter erkannt."
},
{
"id": "input_listeners",
"ok": false,
"count": 128,
"label": "Tastatur-/Eingabe-Listener",
"detail": "128 Tastatur-/Input-Listener, 64 Interaktions-Listener, 5 MutationObserver."
}
],
"status": "prüfen",
"metrics": {
"webgl_read_count": 0,
"canvas_read_count": 0,
"audio_context_count": 0,
"canvas_export_count": 0,
"webgl_parameter_count": 0,
"mutation_observer_count": 5,
"keyboard_input_listener_count": 128
},
"summary": "1 Fingerprinting-/Session-Replay-Hinweis(e) aus dem Browserlauf.",
"findings": [
{
"id": "browser_keystroke_listener_signals",
"count": 128,
"title": "Viele Tastatur-/Eingabe-Listener im Browser erkannt",
"public": true,
"category": "privacy",
"severity": "info"
}
],
"finding_count": 1,
"session_replay_domains": []
},
"privacy_relevant_domains": [],
"provider_category_counts": {
"other": 1
},
"provider_category_labels": {
"other": "other"
},
"third_party_domain_count": 1,
"embedded_content_analysis": {
"color": "green",
"items": [],
"score": 100,
"status": "unauffällig",
"summary": "0 externe Embed-/Widget-Dienst(e), 0 davon im ersten Browseraufruf geladen.",
"findings": [],
"map_count": 0,
"total_count": 0,
"video_count": 0,
"captcha_count": 0,
"category_counts": [],
"social_widget_count": 0,
"loaded_pre_consent_count": 0,
"request_count_by_provider": []
},
"referrer_leakage_analysis": {
"color": "green",
"items": [],
"score": 100,
"status": "unauffällig",
"summary": "0 Drittanbieter-Domain(s) mit Referrer-/URL-Leak-Prüfbedarf, 0 sensible Query-Kontexte.",
"findings": [],
"sample_count": 1,
"full_referrer_count": 0,
"page_url_param_count": 0,
"affected_domain_count": 0,
"sensitive_query_count": 0
},
"third_party_contact_matrix": {
"color": "green",
"items": [
{
"host": "use.fontawesome.com",
"region": "unbekannt",
"status": "prüfen",
"category": "other",
"provider": "use.fontawesome.com",
"risk_level": "niedrig",
"request_count": 1,
"transfer_risk": "mittel",
"category_label": "Sonstige",
"resource_types": [
{
"type": "stylesheet",
"count": 1
}
],
"transfer_label": "Jurisdiktion unklar",
"privacy_relevant": false
}
],
"score": 100,
"status": "unauffällig",
"summary": "1 Drittanbieter-Domain(s) beim ersten Browseraufruf, davon 0 datenschutzrelevant.",
"category_counts": {
"Sonstige": 1
},
"total_domain_count": 1,
"total_request_count": 1,
"privacy_relevant_count": 0,
"transfer_risk_analysis": {
"color": "green",
"items": [
{
"host": "use.fontawesome.com",
"region": "unbekannt",
"provider": "use.fontawesome.com",
"request_count": 1,
"transfer_risk": "mittel",
"category_label": "Sonstige",
"transfer_label": "Jurisdiktion unklar",
"privacy_relevant": false
}
],
"score": 92,
"status": "unauffällig",
"summary": "1 Drittanbieter für Transfer-/Jurisdiktionsprüfung, 0 mit hohem Prüfbedarf, 1 unklar.",
"findings": [
{
"id": "unknown_vendor_jurisdiction",
"title": "Anbieter-Jurisdiktion nicht klar ableitbar",
"public": true,
"category": "privacy",
"severity": "info"
}
],
"unknown_count": 1,
"high_risk_count": 0,
"total_vendor_count": 1,
"third_country_count": 0
}
},
"privacy_relevant_domain_count": 0,
"tracking_pixel_beacon_analysis": {
"color": "yellow",
"items": [
{
"url": "",
"host": "dwpbank.de",
"kind": "beacon_api",
"reason": "sendBeacon API 1 Aufruf(e), 0 Code-Hinweis(e); keepalive 0 Aufruf(e), 0 Code-Hinweis(e).",
"source": "javascript_api",
"category": "telemetry",
"provider": "Beacon-/Keepalive-API",
"third_party": false,
"resource_type": "beacon",
"category_label": "Telemetry"
}
],
"score": 82,
"status": "prüfen",
"summary": "0 Pixel-/Bildtracking-Hinweis(e), 2 Beacon-/Telemetry-Hinweis(e), 0 Link-Ping(s).",
"findings": [
{
"id": "beacon_api_usage",
"count": 2,
"title": "Beacon-/Keepalive-Telemetrie erkannt",
"public": true,
"category": "privacy",
"severity": "warning"
}
],
"pixel_count": 0,
"link_ping_count": 0,
"telemetry_count": 1,
"beacon_api_count": 1,
"third_party_count": 0,
"fetch_keepalive_count": 0,
"privacy_relevant_count": 0,
"beacon_code_reference_count": 0,
"fetch_keepalive_reference_count": 0
}
},
"privacy_analysis": {
"cookies": {
"items": [],
"total": 0,
"tracking": [],
"pre_consent": [],
"missing_secure": [],
"missing_samesite": [],
"pre_consent_tracking": [],
"pre_consent_nonessential": []
},
"findings": [],
"tracking_ids": [],
"tracking_scripts": [],
"consent_hint_found": false,
"privacy_policy_hint_found": true
},
"consent_audit": {
"color": "red",
"score": 32,
"checks": [
{
"id": "banner_visible",
"ok": true,
"label": "Cookie-/Consent-Hinweis sichtbar",
"detail": "Ein Hinweis mit Cookie-/Einwilligungsbezug wurde im sichtbaren Text erkannt."
},
{
"id": "reject_visible",
"ok": false,
"label": "Ablehnen gleichwertig erreichbar",
"detail": "Ablehnen oder nur notwendige Cookies wurde im Text oder Browser erkannt. Browser-Buttons: 0."
},
{
"id": "settings_visible",
"ok": true,
"label": "Einstellungen oder Auswahl vorhanden",
"detail": "Eine Einstellungs- oder Auswahlmoeglichkeit wurde im Text oder Browser erkannt. Browser-Buttons: 1."
},
{
"id": "browser_reject_visible",
"ok": true,
"label": "Ablehnen im sichtbaren Banner",
"detail": "Sichtbare Banner-Controls: Akzeptieren 0, Ablehnen 0, Einstellungen 1."
},
{
"id": "browser_settings_visible",
"ok": true,
"label": "Einstellungen im sichtbaren Banner",
"detail": "Sichtbare Banner-Controls: Akzeptieren 0, Ablehnen 0, Einstellungen 1."
},
{
"id": "reject_equally_prominent",
"ok": true,
"label": "Ablehnen nicht deutlich schwaecher dargestellt",
"detail": "Groessen-Verhältnis Ablehnen/Akzeptieren: nicht messbar."
},
{
"id": "reject_button_clickable",
"ok": true,
"label": "Ablehnen technisch klickbar",
"detail": "Wenn ein Ablehnen-Button sichtbar ist, klickt SaferPage ihn im Chromium-Browser einmal an."
},
{
"id": "no_new_cookies_after_reject",
"ok": true,
"label": "Keine neuen Cookies nach Ablehnen",
"detail": "0 neue Cookie(s) nach dem Ablehnen-Klick."
},
{
"id": "no_tracking_storage_after_reject",
"ok": true,
"label": "Kein Tracking-Storage nach Ablehnen",
"detail": "0 Tracking-Hinweis(e) im Web Storage nach Ablehnen."
},
{
"id": "no_privacy_domains_after_reject",
"ok": true,
"label": "Keine neuen Tracking-Kontakte nach Ablehnen",
"detail": "0 neue datenschutzrelevante Domain(s) nach Ablehnen."
},
{
"id": "gpc_signal_respected",
"ok": true,
"label": "GPC-Signal ohne Tracking-Hinweise",
"detail": "GPC-Aufruf: 0 datenschutzrelevante Domain(s), 0 Drittanbieter-Cookie(s), 0 Storage-Hinweis(e)."
},
{
"id": "no_tracking_cookies_before_consent",
"ok": false,
"label": "Keine Tracking-Cookies vor Einwilligung",
"detail": "2 Tracking-Cookie(s) im Erstaufruf."
},
{
"id": "no_nonessential_cookies_before_consent",
"ok": false,
"label": "Keine nicht notwendigen Cookies vor Einwilligung",
"detail": "3 moeglicherweise nicht notwendige Cookie(s) im Erstaufruf."
},
{
"id": "third_parties_explained",
"ok": true,
"label": "Drittanbieter begrenzt und erklaerbar",
"detail": "0 datenschutzrelevante Drittanbieter-Domain(s), 1 Drittanbieter insgesamt."
},
{
"id": "storage_without_tracking_hints",
"ok": true,
"label": "Web Storage ohne Tracking-Hinweise",
"detail": "2 Storage-Key(s), 0 Tracking-Hinweis(e)."
},
{
"id": "cmp_api_detected_when_needed",
"ok": true,
"label": "CMP-/TCF-Signal bei Tracking erkennbar",
"detail": "Gängige CMP-/TCF-Indikatoren: __tcfapi, __cmp, Cookiebot, OneTrust oder Usercentrics."
},
{
"id": "accept_click_documented",
"ok": true,
"label": "Akzeptieren-Klick nachvollziehbar",
"detail": "Accept-Test: nicht ausgefuehrt, neue Requests 0, neue Cookies 0, neue Datenschutz-Domains 0."
},
{
"id": "cmp_state_readable",
"ok": true,
"label": "CMP-/TCF-Zustand auslesbar",
"detail": "TCF TC-String: nein, Cookiebot: nein, OneTrust: nein, Usercentrics: nein."
},
{
"id": "cmp_default_restrictive",
"ok": true,
"label": "CMP-Default wirkt restriktiv",
"detail": "TCF Purposes erlaubt: 0, TCF Vendors erlaubt: 0, Cookiebot Statistik/Marketing: nein."
}
],
"status": "kritisch",
"summary": "Consent, Tracking oder Drittanbieter wirken im Erstaufruf deutlich nachbesserungsbeduerftig.",
"evidence": [
"3 Cookie(s) beim ersten Aufruf aus HTTP-Headern und Chromium",
"0 Tracking-Script(s) im HTML",
"0 datenschutzrelevante Drittanbieter-Domain(s)",
"2 Storage-Key(s), 0 Tracking-Hinweis(e)",
"Consent-Banner-Controls: Akzeptieren 0, Ablehnen 0, Einstellungen 1",
"Ablehnen/Akzeptieren-Prominenz: nicht messbar",
"Reject-Test: nicht ausgefuehrt, neue Cookies 0, Tracking-Storage 0, neue Datenschutz-Domains 0",
"Accept-Test: nicht ausgefuehrt, neue Requests 0, neue Cookies 0, neue Datenschutz-Domains 0, Drittanbieter-Cookies 0",
"CMP-State: TCF-String nein, TCF Purposes 0, TCF Vendors 0, Cookiebot nein, OneTrust-Gruppen 0, Usercentrics-Services 0",
"GPC-Test: aktiv, Datenschutz-Domains 0, Drittanbieter-Cookies 0, Storage-Hinweise 0",
"CMP-/TCF-Signal: nein",
"Google Consent Default: nein"
],
"gpc_enabled": true,
"cmp_detected": false,
"blocking_plan": {
"items": [
{
"kind": "cookie",
"level": "hoch",
"source": "Matomo",
"target": "_pk_id.1.dae4",
"recipes": [
{
"tool": "Google Tag Manager"
},
{
"tool": "Cookiebot"
},
{
"tool": "Usercentrics"
},
{
"tool": "OneTrust"
},
{
"tool": "Developer-Fallback"
}
],
"category": "analytics",
"evidence": "vor Consent gesetzt · dwpbank.de · lang (392 Tage)",
"category_label": "Analytics"
},
{
"kind": "cookie",
"level": "hoch",
"source": "Matomo",
"target": "_pk_ses.1.dae4",
"recipes": [
{
"tool": "Google Tag Manager"
},
{
"tool": "Cookiebot"
},
{
"tool": "Usercentrics"
},
{
"tool": "OneTrust"
},
{
"tool": "Developer-Fallback"
}
],
"category": "analytics",
"evidence": "vor Consent gesetzt · dwpbank.de · kurz (0 Tage)",
"category_label": "Analytics"
},
{
"kind": "cookie",
"level": "mittel",
"source": "dwpbank.de",
"target": "borlabs-cookie",
"recipes": [
{
"tool": "Google Tag Manager"
},
{
"tool": "Cookiebot"
},
{
"tool": "Usercentrics"
},
{
"tool": "OneTrust"
},
{
"tool": "Developer-Fallback"
}
],
"category": "unknown",
"evidence": "vor Consent gesetzt · dwpbank.de · lang (364 Tage)",
"category_label": "Unklar"
},
{
"kind": "storage",
"level": "mittel",
"source": "localStorage",
"target": "elementor",
"recipes": [
{
"tool": "Google Tag Manager"
},
{
"tool": "Usercentrics"
},
{
"tool": "Developer-Fallback"
}
],
"category": "unknown",
"evidence": "localStorage · Unklar · dauerhaft bis Löschung durch Nutzer/Browser",
"category_label": "Unklar"
}
],
"summary": "4 Blockier-/Consent-Maßnahme(n) abgeleitet: 2 hoch, 2 mittel.",
"available": true,
"high_count": 2,
"total_count": 4,
"type_counts": {
"cookie": 3,
"storage": 1
},
"medium_count": 2
},
"tcf_api_found": false,
"cookiebot_found": false,
"accept_test_enabled": false,
"browser_cookie_count": 3,
"accept_button_clicked": false,
"browser_storage_count": 2,
"reject_button_clicked": false,
"reject_less_prominent": false,
"tcf_tc_string_present": false,
"tracking_script_count": 0,
"accept_button_available": false,
"reject_button_available": false,
"reject_prominence_ratio": 0,
"pre_consent_cookie_count": 3,
"pre_consent_cookie_names": [
"_pk_id.1.dae4",
"_pk_ses.1.dae4",
"borlabs-cookie"
],
"tcf_vendor_consent_count": 0,
"third_party_domain_count": 1,
"tcf_purpose_consent_count": 0,
"onetrust_active_group_count": 0,
"usercentrics_services_count": 0,
"browser_accept_control_count": 0,
"browser_cookie_context_found": true,
"browser_reject_control_count": 0,
"gpc_third_party_cookie_count": 0,
"post_accept_new_cookie_count": 0,
"post_reject_new_cookie_count": 0,
"post_accept_new_request_count": 0,
"browser_settings_control_count": 1,
"gpc_storage_tracking_hint_count": 0,
"cookiebot_marketing_or_statistics": false,
"gpc_privacy_relevant_domain_count": 0,
"pre_consent_tracking_cookie_count": 2,
"pre_consent_tracking_cookie_names": [
"_pk_id.1.dae4",
"_pk_ses.1.dae4"
],
"privacy_relevant_third_party_count": 0,
"browser_storage_tracking_hint_count": 0,
"post_accept_third_party_cookie_count": 0,
"pre_consent_nonessential_cookie_count": 3,
"pre_consent_nonessential_cookie_names": [
"_pk_id.1.dae4",
"_pk_ses.1.dae4",
"borlabs-cookie"
],
"post_accept_storage_tracking_hint_count": 0,
"post_reject_storage_tracking_hint_count": 0,
"post_accept_privacy_relevant_domain_count": 0,
"post_reject_privacy_relevant_domain_count": 0
},
"cookie_inventory": {
"color": "orange",
"items": [
{
"name": "_pk_id.1.dae4",
"domain": "dwpbank.de",
"secure": false,
"sources": [
"browser_first_load"
],
"category": "analytics",
"provider": "Matomo",
"tracking": true,
"http_only": false,
"same_site": "Lax",
"expires_at": "2027-07-17T07:24:02+00:00",
"long_lived": true,
"persistent": true,
"first_party": true,
"origin_host": "dwpbank.de",
"pre_consent": true,
"source_label": "Chromium-Erstaufruf",
"category_label": "Analytics",
"retention_risk": "hoch",
"expires_in_days": 392,
"origin_evidence": "115 Browser-Request(s) · document:1, fetch:1, font:8, image:26",
"origin_provider": "dwpbank.de",
"retention_class": "long",
"retention_label": "lang (392 Tage)",
"likely_essential": false,
"origin_script_url": "",
"origin_resource_type": ""
},
{
"name": "_pk_ses.1.dae4",
"domain": "dwpbank.de",
"secure": false,
"sources": [
"browser_first_load"
],
"category": "analytics",
"provider": "Matomo",
"tracking": true,
"http_only": false,
"same_site": "Lax",
"expires_at": "2026-06-19T07:54:02+00:00",
"long_lived": false,
"persistent": true,
"first_party": true,
"origin_host": "dwpbank.de",
"pre_consent": true,
"source_label": "Chromium-Erstaufruf",
"category_label": "Analytics",
"retention_risk": "niedrig",
"expires_in_days": 0,
"origin_evidence": "115 Browser-Request(s) · document:1, fetch:1, font:8, image:26",
"origin_provider": "dwpbank.de",
"retention_class": "short",
"retention_label": "kurz (0 Tage)",
"likely_essential": false,
"origin_script_url": "",
"origin_resource_type": ""
},
{
"name": "borlabs-cookie",
"domain": "dwpbank.de",
"secure": true,
"sources": [
"browser_first_load"
],
"category": "unknown",
"provider": "dwpbank.de",
"tracking": false,
"http_only": false,
"same_site": "Lax",
"expires_at": "2027-06-19T07:24:02+00:00",
"long_lived": true,
"persistent": true,
"first_party": true,
"origin_host": "dwpbank.de",
"pre_consent": true,
"source_label": "Chromium-Erstaufruf",
"category_label": "Unklar",
"retention_risk": "mittel",
"expires_in_days": 364,
"origin_evidence": "115 Browser-Request(s) · document:1, fetch:1, font:8, image:26",
"origin_provider": "dwpbank.de",
"retention_class": "long",
"retention_label": "lang (364 Tage)",
"likely_essential": false,
"origin_script_url": "",
"origin_resource_type": ""
}
],
"score": 57,
"total": 3,
"status": "auffällig",
"summary": "3 Cookie(s) inventarisiert: 2 Tracking-/Werbe-Cookie(s), 0 Drittanbieter-Cookie(s), 2 langlebige Cookie(s), 0 sehr lange Laufzeit(en).",
"findings": [
{
"id": "long_lived_tracking_cookie",
"count": 1,
"title": "Langlebige Tracking-/Marketing-Cookies",
"public": true,
"category": "privacy",
"severity": "warning"
},
{
"id": "long_lived_cookie",
"count": 1,
"title": "Langlebige Cookies erkannt",
"public": true,
"category": "privacy",
"severity": "info"
}
],
"categories": {
"unknown": 1,
"analytics": 2
},
"tracking_count": 2,
"category_labels": {
"consent": "Consent",
"payment": "Zahlung",
"unknown": "Unklar",
"security": "Sicherheit",
"analytics": "Analytics",
"necessary": "Notwendig",
"functional": "Funktional",
"advertising": "Werbung"
},
"long_lived_count": 2,
"persistent_count": 3,
"first_party_count": 3,
"pre_consent_count": 3,
"retention_classes": {
"long": 2,
"short": 1
},
"third_party_count": 0,
"missing_secure_count": 2,
"retention_risk_count": 2,
"retention_risk_items": [
{
"name": "_pk_id.1.dae4",
"domain": "dwpbank.de",
"secure": false,
"sources": [
"browser_first_load"
],
"category": "analytics",
"provider": "Matomo",
"tracking": true,
"http_only": false,
"same_site": "Lax",
"expires_at": "2027-07-17T07:24:02+00:00",
"long_lived": true,
"persistent": true,
"first_party": true,
"origin_host": "dwpbank.de",
"pre_consent": true,
"source_label": "Chromium-Erstaufruf",
"category_label": "Analytics",
"retention_risk": "hoch",
"expires_in_days": 392,
"origin_evidence": "115 Browser-Request(s) · document:1, fetch:1, font:8, image:26",
"origin_provider": "dwpbank.de",
"retention_class": "long",
"retention_label": "lang (392 Tage)",
"likely_essential": false,
"origin_script_url": "",
"origin_resource_type": ""
},
{
"name": "borlabs-cookie",
"domain": "dwpbank.de",
"secure": true,
"sources": [
"browser_first_load"
],
"category": "unknown",
"provider": "dwpbank.de",
"tracking": false,
"http_only": false,
"same_site": "Lax",
"expires_at": "2027-06-19T07:24:02+00:00",
"long_lived": true,
"persistent": true,
"first_party": true,
"origin_host": "dwpbank.de",
"pre_consent": true,
"source_label": "Chromium-Erstaufruf",
"category_label": "Unklar",
"retention_risk": "mittel",
"expires_in_days": 364,
"origin_evidence": "115 Browser-Request(s) · document:1, fetch:1, font:8, image:26",
"origin_provider": "dwpbank.de",
"retention_class": "long",
"retention_label": "lang (364 Tage)",
"likely_essential": false,
"origin_script_url": "",
"origin_resource_type": ""
}
],
"very_long_lived_count": 0,
"missing_samesite_count": 0,
"persistent_unknown_count": 0,
"long_lived_tracking_count": 1
},
"security_header_analysis": {
"color": "orange",
"score": 64,
"checks": [
{
"ok": true,
"note": "",
"label": "HSTS",
"value": "max-age=31536000; includeSubDomains",
"header": "strict-transport-security",
"present": true,
"purpose": "Erzwingt HTTPS nach dem ersten sicheren Aufruf.",
"severity": "warning"
},
{
"ok": true,
"note": "",
"label": "Content-Security-Policy",
"value": "default-src 'self'; script-src 'report-sample' 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://yoast.com https://www.youtube.com https://player.podigee-cdn.net/ https://cdn.jsdelivr.net/; style-",
"header": "content-security-policy",
"present": true,
"purpose": "Begrenzt Skript-, Frame- und Ressourcenquellen im Browser.",
"severity": "warning"
},
{
"ok": true,
"note": "",
"label": "X-Frame-Options",
"value": "SAMEORIGIN",
"header": "x-frame-options",
"present": true,
"purpose": "Reduziert Clickjacking-Risiken bei älteren Browsern.",
"severity": "warning"
},
{
"ok": false,
"note": "Fehlt in der HTTP-Antwort.",
"label": "X-Content-Type-Options",
"value": "",
"header": "x-content-type-options",
"present": false,
"purpose": "Verhindert MIME-Sniffing bei Skripten und Stylesheets.",
"severity": "warning"
},
{
"ok": true,
"note": "",
"label": "Referrer-Policy",
"value": "same-origin",
"header": "referrer-policy",
"present": true,
"purpose": "Begrenzt, welche URL-Informationen an Zielseiten weitergegeben werden.",
"severity": "info"
},
{
"ok": true,
"note": "",
"label": "Permissions-Policy",
"value": "fullscreen=(self \"https://www.youtube.com\" \"https://www.youtube-nocookie.com\"), picture-in-picture=(self \"https://www.youtube.com\" \"https://www.youtube-nocookie.com\"), autoplay=(self \"https://www.youtube.com\" \"https://ww",
"header": "permissions-policy",
"present": true,
"purpose": "Begrenzt sensible Browser-Funktionen pro Seite.",
"severity": "info"
},
{
"ok": false,
"note": "Fehlt in der HTTP-Antwort.",
"label": "Cross-Origin-Opener-Policy",
"value": "",
"header": "cross-origin-opener-policy",
"present": false,
"purpose": "Isoliert Top-Level-Fenster und reduziert Cross-Origin-Seiteneffekte.",
"severity": "info"
},
{
"ok": false,
"note": "Fehlt in der HTTP-Antwort.",
"label": "Cross-Origin-Resource-Policy",
"value": "",
"header": "cross-origin-resource-policy",
"present": false,
"purpose": "Begrenzt, welche fremden Seiten Ressourcen einbetten dürfen.",
"severity": "info"
},
{
"ok": false,
"note": "Fehlt in der HTTP-Antwort.",
"label": "Cross-Origin-Embedder-Policy",
"value": "",
"header": "cross-origin-embedder-policy",
"present": false,
"purpose": "Erzwingt kontrollierte Cross-Origin-Einbettungen und kann Cross-Origin Isolation ermöglichen.",
"severity": "info"
}
],
"status": "auffällig",
"missing": [
"X-Content-Type-Options",
"Cross-Origin-Opener-Policy",
"Cross-Origin-Resource-Policy",
"Cross-Origin-Embedder-Policy"
],
"summary": "5 von 9 wichtigen Security-Headern vorhanden, 5 korrekt bewertet. CSP wirksam mit 12 Direktive(n), 2 Warnung(en), 0 Hinweis(e).",
"findings": [
{
"id": "csp_unsafe_inline",
"title": "CSP erlaubt unsafe-inline für Skripte",
"public": true,
"category": "security_headers",
"severity": "warning"
},
{
"id": "csp_unsafe_eval",
"title": "CSP erlaubt eval-nahe Skriptausführung",
"public": true,
"category": "security_headers",
"severity": "warning"
}
],
"ok_count": 5,
"weak_count": 0,
"csp_analysis": {
"color": "orange",
"score": 64,
"status": "auffällig",
"summary": "CSP wirksam mit 12 Direktive(n), 2 Warnung(en), 0 Hinweis(e).",
"enforced": true,
"findings": [
{
"id": "csp_unsafe_inline",
"title": "CSP erlaubt unsafe-inline für Skripte",
"public": true,
"category": "security_headers",
"severity": "warning"
},
{
"id": "csp_unsafe_eval",
"title": "CSP erlaubt eval-nahe Skriptausführung",
"public": true,
"category": "security_headers",
"severity": "warning"
}
],
"available": true,
"directives": [
{
"name": "base-uri",
"value": "'self'",
"values": [
"'self'"
]
},
{
"name": "connect-src",
"value": "'self' https://my.yoast.com",
"values": [
"'self'",
"https://my.yoast.com"
]
},
{
"name": "default-src",
"value": "'self'",
"values": [
"'self'"
]
},
{
"name": "font-src",
"value": "'self' https://fonts.gstatic.com/ https://use.fontawesome.com/ data:",
"values": [
"'self'",
"https://fonts.gstatic.com/",
"https://use.fontawesome.com/",
"data:"
]
},
{
"name": "frame-src",
"value": "'self' blob: https://dwpbank.softgarden.io https://www.youtube-nocookie.com https://www.youtube.com/ https://maps.google.com/ https://www.google.com/ https://player.vimeo.com/ https://i.vimeocdn.com/ https://w.soundcloud",
"values": [
"'self'",
"blob:",
"https://dwpbank.softgarden.io",
"https://www.youtube-nocookie.com",
"https://www.youtube.com/",
"https://maps.google.com/",
"https://www.google.com/",
"https://player.vimeo.com/",
"https://i.vimeocdn.com/",
"https://w.soundcloud.com/",
"https://player.podigee-cdn.net/"
]
},
{
"name": "img-src",
"value": "'self' data: https://i.ytimg.com https://www.kununu.com",
"values": [
"'self'",
"data:",
"https://i.ytimg.com",
"https://www.kununu.com"
]
},
{
"name": "manifest-src",
"value": "'self'",
"values": [
"'self'"
]
},
{
"name": "media-src",
"value": "'self'",
"values": [
"'self'"
]
},
{
"name": "object-src",
"value": "'none'",
"values": [
"'none'"
]
},
{
"name": "script-src",
"value": "'report-sample' 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://yoast.com https://www.youtube.com https://player.podigee-cdn.net/ https://cdn.jsdelivr.net/",
"values": [
"'report-sample'",
"'self'",
"'unsafe-inline'",
"'unsafe-eval'",
"https://cdnjs.cloudflare.com",
"https://yoast.com",
"https://www.youtube.com",
"https://player.podigee-cdn.net/",
"https://cdn.jsdelivr.net/"
]
},
{
"name": "style-src",
"value": "'report-sample' 'self' 'unsafe-inline' https://fonts.googleapis.com https://player.podigee-cdn.net/ https://use.fontawesome.com/",
"values": [
"'report-sample'",
"'self'",
"'unsafe-inline'",
"https://fonts.googleapis.com",
"https://player.podigee-cdn.net/",
"https://use.fontawesome.com/"
]
},
{
"name": "worker-src",
"value": "'self' blob:",
"values": [
"'self'",
"blob:"
]
}
],
"info_count": 0,
"report_only": false,
"finding_count": 2,
"warning_count": 2
},
"missing_count": 4,
"present_count": 5,
"missing_info_count": 3,
"missing_warning_count": 1
},
"infrastructure_analysis": {
"signals": {
"caa": false,
"dnssec": false,
"final_https": true,
"tls_version": "TLSv1.3",
"hsts_enabled": true,
"address_count": 2,
"ipv6_available": true,
"email_protection": {
"mx": true,
"spf": true,
"dmarc": true
},
"certificate_valid": true,
"certificate_issuer": "DigiCert EV RSA CA G2",
"certificate_alt_names": [
"www.dwpbank.de",
"dwpbank.de"
],
"multiple_ip_addresses": true,
"certificate_expires_at": "Dec 3 23:59:59 2026 GMT",
"certificate_days_remaining": 167,
"certificate_hostname_matches": true
},
"findings": [
{
"id": "caa_missing",
"title": "CAA-Record fehlt",
"public": true,
"category": "dns",
"severity": "info"
}
],
"risk_level": "low",
"positive_signals": [
"Mehrere IP-Adressen gefunden: Hinweis auf redundante Infrastruktur oder CDN.",
"IPv6 ist vorhanden.",
"Moderne TLS-Version aktiv: TLSv1.3.",
"HSTS ist aktiv.",
"DMARC ist für die Domain vorhanden."
]
},
"performance_analysis": {
"score": 82,
"signals": {
"compressed": false,
"duration_ms": 127,
"image_count": 18,
"script_count": 27,
"cache_control": "",
"content_length": 215384,
"viewport_found": true,
"stylesheet_count": 36
},
"findings": [
{
"id": "large_html_response",
"title": "HTML-Antwort ist groß",
"public": true,
"category": "performance",
"severity": "info"
},
{
"id": "compression_missing",
"title": "Komprimierung nicht erkannt",
"public": true,
"category": "performance",
"severity": "info"
},
{
"id": "too_many_render_blocking_assets",
"title": "Viele potenziell blockierende Assets",
"public": true,
"category": "performance",
"severity": "info"
}
],
"risk_level": "medium"
},
"accessibility_analysis": {
"color": "orange",
"score": 68,
"status": "auffällig",
"signals": {
"h1_count": 0,
"image_count": 18,
"button_count": 7,
"heading_count": 27,
"viewport_found": true,
"html_lang_found": true,
"form_field_count": 1,
"image_missing_alt_count": 7,
"buttons_without_name_count": 0,
"form_fields_without_label_count": 0
},
"summary": "18 Bild(er), 1 Formularfeld(er), 7 Button(s) im passiven HTML-Sample auf Basis-Barrierefreiheit geprüft.",
"findings": [
{
"id": "image_alt_missing",
"count": 7,
"title": "Bilder ohne Alternativtext",
"public": true,
"category": "accessibility",
"severity": "info",
"evidence_items": [
"https://www.dwpbank.de/wp-content/uploads/2021/01/dwpbank-Logo_2022.png",
"https://www.dwpbank.de/wp-content/uploads/2026/01/dwpbank_GastbeitragVitaliaSafronova_Webseite_Magazin_Beitragsbild_728x728px.jpg",
"https://www.dwpbank.de/wp-content/uploads/2025/12/251210_dwpbank_Thumbnail_Weihnachtsgruss2025_728x728px.jpg",
"https://www.dwpbank.de/wp-content/uploads/2025/12/dwpbank_Ex-Summit_Nachbericht-3_Website_Magazin_Beitragsbild_728x728px.png",
"https://www.dwpbank.de/wp-content/uploads/2025/12/dwpbank_Ex-Summit_Nachbericht-2_Website_Magazin_Beitragsbild_728x728px-1.png",
"https://www.dwpbank.de/wp-content/uploads/2025/12/dwpbank_Ex-Summit_Nachbericht_Webseite_Magazin_Beitragsbild_728x728px.png",
"https://www.dwpbank.de/wp-content/uploads/2025/12/251117_dwpbank_Beitragsbild1_AkquiseLM_610x728px.jpg"
]
}
],
"wcag_matrix": {
"rows": [
{
"id": "wcag_non_text_content",
"ok": false,
"wcag": "WCAG 1.1.1 Non-text Content",
"title": "Alternativtexte für Bilder",
"impact": "mittel",
"status": "prüfen",
"evidence": "7 von 18 Bild(er) ohne alt-Text im HTML-Sample."
},
{
"id": "wcag_form_labels",
"ok": true,
"wcag": "WCAG 1.3.1 Info and Relationships / 3.3.2 Labels or Instructions",
"title": "Formularfelder beschriften",
"impact": "niedrig",
"status": "ok",
"evidence": "0 von 1 Formularfeld(er) ohne erkennbare Beschriftung."
},
{
"id": "wcag_button_names",
"ok": true,
"wcag": "WCAG 4.1.2 Name, Role, Value",
"title": "Buttons mit Namen versehen",
"impact": "niedrig",
"status": "ok",
"evidence": "0 von 7 Button(s) ohne erkennbaren Namen."
},
{
"id": "wcag_page_language",
"ok": true,
"wcag": "WCAG 3.1.1 Language of Page",
"title": "Seitensprache auszeichnen",
"impact": "niedrig",
"status": "ok",
"evidence": "HTML-lang-Attribut gefunden."
},
{
"id": "wcag_heading_structure",
"ok": false,
"wcag": "WCAG 1.3.1 Info and Relationships / 2.4.6 Headings and Labels",
"title": "Überschriftenstruktur",
"impact": "mittel",
"status": "prüfen",
"evidence": "0 H1 und 27 Überschrift(en) im HTML-Sample."
},
{
"id": "wcag_mobile_reflow",
"ok": true,
"wcag": "WCAG 1.4.10 Reflow",
"title": "Mobile Viewport-Basis",
"impact": "niedrig",
"status": "ok",
"evidence": "Viewport-Meta-Tag gefunden."
}
],
"summary": "2 WCAG-/EAA-Prüfpunkt(e) auffällig, davon 0 mit hoher Auswirkung.",
"standard": "WCAG 2.2 orientierte Basisprüfung",
"available": true,
"issue_count": 2,
"high_impact_count": 0
}
},
"domain_history": {
"status": [
"active"
],
"summary": "RDAP liefert kein klares Registrierungsdatum.",
"age_days": null,
"findings": [],
"available": true,
"registrar": "",
"expires_at": "",
"risk_level": "unknown",
"registered_at": "",
"expires_in_days": null,
"last_changed_at": "2015-07-28T08:41:58+00:00"
},
"data_entry_analysis": {
"forms": [
{
"url": "https://www.dwpbank.de/datenschutz",
"path": "/datenschutz",
"method": "UNBEKANNT",
"source": "crawl",
"purpose": "Formular",
"data_types": [],
"field_count": 0
},
{
"url": "https://www.dwpbank.de/impressum",
"path": "/impressum",
"method": "UNBEKANNT",
"source": "crawl",
"purpose": "Formular",
"data_types": [],
"field_count": 0
},
{
"url": "https://www.dwpbank.de/kontakt",
"path": "/kontakt",
"method": "UNBEKANNT",
"source": "crawl",
"purpose": "Formular",
"data_types": [],
"field_count": 0
},
{
"url": "https://www.dwpbank.de/presse",
"path": "/presse",
"method": "UNBEKANNT",
"source": "crawl",
"purpose": "Formular",
"data_types": [],
"field_count": 0
},
{
"purpose": "Formular",
"field_count": 0,
"source": "crawl",
"path": "/datenschutz",
"url": "https://www.dwpbank.de/datenschutz"
},
{
"purpose": "Formular",
"field_count": 0,
"source": "crawl",
"path": "/impressum",
"url": "https://www.dwpbank.de/impressum"
},
{
"purpose": "Formular",
"field_count": 0,
"source": "crawl",
"path": "/kontakt",
"url": "https://www.dwpbank.de/kontakt"
},
{
"purpose": "Formular",
"field_count": 0,
"source": "crawl",
"path": "/presse",
"url": "https://www.dwpbank.de/presse"
}
],
"score": 84,
"summary": "Crawl fand 6 Formular(e) auf 4 geprüften Seite(n), u. a. /datenschutz, /impressum, /kontakt, /presse.",
"findings": [],
"form_count": 6,
"risk_level": "medium",
"field_count": 1,
"asks_for_data": true,
"crawl_form_pages": [
{
"url": "https://www.dwpbank.de/datenschutz",
"path": "/datenschutz",
"category": "datenschutz",
"form_count": 1
},
{
"url": "https://www.dwpbank.de/impressum",
"path": "/impressum",
"category": "impressum",
"form_count": 1
},
{
"url": "https://www.dwpbank.de/kontakt",
"path": "/kontakt",
"category": "kontakt",
"form_count": 2
},
{
"url": "https://www.dwpbank.de/presse",
"path": "/presse",
"category": "kontakt",
"form_count": 2
}
],
"payment_providers": [],
"detected_data_types": [
{
"id": "contact",
"count": 1,
"label": "Kontaktformular"
}
],
"crawl_form_page_count": 4,
"privacy_context_found": true,
"operator_context_found": true
},
"pii_exposure_analysis": {
"color": "green",
"score": 100,
"checks": [
{
"id": "current_url",
"ok": true,
"count": 0,
"label": "Aktuelle URL",
"detail": "Keine sensiblen Query-Parameter erkannt."
},
{
"id": "link_queries",
"ok": true,
"count": 0,
"label": "Link-Parameter",
"detail": "Keine sensiblen Link-Querys erkannt."
},
{
"id": "get_forms",
"ok": true,
"count": 0,
"label": "GET-Formulare",
"detail": "Keine personenbezogenen GET-Formulare erkannt."
},
{
"id": "external_forms",
"ok": true,
"count": 0,
"label": "Externe Formularziele",
"detail": "Keine externen Formularziele mit personenbezogenen Feldern erkannt."
},
{
"id": "tracking_context",
"ok": true,
"count": 0,
"label": "Tracking neben Dateneingabe",
"detail": "Keine Kombination aus Dateneingabe und datenschutzrelevanten Drittanbietern erkannt."
}
],
"status": "unauffällig",
"summary": "0 PII-/Datenleck-Hinweis(e) aus URL-, Formular- und Browserkontext.",
"findings": [],
"link_hits": [],
"finding_count": 0,
"current_url_hits": [],
"tracking_context": false,
"sensitive_get_forms": []
},
"scan_history_analysis": {
"available": false,
"summary": "Noch kein früherer gespeicherter Scan für diese Domain vorhanden.",
"total_scan_count": 1,
"previous_scan_count": 0,
"history": [
{
"scan_id": "1b7aa875-5d2f-4b97-8f4a-510db23869e5",
"created_at": "2026-06-19 09:24:17.215598+02",
"score": 49,
"verdict": "riskant",
"finding_count": 35,
"integrity_root_hash": "d43f9be31ca1459dbcea052676309651f0dce14a22ebb2c35a9ccf627978867b",
"integrity_available_hash_count": 9,
"current": true
}
],
"new_findings": [],
"resolved_findings": [],
"technical_changes": {
"available": false,
"summary": "Noch kein früherer Scan für technische Änderungen vorhanden."
}
},
"benchmark_analysis": {
"host": "dwpbank.de",
"rank": 1,
"score": 49,
"status": "im_mittelfeld",
"summary": "dwpbank.de liegt mit 49 Punkten ungefähr im gespeicherten Vergleichsfeld.",
"available": true,
"peer_count": 4300,
"percentile": 0,
"query_mode": "php_ttl_cache_refresh",
"distribution": {
"0_39": 742,
"40_59": 1862,
"60_79": 1688,
"80_100": 8
},
"median_score": 57,
"average_score": 51.5,
"comparison_basis": "Neuester gespeicherter SaferPage-Scan je Domain; überwiegend deutschsprachige gespeicherte Checks.",
"same_score_count": 0,
"better_than_count": 0,
"qualified_peer_count": 4167,
"zero_score_count": 133,
"top_quartile_score": 64,
"top_decile_score": 67,
"qualified_average_score": 53.2,
"qualified_median_score": 58,
"qualified_top_quartile_score": 64,
"qualified_top_decile_score": 68,
"thresholds": [
{
"id": "critical",
"label": "Kritisch",
"range": "0-39",
"met": false
},
{
"id": "basic",
"label": "Basis stabilisieren",
"range": "40-59",
"met": true
},
{
"id": "managed",
"label": "Gesteuert",
"range": "60-79",
"met": false
},
{
"id": "strong",
"label": "Stark",
"range": "80-100",
"met": false
}
],
"risk_tier": "basis",
"target_score": 60,
"aspirational_target_score": 68,
"gap_to_target": 11,
"gap_to_top_quartile": 15,
"gap_to_strong": 31,
"cache_ttl_seconds": 300
},
"audit_receipt": {
"url": "https://dwpbank.de/",
"host": "dwpbank.de",
"status": "verfügbar",
"bot_url": "https://saferpage.de/bot",
"summary": "Prüfbeleg für dwpbank.de: kontrollierter HTTP-/Browser-Kurzcheck mit 116 Request(s), 4 Consent-Zustand/Zuständen und 7 Artefakt(en).",
"renderer": "playwright-chromium",
"artifacts": [
{
"label": "Öffentlicher Kurzreport",
"detail": "https://saferpage.de/dwpbank.de",
"status": "verfügbar"
},
{
"label": "JSON-Export",
"detail": "Maschinenlesbarer Report mit Modulen, Nachweisen und Tabellen.",
"status": "verfügbar"
},
{
"label": "CSV-Export",
"detail": "Tabellarische Prüfzeilen für Betreiber, Datenschutz und Technik.",
"status": "verfügbar"
},
{
"label": "160x150 Seitenvorschau",
"detail": "/cache/screenshots/dwpbank.de-160x150-4fa7e2b94b009a34e4.png",
"status": "verfügbar"
},
{
"label": "Cookie-Erklärung",
"detail": "5 Cookie-/Storage-Eintrag/Einträge.",
"status": "auffällig"
},
{
"label": "Empfänger-/Anbieterinventar",
"detail": "1 Anbieterzeile(n), 1 AVV-/Rollenprüfung(en).",
"status": "unauffällig"
},
{
"label": "Barrierefreiheitserklärung-Entwurf",
"detail": "2 bekannte Barrierefreiheits-Punkt(e).",
"status": "Teilweise konform im automatischen Basischeck"
}
],
"available": true,
"final_url": "https://www.dwpbank.de/",
"checked_at": "2026-06-19T07:24:16+00:00",
"share_text": "SaferPage Prüfbeleg dwpbank.de: 116 Browser-Request(s), 1 Drittanbieter, 5 Cookie-/Storage-Einträge, geprüft am 2026-06-19T07:24:16.",
"user_agent": "SaferPageCrawler/0.3 (+https://saferpage.de/bot; schedules passive DACH website checks; report examples: https://saferpage.de/tests; kostenloser Report: <a href=\"https://saferpage.de/dwpbank.de\">https://saferpage.de/dwpbank.de</a>)",
"limitations": [
"Öffentliche Nachweise enthalten keine Cookie-Werte und keine vollständigen Request-URLs.",
"Der Scan ist ein passiver Browser- und HTTP-Kurzcheck; rechtliche Bewertung bleibt Betreiberaufgabe.",
"Dynamische Inhalte können sich je nach Region, Zeit, Gerät und Consent-Auswahl ändern."
],
"scan_context": "crawler",
"coverage_items": [
{
"label": "HTTP/DNS/TLS",
"value": "HTTP 200 · DNS ok · TLS ok"
},
{
"label": "Browserlauf",
"value": "116 Request(s), 1 Drittanbieter-Domain(s), 3 Browser-Cookie(s)."
},
{
"label": "Consent-Zustände",
"value": "4 Zustand/Zustände: Default, Ablehnen, Akzeptieren und GPC soweit verfügbar."
},
{
"label": "Seitenabdeckung",
"value": "8 priorisierte Unterseite(n) im Nachweispack."
},
{
"label": "Drittanbieter-Auszug",
"value": "1 Anbieterzeile(n) im öffentlichen Nachweis."
},
{
"label": "Cookie-Auszug",
"value": "3 Cookie-Zeile(n) im öffentlichen Nachweis."
}
],
"confidence_score": 65,
"browser_final_url": "https://www.dwpbank.de/"
},
"evidence_integrity_manifest": {
"host": "dwpbank.de",
"status": "verfügbar",
"summary": "Integritätsmanifest für dwpbank.de: 9/9 Nachweisbereich(e) mit SHA-256-Hash dokumentiert.",
"sections": [
{
"id": "audit_receipt",
"hash": "13db8e983dc1067ecad5414989c03bef9b8f6d0e43eb66a2cf016a02bf60d279",
"count": 18,
"label": "Prüfbeleg",
"detail": "Kanonischer JSON-Hash des kompakten Prüfbelegs.",
"status": "verfügbar"
},
{
"id": "protocol",
"hash": "572f0dc1de234595fa726d958b7d0d713aeab80e9cc35507d303391400f51bab",
"count": 15,
"label": "Scan-Protokoll",
"detail": "URL, Endziel, User-Agent, Zeitstempel, HTTP/DNS/TLS und Renderer.",
"status": "verfügbar"
},
{
"id": "checkpoints",
"hash": "f78eff593148b2b6faf912cc36750c60acc7b43183075a4ae0fbd82c5232568b",
"count": 6,
"label": "Prüfschritte",
"detail": "Kanonischer JSON-Hash der dokumentierten Prüfstationen.",
"status": "verfügbar"
},
{
"id": "consent_states",
"hash": "46107fcfe25dad7a202abeb69d50608c2567930c8f3c1e25b255511fc0486217",
"count": 4,
"label": "Consent-Zustände",
"detail": "Default-, Ablehnen-, Akzeptieren- und GPC-Nachweise soweit verfügbar.",
"status": "verfügbar"
},
{
"id": "third_party_evidence",
"hash": "bd1ad068a8382dce8acc8a9c73b4fb22ab60bc01cc27caf482273e40439c0efe",
"count": 1,
"label": "Drittanbieter-Auszug",
"detail": "Sanitisierte Anbieter-, Kategorie-, Transfer- und Request-Zählwerte.",
"status": "verfügbar"
},
{
"id": "cookie_evidence",
"hash": "2aa65462f7d65e21f793f0f0c25d5a98ac2aa06cdc44dcf4948eaa007c41621d",
"count": 3,
"label": "Cookie-Auszug",
"detail": "Sanitisierte Cookie-Metadaten ohne Cookie-Werte.",
"status": "verfügbar"
},
{
"id": "request_samples",
"hash": "253857b612092cda72a5765638028bc132d2a2c4fff1b695945c1046353e3a83",
"count": 1,
"label": "Request-Samples",
"detail": "Sanitisierte Drittanbieter-Samples ohne vollständige Request-URLs.",
"status": "verfügbar"
},
{
"id": "checked_pages",
"hash": "0b4889c3ffbcc26b284a2628b5ae1106748a3e2ea2749721c3567a8c63613a12",
"count": 8,
"label": "Geprüfte Unterseiten",
"detail": "Priorisierte Pfade aus Sitemap, Pflichtseiten und interner Linkstruktur.",
"status": "verfügbar"
},
{
"id": "screenshot_file",
"hash": "5c73eb5685faa4b006562dbd597adf09e2566f21b616995d5bc2f786c5ad2cbf",
"count": 6002,
"label": "160x150 Seitenvorschau-Datei",
"detail": "/cache/screenshots/dwpbank.de-160x150-4fa7e2b94b009a34e4.png",
"status": "verfügbar"
}
],
"algorithm": "sha256",
"available": true,
"root_hash": "d43f9be31ca1459dbcea052676309651f0dce14a22ebb2c35a9ccf627978867b",
"checked_at": "2026-06-19T07:24:16+00:00",
"limitations": [
"Das Manifest schützt die im Report veröffentlichten/sanitisierten Nachweise, nicht verdeckte Cookie-Werte oder vollständige Request-URLs.",
"Ohne externe qualifizierte Zeitstempelung beweist der Hash Integrität des exportierten Artefakts, aber keine amtliche Zustellung."
],
"section_count": 9,
"canonicalization": "JSON UTF-8, sort_keys=true, kompakte Separatoren; Screenshot als rohe Datei-Bytes.",
"available_hash_count": 9
},
"audit_evidence_pack": {
"status": "verfügbar",
"summary": "Nachweisprotokoll mit 116 Browser-Request(s), 3 Cookie-Nachweis(en), 1 Drittanbieter-Auszug/auszügen und 4 Consent-Zustand/Zuständen.",
"protocol": {
"host": "dwpbank.de",
"dns_ok": true,
"tls_ok": true,
"bot_url": "https://saferpage.de/bot",
"renderer": "playwright-chromium",
"final_url": "https://www.dwpbank.de/",
"input_url": "https://dwpbank.de/",
"checked_at": "2026-06-19T07:24:16+00:00",
"user_agent": "SaferPageCrawler/0.3 (+https://saferpage.de/bot; schedules passive DACH website checks; report examples: https://saferpage.de/tests; kostenloser Report: <a href=\"https://saferpage.de/dwpbank.de\">https://saferpage.de/dwpbank.de</a>)",
"http_status": 200,
"scan_context": "crawler",
"screenshot_url": "/cache/screenshots/dwpbank.de-160x150-4fa7e2b94b009a34e4.png",
"googlebot_status": 200,
"browser_final_url": "https://www.dwpbank.de/",
"dns_address_count": 2
},
"checkpoints": [
{
"label": "DNS",
"detail": "2 Adresse(n) aufgelöst.",
"status": "ok"
},
{
"label": "TLS/HTTPS",
"detail": "TLSv1.3",
"status": "ok"
},
{
"label": "HTTP-Abruf",
"detail": "Status 200, Endziel https://www.dwpbank.de/.",
"status": "ok"
},
{
"label": "Browserlauf",
"detail": "116 Request(s), 1 Drittanbieter-Domain(s).",
"status": "ok"
},
{
"label": "Consent-Zustände",
"detail": "Default, Ablehnen, Akzeptieren und GPC werden soweit möglich gegenübergestellt.",
"status": "unauffällig"
},
{
"label": "Exports",
"detail": "PDF/Druck, JSON und CSV enthalten die wesentlichen Prüfnachweise.",
"status": "verfügbar"
}
],
"limitations": [
"Öffentliche Nachweise enthalten keine Cookie-Werte und keine vollständigen Request-URLs.",
"Der Scan ist ein passiver Browser- und HTTP-Kurzcheck; rechtliche Bewertung bleibt Betreiberaufgabe.",
"Dynamische Inhalte können sich je nach Region, Zeit, Gerät und Consent-Auswahl ändern."
],
"checked_pages": [
{
"path": "/datenschutz",
"source": "homepage_link",
"status": 0,
"category": "datenschutz"
},
{
"path": "/impressum",
"source": "homepage_link",
"status": 0,
"category": "impressum"
},
{
"path": "/kontakt",
"source": "homepage_link",
"status": 0,
"category": "kontakt"
},
{
"path": "/presse",
"source": "homepage_link",
"status": 0,
"category": "kontakt"
},
{
"path": "/magazin/technologie/anleger-koennen-direkt-vom-girokonto-investieren",
"source": "sitemap",
"status": 0,
"category": "login"
},
{
"path": "/magazin/insights/sparkassentag-2025-wertvoller-austausch-mit-unseren-kunden",
"source": "sitemap",
"status": 0,
"category": "checkout"
},
{
"path": "/magazin/regulatorik/service-fuer-ermaessigung-von-quellensteuern-auf-finnische-dividendenzahlungen",
"source": "sitemap",
"status": 0,
"category": "checkout"
},
{
"path": "/sparkassentag-2023-wiederanlagemanagement-der-dwpbank",
"source": "sitemap",
"status": 0,
"category": "checkout"
}
],
"cookie_evidence": [
{
"name": "_pk_id.1.dae4",
"domain": "dwpbank.de",
"secure": false,
"category": "Analytics",
"provider": "Matomo",
"tracking": true,
"retention": "lang (392 Tage)",
"same_site": "Lax",
"pre_consent": true
},
{
"name": "_pk_ses.1.dae4",
"domain": "dwpbank.de",
"secure": false,
"category": "Analytics",
"provider": "Matomo",
"tracking": true,
"retention": "kurz (0 Tage)",
"same_site": "Lax",
"pre_consent": true
},
{
"name": "borlabs-cookie",
"domain": "dwpbank.de",
"secure": true,
"category": "Unklar",
"provider": "dwpbank.de",
"tracking": false,
"retention": "lang (364 Tage)",
"same_site": "Lax",
"pre_consent": true
}
],
"browser_evidence": {
"gpc_enabled": true,
"request_count": 116,
"storage_total": 2,
"accept_clicked": false,
"reject_clicked": false,
"browser_cookie_count": 3,
"contacted_domain_count": 2,
"third_party_domain_count": 1,
"storage_tracking_hint_count": 0,
"privacy_relevant_domain_count": 0
},
"storage_evidence": {
"tracking_key_hints": [],
"local_storage_total": 1,
"session_storage_total": 1
},
"third_party_evidence": [
{
"host": "use.fontawesome.com",
"category": "Sonstige",
"provider": "use.fontawesome.com",
"transfer": "Jurisdiktion unklar",
"risk_level": "niedrig",
"request_count": 1,
"resource_types": [
"stylesheet"
],
"privacy_relevant": false
}
],
"external_script_count": 0,
"consent_state_evidence": [
{
"label": "Erstaufruf",
"cookie_count": 0,
"domain_count": 1,
"request_count": 1,
"storage_tracking_hint_count": 0,
"privacy_relevant_domain_count": 0
},
{
"label": "Nach Ablehnen neu",
"cookie_count": 0,
"domain_count": 0,
"request_count": 0,
"storage_tracking_hint_count": 0,
"privacy_relevant_domain_count": 0
},
{
"label": "Nach Akzeptieren neu",
"cookie_count": 0,
"domain_count": 0,
"request_count": 0,
"storage_tracking_hint_count": 0,
"privacy_relevant_domain_count": 0
},
{
"label": "GPC-Aufruf",
"cookie_count": 0,
"domain_count": 1,
"request_count": 1,
"storage_tracking_hint_count": 0,
"privacy_relevant_domain_count": 0
}
],
"request_sample_evidence": [
{
"host": "use.fontawesome.com",
"query_keys": [],
"resource_type": "stylesheet",
"query_key_count": 0,
"referrer_has_path": false,
"referrer_has_query": false,
"sensitive_query_key_count": 0
}
]
},
"consent_visual_salience_evidence": {
"schema": "https://saferpage.de/schemas/consent-visual-salience-evidence.v1",
"status": "measured_dom_viewport_signal",
"available": true,
"evidence_level": "dom_viewport_signal_only",
"summary": "Der erste Headless-Chromium-Viewport liefert sichtbare Consent-Control-Signale mit Text, Position, Groesse und typografischen Hinweisen.",
"sample_status": "classified_control_samples",
"classified_sample_count": 1,
"accept_control_count": 0,
"reject_control_count": 0,
"settings_control_count": 1,
"visible_control_count": 15,
"accept_max_area": 0,
"reject_max_area": 0,
"reject_prominence_ratio": "nicht messbar",
"samples": [
{
"kind": "settings",
"text": "Cookie-Einstellungen bearbeiten",
"tag": "a",
"width": 52,
"height": 52,
"area": 2704,
"top": 882,
"left": 24,
"font_weight": "400"
}
],
"sample_boundary": "Samples enthalten nur klassifizierte Accept-/Reject-/Settings-Controls. Weitere sichtbare Consent-Controls bleiben als Zaehler erhalten, werden aber ohne Klassifizierung nicht als Ablehnen-, Akzeptieren- oder Einstellungsprobe behauptet.",
"claim_boundary": "Consent-Visual-Salienz ist ein DOM-/Viewport-Signal aus dem ersten Browserlauf. Sie ist keine Rechtsbewertung, kein Dark-Pattern-Endurteil und kein Nachweis fuer spaetere Consent-Zustaende, Scrollbereiche, Loginbereiche oder manuelle Betreiberkontexte."
}
}
Geprüfte Domain-Wurzel: https://dwpbank.de/