Scan-Fakten als JSON anzeigen
{
"schema": "https://saferpage.de/schemas/public-scan-facts.v1",
"claim_boundary": "Öffentliche Rohdaten enthalten nur Scan-Fakten, Statuswerte, Evidence-Grenzen und feste Detail-/Hintergrund-Links. Betreiber-Hintergrund, Planungen, Checklisten, Code und allgemeine Empfehlungen stehen auf separaten Seiten.",
"current_evidence_policy": {
"schema": "https://saferpage.de/schemas/public-scan-current-evidence-policy.v1",
"status": "current_scan_fields_only",
"summary": "Der Fakten-JSON exportiert nur Felder, die im gespeicherten aktuellen Scan wirklich vorhanden sind. Fehlende neue Evidence wird nicht aus alten Testergebnisformaten nachgebaut.",
"guardrails": [
"Keine synthetischen Boundary-Fallbacks fuer alte Scans",
"Keine Nachbewertung alter Testergebnisse im Fakten-JSON",
"Keine Betreiber-Empfehlung im Report-JSON"
]
},
"host": "login.noz.de",
"normalized_url": "https://login.noz.de/",
"score": 62,
"verdict": {
"color": "orange",
"label": "auffällig",
"score": 62
},
"scan_id": "74d7d028-f71f-4b60-ad08-b55d7f9146a9",
"created_at": "2026-06-20 05:23:15.299641+02",
"evidence": {
"dns": {
"ok": true,
"addresses": [
"85.215.147.241"
],
"duration_ms": 19
},
"tls": {
"ok": true,
"cipher": "TLS_AES_256_GCM_SHA384",
"issuer": [
[
[
"countryName",
"US"
]
],
[
[
"organizationName",
"Let's Encrypt"
]
],
[
[
"commonName",
"YR1"
]
]
],
"subject": [
[
[
"commonName",
"login.noz.viakom.cloud"
]
]
],
"version": "TLSv1.3",
"not_after": "Aug 27 07:48:34 2026 GMT",
"hostname_matches": true,
"days_until_expiry": 68,
"subject_alt_names": [
"login.dk-online.de",
"login.noz.de",
"login.noz.viakom.cloud",
"login.om-online.de",
"login.shz.de"
],
"issuer_common_name": "YR1"
},
"http": {
"ok": true,
"status": 200,
"headers": {
"date": "Sat, 20 Jun 2026 03:22:53 GMT",
"vary": "Accept-Encoding",
"pragma": "no-cache",
"server": "Apache",
"expires": "Thu, 1 Jan 1970 00:00:00 GMT",
"upgrade": "h2",
"connection": "Upgrade, close",
"content-type": "text/html; charset=UTF-8",
"x-powered-by": "PHP/8.4.22",
"cache-control": "max-age=0, no-cache, no-store, must-revalidate",
"transfer-encoding": "chunked",
"content-security-policy": "frame-src 'self' https://cdn.cxense.com/ https://mein.om-online.works/ https://login.om-online.works/ https://login.dk-online.works/ https://login.noz.works/ https://login.a-beig.works/ https://login.nnn.works/ https://login.svz.works/ https://login.shz.works/ https://cdn.piano.io/id/ https://sandbox.piano.io/ https://sandbox.tinypass.com/ https://experience.piano.io/ https://accounts.google.com/;",
"strict-transport-security": "max-age=31536000; includeSubDomains",
"cross-origin-opener-policy": "same-origin same-origin-allow-popups",
"access-control-allow-origin": "*"
},
"body_size": 17980,
"final_url": "https://login.noz.de/",
"duration_ms": 117
},
"scanner": {
"bot_url": "https://saferpage.de/bot",
"context": "crawler",
"user_agent": "SaferPageCrawler/0.3 (+https://saferpage.de/bot; schedules passive DACH website checks; report examples: https://saferpage.de/tests; kostenloser Report: <a href=\"https://saferpage.de/login.noz.de\">https://saferpage.de/login.noz.de</a>)",
"default_user_agent": "SaferPageBot/0.2 (+https://saferpage.de/bot; passive website safety check; no attack tests)"
},
"domain_records": {
"mx": true,
"caa": true,
"spf": false,
"dmarc": false,
"dnssec": true,
"records": {
"mx": [
"server-06.noz.viakom.cloud."
],
"ns": [
"server-06.noz.viakom.cloud."
],
"caa": [
"server-06.noz.viakom.cloud."
],
"txt": [
"server-06.noz.viakom.cloud."
],
"cname": [
"server-06.noz.viakom.cloud."
],
"dmarc": [],
"dnskey_present": true
},
"spf_includes": [],
"verifications": []
},
"googlebot_http": {
"ok": true,
"status": 200,
"headers": {
"date": "Sat, 20 Jun 2026 03:22:53 GMT",
"vary": "Accept-Encoding",
"pragma": "no-cache",
"server": "Apache",
"expires": "Thu, 1 Jan 1970 00:00:00 GMT",
"upgrade": "h2",
"connection": "Upgrade, close",
"content-type": "text/html; charset=UTF-8",
"x-powered-by": "PHP/8.4.22",
"cache-control": "max-age=0, no-cache, no-store, must-revalidate",
"transfer-encoding": "chunked",
"content-security-policy": "frame-src 'self' https://cdn.cxense.com/ https://mein.om-online.works/ https://login.om-online.works/ https://login.dk-online.works/ https://login.noz.works/ https://login.a-beig.works/ https://login.nnn.works/ https://login.svz.works/ https://login.shz.works/ https://cdn.piano.io/id/ https://sandbox.piano.io/ https://sandbox.tinypass.com/ https://experience.piano.io/ https://accounts.google.com/;",
"strict-transport-security": "max-age=31536000; includeSubDomains",
"cross-origin-opener-policy": "same-origin same-origin-allow-popups",
"access-control-allow-origin": "*"
},
"body_size": 17671,
"final_url": "https://login.noz.de/",
"duration_ms": 108
},
"ai_search_policy_evidence": {
"files": [
{
"id": "robots_txt",
"url": "https://login.noz.de/robots.txt",
"label": "robots.txt",
"reason": "http_error",
"status": "missing",
"body_size": 0,
"truncated": false,
"body_sha256": "",
"duration_ms": 293,
"http_status": 404,
"relevant_lines": []
},
{
"id": "llms_txt",
"url": "https://login.noz.de/llms.txt",
"label": "llms.txt",
"reason": "http_error",
"status": "missing",
"body_size": 0,
"truncated": false,
"body_sha256": "",
"duration_ms": 179,
"http_status": 404,
"relevant_lines": []
},
{
"id": "ai_txt",
"url": "https://login.noz.de/.well-known/ai.txt",
"label": "AI Policy",
"reason": "http_error",
"status": "missing",
"body_size": 0,
"truncated": false,
"body_sha256": "",
"duration_ms": 141,
"http_status": 404,
"relevant_lines": []
},
{
"id": "ai_policy_txt",
"url": "https://login.noz.de/.well-known/ai-policy.txt",
"label": "AI Policy",
"reason": "http_error",
"status": "missing",
"body_size": 0,
"truncated": false,
"body_sha256": "",
"duration_ms": 93,
"http_status": 404,
"relevant_lines": []
},
{
"id": "ward_txt",
"url": "https://login.noz.de/.well-known/ward.txt",
"label": "WARD Policy",
"reason": "http_error",
"status": "missing",
"body_size": 0,
"truncated": false,
"body_sha256": "",
"duration_ms": 119,
"http_status": 404,
"relevant_lines": []
}
],
"origin": "https://login.noz.de",
"schema": "https://saferpage.de/schemas/ai-search-policy-evidence.v1",
"status": "checked",
"metrics": {
"file_count": 5,
"found_file_count": 0,
"policy_file_count": 0,
"explicit_ai_bot_count": 0
},
"summary": "0 von 5 Policy-Datei(en) gefunden; 0 explizite KI-Bot-Regel(n) in robots.txt.",
"available": true,
"guardrails": [
"Nur feste Same-Origin-Policy-Dateien",
"Keine Off-Host-Redirects",
"64-KB-Body-Limit",
"Öffentlich nur Hash, Status und kurze relevante Zeilen"
],
"known_ai_bots": [
"GPTBot",
"ChatGPT-User",
"Google-Extended",
"ClaudeBot",
"PerplexityBot",
"CCBot"
],
"explicit_ai_bots": [],
"policy_file_count": 0,
"llms_ward_policy_status": "not_publicly_verified",
"robots_ai_policy_status": "robots_missing"
},
"adtech_transparency_evidence": {
"files": [
{
"id": "ads_txt",
"url": "https://login.noz.de/ads.txt",
"label": "ads.txt",
"reason": "http_error",
"status": "missing",
"body_size": 0,
"truncated": false,
"body_sha256": "",
"duration_ms": 303,
"http_status": 404,
"ads_txt_policy": [],
"relevant_lines": [],
"sellers_json_policy": []
},
{
"id": "app_ads_txt",
"url": "https://login.noz.de/app-ads.txt",
"label": "app-ads.txt",
"reason": "http_error",
"status": "missing",
"body_size": 0,
"truncated": false,
"body_sha256": "",
"duration_ms": 162,
"http_status": 404,
"ads_txt_policy": [],
"relevant_lines": [],
"sellers_json_policy": []
},
{
"id": "sellers_json",
"url": "https://login.noz.de/sellers.json",
"label": "sellers.json",
"reason": "http_error",
"status": "missing",
"body_size": 0,
"truncated": false,
"body_sha256": "",
"duration_ms": 138,
"http_status": 404,
"ads_txt_policy": [],
"relevant_lines": [],
"sellers_json_policy": []
}
],
"origin": "https://login.noz.de",
"schema": "https://saferpage.de/schemas/adtech-transparency-evidence.v1",
"status": "checked",
"metrics": {
"file_count": 3,
"direct_count": 0,
"reseller_count": 0,
"found_file_count": 0,
"ads_txt_entry_count": 0,
"exchange_domain_count": 0,
"app_ads_txt_entry_count": 0,
"sellers_json_seller_count": 0
},
"summary": "0 von 3 AdTech-Transparenzdatei(en) gefunden; 0 DIRECT- und 0 RESELLER-Zeile(n).",
"available": true,
"guardrails": [
"Nur feste Same-Origin-AdTech-Dateien",
"Keine Off-Host-Redirects",
"64-KB-Body-Limit",
"Öffentlich nur Hash, Status, Zähler und kurze relevante Zeilen"
],
"direct_count": 0,
"ads_txt_found": false,
"reseller_count": 0,
"app_ads_txt_found": false,
"sellers_json_found": false,
"ads_txt_entry_count": 0,
"exchange_domain_count": 0,
"sellers_json_parse_ok": false,
"app_ads_txt_entry_count": 0,
"sellers_json_seller_count": 0
},
"security_trust_policy_evidence": {
"files": [
{
"id": "security_txt",
"url": "https://login.noz.de/.well-known/security.txt",
"label": "security.txt",
"reason": "http_error",
"status": "missing",
"body_size": 0,
"truncated": false,
"body_sha256": "",
"duration_ms": 291,
"http_status": 404,
"relevant_lines": [],
"security_txt_policy": []
},
{
"id": "security_txt_legacy",
"url": "https://login.noz.de/security.txt",
"label": "security.txt legacy",
"reason": "http_error",
"status": "missing",
"body_size": 0,
"truncated": false,
"body_sha256": "",
"duration_ms": 172,
"http_status": 404,
"relevant_lines": [],
"security_txt_policy": []
}
],
"origin": "https://login.noz.de",
"schema": "https://saferpage.de/schemas/security-trust-policy-evidence.v1",
"status": "checked",
"metrics": {
"file_count": 2,
"field_count": 0,
"contact_count": 0,
"found_file_count": 0,
"preferred_well_known_found": 0
},
"summary": "0 von 2 security.txt-Ziel(en) gefunden; 0 Kontaktfeld(er), 0 strukturierte Feld(er).",
"available": true,
"guardrails": [
"Nur feste Same-Origin-security.txt-Ziele",
"Keine Off-Host-Redirects",
"64-KB-Body-Limit",
"Öffentlich nur Hash, Status und kurze relevante Zeilen"
],
"field_count": 0,
"contact_count": 0,
"fields_present": [],
"policy_present": false,
"expires_present": false,
"encryption_present": false,
"security_txt_found": false,
"preferred_well_known_found": false
}
},
"findings": [
{
"id": "hidden_text",
"title": "Versteckter Text erkannt",
"public": true,
"audience": "nutzer",
"category": "seo",
"severity": "warning",
"evidence_items": [
"„Sie sind bereits eingeloggt\" (display:none)",
"„Ihre Registrierung war erfolgreich! Bitte klicken Sie den Bestätigungslink in der E-Mail, die wir Ihnen geschickt haben. Nach erfolgter Bestätigung, können Sie sich in der App mit Ihrer E-Mail Adresse und dem Passwort, d\" (display:none)",
"„Bitte prüfen Sie Ihre E-Mails. Wir haben Ihnen eine Mail mit einem Link gesendet!\" (display:none)",
"„Meine Angaben können von der Neue OZ zum Zwecke meiner weiteren Betreuung, der Zusendung von Informationen zu Produkten und Services sowie Befragungen verarbeitet und genutzt werden. Eine Weitergabe an Dritte erfolgt nic\" (display:none)",
"„Gerätelimit erreicht Sie haben die maximale Anzahl an Geräten überschritten, auf denen Sie sich gleichzeitig mit Ihren Zugangsdaten anmelden können.\" (display:none)"
],
"user_importance": 128,
"importance_label": "Wichtig für Nutzer"
},
{
"id": "pre_consent_nonessential_cookies",
"title": "Möglicherweise nicht notwendige Cookies vor Einwilligung",
"public": true,
"source": "chromium_cookie_inventory",
"cookies": [
"__pcid",
"_pcid",
"_pctx",
"_pprv"
],
"audience": "nutzer",
"category": "privacy",
"severity": "warning",
"evidence_items": [
"__pcid",
"_pcid",
"_pctx",
"_pprv"
],
"user_importance": 127,
"importance_label": "Wichtig für Nutzer"
},
{
"id": "pii_sensitive_get_form",
"forms": [
{
"fields": [
"address",
"email",
"login"
]
}
],
"title": "Formular mit personenbezogenen Feldern nutzt GET",
"public": true,
"audience": "nutzer",
"category": "privacy",
"severity": "warning",
"user_importance": 124,
"importance_label": "Wichtig für Nutzer"
},
{
"id": "consent_no_reject_option",
"title": "Cookie-Hinweis ohne klare Ablehnen-Option",
"public": true,
"audience": "nutzer",
"category": "privacy",
"severity": "warning",
"evidence_items": [
"Sichtbare Banner-Controls: Akzeptieren 0, Ablehnen 0, Einstellungen 0"
],
"user_importance": 121,
"importance_label": "Wichtig für Nutzer"
},
{
"id": "consent_accept_only",
"title": "Consent wirkt wie Nur-Akzeptieren",
"public": true,
"audience": "nutzer",
"category": "privacy",
"severity": "warning",
"evidence_items": [
"Sichtbare Banner-Controls: Akzeptieren 0, Ablehnen 0, Einstellungen 0"
],
"user_importance": 120,
"importance_label": "Wichtig für Nutzer"
},
{
"id": "operator_identity_unclear",
"title": "Betreiberidentität wirkt unklar",
"public": true,
"audience": "nutzer",
"category": "privacy",
"severity": "info",
"evidence_items": [
"Betreiberangaben im geprüften HTML uneindeutig oder unvollständig"
],
"user_importance": 114,
"importance_label": "Wichtig für Nutzer"
},
{
"id": "privacy_policy_too_thin",
"title": "Datenschutzhinweis wirkt sehr dünn",
"public": true,
"audience": "nutzer",
"category": "privacy",
"severity": "warning",
"evidence_items": [
"Erkannter Datenschutztext ist sehr kurz/dünn für eine vollständige Erklärung"
],
"user_importance": 113,
"importance_label": "Wichtig für Nutzer"
},
{
"id": "browser_keystroke_listener_signals",
"count": 5,
"title": "Viele Tastatur-/Eingabe-Listener im Browser erkannt",
"public": true,
"audience": "nutzer",
"category": "privacy",
"severity": "info",
"evidence_items": [
"Tastatur-Eingabe-Listener (Session-Replay-nah) im Browser-Lauf erkannt"
],
"user_importance": 110,
"importance_label": "Wichtig für Nutzer"
},
{
"id": "long_lived_cookie",
"count": 4,
"title": "Langlebige Cookies erkannt",
"public": true,
"audience": "nutzer",
"category": "privacy",
"severity": "info",
"evidence_items": [
"Cookie mit sehr langer Laufzeit erkannt (Details im Cookie-Inventar)"
],
"user_importance": 104,
"importance_label": "Wichtig für Nutzer"
},
{
"id": "important_pages_not_discovered",
"title": "Wichtige Betreiberseiten nicht vollständig in der Linkstruktur gefunden",
"public": true,
"audience": "nutzer",
"category": "crawl",
"severity": "warning",
"evidence_items": [
"Wichtige Seiten in der Linkstruktur gefunden: keine"
],
"user_importance": 88,
"importance_label": "Wichtig für Nutzer"
},
{
"id": "csp_missing_frame_ancestors",
"title": "Kein CSP-frame-ancestors oder X-Frame-Options",
"public": true,
"audience": "nutzer",
"category": "security_headers",
"severity": "info",
"evidence_items": [
"Content-Security-Policy ohne frame-ancestors-Direktive"
],
"user_importance": 84,
"importance_label": "Wichtig für Nutzer"
},
{
"id": "external_script_without_sri",
"count": 1,
"title": "Externe Skripte ohne Subresource Integrity",
"public": true,
"audience": "nutzer",
"category": "security_headers",
"severity": "info",
"evidence_items": [
"https://browser.sentry-cdn.com/6.17.1/bundle.min.js",
"https://c2.noz.de/xbuilder/experience/load?aid=m3iOnpn9pe"
],
"user_importance": 84,
"importance_label": "Wichtig für Nutzer"
},
{
"id": "missing_meta_description",
"title": "Meta-Description fehlt",
"public": true,
"audience": "nutzer",
"category": "content",
"severity": "info",
"evidence_items": [
"Im HTML kein <meta name=\"description\"> gefunden"
],
"user_importance": 84,
"importance_label": "Wichtig für Nutzer"
},
{
"id": "csp_missing_object_src",
"title": "CSP ohne object-src",
"public": true,
"audience": "betreiber",
"category": "security_headers",
"severity": "info",
"evidence_items": [
"Content-Security-Policy ohne object-src-Direktive"
],
"user_importance": 76,
"importance_label": "Technischer Hinweis"
},
{
"id": "csp_missing_base_uri",
"title": "CSP ohne base-uri",
"public": true,
"audience": "betreiber",
"category": "security_headers",
"severity": "info",
"evidence_items": [
"Content-Security-Policy ohne base-uri-Direktive"
],
"user_importance": 74,
"importance_label": "Technischer Hinweis"
},
{
"id": "missing_x_frame_options",
"title": "X-Frame-Options fehlt",
"public": true,
"audience": "betreiber",
"category": "security_headers",
"severity": "warning",
"evidence_items": [
"HTTP-Header „X-Frame-Options\" fehlt in der Antwort der Startseite"
],
"user_importance": 70,
"importance_label": "Technischer Hinweis"
},
{
"id": "missing_x_content_type_options",
"title": "X-Content-Type-Options fehlt",
"public": true,
"audience": "betreiber",
"category": "security_headers",
"severity": "warning",
"evidence_items": [
"HTTP-Header „X-Content-Type-Options\" fehlt in der Antwort der Startseite"
],
"user_importance": 70,
"importance_label": "Technischer Hinweis"
},
{
"id": "missing_cross_origin_embedder_policy",
"title": "Cross-Origin-Embedder-Policy fehlt",
"public": true,
"audience": "betreiber",
"category": "security_headers",
"severity": "info",
"evidence_items": [
"HTTP-Header „Cross-Origin-Embedder-Policy\" fehlt in der Antwort der Startseite"
],
"user_importance": 68,
"importance_label": "Technischer Hinweis"
},
{
"id": "missing_cross_origin_resource_policy",
"title": "Cross-Origin-Resource-Policy fehlt",
"public": true,
"audience": "betreiber",
"category": "security_headers",
"severity": "info",
"evidence_items": [
"HTTP-Header „Cross-Origin-Resource-Policy\" fehlt in der Antwort der Startseite"
],
"user_importance": 64,
"importance_label": "Technischer Hinweis"
},
{
"id": "crawl_coverage_limited",
"title": "Wenig interne Seiten auf der Startseite gefunden",
"public": true,
"audience": "betreiber",
"category": "crawl",
"severity": "info",
"evidence_items": [
"Nur 0 interne Links auf der Startseite gefunden"
],
"user_importance": 62,
"importance_label": "Technischer Hinweis"
},
{
"id": "missing_referrer_policy",
"title": "Referrer-Policy fehlt",
"public": true,
"audience": "betreiber",
"category": "security_headers",
"severity": "info",
"evidence_items": [
"HTTP-Header „Referrer-Policy\" fehlt in der Antwort der Startseite"
],
"user_importance": 40,
"importance_label": "Technischer Hinweis"
},
{
"id": "missing_permissions_policy",
"title": "Permissions-Policy fehlt",
"public": true,
"audience": "betreiber",
"category": "security_headers",
"severity": "info",
"evidence_items": [
"HTTP-Header „Permissions-Policy\" fehlt in der Antwort der Startseite"
],
"user_importance": 40,
"importance_label": "Technischer Hinweis"
},
{
"id": "unknown_vendor_jurisdiction",
"title": "Anbieter-Jurisdiktion nicht klar ableitbar",
"public": true,
"audience": "betreiber",
"category": "privacy",
"severity": "info",
"evidence_items": [
"Drittanbieter mit unklarer Anbieter-Jurisdiktion / möglichem Drittlandtransfer"
],
"user_importance": 30,
"importance_label": "Technischer Hinweis"
}
],
"audit_modules": [
{
"id": "privacy_consent",
"color": "red",
"score": 42,
"title": "Datenschutz, Cookies & Consent",
"source": "Browser, HTTP-Header, HTML und Consent-/Cookie-Heuristik",
"status": "kritisch",
"evidence": "0 Tracking-Script(s), 4 Cookie(s) vor Einwilligung, 0 Tracking-Cookie(s), Ablehnen-Option: nein, Consent-Audit: 50."
},
{
"id": "site_coverage",
"color": "orange",
"score": 50,
"title": "Seitenabdeckung & Crawl",
"source": "Startseiten-Links, Compliance-Links und begrenzter interner Zusatzabruf",
"status": "auffällig",
"evidence": "0 interne Linkziele erkannt, 0 priorisierte Unterseite(n) abgerufen."
},
{
"id": "browser_evidence",
"color": "orange",
"score": 54,
"title": "Browser-Nachweis",
"source": "Headless Chromium mit Screenshot- und Request-Telemetrie",
"status": "auffällig",
"evidence": "13 Request(s), 3 Drittanbieter-Domain(s), davon 0 datenschutzrelevant, 4 Browser-Cookie(s), Transfer-Prüfbedarf: 0, Referrer-/URL-Leaks: 0, Fingerprinting-/Replay-Hinweise: 1."
},
{
"id": "security_tls",
"color": "orange",
"score": 58,
"title": "Sicherheit, TLS & Header",
"source": "DNS, TLS, HTTP-Status, Zertifikat und Security-Header",
"status": "auffällig",
"evidence": "1 Infrastruktur-Hinweis(e), Security-Header: 3/9 vorhanden, 6 fehlen, externe Skript-Hosts: 2."
},
{
"id": "seo_integrity",
"color": "yellow",
"score": 82,
"title": "SEO-Integrität & Cloaking",
"source": "HTML-Inhalt, strukturierte Daten, Links und Googlebot-Vergleich",
"status": "prüfen",
"evidence": "1 SEO-Spam-Hinweis(e), 0 Cloaking-Hinweis(e)."
},
{
"id": "cookie_inventory",
"color": "yellow",
"score": 85,
"title": "Cookie-Inventar",
"source": "HTTP-Set-Cookie und Chromium-Cookies beim ersten Seitenaufruf",
"status": "prüfen",
"evidence": "4 Cookie(s), 0 Tracking-/Werbe-Cookie(s), 0 Drittanbieter-Cookie(s), 4 langlebig, 0 sehr lang."
},
{
"id": "operator_transparency",
"color": "yellow",
"score": 85,
"title": "Impressum, Kontakt & Datenschutzerklärung",
"source": "Deutschsprachige Betreiber- und Datenschutzhinweis-Erkennung",
"status": "prüfen",
"evidence": "Impressum: ja, Datenschutz: ja, Kontakt: ja."
},
{
"id": "forms_payments",
"color": "yellow",
"score": 86,
"title": "Formulare, Login & Zahlung",
"source": "HTML-Formulare, Eingabefelder, Zahlungsanbieter und Kontextlinks",
"status": "prüfen",
"evidence": "Die Seite kann Adresse, Login/Passwort, E-Mail abfragen."
},
{
"id": "pii_exposure",
"color": "yellow",
"score": 86,
"title": "PII, URL-Parameter & Datenleck-Schutz",
"source": "URL-Parameter, interne Links, HTML-Formulare, Browser-Drittanbieter und Dateneingabe-Kontext",
"status": "prüfen",
"evidence": "1 PII-/Datenleck-Hinweis(e) aus URL-, Formular- und Browserkontext."
},
{
"id": "script_supply_chain",
"color": "green",
"score": 96,
"title": "Externe Skripte & SRI",
"source": "HTML-Script-Tags, Anbieterklassifikation und SRI-Attribute",
"status": "unauffällig",
"evidence": "2 externe Skript(e) von 2 Host(s), 1 ohne SRI, 0 Tracking-/Tag-nahe Skript(e)."
},
{
"id": "accessibility_usability",
"color": "green",
"score": 100,
"title": "Barrierefreiheit & Usability",
"source": "Passives HTML-Sample: Bilder, Formulare, Buttons, Sprache, Headings und Viewport",
"status": "unauffällig",
"evidence": "0 Bild(er) ohne alt, 0 Formularfeld(er) ohne Beschriftung, 0 Button(s) ohne Namen."
},
{
"id": "consent_journey",
"color": "green",
"score": 100,
"title": "Consent-Journey-Matrix",
"source": "Chromium-Zustände: Erstaufruf, Reject, Accept und GPC",
"status": "unauffällig",
"evidence": "Consent-Journey: 0 neue Datenschutz-Domain(s) nach Ablehnen, 0 nach Akzeptieren, 0 im GPC-Aufruf."
},
{
"id": "embedded_content",
"color": "green",
"score": 100,
"title": "Externe Inhalte & Widgets",
"source": "HTML-Embeds und Chromium-Drittanbieter-Requests",
"status": "unauffällig",
"evidence": "0 externe Embed-/Widget-Dienst(e), 0 davon im ersten Browseraufruf geladen."
},
{
"id": "google_third_parties",
"color": "green",
"score": 100,
"title": "Google-Dienste & Drittanbieter",
"source": "Chromium-Requests, Anbieterklassifikation und Google Consent Mode Heuristik",
"status": "unauffällig",
"evidence": "Keine Google-Domain, keine Google-Tracking-ID und keine datenschutzrelevanten Drittanbieter im passiven Check erkannt."
},
{
"id": "performance_mobile",
"color": "green",
"score": 100,
"title": "Performance & mobile Nutzbarkeit",
"source": "HTTP-Antwort, HTML-Größe, Komprimierung und mobile Basis",
"status": "unauffällig",
"evidence": "Performance-Score 100, Antwortzeit 117 ms."
},
{
"id": "referrer_url_leaks",
"color": "green",
"score": 100,
"title": "Referrer & URL-Leaks",
"source": "Chromium-Request-Telemetrie ohne gespeicherte Parameterwerte",
"status": "unauffällig",
"evidence": "0 Drittanbieter-Domain(s) mit Referrer-/URL-Leak-Prüfbedarf, 0 sensible Query-Kontexte."
},
{
"id": "tracking_pixels_beacons",
"color": "green",
"score": 100,
"title": "Tracking-Pixel & Beacons",
"source": "HTML-Pixel, Link-Ping-Attribute, Chromium-Requests und Browser-API-Instrumentierung",
"status": "unauffällig",
"evidence": "0 Pixel-/Bildtracking-Hinweis(e), 0 Beacon-/Telemetry-Hinweis(e), 0 Link-Ping(s)."
}
],
"ai_search_policy_evidence": {
"files": [
{
"id": "robots_txt",
"url": "https://login.noz.de/robots.txt",
"label": "robots.txt",
"reason": "http_error",
"status": "missing",
"body_size": 0,
"truncated": false,
"body_sha256": "",
"duration_ms": 293,
"http_status": 404,
"relevant_lines": []
},
{
"id": "llms_txt",
"url": "https://login.noz.de/llms.txt",
"label": "llms.txt",
"reason": "http_error",
"status": "missing",
"body_size": 0,
"truncated": false,
"body_sha256": "",
"duration_ms": 179,
"http_status": 404,
"relevant_lines": []
},
{
"id": "ai_txt",
"url": "https://login.noz.de/.well-known/ai.txt",
"label": "AI Policy",
"reason": "http_error",
"status": "missing",
"body_size": 0,
"truncated": false,
"body_sha256": "",
"duration_ms": 141,
"http_status": 404,
"relevant_lines": []
},
{
"id": "ai_policy_txt",
"url": "https://login.noz.de/.well-known/ai-policy.txt",
"label": "AI Policy",
"reason": "http_error",
"status": "missing",
"body_size": 0,
"truncated": false,
"body_sha256": "",
"duration_ms": 93,
"http_status": 404,
"relevant_lines": []
},
{
"id": "ward_txt",
"url": "https://login.noz.de/.well-known/ward.txt",
"label": "WARD Policy",
"reason": "http_error",
"status": "missing",
"body_size": 0,
"truncated": false,
"body_sha256": "",
"duration_ms": 119,
"http_status": 404,
"relevant_lines": []
}
],
"origin": "https://login.noz.de",
"schema": "https://saferpage.de/schemas/ai-search-policy-evidence.v1",
"status": "checked",
"metrics": {
"file_count": 5,
"found_file_count": 0,
"policy_file_count": 0,
"explicit_ai_bot_count": 0
},
"summary": "0 von 5 Policy-Datei(en) gefunden; 0 explizite KI-Bot-Regel(n) in robots.txt.",
"available": true,
"guardrails": [
"Nur feste Same-Origin-Policy-Dateien",
"Keine Off-Host-Redirects",
"64-KB-Body-Limit",
"Öffentlich nur Hash, Status und kurze relevante Zeilen"
],
"known_ai_bots": [
"GPTBot",
"ChatGPT-User",
"Google-Extended",
"ClaudeBot",
"PerplexityBot",
"CCBot"
],
"explicit_ai_bots": [],
"policy_file_count": 0,
"llms_ward_policy_status": "not_publicly_verified",
"robots_ai_policy_status": "robots_missing"
},
"adtech_transparency_evidence": {
"files": [
{
"id": "ads_txt",
"url": "https://login.noz.de/ads.txt",
"label": "ads.txt",
"reason": "http_error",
"status": "missing",
"body_size": 0,
"truncated": false,
"body_sha256": "",
"duration_ms": 303,
"http_status": 404,
"ads_txt_policy": [],
"relevant_lines": [],
"sellers_json_policy": []
},
{
"id": "app_ads_txt",
"url": "https://login.noz.de/app-ads.txt",
"label": "app-ads.txt",
"reason": "http_error",
"status": "missing",
"body_size": 0,
"truncated": false,
"body_sha256": "",
"duration_ms": 162,
"http_status": 404,
"ads_txt_policy": [],
"relevant_lines": [],
"sellers_json_policy": []
},
{
"id": "sellers_json",
"url": "https://login.noz.de/sellers.json",
"label": "sellers.json",
"reason": "http_error",
"status": "missing",
"body_size": 0,
"truncated": false,
"body_sha256": "",
"duration_ms": 138,
"http_status": 404,
"ads_txt_policy": [],
"relevant_lines": [],
"sellers_json_policy": []
}
],
"origin": "https://login.noz.de",
"schema": "https://saferpage.de/schemas/adtech-transparency-evidence.v1",
"status": "checked",
"metrics": {
"file_count": 3,
"direct_count": 0,
"reseller_count": 0,
"found_file_count": 0,
"ads_txt_entry_count": 0,
"exchange_domain_count": 0,
"app_ads_txt_entry_count": 0,
"sellers_json_seller_count": 0
},
"summary": "0 von 3 AdTech-Transparenzdatei(en) gefunden; 0 DIRECT- und 0 RESELLER-Zeile(n).",
"available": true,
"guardrails": [
"Nur feste Same-Origin-AdTech-Dateien",
"Keine Off-Host-Redirects",
"64-KB-Body-Limit",
"Öffentlich nur Hash, Status, Zähler und kurze relevante Zeilen"
],
"direct_count": 0,
"ads_txt_found": false,
"reseller_count": 0,
"app_ads_txt_found": false,
"sellers_json_found": false,
"ads_txt_entry_count": 0,
"exchange_domain_count": 0,
"sellers_json_parse_ok": false,
"app_ads_txt_entry_count": 0,
"sellers_json_seller_count": 0
},
"security_trust_policy_evidence": {
"files": [
{
"id": "security_txt",
"url": "https://login.noz.de/.well-known/security.txt",
"label": "security.txt",
"reason": "http_error",
"status": "missing",
"body_size": 0,
"truncated": false,
"body_sha256": "",
"duration_ms": 291,
"http_status": 404,
"relevant_lines": [],
"security_txt_policy": []
},
{
"id": "security_txt_legacy",
"url": "https://login.noz.de/security.txt",
"label": "security.txt legacy",
"reason": "http_error",
"status": "missing",
"body_size": 0,
"truncated": false,
"body_sha256": "",
"duration_ms": 172,
"http_status": 404,
"relevant_lines": [],
"security_txt_policy": []
}
],
"origin": "https://login.noz.de",
"schema": "https://saferpage.de/schemas/security-trust-policy-evidence.v1",
"status": "checked",
"metrics": {
"file_count": 2,
"field_count": 0,
"contact_count": 0,
"found_file_count": 0,
"preferred_well_known_found": 0
},
"summary": "0 von 2 security.txt-Ziel(en) gefunden; 0 Kontaktfeld(er), 0 strukturierte Feld(er).",
"available": true,
"guardrails": [
"Nur feste Same-Origin-security.txt-Ziele",
"Keine Off-Host-Redirects",
"64-KB-Body-Limit",
"Öffentlich nur Hash, Status und kurze relevante Zeilen"
],
"field_count": 0,
"contact_count": 0,
"fields_present": [],
"policy_present": false,
"expires_present": false,
"encryption_present": false,
"security_txt_found": false,
"preferred_well_known_found": false
},
"site_coverage_analysis": {
"color": "orange",
"pages": [],
"score": 50,
"status": "auffällig",
"summary": "0 interne Linkziele erkannt (0 aus Sitemap), 0 priorisierte Unterseite(n) zusätzlich abgerufen.",
"findings": [
{
"id": "crawl_coverage_limited",
"title": "Wenig interne Seiten auf der Startseite gefunden",
"public": true,
"category": "crawl",
"severity": "info"
},
{
"id": "important_pages_not_discovered",
"title": "Wichtige Betreiberseiten nicht vollständig in der Linkstruktur gefunden",
"public": true,
"category": "crawl",
"severity": "warning"
}
],
"robots_ok": false,
"categories": [],
"sample_limit": 4,
"sampled_count": 0,
"sampled_pages": [],
"robots_checked": true,
"sitemap_sources": [],
"sitemap_available": false,
"sitemap_url_count": 0,
"homepage_link_count": 6,
"internal_link_count": 0,
"privacy_policy_audit": [],
"sitemap_source_count": 0,
"provider_disclosure_audit": {
"found": [],
"checks": [],
"reason": "no_detected_services",
"missing": [],
"available": false
},
"important_categories_found": [],
"sampled_tracking_page_count": 0,
"sampled_form_privacy_gap_count": 0,
"sitemap_candidate_source_count": 1
},
"page_analysis": {
"h1": [
"Herzlich willkommen",
"Jetzt anmelden"
],
"h2": [],
"title": "Login - noz.de",
"keywords": [
[
"passwort",
10
],
[
"e-mail",
8
],
[
"anmelden",
7
],
[
"bitte",
6
],
[
"ihre",
6
],
[
"können",
6
],
[
"springen",
4
],
[
"ihnen",
4
],
[
"vergessen",
4
],
[
"registrieren",
3
]
],
"language": "de",
"description": "",
"favicon_url": "https://login.noz.de/images/favicon-noz.ico",
"link_counts": {
"external": 6,
"internal": 0
},
"preview_image": "/cache/screenshots/login.noz.de-160x150-02360b7570ee9573d0.png",
"screenshot_url": "/cache/screenshots/login.noz.de-160x150-02360b7570ee9573d0.png",
"external_scripts": [
"https://browser.sentry-cdn.com/6.17.1/bundle.min.js",
"https://c2.noz.de/xbuilder/experience/load?aid=m3iOnpn9pe"
],
"browser_final_url": "https://login.noz.de/?ref=https%3A%2F%2Fwww.noz.de%2F&reason=Portal&bid=mqlsliyue4l77vpi",
"meta_preview_image": "",
"screenshot_renderer": "playwright-chromium",
"external_link_targets": [
{
"host": "noz.de",
"count": 6,
"examples": [
{
"href": "https://www.noz.de/",
"text": ""
},
{
"href": "https://www.noz.de/widerruf",
"text": "Widerspruchsrecht"
},
{
"href": "https://www.noz.de/widerruf",
"text": "Klicken Sie hier für weitere Informationen zu Ihrem Widerrufsrecht."
}
],
"nofollow": 0,
"strength": "strong",
"follow_count": 6
}
]
},
"browser_analysis": {
"cookies": {
"items": [
{
"name": "__pcid",
"domain": ".noz.de",
"secure": false,
"expires": 1813461774,
"http_only": false,
"same_site": "Lax"
},
{
"name": "_pprv",
"domain": ".noz.de",
"secure": true,
"expires": 1816053774,
"http_only": false,
"same_site": "Lax"
},
{
"name": "_pcid",
"domain": ".noz.de",
"secure": true,
"expires": 1816053774,
"http_only": false,
"same_site": "Lax"
},
{
"name": "_pctx",
"domain": ".noz.de",
"secure": true,
"expires": 1816053774,
"http_only": false,
"same_site": "Lax"
}
],
"total": 4,
"third_party": 0
},
"storage": {
"total": 0,
"local_storage_keys": [],
"tracking_key_hints": [],
"local_storage_total": 0,
"session_storage_keys": [],
"session_storage_total": 0
},
"findings": [
{
"id": "unknown_vendor_jurisdiction",
"title": "Anbieter-Jurisdiktion nicht klar ableitbar",
"public": true,
"category": "privacy",
"severity": "info"
},
{
"id": "browser_keystroke_listener_signals",
"count": 5,
"title": "Viele Tastatur-/Eingabe-Listener im Browser erkannt",
"public": true,
"category": "privacy",
"severity": "info"
}
],
"renderer": "playwright-chromium",
"final_url": "https://login.noz.de/?ref=https%3A%2F%2Fwww.noz.de%2F&reason=Portal&bid=mqlsliyue4l77vpi",
"consent_ui": {
"accept_controls": [],
"accept_max_area": 0,
"reject_controls": [],
"reject_max_area": 0,
"settings_controls": [],
"first_layer_summary": "Akzeptieren 0 / Ablehnen 0 / Einstellungen 0",
"cookie_context_found": true,
"reject_less_prominent": false,
"visible_control_count": 8,
"reject_prominence_ratio": 0
},
"gpc_signal": {
"error": "",
"enabled": true,
"storage": {
"total": 0,
"tracking_key_hints": [],
"local_storage_total": 0,
"session_storage_total": 0
},
"cookie_count": 4,
"request_count": 13,
"sec_gpc_header": true,
"navigator_value": true,
"contacted_domains": [
{
"host": "login.noz.de",
"count": 10,
"category": "other",
"provider": "login.noz.de",
"third_party": false,
"category_label": "Sonstige",
"resource_types": {
"font": 4,
"image": 3,
"script": 1,
"document": 1,
"stylesheet": 1
}
},
{
"host": "browser.sentry-cdn.com",
"count": 1,
"category": "other",
"provider": "browser.sentry-cdn.com",
"third_party": true,
"category_label": "Sonstige",
"resource_types": {
"script": 1
}
},
{
"host": "c2.noz.de",
"count": 1,
"category": "other",
"provider": "c2.noz.de",
"third_party": true,
"category_label": "Sonstige",
"resource_types": {
"script": 1
}
},
{
"host": "cdn.noz.de",
"count": 1,
"category": "other",
"provider": "cdn.noz.de",
"third_party": true,
"category_label": "Sonstige",
"resource_types": {
"script": 1
}
}
],
"contacted_domain_count": 4,
"privacy_relevant_domains": [],
"third_party_cookie_count": 0,
"third_party_domain_count": 3,
"privacy_relevant_domain_count": 0
},
"screenshot": {
"fit": "contain",
"width": 160,
"height": 150,
"source_width": 1024,
"source_height": 960,
"source_capture": "full_page",
"capture_version": "contain-v4-viewport-transparency-160x150"
},
"consent_apis": {
"cmpapi": false,
"tcfapi": false,
"onetrust": false,
"cookiebot": false,
"data_layer": false,
"cmp_detected": false,
"usercentrics": false,
"google_tag_data": false
},
"accept_signal": {
"error": "",
"enabled": false,
"storage": {
"total": 0,
"tracking_key_hints": [],
"local_storage_total": 0,
"session_storage_total": 0
},
"clicked_text": "",
"accept_clicked": false,
"accept_available": false,
"contacted_domains": [],
"contacted_domain_count": 0,
"new_domains_after_accept": [],
"privacy_relevant_domains": [],
"third_party_domain_count": 0,
"cookie_count_after_accept": 0,
"cookie_count_before_accept": 0,
"request_count_after_accept": 0,
"storage_count_after_accept": 0,
"request_count_before_accept": 0,
"new_cookie_count_after_accept": 0,
"privacy_relevant_domain_count": 0,
"new_request_count_after_accept": 0,
"third_party_cookie_count_after_accept": 0,
"storage_tracking_hint_count_after_accept": 0,
"new_privacy_relevant_domains_after_accept": [],
"new_privacy_relevant_domain_count_after_accept": 0
},
"request_count": 13,
"top_providers": [
{
"provider": "browser.sentry-cdn.com",
"request_count": 1
},
{
"provider": "c2.noz.de",
"request_count": 1
},
{
"provider": "cdn.noz.de",
"request_count": 1
}
],
"request_samples": [
{
"host": "browser.sentry-cdn.com",
"method": "GET",
"referrer": {
"host": "login.noz.de",
"has_path": false,
"has_query": false,
"same_site": true,
"path_depth": 0,
"query_keys": [],
"sensitive_query_key_count": 0
},
"has_query": false,
"path_depth": 2,
"query_keys": [],
"third_party": true,
"resource_type": "script",
"query_key_count": 0,
"url_value_param_count": 0,
"sensitive_query_key_count": 0,
"target_url_value_param_count": 0
},
{
"host": "c2.noz.de",
"method": "GET",
"referrer": {
"host": "login.noz.de",
"has_path": false,
"has_query": false,
"same_site": true,
"path_depth": 0,
"query_keys": [],
"sensitive_query_key_count": 0
},
"has_query": true,
"path_depth": 3,
"query_keys": [
"aid"
],
"third_party": true,
"resource_type": "script",
"query_key_count": 1,
"url_value_param_count": 0,
"sensitive_query_key_count": 0,
"target_url_value_param_count": 0
},
{
"host": "cdn.noz.de",
"method": "GET",
"referrer": {
"host": "login.noz.de",
"has_path": false,
"has_query": false,
"same_site": true,
"path_depth": 0,
"query_keys": [],
"sensitive_query_key_count": 0
},
"has_query": false,
"path_depth": 2,
"query_keys": [],
"third_party": true,
"resource_type": "script",
"query_key_count": 0,
"url_value_param_count": 0,
"sensitive_query_key_count": 0,
"target_url_value_param_count": 0
}
],
"cmp_consent_state": {
"tcf": {
"api_found": false,
"vendor_li": [],
"cmp_loaded": false,
"cmp_status": "",
"purpose_li": [],
"event_status": "",
"gdpr_applies": null,
"ping_success": false,
"policy_version": "",
"vendor_consents": [],
"vendor_li_count": 0,
"purpose_consents": [],
"purpose_li_count": 0,
"tc_string_length": 0,
"tc_string_present": false,
"vendor_consent_count": 0,
"purpose_consent_count": 0
},
"onetrust": {
"found": false,
"active_groups": [],
"active_group_count": 0
},
"cookiebot": {
"found": false,
"declined": false,
"consented": false,
"has_response": false,
"consent_marketing": null,
"consent_statistics": null,
"consent_preferences": null
},
"usercentrics": {
"found": false,
"has_response": false,
"services_count": 0,
"accepted_services_count": 0
}
},
"contacted_domains": [
{
"host": "login.noz.de",
"count": 10,
"category": "other",
"provider": "login.noz.de",
"third_party": false,
"category_label": "Sonstige",
"resource_types": {
"font": 4,
"image": 3,
"script": 1,
"document": 1,
"stylesheet": 1
}
},
{
"host": "browser.sentry-cdn.com",
"count": 1,
"category": "other",
"provider": "browser.sentry-cdn.com",
"third_party": true,
"category_label": "Sonstige",
"resource_types": {
"script": 1
}
},
{
"host": "c2.noz.de",
"count": 1,
"category": "other",
"provider": "c2.noz.de",
"third_party": true,
"category_label": "Sonstige",
"resource_types": {
"script": 1
}
},
{
"host": "cdn.noz.de",
"count": 1,
"category": "other",
"provider": "cdn.noz.de",
"third_party": true,
"category_label": "Sonstige",
"resource_types": {
"script": 1
}
}
],
"rendered_page_text": {
"length": 277,
"available": true
},
"privacy_api_metrics": {
"api_calls": {
"keyboard_input_listener_count": 5
},
"beacon_count": 0,
"webgl_read_count": 0,
"canvas_read_count": 0,
"audio_context_count": 0,
"canvas_export_count": 0,
"fetch_keepalive_count": 0,
"webgl_parameter_count": 0,
"mutation_observer_count": 0,
"keyboard_input_listener_count": 5
},
"tcf_consent_analysis": {
"color": "green",
"score": 100,
"status": "unauffällig",
"summary": "TCF-Decoder: 0 Zweck(e) mit Consent/LI-Signal, 0 Vendor-Consent(s), 0 Vendor-LI-Signal(e).",
"findings": [],
"api_found": false,
"available": false,
"cmp_loaded": false,
"cmp_status": "",
"event_status": "",
"gdpr_applies": null,
"ping_success": false,
"purpose_rows": [
{
"id": 1,
"label": "Informationen auf einem Gerät speichern und/oder abrufen",
"status": "nicht_erlaubt",
"risk_level": "niedrig",
"consent_granted": false,
"legitimate_interest_granted": false
},
{
"id": 2,
"label": "Einfache Anzeigen auswählen",
"status": "nicht_erlaubt",
"risk_level": "niedrig",
"consent_granted": false,
"legitimate_interest_granted": false
},
{
"id": 3,
"label": "Personalisiertes Anzeigen-Profil erstellen",
"status": "nicht_erlaubt",
"risk_level": "niedrig",
"consent_granted": false,
"legitimate_interest_granted": false
},
{
"id": 4,
"label": "Personalisierte Anzeigen auswählen",
"status": "nicht_erlaubt",
"risk_level": "niedrig",
"consent_granted": false,
"legitimate_interest_granted": false
},
{
"id": 5,
"label": "Personalisiertes Inhalts-Profil erstellen",
"status": "nicht_erlaubt",
"risk_level": "niedrig",
"consent_granted": false,
"legitimate_interest_granted": false
},
{
"id": 6,
"label": "Personalisierte Inhalte auswählen",
"status": "nicht_erlaubt",
"risk_level": "niedrig",
"consent_granted": false,
"legitimate_interest_granted": false
},
{
"id": 7,
"label": "Anzeigen-Leistung messen",
"status": "nicht_erlaubt",
"risk_level": "niedrig",
"consent_granted": false,
"legitimate_interest_granted": false
},
{
"id": 8,
"label": "Inhalte-Leistung messen",
"status": "nicht_erlaubt",
"risk_level": "niedrig",
"consent_granted": false,
"legitimate_interest_granted": false
},
{
"id": 9,
"label": "Marktforschung zur Generierung von Erkenntnissen nutzen",
"status": "nicht_erlaubt",
"risk_level": "niedrig",
"consent_granted": false,
"legitimate_interest_granted": false
},
{
"id": 10,
"label": "Produkte entwickeln und verbessern",
"status": "nicht_erlaubt",
"risk_level": "niedrig",
"consent_granted": false,
"legitimate_interest_granted": false
},
{
"id": 11,
"label": "Begrenzte Daten zur Anzeigen-Auswahl verwenden",
"status": "nicht_erlaubt",
"risk_level": "niedrig",
"consent_granted": false,
"legitimate_interest_granted": false
}
],
"vendor_li_ids": [],
"policy_version": "",
"vendor_li_count": 0,
"purpose_li_count": 0,
"tc_string_length": 0,
"tc_string_present": false,
"vendor_consent_ids": [],
"granted_purpose_rows": [],
"vendor_consent_count": 0,
"purpose_consent_count": 0,
"high_risk_purpose_count": 0,
"medium_risk_purpose_count": 0
},
"viewport_transparency": {
"samples": [
{
"tag": "a",
"top": 729,
"href": "https://www.noz.de/datenschutz",
"left": 518,
"text": "Datenschutzhinweise",
"width": 125,
"height": 17,
"category": "privacy_notice"
},
{
"tag": "a",
"top": 729,
"href": "https://www.noz.de/impressum",
"left": 652,
"text": "Impressum",
"width": 68,
"height": 17,
"category": "imprint"
}
],
"available": true,
"sample_count": 2,
"claim_boundary": "Sichtbarkeits-Evidence aus dem ersten Headless-Chromium-Viewport; keine Aussage ueber Footer nach Scrollen, Loginbereiche oder rechtliche Vollstaendigkeit.",
"viewport_width": 1024,
"category_counts": {
"imprint": 1,
"privacy_notice": 1
},
"contact_visible": false,
"imprint_visible": true,
"viewport_height": 960,
"cookie_consent_visible": false,
"privacy_notice_visible": true
},
"consent_journey_matrix": {
"color": "green",
"items": [
{
"host": "browser.sentry-cdn.com",
"states": {
"gpc": 1,
"default": 1
},
"category": "other",
"provider": "browser.sentry-cdn.com",
"category_label": "Sonstige",
"privacy_relevant": false,
"total_request_count": 2
},
{
"host": "c2.noz.de",
"states": {
"gpc": 1,
"default": 1
},
"category": "other",
"provider": "c2.noz.de",
"category_label": "Sonstige",
"privacy_relevant": false,
"total_request_count": 2
},
{
"host": "cdn.noz.de",
"states": {
"gpc": 1,
"default": 1
},
"category": "other",
"provider": "cdn.noz.de",
"category_label": "Sonstige",
"privacy_relevant": false,
"total_request_count": 2
}
],
"score": 100,
"states": [
{
"id": "default",
"label": "Erstaufruf",
"description": "Kontakte ohne Nutzeraktion",
"domain_count": 3,
"request_count": 3,
"privacy_relevant_domain_count": 0
},
{
"id": "reject_new",
"label": "Nach Ablehnen neu",
"description": "Neue Kontakte nach Ablehnen-Klick",
"domain_count": 0,
"request_count": 0,
"privacy_relevant_domain_count": 0
},
{
"id": "accept_new",
"label": "Nach Akzeptieren neu",
"description": "Neue Kontakte nach Akzeptieren-Klick",
"domain_count": 0,
"request_count": 0,
"privacy_relevant_domain_count": 0
},
{
"id": "gpc",
"label": "GPC-Aufruf",
"description": "Kontakte bei Global Privacy Control",
"domain_count": 3,
"request_count": 3,
"privacy_relevant_domain_count": 0
}
],
"status": "unauffällig",
"summary": "Consent-Journey: 0 neue Datenschutz-Domain(s) nach Ablehnen, 0 nach Akzeptieren, 0 im GPC-Aufruf.",
"gpc_privacy_relevant_domain_count": 0,
"accept_privacy_relevant_domain_count": 0,
"reject_privacy_relevant_domain_count": 0
},
"consent_state_evidence": {
"rows": [
{
"id": "default",
"label": "Erstaufruf",
"status": "ohne Nutzeraktion",
"evidence": "Baseline aus erstem Chromium-Aufruf ohne Banner-Interaktion.",
"risk_level": "niedrig",
"cookie_count": 4,
"domain_count": 4,
"request_count": 13,
"storage_total": 0,
"new_cookie_count": 4,
"third_party_cookie_count": 0,
"storage_tracking_hint_count": 0,
"privacy_relevant_domain_count": 0
},
{
"id": "reject",
"label": "Nach Ablehnen",
"status": "nicht verfügbar",
"evidence": "",
"risk_level": "niedrig",
"cookie_count": 4,
"domain_count": 0,
"request_count": 0,
"storage_total": 0,
"new_cookie_count": 0,
"third_party_cookie_count": 0,
"storage_tracking_hint_count": 0,
"privacy_relevant_domain_count": 0
},
{
"id": "accept",
"label": "Nach Akzeptieren",
"status": "nicht ausgeführt",
"evidence": "",
"risk_level": "niedrig",
"cookie_count": 0,
"domain_count": 0,
"request_count": 0,
"storage_total": 0,
"new_cookie_count": 0,
"third_party_cookie_count": 0,
"storage_tracking_hint_count": 0,
"privacy_relevant_domain_count": 0
},
{
"id": "gpc",
"label": "GPC-Aufruf",
"status": "aktiv",
"evidence": "Navigator-GPC und Sec-GPC wurden im gesonderten Browserlauf gesetzt.",
"risk_level": "niedrig",
"cookie_count": 4,
"domain_count": 4,
"request_count": 13,
"storage_total": 0,
"new_cookie_count": 0,
"third_party_cookie_count": 0,
"storage_tracking_hint_count": 0,
"privacy_relevant_domain_count": 0
}
],
"color": "green",
"score": 100,
"status": "unauffällig",
"summary": "Consent-State-Evidence: 4 Zustände verglichen, 0 hoch auffällig, 0 mittel auffällig.",
"findings": [],
"available": true,
"high_count": 0,
"medium_count": 0
},
"contacted_domain_count": 4,
"fingerprinting_analysis": {
"color": "green",
"score": 98,
"checks": [
{
"id": "canvas",
"ok": true,
"count": 0,
"label": "Canvas-Auslese",
"detail": "0 Pixel-Lesezugriff(e), 0 Export(e)."
},
{
"id": "webgl",
"ok": true,
"count": 0,
"label": "WebGL-Merkmale",
"detail": "0 Parameterzugriff(e), 0 Pixel-Lesezugriff(e)."
},
{
"id": "audio",
"ok": true,
"count": 0,
"label": "AudioContext",
"detail": "0 AudioContext/OfflineAudioContext-Aufruf(e)."
},
{
"id": "session_replay",
"ok": true,
"count": 0,
"label": "Session-Replay-Anbieter",
"detail": "Keine bekannten Anbieter erkannt."
},
{
"id": "input_listeners",
"ok": false,
"count": 5,
"label": "Tastatur-/Eingabe-Listener",
"detail": "5 Tastatur-/Input-Listener, 16 Interaktions-Listener, 0 MutationObserver."
}
],
"status": "unauffällig",
"metrics": {
"webgl_read_count": 0,
"canvas_read_count": 0,
"audio_context_count": 0,
"canvas_export_count": 0,
"webgl_parameter_count": 0,
"mutation_observer_count": 0,
"keyboard_input_listener_count": 5
},
"summary": "1 Fingerprinting-/Session-Replay-Hinweis(e) aus dem Browserlauf.",
"findings": [
{
"id": "browser_keystroke_listener_signals",
"count": 5,
"title": "Viele Tastatur-/Eingabe-Listener im Browser erkannt",
"public": true,
"category": "privacy",
"severity": "info"
}
],
"finding_count": 1,
"session_replay_domains": []
},
"privacy_relevant_domains": [],
"provider_category_counts": {
"other": 3
},
"provider_category_labels": {
"other": "other"
},
"third_party_domain_count": 3,
"embedded_content_analysis": {
"color": "green",
"items": [],
"score": 100,
"status": "unauffällig",
"summary": "0 externe Embed-/Widget-Dienst(e), 0 davon im ersten Browseraufruf geladen.",
"findings": [],
"map_count": 0,
"total_count": 0,
"video_count": 0,
"captcha_count": 0,
"category_counts": [],
"social_widget_count": 0,
"loaded_pre_consent_count": 0,
"request_count_by_provider": []
},
"referrer_leakage_analysis": {
"color": "green",
"items": [],
"score": 100,
"status": "unauffällig",
"summary": "0 Drittanbieter-Domain(s) mit Referrer-/URL-Leak-Prüfbedarf, 0 sensible Query-Kontexte.",
"findings": [],
"sample_count": 3,
"full_referrer_count": 0,
"page_url_param_count": 0,
"affected_domain_count": 0,
"sensitive_query_count": 0
},
"third_party_contact_matrix": {
"color": "green",
"items": [
{
"host": "browser.sentry-cdn.com",
"region": "unbekannt",
"status": "prüfen",
"category": "other",
"provider": "browser.sentry-cdn.com",
"risk_level": "niedrig",
"request_count": 1,
"transfer_risk": "mittel",
"category_label": "Sonstige",
"resource_types": [
{
"type": "script",
"count": 1
}
],
"transfer_label": "Jurisdiktion unklar",
"privacy_relevant": false
},
{
"host": "c2.noz.de",
"region": "EU/EWR",
"status": "prüfen",
"category": "other",
"provider": "c2.noz.de",
"risk_level": "niedrig",
"request_count": 1,
"transfer_risk": "niedrig",
"category_label": "Sonstige",
"resource_types": [
{
"type": "script",
"count": 1
}
],
"transfer_label": "EU/EWR",
"privacy_relevant": false
},
{
"host": "cdn.noz.de",
"region": "EU/EWR",
"status": "prüfen",
"category": "other",
"provider": "cdn.noz.de",
"risk_level": "niedrig",
"request_count": 1,
"transfer_risk": "niedrig",
"category_label": "Sonstige",
"resource_types": [
{
"type": "script",
"count": 1
}
],
"transfer_label": "EU/EWR",
"privacy_relevant": false
}
],
"score": 95,
"status": "unauffällig",
"summary": "3 Drittanbieter-Domain(s) beim ersten Browseraufruf, davon 0 datenschutzrelevant.",
"category_counts": {
"Sonstige": 3
},
"total_domain_count": 3,
"total_request_count": 3,
"privacy_relevant_count": 0,
"transfer_risk_analysis": {
"color": "green",
"items": [
{
"host": "browser.sentry-cdn.com",
"region": "unbekannt",
"provider": "browser.sentry-cdn.com",
"request_count": 1,
"transfer_risk": "mittel",
"category_label": "Sonstige",
"transfer_label": "Jurisdiktion unklar",
"privacy_relevant": false
},
{
"host": "c2.noz.de",
"region": "EU/EWR",
"provider": "c2.noz.de",
"request_count": 1,
"transfer_risk": "niedrig",
"category_label": "Sonstige",
"transfer_label": "EU/EWR",
"privacy_relevant": false
},
{
"host": "cdn.noz.de",
"region": "EU/EWR",
"provider": "cdn.noz.de",
"request_count": 1,
"transfer_risk": "niedrig",
"category_label": "Sonstige",
"transfer_label": "EU/EWR",
"privacy_relevant": false
}
],
"score": 92,
"status": "unauffällig",
"summary": "3 Drittanbieter für Transfer-/Jurisdiktionsprüfung, 0 mit hohem Prüfbedarf, 1 unklar.",
"findings": [
{
"id": "unknown_vendor_jurisdiction",
"title": "Anbieter-Jurisdiktion nicht klar ableitbar",
"public": true,
"category": "privacy",
"severity": "info"
}
],
"unknown_count": 1,
"high_risk_count": 0,
"total_vendor_count": 3,
"third_country_count": 0
}
},
"rendered_transparency_links": [
{
"top": 729,
"href": "https://www.noz.de/datenschutz",
"left": 518,
"text": "Datenschutzhinweise",
"visible": true,
"category": "privacy_notice"
},
{
"top": 729,
"href": "https://www.noz.de/impressum",
"left": 652,
"text": "Impressum",
"visible": true,
"category": "imprint"
}
],
"privacy_relevant_domain_count": 0,
"tracking_pixel_beacon_analysis": {
"color": "green",
"items": [],
"score": 100,
"status": "unauffällig",
"summary": "0 Pixel-/Bildtracking-Hinweis(e), 0 Beacon-/Telemetry-Hinweis(e), 0 Link-Ping(s).",
"findings": [],
"pixel_count": 0,
"link_ping_count": 0,
"telemetry_count": 0,
"beacon_api_count": 0,
"third_party_count": 0,
"fetch_keepalive_count": 0,
"privacy_relevant_count": 0,
"beacon_code_reference_count": 0,
"fetch_keepalive_reference_count": 0
}
},
"privacy_analysis": {
"cookies": {
"items": [],
"total": 0,
"tracking": [],
"pre_consent": [],
"missing_secure": [],
"missing_samesite": [],
"pre_consent_tracking": [],
"pre_consent_nonessential": []
},
"findings": [],
"tracking_ids": [],
"tracking_scripts": [],
"consent_hint_found": false,
"privacy_policy_hint_found": true
},
"consent_audit": {
"color": "orange",
"score": 50,
"checks": [
{
"id": "banner_visible",
"ok": true,
"label": "Cookie-/Consent-Hinweis sichtbar",
"detail": "Ein Hinweis mit Cookie-/Einwilligungsbezug wurde im sichtbaren Text erkannt."
},
{
"id": "reject_visible",
"ok": false,
"label": "Ablehnen gleichwertig erreichbar",
"detail": "Ablehnen oder nur notwendige Cookies wurde im Text oder Browser erkannt. Browser-Buttons: 0."
},
{
"id": "settings_visible",
"ok": false,
"label": "Einstellungen oder Auswahl vorhanden",
"detail": "Eine Einstellungs- oder Auswahlmoeglichkeit wurde im Text oder Browser erkannt. Browser-Buttons: 0."
},
{
"id": "browser_reject_visible",
"ok": true,
"label": "Ablehnen im sichtbaren Banner",
"detail": "Sichtbare Banner-Controls: Akzeptieren 0, Ablehnen 0, Einstellungen 0."
},
{
"id": "browser_settings_visible",
"ok": true,
"label": "Einstellungen im sichtbaren Banner",
"detail": "Sichtbare Banner-Controls: Akzeptieren 0, Ablehnen 0, Einstellungen 0."
},
{
"id": "reject_equally_prominent",
"ok": true,
"label": "Ablehnen nicht deutlich schwaecher dargestellt",
"detail": "Groessen-Verhältnis Ablehnen/Akzeptieren: nicht messbar."
},
{
"id": "reject_button_clickable",
"ok": true,
"label": "Ablehnen technisch klickbar",
"detail": "Wenn ein Ablehnen-Button sichtbar ist, klickt SaferPage ihn im Chromium-Browser einmal an."
},
{
"id": "no_new_cookies_after_reject",
"ok": true,
"label": "Keine neuen Cookies nach Ablehnen",
"detail": "0 neue Cookie(s) nach dem Ablehnen-Klick."
},
{
"id": "no_tracking_storage_after_reject",
"ok": true,
"label": "Kein Tracking-Storage nach Ablehnen",
"detail": "0 Tracking-Hinweis(e) im Web Storage nach Ablehnen."
},
{
"id": "no_privacy_domains_after_reject",
"ok": true,
"label": "Keine neuen Tracking-Kontakte nach Ablehnen",
"detail": "0 neue datenschutzrelevante Domain(s) nach Ablehnen."
},
{
"id": "gpc_signal_respected",
"ok": true,
"label": "GPC-Signal ohne Tracking-Hinweise",
"detail": "GPC-Aufruf: 0 datenschutzrelevante Domain(s), 0 Drittanbieter-Cookie(s), 0 Storage-Hinweis(e)."
},
{
"id": "no_tracking_cookies_before_consent",
"ok": true,
"label": "Keine Tracking-Cookies vor Einwilligung",
"detail": "0 Tracking-Cookie(s) im Erstaufruf."
},
{
"id": "no_nonessential_cookies_before_consent",
"ok": false,
"label": "Keine nicht notwendigen Cookies vor Einwilligung",
"detail": "4 moeglicherweise nicht notwendige Cookie(s) im Erstaufruf."
},
{
"id": "third_parties_explained",
"ok": true,
"label": "Drittanbieter begrenzt und erklaerbar",
"detail": "0 datenschutzrelevante Drittanbieter-Domain(s), 3 Drittanbieter insgesamt."
},
{
"id": "storage_without_tracking_hints",
"ok": true,
"label": "Web Storage ohne Tracking-Hinweise",
"detail": "0 Storage-Key(s), 0 Tracking-Hinweis(e)."
},
{
"id": "cmp_api_detected_when_needed",
"ok": true,
"label": "CMP-/TCF-Signal bei Tracking erkennbar",
"detail": "Gängige CMP-/TCF-Indikatoren: __tcfapi, __cmp, Cookiebot, OneTrust oder Usercentrics."
},
{
"id": "accept_click_documented",
"ok": true,
"label": "Akzeptieren-Klick nachvollziehbar",
"detail": "Accept-Test: nicht ausgefuehrt, neue Requests 0, neue Cookies 0, neue Datenschutz-Domains 0."
},
{
"id": "cmp_state_readable",
"ok": true,
"label": "CMP-/TCF-Zustand auslesbar",
"detail": "TCF TC-String: nein, Cookiebot: nein, OneTrust: nein, Usercentrics: nein."
},
{
"id": "cmp_default_restrictive",
"ok": true,
"label": "CMP-Default wirkt restriktiv",
"detail": "TCF Purposes erlaubt: 0, TCF Vendors erlaubt: 0, Cookiebot Statistik/Marketing: nein."
}
],
"status": "auffällig",
"summary": "Consent, Tracking oder Drittanbieter wirken im Erstaufruf deutlich nachbesserungsbeduerftig.",
"evidence": [
"4 Cookie(s) beim ersten Aufruf aus HTTP-Headern und Chromium",
"0 Tracking-Script(s) im HTML",
"0 datenschutzrelevante Drittanbieter-Domain(s)",
"0 Storage-Key(s), 0 Tracking-Hinweis(e)",
"Consent-Banner-Controls: Akzeptieren 0, Ablehnen 0, Einstellungen 0",
"Ablehnen/Akzeptieren-Prominenz: nicht messbar",
"Reject-Test: nicht ausgefuehrt, neue Cookies 0, Tracking-Storage 0, neue Datenschutz-Domains 0",
"Accept-Test: nicht ausgefuehrt, neue Requests 0, neue Cookies 0, neue Datenschutz-Domains 0, Drittanbieter-Cookies 0",
"CMP-State: TCF-String nein, TCF Purposes 0, TCF Vendors 0, Cookiebot nein, OneTrust-Gruppen 0, Usercentrics-Services 0",
"GPC-Test: aktiv, Datenschutz-Domains 0, Drittanbieter-Cookies 0, Storage-Hinweise 0",
"CMP-/TCF-Signal: nein",
"Google Consent Default: nein"
],
"gpc_enabled": true,
"cmp_detected": false,
"blocking_plan": {
"items": [
{
"kind": "cookie",
"level": "mittel",
"source": "noz.de",
"target": "__pcid",
"recipes": [
{
"tool": "Google Tag Manager"
},
{
"tool": "Cookiebot"
},
{
"tool": "Usercentrics"
},
{
"tool": "OneTrust"
},
{
"tool": "Developer-Fallback"
}
],
"category": "unknown",
"evidence": "vor Consent gesetzt · noz.de · lang (364 Tage)",
"category_label": "Unklar"
},
{
"kind": "cookie",
"level": "mittel",
"source": "noz.de",
"target": "_pcid",
"recipes": [
{
"tool": "Google Tag Manager"
},
{
"tool": "Cookiebot"
},
{
"tool": "Usercentrics"
},
{
"tool": "OneTrust"
},
{
"tool": "Developer-Fallback"
}
],
"category": "unknown",
"evidence": "vor Consent gesetzt · noz.de · lang (394 Tage)",
"category_label": "Unklar"
},
{
"kind": "cookie",
"level": "mittel",
"source": "noz.de",
"target": "_pctx",
"recipes": [
{
"tool": "Google Tag Manager"
},
{
"tool": "Cookiebot"
},
{
"tool": "Usercentrics"
},
{
"tool": "OneTrust"
},
{
"tool": "Developer-Fallback"
}
],
"category": "unknown",
"evidence": "vor Consent gesetzt · noz.de · lang (394 Tage)",
"category_label": "Unklar"
},
{
"kind": "cookie",
"level": "mittel",
"source": "noz.de",
"target": "_pprv",
"recipes": [
{
"tool": "Google Tag Manager"
},
{
"tool": "Cookiebot"
},
{
"tool": "Usercentrics"
},
{
"tool": "OneTrust"
},
{
"tool": "Developer-Fallback"
}
],
"category": "unknown",
"evidence": "vor Consent gesetzt · noz.de · lang (394 Tage)",
"category_label": "Unklar"
}
],
"summary": "4 Blockier-/Consent-Maßnahme(n) abgeleitet: 0 hoch, 4 mittel.",
"available": true,
"high_count": 0,
"total_count": 4,
"type_counts": {
"cookie": 4
},
"medium_count": 4
},
"tcf_api_found": false,
"cookiebot_found": false,
"accept_test_enabled": false,
"browser_cookie_count": 4,
"accept_button_clicked": false,
"browser_storage_count": 0,
"reject_button_clicked": false,
"reject_less_prominent": false,
"tcf_tc_string_present": false,
"tracking_script_count": 0,
"accept_button_available": false,
"reject_button_available": false,
"reject_prominence_ratio": 0,
"pre_consent_cookie_count": 4,
"pre_consent_cookie_names": [
"__pcid",
"_pcid",
"_pctx",
"_pprv"
],
"tcf_vendor_consent_count": 0,
"third_party_domain_count": 3,
"tcf_purpose_consent_count": 0,
"onetrust_active_group_count": 0,
"usercentrics_services_count": 0,
"browser_accept_control_count": 0,
"browser_cookie_context_found": true,
"browser_reject_control_count": 0,
"gpc_third_party_cookie_count": 0,
"post_accept_new_cookie_count": 0,
"post_reject_new_cookie_count": 0,
"post_accept_new_request_count": 0,
"browser_settings_control_count": 0,
"gpc_storage_tracking_hint_count": 0,
"cookiebot_marketing_or_statistics": false,
"gpc_privacy_relevant_domain_count": 0,
"pre_consent_tracking_cookie_count": 0,
"pre_consent_tracking_cookie_names": [],
"privacy_relevant_third_party_count": 0,
"browser_storage_tracking_hint_count": 0,
"post_accept_third_party_cookie_count": 0,
"pre_consent_nonessential_cookie_count": 4,
"pre_consent_nonessential_cookie_names": [
"__pcid",
"_pcid",
"_pctx",
"_pprv"
],
"post_accept_storage_tracking_hint_count": 0,
"post_reject_storage_tracking_hint_count": 0,
"post_accept_privacy_relevant_domain_count": 0,
"post_reject_privacy_relevant_domain_count": 0
},
"cookie_inventory": {
"color": "yellow",
"items": [
{
"name": "__pcid",
"domain": "noz.de",
"secure": false,
"sources": [
"browser_first_load"
],
"category": "unknown",
"provider": "noz.de",
"tracking": false,
"http_only": false,
"same_site": "Lax",
"expires_at": "2027-06-20T03:22:54+00:00",
"long_lived": true,
"persistent": true,
"first_party": true,
"origin_host": "login.noz.de",
"pre_consent": true,
"source_label": "Chromium-Erstaufruf",
"category_label": "Unklar",
"retention_risk": "mittel",
"expires_in_days": 364,
"origin_evidence": "Vom geprüften Host oder aus dem Browser-Erstaufruf abgeleitet.",
"origin_provider": "noz.de",
"retention_class": "long",
"retention_label": "lang (364 Tage)",
"likely_essential": false,
"origin_script_url": "",
"origin_resource_type": ""
},
{
"name": "_pcid",
"domain": "noz.de",
"secure": true,
"sources": [
"browser_first_load"
],
"category": "unknown",
"provider": "noz.de",
"tracking": false,
"http_only": false,
"same_site": "Lax",
"expires_at": "2027-07-20T03:22:54+00:00",
"long_lived": true,
"persistent": true,
"first_party": true,
"origin_host": "login.noz.de",
"pre_consent": true,
"source_label": "Chromium-Erstaufruf",
"category_label": "Unklar",
"retention_risk": "mittel",
"expires_in_days": 394,
"origin_evidence": "Vom geprüften Host oder aus dem Browser-Erstaufruf abgeleitet.",
"origin_provider": "noz.de",
"retention_class": "long",
"retention_label": "lang (394 Tage)",
"likely_essential": false,
"origin_script_url": "",
"origin_resource_type": ""
},
{
"name": "_pctx",
"domain": "noz.de",
"secure": true,
"sources": [
"browser_first_load"
],
"category": "unknown",
"provider": "noz.de",
"tracking": false,
"http_only": false,
"same_site": "Lax",
"expires_at": "2027-07-20T03:22:54+00:00",
"long_lived": true,
"persistent": true,
"first_party": true,
"origin_host": "login.noz.de",
"pre_consent": true,
"source_label": "Chromium-Erstaufruf",
"category_label": "Unklar",
"retention_risk": "mittel",
"expires_in_days": 394,
"origin_evidence": "Vom geprüften Host oder aus dem Browser-Erstaufruf abgeleitet.",
"origin_provider": "noz.de",
"retention_class": "long",
"retention_label": "lang (394 Tage)",
"likely_essential": false,
"origin_script_url": "",
"origin_resource_type": ""
},
{
"name": "_pprv",
"domain": "noz.de",
"secure": true,
"sources": [
"browser_first_load"
],
"category": "unknown",
"provider": "noz.de",
"tracking": false,
"http_only": false,
"same_site": "Lax",
"expires_at": "2027-07-20T03:22:54+00:00",
"long_lived": true,
"persistent": true,
"first_party": true,
"origin_host": "login.noz.de",
"pre_consent": true,
"source_label": "Chromium-Erstaufruf",
"category_label": "Unklar",
"retention_risk": "mittel",
"expires_in_days": 394,
"origin_evidence": "Vom geprüften Host oder aus dem Browser-Erstaufruf abgeleitet.",
"origin_provider": "noz.de",
"retention_class": "long",
"retention_label": "lang (394 Tage)",
"likely_essential": false,
"origin_script_url": "",
"origin_resource_type": ""
}
],
"score": 85,
"total": 4,
"status": "prüfen",
"summary": "4 Cookie(s) inventarisiert: 0 Tracking-/Werbe-Cookie(s), 0 Drittanbieter-Cookie(s), 4 langlebige Cookie(s), 0 sehr lange Laufzeit(en).",
"findings": [
{
"id": "long_lived_cookie",
"count": 4,
"title": "Langlebige Cookies erkannt",
"public": true,
"category": "privacy",
"severity": "info"
}
],
"categories": {
"unknown": 4
},
"tracking_count": 0,
"category_labels": {
"consent": "Consent",
"payment": "Zahlung",
"unknown": "Unklar",
"security": "Sicherheit",
"analytics": "Analytics",
"necessary": "Notwendig",
"functional": "Funktional",
"advertising": "Werbung"
},
"long_lived_count": 4,
"persistent_count": 4,
"first_party_count": 4,
"pre_consent_count": 4,
"retention_classes": {
"long": 4
},
"third_party_count": 0,
"missing_secure_count": 1,
"retention_risk_count": 4,
"retention_risk_items": [
{
"name": "__pcid",
"domain": "noz.de",
"secure": false,
"sources": [
"browser_first_load"
],
"category": "unknown",
"provider": "noz.de",
"tracking": false,
"http_only": false,
"same_site": "Lax",
"expires_at": "2027-06-20T03:22:54+00:00",
"long_lived": true,
"persistent": true,
"first_party": true,
"origin_host": "login.noz.de",
"pre_consent": true,
"source_label": "Chromium-Erstaufruf",
"category_label": "Unklar",
"retention_risk": "mittel",
"expires_in_days": 364,
"origin_evidence": "Vom geprüften Host oder aus dem Browser-Erstaufruf abgeleitet.",
"origin_provider": "noz.de",
"retention_class": "long",
"retention_label": "lang (364 Tage)",
"likely_essential": false,
"origin_script_url": "",
"origin_resource_type": ""
},
{
"name": "_pcid",
"domain": "noz.de",
"secure": true,
"sources": [
"browser_first_load"
],
"category": "unknown",
"provider": "noz.de",
"tracking": false,
"http_only": false,
"same_site": "Lax",
"expires_at": "2027-07-20T03:22:54+00:00",
"long_lived": true,
"persistent": true,
"first_party": true,
"origin_host": "login.noz.de",
"pre_consent": true,
"source_label": "Chromium-Erstaufruf",
"category_label": "Unklar",
"retention_risk": "mittel",
"expires_in_days": 394,
"origin_evidence": "Vom geprüften Host oder aus dem Browser-Erstaufruf abgeleitet.",
"origin_provider": "noz.de",
"retention_class": "long",
"retention_label": "lang (394 Tage)",
"likely_essential": false,
"origin_script_url": "",
"origin_resource_type": ""
},
{
"name": "_pctx",
"domain": "noz.de",
"secure": true,
"sources": [
"browser_first_load"
],
"category": "unknown",
"provider": "noz.de",
"tracking": false,
"http_only": false,
"same_site": "Lax",
"expires_at": "2027-07-20T03:22:54+00:00",
"long_lived": true,
"persistent": true,
"first_party": true,
"origin_host": "login.noz.de",
"pre_consent": true,
"source_label": "Chromium-Erstaufruf",
"category_label": "Unklar",
"retention_risk": "mittel",
"expires_in_days": 394,
"origin_evidence": "Vom geprüften Host oder aus dem Browser-Erstaufruf abgeleitet.",
"origin_provider": "noz.de",
"retention_class": "long",
"retention_label": "lang (394 Tage)",
"likely_essential": false,
"origin_script_url": "",
"origin_resource_type": ""
},
{
"name": "_pprv",
"domain": "noz.de",
"secure": true,
"sources": [
"browser_first_load"
],
"category": "unknown",
"provider": "noz.de",
"tracking": false,
"http_only": false,
"same_site": "Lax",
"expires_at": "2027-07-20T03:22:54+00:00",
"long_lived": true,
"persistent": true,
"first_party": true,
"origin_host": "login.noz.de",
"pre_consent": true,
"source_label": "Chromium-Erstaufruf",
"category_label": "Unklar",
"retention_risk": "mittel",
"expires_in_days": 394,
"origin_evidence": "Vom geprüften Host oder aus dem Browser-Erstaufruf abgeleitet.",
"origin_provider": "noz.de",
"retention_class": "long",
"retention_label": "lang (394 Tage)",
"likely_essential": false,
"origin_script_url": "",
"origin_resource_type": ""
}
],
"very_long_lived_count": 0,
"missing_samesite_count": 0,
"persistent_unknown_count": 0,
"long_lived_tracking_count": 0
},
"security_header_analysis": {
"color": "orange",
"score": 58,
"checks": [
{
"ok": true,
"note": "",
"label": "HSTS",
"value": "max-age=31536000; includeSubDomains",
"header": "strict-transport-security",
"present": true,
"purpose": "Erzwingt HTTPS nach dem ersten sicheren Aufruf.",
"severity": "warning"
},
{
"ok": true,
"note": "",
"label": "Content-Security-Policy",
"value": "frame-src 'self' https://cdn.cxense.com/ https://mein.om-online.works/ https://login.om-online.works/ https://login.dk-online.works/ https://login.noz.works/ https://login.a-beig.works/ https://login.nnn.works/ https://l",
"header": "content-security-policy",
"present": true,
"purpose": "Begrenzt Skript-, Frame- und Ressourcenquellen im Browser.",
"severity": "warning"
},
{
"ok": false,
"note": "Fehlt in der HTTP-Antwort.",
"label": "X-Frame-Options",
"value": "",
"header": "x-frame-options",
"present": false,
"purpose": "Reduziert Clickjacking-Risiken bei älteren Browsern.",
"severity": "warning"
},
{
"ok": false,
"note": "Fehlt in der HTTP-Antwort.",
"label": "X-Content-Type-Options",
"value": "",
"header": "x-content-type-options",
"present": false,
"purpose": "Verhindert MIME-Sniffing bei Skripten und Stylesheets.",
"severity": "warning"
},
{
"ok": false,
"note": "Fehlt in der HTTP-Antwort.",
"label": "Referrer-Policy",
"value": "",
"header": "referrer-policy",
"present": false,
"purpose": "Begrenzt, welche URL-Informationen an Zielseiten weitergegeben werden.",
"severity": "info"
},
{
"ok": false,
"note": "Fehlt in der HTTP-Antwort.",
"label": "Permissions-Policy",
"value": "",
"header": "permissions-policy",
"present": false,
"purpose": "Begrenzt sensible Browser-Funktionen pro Seite.",
"severity": "info"
},
{
"ok": true,
"note": "",
"label": "Cross-Origin-Opener-Policy",
"value": "same-origin same-origin-allow-popups",
"header": "cross-origin-opener-policy",
"present": true,
"purpose": "Isoliert Top-Level-Fenster und reduziert Cross-Origin-Seiteneffekte.",
"severity": "info"
},
{
"ok": false,
"note": "Fehlt in der HTTP-Antwort.",
"label": "Cross-Origin-Resource-Policy",
"value": "",
"header": "cross-origin-resource-policy",
"present": false,
"purpose": "Begrenzt, welche fremden Seiten Ressourcen einbetten dürfen.",
"severity": "info"
},
{
"ok": false,
"note": "Fehlt in der HTTP-Antwort.",
"label": "Cross-Origin-Embedder-Policy",
"value": "",
"header": "cross-origin-embedder-policy",
"present": false,
"purpose": "Erzwingt kontrollierte Cross-Origin-Einbettungen und kann Cross-Origin Isolation ermöglichen.",
"severity": "info"
}
],
"status": "auffällig",
"missing": [
"X-Frame-Options",
"X-Content-Type-Options",
"Referrer-Policy",
"Permissions-Policy",
"Cross-Origin-Resource-Policy",
"Cross-Origin-Embedder-Policy"
],
"summary": "3 von 9 wichtigen Security-Headern vorhanden, 3 korrekt bewertet. CSP wirksam mit 1 Direktive(n), 0 Warnung(en), 3 Hinweis(e).",
"findings": [
{
"id": "csp_missing_object_src",
"title": "CSP ohne object-src",
"public": true,
"category": "security_headers",
"severity": "info"
},
{
"id": "csp_missing_base_uri",
"title": "CSP ohne base-uri",
"public": true,
"category": "security_headers",
"severity": "info"
},
{
"id": "csp_missing_frame_ancestors",
"title": "Kein CSP-frame-ancestors oder X-Frame-Options",
"public": true,
"category": "security_headers",
"severity": "info"
}
],
"ok_count": 3,
"weak_count": 0,
"csp_analysis": {
"color": "yellow",
"score": 82,
"status": "prüfen",
"summary": "CSP wirksam mit 1 Direktive(n), 0 Warnung(en), 3 Hinweis(e).",
"enforced": true,
"findings": [
{
"id": "csp_missing_object_src",
"title": "CSP ohne object-src",
"public": true,
"category": "security_headers",
"severity": "info"
},
{
"id": "csp_missing_base_uri",
"title": "CSP ohne base-uri",
"public": true,
"category": "security_headers",
"severity": "info"
},
{
"id": "csp_missing_frame_ancestors",
"title": "Kein CSP-frame-ancestors oder X-Frame-Options",
"public": true,
"category": "security_headers",
"severity": "info"
}
],
"available": true,
"directives": [
{
"name": "frame-src",
"value": "'self' https://cdn.cxense.com/ https://mein.om-online.works/ https://login.om-online.works/ https://login.dk-online.works/ https://login.noz.works/ https://login.a-beig.works/ https://login.nnn.works/ https://login.svz.w",
"values": [
"'self'",
"https://cdn.cxense.com/",
"https://mein.om-online.works/",
"https://login.om-online.works/",
"https://login.dk-online.works/",
"https://login.noz.works/",
"https://login.a-beig.works/",
"https://login.nnn.works/",
"https://login.svz.works/",
"https://login.shz.works/",
"https://cdn.piano.io/id/",
"https://sandbox.piano.io/",
"https://sandbox.tinypass.com/",
"https://experience.piano.io/",
"https://accounts.google.com/"
]
}
],
"info_count": 3,
"report_only": false,
"finding_count": 3,
"warning_count": 0
},
"missing_count": 6,
"present_count": 3,
"missing_info_count": 4,
"missing_warning_count": 2
},
"infrastructure_analysis": {
"signals": {
"caa": true,
"dnssec": true,
"final_https": true,
"tls_version": "TLSv1.3",
"hsts_enabled": true,
"address_count": 1,
"ipv6_available": false,
"email_protection": {
"mx": true,
"spf": false,
"dmarc": false
},
"certificate_valid": true,
"certificate_issuer": "YR1",
"certificate_alt_names": [
"login.dk-online.de",
"login.noz.de",
"login.noz.viakom.cloud",
"login.om-online.de",
"login.shz.de"
],
"multiple_ip_addresses": false,
"certificate_expires_at": "Aug 27 07:48:34 2026 GMT",
"certificate_days_remaining": 68,
"certificate_hostname_matches": true
},
"findings": [
{
"id": "dmarc_missing",
"title": "DMARC fehlt",
"public": true,
"category": "email",
"severity": "info"
}
],
"risk_level": "low",
"positive_signals": [
"Moderne TLS-Version aktiv: TLSv1.3.",
"HSTS ist aktiv.",
"CAA-Records begrenzen Zertifikatsaussteller."
]
},
"performance_analysis": {
"score": 100,
"signals": {
"compressed": false,
"duration_ms": 117,
"image_count": 3,
"script_count": 3,
"cache_control": "max-age=0, no-cache, no-store, must-revalidate",
"content_length": 0,
"viewport_found": true,
"stylesheet_count": 1
},
"findings": [],
"risk_level": "low"
},
"accessibility_analysis": {
"color": "green",
"score": 100,
"status": "unauffällig",
"signals": {
"h1_count": 2,
"image_count": 3,
"button_count": 2,
"heading_count": 4,
"viewport_found": true,
"html_lang_found": true,
"form_field_count": 3,
"image_missing_alt_count": 0,
"buttons_without_name_count": 0,
"form_fields_without_label_count": 0
},
"summary": "3 Bild(er), 3 Formularfeld(er), 2 Button(s) im passiven HTML-Sample auf Basis-Barrierefreiheit geprüft.",
"findings": [],
"wcag_matrix": {
"rows": [
{
"id": "wcag_non_text_content",
"ok": true,
"wcag": "WCAG 1.1.1 Non-text Content",
"title": "Alternativtexte für Bilder",
"impact": "niedrig",
"status": "ok",
"evidence": "0 von 3 Bild(er) ohne alt-Text im HTML-Sample."
},
{
"id": "wcag_form_labels",
"ok": true,
"wcag": "WCAG 1.3.1 Info and Relationships / 3.3.2 Labels or Instructions",
"title": "Formularfelder beschriften",
"impact": "niedrig",
"status": "ok",
"evidence": "0 von 3 Formularfeld(er) ohne erkennbare Beschriftung."
},
{
"id": "wcag_button_names",
"ok": true,
"wcag": "WCAG 4.1.2 Name, Role, Value",
"title": "Buttons mit Namen versehen",
"impact": "niedrig",
"status": "ok",
"evidence": "0 von 2 Button(s) ohne erkennbaren Namen."
},
{
"id": "wcag_page_language",
"ok": true,
"wcag": "WCAG 3.1.1 Language of Page",
"title": "Seitensprache auszeichnen",
"impact": "niedrig",
"status": "ok",
"evidence": "HTML-lang-Attribut gefunden."
},
{
"id": "wcag_heading_structure",
"ok": true,
"wcag": "WCAG 1.3.1 Info and Relationships / 2.4.6 Headings and Labels",
"title": "Überschriftenstruktur",
"impact": "niedrig",
"status": "ok",
"evidence": "2 H1 und 4 Überschrift(en) im HTML-Sample."
},
{
"id": "wcag_mobile_reflow",
"ok": true,
"wcag": "WCAG 1.4.10 Reflow",
"title": "Mobile Viewport-Basis",
"impact": "niedrig",
"status": "ok",
"evidence": "Viewport-Meta-Tag gefunden."
}
],
"summary": "0 WCAG-/EAA-Prüfpunkt(e) auffällig, davon 0 mit hoher Auswirkung.",
"standard": "WCAG 2.2 orientierte Basisprüfung",
"available": true,
"issue_count": 0,
"high_impact_count": 0
}
},
"domain_history": {
"summary": "Domainhistorie konnte per RDAP nicht zuverlässig abgerufen werden.",
"findings": [],
"available": false,
"risk_level": "unknown"
},
"data_entry_analysis": {
"forms": [
{
"method": "GET",
"purpose": "Adresse",
"data_types": [
{
"id": "address",
"label": "Adresse"
},
{
"id": "email",
"label": "E-Mail"
},
{
"id": "login",
"label": "Login/Passwort"
}
],
"field_count": 3
}
],
"score": 90,
"summary": "Die Seite kann Adresse, Login/Passwort, E-Mail abfragen.",
"findings": [],
"form_count": 1,
"risk_level": "low",
"field_count": 3,
"asks_for_data": true,
"payment_providers": [],
"detected_data_types": [
{
"id": "address",
"count": 1,
"label": "Adresse"
},
{
"id": "login",
"count": 1,
"label": "Login/Passwort"
},
{
"id": "email",
"count": 1,
"label": "E-Mail"
}
],
"privacy_context_found": true,
"operator_context_found": true
},
"pii_exposure_analysis": {
"color": "yellow",
"score": 86,
"checks": [
{
"id": "current_url",
"ok": true,
"count": 0,
"label": "Aktuelle URL",
"detail": "Keine sensiblen Query-Parameter erkannt."
},
{
"id": "link_queries",
"ok": true,
"count": 0,
"label": "Link-Parameter",
"detail": "Keine sensiblen Link-Querys erkannt."
},
{
"id": "get_forms",
"ok": false,
"count": 1,
"label": "GET-Formulare",
"detail": "1 Formular(e) prüfen."
},
{
"id": "external_forms",
"ok": true,
"count": 0,
"label": "Externe Formularziele",
"detail": "Keine externen Formularziele mit personenbezogenen Feldern erkannt."
},
{
"id": "tracking_context",
"ok": true,
"count": 0,
"label": "Tracking neben Dateneingabe",
"detail": "Keine Kombination aus Dateneingabe und datenschutzrelevanten Drittanbietern erkannt."
}
],
"status": "prüfen",
"summary": "1 PII-/Datenleck-Hinweis(e) aus URL-, Formular- und Browserkontext.",
"findings": [
{
"id": "pii_sensitive_get_form",
"forms": [
{
"fields": [
"address",
"email",
"login"
]
}
],
"title": "Formular mit personenbezogenen Feldern nutzt GET",
"public": true,
"category": "privacy",
"severity": "warning"
}
],
"link_hits": [],
"finding_count": 1,
"current_url_hits": [],
"tracking_context": false,
"sensitive_get_forms": [
{
"fields": [
"address",
"email",
"login"
]
}
]
},
"scan_history_analysis": {
"available": false,
"summary": "Noch kein früherer gespeicherter Scan für diese Domain vorhanden.",
"total_scan_count": 1,
"previous_scan_count": 0,
"history": [
{
"scan_id": "74d7d028-f71f-4b60-ad08-b55d7f9146a9",
"created_at": "2026-06-20 05:23:15.299641+02",
"score": 62,
"verdict": "auffällig",
"finding_count": 23,
"integrity_root_hash": "21b01683e73070a4e2e08235805a9d3dce63dc67bbd496dab0617ba5d08d9b15",
"integrity_available_hash_count": 9,
"current": true
}
],
"new_findings": [],
"resolved_findings": [],
"technical_changes": {
"available": false,
"summary": "Noch kein früherer Scan für technische Änderungen vorhanden."
}
},
"benchmark_analysis": {
"host": "login.noz.de",
"rank": 1,
"score": 62,
"status": "über_durchschnitt",
"summary": "login.noz.de liegt mit 62 Punkten über dem gespeicherten Durchschnitt von 53.7.",
"available": true,
"peer_count": 10577,
"percentile": 0,
"query_mode": "php_ttl_cache_refresh",
"distribution": {
"0_39": 1561,
"40_59": 4125,
"60_79": 4869,
"80_100": 22
},
"median_score": 59,
"average_score": 53.7,
"comparison_basis": "Neuester gespeicherter SaferPage-Scan je Domain; überwiegend deutschsprachige gespeicherte Checks.",
"same_score_count": 0,
"better_than_count": 0,
"qualified_peer_count": 10183,
"zero_score_count": 394,
"top_quartile_score": 65,
"top_decile_score": 69,
"qualified_average_score": 55.7,
"qualified_median_score": 59,
"qualified_top_quartile_score": 65,
"qualified_top_decile_score": 69,
"thresholds": [
{
"id": "critical",
"label": "Kritisch",
"range": "0-39",
"met": false
},
{
"id": "basic",
"label": "Basis stabilisieren",
"range": "40-59",
"met": false
},
{
"id": "managed",
"label": "Gesteuert",
"range": "60-79",
"met": true
},
{
"id": "strong",
"label": "Stark",
"range": "80-100",
"met": false
}
],
"risk_tier": "gesteuert",
"target_score": 80,
"aspirational_target_score": 80,
"gap_to_target": 18,
"gap_to_top_quartile": 3,
"gap_to_strong": 18,
"cache_ttl_seconds": 300
},
"audit_receipt": {
"url": "https://login.noz.de/",
"host": "login.noz.de",
"status": "verfügbar",
"bot_url": "https://saferpage.de/bot",
"summary": "Prüfbeleg für login.noz.de: kontrollierter HTTP-/Browser-Kurzcheck mit 13 Request(s), 4 Consent-Zustand/Zuständen und 7 Artefakt(en).",
"renderer": "playwright-chromium",
"artifacts": [
{
"label": "Öffentlicher Kurzreport",
"detail": "https://saferpage.de/login.noz.de",
"status": "verfügbar"
},
{
"label": "JSON-Export",
"detail": "Maschinenlesbarer Report mit Modulen, Nachweisen und Tabellen.",
"status": "verfügbar"
},
{
"label": "CSV-Export",
"detail": "Tabellarische Prüfzeilen für Betreiber, Datenschutz und Technik.",
"status": "verfügbar"
},
{
"label": "160x150 Seitenvorschau",
"detail": "/cache/screenshots/login.noz.de-160x150-02360b7570ee9573d0.png",
"status": "verfügbar"
},
{
"label": "Cookie-Erklärung",
"detail": "4 Cookie-/Storage-Eintrag/Einträge.",
"status": "auffällig"
},
{
"label": "Empfänger-/Anbieterinventar",
"detail": "3 Anbieterzeile(n), 1 AVV-/Rollenprüfung(en).",
"status": "unauffällig"
},
{
"label": "Barrierefreiheitserklärung-Entwurf",
"detail": "0 bekannte Barrierefreiheits-Punkt(e).",
"status": "Vorläufig vollständig konform im automatischen Basischeck"
}
],
"available": true,
"final_url": "https://login.noz.de/",
"checked_at": "2026-06-20T03:23:14+00:00",
"share_text": "SaferPage Prüfbeleg login.noz.de: 13 Browser-Request(s), 3 Drittanbieter, 4 Cookie-/Storage-Einträge, geprüft am 2026-06-20T03:23:14.",
"user_agent": "SaferPageCrawler/0.3 (+https://saferpage.de/bot; schedules passive DACH website checks; report examples: https://saferpage.de/tests; kostenloser Report: <a href=\"https://saferpage.de/login.noz.de\">https://saferpage.de/login.noz.de</a>)",
"limitations": [
"Öffentliche Nachweise enthalten keine Cookie-Werte und keine vollständigen Request-URLs.",
"Der Scan ist ein passiver Browser- und HTTP-Kurzcheck; rechtliche Bewertung bleibt Betreiberaufgabe.",
"Dynamische Inhalte können sich je nach Region, Zeit, Gerät und Consent-Auswahl ändern."
],
"scan_context": "crawler",
"coverage_items": [
{
"label": "HTTP/DNS/TLS",
"value": "HTTP 200 · DNS ok · TLS ok"
},
{
"label": "Browserlauf",
"value": "13 Request(s), 3 Drittanbieter-Domain(s), 4 Browser-Cookie(s)."
},
{
"label": "Consent-Zustände",
"value": "4 Zustand/Zustände: Default, Ablehnen, Akzeptieren und GPC soweit verfügbar."
},
{
"label": "Seitenabdeckung",
"value": "0 priorisierte Unterseite(n) im Nachweispack."
},
{
"label": "Drittanbieter-Auszug",
"value": "3 Anbieterzeile(n) im öffentlichen Nachweis."
},
{
"label": "Cookie-Auszug",
"value": "4 Cookie-Zeile(n) im öffentlichen Nachweis."
}
],
"confidence_score": 77,
"browser_final_url": "https://login.noz.de/?ref=https%3A%2F%2Fwww.noz.de%2F&reason=Portal&bid=mqlsliyue4l77vpi"
},
"evidence_integrity_manifest": {
"host": "login.noz.de",
"status": "verfügbar",
"summary": "Integritätsmanifest für login.noz.de: 9/9 Nachweisbereich(e) mit SHA-256-Hash dokumentiert.",
"sections": [
{
"id": "audit_receipt",
"hash": "7a43563fb286f6637839fd0ce6f133383032ac808e535ed3adf38b967db08d65",
"count": 18,
"label": "Prüfbeleg",
"detail": "Kanonischer JSON-Hash des kompakten Prüfbelegs.",
"status": "verfügbar"
},
{
"id": "protocol",
"hash": "8ae90d6fe8ff0c609f3b24fb6513fff14aa34211f42131afe01f724ec6e31ba7",
"count": 15,
"label": "Scan-Protokoll",
"detail": "URL, Endziel, User-Agent, Zeitstempel, HTTP/DNS/TLS und Renderer.",
"status": "verfügbar"
},
{
"id": "checkpoints",
"hash": "60065c28be000e8b8af1262961a0f53191de93d871426c9b755e5ed7f38ace88",
"count": 6,
"label": "Prüfschritte",
"detail": "Kanonischer JSON-Hash der dokumentierten Prüfstationen.",
"status": "verfügbar"
},
{
"id": "consent_states",
"hash": "c8e4df73dae28755da3c8c2fe2134400ab7627ce37822fc115a34fc82e3c8bed",
"count": 4,
"label": "Consent-Zustände",
"detail": "Default-, Ablehnen-, Akzeptieren- und GPC-Nachweise soweit verfügbar.",
"status": "verfügbar"
},
{
"id": "third_party_evidence",
"hash": "a198aeff73307721f881dfa343a01f107d88f321fcce997547946c80c1e91676",
"count": 3,
"label": "Drittanbieter-Auszug",
"detail": "Sanitisierte Anbieter-, Kategorie-, Transfer- und Request-Zählwerte.",
"status": "verfügbar"
},
{
"id": "cookie_evidence",
"hash": "a49dc5ecb81c357477f3d6619dc2dd639c9e15c80b8cbe728101822b062f10d7",
"count": 4,
"label": "Cookie-Auszug",
"detail": "Sanitisierte Cookie-Metadaten ohne Cookie-Werte.",
"status": "verfügbar"
},
{
"id": "request_samples",
"hash": "f2a263d7c4d2be51eb9965eadd0c619964dd45a8e73aa50d17267341646793b4",
"count": 3,
"label": "Request-Samples",
"detail": "Sanitisierte Drittanbieter-Samples ohne vollständige Request-URLs.",
"status": "verfügbar"
},
{
"id": "checked_pages",
"hash": "4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945",
"count": 0,
"label": "Geprüfte Unterseiten",
"detail": "Priorisierte Pfade aus Sitemap, Pflichtseiten und interner Linkstruktur.",
"status": "leer"
},
{
"id": "screenshot_file",
"hash": "0bda690a9be57fba2d3683c02dd39b09b7373ce5d615ede182b8d59cb60f11e9",
"count": 4615,
"label": "160x150 Seitenvorschau-Datei",
"detail": "/cache/screenshots/login.noz.de-160x150-02360b7570ee9573d0.png",
"status": "verfügbar"
}
],
"algorithm": "sha256",
"available": true,
"root_hash": "21b01683e73070a4e2e08235805a9d3dce63dc67bbd496dab0617ba5d08d9b15",
"checked_at": "2026-06-20T03:23:14+00:00",
"limitations": [
"Das Manifest schützt die im Report veröffentlichten/sanitisierten Nachweise, nicht verdeckte Cookie-Werte oder vollständige Request-URLs.",
"Ohne externe qualifizierte Zeitstempelung beweist der Hash Integrität des exportierten Artefakts, aber keine amtliche Zustellung."
],
"section_count": 9,
"canonicalization": "JSON UTF-8, sort_keys=true, kompakte Separatoren; Screenshot als rohe Datei-Bytes.",
"available_hash_count": 9
},
"audit_evidence_pack": {
"status": "verfügbar",
"summary": "Nachweisprotokoll mit 13 Browser-Request(s), 4 Cookie-Nachweis(en), 3 Drittanbieter-Auszug/auszügen und 4 Consent-Zustand/Zuständen.",
"protocol": {
"host": "login.noz.de",
"dns_ok": true,
"tls_ok": true,
"bot_url": "https://saferpage.de/bot",
"renderer": "playwright-chromium",
"final_url": "https://login.noz.de/",
"input_url": "https://login.noz.de/",
"checked_at": "2026-06-20T03:23:14+00:00",
"user_agent": "SaferPageCrawler/0.3 (+https://saferpage.de/bot; schedules passive DACH website checks; report examples: https://saferpage.de/tests; kostenloser Report: <a href=\"https://saferpage.de/login.noz.de\">https://saferpage.de/login.noz.de</a>)",
"http_status": 200,
"scan_context": "crawler",
"screenshot_url": "/cache/screenshots/login.noz.de-160x150-02360b7570ee9573d0.png",
"googlebot_status": 200,
"browser_final_url": "https://login.noz.de/?ref=https%3A%2F%2Fwww.noz.de%2F&reason=Portal&bid=mqlsliyue4l77vpi",
"dns_address_count": 1
},
"checkpoints": [
{
"label": "DNS",
"detail": "1 Adresse(n) aufgelöst.",
"status": "ok"
},
{
"label": "TLS/HTTPS",
"detail": "TLSv1.3",
"status": "ok"
},
{
"label": "HTTP-Abruf",
"detail": "Status 200, Endziel https://login.noz.de/.",
"status": "ok"
},
{
"label": "Browserlauf",
"detail": "13 Request(s), 3 Drittanbieter-Domain(s).",
"status": "ok"
},
{
"label": "Consent-Zustände",
"detail": "Default, Ablehnen, Akzeptieren und GPC werden soweit möglich gegenübergestellt.",
"status": "unauffällig"
},
{
"label": "Exports",
"detail": "PDF/Druck, JSON und CSV enthalten die wesentlichen Prüfnachweise.",
"status": "verfügbar"
}
],
"limitations": [
"Öffentliche Nachweise enthalten keine Cookie-Werte und keine vollständigen Request-URLs.",
"Der Scan ist ein passiver Browser- und HTTP-Kurzcheck; rechtliche Bewertung bleibt Betreiberaufgabe.",
"Dynamische Inhalte können sich je nach Region, Zeit, Gerät und Consent-Auswahl ändern."
],
"checked_pages": [],
"cookie_evidence": [
{
"name": "__pcid",
"domain": "noz.de",
"secure": false,
"category": "Unklar",
"provider": "noz.de",
"tracking": false,
"retention": "lang (364 Tage)",
"same_site": "Lax",
"pre_consent": true
},
{
"name": "_pcid",
"domain": "noz.de",
"secure": true,
"category": "Unklar",
"provider": "noz.de",
"tracking": false,
"retention": "lang (394 Tage)",
"same_site": "Lax",
"pre_consent": true
},
{
"name": "_pctx",
"domain": "noz.de",
"secure": true,
"category": "Unklar",
"provider": "noz.de",
"tracking": false,
"retention": "lang (394 Tage)",
"same_site": "Lax",
"pre_consent": true
},
{
"name": "_pprv",
"domain": "noz.de",
"secure": true,
"category": "Unklar",
"provider": "noz.de",
"tracking": false,
"retention": "lang (394 Tage)",
"same_site": "Lax",
"pre_consent": true
}
],
"browser_evidence": {
"gpc_enabled": true,
"request_count": 13,
"storage_total": 0,
"accept_clicked": false,
"reject_clicked": false,
"browser_cookie_count": 4,
"contacted_domain_count": 4,
"third_party_domain_count": 3,
"storage_tracking_hint_count": 0,
"privacy_relevant_domain_count": 0
},
"storage_evidence": {
"tracking_key_hints": [],
"local_storage_total": 0,
"session_storage_total": 0
},
"third_party_evidence": [
{
"host": "browser.sentry-cdn.com",
"category": "Sonstige",
"provider": "browser.sentry-cdn.com",
"transfer": "Jurisdiktion unklar",
"risk_level": "niedrig",
"request_count": 1,
"resource_types": [
"script"
],
"privacy_relevant": false
},
{
"host": "c2.noz.de",
"category": "Sonstige",
"provider": "c2.noz.de",
"transfer": "EU/EWR",
"risk_level": "niedrig",
"request_count": 1,
"resource_types": [
"script"
],
"privacy_relevant": false
},
{
"host": "cdn.noz.de",
"category": "Sonstige",
"provider": "cdn.noz.de",
"transfer": "EU/EWR",
"risk_level": "niedrig",
"request_count": 1,
"resource_types": [
"script"
],
"privacy_relevant": false
}
],
"external_script_count": 2,
"consent_state_evidence": [
{
"label": "Erstaufruf",
"cookie_count": 0,
"domain_count": 3,
"request_count": 3,
"storage_tracking_hint_count": 0,
"privacy_relevant_domain_count": 0
},
{
"label": "Nach Ablehnen neu",
"cookie_count": 0,
"domain_count": 0,
"request_count": 0,
"storage_tracking_hint_count": 0,
"privacy_relevant_domain_count": 0
},
{
"label": "Nach Akzeptieren neu",
"cookie_count": 0,
"domain_count": 0,
"request_count": 0,
"storage_tracking_hint_count": 0,
"privacy_relevant_domain_count": 0
},
{
"label": "GPC-Aufruf",
"cookie_count": 0,
"domain_count": 3,
"request_count": 3,
"storage_tracking_hint_count": 0,
"privacy_relevant_domain_count": 0
}
],
"request_sample_evidence": [
{
"host": "browser.sentry-cdn.com",
"query_keys": [],
"resource_type": "script",
"query_key_count": 0,
"referrer_has_path": false,
"referrer_has_query": false,
"sensitive_query_key_count": 0
},
{
"host": "c2.noz.de",
"query_keys": [
"aid"
],
"resource_type": "script",
"query_key_count": 1,
"referrer_has_path": false,
"referrer_has_query": false,
"sensitive_query_key_count": 0
},
{
"host": "cdn.noz.de",
"query_keys": [],
"resource_type": "script",
"query_key_count": 0,
"referrer_has_path": false,
"referrer_has_query": false,
"sensitive_query_key_count": 0
}
]
},
"consent_visual_salience_evidence": {
"schema": "https://saferpage.de/schemas/consent-visual-salience-evidence.v1",
"status": "measured_dom_viewport_signal",
"available": true,
"evidence_level": "dom_viewport_signal_only",
"summary": "Der erste Headless-Chromium-Viewport liefert sichtbare Consent-Control-Signale mit Text, Position, Groesse und typografischen Hinweisen.",
"sample_status": "visible_controls_without_classified_samples",
"classified_sample_count": 0,
"accept_control_count": 0,
"reject_control_count": 0,
"settings_control_count": 0,
"visible_control_count": 8,
"accept_max_area": 0,
"reject_max_area": 0,
"reject_prominence_ratio": "nicht messbar",
"samples": [],
"sample_boundary": "Samples enthalten nur klassifizierte Accept-/Reject-/Settings-Controls. Weitere sichtbare Consent-Controls bleiben als Zaehler erhalten, werden aber ohne Klassifizierung nicht als Ablehnen-, Akzeptieren- oder Einstellungsprobe behauptet.",
"claim_boundary": "Consent-Visual-Salienz ist ein DOM-/Viewport-Signal aus dem ersten Browserlauf. Sie ist keine Rechtsbewertung, kein Dark-Pattern-Endurteil und kein Nachweis fuer spaetere Consent-Zustaende, Scrollbereiche, Loginbereiche oder manuelle Betreiberkontexte."
}
}
Geprüfte Domain-Wurzel: https://login.noz.de/