Scan-Fakten als JSON anzeigen
{
"schema": "https://saferpage.de/schemas/public-scan-facts.v1",
"claim_boundary": "Öffentliche Rohdaten enthalten nur Scan-Fakten, Statuswerte, Evidence-Grenzen und feste Detail-/Hintergrund-Links. Betreiber-Hintergrund, Planungen, Checklisten, Code und allgemeine Empfehlungen stehen auf separaten Seiten.",
"current_evidence_policy": {
"schema": "https://saferpage.de/schemas/public-scan-current-evidence-policy.v1",
"status": "current_scan_fields_only",
"summary": "Der Fakten-JSON exportiert nur Felder, die im gespeicherten aktuellen Scan wirklich vorhanden sind. Fehlende neue Evidence wird nicht aus alten Testergebnisformaten nachgebaut.",
"guardrails": [
"Keine synthetischen Boundary-Fallbacks fuer alte Scans",
"Keine Nachbewertung alter Testergebnisse im Fakten-JSON",
"Keine Betreiber-Empfehlung im Report-JSON"
]
},
"host": "mul-ct.de",
"normalized_url": "https://mul-ct.de/",
"score": 57,
"verdict": {
"color": "orange",
"label": "auffällig",
"score": 57
},
"scan_id": "c410c896-eece-4b70-bf6a-6555e57119fe",
"created_at": "2026-06-19 23:54:30.041422+02",
"evidence": {
"dns": {
"ok": true,
"addresses": [
"142.132.244.173"
],
"duration_ms": 23
},
"tls": {
"ok": true,
"cipher": "TLS_AES_128_GCM_SHA256",
"issuer": [
[
[
"countryName",
"US"
]
],
[
[
"organizationName",
"Let's Encrypt"
]
],
[
[
"commonName",
"YR1"
]
]
],
"subject": [
[
[
"commonName",
"mul-ct.de"
]
]
],
"version": "TLSv1.3",
"not_after": "Sep 13 20:00:22 2026 GMT",
"hostname_matches": true,
"days_until_expiry": 85,
"subject_alt_names": [
"ctk-poliklinik.de",
"ctk-tsg.de",
"flexcare.ctk.de",
"flexcare.mul-ct.de",
"gesundheitscampus-cottbus.de",
"klinikum-cottbus.de",
"mul-ct.de",
"mul-poliklinik.de",
"mul-tcg.de",
"mul-trg.de",
"mul-trs.de",
"mul-tsg.de",
"www.ctk-poliklinik.de",
"www.ctk-tsg.de",
"www.flexcare.mul-ct.de",
"www.gesundheitscampus-cottbus.de",
"www.klinikum-cottbus.de",
"www.mul-ct.de",
"www.mul-poliklinik.de",
"www.mul-tcg.de",
"www.mul-trg.de",
"www.mul-trs.de",
"www.mul-tsg.de"
],
"issuer_common_name": "YR1"
},
"http": {
"ok": true,
"status": 200,
"headers": {
"date": "Fri, 19 Jun 2026 21:53:49 GMT",
"vary": "Accept-Encoding",
"pragma": "no-cache",
"server": "Apache",
"expires": "Thu, 1 Jan 1970 00:00:00 GMT",
"connection": "close",
"set-cookie": "__Host-token-client=4d2e3dbf2074fca70930acc74d9d21c1; expires=Sat, 20 Jun 2026 05:53:49 GMT; Max-Age=28800; path=/; secure; HttpOnly; SameSite=Lax",
"content-type": "text/html; charset=utf-8",
"x-webkit-csp": "default-src 'self' https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de; connect-src 'self' https://nominatim.openstreetmap.org https://login.microsoftonline.com https://www.google.com https://ctk.matomo.cloud http://ctk.matomo.cloud ctk.matomo.cloud https://eutils.ncbi.nlm.nih.gov https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de https://matomo-testing.condat.cloud; font-src 'self' https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de data:; frame-ancestors 'self' https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de; frame-src 'self' https://benutzerhandbuch-cshs.condat.de https://global.frcapi.com https://www.google.com https://*.youtube-nocookie.com https://*.youtube.com https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de; img-src 'self' https://cdn.jsdelivr.net https://*.tile.openstreetmap.org https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de data:; media-src 'self' https://*.youtube-nocookie.com https://*.youtube.com https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de; object-src 'self' https://*.youtube-nocookie.com https://*.youtube.com https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de; script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.jsdelivr.net https://cdn.matomo.cloud http://cdn.matomo.cloud cdn.matomo.cloud https://ctk.matomo.cloud http://ctk.matomo.cloud ctk.matomo.cloud https://zlm.mul-ct.de http://zlm.mul-ct.de zlm.mul-ct.de https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de https://matomo-testing.condat.cloud 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://cdn.jsdelivr.net https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de 'unsafe-inline'; worker-src 'self' https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de blob:",
"cache-control": "max-age=0, no-cache, no-store, must-revalidate",
"referrer-policy": "same-origin",
"x-frame-options": "SAMEORIGIN",
"x-xss-protection": "1; mode=block",
"transfer-encoding": "chunked",
"permissions-policy": "accelerometer=(*),camera=(),encrypted-media=(*),geolocation=(),gyroscope=(*),magnetometer=(),midi=(),microphone=(),payment=()",
"x-content-type-options": "nosniff",
"content-security-policy": "default-src 'self' https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de; connect-src 'self' https://nominatim.openstreetmap.org https://login.microsoftonline.com https://www.google.com https://ctk.matomo.cloud http://ctk.matomo.cloud ctk.matomo.cloud https://eutils.ncbi.nlm.nih.gov https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de https://matomo-testing.condat.cloud; font-src 'self' https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de data:; frame-ancestors 'self' https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de; frame-src 'self' https://benutzerhandbuch-cshs.condat.de https://global.frcapi.com https://www.google.com https://*.youtube-nocookie.com https://*.youtube.com https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de; img-src 'self' https://cdn.jsdelivr.net https://*.tile.openstreetmap.org https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de data:; media-src 'self' https://*.youtube-nocookie.com https://*.youtube.com https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de; object-src 'self' https://*.youtube-nocookie.com https://*.youtube.com https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de; script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.jsdelivr.net https://cdn.matomo.cloud http://cdn.matomo.cloud cdn.matomo.cloud https://ctk.matomo.cloud http://ctk.matomo.cloud ctk.matomo.cloud https://zlm.mul-ct.de http://zlm.mul-ct.de zlm.mul-ct.de https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de https://matomo-testing.condat.cloud 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://cdn.jsdelivr.net https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de 'unsafe-inline'; worker-src 'self' https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de blob:",
"strict-transport-security": "max-age=63072000; includeSubdomains",
"x-content-security-policy": "default-src 'self' https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de; connect-src 'self' https://nominatim.openstreetmap.org https://login.microsoftonline.com https://www.google.com https://ctk.matomo.cloud http://ctk.matomo.cloud ctk.matomo.cloud https://eutils.ncbi.nlm.nih.gov https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de https://matomo-testing.condat.cloud; font-src 'self' https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de data:; frame-ancestors 'self' https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de; frame-src 'self' https://benutzerhandbuch-cshs.condat.de https://global.frcapi.com https://www.google.com https://*.youtube-nocookie.com https://*.youtube.com https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de; img-src 'self' https://cdn.jsdelivr.net https://*.tile.openstreetmap.org https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de data:; media-src 'self' https://*.youtube-nocookie.com https://*.youtube.com https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de; object-src 'self' https://*.youtube-nocookie.com https://*.youtube.com https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de; script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.jsdelivr.net https://cdn.matomo.cloud http://cdn.matomo.cloud cdn.matomo.cloud https://ctk.matomo.cloud http://ctk.matomo.cloud ctk.matomo.cloud https://zlm.mul-ct.de http://zlm.mul-ct.de zlm.mul-ct.de https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de https://matomo-testing.condat.cloud 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://cdn.jsdelivr.net https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de 'unsafe-inline'; worker-src 'self' https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de blob:",
"x-permitted-cross-domain-policies": "none"
},
"body_size": 135336,
"final_url": "https://mul-ct.de/",
"duration_ms": 1953
},
"scanner": {
"bot_url": "https://saferpage.de/bot",
"context": "crawler",
"user_agent": "SaferPageCrawler/0.3 (+https://saferpage.de/bot; schedules passive DACH website checks; report examples: https://saferpage.de/tests; kostenloser Report: <a href=\"https://saferpage.de/mul-ct.de\">https://saferpage.de/mul-ct.de</a>)",
"default_user_agent": "SaferPageBot/0.2 (+https://saferpage.de/bot; passive website safety check; no attack tests)"
},
"domain_records": {
"mx": true,
"caa": false,
"spf": true,
"dmarc": true,
"dnssec": false,
"records": {
"mx": [
"100 ctk-mail01.donotspam.de.",
"200 ctk-mail02.donotspam.de."
],
"ns": [
"sec2.rcode0.net.",
"sec1.rcode0.net."
],
"caa": [],
"txt": [
"samsung-domain-verification=e191a129-06ba-4b6b-81a2-72edeb753ef0",
"cisco-ci-domain-verification=4ef6dd62434891fe58c83504b196b2a7b65e9b6993e76824cb64a5d28cc06b09",
"apple-domain-verification=tJJfwouJtGaVIRVT",
"v=spf1 a mx ip4:212.111.231.0/27 ip4:212.111.231.224/28 ip4:85.190.183.226/32 ip4:85.190.183.224/32 ip4:85.190.183.225/32 include:_spf.rexx-suite.com include:_spf.donotspam.de -all",
"MS=ms74017816"
],
"cname": [],
"dmarc": [
"v=DMARC1;p=none;sp=quarantine;adkim=r;aspf=r;pct=10;rua=mailto:abuse@mul-ct.de"
],
"dnskey_present": false
},
"spf_includes": [
"_spf.rexx-suite.com",
"_spf.donotspam.de"
],
"verifications": [
"apple",
"microsoft"
]
},
"googlebot_http": {
"ok": true,
"status": 200,
"headers": {
"date": "Fri, 19 Jun 2026 21:53:49 GMT",
"vary": "Accept-Encoding",
"pragma": "no-cache",
"server": "Apache",
"expires": "Thu, 1 Jan 1970 00:00:00 GMT",
"connection": "close",
"set-cookie": "__Host-token-client=b8c1b888a883a311e936a8c2fdc8d919; expires=Sat, 20 Jun 2026 05:53:49 GMT; Max-Age=28800; path=/; secure; HttpOnly; SameSite=Lax",
"content-type": "text/html; charset=utf-8",
"x-webkit-csp": "default-src 'self' https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de; connect-src 'self' https://nominatim.openstreetmap.org https://login.microsoftonline.com https://www.google.com https://ctk.matomo.cloud http://ctk.matomo.cloud ctk.matomo.cloud https://eutils.ncbi.nlm.nih.gov https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de https://matomo-testing.condat.cloud; font-src 'self' https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de data:; frame-ancestors 'self' https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de; frame-src 'self' https://benutzerhandbuch-cshs.condat.de https://global.frcapi.com https://www.google.com https://*.youtube-nocookie.com https://*.youtube.com https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de; img-src 'self' https://cdn.jsdelivr.net https://*.tile.openstreetmap.org https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de data:; media-src 'self' https://*.youtube-nocookie.com https://*.youtube.com https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de; object-src 'self' https://*.youtube-nocookie.com https://*.youtube.com https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de; script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.jsdelivr.net https://cdn.matomo.cloud http://cdn.matomo.cloud cdn.matomo.cloud https://ctk.matomo.cloud http://ctk.matomo.cloud ctk.matomo.cloud https://zlm.mul-ct.de http://zlm.mul-ct.de zlm.mul-ct.de https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de https://matomo-testing.condat.cloud 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://cdn.jsdelivr.net https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de 'unsafe-inline'; worker-src 'self' https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de blob:",
"cache-control": "max-age=0, no-cache, no-store, must-revalidate",
"referrer-policy": "same-origin",
"x-frame-options": "SAMEORIGIN",
"x-xss-protection": "1; mode=block",
"transfer-encoding": "chunked",
"permissions-policy": "accelerometer=(*),camera=(),encrypted-media=(*),geolocation=(),gyroscope=(*),magnetometer=(),midi=(),microphone=(),payment=()",
"x-content-type-options": "nosniff",
"content-security-policy": "default-src 'self' https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de; connect-src 'self' https://nominatim.openstreetmap.org https://login.microsoftonline.com https://www.google.com https://ctk.matomo.cloud http://ctk.matomo.cloud ctk.matomo.cloud https://eutils.ncbi.nlm.nih.gov https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de https://matomo-testing.condat.cloud; font-src 'self' https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de data:; frame-ancestors 'self' https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de; frame-src 'self' https://benutzerhandbuch-cshs.condat.de https://global.frcapi.com https://www.google.com https://*.youtube-nocookie.com https://*.youtube.com https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de; img-src 'self' https://cdn.jsdelivr.net https://*.tile.openstreetmap.org https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de data:; media-src 'self' https://*.youtube-nocookie.com https://*.youtube.com https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de; object-src 'self' https://*.youtube-nocookie.com https://*.youtube.com https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de; script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.jsdelivr.net https://cdn.matomo.cloud http://cdn.matomo.cloud cdn.matomo.cloud https://ctk.matomo.cloud http://ctk.matomo.cloud ctk.matomo.cloud https://zlm.mul-ct.de http://zlm.mul-ct.de zlm.mul-ct.de https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de https://matomo-testing.condat.cloud 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://cdn.jsdelivr.net https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de 'unsafe-inline'; worker-src 'self' https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de blob:",
"strict-transport-security": "max-age=63072000; includeSubdomains",
"x-content-security-policy": "default-src 'self' https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de; connect-src 'self' https://nominatim.openstreetmap.org https://login.microsoftonline.com https://www.google.com https://ctk.matomo.cloud http://ctk.matomo.cloud ctk.matomo.cloud https://eutils.ncbi.nlm.nih.gov https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de https://matomo-testing.condat.cloud; font-src 'self' https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de data:; frame-ancestors 'self' https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de; frame-src 'self' https://benutzerhandbuch-cshs.condat.de https://global.frcapi.com https://www.google.com https://*.youtube-nocookie.com https://*.youtube.com https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de; img-src 'self' https://cdn.jsdelivr.net https://*.tile.openstreetmap.org https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de data:; media-src 'self' https://*.youtube-nocookie.com https://*.youtube.com https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de; object-src 'self' https://*.youtube-nocookie.com https://*.youtube.com https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de; script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.jsdelivr.net https://cdn.matomo.cloud http://cdn.matomo.cloud cdn.matomo.cloud https://ctk.matomo.cloud http://ctk.matomo.cloud ctk.matomo.cloud https://zlm.mul-ct.de http://zlm.mul-ct.de zlm.mul-ct.de https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de https://matomo-testing.condat.cloud 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://cdn.jsdelivr.net https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de 'unsafe-inline'; worker-src 'self' https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform-api.condat-demo.de http://cshs-platform-api.condat-demo.de cshs-platform-api.condat-demo.de blob:",
"x-permitted-cross-domain-policies": "none"
},
"body_size": 135336,
"final_url": "https://mul-ct.de/",
"duration_ms": 1948
},
"ai_search_policy_evidence": {
"files": [
{
"id": "robots_txt",
"url": "https://mul-ct.de/robots.txt",
"label": "robots.txt",
"reason": "",
"status": "found",
"body_size": 14,
"truncated": false,
"body_sha256": "fd89345af6aca5dab85f2aa6a830e270a362b1fa6b5f19607ddd773a081ed651",
"duration_ms": 75,
"http_status": 200,
"ai_bot_policy": {
"bot_directives": [],
"explicit_ai_bots": [],
"explicit_ai_bot_count": 0,
"wildcard_directive_count": 0,
"wildcard_directives_sample": []
},
"relevant_lines": [
"User-agent: *"
]
},
{
"id": "llms_txt",
"url": "https://mul-ct.de/llms.txt",
"label": "llms.txt",
"reason": "http_error",
"status": "missing",
"body_size": 0,
"truncated": false,
"body_sha256": "",
"duration_ms": 57,
"http_status": 404,
"relevant_lines": []
},
{
"id": "ai_txt",
"url": "https://mul-ct.de/.well-known/ai.txt",
"label": "AI Policy",
"reason": "http_error",
"status": "missing",
"body_size": 0,
"truncated": false,
"body_sha256": "",
"duration_ms": 82,
"http_status": 404,
"relevant_lines": []
},
{
"id": "ai_policy_txt",
"url": "https://mul-ct.de/.well-known/ai-policy.txt",
"label": "AI Policy",
"reason": "http_error",
"status": "missing",
"body_size": 0,
"truncated": false,
"body_sha256": "",
"duration_ms": 60,
"http_status": 404,
"relevant_lines": []
},
{
"id": "ward_txt",
"url": "https://mul-ct.de/.well-known/ward.txt",
"label": "WARD Policy",
"reason": "http_error",
"status": "missing",
"body_size": 0,
"truncated": false,
"body_sha256": "",
"duration_ms": 74,
"http_status": 404,
"relevant_lines": []
}
],
"origin": "https://mul-ct.de",
"schema": "https://saferpage.de/schemas/ai-search-policy-evidence.v1",
"status": "checked",
"metrics": {
"file_count": 5,
"found_file_count": 1,
"policy_file_count": 0,
"explicit_ai_bot_count": 0
},
"summary": "1 von 5 Policy-Datei(en) gefunden; 0 explizite KI-Bot-Regel(n) in robots.txt.",
"available": true,
"guardrails": [
"Nur feste Same-Origin-Policy-Dateien",
"Keine Off-Host-Redirects",
"64-KB-Body-Limit",
"Öffentlich nur Hash, Status und kurze relevante Zeilen"
],
"known_ai_bots": [
"GPTBot",
"ChatGPT-User",
"Google-Extended",
"ClaudeBot",
"PerplexityBot",
"CCBot"
],
"explicit_ai_bots": [],
"policy_file_count": 0,
"llms_ward_policy_status": "not_publicly_verified",
"robots_ai_policy_status": "robots_found_no_ai_bot_policy"
},
"adtech_transparency_evidence": {
"files": [
{
"id": "ads_txt",
"url": "https://mul-ct.de/ads.txt",
"label": "ads.txt",
"reason": "http_error",
"status": "missing",
"body_size": 0,
"truncated": false,
"body_sha256": "",
"duration_ms": 89,
"http_status": 404,
"ads_txt_policy": [],
"relevant_lines": [],
"sellers_json_policy": []
},
{
"id": "app_ads_txt",
"url": "https://mul-ct.de/app-ads.txt",
"label": "app-ads.txt",
"reason": "http_error",
"status": "missing",
"body_size": 0,
"truncated": false,
"body_sha256": "",
"duration_ms": 57,
"http_status": 404,
"ads_txt_policy": [],
"relevant_lines": [],
"sellers_json_policy": []
},
{
"id": "sellers_json",
"url": "https://mul-ct.de/sellers.json",
"label": "sellers.json",
"reason": "http_error",
"status": "missing",
"body_size": 0,
"truncated": false,
"body_sha256": "",
"duration_ms": 79,
"http_status": 404,
"ads_txt_policy": [],
"relevant_lines": [],
"sellers_json_policy": []
}
],
"origin": "https://mul-ct.de",
"schema": "https://saferpage.de/schemas/adtech-transparency-evidence.v1",
"status": "checked",
"metrics": {
"file_count": 3,
"direct_count": 0,
"reseller_count": 0,
"found_file_count": 0,
"ads_txt_entry_count": 0,
"exchange_domain_count": 0,
"app_ads_txt_entry_count": 0,
"sellers_json_seller_count": 0
},
"summary": "0 von 3 AdTech-Transparenzdatei(en) gefunden; 0 DIRECT- und 0 RESELLER-Zeile(n).",
"available": true,
"guardrails": [
"Nur feste Same-Origin-AdTech-Dateien",
"Keine Off-Host-Redirects",
"64-KB-Body-Limit",
"Öffentlich nur Hash, Status, Zähler und kurze relevante Zeilen"
],
"direct_count": 0,
"ads_txt_found": false,
"reseller_count": 0,
"app_ads_txt_found": false,
"sellers_json_found": false,
"ads_txt_entry_count": 0,
"exchange_domain_count": 0,
"sellers_json_parse_ok": false,
"app_ads_txt_entry_count": 0,
"sellers_json_seller_count": 0
},
"security_trust_policy_evidence": {
"files": [
{
"id": "security_txt",
"url": "https://mul-ct.de/.well-known/security.txt",
"label": "security.txt",
"reason": "http_error",
"status": "missing",
"body_size": 0,
"truncated": false,
"body_sha256": "",
"duration_ms": 119,
"http_status": 404,
"relevant_lines": [],
"security_txt_policy": []
},
{
"id": "security_txt_legacy",
"url": "https://mul-ct.de/security.txt",
"label": "security.txt legacy",
"reason": "http_error",
"status": "missing",
"body_size": 0,
"truncated": false,
"body_sha256": "",
"duration_ms": 106,
"http_status": 404,
"relevant_lines": [],
"security_txt_policy": []
}
],
"origin": "https://mul-ct.de",
"schema": "https://saferpage.de/schemas/security-trust-policy-evidence.v1",
"status": "checked",
"metrics": {
"file_count": 2,
"field_count": 0,
"contact_count": 0,
"found_file_count": 0,
"preferred_well_known_found": 0
},
"summary": "0 von 2 security.txt-Ziel(en) gefunden; 0 Kontaktfeld(er), 0 strukturierte Feld(er).",
"available": true,
"guardrails": [
"Nur feste Same-Origin-security.txt-Ziele",
"Keine Off-Host-Redirects",
"64-KB-Body-Limit",
"Öffentlich nur Hash, Status und kurze relevante Zeilen"
],
"field_count": 0,
"contact_count": 0,
"fields_present": [],
"policy_present": false,
"expires_present": false,
"encryption_present": false,
"security_txt_found": false,
"preferred_well_known_found": false
}
},
"findings": [
{
"id": "pre_consent_nonessential_cookies",
"title": "Möglicherweise nicht notwendige Cookies vor Einwilligung",
"public": true,
"source": "chromium_cookie_inventory",
"cookies": [
"fc40b4128"
],
"audience": "nutzer",
"category": "privacy",
"severity": "warning",
"evidence_items": [
"fc40b4128"
],
"user_importance": 127,
"importance_label": "Wichtig für Nutzer"
},
{
"id": "consent_no_reject_option",
"title": "Cookie-Hinweis ohne klare Ablehnen-Option",
"public": true,
"audience": "nutzer",
"category": "privacy",
"severity": "warning",
"evidence_items": [
"Sichtbare Banner-Controls: Akzeptieren 2, Ablehnen 1, Einstellungen 1"
],
"user_importance": 121,
"importance_label": "Wichtig für Nutzer"
},
{
"id": "consent_state_reject_evidence_failed",
"title": "Consent-Zustand: Ablehnen löst weiterhin Datenschutz-Signale aus",
"public": true,
"audience": "nutzer",
"category": "privacy",
"severity": "warning",
"evidence_items": [
"Nach 'Ablehnen': 1 neue Cookie(s), 0 neue Tracking-Kontakt(e)"
],
"user_importance": 120,
"importance_label": "Wichtig für Nutzer"
},
{
"id": "google_consent_mode_missing",
"title": "Google Consent Mode Default nicht erkannt",
"public": true,
"audience": "nutzer",
"category": "privacy",
"severity": "warning",
"evidence_items": [
"Google-Tags erkannt, aber kein sichtbarer Consent-Mode-/Consent-Kontext"
],
"user_importance": 120,
"importance_label": "Wichtig für Nutzer"
},
{
"id": "post_reject_new_cookies",
"count": 1,
"title": "Neue Cookies nach Ablehnen erkannt",
"public": true,
"audience": "nutzer",
"category": "privacy",
"severity": "warning",
"evidence_items": [
"Nach 'Ablehnen' neu gesetzt: 1 Cookie(s)"
],
"user_importance": 119,
"importance_label": "Wichtig für Nutzer"
},
{
"id": "third_party_page_url_parameter",
"count": 1,
"title": "Seiten-URL wird in Drittanbieter-Requests übertragen",
"public": true,
"audience": "nutzer",
"category": "privacy",
"severity": "warning",
"evidence_items": [
"ctk.matomo.cloud"
],
"user_importance": 118,
"importance_label": "Wichtig für Nutzer"
},
{
"id": "pii_tracking_on_data_entry_page",
"title": "Dateneingabe und datenschutzrelevante Drittanbieter im selben Browseraufruf",
"public": true,
"audience": "nutzer",
"category": "privacy",
"severity": "warning",
"evidence_items": [
"Tracking-Signale auf einer Seite mit Dateneingabe/Formular erkannt"
],
"user_importance": 118,
"importance_label": "Wichtig für Nutzer",
"third_party_count": 2
},
{
"id": "gpc_privacy_domains_present",
"count": 2,
"title": "Datenschutzrelevante Kontakte trotz GPC-Signal",
"public": true,
"audience": "nutzer",
"category": "privacy",
"severity": "info",
"evidence_items": [
"Trotz GPC: 2 Datenschutz-Domain(s), 0 Drittanbieter-Cookie(s)"
],
"user_importance": 116,
"importance_label": "Wichtig für Nutzer"
},
{
"id": "beacon_api_usage",
"count": 2,
"title": "Beacon-/Keepalive-Telemetrie erkannt",
"public": true,
"audience": "nutzer",
"category": "privacy",
"severity": "warning",
"evidence_items": [
"Beacon-/Keepalive-Telemetrie im Browser-Lauf erkannt"
],
"user_importance": 116,
"importance_label": "Wichtig für Nutzer"
},
{
"id": "privacy_policy_provider_disclosure_gap",
"title": "Erkannte Anbieter fehlen in der Datenschutzerklärung",
"public": true,
"audience": "nutzer",
"category": "privacy",
"severity": "warning",
"evidence_items": [
"Erkannte Anbieter sind nicht alle in der Datenschutzerklärung erwähnt"
],
"user_importance": 116,
"importance_label": "Wichtig für Nutzer",
"missing_providers": [
"Google Analytics"
]
},
{
"id": "consent_state_gpc_evidence_review",
"title": "Consent-Zustand: GPC mit Tracking-Hinweisen",
"public": true,
"audience": "nutzer",
"category": "privacy",
"severity": "info",
"evidence_items": [
"GPC-Signal (Global Privacy Control) gesetzt – tatsächliche Wirkung manuell prüfen"
],
"user_importance": 112,
"importance_label": "Wichtig für Nutzer"
},
{
"id": "browser_keystroke_listener_signals",
"count": 10,
"title": "Viele Tastatur-/Eingabe-Listener im Browser erkannt",
"public": true,
"audience": "nutzer",
"category": "privacy",
"severity": "info",
"evidence_items": [
"Tastatur-Eingabe-Listener (Session-Replay-nah) im Browser-Lauf erkannt"
],
"user_importance": 110,
"importance_label": "Wichtig für Nutzer"
},
{
"id": "pii_sensitive_link_query",
"links": [
{
"href": "https://mul-ct.de/informationen-zur-veranstaltung",
"params": [
"event"
],
"external": false
},
{
"href": "https://mul-ct.de/informationen-zur-veranstaltung",
"params": [
"event"
],
"external": false
}
],
"title": "Links mit sensiblen Query-Parametern erkannt",
"public": true,
"audience": "nutzer",
"category": "privacy",
"severity": "info",
"evidence_items": [
"ctk.matomo.cloud"
],
"user_importance": 108,
"importance_label": "Wichtig für Nutzer"
},
{
"id": "csp_unsafe_inline",
"title": "CSP erlaubt unsafe-inline für Skripte",
"public": true,
"audience": "nutzer",
"category": "security_headers",
"severity": "warning",
"user_importance": 96,
"importance_label": "Wichtig für Nutzer"
},
{
"id": "csp_unsafe_eval",
"title": "CSP erlaubt eval-nahe Skriptausführung",
"public": true,
"audience": "nutzer",
"category": "security_headers",
"severity": "warning",
"user_importance": 94,
"importance_label": "Wichtig für Nutzer"
},
{
"id": "privacy_policy_update_date_missing",
"title": "Stand der Datenschutzerklärung nicht klar erkennbar",
"public": true,
"audience": "nutzer",
"category": "privacy",
"severity": "info",
"user_importance": 94,
"importance_label": "Wichtig für Nutzer"
},
{
"id": "csp_permissive_script_sources",
"title": "CSP erlaubt sehr breite Skriptquellen",
"public": true,
"sources": [
"http://cdn.matomo.cloud",
"http://ctk.matomo.cloud",
"http://zlm.mul-ct.de",
"http://cottbus-platform.condat.cloud",
"http://platform.container:8080",
"http://cshs-platform-api.condat-demo.de"
],
"audience": "nutzer",
"category": "security_headers",
"severity": "info",
"user_importance": 88,
"importance_label": "Wichtig für Nutzer"
},
{
"id": "image_alt_missing",
"count": 21,
"title": "Bilder ohne Alternativtext",
"public": true,
"audience": "nutzer",
"category": "accessibility",
"severity": "info",
"evidence_items": [
"https://mul-ct.de/lib/images/nfrw96rpg26dg4jth1ydg4brf7yc96lbp1/notfall.svg?ft=bd1d7a5375b9641af7930427e5114da7c7243731ad3c7ca09ce2cf9fe0d3fb4d&expires=17819063",
"https://mul-ct.de/lib/images/nfrw96rpg26dgnzxgq5dqnjtf7yc96lbp1/phone-red.svg?ft=f597fca0e4310a96e3b3f42913cac3238b4843127743185283130922576b14d1&expires=178190",
"https://mul-ct.de/lib/images/nfrw96rpg26dgnzxgq5dqnjtf7yc96lbp1/phone-red.svg?ft=4a4804a8a0bc14363c73456af9311880f22fa4dc8262375d896e2e9ad4468454&expires=178190",
"https://mul-ct.de/lib/images/nfrw96rpg26dgnbvgy5t4mrzf7yc96lbp1/phone-blue.svg?ft=4a5d058cfe93a503ad0357f6e8e40f57b5f662dbc8ebbd0cb89cea055880488c&expires=17819",
"https://mul-ct.de/lib/images/nfrw96rpg26dgnbvgy5t4mrzf7yc96lbp1/phone-blue.svg?ft=a86fdb71804770b4f3ff76cfa111eb9e879560a95ca2a467d0f30a4c2ccf218c&expires=17819",
"https://mul-ct.de/lib/images/nfrw96rpg26dgnbvgy5t4mrzf7yc96lbp1/phone-blue.svg?ft=7f0ef488fc5b47314eaa5d048852470d4bfc6a72b659dfd475d2971affc27936&expires=17819",
"https://mul-ct.de/lib/images/nfrw96rpg26dgnbvgy5t4mrzf7yc96lbp1/phone-blue.svg?ft=495845048d9affa848dfea8878051c16e595b3dd21051c5eea6f4e3acc380edb&expires=17819",
"https://mul-ct.de/lib/images/nfrw96rpg26t4mjygyydgnbyf7yc96lbp1/vss.svg?ft=5e782eb7a9bee6e42d15f4aecfd7e9f0145f52fb7e6a2de207ecd58cf828c846&expires=1781906329&s"
],
"user_importance": 82,
"importance_label": "Wichtig für Nutzer"
},
{
"id": "csp_missing_base_uri",
"title": "CSP ohne base-uri",
"public": true,
"audience": "betreiber",
"category": "security_headers",
"severity": "info",
"evidence_items": [
"Content-Security-Policy ohne base-uri-Direktive"
],
"user_importance": 74,
"importance_label": "Technischer Hinweis"
},
{
"id": "cmp_api_not_detected",
"title": "Keine gängige CMP-/TCF-API im Browser erkannt",
"public": true,
"audience": "betreiber",
"category": "privacy",
"severity": "info",
"user_importance": 74,
"importance_label": "Technischer Hinweis"
},
{
"id": "too_many_render_blocking_assets",
"title": "Viele potenziell blockierende Assets",
"public": true,
"audience": "betreiber",
"category": "performance",
"severity": "info",
"evidence_items": [
"Viele render-blockierende CSS/JS-Ressourcen im <head> der Startseite"
],
"user_importance": 74,
"importance_label": "Technischer Hinweis"
},
{
"id": "missing_cross_origin_embedder_policy",
"title": "Cross-Origin-Embedder-Policy fehlt",
"public": true,
"audience": "betreiber",
"category": "security_headers",
"severity": "info",
"evidence_items": [
"HTTP-Header „Cross-Origin-Embedder-Policy\" fehlt in der Antwort der Startseite"
],
"user_importance": 68,
"importance_label": "Technischer Hinweis"
},
{
"id": "missing_cross_origin_opener_policy",
"title": "Cross-Origin-Opener-Policy fehlt",
"public": true,
"audience": "betreiber",
"category": "security_headers",
"severity": "info",
"evidence_items": [
"HTTP-Header „Cross-Origin-Opener-Policy\" fehlt in der Antwort der Startseite"
],
"user_importance": 66,
"importance_label": "Technischer Hinweis"
},
{
"id": "missing_cross_origin_resource_policy",
"title": "Cross-Origin-Resource-Policy fehlt",
"public": true,
"audience": "betreiber",
"category": "security_headers",
"severity": "info",
"evidence_items": [
"HTTP-Header „Cross-Origin-Resource-Policy\" fehlt in der Antwort der Startseite"
],
"user_importance": 64,
"importance_label": "Technischer Hinweis"
},
{
"id": "browser_privacy_relevant_third_parties",
"title": "Datenschutzrelevante Drittanbieter im Browseraufruf",
"public": true,
"audience": "betreiber",
"category": "privacy",
"severity": "warning",
"evidence_items": [
"cdn.matomo.cloud",
"ctk.matomo.cloud"
],
"user_importance": 60,
"importance_label": "Technischer Hinweis"
},
{
"id": "consent_banner_dark_pattern_risk",
"count": 1,
"title": "Consent-Banner mit Dark-Pattern-/UX-Risiko",
"public": true,
"audience": "betreiber",
"category": "privacy",
"severity": "warning",
"evidence_items": [
"Banner-UX: Akzeptieren 2 vs. Ablehnen 1 – Ablehnen weniger prominent/gleichwertig"
],
"user_importance": 60,
"importance_label": "Technischer Hinweis"
}
],
"audit_modules": [
{
"id": "privacy_consent",
"color": "red",
"score": 40,
"title": "Datenschutz, Cookies & Consent",
"source": "Browser, HTTP-Header, HTML und Consent-/Cookie-Heuristik",
"status": "kritisch",
"evidence": "0 Tracking-Script(s), 2 Cookie(s) vor Einwilligung, 0 Tracking-Cookie(s), Ablehnen-Option: nein, Consent-Audit: 60."
},
{
"id": "browser_evidence",
"color": "red",
"score": 42,
"title": "Browser-Nachweis",
"source": "Headless Chromium mit Screenshot- und Request-Telemetrie",
"status": "kritisch",
"evidence": "82 Request(s), 2 Drittanbieter-Domain(s), davon 2 datenschutzrelevant, 2 Browser-Cookie(s), Transfer-Prüfbedarf: 0, Referrer-/URL-Leaks: 1, Fingerprinting-/Replay-Hinweise: 1."
},
{
"id": "security_tls",
"color": "orange",
"score": 52,
"title": "Sicherheit, TLS & Header",
"source": "DNS, TLS, HTTP-Status, Zertifikat und Security-Header",
"status": "auffällig",
"evidence": "1 Infrastruktur-Hinweis(e), Security-Header: 6/9 vorhanden, 3 fehlen, externe Skript-Hosts: 0."
},
{
"id": "google_third_parties",
"color": "orange",
"score": 58,
"title": "Google-Dienste & Drittanbieter",
"source": "Chromium-Requests, Anbieterklassifikation und Google Consent Mode Heuristik",
"status": "auffällig",
"evidence": "Google-Tags: ja, 0 Google-nahe Domain(s), Consent-Default: nein, Analytics: ja, Werbung: nein, Fonts: nein."
},
{
"id": "forms_payments",
"color": "orange",
"score": 74,
"title": "Formulare, Login & Zahlung",
"source": "HTML-Formulare, Eingabefelder, Zahlungsanbieter und Kontextlinks",
"status": "auffällig",
"evidence": "Aus diesem Rohfeld wird im Report keine zusätzliche Scan-Feststellung abgeleitet; Betreiberkontext und Umsetzungshinweise stehen auf separaten Seiten."
},
{
"id": "pii_exposure",
"color": "orange",
"score": 74,
"title": "PII, URL-Parameter & Datenleck-Schutz",
"source": "URL-Parameter, interne Links, HTML-Formulare, Browser-Drittanbieter und Dateneingabe-Kontext",
"status": "auffällig",
"evidence": "2 PII-/Datenleck-Hinweis(e) aus URL-, Formular- und Browserkontext."
},
{
"id": "accessibility_usability",
"color": "yellow",
"score": 76,
"title": "Barrierefreiheit & Usability",
"source": "Passives HTML-Sample: Bilder, Formulare, Buttons, Sprache, Headings und Viewport",
"status": "prüfen",
"evidence": "21 Bild(er) ohne alt, 0 Formularfeld(er) ohne Beschriftung, 0 Button(s) ohne Namen."
},
{
"id": "tracking_pixels_beacons",
"color": "yellow",
"score": 76,
"title": "Tracking-Pixel & Beacons",
"source": "HTML-Pixel, Link-Ping-Attribute, Chromium-Requests und Browser-API-Instrumentierung",
"status": "prüfen",
"evidence": "0 Pixel-/Bildtracking-Hinweis(e), 2 Beacon-/Telemetry-Hinweis(e), 0 Link-Ping(s)."
},
{
"id": "consent_journey",
"color": "yellow",
"score": 84,
"title": "Consent-Journey-Matrix",
"source": "Chromium-Zustände: Erstaufruf, Reject, Accept und GPC",
"status": "prüfen",
"evidence": "Consent-Journey: 0 neue Datenschutz-Domain(s) nach Ablehnen, 0 nach Akzeptieren, 2 im GPC-Aufruf."
},
{
"id": "referrer_url_leaks",
"color": "yellow",
"score": 88,
"title": "Referrer & URL-Leaks",
"source": "Chromium-Request-Telemetrie ohne gespeicherte Parameterwerte",
"status": "prüfen",
"evidence": "1 Drittanbieter-Domain(s) mit Referrer-/URL-Leak-Prüfbedarf, 0 sensible Query-Kontexte."
},
{
"id": "performance_mobile",
"color": "green",
"score": 94,
"title": "Performance & mobile Nutzbarkeit",
"source": "HTTP-Antwort, HTML-Größe, Komprimierung und mobile Basis",
"status": "unauffällig",
"evidence": "Performance-Score 94, Antwortzeit 1953 ms."
},
{
"id": "site_coverage",
"color": "green",
"score": 95,
"title": "Seitenabdeckung & Crawl",
"source": "Startseiten-Links, Compliance-Links und begrenzter interner Zusatzabruf",
"status": "unauffällig",
"evidence": "30 interne Linkziele erkannt, 4 priorisierte Unterseite(n) abgerufen."
},
{
"id": "cookie_inventory",
"color": "green",
"score": 100,
"title": "Cookie-Inventar",
"source": "HTTP-Set-Cookie und Chromium-Cookies beim ersten Seitenaufruf",
"status": "unauffällig",
"evidence": "2 Cookie(s), 0 Tracking-/Werbe-Cookie(s), 0 Drittanbieter-Cookie(s), 0 langlebig, 0 sehr lang."
},
{
"id": "embedded_content",
"color": "green",
"score": 100,
"title": "Externe Inhalte & Widgets",
"source": "HTML-Embeds und Chromium-Drittanbieter-Requests",
"status": "unauffällig",
"evidence": "0 externe Embed-/Widget-Dienst(e), 0 davon im ersten Browseraufruf geladen."
},
{
"id": "script_supply_chain",
"color": "green",
"score": 100,
"title": "Externe Skripte & SRI",
"source": "HTML-Script-Tags, Anbieterklassifikation und SRI-Attribute",
"status": "unauffällig",
"evidence": "0 externe Skript(e) von 0 Host(s), 0 ohne SRI, 0 Tracking-/Tag-nahe Skript(e)."
},
{
"id": "operator_transparency",
"color": "green",
"score": 100,
"title": "Impressum, Kontakt & Datenschutzerklärung",
"source": "Deutschsprachige Betreiber- und Datenschutzhinweis-Erkennung",
"status": "unauffällig",
"evidence": "Impressum: ja, Datenschutz: ja, Kontakt: ja."
},
{
"id": "seo_integrity",
"color": "green",
"score": 100,
"title": "SEO-Integrität & Cloaking",
"source": "HTML-Inhalt, strukturierte Daten, Links und Googlebot-Vergleich",
"status": "unauffällig",
"evidence": "0 SEO-Spam-Hinweis(e), 0 Cloaking-Hinweis(e)."
}
],
"ai_search_policy_evidence": {
"files": [
{
"id": "robots_txt",
"url": "https://mul-ct.de/robots.txt",
"label": "robots.txt",
"reason": "",
"status": "found",
"body_size": 14,
"truncated": false,
"body_sha256": "fd89345af6aca5dab85f2aa6a830e270a362b1fa6b5f19607ddd773a081ed651",
"duration_ms": 75,
"http_status": 200,
"ai_bot_policy": {
"bot_directives": [],
"explicit_ai_bots": [],
"explicit_ai_bot_count": 0,
"wildcard_directive_count": 0,
"wildcard_directives_sample": []
},
"relevant_lines": [
"User-agent: *"
]
},
{
"id": "llms_txt",
"url": "https://mul-ct.de/llms.txt",
"label": "llms.txt",
"reason": "http_error",
"status": "missing",
"body_size": 0,
"truncated": false,
"body_sha256": "",
"duration_ms": 57,
"http_status": 404,
"relevant_lines": []
},
{
"id": "ai_txt",
"url": "https://mul-ct.de/.well-known/ai.txt",
"label": "AI Policy",
"reason": "http_error",
"status": "missing",
"body_size": 0,
"truncated": false,
"body_sha256": "",
"duration_ms": 82,
"http_status": 404,
"relevant_lines": []
},
{
"id": "ai_policy_txt",
"url": "https://mul-ct.de/.well-known/ai-policy.txt",
"label": "AI Policy",
"reason": "http_error",
"status": "missing",
"body_size": 0,
"truncated": false,
"body_sha256": "",
"duration_ms": 60,
"http_status": 404,
"relevant_lines": []
},
{
"id": "ward_txt",
"url": "https://mul-ct.de/.well-known/ward.txt",
"label": "WARD Policy",
"reason": "http_error",
"status": "missing",
"body_size": 0,
"truncated": false,
"body_sha256": "",
"duration_ms": 74,
"http_status": 404,
"relevant_lines": []
}
],
"origin": "https://mul-ct.de",
"schema": "https://saferpage.de/schemas/ai-search-policy-evidence.v1",
"status": "checked",
"metrics": {
"file_count": 5,
"found_file_count": 1,
"policy_file_count": 0,
"explicit_ai_bot_count": 0
},
"summary": "1 von 5 Policy-Datei(en) gefunden; 0 explizite KI-Bot-Regel(n) in robots.txt.",
"available": true,
"guardrails": [
"Nur feste Same-Origin-Policy-Dateien",
"Keine Off-Host-Redirects",
"64-KB-Body-Limit",
"Öffentlich nur Hash, Status und kurze relevante Zeilen"
],
"known_ai_bots": [
"GPTBot",
"ChatGPT-User",
"Google-Extended",
"ClaudeBot",
"PerplexityBot",
"CCBot"
],
"explicit_ai_bots": [],
"policy_file_count": 0,
"llms_ward_policy_status": "not_publicly_verified",
"robots_ai_policy_status": "robots_found_no_ai_bot_policy"
},
"adtech_transparency_evidence": {
"files": [
{
"id": "ads_txt",
"url": "https://mul-ct.de/ads.txt",
"label": "ads.txt",
"reason": "http_error",
"status": "missing",
"body_size": 0,
"truncated": false,
"body_sha256": "",
"duration_ms": 89,
"http_status": 404,
"ads_txt_policy": [],
"relevant_lines": [],
"sellers_json_policy": []
},
{
"id": "app_ads_txt",
"url": "https://mul-ct.de/app-ads.txt",
"label": "app-ads.txt",
"reason": "http_error",
"status": "missing",
"body_size": 0,
"truncated": false,
"body_sha256": "",
"duration_ms": 57,
"http_status": 404,
"ads_txt_policy": [],
"relevant_lines": [],
"sellers_json_policy": []
},
{
"id": "sellers_json",
"url": "https://mul-ct.de/sellers.json",
"label": "sellers.json",
"reason": "http_error",
"status": "missing",
"body_size": 0,
"truncated": false,
"body_sha256": "",
"duration_ms": 79,
"http_status": 404,
"ads_txt_policy": [],
"relevant_lines": [],
"sellers_json_policy": []
}
],
"origin": "https://mul-ct.de",
"schema": "https://saferpage.de/schemas/adtech-transparency-evidence.v1",
"status": "checked",
"metrics": {
"file_count": 3,
"direct_count": 0,
"reseller_count": 0,
"found_file_count": 0,
"ads_txt_entry_count": 0,
"exchange_domain_count": 0,
"app_ads_txt_entry_count": 0,
"sellers_json_seller_count": 0
},
"summary": "0 von 3 AdTech-Transparenzdatei(en) gefunden; 0 DIRECT- und 0 RESELLER-Zeile(n).",
"available": true,
"guardrails": [
"Nur feste Same-Origin-AdTech-Dateien",
"Keine Off-Host-Redirects",
"64-KB-Body-Limit",
"Öffentlich nur Hash, Status, Zähler und kurze relevante Zeilen"
],
"direct_count": 0,
"ads_txt_found": false,
"reseller_count": 0,
"app_ads_txt_found": false,
"sellers_json_found": false,
"ads_txt_entry_count": 0,
"exchange_domain_count": 0,
"sellers_json_parse_ok": false,
"app_ads_txt_entry_count": 0,
"sellers_json_seller_count": 0
},
"security_trust_policy_evidence": {
"files": [
{
"id": "security_txt",
"url": "https://mul-ct.de/.well-known/security.txt",
"label": "security.txt",
"reason": "http_error",
"status": "missing",
"body_size": 0,
"truncated": false,
"body_sha256": "",
"duration_ms": 119,
"http_status": 404,
"relevant_lines": [],
"security_txt_policy": []
},
{
"id": "security_txt_legacy",
"url": "https://mul-ct.de/security.txt",
"label": "security.txt legacy",
"reason": "http_error",
"status": "missing",
"body_size": 0,
"truncated": false,
"body_sha256": "",
"duration_ms": 106,
"http_status": 404,
"relevant_lines": [],
"security_txt_policy": []
}
],
"origin": "https://mul-ct.de",
"schema": "https://saferpage.de/schemas/security-trust-policy-evidence.v1",
"status": "checked",
"metrics": {
"file_count": 2,
"field_count": 0,
"contact_count": 0,
"found_file_count": 0,
"preferred_well_known_found": 0
},
"summary": "0 von 2 security.txt-Ziel(en) gefunden; 0 Kontaktfeld(er), 0 strukturierte Feld(er).",
"available": true,
"guardrails": [
"Nur feste Same-Origin-security.txt-Ziele",
"Keine Off-Host-Redirects",
"64-KB-Body-Limit",
"Öffentlich nur Hash, Status und kurze relevante Zeilen"
],
"field_count": 0,
"contact_count": 0,
"fields_present": [],
"policy_present": false,
"expires_present": false,
"encryption_present": false,
"security_txt_found": false,
"preferred_well_known_found": false
},
"site_coverage_analysis": {
"color": "green",
"pages": [
{
"url": "https://mul-ct.de/datenschutz.php",
"path": "/datenschutz.php",
"text": "Datenschutz",
"source": "homepage_link",
"category": "datenschutz",
"priority": 100
},
{
"url": "https://mul-ct.de/impressum.php",
"path": "/impressum.php",
"text": "Impressum",
"source": "homepage_link",
"category": "impressum",
"priority": 96
},
{
"url": "https://mul-ct.de/medizinische-universitaet/pressekontakt-2",
"path": "/medizinische-universitaet/pressekontakt-2",
"text": "Pressekontakt",
"source": "homepage_link+sitemap",
"category": "kontakt",
"priority": 94
},
{
"url": "https://mul-ct.de/medizinische-universitaet/pressekontakt-2/pressekontakt",
"path": "/medizinische-universitaet/pressekontakt-2/pressekontakt",
"text": "",
"source": "sitemap",
"category": "kontakt",
"priority": 94
},
{
"url": "https://mul-ct.de/start/kontakte",
"path": "/start/kontakte",
"text": "",
"source": "homepage_link+sitemap",
"category": "kontakt",
"priority": 94
},
{
"url": "https://mul-ct.de/index/kontakte.php",
"path": "/index/kontakte.php",
"text": "CTK-Förderverein→",
"source": "homepage_link",
"category": "kontakt",
"priority": 90
},
{
"url": "https://mul-ct.de/kontak",
"path": "/kontak",
"text": "Kontakt",
"source": "homepage_link",
"category": "kontakt",
"priority": 90
},
{
"url": "https://mul-ct.de/forschung/broad-consent",
"path": "/forschung/broad-consent",
"text": "Broad Consent",
"source": "homepage_link",
"category": "cookies",
"priority": 86
},
{
"url": "https://mul-ct.de/informationen-zur-veranstaltung",
"path": "/informationen-zur-veranstaltung",
"text": "Jetzt anmelden",
"source": "homepage_link+sitemap",
"category": "login",
"priority": 72
},
{
"url": "https://mul-ct.de/zuweiser/leistungsverzeichnisse/leistungsverzeichnis-labor",
"path": "/zuweiser/leistungsverzeichnisse/leistungsverzeichnis-labor",
"text": "",
"source": "sitemap",
"category": "newsletter",
"priority": 68
},
{
"url": "https://mul-ct.de/",
"path": "/",
"text": "",
"source": "sitemap",
"category": "unterseite",
"priority": 24
},
{
"url": "https://mul-ct.de/aktuelle-informationen",
"path": "/aktuelle-informationen",
"text": "alle aktuellen Meldungen ansehen",
"source": "homepage_link+sitemap",
"category": "unterseite",
"priority": 24
}
],
"score": 95,
"status": "unauffällig",
"summary": "30 interne Linkziele erkannt (93 aus Sitemap), 4 priorisierte Unterseite(n) zusätzlich abgerufen.",
"findings": [
{
"id": "privacy_policy_update_date_missing",
"title": "Stand der Datenschutzerklärung nicht klar erkennbar",
"public": true,
"category": "privacy",
"severity": "info"
},
{
"id": "privacy_policy_provider_disclosure_gap",
"title": "Erkannte Anbieter fehlen in der Datenschutzerklärung",
"public": true,
"category": "privacy",
"severity": "warning",
"missing_providers": [
"Google Analytics"
]
}
],
"robots_ok": true,
"categories": {
"login": 1,
"cookies": 1,
"kontakt": 5,
"impressum": 1,
"newsletter": 1,
"unterseite": 20,
"datenschutz": 1
},
"sample_limit": 4,
"sampled_count": 4,
"sampled_pages": [
{
"ok": true,
"url": "https://mul-ct.de/datenschutz.php",
"path": "/datenschutz.php",
"audit": {
"form_count": 1,
"finding_ids": [
"consent_no_reject_option"
],
"cookie_count": 1,
"imprint_found": true,
"consent_hint_found": true,
"reject_option_found": false,
"privacy_policy_found": true,
"tracking_script_count": 0,
"pre_consent_cookie_count": 1,
"pre_consent_tracking_cookie_count": 0
},
"forms": 1,
"title": "Datenschutz - Medizinische Universität Lausitz - Carl Thiem",
"status": 200,
"category": "datenschutz",
"duration_ms": 177,
"privacy_hint": true,
"privacy_policy_audit": {
"url": "https://mul-ct.de/datenschutz.php",
"color": "yellow",
"found": [
"Verantwortlicher / Anbieter",
"Kontakt / Datenschutzkontakt",
"Zwecke der Verarbeitung",
"Rechtsgrundlagen",
"Betroffenenrechte",
"Speicherfrist / Löschung",
"Empfänger / Auftragsverarbeiter",
"Cookies / Tracking",
"Widerruf / Opt-out",
"Beschwerde bei Aufsichtsbehörde",
"Datenschutzkontakt / DPO-Hinweis",
"Verständliche Satzlänge"
],
"score": 86,
"checks": [
{
"id": "controller_identity",
"found": true,
"label": "Verantwortlicher / Anbieter"
},
{
"id": "contact",
"found": true,
"label": "Kontakt / Datenschutzkontakt"
},
{
"id": "purposes",
"found": true,
"label": "Zwecke der Verarbeitung"
},
{
"id": "legal_basis",
"found": true,
"label": "Rechtsgrundlagen"
},
{
"id": "rights",
"found": true,
"label": "Betroffenenrechte"
},
{
"id": "retention",
"found": true,
"label": "Speicherfrist / Löschung"
},
{
"id": "recipients",
"found": true,
"label": "Empfänger / Auftragsverarbeiter"
},
{
"id": "cookies_tracking",
"found": true,
"label": "Cookies / Tracking"
},
{
"id": "withdrawal",
"found": true,
"label": "Widerruf / Opt-out"
},
{
"id": "complaint_authority",
"found": true,
"label": "Beschwerde bei Aufsichtsbehörde"
},
{
"id": "third_country_transfer",
"found": false,
"label": "Drittlandtransfer"
},
{
"id": "update_date",
"found": false,
"label": "Stand / Aktualitätsdatum",
"detail": ""
},
{
"id": "dpo_contact",
"found": true,
"label": "Datenschutzkontakt / DPO-Hinweis"
},
{
"id": "readability",
"found": true,
"label": "Verständliche Satzlänge",
"detail": "13.8 Wörter/Satz"
}
],
"status": "prüfen",
"missing": [
"Drittlandtransfer",
"Stand / Aktualitätsdatum"
],
"summary": "12 von 14 zentralen Datenschutz-Bausteinen erkannt.",
"findings": [
{
"id": "privacy_policy_update_date_missing",
"title": "Stand der Datenschutzerklärung nicht klar erkennbar",
"public": true,
"category": "privacy",
"severity": "info"
}
],
"available": true,
"freshness": {
"stale": false,
"age_days": null,
"last_updated": "",
"update_date_found": false
},
"word_count": 2088,
"readability": {
"hard_to_read": false,
"sentence_count": 151,
"avg_sentence_words": 13.8
},
"missing_count": 2,
"dpo_contact_found": true
}
},
{
"ok": true,
"url": "https://mul-ct.de/impressum.php",
"path": "/impressum.php",
"audit": {
"form_count": 1,
"finding_ids": [
"privacy_policy_too_thin",
"consent_no_reject_option"
],
"cookie_count": 1,
"imprint_found": true,
"consent_hint_found": true,
"reject_option_found": false,
"privacy_policy_found": true,
"tracking_script_count": 0,
"pre_consent_cookie_count": 1,
"pre_consent_tracking_cookie_count": 0
},
"forms": 1,
"title": "Impressum - Medizinische Universität Lausitz - Carl Thiem",
"status": 200,
"category": "impressum",
"duration_ms": 154,
"privacy_hint": true,
"privacy_policy_audit": []
},
{
"ok": true,
"url": "https://mul-ct.de/medizinische-universitaet/pressekontakt-2",
"path": "/medizinische-universitaet/pressekontakt-2",
"audit": {
"form_count": 1,
"finding_ids": [
"privacy_policy_too_thin",
"consent_no_reject_option"
],
"cookie_count": 1,
"imprint_found": true,
"consent_hint_found": true,
"reject_option_found": false,
"privacy_policy_found": true,
"tracking_script_count": 0,
"pre_consent_cookie_count": 1,
"pre_consent_tracking_cookie_count": 0
},
"forms": 1,
"title": "Unternehmenskommunikation & Marketing , Pressestelle und Veranstaltungsmanagement - Medizinische Universität Lausitz - C",
"status": 200,
"category": "kontakt",
"duration_ms": 716,
"privacy_hint": true,
"privacy_policy_audit": []
},
{
"ok": true,
"url": "https://mul-ct.de/medizinische-universitaet/pressekontakt-2/pressekontakt",
"path": "/medizinische-universitaet/pressekontakt-2/pressekontakt",
"audit": {
"form_count": 1,
"finding_ids": [
"privacy_policy_too_thin",
"consent_no_reject_option"
],
"cookie_count": 1,
"imprint_found": true,
"consent_hint_found": true,
"reject_option_found": false,
"privacy_policy_found": true,
"tracking_script_count": 0,
"pre_consent_cookie_count": 1,
"pre_consent_tracking_cookie_count": 0
},
"forms": 1,
"title": "Pressekontakt - Pressekontakt - Medizinische Universität - Medizinische Universität Lausitz - Carl Thiem",
"status": 200,
"category": "kontakt",
"duration_ms": 198,
"privacy_hint": true,
"privacy_policy_audit": []
}
],
"robots_checked": true,
"sitemap_sources": [
"https://mul-ct.de/sitemap.xml"
],
"sitemap_available": true,
"sitemap_url_count": 93,
"homepage_link_count": 113,
"internal_link_count": 30,
"privacy_policy_audit": {
"url": "https://mul-ct.de/datenschutz.php",
"color": "yellow",
"found": [
"Verantwortlicher / Anbieter",
"Kontakt / Datenschutzkontakt",
"Zwecke der Verarbeitung",
"Rechtsgrundlagen",
"Betroffenenrechte",
"Speicherfrist / Löschung",
"Empfänger / Auftragsverarbeiter",
"Cookies / Tracking",
"Widerruf / Opt-out",
"Beschwerde bei Aufsichtsbehörde",
"Datenschutzkontakt / DPO-Hinweis",
"Verständliche Satzlänge"
],
"score": 86,
"checks": [
{
"id": "controller_identity",
"found": true,
"label": "Verantwortlicher / Anbieter"
},
{
"id": "contact",
"found": true,
"label": "Kontakt / Datenschutzkontakt"
},
{
"id": "purposes",
"found": true,
"label": "Zwecke der Verarbeitung"
},
{
"id": "legal_basis",
"found": true,
"label": "Rechtsgrundlagen"
},
{
"id": "rights",
"found": true,
"label": "Betroffenenrechte"
},
{
"id": "retention",
"found": true,
"label": "Speicherfrist / Löschung"
},
{
"id": "recipients",
"found": true,
"label": "Empfänger / Auftragsverarbeiter"
},
{
"id": "cookies_tracking",
"found": true,
"label": "Cookies / Tracking"
},
{
"id": "withdrawal",
"found": true,
"label": "Widerruf / Opt-out"
},
{
"id": "complaint_authority",
"found": true,
"label": "Beschwerde bei Aufsichtsbehörde"
},
{
"id": "third_country_transfer",
"found": false,
"label": "Drittlandtransfer"
},
{
"id": "update_date",
"found": false,
"label": "Stand / Aktualitätsdatum",
"detail": ""
},
{
"id": "dpo_contact",
"found": true,
"label": "Datenschutzkontakt / DPO-Hinweis"
},
{
"id": "readability",
"found": true,
"label": "Verständliche Satzlänge",
"detail": "13.8 Wörter/Satz"
}
],
"status": "prüfen",
"missing": [
"Drittlandtransfer",
"Stand / Aktualitätsdatum"
],
"summary": "12 von 14 zentralen Datenschutz-Bausteinen erkannt.",
"findings": [
{
"id": "privacy_policy_update_date_missing",
"title": "Stand der Datenschutzerklärung nicht klar erkennbar",
"public": true,
"category": "privacy",
"severity": "info"
}
],
"available": true,
"freshness": {
"stale": false,
"age_days": null,
"last_updated": "",
"update_date_found": false
},
"word_count": 2088,
"readability": {
"hard_to_read": false,
"sentence_count": 151,
"avg_sentence_words": 13.8
},
"missing_count": 2,
"dpo_contact_found": true
},
"sitemap_source_count": 1,
"provider_disclosure_audit": {
"color": "orange",
"found": [
"Matomo"
],
"score": 50,
"checks": [
{
"id": "analytics_google_analytics",
"found": false,
"category": "analytics",
"evidence": [
"G-86b56028"
],
"keywords": [
"google analytics",
"analytics.google",
"_ga",
"ga4",
"gtag"
],
"provider": "Google Analytics",
"category_label": "Tracking-ID"
},
{
"id": "analytics_matomo",
"found": true,
"category": "analytics",
"evidence": [
"cdn.matomo.cloud",
"ctk.matomo.cloud"
],
"keywords": [
"matomo",
"piwik"
],
"provider": "Matomo",
"category_label": "Analytics"
}
],
"status": "auffällig",
"missing": [
"Google Analytics"
],
"summary": "1 von 2 technisch erkannten Anbieter(n) wurden in der Datenschutzerklärung erwähnt.",
"available": true,
"missing_count": 1,
"detected_count": 2,
"mentioned_count": 1
},
"important_categories_found": [
"cookies",
"datenschutz",
"impressum",
"kontakt"
],
"sampled_tracking_page_count": 0,
"sampled_form_privacy_gap_count": 0,
"sitemap_candidate_source_count": 1
},
"page_analysis": {
"h1": [
"Herzlich Willkommen!"
],
"h2": [],
"title": "Start - Medizinische Universität Lausitz - Carl Thiem",
"keywords": [
[
"lausitz",
34
],
[
"universität",
34
],
[
"ihre",
21
],
[
"carl",
20
],
[
"thiem",
19
],
[
"patienten",
17
],
[
"medizinische",
16
],
[
"cottbus",
16
],
[
"medizinischen",
16
],
[
"sind",
16
]
],
"language": "de",
"description": "Die Medizinische Universität Lausitz – Carl Thiem ist eine Einrichtung des Landes Brandenburg, die am 1. Juli 2024 in Cottbus gegründet wurde. Forschung, Lehre und Krankenversorgung organisiert sie im Integrationsmodell in rechtlicher und organisatorischer Einheit unter gemeinsamer Leitung. Darüber hinaus wird die Medizinische Universität Aufgaben an der Schnittstelle von Wissenschafts- und Gesundheitssystem übernehmen. Der krankenversorgende Teil der Medizinischen Universität ist aus dem Carl-Thiem-Klinikum Cottbus hervorgegangen.",
"favicon_url": "https://mul-ct.de/lib/gfx/favicon/apple-touch-icon.png",
"link_counts": {
"external": 4,
"internal": 109
},
"preview_image": "/cache/screenshots/mul-ct.de-160x150-00da65e4ebfe7c61a0.png",
"screenshot_url": "/cache/screenshots/mul-ct.de-160x150-00da65e4ebfe7c61a0.png",
"external_scripts": [],
"browser_final_url": "https://mul-ct.de/",
"meta_preview_image": "",
"screenshot_renderer": "playwright-chromium",
"external_link_targets": [
{
"host": "ctk.de",
"count": 1,
"examples": [
{
"href": "https://ctk.de/info.php?object=contact&id_object=834&tab=ueber-uns",
"text": "CTK-Fördervereins→"
}
],
"nofollow": 0,
"strength": "strong",
"follow_count": 1
},
{
"host": "facebook.com",
"count": 1,
"examples": [
{
"href": "https://www.facebook.com/CarlThiemKlinikum/?show_switched_toast=0&show_invite_to_follow=0&show_switched_tooltip=0&show_podcast_settings=0&show_community_transition=0&show_community_review_changes=0",
"text": ""
}
],
"nofollow": 0,
"strength": "weak",
"follow_count": 1
},
{
"host": "instagram.com",
"count": 1,
"examples": [
{
"href": "https://www.instagram.com/mul.ct/",
"text": ""
}
],
"nofollow": 0,
"strength": "weak",
"follow_count": 1
},
{
"host": "youtube.com",
"count": 1,
"examples": [
{
"href": "https://www.youtube.com/channel/UCka-zjmLEOsz6j5O0fsVHJg",
"text": ""
}
],
"nofollow": 0,
"strength": "weak",
"follow_count": 1
}
]
},
"browser_analysis": {
"cookies": {
"items": [
{
"name": "fc40b4128",
"domain": ".mul-ct.de",
"secure": true,
"expires": 1781934836.861799,
"http_only": true,
"same_site": "Lax"
},
{
"name": "__Host-token-client",
"domain": "mul-ct.de",
"secure": true,
"expires": 1781934836.861853,
"http_only": true,
"same_site": "Lax"
}
],
"total": 2,
"third_party": 0
},
"storage": {
"total": 0,
"local_storage_keys": [],
"tracking_key_hints": [],
"local_storage_total": 0,
"session_storage_keys": [],
"session_storage_total": 0
},
"findings": [
{
"id": "browser_privacy_relevant_third_parties",
"title": "Datenschutzrelevante Drittanbieter im Browseraufruf",
"public": true,
"category": "privacy",
"severity": "warning"
},
{
"id": "post_reject_new_cookies",
"count": 1,
"title": "Neue Cookies nach Ablehnen erkannt",
"public": true,
"category": "privacy",
"severity": "warning"
},
{
"id": "gpc_privacy_domains_present",
"count": 2,
"title": "Datenschutzrelevante Kontakte trotz GPC-Signal",
"public": true,
"category": "privacy",
"severity": "info"
},
{
"id": "cmp_api_not_detected",
"title": "Keine gängige CMP-/TCF-API im Browser erkannt",
"public": true,
"category": "privacy",
"severity": "info"
},
{
"id": "third_party_page_url_parameter",
"count": 1,
"title": "Seiten-URL wird in Drittanbieter-Requests übertragen",
"public": true,
"category": "privacy",
"severity": "warning"
},
{
"id": "browser_keystroke_listener_signals",
"count": 10,
"title": "Viele Tastatur-/Eingabe-Listener im Browser erkannt",
"public": true,
"category": "privacy",
"severity": "info"
},
{
"id": "consent_state_reject_evidence_failed",
"title": "Consent-Zustand: Ablehnen löst weiterhin Datenschutz-Signale aus",
"public": true,
"category": "privacy",
"severity": "warning"
},
{
"id": "consent_state_gpc_evidence_review",
"title": "Consent-Zustand: GPC mit Tracking-Hinweisen",
"public": true,
"category": "privacy",
"severity": "info"
},
{
"id": "beacon_api_usage",
"count": 2,
"title": "Beacon-/Keepalive-Telemetrie erkannt",
"public": true,
"category": "privacy",
"severity": "warning"
}
],
"renderer": "playwright-chromium",
"final_url": "https://mul-ct.de/",
"consent_ui": {
"accept_controls": [
{
"tag": "button",
"top": 855,
"area": 34563,
"left": 50,
"text": "Alle akzeptieren",
"color": "rgb(255, 255, 255)",
"width": 924,
"height": 37,
"background": "rgb(159, 201, 56)",
"font_weight": "400"
},
{
"tag": "button",
"top": 903,
"area": 34563,
"left": 50,
"text": "Nur Notwendige akzeptieren",
"color": "rgb(55, 123, 141)",
"width": 924,
"height": 37,
"background": "rgb(245, 245, 245)",
"font_weight": "400"
}
],
"accept_max_area": 34563,
"reject_controls": [
{
"tag": "button",
"top": 903,
"area": 34563,
"left": 50,
"text": "Nur Notwendige akzeptieren",
"color": "rgb(55, 123, 141)",
"width": 924,
"height": 37,
"background": "rgb(245, 245, 245)",
"font_weight": "400"
}
],
"reject_max_area": 34563,
"settings_controls": [
{
"tag": "button",
"top": 950,
"area": 34563,
"left": 50,
"text": "Auswahl speichern",
"color": "rgb(55, 123, 141)",
"width": 924,
"height": 37,
"background": "rgb(245, 245, 245)",
"font_weight": "400"
}
],
"first_layer_summary": "Akzeptieren 2 / Ablehnen 1 / Einstellungen 1",
"cookie_context_found": true,
"reject_less_prominent": false,
"visible_control_count": 7,
"reject_prominence_ratio": 1
},
"gpc_signal": {
"error": "",
"enabled": true,
"storage": {
"total": 0,
"tracking_key_hints": [],
"local_storage_total": 0,
"session_storage_total": 0
},
"cookie_count": 2,
"request_count": 82,
"sec_gpc_header": true,
"navigator_value": true,
"contacted_domains": [
{
"host": "mul-ct.de",
"count": 80,
"category": "other",
"provider": "mul-ct.de",
"third_party": false,
"category_label": "Sonstige",
"resource_types": {
"xhr": 1,
"font": 7,
"image": 54,
"script": 8,
"document": 1,
"stylesheet": 9
}
},
{
"host": "cdn.matomo.cloud",
"count": 1,
"category": "analytics",
"provider": "Matomo",
"third_party": true,
"category_label": "Analytics",
"resource_types": {
"script": 1
}
},
{
"host": "ctk.matomo.cloud",
"count": 1,
"category": "analytics",
"provider": "Matomo",
"third_party": true,
"category_label": "Analytics",
"resource_types": {
"ping": 1
}
}
],
"contacted_domain_count": 3,
"privacy_relevant_domains": [
{
"host": "cdn.matomo.cloud",
"count": 1,
"category": "analytics",
"provider": "Matomo",
"third_party": true,
"category_label": "Analytics",
"resource_types": {
"script": 1
}
},
{
"host": "ctk.matomo.cloud",
"count": 1,
"category": "analytics",
"provider": "Matomo",
"third_party": true,
"category_label": "Analytics",
"resource_types": {
"ping": 1
}
}
],
"third_party_cookie_count": 0,
"third_party_domain_count": 2,
"privacy_relevant_domain_count": 2
},
"screenshot": {
"fit": "contain",
"width": 160,
"height": 150,
"source_width": 1024,
"source_height": 960,
"source_capture": "full_page",
"capture_version": "contain-v4-viewport-transparency-160x150"
},
"consent_apis": {
"cmpapi": false,
"tcfapi": false,
"onetrust": false,
"cookiebot": false,
"data_layer": false,
"cmp_detected": false,
"usercentrics": false,
"google_tag_data": false
},
"accept_signal": {
"error": "",
"enabled": true,
"storage": {
"total": 0,
"tracking_key_hints": [],
"local_storage_total": 0,
"session_storage_total": 0
},
"clicked_text": "Alle akzeptieren",
"accept_clicked": true,
"accept_available": true,
"contacted_domains": [
{
"host": "mul-ct.de",
"count": 80,
"category": "other",
"provider": "mul-ct.de",
"third_party": false,
"category_label": "Sonstige",
"resource_types": {
"xhr": 1,
"font": 7,
"image": 54,
"script": 8,
"document": 1,
"stylesheet": 9
}
},
{
"host": "cdn.matomo.cloud",
"count": 1,
"category": "analytics",
"provider": "Matomo",
"third_party": true,
"category_label": "Analytics",
"resource_types": {
"script": 1
}
},
{
"host": "ctk.matomo.cloud",
"count": 1,
"category": "analytics",
"provider": "Matomo",
"third_party": true,
"category_label": "Analytics",
"resource_types": {
"ping": 1
}
}
],
"contacted_domain_count": 3,
"new_domains_after_accept": [],
"privacy_relevant_domains": [
{
"host": "cdn.matomo.cloud",
"count": 1,
"category": "analytics",
"provider": "Matomo",
"third_party": true,
"category_label": "Analytics",
"resource_types": {
"script": 1
}
},
{
"host": "ctk.matomo.cloud",
"count": 1,
"category": "analytics",
"provider": "Matomo",
"third_party": true,
"category_label": "Analytics",
"resource_types": {
"ping": 1
}
}
],
"third_party_domain_count": 2,
"cookie_count_after_accept": 5,
"cookie_count_before_accept": 2,
"request_count_after_accept": 82,
"storage_count_after_accept": 0,
"request_count_before_accept": 82,
"new_cookie_count_after_accept": 3,
"privacy_relevant_domain_count": 2,
"new_request_count_after_accept": 0,
"third_party_cookie_count_after_accept": 0,
"storage_tracking_hint_count_after_accept": 0,
"new_privacy_relevant_domains_after_accept": [],
"new_privacy_relevant_domain_count_after_accept": 0
},
"request_count": 82,
"top_providers": [
{
"provider": "Matomo",
"request_count": 2
}
],
"request_samples": [
{
"host": "cdn.matomo.cloud",
"method": "GET",
"referrer": null,
"has_query": false,
"path_depth": 2,
"query_keys": [],
"third_party": true,
"resource_type": "script",
"query_key_count": 0,
"url_value_param_count": 0,
"sensitive_query_key_count": 0,
"target_url_value_param_count": 0
},
{
"host": "ctk.matomo.cloud",
"method": "POST",
"referrer": null,
"has_query": true,
"path_depth": 1,
"query_keys": [
"action_name",
"idsite",
"rec",
"r",
"h",
"m",
"s",
"url",
"_id",
"_idn",
"send_image",
"_refts"
],
"third_party": true,
"resource_type": "ping",
"query_key_count": 23,
"url_value_param_count": 1,
"sensitive_query_key_count": 0,
"target_url_value_param_count": 1
}
],
"cmp_consent_state": {
"tcf": {
"api_found": false,
"vendor_li": [],
"cmp_loaded": false,
"cmp_status": "",
"purpose_li": [],
"event_status": "",
"gdpr_applies": null,
"ping_success": false,
"policy_version": "",
"vendor_consents": [],
"vendor_li_count": 0,
"purpose_consents": [],
"purpose_li_count": 0,
"tc_string_length": 0,
"tc_string_present": false,
"vendor_consent_count": 0,
"purpose_consent_count": 0
},
"onetrust": {
"found": false,
"active_groups": [],
"active_group_count": 0
},
"cookiebot": {
"found": false,
"declined": false,
"consented": false,
"has_response": false,
"consent_marketing": null,
"consent_statistics": null,
"consent_preferences": null
},
"usercentrics": {
"found": false,
"has_response": false,
"services_count": 0,
"accepted_services_count": 0
}
},
"contacted_domains": [
{
"host": "mul-ct.de",
"count": 80,
"category": "other",
"provider": "mul-ct.de",
"third_party": false,
"category_label": "Sonstige",
"resource_types": {
"xhr": 1,
"font": 7,
"image": 54,
"script": 8,
"document": 1,
"stylesheet": 9
}
},
{
"host": "cdn.matomo.cloud",
"count": 1,
"category": "analytics",
"provider": "Matomo",
"third_party": true,
"category_label": "Analytics",
"resource_types": {
"script": 1
}
},
{
"host": "ctk.matomo.cloud",
"count": 1,
"category": "analytics",
"provider": "Matomo",
"third_party": true,
"category_label": "Analytics",
"resource_types": {
"ping": 1
}
}
],
"privacy_api_metrics": {
"api_calls": {
"beacon_count": 1,
"mutation_observer_count": 1,
"keyboard_input_listener_count": 10
},
"beacon_count": 1,
"webgl_read_count": 0,
"canvas_read_count": 0,
"audio_context_count": 0,
"canvas_export_count": 0,
"fetch_keepalive_count": 0,
"webgl_parameter_count": 0,
"mutation_observer_count": 1,
"keyboard_input_listener_count": 10
},
"tcf_consent_analysis": {
"color": "green",
"score": 100,
"status": "unauffällig",
"summary": "TCF-Decoder: 0 Zweck(e) mit Consent/LI-Signal, 0 Vendor-Consent(s), 0 Vendor-LI-Signal(e).",
"findings": [],
"api_found": false,
"available": false,
"cmp_loaded": false,
"cmp_status": "",
"event_status": "",
"gdpr_applies": null,
"ping_success": false,
"purpose_rows": [
{
"id": 1,
"label": "Informationen auf einem Gerät speichern und/oder abrufen",
"status": "nicht_erlaubt",
"risk_level": "niedrig",
"consent_granted": false,
"legitimate_interest_granted": false
},
{
"id": 2,
"label": "Einfache Anzeigen auswählen",
"status": "nicht_erlaubt",
"risk_level": "niedrig",
"consent_granted": false,
"legitimate_interest_granted": false
},
{
"id": 3,
"label": "Personalisiertes Anzeigen-Profil erstellen",
"status": "nicht_erlaubt",
"risk_level": "niedrig",
"consent_granted": false,
"legitimate_interest_granted": false
},
{
"id": 4,
"label": "Personalisierte Anzeigen auswählen",
"status": "nicht_erlaubt",
"risk_level": "niedrig",
"consent_granted": false,
"legitimate_interest_granted": false
},
{
"id": 5,
"label": "Personalisiertes Inhalts-Profil erstellen",
"status": "nicht_erlaubt",
"risk_level": "niedrig",
"consent_granted": false,
"legitimate_interest_granted": false
},
{
"id": 6,
"label": "Personalisierte Inhalte auswählen",
"status": "nicht_erlaubt",
"risk_level": "niedrig",
"consent_granted": false,
"legitimate_interest_granted": false
},
{
"id": 7,
"label": "Anzeigen-Leistung messen",
"status": "nicht_erlaubt",
"risk_level": "niedrig",
"consent_granted": false,
"legitimate_interest_granted": false
},
{
"id": 8,
"label": "Inhalte-Leistung messen",
"status": "nicht_erlaubt",
"risk_level": "niedrig",
"consent_granted": false,
"legitimate_interest_granted": false
},
{
"id": 9,
"label": "Marktforschung zur Generierung von Erkenntnissen nutzen",
"status": "nicht_erlaubt",
"risk_level": "niedrig",
"consent_granted": false,
"legitimate_interest_granted": false
},
{
"id": 10,
"label": "Produkte entwickeln und verbessern",
"status": "nicht_erlaubt",
"risk_level": "niedrig",
"consent_granted": false,
"legitimate_interest_granted": false
},
{
"id": 11,
"label": "Begrenzte Daten zur Anzeigen-Auswahl verwenden",
"status": "nicht_erlaubt",
"risk_level": "niedrig",
"consent_granted": false,
"legitimate_interest_granted": false
}
],
"vendor_li_ids": [],
"policy_version": "",
"vendor_li_count": 0,
"purpose_li_count": 0,
"tc_string_length": 0,
"tc_string_present": false,
"vendor_consent_ids": [],
"granted_purpose_rows": [],
"vendor_consent_count": 0,
"purpose_consent_count": 0,
"high_risk_purpose_count": 0,
"medium_risk_purpose_count": 0
},
"viewport_transparency": {
"samples": [],
"available": true,
"sample_count": 0,
"claim_boundary": "Sichtbarkeits-Evidence aus dem ersten Headless-Chromium-Viewport; keine Aussage ueber Footer nach Scrollen, Loginbereiche oder rechtliche Vollstaendigkeit.",
"viewport_width": 1024,
"category_counts": [],
"contact_visible": false,
"imprint_visible": false,
"viewport_height": 960,
"cookie_consent_visible": false,
"privacy_notice_visible": false
},
"consent_journey_matrix": {
"color": "yellow",
"items": [
{
"host": "cdn.matomo.cloud",
"states": {
"gpc": 1,
"default": 1
},
"category": "analytics",
"provider": "Matomo",
"category_label": "Analytics",
"privacy_relevant": true,
"total_request_count": 2
},
{
"host": "ctk.matomo.cloud",
"states": {
"gpc": 1,
"default": 1
},
"category": "analytics",
"provider": "Matomo",
"category_label": "Analytics",
"privacy_relevant": true,
"total_request_count": 2
}
],
"score": 84,
"states": [
{
"id": "default",
"label": "Erstaufruf",
"description": "Kontakte ohne Nutzeraktion",
"domain_count": 2,
"request_count": 2,
"privacy_relevant_domain_count": 2
},
{
"id": "reject_new",
"label": "Nach Ablehnen neu",
"description": "Neue Kontakte nach Ablehnen-Klick",
"domain_count": 0,
"request_count": 0,
"privacy_relevant_domain_count": 0
},
{
"id": "accept_new",
"label": "Nach Akzeptieren neu",
"description": "Neue Kontakte nach Akzeptieren-Klick",
"domain_count": 0,
"request_count": 0,
"privacy_relevant_domain_count": 0
},
{
"id": "gpc",
"label": "GPC-Aufruf",
"description": "Kontakte bei Global Privacy Control",
"domain_count": 2,
"request_count": 2,
"privacy_relevant_domain_count": 2
}
],
"status": "prüfen",
"summary": "Consent-Journey: 0 neue Datenschutz-Domain(s) nach Ablehnen, 0 nach Akzeptieren, 2 im GPC-Aufruf.",
"gpc_privacy_relevant_domain_count": 2,
"accept_privacy_relevant_domain_count": 0,
"reject_privacy_relevant_domain_count": 0
},
"consent_state_evidence": {
"rows": [
{
"id": "default",
"label": "Erstaufruf",
"status": "ohne Nutzeraktion",
"evidence": "Baseline aus erstem Chromium-Aufruf ohne Banner-Interaktion.",
"risk_level": "mittel",
"cookie_count": 2,
"domain_count": 3,
"request_count": 82,
"storage_total": 0,
"new_cookie_count": 2,
"third_party_cookie_count": 0,
"storage_tracking_hint_count": 0,
"privacy_relevant_domain_count": 2
},
{
"id": "reject",
"label": "Nach Ablehnen",
"status": "geklickt",
"evidence": "Nur Notwendige akzeptieren",
"risk_level": "hoch",
"cookie_count": 3,
"domain_count": 0,
"request_count": 82,
"storage_total": 0,
"new_cookie_count": 1,
"third_party_cookie_count": 0,
"storage_tracking_hint_count": 0,
"privacy_relevant_domain_count": 0
},
{
"id": "accept",
"label": "Nach Akzeptieren",
"status": "geklickt",
"evidence": "Alle akzeptieren",
"risk_level": "info",
"cookie_count": 5,
"domain_count": 3,
"request_count": 82,
"storage_total": 0,
"new_cookie_count": 3,
"third_party_cookie_count": 0,
"storage_tracking_hint_count": 0,
"privacy_relevant_domain_count": 0
},
{
"id": "gpc",
"label": "GPC-Aufruf",
"status": "aktiv",
"evidence": "Navigator-GPC und Sec-GPC wurden im gesonderten Browserlauf gesetzt.",
"risk_level": "mittel",
"cookie_count": 2,
"domain_count": 3,
"request_count": 82,
"storage_total": 0,
"new_cookie_count": 0,
"third_party_cookie_count": 0,
"storage_tracking_hint_count": 0,
"privacy_relevant_domain_count": 2
}
],
"color": "orange",
"score": 58,
"status": "auffällig",
"summary": "Consent-State-Evidence: 4 Zustände verglichen, 1 hoch auffällig, 2 mittel auffällig.",
"findings": [
{
"id": "consent_state_reject_evidence_failed",
"title": "Consent-Zustand: Ablehnen löst weiterhin Datenschutz-Signale aus",
"public": true,
"category": "privacy",
"severity": "warning"
},
{
"id": "consent_state_gpc_evidence_review",
"title": "Consent-Zustand: GPC mit Tracking-Hinweisen",
"public": true,
"category": "privacy",
"severity": "info"
}
],
"available": true,
"high_count": 1,
"medium_count": 2
},
"contacted_domain_count": 3,
"fingerprinting_analysis": {
"color": "yellow",
"score": 88,
"checks": [
{
"id": "canvas",
"ok": true,
"count": 0,
"label": "Canvas-Auslese",
"detail": "0 Pixel-Lesezugriff(e), 0 Export(e)."
},
{
"id": "webgl",
"ok": true,
"count": 0,
"label": "WebGL-Merkmale",
"detail": "0 Parameterzugriff(e), 0 Pixel-Lesezugriff(e)."
},
{
"id": "audio",
"ok": true,
"count": 0,
"label": "AudioContext",
"detail": "0 AudioContext/OfflineAudioContext-Aufruf(e)."
},
{
"id": "session_replay",
"ok": true,
"count": 0,
"label": "Session-Replay-Anbieter",
"detail": "Keine bekannten Anbieter erkannt."
},
{
"id": "input_listeners",
"ok": false,
"count": 10,
"label": "Tastatur-/Eingabe-Listener",
"detail": "10 Tastatur-/Input-Listener, 58 Interaktions-Listener, 1 MutationObserver."
}
],
"status": "prüfen",
"metrics": {
"webgl_read_count": 0,
"canvas_read_count": 0,
"audio_context_count": 0,
"canvas_export_count": 0,
"webgl_parameter_count": 0,
"mutation_observer_count": 1,
"keyboard_input_listener_count": 10
},
"summary": "1 Fingerprinting-/Session-Replay-Hinweis(e) aus dem Browserlauf.",
"findings": [
{
"id": "browser_keystroke_listener_signals",
"count": 10,
"title": "Viele Tastatur-/Eingabe-Listener im Browser erkannt",
"public": true,
"category": "privacy",
"severity": "info"
}
],
"finding_count": 1,
"session_replay_domains": []
},
"privacy_relevant_domains": [
{
"host": "cdn.matomo.cloud",
"count": 1,
"category": "analytics",
"provider": "Matomo",
"third_party": true,
"category_label": "Analytics",
"resource_types": {
"script": 1
}
},
{
"host": "ctk.matomo.cloud",
"count": 1,
"category": "analytics",
"provider": "Matomo",
"third_party": true,
"category_label": "Analytics",
"resource_types": {
"ping": 1
}
}
],
"provider_category_counts": {
"analytics": 2
},
"provider_category_labels": {
"analytics": "Analytics"
},
"third_party_domain_count": 2,
"embedded_content_analysis": {
"color": "green",
"items": [],
"score": 100,
"status": "unauffällig",
"summary": "0 externe Embed-/Widget-Dienst(e), 0 davon im ersten Browseraufruf geladen.",
"findings": [],
"map_count": 0,
"total_count": 0,
"video_count": 0,
"captcha_count": 0,
"category_counts": [],
"social_widget_count": 0,
"loaded_pre_consent_count": 0,
"request_count_by_provider": []
},
"referrer_leakage_analysis": {
"color": "yellow",
"items": [
{
"host": "ctk.matomo.cloud",
"category": "analytics",
"provider": "Matomo",
"query_keys": [
"action_name",
"idsite",
"rec",
"r",
"h",
"m",
"s",
"url"
],
"risk_reason": "Seiten-URL oder URL-Wert in Drittanbieter-Requestparametern",
"resource_type": "ping",
"category_label": "Analytics",
"referrer_query_keys": [],
"url_value_param_count": 1,
"target_url_value_param_count": 1
}
],
"score": 88,
"status": "prüfen",
"summary": "1 Drittanbieter-Domain(s) mit Referrer-/URL-Leak-Prüfbedarf, 0 sensible Query-Kontexte.",
"findings": [
{
"id": "third_party_page_url_parameter",
"count": 1,
"title": "Seiten-URL wird in Drittanbieter-Requests übertragen",
"public": true,
"category": "privacy",
"severity": "warning"
}
],
"sample_count": 2,
"full_referrer_count": 0,
"page_url_param_count": 1,
"affected_domain_count": 1,
"sensitive_query_count": 0
},
"third_party_contact_matrix": {
"color": "orange",
"items": [
{
"host": "cdn.matomo.cloud",
"region": "EU/selbst gehostet möglich",
"status": "dokumentieren",
"category": "analytics",
"provider": "Matomo",
"risk_level": "mittel",
"request_count": 1,
"transfer_risk": "mittel",
"category_label": "Analytics",
"resource_types": [
{
"type": "script",
"count": 1
}
],
"transfer_label": "EU/EWR oder selbst gehostet",
"privacy_relevant": true
},
{
"host": "ctk.matomo.cloud",
"region": "EU/selbst gehostet möglich",
"status": "dokumentieren",
"category": "analytics",
"provider": "Matomo",
"risk_level": "mittel",
"request_count": 1,
"transfer_risk": "mittel",
"category_label": "Analytics",
"resource_types": [
{
"type": "ping",
"count": 1
}
],
"transfer_label": "EU/EWR oder selbst gehostet",
"privacy_relevant": true
}
],
"score": 70,
"status": "auffällig",
"summary": "2 Drittanbieter-Domain(s) beim ersten Browseraufruf, davon 2 datenschutzrelevant.",
"category_counts": {
"Analytics": 2
},
"total_domain_count": 2,
"total_request_count": 2,
"privacy_relevant_count": 2,
"transfer_risk_analysis": {
"color": "green",
"items": [
{
"host": "cdn.matomo.cloud",
"region": "EU/selbst gehostet möglich",
"provider": "Matomo",
"request_count": 1,
"transfer_risk": "mittel",
"category_label": "Analytics",
"transfer_label": "EU/EWR oder selbst gehostet",
"privacy_relevant": true
},
{
"host": "ctk.matomo.cloud",
"region": "EU/selbst gehostet möglich",
"provider": "Matomo",
"request_count": 1,
"transfer_risk": "mittel",
"category_label": "Analytics",
"transfer_label": "EU/EWR oder selbst gehostet",
"privacy_relevant": true
}
],
"score": 100,
"status": "unauffällig",
"summary": "2 Drittanbieter für Transfer-/Jurisdiktionsprüfung, 0 mit hohem Prüfbedarf, 0 unklar.",
"findings": [],
"unknown_count": 0,
"high_risk_count": 0,
"total_vendor_count": 2,
"third_country_count": 0
}
},
"privacy_relevant_domain_count": 2,
"tracking_pixel_beacon_analysis": {
"color": "yellow",
"items": [
{
"url": "",
"host": "mul-ct.de",
"kind": "beacon_api",
"reason": "sendBeacon API 1 Aufruf(e), 0 Code-Hinweis(e); keepalive 0 Aufruf(e), 0 Code-Hinweis(e).",
"source": "javascript_api",
"category": "telemetry",
"provider": "Beacon-/Keepalive-API",
"third_party": false,
"resource_type": "beacon",
"category_label": "Telemetry"
},
{
"url": "",
"host": "ctk.matomo.cloud",
"kind": "browser_tracking_request",
"reason": "ping-Request mit 23 Query-Schlüssel(n).",
"source": "chromium_request",
"category": "analytics",
"provider": "Matomo",
"query_keys": [
"action_name",
"idsite",
"rec",
"r",
"h",
"m",
"s",
"url"
],
"third_party": true,
"resource_type": "ping",
"category_label": "Analytics"
}
],
"score": 76,
"status": "prüfen",
"summary": "0 Pixel-/Bildtracking-Hinweis(e), 2 Beacon-/Telemetry-Hinweis(e), 0 Link-Ping(s).",
"findings": [
{
"id": "beacon_api_usage",
"count": 2,
"title": "Beacon-/Keepalive-Telemetrie erkannt",
"public": true,
"category": "privacy",
"severity": "warning"
}
],
"pixel_count": 0,
"link_ping_count": 0,
"telemetry_count": 1,
"beacon_api_count": 1,
"third_party_count": 1,
"fetch_keepalive_count": 0,
"privacy_relevant_count": 1,
"beacon_code_reference_count": 0,
"fetch_keepalive_reference_count": 0
}
},
"privacy_analysis": {
"cookies": {
"items": [
{
"name": "__Host-token-client",
"secure": true,
"samesite": true,
"tracking": false,
"pre_consent": true,
"likely_essential": true
}
],
"total": 1,
"tracking": [],
"pre_consent": [
"__Host-token-client"
],
"missing_secure": [],
"missing_samesite": [],
"pre_consent_tracking": [],
"pre_consent_nonessential": []
},
"findings": [],
"tracking_ids": [
{
"type": "google_analytics_4",
"value": "G-86b56028",
"provider": "Google Analytics 4"
}
],
"tracking_scripts": [],
"consent_hint_found": false,
"privacy_policy_hint_found": true
},
"consent_audit": {
"color": "orange",
"score": 60,
"checks": [
{
"id": "banner_visible",
"ok": true,
"label": "Cookie-/Consent-Hinweis sichtbar",
"detail": "Ein Hinweis mit Cookie-/Einwilligungsbezug wurde im sichtbaren Text erkannt."
},
{
"id": "reject_visible",
"ok": true,
"label": "Ablehnen gleichwertig erreichbar",
"detail": "Ablehnen oder nur notwendige Cookies wurde im Text oder Browser erkannt. Browser-Buttons: 1."
},
{
"id": "settings_visible",
"ok": true,
"label": "Einstellungen oder Auswahl vorhanden",
"detail": "Eine Einstellungs- oder Auswahlmoeglichkeit wurde im Text oder Browser erkannt. Browser-Buttons: 1."
},
{
"id": "browser_reject_visible",
"ok": true,
"label": "Ablehnen im sichtbaren Banner",
"detail": "Sichtbare Banner-Controls: Akzeptieren 2, Ablehnen 1, Einstellungen 1."
},
{
"id": "browser_settings_visible",
"ok": true,
"label": "Einstellungen im sichtbaren Banner",
"detail": "Sichtbare Banner-Controls: Akzeptieren 2, Ablehnen 1, Einstellungen 1."
},
{
"id": "reject_equally_prominent",
"ok": true,
"label": "Ablehnen nicht deutlich schwaecher dargestellt",
"detail": "Groessen-Verhältnis Ablehnen/Akzeptieren: 1.0."
},
{
"id": "reject_button_clickable",
"ok": true,
"label": "Ablehnen technisch klickbar",
"detail": "Wenn ein Ablehnen-Button sichtbar ist, klickt SaferPage ihn im Chromium-Browser einmal an."
},
{
"id": "no_new_cookies_after_reject",
"ok": false,
"label": "Keine neuen Cookies nach Ablehnen",
"detail": "1 neue Cookie(s) nach dem Ablehnen-Klick."
},
{
"id": "no_tracking_storage_after_reject",
"ok": true,
"label": "Kein Tracking-Storage nach Ablehnen",
"detail": "0 Tracking-Hinweis(e) im Web Storage nach Ablehnen."
},
{
"id": "no_privacy_domains_after_reject",
"ok": true,
"label": "Keine neuen Tracking-Kontakte nach Ablehnen",
"detail": "0 neue datenschutzrelevante Domain(s) nach Ablehnen."
},
{
"id": "gpc_signal_respected",
"ok": false,
"label": "GPC-Signal ohne Tracking-Hinweise",
"detail": "GPC-Aufruf: 2 datenschutzrelevante Domain(s), 0 Drittanbieter-Cookie(s), 0 Storage-Hinweis(e)."
},
{
"id": "no_tracking_cookies_before_consent",
"ok": true,
"label": "Keine Tracking-Cookies vor Einwilligung",
"detail": "0 Tracking-Cookie(s) im Erstaufruf."
},
{
"id": "no_nonessential_cookies_before_consent",
"ok": false,
"label": "Keine nicht notwendigen Cookies vor Einwilligung",
"detail": "1 moeglicherweise nicht notwendige Cookie(s) im Erstaufruf."
},
{
"id": "google_default_restrictive",
"ok": false,
"label": "Google Consent Default restriktiv",
"detail": "Google-Tags brauchen vor dem ersten Laden restriktive Consent-Defaults."
},
{
"id": "third_parties_explained",
"ok": true,
"label": "Drittanbieter begrenzt und erklaerbar",
"detail": "0 datenschutzrelevante Drittanbieter-Domain(s), 2 Drittanbieter insgesamt."
},
{
"id": "storage_without_tracking_hints",
"ok": true,
"label": "Web Storage ohne Tracking-Hinweise",
"detail": "0 Storage-Key(s), 0 Tracking-Hinweis(e)."
},
{
"id": "cmp_api_detected_when_needed",
"ok": true,
"label": "CMP-/TCF-Signal bei Tracking erkennbar",
"detail": "Gängige CMP-/TCF-Indikatoren: __tcfapi, __cmp, Cookiebot, OneTrust oder Usercentrics."
},
{
"id": "accept_click_documented",
"ok": true,
"label": "Akzeptieren-Klick nachvollziehbar",
"detail": "Accept-Test: geklickt, neue Requests 0, neue Cookies 3, neue Datenschutz-Domains 0."
},
{
"id": "cmp_state_readable",
"ok": true,
"label": "CMP-/TCF-Zustand auslesbar",
"detail": "TCF TC-String: nein, Cookiebot: nein, OneTrust: nein, Usercentrics: nein."
},
{
"id": "cmp_default_restrictive",
"ok": true,
"label": "CMP-Default wirkt restriktiv",
"detail": "TCF Purposes erlaubt: 0, TCF Vendors erlaubt: 0, Cookiebot Statistik/Marketing: nein."
}
],
"status": "auffällig",
"summary": "Consent ist teilweise erkennbar; einzelne Punkte bleiben Betreiberkontext.",
"evidence": [
"2 Cookie(s) beim ersten Aufruf aus HTTP-Headern und Chromium",
"0 Tracking-Script(s) im HTML",
"0 datenschutzrelevante Drittanbieter-Domain(s)",
"0 Storage-Key(s), 0 Tracking-Hinweis(e)",
"Consent-Banner-Controls: Akzeptieren 2, Ablehnen 1, Einstellungen 1",
"Ablehnen/Akzeptieren-Prominenz: 1.0",
"Reject-Test: geklickt, neue Cookies 1, Tracking-Storage 0, neue Datenschutz-Domains 0",
"Accept-Test: geklickt, neue Requests 0, neue Cookies 3, neue Datenschutz-Domains 0, Drittanbieter-Cookies 0",
"CMP-State: TCF-String nein, TCF Purposes 0, TCF Vendors 0, Cookiebot nein, OneTrust-Gruppen 0, Usercentrics-Services 0",
"GPC-Test: aktiv, Datenschutz-Domains 2, Drittanbieter-Cookies 0, Storage-Hinweise 0",
"CMP-/TCF-Signal: nein",
"Google Consent Default: nein"
],
"gpc_enabled": true,
"cmp_detected": false,
"blocking_plan": {
"items": [
{
"kind": "google_consent",
"level": "hoch",
"source": "Google",
"target": "Google Consent Defaults",
"recipes": [
{
"tool": "Google Consent Mode v2"
},
{
"tool": "Google Tag Manager"
},
{
"tool": "Cookiebot"
},
{
"tool": "Usercentrics"
},
{
"tool": "OneTrust"
}
],
"category": "tag_manager",
"evidence": "Google-Tags erkannt, aber kein Consent-Default vor dem ersten Tag.",
"category_label": "Tag-Manager"
},
{
"kind": "third_party_request",
"level": "hoch",
"source": "Matomo",
"target": "cdn.matomo.cloud",
"recipes": [
{
"tool": "Google Tag Manager"
},
{
"tool": "Cookiebot"
},
{
"tool": "Usercentrics"
},
{
"tool": "OneTrust"
},
{
"tool": "Developer-Fallback"
}
],
"category": "analytics",
"evidence": "1 Request(s) im Erstaufruf · Analytics",
"category_label": "Analytics"
},
{
"kind": "third_party_request",
"level": "hoch",
"source": "Matomo",
"target": "ctk.matomo.cloud",
"recipes": [
{
"tool": "Google Tag Manager"
},
{
"tool": "Cookiebot"
},
{
"tool": "Usercentrics"
},
{
"tool": "OneTrust"
},
{
"tool": "Developer-Fallback"
}
],
"category": "analytics",
"evidence": "1 Request(s) im Erstaufruf · Analytics",
"category_label": "Analytics"
},
{
"kind": "cookie",
"level": "mittel",
"source": "mul-ct.de",
"target": "fc40b4128",
"recipes": [
{
"tool": "Google Tag Manager"
},
{
"tool": "Cookiebot"
},
{
"tool": "Usercentrics"
},
{
"tool": "OneTrust"
},
{
"tool": "Developer-Fallback"
}
],
"category": "unknown",
"evidence": "vor Consent gesetzt · mul-ct.de · kurz (0 Tage)",
"category_label": "Unklar"
}
],
"summary": "4 Blockier-/Consent-Maßnahme(n) abgeleitet: 3 hoch, 1 mittel.",
"available": true,
"high_count": 3,
"total_count": 4,
"type_counts": {
"cookie": 1,
"google_consent": 1,
"third_party_request": 2
},
"medium_count": 1
},
"tcf_api_found": false,
"cookiebot_found": false,
"accept_test_enabled": true,
"browser_cookie_count": 2,
"accept_button_clicked": true,
"browser_storage_count": 0,
"reject_button_clicked": true,
"reject_less_prominent": false,
"tcf_tc_string_present": false,
"tracking_script_count": 0,
"accept_button_available": true,
"reject_button_available": true,
"reject_prominence_ratio": 1,
"pre_consent_cookie_count": 2,
"pre_consent_cookie_names": [
"__Host-token-client",
"fc40b4128"
],
"tcf_vendor_consent_count": 0,
"third_party_domain_count": 2,
"tcf_purpose_consent_count": 0,
"onetrust_active_group_count": 0,
"usercentrics_services_count": 0,
"browser_accept_control_count": 2,
"browser_cookie_context_found": true,
"browser_reject_control_count": 1,
"gpc_third_party_cookie_count": 0,
"post_accept_new_cookie_count": 3,
"post_reject_new_cookie_count": 1,
"post_accept_new_request_count": 0,
"browser_settings_control_count": 1,
"gpc_storage_tracking_hint_count": 0,
"cookiebot_marketing_or_statistics": false,
"gpc_privacy_relevant_domain_count": 2,
"pre_consent_tracking_cookie_count": 0,
"pre_consent_tracking_cookie_names": [],
"privacy_relevant_third_party_count": 0,
"browser_storage_tracking_hint_count": 0,
"post_accept_third_party_cookie_count": 0,
"pre_consent_nonessential_cookie_count": 1,
"pre_consent_nonessential_cookie_names": [
"fc40b4128"
],
"post_accept_storage_tracking_hint_count": 0,
"post_reject_storage_tracking_hint_count": 0,
"post_accept_privacy_relevant_domain_count": 0,
"post_reject_privacy_relevant_domain_count": 0
},
"cookie_inventory": {
"color": "green",
"items": [
{
"name": "__Host-token-client",
"domain": "mul-ct.de",
"secure": true,
"sources": [
"http_set_cookie",
"browser_first_load"
],
"category": "necessary",
"provider": "mul-ct.de",
"tracking": false,
"http_only": true,
"same_site": "Lax",
"expires_at": "2026-06-20T05:53:56+00:00",
"long_lived": false,
"persistent": true,
"first_party": true,
"origin_host": "mul-ct.de",
"pre_consent": true,
"source_label": "HTTP Set-Cookie, Chromium-Erstaufruf",
"category_label": "Notwendig",
"retention_risk": "niedrig",
"expires_in_days": 0,
"origin_evidence": "80 Browser-Request(s) · document:1, font:7, image:54, script:8",
"origin_provider": "mul-ct.de",
"retention_class": "short",
"retention_label": "kurz (0 Tage)",
"likely_essential": true,
"origin_script_url": "",
"origin_resource_type": ""
},
{
"name": "fc40b4128",
"domain": "mul-ct.de",
"secure": true,
"sources": [
"browser_first_load"
],
"category": "unknown",
"provider": "mul-ct.de",
"tracking": false,
"http_only": true,
"same_site": "Lax",
"expires_at": "2026-06-20T05:53:56+00:00",
"long_lived": false,
"persistent": true,
"first_party": true,
"origin_host": "mul-ct.de",
"pre_consent": true,
"source_label": "Chromium-Erstaufruf",
"category_label": "Unklar",
"retention_risk": "niedrig",
"expires_in_days": 0,
"origin_evidence": "80 Browser-Request(s) · document:1, font:7, image:54, script:8",
"origin_provider": "mul-ct.de",
"retention_class": "short",
"retention_label": "kurz (0 Tage)",
"likely_essential": false,
"origin_script_url": "",
"origin_resource_type": ""
}
],
"score": 100,
"total": 2,
"status": "unauffällig",
"summary": "2 Cookie(s) inventarisiert: 0 Tracking-/Werbe-Cookie(s), 0 Drittanbieter-Cookie(s), 0 langlebige Cookie(s), 0 sehr lange Laufzeit(en).",
"findings": [],
"categories": {
"unknown": 1,
"necessary": 1
},
"tracking_count": 0,
"category_labels": {
"consent": "Consent",
"payment": "Zahlung",
"unknown": "Unklar",
"security": "Sicherheit",
"analytics": "Analytics",
"necessary": "Notwendig",
"functional": "Funktional",
"advertising": "Werbung"
},
"long_lived_count": 0,
"persistent_count": 2,
"first_party_count": 2,
"pre_consent_count": 2,
"retention_classes": {
"short": 2
},
"third_party_count": 0,
"missing_secure_count": 0,
"retention_risk_count": 0,
"retention_risk_items": [],
"very_long_lived_count": 0,
"missing_samesite_count": 0,
"persistent_unknown_count": 0,
"long_lived_tracking_count": 0
},
"security_header_analysis": {
"color": "orange",
"score": 52,
"checks": [
{
"ok": true,
"note": "",
"label": "HSTS",
"value": "max-age=63072000; includeSubdomains",
"header": "strict-transport-security",
"present": true,
"purpose": "Erzwingt HTTPS nach dem ersten sicheren Aufruf.",
"severity": "warning"
},
{
"ok": true,
"note": "",
"label": "Content-Security-Policy",
"value": "default-src 'self' https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://c",
"header": "content-security-policy",
"present": true,
"purpose": "Begrenzt Skript-, Frame- und Ressourcenquellen im Browser.",
"severity": "warning"
},
{
"ok": true,
"note": "",
"label": "X-Frame-Options",
"value": "SAMEORIGIN",
"header": "x-frame-options",
"present": true,
"purpose": "Reduziert Clickjacking-Risiken bei älteren Browsern.",
"severity": "warning"
},
{
"ok": true,
"note": "",
"label": "X-Content-Type-Options",
"value": "nosniff",
"header": "x-content-type-options",
"present": true,
"purpose": "Verhindert MIME-Sniffing bei Skripten und Stylesheets.",
"severity": "warning"
},
{
"ok": true,
"note": "",
"label": "Referrer-Policy",
"value": "same-origin",
"header": "referrer-policy",
"present": true,
"purpose": "Begrenzt, welche URL-Informationen an Zielseiten weitergegeben werden.",
"severity": "info"
},
{
"ok": true,
"note": "",
"label": "Permissions-Policy",
"value": "accelerometer=(*),camera=(),encrypted-media=(*),geolocation=(),gyroscope=(*),magnetometer=(),midi=(),microphone=(),payment=()",
"header": "permissions-policy",
"present": true,
"purpose": "Begrenzt sensible Browser-Funktionen pro Seite.",
"severity": "info"
},
{
"ok": false,
"note": "Fehlt in der HTTP-Antwort.",
"label": "Cross-Origin-Opener-Policy",
"value": "",
"header": "cross-origin-opener-policy",
"present": false,
"purpose": "Isoliert Top-Level-Fenster und reduziert Cross-Origin-Seiteneffekte.",
"severity": "info"
},
{
"ok": false,
"note": "Fehlt in der HTTP-Antwort.",
"label": "Cross-Origin-Resource-Policy",
"value": "",
"header": "cross-origin-resource-policy",
"present": false,
"purpose": "Begrenzt, welche fremden Seiten Ressourcen einbetten dürfen.",
"severity": "info"
},
{
"ok": false,
"note": "Fehlt in der HTTP-Antwort.",
"label": "Cross-Origin-Embedder-Policy",
"value": "",
"header": "cross-origin-embedder-policy",
"present": false,
"purpose": "Erzwingt kontrollierte Cross-Origin-Einbettungen und kann Cross-Origin Isolation ermöglichen.",
"severity": "info"
}
],
"status": "auffällig",
"missing": [
"Cross-Origin-Opener-Policy",
"Cross-Origin-Resource-Policy",
"Cross-Origin-Embedder-Policy"
],
"summary": "6 von 9 wichtigen Security-Headern vorhanden, 6 korrekt bewertet. CSP wirksam mit 11 Direktive(n), 2 Warnung(en), 2 Hinweis(e).",
"findings": [
{
"id": "csp_unsafe_inline",
"title": "CSP erlaubt unsafe-inline für Skripte",
"public": true,
"category": "security_headers",
"severity": "warning"
},
{
"id": "csp_unsafe_eval",
"title": "CSP erlaubt eval-nahe Skriptausführung",
"public": true,
"category": "security_headers",
"severity": "warning"
},
{
"id": "csp_permissive_script_sources",
"title": "CSP erlaubt sehr breite Skriptquellen",
"public": true,
"sources": [
"http://cdn.matomo.cloud",
"http://ctk.matomo.cloud",
"http://zlm.mul-ct.de",
"http://cottbus-platform.condat.cloud",
"http://platform.container:8080",
"http://cshs-platform-api.condat-demo.de"
],
"category": "security_headers",
"severity": "info"
},
{
"id": "csp_missing_base_uri",
"title": "CSP ohne base-uri",
"public": true,
"category": "security_headers",
"severity": "info"
}
],
"ok_count": 6,
"weak_count": 0,
"csp_analysis": {
"color": "orange",
"score": 52,
"status": "auffällig",
"summary": "CSP wirksam mit 11 Direktive(n), 2 Warnung(en), 2 Hinweis(e).",
"enforced": true,
"findings": [
{
"id": "csp_unsafe_inline",
"title": "CSP erlaubt unsafe-inline für Skripte",
"public": true,
"category": "security_headers",
"severity": "warning"
},
{
"id": "csp_unsafe_eval",
"title": "CSP erlaubt eval-nahe Skriptausführung",
"public": true,
"category": "security_headers",
"severity": "warning"
},
{
"id": "csp_permissive_script_sources",
"title": "CSP erlaubt sehr breite Skriptquellen",
"public": true,
"sources": [
"http://cdn.matomo.cloud",
"http://ctk.matomo.cloud",
"http://zlm.mul-ct.de",
"http://cottbus-platform.condat.cloud",
"http://platform.container:8080",
"http://cshs-platform-api.condat-demo.de"
],
"category": "security_headers",
"severity": "info"
},
{
"id": "csp_missing_base_uri",
"title": "CSP ohne base-uri",
"public": true,
"category": "security_headers",
"severity": "info"
}
],
"available": true,
"directives": [
{
"name": "connect-src",
"value": "'self' https://nominatim.openstreetmap.org https://login.microsoftonline.com https://www.google.com https://ctk.matomo.cloud http://ctk.matomo.cloud ctk.matomo.cloud https://eutils.ncbi.nlm.nih.gov https://cottbus-platfo",
"values": [
"'self'",
"https://nominatim.openstreetmap.org",
"https://login.microsoftonline.com",
"https://www.google.com",
"https://ctk.matomo.cloud",
"http://ctk.matomo.cloud",
"ctk.matomo.cloud",
"https://eutils.ncbi.nlm.nih.gov",
"https://cottbus-platform.condat.cloud",
"http://cottbus-platform.condat.cloud",
"cottbus-platform.condat.cloud",
"https://platform.container:8080",
"http://platform.container:8080",
"platform.container:8080",
"https://cshs-platform-api.condat-demo.de",
"http://cshs-platform-api.condat-demo.de"
]
},
{
"name": "default-src",
"value": "'self' https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform",
"values": [
"'self'",
"https://cottbus-platform.condat.cloud",
"http://cottbus-platform.condat.cloud",
"cottbus-platform.condat.cloud",
"https://platform.container:8080",
"http://platform.container:8080",
"platform.container:8080",
"https://cshs-platform-api.condat-demo.de",
"http://cshs-platform-api.condat-demo.de",
"cshs-platform-api.condat-demo.de"
]
},
{
"name": "font-src",
"value": "'self' https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform",
"values": [
"'self'",
"https://cottbus-platform.condat.cloud",
"http://cottbus-platform.condat.cloud",
"cottbus-platform.condat.cloud",
"https://platform.container:8080",
"http://platform.container:8080",
"platform.container:8080",
"https://cshs-platform-api.condat-demo.de",
"http://cshs-platform-api.condat-demo.de",
"cshs-platform-api.condat-demo.de",
"data:"
]
},
{
"name": "frame-ancestors",
"value": "'self' https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform",
"values": [
"'self'",
"https://cottbus-platform.condat.cloud",
"http://cottbus-platform.condat.cloud",
"cottbus-platform.condat.cloud",
"https://platform.container:8080",
"http://platform.container:8080",
"platform.container:8080",
"https://cshs-platform-api.condat-demo.de",
"http://cshs-platform-api.condat-demo.de",
"cshs-platform-api.condat-demo.de"
]
},
{
"name": "frame-src",
"value": "'self' https://benutzerhandbuch-cshs.condat.de https://global.frcapi.com https://www.google.com https://*.youtube-nocookie.com https://*.youtube.com https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cl",
"values": [
"'self'",
"https://benutzerhandbuch-cshs.condat.de",
"https://global.frcapi.com",
"https://www.google.com",
"https://*.youtube-nocookie.com",
"https://*.youtube.com",
"https://cottbus-platform.condat.cloud",
"http://cottbus-platform.condat.cloud",
"cottbus-platform.condat.cloud",
"https://platform.container:8080",
"http://platform.container:8080",
"platform.container:8080",
"https://cshs-platform-api.condat-demo.de",
"http://cshs-platform-api.condat-demo.de",
"cshs-platform-api.condat-demo.de"
]
},
{
"name": "img-src",
"value": "'self' https://cdn.jsdelivr.net https://*.tile.openstreetmap.org https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.co",
"values": [
"'self'",
"https://cdn.jsdelivr.net",
"https://*.tile.openstreetmap.org",
"https://cottbus-platform.condat.cloud",
"http://cottbus-platform.condat.cloud",
"cottbus-platform.condat.cloud",
"https://platform.container:8080",
"http://platform.container:8080",
"platform.container:8080",
"https://cshs-platform-api.condat-demo.de",
"http://cshs-platform-api.condat-demo.de",
"cshs-platform-api.condat-demo.de",
"data:"
]
},
{
"name": "media-src",
"value": "'self' https://*.youtube-nocookie.com https://*.youtube.com https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.contain",
"values": [
"'self'",
"https://*.youtube-nocookie.com",
"https://*.youtube.com",
"https://cottbus-platform.condat.cloud",
"http://cottbus-platform.condat.cloud",
"cottbus-platform.condat.cloud",
"https://platform.container:8080",
"http://platform.container:8080",
"platform.container:8080",
"https://cshs-platform-api.condat-demo.de",
"http://cshs-platform-api.condat-demo.de",
"cshs-platform-api.condat-demo.de"
]
},
{
"name": "object-src",
"value": "'self' https://*.youtube-nocookie.com https://*.youtube.com https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.contain",
"values": [
"'self'",
"https://*.youtube-nocookie.com",
"https://*.youtube.com",
"https://cottbus-platform.condat.cloud",
"http://cottbus-platform.condat.cloud",
"cottbus-platform.condat.cloud",
"https://platform.container:8080",
"http://platform.container:8080",
"platform.container:8080",
"https://cshs-platform-api.condat-demo.de",
"http://cshs-platform-api.condat-demo.de",
"cshs-platform-api.condat-demo.de"
]
},
{
"name": "script-src",
"value": "'self' https://www.google.com https://www.gstatic.com https://cdn.jsdelivr.net https://cdn.matomo.cloud http://cdn.matomo.cloud cdn.matomo.cloud https://ctk.matomo.cloud http://ctk.matomo.cloud ctk.matomo.cloud https://z",
"values": [
"'self'",
"https://www.google.com",
"https://www.gstatic.com",
"https://cdn.jsdelivr.net",
"https://cdn.matomo.cloud",
"http://cdn.matomo.cloud",
"cdn.matomo.cloud",
"https://ctk.matomo.cloud",
"http://ctk.matomo.cloud",
"ctk.matomo.cloud",
"https://zlm.mul-ct.de",
"http://zlm.mul-ct.de",
"zlm.mul-ct.de",
"https://cottbus-platform.condat.cloud",
"http://cottbus-platform.condat.cloud",
"cottbus-platform.condat.cloud"
]
},
{
"name": "style-src",
"value": "'self' https://cdn.jsdelivr.net https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8",
"values": [
"'self'",
"https://cdn.jsdelivr.net",
"https://cottbus-platform.condat.cloud",
"http://cottbus-platform.condat.cloud",
"cottbus-platform.condat.cloud",
"https://platform.container:8080",
"http://platform.container:8080",
"platform.container:8080",
"https://cshs-platform-api.condat-demo.de",
"http://cshs-platform-api.condat-demo.de",
"cshs-platform-api.condat-demo.de",
"'unsafe-inline'"
]
},
{
"name": "worker-src",
"value": "'self' https://cottbus-platform.condat.cloud http://cottbus-platform.condat.cloud cottbus-platform.condat.cloud https://platform.container:8080 http://platform.container:8080 platform.container:8080 https://cshs-platform",
"values": [
"'self'",
"https://cottbus-platform.condat.cloud",
"http://cottbus-platform.condat.cloud",
"cottbus-platform.condat.cloud",
"https://platform.container:8080",
"http://platform.container:8080",
"platform.container:8080",
"https://cshs-platform-api.condat-demo.de",
"http://cshs-platform-api.condat-demo.de",
"cshs-platform-api.condat-demo.de",
"blob:"
]
}
],
"info_count": 2,
"report_only": false,
"finding_count": 4,
"warning_count": 2
},
"missing_count": 3,
"present_count": 6,
"missing_info_count": 3,
"missing_warning_count": 0
},
"infrastructure_analysis": {
"signals": {
"caa": false,
"dnssec": false,
"final_https": true,
"tls_version": "TLSv1.3",
"hsts_enabled": true,
"address_count": 1,
"ipv6_available": false,
"email_protection": {
"mx": true,
"spf": true,
"dmarc": true
},
"certificate_valid": true,
"certificate_issuer": "YR1",
"certificate_alt_names": [
"ctk-poliklinik.de",
"ctk-tsg.de",
"flexcare.ctk.de",
"flexcare.mul-ct.de",
"gesundheitscampus-cottbus.de",
"klinikum-cottbus.de",
"mul-ct.de",
"mul-poliklinik.de",
"mul-tcg.de",
"mul-trg.de",
"mul-trs.de",
"mul-tsg.de",
"www.ctk-poliklinik.de",
"www.ctk-tsg.de",
"www.flexcare.mul-ct.de",
"www.gesundheitscampus-cottbus.de",
"www.klinikum-cottbus.de",
"www.mul-ct.de",
"www.mul-poliklinik.de",
"www.mul-tcg.de",
"www.mul-trg.de",
"www.mul-trs.de",
"www.mul-tsg.de"
],
"multiple_ip_addresses": false,
"certificate_expires_at": "Sep 13 20:00:22 2026 GMT",
"certificate_days_remaining": 85,
"certificate_hostname_matches": true
},
"findings": [
{
"id": "caa_missing",
"title": "CAA-Record fehlt",
"public": true,
"category": "dns",
"severity": "info"
}
],
"risk_level": "low",
"positive_signals": [
"Moderne TLS-Version aktiv: TLSv1.3.",
"HSTS ist aktiv.",
"DMARC ist für die Domain vorhanden."
]
},
"performance_analysis": {
"score": 94,
"signals": {
"compressed": false,
"duration_ms": 1953,
"image_count": 47,
"script_count": 11,
"cache_control": "max-age=0, no-cache, no-store, must-revalidate",
"content_length": 0,
"viewport_found": true,
"stylesheet_count": 18
},
"findings": [
{
"id": "too_many_render_blocking_assets",
"title": "Viele potenziell blockierende Assets",
"public": true,
"category": "performance",
"severity": "info"
}
],
"risk_level": "medium"
},
"accessibility_analysis": {
"color": "yellow",
"score": 76,
"status": "prüfen",
"signals": {
"h1_count": 1,
"image_count": 47,
"button_count": 0,
"heading_count": 41,
"viewport_found": true,
"html_lang_found": true,
"form_field_count": 2,
"image_missing_alt_count": 21,
"buttons_without_name_count": 0,
"form_fields_without_label_count": 0
},
"summary": "47 Bild(er), 2 Formularfeld(er), 0 Button(s) im passiven HTML-Sample auf Basis-Barrierefreiheit geprüft.",
"findings": [
{
"id": "image_alt_missing",
"count": 21,
"title": "Bilder ohne Alternativtext",
"public": true,
"category": "accessibility",
"severity": "info",
"evidence_items": [
"https://mul-ct.de/lib/images/nfrw96rpg26dg4jth1ydg4brf7yc96lbp1/notfall.svg?ft=bd1d7a5375b9641af7930427e5114da7c7243731ad3c7ca09ce2cf9fe0d3fb4d&expires=17819063",
"https://mul-ct.de/lib/images/nfrw96rpg26dgnzxgq5dqnjtf7yc96lbp1/phone-red.svg?ft=f597fca0e4310a96e3b3f42913cac3238b4843127743185283130922576b14d1&expires=178190",
"https://mul-ct.de/lib/images/nfrw96rpg26dgnzxgq5dqnjtf7yc96lbp1/phone-red.svg?ft=4a4804a8a0bc14363c73456af9311880f22fa4dc8262375d896e2e9ad4468454&expires=178190",
"https://mul-ct.de/lib/images/nfrw96rpg26dgnbvgy5t4mrzf7yc96lbp1/phone-blue.svg?ft=4a5d058cfe93a503ad0357f6e8e40f57b5f662dbc8ebbd0cb89cea055880488c&expires=17819",
"https://mul-ct.de/lib/images/nfrw96rpg26dgnbvgy5t4mrzf7yc96lbp1/phone-blue.svg?ft=a86fdb71804770b4f3ff76cfa111eb9e879560a95ca2a467d0f30a4c2ccf218c&expires=17819",
"https://mul-ct.de/lib/images/nfrw96rpg26dgnbvgy5t4mrzf7yc96lbp1/phone-blue.svg?ft=7f0ef488fc5b47314eaa5d048852470d4bfc6a72b659dfd475d2971affc27936&expires=17819",
"https://mul-ct.de/lib/images/nfrw96rpg26dgnbvgy5t4mrzf7yc96lbp1/phone-blue.svg?ft=495845048d9affa848dfea8878051c16e595b3dd21051c5eea6f4e3acc380edb&expires=17819",
"https://mul-ct.de/lib/images/nfrw96rpg26t4mjygyydgnbyf7yc96lbp1/vss.svg?ft=5e782eb7a9bee6e42d15f4aecfd7e9f0145f52fb7e6a2de207ecd58cf828c846&expires=1781906329&s"
]
}
],
"wcag_matrix": {
"rows": [
{
"id": "wcag_non_text_content",
"ok": false,
"wcag": "WCAG 1.1.1 Non-text Content",
"title": "Alternativtexte für Bilder",
"impact": "mittel",
"status": "prüfen",
"evidence": "21 von 47 Bild(er) ohne alt-Text im HTML-Sample."
},
{
"id": "wcag_form_labels",
"ok": true,
"wcag": "WCAG 1.3.1 Info and Relationships / 3.3.2 Labels or Instructions",
"title": "Formularfelder beschriften",
"impact": "niedrig",
"status": "ok",
"evidence": "0 von 2 Formularfeld(er) ohne erkennbare Beschriftung."
},
{
"id": "wcag_button_names",
"ok": true,
"wcag": "WCAG 4.1.2 Name, Role, Value",
"title": "Buttons mit Namen versehen",
"impact": "niedrig",
"status": "ok",
"evidence": "0 von 0 Button(s) ohne erkennbaren Namen."
},
{
"id": "wcag_page_language",
"ok": true,
"wcag": "WCAG 3.1.1 Language of Page",
"title": "Seitensprache auszeichnen",
"impact": "niedrig",
"status": "ok",
"evidence": "HTML-lang-Attribut gefunden."
},
{
"id": "wcag_heading_structure",
"ok": true,
"wcag": "WCAG 1.3.1 Info and Relationships / 2.4.6 Headings and Labels",
"title": "Überschriftenstruktur",
"impact": "niedrig",
"status": "ok",
"evidence": "1 H1 und 41 Überschrift(en) im HTML-Sample."
},
{
"id": "wcag_mobile_reflow",
"ok": true,
"wcag": "WCAG 1.4.10 Reflow",
"title": "Mobile Viewport-Basis",
"impact": "niedrig",
"status": "ok",
"evidence": "Viewport-Meta-Tag gefunden."
}
],
"summary": "1 WCAG-/EAA-Prüfpunkt(e) auffällig, davon 0 mit hoher Auswirkung.",
"standard": "WCAG 2.2 orientierte Basisprüfung",
"available": true,
"issue_count": 1,
"high_impact_count": 0
}
},
"domain_history": {
"status": [
"active"
],
"summary": "RDAP liefert kein klares Registrierungsdatum.",
"age_days": null,
"findings": [],
"available": true,
"registrar": "",
"expires_at": "",
"risk_level": "unknown",
"registered_at": "",
"expires_in_days": null,
"last_changed_at": "2024-05-14T08:52:16+00:00"
},
"data_entry_analysis": {
"forms": [
{
"url": "https://mul-ct.de/datenschutz.php",
"path": "/datenschutz.php",
"method": "UNBEKANNT",
"source": "crawl",
"purpose": "Formular",
"data_types": [],
"field_count": 0
},
{
"url": "https://mul-ct.de/impressum.php",
"path": "/impressum.php",
"method": "UNBEKANNT",
"source": "crawl",
"purpose": "Formular",
"data_types": [],
"field_count": 0
},
{
"url": "https://mul-ct.de/medizinische-universitaet/pressekontakt-2",
"path": "/medizinische-universitaet/pressekontakt-2",
"method": "UNBEKANNT",
"source": "crawl",
"purpose": "Formular",
"data_types": [],
"field_count": 0
},
{
"url": "https://mul-ct.de/medizinische-universitaet/pressekontakt-2/pressekontakt",
"path": "/medizinische-universitaet/pressekontakt-2/pressekontakt",
"method": "UNBEKANNT",
"source": "crawl",
"purpose": "Formular",
"data_types": [],
"field_count": 0
},
{
"purpose": "Formular",
"field_count": 0,
"source": "crawl",
"path": "/datenschutz.php",
"url": "https://mul-ct.de/datenschutz.php"
},
{
"purpose": "Formular",
"field_count": 0,
"source": "crawl",
"path": "/impressum.php",
"url": "https://mul-ct.de/impressum.php"
},
{
"purpose": "Formular",
"field_count": 0,
"source": "crawl",
"path": "/medizinische-universitaet/pressekontakt-2",
"url": "https://mul-ct.de/medizinische-universitaet/pressekontakt-2"
},
{
"purpose": "Formular",
"field_count": 0,
"source": "crawl",
"path": "/medizinische-universitaet/pressekontakt-2/pressekontakt",
"url": "https://mul-ct.de/medizinische-universitaet/pressekontakt-2/pressekontakt"
}
],
"score": 84,
"summary": "Crawl fand 4 Formular(e) auf 4 geprüften Seite(n), u. a. /datenschutz.php, /impressum.php, /medizinische-universitaet/pressekontakt-2, /medizinische-universitaet/pressekontakt-2/pressekontakt.",
"findings": [],
"form_count": 4,
"risk_level": "medium",
"field_count": 1,
"asks_for_data": true,
"crawl_form_pages": [
{
"url": "https://mul-ct.de/datenschutz.php",
"path": "/datenschutz.php",
"category": "datenschutz",
"form_count": 1
},
{
"url": "https://mul-ct.de/impressum.php",
"path": "/impressum.php",
"category": "impressum",
"form_count": 1
},
{
"url": "https://mul-ct.de/medizinische-universitaet/pressekontakt-2",
"path": "/medizinische-universitaet/pressekontakt-2",
"category": "kontakt",
"form_count": 1
},
{
"url": "https://mul-ct.de/medizinische-universitaet/pressekontakt-2/pressekontakt",
"path": "/medizinische-universitaet/pressekontakt-2/pressekontakt",
"category": "kontakt",
"form_count": 1
}
],
"payment_providers": [],
"detected_data_types": [
{
"id": "contact",
"count": 1,
"label": "Kontaktformular"
}
],
"crawl_form_page_count": 4,
"privacy_context_found": true,
"operator_context_found": true
},
"pii_exposure_analysis": {
"color": "orange",
"score": 74,
"checks": [
{
"id": "current_url",
"ok": true,
"count": 0,
"label": "Aktuelle URL",
"detail": "Keine sensiblen Query-Parameter erkannt."
},
{
"id": "link_queries",
"ok": false,
"count": 2,
"label": "Link-Parameter",
"detail": "2 Link(s) mit sensiblen Parametern."
},
{
"id": "get_forms",
"ok": true,
"count": 0,
"label": "GET-Formulare",
"detail": "Keine personenbezogenen GET-Formulare erkannt."
},
{
"id": "external_forms",
"ok": true,
"count": 0,
"label": "Externe Formularziele",
"detail": "Keine externen Formularziele mit personenbezogenen Feldern erkannt."
},
{
"id": "tracking_context",
"ok": false,
"count": 2,
"label": "Tracking neben Dateneingabe",
"detail": "2 datenschutzrelevante Drittanbieter."
}
],
"status": "auffällig",
"summary": "2 PII-/Datenleck-Hinweis(e) aus URL-, Formular- und Browserkontext.",
"findings": [
{
"id": "pii_sensitive_link_query",
"links": [
{
"href": "https://mul-ct.de/informationen-zur-veranstaltung",
"params": [
"event"
],
"external": false
},
{
"href": "https://mul-ct.de/informationen-zur-veranstaltung",
"params": [
"event"
],
"external": false
}
],
"title": "Links mit sensiblen Query-Parametern erkannt",
"public": true,
"category": "privacy",
"severity": "info"
},
{
"id": "pii_tracking_on_data_entry_page",
"title": "Dateneingabe und datenschutzrelevante Drittanbieter im selben Browseraufruf",
"public": true,
"category": "privacy",
"severity": "warning",
"third_party_count": 2
}
],
"link_hits": [
{
"href": "https://mul-ct.de/informationen-zur-veranstaltung",
"params": [
"event"
],
"external": false
},
{
"href": "https://mul-ct.de/informationen-zur-veranstaltung",
"params": [
"event"
],
"external": false
}
],
"finding_count": 2,
"current_url_hits": [],
"tracking_context": true,
"sensitive_get_forms": []
},
"scan_history_analysis": {
"available": false,
"summary": "Noch kein früherer gespeicherter Scan für diese Domain vorhanden.",
"total_scan_count": 1,
"previous_scan_count": 0,
"history": [
{
"scan_id": "c410c896-eece-4b70-bf6a-6555e57119fe",
"created_at": "2026-06-19 23:54:30.041422+02",
"score": 57,
"verdict": "auffällig",
"finding_count": 26,
"integrity_root_hash": "03d4c66f0da1889cb7ea100c86d80ec9b8d6dc510c7c3e812e723eb59a96a638",
"integrity_available_hash_count": 9,
"current": true
}
],
"new_findings": [],
"resolved_findings": [],
"technical_changes": {
"available": false,
"summary": "Noch kein früherer Scan für technische Änderungen vorhanden."
}
},
"benchmark_analysis": {
"host": "mul-ct.de",
"rank": 1,
"score": 57,
"status": "im_mittelfeld",
"summary": "mul-ct.de liegt mit 57 Punkten ungefähr im gespeicherten Vergleichsfeld.",
"available": true,
"peer_count": 8236,
"percentile": 0,
"query_mode": "php_ttl_cache_refresh",
"distribution": {
"0_39": 1283,
"40_59": 3278,
"60_79": 3658,
"80_100": 17
},
"median_score": 58,
"average_score": 53,
"comparison_basis": "Neuester gespeicherter SaferPage-Scan je Domain; überwiegend deutschsprachige gespeicherte Checks.",
"same_score_count": 0,
"better_than_count": 0,
"qualified_peer_count": 7917,
"zero_score_count": 319,
"top_quartile_score": 65,
"top_decile_score": 69,
"qualified_average_score": 55.2,
"qualified_median_score": 59,
"qualified_top_quartile_score": 65,
"qualified_top_decile_score": 69,
"thresholds": [
{
"id": "critical",
"label": "Kritisch",
"range": "0-39",
"met": false
},
{
"id": "basic",
"label": "Basis stabilisieren",
"range": "40-59",
"met": true
},
{
"id": "managed",
"label": "Gesteuert",
"range": "60-79",
"met": false
},
{
"id": "strong",
"label": "Stark",
"range": "80-100",
"met": false
}
],
"risk_tier": "basis",
"target_score": 60,
"aspirational_target_score": 69,
"gap_to_target": 3,
"gap_to_top_quartile": 8,
"gap_to_strong": 23,
"cache_ttl_seconds": 300
},
"audit_receipt": {
"url": "https://mul-ct.de/",
"host": "mul-ct.de",
"status": "verfügbar",
"bot_url": "https://saferpage.de/bot",
"summary": "Prüfbeleg für mul-ct.de: kontrollierter HTTP-/Browser-Kurzcheck mit 82 Request(s), 4 Consent-Zustand/Zuständen und 7 Artefakt(en).",
"renderer": "playwright-chromium",
"artifacts": [
{
"label": "Öffentlicher Kurzreport",
"detail": "https://saferpage.de/mul-ct.de",
"status": "verfügbar"
},
{
"label": "JSON-Export",
"detail": "Maschinenlesbarer Report mit Modulen, Nachweisen und Tabellen.",
"status": "verfügbar"
},
{
"label": "CSV-Export",
"detail": "Tabellarische Prüfzeilen für Betreiber, Datenschutz und Technik.",
"status": "verfügbar"
},
{
"label": "160x150 Seitenvorschau",
"detail": "/cache/screenshots/mul-ct.de-160x150-00da65e4ebfe7c61a0.png",
"status": "verfügbar"
},
{
"label": "Cookie-Erklärung",
"detail": "2 Cookie-/Storage-Eintrag/Einträge.",
"status": "unauffällig"
},
{
"label": "Empfänger-/Anbieterinventar",
"detail": "2 Anbieterzeile(n), 2 AVV-/Rollenprüfung(en).",
"status": "prüfen"
},
{
"label": "Barrierefreiheitserklärung-Entwurf",
"detail": "1 bekannte Barrierefreiheits-Punkt(e).",
"status": "Teilweise konform im automatischen Basischeck"
}
],
"available": true,
"final_url": "https://mul-ct.de/",
"checked_at": "2026-06-19T21:54:29+00:00",
"share_text": "SaferPage Prüfbeleg mul-ct.de: 82 Browser-Request(s), 2 Drittanbieter, 2 Cookie-/Storage-Einträge, geprüft am 2026-06-19T21:54:29.",
"user_agent": "SaferPageCrawler/0.3 (+https://saferpage.de/bot; schedules passive DACH website checks; report examples: https://saferpage.de/tests; kostenloser Report: <a href=\"https://saferpage.de/mul-ct.de\">https://saferpage.de/mul-ct.de</a>)",
"limitations": [
"Öffentliche Nachweise enthalten keine Cookie-Werte und keine vollständigen Request-URLs.",
"Der Scan ist ein passiver Browser- und HTTP-Kurzcheck; rechtliche Bewertung bleibt Betreiberaufgabe.",
"Dynamische Inhalte können sich je nach Region, Zeit, Gerät und Consent-Auswahl ändern."
],
"scan_context": "crawler",
"coverage_items": [
{
"label": "HTTP/DNS/TLS",
"value": "HTTP 200 · DNS ok · TLS ok"
},
{
"label": "Browserlauf",
"value": "82 Request(s), 2 Drittanbieter-Domain(s), 2 Browser-Cookie(s)."
},
{
"label": "Consent-Zustände",
"value": "4 Zustand/Zustände: Default, Ablehnen, Akzeptieren und GPC soweit verfügbar."
},
{
"label": "Seitenabdeckung",
"value": "8 priorisierte Unterseite(n) im Nachweispack."
},
{
"label": "Drittanbieter-Auszug",
"value": "2 Anbieterzeile(n) im öffentlichen Nachweis."
},
{
"label": "Cookie-Auszug",
"value": "2 Cookie-Zeile(n) im öffentlichen Nachweis."
}
],
"confidence_score": 77,
"browser_final_url": "https://mul-ct.de/"
},
"evidence_integrity_manifest": {
"host": "mul-ct.de",
"status": "verfügbar",
"summary": "Integritätsmanifest für mul-ct.de: 9/9 Nachweisbereich(e) mit SHA-256-Hash dokumentiert.",
"sections": [
{
"id": "audit_receipt",
"hash": "9d00e6cc66d34cf728f21ab235b991075a7fc486aed0ac0747c0862e21e05102",
"count": 18,
"label": "Prüfbeleg",
"detail": "Kanonischer JSON-Hash des kompakten Prüfbelegs.",
"status": "verfügbar"
},
{
"id": "protocol",
"hash": "69ddfe85b1900ce9bef45f93dccc6284dbefa1045a9e1cad15e11f852d387960",
"count": 15,
"label": "Scan-Protokoll",
"detail": "URL, Endziel, User-Agent, Zeitstempel, HTTP/DNS/TLS und Renderer.",
"status": "verfügbar"
},
{
"id": "checkpoints",
"hash": "6b85b528c7aea5a24c5ae5a946408fd3fe6675c12cb322885a16b1a530316302",
"count": 6,
"label": "Prüfschritte",
"detail": "Kanonischer JSON-Hash der dokumentierten Prüfstationen.",
"status": "verfügbar"
},
{
"id": "consent_states",
"hash": "a286fc49400e01db233f69b5ff408208ebfd65a7d750165214653f23ca0afb62",
"count": 4,
"label": "Consent-Zustände",
"detail": "Default-, Ablehnen-, Akzeptieren- und GPC-Nachweise soweit verfügbar.",
"status": "verfügbar"
},
{
"id": "third_party_evidence",
"hash": "d5900214d4bd1814eb37590aecfc1f58c61410f291144a0501855ca6986cf72e",
"count": 2,
"label": "Drittanbieter-Auszug",
"detail": "Sanitisierte Anbieter-, Kategorie-, Transfer- und Request-Zählwerte.",
"status": "verfügbar"
},
{
"id": "cookie_evidence",
"hash": "95ade49c68833a8242ea2f198308b520380c7b3bb21ce0c6772e5af4650c8af1",
"count": 2,
"label": "Cookie-Auszug",
"detail": "Sanitisierte Cookie-Metadaten ohne Cookie-Werte.",
"status": "verfügbar"
},
{
"id": "request_samples",
"hash": "367581f6bb210868a514e788992127d669f66de981a1091c2446c74ed069bae2",
"count": 2,
"label": "Request-Samples",
"detail": "Sanitisierte Drittanbieter-Samples ohne vollständige Request-URLs.",
"status": "verfügbar"
},
{
"id": "checked_pages",
"hash": "aee1e493cbbfe062c020026f64f575292831cf0480f850de0e8db661933ffaec",
"count": 8,
"label": "Geprüfte Unterseiten",
"detail": "Priorisierte Pfade aus Sitemap, Pflichtseiten und interner Linkstruktur.",
"status": "verfügbar"
},
{
"id": "screenshot_file",
"hash": "62f33fa8ea9e13812340c2f834fdb024a6f639c8e50f7a401413ad99ec256e04",
"count": 6692,
"label": "160x150 Seitenvorschau-Datei",
"detail": "/cache/screenshots/mul-ct.de-160x150-00da65e4ebfe7c61a0.png",
"status": "verfügbar"
}
],
"algorithm": "sha256",
"available": true,
"root_hash": "03d4c66f0da1889cb7ea100c86d80ec9b8d6dc510c7c3e812e723eb59a96a638",
"checked_at": "2026-06-19T21:54:29+00:00",
"limitations": [
"Das Manifest schützt die im Report veröffentlichten/sanitisierten Nachweise, nicht verdeckte Cookie-Werte oder vollständige Request-URLs.",
"Ohne externe qualifizierte Zeitstempelung beweist der Hash Integrität des exportierten Artefakts, aber keine amtliche Zustellung."
],
"section_count": 9,
"canonicalization": "JSON UTF-8, sort_keys=true, kompakte Separatoren; Screenshot als rohe Datei-Bytes.",
"available_hash_count": 9
},
"audit_evidence_pack": {
"status": "verfügbar",
"summary": "Nachweisprotokoll mit 82 Browser-Request(s), 2 Cookie-Nachweis(en), 2 Drittanbieter-Auszug/auszügen und 4 Consent-Zustand/Zuständen.",
"protocol": {
"host": "mul-ct.de",
"dns_ok": true,
"tls_ok": true,
"bot_url": "https://saferpage.de/bot",
"renderer": "playwright-chromium",
"final_url": "https://mul-ct.de/",
"input_url": "https://mul-ct.de/",
"checked_at": "2026-06-19T21:54:29+00:00",
"user_agent": "SaferPageCrawler/0.3 (+https://saferpage.de/bot; schedules passive DACH website checks; report examples: https://saferpage.de/tests; kostenloser Report: <a href=\"https://saferpage.de/mul-ct.de\">https://saferpage.de/mul-ct.de</a>)",
"http_status": 200,
"scan_context": "crawler",
"screenshot_url": "/cache/screenshots/mul-ct.de-160x150-00da65e4ebfe7c61a0.png",
"googlebot_status": 200,
"browser_final_url": "https://mul-ct.de/",
"dns_address_count": 1
},
"checkpoints": [
{
"label": "DNS",
"detail": "1 Adresse(n) aufgelöst.",
"status": "ok"
},
{
"label": "TLS/HTTPS",
"detail": "TLSv1.3",
"status": "ok"
},
{
"label": "HTTP-Abruf",
"detail": "Status 200, Endziel https://mul-ct.de/.",
"status": "ok"
},
{
"label": "Browserlauf",
"detail": "82 Request(s), 2 Drittanbieter-Domain(s).",
"status": "ok"
},
{
"label": "Consent-Zustände",
"detail": "Default, Ablehnen, Akzeptieren und GPC werden soweit möglich gegenübergestellt.",
"status": "prüfen"
},
{
"label": "Exports",
"detail": "PDF/Druck, JSON und CSV enthalten die wesentlichen Prüfnachweise.",
"status": "verfügbar"
}
],
"limitations": [
"Öffentliche Nachweise enthalten keine Cookie-Werte und keine vollständigen Request-URLs.",
"Der Scan ist ein passiver Browser- und HTTP-Kurzcheck; rechtliche Bewertung bleibt Betreiberaufgabe.",
"Dynamische Inhalte können sich je nach Region, Zeit, Gerät und Consent-Auswahl ändern."
],
"checked_pages": [
{
"path": "/datenschutz.php",
"source": "homepage_link",
"status": 0,
"category": "datenschutz"
},
{
"path": "/impressum.php",
"source": "homepage_link",
"status": 0,
"category": "impressum"
},
{
"path": "/medizinische-universitaet/pressekontakt-2",
"source": "homepage_link+sitemap",
"status": 0,
"category": "kontakt"
},
{
"path": "/medizinische-universitaet/pressekontakt-2/pressekontakt",
"source": "sitemap",
"status": 0,
"category": "kontakt"
},
{
"path": "/start/kontakte",
"source": "homepage_link+sitemap",
"status": 0,
"category": "kontakt"
},
{
"path": "/index/kontakte.php",
"source": "homepage_link",
"status": 0,
"category": "kontakt"
},
{
"path": "/kontak",
"source": "homepage_link",
"status": 0,
"category": "kontakt"
},
{
"path": "/forschung/broad-consent",
"source": "homepage_link",
"status": 0,
"category": "cookies"
}
],
"cookie_evidence": [
{
"name": "__Host-token-client",
"domain": "mul-ct.de",
"secure": true,
"category": "Notwendig",
"provider": "mul-ct.de",
"tracking": false,
"retention": "kurz (0 Tage)",
"same_site": "Lax",
"pre_consent": true
},
{
"name": "fc40b4128",
"domain": "mul-ct.de",
"secure": true,
"category": "Unklar",
"provider": "mul-ct.de",
"tracking": false,
"retention": "kurz (0 Tage)",
"same_site": "Lax",
"pre_consent": true
}
],
"browser_evidence": {
"gpc_enabled": true,
"request_count": 82,
"storage_total": 0,
"accept_clicked": true,
"reject_clicked": true,
"browser_cookie_count": 2,
"contacted_domain_count": 3,
"third_party_domain_count": 2,
"storage_tracking_hint_count": 0,
"privacy_relevant_domain_count": 2
},
"storage_evidence": {
"tracking_key_hints": [],
"local_storage_total": 0,
"session_storage_total": 0
},
"third_party_evidence": [
{
"host": "cdn.matomo.cloud",
"category": "Analytics",
"provider": "Matomo",
"transfer": "EU/EWR oder selbst gehostet",
"risk_level": "mittel",
"request_count": 1,
"resource_types": [
"script"
],
"privacy_relevant": true
},
{
"host": "ctk.matomo.cloud",
"category": "Analytics",
"provider": "Matomo",
"transfer": "EU/EWR oder selbst gehostet",
"risk_level": "mittel",
"request_count": 1,
"resource_types": [
"ping"
],
"privacy_relevant": true
}
],
"external_script_count": 0,
"consent_state_evidence": [
{
"label": "Erstaufruf",
"cookie_count": 0,
"domain_count": 2,
"request_count": 2,
"storage_tracking_hint_count": 0,
"privacy_relevant_domain_count": 2
},
{
"label": "Nach Ablehnen neu",
"cookie_count": 0,
"domain_count": 0,
"request_count": 0,
"storage_tracking_hint_count": 0,
"privacy_relevant_domain_count": 0
},
{
"label": "Nach Akzeptieren neu",
"cookie_count": 0,
"domain_count": 0,
"request_count": 0,
"storage_tracking_hint_count": 0,
"privacy_relevant_domain_count": 0
},
{
"label": "GPC-Aufruf",
"cookie_count": 0,
"domain_count": 2,
"request_count": 2,
"storage_tracking_hint_count": 0,
"privacy_relevant_domain_count": 2
}
],
"request_sample_evidence": [
{
"host": "cdn.matomo.cloud",
"query_keys": [],
"resource_type": "script",
"query_key_count": 0,
"referrer_has_path": false,
"referrer_has_query": false,
"sensitive_query_key_count": 0
},
{
"host": "ctk.matomo.cloud",
"query_keys": [
"action_name",
"idsite",
"rec",
"r",
"h",
"m",
"s",
"url"
],
"resource_type": "ping",
"query_key_count": 23,
"referrer_has_path": false,
"referrer_has_query": false,
"sensitive_query_key_count": 0
}
]
},
"consent_visual_salience_evidence": {
"schema": "https://saferpage.de/schemas/consent-visual-salience-evidence.v1",
"status": "measured_dom_viewport_signal",
"available": true,
"evidence_level": "dom_viewport_signal_only",
"summary": "Der erste Headless-Chromium-Viewport liefert sichtbare Consent-Control-Signale mit Text, Position, Groesse und typografischen Hinweisen.",
"sample_status": "classified_control_samples",
"classified_sample_count": 4,
"accept_control_count": 2,
"reject_control_count": 1,
"settings_control_count": 1,
"visible_control_count": 7,
"accept_max_area": 34563,
"reject_max_area": 34563,
"reject_prominence_ratio": 1,
"samples": [
{
"kind": "accept",
"text": "Alle akzeptieren",
"tag": "button",
"width": 924,
"height": 37,
"area": 34563,
"top": 855,
"left": 50,
"font_weight": "400"
},
{
"kind": "accept",
"text": "Nur Notwendige akzeptieren",
"tag": "button",
"width": 924,
"height": 37,
"area": 34563,
"top": 903,
"left": 50,
"font_weight": "400"
},
{
"kind": "reject",
"text": "Nur Notwendige akzeptieren",
"tag": "button",
"width": 924,
"height": 37,
"area": 34563,
"top": 903,
"left": 50,
"font_weight": "400"
},
{
"kind": "settings",
"text": "Auswahl speichern",
"tag": "button",
"width": 924,
"height": 37,
"area": 34563,
"top": 950,
"left": 50,
"font_weight": "400"
}
],
"sample_boundary": "Samples enthalten nur klassifizierte Accept-/Reject-/Settings-Controls. Weitere sichtbare Consent-Controls bleiben als Zaehler erhalten, werden aber ohne Klassifizierung nicht als Ablehnen-, Akzeptieren- oder Einstellungsprobe behauptet.",
"claim_boundary": "Consent-Visual-Salienz ist ein DOM-/Viewport-Signal aus dem ersten Browserlauf. Sie ist keine Rechtsbewertung, kein Dark-Pattern-Endurteil und kein Nachweis fuer spaetere Consent-Zustaende, Scrollbereiche, Loginbereiche oder manuelle Betreiberkontexte."
}
}
Geprüfte Domain-Wurzel: https://mul-ct.de/