{ "schema": "https://saferpage.de/schemas/operator-release-gate.v1", "generated_at": "2026-06-08T23:31:20+00:00", "domain": "anrufer.info", "available": true, "scan": { "id": "ea4df023-8c2b-4037-b07d-57b7f1642e77", "checked_at": "2026-06-07 03:22:43.653919+02" }, "status": "block", "score": 60, "summary": "Release-Gate fuer anrufer.info: 6/10 Gate(s) bestanden, 3 kritische/hohe Blocker, 2 manuelle Freigabe(n) offen.", "metrics": { "gate_count": 10, "passed_gate_count": 6, "failed_gate_count": 4, "critical_failed_count": 3, "manual_open_count": 2, "release_score": 60, "current_report_score": 0, "new_finding_count": 1 }, "gates": [ { "id": "domain_claim", "label": "Betreiber-Claim oder Freigabe vorhanden", "status": "manual_review", "passed": false, "manual_review": true, "severity": "high", "owner": "Website-Betrieb/Admin", "evidence": "Aus oeffentlichem Scan nicht beweisbar.", "action": "Domain-Verifizierung, Rollen und MFA vor produktivem Betreiberzugriff abschliessen.", "url": "https://saferpage.de/betreiber/anrufer.info/verifizierung" }, { "id": "consent_regression", "label": "Consent- und Tracking-Regression bestanden", "status": "failed", "passed": false, "manual_review": false, "severity": "critical", "owner": "Marketing/IT/Datenschutz", "evidence": "Consent Score 46, Cookies 1.", "action": "Default, Ablehnen, Akzeptieren und GPC erneut testen; nicht notwendige Dienste bis zur Einwilligung blockieren.", "url": "https://saferpage.de/consent-journey/anrufer.info" }, { "id": "vendor_review", "label": "Neue oder geaenderte Anbieter freigegeben", "status": "passed", "passed": true, "manual_review": false, "severity": "medium", "owner": "Legal/Vendor Owner", "evidence": "0 Anbieter-/AVV-Pruefung(en), 0 Transferpruefung(en).", "action": "AVV/DPA, TOMs, Subprozessoren, Transfer und Anbieter-Offenlegung vor Go-live synchronisieren.", "url": "https://saferpage.de/anbieter/anrufer.info/due-diligence" }, { "id": "notice_sync", "label": "Datenschutzhinweis und Policy-Diff freigegeben", "status": "passed", "passed": true, "manual_review": false, "severity": "medium", "owner": "Datenschutz/Content", "evidence": "Notice vorhanden, Diff-Signale 0.", "action": "Datenschutzhinweis, Cookie-Erklaerung und Anbietertexte gegen reale Technik abgleichen und versioniert freigeben.", "url": "https://saferpage.de/policies/anrufer.info/diff-json" }, { "id": "security_headers", "label": "Security-Header und Transport-Schutz stabil", "status": "failed", "passed": false, "manual_review": false, "severity": "high", "owner": "IT/Security", "evidence": "Security-Header Score 0.", "action": "HSTS, CSP/Frame/Referrer/Content-Type-Optionen und sichere Cookies nach Deployment erneut pruefen.", "url": "https://saferpage.de/technik/anrufer.info" }, { "id": "performance_privacy_budget", "label": "Performance- und Drittanbieter-Budget eingehalten", "status": "passed", "passed": true, "manual_review": false, "severity": "medium", "owner": "Webentwicklung/Marketing Ops", "evidence": "Performance Score 100.", "action": "Drittanbieterlast, externe Fonts, Werbeskripte und Render-Blocker reduzieren; Datenschutz und Ladezeit zusammen testen.", "url": "https://saferpage.de/performance/anrufer.info" }, { "id": "accessibility_ux", "label": "Barrierefreiheit und Consent-UX pruefbar", "status": "passed", "passed": true, "manual_review": false, "severity": "medium", "owner": "UX/Webentwicklung", "evidence": "Accessibility Score 72.", "action": "Banner, Formulare, Links, Kontrast, Tastaturbedienung und mobile Darstellung vor Go-live testen.", "url": "https://saferpage.de/barrierefreiheit/anrufer.info" }, { "id": "scan_scope", "label": "Staging/Live-Scope und letzte Seitenpruefung vorhanden", "status": "passed", "passed": true, "manual_review": false, "severity": "high", "owner": "Website-Betrieb", "evidence": "4 sampled Page(s), 0 Evidence Page(s).", "action": "Startseite, Datenschutz, Impressum, Kontakt, Formular-, Consent- und Checkout-/Lead-Pfade als Release-Scope festlegen.", "url": "https://saferpage.de/scanbetrieb/anrufer.info" }, { "id": "evidence_package", "label": "Nachweispaket und Screenshot vorhanden", "status": "passed", "passed": true, "manual_review": false, "severity": "medium", "owner": "Compliance/IT", "evidence": "Scan-ID ea4df023-8c2b-4037-b07d-57b7f1642e77, Preview vorhanden.", "action": "JSON/CSV/ZIP, Screenshot, Request-/Cookie-Auszug und Release-Entscheidung im Audit-Paket ablegen.", "url": "https://saferpage.de/nachweise/anrufer.info" }, { "id": "incident_rollback", "label": "Rollback- und Incident-Pfad bestaetigt", "status": "manual_review", "passed": false, "manual_review": true, "severity": "medium", "owner": "IT/Security/DSB", "evidence": "Incident Readiness 0.", "action": "Rollback Owner, 72h-Pruefung, Vendor-Kontakte und Kommunikationspfad vor Launch benennen.", "url": "https://saferpage.de/vorfall/anrufer.info" } ], "ci_contract": { "recommended_modes": [ "blocking_on_main", "advisory_on_preview", "manual_override_with_reason" ], "required_inputs": [ "domain", "environment", "release_id", "commit_sha_or_ticket", "operator_approval", "scan_id" ], "exit_codes": { "go": 0, "conditional_go": 1, "block": 2 }, "does_not_deploy": true }, "delivery_events": [ { "id": "release_gate.started", "target": "Jira/Slack/Webhook", "payload": "domain, release_id, scan_id, branch, environment, gates" }, { "id": "release_gate.blocked", "target": "Jira/Teams/Webhook", "payload": "failed_gates, severity, owner, remediation_url" }, { "id": "release_gate.approved", "target": "Audit Log/Trust Center", "payload": "approved_by, approved_at, evidence_links, rescan_required" } ], "release_checklist": [ { "id": "pre_scan", "label": "Vor Go-live Staging oder Preview scannen", "owner": "Website-Betrieb" }, { "id": "fix_blockers", "label": "Critical/High Gates schließen oder begründet freigeben", "owner": "Programm-Owner" }, { "id": "rescan", "label": "Nach Fix erneut scannen und Exportpaket sichern", "owner": "Compliance/IT" }, { "id": "post_launch", "label": "Nach Livegang Kurzreport, Monitoring und Alerts prüfen", "owner": "Website-Betrieb" } ], "links": { "html": "https://saferpage.de/release-gate/anrufer.info", "json": "https://saferpage.de/release-gate/anrufer.info/export", "csv": "https://saferpage.de/release-gate/anrufer.info/export-csv", "markdown": "https://saferpage.de/release-gate/anrufer.info/runbook-md", "operator_board": "https://saferpage.de/betreiber/anrufer.info", "domain_verification": "https://saferpage.de/betreiber/anrufer.info/verifizierung", "scan_operations": "https://saferpage.de/scanbetrieb/anrufer.info", "integrations": "https://saferpage.de/integrationen", "change_center": "https://saferpage.de/aenderungen/anrufer.info", "report": "https://saferpage.de/anrufer.info" }, "sources": [ { "title": "OneTrust Cookie Consent", "url": "https://www.onetrust.com/products/cookie-consent/", "note": "Orientierung fuer Website-Scans und Updates vor produktiven Aenderungen." }, { "title": "Osano Compliance Check", "url": "https://www.osano.com/features/compliance-check", "note": "Orientierung fuer kontinuierliche Compliance-Checks und priorisierte Remediation." } ], "disclaimer": "Release-Gate ist ein Betreiber-Blueprint. Es blockiert keinen echten Deploy und ersetzt keine Rechtsfreigabe. Produktive CI/CD-Anbindung braucht Domain-Claim, Rollen, Auditlog und Integrationsfreigabe." }