{ "schema": "https://saferpage.de/schemas/technology-detection.v1", "generated_at": "2026-06-19T09:09:44+00:00", "domain": "dertour.de", "available": true, "scan": { "id": "0157cf60-bcb1-4509-a5a9-30f2397cfe8b", "checked_at": "2026-06-19 07:45:36.938148+02" }, "summary": "dertour.de: 22 sichtbare Technik-/Anbietersignale, 3 mit hoher Datenschutzrelevanz, 0 CMS-/Shop-Hinweis(e).", "metrics": { "technology_count": 22, "high_privacy_relevance_count": 3, "cms_or_shop_count": 0, "external_script_count": 20, "request_count": 121, "third_party_domain_count": 15, "infrastructure_finding_count": 1 }, "signals": { "server_header": "\"\"", "generator": "", "x_powered_by": "\"\"", "asset_hosts": [ "d3fwrducsmo9yr.cloudfront.net", "api.usercentrics.eu", "graphql.usercentrics.eu", "www.dertour.de" ], "external_scripts": [ "https://d3fwrducsmo9yr.cloudfront.net/neon/assets/master-b2ccd48fef9c075594befad843fbd910f0c566e9/_next/static/chunks/polyfills-42372ed130431b0a.js", "https://d3fwrducsmo9yr.cloudfront.net/neon/assets/master-b2ccd48fef9c075594befad843fbd910f0c566e9/_next/static/chunks/8963.5a4862c5fb2661df.js", "https://d3fwrducsmo9yr.cloudfront.net/neon/assets/master-b2ccd48fef9c075594befad843fbd910f0c566e9/_next/static/chunks/9452.4d170c6783e8109e.js", "https://d3fwrducsmo9yr.cloudfront.net/neon/assets/master-b2ccd48fef9c075594befad843fbd910f0c566e9/_next/static/chunks/3040.f36c7ace679d0ca6.js", "https://d3fwrducsmo9yr.cloudfront.net/neon/assets/master-b2ccd48fef9c075594befad843fbd910f0c566e9/_next/static/chunks/9427.f0b86a6aa2c6f746.js", "https://d3fwrducsmo9yr.cloudfront.net/neon/assets/master-b2ccd48fef9c075594befad843fbd910f0c566e9/_next/static/chunks/webpack-d73968d719b85a05.js", "https://d3fwrducsmo9yr.cloudfront.net/neon/assets/master-b2ccd48fef9c075594befad843fbd910f0c566e9/_next/static/chunks/framework-b14061a724f57357.js", "https://d3fwrducsmo9yr.cloudfront.net/neon/assets/master-b2ccd48fef9c075594befad843fbd910f0c566e9/_next/static/chunks/main-59fd385ec696d446.js", "https://d3fwrducsmo9yr.cloudfront.net/neon/assets/master-b2ccd48fef9c075594befad843fbd910f0c566e9/_next/static/chunks/pages/_app-22f476cb2e0f0ae4.js", "https://d3fwrducsmo9yr.cloudfront.net/neon/assets/master-b2ccd48fef9c075594befad843fbd910f0c566e9/_next/static/chunks/2276-779ec1a9ceea41cb.js", "https://d3fwrducsmo9yr.cloudfront.net/neon/assets/master-b2ccd48fef9c075594befad843fbd910f0c566e9/_next/static/chunks/8695-f7a911fe22c5258a.js", "https://d3fwrducsmo9yr.cloudfront.net/neon/assets/master-b2ccd48fef9c075594befad843fbd910f0c566e9/_next/static/chunks/5376-05d6dc9194437a39.js", "https://d3fwrducsmo9yr.cloudfront.net/neon/assets/master-b2ccd48fef9c075594befad843fbd910f0c566e9/_next/static/chunks/5412-826c284b6c4e79d8.js", "https://d3fwrducsmo9yr.cloudfront.net/neon/assets/master-b2ccd48fef9c075594befad843fbd910f0c566e9/_next/static/chunks/1460-7cff5f27571a3409.js", "https://d3fwrducsmo9yr.cloudfront.net/neon/assets/master-b2ccd48fef9c075594befad843fbd910f0c566e9/_next/static/chunks/658-9dfe7715f906019d.js", "https://d3fwrducsmo9yr.cloudfront.net/neon/assets/master-b2ccd48fef9c075594befad843fbd910f0c566e9/_next/static/chunks/8301-043e6e187ad7b378.js", "https://d3fwrducsmo9yr.cloudfront.net/neon/assets/master-b2ccd48fef9c075594befad843fbd910f0c566e9/_next/static/chunks/3963-d22728a25ca44c18.js", "https://d3fwrducsmo9yr.cloudfront.net/neon/assets/master-b2ccd48fef9c075594befad843fbd910f0c566e9/_next/static/chunks/502-027412e8a448ac8a.js", "https://d3fwrducsmo9yr.cloudfront.net/neon/assets/master-b2ccd48fef9c075594befad843fbd910f0c566e9/_next/static/chunks/282-08a4d5ebdd841dee.js", "https://d3fwrducsmo9yr.cloudfront.net/neon/assets/master-b2ccd48fef9c075594befad843fbd910f0c566e9/_next/static/chunks/3867-a801190fc690f983.js" ], "tls_version": "TLSv1.2", "certificate_issuer": "Amazon RSA 2048 M01", "renderer": "playwright-chromium" }, "category_counts": { "Analytics/Werbung": 3, "Consent": 1, "other": 15, "Server": 2, "JavaScript": 1 }, "technologies": [ { "id": "google_analytics", "name": "Google Analytics", "category": "analytics", "category_label": "Analytics/Werbung", "confidence": "high", "risk_score": 80, "privacy_relevance": "hoch", "evidence": [ "Signal: google-analytics.com" ], "source": "technology_analysis" }, { "id": "tracking_google_analytics_4", "name": "Google Analytics 4", "category": "analytics", "category_label": "Analytics/Werbung", "confidence": "high", "risk_score": 80, "privacy_relevance": "hoch", "evidence": [ "google_analytics_4", "g-909879530" ], "source": "privacy_analysis" }, { "id": "google_tag_manager", "name": "Google Tag Manager", "category": "analytics", "category_label": "Analytics/Werbung", "confidence": "high", "risk_score": 80, "privacy_relevance": "hoch", "evidence": [ "Signal: googletagmanager.com" ], "source": "technology_analysis" }, { "id": "usercentrics", "name": "Usercentrics", "category": "consent", "category_label": "Consent", "confidence": "high", "risk_score": 58, "privacy_relevance": "mittel", "evidence": [ "Signal: usercentrics" ], "source": "technology_analysis" }, { "id": "provider_consent-api.service.consent.usercentrics.eu", "name": "consent-api.service.consent.usercentrics.eu", "category": "other", "category_label": "other", "confidence": "browser", "risk_score": 58, "privacy_relevance": "mittel", "evidence": [ "consent-api.service.consent.usercentrics.eu", "1 Request(s)" ], "source": "browser_analysis" }, { "id": "", "name": "\"\"", "category": "server", "category_label": "Server", "confidence": "medium", "risk_score": 42, "privacy_relevance": "niedrig", "evidence": [ "Server-Header: \"\"" ], "source": "technology_analysis" }, { "id": "server_header", "name": "\"\"", "category": "server", "category_label": "Server", "confidence": "medium", "risk_score": 42, "privacy_relevance": "niedrig", "evidence": [ "Server-Header: \"\"" ], "source": "technology_signals" }, { "id": "provider_cdn.prod.website-files.com", "name": "cdn.prod.website-files.com", "category": "other", "category_label": "other", "confidence": "browser", "risk_score": 42, "privacy_relevance": "niedrig", "evidence": [ "cdn.prod.website-files.com", "1 Request(s)" ], "source": "browser_analysis" }, { "id": "next.js", "name": "Next.js", "category": "js_framework", "category_label": "JavaScript", "confidence": "medium", "risk_score": 35, "privacy_relevance": "niedrig", "evidence": [ "Signal: /_next/static/" ], "source": "technology_analysis" }, { "id": "provider_api.usercentrics.eu", "name": "api.usercentrics.eu", "category": "other", "category_label": "other", "confidence": "browser", "risk_score": 35, "privacy_relevance": "niedrig", "evidence": [ "api.usercentrics.eu", "5 Request(s)" ], "source": "browser_analysis" }, { "id": "provider_app.usercentrics.eu", "name": "app.usercentrics.eu", "category": "other", "category_label": "other", "confidence": "browser", "risk_score": 35, "privacy_relevance": "niedrig", "evidence": [ "app.usercentrics.eu", "3 Request(s)" ], "source": "browser_analysis" }, { "id": "provider_assets.adobedtm.com", "name": "assets.adobedtm.com", "category": "other", "category_label": "other", "confidence": "browser", "risk_score": 35, "privacy_relevance": "niedrig", "evidence": [ "assets.adobedtm.com", "16 Request(s)" ], "source": "browser_analysis" }, { "id": "provider_aswpsdkeu.com", "name": "aswpsdkeu.com", "category": "other", "category_label": "other", "confidence": "browser", "risk_score": 35, "privacy_relevance": "niedrig", "evidence": [ "aswpsdkeu.com", "1 Request(s)" ], "source": "browser_analysis" }, { "id": "provider_cm.everesttech.net", "name": "cm.everesttech.net", "category": "other", "category_label": "other", "confidence": "browser", "risk_score": 35, "privacy_relevance": "niedrig", "evidence": [ "cm.everesttech.net", "1 Request(s)" ], "source": "browser_analysis" }, { "id": "provider_d3fwrducsmo9yr.cloudfront.net", "name": "d3fwrducsmo9yr.cloudfront.net", "category": "other", "category_label": "other", "confidence": "browser", "risk_score": 35, "privacy_relevance": "niedrig", "evidence": [ "d3fwrducsmo9yr.cloudfront.net", "33 Request(s)" ], "source": "browser_analysis" }, { "id": "provider_dertouristik.demdex.net", "name": "dertouristik.demdex.net", "category": "other", "category_label": "other", "confidence": "browser", "risk_score": 35, "privacy_relevance": "niedrig", "evidence": [ "dertouristik.demdex.net", "1 Request(s)" ], "source": "browser_analysis" }, { "id": "provider_dertouristikonlinegm.tt.omtrdc.net", "name": "dertouristikonlinegm.tt.omtrdc.net", "category": "other", "category_label": "other", "confidence": "browser", "risk_score": 35, "privacy_relevance": "niedrig", "evidence": [ "dertouristikonlinegm.tt.omtrdc.net", "4 Request(s)" ], "source": "browser_analysis" }, { "id": "provider_dpm.demdex.net", "name": "dpm.demdex.net", "category": "other", "category_label": "other", "confidence": "browser", "risk_score": 35, "privacy_relevance": "niedrig", "evidence": [ "dpm.demdex.net", "2 Request(s)" ], "source": "browser_analysis" }, { "id": "provider_eu-images.contentstack.com", "name": "eu-images.contentstack.com", "category": "other", "category_label": "other", "confidence": "browser", "risk_score": 35, "privacy_relevance": "niedrig", "evidence": [ "eu-images.contentstack.com", "31 Request(s)" ], "source": "browser_analysis" }, { "id": "provider_ib.adnxs.com", "name": "ib.adnxs.com", "category": "other", "category_label": "other", "confidence": "browser", "risk_score": 35, "privacy_relevance": "niedrig", "evidence": [ "ib.adnxs.com", "1 Request(s)" ], "source": "browser_analysis" }, { "id": "provider_metrics.dertour.de", "name": "metrics.dertour.de", "category": "other", "category_label": "other", "confidence": "browser", "risk_score": 35, "privacy_relevance": "niedrig", "evidence": [ "metrics.dertour.de", "1 Request(s)" ], "source": "browser_analysis" }, { "id": "provider_uct.service.usercentrics.eu", "name": "uct.service.usercentrics.eu", "category": "other", "category_label": "other", "confidence": "browser", "risk_score": 35, "privacy_relevance": "niedrig", "evidence": [ "uct.service.usercentrics.eu", "1 Request(s)" ], "source": "browser_analysis" } ], "operator_actions": [ { "id": "action_google_analytics", "technology": "Google Analytics", "priority": "hoch", "owner": "Marketing/IT/Datenschutz", "action": "Tracking-, Werbe- und Tag-Manager-Dienste bis zur aktiven Einwilligung blockieren und in Consent, Datenschutzhinweis und Anbieterregister erklären.", "guide_url": "https://saferpage.de/consent/dertour.de" }, { "id": "action_tracking_google_analytics_4", "technology": "Google Analytics 4", "priority": "hoch", "owner": "Marketing/IT/Datenschutz", "action": "Tracking-, Werbe- und Tag-Manager-Dienste bis zur aktiven Einwilligung blockieren und in Consent, Datenschutzhinweis und Anbieterregister erklären.", "guide_url": "https://saferpage.de/consent/dertour.de" }, { "id": "action_google_tag_manager", "technology": "Google Tag Manager", "priority": "hoch", "owner": "Marketing/IT/Datenschutz", "action": "Tracking-, Werbe- und Tag-Manager-Dienste bis zur aktiven Einwilligung blockieren und in Consent, Datenschutzhinweis und Anbieterregister erklären.", "guide_url": "https://saferpage.de/consent/dertour.de" }, { "id": "action_usercentrics", "technology": "Usercentrics", "priority": "mittel", "owner": "Website-Betrieb/Datenschutz", "action": "Techniksignal fachlich einordnen, Zweck, Anbieter, Datenarten und notwendige Nachweise ergänzen.", "guide_url": "https://saferpage.de/guides/datenschutz-webseiten-pruefkatalog" }, { "id": "action_provider_consent-api.service.consent.usercentrics.eu", "technology": "consent-api.service.consent.usercentrics.eu", "priority": "mittel", "owner": "Website-Betrieb/Datenschutz", "action": "Techniksignal fachlich einordnen, Zweck, Anbieter, Datenarten und notwendige Nachweise ergänzen.", "guide_url": "https://saferpage.de/guides/datenschutz-webseiten-pruefkatalog" }, { "id": "action_", "technology": "\"\"", "priority": "mittel", "owner": "IT/Security/Vendor Owner", "action": "Hosting/CDN, TLS, E-Mail-Schutz, Security-Header, CAA/DMARC und Anbieterrolle mit AVV/DPA/TOM-Nachweis prüfen.", "guide_url": "https://saferpage.de/anbieter/dertour.de" }, { "id": "action_server_header", "technology": "\"\"", "priority": "mittel", "owner": "IT/Security/Vendor Owner", "action": "Hosting/CDN, TLS, E-Mail-Schutz, Security-Header, CAA/DMARC und Anbieterrolle mit AVV/DPA/TOM-Nachweis prüfen.", "guide_url": "https://saferpage.de/anbieter/dertour.de" }, { "id": "action_provider_cdn.prod.website-files.com", "technology": "cdn.prod.website-files.com", "priority": "mittel", "owner": "Website-Betrieb/Datenschutz", "action": "Techniksignal fachlich einordnen, Zweck, Anbieter, Datenarten und notwendige Nachweise ergänzen.", "guide_url": "https://saferpage.de/guides/datenschutz-webseiten-pruefkatalog" }, { "id": "action_next.js", "technology": "Next.js", "priority": "mittel", "owner": "Website-Betrieb/Datenschutz", "action": "Techniksignal fachlich einordnen, Zweck, Anbieter, Datenarten und notwendige Nachweise ergänzen.", "guide_url": "https://saferpage.de/guides/datenschutz-webseiten-pruefkatalog" }, { "id": "action_provider_api.usercentrics.eu", "technology": "api.usercentrics.eu", "priority": "mittel", "owner": "Website-Betrieb/Datenschutz", "action": "Techniksignal fachlich einordnen, Zweck, Anbieter, Datenarten und notwendige Nachweise ergänzen.", "guide_url": "https://saferpage.de/guides/datenschutz-webseiten-pruefkatalog" } ], "cms_playbooks": [ { "id": "nextjs", "platform": "Next.js / React App", "summary": "Bei modernen Frontends liegen Tracking, Fonts, Consent und Security-Header oft in Build, Middleware, Tag Manager und CDN-Konfiguration verteilt.", "steps": [ "App Router/Pages, Layouts, Script-Komponenten, Tag Manager und Consent-Initialisierung prüfen.", "Consent Defaults vor Analytics-/Ads-Skripten setzen; third-party Scripts mit strategy und Consent-Gate kontrollieren.", "Security-Header, Referrer-Policy, CSP und HSTS in Middleware, next.config oder Reverse Proxy setzen.", "Build-Artefakte, Sourcemaps, externe Fonts und CDN-Hosts dokumentieren und nach Deployment erneut scannen." ], "acceptance": [ "Scripts sind consent-gated.", "Header sind im Live-Response sichtbar.", "Drittanbieter-Matrix passt zum Release." ], "owner": "Webbetrieb/IT/Datenschutz", "guide_url": "https://saferpage.de/guides/cms-plugin-patchstand-nachweisen", "rescan_url": "https://saferpage.de/?url=dertour.de" } ], "infrastructure": { "risk_level": "low", "positive_signals": [ "Mehrere IP-Adressen gefunden: Hinweis auf redundante Infrastruktur oder CDN.", "Moderne TLS-Version aktiv: TLSv1.2.", "HSTS ist aktiv.", "DMARC ist für die Domain vorhanden." ], "findings": [ { "id": "caa_missing", "title": "CAA-Record fehlt", "public": true, "category": "dns", "severity": "info", "recommendation": "Optional CAA setzen, um erlaubte Zertifikatsaussteller festzulegen." } ] }, "links": { "technology_center": "https://saferpage.de/technik/dertour.de", "json": "https://saferpage.de/technik/dertour.de/export", "csv": "https://saferpage.de/technik/dertour.de/export-csv", "markdown": "https://saferpage.de/technik/dertour.de/stack-md", "report": "https://saferpage.de/dertour.de", "vendors": "https://saferpage.de/anbieter/dertour.de", "consent": "https://saferpage.de/consent/dertour.de", "findings": "https://saferpage.de/befunde/dertour.de", "evidence": "https://saferpage.de/nachweise/dertour.de" }, "disclaimer": "Technik-Erkennung ist passiv: SaferPage wertet sichtbare Header, HTML-, Script-, Asset- und Browserkontakte aus. Nicht sichtbare Servertechnik, interne Plugins und Logins werden nicht behauptet." }