{ "schema": "https://saferpage.de/schemas/technology-detection.v1", "generated_at": "2026-06-20T16:03:01+00:00", "domain": "nexi.de", "available": true, "scan": { "id": "78e9d44f-e964-4810-9817-b4fb8d6e2d21", "checked_at": "2026-06-20 08:54:47.360424+02" }, "summary": "nexi.de: 24 sichtbare Technik-/Anbietersignale, 5 mit hoher Datenschutzrelevanz, 0 CMS-/Shop-Hinweis(e).", "metrics": { "technology_count": 24, "high_privacy_relevance_count": 5, "cms_or_shop_count": 0, "external_script_count": 1, "request_count": 146, "third_party_domain_count": 24, "infrastructure_finding_count": 2 }, "signals": { "server_header": "", "generator": "", "x_powered_by": "", "asset_hosts": [ "ajax.googleapis.com", "www.nexi.de" ], "external_scripts": [ "https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js" ], "tls_version": "TLSv1.3", "certificate_issuer": "GlobalSign RSA OV SSL CA 2018", "renderer": "playwright-chromium" }, "category_counts": { "Analytics/Werbung": 3, "Werbung": 1, "tag_manager": 1, "Schriften": 1, "cdn": 1, "other": 14, "social_tracking": 1, "session_replay": 1, "Bibliothek": 1 }, "technologies": [ { "id": "provider_google_analytics", "name": "Google Analytics", "category": "analytics", "category_label": "Analytics/Werbung", "confidence": "browser", "risk_score": 80, "privacy_relevance": "hoch", "evidence": [ "region1.google-analytics.com", "1 Request(s)" ], "source": "browser_analysis" }, { "id": "provider_google_doubleclick", "name": "Google DoubleClick", "category": "advertising", "category_label": "Werbung", "confidence": "browser", "risk_score": 80, "privacy_relevance": "hoch", "evidence": [ "ad.doubleclick.net", "1 Request(s)" ], "source": "browser_analysis" }, { "id": "google_tag_manager", "name": "Google Tag Manager", "category": "analytics", "category_label": "Analytics/Werbung", "confidence": "high", "risk_score": 80, "privacy_relevance": "hoch", "evidence": [ "Signal: googletagmanager.com", "Script-Domain: googletagmanager.com" ], "source": "technology_analysis" }, { "id": "provider_google_tag_manager", "name": "Google Tag Manager", "category": "tag_manager", "category_label": "tag_manager", "confidence": "browser", "risk_score": 80, "privacy_relevance": "hoch", "evidence": [ "googletagmanager.com", "4 Request(s)" ], "source": "browser_analysis" }, { "id": "tracking_google_tag_manager", "name": "Google Tag Manager", "category": "analytics", "category_label": "Analytics/Werbung", "confidence": "high", "risk_score": 80, "privacy_relevance": "hoch", "evidence": [ "google_tag_manager", "GTM-M7T2WFJ" ], "source": "privacy_analysis" }, { "id": "provider_google_fonts", "name": "Google Fonts", "category": "fonts", "category_label": "Schriften", "confidence": "browser", "risk_score": 58, "privacy_relevance": "mittel", "evidence": [ "fonts.gstatic.com", "2 Request(s)" ], "source": "browser_analysis" }, { "id": "provider_google_static", "name": "Google Static", "category": "cdn", "category_label": "cdn", "confidence": "browser", "risk_score": 58, "privacy_relevance": "mittel", "evidence": [ "gstatic.com", "5 Request(s)" ], "source": "browser_analysis" }, { "id": "provider_ajax.googleapis.com", "name": "ajax.googleapis.com", "category": "other", "category_label": "other", "confidence": "browser", "risk_score": 58, "privacy_relevance": "mittel", "evidence": [ "ajax.googleapis.com", "1 Request(s)" ], "source": "browser_analysis" }, { "id": "provider_google.com", "name": "google.com", "category": "other", "category_label": "other", "confidence": "browser", "risk_score": 58, "privacy_relevance": "mittel", "evidence": [ "google.com", "13 Request(s)" ], "source": "browser_analysis" }, { "id": "provider_google.de", "name": "google.de", "category": "other", "category_label": "other", "confidence": "browser", "risk_score": 58, "privacy_relevance": "mittel", "evidence": [ "google.de", "3 Request(s)" ], "source": "browser_analysis" }, { "id": "provider_cdn.acsbapp.com", "name": "cdn.acsbapp.com", "category": "other", "category_label": "other", "confidence": "browser", "risk_score": 42, "privacy_relevance": "niedrig", "evidence": [ "cdn.acsbapp.com", "1 Request(s)" ], "source": "browser_analysis" }, { "id": "provider_meta_facebook", "name": "Meta/Facebook", "category": "social_tracking", "category_label": "social_tracking", "confidence": "browser", "risk_score": 35, "privacy_relevance": "niedrig", "evidence": [ "facebook.com", "1 Request(s)" ], "source": "browser_analysis" }, { "id": "provider_microsoft_clarity", "name": "Microsoft Clarity", "category": "session_replay", "category_label": "session_replay", "confidence": "browser", "risk_score": 35, "privacy_relevance": "niedrig", "evidence": [ "scripts.clarity.ms", "1 Request(s)" ], "source": "browser_analysis" }, { "id": "provider_acsbapp.com", "name": "acsbapp.com", "category": "other", "category_label": "other", "confidence": "browser", "risk_score": 35, "privacy_relevance": "niedrig", "evidence": [ "acsbapp.com", "1 Request(s)" ], "source": "browser_analysis" }, { "id": "provider_alb.reddit.com", "name": "alb.reddit.com", "category": "other", "category_label": "other", "confidence": "browser", "risk_score": 35, "privacy_relevance": "niedrig", "evidence": [ "alb.reddit.com", "2 Request(s)" ], "source": "browser_analysis" }, { "id": "provider_bat.bing.com", "name": "bat.bing.com", "category": "other", "category_label": "other", "confidence": "browser", "risk_score": 35, "privacy_relevance": "niedrig", "evidence": [ "bat.bing.com", "8 Request(s)" ], "source": "browser_analysis" }, { "id": "provider_capi-automation.s3.us-east-2.amazonaws.com", "name": "capi-automation.s3.us-east-2.amazonaws.com", "category": "other", "category_label": "other", "confidence": "browser", "risk_score": 35, "privacy_relevance": "niedrig", "evidence": [ "capi-automation.s3.us-east-2.amazonaws.com", "1 Request(s)" ], "source": "browser_analysis" }, { "id": "provider_dataoperation24.com", "name": "dataoperation24.com", "category": "other", "category_label": "other", "confidence": "browser", "risk_score": 35, "privacy_relevance": "niedrig", "evidence": [ "dataoperation24.com", "2 Request(s)" ], "source": "browser_analysis" }, { "id": "provider_insight.bellmetric.net", "name": "insight.bellmetric.net", "category": "other", "category_label": "other", "confidence": "browser", "risk_score": 35, "privacy_relevance": "niedrig", "evidence": [ "insight.bellmetric.net", "6 Request(s)" ], "source": "browser_analysis" }, { "id": "jquery", "name": "jQuery", "category": "library", "category_label": "Bibliothek", "confidence": "medium", "risk_score": 35, "privacy_relevance": "niedrig", "evidence": [ "Signal: jquery.min.js" ], "source": "technology_analysis" }, { "id": "provider_pixel-config.reddit.com", "name": "pixel-config.reddit.com", "category": "other", "category_label": "other", "confidence": "browser", "risk_score": 35, "privacy_relevance": "niedrig", "evidence": [ "pixel-config.reddit.com", "1 Request(s)" ], "source": "browser_analysis" }, { "id": "provider_redditstatic.com", "name": "redditstatic.com", "category": "other", "category_label": "other", "confidence": "browser", "risk_score": 35, "privacy_relevance": "niedrig", "evidence": [ "redditstatic.com", "1 Request(s)" ], "source": "browser_analysis" }, { "id": "provider_sdk.privacy-center.org", "name": "sdk.privacy-center.org", "category": "other", "category_label": "other", "confidence": "browser", "risk_score": 35, "privacy_relevance": "niedrig", "evidence": [ "sdk.privacy-center.org", "4 Request(s)" ], "source": "browser_analysis" }, { "id": "provider_web.telemetric.dk", "name": "web.telemetric.dk", "category": "other", "category_label": "other", "confidence": "browser", "risk_score": 35, "privacy_relevance": "niedrig", "evidence": [ "web.telemetric.dk", "2 Request(s)" ], "source": "browser_analysis" } ], "operator_actions": [ { "id": "action_provider_google_analytics", "technology": "Google Analytics", "priority": "hoch", "owner": "Marketing/IT/Datenschutz", "action": "Tracking-, Werbe- und Tag-Manager-Dienste bis zur aktiven Einwilligung blockieren und in Consent, Datenschutzhinweis und Anbieterregister erklären.", "guide_url": "https://saferpage.de/consent/nexi.de" }, { "id": "action_provider_google_doubleclick", "technology": "Google DoubleClick", "priority": "hoch", "owner": "Marketing/IT/Datenschutz", "action": "Tracking-, Werbe- und Tag-Manager-Dienste bis zur aktiven Einwilligung blockieren und in Consent, Datenschutzhinweis und Anbieterregister erklären.", "guide_url": "https://saferpage.de/consent/nexi.de" }, { "id": "action_google_tag_manager", "technology": "Google Tag Manager", "priority": "hoch", "owner": "Marketing/IT/Datenschutz", "action": "Tracking-, Werbe- und Tag-Manager-Dienste bis zur aktiven Einwilligung blockieren und in Consent, Datenschutzhinweis und Anbieterregister erklären.", "guide_url": "https://saferpage.de/consent/nexi.de" }, { "id": "action_provider_google_tag_manager", "technology": "Google Tag Manager", "priority": "hoch", "owner": "Marketing/IT/Datenschutz", "action": "Tracking-, Werbe- und Tag-Manager-Dienste bis zur aktiven Einwilligung blockieren und in Consent, Datenschutzhinweis und Anbieterregister erklären.", "guide_url": "https://saferpage.de/consent/nexi.de" }, { "id": "action_tracking_google_tag_manager", "technology": "Google Tag Manager", "priority": "hoch", "owner": "Marketing/IT/Datenschutz", "action": "Tracking-, Werbe- und Tag-Manager-Dienste bis zur aktiven Einwilligung blockieren und in Consent, Datenschutzhinweis und Anbieterregister erklären.", "guide_url": "https://saferpage.de/consent/nexi.de" }, { "id": "action_provider_google_fonts", "technology": "Google Fonts", "priority": "mittel", "owner": "Webentwicklung/Datenschutz", "action": "Remote-Schriften lokal hosten oder Zweck, Anbieter, Transfer und Consent-/Rechtsgrundlage transparent dokumentieren.", "guide_url": "https://saferpage.de/guides/google-dienste-datenschutzfreundlich-einbinden" }, { "id": "action_provider_google_static", "technology": "Google Static", "priority": "mittel", "owner": "Website-Betrieb/Datenschutz", "action": "Techniksignal fachlich einordnen, Zweck, Anbieter, Datenarten und notwendige Nachweise ergänzen.", "guide_url": "https://saferpage.de/guides/datenschutz-webseiten-pruefkatalog" }, { "id": "action_provider_ajax.googleapis.com", "technology": "ajax.googleapis.com", "priority": "mittel", "owner": "Website-Betrieb/Datenschutz", "action": "Techniksignal fachlich einordnen, Zweck, Anbieter, Datenarten und notwendige Nachweise ergänzen.", "guide_url": "https://saferpage.de/guides/datenschutz-webseiten-pruefkatalog" }, { "id": "action_provider_google.com", "technology": "google.com", "priority": "mittel", "owner": "Website-Betrieb/Datenschutz", "action": "Techniksignal fachlich einordnen, Zweck, Anbieter, Datenarten und notwendige Nachweise ergänzen.", "guide_url": "https://saferpage.de/guides/datenschutz-webseiten-pruefkatalog" }, { "id": "action_provider_google.de", "technology": "google.de", "priority": "mittel", "owner": "Website-Betrieb/Datenschutz", "action": "Techniksignal fachlich einordnen, Zweck, Anbieter, Datenarten und notwendige Nachweise ergänzen.", "guide_url": "https://saferpage.de/guides/datenschutz-webseiten-pruefkatalog" } ], "cms_playbooks": [ { "id": "generic", "platform": "Allgemeines Website-Deployment", "summary": "Im passiven Check wurde kein eindeutiges CMS erkannt. Trotzdem sollten Betreiber Release, Consent, Drittanbieter, Security-Header und Nachweise wie bei einem CMS-Update behandeln.", "steps": [ "Deployment-Quelle, Hosting/CDN, externe Skripte, Consent-Tool und wichtige Templates inventarisieren.", "Alle nicht notwendigen Drittanbieter vor Einwilligung blockieren und Anbieterzwecke dokumentieren.", "Security-Header, HTTPS/HSTS, Referrer-Policy, CSP und Cookie-Attribute prüfen.", "Nach Änderungen Re-Scan, Screenshot, JSON/CSV und Fix-Guides ablegen." ], "acceptance": [ "Release-Änderung ist nachvollziehbar.", "Drittanbieter-/Cookie-Abgleich ist aktualisiert.", "Re-Scan und Nachweise sind verlinkt." ], "owner": "Webbetrieb/IT/Datenschutz", "guide_url": "https://saferpage.de/guides/cms-plugin-patchstand-nachweisen", "rescan_url": "https://saferpage.de/?url=nexi.de" } ], "infrastructure": { "risk_level": "low", "positive_signals": [ "Moderne TLS-Version aktiv: TLSv1.3." ], "findings": [ { "id": "dmarc_missing", "title": "DMARC fehlt", "public": true, "category": "email", "severity": "info", "recommendation": "DMARC setzen, damit E-Mail-Spoofing der Domain besser eingeschränkt wird." }, { "id": "caa_missing", "title": "CAA-Record fehlt", "public": true, "category": "dns", "severity": "info", "recommendation": "Optional CAA setzen, um erlaubte Zertifikatsaussteller festzulegen." } ] }, "links": { "technology_center": "https://saferpage.de/technik/nexi.de", "json": "https://saferpage.de/technik/nexi.de/export", "csv": "https://saferpage.de/technik/nexi.de/export-csv", "markdown": "https://saferpage.de/technik/nexi.de/stack-md", "report": "https://saferpage.de/nexi.de", "vendors": "https://saferpage.de/anbieter/nexi.de", "consent": "https://saferpage.de/consent/nexi.de", "findings": "https://saferpage.de/befunde/nexi.de", "evidence": "https://saferpage.de/nachweise/nexi.de" }, "disclaimer": "Technik-Erkennung ist passiv: SaferPage wertet sichtbare Header, HTML-, Script-, Asset- und Browserkontakte aus. Nicht sichtbare Servertechnik, interne Plugins und Logins werden nicht behauptet." }