{ "schema": "https://saferpage.de/schemas/technology-detection.v1", "generated_at": "2026-06-22T04:11:03+00:00", "domain": "surveymonkey.de", "available": true, "scan": { "id": "e1ca5e7c-dd87-4a4f-a62b-19f50e93a512", "checked_at": "2026-06-21 22:56:25.583328+02" }, "summary": "surveymonkey.de: 11 sichtbare Technik-/Anbietersignale, 3 mit hoher Datenschutzrelevanz, 1 CMS-/Shop-Hinweis(e).", "metrics": { "technology_count": 11, "high_privacy_relevance_count": 3, "cms_or_shop_count": 1, "external_script_count": 20, "request_count": 94, "third_party_domain_count": 4, "infrastructure_finding_count": 1 }, "signals": { "server_header": "nginx", "generator": "", "x_powered_by": "", "asset_hosts": [ "prod.smassets.net", "www.surveymonkey.com", "de.surveymonkey.com", "da.surveymonkey.com", "uk.surveymonkey.com", "es.surveymonkey.com", "fi.surveymonkey.com", "fr.surveymonkey.com", "it.surveymonkey.com", "jp.surveymonkey.com", "ko.surveymonkey.com", "nl.surveymonkey.com" ], "external_scripts": [ "https://prod.smassets.net/assets/website/2.364.1/_next/static/chunks/fd9d1056-ad0161345627a626.js", "https://prod.smassets.net/assets/website/2.364.1/_next/static/chunks/2117-b250b3cb701b01e5.js", "https://prod.smassets.net/assets/website/2.364.1/_next/static/chunks/main-app-dfb0dc1819f5eb93.js", "https://prod.smassets.net/assets/website/2.364.1/_next/static/chunks/5557-303051ff2e6d0b69.js", "https://prod.smassets.net/assets/website/2.364.1/_next/static/chunks/app/global-error-e80527da91da3723.js", "https://prod.smassets.net/assets/website/2.364.1/_next/static/chunks/6d6a6b26-0d8efb54262f1b82.js", "https://prod.smassets.net/assets/website/2.364.1/_next/static/chunks/d4ec37ae-63327dcb9df8eacd.js", "https://prod.smassets.net/assets/website/2.364.1/_next/static/chunks/4b1a69f1-5722835984941891.js", "https://prod.smassets.net/assets/website/2.364.1/_next/static/chunks/8108-ff207db73b08e7b9.js", "https://prod.smassets.net/assets/website/2.364.1/_next/static/chunks/6038-d28d103371dcf6ea.js", "https://prod.smassets.net/assets/website/2.364.1/_next/static/chunks/9289-81ca21f5efdad238.js", "https://prod.smassets.net/assets/website/2.364.1/_next/static/chunks/597-cd198e7534bd1318.js", "https://prod.smassets.net/assets/website/2.364.1/_next/static/chunks/9773-e2ca132248d8cc00.js", "https://prod.smassets.net/assets/website/2.364.1/_next/static/chunks/5267-e39439362ad1548b.js", "https://prod.smassets.net/assets/website/2.364.1/_next/static/chunks/app/layout-6031689c0d29ab88.js", "https://prod.smassets.net/assets/website/2.364.1/_next/static/chunks/app/not-found-c3c2c4b78a45b15c.js", "https://prod.smassets.net/assets/website/2.364.1/_next/static/chunks/470948ac-018fef27322add3a.js", "https://prod.smassets.net/assets/website/2.364.1/_next/static/chunks/70554f71-1f781b6070310a4e.js", "https://prod.smassets.net/assets/website/2.364.1/_next/static/chunks/056d7d4d-3ccc1e4c8b3d2667.js", "https://prod.smassets.net/assets/website/2.364.1/_next/static/chunks/3484644c-424382803bf594f4.js" ], "tls_version": "TLSv1.3", "certificate_issuer": "Amazon RSA 2048 M01", "renderer": "playwright-chromium" }, "category_counts": { "Analytics/Werbung": 2, "tag_manager": 1, "CMS": 1, "Server": 2, "JavaScript": 1, "other": 4 }, "technologies": [ { "id": "google_tag_manager", "name": "Google Tag Manager", "category": "analytics", "category_label": "Analytics/Werbung", "confidence": "medium", "risk_score": 80, "privacy_relevance": "hoch", "evidence": [ "Signal: gtm-" ], "source": "technology_analysis" }, { "id": "provider_google_tag_manager", "name": "Google Tag Manager", "category": "tag_manager", "category_label": "tag_manager", "confidence": "browser", "risk_score": 80, "privacy_relevance": "hoch", "evidence": [ "googletagmanager.com", "1 Request(s)" ], "source": "browser_analysis" }, { "id": "tracking_google_tag_manager", "name": "Google Tag Manager", "category": "analytics", "category_label": "Analytics/Werbung", "confidence": "high", "risk_score": 80, "privacy_relevance": "hoch", "evidence": [ "google_tag_manager", "GTM-NGMP3BG" ], "source": "privacy_analysis" }, { "id": "joomla", "name": "Joomla", "category": "cms", "category_label": "CMS", "confidence": "medium", "risk_score": 52, "privacy_relevance": "mittel", "evidence": [ "Signal: /templates/" ], "source": "technology_analysis" }, { "id": "nginx", "name": "nginx", "category": "server", "category_label": "Server", "confidence": "medium", "risk_score": 42, "privacy_relevance": "niedrig", "evidence": [ "Server-Header: nginx" ], "source": "technology_analysis" }, { "id": "server_header", "name": "nginx", "category": "server", "category_label": "Server", "confidence": "medium", "risk_score": 42, "privacy_relevance": "niedrig", "evidence": [ "Server-Header: nginx" ], "source": "technology_signals" }, { "id": "next.js", "name": "Next.js", "category": "js_framework", "category_label": "JavaScript", "confidence": "medium", "risk_score": 35, "privacy_relevance": "niedrig", "evidence": [ "Signal: /_next/static/" ], "source": "technology_analysis" }, { "id": "provider_de.surveymonkey.com", "name": "de.surveymonkey.com", "category": "other", "category_label": "other", "confidence": "browser", "risk_score": 35, "privacy_relevance": "niedrig", "evidence": [ "de.surveymonkey.com", "3 Request(s)" ], "source": "browser_analysis" }, { "id": "provider_prod.smassets.net", "name": "prod.smassets.net", "category": "other", "category_label": "other", "confidence": "browser", "risk_score": 35, "privacy_relevance": "niedrig", "evidence": [ "prod.smassets.net", "80 Request(s)" ], "source": "browser_analysis" }, { "id": "provider_rum-ingest.us1.signalfx.com", "name": "rum-ingest.us1.signalfx.com", "category": "other", "category_label": "other", "confidence": "browser", "risk_score": 35, "privacy_relevance": "niedrig", "evidence": [ "rum-ingest.us1.signalfx.com", "2 Request(s)" ], "source": "browser_analysis" }, { "id": "provider_surveymonkey.com", "name": "surveymonkey.com", "category": "other", "category_label": "other", "confidence": "browser", "risk_score": 35, "privacy_relevance": "niedrig", "evidence": [ "surveymonkey.com", "2 Request(s)" ], "source": "browser_analysis" } ], "operator_actions": [ { "id": "action_google_tag_manager", "technology": "Google Tag Manager", "priority": "hoch", "owner": "Marketing/IT/Datenschutz", "action": "Tracking-, Werbe- und Tag-Manager-Dienste bis zur aktiven Einwilligung blockieren und in Consent, Datenschutzhinweis und Anbieterregister erklären.", "guide_url": "https://saferpage.de/consent/surveymonkey.de" }, { "id": "action_provider_google_tag_manager", "technology": "Google Tag Manager", "priority": "hoch", "owner": "Marketing/IT/Datenschutz", "action": "Tracking-, Werbe- und Tag-Manager-Dienste bis zur aktiven Einwilligung blockieren und in Consent, Datenschutzhinweis und Anbieterregister erklären.", "guide_url": "https://saferpage.de/consent/surveymonkey.de" }, { "id": "action_tracking_google_tag_manager", "technology": "Google Tag Manager", "priority": "hoch", "owner": "Marketing/IT/Datenschutz", "action": "Tracking-, Werbe- und Tag-Manager-Dienste bis zur aktiven Einwilligung blockieren und in Consent, Datenschutzhinweis und Anbieterregister erklären.", "guide_url": "https://saferpage.de/consent/surveymonkey.de" }, { "id": "action_joomla", "technology": "Joomla", "priority": "mittel", "owner": "Webbetrieb/IT", "action": "CMS, Themes, Plugins und sichtbare Versionshinweise aktualisieren, unnötige Plugins entfernen und Re-Scan nach Deployment ausführen.", "guide_url": "https://saferpage.de/guides/sichtbare-versionen-und-cves-beheben" }, { "id": "action_nginx", "technology": "nginx", "priority": "mittel", "owner": "IT/Security/Vendor Owner", "action": "Hosting/CDN, TLS, E-Mail-Schutz, Security-Header, CAA/DMARC und Anbieterrolle mit AVV/DPA/TOM-Nachweis prüfen.", "guide_url": "https://saferpage.de/anbieter/surveymonkey.de" }, { "id": "action_server_header", "technology": "nginx", "priority": "mittel", "owner": "IT/Security/Vendor Owner", "action": "Hosting/CDN, TLS, E-Mail-Schutz, Security-Header, CAA/DMARC und Anbieterrolle mit AVV/DPA/TOM-Nachweis prüfen.", "guide_url": "https://saferpage.de/anbieter/surveymonkey.de" }, { "id": "action_next.js", "technology": "Next.js", "priority": "mittel", "owner": "Website-Betrieb/Datenschutz", "action": "Techniksignal fachlich einordnen, Zweck, Anbieter, Datenarten und notwendige Nachweise ergänzen.", "guide_url": "https://saferpage.de/guides/datenschutz-webseiten-pruefkatalog" }, { "id": "action_provider_de.surveymonkey.com", "technology": "de.surveymonkey.com", "priority": "mittel", "owner": "Website-Betrieb/Datenschutz", "action": "Techniksignal fachlich einordnen, Zweck, Anbieter, Datenarten und notwendige Nachweise ergänzen.", "guide_url": "https://saferpage.de/guides/datenschutz-webseiten-pruefkatalog" }, { "id": "action_provider_prod.smassets.net", "technology": "prod.smassets.net", "priority": "mittel", "owner": "Website-Betrieb/Datenschutz", "action": "Techniksignal fachlich einordnen, Zweck, Anbieter, Datenarten und notwendige Nachweise ergänzen.", "guide_url": "https://saferpage.de/guides/datenschutz-webseiten-pruefkatalog" }, { "id": "action_provider_rum-ingest.us1.signalfx.com", "technology": "rum-ingest.us1.signalfx.com", "priority": "mittel", "owner": "Website-Betrieb/Datenschutz", "action": "Techniksignal fachlich einordnen, Zweck, Anbieter, Datenarten und notwendige Nachweise ergänzen.", "guide_url": "https://saferpage.de/guides/datenschutz-webseiten-pruefkatalog" } ], "cms_playbooks": [ { "id": "joomla", "platform": "Joomla", "summary": "Joomla-Templates, Erweiterungen und Cookie-Plugins sollten nach jedem Update gegen echte Browserkontakte geprüft werden.", "steps": [ "Joomla Core, Templates und Erweiterungen aktualisieren; veraltete Erweiterungen entfernen.", "Template-Overrides und Module nach externen Skripten, Fonts, Maps, Videos, Captchas und Pixeln prüfen.", "Cookie-/Consent-Erweiterung so konfigurieren, dass nicht notwendige Dienste erst nach Einwilligung laden.", "Security-Header und HTTPS-Weiterleitungen im Hosting/Webserver setzen und Re-Scan ausführen." ], "acceptance": [ "Template-/Extension-Änderungen dokumentiert.", "Consent-Test zeigt keine vorzeitigen Trackingkontakte.", "Fix-Guides sind abgearbeitet." ], "owner": "Webbetrieb/IT/Datenschutz", "guide_url": "https://saferpage.de/guides/cms-plugin-patchstand-nachweisen", "rescan_url": "https://saferpage.de/?url=surveymonkey.de" }, { "id": "nextjs", "platform": "Next.js / React App", "summary": "Bei modernen Frontends liegen Tracking, Fonts, Consent und Security-Header oft in Build, Middleware, Tag Manager und CDN-Konfiguration verteilt.", "steps": [ "App Router/Pages, Layouts, Script-Komponenten, Tag Manager und Consent-Initialisierung prüfen.", "Consent Defaults vor Analytics-/Ads-Skripten setzen; third-party Scripts mit strategy und Consent-Gate kontrollieren.", "Security-Header, Referrer-Policy, CSP und HSTS in Middleware, next.config oder Reverse Proxy setzen.", "Build-Artefakte, Sourcemaps, externe Fonts und CDN-Hosts dokumentieren und nach Deployment erneut scannen." ], "acceptance": [ "Scripts sind consent-gated.", "Header sind im Live-Response sichtbar.", "Drittanbieter-Matrix passt zum Release." ], "owner": "Webbetrieb/IT/Datenschutz", "guide_url": "https://saferpage.de/guides/cms-plugin-patchstand-nachweisen", "rescan_url": "https://saferpage.de/?url=surveymonkey.de" } ], "infrastructure": { "risk_level": "low", "positive_signals": [ "Mehrere IP-Adressen gefunden: Hinweis auf redundante Infrastruktur oder CDN.", "Moderne TLS-Version aktiv: TLSv1.3.", "HSTS ist aktiv." ], "findings": [ { "id": "caa_missing", "title": "CAA-Record fehlt", "public": true, "category": "dns", "severity": "info", "recommendation": "Optional CAA setzen, um erlaubte Zertifikatsaussteller festzulegen." } ] }, "links": { "technology_center": "https://saferpage.de/technik/surveymonkey.de", "json": "https://saferpage.de/technik/surveymonkey.de/export", "csv": "https://saferpage.de/technik/surveymonkey.de/export-csv", "markdown": "https://saferpage.de/technik/surveymonkey.de/stack-md", "report": "https://saferpage.de/surveymonkey.de", "vendors": "https://saferpage.de/anbieter/surveymonkey.de", "consent": "https://saferpage.de/consent/surveymonkey.de", "findings": "https://saferpage.de/befunde/surveymonkey.de", "evidence": "https://saferpage.de/nachweise/surveymonkey.de" }, "disclaimer": "Technik-Erkennung ist passiv: SaferPage wertet sichtbare Header, HTML-, Script-, Asset- und Browserkontakte aus. Nicht sichtbare Servertechnik, interne Plugins und Logins werden nicht behauptet." }