{
    "schema": "https://saferpage.de/schemas/technology-detection.v1",
    "generated_at": "2026-07-01T03:00:22+00:00",
    "domain": "canapuff.de",
    "available": true,
    "scan": {
        "id": "c68da6df-37c3-4dc9-a476-78d0014a3d20",
        "checked_at": "2026-07-01 02:13:47.426892+02"
    },
    "summary": "canapuff.de: 21 sichtbare Technik-/Anbietersignale, 6 mit hoher Datenschutzrelevanz, 1 CMS-/Shop-Hinweis(e).",
    "metrics": {
        "technology_count": 21,
        "high_privacy_relevance_count": 6,
        "cms_or_shop_count": 1,
        "external_script_count": 8,
        "request_count": 110,
        "third_party_domain_count": 12,
        "infrastructure_finding_count": 1
    },
    "signals": {
        "server_header": "cloudflare",
        "generator": "",
        "x_powered_by": "",
        "asset_hosts": [
            "assets.visually.io",
            "live.visually-io.com",
            "analytics.ahrefs.com",
            "cdn.shopify.com",
            "www.canapuff.de",
            "widget.trustpilot.com",
            "t.contentsquare.net",
            "insight.prestonco.art",
            "fonts.shopifycdn.com",
            "productreviews.shopifycdn.com",
            "www.canapuff.com",
            "www.canapuff-france.com"
        ],
        "external_scripts": [
            "https://assets.visually.io/widgets/vsly-preact.min.js",
            "https://live.visually-io.com/cf/CANAPUFF.js",
            "https://live.visually-io.com/v/visually.js",
            "https://live.visually-io.com/v/visually-a.js",
            "https://analytics.ahrefs.com/analytics.js",
            "https://t.contentsquare.net/uxa/0cc5a76d8b672.js",
            "https://insight.prestonco.art/uniclick.js?attribution=lastpaid&cookiedomain=www.canapuff.com&cookieduration=90&defaultcampaignid=6a103dfbfdf938f26aba4db1&regviewonce=false",
            "https://insight.prestonco.art/eventsv2.js"
        ],
        "tls_version": "TLSv1.3",
        "certificate_issuer": "YE2",
        "renderer": "playwright-chromium"
    },
    "category_counts": {
        "Analytics/Werbung": 4,
        "tag_manager": 1,
        "other": 10,
        "Shop": 1,
        "Server": 2,
        "Bibliothek": 2,
        "session_replay": 1
    },
    "technologies": [
        {
            "id": "tracking_google_analytics_4",
            "name": "Google Analytics 4",
            "category": "analytics",
            "category_label": "Analytics/Werbung",
            "confidence": "high",
            "risk_score": 80,
            "privacy_relevance": "hoch",
            "evidence": [
                "google_analytics_4",
                "g-recaptcha"
            ],
            "source": "privacy_analysis"
        },
        {
            "id": "google_tag_manager",
            "name": "Google Tag Manager",
            "category": "analytics",
            "category_label": "Analytics/Werbung",
            "confidence": "high",
            "risk_score": 80,
            "privacy_relevance": "hoch",
            "evidence": [
                "Signal: googletagmanager.com",
                "Script-Domain: googletagmanager.com"
            ],
            "source": "technology_analysis"
        },
        {
            "id": "provider_google_tag_manager",
            "name": "Google Tag Manager",
            "category": "tag_manager",
            "category_label": "tag_manager",
            "confidence": "browser",
            "risk_score": 80,
            "privacy_relevance": "hoch",
            "evidence": [
                "googletagmanager.com",
                "1 Request(s)"
            ],
            "source": "browser_analysis"
        },
        {
            "id": "tracking_google_tag_manager",
            "name": "Google Tag Manager",
            "category": "analytics",
            "category_label": "Analytics/Werbung",
            "confidence": "high",
            "risk_score": 80,
            "privacy_relevance": "hoch",
            "evidence": [
                "google_tag_manager",
                "GTM-XXXXXX"
            ],
            "source": "privacy_analysis"
        },
        {
            "id": "microsoft_clarity",
            "name": "Microsoft Clarity",
            "category": "analytics",
            "category_label": "Analytics/Werbung",
            "confidence": "high",
            "risk_score": 80,
            "privacy_relevance": "hoch",
            "evidence": [
                "Signal: clarity.ms/tag",
                "Script-Domain: clarity.ms"
            ],
            "source": "technology_analysis"
        },
        {
            "id": "provider_analytics.ahrefs.com",
            "name": "analytics.ahrefs.com",
            "category": "other",
            "category_label": "other",
            "confidence": "browser",
            "risk_score": 80,
            "privacy_relevance": "hoch",
            "evidence": [
                "analytics.ahrefs.com",
                "1 Request(s)"
            ],
            "source": "browser_analysis"
        },
        {
            "id": "shopify",
            "name": "Shopify",
            "category": "ecommerce",
            "category_label": "Shop",
            "confidence": "high",
            "risk_score": 52,
            "privacy_relevance": "mittel",
            "evidence": [
                "Signal: cdn.shopify.com"
            ],
            "source": "technology_analysis"
        },
        {
            "id": "provider_storeswlaescript.myshopify.com",
            "name": "storeswlaescript.myshopify.com",
            "category": "other",
            "category_label": "other",
            "confidence": "browser",
            "risk_score": 52,
            "privacy_relevance": "mittel",
            "evidence": [
                "storeswlaescript.myshopify.com",
                "1 Request(s)"
            ],
            "source": "browser_analysis"
        },
        {
            "id": "provider_cdn.shopify.com",
            "name": "cdn.shopify.com",
            "category": "other",
            "category_label": "other",
            "confidence": "browser",
            "risk_score": 42,
            "privacy_relevance": "niedrig",
            "evidence": [
                "cdn.shopify.com",
                "30 Request(s)"
            ],
            "source": "browser_analysis"
        },
        {
            "id": "cloudflare",
            "name": "cloudflare",
            "category": "server",
            "category_label": "Server",
            "confidence": "medium",
            "risk_score": 42,
            "privacy_relevance": "niedrig",
            "evidence": [
                "Server-Header: cloudflare"
            ],
            "source": "technology_analysis"
        },
        {
            "id": "server_header",
            "name": "cloudflare",
            "category": "server",
            "category_label": "Server",
            "confidence": "medium",
            "risk_score": 42,
            "privacy_relevance": "niedrig",
            "evidence": [
                "Server-Header: cloudflare"
            ],
            "source": "technology_signals"
        },
        {
            "id": "bootstrap",
            "name": "Bootstrap",
            "category": "library",
            "category_label": "Bibliothek",
            "confidence": "medium",
            "risk_score": 35,
            "privacy_relevance": "niedrig",
            "evidence": [
                "Signal: bootstrap.min.js"
            ],
            "source": "technology_analysis"
        },
        {
            "id": "provider_contentsquare",
            "name": "Contentsquare",
            "category": "session_replay",
            "category_label": "session_replay",
            "confidence": "browser",
            "risk_score": 35,
            "privacy_relevance": "niedrig",
            "evidence": [
                "t.contentsquare.net",
                "1 Request(s)"
            ],
            "source": "browser_analysis"
        },
        {
            "id": "tailwind_css",
            "name": "Tailwind CSS",
            "category": "library",
            "category_label": "Bibliothek",
            "confidence": "medium",
            "risk_score": 35,
            "privacy_relevance": "niedrig",
            "evidence": [
                "Signal: tailwind"
            ],
            "source": "technology_analysis"
        },
        {
            "id": "provider_assets.visually.io",
            "name": "assets.visually.io",
            "category": "other",
            "category_label": "other",
            "confidence": "browser",
            "risk_score": 35,
            "privacy_relevance": "niedrig",
            "evidence": [
                "assets.visually.io",
                "1 Request(s)"
            ],
            "source": "browser_analysis"
        },
        {
            "id": "provider_backinstock.useamp.com",
            "name": "backinstock.useamp.com",
            "category": "other",
            "category_label": "other",
            "confidence": "browser",
            "risk_score": 35,
            "privacy_relevance": "niedrig",
            "evidence": [
                "backinstock.useamp.com",
                "1 Request(s)"
            ],
            "source": "browser_analysis"
        },
        {
            "id": "provider_insight.prestonco.art",
            "name": "insight.prestonco.art",
            "category": "other",
            "category_label": "other",
            "confidence": "browser",
            "risk_score": 35,
            "privacy_relevance": "niedrig",
            "evidence": [
                "insight.prestonco.art",
                "2 Request(s)"
            ],
            "source": "browser_analysis"
        },
        {
            "id": "provider_limits.minmaxify.com",
            "name": "limits.minmaxify.com",
            "category": "other",
            "category_label": "other",
            "confidence": "browser",
            "risk_score": 35,
            "privacy_relevance": "niedrig",
            "evidence": [
                "limits.minmaxify.com",
                "1 Request(s)"
            ],
            "source": "browser_analysis"
        },
        {
            "id": "provider_live.visually-io.com",
            "name": "live.visually-io.com",
            "category": "other",
            "category_label": "other",
            "confidence": "browser",
            "risk_score": 35,
            "privacy_relevance": "niedrig",
            "evidence": [
                "live.visually-io.com",
                "4 Request(s)"
            ],
            "source": "browser_analysis"
        },
        {
            "id": "provider_static.klaviyo.com",
            "name": "static.klaviyo.com",
            "category": "other",
            "category_label": "other",
            "confidence": "browser",
            "risk_score": 35,
            "privacy_relevance": "niedrig",
            "evidence": [
                "static.klaviyo.com",
                "1 Request(s)"
            ],
            "source": "browser_analysis"
        },
        {
            "id": "provider_widget.trustpilot.com",
            "name": "widget.trustpilot.com",
            "category": "other",
            "category_label": "other",
            "confidence": "browser",
            "risk_score": 35,
            "privacy_relevance": "niedrig",
            "evidence": [
                "widget.trustpilot.com",
                "1 Request(s)"
            ],
            "source": "browser_analysis"
        }
    ],
    "operator_actions": [
        {
            "id": "action_tracking_google_analytics_4",
            "technology": "Google Analytics 4",
            "priority": "hoch",
            "owner": "Marketing/IT/Datenschutz",
            "action": "Tracking-, Werbe- und Tag-Manager-Dienste bis zur aktiven Einwilligung blockieren und in Consent, Datenschutzhinweis und Anbieterregister erklären.",
            "guide_url": "https://saferpage.de/consent/canapuff.de"
        },
        {
            "id": "action_google_tag_manager",
            "technology": "Google Tag Manager",
            "priority": "hoch",
            "owner": "Marketing/IT/Datenschutz",
            "action": "Tracking-, Werbe- und Tag-Manager-Dienste bis zur aktiven Einwilligung blockieren und in Consent, Datenschutzhinweis und Anbieterregister erklären.",
            "guide_url": "https://saferpage.de/consent/canapuff.de"
        },
        {
            "id": "action_provider_google_tag_manager",
            "technology": "Google Tag Manager",
            "priority": "hoch",
            "owner": "Marketing/IT/Datenschutz",
            "action": "Tracking-, Werbe- und Tag-Manager-Dienste bis zur aktiven Einwilligung blockieren und in Consent, Datenschutzhinweis und Anbieterregister erklären.",
            "guide_url": "https://saferpage.de/consent/canapuff.de"
        },
        {
            "id": "action_tracking_google_tag_manager",
            "technology": "Google Tag Manager",
            "priority": "hoch",
            "owner": "Marketing/IT/Datenschutz",
            "action": "Tracking-, Werbe- und Tag-Manager-Dienste bis zur aktiven Einwilligung blockieren und in Consent, Datenschutzhinweis und Anbieterregister erklären.",
            "guide_url": "https://saferpage.de/consent/canapuff.de"
        },
        {
            "id": "action_microsoft_clarity",
            "technology": "Microsoft Clarity",
            "priority": "hoch",
            "owner": "Marketing/IT/Datenschutz",
            "action": "Tracking-, Werbe- und Tag-Manager-Dienste bis zur aktiven Einwilligung blockieren und in Consent, Datenschutzhinweis und Anbieterregister erklären.",
            "guide_url": "https://saferpage.de/consent/canapuff.de"
        },
        {
            "id": "action_provider_analytics.ahrefs.com",
            "technology": "analytics.ahrefs.com",
            "priority": "hoch",
            "owner": "Website-Betrieb/Datenschutz",
            "action": "Techniksignal fachlich einordnen, Zweck, Anbieter, Datenarten und notwendige Nachweise ergänzen.",
            "guide_url": "https://saferpage.de/guides/datenschutz-webseiten-pruefkatalog"
        },
        {
            "id": "action_shopify",
            "technology": "Shopify",
            "priority": "mittel",
            "owner": "Webbetrieb/IT",
            "action": "CMS, Themes, Plugins und sichtbare Versionshinweise aktualisieren, unnötige Plugins entfernen und Re-Scan nach Deployment ausführen.",
            "guide_url": "https://saferpage.de/guides/sichtbare-versionen-und-cves-beheben"
        },
        {
            "id": "action_provider_storeswlaescript.myshopify.com",
            "technology": "storeswlaescript.myshopify.com",
            "priority": "mittel",
            "owner": "Webbetrieb/IT",
            "action": "CMS, Themes, Plugins und sichtbare Versionshinweise aktualisieren, unnötige Plugins entfernen und Re-Scan nach Deployment ausführen.",
            "guide_url": "https://saferpage.de/guides/sichtbare-versionen-und-cves-beheben"
        },
        {
            "id": "action_provider_cdn.shopify.com",
            "technology": "cdn.shopify.com",
            "priority": "mittel",
            "owner": "Webbetrieb/IT",
            "action": "CMS, Themes, Plugins und sichtbare Versionshinweise aktualisieren, unnötige Plugins entfernen und Re-Scan nach Deployment ausführen.",
            "guide_url": "https://saferpage.de/guides/sichtbare-versionen-und-cves-beheben"
        },
        {
            "id": "action_cloudflare",
            "technology": "cloudflare",
            "priority": "mittel",
            "owner": "IT/Security/Vendor Owner",
            "action": "Hosting/CDN, TLS, E-Mail-Schutz, Security-Header, CAA/DMARC und Anbieterrolle mit AVV/DPA/TOM-Nachweis prüfen.",
            "guide_url": "https://saferpage.de/anbieter/canapuff.de"
        }
    ],
    "cms_playbooks": [
        {
            "id": "shopify",
            "platform": "Shopify",
            "summary": "Shopify-Themes, Apps, Checkout-/Payment-Dienste und Pixel müssen als Shop-Flow geprüft werden; der passive Check ersetzt keinen Testkauf.",
            "steps": [
                "Theme, Apps, Customer Events/Pixels und eingebettete Marketingtools inventarisieren.",
                "Cookie-Banner und Consent Mode für Storefront, Produktseiten, Warenkorb und Checkout-nahe Seiten prüfen.",
                "Payment-, Versand-, Newsletter-, Review- und Chat-Apps in Anbieterregister und Datenschutzhinweise aufnehmen.",
                "AGB, Widerruf, Versand, Preise, Grundpreise und Button-Lösung im E-Commerce-Check plus manueller Shop-Flow-Prüfung abgleichen."
            ],
            "acceptance": [
                "Shop-relevante Anbieter sind erklärt.",
                "Marketingpixel warten auf Consent.",
                "Checkout-/Payment-Prüfung ist als Betreiberaufgabe dokumentiert."
            ],
            "owner": "Shop/Marketing/Datenschutz",
            "guide_url": "https://saferpage.de/ecommerce/canapuff.de",
            "rescan_url": "https://saferpage.de/?url=canapuff.de"
        }
    ],
    "infrastructure": {
        "risk_level": "low",
        "positive_signals": [
            "Moderne TLS-Version aktiv: TLSv1.3.",
            "HSTS ist aktiv."
        ],
        "findings": [
            {
                "id": "caa_missing",
                "title": "CAA-Record fehlt",
                "public": true,
                "category": "dns",
                "severity": "info",
                "recommendation": "Optional CAA setzen, um erlaubte Zertifikatsaussteller festzulegen."
            }
        ]
    },
    "links": {
        "technology_center": "https://saferpage.de/technik/canapuff.de",
        "json": "https://saferpage.de/technik/canapuff.de/export",
        "csv": "https://saferpage.de/technik/canapuff.de/export-csv",
        "markdown": "https://saferpage.de/technik/canapuff.de/stack-md",
        "report": "https://saferpage.de/canapuff.de",
        "vendors": "https://saferpage.de/anbieter/canapuff.de",
        "consent": "https://saferpage.de/consent/canapuff.de",
        "findings": "https://saferpage.de/befunde/canapuff.de",
        "evidence": "https://saferpage.de/nachweise/canapuff.de"
    },
    "disclaimer": "Technik-Erkennung ist passiv: SaferPage wertet sichtbare Header, HTML-, Script-, Asset- und Browserkontakte aus. Nicht sichtbare Servertechnik, interne Plugins und Logins werden nicht behauptet."
}
