{ "schema": "https://saferpage.de/schemas/technology-detection.v1", "generated_at": "2026-06-13T11:51:33+00:00", "domain": "fragzebra.de", "available": true, "scan": { "id": "4d52cf0f-16ab-4d4a-a5dd-dba87a1df305", "checked_at": "2026-06-10 03:17:18.772741+02" }, "summary": "fragzebra.de: 18 sichtbare Technik-/Anbietersignale, 3 mit hoher Datenschutzrelevanz, 0 CMS-/Shop-Hinweis(e).", "metrics": { "technology_count": 18, "high_privacy_relevance_count": 3, "cms_or_shop_count": 0, "external_script_count": 10, "request_count": 162, "third_party_domain_count": 11, "infrastructure_finding_count": 2 }, "signals": { "server_header": "nginx", "generator": "", "x_powered_by": "Express", "asset_hosts": [ "code.jquery.com", "stats.umami-creative.de", "cdn.jsdelivr.net", "cloud.ccm19.de", "www.instagram.com", "platform.twitter.com", "www.tiktok.com", "connect.facebook.net", "fragzebra.b-cdn.net" ], "external_scripts": [ "https://code.jquery.com/jquery-3.6.0.min.js", "https://stats.umami-creative.de/script.js", "https://cdn.jsdelivr.net/gh/altcha-org/altcha@v2/dist/altcha.min.js", "https://cloud.ccm19.de/app.js?apiKey=875ede40b24c126f2ac1adf90d52d48c33c84eec8da3be26&domain=68484f5e31ad7e09d801b1f2", "https://www.instagram.com/embed.js", "https://platform.twitter.com/widgets.js", "https://www.tiktok.com/embed.js", "https://connect.facebook.net/de_DE/sdk.js#xfbml=1&version=v19.0", "https://fragzebra.b-cdn.net/polyfills-7R4CRVNH.js", "https://fragzebra.b-cdn.net/main-KIJUTCI5.js" ], "tls_version": "TLSv1.3", "certificate_issuer": "YR2", "renderer": "playwright-chromium" }, "category_counts": { "Analytics/Werbung": 3, "other": 7, "cdn": 1, "Server": 2, "Backend": 1, "social_tracking": 1, "Bibliothek": 2, "social_widget": 1 }, "technologies": [ { "id": "matomo", "name": "Matomo", "category": "analytics", "category_label": "Analytics/Werbung", "confidence": "high", "risk_score": 80, "privacy_relevance": "hoch", "evidence": [ "Script-Domain: matomo" ], "source": "technology_analysis" }, { "id": "provider_matomo", "name": "Matomo", "category": "analytics", "category_label": "Analytics/Werbung", "confidence": "browser", "risk_score": 80, "privacy_relevance": "hoch", "evidence": [ "matomo.zebra-medienfragen.de", "2 Request(s)" ], "source": "browser_analysis" }, { "id": "meta_facebook_pixel", "name": "Meta/Facebook Pixel", "category": "analytics", "category_label": "Analytics/Werbung", "confidence": "high", "risk_score": 80, "privacy_relevance": "hoch", "evidence": [ "Script-Domain: connect.facebook.net" ], "source": "technology_analysis" }, { "id": "provider_fragzebra.b-cdn.net", "name": "fragzebra.b-cdn.net", "category": "other", "category_label": "other", "confidence": "browser", "risk_score": 42, "privacy_relevance": "niedrig", "evidence": [ "fragzebra.b-cdn.net", "99 Request(s)" ], "source": "browser_analysis" }, { "id": "provider_jsdelivr", "name": "jsDelivr", "category": "cdn", "category_label": "cdn", "confidence": "browser", "risk_score": 42, "privacy_relevance": "niedrig", "evidence": [ "cdn.jsdelivr.net", "1 Request(s)" ], "source": "browser_analysis" }, { "id": "nginx", "name": "nginx", "category": "server", "category_label": "Server", "confidence": "medium", "risk_score": 42, "privacy_relevance": "niedrig", "evidence": [ "Server-Header: nginx" ], "source": "technology_analysis" }, { "id": "server_header", "name": "nginx", "category": "server", "category_label": "Server", "confidence": "medium", "risk_score": 42, "privacy_relevance": "niedrig", "evidence": [ "Server-Header: nginx" ], "source": "technology_signals" }, { "id": "express", "name": "Express", "category": "backend", "category_label": "Backend", "confidence": "high", "risk_score": 35, "privacy_relevance": "niedrig", "evidence": [ "X-Powered-By: Express" ], "source": "technology_analysis" }, { "id": "provider_meta_facebook", "name": "Meta/Facebook", "category": "social_tracking", "category_label": "social_tracking", "confidence": "browser", "risk_score": 35, "privacy_relevance": "niedrig", "evidence": [ "connect.facebook.net", "2 Request(s)" ], "source": "browser_analysis" }, { "id": "tailwind_css", "name": "Tailwind CSS", "category": "library", "category_label": "Bibliothek", "confidence": "medium", "risk_score": 35, "privacy_relevance": "niedrig", "evidence": [ "Signal: tw-" ], "source": "technology_analysis" }, { "id": "provider_x_twitter_widget", "name": "X/Twitter Widget", "category": "social_widget", "category_label": "social_widget", "confidence": "browser", "risk_score": 35, "privacy_relevance": "niedrig", "evidence": [ "platform.twitter.com", "2 Request(s)" ], "source": "browser_analysis" }, { "id": "provider_chat.fragzebra.de", "name": "chat.fragzebra.de", "category": "other", "category_label": "other", "confidence": "browser", "risk_score": 35, "privacy_relevance": "niedrig", "evidence": [ "chat.fragzebra.de", "25 Request(s)" ], "source": "browser_analysis" }, { "id": "provider_cloud.ccm19.de", "name": "cloud.ccm19.de", "category": "other", "category_label": "other", "confidence": "browser", "risk_score": 35, "privacy_relevance": "niedrig", "evidence": [ "cloud.ccm19.de", "1 Request(s)" ], "source": "browser_analysis" }, { "id": "provider_code.jquery.com", "name": "code.jquery.com", "category": "other", "category_label": "other", "confidence": "browser", "risk_score": 35, "privacy_relevance": "niedrig", "evidence": [ "code.jquery.com", "1 Request(s)" ], "source": "browser_analysis" }, { "id": "provider_instagram.com", "name": "instagram.com", "category": "other", "category_label": "other", "confidence": "browser", "risk_score": 35, "privacy_relevance": "niedrig", "evidence": [ "instagram.com", "1 Request(s)" ], "source": "browser_analysis" }, { "id": "jquery", "name": "jQuery", "category": "library", "category_label": "Bibliothek", "confidence": "high", "risk_score": 35, "privacy_relevance": "niedrig", "evidence": [ "Signal: jquery-", "Asset: https://code.jquery.com/jquery-3.6.0.min.js" ], "source": "technology_analysis" }, { "id": "provider_stats.umami-creative.de", "name": "stats.umami-creative.de", "category": "other", "category_label": "other", "confidence": "browser", "risk_score": 35, "privacy_relevance": "niedrig", "evidence": [ "stats.umami-creative.de", "2 Request(s)" ], "source": "browser_analysis" }, { "id": "provider_syndication.twitter.com", "name": "syndication.twitter.com", "category": "other", "category_label": "other", "confidence": "browser", "risk_score": 35, "privacy_relevance": "niedrig", "evidence": [ "syndication.twitter.com", "1 Request(s)" ], "source": "browser_analysis" } ], "operator_actions": [ { "id": "action_matomo", "technology": "Matomo", "priority": "hoch", "owner": "Marketing/IT/Datenschutz", "action": "Tracking-, Werbe- und Tag-Manager-Dienste bis zur aktiven Einwilligung blockieren und in Consent, Datenschutzhinweis und Anbieterregister erklären.", "guide_url": "https://saferpage.de/consent/fragzebra.de" }, { "id": "action_provider_matomo", "technology": "Matomo", "priority": "hoch", "owner": "Marketing/IT/Datenschutz", "action": "Tracking-, Werbe- und Tag-Manager-Dienste bis zur aktiven Einwilligung blockieren und in Consent, Datenschutzhinweis und Anbieterregister erklären.", "guide_url": "https://saferpage.de/consent/fragzebra.de" }, { "id": "action_meta_facebook_pixel", "technology": "Meta/Facebook Pixel", "priority": "hoch", "owner": "Marketing/IT/Datenschutz", "action": "Tracking-, Werbe- und Tag-Manager-Dienste bis zur aktiven Einwilligung blockieren und in Consent, Datenschutzhinweis und Anbieterregister erklären.", "guide_url": "https://saferpage.de/consent/fragzebra.de" }, { "id": "action_provider_fragzebra.b-cdn.net", "technology": "fragzebra.b-cdn.net", "priority": "mittel", "owner": "Website-Betrieb/Datenschutz", "action": "Techniksignal fachlich einordnen, Zweck, Anbieter, Datenarten und notwendige Nachweise ergänzen.", "guide_url": "https://saferpage.de/guides/datenschutz-webseiten-pruefkatalog" }, { "id": "action_provider_jsdelivr", "technology": "jsDelivr", "priority": "mittel", "owner": "Website-Betrieb/Datenschutz", "action": "Techniksignal fachlich einordnen, Zweck, Anbieter, Datenarten und notwendige Nachweise ergänzen.", "guide_url": "https://saferpage.de/guides/datenschutz-webseiten-pruefkatalog" }, { "id": "action_nginx", "technology": "nginx", "priority": "mittel", "owner": "IT/Security/Vendor Owner", "action": "Hosting/CDN, TLS, E-Mail-Schutz, Security-Header, CAA/DMARC und Anbieterrolle mit AVV/DPA/TOM-Nachweis prüfen.", "guide_url": "https://saferpage.de/anbieter/fragzebra.de" }, { "id": "action_server_header", "technology": "nginx", "priority": "mittel", "owner": "IT/Security/Vendor Owner", "action": "Hosting/CDN, TLS, E-Mail-Schutz, Security-Header, CAA/DMARC und Anbieterrolle mit AVV/DPA/TOM-Nachweis prüfen.", "guide_url": "https://saferpage.de/anbieter/fragzebra.de" }, { "id": "action_express", "technology": "Express", "priority": "mittel", "owner": "Website-Betrieb/Datenschutz", "action": "Techniksignal fachlich einordnen, Zweck, Anbieter, Datenarten und notwendige Nachweise ergänzen.", "guide_url": "https://saferpage.de/guides/datenschutz-webseiten-pruefkatalog" }, { "id": "action_provider_meta_facebook", "technology": "Meta/Facebook", "priority": "mittel", "owner": "Website-Betrieb/Datenschutz", "action": "Techniksignal fachlich einordnen, Zweck, Anbieter, Datenarten und notwendige Nachweise ergänzen.", "guide_url": "https://saferpage.de/guides/datenschutz-webseiten-pruefkatalog" }, { "id": "action_tailwind_css", "technology": "Tailwind CSS", "priority": "mittel", "owner": "Website-Betrieb/Datenschutz", "action": "Techniksignal fachlich einordnen, Zweck, Anbieter, Datenarten und notwendige Nachweise ergänzen.", "guide_url": "https://saferpage.de/guides/datenschutz-webseiten-pruefkatalog" } ], "cms_playbooks": [ { "id": "generic", "platform": "Allgemeines Website-Deployment", "summary": "Im passiven Check wurde kein eindeutiges CMS erkannt. Trotzdem sollten Betreiber Release, Consent, Drittanbieter, Security-Header und Nachweise wie bei einem CMS-Update behandeln.", "steps": [ "Deployment-Quelle, Hosting/CDN, externe Skripte, Consent-Tool und wichtige Templates inventarisieren.", "Alle nicht notwendigen Drittanbieter vor Einwilligung blockieren und Anbieterzwecke dokumentieren.", "Security-Header, HTTPS/HSTS, Referrer-Policy, CSP und Cookie-Attribute prüfen.", "Nach Änderungen Re-Scan, Screenshot, JSON/CSV und Fix-Guides ablegen." ], "acceptance": [ "Release-Änderung ist nachvollziehbar.", "Drittanbieter-/Cookie-Abgleich ist aktualisiert.", "Re-Scan und Nachweise sind verlinkt." ], "owner": "Webbetrieb/IT/Datenschutz", "guide_url": "https://saferpage.de/guides/cms-plugin-patchstand-nachweisen", "rescan_url": "https://saferpage.de/?url=fragzebra.de" } ], "infrastructure": { "risk_level": "low", "positive_signals": [ "Moderne TLS-Version aktiv: TLSv1.3." ], "findings": [ { "id": "dmarc_missing", "title": "DMARC fehlt", "public": true, "category": "email", "severity": "info", "recommendation": "DMARC setzen, damit E-Mail-Spoofing der Domain besser eingeschränkt wird." }, { "id": "caa_missing", "title": "CAA-Record fehlt", "public": true, "category": "dns", "severity": "info", "recommendation": "Optional CAA setzen, um erlaubte Zertifikatsaussteller festzulegen." } ] }, "links": { "technology_center": "https://saferpage.de/technik/fragzebra.de", "json": "https://saferpage.de/technik/fragzebra.de/export", "csv": "https://saferpage.de/technik/fragzebra.de/export-csv", "markdown": "https://saferpage.de/technik/fragzebra.de/stack-md", "report": "https://saferpage.de/fragzebra.de", "vendors": "https://saferpage.de/anbieter/fragzebra.de", "consent": "https://saferpage.de/consent/fragzebra.de", "findings": "https://saferpage.de/befunde/fragzebra.de", "evidence": "https://saferpage.de/nachweise/fragzebra.de" }, "disclaimer": "Technik-Erkennung ist passiv: SaferPage wertet sichtbare Header, HTML-, Script-, Asset- und Browserkontakte aus. Nicht sichtbare Servertechnik, interne Plugins und Logins werden nicht behauptet." }