Overview
Secure Privacy's website scanner automatically detects cookies, trackers, and third-party services running on your site. Regular scanning keeps your cookie declarations accurate and your compliance posture strong.
This guide walks you through running scans, reading results, and setting up automated monitoring.
How the Scanner Works
The scanner visits your website pages like a real browser -- executing JavaScript, loading resources, and cataloging everything it finds:
- First-party cookies set by your domain
- Third-party cookies set by external services (analytics, ads, social widgets)
- Local storage and session storage entries
- Tracking pixels and beacon requests
- Third-party scripts loaded on your pages
Each detected item is automatically classified into a consent category: Essential, Analytics, Marketing, Preferences, or Social Media.
Running a Manual Scan
Before You Start
Make sure your domain is registered in the Secure Privacy dashboard and the installation script is active on your site.
Steps
- Log in to your Secure Privacy dashboard
- Navigate to Websites and select your domain
- Click the Scan tab
- Click Start Scan
- Wait 2-10 minutes for the scan to complete (time depends on page count)
After making significant changes to your website -- such as adding new marketing tags, integrating a new analytics provider, or redesigning pages -- always run a manual scan to catch newly introduced cookies.
Configuring Scan Settings
Pages to Scan
By default, the scanner crawls your sitemap and follows internal links. You can customize this behavior:
- Include specific pages -- Add URLs the scanner should always check
- Exclude pages -- Add URLs or patterns to skip (e.g.,
/admin/,/staging/)
Scan Depth
| Level | What It Covers | Best For |
|---|---|---|
| Level 1 | Homepage only | Quick spot-checks |
| Level 2 | Homepage + directly linked pages | Small sites |
| Level 3 | Three levels deep | Most websites (recommended) |
| Full Crawl | All discoverable pages | Comprehensive audits |
Understanding Scan Results
Cookie Inventory
After a scan completes, you will see a detailed inventory:
| Field | What It Shows |
|---|---|
| Name | The cookie identifier |
| Domain | Which domain sets the cookie |
| Category | Auto-assigned consent category |
| Duration | How long the cookie persists |
| Description | What the cookie is used for |
Compliance Score
Your score is calculated based on four factors:
- Categorization completeness -- Are all cookies properly categorized?
- Essential cookie accuracy -- Are essential cookies correctly identified?
- Pre-consent blocking -- Are non-essential cookies blocked before consent?
- Declaration accuracy -- Do cookie declarations match what the scanner detected?
Scheduling Automatic Scans
Automated scanning catches new cookies introduced by site updates without manual intervention.
- Go to Scan Settings > Schedule
- Choose your frequency: Weekly (recommended), Bi-weekly, or Monthly
- Select your preferred day and time
- Enable email notifications for scan completion
Weekly scanning is recommended for sites that frequently update content or add new third-party integrations.
Allowlisting the Scanner
If your website uses a firewall, CDN, or WAF, the scanner may be blocked. Contact [email protected] for the current list of scanner IP addresses to allowlist.
Post-Scan Checklist
After every scan, review the following:
- Assign categories to any unclassified cookies
- Update cookie descriptions for accuracy
- Verify essential cookies are correctly marked
- Confirm marketing and analytics cookies are blocked until consent
- Update your cookie policy to reflect new findings