Tracker Detection

Which trackers does your website set — without your knowledge?

Plugin updates, CMS changes, or marketing tools constantly introduce new trackers. Our scanner finds them all — including the hidden ones.

Scan your website now → All scanner features

Why Tracker Detection Is Essential

Unknown trackers = violation

Every tracker not listed in your privacy policy is a GDPR violation. Even if you didn't embed it intentionally.

Trackers come and go

WordPress plugin updates, Google Tag Manager changes, or new widgets can add new trackers at any time.

Privacy policy must be current

Your privacy policy must list all active trackers. Compliso can update it automatically.

35+ Trackers We Detect

From Google Analytics to TikTok to Hotjar — sorted by category and GDPR risk.

Analytics & Ads

Google Analytics (GA4) Risk: High

Captures user behavior, page views, events. Particularly critical since the Schrems II ruling due to US data transfer.

Google Tag Manager Risk: Medium

Dynamically loads additional scripts. Can inject extra trackers without the site owner's knowledge.

Google Ads Conversion Risk: High

Tracking pixel for conversion measurement. Sets cookies and sends data to Google servers.

Facebook/Meta Pixel Risk: High

Captures user behavior and sends it to Meta. CNIL already imposed fines in 2022.

Social Media Trackers

TikTok Pixel Risk: High

Relatively new tracker that sends data to ByteDance in China. Particularly sensitive from a data protection perspective.

LinkedIn Insight Tag Risk: High

Tracks page visits and links them to LinkedIn profiles. Often overlooked in GDPR audits.

Pinterest Tag Risk: Medium

Conversion tracking for Pinterest campaigns. Sets cookies and tracks user behavior.

Session Recording Tools

Hotjar Risk: High

Records mouse movements, clicks, and scroll behavior. May accidentally capture form contents.

Microsoft Clarity Risk: High

Free Hotjar alternative from Microsoft. Records session replays and sends data to Microsoft.

FullStory Risk: High

Captures complete user sessions including DOM snapshots. Particularly high GDPR risk.

Mouseflow Risk: Medium

Heatmaps and session replays. Sets cookies and captures detailed user behavior.

Smartlook / Inspectlet / Lucky Orange Risk: Medium

Additional session recording tools with similar risk profiles.

External Resources

Google Fonts (remote) Risk: High

Transmits IP address to Google on every page load. German courts have already awarded damages of 100 EUR per visitor.

YouTube/Vimeo Embeds Risk: Medium

Video embeds load trackers and set cookies — even if the visitor doesn't play the video.

Adobe Fonts Risk: Medium

Like Google Fonts — loads typefaces from external servers with IP transmission.

CDN-hosted Libraries Risk: Low

jQuery from cdnjs, Bootstrap from jsdelivr — each load transmits the visitor's IP address.

4 Detection Methods

Our scanner uses four different methods to reliably find even hidden trackers.

Third-Party Request Analysis

All outgoing HTTP requests are captured and matched against a database of known tracker domains.

Cookie Analysis

Cookies are classified by name and domain. Known tracking cookies are automatically detected and assigned to their provider.

LocalStorage Scanning

localStorage and sessionStorage are also checked for known tracking patterns (e.g. _ga, _fbp, _hjSession).

Script Analysis

The scanner identifies embedded scripts by their URLs and maps them to known tracking providers.

Scanner finds trackers. Compliso solves the problem.

Detection

All trackers are found and assigned to their provider — with GDPR risk assessment.

Banner integration

The Compliso cookie banner automatically blocks detected trackers until the user consents.

Privacy policy

New trackers are automatically added to your privacy policy.

Notification

You are immediately notified by email about new or unknown trackers.

Find all trackers on your website

Start a free demo scan and find out which trackers your website sets without your knowledge.

Scan for free now →