Example Deliverable
Example Website Tracking Risk Snapshot
Quick answer
This is a sample of what the paid CIPA Risk Scanner Website Tracking Risk Snapshot looks like. All data on this page is mock data — no real customer information is shown.
Sample Snapshot
Snapshot
example-bakery.com
Scanned: 2026-05-12 · Snapshot ID: SNP-8421-DEMO
Risk Signal
Elevated
Trackers Detected
7
Pre-Consent Indicators
12
Consent Coverage
Partial
Tracker inventory
| Tool | Category | Confidence |
|---|---|---|
| Meta Pixel | Ad Pixel | High |
| Google Analytics / GA4 | Analytics | High |
| Google Tag Manager | Tag Manager | High |
| TikTok Pixel | Ad Pixel | Medium |
| Hotjar | Session Replay | High |
| Intercom | Chat Widget | Medium |
| LinkedIn Insight Tag | Ad Pixel | Medium |
Consent indicator review
- Cookiebot detected. Presence alone does not confirm tracking is blocked before consent.
- Multiple marketing scripts appear in the initial page HTML; pre-consent firing is possible.
- Banner copy and decline button are visible on first paint (manual confirmation).
Priority fix list
- Verify Meta Pixel does not fire before the visitor interacts with the consent banner.
- Review GTM container for tags configured without consent rules.
- Confirm Google Consent Mode is wired in for analytics.
- Confirm Hotjar input masking is enabled for form fields.
- Review Intercom load timing relative to the consent banner.
- Document the configuration for each tool and store it with the development team.
Technical evidence notes
connect.facebook.net/en_US/fbevents.jsreferenced in initial HTMLgoogletagmanager.com/gtm.jswith container ID presentstatic.hotjar.comscript tag detectedanalytics.tiktok.com/i18n/pixelreferenced- Consent banner script (
cookiebot) detected with consent-id attribute
What this means
The site is loading multiple marketing, analytics, replay, and chat scripts, with a consent banner in place but configuration not confirmed. The recommended next step is to review timing and consent integration for each tool above.
What this cannot verify
- Whether each script fires before or after consent
- Whether tracking data was actually transmitted
- Whether the consent banner is configured to block scripts
- Whether the site meets specific legal requirements
Frequently asked questions
Is this a real customer's data?
No. All data on this page is sample/mock data used to demonstrate the deliverable. Real customer Snapshots are private and only accessible via a snapshot link.
Is this legal advice?
No. CIPA Risk Scanner provides educational and technical risk-modeling information. It does not provide legal advice or determine legal compliance.
How is the paid Snapshot different from the free scan?
The paid Snapshot organizes findings into a private dashboard with a risk summary, tracker inventory, priority fix list, technical evidence notes, and print/save PDF — designed to be shared with developers or counsel.
What does the Snapshot not verify?
It does not verify pre/post-consent firing, whether tracking data was actually transmitted, or whether the site meets legal requirements.
Get Your Private Snapshot
Run a free, plain-English scan of your homepage for visible tracking risk indicators.
Scan your websiteRelated reading
Trust note
CIPA Risk Scanner provides technical website tracking visibility. Our scanner is designed to help businesses understand visible tracking indicators, not to provide legal conclusions. For legal guidance, consult a qualified attorney.
CIPA Risk Scanner is not a law firm and does not provide legal advice. Content on this page is educational and technical. For legal guidance, consult a qualified attorney.