What Is the Apidly Cookie Scanner?
The Apidly Cookie Scanner is an automated tool that crawls your entire website to discover and document every cookie, tracking pixel, web beacon, local storage item, and session storage entry in use.
The scanner identifies who sets each tracking technology, what data it collects, how long it persists, what consent category it belongs to, and what purpose it serves.
Scan results feed directly into your Apidly Cookie Policy and Cookie Consent Manager, keeping compliance documentation accurate automatically.
Why Your Business Needs a Cookie Scanner
Most website operators do not have a complete picture of what cookies their sites set. Third-party scripts, tag managers, advertising pixels, and embedded content each introduce undocumented cookies.
This gap between reality and disclosure is a compliance risk that regulators specifically look for.
Data protection authorities expect cookie policies to be based on actual audits. The CNIL has stated this explicitly. The ICO recommends regular cookie audits as part of compliance.
Websites are dynamic. Every software update, new integration, or marketing campaign can introduce new cookies. A cookie present today may not have existed last month.
Without regular scanning, your documentation inevitably becomes stale and inaccurate.
Third-party scripts are the biggest source of undocumented cookies. A single advertising script can set dozens of cookies from multiple domains.
Analytics platforms, chat widgets, social media embeds, and video players each bring their own tracking. The only reliable way to know what is on your site is to scan it.
The legal exposure is significant. If your policy says you use Google Analytics but your site also sets undisclosed cookies from Facebook, HubSpot, and LinkedIn, your policy is inaccurate and your consent mechanism is incomplete.
Key Features and Capabilities
Deep website crawling navigates your entire site, following links, executing JavaScript, and simulating user behavior to trigger cookie-setting that only occurs during browsing.
The scanner handles single-page applications, dynamically loaded content, authentication-protected pages, and multi-step user flows.
Automatic cookie identification uses a database of over 50,000 known cookies to recognize and categorize detected items. Each match includes provider, purpose, category, data collected, and retention period.
Third-party tracker and pixel detection goes beyond cookies to identify tracking pixels, web beacons, fingerprinting scripts, and other non-cookie technologies.
These technologies are covered by the ePrivacy Directive and must be disclosed alongside cookies.
Local storage and session storage scanning detects data stored through the Web Storage API and IndexedDB. These mechanisms are covered by the ePrivacy Directive.
The known cookie database is continuously updated as new tracking technologies emerge and existing services change their behavior.
Scheduled recurring scans run automatically at your chosen intervals. The scheduler notifies your team immediately when previously unknown cookies are detected.
Detailed scan reports provide a complete inventory organized by category, provider, and domain. Each entry includes technical details and remediation guidance.
Comparison reports highlight changes between consecutive scans, showing new cookies, removed cookies, and property changes.
How It Works
Enter your website URL in the dashboard and initiate a scan. Configure the scope including maximum pages, whether to include authenticated areas, and crawl boundaries.
The crawler visits each page in a full browser environment, executing JavaScript and simulating interactions to trigger all cookie-setting behavior.
Detected cookies are matched against the known database. Recognized cookies are automatically categorized with full details. Unknown cookies are flagged for your review.
Review results in the interactive dashboard. The report displays a complete inventory with filtering, searching, and sorting capabilities.
For each entry, view the setting domain, path, expiration, secure flag, SameSite attribute, and the specific pages where it was detected.
Accept categorizations or make adjustments. Confirmed results automatically update your Cookie Policy content, Consent Manager categories, and banner disclosures.
No additional manual steps are required to keep your compliance documentation in sync with reality.
Compliance Coverage
GDPR Article 30 record-keeping requirements are supported through comprehensive documentation of all tracking technologies and their purposes.
The ePrivacy Directive requirement for informed consent depends on accurate knowledge of what technologies are in use. The scanner provides this factual foundation.
CNIL cookie audit expectations are met through systematic scanning, known cookie identification, and regular scheduling that demonstrates due diligence.
ICO cookie audit guidance is followed through comprehensive, regular scanning and documentation of all cookies and similar technologies.
The EDPB position on transparency is supported by results that enable accurate, current cookie disclosures in your privacy notices and consent interfaces.
Get Started Today
You cannot manage what you do not know about. The Apidly Cookie Scanner reveals every tracking technology on your site and keeps compliance documentation accurate.
Run your first scan free and discover what is really happening on your website.