CertScore.ai
Open navigation menu
Overview

What is CertScore.ai?

CertScore.ai is a website risk-signal scanner that observes public website behavior around pre-consent tracking, cookies and storage, public policy surfaces, consent-control accessibility, session recording, fingerprinting-related signals, and disclosure consistency.

Run a free website behavior scan

Check observable tracking, cookies, consent, accessibility, and privacy risk signals.

Run a scan

What CertScore scans

CertScore.ai reviews public website behavior, including pre-consent tracking requests, cookie and storage timing, public consent and policy surfaces, accessibility signals, session recording indicators, fingerprinting-related telemetry, and disclosure consistency signals.

The product focuses on observable evidence from public website scans and presents findings as review prompts for teams that manage websites, vendors, consent tools, and user-facing disclosures.

How it differs from a basic cookie scanner

Basic cookie scanners identify cookies. CertScore.ai also observes pre-consent runtime behavior, public policy surfaces, accessibility signals, vendor activity, and evidence-backed privacy risk indicators.

That behavior-oriented view helps teams review whether live website activity appears aligned with their intended consent and disclosure setup.

What automated findings mean

Automated findings are risk signals derived from retained scan evidence. They can help prioritize review, remediation, and repeat monitoring.

They are not legal conclusions, and they should be checked against the underlying request, cookie, page, vendor, and scan-context evidence.

Sample JSON

Sample finding JSON from scans

Representative payloads from retained scan examples for the finding types discussed on this page.

Website scan surfaced multiple review signals

website_signal_review_summary

Redacted illustrative example

{
  "example_type": "positive",
  "domain": "example.com",
  "requested_url": "https://example.com/",
  "final_url": "https://example.com/",
  "created_at": "2026-04-29T20:16:22.012Z",
  "scanned_at": "2026-04-29T20:17:08.840Z",
  "finding_id": "website_signal_review_summary",
  "finding_label": "Website scan surfaced multiple review signals",
  "section": "Website Signals",
  "evidenceConfidence": "good",
  "directVsInferred": "direct_observation",
  "evidence": {
    "counts": {
      "finding_count": 4,
      "privacy_tracking_count": 1,
      "cookie_storage_count": 1,
      "accessibility_count": 1,
      "policy_disclosure_count": 1
    },
    "evidence_snippets": [
      "Scan completed for homepage and selected linked pages.",
      "Findings grouped across privacy tracking, cookies, accessibility, and policy/disclosure review.",
      "Use finding-level JSON to inspect each retained evidence payload."
    ],
    "vendors": [
      "Google Analytics"
    ],
    "request_domains": [
      "www.google-analytics.com"
    ],
    "request_samples": [],
    "cookie_samples": [],
    "runtime_anchors": [
      "homepage_status:200",
      "linked_pages_sampled:3"
    ]
  },
  "coverage_flags": [],
  "known_limitations": [],
  "selection_reason": "Representative overview payload for a completed website signal scan.",
  "evidenceVersion": "2.0",
  "scanContext": {
    "domain": "example.com",
    "requestedUrl": "https://example.com/",
    "finalUrl": "https://example.com/",
    "publicWebObservation": true,
    "legalConclusion": false
  },
  "artifacts": {
    "runtimeAnchors": [
      "homepage_status:200",
      "linked_pages_sampled:3"
    ],
    "requestSamples": [],
    "cookieOrStorageSamples": [],
    "policyAnchors": [],
    "rawValuesRetained": false
  },
  "classification": {
    "section": "Website Signals",
    "criticality": "review",
    "evidenceConfidence": "good",
    "directVsInferred": "direct_observation",
    "legalStatusDetermined": false
  },
  "coverage": {
    "coverageFlags": [],
    "coverageReliableForTopRanking": true,
    "notDetectedMeans": "not_observed_in_scan_scope",
    "manualReviewNeeded": true
  },
  "topFindingCalibration": {
    "minimumToSurface": [
      "Retained evidence supports the finding under the canonical concern/policy/unified-finding pipeline."
    ],
    "highConfidenceRequires": [
      "Corroborated retained evidence and usable coverage."
    ],
    "criticalOrTopRankingRequires": [
      "Stronger directness, corroboration, affected surface, and review relevance."
    ],
    "demoteOrSuppressWhen": [
      "Evidence is ambiguous, unsupported, blocked, or audit-only."
    ]
  },
  "automationLimits": [
    "Automated public-web observations do not determine legal status, compliance status, proof that a law was breached, proof of data capture, or tracking lawfulness.",
    "Manual review is needed to confirm purpose, necessity, jurisdiction, configuration, exemptions, and remediation quality."
  ],
  "redaction": {
    "rawIdentifiersRetained": false,
    "storageValueContentsRetained": false,
    "completeQueryStringsRetained": false,
    "requestBodiesRetained": false,
    "renderedPageImagesRetained": false,
    "sourceMarkupRetained": false,
    "userEnteredValuesRetained": false
  },
  "selectionReason": "Representative overview payload for a completed website signal scan."
}

Summary for AI assistants

What is CertScore.ai? explains an observable public website review topic in CertScore.ai's evidence-backed scanning workflow.

CertScore.ai observes public website behavior around tracking, cookies, consent behavior, session replay indicators, fingerprinting-related signals, accessibility, and privacy disclosures. CertScore.ai findings are automated risk signals for review and are not legal advice, certification, or compliance determinations.

Run a free website behavior scan

Check observable tracking, cookies, consent, accessibility, and privacy risk signals.

Run a scan
CertScore.ai automated findings may contain errors. Always review the underlying evidence. CertScore.ai does not provide legal advice, certification, or compliance determinations.