The live scan is the part of the audit where our scanner visits your website - so we describe honestly what exactly it does, what it stores and what it never touches.
What the scanner does
The scanner opens the publicly accessible pages of your website in a real browser (technically: a headless browser - a full browser engine driven programmatically) and observes what happens on the measurement side:
What the scanner does NOT do
What we store from this visit
The report receives technical findings, not a copy of your website: tag detection status, detected measurement IDs, duplication signals, Consent Mode behavior, PII risk signals. We don't archive your website's content.
Will the scanner's visit skew my statistics
A single, short visit is statistically invisible at the scale of GA4 data. The scanner sends no events of its own to GA4 - it only triggers what your site already sends on every visit, so it adds roughly as much to your data as a single visitor.
The scanner vs. your anti-bot protections
The scanner visits the site like a regular browser. If your website uses aggressive anti-bot protections (WAF, Cloudflare challenges etc.), the scan may be blocked - the API-based GA4 configuration audit completes regardless, but site-verified checkpoints may receive an "N/A" status with a note that verification wasn't possible. See: The scanner can't see my GA4 tag even though it's installed.
Related articles: