Tracking & analytics audit explained
What the Tracking audit checks
The Tracking module (/dashboard/sites/<id>/audit/tracking) detects whether the client site has analytics installed correctly, and surfaces gaps that hurt conversion-attribution accuracy.
What's detected (all tiers)
- Analytics: GA4 (
G-XXXXmeasurement ID), legacy UA (UA-XXXXβ flagged deprecated) - Tag managers: GTM, GTM-Server
- Search Console verification: meta tag + DNS TXT (Enterprise only)
- Bing Webmaster: meta + DNS TXT
- Yandex Metrica: meta + DNS TXT
- Marketing pixels: Meta (Facebook + CAPI), TikTok, LinkedIn Insight, Pinterest, Snapchat
- UX heatmaps: Hotjar, Microsoft Clarity, FullStory
- Cookie consent providers (Agency+): 12 vendor fingerprints (CookieBot, OneTrust, Iubenda, Termly, etc)
Privacy signals (Agency+)
anonymize_ipconfigured?- Consent Mode v2 with
ad_user_data+ad_personalizationparams? - gtag
defaultconsent set todenied? - DNT (Do Not Track) respected?
- FB CAPI hashing user data (SHA-256)?
DNS TXT verification (Enterprise)
Many sites verify Google/Bing/Yandex via apex-domain DNS TXT records β more secure than meta tags but invisible to meta-only checks. Enterprise-tier audits use Node's built-in DNS resolver to query google-site-verification, MS=ms*, and yandex-verification TXT records.
Setup score
Composite 0-100 with 9 weighted deductions: no-analytics (-25 critical), deprecated-UA (-15), GTM-no-GA4 (-8), no-GSC (meta+DNS, -10), broken-tags (-3 each capped -15), FB-no-CAPI (-6), no-conversion-events (-5), no-cookie-consent-when-tracking-active (-10), no-privacy-signals (-5).
Still stuck? Our support team replies within 8 hours on weekdays.