A scanner for consent, trackers, and privacy signals
Burhuc Scanner is now available at scan.burhuc.com as a focused privacy and consent scanner powered by CertentiScan. It is built for authorized checks: a site owner, administrator, or explicitly authorized operator can run a public scan and then unlock the full report only after domain control is verified.
The product is intentionally narrow. It checks for trackers before consent, missing reject paths, consent withdrawal gaps, privacy-notice signals, GDPR and ePrivacy relevance, and storage that remains active after rejection. It does not try to become a general vulnerability scanner or a replacement for legal review.
The public scan stays limited
A public scan can show that something may need attention, but it does not expose full evidence to an unverified visitor. The teaser is deliberately sanitized. Full report data, finding evidence, screenshots, URLs, identifiers, and fix details are available only after domain verification.
Domain verification before full evidence
The scanner supports work-email, DNS TXT, and HTML-file verification. Once a domain is verified, the user can review the full report, inspect finding details, generate implementation guidance, and run a verified re-scan to compare what was fixed, what remains, and what is new.
GDPR and ePrivacy checks are part of the scan
The scanner includes EU-relevant privacy checks because GDPR and ePrivacy issues can still matter outside the EU when a site serves people in the EU or monitors their behaviour. It looks for practical signals such as privacy notice availability, controller and contact information, legal-basis language, rights, retention, recipients, transfers, consent controls, and non-essential tracking before consent.
Operational visibility for Burhuc
Burhuc admin now includes a scanner audit view that groups scans by verified email and domain activity. That keeps operational oversight available without turning repeated scans into an endless flat list.