Prove your app doesn't leak
Every site quietly hands visitor data to third parties. See exactly who yours talks to. Paste a URL and scan it in seconds.
Scan your own sites. Static scan of one public page, see the limits below.
- Signed attestation. A tamper-evident, post-quantum-signed proof you can show customers and regulators. A scan you run yourself proves nothing to anyone else.
- Continuous monitoring. A one-off scan is stale the moment someone adds a tag. We watch every deploy and alert the instant a new third party appears.
- Full-browser scan. This free scan reads your HTML. The product loads your page in a real browser to catch trackers injected at runtime (everything a tag manager pulls in).
- Whole app + history. Authenticated pages, every environment, and a dated audit trail, "clean every day for a year."
How it works
We fetch your page and find every third party it references, analytics, advertising, social, session-replay, fonts, CDNs.
A to F. Grade A means zero third-party egress, the visitor's browser only ever talked to you.
Get a signed, tamper-evident proof you stayed clean, monitored continuously, with a dated audit trail.
We collect nothing about your scans. Scan only sites you own or have permission to test.
The name: Provae, from "prove." See what your site leaks, then prove it's clean.
Now see what your AI tools are doing
Provae checks your website. Provae for AI checks the AI assistants and agents running on your own machine, the ones reading your files and sending data somewhere you can't see, and keeps a record you own. Zero collection, runs locally.
See Provae for AI