Site Inspector by Bright Interaction

Tracking since Apr 4, 2026.

Changelog

• May 9, 2026
  description

  Site Inspector runs 130+ automated checks on any website in one click. No account needed, no data sent anywhere. Everything runs locally in your browser.
  
  You get instant grades (A+ to F) across 6 categories:
  
  SECURITY (21 checks)
  - HTTPS, HSTS, CSP quality analysis
  - Security headers (X-Content-Type-Options, X-Frame-Options, Referrer-Policy, Permissions-Policy)
  - SRI verification for third-party scripts
  - Mixed content detection
  - security.txt (RFC 9116) presence
  
  SEO (55+ checks)
  - Title tag length and quality
  - Meta description CTA detection (English + Swedish)
  - Heading hierarchy validation (H1 through H6)
  - Open Graph and Twitter Card completeness
  - OG image dimensions (1200x630 check)
  - Structured data / JSON-LD detection and type listing
  - FAQ schema vs visible content validation
  - Canonical tag validation (tracking param aware)
  - Hreflang tags
  - External outbound link count
  - Descriptive alt text quality (not just presence)
  - llms.txt for AI search readiness
  - robots.txt and XML sitemap detection
  - SERP preview
  
  PERFORMANCE (18 checks)
  - Core Web Vitals: LCP, INP, CLS
  - TTFB, FCP, DOM Content Loaded
  - Page weight and request count
  - Image format, lazy loading, dimensions
  - Font loading (font-display, file count, Google Fonts family count)
  - Inline CSS bloat detection
  - Render-blocking script detection
  - HTTP/2+ protocol check
  
  PRIVACY (12 checks)
  - Consent banner detection (16 platforms supported)
  - Pre-consent tracking detection (GDPR violation)
  - Cookie count and security audit
  - Third-party domain count
  - Tracker identification
  - AI training bot blocking check
  - Privacy policy detection (warns on external-only policies)
  - Terms and cookie policy detection
  
  ACCESSIBILITY (21 checks)
  - WCAG AA color contrast analysis (skips image/gradient backgrounds)
  - Landmark roles (main, nav, header, footer)
  - Skip navigation link
  - Form labels and button labels
  - Image alt text
  - Video captions
  - Heading order and structure
  - Keyboard focus indicators
  
  TECH STACK DETECTION
  - Identifies frameworks, CMS platforms, page builders, hosting providers, and analytics tools
  - Detects 30+ technologies across 5 categories
  
  EXPORT OPTIONS
  - PDF report with full findings
  - CSV export for spreadsheets
  
  KEYWORD ANALYSIS
  - Top keyword extraction with density percentages
  - Keyword distribution across headings vs body
  
  Built by Bright Interaction (https://brightinteraction.com) - a security and compliance company based in Sweden. We use this tool ourselves to audit 599+ websites.
  
  100% free. No ads. No tracking. No account required.
  
  ## Category
  Developer Tools
  
  ## Language
  English
  
  ## Privacy Policy URL
  https://brightinteraction.com/privacy
  
  ## Homepage URL
  https://brightinteraction.com/platform
  
  ## What's New in 1.4.0
  - Redirect detection: prevents mixing headers from one site with content from another after navigation
  - Report URL now shows the actual analyzed page, not the tab URL (fixes wrong URL in reports)
  - Performance scoring rebalanced: DOMContentLoaded and Full Load thresholds relaxed and graduated (no more F grades for 3-second loads)
  - TTFB "good" threshold raised from 300ms to 500ms (realistic for most hosting)
  - URL length check now uses canonical URL, no longer penalizes pages for UTM/tracking parameters
  - CSP wildcard detection: no longer flags subdomain patterns (*.example.com) as bare wildcards
  - Consent banner detection: added CookieScript, HubSpot Cookie Banner
  - Third-party domain classification: added Bing, Snapchat, Storyblok, Squarespace, Trustpilot, Voyado, New Relic, and more
  - Cookie classification: added Didomi, CookieScript consent cookies
  - HubSpot domains (hs-banner, hs-analytics, hs-scripts, etc.) now properly categorized
  
  ## What's New in 1.3.1
  - Accuracy improvements from testing against Forbes, Apple, CDON, Nelly, Brownells, AlternativeTo, Product Hunt, and more
  - FAQ schema: validates question text appears on page (any layout, not just accordions)
  - Heading hierarchy: correctly fails when H1 is missing
  - CTA detection: now supports Swedish meta descriptions
  - Canonical check: no longer flags tracking params as mismatches
  - Privacy policy: warns when policy links to external domain instead of your own
  - Contrast analysis: skips text over images/gradients (eliminates false 1:1 ratios)
  - TTFB thresholds aligned with Google guidance (300ms/800ms)
  - Plaintext email detection: filters out logged-in user emails in navigation
  - Empty link checks: SEO and Accessibility now use consistent criteria
  
  ## What's New in 1.3.0
  - 12 new checks (130+ total, up from 80+)
  - AI search readiness: llms.txt detection, AI training bot blocking check
  - SEO: meta description CTA analysis, alt text quality, external link count, FAQ schema validation, title truncation warning, OG image dimensions
  - Privacy: AI training bot detection in robots.txt
  - Performance: Google Fonts count, inline CSS bloat detection
  - Tech stack: page builder detection
  - Removed: outreach email generator

  Site Inspector runs 140+ automated checks on any website in one click. No account needed, no data sent anywhere. Everything runs locally in your browser.
  
  You get instant grades (A+ to F) across 6 categories:
  
  SECURITY (21 checks)
  - HTTPS, HSTS, CSP quality analysis
  - Security headers (X-Content-Type-Options, X-Frame-Options, Referrer-Policy, Permissions-Policy)
  - SRI verification for third-party scripts
  - Mixed content detection
  - security.txt (RFC 9116) presence
  
  SEO (55+ checks)
  - Title tag length and quality
  - Meta description CTA detection (English + Swedish)
  - Heading hierarchy validation (H1 through H6)
  - Open Graph and Twitter Card completeness
  - OG image dimensions (1200x630 check)
  - Structured data / JSON-LD detection and type listing
  - FAQ schema vs visible content validation
  - Canonical tag validation (tracking param aware)
  - Hreflang tags
  - External outbound link count
  - Descriptive alt text quality (not just presence)
  - llms.txt for AI search readiness
  - robots.txt and XML sitemap detection
  - SERP preview
  
  PERFORMANCE (18 checks)
  - Core Web Vitals: LCP, INP, CLS
  - TTFB, FCP, DOM Content Loaded
  - Page weight and request count
  - Image format, lazy loading, dimensions
  - Font loading (font-display, file count, Google Fonts family count)
  - Inline CSS bloat detection
  - Render-blocking script detection
  - HTTP/2+ protocol check
  
  PRIVACY (12 checks)
  - Consent banner detection (30+ platforms supported)
  - Pre-consent tracking detection (GDPR violation)
  - Cookie count and security audit
  - Third-party domain count
  - Tracker identification
  - AI training bot blocking check (19 crawlers: GPTBot, ClaudeBot, Google-Extended, PerplexityBot, Applebot-Extended, Bytespider, and more) — with proper robots.txt parsing
  - Privacy policy detection (English + Swedish, with URL probe fallback for unlinked pages)
  - Terms and cookie policy detection (English + Swedish, with URL probe fallback)
  
  ACCESSIBILITY (21 checks)
  - WCAG AA color contrast analysis (skips image/gradient backgrounds)
  - Landmark roles (main, nav, header, footer)
  - Skip navigation link
  - Form labels and button labels
  - Image alt text
  - Video captions
  - Heading order and structure
  - Keyboard focus indicators
  
  TECH STACK DETECTION
  - Identifies frameworks, CMS platforms, page builders, hosting providers, and analytics tools
  - Detects 30+ technologies across 5 categories
  
  EXPORT OPTIONS
  - PDF report with full findings
  - CSV export for spreadsheets
  
  KEYWORD ANALYSIS
  - Top keyword extraction with density percentages
  - Keyword distribution across headings vs body
  
  Built by Bright Interaction (https://brightinteraction.com) - a security and compliance company based in Sweden. We use this tool ourselves to audit 599+ websites.
  
  100% free. No ads. No tracking. No account required.
  
  ## Category
  Developer Tools
  
  ## Language
  English
  
  ## Privacy Policy URL
  https://brightinteraction.com/privacy
  
  ## Homepage URL
  https://brightinteraction.com/platform
  
  ## What's New in 1.4.1
  - Privacy policy detection: scans the full URL path so /legal/privacy and /about/privacy-notice are now caught. Probe list expanded from 9 to 21 paths covering English variants (privacy-notice, data-protection, legal/privacy) and Swedish (integritetspolicy, sekretess, dataskydd)
  - Terms / cookie policy detection: now mirrors the privacy policy logic with URL probe fallback. Catches sites that host /cookies, /legal, /tos, /villkor, /kakor without a footer link
  - AI training bot detection: bot list grew from 5 to 19 — now catches ClaudeBot, OAI-SearchBot, PerplexityBot, Applebot-Extended, Bytespider, Amazonbot, Meta-ExternalAgent, cohere-ai, YouBot, and more
  - AI training bot detection: replaced the naive regex with a proper robots.txt parser. Previously, "Disallow: /admin" could falsely register as fully blocking a bot — now requires an actual full-site block
  - Consent banner detection: added 12 new platforms (30+ total)
  - Consent banner detection: now matches secondary CDN domains so providers loaded from vendor CDNs are detected
  - Consent cookie fallback: matches 25+ specific cookie names so consent is detected even when the script is blocked
  - Sitemap detection: probe list grew from 3 to 13 paths — adds WordPress core (/wp-sitemap.xml), Yoast (/page-sitemap.xml, /post-sitemap.xml), gzipped variants, and /sitemap-index.xml. Now also checks the robots.txt-declared sitemap first
  - llms.txt: also checks /llms-full.txt (the spec's full-content variant)
  - security.txt: adds the RFC 9116 fallback location /security.txt. Tightened the Contact: matcher to a line-anchored regex to avoid false positives on HTML 404 pages
  
  ## What's New in 1.4.0
  - Redirect detection: prevents mixing headers from one site with content from another after navigation
  - Report URL now shows the actual analyzed page, not the tab URL (fixes wrong URL in reports)
  - Performance scoring rebalanced: DOMContentLoaded and Full Load thresholds relaxed and graduated (no more F grades for 3-second loads)
  - TTFB "good" threshold raised from 300ms to 500ms (realistic for most hosting)
  - URL length check now uses canonical URL, no longer penalizes pages for UTM/tracking parameters
  - CSP wildcard detection: no longer flags subdomain patterns (*.example.com) as bare wildcards
  - Consent banner detection: added 2 new platforms
  - Third-party domain classification: added Bing, Snapchat, Storyblok, Squarespace, Trustpilot, Voyado, New Relic, and more
  - Cookie classification: added new consent cookie signatures
  - Additional third-party domains now properly categorized
  
  ## What's New in 1.3.1
  - Accuracy improvements from testing against Forbes, Apple, CDON, Nelly, Brownells, AlternativeTo, Product Hunt, and more
  - FAQ schema: validates question text appears on page (any layout, not just accordions)
  - Heading hierarchy: correctly fails when H1 is missing
  - CTA detection: now supports Swedish meta descriptions
  - Canonical check: no longer flags tracking params as mismatches
  - Privacy policy: warns when policy links to external domain instead of your own
  - Contrast analysis: skips text over images/gradients (eliminates false 1:1 ratios)
  - TTFB thresholds aligned with Google guidance (300ms/800ms)
  - Plaintext email detection: filters out logged-in user emails in navigation
  - Empty link checks: SEO and Accessibility now use consistent criteria
  
  ## What's New in 1.3.0
  - 12 new checks (130+ total, up from 80+)
  - AI search readiness: llms.txt detection, AI training bot blocking check
  - SEO: meta description CTA analysis, alt text quality, external link count, FAQ schema validation, title truncation warning, OG image dimensions
  - Privacy: AI training bot detection in robots.txt
  - Performance: Google Fonts count, inline CSS bloat detection
  - Tech stack: page builder detection
  - Removed: outreach email generator

• May 9, 2026
  short_description

  One-click website audit: security, performance, SEO, privacy & accessibility. 130+ checks, A+ to F grading, free.

  One-click website audit: security, performance, SEO, privacy & accessibility. 140+ checks, A+ to F grading, free.

• Apr 17, 2026
  description

  Site Inspector gives you a complete website audit in one click — no DevTools, no external services, no account needed.
  
  8 Analysis Categories:
  • Security — headers, CSP quality, SRI, duplicate headers, compression, cache, security.txt
  • Performance — Core Web Vitals, page weight, render-blocking scripts, image optimization, font loading
  • SEO — on-page (title, meta, headings, alt text), technical (canonical, hreflang, sitemap, robots.txt), social (OG, Twitter, schema)
  • Privacy — consent banner detection, pre-consent tracking (GDPR), cookie classification, tracker identification, DNT/GPC
  • Accessibility — WCAG AA color contrast, ARIA landmarks, heading structure, form labels, focus management
  • Tech Stack — frameworks, CMS, hosting, analytics, libraries, build tools
  • Keywords — top keywords with density, two-word phrases
  • Quick Wins — top issues prioritized by impact, grouped by category
  
  Features:
  • A+ to F grading with +/- modifiers across all categories
  • PDF branded report (print to PDF)
  • CSV structured export
  • Outreach email generator
  • Historical scan comparison
  • Dark mode
  • Extension icon badge showing overall grade
  
  100% local — no data leaves your browser. Free forever.
  
  Built by Bright Interaction — https://brightinteraction.com

  Site Inspector runs 130+ automated checks on any website in one click. No account needed, no data sent anywhere. Everything runs locally in your browser.
  
  You get instant grades (A+ to F) across 6 categories:
  
  SECURITY (21 checks)
  - HTTPS, HSTS, CSP quality analysis
  - Security headers (X-Content-Type-Options, X-Frame-Options, Referrer-Policy, Permissions-Policy)
  - SRI verification for third-party scripts
  - Mixed content detection
  - security.txt (RFC 9116) presence
  
  SEO (55+ checks)
  - Title tag length and quality
  - Meta description CTA detection (English + Swedish)
  - Heading hierarchy validation (H1 through H6)
  - Open Graph and Twitter Card completeness
  - OG image dimensions (1200x630 check)
  - Structured data / JSON-LD detection and type listing
  - FAQ schema vs visible content validation
  - Canonical tag validation (tracking param aware)
  - Hreflang tags
  - External outbound link count
  - Descriptive alt text quality (not just presence)
  - llms.txt for AI search readiness
  - robots.txt and XML sitemap detection
  - SERP preview
  
  PERFORMANCE (18 checks)
  - Core Web Vitals: LCP, INP, CLS
  - TTFB, FCP, DOM Content Loaded
  - Page weight and request count
  - Image format, lazy loading, dimensions
  - Font loading (font-display, file count, Google Fonts family count)
  - Inline CSS bloat detection
  - Render-blocking script detection
  - HTTP/2+ protocol check
  
  PRIVACY (12 checks)
  - Consent banner detection (16 platforms supported)
  - Pre-consent tracking detection (GDPR violation)
  - Cookie count and security audit
  - Third-party domain count
  - Tracker identification
  - AI training bot blocking check
  - Privacy policy detection (warns on external-only policies)
  - Terms and cookie policy detection
  
  ACCESSIBILITY (21 checks)
  - WCAG AA color contrast analysis (skips image/gradient backgrounds)
  - Landmark roles (main, nav, header, footer)
  - Skip navigation link
  - Form labels and button labels
  - Image alt text
  - Video captions
  - Heading order and structure
  - Keyboard focus indicators
  
  TECH STACK DETECTION
  - Identifies frameworks, CMS platforms, page builders, hosting providers, and analytics tools
  - Detects 30+ technologies across 5 categories
  
  EXPORT OPTIONS
  - PDF report with full findings
  - CSV export for spreadsheets
  
  KEYWORD ANALYSIS
  - Top keyword extraction with density percentages
  - Keyword distribution across headings vs body
  
  Built by Bright Interaction (https://brightinteraction.com) - a security and compliance company based in Sweden. We use this tool ourselves to audit 599+ websites.
  
  100% free. No ads. No tracking. No account required.
  
  ## Category
  Developer Tools
  
  ## Language
  English
  
  ## Privacy Policy URL
  https://brightinteraction.com/privacy
  
  ## Homepage URL
  https://brightinteraction.com/platform
  
  ## What's New in 1.4.0
  - Redirect detection: prevents mixing headers from one site with content from another after navigation
  - Report URL now shows the actual analyzed page, not the tab URL (fixes wrong URL in reports)
  - Performance scoring rebalanced: DOMContentLoaded and Full Load thresholds relaxed and graduated (no more F grades for 3-second loads)
  - TTFB "good" threshold raised from 300ms to 500ms (realistic for most hosting)
  - URL length check now uses canonical URL, no longer penalizes pages for UTM/tracking parameters
  - CSP wildcard detection: no longer flags subdomain patterns (*.example.com) as bare wildcards
  - Consent banner detection: added CookieScript, HubSpot Cookie Banner
  - Third-party domain classification: added Bing, Snapchat, Storyblok, Squarespace, Trustpilot, Voyado, New Relic, and more
  - Cookie classification: added Didomi, CookieScript consent cookies
  - HubSpot domains (hs-banner, hs-analytics, hs-scripts, etc.) now properly categorized
  
  ## What's New in 1.3.1
  - Accuracy improvements from testing against Forbes, Apple, CDON, Nelly, Brownells, AlternativeTo, Product Hunt, and more
  - FAQ schema: validates question text appears on page (any layout, not just accordions)
  - Heading hierarchy: correctly fails when H1 is missing
  - CTA detection: now supports Swedish meta descriptions
  - Canonical check: no longer flags tracking params as mismatches
  - Privacy policy: warns when policy links to external domain instead of your own
  - Contrast analysis: skips text over images/gradients (eliminates false 1:1 ratios)
  - TTFB thresholds aligned with Google guidance (300ms/800ms)
  - Plaintext email detection: filters out logged-in user emails in navigation
  - Empty link checks: SEO and Accessibility now use consistent criteria
  
  ## What's New in 1.3.0
  - 12 new checks (130+ total, up from 80+)
  - AI search readiness: llms.txt detection, AI training bot blocking check
  - SEO: meta description CTA analysis, alt text quality, external link count, FAQ schema validation, title truncation warning, OG image dimensions
  - Privacy: AI training bot detection in robots.txt
  - Performance: Google Fonts count, inline CSS bloat detection
  - Tech stack: page builder detection
  - Removed: outreach email generator

• Apr 17, 2026
  short_description

  One-click website audit: security, performance, SEO, privacy & accessibility. 80+ checks, A+ to F grading, free.

  One-click website audit: security, performance, SEO, privacy & accessibility. 130+ checks, A+ to F grading, free.

Permissions & access

Permissions

activeTabscriptingwebRequeststorage

Host access

<all_urls>

Screenshots