WebAudit Inspector

Tracking since May 26, 2026.

Changelog

• Jun 2, 2026
  description

  🔍 WebAudit Inspector — Audit the SEO, security, schema and link health of any page in seconds.
  
  Built for developers, technical SEOs and indie hackers who ship fast and don't want to babysit a 20-tab dashboard just to confirm robots.txt exists. One click on the active tab, a clean A+/A/B score, and a per-category breakdown — that's it.
  
  ━━━━━━━━━━━━━━━━━━━━━━━━━━━━
  ✅ WHAT IT CHECKS
  
  ▸ SEO
    • robots.txt, sitemap.xml, favicon (with declared <link rel="icon"> path support)
    • Meta description, canonical, viewport, Open Graph, Twitter Card
  
  ▸ On-Page (content quality)
    • H1 tag — count + first heading text
    • Heading hierarchy — full H1→H6 tree with the actual text of every heading, with visual warnings on skipped levels
    • Schema markup — JSON-LD and microdata, with detected @type chips (Article, Product, FAQ, BreadcrumbList…)
    • Image alt attributes — scrollable list of every missing-alt image with clickable source URLs
  
  ▸ Links (manual scanner)
    • Scans every <a href> on the active page for 200 / 301 / 302 / 307 / 308 / 404 / 410 / 5xx
    • Real HTTP redirect codes captured via chrome.webRequest (not just "redirected" — you see whether it's a 301 or a 302)
    • Live ticker showing which URL is currently being checked
    • Automatic retry of failed requests (slow CDNs no longer get marked as broken)
    • Shows the final destination URL of each redirect
  
  ▸ Security
    • HTTPS / TLS, security.txt
    • Content-Security-Policy, Strict-Transport-Security, X-Frame-Options, X-Content-Type-Options
  
  ▸ AI / LLM
    • llms.txt, llms-full.txt, ai.txt — for sites that want to guide LLM crawlers
  
  ▸ Monetization
    • ads.txt, app-ads.txt, sellers.json — IAB compliance for publishers
  
  ━━━━━━━━━━━━━━━━━━━━━━━━━━━━
  🎯 WHY YOU'LL ACTUALLY USE IT
  
  • One-click audit, A+/F letter grade with weighted scoring
  • Live progress while it works — no blank loading screens
  • Failed file requests are retried automatically once before giving up
  • Doubled 14-second timeout handles slow sitemap.xml hosts
  • Heading hierarchy shows the actual H2/H3/H4 text — so you can verify content structure, not just count tags
  • Image alt panel shows every offending image (not just a count)
  • Link scanner ticker keeps you informed about exactly which URL is being checked right now
  • Clean modern UI in light & dark mode
  • JSON and CSV export for reporting / team sharing / regression tracking
  • Fully localized in English and Turkish
  
  ━━━━━━━━━━━━━━━━━━━━━━━━━━━━
  🔒 PRIVACY (zero data collection)
  
  WebAudit Inspector does not send a single byte to any server we control. There is no analytics, no telemetry, no remote configuration.
  
  • Audit results are cached in browser local storage for 5 minutes per origin
  • Your theme (light/dark) preference is stored locally
  • The "Scan Links" feature makes HEAD requests directly from your browser to the URLs found on the page you're viewing — nothing else
  • Open source, MIT-licensed
  
  ━━━━━━━━━━━━━━━━━━━━━━━━━━━━
  ⚡ HOW IT WORKS
  
  1. Click the extension icon on any HTTPS/HTTP page
  2. WebAudit fetches well-known files from the page's origin (robots.txt, sitemap.xml, ads.txt, llms.txt, etc.) in parallel
  3. A tiny one-time script reads the page's meta tags, headings, schema and image alt attributes (read-only — the page is never modified)
  4. Results render with weighted scoring; failed requests are retried once
  5. Optional: click "Scan Links" to check every link's HTTP status code
  
  ━━━━━━━━━━━━━━━━━━━━━━━━━━━━
  💡 USE CASES
  
  ▸ Pre-launch checklist — verify your new site has robots.txt, sitemap, canonical, OG tags before going live
  ▸ Client audit — generate a CSV report of any client site in 10 seconds
  ▸ Migration QA — re-scan after a CMS migration to catch missing meta and broken links
  ▸ Vibe-coded site sanity check — when AI generated your landing page, verify it actually shipped meta tags
  ▸ Content review — confirm heading hierarchy and image alt coverage before publishing
  ▸ Ad ops — quickly verify ads.txt and sellers.json are reachable
  
  ━━━━━━━━━━━━━━━━━━━━━━━━━━━━
  📦 NO BLOAT
  
  • No login. No account. No newsletter.
  • ~30 KB total package size
  • No third-party libraries, no tracking pixels, no remote scripts
  • Manifest V3, modern Chrome (116+)
  
  ━━━━━━━━━━━━━━━━━━━━━━━━━━━━
  
  Open an issue or contribute on GitHub. Feedback shapes the next release.

  🔍 WebAudit Inspector — Audit the SEO, security, schema and link health of any page in seconds.
  
  Built for developers, technical SEOs and indie hackers who ship fast and don't want to babysit a 20-tab dashboard just to confirm robots.txt exists. One click on the active tab, a clean A+/A/B score, and a per-category breakdown — that's it.
  
  ━━━━━━━━━━━━━━━━━━━━━━━━━━━━
  ✅ WHAT IT CHECKS
  
  ▸ SEO
    • robots.txt, sitemap.xml, favicon (with declared <link rel="icon"> path support)
    • Meta description, canonical, viewport, Open Graph, Twitter Card
  
  ▸ On-Page (content quality)
    • H1 tag — count + first heading text
    • Heading hierarchy — full H1→H6 tree with the actual text of every heading, with visual warnings on skipped levels
    • Schema markup — JSON-LD and microdata, with detected @type chips (Article, Product, FAQ, BreadcrumbList…)
    • Image alt attributes — scrollable list of every missing-alt image with clickable source URLs
  
  ▸ Links (manual scanner)
    • Scans every <a href> on the active page for 200 / 301 / 302 / 307 / 308 / 404 / 410 / 5xx
    • Real HTTP redirect codes captured via chrome.webRequest (not just "redirected" — you see whether it's a 301 or a 302)
    • Filter chips (All / 2xx / 3xx / Broken / Error) for fast triage of large link lists
    • Live ticker showing which URL is currently being checked
    • HEAD→GET fallback (8s / 18s split timeout) handles CDN anti-bot and slow servers
    • Automatic retry of failed requests (slow CDNs no longer get marked as broken)
    • Configurable scan limit (100 / 200 / 500 / All) in Settings
    • Shows the final destination URL of each redirect
    • Dedicated CSV / JSON export with full link list + metadata
  
  ▸ Security
    • HTTPS protocol check
    • HTTP → HTTPS redirect verification — flags sites that don't enforce SSL
    • Mixed content detection — finds every insecure http:// resource (images, scripts, stylesheets, iframes, media) on HTTPS pages
    • Content-Security-Policy, Strict-Transport-Security, X-Frame-Options, X-Content-Type-Options
  
  ▸ AI / LLM (bonus — never penalizes your score)
    • llms.txt, llms-full.txt, ai.txt — for sites that want to guide LLM crawlers
  
  ▸ Ads / Monetization (bonus — never penalizes your score)
    • ads.txt, app-ads.txt, sellers.json — IAB compliance for publishers
  
  ━━━━━━━━━━━━━━━━━━━━━━━━━━━━
  🎯 WHY YOU'LL ACTUALLY USE IT
  
  • Dashboard-style sidebar layout with per-category A+/F grades and an Overview summary
  • One-click audit, weighted scoring — only required checks affect the grade, optional files (llms.txt, ads.txt, etc.) are bonus and never penalize you
  • Reports page shows recent scans across every site you've audited
  • Live progress while it works — no blank loading screens
  • Failed file requests are retried automatically once before giving up
  • Heading hierarchy shows the actual H2/H3/H4 text — so you can verify content structure, not just count tags
  • Image alt panel shows every offending image (not just a count)
  • Link scanner: filterable, exportable list of every link with its HTTP status — large scans triage in seconds
  • Confirmation modal before link scanning explains WAF/CF rate-limit risk so users don't get surprised
  • Clean modern UI in light & dark mode, 780×600 layout designed for real workflow
  • JSON and CSV export for both full audit AND link scan, each with generator metadata (creator, version, homepage, timestamp)
  • Fully localized in English and Turkish
  
  ━━━━━━━━━━━━━━━━━━━━━━━━━━━━
  🔒 PRIVACY (zero data collection)
  
  WebAudit Inspector does not send a single byte to any server we control. There is no analytics, no telemetry, no remote configuration.
  
  • Audit results are cached in browser local storage for 5 minutes per origin
  • Your theme (light/dark) preference is stored locally
  • The "Scan Links" feature makes HEAD (and GET fallback) requests directly from your browser to the URLs found on the page you're viewing — nothing else. A confirmation modal warns you about WAF/Cloudflare rate-limit risks before the first scan
  • Open source, MIT-licensed
  
  ━━━━━━━━━━━━━━━━━━━━━━━━━━━━
  ⚡ HOW IT WORKS
  
  1. Click the extension icon on any HTTPS/HTTP page
  2. WebAudit fetches well-known files from the page's origin (robots.txt, sitemap.xml, ads.txt, llms.txt, etc.) in parallel
  3. A tiny one-time script reads the page's meta tags, headings, schema and image alt attributes (read-only — the page is never modified)
  4. Results render with weighted scoring; failed requests are retried once
  5. Optional: click "Scan Links" to check every link's HTTP status code
  
  ━━━━━━━━━━━━━━━━━━━━━━━━━━━━
  💡 USE CASES
  
  ▸ Pre-launch checklist — verify your new site has robots.txt, sitemap, canonical, OG tags before going live
  ▸ Client audit — generate a CSV report of any client site in 10 seconds
  ▸ Migration QA — re-scan after a CMS migration to catch missing meta and broken links
  ▸ Vibe-coded site sanity check — when AI generated your landing page, verify it actually shipped meta tags
  ▸ Content review — confirm heading hierarchy and image alt coverage before publishing
  ▸ Ad ops — quickly verify ads.txt and sellers.json are reachable
  
  ━━━━━━━━━━━━━━━━━━━━━━━━━━━━
  📦 NO BLOAT
  
  • No login. No account. No newsletter.
  • ~45 KB total package size
  • No third-party libraries, no tracking pixels, no remote scripts
  • Manifest V3, modern Chrome (116+)
  
  ━━━━━━━━━━━━━━━━━━━━━━━━━━━━
  
  Open an issue or contribute on GitHub. Feedback shapes the next release.

Permissions & access

Permissions

activeTabstoragescriptingwebRequest

Host access

http://*/*, https://*/*

Screenshots