Most WordPress sites add a cookie plugin, publish a privacy policy, and hope for the best.
That’s understandable. Consent tools are good at blocking or labeling trackers once you configure them. They’re less helpful at answering the question site owners actually start with:
What third-party stuff is on my site anyway?
That gap is awkward. You’re asking visitors to accept or reject categories you may not have fully mapped yet.
The problem isn’t the cookie plugin
Cookie plugins (Complianz, Cookiebot, atec Cookies, and others) do their job: show a bar, store consent, integrate with the WP Consent API.
But before that, someone has to know:
- Which domains load on the homepage
- Whether they come from HTML, CSS, or JavaScript
- Which are fonts, analytics, CDNs, embeds
- What might only appear after JavaScript runs
Most site owners discover this by:
- Opening DevTools → Network tab
- Squinting at a long request list
- Copy-pasting domains into a spreadsheet
Still missing things that load only for logged-in admins or after JS runs
It works. It’s also tedious, easy to get wrong, and not something you want to repeat every time you change a theme, add a plugin, or tweak the homepage.
What we built: atec Privacy Check
We’re developers who ship a lot of WordPress performance and compliance plugins. We wanted something simpler for the discovery step — before consent configuration, before legal text, before “why is Google still loading?”
atec Privacy Check scans a URL (homepage by default) and lists external domains found in:
- HTML (script, link, img, iframe, srcset, etc.)
- Linked local CSS files (url() for fonts and backgrounds)
- Linked local JS files (URL-like strings — marked as unconfirmed)
Results are grouped by domain with labels like CDN, Google Fonts, Tracking / Analytics, Stylesheet, Script, and Embedded content.
It’s honest about limits:
- It reads HTML and linked assets. It does not execute JavaScript.
- JS-injected trackers may need a future browser check.
- Admin sessions can differ from anonymous visitors.
That honesty matters. Privacy tools shouldn’t pretend to be a full browser audit if they aren’t one.
A practical workflow with cookie plugins
Here’s how we’d use it alongside a consent stack:
- Run Privacy Check on the homepage (and key landing pages).
- Export the domain list mentally — or copy from the results table.
- Map domains to consent categories in your cookie plugin (marketing, statistics, functional, etc.).
- Fix what you can — e.g. self-host fonts with atec Local Fonts instead of loading from fonts.googleapis.com.
- Re-scan after changes.
Privacy Check doesn’t replace legal advice or a cookie manager. It’s the inventory step that makes the cookie plugin configuration less guesswork.
If you already run atec Cookies, the flow is natural: discover with Privacy Check, configure consent with Cookies.
Who it’s for
- Site owners preparing a privacy policy or GDPR disclosure
- Agencies onboarding new clients
- Developers who changed the theme and want a quick “what broke externally?” check
- Anyone configuring a cookie banner who doesn’t want to rely only on DevTools
Try it
atec Privacy Check is part of the atec plugins family (PRO). Install it, enter your homepage URL (or leave it blank), click Scan, and review external domains in a few seconds.
No browser engine. No black box. Just: what does the server-rendered page point to?
That’s often enough to stop guessing — and to make your cookie plugin actually reflect what your site loads.
Top comments (0)