Shahid Malla

SiteScout extension

SiteScout — Privacy Policy.

Last updated June 7, 2026

Effective date: June 5, 2026 · Last updated: June 5, 2026

This privacy policy explains how the SiteScout Chrome extension ("the Extension") handles your data.

Summary in plain language

SiteScout looks up public information about websites you choose to inspect. When you click the SiteScout icon on a webpage, the Extension sends a few lookups to independent public services. Those lookups contain only the domain name of the page you are inspecting — nothing about you, your browsing, or your identity. SiteScout has no servers of its own, no analytics, no telemetry, and no user accounts.

What data the Extension collects

The Extension does not collect any personal data. It does not store your browsing history, page contents, form data, credentials, or any identifying information.

What the Extension sends to third parties

When you click the SiteScout toolbar icon on a webpage, the Extension performs four operations:

  • Reads the current page locally — performance timings (TTFB, page load, transferred bytes) from the browser's built-in Performance API, and HTTP response headers (server, security headers, cache headers). This happens inside your browser. Nothing is transmitted to anyone.
  • DNS lookup — sends the domain name to Cloudflare's free public DNS-over-HTTPS endpoint at https://cloudflare-dns.com/dns-query to look up DNS records (A, AAAA, MX, NS, TXT, CAA, plus _dmarc.<domain> TXT). Cloudflare's privacy policy for this service: developers.cloudflare.com/1.1.1.1/privacy
  • SSL certificate lookup — sends the domain name to crt.sh, a public Certificate Transparency log search operated by Sectigo, to find the most recent SSL certificate for that domain. Only the domain name is sent.
  • WHOIS lookup — sends the registered domain name to rdap.org (a free public RDAP bootstrap service) to fetch registration details such as registrar, creation date, and expiry date. Only the domain name is sent.

None of these services receives any identifying information about you beyond what they would ordinarily see in any web request (your IP address and User-Agent string). The Extension does not send your browsing history, cookies, page contents, or any data from pages other than the one you are inspecting.

What the Extension does NOT do

  • Does not run in the background. The Extension only acts when you click the toolbar icon.
  • Does not read or store page contents, form fields, passwords, or cookies.
  • Does not track your browsing across sites.
  • Does not send any analytics or telemetry.
  • Does not include any third-party trackers or advertising.
  • Does not have a backend server. SiteScout has no server of its own to which any data is sent.
  • Does not collect or use data for any purpose other than performing the lookups described above for the current request.
  • Does not modify the pages you visit.
  • Does not store the results of scans persistently. When you close the popup, results are discarded.

Permissions explained

  • activeTab — grants the Extension temporary, one-time access to the current tab when you click its toolbar icon. This is used to read response headers and performance timings for the page you are inspecting. Permission is automatically revoked when you navigate away or close the tab.
  • scripting — allows the Extension to inject a small data-collection function into the current tab when you click the icon.
  • storage — used only to remember whether this is your first install. No browsing data or scan results are stored.
  • host permissions — limited to exactly four external URLs that SiteScout depends on for its public lookups: cloudflare-dns.com (DNS-over-HTTPS), crt.sh (Certificate Transparency search), rdap.org and www.rdap.net (RDAP WHOIS). The Extension never makes requests to any other host.

Your control

You can stop the Extension from making any further lookups by closing the popup or uninstalling the Extension. Uninstalling removes all locally stored settings.

Limited Use disclosure

The Extension's use of data obtained through Chrome APIs complies with the Chrome Web Store User Data Policy, including the Limited Use requirements. Data is used only to provide the user-facing diagnostic features described above and on the Chrome Web Store listing.

Changes to this policy

If this policy is updated, the new version will be published at this URL and the "Last updated" date will be revised.

Contact

For privacy questions about this Extension, contact Shahid Mallashahidmalla.com, [email protected].