Pop the Hood - See robots.txt, security.txt, humans.txt & More

Reads robots.txt, security.txt, humans.txt, ads.txt, sitemap.xml and more - the layer of the web most people never see.

Every website you visit publishes a set of files about itself - how it wants to be crawled, who to contact about security issues, who built it, and how its advertising works. These files sit in plain sight. Anyone can read them. Most people just never know to look. Pop the Hood shows you everything. WHAT IT DOES Visit any website and Pop the Hood silently checks for all publicly available meta files in the background. Click the icon to open the side panel and see exactly what the site has chosen to publish about itself - and what it hasn't. Files found are shown with a plain English summary of what they contain. Files not published are shown too, because absence tells its own story. WHAT IT READS robots.txt - crawler instructions, AI training blocks, crawl delays and duplicate rules security.txt - who to contact about vulnerabilities, expiry status, PGP keys humans.txt - who built the site ads.txt - authorised advertising sellers sellers.json - the full ad supply chain app-ads.txt - mobile advertising sellers sitemap.xml - the site's own map of itself and how many pages it has manifest.json - Progressive Web App metadata mta-sts.txt - email transport security policy pgp-key.txt - public encryption key dnt-policy.txt - Do Not Track commitment *NEWLY ADDED* llms.txt - AI content index (emerging standard) llms-full.txt - full AI content index gpc.json - Global Privacy Control policy WHAT MAKES IT DIFFERENT Most tools look at one file. Pop the Hood reads all of them together and presents a complete picture of what the site chooses to be transparent about. The plain English layer means you don't need to know what "Disallow: /" means to understand "Blocks all crawlers by default." Both audiences are served - the curious newcomer and the experienced developer who wants the raw file too. STANDOUT FEATURES Detects which AI crawlers are blocked or allowed, and whether they're blocked from training or just live browsing Flags security.txt files that have expired, are expiring soon, or have no expiry date set Detects easter eggs hidden in comment lines - ASCII art, hiring messages, greetings left by developers Identifies placeholder ads.txt entries (sites that publish the file but run no programmatic advertising) Flags duplicate rules in robots.txt - a sign the file hasn't been reviewed recently Detects cryptographically signed security.txt files Copy raw file or URLs to clipboard with one click Retry timed-out files without re-fetching everything PLAIN ENGLISH EXPLAINER Not sure what any of these files are? The built-in explainer covers all of them in plain language - what they are, why they exist, who reads them, and which formal internet standards they follow. PRIVACY Pop the Hood reads only publicly accessible files - the same files any browser can access by typing the URL directly. No data is stored beyond your current browser session. Nothing is sent to the developer. The extension makes one additional request to Google's favicon service to display site icons.