Nahnu Asset Scanner manually scans the pages you choose and builds a complete inventory of everything loaded on your site’s front end. Instead of guessing which scripts to defer or which cookies need a consent banner, you get a precise, plugin-attributed list to work from.
What it scans
- JavaScript — every script, inline or external, with file path, size, whether it’s first- or third-party, and which plugin or theme registered it
- CSS — every stylesheet with the same attribution detail
- Cookies — every cookie set during page load, categorized as Necessary / Preferences / Analytics / Marketing, with the plugin that sets it identified from a bundled database of 600+ known cookie patterns covering 400+ plugins
- Domains — every third-party domain contacted, identified by category using the bundled vendor map
Why it matters
Cache configuration — cache plugins need to know which cookies bypass the cache (WooCommerce cart, WPML language, login cookies) and which JS/CSS files to exclude from minification or combination. This plugin gives you those exact file paths and cookie names from a real scan of your site, not a generic list.
Cookie consent — before configuring Complianz, CookieYes, or Real Cookie Banner, run a scan to get an accurate, categorized cookie inventory. The bundled database covers WooCommerce, membership plugins, LMS platforms, builders, security plugins, analytics services, ad networks, chat widgets, and more.
Performance auditing — identify render-blocking scripts, bloated third-party embeds, and unnecessary tracking pixels. The JS and CSS tabs show inline vs. external, first-party vs. third-party, and file size at a glance.
Third-party auditing — the Domains tab reveals every external service your site contacts. Use it as the starting point for a Content Security Policy or to assess your GDPR third-party processor list.
Cookie database
The plugin ships with a bundled cookie database covering 600+ patterns from 400+ WordPress plugins and services. No external requests are made — everything is included in the plugin:
- WooCommerce ecosystem — WooCommerce, YITH plugins, CartFlows, FunnelKit, Dokan, and payment gateways (Stripe, PayPal, Klarna, Mollie, Braintree)
- Membership & LMS — MemberPress, Paid Memberships Pro, Restrict Content Pro, s2Member, WishList Member, LearnDash, LifterLMS, Tutor LMS, Sensei, Masteriyo, LearnPress
- Community — BuddyPress, BuddyBoss, bbPress, PeepSo, wpForo
- Page builders — Elementor, Divi, Beaver Builder, Brizy, Bricks, Oxygen, WPBakery
- Security — Wordfence, Solid Security (iThemes), Sucuri, Shield Security, WP Cerber, CleanTalk, MalCare
- Caching — WP Rocket, LiteSpeed Cache, W3 Total Cache, WP Fastest Cache, WP Optimize, SiteGround Optimizer, Hummingbird, Swift Performance
- Analytics — Google Analytics (UA + GA4), Hotjar, Matomo, Heap, Lucky Orange, FullStory, Mouseflow, Inspectlet, VWO, Optimizely, Microsoft Clarity
- Advertising — Meta Pixel, Google Ads, Microsoft Ads, TikTok, LinkedIn, Pinterest, Google DoubleClick, Taboola, Outbrain, Criteo, The Trade Desk, Marketo, Oracle Eloqua, Salesforce Pardot
- Live chat — Tawk.to, LiveChat, Tidio, Crisp, Zendesk, Freshchat, Intercom, Drift, Olark, HubSpot
- Consent platforms — CookieYes, Complianz, Borlabs Cookie, Real Cookie Banner, Cookiebot, OneTrust, Osano, Cookie Notice
- Email marketing — Klaviyo, Brevo, Omnisend, ActiveCampaign, ConvertKit, Drip, MailPoet, Mailster, MC4WP
- Accessibility — accessiBe, UserWay, EqualWeb, AudioEye
Key features
- Manual scan — you choose which pages to scan (up to 10 per run)
- No external requests — everything runs on your server with bundled data
- Plugin attribution — JS, CSS, and cookies are matched to the plugin that registered/sets them
- CSV export on every tab
- Fully self-contained — no account, no API key, no internet connection required
Privacy
Nahnu Asset Scanner makes no external HTTP requests of any kind. All scans run entirely on your server. All cookie identification data is bundled within the plugin. No data about your site or visitors is ever sent anywhere.