TrackerSSL highlights insecure websites and their ad trackers:
See: https://chrome.google.com/webstore/detail/tracker-ssl/hgoabgkpjcbliklekfgepfdlmcnkjnao
Read: https://citizenlab.org/2015/01/trackerssl/
polonus
An example you would not suspect that would be there for a website security scan site:
When I check Quttera dot com with Tracker SSL extension I get a 66% insecure status:
Unique IDs about your web browsing habits have been insecurely sent to third parties.
dqaaapgaaaaqzpufrq512382ant9ovai-7bjjvvji6yi - can be (ab)used as Surveillance Beacon for NSA
Quttera should fix this insecurity.
polonus
This extension is mainly meant to inspire websites to change from http to https.
What about this site: https://www.hotjar.com/
Tracker SSL gives it the all green
At least 1 third parties know you are on this webpage.
fonts.googleapis.com
Not quite so, there are more sites that are informed with all you do at https://www.hotjar.com/
as SpyWatch lists these as:
The following sites know that you visited this page. Click on a site to find out what more it knows about you. cloudflare.com optimizely.comTrackers detected on this page Details: Facebook Tracker (As provided by Bitdefender TrafficLight) Ghostly finds most: 5 trackers detected: www.hotjar.com AdRoll Advertisements, Behavior Tracking Facebook Connect Widgets, Social Google Analytics Analytics, Analytics New Relic Analytics, Analytics Optimizely
The SSL site’s security header situation: https://www.uploady.com/#!/download/wcWdMfSgY8I/h6iLSJJfDcmW_lPS
Warnings: http://www.dnsinspect.com/hotjar.com/1422573367
So use the extension with also an eye for the restrictions thereof
and realizing no single extension may cover all trackers on a particular https and or http-website.
polonus
RequestPolicy add-on would probably put a crimp in most of them, since they would be trying to access the 3rd party site.