site condition report

This page, audited live in your browser.

Most sites tell you they respect your privacy. This one proves it about itself, right now: every number below is measured live in your browser — requests, origins and bytes from the Resource Timing API, cookies from document.cookie, motion preference from matchMedia. Nothing is hardcoded and nothing is uploaded. (The server's Content-Security-Policy is a response header the page can't read, so it's shown separately for reference — with a command to verify it.)

Don't trust the readout — check it: open DevTools → Network and reload. You'll see the same.

JavaScript is off, so the live audit can't run here. That's fine — this report is just a convenience. Verify the page yourself the authoritative way: open your browser's DevTools → Network tab and reload. Count the requests, check every origin, and read the Content-Security-Policy response header. There's nothing to hide.

Why this exists

CoreGuard's whole pitch is that it's honest and local-only — the app makes zero network connections, and the site carries zero third-party scripts, fonts, or trackers. Anyone can say that. So instead, this page audits itself and shows you the receipts: the real requests, the real origins, the real byte count. If a tracker ever crept in, this report would show it.

What the numbers mean

  • Third-party requests — anything loaded from an origin other than coreguard.app. We aim for zero. A CDN font, an analytics beacon, or an ad pixel would each show up here.
  • KB over the wire — bytes actually transferred on this load. A cached resource reports 0, so the number shrinks on repeat visits — that's honest, not a trick.
  • JS-visible cookies — cookies this site set that JavaScript can read. No account, no analytics, so there's nothing to set. (HttpOnly cookies, if any, aren't readable from JS — check DevTools → Application to be thorough.)
  • Web fonts — downloaded font files. We use your system's font stack, so this is zero and the page can't leak a request to a font CDN.

This is the same posture the app takes: observe and prove, don't ask for trust. Every hardware-danger warning in the app is free, too.