VAST ToolsHeader BiddingAds.txtPrivacy / TCFGuidesReferenceClassic Tools
Runs locally in your browser; pasted data and files are not uploaded.
Tool

CMP Inspector

Inspect page source or a public URL for CMP API markers, common CMP vendors, consent-cookie names, and script hosts before deeper privacy debugging starts.

Detect CMP markers on a page before you start debugging consent behavior in the browser.

Quick guideFAQ

What you can do here

  • Check a page after a CMP migration.
  • Verify whether TCF or GPP markers appear in a template.
  • Audit CMP script hosts before a privacy review.

Before you start

  • Provide a public URL or paste HTML source.
Data handling: This tool makes server-side fetches to the URLs you provide so results can be rendered. We do not store the fetched content beyond the request.
More Info

About CMP Inspector

The CMP Inspector scans page source or a fetched page for TCF, GPP, and US Privacy API markers, known CMP vendor strings, consent-cookie names, and likely CMP script hosts.

Use it as a first-pass privacy workflow when the real question is whether a page appears to load CMP infrastructure at all.

Best uses for CMP Inspector

  • Check a page after a CMP migration.
  • Verify whether TCF or GPP markers appear in a template.
  • Audit CMP script hosts before a privacy review.

How to use CMP Inspector

  1. Enter a public page URL or paste page source.
  2. Inspect detected API markers, vendor markers, and script hosts.
  3. Use the output to decide whether runtime CMP debugging is warranted.

What to paste in

  • Provide a public URL or paste HTML source.

What you should see

  • Detected APIs, vendor markers, consent-cookie names, and script hosts.

Example checks

These are simple checks you can run when you want a real sample and a clear result to compare against.

Provide a public URL or paste HTML source.

Why run it: Check a page after a CMP migration.

What to look for: Detected APIs, vendor markers, consent-cookie names, and script hosts.

Source-Level CMP Detection Before Runtime Consent Debugging

Why source inspection matters

Not every CMP problem begins with consent-state logic. Sometimes the page simply is not loading the expected CMP APIs, vendor scripts, or cookie markers consistently. When teams skip that source-level question, they can spend too much time debugging behavior that never had the right foundation.

A CMP inspector is useful because it answers the presence question first. Does the page appear to load CMP markers at all? Which vendor strings and script hosts are visible? Are obvious consent-cookie names referenced in the source?

That is a practical first-pass workflow after migrations, tag-manager changes, and template rollouts where infrastructure drift is a real risk.

How it fits into a layered privacy workflow

Source inspection belongs before cookie and string decoding when the implementation itself is in doubt. Once the team sees that CMP markers and scripts appear present, it is easier to justify deeper consent-state testing. If those markers are missing, the investigation becomes narrower immediately.

This makes privacy debugging less speculative. Instead of debating a broad CMP issue, the team can say whether the page source even suggests CMP presence and which vendor or API markers are visible.

That is especially useful in template-specific issues where one page variant fails and another does not.

Why this is good cluster architecture

CMP Inspector gives the privacy section a clear implementation-focused tool, not just decoders. That makes the cluster feel more complete and more credible for real debugging work.

It also targets a valuable long-tail intent. People searching for CMP detection, TCF API presence, or consent-script debugging are usually in the middle of a real rollout or incident.

That is exactly the kind of narrow operational problem the site should compete on.

Troubleshooting

What to look for

  • Detected APIs, vendor markers, consent-cookie names, and script hosts.

Common issues

  • Source inspection does not prove runtime consent behavior is correct.
  • Some CMP logic may load dynamically and not appear in the fetched markup.

Best practices

  • Include the full URL (with https://) for best results.
  • If a fetch fails, confirm the endpoint is publicly reachable.
  • Some hosts block automated requests; try a different URL if needed.

Related tools

More tools in the privacy / tcf category.

  • TCF String Decoder - Decode IAB TCF v2 consent strings into human-readable metadata, purposes, and vendor consent arrays. Paste a TC string from a CMP or euconsent-v2 cookie, and instantly see what it contains for QA, troubleshooting, and compliance checks. Everything runs client-side for privacy.
  • Cookie Inspector - Parse and analyze Set-Cookie headers or page cookie dumps to surface security, scope, and privacy issues with remediation guidance. Useful for privacy, security, and ad ops teams to quickly understand cookie risks and fixes.
  • Cookie Sync Visualizer - Fetch a page and list likely cookie-sync or ID-match partners based on sync-like endpoints found in HTML resources. This is a useful first pass for privacy, identity, and header bidding investigations when you need to see which third-party domains look involved in sync behavior.
  • US Privacy String Decoder - Decode IAB US Privacy strings into readable notice, opt-out, and LSPA flags for CCPA and US state privacy debugging.

Related reading

More specific pages for the exact jobs this tool supports.

Browse the library

Check CMP Markers Before a Privacy Rollout Review

A source-level CMP workflow for rollout reviews and post-migration audits.

Check CMP Markers After a Tag Manager Change

A tag-manager workflow for source-level CMP validation.

Inspect CMP API Markers Before a Banner Rollout

A rollout-readiness workflow for CMP API presence.

Review CMP Script Hosts After a Migration

A migration workflow for CMP script-host visibility.

Check CMP Markers on a Template With Broken Consent

A template-specific workflow for CMP presence debugging.

Audit CMP Source Before a Privacy Escalation

An escalation-readiness workflow for source-level CMP evidence.

Decode US Privacy Strings During CCPA QA

A concise privacy workflow for reading CCPA-style consent flags quickly.

Inspect Consent Cookies Before Partner Debugging

A privacy-signal workflow for auditing cookie presence before deeper QA begins.

Frequently asked questions

Is it free to use?

Yes. Core tools are free and accessible without signup.

Does it upload my data?

This tool makes server-side fetches to the URLs you provide so results can be rendered. We do not store the fetched content beyond the request.

What if I spot a bug?

Please reach out via the Contact page with a reproduction example.

Does it run the CMP?

No. It inspects source and fetched markup for markers that suggest CMP presence.

Can it fetch a public page URL?

Yes. You can provide a URL or paste source directly.

Why is source-level detection useful?

It lets teams separate CMP presence questions from deeper runtime or consent-state questions early in the investigation.

Helpful links

Tool guide/privacy consent debugging guidePrivacy / TCFAll guidesReference libraryUse casesFAQGlossaryUpdatesAboutPrivacyTermsContact

Standards & references

Official specs that inform how this tool interprets data.

IAB TCF v2.2 SpecificationIAB Global Privacy Platform