CRX id
bbomdhkcahanpbcckopgijcpgacodanb
bbomdhkcahanpbcckopgijcpgacodanb
Description from extension meta
Subresource integrity watcher. Warns against site content that has changed since last visit.
Image from store
Description from store
SubWatch is a lightweight integrity sentinel for the modern web. The sites you visit today aren’t simple HTML files; they’re sprawling collections of JavaScript, CSS, images, fonts, iframes, and API calls pulled from dozens of servers. Every one of those sub-resources can change silently, for better or for worse. SubWatch watches them all.
Why you need SubWatch
Dynamic stacks, shifting code
Modern build pipelines redeploy multiple times a day. A benign update might break critical workflows, or an attacker might slip in malicious script (think Magecart / web-skimming).
Sensitive data deserves stability
Banking portals, health dashboards, and internal admin tools shouldn’t mutate unexpectedly. If they do, you want to know immediately.
You set the tolerance
Some pages (news, social feeds) change constantly; others (checkout pages) should stay put. SubWatch lets you decide when a change is acceptable and when it’s a red flag.
How it works
First visit ➜ baseline
The moment you open a domain, SubWatch fingerprints every resource with a SHA-256 hash and stores that baseline locally.
Every subsequent visit ➜ compare
As each sub-resource finishes loading, SubWatch re-hashes it in real time. If the hash differs from the baseline, it’s flagged as changed.
Instant visual warning
The extension badge lights up with the exact number of changed resources, no need to click first.
Deep-dive popup
Click the badge to see a color-coded table (green ✓ unchanged, red ✗ changed) plus a quick pie chart overview. Long URLs are neatly ellipsed but still clickable (with safe noopener noreferrer).
You decide
If you’re happy with an update, simply keep browsing. SubWatch will adopt that version as the new baseline next time. Prefer a stricter stance? Treat any red count as a cue to log out or halt transactions.
Key features
- Real-time badge alerts as soon as any resource deviates
- Covers all resource types: scripts, styles, images, iframes, even background-image URLs
- Works across HTTP & HTTPS (ideal for staging / local dev as well)
- Compact visual summary (pie chart) plus full hash details on demand
- Zero external calls: all hashing happens client-side; your browsing stays private
- Minimal permissions: only storage, tabs, webRequest, and webNavigation
- No performance drag: hashing runs after each resource loads, without blocking page render
Perfect for
- Security-minded users who handle banking, crypto, or PII online
- DevOps and QA teams validating that prod assets match the last approved build
- Researchers tracking unauthorized third-party injections over time
- Anyone curious about how often their favorite sites silently swap code
Quick start
1. Install SubWatch and pin it to your toolbar.
2. Browse as usual. If the badge shows 0, every resource matches the last baseline.
3. See a red number? Click to inspect changed URLs, decide if you trust them, or step away.
Stay one step ahead of silent site changes and skimming attacks, install SubWatch and surf with eyes wide open.
Statistics
Installs
2
history
Category
Rating
0.0 (0 votes)
Last update / version
2025-07-15 / 1.0
Listing languages
en