The idea

“Paste a URL → headless browser loads it cold (no consent click) → intercepts every network request and cookie write that fires before any user interaction → flags what's leaking personal data without lawful basis. Output: a forensic report showing exactly which trackers fired, when, under which GDPR article they're illegal, and what the fine ceiling is. Plus step-by-step GTM fix instructions. Monetization: Free scan (verdict + first finding) → $9 one-time PDF report (full trace + all fixes). Who buys it: Web agencies auditing client sites. They paste a client URL, get a report they can send directly to the client as a deliverable, and charge for the fix work.”