A comprehensive audit tool of everything your browser leaks to every website you visit. Browser shares this data with web sites without any notification to you.
Readable by every website. Combined, these values form a stable browser fingerprint that tracks you across sites and incognito sessions β no permission needed.
Browser APIs expose hardware characteristics that narrow down your device model β CPU core count, memory class, and touch capability.
Resolution, pixel density, colour depth, and system UI preferences fingerprint your specific monitor and OS configuration.
Your public IP reveals city-level location and ISP. Connection type and speed are also exposed without any prompt.
Your IANA timezone narrows location to a city or region instantly β zero GPS, zero permission.
Capabilities, referrer, and history give detailed OS and software version data as well as your browsing trail within a session.
A hidden canvas renders text and shapes off-screen. GPU and driver differences produce a unique pixel hash β stable across sessions with no permission.
Hash: Computingβ¦
AudioContext processes a sine wave via your CPU and OS audio stack. The floating-point output hash is unique per machine β and completely silent.
WebGL exposes your exact GPU model, vendor, driver version, and rendering capabilities β one of the most unique fingerprinting signals available.
Clock precision, performance timer resolution, and WASM execution timing reveal your CPU architecture and OS. Reduced timer precision itself signals privacy mode.
On mobile devices, accelerometer, gyroscope, and magnetometer data is readable without permission in many browsers. Unique noise patterns fingerprint the physical hardware.
The exact set of supported audio/video codecs, image formats, and DRM systems narrows down your browser version, OS, and hardware decoder capabilities.
Registered URI scheme handlers reveal which apps are installed on your device β Spotify, Slack, VS Code, Zoom, and others are detectable without permission.
By timing WebSocket connections to localhost, sites detect which software is running on your machine β dev servers, databases, proxies, and apps all listen on known ports.
Supported CSS features precisely pin your browser version. Scrollbar width, system font metrics, and sub-pixel rendering differ by OS and reveal platform details.
Sites fingerprint whether your browser is controlled by Selenium, Puppeteer, or other automation tools by checking for missing properties, inconsistent values, and driver flags.
Text rendering width differences reveal installed fonts without any permission. Highlighted = detected on your device.
Camera, mic, and speaker counts are readable without permission. Model names are exposed after any permission grant on the device.
Available storage mechanisms and browser capabilities used for persistent tracking or as fingerprinting signals.
Sites silently query permission states β revealing prior camera, mic, or location grants β without triggering any new prompt.
Battery level and timing were precise enough to track users across incognito sessions. Most browsers have now removed or restricted this API.
WebRTC ICE candidates reveal your real local and public IPs β even behind a VPN β with no user prompt.
All data collected entirely in your browser. Nothing is sent to any server.