Analyzer
Privacy Analyzer
See what data is exposed from your browser.What information can a website find out about you when you visit it? A lot more than you probably realize. This tool lists information that any website, advertisement, and widget can collect from your web browser. Such information could be used to identify you and/or track your behavior using tactics like IP lookups and browser fingerprinting. While none of this may be considered personally identifiable information (PII), the profile drawn from all these pieces of information can be so distinct that it can only plausibly match a single person.
This page includes several tests that you can scroll through and perform one at a time to evaluate your browser privacy. Let’s start with the basics:
Scanning Your Browser for Leaks...
Basic Info:
Next: Autofill Leak Test
Autofill Test
Please Select Your State/Region from Dropdown Below:
Websites can use autofill to trick you into giving up information. By simply selecting your region or state from the dropdown menu, the website can take advantage of your browser’s autofill capabilities to gather far more personal data. Don’t worry; none of your data will leave or be collected from your device in this demonstration.
Just by entering your state or province, we know:
- is your email address.
- is you street address.
- is your phone number.
- is your postal code.
- is your city.
Either you didn't select your state yet from the box above or Your browser appears to have autofill disabled, so you are not at risk of this vulnerability.
If no dropdown appears when you clicked above, it means your browser appears to have autofill disabled, so you are not at risk of this vulnerability.
Your browser or password manager’s autofill might be inadvertently giving away your information to unscrupulous phishers using hidden text boxes on sites. Read more on this vulnerability
Next: User Account Tests
Next: User Accounts Test
This test checks your browser for artifacts that show what accounts you’re logged into. We test for several of the most popular sites and apps on the web. Hackers can use this information to see account usernames, email addresses, search terms, titles of viewed emails and documents, and downloaded files. The exact information varies depending on the website or service. Knowing where you’re logged in makes you an easier target for phishing and hacking attempts. For example, if you use the same password for all your accounts (you shouldn’t), then a hacker who steals it could easily hijack all your accounts in a very short span of time.
Next: Browser Capability Test
A green check indicates these capabilities are enabled on your browser:
Javascript, iframes, ActiveX, and Flash all allow code to be executed in your browser, which can be a security vulnerability. You can certainly do without ActiveX and Flash, which infamously contain numerous bugs and vulnerabilities. Javascript and iframes can also be disabled, but you may find browsing the web without them a hindrance as many popular sites use them these days.
Do Not Track is a setting in most web browsers that opt you out of tracking programs. While it’s good practice to turn this on, not all websites and advertisers abide by it.
When you opened this page, we attempted to generate a popup to test whether your browser blocked it. Popups are not only annoying; they are often malicious.
This data is sent to a server whenever the browser requests a web page. Some of these are important in regards to privacy and others are not. We’ll cover a few of of the former here:
- X-Requested-With is a parameter used to prevent Cross-site request forgery (CSRF) attacks in websites that utilize AJAX. Read more here.
- User-Agent details what browser you use
- DNT stands for “Do Not Track”, explained above.
- Referrer is the URL of the page that led you here, usually via a link. This can be used to see the last site you visited.
- X-Real-IP is your IP address, which identifies your device and location. You can hide this information with a proxy or VPN.
Next: Fingerprint analysis
This test gathers all of the little bits of information stored in your browser that, on their own, don’t mean much. When combined, however, they can form a “fingerprint” so distinct that it could only plausibly match one person or a very small group of people. This tactic, called “canvas fingerprinting,” makes it possible for websites to identify track you without the use of cookies or IP addresses.
We use the following information from your browser to generate this fingerprint:
- of observed browsers are , as yours.
- of observed browsers are , as yours.
- 13.24 of observed browsers run , as yours.
- 2.08 of observed browsers run , as yours.
- 62.95 % of observed browsers have set ""as their primary language, as yours.
- 1.14 % of observed browsers have UTC as their timezone, as yours.