Back to Browser Scanner

Security Guide

Vulnerability Information

Understand the privacy and security risks detected by our scanner and learn how to protect yourself.

Web Tracking Functionality Device Information

Cookies Tracking Medium Risk

What are Cookies?

Cookies are small text files stored in your browser by the websites you visit. They are used to remember your preferences, keep you logged in and track your online activity.

Privacy Risks

  • Behavioral tracking across multiple websites
  • Profiling for targeted advertising
  • Possible sale of data to third parties
  • Creation of detailed browsing-habit profiles
šŸ’” How to Protect Yourself: Configure your browser to block third-party cookies, use incognito mode, clear cookies regularly and use privacy extensions like uBlock Origin.

Hardware Information Medium Risk

Hardware Information Revealed

The browser may reveal specific details about your device's hardware that contribute to fingerprinting.

Data Collected

  • GPU model and manufacturer
  • CPU core count
  • RAM amount
  • Storage capacity
  • Available sensors
šŸ’” How to Protect Yourself: Use browsers with hardware-spoofing protection, limit JavaScript access to hardware APIs.

Do Not Track Low Risk

What is Do Not Track?

Do Not Track (DNT) is a browser setting that sends a request to websites asking them not to track your activity. However, it's just a request and many sites ignore it.

Limitations

  • It's not legally binding
  • Many websites ignore the request
  • It does not prevent every kind of tracking
šŸ’” How to Protect Yourself: Enable DNT in your browser settings, but don't rely on it alone. Combine with other protection measures.

Browser Fingerprinting High Risk

What is Browser Fingerprinting?

Browser fingerprinting is a technique that gathers unique information about your browser and device to create a digital fingerprint that can identify you even without cookies.

Information Collected

  • Screen resolution and color depth
  • Fonts installed on the system
  • Browser plugins and extensions
  • Time zone and language
  • Hardware features (GPU, CPU)
šŸ’” How to Protect Yourself: Use privacy-focused browsers like Tor Browser, disable JavaScript when possible, use anti-fingerprinting extensions.

WebRTC Support Medium Risk

What is WebRTC?

WebRTC (Real-Time Communication) is a technology that enables audio/video communication directly in the browser. It can reveal your real IP address even if you use a VPN.

Risks

  • VPN bypass by revealing the real IP
  • Possible fingerprinting via multimedia capabilities
  • Local network information collection
šŸ’” How to Protect Yourself: Disable WebRTC in your browser settings or use specific extensions. Check that your VPN blocks WebRTC leaks.

HTTPS Only Low Risk

What is HTTPS Only?

HTTPS Only is a mode that forces the browser to always use encrypted (HTTPS) connections instead of insecure HTTP.

Benefits

  • Protection against eavesdropping (man-in-the-middle)
  • Encryption of data in transit
  • Verification of the website identity
šŸ’” How to Protect Yourself: Always enable HTTPS Only in your browser. Avoid sites that do not support HTTPS for sensitive information.

Blocked Resources Low Risk

What are Blocked Resources?

Blocked resources are scripts, images, CSS or other content that the browser prevents from loading for security or privacy reasons.

Causes of Blocking

  • Active ad blockers
  • Browser security settings
  • Anti-tracking protection
  • Firewall or network filters
šŸ’” Benefit: Resource blocking improves privacy and security, reducing tracking and potential malware.

AdBlocker Low Risk

What is an AdBlocker?

AdBlockers are tools that block ads, trackers and malicious scripts on websites, improving privacy and security.

Benefits

  • Block advertising trackers
  • Protection from malvertising malware
  • Faster, cleaner browsing
  • Saved bandwidth and battery
šŸ’” Recommendation: Use trustworthy ad blockers like uBlock Origin. Consider supporting privacy-respecting sites by selectively disabling the ad blocker.

JavaScript Medium Risk

What is JavaScript?

JavaScript is a programming language that makes websites interactive. However, it can be used for tracking and fingerprinting.

Risks

  • Execution of tracking code
  • Advanced browser fingerprinting
  • Collection of detailed device information
  • Possible security vulnerabilities
šŸ’” How to Protect Yourself: Use extensions like NoScript to control JavaScript execution. Disable JS on untrusted sites.

WebGL High Risk

What is WebGL?

WebGL is an API for 3D graphics rendering in the browser. It can be used for very precise fingerprinting through GPU information.

Privacy Risks

  • GPU-based fingerprinting
  • Detailed graphics driver information
  • Unique rendering capabilities per device
šŸ’” How to Protect Yourself: Disable WebGL if not needed; use browsers with built-in anti-fingerprinting protections.

Developer Mode Medium Risk

What is Developer Mode?

Developer mode is a set of advanced tools in the browser that allow inspecting, modifying and debugging web pages.

Detection Risks

  • Sites can detect whether developer tools are open
  • Possible fingerprinting based on this
  • Some sites block features if dev tools are detected
  • Tracking of "technical" user behavior
šŸ’” How to Protect Yourself: Close developer tools when not needed. Use separate browsers for normal browsing and development.

WebAssembly Medium Risk

What is WebAssembly?

WebAssembly (WASM) is a technology that allows running high-performance code in the browser, written in languages like C++ or Rust.

Potential Risks

  • Possible execution of malicious code that is harder to detect
  • Fingerprinting through execution performance
  • Greater difficulty analyzing the code
  • Possible security vulnerabilities
šŸ’” How to Protect Yourself: Consider disabling WebAssembly if not needed. Use browsers with robust sandboxes.

Web Workers Low Risk

What are Web Workers?

Web Workers allow JavaScript to run in the background, separately from the main thread of the web page.

Privacy Considerations

  • Can be used for performance fingerprinting
  • Less visible background code execution
  • Potential for hidden mining activity
šŸ’” Note: Web Workers are generally safe but can be used for non-transparent activity.

Media Queries Low Risk

What are Media Queries?

Media Queries are a CSS technology that allows the design of the web page to adapt to different screen sizes and characteristics.

Use for Fingerprinting

  • Detection of specific device features
  • Information about resolution and orientation
  • Device type (desktop, tablet, mobile)
šŸ’” Note: Media Queries are essential for responsive web design and rarely represent a significant risk.

Web Notifications Medium Risk

What are Web Notifications?

Web notifications let sites send messages even when the page is not open in the browser.

Privacy Risks

  • Tracking of user engagement
  • Possible notification spam
  • Collection of usage-pattern data
  • Unique device identification
šŸ’” How to Protect Yourself: Block notification requests by default. Allow only for trusted, necessary sites.

Permissions API Medium Risk

What is the Permissions API?

The Permissions API allows websites to check the status of permissions for various features such as geolocation, notifications, camera, etc.

Privacy Implications

  • Collection of information about granted permissions
  • Fingerprinting based on available permissions
  • User behavior profiling
šŸ’” How to Protect Yourself: Regularly revoke unnecessary permissions in your browser settings.

Payment Request API Low Risk

What is the Payment Request API?

The Payment Request API simplifies the online payment process by providing a standardized interface for payment methods.

Considerations

  • Improved payment security
  • Reduced manual entry of sensitive data
  • Possible collection of available payment methods
šŸ’” Benefit: Generally improves online payment security by reducing exposure of sensitive data.

HTML5/CSS3 Support Low Risk

What are HTML5 and CSS3?

HTML5 and CSS3 are the modern versions of the web standards, introducing new features and advanced APIs.

Possible Tracking Uses

  • Canvas fingerprinting via HTML5 Canvas
  • Audio fingerprinting via Web Audio API
  • Font detection via CSS
  • Feature detection for fingerprinting
šŸ’” Balance: HTML5/CSS3 improve the web experience but can be used for fingerprinting. Support is needed for modern browsing.

Sensors Support High Risk

What are Web Sensors?

Web sensors allow access to the accelerometer, gyroscope, magnetometer and other device sensors via JavaScript.

Privacy Risks

  • Movement-pattern fingerprinting
  • Possible keylogging via accelerometer
  • Tracking of physical movements
  • Identification of unique behavioral patterns
šŸ’” How to Protect Yourself: Block sensor access for untrusted sites. Check permissions in your browser settings.

Pop-ups Medium Risk

What are Pop-ups?

Pop-ups are windows that open automatically, often used for advertising, notifications or additional content.

Risks

  • Vehicle for malware and phishing
  • User-experience interruption
  • Possible social engineering
  • Unauthorized data collection
šŸ’” How to Protect Yourself: Keep your browser pop-up blocker on. Allow pop-ups only for trusted sites when necessary.

Geolocation High Risk

What is Geolocation?

The Geolocation API lets websites request your precise geographic location using GPS, WiFi or cellular data.

Privacy Risks

  • Tracking of your physical location
  • Profiling based on places visited
  • Possible stalking or physical targeting
  • Correlation with other personal data
šŸ’” How to Protect Yourself: Always block geolocation requests unless strictly necessary. Regularly review browser permissions.

Public IPv4 High Risk

What is the Public IP Address?

Your public IP address is the unique identifier assigned to your internet connection by your provider. It reveals your approximate geographic location.

Information Revealed

  • Approximate geographic location (city/region)
  • Internet Service Provider (ISP)
  • Connection type (residential, business, mobile)
  • Possible correlation with other online data
šŸ’” How to Protect Yourself: Use a trustworthy VPN to mask your real IP. Consider using Tor for maximum anonymity.

Public IPv6 High Risk

What is IPv6?

IPv6 is the new version of the Internet protocol that can contain even more specific information about your device and network.

Additional Risks

  • Unique device identifiers
  • More precise tracking than IPv4
  • Possible leaks even with VPNs configured only for IPv4
šŸ’” How to Protect Yourself: Make sure your VPN supports IPv6 or disable IPv6 if not needed.

Screen Resolution Medium Risk

Why Resolution Matters

Screen resolution, combined with other information, contributes to device fingerprinting, making it easier to identify you.

Information Used for Tracking

  • Exact screen resolution
  • Color depth
  • Device orientation
  • Number of monitors
šŸ’” How to Protect Yourself: Use browsers that mask or randomize screen information, or use common resolutions.

Incognito Mode Low Risk

What is Incognito Mode?

Incognito mode prevents the browser from saving history, cookies and session data locally, but it does not make you anonymous online.

Limitations

  • Does not hide your IP address
  • Websites can still track you
  • ISPs and network admins still see your traffic
  • Browser fingerprinting is still possible
šŸ’” Proper Use: Use incognito for private local browsing, but combine with VPN and other protections for real online privacy.

Browser Type Medium Risk

Why Browser Type Matters

Browser type (Chrome, Firefox, Safari, Edge) is one of the most basic pieces of information collected for fingerprinting and can reveal user preferences and traits.

Information Revealed

  • User technology preferences
  • Possible operating system
  • Level of privacy awareness
  • Compatibility with specific web technologies
šŸ’” Limitations: It's hard to fully hide your browser type. Consider using privacy-focused browsers like Tor Browser.

Browser Version Medium Risk

Browser Version Risks

The specific browser version provides detailed information about supported features and can indicate how up to date the user is on security.

Implications

  • Identification of known vulnerabilities
  • Precise software fingerprinting
  • Targeting of specific exploits
  • Inferences about update behavior
šŸ’” How to Protect Yourself: Always keep your browser up to date. Consider User-Agent spoofing, but mind the compatibility.

Browser Language Medium Risk

Language Information

Browser language can reveal geographic and cultural information about the user, contributing to demographic profiling.

Data Collected

  • Primary and secondary languages
  • Approximate geographic location
  • Cultural background
  • Possible content preferences
šŸ’” How to Protect Yourself: Consider setting English as primary language for greater anonymity, but this may affect usability.

Operating System Medium Risk

Operating System Detection

The operating system provides crucial information about device type, software version and possible vulnerabilities.

Information Exposed

  • Device type (Windows, macOS, Linux, mobile)
  • Specific system version
  • Architecture (32-bit, 64-bit, ARM)
  • Possible system vulnerabilities
šŸ’” How to Protect Yourself: Use browsers that mask or generalize operating system information.

Touch Support Low Risk

Touch Support Detection

Touch support indicates whether the device has a touch screen, providing information about the type of device used.

Inferred Information

  • Device type (smartphone, tablet, touch laptop)
  • Preferred interaction mode
  • Possible screen size
  • Usage context (mobile vs desktop)
šŸ’” Note: Touch support is hard to hide and is generally considered low-risk for privacy.

MIME Types Low Risk

What are MIME Types?

MIME types indicate which file formats and applications the browser can handle, revealing installed software and system capabilities.

Information Revealed

  • Installed plugins and extensions
  • Specific software present on the system
  • Browser multimedia capabilities
  • Possible third-party applications
šŸ’” How to Protect Yourself: Limit installed plugins and use browsers with standardized MIME support.

Referrer Policy Low Risk

What is the Referrer Policy?

The Referrer Policy controls what information is sent in the Referer header when navigating between sites.

Privacy Options

  • "no-referrer" - Maximum privacy, no information sent
  • "origin" - Only the origin domain
  • "strict-origin-when-cross-origin" - Privacy/functionality balance
  • "unsafe-url" - All information (least private)
šŸ’” Recommendation: A restrictive policy improves privacy. "strict-origin-when-cross-origin" is a good compromise.

Battery Status High Risk

Battery Status API

The Battery Status API can provide detailed information about the device battery, usable for very precise fingerprinting.

Privacy Risks

  • Fingerprinting based on charge level
  • Charging time as a unique identifier
  • Temporal correlation between sessions
  • Identification of the specific device type
šŸ’” How to Protect Yourself: Block access to the Battery Status API. Many modern browsers have already limited or removed it for privacy reasons.

Security Protocols Low Risk

Supported Security Protocols

Supported security protocols (TLS versions, cipher suites) indicate the security level of web connections.

Information Collected

  • Supported TLS/SSL versions
  • Available cipher suites
  • Supported certificates
  • Browser security configurations
šŸ’” Benefit: Up-to-date security protocols are essential for security. Fingerprinting based on them is generally less concerning.