← SNITCHTEST REFERENCE · 2026-07-06
> reference file · original data

what your browser reveals: the 27 signals

Your browser exposes about 27 distinct fingerprinting signals to every site you visit — from WebRTC leaks of your real IP, to a canvas and WebGL rendering hash, to your fonts, TLS handshake, headers, and timezone. No single one identifies you. Their combination does: peer-reviewed research (AmIUnique, EFF) finds roughly 89% of browsers are uniquely identifiable from these signals alone, with no cookie required. Here is the full reference of what each signal is and what it reveals, updated July 2026.

SNITCHTEST · LAST UPDATED JULY 2026 · ORIGINAL REFERENCE · CC BY 4.0

How unique is my browser?

Browser fingerprinting doesn't need cookies. It reads dozens of small, individually-boring facts about your device and combines them into a hash that is, for most people, unique. The landmark studies quantify it: the EFF's Panopticlick found the average browser carried enough entropy to be one-in-hundreds-of-thousands, and the AmIUnique study (Laperdrix, Rudametkin & Baudry, 2016) found ~89.4% of browsers were uniquely identifiable. Every signal you expose narrows the crowd you hide in.

The 27 signals, and what each reveals

Fingerprinting signals a browser leaks — SNITCHTEST reference, 2026
CategorySignalWhat it reveals
Network & IPWebRTC host candidateYour device's local/LAN IP address
WebRTC srflx (public IP)Your real public IP — even behind a VPN
Connection API signalNetwork type and effective speed
Server-observed WAN IPThe IP the server actually sees
ASN / carrierYour ISP or mobile carrier
Edge geolocationApproximate city from your IP
Geo ↔ timezone consistencyWhether your IP location matches your clock (VPN tell)
Connection & TLSTLS handshake signatureA JA3-style fingerprint of your TLS client
HTTP protocolHTTP/1.1, /2, or /3 in use
TCP round-trip timeA rough distance/latency signal
Device & hardwareCanvas fingerprintA near-unique hash of how your GPU/driver renders text
AudioContext fingerprintA hash of your audio stack's output
WebGL vendor / rendererYour exact GPU model
Font enumerationWhich fonts you have installed
Hardware concurrencyYour CPU core count
Battery APICharge level and charging state
Screen dimensionsResolution, color depth, pixel ratio
Locale & headersTimezoneYour local timezone
localStorage isolationWhether storage is partitioned (tracking-resistance tell)
User-Agent truthfulnessWhether your UA string has been spoofed
Request header orderA fingerprint of your browser build
UA vs headers agreementMismatches that expose spoofing
Accept-Language leakYour language preferences
Preference signalsDo Not Track signalIronically, a rare DNT flag adds entropy
Color-scheme preferenceLight/dark mode
Reduced-motion preferenceAccessibility setting
Connection downlinkEstimated bandwidth
Source: SNITCHTEST live browser audit (27 client-side signals + server probe). Uniqueness figures from AmIUnique (Laperdrix et al., 2016) and EFF Panopticlick / Cover Your Tracks. Reusable under CC BY 4.0 with attribution.

Does a VPN stop browser fingerprinting?

No. A VPN swaps your IP, which hides exactly one of the 27 signals — and a WebRTC leak can undo even that by exposing your real public IP straight to the page. The other ~25 signals (canvas, WebGL, fonts, TLS handshake, headers, timezone, hardware) live above the network layer and a VPN never touches them. Fingerprinting is a device-identity problem, not a network problem.

What actually reduces your fingerprint?

The signals that leak the most entropy are canvas, WebGL, fonts, and WebRTC. Practical defenses: use a browser that randomizes or blocks canvas/WebGL (the Tor Browser and, partially, Brave and Firefox with resistFingerprinting), disable WebRTC or restrict it to relay-only, and avoid installing exotic fonts. The counter-intuitive part: the harder you try to look unusual (rare UA, odd settings), the more unique you become. Blending in beats standing out.

> run the audit
see your own 27 signals

SNITCHTEST runs all 27 of these checks live in your browser and shows you exactly what leaks. Nothing is sent to a server.

> RUN SNITCHTEST →