A browser fingerprint is not a single User-Agent string and not just an IP address. It is a combination of network, HTTP, and JavaScript signals: IP / GEO / ASN, DNS, WebRTC, timezone, language / locale, screen resolution, Canvas fingerprint, WebGL fingerprint, AudioContext, fonts, Client Hints, and automation indicators like navigator.webdriver. A website does not look at these data points separately: it compares them with each other and evaluates whether the profile looks coherent and plausible.
That is why checking a browser fingerprint is not “run one checker and see a green checkmark.” A proper audit is a short workflow: first the network, then the browser environment, then consistency, and only after that — fixes. BrowserLeaks is strong in deep modular diagnostics, Pixelscan is good for a quick all-in-one consistency report, AmIUnique is useful for uniqueness/history, and Cover Your Tracks shows the privacy and tracking layer and explains why one test is almost never enough.
Below is a practical checking order that is convenient to run before the first profile launch and before account warm-up. The main goal of such an audit is not “100% anonymity,” but eliminating obvious inconsistencies (mismatch / consistency issue) that are most noticeable to services and websites first. EFF separately emphasizes that perfect protection does not exist, and some “privacy improvements” can themselves make the browser stand out more.
Short answer in 5 points
- Check the network first: IP, GEO, ASN, DNS, and WebRTC. If there is a leak or mismatch here, checking Canvas/WebGL is secondary for now.
- Then check consistency: User-Agent, Client Hints, OS, timezone, language / locale, and screen. Today,
User-Agentalone is no longer enough because browsers reduce UA and provide part of the details through Client Hints. - Then look at high-entropy signals: Canvas, WebGL, fonts, and AudioContext. Look not only at “uniqueness,” but also at whether the profile looks broken or excessively spoofed.
- Check automation/headless red flags separately:
navigator.webdriver, CDP, Headless indicators, and a “deceived” Navigator are often more important than a rare Canvas hash. - After any change, run the audit again: a green result in one service does not equal an “ideal profile” in another.
What a Browser Fingerprint Is and Why One Test Is Not Enough
If you need the theoretical base, separately check the article on what digital fingerprints are. Below is specifically an operational approach: how to read signals and what to fix first.
Browser fingerprint vs cookie vs IP
A cookie is data that a site stores in the browser. It can be deleted, limited, or blocked. A fingerprint is a set of browser and device characteristics that a site collects from headers, JavaScript, and Web APIs. EFF explicitly separates cookie tracking and browser fingerprinting as two different mechanisms: cookies “fall off” when the user deletes them, while a fingerprint relies on more stable signs such as settings, language, fonts, screen, and hardware.
IP should not be mixed with fingerprint either. IP is a network address, not the full digital identity of a profile. Moreover, IP geolocation is approximate: MaxMind recommends looking at the accuracy radius instead of treating city-level GEO as an exact point on the map. Separate from this is the browser’s Geolocation API: it works through navigator.geolocation, requires user permission, and may use more precise device signals, including GPS or Wi-Fi.
Why not only uniqueness matters, but also consistency
For a practical audit, what matters is not only how unique the profile is, but also how consistent it is. Pixelscan directly describes its check as an analysis of consistency and detectability: it looks at User-Agent integrity, OS consistency, hardware parameters, timezone/language alignment, and automation indicators. A profile may not be the rarest one, yet still fail because of internal contradictions.
The situation is complicated further by User-Agent reduction. MDN writes that supporting browsers remove the exact platform/OS version, device model, and minor browser version from UA, while more detailed data are provided through Sec-CH-UA-* Client Hints. That is why today you need to check not one User-Agent, but the combination of User-Agent + Client Hints + JavaScript signals.
Which signals websites compare with each other
In practice, websites combine regular HTTP headers (User-Agent, Accept-Language), JavaScript signals (navigator.language, navigator.languages, timezone through Intl.DateTimeFormat().resolvedOptions()), screen resolution, Canvas/WebGL rendering, AudioContext, fonts, WebRTC IP, geolocation permission/data, as well as automation indicators like navigator.webdriver. AmIUnique, BrowserLeaks, Cover Your Tracks, and BrowserScan check these layers with different depth, but the set of entities they examine overlaps a lot.
Quick 5-Minute Audit: In What Order to Check the Profile
Below is the basic order that gives the most value in the least time. The point is not to spend 20 minutes on Canvas if your DNS is already leaking at step one.
Step 1. Check IP, GEO, ASN, DNS, and WebRTC
Start with the IP layer. On the BrowserLeaks IP page, you immediately see IP, country/state/city, ISP, organization, ASN/network, usage type, timezone, and below that — WebRTC, DNS, TCP/IP, TLS, and HTTP/2 blocks. This is a quick way to understand what story the network itself is telling about you, not the browser UI.
Then look at DNS and WebRTC. BrowserLeaks explains that a DNS leak happens when, because of incorrect network configuration or a problematic VPN/proxy, DNS requests go directly to the provider’s DNS servers. Its WebRTC test, in turn, shows whether STUN requests expose your local/public IP. Whoer also puts this at the center of the check: the service compares the IP country with DNS, time zone/locale, and tunneling signs. For this stage, it is convenient to use the BrowserLeaks checker, Whoer checker, and the separate explanation on WebRTC leaks.
Do not confuse IP GEO and browser geolocation. IP location comes from a GeoIP database and remains approximate, while the Geolocation API is a separate mechanism that requests permission and can use more precise device signals. So a strange city by IP is not yet a verdict, but a mismatch between country, ASN, timezone, and DNS route is already a reason for fixes.
Step 2. Check User-Agent, OS, timezone, language, screen
The next layer is the browser environment check: User-Agent, OS/platform, timezone, language / locale, and screen resolution. Here, it is important to remember UA reduction: MDN separately shows that modern UA strings may look generalized, and some details move into Sec-CH-UA-* hints. BrowserLeaks Client Hints test helps exactly with seeing what is exposed through HTTP and JavaScript APIs.
Cross-check User-Agent, navigator.platform, Client Hints, Intl.DateTimeFormat().resolvedOptions().timeZone, navigator.language / navigator.languages, and Accept-Language. MDN points out that navigator.languages and Accept-Language usually reflect the same set of locales, while resolvedOptions() returns the user’s current time zone. If UA says “Windows,” but platform and high-entropy hints point to macOS, or if language and timezone clearly do not fit the IP region, that is already a real inconsistency, not “cosmetics.”
Also pay attention to how current the browser core is. Multilogin directly notes that an outdated browser core makes the profile stand out, and a mismatch between browser version and emulated OS may trigger warnings. That is why after any engine update or manual UA edit, it is better to repeat this step.
Step 3. Check Canvas, WebGL, fonts, AudioContext
Now move on to high-entropy signals: Canvas fingerprint, WebGL fingerprint, fonts, and AudioContext. BrowserLeaks shows how Canvas is formed from rendering differences and how WebGL reveals GPU/renderer data. AmIUnique collects Canvas, WebGL, audio info, fonts, screen, and other signals specifically to evaluate browser identifiability.
But here, “rarity” is not the only important thing. EFF warns that if you change one fingerprint element in isolation, you can make the browser not less but more noticeable, because the metrics are tightly linked. Multilogin gives a similar recommendation: deeply changing fingerprint settings is worth doing only if you understand what you are doing. For context on this layer, a separate article about Canvas fingerprinting is useful.
Step 4. Look at automation/headless red flags
If the profile is used with automation or simply looks automated, run a separate bot-detection layer. MDN describes navigator.webdriver as a standard sign that the document is controlled by WebDriver; in Chrome, it becomes true if --enable-automation or --headless is used. BrowserScan additionally checks WebDriver, CDP, Headless Chrome, and deceptive Navigator, while Pixelscan puts automation indicators into a separate block.
In practice, this means one thing: fix network problems first, automation flags second, and only then worry about nice uniqueness metrics. In most real checks, a website is more likely to stumble on webdriver, a DNS leak, or a UA/OS mismatch than on the fact that your Canvas hash is simply “not like everyone else’s.” This is the practical conclusion from how services rank and highlight issues.
Step 5. Repeat the test after changes
After each fix, run the audit again in the same order: network → fingerprint → consistency → fixes. This is not a formality. MDN notes that Client Hints can be requested through Accept-CH and then stored for the current browsing session for a specific origin. Plus, Cover Your Tracks and AmIUnique use research cookies to link repeated visits and study how the fingerprint changes over time. So it is better to do a repeat test after restarting the profile and, if needed, in a clean environment.
Which Services to Use for Checking a Browser Fingerprint
One service is not equal to a full check. A proper audit usually combines at least two types of tools: one network-oriented and another consistency-oriented. BrowserLeaks provides low-level modules, Pixelscan provides a unified consistency report, AmIUnique focuses on uniqueness/history, Cover Your Tracks offers a tracker/privacy perspective, and iphey, Whoer, and BrowserScan work well as additional quick layers.
Table 1. Service comparison
| Service | What it checks best | Where it is weaker | When to run it | Who it suits |
|---|---|---|---|---|
| BrowserLeaks | Deep modular diagnostics: IP, DNS, WebRTC, Canvas, WebGL, Client Hints, TLS/HTTP2/TCP/IP | Gives a lot of low-level data, but little prioritization | When you need to localize the source of a mismatch | Those who fix a profile layer by layer |
| Pixelscan | Quick all-in-one audit for consistency, detectability, and automation indicators | Less depth in individual transport/network modules | As a quick first pass or second opinion after BrowserLeaks | Those who need a clear final report |
| AmIUnique | Evaluation of fingerprint uniqueness and its history over time | Not the best tool for IP/DNS/WebRTC troubleshooting | After the network audit, when it is important to understand “how much I stand out” | Those who want to assess identifiability, not only leaks |
| Cover Your Tracks (formerly Panopticlick) | Privacy/tracker view, education, summary + detailed metrics | Weaker as an operational guide for proxy/profile debugging | When you need to understand how trackers see the browser and why cookies ≠ fingerprint | Those who need the educational layer |
| iphey | Quick heuristic score for browser/location/IP/hardware/software | Less transparency regarding low-level causes | For an express check of “trustworthy / suspicious / unreliable” | Those who need a quick sanity check |
| Whoer | IP, DNS, timezone/locale comparison, privacy/leaks score | Less depth in Canvas/WebGL and Client Hints | At the first network step | Those who first want to know whether the network is clean |
| BrowserScan | Bot detection: WebDriver, CDP, Headless, Navigator deception | Less useful as the main network checker | When there is automation/headless risk | Those who test an automated stack |
BrowserLeaks — for deep modular diagnostics
BrowserLeaks is the best first choice when you need to understand which exact layer is breaking the profile: network, JavaScript, rendering, or transport. It shows IP/GEO/ASN/usage type, DNS, WebRTC, Canvas, WebGL, fonts, Client Hints, and even TLS/HTTP2/TCP/IP fingerprints. If you need the same scenario inside the Undetectable ecosystem, start with the BrowserLeaks checker.
Pixelscan — for a quick all-in-one audit
Pixelscan is convenient as a quick first pass or as a second look after BrowserLeaks. In its own manifest, the service writes that it analyzes user-agent integrity, operating system consistency, Canvas/WebGL and rendering signals, hardware parameters, timezone/language alignment, proxy/DNS behavior, and automation indicators; mismatches like “Windows UA, but macOS signals” are highlighted immediately. For this scenario, use the Pixelscan checker.
AmIUnique — for evaluating fingerprint uniqueness and history
AmIUnique is needed when the question sounds like “how identifiable am I?” and not “why is my DNS leaking?”. The project studies the diversity of browser fingerprints, collects a wide range of headers and JS signals, and links repeated visits through a research cookie to show the history of fingerprint changes over time. For quick access, keep the AmIUnique checker handy.
Cover Your Tracks (formerly Panopticlick) — for privacy/fingerprint education
Cover Your Tracks is the current name of the historic Panopticlick service: EFF renamed it in 2020 and shifted the focus from simply demonstrating that “fingerprinting exists” to a more understandable explanation of tracking/privacy trade-offs. The service shows how trackers see the browser, and in detailed view reveals metrics such as System Fonts, Language, and AudioContext. To launch it inside Undetectable, use the Panopticlick / Cover Your Tracks checker.
Additionally: iphey, Whoer, BrowserScan
Among additional tools, keep the iphey checker nearby if you need a quick heuristic score of “trustworthy / suspicious / unreliable” based on browser, location, IP, hardware, and software, and the Whoer checker if you need an instant IP/DNS/privacy check with timezone and locale comparison. BrowserScan is useful as a separate bot-detection layer: it analyzes WebDriver, CDP, Headless Chrome, and deceptive Navigator properties.
How to Read the Results: Which Red Flags Are Really Critical
Below is a practical hierarchy of problems. This is an editorial working framework derived from what BrowserLeaks, Pixelscan, AmIUnique, Cover Your Tracks, Whoer, and Multilogin recommendations actually highlight: first fix what breaks consistency and network trust, not what simply increases the uniqueness score.
Table 2. Problem diagnosis
| What you saw | What it may mean | Where to double-check | Which fix goes first |
|---|---|---|---|
| IP/GEO/timezone/ASN mismatch | The proxy tells one story, the browser tells another; or the wrong network type/region was chosen | BrowserLeaks IP, Pixelscan, Whoer | Change the proxy/region/ASN, not cosmetically edit Canvas or geolocation |
| Provider DNS servers or real WebRTC IP | DNS/WebRTC leak bypassing proxy/VPN | BrowserLeaks DNS + WebRTC, Whoer | Fix the DNS path and WebRTC mode first, then retest |
| User-Agent does not match OS or the core is outdated | Manual UA edits, stale browser core, UA/OS/version conflict | Pixelscan, BrowserLeaks Client Hints, BrowserLeaks headers | Update the core, restore a coherent UA/OS/version combination |
| Timezone/language mismatch | IP region, JS timezone, and locale say different things | BrowserLeaks IP, MDN locale/timezone, Pixelscan | Either align language/timezone or change the proxy |
| Canvas/WebGL disabled/noisy/broken | You overdid spoofing or the rendering stack is broken | BrowserLeaks Canvas/WebGL, AmIUnique, Cover Your Tracks | Go back to stable defaults and do not randomize one signal in isolation |
| webdriver/headless/CDP flags | Signs of automation/headless are visible | BrowserScan, Pixelscan bot checker, MDN webdriver | Fix the automation config before fine-tuning the fingerprint |
IP/GEO mismatch
IP mismatch is not only “the wrong city.” On the BrowserLeaks IP page, country, ISP, ASN/network, and usage type are important; Whoer additionally compares the IP country with DNS, time zone/locale, and tunneling signs. In practice, exact city-level GEO is usually less important than the combination of country + ASN + timezone + network type.
The first fix is almost always network-side: change the proxy or proxy type, not hide the consequences in the browser. If the task is sensitive to IP type and ASN reputation, separately compare the scenarios in the article on mobile vs residential proxies. And do not start with manual geolocation spoofing: Multilogin explicitly warns that custom geolocation can create a geolocation/IP mismatch.
DNS/WebRTC leaks
DNS/WebRTC leaks are a critical red flag because they can expose real routing even if the external IP looks “correct.” BrowserLeaks writes that with incorrect configuration, DNS requests may go directly to ISP DNS, and its WebRTC test shows local/public IP exposure through STUN. Whoer also treats DNS, WebRTC, and IP leaks as core privacy/masking problems.
The order of fixes here is always the same: DNS path → WebRTC mode → retest. If WebRTC or DNS still do not pass, do not move on to working sessions and especially not to warm-up. First bring the connection layer to normal; details are in the article on how to protect against WebRTC leaks.
User-Agent and OS mismatch
UA/OS mismatch is one of the most frequent operational problems. Pixelscan directly gives the example where a Windows user-agent conflicts with macOS signals. Multilogin separately writes that an outdated core makes a profile stand out, and a mismatch between browser version and emulated OS can trigger warnings. Considering UA reduction, you need to compare not only the UA string, but also Client Hints.
Timezone/language mismatch
Timezone and language are small signals that become loud only when they contradict the rest of the profile. MDN states that resolvedOptions() returns the current time zone, while navigator.languages and Accept-Language usually reflect the same set of locales. Multilogin notes that websites often compare the IP-derived timezone with JavaScript-derived regional settings.
The first fix depends on the source of truth. If the proxy is chosen correctly, but the browser locale/timezone is not, align the browser. If the locale is intentional and stable, but the IP region is strange, change the proxy. For best results, languages should usually match the proxy/task locale, not hang there as a random set.
Canvas/WebGL anomalies
Canvas/WebGL anomalies should not be ignored, but they are rarely the very first cause of problems. BrowserLeaks shows that Canvas and WebGL fingerprints are built on rendering differences, and MDN notes that WEBGL_debug_renderer_info can reveal the vendor/renderer of the graphics stack. At the same time, EFF warns: changing one fingerprint signal in isolation can make the browser more noticeable.
That is why a completely disabled, broken, or over-noised rendering stack is much more dangerous than a “rare hash.” Multilogin directly writes that many popular websites react poorly to totally unique or altered graphics fingerprints, whereas real Canvas/AudioContext outputs often simply blend into the large number of similar devices.
An overly “random” profile and automation flags
Automation indicators are easier to interpret: if navigator.webdriver is visible, or BrowserScan/Pixelscan catch CDP/headless/deceptive Navigator traces, that is a real red flag, not cosmetics. MDN directly links navigator.webdriver to automation/headless launch flags.
TCP/IP fingerprint, on the other hand, should not be overestimated on the first pass. Multilogin notes that a proxy repackages network data, because of which passive OS fingerprinting may not match the real OS, and most websites ignore this detail because such discrepancies are common. Check it as a second-pass nuance, not as the first reason to recreate a profile.
Why Different Services Show Different Results
Different depth of checks
The first explanation is different depth. BrowserLeaks is a set of separate modules, Pixelscan tries to package several layers into one actionable report, AmIUnique focuses on identifiability and history, Cover Your Tracks focuses on tracker/privacy view, and BrowserScan adds extra weight to bot-detection signals. If the tools ask different questions, the answers will also be different.
Different methodologies and heuristics
Second, the methodology differs. MDN divides Client Hints into low-entropy and high-entropy; some hints require opt-in through Accept-CH. AmIUnique compares a fingerprint with a research dataset, Cover Your Tracks evaluates protection from tracking/fingerprinting, and Pixelscan focuses on internal consistency. That is why two services may look at the same profile but analyze different slices of risk.
Why “green” in one service does not equal an “ideal profile”
A green result in one checker does not mean the profile is ideal everywhere. A profile may look fine in a uniqueness-oriented service and at the same time leak through DNS/WebRTC; it may get good privacy feedback, but still look weak for an automation stack; it may seem clean in an all-in-one scan, yet have a low-priority transport oddity. That is why the practical minimum is one network-oriented checker plus one consistency-oriented checker.
What to Fix First If the Profile Fails the Audit
If the profile fails the audit, do not try to fix everything at once. It is faster to go from top to bottom: connection layer → consistency layer → high-entropy layer → rebuild. This order matches both the way structured checkers show problems and the practical recommendations for mismatches.
Proxies and sticky sessions
Start with proxy quality and session stability. If the proxy IP changes in the middle of a working session, timezone/geolocation/WebRTC alignment may “drift,” and you will end up chasing symptoms instead of the cause. Multilogin describes scenarios where the system has to adjust WebRTC and geolocation after a mid-session proxy IP change; BrowserLeaks and Whoer also show that IP/DNS leak behavior is a foundation, not a detail. That is why on first run and at the beginning of account warm-up, it is better to keep one stable network story per session and retest the profile after every proxy change. If the issue is specifically the network type and ASN, compare the options in the article on mobile vs residential proxies.
Profile isolation
Audit the profile in isolation: without unnecessary extensions, without old experiments, and with predictable permissions. EFF separately writes that privacy add-ons and unusual protective measures can themselves become part of the fingerprint. Multilogin, in turn, reminds about the same-origin policy: websites cannot see cookies from other domains. The practical conclusion is simple — a separate profile, minimal extras, repeatable configuration.
Browser core version and headers
If the network layer is clean, move on to the browser core and headers. An outdated core, leftovers from manual UA spoofing, or a conflict between browser version and emulated OS cause warnings more often than exotic Canvas problems. The recommendation here is straightforward: keep the core up to date and make sure User-Agent matches the real browser version and the declared OS.
Do not overdo randomization
Do not overdo randomization. EFF explicitly does not recommend changing one fingerprint element separately from the others, because the metrics are interrelated. Multilogin also warns that deep fingerprint settings are better left alone unless you understand the consequences. In practice, stable and coherent defaults are almost always better than aggressive manual “masking.”
When you need to rebuild the profile from scratch
Rebuild the profile when structural contradictions return after the basic fixes: the proxy is already clean, but UA/OS still conflict; timezone/language have to be patched manually; permissions and extensions continue to contaminate the result; automation flags show up after relaunch. This is a practical conclusion, but it logically follows from the same idea pointed out by EFF and vendor docs: fingerprint metrics are interconnected, and when the “profile story” stops being coherent, rebuilding is often faster than endless patching.
Checklist Before Putting a Profile to Work
Below is a short list that is convenient to keep before first run or before account warm-up.
Checklist before launching a profile
- IP country, ASN, and usage type fit the task; city-level GEO is not treated as exact geography.
- DNS servers do not reveal routing through the ISP, and WebRTC does not show the real local/public IP.
User-Agent, Client Hints, and OS/platform tell the same story.Accept-Language,navigator.language(s), and timezone match the proxy/task locale.- Screen resolution looks realistic for the device and the team.
- Canvas/WebGL/AudioContext are not broken, not disabled without reason, and do not look excessively “noisy.”
navigator.webdriver, CDP, and headless flags are absent if automation is not part of the scenario.- The browser core is current, and the mismatch between version and OS has been removed.
- Geolocation API behavior is intentional: prompt/allow/block does not contradict the IP story.
- After every change, you rerun at least one network checker and one consistency checker.
When a Regular Browser Is Enough and When You Need an Antidetect Browser
A regular browser is often enough when the task is simple: check your IP/DNS/WebRTC, understand what websites see in headers, quickly compare a couple of browser signals, or simply understand how fingerprinting works. For such one-off checks, BrowserLeaks, Cover Your Tracks, AmIUnique, iphey, and Whoer are already enough.
An antidetect browser makes sense when you need not a one-time test, but a repeatable working setup: several isolated profiles with their own cookies, language, timezone, proxy, and launch parameters, plus API/automation for creating, launching, updating, and closing profiles. The Undetectable API documentation directly describes lifecycle methods and parameters like proxy, language, cookies, and timezone; product updates also separately mention proxy checks before launching a profile and headless/background operation.
The practical route is this: first check the setup in the BrowserLeaks checker, Pixelscan checker, AmIUnique checker, Panopticlick / Cover Your Tracks checker, and if needed, finish with iphey and Whoer. If you need not a one-time test, but a постоянный workflow with profiles, cookies, proxy, and automation, move on to downloading Undetectable and then to pricing. And even in this case, auditing remains mandatory: no product by itself guarantees the absence of mismatches.
FAQ
1. What is a browser fingerprint?
A browser fingerprint is a set of browser and device characteristics that a website collects from HTTP headers, JavaScript, and Web APIs to distinguish one browser from another. This includes UA, language, timezone, screen, fonts, Canvas/WebGL, audio, and other signals. It is not the same as a cookie, and it is not the same as an IP.
2. Why can BrowserLeaks and Pixelscan show different results?
Because they solve different tasks. BrowserLeaks is a modular low-level set of tests, while Pixelscan is an all-in-one consistency report focused on detectability, internal mismatches, and automation indicators. They are not required to evaluate the same profile in the same way because they look at different layers and use different heuristics.
3. Does clearing cookies change the browser fingerprint?
Usually no. Cookies and fingerprint are different mechanisms. Deleting cookies removes saved website identifiers, but it does not change your language, timezone, screen, fonts, GPU, or WebRTC behavior. At the same time, some services like Cover Your Tracks and AmIUnique themselves use research cookies to link repeated tests and study how the fingerprint changes over time.
4. Which is more important: proxy or fingerprint?
You need to start with the proxy and the network layer. If you have a DNS leak, a WebRTC leak, a strange ASN, or an IP/timezone mismatch, fine-tuning Canvas/WebGL will not save the profile. First — the network, then — browser fingerprint consistency.
5. How often should a profile be rechecked?
At minimum — before the first launch, after changing the proxy, after updating the browser core, after manually editing UA/language/timezone/geolocation, and after changes in the automation/headless configuration. Plus, it makes sense to return to the audit periodically, because services and metrics evolve, and some signals depend on the current session and the specific origin.
6. What should I do if WebRTC or DNS leak checks fail?
Stop and fix the connection layer: DNS route, WebRTC mode, proxy quality, and session stability. Only after that repeat the tests. BrowserLeaks and Whoer directly put DNS/WebRTC leaks on the basic list of problems, and Multilogin separately shows how important it is to synchronize WebRTC and the IP story.
7. Why does the profile pass one test but fail in another?
Because different checkers verify different depth and prioritize things differently. One may look at uniqueness/history, another at privacy protection, a third at internal consistency, and a fourth at automation traces. This is normal; that is exactly why a full audit always consists of several services.
