Logo
Logo
Log In Sign Up

Panopticlick & Undetectable: fingerprint check

How to pass the Panopticlick test (EFF's Cover Your Tracks) and check how unique a browser fingerprint is in the Undetectable anti-detect browser. Step-by-step with practical tips.

Start with Undetectable
Panopticlick & Undetectable: fingerprint check

In today's digital environment users increasingly face hidden tracking via browser fingerprinting. Even when using incognito mode, a VPN and ad blockers, modern trackers can identify a device by a unique combination of technical parameters — from installed fonts and plugins to GPU characteristics. This issue is especially acute for professionals whose work requires strong anonymity: social media managers handling many accounts, arbitrage marketers, web developers and security testers.

Anti-detect browsers such as Undetectable position themselves as a solution — they allow creating isolated profiles with tailored digital fingerprints that emulate different devices and browsers. Yet the key question remains: how effective are these tools against professional tracking systems? The Panopticlick service from the Electronic Frontier Foundation (EFF) offers an objective method to test how resistant browser fingerprints are to deanonymization, making it an indispensable tool for validating Undetectable configurations.

What is Panopticlick?

What is Panopticlick?

Panopticlick is a research project designed to thoroughly study and analyze how effectively a user's browser and its extensions protect against various methods of online tracking. The project achieves this by collecting specific information about the user’s operating system configuration, browser version, and installed plugins. The collected data is then compared to a large database of configurations from other Internet users, allowing the system to calculate a "uniqueness score." This score clearly illustrates how easily a user can be identified online.

Get Access Learn More

Description of Panopticlick technology?

Panopticlick is an innovative online tool developed by the Electronic Frontier Foundation (EFF) for analyzing the uniqueness of a user's browser fingerprint. The service applies a set of methods to assess how easily your browser can be identified on the Internet based on passively exposed data. Here are the key instruments and parameters Panopticlick examines:

Transmitted headers

User Agent: the data string that, when sent to a web server, contains information about your browser and its version. HTTP Accept Headers: data about language, encoding and supported content formats. For example, a server may choose to send a plain text file if it detects the user's browser does not support rich document formats. This information can be fairly distinctive and varies between browsers. However, this string generally does not change much over time and can remain the same across different versions of the same browser.

tech image
Transmitted headers

Transmitted headers

User Agent: the data string that, when sent to a web server, contains information about your browser and its version. HTTP Accept Headers: data about language, encoding and supported content formats. For example, a server may choose to send a plain text file if it detects the user's browser does not support rich document formats. This information can be fairly distinctive and varies between browsers. However, this string generally does not change much over time and can remain the same across different versions of the same browser.

Core browser parameters

List of plugins: a plugin is a small program that helps the browser handle content it cannot process natively. In recent years browser plugins have gradually fallen out of use. Browsers now favour more controlled extensions. Nevertheless, plugins still exist in legacy browsers. Time zone: the system time zone. This metric is represented as a string indicating your time zone, for example “America/Los_Angeles”. It can be used to infer an approximate location, especially if you live in a time zone with relatively few other users. Screen size and color depth: while this metric can complement other data, it is often too “fragile” for trackers to rely on, since users can easily resize their browser window.

tech image
Core browser parameters

Core browser parameters

List of plugins: a plugin is a small program that helps the browser handle content it cannot process natively. In recent years browser plugins have gradually fallen out of use. Browsers now favour more controlled extensions. Nevertheless, plugins still exist in legacy browsers. Time zone: the system time zone. This metric is represented as a string indicating your time zone, for example “America/Los_Angeles”. It can be used to infer an approximate location, especially if you live in a time zone with relatively few other users. Screen size and color depth: while this metric can complement other data, it is often too “fragile” for trackers to rely on, since users can easily resize their browser window.

Advanced fingerprinting methods

Installed fonts: to detect system fonts, tracking sites typically render text inside an HTML `<span>` and rapidly iterate styles across hundreds or thousands of known fonts. For each font the site checks whether the element’s width changed compared with the default when rendered in that font. If it did, the tracker concludes the font is installed. The list of fonts present on your machine is often consistent and tied to a particular operating system. If you have installed even a single uncommon font (for example a designer font), that can be a highly informative metric. Cookie support: the metric “cookies enabled” can be either True or False, indicating whether your browser allows cookies or blocks them. Cookie support can be detected with JavaScript or without it. Alone this provides just one bit of information — True or False — but it becomes much more informative when combined with other attributes. Supercookie detection: despite the name, “supercookies” are not technically cookies. Although they also store and retrieve unique identifiers, they are much harder to detect and remove. Supercookies can track which sites you visit and how long you spend on them. They can also access data gathered by traditional tracking cookies, for example login information. After a standard cookie is deleted, a supercookie can still reference it. Language settings: the browser’s preferred language(s). This metric indicates which languages you prefer to see website content in. It adds substantial information to a fingerprint, especially if the language is uncommon in your time zone. Canvas and WebGL fingerprinting: WebGL and Canvas fingerprint results are closely related. Both methods examine graphics rendered by the browser for minute differences between users. This is a sophisticated and highly reliable fingerprinting metric. Rendered images will slightly differ due to small variances in: GPU hardware, graphics drivers, the operating system and installed fonts. These settings vary across machines, but are typically stable enough on a single machine to uniquely identify a user.

tech image
Advanced fingerprinting methods

Advanced fingerprinting methods

Installed fonts: to detect system fonts, tracking sites typically render text inside an HTML `<span>` and rapidly iterate styles across hundreds or thousands of known fonts. For each font the site checks whether the element’s width changed compared with the default when rendered in that font. If it did, the tracker concludes the font is installed. The list of fonts present on your machine is often consistent and tied to a particular operating system. If you have installed even a single uncommon font (for example a designer font), that can be a highly informative metric. Cookie support: the metric “cookies enabled” can be either True or False, indicating whether your browser allows cookies or blocks them. Cookie support can be detected with JavaScript or without it. Alone this provides just one bit of information — True or False — but it becomes much more informative when combined with other attributes. Supercookie detection: despite the name, “supercookies” are not technically cookies. Although they also store and retrieve unique identifiers, they are much harder to detect and remove. Supercookies can track which sites you visit and how long you spend on them. They can also access data gathered by traditional tracking cookies, for example login information. After a standard cookie is deleted, a supercookie can still reference it. Language settings: the browser’s preferred language(s). This metric indicates which languages you prefer to see website content in. It adds substantial information to a fingerprint, especially if the language is uncommon in your time zone. Canvas and WebGL fingerprinting: WebGL and Canvas fingerprint results are closely related. Both methods examine graphics rendered by the browser for minute differences between users. This is a sophisticated and highly reliable fingerprinting metric. Rendered images will slightly differ due to small variances in: GPU hardware, graphics drivers, the operating system and installed fonts. These settings vary across machines, but are typically stable enough on a single machine to uniquely identify a user.

Hardware-related parameters

Your platform: this metric reflects the architecture of your operating system and CPU and is directly discoverable by trackers using JavaScript. It can be either very unique or very common depending on your specific machine. Touchscreen support: if you use a mobile device, this can be very helpful for identification depending on the device’s hardware characteristics. The result equals 0 if no touchscreen is present. AudioContext fingerprint: similar to Canvas fingerprinting but for audio rather than graphics. A short audio fragment is generated, serialized and measured to produce this fingerprint. It can be unique depending on your sound card and drivers and usually does not change over time. Number of CPU cores and amount of RAM: combined with other fingerprint metrics, these can provide additional information, but by themselves they are not strongly identifying.

tech image
Hardware-related parameters

Hardware-related parameters

Your platform: this metric reflects the architecture of your operating system and CPU and is directly discoverable by trackers using JavaScript. It can be either very unique or very common depending on your specific machine. Touchscreen support: if you use a mobile device, this can be very helpful for identification depending on the device’s hardware characteristics. The result equals 0 if no touchscreen is present. AudioContext fingerprint: similar to Canvas fingerprinting but for audio rather than graphics. A short audio fragment is generated, serialized and measured to produce this fingerprint. It can be unique depending on your sound card and drivers and usually does not change over time. Number of CPU cores and amount of RAM: combined with other fingerprint metrics, these can provide additional information, but by themselves they are not strongly identifying.

The goal of testing on Panopticlick — to assess entropy and uniqueness. Panopticlick computes entropy (in bits) — a measure of how unique your browser is among others. Low entropy means your browser resembles many others, reducing the risk of being tracked. High entropy indicates high uniqueness, making you an easy target for trackers. Panopticlick has limitations: it does not examine every possible tracking parameter. It does not check the risk of leaking your real IP via WebRTC or DNS leaks. There is no open-port scanner.

Getting started is easy - just 4 steps

1. Download the Browser

1. Download the Browser

Get Undetectable for Windows or macOS. Installation takes less than a minute

2. Register an account

2. Register an account

Register an account to access all features. It's free and takes less than a minute

3. Create profiles

3. Create profiles

Create profiles to access all features. It's free and takes less than a minute

4. Start working

4. Start working

Start working to access all features. It's free and takes less than a minute

Where and how is the Panopticlick browser testing service used?

Panopticlick, now known as Cover Your Tracks, is not just a testing tool but a research project developed by the Electronic Frontier Foundation (EFF). Its main goal is to help users understand how unique their browser is — and therefore, how susceptible it may be to tracking. Panopticlick is useful for individual users, privacy experts, and even bot developers, as it provides an accurate analysis of how well a browser is protected against various tracking techniques. Below are several usage scenarios that demonstrate its value:

Why should you use Panopticlick together with the Undetectable anti-detect browser?

The combination of Panopticlick and the Undetectable anti-detect browser is an effective approach to achieve maximum anonymity and protection against tracking online. Here are the key reasons why you should use them together:

  • Verification of anti-detect browser performance

    Undetectable creates isolated profiles with distinct digital fingerprints, emulating different devices and browsers. Panopticlick verifies how effectively these changes mask real parameters. It compares the fingerprint’s uniqueness before and after configuration and detects potential data leaks (for example, matching a WebGL hash with your actual hardware). Without verification through Panopticlick, you can’t be sure your anti-detect browser truly protects you.

  • Bypassing advanced fingerprinting systems

    Modern trackers use combined techniques (Canvas, WebGL, AudioContext) to bypass basic protection and identify your device’s characteristics. Undetectable alters parameters at the browser level, but it’s essential to confirm this in practice. Panopticlick tests precisely these advanced methods and highlights where additional configuration may be needed.

  • Profile optimization for specific use cases

    For SMM managers, arbitrage marketers, or web developers, it’s crucial that each Undetectable profile looks like a real user, not a bot. Panopticlick evaluates how natural a digital fingerprint appears (for instance, whether the combination of fonts and screen resolution is typical) and its prevalence (low entropy = less suspicion from platforms). This helps prevent account bans caused by “too perfect” or anomalous configurations.

Special Offer!

Register now and get a free plan with 5 cloud profiles in Undetectable! Takes 2 minutes.

Try for Free

How to Get Started Quickly with Undetectable

Just five steps separate you from safe and undetectable online work. Register, install the browser, and connect a proxy—in a couple of minutes, you'll be able to create individual profiles without fingerprint overlap and smoothly manage multiple accounts.

  1. 1

    Register on the website and confirm your e-mail

  2. 2

    Select a plan in your personal account. By default, it's free

  3. 3

    Download and install the app for Windows / macOS

  4. 4

    Create your first profile in the Undetectable browser program

  5. 5

    Add a proxy and start managing accounts with no risk of bans

Get Started Learn More
How to Get Started Quickly with Undetectable

Frequently Asked Questions (FAQ) about the Panopticlick Service

There are several specialized online services that allow you to test how well your anti-detect browser masks your digital fingerprint. These act as independent auditors, analyzing the data your browser transmits to websites. The most well-known among them are Pixelscan.net, Iphey.com, and Panopticlick (Cover Your Tracks) itself.

These platforms evaluate numerous parameters that may reveal the use of an anti-detect browser, including HTTP header consistency, IP address leaks through WebRTC, and unique identifiers obtained via fingerprinting techniques such as Canvas, WebGL, and AudioContext.
For example, if your browser spoofs the User-Agent but the WebGL data indicates a different operating system or GPU, these tools can detect such inconsistencies.

Beyond technical fingerprinting tests, these sites also assess broader anonymity factors. For instance, Pixelscan.net functions as a proxy checker that verifies whether your IP address matches the configuration set in your anti-detect browser. Iphey.com evaluates how “trustworthy” or “suspicious” your online presence appears by comparing your fingerprint against a global database of real users.
If you use an anti-detect browser, these tests help ensure that your fingerprint spoofing works correctly and that you’re not generating a “broken” or illogical profile that can be easily detected.

Panopticlick does not provide active privacy protection — it functions as a diagnostic tool. Its core purpose is to analyze your browser’s parameters (screen resolution, fonts, WebGL, Canvas) and assess the uniqueness of your digital fingerprint. Based on this data, the service indicates how easily you could be tracked and suggests improvements — for example, installing tracker blockers like Privacy Badger or switching to a browser that supports fingerprint protection or spoofing.

All tests are conducted anonymously: Panopticlick does not store persistent identifiers or share data with third parties. However, the service aggregates anonymized statistics for EFF’s fingerprinting research. HTTPS encryption protects all communications, and your browser data is stored in aggregate form without personal identifiers.
Thus, Panopticlick helps detect vulnerabilities, but fixing them requires external tools.

Font Fingerprinting is a tracking method that relies on the unique combination of fonts installed on your device to create a digital fingerprint. Because font sets vary widely between users (due to different software, operating systems, or professional tools), this method can uniquely identify a browser — even when using a VPN or incognito mode.
This poses a serious threat to anonymity, since fonts cannot be blocked without breaking website functionality.

Panopticlick detects this vulnerability via scripts that analyze which fonts are accessible in your system and calculate their uniqueness (entropy). It shows how your font set differs from others and warns of potential risks.
For example, if your system includes rare or custom fonts, Panopticlick will flag that your browser can be easily tracked.

To mitigate this risk, use anti-detect browsers such as Undetectable, which replace your real font list with a standardized one, and verify their performance through Panopticlick. Additionally, you can disable JavaScript in your browser or use Tor Browser, which employs a uniform font set across all users.

You should check your digital fingerprint regularly — especially after modifying your device or browser configuration (OS updates, software installations, or privacy setting changes).
For anti-detect browser users (e.g., Undetectable), testing is recommended before starting work with each new profile and after changing proxies/VPNs to avoid parameter conflicts.
For users managing sensitive accounts, fingerprint testing every 1–2 weeks is advised.

Regular users can perform the test once per month or after major system changes. However, if you suspect tracking or visit high-risk sites, perform an unscheduled test.
Remember: Panopticlick is a diagnostic tool — for true anonymity, it must be combined with VPNs and anti-detect browsers.

The digital entropy score in Panopticlick (now Cover Your Tracks) is a mathematical measure that indicates how unique your browser is compared to others.
Entropy is measured in bits — the higher the value, the easier it is to uniquely identify your browser online.

  • Low entropy (below 10 bits): Your browser resembles many others; tracking risk is minimal.
  • High entropy (above 15 bits): Your configuration is unique — you can be singled out among tens of thousands of users.

Panopticlick highlights which parameters contribute most to entropy (for example, font lists or WebGL fingerprints).
If your score is high, follow the service’s recommendations — enable tracker blocking, adjust browser settings, or switch to an anti-detect browser.

However, keep in mind that Panopticlick’s results are based on a sample of privacy-conscious users — including bot developers and professionals who actively test anonymity tools.
Thus, striving for a “perfectly low” entropy value may ironically make your profile look suspicious to advanced detection systems, which flag abnormally clean or uniform fingerprints uncommon among regular users.
In short, entropy helps you understand which data can compromise you, not as an absolute “untrackable” metric.

Panopticlick is a completely free service, developed and maintained by the non-profit Electronic Frontier Foundation (EFF).
It’s available to all users with no hidden fees or subscriptions. You can perform unlimited tests at panopticlick.eff.org to evaluate your fingerprint’s uniqueness and your browser’s tracking resistance.

EFF funds the project through donations and grants, so the service is not commercialized.
However, Panopticlick may collect anonymized browser data for academic research on digital privacy — this data is never sold or shared.
If you wish to support EFF’s mission, you can make a voluntary donation via their official website.

Panopticlick analyzes the key parameters used for browser fingerprinting:

  • Basic attributes: User-Agent, screen resolution, timezone, list of installed fonts and plugins, HTTP headers.
  • Advanced methods: Canvas and WebGL rendering fingerprints, Touch API support, and the presence of tracker-blocking mechanisms (e.g., the Do Not Track header).

The service calculates the entropy (uniqueness) of these parameters and shows how easily your browser can be identified among others.

However, note that Panopticlick does not test:

  • Hardware identifiers: exact CPU/GPU models, MAC address.
  • Behavioral factors: mouse movements, typing speed, browsing history.
  • Network leaks: e.g., real IP exposure via WebRTC (requires tools like BrowserLeaks).

Important: Panopticlick focuses on passive tracking methods and doesn’t analyze all modern tracking techniques.
For full protection, combine it with VPNs, anti-detect browsers, and JavaScript blocking.

Conclusion

Using the Undetectable Browser together with Panopticlick is not merely a combination of two tools — it's a full-fledged strategy. It marks a shift from passive "anti-detect protection" to active "digital identity emulation." Undetectable provides the operational mechanism to create and manage unique digital fingerprints, while Panopticlick functions as an external verifier that validates the quality and consistency of those fingerprints.

image