cfp
Canvas fingerprint that's hashed using Java's hashCode method.
WebGL
Collects supported operations by your GPU via the WebGL API. This could, in theory, be used to correlate your canvas fingerprint as described in this paper by Google.
audio_fingerprint
See:
- How the Web Audio API is used for audio fingerprinting
- How We Bypassed Safari 17's Advanced Audio Fingerprinting Protection
wh
Window hash:
- Gets all the objects on the current window and sorts them.
- TODO: Prototype stuff.
- murmurHash3 both with a seed of 420.
- Join with "|".
n
Base64 encoded timestamp.
window__tree_index
These don't work in this environment.
window__tree_structure
TODO
window__ancestor_origins
TODO
browser_object_checks
- Checks for global objects belonging to different browsers.
- Sorts them.
- Joins them with ",".
- md5 hashes them.
See the console for more details.
browser_detection_brave
Detects the Brave browser via the brave global object.
browser_detection_firefox
Checks the User-Agent for "Firefox".
navigator_pdf_viewer_enabled
Checks:navigator.pdfViewerEnabled;
user_agent_data_brands
Checks:navigator.userAgentData.brands;
user_agent_data_mobile
Checks:navigator.userAgentData.mobile;
screen_orientation
Gets the current device screen orientation.
fake_browser
Checks for inconsistencies between the User-Agent and the behavior of the browser state.
headless_browser_generic
Checks the various objects on the document and window related to browser automation frameworks. Including:
hasFakeOS
Checks for inconsistencies with userAgent and platform.
browser_api_checks
Supported browser features
navigator_permissions_hash
- Checks which permissions the current page has.
- Joins them with "|".
- md5 hashes them.
getPlugins
Browser plugins.
speech_default
Text to speach information.
For the hash:
- Checks voices you have installed.
- Joins them with ",".
- md5 hashes them.
navigator_battery_charging
Checks:(await navigator.getBattery()).charging;
media_devices
Checks which media devices are available.
getAudio
Checks which audio codecs are available. This can be used to detect browser environments that don't support DRM.
getVideo
Checks which video codecs are available. This can be used to detect browser environments that don't support DRM.
supported_math_functions
Checks what Math functions are supported in the current browser.
math_fingerprint
Runs a bunch of math calculations.
This can be used to detect if the enforcement script is being run in a different environment than is claimed by the client. For example, calculating the math like V8 (Chrome) but claiming to be JavaScriptCore (Safari).
CDP Check
Checks if you have DevTools open or are using Puppeteer.
Sandbox Checks
Checks for different sandbox environments such as JSDom.
media_query_dark_mode
Queries for dark mode.
matchMedia("(prefers-color-scheme: dark)").matches;
css_media_queries
-
matchMedia("(prefers-color-scheme:light)"); -
matchMedia("(prefers-color-scheme:dark)");
css_color_gamut
Checks what color gamuts are supported.
-
matchMedia("(color-gamut:rec2020)"); -
matchMedia("(color-gamut:p3)"); -
matchMedia("(color-gamut:srgb)");
css_contrast
Checks user's contrast preference.
-
matchMedia("(prefers-contrast:low)"); -
matchMedia("(prefers-contrast:less)"); -
matchMedia("(prefers-contrast:no-preference)"); -
matchMedia("(prefers-contrast:more)"); -
matchMedia("(prefers-contrast:high)"); -
matchMedia("(prefers-contrast:forced)");
css_monochrome
Checks user's monochrome preference.
css_pointer
-
matchMedia("(any-pointer:1)"); -
matchMedia("(any-pointer:coarse)"); -
matchMedia("(any-pointer:none"); ") -
matchMedia("(any-pointer:fine)");
css_grid_support
-
matchMedia("(grid:1)"); -
matchMedia("(grid:0)");
getFonts
Checks for the presence of 65 different fonts from a predetermined list. This could be used to detect your platform. For example, Wingdings is only on Windows.
TO
Checks your timezone. This can be correlated with the approximate location of your IP address.
rtc_peer_connection
Checks the existence of:
-
window.RTCPeerConnection; -
window.mozRTCPeerConnection; -
window.webkitRTCPeerConnection;
And then stores the result in a number using bit shifting.
jsbd
- HL:
window.history.length; - NCE:
navigator.cookieEnabled; - DT:
document.title; - NWD:
JSON.stringify(navigator.webdriver);
6a62b2a558
Script version hash:
"enforcement.6c9d6e9be9aa044cc5ce9548b4abe1b0.js";
4b4b269e68
Random UUID:
crypto.randomUUID();
c8480e29a
MD5 hashed surl.
md5(surl) + (surl ? "\u2062" : "\u2063");
4ca87df3d1
mbio mouse events. See the events page for more details.
function insertEvent() {
const n = {
timestamp: Date.now() - Qt.timestamp,
type: e,
x: m.pageX,
y: m.pageY,
};
Qt["4ca87df3d1"].push(n);
_lastMouseMove = n;
}
if(Qt["4ca87df3d1"].length < 75) {
if(e === 0) {
if(_lastMouseMove) {
if(Math.sqrt((m.pageX - _lastMouseMove.x) * (m.pageX - _lastMouseMove.x) + (m.pageY - _lastMouseMove.y) * (m.pageY - _lastMouseMove.y)) > 5) {
insertEvent();
}
return;
}
else {
insertEvent();
return;
}
}
Qt["4ca87df3d1"].push({
timestamp: Date.now() - Qt.timestamp,
type: e,
x: m.pageX,
y: m.pageY,
});
}
867e25e5d4
mbio touch events. See the events page for more details.
for(let i = 0; i < v.touches.length; i += 1) {
if(Qt["867e25e5d4"].length < 75) {
Qt["867e25e5d4"].push({
timestamp: Date.now() - Qt.timestamp,
type: e,
x: Math.floor(v.touches[i].pageX),
y: Math.floor(v.touches[i].pageY),
});
}
}
d4a306884c
mbio key events. See the events page for more details.
const keyboardEventTypes = {
Tab: 0,
Enter: 1,
Space: 3,
ShiftLeft: 4,
ShiftRight: 5,
ControlLeft: 6,
ControlRight: 7,
MetaLeft: 8,
MetaRight: 9,
AltLeft: 10,
AltRight: 11,
Backspace: 12,
Escape: 13,
};
if(Qt.d4a306884c.length < 75) {
Qt.d4a306884c.push({
timestamp: Date.now() - Qt.timestamp,
type: e,
code: keyboardEventTypes[A.code] ?? 14,
});
}