# Info Tools — Tips & Tricks

> Strategy and pitfalls for Info Tools: server vs. client data, reading empty plugin lists right, understanding fingerprinting, combining values sensibly.

Source: https://www.jpkc.com/db/en/tools/info/tips/

Back to overview: [Info Tools](https://www.jpkc.com/db/en/tools/info/) · Open the live tool: [www.jpkc.com/tools/info/](https://www.jpkc.com/tools/info/)

Info Tools is quick to read — but placing the values correctly takes some know-how. This page collects what matters in practice. The meaning of the individual cards is in the [manual](https://www.jpkc.com/db/en/tools/info/manual/).

## Always ask first: server or client?

The tool's most important reading rule: **where does the value come from?**

- **HTTP Headers** and **Connection Info** are **server-side**. They are exactly what every web server receives from you — your IP and your request headers. If you want to know "what do websites see about me?", look here.
- Everything else is **client-side** and does **not** leave your browser — unless you export it yourself. These values show what your device **could** reveal if a site actively reads them.

Internalize that split and you'll read the page correctly: your GPU or battery level aren't "out on the net" as long as nobody queries them — your IP, by contrast, travels with every request.

## Empty plugin and MIME lists are a good sign

Don't be surprised if **Browser Plugins** and **MIME Types** are empty. Modern browsers no longer reveal these lists for **privacy** reasons, because they used to be a strong fingerprinting trait. An empty list doesn't mean something is broken — it's an indication that your browser already protects you here.

## Assess your own fingerprint realistically

The **Navigator Properties**, **WebGL / GPU Info**, and **Screen & Display** cards together form a fingerprinting profile. Rules of thumb:

- **Unusual values make you more distinguishable.** An exotic screen resolution, a rare GPU model, or an unusual language setting lift you out of the crowd.
- **GPU obfuscation is good.** If **GPU Renderer** shows a generic name instead of your specific chip, your browser is already anonymizing.
- **More standard = less conspicuous.** Whoever swims in the pool of default configurations is harder to track than someone with many individual settings.

Concrete walkthroughs are in the [examples](https://www.jpkc.com/db/en/tools/info/examples/).

## Do Not Track is only a polite request

If **HTTP_DNT** shows a set value, your browser is signaling "please don't track me". Don't rely on it: DNT is **non-binding** — servers may ignore it, and many do. It's a wish, not a technical barrier. Real protection comes from browser settings, extensions, and avoiding conspicuous traits, not from this header.

## X-Forwarded-For reveals your proxy path

If **X-Forwarded-For** shows anything other than "Not set (direct connection)", you're coming through a proxy, a VPN, or a CDN. The header may contain your original IP — useful for debugging, but also a hint that a supposedly anonymous connection is forwarding the real address. Check this if you're relying on anonymity.

## Performance Timing fills in last — not a bug

The **Performance Timing** card measures only after the page has fully loaded and therefore appears with a short delay. The values refer to **this specific** Info Tools page load, not to other pages. So the tool isn't meant for analyzing the performance of a foreign site — it only shows how the info page itself loaded.

## Querying permissions triggers no prompt

The **Permissions Status** card only reads the current state (Granted / Prompt / Denied / Not Supported) — it requests **no** permission. You can inspect it safely without your browser asking for camera or location access. "Prompt" merely means: on real access, it would ask.

## Exported JSON files contain sensitive values

The **Export as JSON** is comprehensive — it bundles your IP, the reverse-DNS hostname, and detailed device traits too. Treat the file accordingly: don't paste it unchecked into public tickets or forums. If you pass it on, consider which fields to strip first — or encrypt the file. The [Cryptor (AES-256)](https://www.jpkc.com/db/en/tools/cryptor/) is made exactly for that.

## Nothing is stored — capture snapshots yourself

Info Tools deliberately keeps nothing and reads fresh on every visit. If you want to capture a state (e.g. to compare before and after a browser setting), save it in time with **Copy as JSON** or **Export as JSON** — otherwise the previous findings are gone after a reload.

## Combining with other JPKCom tools

- **[IP & network info](https://www.jpkc.com/db/en/tools/ip/)** — when the IP from the **Connection Info** card invites deeper lookups (geo, attribution).
- **[DNS, SSL, redirect & URL](https://www.jpkc.com/db/en/tools/dns-ssl-redirect-url/)** — to match the reverse-DNS hostname against a domain's DNS records.
- **[Cryptor (AES-256)](https://www.jpkc.com/db/en/tools/cryptor/)** — to store a JSON export with your IP and device traits encrypted before handing it on.

---

The full reference is in the [manual](https://www.jpkc.com/db/en/tools/info/manual/), concrete walkthroughs in the [examples](https://www.jpkc.com/db/en/tools/info/examples/). You can try it all in the [tool](https://www.jpkc.com/tools/info/).