JPKCom DB

Info Tools — Tips & Tricks

Strategy and pitfalls for Info Tools: server vs. client data, reading empty plugin lists right, understanding fingerprinting, combining values sensibly.

Back to overview: Info Tools · Open the live tool: www.jpkc.com/tools/info/

Info Tools is quick to read — but placing the values correctly takes some know-how. This page collects what matters in practice. The meaning of the individual cards is in the manual.

Always ask first: server or client?

The tool's most important reading rule: where does the value come from?

  • HTTP Headers and Connection Info are server-side. They are exactly what every web server receives from you — your IP and your request headers. If you want to know "what do websites see about me?", look here.
  • Everything else is client-side and does not leave your browser — unless you export it yourself. These values show what your device could reveal if a site actively reads them.

Internalize that split and you'll read the page correctly: your GPU or battery level aren't "out on the net" as long as nobody queries them — your IP, by contrast, travels with every request.

Empty plugin and MIME lists are a good sign

Don't be surprised if Browser Plugins and MIME Types are empty. Modern browsers no longer reveal these lists for privacy reasons, because they used to be a strong fingerprinting trait. An empty list doesn't mean something is broken — it's an indication that your browser already protects you here.

Assess your own fingerprint realistically

The Navigator Properties, WebGL / GPU Info, and Screen & Display cards together form a fingerprinting profile. Rules of thumb:

  • Unusual values make you more distinguishable. An exotic screen resolution, a rare GPU model, or an unusual language setting lift you out of the crowd.
  • GPU obfuscation is good. If GPU Renderer shows a generic name instead of your specific chip, your browser is already anonymizing.
  • More standard = less conspicuous. Whoever swims in the pool of default configurations is harder to track than someone with many individual settings.

Concrete walkthroughs are in the examples.

Do Not Track is only a polite request

If HTTP_DNT shows a set value, your browser is signaling "please don't track me". Don't rely on it: DNT is non-binding — servers may ignore it, and many do. It's a wish, not a technical barrier. Real protection comes from browser settings, extensions, and avoiding conspicuous traits, not from this header.

X-Forwarded-For reveals your proxy path

If X-Forwarded-For shows anything other than "Not set (direct connection)", you're coming through a proxy, a VPN, or a CDN. The header may contain your original IP — useful for debugging, but also a hint that a supposedly anonymous connection is forwarding the real address. Check this if you're relying on anonymity.

Performance Timing fills in last — not a bug

The Performance Timing card measures only after the page has fully loaded and therefore appears with a short delay. The values refer to this specific Info Tools page load, not to other pages. So the tool isn't meant for analyzing the performance of a foreign site — it only shows how the info page itself loaded.

Querying permissions triggers no prompt

The Permissions Status card only reads the current state (Granted / Prompt / Denied / Not Supported) — it requests no permission. You can inspect it safely without your browser asking for camera or location access. "Prompt" merely means: on real access, it would ask.

Exported JSON files contain sensitive values

The Export as JSON is comprehensive — it bundles your IP, the reverse-DNS hostname, and detailed device traits too. Treat the file accordingly: don't paste it unchecked into public tickets or forums. If you pass it on, consider which fields to strip first — or encrypt the file. The Cryptor (AES-256) is made exactly for that.

Nothing is stored — capture snapshots yourself

Info Tools deliberately keeps nothing and reads fresh on every visit. If you want to capture a state (e.g. to compare before and after a browser setting), save it in time with Copy as JSON or Export as JSON — otherwise the previous findings are gone after a reload.

Combining with other JPKCom tools

  • IP & network info — when the IP from the Connection Info card invites deeper lookups (geo, attribution).
  • DNS, SSL, redirect & URL — to match the reverse-DNS hostname against a domain's DNS records.
  • Cryptor (AES-256) — to store a JSON export with your IP and device traits encrypted before handing it on.

The full reference is in the manual, concrete walkthroughs in the examples. You can try it all in the tool.