Volver al blog
Primeros pasos

How to Verify Your Browser Fingerprint: Testing Guide

A practical guide to testing and verifying browser fingerprint consistency using public tools and automated scripts.

Introduction

Configuring browser fingerprints is only half the job. You need to verify that all signals are consistent and realistic. This guide covers the tools and techniques for testing browser fingerprint quality.

Public Testing Tools

BrowserLeaks

browserleaks.com provides individual tests for each fingerprint vector:

  • /canvas - Canvas fingerprint hash and rendering
  • /webgl - WebGL renderer, vendor, and parameters
  • /javascript - Navigator properties and JavaScript signals
  • /webrtc - WebRTC ICE candidates and IP leaks
  • /dns - DNS resolver detection
  • /fonts - Font availability and metrics

CreepJS

abrahamjuliot.github.io/creepjs is an open-source fingerprinting tool that checks for:

  • Fingerprint consistency across APIs
  • Signs of spoofing or override detection
  • Headless browser artifacts
  • Stealth plugin traces

CreepJS is particularly useful because it specifically tests for inconsistencies between related signals, not just individual values.

Pixelscan

pixelscan.net provides a pass/fail assessment of fingerprint quality, checking for:

  • Navigator property consistency
  • WebGL/Canvas integrity
  • Automation signal presence
  • Font and timezone alignment

iphey

iphey.com tests browser fingerprint authenticity with a focus on:

  • Hardware signal consistency
  • Network and geo alignment
  • Browser version verification
  • CDP and automation detection

Automated Verification

Run fingerprint checks as part of your automation workflow:

async function verifyFingerprint(browser) {
  const page = await browser.newPage();
  const results = {};

  // Check navigator.webdriver
  results.webdriver = await page.evaluate(() => navigator.webdriver);

  // Check navigator properties
  results.navigator = await page.evaluate(() => ({
    platform: navigator.platform,
    hardwareConcurrency: navigator.hardwareConcurrency,
    deviceMemory: navigator.deviceMemory,
    language: navigator.language,
    languages: navigator.languages,
  }));

  // Check WebGL
  results.webgl = await page.evaluate(() => {
    const canvas = document.createElement('canvas');
    const gl = canvas.getContext('webgl');
    if (!gl) return null;
    const ext = gl.getExtension('WEBGL_debug_renderer_info');
    return {
      vendor: ext ? gl.getParameter(ext.UNMASKED_VENDOR_WEBGL) : null,
      renderer: ext ? gl.getParameter(ext.UNMASKED_RENDERER_WEBGL) : null,
    };
  });

  // Check timezone
  results.timezone = await page.evaluate(
    () => Intl.DateTimeFormat().resolvedOptions().timeZone
  );

  await page.close();
  return results;
}

Consistency Checklist

Signal GroupWhat to CheckCommon Failures
User-Agent vs PlatformUA says Windows, platform should be Win32Platform mismatch
GPU vs CanvasWebGL renderer should produce matching canvas outputSoftware renderer in headless
Timezone vs IPTimezone should match proxy geolocationDefault UTC timezone
Language vs Localenavigator.language should match date/number formattingen-US with German formatting
Cores vs Memory4 cores + 8 GB memory is realistic; 128 cores + 0.25 GB is notImpossible combinations
Touch vs DeviceMobile UA should have touch events enabledMissing touch on mobile profile
WebRTC vs ProxyICE candidate IPs should match proxy IPReal IP leaked via STUN

CI/CD Integration

For production workflows, run fingerprint verification automatically:

async function assertFingerprintValid(browser) {
  const fp = await verifyFingerprint(browser);

  // navigator.webdriver must be false
  console.assert(fp.webdriver === false, 'webdriver should be false');

  // WebGL renderer should not be SwiftShader
  console.assert(
    !fp.webgl?.renderer?.includes('SwiftShader'),
    'Should not use software renderer'
  );

  // Platform should match expected profile
  console.assert(
    fp.navigator.platform === 'Win32',
    'Platform should be Win32 for Windows profile'
  );

  console.log('Fingerprint verification passed');
}

Best Practices

  1. Test every new profile configuration before using it in production
  2. Use multiple verification tools since each tests different aspects
  3. Automate verification as part of your deployment pipeline
  4. Test from the same network path as production to catch geo-related issues
  5. Re-verify after updates to browser versions or profile formats
#verification#testing#fingerprint#tools