Everything in one place.
HTTP IPs, DNS resolver, WebRTC candidates, and TLS fingerprint, all tied to one session.
session: loading...
Verdict
Running probes...
HTTP IPs
Default subdomain
loading...
IPv4-forced
checking...
IPv6-forced
checking...
DNS path
| Resolver IP | checking... |
| EDNS Client Subnet | checking... |
| Probe qname | checking... |
WebRTC
The srflx rows show how a STUN server sees you.
| Type | Family | Address | Port | Proto |
|---|---|---|---|---|
| gathering... | ||||
Locale signals
What your browser reports about its timezone and language. A timezone that doesn't match where your IP geolocates is a common VPN or proxy tell.
| Browser timezone | checking... |
| Browser locale | checking... |
| Languages | checking... |
| UTC offset | checking... |
Network signals
Read straight off the TCP socket plus an ICMP probe to your IP. A direct connection with TCP timestamps on (the default almost everywhere) lands near 1448 on IPv4 or 1428 on IPv6. MSS noticeably below that, or a meaningful gap between TCP RTT and app RTT, suggests a tunnel or proxy in the path.
| MSS | checking... |
| Path MTU | checking... |
| TCP RTT (kernel) | checking... |
| App RTT (browser) | measuring... |
| ICMP RTT (server) | probing... |
| Proxy delay estimate | checking... |
TLS fingerprint
| JA4 | computing... |
| JA3 | computing... |
Headers
Show all received headers
loading...