CERBERUS // FULL

SIGNAL	POINTS	WHY IT MATTERS
Browser identified	+8	Version + engine narrows you to a small group
OS identified	+5	Combined with browser, very specific
Screen resolution	+5	Uncommon resolutions are rare identifiers
Language detected	+5	Language + timezone combo is highly unique
Timezone detected	+5	Narrows location independently of IP
DNT not set / disabled	+5	Most users don't set it → slight signal
WebGL GPU exposed	+12	GPU model+driver is nearly unique per device
Canvas fingerprint	+10	GPU+OS rendering differences = unique hash
Audio fingerprint	+8	Audio hardware processing is device-unique
WebRTC local IP leaked	+20	Critical – reveals real IP even through VPN
VPN/proxy detected	+25	Hosting ASN or proxy flag from ip-api.com
Incognito detected	+15	Storage quota trick reveals private mode
Plugins detected	+2 each	Plugin list is a strong fingerprint vector
Fonts detected	up to +15	Installed font set is highly device-specific
Permission granted	+5 each	Camera/mic/geo access = high-value data
CPU ≤ 2 cores	+5	May indicate VM, bot, or old hardware
Bot signals (WebDriver etc)	+20–30	Automation tools detected in window/navigator
AbuseIPDB score > 10%	+15–30	IP has been reported for abusive behavior
Browser capabilities	+1 each	Active API count contributes to uniqueness
Connection type exposed	+3	Network Information API reveals connection

SIGNAL

POINTS

WHY IT MATTERS

Browser identified

Version + engine narrows you to a small group

OS identified

Combined with browser, very specific

Screen resolution

Uncommon resolutions are rare identifiers

Language detected

Language + timezone combo is highly unique

Timezone detected

Narrows location independently of IP

DNT not set / disabled

Most users don't set it → slight signal

WebGL GPU exposed

+12

GPU model+driver is nearly unique per device

Canvas fingerprint

+10

GPU+OS rendering differences = unique hash

Audio fingerprint

Audio hardware processing is device-unique

WebRTC local IP leaked

+20

Critical – reveals real IP even through VPN

VPN/proxy detected

+25

Hosting ASN or proxy flag from ip-api.com

Incognito detected

+15

Storage quota trick reveals private mode

Plugins detected

+2 each

Plugin list is a strong fingerprint vector

Fonts detected

up to +15

Installed font set is highly device-specific

Permission granted

+5 each

Camera/mic/geo access = high-value data

CPU ≤ 2 cores

May indicate VM, bot, or old hardware

Bot signals (WebDriver etc)

+20–30

Automation tools detected in window/navigator

AbuseIPDB score > 10%

+15–30

IP has been reported for abusive behavior

Browser capabilities

+1 each

Active API count contributes to uniqueness

Connection type exposed

Network Information API reveals connection

PROTECTION GUIDE // MINIMIZE YOUR DIGITAL FOOTPRINT

// 01. IP & LOCATION

⚠ Risk: HIGH – exposes city, ISP, real identity Use a trusted VPN (Mullvad, ProtonVPN) Tor Browser hides IP completely Avoid free VPNs – they log & sell data Enable DNS-over-HTTPS in browser Block WebRTC leaks in settings
→ mullvad.net → protonvpn.com

// 02. BROWSER FINGERPRINT

⚠ Risk: HIGH – uniquely identifies you without cookies Use Firefox with arkenfox user.js Or use Tor Browser (best anonymity) Install uBlock Origin + CanvasBlocker Disable WebGL in about:config Use common screen resolution (1920x1080)
→ arkenfox user.js

// 03. CANVAS & WEBGL

⚠ Risk: HIGH – reveals GPU, driver, OS combo Firefox: privacy.resistFingerprinting = true Extension: CanvasBlocker (Firefox) Extension: Canvas Fingerprint Defender Brave browser spoofs canvas by default
→ CanvasBlocker

// 04. AUDIO FINGERPRINT

⚠ Risk: MEDIUM – unique to audio hardware Firefox: privacy.resistFingerprinting blocks it CanvasBlocker also covers AudioContext Brave adds noise to AudioContext output Disable Web Audio API if not needed

// 05. FONTS & PLUGINS

⚠ Risk: MEDIUM – unique font set = unique fingerprint Fewer installed fonts = less unique Tor Browser only uses built-in fonts Disable or minimize browser plugins Remove unnecessary browser extensions Use a clean browser profile for sensitive work

// 06. PERMISSIONS & SENSORS

⚠ Risk: MEDIUM – camera/mic/geo can track you Review site permissions regularly Deny geolocation by default Use physical camera/mic covers Disable motion sensors in browser Never grant persistent permissions

// 07. BEHAVIORAL TRACKING

⚠ Risk: MEDIUM – mouse/scroll patterns are unique Vary your interaction speed & patterns Use keyboard navigation instead of mouse Tor Browser adds timing randomization NoScript blocks JS-based tracking

// 08. NETWORK & DNS

⚠ Risk: HIGH – DNS reveals every site you visit Enable DoH (DNS over HTTPS) Use Cloudflare 1.1.1.1 or Quad9 Pi-hole for network-wide ad/tracker blocking Check for DNS leaks at dnsleaktest.com
→ dnsleaktest.com

// 09. RECOMMENDED TOOLS

Tor Browser – max anonymity Brave Browser – built-in shields Mullvad VPN – no logs, anonymous EFF Cover Your Tracks – test yourself BrowserLeaks.com – full leak test AmIUnique.org – fingerprint check