Find Out Which Sites Users Have Accessed In Private Browsing Modes - gHacks Tech News

Find Out Which Sites Users Have Accessed In Private Browsing Modes

Private browsing is a relative new feature that allows users to hide their web activities. The mode blocks that browsing session data os stored in the browser or on the computer's hard drive. This for instance means that no data is written to the cache or the cookie storage.

Users naturally feel safer using that mode, but that should not be the case. Why? Because there are means to find out which sites have been accessed in private browsing mode locally.

You see, one feature of the Windows operating system is a DNS cache, that stores domain name and IP links. Without going into to much details, the DNS cache records information about every website that the user opens in a web browser in Windows.

Curious Windows users just need to list the contents of the DNS cache to find out what websites a user has been visiting in private browsing mode. It may require some additional comparison to find the private browsing mode websites, but that requires just some manual work and can be neglected.

Here is how you can display the contents of the DNS cache:

  • Open a command prompt in Windows. The easiest way to do that is to press Windows-R, type cmd and the enter key.
  • Now type the command ipconfig /displaydns in the command prompt and hit enter.
  • This displays all websites that have been stored in the DNS cache. Please note that this includes everything, which means websites in all web browsers, regardless of whether they have been opened automatically (e.g. by a script on the site) or manually by the user and also other programs that connect to the Internet.

display dns

Chance is the list is too large for the command line cache. You can use the command ipconfig /displaydns > dns.txt to save the output in the text document dns.txt. It is then possible to open the document in a text editor, to see all records. Opening it in a text editor has other advantages, like being able to search through the records.

Windows offers an option to flush the DNS cache so that all records are deleted from the cache. This is done with the command ipconfig /flushdns.

flush dns

Some programs (like CCleaner) offer options to delete the DNS Cache. It is also possible to write a simple batch file to delete it on shutdown. Let me know if you like an example script that does that.

Windows users who regularly work in private browsing mode should consider clearing their system's DNS cache frequently to protect their privacy.

Summary
Find Out Which Sites Users Have Accessed In Private Browsing Modes
Article Name
Find Out Which Sites Users Have Accessed In Private Browsing Modes
Description
Private Browsing modes are not as private as they are supposed to be. This guide provides one option to look up sites visited in the mode.
Author
Advertisement

We need your help

Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats or subscription fees.

If you like our content, and would like to help, please consider making a contribution:


Previous Post: «
Next Post: »

Comments

  1. TRY said on October 3, 2010 at 6:03 pm
    Reply

    I always do the “ipconfig/flushdns” on command prompt before shutdown :D

  2. Ross said on October 3, 2010 at 8:43 pm
    Reply

    That’s like washing your clothes before burning them. DNS cache on Windows is stored only in memory; it does not survive a reboot.

    1. Martin said on October 3, 2010 at 10:02 pm
      Reply

      Ross yes that is right. Still, the option is valid for users who leave the computer on for days for example, or leave it on while they are not at home.

  3. FL said on October 4, 2010 at 1:19 pm
    Reply
    1. Martin said on October 4, 2010 at 1:29 pm
      Reply

      FL, yes that is another possibility, if the sites make use of Flash cookies. Private browsing is not really that secure, unless you take good care of the temporary data that gets written to the system.

  4. Nebulus said on October 5, 2010 at 10:22 am
    Reply

    I use a simpler solution: i disable “DNS client” service completely. The downside of this action is that I give up having a DNS cache (each application that connects to internet is resolving the addresses directly), but I solve some security issues related to DNS resolver.

  5. Andrew said on October 6, 2010 at 11:22 am
    Reply

    I just don’t use DNS. Simple as that

  6. Anonymous said on February 6, 2011 at 5:18 am
    Reply

    Um, any help with retrieval on Linux??

  7. Kym said on April 20, 2012 at 3:03 am
    Reply

    Hi, i’ve tried doing the dns.text but when Note pad opens it there is only the sites I just visited. None of the history on my laptop is being deleted so why can I not see other history? Am I just doing something wrong? After doing command I go and find the file and Note pad opens it? Please help. Kym

  8. lee said on October 6, 2012 at 10:28 pm
    Reply

    When I try to open this a box flashes up very quickly but then dissapears straight away. Whats happening ?

  9. Rachel said on February 9, 2013 at 5:11 am
    Reply

    how to find out dates with these websites??

  10. Mike said on June 20, 2014 at 5:01 pm
    Reply

    I personally tried to see if I could find sites I went to under “Private Browsing” but it does not work. I went to 3 different sites but when I wrote it to a txt file and viewed them I could not find it in there. Even after I flushed dns and tried again knowing I should have nothing there except for the private information. As a matter of fact I believe all I was seeing were the banners and ads from the sites I went to. The actual site I typed in was not showing up.

    Mike

    1. linda said on October 31, 2015 at 5:52 pm
      Reply

      same problem here Mike

  11. misha said on April 20, 2016 at 4:15 pm
    Reply

    same problem here..i cant see what i visited!

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

Please note that your comment may not appear immediately after you post it.