What private browsing reveals about you

Martin Brinkmann
Nov 26, 2014

This is the third part of a mini series about privacy on the Internet. The other parts are linked below.

Last time we looked at what websites and sites on the Internet know about you when you connect to them. This time we are expanding on that and look at what you may reveal about your device and yourself if you are using private browsing mode.

Private browsing, Google calls this Incognito Mode, blocks information from being recorded locally.

This means that sites you connect to while in private browsing still receive information about you and your device. Your IP address, other information sent during the initial connection process, information that can be retrieved by running scripts or using plugins and also information that you may reveal yourself.

There is also a local DNS cache that will record the sites you visit. It can reveal information to third-parties that have access to the computer locally.

1. Your IP address

ip lookup

Using private browsing mode does not affect remote information. Your IP address for example is used during connections which means that websites and services on the Internet that you connect to see it.

If you connect to our IP script you will notice that it lists your IP address regardless of whether you are browsing normally or in private browsing mode.

The IP address is linked to you. It can be used directly to pinpoint the region you are living in among other things.


There are several solutions that you can use to hide your IP address. You can use a web proxy server which hides it in the tab you are using, a solution like Tor which provides you with its own browser that you can use to connect to sites or VPNs which you connect to from your local computer.

All share that sites don't see the IP address of the device you are connecting with but the IP address of another server on the Internet.

This won't necessarily anonymize the connection though so keep that in mind.

2. Fingerprinting

browser fingerprinting

Sites that you connect to may retrieve additional information about your computer. The IP address has been mentioned already but it is just one of the many information that browsers reveal when connections are made.

The user agent for example reveals information about the browser that you are using, its version and the operating system.

A test on Panopticlick or reveals additional information. This may include the time zone, screen size, the browser plugins installed, system fonts, supercookie support or HMTL 5 support.

Plugins may reveal additional information that go beyond this.

Fingerprinting itself refers to using these information to create a narrowed down or even unique ID of a system based on the information provided.


There is not a catch-all solution but you can make it harder for sites to identify your system as a unique device. Plugins can be disabled for example, you may use tools like Chameleon for Chrome or User Agent Switcher for Firefox.

Additional information about methods to protect against fingerprinting are available here.

3. The Windows DNS Cache

windows dns cache

Windows keeps a cache of DNS look ups which occur whenever you connect to sites on the Internet. This is done to speed up consecutive look ups.

What's interesting from a private browsing perspective is that it will cache these entries as well. That's right, every site you visit in private browsing mode is recorded by Windows and anyone who knows where to look for the information can look it up.

Here is how to look it up:

  1. Tap on the Windows key, type cmd.exe and select the result to load it.
  2. Type ipconfig /displaydns to display all cached entries in the command line window.
  3. To export the information use ipconfig /displaydns > c:\users\username\dns.txt
  4. Make sure you replace username with the name of the current user.

The cache records the domain name and other information about the entry. What is not recorded is the path on the site that you have accessed nor date and time when that happened.


There are two solutions. The first deletes the cache when you run a command, the second disables caching.

To flush the cache, use ipconfig /flushdns on the command line. Some third-party programs such as CCleaner offer that option as well.

To disable caching altogether disable the service DNS Client.

Check out how to flush the DNS cache in Windows for detailed instructions and additional information.

4. Accounts, forms, content production

Accounts are linked directly to you. If you use private browsing mode and sign in to an account on the Internet the site knows that you are the user regardless of private browsing mode.

This may not be an issue depending on the account in question but if you sign in to one that you use regularly as well you reveal the same amount of information than before.

The same can be true for being active on the Internet. If you write a comment on a site you may reveal your email address to that site for example.


There is no real solution for this. You could keep accounts separate but that works only if you take care of your IP address and other identifying factors as well.

As far as email addresses are concerned, you can use throwaway addresses like Yopmail for those activities.

Now You: Is there anything that we have missed? Feel free to post it in the comments below.

What private browsing reveals about you
Article Name
What private browsing reveals about you
Private Browsing (Incognito Mode) reveals information about you and the device you are using. Find out what those are and what to do about it.

Tutorials & Tips

Previous Post: «
Next Post: «


  1. Ray said on November 28, 2014 at 10:29 pm

    Thanks for listing Yopmail. Any differences between YopMail and Mailinator?

    1. Martin Brinkmann said on November 29, 2014 at 8:42 am

      I don’t think so from a user perspective.

  2. Sleeping said on November 27, 2014 at 2:42 am

    Could you please elaborate about #2? :)

  3. PhoneyVirus said on November 26, 2014 at 10:08 pm

    Guest I’ll just turn off dnscache before paying bills online from now on, thanks for the Tip Martin. The command prompt can get overwhelming by times and I totally forgot about displaying dnscache, again thanks.

    1. Martin Brinkmann said on November 26, 2014 at 10:23 pm

      Well you can also run CCleaner or another program to clear the cache regularly.

  4. Ray Redbad said on November 26, 2014 at 7:05 pm

    Note that flushing the DNS cache is temporary; it begins caching again immediately.

    Setting to Disabled the DNS Client in the Services Control Panel is a good idea as most folks don’t even need it for teh intuhwebz (being useful mostly for class A and B LANs). I believe there is a GUI utility or two out there where that can be toggled (and flushed) as-needed without having to drill into the control panel.

    Chrome and Firefox have their own DNS cache (one of the first things I disable when I install a Mozilla or Chromium browser) and I can’t readily find a definitive source as to whether or not they’re disabled during Incognito/Private mode. Do you know?

    1. Martin Brinkmann said on November 26, 2014 at 7:10 pm

      Are you sure about Firefox using its own DNS cache? I just checked running a private browsing window, clearing the cache, and then connecting in a private window to sites and they appeared in the Windows DNS Cache.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.