SpyScan

Uncover tracking scripts, fingerprinting, and surveillance tactics lurking on the websites you visit

These are versions of this script where the code was updated. Show all versions.

  • v3.0 03. 12. 2025

    Changelog

    • Enhanced existing detections with detailed technical information sections for all threats, implemented collapsible toggle system at two levels (category-level and individual threat-level), added real-time progress bar showing exact scan phase.
    • Integrated results caching system (5-minute TTL) with instant display for recent scans and cache age indicator, added "Force New Scan" button with warning about missing initial-load threats when rescanning without page refresh.
    • Improved UI with color-coded danger levels, expandable technical details showing technique descriptions, impact assessments, risk levels, detection counts, and sample data for each threat type, reorganized threats into five categories (Trackers, Fingerprinting, Storage & Supercookies, Permissions & Access, Advanced Threats), enhanced privacy score calculation considering new detection types.
    • Added comprehensive advanced threat detection including:
      • Cookie Syncing (cross-domain ID sharing)
      • CNAME Cloaking (disguised third-party trackers via subdomains)
      • Suspicious HTTP Headers (tracking via request/response headers)
      • DOM Storage Abuse (localStorage/sessionStorage tracking patterns)
      • Network Timing Attacks (performance API fingerprinting)
      • CSS-based Tracking (visited links, external fonts, cross-origin stylesheets)
      • Obfuscated Scripts (intentionally unreadable code detection)
      • POST Data Tracking (tracking IDs in request bodies)
      • Advanced Fingerprinting Techniques (CSS media queries, Navigator properties enumeration, RAF timing, canvas timing, plugin detection)
  • v2.1.1 29. 11. 2025

    Changelog

    • I had forgotten @noframes
  • v2.1 29. 11. 2025

    Changelog

    • Removed all console.log statements for cleaner output.
    • Improved WebRTC detection to capture RTCPeerConnection usage and deprecated variants.
    • Optimized loops, conditions, and function structures using arrow functions.
  • v2.0 28. 11. 2025

    Changelog

    • Added extensive fingerprinting detection (Canvas, WebGL, AudioContext, Fonts, Screen, Sensors, Battery, MediaDevices).
    • Added advanced storage & persistence checks (Service Workers, Cache API, WebSQL, FileSystem API).
    • Added third-party iframe detection + metadata logging.
    • Greatly expanded tracker signatures (analytics, ads, social, CDNs, session-replay, storage APIs).
    • Introduced detailed detection categories with separate result arrays.
    • Added stronger UI styling using inline SVG icon, !important rules, and higher z-index.
    • Implemented console debug logging for all detection events.
    • Added delayed fingerprinting phase to capture late-loaded scripts.
    • Improved result aggregation and display in the audit window.
    • Various structural changes: new hooks/wrappers for many web APIs, reorganized detection pipeline.
  • v1.0 30. 03. 2025