CyDec Platform Anti-Fp
Stop trackers in their tracks.
What is it?
Anti-Fp is a Windows application that when combined with the browser extension provides the ability to change almost all
aspects of your browser fingerprint.
Why should I care?
If you care about your privacy on the Internet, then you should be worried about how trackers and advertisers are able to follow you around the web.
Your browser leaks a lot of information that can be used to create a unique fingerprint of your browser, and in some cases system itself, in order to
The only way to truly defeat this form of tracking is with a tool like
Anti-Fp allows you to create custom fingerprint profiles that can be applied on a per-browser or per-domain basis.
currently supports 10 browsers so fingerprint management can be coordinated and synchronized across your browsing platforms.
The first thing to do is download
Anti-Fp. The current release is:
The browser extensions are a key component of
Anti-Fp. Without the extensions, the application is not able to actually apply the
fingerprints to the browser session.
The browser extensions work both with and without
Anti-Fp running. When
Anti-Fp is not running, the extensions are
limited in what they can do. This is because
Anti-Fp contains the logic needed to apply the specific anti-fingerprint profiles.
In this limited mode, certain capabilities are not available (such as ETag, Fonts and WebRTC). Also, the extensions fall back to using random
values instead of specific values that can be set when using
The way you can tell if the extension is currently communicating with
Anti-Fp is by looking at the status indicator icon. When
not connected, the status icon will be pulsing red. When the extension is communicating with
Anti-Fp the status icon will be blue.
The main popup window will also have different options.
'Global Settings' and 'Domain Settings' relate to if a spoof category is applied or not. Global settings are the final say whether a particular spoof category is enabled. When a global setting switch is toggled off, that particular setting will be disabled regardless if a domain specific setting is enabled. Domain specific settings are like the global settings except they only apply to the particular domain.
The 'Site Domain List' shows you all the sub-domains that were contacted when visiting the main domain. Generally, this will highlight all the ad networks that the site uses. You can set the 'Use main domain settings' option so that all the sub-domains will use the same profile as the main domain. This option overrides all domain settings so if one of those sub-domains was individually configured, the main domain settings will rule. However, the sub-domain settings are not changed. The main domain settings will only apply for that sub-domain when contacted via the main domain.
The 'Domain History List' is simply a list of all domains that you have browsed. This not only shows you all domains and sub-domains that were contacted, it also allows you to set individual options.
The options that can be set are slightly different based on whether you are using the Firefox extension or the Chrome extension. Because 9 of the 10
Anti-Fp supports are Chromium-based, there needs to be a way to distinguish between the versions. In order to do that,
there is a setting in the Chrome-based extension that allows you to set the specific variant.
Additional options that are found in both extensions are a randomization option and a domain reporting option.
- Re-sync IP values: If IP sync is enabled, you can re-sync your IP details manually if you change proxies mid-session.
- Use Random Values: If no browser or domain specific fingerprint is assigned to this browser then random values can be used instead. If you only want assigned fingerprints to be used, then turn this option off.
Domain Reporting: If enabled and if
Anti-Fpis running, domains will be reported to the local service so that fingerprint profiles can be assigned. This is disabled by default.
AntiFp.com is an online profile builder that is similar in function to the Anti-Fp
application. Through the site, you can create new and modify existing profiles which are then synced to your account. Once synced,
they can be loaded by the extension. The benefit of the site is that you do not need to install the application to create
new fingerprints. While it doesn't give you per-browser or domain targeting, it is useful for users that do not run Windows.
You must have a valid license to use antifp.com. To login, simply use the email address that you used when purchasing the license and provide the 36-character license key. Once you login, your profiles will sync automatically. All of the controls are in the upper-right hand corner of the menu bar. From there, you can:
Create a new profile
Copy an existing profile
Load an existing profile
To delete a profile, simply load it and then click the trash can icon next to its name.
The whole concept behind
Anti-Fp is to create custom browser fingerprints that can be applied to a specific browser or domain.
On the main window of
Anti-Fp with the Fingerprints tab selected, you will see all currently configured fingerprints along with their
To create a new fingerprint, click the Create button. This will open the Create Profile window as seen below.
Anti-Fp provides a high degree of customization. From here, there are almost 100 different settings that can be configured
in order to create the exact fingerprint you desire. Many of the settings are self-explanatory and should be easy to understand what
they are designed to spoof.
Once you create a fingerprint, you have the option of sharing it with other
Anti-Fp users and conversely you can download
fingerprints created by other users. Once a fingerprint is shared, it is sent to Heilig Defense where it will be vetted and once approved
it will be put on the server for download. You can share and sync fingerprints from the Sync page on the main window.
Fingerprints can be enabled or disabled. When a fingerprint is enabled, it is pushed to the extensions to be used. When it is disabled,
then the extension will not use it.
Toggling fingerprint status is easy. You can simply highlight a fingerprint in the listbox and then select the button to set the appropriate status. You can also use the context menu from the task tray icon to do bulk enable/disable operations.
While creating a profile is the first step, before it is used by the extension it must be assigned to either a browser or a domain. To assign a fingerprint to a specific browser or domain, highlight the fingerprint in the listbox and click the Assign button. This will open the following window.
Here you can select which browsers you want the selected fingerprint assigned to along with any specific domains. Visited domains are reported by the extension to
Anti-Fp so that you can easily select and assign fingerprints.
Anti-Fp currently supports 10 browsers. Nine of them are Chromium variants while the last one is Firefox. As mentioned,
fingerprints can be assigned to 1 or more browsers so that you can project the exact fingerprint you desire.
In order for
Anti-Fp to distinguish between the different Chromium variants, the appropriate browser flag must be selected in
the extension options under the Chrome Type header. If the appropriate browser is not set, then
Anti-Fp will just think it is
communicating with Chrome. This obviously will lead to unexpected results.
Per-domain targeting provides an extra level of precision for your anti-fingerprinting efforts. Assigning fingerprints to a domain is easy.
Just like with the browsers, you simply select the domains you want a fingerprint assigned to.
When domain reporting is enabled, you will see the different domains you have visited when assigning fingerprints or when managing the domains. To make searching easier, the domains will filter as you type in the textbox. The Manage Domain window, as shown below, just allows you to add or delete existing domains.
If you have not visited a domain yet but know you would like to target it specifically, you can manually enter the domain in the provided input box to add it to the list.
Anti-Fp provides two profile sync capabilities. One is syncing with our public profile repository and the other is syncing
your personal repository. The public repository is controlled by Heilig Defense with a curated set of profiles. These profiles can be
downloaded when you run
Anti-Fp to get you quickly started. When you make your own custom profiles, you have the option of
sharing them with us in order to grow our library. If the profile is complete and unique, we will add it to our repo.
We also offer a personal repo where you can store all your profiles. This repo is then accessible through the extension with a proper license. So, you can create profiles using
Anti-Fp and save them to your repository on one machine and then sync them with
your extension on another.
Once you sync your profiles through your extension, you can then pick and choose the profile you want to use. You also have the ability to make some minor tweaks to the profiles. There are currently four areas that can be modified.
- Screen size
The Options tab on the main window provides access to a few settings that control
The user-agent listbox is simply a listing of all user-agents that have been reported by the extension to
Anti-Fp. This is
just provided so you can see what user-agent is currently in use and allows you to copy it if selected.
You can set the path where the database resides. You can clear the database, export configured fingerprints and re-import them at a later time. The database can also be password protected. This will encrypt the database with your own password. If set, the password must be entered successfully before
Anti-Fp will load. The password can also be used to provide a little bit extra security by
Anti-Fp. When it gets minimized to the task tray, the password will be required before it will display again. This is a
simple security measure that can prevent other local users from modifying your
As mentioned above, domain reporting must be enabled in both the extension and
Anti-Fp. If you do not want domains saved locally,
then check the 'Do not save domains' checkbox.
Anti-Fp can automatically sync your time zone and language to your IP address. This is useful when using a proxy and you want your fingerprint
profile to be as realistic as possible. To enable this feature, you first must check the 'Enable IP sync' option. This tells the extension that
it should query for IP details. You must also enable this feature in the specific fingerprint profiles that you want to sync. Note that if you
change your proxy mid-session, you must manually re-sync your details through the extension interface.
Anti-Fp does not detect IP changes.
You can also set
Anti-Fp to automatically start with Windows.
When enabled, the CyDec extension will notify you when it detects that certain fingerprinting functions have been called. While it is not
definitive, detection of the functions can provide a warning that a tracker is attempting to fingerprint you. CyDec is configured to
alert on the most common functions used for fingerprinting but it is not an all-encompassing list.
In addition to writing a message to the console, CyDec will also display a notification. The notifications use the built-in browser notification functionality which is a toast-style message that will appear in the bottom corner of your screen. If notifications do not appear, it is likely to be a browser settings issue.
When alerts are enabled while
Anti-Fp is running, you can see the history of all recorded alerts by right clicking the task tray icon
and selecting the 'Alerts' menu. That will open up the alerts window which simply shows the category of the possible fingerprinting,
the actual function that was called and the domain where it was detected. If domain reporting is disabled in the extension then this
field will be blank.
There are a number of icons that are used to display status information about the current
Anti-Fp state. The first is the task tray
The task tray icon provides access to a context menu through a right click. Double clicking the icon will bring
Anti-Fp back from a
minimized state. From the context menu, you can exit
Anti-Fp, access the license form to enter a valid license key and open the
feedback window to send bugs, comments or suggestions to Heilig Defense. Also from the context menu is the ability to quickly enable or disable profiles. This can be done at a global level, at the browser level or
at a domain level. Note that if password protection is enabled, the context menu is only available when the main window is visible.
Anti-Fp is initializing, the task tray icon will be animated. Once
Anti-Fp has everything setup will the icon
go to the normal static state.
In addition to the animated task tray icon, you can also tell the status of
Anti-Fp by looking at the indicator icon in the top left
corner of the main window.
In order for
Anti-Fp to communicate with the browser extensions, it must setup a local listener. It currently uses port 61006 which was just a
randomly chosen port number with no significance. This port, like all port numbers, may conflict with other software. In most cases this would be
a browser. If
Anti-Fp cannot open that local port for its own use then it will not be able to communicate with the extensions and the
status of the communication is shown with the status icon above. When it is all white, then
Anti-Fp is currently trying to setup the
local listener. If it is colored like the image above, then the listener was successfully setup and is ready to communicate with the extensions.
Anti-Fp is not able to connect after a short amount of time, you may have to close your open browsers to release the port so
can use it.
The final set of status icons indicate which browsers
Anti-Fp is currently communicating with. These can be seen in the bottom left
corner of the main window. Initially, all the icons start out as white silhouettes. But as the browser extensions start to connect to
Anti-Fp their icon will change.
You can try the
Anti-Fp application free for 7 days. Once your trial period is up you will have to purchase a license to continue using the
Anti-Fp application. The browser extensions are free to use however the functionality is limited when not used in conjunction with
When you install
Anti-Fp, you will have the option of entering a license key or requesting a trial license. When
starts, it will validate the license key or the trial period. If the trial period has ended, then you must enter a valid license key to continue
Once a license is used for the first time, it becomes associated with that particular system. While the license is a floating license, it first must be released from the current system before it can be re-used on a new system. In order to release the license, you need to open the license window, either from the main window or context menu, and click the Release button. If the license was successfully released, then
close. The key is then free to be used on a new system.
If for some reason you are not able to release the key on the old system and your new system is not accepting it, please contact Heilig Defense (firstname.lastname@example.org) for assistance.
When you purchase an Anti-Fp license, the key can also be applied to the extension on other systems that are not running Anti-Fp so that you can
sync your personal fingerprint profiles. To do this, from the main extension click the 'License' link which will popup 'License' dialog. Here
you will see your current license status and two buttons. Click the 'Set License' button to bring up the 'Set License' dialog. You need to
enter the email address you used when purchasing your
Anti-Fp license and the key itself. When you click 'Validate' the extension
will contact Heilig Defense and attempt to validate the information. If the email and license are valid, then the dialog will close and your
fingerprints will automatically sync. You will be notified of any errors.
Saved fingerprint profiles are automatically synced when the extension loads. However, you can also re-sync manually by clicking the
'Sync Fingerprints' button. You'll want to do this after you save any profile changes made with
Anti-Fp has a built-in ability to provide feedback directly from the application. Simply open the task tray context
menu and click Feedback. You can send us comments, suggestions, or detail any bugs you found. Whatever it may be, we would love to hear from you.
v1.2020.293.1530 (APP/EXT) (19 OCT 2020)
- RELEASED: https://www.antifp.com
- ADDED: SpeechSynthesis spoofing.
- ADDED: Ability to toggle status of anti-anti-fingerprinting.
- ADDED: getClientRects blocking.
- ADDED: Ability to set multiple values for memory, threads and touchpoints.
- ADDED: Three built-in profiles to limit site breakage for new users.
- ADDED: More built-in user-agents.
- ADDED: Force sync button to refresh profiles.
- UPDATED: Public fingerprints with latest options.
- UPDATED: Changed random plugin generator output.
- UPDATED: Options page for better domain management.
- FIXED: Other minor bugs.
- UPDATED: Enhanced anti-anti-fingerprinting.
- UPDATED: Changed way that user-agent details are randomized.
- ADDED: CSS filtering of screen resolution leaks.
- ADDED: Math randomization.
- ADDED: Additional canvas and SVG spoofing.
- ADDED: Ability to sync timezone and language to IP address (currently uses ipapi.co for look-up).
- FIXED: Sub-domains using main domain settings.
- ADDED: Fingerprint detection and notifications.
- ADDED: Anti-anti-fingerprinting capabilities.
- ADDED: Support for Iridium browser.
- ADDED: WebGL unmasked renderer and vendor.
- UPDATED: Extension profile override is now persistent and applies to all tabs.
- UPDATED: Separated timezone location and name for more granular control.
- UPDATED: Redesigned extension.
- FIXED: Numerous bugs.
- ADDED: Screen size offsets of current resolution.
- ADDED: VRDisplay spoofing and blocking.
- ADDED: Gamepad spoofing and blocking.
- ADDED: sendBeacon blocking.
- ADDED: Geolocation spoofing, blocking and setting.
- ADDED: Media device spoofing.
- UPDATED: All extension options now available.
- UPDATED: UI updates.
- FIXED: Installer bug.
- ADDED: Per-tab profile override support. Must have extension version >= 1.2020.132.240.
- FIXED: Minor user interface issues and improvements.
- ADDED: getClientRects spoofing.
- UPDATED: Audio, Canvas, and WebGL can now be spoofed with a specific jitter value. This allows for a unique fingerprint that can stay consistent across requests.
- FIXED: Update version comparison fails for specific values.
- FIXED: Minor user interface issues.
- Initial release.