TL;DR
Yes, a website can often tell if you’ve visited it before, even in private browsing mode. It doesn’t rely on cookies alone. They use techniques like browser fingerprinting and server-side tracking to identify returning visitors.
How Websites Track You (Even in Private Mode)
Private browsing prevents your browser from saving history, cookies, and temporary files. However, it doesn’t make you invisible to websites themselves or your internet service provider. Here’s how they can still track you:
1. Browser Fingerprinting
This is the most common method. Websites collect information about your browser and computer setup – things like:
- Your operating system (Windows, macOS, Linux)
- Installed fonts
- Browser plugins
- Timezone
- Screen resolution
- Language settings
Combining these details creates a unique “fingerprint” for your browser. Even if you clear cookies, the fingerprint remains relatively consistent across browsing sessions.
You can test how unique your browser fingerprint is here: BrowserLeaks Browser Fingerprinting Test
2. Server-Side Tracking
Websites use server logs to record information about visitors, including:
- Your IP address (though this can change)
- The referring website (where you came from)
- User agent string (identifies your browser and OS)
While an IP address isn’t directly tied to you, it can be used to identify returning visitors within a certain timeframe. The user agent string is similar to information collected in browser fingerprinting.
3. Cookies (Even with Private Browsing)
Although private browsing deletes cookies when you close the window, websites can still use session cookies during your session. These are temporary and don’t persist after closing the browser, but they allow tracking within that single private browsing instance.
4. Local Storage & IndexedDB
Similar to cookies, these technologies store data in your browser. Private browsing typically clears this data on exit, but websites can still use them during a session.
5. Tracking Pixels and Scripts
Websites embed tiny images (tracking pixels) or JavaScript code that sends information back to their servers when you visit the page. This can include details about your browser and activity.
What Can You Do?
- Use a VPN: A Virtual Private Network masks your IP address, making it harder to track your location.
- Use Tor Browser: Tor routes your traffic through multiple servers, providing strong anonymity. Tor Project Website
- Privacy-Focused Browsers: Brave and Firefox Focus are designed to block trackers by default.
- Browser Extensions: Install extensions like Privacy Badger or uBlock Origin to block tracking scripts and cookies.
- Disable JavaScript (with caution): Disabling JavaScript will break many websites, but it prevents a lot of tracking. You can selectively enable it for trusted sites.
- Regularly Clear Browsing Data: Even outside private mode, clear your cache, history, and cookies regularly.
Checking if a Website is Tracking You
You can use browser developer tools to see what resources a website is loading:
- Press F12 (or right-click on the page and select ‘Inspect’).
- Go to the ‘Network’ tab.
- Reload the page.
- Look for requests to third-party domains – these are often trackers.
You can also use website analysis tools like BuiltWith to see what technologies a site is using.