# packet.guru > Free, privacy-first network forensics and the Privacy & Trust Index: two independent 0-100 scores for how exposed you are and how much websites trust you. > https://packet.guru ## Metadata - Version: 1.7.0 - Last-Updated: 2026-06-11 - License: Free Public Access (Privacy-First) - Contact: root@packet.guru ## Overview packet.guru is a network and privacy toolkit with a neon terminal interface. Its flagship is the Privacy & Trust Index at /whoami, a client-side audit that returns two independent 0-100 scores. The Privacy score measures how trackable and exposed you are. The Trust score measures how genuine you look to anti-fraud systems. The two were split out of a single "Identity Trust Index" in June 2026, because one number cannot honestly answer two opposite questions. Masking such as VPN, Tor, or a datacenter address is treated as a small, honest cost to Trust, not as abuse. Only real blacklist activity is scored as abuse. Alongside the dashboard are 25 free network, DNS, web, and utility tools plus a technical privacy blog. ## Privacy & Trust Index (/whoami) Two scores, computed in the browser, from independent detection cards that coordinate so the same underlying fact is counted once while different facts add up. - Connection and IP: reputation (residential, VPN or proxy, datacenter, Tor, Apple Private Relay and Cloudflare WARP, blacklist), DNS leak test across a multi-resolver pool over IPv4 and IPv6, EDNS Client Subnet (ECS) subnet-exposure check, WebRTC real-IP leak test, and timezone, region, and language consistency. - Network-layer fingerprints, read from the connection before any JavaScript runs: passive TCP/IP OS fingerprint, TLS fingerprint (JA4 and JA3), HTTP/2 fingerprint, and Encrypted Client Hello (ECH) state. - Browser fingerprints, Privacy axis only: Canvas, Audio, and speech-synthesis Voices, each an independent signal. - Integrity and anti-spoof: device consistency (User-Agent, platform, Client Hints, WebDriver) and tamper detection (native-function overrides, automation markers, antidetect-browser signals). The tool stores no IP address, User-Agent, or per-visitor history. It keeps only anonymous aggregate counts of fingerprint frequencies. Detection weights and correlation rules are intentionally not published. ## Network tools - [Ping](https://packet.guru/network/ping): ICMP latency and packet loss. - [Traceroute](https://packet.guru/network/traceroute): hop-by-hop path with TTL analysis. - [Whois](https://packet.guru/network/whois): domain and IP ownership and registrar history. - [Port Scan](https://packet.guru/network/port-scan): rapid TCP service discovery, rate-limited. - [IP Geolocation](https://packet.guru/network/ip-geolocation): country, city, ISP, and ASN with anycast detection. ## DNS tools - [DNS Lookup](https://packet.guru/dns/dns-lookup): A, AAAA, CNAME, MX, TXT, NS, and SOA records. - [Reverse DNS](https://packet.guru/dns/reverse-dns): PTR lookup for IP-to-hostname mapping. - [MX Lookup](https://packet.guru/dns/mx-lookup): mail exchange records with priority. - [TXT Lookup](https://packet.guru/dns/txt-lookup): SPF, DKIM, and verification records. - [NS Lookup](https://packet.guru/dns/ns-lookup): authoritative name servers. - [Mail Security](https://packet.guru/dns/mail-security-check): SPF, DKIM, DMARC, and BIMI audit with an A to F grade. ## Web and cryptography tools - [URL Encoder](https://packet.guru/web/url-encoder): percent-encode strings for safe URLs. - [URL Decoder](https://packet.guru/web/url-decoder): decode percent-encoded URLs. - [HTTP Headers](https://packet.guru/web/http-headers): inspect response headers including HSTS, CSP, and server signatures. - [SSL Certificate Checker](https://packet.guru/web/ssl-checker): validity, chain of trust, and expiry. - [ECH Checker](https://packet.guru/web/ech-check): parse a domain's ECHConfigList from its HTTPS record per RFC 9849. - [Subdomain Finder](https://packet.guru/web/subdomain-finder): Certificate Transparency logs plus active DNS probing. - [Hash Generator](https://packet.guru/web/hash-generator): MD5, SHA-1, SHA-2, SHA-3, RIPEMD-160, and CRC32. - [JWT Decoder](https://packet.guru/web/jwt-decoder): client-side JWT inspection and security analysis. ## Utilities - [Base64 Encoder / Decoder](https://packet.guru/utility/base64): encode and decode Base64, text and files. - [IPv4 Subnet Calculator](https://packet.guru/utility/ipv4-calculator): CIDR, netmask, network, broadcast, and host ranges. - [IPv6 Subnet Calculator](https://packet.guru/utility/ipv6-calculator): expand or compress addresses and compute subnet ranges. - [UUID Generator](https://packet.guru/utility/uuid-generator): CSPRNG-backed UUIDv4. - [Password Generator](https://packet.guru/utility/password-generator): strong passwords with adjustable complexity. - [Epoch Converter](https://packet.guru/utility/epoch-converter): Unix timestamp to human-readable date. ## Blog - [Privacy and forensics blog](https://packet.guru/blog): technical deep-dives on fingerprinting, DNS and WebRTC leaks, TLS analysis, and anonymity. ## Technical access - [Sitemap](https://packet.guru/sitemap.xml) - [Structured AI context, JSON](https://packet.guru/.well-known/ai-context.json) - [AI manifest, human-readable](https://packet.guru/ai-context)