What Can a Website See When You Access It?
When accessing a website, it is not accurate to think "I am anonymous as long as I did not enter my name."
Multiple pieces of information other than a name may reach the website side. Examples include the source IP address, access time, accessed URL, User-Agent, cookies, login state, referrer, and browser or device characteristics.
Each of these may not directly show a personal name by itself. However, when multiple pieces of information are combined, they may be linked as the same user's behavior, or used to infer the usage environment.
When thinking about anonymity, what matters is not "whether I entered my real name," but "which information is visible to the other party and which information can be linked together."
Information that may be visible to the website side
To display a website, the browser sends a request to a server. The server processes that request and returns HTML, CSS, images, JavaScript, API responses, and similar data.
At that time, information needed for communication and processing reaches the website side. Here, "website side" may include not only the site operator's server, but also a CDN, reverse proxy, analytics, advertising delivery, authentication infrastructure, and similar systems.
| Information | What it indicates | Relationship to anonymity |
|---|---|---|
| Source IP address | Information indicating the source network | Can become material for inferring connection, region, organization, source changes, and similar clues |
| Access time | When access occurred | Becomes material for matching with behavior patterns and other logs |
| URL | Which page or API was accessed | Browsing content, search conditions, or operation targets may be visible |
| User-Agent | A string indicating browser, OS, device type, and similar information | Becomes material for inferring the usage environment |
| Data saved in the browser and sent if conditions match | Used for return visits from the same browser, login state, and keeping settings | |
| Login state | A state where an account and session are connected | Access content may be linked to the account |
| Referrer | Information indicating which page the user came from | The traffic source or immediately previous browsing route may be visible |
| Browser and device characteristics | Screen size, language, time zone, supported features, and similar traits | May become identifying clues when combined with other information |
Not every website records these in the same way. The visible information also changes depending on browser settings, site design, security policy, cookie settings, and whether JavaScript is present.
However, when thinking about anonymity, you need to understand these as "information that may be visible."
Source IP address
When you access a website, the source IP address is normally visible to the destination. An IP address is information needed to make internet communication work.
An IP address does not always reveal a personal name or exact address. However, it may allow inferences about the carrier being used, the source region, or whether the network may belong to a company, school, public institution, or similar organization.
Also, with home lines and smartphone lines, multiple people may share the same global IP address. For that reason, an IP address alone does not necessarily identify one user.
On the other hand, when an IP address is combined with access time, cookies, login state, User-Agent, and similar information, it becomes strong material for identification and matching. In anonymity, the IP address is important, but looking only at the IP address is not enough.
Access time
The website side may record the time when access occurred as a log. Access time does not indicate a personal name by itself, but it becomes meaningful when combined with other records.
For example, records of access to a specific page at a specific time may combine with login records, payment records, inquiry records, cookies, IP addresses, and similar information, making it possible to infer connections between actions.
For anonymity, not only "what was accessed" but also "when it was accessed" matters. Time information tends to become an axis for matching multiple logs.
URL
The website side can see which URL was accessed. In particular, URL paths and query parameters may contain information related to browsing content or operation content.
For example, suppose there is a URL like this.
https[:]//example.com/search?q=privacy
In this case, the website side may be able to understand that /search was accessed and that the search condition q=privacy was attached.
Here, example.com is a domain name often used for explanation. It is not introducing a specific real site; it is treated as a string for explaining URL structure.
URLs may contain search terms, article IDs, product IDs, user IDs, campaign IDs, tracking parameters, and similar values. For that reason, a URL is not merely a page address. It may become information representing part of the access content.
However, the fragment after # in a URL is normally not sent to the server in an HTTP request. For example, #section1 in https[:]//example.com/page#section1 is mainly a part used on the browser side.
In this way, it is also important to separate which parts of a URL reach the server.
User-Agent
User-Agent is a type of request header that the browser sends to the server. It may include browser name, OS, device type, rendering engine, version information, and similar details.
Websites may use User-Agent to switch between PC-oriented and smartphone-oriented display, or to decide how to handle older browsers.
User-Agent alone does not necessarily identify an individual. However, when combined with IP address, cookies, access time, language settings, screen size, login state, and similar information, it becomes material for distinguishing the usage environment.
In recent years, there have been moves to reduce the amount of information in User-Agent for privacy protection. However, that does not mean User-Agent or similar browser information becomes unrelated to anonymity.
Cookie
A cookie is data that a website saves in the browser and that is sent again with requests matching the conditions. Cookies are used for maintaining login state, shopping carts, display settings, analytics, session management, and similar purposes.
When a cookie exists, the website side can judge that "this may be the same browser that accessed before." For that reason, even if you have not entered a name, you may be treated as a return visit from the same browser.
What is especially important for anonymity is that even if the IP address changes, if the cookie remains, you may be linked as the same user.
For example, even if you access a website once and then access it again from a different network, if the same cookie is sent, the website side may be able to judge it as a return visit from the same browser.
A cookie is not a "name." However, because it can be used for continuous identification, it is very important information for anonymity.
Login state
Login state is a very strong identification factor when evaluating anonymity.
If you are logged in to a website, access content and operation content may be linked to the account. Even if you have not entered your real name, it may connect to account ID, email address, phone number, payment information, past usage history, and similar data.
Also, login state is often maintained by cookies and session information. In other words, cookies and login state are separate concepts, but in actual web use they are closely related.
When thinking about anonymity, "I did not enter my real name, so it is fine" is insufficient. Once you are logged in, activity may be handled at the account level.
Referrer
A referrer is information indicating the page you were viewing before moving to another page. In HTTP, it may be sent as the Referer header.
For example, if you move from search results, social media, a forum, or an article page to another website, the destination website may be able to understand the referrer.
When the referrer is visible, the website side can infer "where the user came from." Depending on the case, search keywords, page names, campaign information, or the immediately previous browsing context may also be visible.
However, the referrer is not always sent completely. Depending on browser specifications, Referrer-Policy, HTTPS handling, link attributes, and site-side settings, it may not be sent or only part of it may be sent.
For that reason, it is accurate to understand the referrer not as "information that is always visible," but as "information that may be visible depending on conditions."
Browser and device characteristics
Websites may use browser and device characteristics to display pages correctly. Screen size, language settings, time zone, supported fonts, supported APIs, input methods, device performance, and similar details may be involved.
When JavaScript is enabled, the amount of information that can be obtained on the browser side may increase. That information may be used for display optimization, error analysis, abuse prevention, analytics, and similar purposes.
What matters here is that even if each individual piece of information looks small, combinations can make the characteristics of the usage environment stand out strongly.
This article does not go deep into browser fingerprints. However, as an entry point for thinking about anonymity, you need to understand that browser and device characteristics can also become material for identification.
Even with HTTPS, requests reach the website side
HTTPS is a mechanism that encrypts communication between the browser and the destination server. It helps make it harder for third parties along the communication path to eavesdrop on or tamper with communication contents.
However, HTTPS is not a mechanism that makes nothing visible to the website side.
To display a website, the server needs to receive the request, process the contents, and return a response. For that reason, even with HTTPS, the destination server side handles request contents, cookies, login state, access time, and similar information.
In other words, HTTPS has strong meaning for protection in transit. On the other hand, it is not a mechanism for becoming anonymous to the destination website.
The understanding "HTTPS means anonymous" is wrong. HTTPS is important as a security technology, but it needs to be considered separately from anonymity.
Information recorded in server logs
A web server may record access logs. Log contents vary by server software and configuration, but generally the source of access, time, request, status code, transferred bytes, and similar information may be recorded.
Depending on settings, User-Agent and referrer are also recorded.
| Information that may be included in logs | Meaning | Caution |
|---|---|---|
| Access source | Source IP address and proxy information | Visibility may change with CDN or reverse proxy configuration |
| Time | Date and time the request was processed | Tends to become an axis for matching with other logs |
| Request line | HTTP method, path, HTTP version, and similar values | URL path and query may be included |
| Status code | Response result such as 200, 404, or 500 | Used for access success/failure and error analysis |
| User-Agent | Browser, OS, and similar information | Becomes material for inferring the usage environment |
| Referrer | Which page the user came from | May not be sent, or only part may be sent, depending on policy |
Logs are used for site operation, incident investigation, security monitoring, abuse prevention, analytics, and similar purposes. From the perspective of anonymity, it is important to understand "in what form the fact that you accessed a website may be recorded."
Combinations matter more than single pieces of information
When thinking about anonymity, focusing on only one piece of information can easily lead to the wrong judgment.
Even if you hide only the IP address, if a cookie remains, you may be treated as the same browser. If you are logged in, access content may be linked to the account. User-Agent and browser characteristics become material for identifying the usage environment when combined with other information. Referrer and URL may indicate in what context and what you accessed.
| Information combination | How it appears | Impact on anonymity |
|---|---|---|
| IP address + access time | When and from which network the user came | May be matched with other records |
| Cookie + IP address | May be judged as the same browser even if the IP address changes | Network changes alone may not separate activity |
| Login state + browsing URL | What the account viewed | Activity may be linked to the account |
| User-Agent + device characteristics | Characteristics of the usage environment are visible | Becomes distinguishing material together with other information |
| Referrer + destination URL | Where the user came from and what they viewed | Browsing context and interests may be inferred |
For anonymity, instead of judging one piece of information in isolation by saying "this alone is fine," you need to think about how pieces of information connect with each other.
Summary
When you access a website, multiple pieces of information may be visible to the website side even if you did not enter your name.
Source IP address, access time, URL, User-Agent, cookies, login state, referrer, and browser or device characteristics are important when thinking about anonymity.
Each of these may not directly indicate an individual by itself. However, when combined, they may be treated as the same user's behavior or linked to an account or browser.
What is especially important is not to think "I only need to hide the IP address." Cookies, login state, User-Agent, referrer, browser and device characteristics, and similar information can also become material for identification and matching.
To understand anonymity, first you need to know what reaches the other party when you access a website. Then it is important to look not at single pieces of information, but at how multiple pieces of information combine.
Related tools
WhatIsMyIP
An external resource related to this article. Open it only when it fits your situation and threat model.
Why it is listed: It can help with the article topic, but it is outside Anonymity Sense and should be checked before use.
BrowserLeaks WebRTC
An external resource related to this article. Open it only when it fits your situation and threat model.
Why it is listed: It can help with the article topic, but it is outside Anonymity Sense and should be checked before use.
BrowserLeaks Fingerprint
An external resource related to this article. Open it only when it fits your situation and threat model.
Why it is listed: It can help with the article topic, but it is outside Anonymity Sense and should be checked before use.
EFF Cover Your Tracks
An external resource related to this article. Open it only when it fits your situation and threat model.
Why it is listed: It can help with the article topic, but it is outside Anonymity Sense and should be checked before use.
Tor Project
An external resource related to this article. Open it only when it fits your situation and threat model.
Why it is listed: It can help with the article topic, but it is outside Anonymity Sense and should be checked before use.