Every website you visit is quietly loading invisible scripts from tracking companies. Ad networks, analytics platforms, fingerprinting services — they're all there, stitching together a profile of you across every site you touch.
I wanted to know exactly who's watching. So I built trackmap.
What it does
pip install trackmap
trackmap scan --chrome
trackmap reads your browser history (Chrome, Firefox, or Safari), fetches each site, extracts every third-party script, pixel, and iframe, and maps out which companies are tracking you.
TRACKING NETWORK REPORT
━━━━━━━━━━━━━━━━━━━━━━
Sites scanned: 87
Trackers found: 23 companies across 312 connections
TOP TRACKERS BY REACH
Google ██████████████████░░ 78.2% of your browsing
Meta █████████░░░░░░░░░░░ 41.3%
Amazon ██████░░░░░░░░░░░░░░ 29.1%
Oracle ████░░░░░░░░░░░░░░░░ 18.4%
Criteo ███░░░░░░░░░░░░░░░░░ 14.9%
How it works
- Import your browser history from Chrome/Firefox/Safari
- Scan the top 100 most-visited sites (async, fast)
- Extract every third-party domain from scripts, iframes, pixels, inline URLs
- Match against a built-in database of 163 tracker domains from 72 companies
- Report with bar charts, categories, and a privacy risk score
Five categories: Advertising, Analytics, Social, Fingerprinting, and Content delivery.
The scariest part
It's not just that Google tracks you. It's that companies you've never heard of — Criteo, BlueKai, LiveRamp — are embedded across dozens of your most-visited sites, building a shadow profile of your interests, habits, and behavior.
trackmap also shows unknown third-party domains that aren't in any tracker database. These are potential new trackers that haven't been catalogued yet.
Privacy
- Your history never leaves your machine
- All scanning happens locally
- No API keys needed
- Works on a copy of your browser DB (doesn't touch the original)
Try it
pip install trackmap
trackmap scan --chrome --top 50
Or check if a specific domain is a known tracker:
trackmap check doubleclick.net
GitHub: github.com/LakshmiSravyaVedantham/trackmap
This is part of a privacy tools suite I'm building. Also check out:
- shadowscan — what AI can see about you locally
- datawipe — automate GDPR/CCPA data deletion requests
- consentmap — privacy policy scanner
- phantom — find your ghost accounts on breached services
Want all three in a single binary?
I rewrote trackmap + phantom + leakwatch as one Rust binary: privacykit
cargo install privacykit
privacykit track scan --chrome
privacykit phantom scan you@gmail.com
privacykit leak scan
Zero Python. Zero dependencies. One binary.
Top comments (0)