Device Fingerprint
Detect your device's operating system through TCP/IP and UDP/IP network packet analysis. See how TTL, TCP options, and IP headers reveal your OS.
Loading TCP fingerprint...
Loading UDP/IP fingerprint via QUIC...
TCP/IP fingerprinting (also known as OS fingerprinting or passive fingerprinting) identifies the operating system of a remote device by analyzing characteristics of network packets. Different operating systems implement the TCP/IP stack differently, leaving unique signatures in packet headers.
Key Fingerprinting Signals
IP Header Fields
- TTL (Time To Live): Linux/macOS use 64, Windows uses 128, Solaris uses 255
- IP ID: Randomization patterns vary by OS
- DF Flag: Don't Fragment behavior differs
- TOS/DSCP: Traffic class settings
TCP Header Fields
- Window Size: Initial window size varies by OS
- TCP Options: Order and presence of MSS, SACK, timestamps, window scaling
- MSS: Maximum Segment Size reveals MTU settings
- Window Scale: Scaling factor differs by OS version
TCP vs UDP Fingerprinting
| Feature | TCP | UDP (QUIC) |
|---|---|---|
| Available Signals | IP + TCP options (MSS, WS, SACK, TS) | IP only (TTL, ID, TOS, DF) |
| Detection Accuracy | High (20+ signal points) | Lower (~4 signal points) |
| Use Case | HTTP/1.1, HTTP/2, HTTPS | HTTP/3, QUIC connections |
Privacy Implications
TCP/IP fingerprinting can be used by websites and security systems to:
- Detect VPNs and proxies (TTL mismatches reveal extra network hops)
- Identify bot traffic (tools like curl have different fingerprints than browsers)
- Track users across sessions (fingerprint is consistent per device/OS)
- Detect OS spoofing attempts (User-Agent doesn't match TCP fingerprint)