What an Open Network Fingerprint Database Should Publish
A useful open fingerprint database needs provenance, competing labels, raw evidence, format versions and licences—not another unexplained hash list.
A useful open fingerprint database needs provenance, competing labels, raw evidence, format versions and licences—not another unexplained hash list.
Sorting makes TLS fingerprints more stable, but it also removes ordering evidence. Here is how to test whether the discarded variation matters.
TLS fingerprints group similar protocol implementations. They do not prove which application, device or person made a request.
Cisco's open-source collectors, fingerprinting research and Encrypted Visibility Engine form a clear lineage, but they are not interchangeable parts of one public system.
JA4 did not descend from Cisco Mercury. The two projects come from different strands of TLS fingerprinting research and solve different operational problems.
A reproducible lab runs JA3, JA4 and Cisco Mercury against the same TLS ClientHello and compares what each fingerprint preserves.
© PEAKHOUR.IO PTY LTD 2026 ABN 76 619 930 826 All rights reserved.