<?xml version="1.0" encoding="utf-8"?>
<rss version="2.0"><channel><title>Peakhour.IO - JA4</title><link>https://www.peakhour.io/</link><description></description><lastBuildDate>Sun, 06 Sep 2026 09:00:00 +1000</lastBuildDate><item><title>What an Open Network Fingerprint Database Should Publish</title><link>https://www.peakhour.io/blog/open-network-fingerprint-database-schema/</link><description>&lt;p&gt;A useful open fingerprint database needs provenance, competing labels, raw evidence, format versions and licences—not another unexplained hash list.&lt;/p&gt;</description><dc:creator xmlns:dc="http://purl.org/dc/elements/1.1/">AC</dc:creator><pubDate>Sun, 06 Sep 2026 09:00:00 +1000</pubDate><guid isPermaLink="false">tag:www.peakhour.io,2026-09-06:/blog/open-network-fingerprint-database-schema/</guid><category>Security</category><category>Network Fingerprinting</category><category>TLS Fingerprinting</category><category>JA4</category><category>Cisco Mercury</category><category>Security Research</category></item><item><title>Public Fingerprint Databases Are Not Ground Truth</title><link>https://www.peakhour.io/blog/public-fingerprint-databases-are-not-ground-truth/</link><description>&lt;p&gt;We reviewed the main public fingerprint resources. The formats are open, but current application labels and auditable ground truth remain scarce.&lt;/p&gt;</description><dc:creator xmlns:dc="http://purl.org/dc/elements/1.1/">AC</dc:creator><pubDate>Sun, 30 Aug 2026 09:00:00 +1000</pubDate><guid isPermaLink="false">tag:www.peakhour.io,2026-08-30:/blog/public-fingerprint-databases-are-not-ground-truth/</guid><category>Security</category><category>Network Fingerprinting</category><category>TLS Fingerprinting</category><category>JA3</category><category>JA4</category><category>Threat Intelligence</category></item><item><title>Using Network Fingerprints in Bot and Rate-Limit Decisions</title><link>https://www.peakhour.io/blog/using-network-fingerprints-in-bot-and-rate-limit-decisions/</link><description>&lt;p&gt;A practical way to use network fingerprints for bot and rate-limit decisions without mistaking a shared client cohort for identity.&lt;/p&gt;</description><dc:creator xmlns:dc="http://purl.org/dc/elements/1.1/">AC</dc:creator><pubDate>Sun, 23 Aug 2026 09:00:00 +1000</pubDate><guid isPermaLink="false">tag:www.peakhour.io,2026-08-23:/blog/using-network-fingerprints-in-bot-and-rate-limit-decisions/</guid><category>Security</category><category>Network Fingerprinting</category><category>TLS Fingerprinting</category><category>JA4</category><category>Bot Management</category><category>Rate Limiting</category></item><item><title>Does TLS Fingerprint Canonicalisation Hide Attacker Variation? How to Test It</title><link>https://www.peakhour.io/blog/tls-fingerprint-canonicalisation-attacker-variation/</link><description>&lt;p&gt;Sorting makes TLS fingerprints more stable, but it also removes ordering evidence. Here is how to test whether the discarded variation matters.&lt;/p&gt;</description><dc:creator xmlns:dc="http://purl.org/dc/elements/1.1/">AC</dc:creator><pubDate>Sun, 16 Aug 2026 09:00:00 +1000</pubDate><guid isPermaLink="false">tag:www.peakhour.io,2026-08-16:/blog/tls-fingerprint-canonicalisation-attacker-variation/</guid><category>Security</category><category>TLS Fingerprinting</category><category>JA4</category><category>Cisco Mercury</category><category>Network Fingerprinting</category><category>Security Research</category></item><item><title>A Network Fingerprint Is a Cohort, Not a Client</title><link>https://www.peakhour.io/blog/fingerprint-is-a-cohort-not-a-client/</link><description>&lt;p&gt;TLS fingerprints group similar protocol implementations. They do not prove which application, device or person made a request.&lt;/p&gt;</description><dc:creator xmlns:dc="http://purl.org/dc/elements/1.1/">AC</dc:creator><pubDate>Sun, 09 Aug 2026 09:00:00 +1000</pubDate><guid isPermaLink="false">tag:www.peakhour.io,2026-08-09:/blog/fingerprint-is-a-cohort-not-a-client/</guid><category>Security</category><category>TLS Fingerprinting</category><category>JA3</category><category>JA4</category><category>Cisco Mercury</category><category>Network Fingerprinting</category><category>Bot Management</category></item><item><title>Two Lineages of TLS Fingerprinting: JA3, JA4 and Cisco Mercury</title><link>https://www.peakhour.io/blog/two-lineages-tls-fingerprinting/</link><description>&lt;p&gt;JA4 did not descend from Cisco Mercury. The two projects come from different strands of TLS fingerprinting research and solve different operational problems.&lt;/p&gt;</description><dc:creator xmlns:dc="http://purl.org/dc/elements/1.1/">AC</dc:creator><pubDate>Sun, 26 Jul 2026 09:00:00 +1000</pubDate><guid isPermaLink="false">tag:www.peakhour.io,2026-07-26:/blog/two-lineages-tls-fingerprinting/</guid><category>Security</category><category>TLS Fingerprinting</category><category>JA3</category><category>JA4</category><category>Cisco Mercury</category><category>Network Fingerprinting</category><category>Threat Detection</category></item><item><title>One ClientHello, Three Fingerprints: JA3, JA4 and Mercury</title><link>https://www.peakhour.io/blog/one-clienthello-ja3-ja4-mercury-lab/</link><description>&lt;p&gt;A reproducible lab runs JA3, JA4 and Cisco Mercury against the same TLS ClientHello and compares what each fingerprint preserves.&lt;/p&gt;</description><dc:creator xmlns:dc="http://purl.org/dc/elements/1.1/">AC</dc:creator><pubDate>Sun, 12 Jul 2026 09:00:00 +1000</pubDate><guid isPermaLink="false">tag:www.peakhour.io,2026-07-12:/blog/one-clienthello-ja3-ja4-mercury-lab/</guid><category>Security</category><category>TLS Fingerprinting</category><category>JA3</category><category>JA4</category><category>Cisco Mercury</category><category>Network Fingerprinting</category><category>Security Research</category></item></channel></rss>