HoneyLabs

JA4H HTTP client fingerprint

ge11nn0700_5a5182d16ecb

Seen 2026-03-17 to 2026-07-06 across the retained window.

15

Source IPs

12

Networks

9

Countries

2

Ports hit

948

Events

1

IPs / network

This fingerprint is spread thinly across many networks, which is the shape of a common, widely-used client.

Top networks

Countries

CN 3US 3SE 3GB 1KR 1GR 1IT 1CA 1IR 1

Ports targeted

Source IPCCNetworkEvents
81.226.129.67SEAS3301 Telia Company AB210
24.84.30.89CAAS6327 Shaw Communications111
175.200.104.40KRAS4766 Korea Telecom111
162.198.46.77USAS7018 AT&T Enterprises, LLC84
27.153.157.138CNAS4134 Chinanet74
24.185.219.32USAS6128 Cablevision Systems Corp.37
85.133.133.99IRAS39074 Sepanta Communication Development Co. Ltd37
78.68.234.165SEAS3301 Telia Company AB37
79.129.165.192GRAS6799 OTEnet S.A.37
90.226.146.31SEAS3301 Telia Company AB37
98.172.97.239USAS22773 Cox Communications Inc.37
120.1.237.12CNAS4837 CHINA UNICOM China169 Backbone37
117.60.24.97CNAS4134 Chinanet37
94.35.140.5ITAS8612 Tiscali SpA37
82.28.80.167GBAS5089 Virgin Media25

About this fingerprint

JA4H fingerprints the shape of an HTTP request: method, version, the ordered set of headers and the cookie and language handling. It identifies the HTTP client independently of the URL it asks for.