HoneyLabs

JA4H HTTP client fingerprint

op10nn0100_4740ae6347b0

Seen 2026-02-23 to 2026-07-13 across the retained window.

248

Source IPs

1

Networks

10

Countries

4

Ports hit

258

Events

248

IPs / network

This fingerprint is concentrated: many addresses on very few networks, which is what a single coordinated operation tends to look like.

Top networks

Countries

US 104CA 23NL 18FI 17GB 16AU 16CH 14DE 14BE 14BR 12

Ports targeted

Source IPCCNetworkEvents
34.48.147.231USAS396982 Google LLC2
34.20.172.111USAS396982 Google LLC2
34.13.58.93GBAS396982 Google LLC2
34.26.144.226USAS396982 Google LLC2
34.147.22.121NLAS396982 Google LLC2
207.175.61.254USAS396982 Google LLC2
34.151.161.19AUAS396982 Google LLC2
34.24.16.88USAS396982 Google LLC2
8.229.179.221USAS396982 Google LLC2
34.19.200.47CAAS396982 Google LLC2
35.237.92.58USAS396982 Google LLC1
34.147.12.115NLAS396982 Google LLC1
34.12.208.156NLAS396982 Google LLC1
35.228.137.144FIAS396982 Google LLC1
34.39.8.234GBAS396982 Google LLC1
34.48.53.228USAS396982 Google LLC1
34.118.163.108CAAS396982 Google LLC1
34.105.217.205GBAS396982 Google LLC1
34.88.109.92FIAS396982 Google LLC1
34.65.11.36CHAS396982 Google LLC1

About this fingerprint

JA4H fingerprints the shape of an HTTP request: method, version, the ordered set of headers and the cookie and language handling. It identifies the HTTP client independently of the URL it asks for.