HoneyLabs

JA4H HTTP client fingerprint

po11nn0300_7059b3fb2d4a

Seen 2026-05-04 to 2026-07-15 across the retained window.

359

Source IPs

1

Networks

2

Countries

6

Ports hit

419

Events

359

IPs / network

This fingerprint is concentrated: many addresses on very few networks, which is what a single coordinated operation tends to look like.

Top networks

Countries

US 288GB 71

Ports targeted

Source IPCCNetworkEvents
205.210.31.214USAS396982 Google LLC3
198.235.24.254USAS396982 Google LLC3
205.210.31.107USAS396982 Google LLC3
147.185.133.68USAS396982 Google LLC3
147.185.132.64USAS396982 Google LLC3
205.210.31.206USAS396982 Google LLC3
198.235.24.193USAS396982 Google LLC2
35.203.211.241GBAS396982 Google LLC2
35.203.211.155GBAS396982 Google LLC2
198.235.24.205USAS396982 Google LLC2
198.235.24.108USAS396982 Google LLC2
162.216.150.147USAS396982 Google LLC2
35.203.211.128GBAS396982 Google LLC2
35.203.211.230GBAS396982 Google LLC2
198.235.24.201USAS396982 Google LLC2
198.235.24.41USAS396982 Google LLC2
198.235.24.76USAS396982 Google LLC2
162.216.150.63USAS396982 Google LLC2
205.210.31.106USAS396982 Google LLC2
147.185.132.174USAS396982 Google LLC2

About this fingerprint

JA4H fingerprints the shape of an HTTP request: method, version, the ordered set of headers and the cookie and language handling. It identifies the HTTP client independently of the URL it asks for.