HoneyLabs

HASSH SSH client fingerprint

fda360b1b4f4d3455cb75c6e7edb1d11

Seen 2026-05-04 to 2026-07-15 across the retained window.

280

Source IPs

2

Networks

1

Countries

1

Ports hit

2.5K

Events

140

IPs / network

This fingerprint is concentrated: many addresses on very few networks, which is what a single coordinated operation tends to look like.

Top networks

Countries

VN 280

Ports targeted

Source IPCCNetworkEvents
171.243.148.105VNAS7552 Viettel Group33
27.79.6.83VNAS7552 Viettel Group25
27.79.45.128VNAS7552 Viettel Group23
27.79.44.21VNAS7552 Viettel Group23
27.79.40.12VNAS7552 Viettel Group22
27.79.41.195VNAS7552 Viettel Group21
171.231.186.156VNAS7552 Viettel Group21
27.79.4.112VNAS7552 Viettel Group21
116.110.151.7VNAS24086 Viettel Corporation21
171.243.151.119VNAS7552 Viettel Group21
27.79.2.54VNAS7552 Viettel Group21
27.79.5.162VNAS7552 Viettel Group20
27.79.5.123VNAS7552 Viettel Group20
27.79.2.148VNAS7552 Viettel Group20
27.79.4.89VNAS7552 Viettel Group20
116.110.214.217VNAS24086 Viettel Corporation20
27.79.6.170VNAS7552 Viettel Group20
27.79.2.165VNAS7552 Viettel Group19
27.79.40.139VNAS7552 Viettel Group19
171.231.183.94VNAS7552 Viettel Group19

About this fingerprint

HASSH is an MD5 over the ordered algorithm lists an SSH client offers during key exchange, before any authentication. It identifies the SSH implementation and version behind a connection at the handshake.