Header Hooligan Hashing
Bot
SearchEngine
Policy:
rate-limit-search
Probability
100 %
Confidence
50 %
Risk Profile
VeryHigh
Threat
None
Hit Count
11
Last Seen
2h 11m ago
Drifted
Googlebot
→
Mastodon Family
0.35
→
0.36
Fingerprint Profile
TLS Version
--
HTTP Protocol
--
Protocol Client
Detected
TCP OS Hint
Low
Fingerprint Integrity
-0.45
UA Consistency
+1.35
Headless Indicator
Low
Datacenter IP
Clean
Endpoints Visited (11) Click to expand
| # | Path |
|---|---|
| 1 | /_stylobot/signature/0n4tioG_e2G5FWAEIsKk1A |
| 2 | /dashboard/signature/qsVDsIHT0xw4y870Ssu92g |
| 3 | /dashboard/entity/71499728f4274642 |
| 4 | /open-source |
| 5 | /dashboard/signature/-Sl3FYfm87gV_xDW04xfZA |
| 6 | /dashboard/entity/87d931c2b15e47bb |
| 7 | /docs/start-here |
| 8 | /dashboard/signature/mgkuJCbqJOSMkoEsaO4dgw |
| 9 | /dashboard/entity/21ad29141b9f4aa4 |
| 10 | /dashboard/signature/A4HcXbSk2s3V42kMJeuAZQ |
| 11 | /dashboard/entity/719d043cf9234e29 |
Raw Requests (11) Click to expand
| Time | Method | Path | Status | Prob | Conf | Risk Profile | Action | Time |
|---|---|---|---|---|---|---|---|---|
| 20:18:02 | GET | /_stylobot/signature/0n4tioG_e2G5FWAEIsKk1A | 200 | 100 % | 50 % | VeryHigh | rate-limit-search | 1.1ms |
| 20:12:29 | GET | /dashboard/signature/qsVDsIHT0xw4y870Ssu92g | 200 | 0 % | 100 % | VeryLow | Allow | 0.0ms |
| 20:12:28 | GET | /dashboard/entity/71499728f4274642 | 200 | 0 % | 100 % | VeryLow | Allow | 0.0ms |
| 20:10:48 | GET | /open-source | 200 | 0 % | 100 % | VeryLow | Allow | 0.0ms |
| 21:33:12 | GET | /dashboard/signature/-Sl3FYfm87gV_xDW04xfZA | 200 | 0 % | 100 % | VeryLow | Allow | 0.0ms |
| 21:33:11 | GET | /dashboard/entity/87d931c2b15e47bb | 200 | 0 % | 100 % | VeryLow | Allow | 0.0ms |
| 21:01:37 | GET | /docs/start-here | 200 | 0 % | 100 % | VeryLow | Allow | 0.0ms |
| 10:04:31 | GET | /dashboard/signature/mgkuJCbqJOSMkoEsaO4dgw | 200 | 0 % | 100 % | VeryLow | Allow | 0.0ms |
| 10:04:31 | GET | /dashboard/entity/21ad29141b9f4aa4 | 200 | 0 % | 100 % | VeryLow | Allow | 0.0ms |
| 23:30:23 | GET | /dashboard/signature/A4HcXbSk2s3V42kMJeuAZQ | 200 | 0 % | 100 % | VeryLow | Allow | 0.0ms |
| 23:30:18 | GET | /dashboard/entity/719d043cf9234e29 | 200 | 100 % | 50 % | VeryHigh | Aggressive Throttle | 4.6ms |
Bot Probability & Confidence History
StyloBot Detection Overhead (ms)
Analysis
Header Hooligan Hashing on /_stylobot/signat... - caught by Heuristic model (early): 85 % bot likelihood (23 features), Known bot UA pattern: bingbot, TLS connection appears normal
Detection Signals
- • Heuristic model (early): 85 % bot likelihood (23 features)
- • Known bot UA pattern: bingbot
- • TLS connection appears normal
- • Request patterns appear normal
- • No known patterns in reputation cache
Detector Contributions (13 detectors)
| Detector | Confidence Delta | Timing (ms) |
|---|---|---|
|
Heuristic
Heuristic model (early): 85 % bot likelihood (23 features)
|
+0.692 | 0.0 |
|
UserAgent
Known bot UA pattern: bingbot
|
+0.900 | 0.0 |
|
TlsFingerprint
TLS connection appears normal
|
-0.300 | 0.0 |
|
Behavioral
Request patterns appear normal
|
-0.300 | 0.0 |
|
Header
Browser UA without Accept-Language; deployment norm is low language rate (0 % over 211 samples)
|
+0.000 | 0.0 |
|
AiScraper
No AI scraper signals detected
|
+0.000 | 0.0 |
|
SecurityTool
No security tools detected in User-Agent
|
+0.000 | 0.0 |
|
Http2Fingerprint
Using HTTP/1.1; environment norm is HTTP/1.1 (0 % HTTP/2 over 247 samples)
|
+0.000 | 0.0 |
|
Http3Fingerprint
Connection uses HTTP/1.1 (not HTTP/3)
|
+0.000 | 0.0 |
|
TcpIpFingerprint
Network fingerprint analysis complete (no anomalies detected)
|
+0.000 | 0.0 |
|
HeaderCorrelation
Single signature per header profile
|
+0.000 | 0.0 |
|
TransportProtocol
Transport protocol analysis complete
|
+0.000 | 0.0 |
|
FastPathReputation
No known patterns in reputation cache
|
+0.000 | 0.0 |
Signal Intelligence
behavioral
anomaly
False
h2
is_http2
False
protocol
HTTP/1.1
behind_proxy
False
population_samples
247
population_http2_rate
0
h3
is_http3
False
protocol
HTTP/1.1
header
count
15
has_accept
True
sec_fetch_dest
sec_fetch_mode
sec_fetch_site
has_proxy_headers
False
has_accept_encoding
True
has_accept_language
False
is_websocket_upgrade
False
sec_fetch_same_origin
False
is_service_worker_fetch
False
population_accept_language_rate
0
heuristic
confidence
0.692
prediction
bot
early_completed
True
ip
subnet
40.77.167
is_local
False
request
protocol
HTTP/2
accept_encoding
gzip, br
risk
justification
probability 1.00
friendly_pin_trace
skipped:no_corroboration (UA claims bingbot as SearchEngine; UA alone is not sufficient)
tcp
connection_header
keep-alive
tls
is_https
True
available
True
ua
family
bingbot
is_bot
True
bot_name
bingbot
bot_type
SearchEngine
family_version
116
Signature:
jAkoY1DcNvRNWPrmdnQ_Fg
|
Processing: 1.1ms
|
Country: US
|
First seen: 2026-06-01 23:30:18 UTC