| I've recently came across an executable that makes a GET request and in the UserAgent string are hexadecimal values. Has anyone ever seen this before? So instead of seeing "Mozilla ...." the User Agent is this UserAgent: \xe6\xb8... |
Anonymous |
| ReplyQuote Subscribe |
Nov 30th 2017 10 months ago |
|
I did a quick retro-hunt in my logs for the last 30 days and found one IP that scanned a website with the following UA's: \xbf'\xbf\ \xf0''\xf0\ |
Xme 417 Posts ISC Handler |
| Reply Quote |
Nov 30th 2017 10 months ago |
| This could potentially be a user connecting to a non-TLS site using TLS. |
Johannes 3373 Posts ISC Handler |
| Reply Quote |
Dec 4th 2017 10 months ago |
Sign Up for Free or Log In to start participating in the conversation!
