I've recently came across an executable that makes a GET request and in the UserAgent string are hexadecimal values. Has anyone ever seen this before? So instead of seeing "Mozilla ...." the User Agent is this UserAgent: \xe6\xb8... |
Anonymous |
thread locked Quote Subscribe |
Nov 30th 2017 3 years ago |
I did a quick retro-hunt in my logs for the last 30 days and found one IP that scanned a website with the following UA's: \xbf'\xbf\ \xf0''\xf0\ |
Xme 602 Posts ISC Handler |
Thread locked. Quote |
Nov 30th 2017 3 years ago |
This could potentially be a user connecting to a non-TLS site using TLS. |
Johannes 4112 Posts ISC Handler |
Thread locked. Quote |
Dec 4th 2017 3 years ago |
Sign Up for Free or Log In to start participating in the conversation!