Skip to content

Instantly share code, notes, and snippets.

@gwire

gwire/excessive-download-useragents.txt Secret

Last active May 23, 2019 19:02
Show Gist options
  • Save gwire/c68e1cd53b9942e6224665db42b68579 to your computer and use it in GitHub Desktop.
Save gwire/c68e1cd53b9942e6224665db42b68579 to your computer and use it in GitHub Desktop.
Download ZIP
User-Agent strings from a weird distributed download
Raw
excessive-download-useragents.txt
12156 "Microsoft-CryptoAPI/10.0"
2472 "OfficeClickToRun"
1771 "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; Win64; x64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; wbx 1.0.0; Microsoft Outlook 16.0.4783; Microsoft Outlook 16.0.4783; ms-office; MSOffice 16)"
764 "ClickToRun"
585 "MSDW"
573 "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36"
96 "Windows-Update-Agent/10.0.10011.16384 Client-Protocol/1.70"
85 "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; Win64; x64; Trident/7.0; .NET4.0C; .NET4.0E; Microsoft Outlook 16.0.4783; Microsoft Outlook 16.0.4783; ms-office; MSOffice 16)"
84 "Windows-Update-Agent/10.0.10011.16384 Client-Protocol/1.81"
65 "Microsoft-CryptoAPI/6.1"
62 "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko"
55 "Microsoft-WNS/10.0"
40 "Microsoft-CryptoAPI/6.2"
23 "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36"
20 "Java/1.8.0_161"
13 "Mozilla/5.0 (Windows NT 10.0; Trident/7.0; rv:11.0) like Gecko"
11 "IPM"
11 "Get Flash Player version xml/1.0"
10 "python-requests/2.6.0 CPython/2.7.5 Linux/3.10.0-514.21.2.el7.x86_64"
10 "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:64.0) Gecko/20100101 Firefox/64.0"
8 "Windows-Media-Player/12.0.9200.16578"
7 "WicaAgent"
6 "SmartScreen/2814750890000521"
6 "Microsoft BITS/7.8"
4 "Microsoft NCSI"
4 "Java/1.8.0_191"
3 "Windows-Media-Player/12.0.17134.471"
3 "AutodeskSync/5.0.27.1100 AutodeskWebServicesClient/5.0.27.1100"
2 "SmartScreen/2814750890000385"
2 "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; LCTE; rv:11.0) like Gecko"
2 "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2486.0 Safari/537.36 Edge/13.10586"
2 "Java/1.8.0_91"
2 "Java/1.8.0_181"
2 "Java/1.8.0_171"
2 "Java/1.8.0_144"
2 "Java/1.8.0_121"
1 "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0"
1 "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:64.0) Gecko/20100101 Firefox/64.0"
1 "Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko"
1 "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393"
1 "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; Win64; x64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; InfoPath.3; wbx 1.0.0)"
1 "Mozilla/4.0 (CCleaner, 5.39.6399)"
1 "Microsoft BITS/7.5"
1 "McAfee Agent"
1 "BingService"
@gwire
Copy link
Author

gwire commented Jan 22, 2019

User-Agents from approx 9 hours logs of a distributed file download attempt that's been ongoing for at least 6 months. I don't know what the ultimate purpose is.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment