1. Home
  2. Forums Index
  3. General SEO Issues / Crawler, Spider, and User Agent ID 4:18 pm May 4, 2026

Forum Moderators: open

Message Too Old, No Replies

Microsoft Internet Explorer/4.40.426

Obvious - yet very strange - fake browser UA

         

Dreamquick

7:35 pm on Oct 3, 2002 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Spotted new UA over the last couple of days:

"Microsoft Internet Explorer/4.40.426 (Windows 95)"

Now to the best of my knowledge a v4.4 was never released which makes me skeptical about this being a real browser - it also seems to be hunting for images and a content type (at least to me) called "www/source".

Also it seems to be able to handle cookies as a basic minimum, but doesn't discard them when it leaves other people's sites - normally this is the sort of behaviour I'd expect from an exploit hunting bot!

Spotted it three times so far;

30.09.2002 21:14:57 @ 65.190.87.105 (Telocity)
02.10.2002 08:45:12 @ 24.196.228.64 (Charter Communications)
03.10.2002 19:31:52 @ 65.190.87.105 (Telocity)

Both addresses are part of large-ish ranges and a quick google for their names turn up DSL/Cable type services. So far they have never requested robots.txt and only load the default document on the root.

If anyone is interested it's requests look like this;

Accept: www/source, text/html, video/mpeg, image/jpeg, image/x-tiff,image/x-rgb, image/x-xbm, image/gif, */*, application/postscript
Host: mysite.example.com
User-Agent: Microsoft Internet Explorer/4.40.426 (Windows 95)

-Tony

j_anstice

10:28 pm on Oct 3, 2002 (gmt 0)

10+ Year Member



The page below lists the mapping between version numbers and release names for Internet Explorer - it looks as if 4.40.xxx is IE 1.0 or 2.0

[xtra.co.nz...]

Of course this doesn't preclude someone using the user agent for nefarious purposes, but it looks to be a valid (but more or less obsolete) user agent.

GaryK

10:51 pm on Oct 3, 2002 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



I have seen that one, and Microsoft Internet Explorer/4.40.308 (Windows 95) in my logs from time to time. AFAIK neither one was ever a valid UA for IE. Both do exactly what you described about reading the default document and that's all.

j_anstice

1:32 am on Oct 4, 2002 (gmt 0)

10+ Year Member



A quick google for 4.40.426 shows that it's a suggested user agent for the Nitro email harvester from EarthOnline
[earthonline.com...]
and scroll down till you get to "What are the basic steps used to configure Nitro?"

I've extracted a list of the user agents that Nitro can use - it's just a list of late 90s browsers which might still be in use - sticky me if you want a copy.

[Edit]
But defaults to:
"Mozilla/3.Mozilla/2.01 (Win95; I)"

Dreamquick

6:10 pm on Oct 4, 2002 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



I keep forgetting about the variable UA spam-bots!

The irony is that I've already coded for the default Nitro UA on any pages featuring email addresses and in this case the request failed to pass a set of rules I cooked up so they got given nothing worth the time and effort of scraping the page :)

Cheers for pointing out what I'd forgotten (doh!)

- Tony

 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. General SEO Issues / Crawler, Spider, and User Agent ID 4:18 pm May 4, 2026