Do more on the web, with a fast and secure browser!

Download Opera browser with:

  • built-in ad blocker
  • battery saver
  • free VPN
Download Opera
  • Hi,

    I'm a contributing member of an online security discussion group where a PHP script designed to protect websites against malicious activity (such as spamming and hacking attempts) is available, and back in 2012, as a result of my suggesting doing so, a signature was added to this script designed to block any requests that cited "eak01ag9" within the request UA.

    This suggestion was made based on evidence that I had that suggested that the UA fragment in question, as part of a larger, incorrectly spoofed Opera UA (which aside from this bizarre UA fragment, did, otherwise, look like a legitimate Opera UA), was in use by at least one or more bots used to crawl sites prior to running spam campaigns against those sites.

    Fast forward to now, 2015.. A newer member of our online security discussion group has suggested that this UA fragment, may, in fact, be something actually seen in legitimate instances of the UA of certain versions of Opera, something which I've personally never seen before, but, as I'm neither an actual Opera user nor was this UA fragment asked about here on the Opera forums at the time that the signature was originally suggested, I'm not at this time certain as to whether or not this is, in fact, true or false.

    Hence, why I'm posting here now and what I'm wanting to ask here, on the Opera forums, and what I'm hoping someone here could clarify for me.

    Is the string "eak01ag9" contained within the UA of any known, -legitimate- releases of the Opera browser, and if it is, could someone please explain to me what "eak01ag9" actually means and what it's all about?

    Thank you.

    Kind Regards,

  • I haven't seen it, even in internal test versions. Mind you, I don't use Turbo or Mini - I don't know if using the proxy would modify the user agent.

  • I have seen some campaign / partner builds with additional UA string appendixes like those. But only Opera's employees can tell if that one really is genuine.

  • Cheers for the replies. I've passed this information on for the benefit of the aforementioned online security discussion group, and hopefully, if I'm lucky, maybe I'll have one of those employees happen upon this thread and choose to reply.

    Might not be absolutely conclusive (I'll try to clarify with that newer member I mentioned before regarding the possibilities of Turbo or Mini, to see if either of those might be a possibility for where they think they've seen this UA component), but your replies most definitely have helped; Cheers. 🙂