What are my SEP Clients downloading from liveupdate.symantecliveupdate.com?

It was brought to my attention a short time back that several of our workstations are communicating directly with http://liveupdate.symantecliveupdate.com/  Per our LiveUpdate Policy configuration this should not occur. If a SEP client requires an update it will only attempt to connect to our GUP or the SEPMs. In reviewing our Web Filter logs I was able to identify what exactly they were requesting to download.  My problem now is what are these items that some of these machines are attempting to download?  Below is an example of one of the file paths I found. Note how ridiculously long the path is.  Does anyone know what its doing? 

http://liveupdate.symantecliveupdate.com/F200%5E$ab$88$d9$ff$b0$1fM$1e_F201%5E$ab$88$d9$ff$b0$1fM$1e_F202%5E$f43$60$d1$60$f2$f9$ad_F203%5E$9b$acv$83$d1$06$1b$f9$04$e7$95z$ea$af$d1$e1_F204%5E$9ey$e5TGM1t$a4$e0T$94$d48f$9b$90lx$89$b7$8b$a2$d81$e6$cd$b0$5bW$a7$0d4$fe$03K_$81$9f$9dL$12$f7o$8c$87%5E$01$22$ad$7dQ$b1$e8$b3f_F205%5Ea4kPqwZLZB+Wfbif9u2tcPWa/xYedoIUQAAAAA_F206%5E$10$9f$bb$00$14$93$c24