What User agent is Java?

In my logs I see a list of user agents who have visited my site. #1 is Explorer, #3 is Netscape. #2 is Java 1.2 and #4 is Java 1.3.1.

I understand how this corresponds to Java, but what User Agent(s) are identifying themselves this way?

Thanks.

Almost always a mail user agent.

Really? I'm doubting that's the case here though. I do NO email advertising, I send no newsletters ... and yet my #2 and #4 user agents are still Java 1.2 and Java 1.3.1.

Besides, wouldn't the most common mail user agent be IE (e.g. Outlook)?

Thanks.

What I mean is I think its a linux or unix box running a mail bot trying to find any e-mail addys so it can record them and spam them at a later date or... It could be a nosy competitor hitting your site often with a Mac running (OS X 10.1) or a java 1.2 plug-in.

Ah, I see. So you think that a user agent that IDs itself as "java" is likely a non-commercial spider agent or something? Something similar to Zeus? That makes sense. It also makes sense, as most commercial apps wouldnt be so lazy as to not identify themsleves properly.

Hmm. Thanks for the feedback.

I have never seen that user agent mentioned in logs before.

Try a Google search and see if anyone else has every written about this.

IIRC (don't have the Javadoc handy), these user-agent headers are the default request headers set when a Java programmer doesn't explicitly set an alternate value in a program that, for whatever purpose, accesses HTTP.

I'm not sure why it would have to be a UNIX/Linux box or even a Mac, since Windows has the proverbial 95% advantage in numbers and Java apps can run on any of these platforms. I dont' think any browser plugin should affect the useragent string like this. It's probably either a bot, or something else but it's immaterial what OS it is running on top of.

I remember seeing this in my logs for quite a while, then realized that it was my own app server hitting itself through http - I was experimenting with some XML-over-http processing before the advent of SOAP, and had it running through the web server so any hit to the experimental page caused two log entries as a side-effect.

I still occasionally get hits with this user agent. This leads me to believe that either would-be spammers, or even just other sites whose purpose is to keep an eye on our content, are the ones doing the accessing.... now my thoughts are lit up. Are you serving any RSS? Could be a Java-based RSS client. No doubt you'll have more luck figuring out what it is by the pattern of hits than by the user-agent string alone. Let us know!