dstiles - 5:40 pm on Jan 3, 2013 (gmt 0)
This user-agent was mentioned here in posting [webmasterworld.com...] in 2009 but no one replied.
UA: Mozilla/4.0 (compatible; Synapse)
I've been seeing (and blocking) a lot of hits this past month or so. It seems to be taking off in a big way but I'm unsure whether as a "curiosity" tool or a hacking/scraping tool.
Searching ixquick for the UA (in quotes) turns up several references including user-agents.org which says "Synapse - Apache web service for processing XML documents" and a link to a wiki "proposal" for the tool. This in turn leads to synapse.apache.org which says...
"Apache Synapse is a lightweight and high-performance Enterprise Service Bus (ESB). Powered by a fast and asynchronous mediation engine, Apache Synapse provides exceptional support for XML, Web Services and REST. In addition to XML and SOAP, Apache Synapse supports several other content interchange formats, such as plain text, binary, Hessian and JSON."
The "key features" list has some worrying items including "Support for industry driven Financial Information eXchange (FIX) protocol" which, given the tool is accessing MY (non-financial) web sites suggests ill-usage.
Most apache users are likely to be professionals (web site designers/hosters coming probably from server farms) but I'm seeing a lot of hits from broadband IPs (not always obviously compromised) on which I would not expect an apache server, especially a full internet-facing one with open ports.
One consecutive sequence of 10 hits today was to variations on an on-site search. It looked, from one of the parameters, as if the querystrings defining the search were those fed by the site to search engines rather than users; the site has since been modified (6 months ago) so the querystring is now different.
I've decided to continue blocking it. Anyone have any further insights?