Sep 6, 2006

coli.uni-saarland.de / answerbus bot

This bot first came in using a agant for a text browser. Clearly fake.

lynx/2.8.5dev.16 libwww-fm/2.14 ssl-mm/1.4.1 openssl/0.9.7a
134.96.104.226 cluster-7.coli.uni-saarland.de

After a week they changed user agents to.

answerbus (http://www.answerbus.com/)
134.96.1.195 answerbus.coli.uni-saarland.de

Now they are back to using a fake text browser agent. Perhaps its 2 bots.
lynx/2.8.5dev.16 libwww-fm/2.14 ssl-mm/1.4.1 openssl/0.9.7a
134.96.104.221 cluster-2.coli.uni-saarland.de

lynx/2.8.5dev.16 libwww-fm/2.14 ssl-mm/1.4.1 openssl/0.9.7a
134.96.104.220 cluster-1.coli.uni-saarland.de



It often came in with refers that tracked back to its scraper site.
134.96.1.195 answerbus.com answerbus.de uni-saarland.de

All of these websites have the same thing on them. it looks like a search system and even says "supported by research grants from ....." I dont know if thats true if it is they should ask for the money back. Unless they support scrappers?

I tested this search system using my keywords for my sites and what I found were listings with my text and site name that looked like they were links to my site but when clicking on them I was taken to other scrapper linking sites.

This thing is banned by domain and user agent.


Update bot getting very active suggest adding to server ip ban

deny from 134.96.104.226
deny from 134.96.104.221
deny from 134.96.104.220
deny from 134.96.1.195

No comments: