Firefox 3 Beta 4 is available for download. Pretty cool.
A visitor from Jarvis Universal Purchase Co. set some kind of record here at the Chronicle today with 237 page views in 8 minutes. Speed reader.
Blogs and Blogging
Flickr Photos
|
StatCounter
var sc_project=2417731;
var sc_invisible=0;
var sc_partition=22;
var sc_security="920c1715";
44 comments
Comments feed for this article
March 20, 2008 at 10:27 pm
Greg
Jarvis Purchase Co. must be slow today. My website got 35 unique visits from them….each one for 1 second.
March 21, 2008 at 12:37 am
steveegg
There must be a spider from “Jarvis Purchase”.
March 21, 2008 at 1:03 am
larmy
mine too – 13 visits, separate ips, bunches of page views, but for up to 7 minutes each
March 21, 2008 at 8:30 am
Huckleberry Dumbell, Editor In Chief
At least all of our stats will look good this week.
March 26, 2008 at 1:42 am
George W. Orwell
same deal at my site – http://messengerpuppet.com.
8 different Jarvis IPs
8-17 page views per IP (I suspect the IP rotates, or else 8 different people were on at once)
38-57 minutes per IP
March 26, 2008 at 8:01 pm
Kelly Rossi
Someone, or something, from this company hit my site 490 times 4 days ago & yesterday my site got hacked. I wonder if there is a connection.
March 27, 2008 at 1:27 am
nv1962
I just kneecapped any access from their IP: 65.208.151.112/29 (that’s 65.208.151.112 through 65.208.151.119 both included)
That is, they’re locked out permanently until they either: totally clarify their purpose and also convincingly explain to this untrusting skeptic why I should care, or provide a full disclosure of their tax returns going back to at least 1776 – whichever comes latest.
April 14, 2008 at 11:50 am
Aviad
Did you get any leads on what this company is?
April 14, 2008 at 1:22 pm
Huckleberry Dumbell, Editor In Chief
Whomever they really are, what they did was send out an internet spider. There does not appear to be any long term problem. Some cheap-ass advertiser looking for content for a spam web page, no doubt.
April 18, 2008 at 3:49 pm
Alex Jarrah
Jarvis Purchasing company logged an unusual 198 visits on April 17th to various pages on our website (HTTP://WWW.OOPSystems.com).
We love the attention, however, obviously something is up. It seems they have a spider at work.
I wonder what the spider’s objective might be? Innocuous or malicious?
Hope someone
April 19, 2008 at 6:32 am
Xbuzz
I am also seeing insane kind of traffic from these IP ranges. The Ip resolve to a company names
Jarvis Universal Purchase Co. Dont know what they are doin..
1 65.208.151.112 24 mins ago
1 65.208.151.113 35 mins ago
1 65.208.151.114 55 mins ago
1 65.208.151.115 56 mins ago
1 65.208.151.116 1 hour ago
1 65.208.151.112 1 hour ago
1 65.208.151.112 1 hour ago
1 65.208.151.114 1 hour ago
1 65.208.151.113 1 hour ago
1 65.208.151.118 1 hour ago
1 69.225.89.108 1 hour ago
1 65.208.151.118 1 hours ago
1 65.208.151.116 1 hours ago
1 65.208.151.116 1 hours ago
April 26, 2008 at 11:03 am
mai9
I got 79 visits on April 13th for mai9.net, if anyone know what this is, just leave a message
April 26, 2008 at 4:29 pm
Aviad
This is an unusual behavior even for a spider… They don’t tend to harass your website so often. At first it seemed like a really lame DoS attack..
April 29, 2008 at 11:42 pm
Nikhil Narayanan
Whoa! 94 hits in a single day.
The bot scanned every page of my blog
Any clue who these guys are….?
May 1, 2008 at 6:05 pm
Colin Donald
Hi Huck, same here in the UK. More than 100 visits (scapes?) in less than 24 hours. They’ve seen pretty much the whole site and I’ve come here by Googling for them! Asking my Twitter peeps if they know anything…
May 2, 2008 at 12:31 pm
Frank
Been on my site today, each hit the IP address increments. I have an “email to a friend” plug-in that they are particularly interested in. Im blocking that IP range now.
May 5, 2008 at 9:53 am
Corey
Their range so far is ‘112 to ‘119.
Here is some info on what IT is called.
65.208.151.112 my-heritrix-crawler(+http://mywebsite.com)
Blocked.
May 5, 2008 at 1:08 pm
JMLivingston
We were hit by them over the weekend. I did some research and apparently it’s a front for Symantec/Veritas corporation. Since they are so heavily involved in internet security it’s probably some sort of cataloging bot, though it is unusual that they source the traffic from multiple addresses. If you end up tracerouting back to the source address it dies at 216.10.192.65 and .66, a whois lookup on that address at http://www.arin.net indicate that those addresses are owned by Symantec.
-John
May 12, 2008 at 4:37 am
Fixx
Mine got 27 hits from them 2 days back.. location from Cardiff by the Sea,California.. i checked it out.. its a surf haven..
May 21, 2008 at 9:12 am
Jarvis Universal Purchase Company - Geiger
[...] Other people are seeing this as well, example. [...]
June 10, 2008 at 4:03 pm
galleryshops.biz
What is this company? Is it a data tracking company or what? I got a few hits from them but don’t know why they came. Never heard of them before.
I suppose hits from anywhere are better than no hits. I welcome them.
June 10, 2008 at 4:50 pm
Huckleberry Dumbell, Editor In Chief
This guy did some more checking.
June 11, 2008 at 9:37 am
Richard
I had 70 direct hits. Of those 67 were from Jarvis and the other 3 were from 3 other communications companies.
hawaiian telcom services company inc.
bresnan communications llc.
pppox pool – bras4.wlfrct-1173128462
I don’t get it.
June 12, 2008 at 12:09 pm
Melissa
I use Stat Counter… I received 331 hits from Jarvis today – ranging up to an hour in time. This scares me to death- what is going on?
June 12, 2008 at 12:31 pm
Huckleberry Dumbell, Editor In Chief
Most likely nothing to worry about. See the rest of the comments.
June 13, 2008 at 6:56 am
Sara
I have checked on Jarvis Universal Purchase Co. and i see one of their locations are Sunnydale,CA . It seems to be about the same location as the Google bot IP.
Sara
http://www.gigomania.com
June 16, 2008 at 12:16 am
Shahnawaz
I’ve also recieved same lots of hits at our website (http://alldelhi.com) from diffrent IP address of Jarvis Universal Purchase Company. Plz tell me if there is any problem?
July 9, 2008 at 9:05 am
Sean H
This is a malicious attack. It is part of a SQL Inject / Cross-site scripting effort. If successful, they will inject a java script into your SQL database that will cause site visitors to load virus and malicious software.
July 11, 2008 at 8:59 am
gaby
hello there, i’m from france and since yesterday i have hundreds of hits from jarvis universal purchase company…does anybody have some more intresting news about this ? is it sure that this is malicious app @ work ? any reply will be appreciated
thx!
July 15, 2008 at 9:55 am
gaby
ok, my server just rebooted for an unknow reason after having its charge increasing a lot, suddenly…i started to have theses logs just a few days ago…can it be related ?…
July 15, 2008 at 10:03 am
Huckleberry Dumbell, Editor In Chief
I wish I could help you Gaby, but I’m no techie. If I had your problems, I’d pay for someone to fix it.
July 17, 2008 at 8:04 am
coolgeek24751
I just got 69 hits from them. I certainly hope this isn’t malicious.
August 1, 2008 at 5:49 pm
Unusually high spike in traffice - 600+ more hits | kennethteo.com
[...] http://springcitychronicle.com/2008/03/20/blog-stuff-2/ addthis_url = ‘http%3A%2F%2Fkennethteo.com%2F2008%2F08%2F02%2Funusually-high-spike-in-traffice-600-more-hits%2F’; addthis_title = ‘Unusually+high+spike+in+traffice+-+600%2B+more+hits’; addthis_pub = ‘kennethteo’; [...]
August 7, 2008 at 8:22 am
Preston
The Jarvis crawler hit my site with 110 page views in under 2 minutes!
Weddings By Maria
August 13, 2008 at 11:59 am
ABSSdata
OrgName: MCI Communications Services, Inc. d/b/a Verizon Business
OrgID: MCICS
Address: 22001 Loudoun County Pkwy
City: Ashburn
StateProv: VA
PostalCode: 20147
Country: US
NetRange: 65.192.0.0 – 65.223.255.255
CIDR: 65.192.0.0/11
NetName: UUNET65
NetHandle: NET-65-192-0-0-1
Parent: NET-65-0-0-0-0
NetType: Direct Allocation
NameServer: AUTH03.NS.UU.NET
NameServer: AUTH00.NS.UU.NET
Comment: ADDRESSES WITHIN THIS BLOCK ARE NON-PORTABLE
RegDate: 2000-10-27
Updated: 2006-12-14
August 15, 2008 at 8:59 am
Randy
A little more research has turned up a domain that is registered in that company name (goosu.com). It event provides an address and telephone number if anyone wants to give them a call.
http://www.who.is/domain_archive-com/goosu.com/
August 23, 2008 at 11:10 pm
Tadeus
I’m very scared about it. My web currently had 400 visits from JARVIS or INSIGNIUM.
I found this info:
Apparently it is a crawler named “MY HERITRYWX CRAWLER” and has a web mywebsite.com
Idk if it’s malicious or not, but I think a security engineer should to write about it
http://www.botsvsbrowsers.com/ip/65.208.151.118/index.html
bots list
http://64.233.169.104/search?q=cache:1Riq-XzCZY8J:www.braemoor.co.uk/robotreport.php+65.208.151.118&hl=en&ct=clnk&cd=9
August 26, 2008 at 11:41 pm
mani
Yesterday Same thing happened with my website allnutri
September 4, 2008 at 12:47 pm
Lucifuge
I got the traffic boost from them yesterday. Nice stats, but wtf. I probably know as much about it as you guys and have scoured the web for more info.
I blocked all their IP addy’s anyway, just to be safe.
Let’s hope more info comes forth.
November 18, 2008 at 10:52 am
Threats from Web Hosting Service - Please Advice me | SulVision
[...] searching a bit, I came across a few more webmaster reporting unusual activities from the same IP range and some of them also linked them to an attempt towards a SQL Inject / Cross-site scripting effort. [...]
November 23, 2008 at 9:44 pm
Threats from Web Hosting Service - Please Advice me | Web Tools and Tips
[...] searching a bit, I came across a few more webmaster reporting unusual activities from the same IP range and some of them also linked them to an attempt towards a SQL Inject / Cross-site scripting effort. [...]
November 26, 2008 at 12:17 pm
Matt
I’ve just had over 42 pages views in 3 minutes http://www.ultimateinternetsecurity.com – intrestingly they were on the checkout pages of the online shop … Hmm
December 8, 2008 at 4:35 pm
tragonnet
yep. hit us too – http://www.calamitynews.com – blacklisted the range. messed with our stats!
March 27, 2009 at 2:47 pm
suspiscious
This is the FBI bot.