Blog Stuff
2008 March 20
Firefox 3 Beta 4 is available for download. Pretty cool.
A visitor from Jarvis Universal Purchase Co. set some kind of record here at the Chronicle today with 237 page views in 8 minutes. Speed reader.
44 Responses
leave one →
Trackbacks & Pingbacks
- Jarvis Universal Purchase Company - Geiger
- Unusually high spike in traffice - 600+ more hits | kennethteo.com
- Threats from Web Hosting Service - Please Advice me | SulVision
- Threats from Web Hosting Service - Please Advice me | Web Tools and Tips
Jarvis Purchase Co. must be slow today. My website got 35 unique visits from them….each one for 1 second.
There must be a spider from “Jarvis Purchase”.
mine too – 13 visits, separate ips, bunches of page views, but for up to 7 minutes each
At least all of our stats will look good this week.
same deal at my site – http://messengerpuppet.com.
8 different Jarvis IPs
8-17 page views per IP (I suspect the IP rotates, or else 8 different people were on at once)
38-57 minutes per IP
Someone, or something, from this company hit my site 490 times 4 days ago & yesterday my site got hacked. I wonder if there is a connection.
I just kneecapped any access from their IP: 65.208.151.112/29 (that’s 65.208.151.112 through 65.208.151.119 both included)
That is, they’re locked out permanently until they either: totally clarify their purpose and also convincingly explain to this untrusting skeptic why I should care, or provide a full disclosure of their tax returns going back to at least 1776 – whichever comes latest.
Did you get any leads on what this company is?
Whomever they really are, what they did was send out an internet spider. There does not appear to be any long term problem. Some cheap-ass advertiser looking for content for a spam web page, no doubt.
Jarvis Purchasing company logged an unusual 198 visits on April 17th to various pages on our website (HTTP://WWW.OOPSystems.com).
We love the attention, however, obviously something is up. It seems they have a spider at work.
I wonder what the spider’s objective might be? Innocuous or malicious?
Hope someone
I am also seeing insane kind of traffic from these IP ranges. The Ip resolve to a company names
Jarvis Universal Purchase Co. Dont know what they are doin..
1 65.208.151.112 24 mins ago
1 65.208.151.113 35 mins ago
1 65.208.151.114 55 mins ago
1 65.208.151.115 56 mins ago
1 65.208.151.116 1 hour ago
1 65.208.151.112 1 hour ago
1 65.208.151.112 1 hour ago
1 65.208.151.114 1 hour ago
1 65.208.151.113 1 hour ago
1 65.208.151.118 1 hour ago
1 69.225.89.108 1 hour ago
1 65.208.151.118 1 hours ago
1 65.208.151.116 1 hours ago
1 65.208.151.116 1 hours ago
I got 79 visits on April 13th for mai9.net, if anyone know what this is, just leave a message
This is an unusual behavior even for a spider… They don’t tend to harass your website so often. At first it seemed like a really lame DoS attack..
Whoa! 94 hits in a single day.
The bot scanned every page of my blog
Any clue who these guys are….?
Hi Huck, same here in the UK. More than 100 visits (scapes?) in less than 24 hours. They’ve seen pretty much the whole site and I’ve come here by Googling for them! Asking my Twitter peeps if they know anything…
Been on my site today, each hit the IP address increments. I have an “email to a friend” plug-in that they are particularly interested in. Im blocking that IP range now.
Their range so far is ‘112 to ‘119.
Here is some info on what IT is called.
65.208.151.112 my-heritrix-crawler(+http://mywebsite.com)
Blocked.
We were hit by them over the weekend. I did some research and apparently it’s a front for Symantec/Veritas corporation. Since they are so heavily involved in internet security it’s probably some sort of cataloging bot, though it is unusual that they source the traffic from multiple addresses. If you end up tracerouting back to the source address it dies at 216.10.192.65 and .66, a whois lookup on that address at http://www.arin.net indicate that those addresses are owned by Symantec.
-John
Mine got 27 hits from them 2 days back.. location from Cardiff by the Sea,California.. i checked it out.. its a surf haven..
What is this company? Is it a data tracking company or what? I got a few hits from them but don’t know why they came. Never heard of them before.
I suppose hits from anywhere are better than no hits. I welcome them.
This guy did some more checking.
I had 70 direct hits. Of those 67 were from Jarvis and the other 3 were from 3 other communications companies.
hawaiian telcom services company inc.
bresnan communications llc.
pppox pool – bras4.wlfrct-1173128462
I don’t get it.
I use Stat Counter… I received 331 hits from Jarvis today – ranging up to an hour in time. This scares me to death- what is going on?
Most likely nothing to worry about. See the rest of the comments.
I have checked on Jarvis Universal Purchase Co. and i see one of their locations are Sunnydale,CA . It seems to be about the same location as the Google bot IP.
Sara
http://www.gigomania.com
I’ve also recieved same lots of hits at our website (http://alldelhi.com) from diffrent IP address of Jarvis Universal Purchase Company. Plz tell me if there is any problem?
This is a malicious attack. It is part of a SQL Inject / Cross-site scripting effort. If successful, they will inject a java script into your SQL database that will cause site visitors to load virus and malicious software.
hello there, i’m from france and since yesterday i have hundreds of hits from jarvis universal purchase company…does anybody have some more intresting news about this ? is it sure that this is malicious app @ work ? any reply will be appreciated
thx!
ok, my server just rebooted for an unknow reason after having its charge increasing a lot, suddenly…i started to have theses logs just a few days ago…can it be related ?…
I wish I could help you Gaby, but I’m no techie. If I had your problems, I’d pay for someone to fix it.
I just got 69 hits from them. I certainly hope this isn’t malicious.
The Jarvis crawler hit my site with 110 page views in under 2 minutes!
Weddings By Maria
OrgName: MCI Communications Services, Inc. d/b/a Verizon Business
OrgID: MCICS
Address: 22001 Loudoun County Pkwy
City: Ashburn
StateProv: VA
PostalCode: 20147
Country: US
NetRange: 65.192.0.0 – 65.223.255.255
CIDR: 65.192.0.0/11
NetName: UUNET65
NetHandle: NET-65-192-0-0-1
Parent: NET-65-0-0-0-0
NetType: Direct Allocation
NameServer: AUTH03.NS.UU.NET
NameServer: AUTH00.NS.UU.NET
Comment: ADDRESSES WITHIN THIS BLOCK ARE NON-PORTABLE
RegDate: 2000-10-27
Updated: 2006-12-14
A little more research has turned up a domain that is registered in that company name (goosu.com). It event provides an address and telephone number if anyone wants to give them a call.
http://www.who.is/domain_archive-com/goosu.com/
I’m very scared about it. My web currently had 400 visits from JARVIS or INSIGNIUM.
I found this info:
Apparently it is a crawler named “MY HERITRYWX CRAWLER” and has a web mywebsite.com
Idk if it’s malicious or not, but I think a security engineer should to write about it
http://www.botsvsbrowsers.com/ip/65.208.151.118/index.html
bots list
http://64.233.169.104/search?q=cache:1Riq-XzCZY8J:www.braemoor.co.uk/robotreport.php+65.208.151.118&hl=en&ct=clnk&cd=9
Yesterday Same thing happened with my website allnutri
I got the traffic boost from them yesterday. Nice stats, but wtf. I probably know as much about it as you guys and have scoured the web for more info.
I blocked all their IP addy’s anyway, just to be safe.
Let’s hope more info comes forth.
I’ve just had over 42 pages views in 3 minutes http://www.ultimateinternetsecurity.com – intrestingly they were on the checkout pages of the online shop … Hmm
yep. hit us too – http://www.calamitynews.com – blacklisted the range. messed with our stats!
This is the FBI bot.