::The Chilp blog::

Fresh from the Chilp Media Group

Archive for the 'Chilp.it' Category

Malware attack?

Dear all,

we were experiencing a high traffic situation over the last few days which is slowing down today. It all started when ~50 seemingly random URLs mostly registered at Free Domain Hosters were shortened through our our happy URL shortener http://chilp.it last weekend.

Since all of this domains where shortened within a short amount of time and were sporting the distinctive pattern “/s.php” we found out about it and blocked those probably malicious URLs.

We most likely wouldn’t have given those blocked URLs a second thought but they received so much clicks our traffic load tripled over the last couple of days. Although we don’t know the nature of the attack we like to warn you about it and decided to publish those URLs here. Feel free to contact us if you got any questions.

Stay safe,

http : // kuyinewa.vistafree.info/s.php
http : // fokovamo.wspromoter.info/s.php
http : // cihobote.phpnet.us/s.php
http : // leluzaxi.pnoyhost.com/s.php
http : // nucabowu.297m.com/s.php
http : // jupujoti.tha.im/s.php
http : // yoyojop.fastlink.in/s.php
http : // givevuxe.metrohosting.info/s.php
http : // qifusid.zionnite.us/s.php
http : // kiwirud.freeweb.pk/s.php
http : // vuyexay.lhosting.info/s.php
http : // juliguy.thefreephphost.com/s.php
http : // kefahub.4mtm.net/s.php
http : // becifayi.my-php.net/s.php
http : // bemihufe.suga.com.ar/s.php
http : // voginide.literalseduction.net/s.php
http : // ginoyiva.hostingforfree.org/s.php
http : // leteqiya.krubpom.com/s.php
http : // daxoxuso.doang.net/s.php
http : // nomibow.my-host.us/s.php
http : // jawufox.botetr.com/s.php
http : // xejevaje.freehostingplus.net/s.php
http : // mohufir.twohosting.com/s.php
http : // zezayalo.hq-blaze.info/s.php
http : // haliveb.koon.pl/s.php
http : // zusacaqu.hostingperron.com/s.php
http : // dadizoti.2freehost.com/s.php
http : // zixevema.hostfree.in/s.php
http : // pekixufa.01lx.net/s.php
http : // lepupula.0adz.com/s.php
http : // xumukabe.ispace.in.th/s.php
http : // lukuqaga.3host4.info/s.php
http : // jesojebe.valhallahost.tk/s.php
http : // zopezato.4sql.net/s.php
http : // rugacoc.iran50.com/s.php
http : // buqeyoqu.johaneswisnu.info/s.php
http : // yedutit.pnoyhost.com/s.php
http : // xahixebo.vixo.pl/s.php
http : // tizoqum.habibye.net/s.php
http : // xikanabi.free-website.biz/s.php
http : // samuroko.starlinks.ro/s.php
http : // xiluyuba.suga.com.ar/s.php
http : // tocizere.mutk.us/s.php
http : // kopivoko.suga.com.ar/s.php
http : // weribowo.123bemyhost.com/s.php
http : // gukeruro.fik4.com/s.php
http : // tiqutuyu.0blaze.info/s.php
http : // yitosuse.hosthost.info/s.php

Comments are off for this post

IPv6 now

Great news: Chilp.it is now available via IPv6.

Host: chilp.it
IP: 2001:41D0:1:5B7d::


Comments are off for this post

Fighting spam, even better!

Dear all,

good news, we updated our brave spam fighting systems.
From now on every link that someone tries to shorten will not only be checked against our local blacklist and Google’s Safebrowsing API but also against Spamhaus’ DBL.

If that entered URL is in one of those lists the API or the web interface will respond with a new error:
“410 – Krch! Domain is blacklisted!”.
You won’t be able to shorten any links from this domain then.

All links that have been shortened in the past and magically end up on the blacklists will be blocked too.
As a result, the corresponding Chilp.it short URLs will stop working and won’t redirect to the destination anymore.

Happy shortening!


Comments are off for this post

More spam…

We are aware of a rather massive attack against our happy service and are taking all necessary steps. We are also blocking all corresponding URLs. Thanks a lot for the reports we received so far.

Stay tuned.

Comments are off for this post

Regarding the spam situation…

Random fact: Since we are still providing a relatively open API we also need to fight a lot of spam. Even if we believe in the idea of openness it is sometimes not fully practical.

We decided to keep the open API for as long as we can but to also keep an eye on what’s going on. And, there’s a lot going on, in fact, there’s so much going on that we decided we have to put a spam and misuse detection in place that relies both on Google’s Safebrowsing API and our own detection routines. The filters are constantly learning and are getting better and better. The truth is: Blocking domains has never been our intention but we pretty much have no choice anymore.

Anyway, we are rather pleased with the results and hope you’re too.

If your site is blocked and you feel that it shouldn’t just drop us a line and we take a look. On the other hand: If you want to report spam or misuse please contact us via the abuse address or via Twitter.

Have a fine day. :-)


Open problem: OpenDNS issues [Solved]

OpenDNS recently tagged our happy shortener as a phishing site within their service which caused a lot of trouble for us. Even though they were not directly reachable for further comments we managed to get hold of them very quickly via Twitter.

@OpenDaniel responded extremely fast and resolved the issue. Thanks again, OpenDNS, for sorting that out.

Keep up the good work!

Comments are off for this post

Using Chilp.it with Tweetdeck

Great news, people!

Tweetdeck recently added support for custom url shorteners. What does that mean? Well, you can use our happy service now within Tweetdeck too.

How? Take a look at the explanation.

Just put in “http://chilp.it/api.php?url=%@” and start using Chilp.it with Tweetdeck now.

Have fun. :-)

Comments are off for this post

Here you go: We’re now using Google’s Safebrowsing API

Good news:

Starting from today, we’ll check every shortened URL against Google’s constantly updated blacklists of suspected phishing and malware pages.

What does this mean? Well, check it out…

…here are some of the things we can do with the Safe Browsing API:

  • Warn users before clicking on links that lead to malware-infested pages.
  • Check pages against Google’s lists of suspected phishing and malware pages.

Hu? Try me! http://chilp.it/malware

Comments are off for this post

With or without ?…

Since Twitter is just too slow fixing their bugs we rewrote our software and removed the “?” from the links. Links with “?” will still work but fresh ones will come without it. Please let us know if you stumble upon something odd. Cheers. :-)

Oh, and thanks for nothing Twitter.

Comments are off for this post

Open problem: Twitter is breaking Chilp.it links, again [Solved]

Since a few hours, Twitter is breaking links shortened with Chilp.it on user pages. As a result, users aren’t able to click that particular link anymore. The link itself is perfectly alright and valid, Twitter just breaks it for some unknown reason.

This is how it looks like right now on user pages:


It is all good through the search, though:


We opened a ticket but didn’t receive any response from Twitter so far.
Sorry for the inconvenience, those folks will hopefully fix this asap.

Thanks a lot.

Update: 24 hours later, still no response. We aren’t too happy with the way Twitter handles those things.

Update II: Other users who are not using Chilp.it are reporting broken links too. Check out http://twitter.com/travel_tour.


Update III: Finally, Twitter is aware of the bug. Check the Twitter Development Talk.

Update IV: Seven days later the problem still exists. We are as unhappy as you are.

Update V: Please look here!


Next Page »