Overview

URL www.bit.ly/2C6K5Yp
IP67.199.248.11
ASNAS3257 Tinet SpA
Location United States
Report completed2018-07-16 18:51:52 CEST
StatusLoading report..
urlQuery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2018-07-16 2 www.bit.ly/2C6K5Yp Phishing
2018-07-16 2 bit.ly/2C6K5Yp Phishing
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 67.199.248.11

Date UQ / IDS / BL URL IP
2018-10-15 19:02:34 +0200
0 - 0 - 0 bit.ly/2IW2H1A 67.199.248.11
2018-10-15 18:04:30 +0200
0 - 0 - 0 https://bit.ly/2xHgh4E#6u0160saafx8l83nu77 67.199.248.11
2018-10-15 17:29:38 +0200
0 - 0 - 0 https://bit.ly/2MwCQ5z?elqTrackId=ffd0518ea4f (...) 67.199.248.11
2018-10-15 17:11:01 +0200
0 - 0 - 0 67.199.248.11 67.199.248.11
2018-10-15 16:48:17 +0200
0 - 0 - 0 https://bit.ly/2NEV0xL 67.199.248.11
2018-10-15 16:45:31 +0200
0 - 0 - 0 https://bit.ly/2yvITh0 67.199.248.11
2018-10-15 16:33:41 +0200
0 - 0 - 0 https://bit.ly/2Kf6SF3 67.199.248.11
2018-10-15 16:12:44 +0200
0 - 0 - 0 https://bit.ly/2NEV0xL 67.199.248.11
2018-10-15 14:01:39 +0200
0 - 0 - 3 bit.ly/2Aa3E3M 67.199.248.11
2018-10-15 06:45:54 +0200
0 - 0 - 0 https://bit.ly/2ykLtqF 67.199.248.11

Last 10 reports on ASN: AS3257 Tinet SpA

Date UQ / IDS / BL URL IP
2018-10-15 22:23:58 +0200
0 - 0 - 0 dannyperschonok.com 208.67.23.116
2018-10-15 21:41:42 +0200
2 - 0 - 0 https://bit.ly/2RRtEaL 67.199.248.10
2018-10-15 21:10:19 +0200
0 - 0 - 0 https://bit.ly/2NEV0xL 67.199.248.10
2018-10-15 19:44:56 +0200
0 - 0 - 0 https://binged.it/2NBuHcj 67.199.248.13
2018-10-15 19:33:06 +0200
0 - 0 - 0 https://binged.it/2NBuHcj 67.199.248.13
2018-10-15 19:21:29 +0200
0 - 0 - 0 bit.ly/2pUf9q9 67.199.248.10
2018-10-15 19:02:34 +0200
0 - 0 - 0 bit.ly/2IW2H1A 67.199.248.11
2018-10-15 18:06:02 +0200
0 - 1 - 0 https://bit.ly/2DDB3aO#6u0160saafx8l83nu77 67.199.248.10
2018-10-15 18:04:30 +0200
0 - 0 - 0 https://bit.ly/2xHgh4E#6u0160saafx8l83nu77 67.199.248.11
2018-10-15 17:59:23 +0200
0 - 0 - 0 https://bit.ly/2pbdcoW#i23993tahro 67.199.248.10

No other reports on domain: bit.ly



JavaScript

Executed Scripts (2)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (7)


Request Response
                                        
                                            GET /2C6K5Yp HTTP/1.1 
Host: www.bit.ly
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         67.199.248.10
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Mon, 16 Jul 2018 16:51:21 GMT
Content-Length: 178
Connection: keep-alive
Location: http://bit.ly/2C6K5Yp


--- Additional Info ---
Magic:  HTML document text
Size:   178
Md5:    cd2e0e43980a00fb6a2742d3afd803b8
Sha1:   81ffbd1712afe8cdf138b570c0fc9934742c33c1
Sha256: bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

Alerts:
  Blacklists:
    - fortinet: Phishing
                                        
                                            GET /2C6K5Yp HTTP/1.1 
Host: bit.ly
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         67.199.248.11
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Mon, 16 Jul 2018 16:51:21 GMT
Content-Length: 215
Connection: keep-alive
Cache-Control: private, max-age=90
Location: https://bitly.com/a/warning?hash=2C6K5Yp&url=https%3A%2F%2Fbsparkaverifizierungsschritt2.varinen.top%2Fsparkassen_banking%2F


--- Additional Info ---
Magic:  HTML document text
Size:   215
Md5:    edeba13074c92c5f00c18dfa99a6d8b8
Sha1:   375f3910a3f926c4479b03799de6fd4fbdcb866c
Sha256: c7f39fee63cc885147e43cea596d03e5ac1f4012e4555af478a6d385f2b46615

Alerts:
  Blacklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=160453
Date: Mon, 16 Jul 2018 16:51:22 GMT
Etag: "5b4c475a-1d7"
Expires: Wed, 18 Jul 2018 13:25:35 GMT
Last-Modified: Mon, 16 Jul 2018 07:20:58 GMT
Server: ECS (arn/4692)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    4d012a0a4fae0fa68a0694535854b5b9
Sha1:   d2bf74642521299325bcc8ec2d92894f9b78906c
Sha256: 6c66a533ce641802280eaca57a58b0dc97ab170a5b62979e87e2530a6024125f
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=159352
Date: Mon, 16 Jul 2018 16:51:22 GMT
Etag: "5b4c7629-1d7"
Expires: Wed, 18 Jul 2018 12:50:32 GMT
Last-Modified: Mon, 16 Jul 2018 10:40:41 GMT
Server: ECS (arn/4694)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    3e35762a38138e5e788ec4ec1fccc7b1
Sha1:   1e4c58320215e549d0940beda952147b0dca5aad
Sha256: d00d30b053042bbb6e650ca85a0c633c979a109b349a5b984f7ec8050e722b4d
                                        
                                            GET /a/warning?hash=2C6K5Yp&url=https%3A%2F%2Fbsparkaverifizierungsschritt2.varinen.top%2Fsparkassen_banking%2F HTTP/1.1 
Host: bitly.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         67.199.248.15
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Mon, 16 Jul 2018 16:51:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: anon_u=cHN1X181YWNhZTIyYi1iYjk4LTRmM2MtYmU1MS02M2JkYzM3NWNiOWY=|1531759882|5d25acc7ddf790518594e6d1546cb20ae7901a91; Domain=bitly.com; expires=Tue, 16 Jul 2019 16:51:22 GMT; httponly; Path=/
Etag: W/"176c67f21f73e3b72e3f210dd3170b7499bc5b18"
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
P3p: CP="CAO PSA OUR"
X-Frame-Options: DENY
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2975
Md5:    fd65f6cc16af6ddf87d0295703699734
Sha1:   2b6f0c80bdf082af97867217a99202b0435804e7
Sha256: dd12393de2da802c4ef485d708f4ce14d4301958b47c7dae792fd0f10b002a3a
                                        
                                            GET /s/v468/graphics/bitly_warning_hand.png HTTP/1.1 
Host: bitly.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://bitly.com/a/warning?hash=2C6K5Yp&url=https%3A%2F%2Fbsparkaverifizierungsschritt2.varinen.top%2Fsparkassen_banking%2F
Cookie: anon_u=cHN1X181YWNhZTIyYi1iYjk4LTRmM2MtYmU1MS02M2JkYzM3NWNiOWY=|1531759882|5d25acc7ddf790518594e6d1546cb20ae7901a91

                                         
                                         67.199.248.15
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Mon, 16 Jul 2018 16:51:22 GMT
Content-Length: 2496
Connection: keep-alive
Expires: Thu, 13 Jul 2028 16:51:22 GMT
Last-Modified: Wed, 01 Nov 2017 15:43:56 GMT
Etag: "b6b83f51c2ecbe118193eb84f7ca8fddac79fa1a"
Cache-Control: public, max-age=315360000


--- Additional Info ---
Magic:  PNG image, 77 x 78, 8-bit colormap, non-interlaced
Size:   2496
Md5:    5da4c636d5e9a03dffb9dc2052b1390f
Sha1:   b6b83f51c2ecbe118193eb84f7ca8fddac79fa1a
Sha256: df60e8e9ab468a0075e0eb85959ba050f6dc1aad58248eeb627b8e21ba22cf58
                                        
                                            GET /s/v468/graphics/favicon.png HTTP/1.1 
Host: bitly.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: anon_u=cHN1X181YWNhZTIyYi1iYjk4LTRmM2MtYmU1MS02M2JkYzM3NWNiOWY=|1531759882|5d25acc7ddf790518594e6d1546cb20ae7901a91

                                         
                                         67.199.248.15
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Mon, 16 Jul 2018 16:51:23 GMT
Content-Length: 1421
Connection: keep-alive
Expires: Thu, 13 Jul 2028 16:51:23 GMT
Last-Modified: Wed, 01 Nov 2017 14:43:16 GMT
Etag: "c88681cba60ce9321c6fd2fd8dc97555992fa1a3"
Cache-Control: public, max-age=315360000


--- Additional Info ---
Magic:  PNG image, 32 x 32, 8-bit/color RGBA, non-interlaced
Size:   1421
Md5:    10be1fc63993fd01005c34be73678406
Sha1:   c88681cba60ce9321c6fd2fd8dc97555992fa1a3
Sha256: 3ce43ec89d890b85133c3a0f68c666b4ff9afb9fdf6d146c642e1d3dcc1cc06b