jducoeur

You're viewing

jducoeur's journal
Create a Dreamwidth Account Learn More

Reload page in style: site light

Fascinating. Today's phishing spam attempt is better-crafted than most -- it looks quite real. (Although the webpage doesn't work properly in Firefox -- oops.) But the URL is the really entertaining part: it's "http://1045255696/.%20/". I assume that's a numeric version of an IP address (haven't done the calculation offhand, but the integer length looks plausible), and rather to my surprise it works. Didn't know you could do that. Presumably it's designed to get around spam filters that detect hardcoded IP addresses in URLs...

Flat | Top-Level Comments Only

From:

metageek.livejournal.com

62.77.86.16, registered to a Czeh advertising firm.

I don't know why, but, yes, the string syntax for IP numbers includes writing out the 32-bit integer. It's handled by inet_aton(), which means pretty much every app that does the Right Thing with numeric addresses supports it. (There are apps out there that try to do a sanity check on address-or-hostname strings, but it's always better to pass it to inet_aton() first and then to gethostbyname().)