Important Notice: Our web hosting provider recently started charging us for additional visits, which was unexpected. In response, we're seeking donations. Depending on the situation, we may explore different monetization options for our Community and Expert Contributors. It's crucial to provide more returns for their expertise and offer more Expert Validated Answers or AI Validated Answers. Learn more about our hosting issue here.

SpamCop FAQ : General information about SpamCop : Non-SpamCop information : How do you decode the munged URLs often found in spam?

decode munged non-spamcop spam SpamCop URLs
0
Posted

SpamCop FAQ : General information about SpamCop : Non-SpamCop information : How do you decode the munged URLs often found in spam?

0 CommentsAdd a Comment

1 Answer

0

Example: http://%4a%55%53%54%49%43%45@%33%35%31%37%37%31%32%39%30%35/ There are three things you need to know about to decode these URLs. They’re not actually bogus; they’re just made hard to read. % encoding is normally used to encode characters that aren’t legal in URLs; the spammers encode all (or at least some of) the characters, including the legal ones, to make them hard to read. Each character is represented as a ‘%’ followed by a two digit hex number, which corresponds to the ASCII code for the character. e.g. %4a is J for your URL this gives us: http://JUSTICE@3517712905/ Everything before the last @ sign in the URL is authentication information, which is ignored by most servers for most pages anyway. For the purposes of identifing the host, we can chop this off to get http://3517712905/ This refers to the root page / on host IP 3517712905. This large number is the IP address of the host, but written as one large decimal number rather than four smaller numbers as is normally t

0 CommentsAdd a Comment

Related Questions

What is your question?

*Sadly, we had to bring back ads too. Hopefully more targeted.