If youre trying to trick people into thinking a domain name is legit and definitely not harmful,

May 22, 2023

I don’t know why this works, but it’s some kinda feature of URLs:

https://google.com@chriscoyier.net/

It’s not a Google thing, I think anything works:

https://daverupert.com@chriscoyier.net/

It opens a door to make functional URLs that go somewhere you really aren’t expecting:

https://definitely-safe-place-to@buy-drugzzz.com

I saw this in The Dangers of Google’s .zip TLD that used these examples:

https://github.com∕kubernetes∕kubernetes∕archive∕refs∕tags∕@v1271.zip https://github.com/kubernetes/kubernetes/archive/refs/tags/v1.27.1.zip

Try that first one. In all browsers, it takes you to the currently-non-existent v1271.zip, which is now a web address.

🤘

ncG1vNJzZmibmKe2tK%2FOsqCeql6jsrV7kWlpbGdganxzfo6inWaxn6q%2FpnnTq7CippdiwbB506ugnKNdpbKwvMueZKKmpKR6tbTIp6Kippdirm6wzqaYoqZdo66usYyiqmaklZy2tXnAp5tmnJWbtq%2B1056jsmWepMFutMCrpJ%2BtnGK3tr%2FTZqeurF2cvLCzy55knKedYravecWrpqesXaSzbrXTaA%3D%3D

Martina Birk

Update: 2024-04-12

VoxBlog

If youre trying to trick people into thinking a domain name is legit and definitely not harmful,

Related

Martina Birk

<< La hora de las mujeres

Heidi Klum's daughter Leni, 18 throws arms around beau Aris Rachevsky, 19 >>