Until I started to dig in to the "Follow the White Rabbit" spam campaign a few nights ago, I was unaware that Chrome would translate non-dotted IP literals. I would suggest blocking/alerting on the following pattern appearing in a PDF or URL: (http|https):\/\/[0-9]{8,10}$
-
-
Doesn't chrome attempt to convert a hexadecimal URL into an IP address?
-
Indeed. And octal too! http://027136435646/
- 2 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.