resistorX

found unusual url, not formatted correctly

10 posts in this topic

//safmugweb01/plnet/DetailText.cfm?PCN=10645481&ViewNumber=001&startrow=1

Notice there's no usual format to it, i.e. example.us, example.org, etc ? The . in the domain name is missing as well (there's seems to be no domain name either, at least in the correct format - like it's meant to be hidden).

It has http on the front of it, I just left it out so the entire url can be visible.

I tried several things to find where this goes to but got nada. I tried variations like using only what comes before the /Detail... , using only the part before /plnet, etc. Still nada.

I tried googling it, yahoo'ing it and still nada.

I have it pasted into OneNote (M$ program) and clicking it gets this message :

23tjprm.png

This url IS a valid one - I have a printout from it that's dated recently (along with the file that's listed there) and considering whose it is, they wouldn't kill the site it goes to (whatever site this is, which I don't know specifically, but I have a good idea plus I know WHO owns it).

Edit : whois.net pulls up nada as well. Probably partly because it has no .us type extension on the end of it. WEIRD.

You know what I believe has happened here. If someone wanted a hidden site, for whatever reason they need it for, what better way to hide it than to not use the proper http addressing format. Yep, I think that makes sense.

HERE'S a big list of interesting computer systems, some of which have a need for hiding part of their site - not that this page shows all that exist, no doubt. However, I don't know if this print out I have is from one of them.

An example of what's on the link I just gave (not the 1st one) is NCIC whose page is here :

http://www.leo.gov/

Edited by resistor X
0

Share this post


Link to post
Share on other sites

Um, what?

If it doesn't have a domain extension, then it doesn't go anywhere.

This printout that you have; Any chance that whoever printed it decided to mask where it came from by just inserting random junk where the domain name should be, but forgot to ad a .com, .org, .gov or whatever?

safmugweb01?

0

Share this post


Link to post
Share on other sites

Um, what?

If it doesn't have a domain extension, then it doesn't go anywhere.

This printout that you have; Any chance that whoever printed it decided to mask where it came from by just inserting random junk where the domain name should be, but forgot to ad a .com, .org, .gov or whatever?

safmugweb01?

This is one point I considered has happened. The masking part, that is.

As far as forgetting to add a .com or whatever, I doubt they'd forget it - if someone wanted to do a really good masking job, it'd be even better to leave off the .com, whatever, so anyone intercepting it will have even less clue as to where it came from. At least I'm speaking from my own urge to stealth myself if I needed to, I'd be sure to not leave even a hint like a .com in it.

But the topic of masking it, period, brings the question to mind, "Why mask it? Unless I'm correct that it's supposed to be hidden." Curiosity gets me if it's supposed to be hidden - I'm just wondering what the system is that 's hidden, though I think I might know anyway. Granted, being a print out is all to go on since there's no way for someone, should they have the urge to go looking, to find out what it really is.

I still believe I already know what system it is - or perhaps it's something just like it used by the same people.

What amazes me is, this isn't the 1st time I've ran into this situation. A while back I found about 30 such papers stapled together - it was basically a 30 page version of what I have right now and weirder yet, I found them like this one is same damn neighborhood!

The page I have now has only ONE person listed on it, with details - one being their SS#. There's enough there to steal this dudes identity if I care to. Bad enough to have someone's social security # on it, plus the rest of it and the hand written notations on it...hmmm... I'd venture a guess it wasn't meant for public viewing, hence the 'weird' url that goes to no where. A masked url in this case makes sense to me, unless I'm just ignorant.

As to WHOM the print out belonged to, it was law enforcement of some type. I cannot say whether or not it's local or federal however. I'm kinda wondering if it was a print out of something from the NCIC because it has similar data they'd have on their system - plus more. The "more" being personal notations on it, like you would imagine someone in law enforcement would write down.. like investigation notes.

----------------------------------

All I can say is - DUDE. Not that you're reading this, but you keep losing these print outs and it's gotta be just you doing this. How many people keep dropping their work in this area anyway? You need to keep better track of your papers, dude.

Couldn't help but say that. Just weird to keep doing that is all. Careless.

Edited by resistor X
0

Share this post


Link to post
Share on other sites

i could be wrong on various things since the last time i've really worked with a microsoft network was in high school, but i think this is just a 'URL' for internal use on a microsoft domain.

for example, each computer would have a hostname, like lab01 for lab computers, or print01 for a print station. you would then specify hosts using the //[hostname]/ format. if you have the chance to get on a windows network with shared storage or resources (like you would typically find in a public school) you can poke around some, viewing the hosts in the windows domain and the resources they share, noting the resource's path is usually of the form //[hostname]/blab/blah. i've barely looked at this stuff over the past few years, but i'm almost positive that's what this is.

0

Share this post


Link to post
Share on other sites

Yeah, as soon as I read that this printout has some guys ss# on it, I'm saying internal network.

0

Share this post


Link to post
Share on other sites

Yeah, as soon as I read that this printout has some guys ss# on it, I'm saying internal network.

i was going to say the same thing as zandi, on an internal network you would only have to enter the networked computer into the first field (where the .com address would be)

or... claiming to be possible government paperwork, it could be the governments private secure internet (i am forgetting what it is called, and my goog-fu skills are weak right now)

0

Share this post


Link to post
Share on other sites

Just looks to me like a network share on a LAN. You know, like a shared hard drive or something.

0

Share this post


Link to post
Share on other sites

We've had this happen in our flagship product at work, too. We have places where the domain name has to be hard-coded. Each developer uses his own machine with IIS, database, etc. The hard-coded URL has to mach the computer it's running on. Sometimes we'll get a developer who forgets to change it back to its proper value before committing the code. I would guess the same thing happened here.

0

Share this post


Link to post
Share on other sites

Yeah, as soon as I read that this printout has some guys ss# on it, I'm saying internal network.

i was going to say the same thing as zandi, on an internal network you would only have to enter the networked computer into the first field (where the .com address would be)

or... claiming to be possible government paperwork, it could be the governments private secure internet (i am forgetting what it is called, and my goog-fu skills are weak right now)

The government has three versions of classified internal networks. Each with its own security classification. The encryption on these things is ridiculous and done only by satellite with guards posted at all times. And the naming schemes for the computers are no different than mine or yours. If this guy did get lucky and beat the one in a billion odds to acquire some peices of paper like this he would know where it came from....

0

Share this post


Link to post
Share on other sites

Theres another option, someone has configured a server with CNAME based virtual hosting and the CNAME (called name) doesnt exist in dns.

So how do they resolve it? edit hosts.txt on the browsing machine and put a hardcoded entry into it. That machine now cname's that IP even though its not in dns and the vhost mechanism works as intended...

Why do that? because only you are going to be calling that cname. And you can prepare stuff for a domain that you haven't currently got access to, for whatever reason. Perhaps you might be making a website for someone that already owns the domain, and want to test a load of hardcoded functions before sending it them. They wont surrender domain control to you because theyre using it to host their original crap site that mandated your redesign but you want to be sure. Or maybe some other reason.

I use this for testing stuff all the time without registering a domain etc.

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now