gurnec Posted May 8 Share Posted May 8 (edited) This looks like a bug in the parsing code. Here is the URI (to a now-disabled phishing site) inside a Content-Type: text/html part: <a href="https://bookdnx.cfd#user@example.com" ... The response to reporting I received is below. (Note that SC first masked the email address to x.) Quote Tracking link: https://bookdnx.cfd#x No recent reports, no history available Host bookdnx.cfd#x (checking ip) IP not found ; bookdnx.cfd#x discarded as fake. bookdnx.cfd#x is not a routeable IP address Cannot resolve https://bookdnx.cfd#x It appears to be confused by the lack of slash between the domain and fragment/bookmark, or maybe the uncommon gTLD. Either way, bookdnx.cfd is a resolvable domain (and the lack of slash is valid according to RFC 3986). Thanks for taking a look! Edited May 8 by gurnec Quote Link to comment Share on other sites More sharing options...
Lking Posted May 8 Share Posted May 8 This thread seems to be related: https://forum.spamcop.net/topic/73296-link-not-detected-properly-because-of/#comment-188676 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.