"URLs that bite", a first stab
Version October 2000

A 32-digit hexadecimal number in your URL
by +Forseti
I publish this incomplete 'first stab' on purpose, in order to try to force +Forseti to deliver his "list of all such malwares, web bugs et al that are lurking" this is not only a worthy endeavour, it is something that has to be done, and that noone else but us seems capable to do. My hope, in publishing this letter, is that many clever seekers will send their own findings, suggestions and counter measures, allowing +Forseti to develop his research into a full fledged (and crucially important for anyone of us) section. Work well!

Hello Fravia,

which I found while following the cuecat story via:

from whence I arrived while perusing:

(Quite a domain name, that.)

Of particular interest on lemuria is this:

Here's the first paragraph:

"When you visit 7val's homepage, watch the URL line of your browser. You
will see that it changes almost immediatly, towards something like
(id) where (id) is a 32-digit hexadecimal number. This is
your unique ID number and will stay with you as long as you remain on
7val's homepage, because it is part of the very URL, and 7val has a
wildcard DNS entry (i.e. * points to their webserver). When
you visit one of their partners (choose "referenzen"), your unique ID is
handed them through the "Referer:" entry that your webbrowser sends. You
will notice that the URL line changes to whatever partner you clicked on,
but the unique ID stays the same."

Very evil eh?

Anyhow, I'll continue to plumb these sites' depths and report anything
else of note. I am endevoring to produce a list of all such malwares, web
bugs et al that are lurking, and this newest one only serves to remind me
of the foolishness of my not at least starting my reckoning...

All this hoopla about DeCSS, CueCat, Cyber Patrol et al has given me
reason to think that these high profile incidents are really meant to draw
attention away from other sinister occurances. The majician relies on
capturing your fovia for his sleight of hand to work, what now are we
missing that creeps unseen past our vigil?

in service,



