encoded url's in spam email

Anyone know of an app to decrypt url's like this one
http://%32%31%36%2E%32%30%37%2E%36%30%2E%33%36:%38%37/%73%74/%69%6E%64%65%78%2E%68%74%6D
I know these "phishing" emails all seem to point to some url and then port 87, i would like to decrypt this url to find the port 87 part.
Thanks.
TuscolaCountyAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
sunray_2003Connect With a Mentor Commented:
0
 
Lobo042399Commented:
216.207.60.36:38/st/index.htm

Open your Character Map (Start>Programs>Accesories>System Tools). Select a Unicode font (look for any that has the big "O" icon.) Hitting on any of the regular letters and numbers will display their Unicode code.

Good Vibes!

Lobo
0
 
sunray_2003Commented:
The above software , you can just open the software after installing.

Then go to Tasks --> URL decoder
paste the url that you have in the email and press OK and it should give you the result..
0
Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

 
TuscolaCountyAuthor Commented:
Which version of the software? Workstation?
And the character map thing, I am not able to find how to decode using that.
0
 
TuscolaCountyAuthor Commented:
wait, wrong software, i downloaded netdemon, will try. tnx
0
 
TuscolaCountyAuthor Commented:
ok, netdemon has decoded the url, here is it's findings: But it doesn't tell me which part of the coded url is the port 87 part.

http://%32%31%36%2E%32%30%37%2E%36%30%2E%33%36:%38%37/%73%74/%69%6E%64%65%78%2E%68%74%6D

--- Decoded all hex characters: (note: this result may not be a valid URL)

http://216.207.60.36:87/st/index.htm

--- Broken down URL components:

 Protocol:  http
     Host:  216.207.60.36
     Port:  0
     Path:  /st/
     File:  index.htm

--- Decoded URL:

http://216.207.60.36:0/st/index.htm

--- resolving IP [216.207.60.36], please wait...

 216-207-60-36.gssmail.com [216.207.60.36]
0
 
sunray_2003Commented:
TuscolaCounty,

Why do you want to know about port 87 and where did you find it
0
 
TuscolaCountyAuthor Commented:
We receive "phishing" emails (spam of sort) and are trying to block them through our email server anti-spam filter. They are quite hard to block because there is reallyno unique body text, url, from address or anything else. The one thing they all seem to have in common is that whatever url they are pointing at is set to use port 87.
See above analisys from netdemon.
I have figured a way to block them though, set up a rule to block any email containing body text http://%
And it catches the encoded urls.
Giving the points to sunray 2003 for the link to netdemon.
0
 
sunray_2003Commented:
Glad i was able to assist
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.