https://16777217/
16777217. $ man 3 inet_aton
[…]
inet_aton() converts the Internet host address cp from the IPv4
numbers-and-dots notation into binary form (in network byte order)
and stores it in the structure that inp points to. inet_aton()
returns nonzero if the address is valid, zero if not. The address
supplied in cp can have one of the following forms:
a.b.c.d Each of the four numeric parts specifies a byte of the
address; the bytes are assigned in left-to-right order
to produce the binary address.
a.b.c Parts a and b specify the first two bytes of the binary
address. Part c is interpreted as a 16-bit value that
defines the rightmost two bytes of the binary address.
This notation is suitable for specifying (outmoded)
Class B network addresses.
a.b Part a specifies the first byte of the binary address.
Part b is interpreted as a 24-bit value that defines the
rightmost three bytes of the binary address. This
notation is suitable for specifying (outmoded) Class A
network addresses.
a The value a is interpreted as a 32-bit value that is
stored directly into the binary address without any byte
rearrangement.
In all of the above forms, components of the dotted address can be
specified in decimal, octal (with a leading 0), or hexadecimal,
with a leading 0X). Addresses in any of these forms are
collectively termed IPV4 numbers-and-dots notation. The form that
uses exactly four decimal numbers is referred to as IPv4 dotted-
decimal notation (or sometimes: IPv4 dotted-quad notation).
This is just a convention from BSD, and is not even POSIX compliant. However, 'ping 1.1' is a convenient shortcut (actually pings 1.0.0.1). iproute2 and systemd do not use inet_aton and don't follow this BSD4.2 convention and instead parse it as '1.1.0.0' or not at all.
I saw someone ping 127.1 a while back and I was so surprised I didn't know about this even after a few years in networking in the past.
Someone once showed me telnet 0 80. Lots of things should resolve.
(Not to pick on your particular comment, but to highlight a broader issue.)
I feel like convenient shortcuts are becoming hugely inconvenient when a system has hundreds of them. The unlimited amount of unix non-orthogonal options made "for convenience" cannot scale mentally.
> However, 'ping 1.1' is a convenient shortcut (actually pings 1.0.0.1).
Convenient for who!? that one guy that put his home network in 10.0.0 class ?
1.0.0.1 is owned by Cloudflare and is used for their DNS offering. It's likely a reliable 'ping' candidate for checking that your machine has internet access
[0] https://1.0.0.1/
Hey now, what is wrong with 10. class at home ;-)?
I chose 10, for simpler segmentation in my head primarily as I have a lot of devices in my house (10.<grouping/VLAN>.<location>.n), less chance of conflict as devices come online (devices i connect often are coded to 192, VPNs, etc.), helps with my VPNs between my locations.
There is a good chance if you work for company that they will use 10.x for their server stuff.
For similar reason we also steered away from home router area of 192.168.X.X for our company network stuff.
The last shitshow I worked at insisted on 192.168.x.x for their corporate VPN. I'm not sure what they were smoking, but there was no way in hell I was going to reconfigure my entire home network so I could use their shitty VPN, so I just found another way in. Dumbasses.
I suppose you use 172.16/12? :P
We use 10/8 for servers, 172.16/12 for management, 192.168.x (where x is in double/triple digits) for users.
You can also try my tool online which obfuscate an ip address. https://wannabe1337.xyz/text-ipobfuscator
Is there a legitimate reason why to obfuscate an ip address?
To get around something that is otherwise blocking it? Seems useful as part of, for example, pentesting.
On the wire it looks identical. It would have to be a very niche use, like a web form that filters periods.
I'd suggest - SPAM.
For example, I use the presence of IPs in the URL as a SPAM signal. If one used such an obfuscated URL, they could avoid some of the SPAM filters.
You may want to be aware that your banner ad was advertising layer 4/7 most powerful services.
I'm guessing advertising ddos / stressor services.
They know. The link goes to:
hxxps://cybervm[.]io/?wannabe1337.xyz
Another way to encode https://1.0.0.1/
Extending this gets me to https://0xa000001/ which is flagged by chrome as all sorts of evil, even though it's just local address of my cable modem.
alternatively also http://0x01000001
Interestingly enough, I can't copy this to the clipboard on iOS. It automatically converts into http://1.0.0.1/.
You have to write it manually.
Also, https://1.1 and https://1.0.1
Doesn’t load for me with HTTP, only HTTPS. So your link doesn’t work for me.
For me it redirects.
> The free app that makes your Internet safer.
I don't consider anything closed source to be safe.
> 1.1.1.1 with WARP
WTF is WARP
> Your Internet service provider can see every site and app you use—even if they’re encrypted. Some providers even sell this data, or use it to target you with ads.
OK, fantastic, so instead of handing my ISP all my data, I hand it to ... you?
> the fastest DNS resolver on Earth.
I'm pretty sure that the for the 5 full seconds it takes a site like Gmail that saving 9ms on DNS isn't going to change much.
Was more pointing out the numbered hostname, not the service its-self.
16777217 is just the lowest number that corresponds with a routed IP address :)
It's not. 1 is (0.0.0.1)
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/lin...
I mentioned “routed” address, e.g. an address that actually appears on the DFZ. 0.0.0.0/8 is not a range that’s assigned to any RIRs by IANA - it’s reserved for special use.
> I don't consider anything closed source to be safe.
Having the source won't help you in any practical way to verify the security of this online service. The app is just a relatively simple connector to a VPN. You need to trust the service/its operator, and at that point you might as well trust that app too.
> OK, fantastic, so instead of handing my ISP all my data, I hand it to ... you?
Exactly right and fantastic indeed. You have to hand it to someone at some point. Having a choice and choosing something like Warp sounds much better than handing out my data to any random unknown ISP wherever I connect to a wifi (especially if I am visiting foreign countries with somewhat harsher network tracking laws) - and some people don't trust their home ISP too but don't have other options.
I'm happy for you that you have a trustable ISP with good opsec who won't betray you. Not everyone does.
They said "safer" not "perfectly safe".
Doesn't work on Firefox for Android. Edit: as noted in another comment, it works when removing the final dot.
Same with Firefox on Ubuntu
Not working in FF (Desktop stable, win)
It doesn't work on firefox on mac either, but interestingly, if you remove the final period '.': https://16777217 works.
there's a dot at the end of the url when you click on it which breaks it
https://1.0.0.1. works though, so the question is why a final period works for traditionally formatted IPv4 addresses (uint8.uint8.uint8.uint8), but not those formatted as a plain old uint32. If I wasn't jetlagged and a tad drunk I'd dig into it a bit.
I do wonder if there's a typo in the URL that OP intended, because the title is "https://16777217/" whereas the URL is "https://16777217." and . and / are only a key away from each other (at least on my IE/UK ISO layout).
I had to add the trailing period for HN to accept it as a valid URL. However, for me (using Chrome on macOS Monterey), Chrome ignores the period and renders it as "https://16777217/". I thought it would be the same on other browsers. Interesting.
RFC 1034 A fully qualified domain name must have a final dot/period after the tld. Adding the dot to a address that isn't resolved via DNS seems to be confusing the lookup.
Edit: leaving the above despite being untrue save semantically. inet_atom just wants byte order addresses dot separated and adding a trailing dot isn't anticipated and returning a error.
This has been part of POSIX for decades, but not in Golang net yet. :(
I like how variants of this have been discussed on here about 5 times in the last month.
Yes, weird formats that no one has used in about 3 decades (if they even used them then) are still supported. These include just about every way you can think of to encode a 32 bit IP address into between 1-4 groups. Cool.
Did you make a new account just to complain about how you already knew something?
Warp bypassed government blocked sites in my country (the UK - which blocks RT.com as part of war efforts).
I'm not sure how long they'll be able to run such a service till the government tells them they have to implement site blocking.
The UK is fighting a losing battle. Right now they snoop SNI headers and terminate connections to banned websites. But ECH is ready to be rolled out
ECH can't be mandatory as many enterprises (that take security seriously) will block it, so they'll also be able to. No?
Don't most enterprises already use an in house root cert to MITM all https anyway?
It will take years but I believe yes it will. SNI was a big privacy mistake.
Companies just need new solutions . SNI was never a perfect one.
With the speed of bureaucracy, at least 10 years?
I'm in the UK and RT.com loads fine.
does switching to DoH works for you?
No - the sites are blocked by IP address and give ERR_SSL_PROTOCOL_ERROR when attempting to access them.
Very cool, but how does it affect mobile battery life? Is this something I want turned on all the time or best used when traveling?
I want to trust cloudflare here but I am hesitant to enable a VPN on my phone at all times.
Is there any good reason to support this notation for URLs? Do you think this format would be faster to parse than regular IPs?
Its been around since like 1996 at least, likely earlier.
Its A.B.C.D with A255^3 + B255^2 + C255^1 + D255^0.
Used to get around filters a long time ago but broke as most sites host multiple domains and it needs your browsers 'hostname' it sends it as part of the request to actually return the right site/page.
the 255s should be 256.
Thanks. Problem with magic numbers is they change in memory long past.
Nah, pretty sure it's pure netops wankery. I like it though.
Firefox shows the ip address 1.0.0.1 in the "status bar" when I hover that address
Interesting. How is this encoded?
It's just the bits of the ip number interpreted as one 32-bit integer instead of four 8-bit integers.
It's a decimal encoding of 0x01000001 - 1.0.0.1
Its A.B.C.D with A255^3 + B255^2 + C255^1 + D255^0.
Almost. Replace all 255 with 256 in the formula.
similarly, https://1.1
Or, one character shorter: http://ai
Is this maybe the shortest (currently reachable) domain?
Some browsers need a trailing dot - http://ai. - this site was on HN a week or so ago in an article and I guess when they saw the resulting traffic they changed it, used to be the Antilles domain registrar homepage.
With Warp on, youtube does not play anything for me.
How does this work?
IPv4 addresses are 32-bit numbers, the dotted-decimal representation is just a common way to represent those numbers.
In particular inet_aton() function considers a single integer to be the 32bit form. Accepts decimal, octal, and hex. https://linux.die.net/man/3/inet_aton
> ping 1.1
lol, cool
What’s the diff between 1.1.1.1 and 1.0.0.1 ?
0.1.1.0? :P
1.0.0.1 is faster to write because most places will accept the spelling 1.1 (which is {u8}.{u24} formatting).
They're two distinct IP addresses, but both are anycasted CloudFlare public DNS.
They are the same and redundant fallbacks to each other
At home, when accessing my gw, I always use "ssh foo@10.1" to access 10.0.0.1.
65,792