Curly braces in a URL

Posted on


Often I have came across URLS like the following:{7B643FB915-845C-4A76-A071-677D62157FE07D}.htm

Do the curly braces in the URL above indicate some kind of attempt to access the registry, or is that a legitimate URL? It looks kind of suspicious to me.


That’s just a GUID, a randomly-generated string that’s unique to roughly 1 in 4 billion. Could be anything, but a hacker would probably use a less suspicious URL.

No, { } are legitimate characters to have an a URL, although it probably should be escaped, so{7B643FB915-845C-4A76-A071-677D62157FE07D}.htm

..should technically be:

(where %7B and %7D are the URL encoded equivalents to { and })

There’s nothing evil about the symbols, nor the {7B643FB915-845C-4A76-A071-677D62157FE07D} string. As tsilb says, it is a GUID (Globally Unique Identifier) – a standardised way of generating random/unique strings.

It’s no different to URL like

Leave a Reply

Your email address will not be published. Required fields are marked *