Clarifying oilman's post a bit, @ in an http URL does mean something, it's just that nobody uses it the way it's meant.
According to RFC 1738 (and its relatives), URLs that "involve the direct use of an IP-based protocol to a specified host on the Internet" use the same basic syntax:
with user, password, and port optional, so [firstname.lastname@example.org...] is supposed to mean that someone with the login ID "sample" is trying to login into domain.com. (If domain.com actually does require authentication, it should ask for sample's password.)
Of course, nobody uses it that way, so it's mostly just a way to show off. (If you own your own domain, tell your friends to just type your e-mail address into the browser's address bar.) It's a parlor trick, nothing more.
This "trick" is also used in email spam a lot, where crooks will use URLs like
(where the part after @ is actually encoded, or so long it rolls off the screen) to make people think they're clicking on Microsoft's link when they're really going to example.com. That's a dirty trick, nothing more.