On 14-Jan-12 12:28 AM, Thaths wrote: >> A former colleague of mine recently wrote this: >> > >> > http://blog.mocality.co.ke/2012/01/13/google-what-were-you-thinking/ > https://plus.google.com/u/0/115264064268941645500/posts/WfALKwfmCGJ
>From the post linked above by Thaths, one comment is particularly interesting: <quote> Richard Wooding - I did some analysis and it pretty easy to perform an HTTP request with a google IP address by sending your request via Google Cache. I read the forensic analysis with some interest, but to be honest it was not convincing to me. I thought: “is there a way I can scrape pages” and “make sure the IP addresses come from a google ip”. And it turns out there is, at least from my browser. I proxied my queries via google cache – which you can do by using the query string cache:. In my test I used cache:whatismyip.com Which resulted in the following URL for me: http://webcache.googleusercontent.com/search?sclient=psy-ab&hl=en&biw=1270&bih=726&source=hp&q=cache%3Awhatismyip.com&pbx=1&oq=cache%3Awhatismyip.com&aq=f&aqi=g4&aql=&gs_sm=e&gs_upl=1357l8049l0l8315l22l5l0l0l0l0l331l1446l2-2.3l5l0 I then noted the requesting IP and did a lookup on it, and this was my result: Additional whois information for 66.249.71.37: [Querying whois.arin.net] [whois.arin.net] # # Query terms are ambiguous. The query is assumed to be: # “n 66.249.71.37″ # # Use “?” to get help. # # # The following results may also be obtained via: # http://whois.arin.net/rest/nets;q=66.249.71.37?showDetails=true&showARIN=false&ext=netref2 # NetRange: 66.249.64.0 – 66.249.95.255 CIDR: 66.249.64.0/19 OriginAS: NetName: GOOGLE NetHandle: NET-66-249-64-0-1 Parent: NET-66-0-0-0-0 NetType: Direct Allocation RegDate: 2004-03-05 Updated: 2007-04-10 Ref: http://whois.arin.net/rest/net/NET-66-249-64-0-1 OrgName: Google Inc. OrgId: GOGL Address: 1600 Amphitheatre Parkway City: Mountain View StateProv: CA PostalCode: 94043 Country: US RegDate: 2000-03-30 Updated: 2011-09-24 Ref: http://whois.arin.net/rest/org/GOGL OrgTechHandle: ZG39-ARIN OrgTechName: Google Inc OrgTechPhone: +1-650-253-0000 OrgTechEmail: arin-cont...@google.com OrgTechRef: http://whois.arin.net/rest/poc/ZG39-ARIN OrgAbuseHandle: ZG39-ARIN OrgAbuseName: Google Inc OrgAbusePhone: +1-650-253-0000 OrgAbuseEmail: arin-cont...@google.com OrgAbuseRef: http://whois.arin.net/rest/poc/ZG39-ARIN # # ARIN WHOIS data and services are subject to the Terms of Use # available at: https://www.arin.net/whois_tou.html # So if I can do it, what stops any random group from doing it? I am not convinced by the forensic data. </quote> -- ((Udhay Shankar N)) ((udhay @ pobox.com)) ((www.digeratus.com))
