And follow it up with calls asking them to sign up for Google services?! - Handheld On Jan 14, 2012 1:53 PM, "Udhay Shankar N" <[email protected]> wrote:
> On 14-Jan-12 12:28 AM, Thaths wrote: > >> A former colleague of mine recently wrote this: > >> > > >> > http://blog.mocality.co.ke/2012/01/13/google-what-were-you-thinking/ > > https://plus.google.com/u/0/115264064268941645500/posts/WfALKwfmCGJ > > From the post linked above by Thaths, one comment is particularly > interesting: > > <quote> > Richard Wooding - I did some analysis and it pretty easy to perform an > HTTP request with a google IP address by sending your request via Google > Cache. > > > I read the forensic analysis with some interest, but to be honest it was > not convincing to me. I thought: “is there a way I can scrape pages” and > “make sure the IP addresses come from a google ip”. > > And it turns out there is, at least from my browser. > > I proxied my queries via google cache – which you can do by using the > query string cache:. > > In my test I used cache:whatismyip.com > > Which resulted in the following URL for me: > > > http://webcache.googleusercontent.com/search?sclient=psy-ab&hl=en&biw=1270&bih=726&source=hp&q=cache%3Awhatismyip.com&pbx=1&oq=cache%3Awhatismyip.com&aq=f&aqi=g4&aql=&gs_sm=e&gs_upl=1357l8049l0l8315l22l5l0l0l0l0l331l1446l2-2.3l5l0 > > I then noted the requesting IP and did a lookup on it, and this was my > result: > > Additional whois information for 66.249.71.37: > > [Querying whois.arin.net] > [whois.arin.net] > # > # Query terms are ambiguous. The query is assumed to be: > # “n 66.249.71.37″ > # > # Use “?” to get help. > # > # > # The following results may also be obtained via: > # > > http://whois.arin.net/rest/nets;q=66.249.71.37?showDetails=true&showARIN=false&ext=netref2 > # > NetRange: 66.249.64.0 – 66.249.95.255 > CIDR: 66.249.64.0/19 > OriginAS: > NetName: GOOGLE > NetHandle: NET-66-249-64-0-1 > Parent: NET-66-0-0-0-0 > NetType: Direct Allocation > RegDate: 2004-03-05 > Updated: 2007-04-10 > Ref: http://whois.arin.net/rest/net/NET-66-249-64-0-1 > OrgName: Google Inc. > OrgId: GOGL > Address: 1600 Amphitheatre Parkway > City: Mountain View > StateProv: CA > PostalCode: 94043 > Country: US > RegDate: 2000-03-30 > Updated: 2011-09-24 > Ref: http://whois.arin.net/rest/org/GOGL > OrgTechHandle: ZG39-ARIN > OrgTechName: Google Inc > OrgTechPhone: +1-650-253-0000 > OrgTechEmail: [email protected] > OrgTechRef: http://whois.arin.net/rest/poc/ZG39-ARIN > OrgAbuseHandle: ZG39-ARIN > OrgAbuseName: Google Inc > OrgAbusePhone: +1-650-253-0000 > OrgAbuseEmail: [email protected] > OrgAbuseRef: http://whois.arin.net/rest/poc/ZG39-ARIN > # > # ARIN WHOIS data and services are subject to the Terms of Use > # available at: https://www.arin.net/whois_tou.html > # > > So if I can do it, what stops any random group from doing it? > > I am not convinced by the forensic data. > </quote> > -- > ((Udhay Shankar N)) ((udhay @ pobox.com)) ((www.digeratus.com)) > >
