10

Recently links shared to me from IOS users using the google app have been obfuscated with search.app/SOMEUNIQUECODE where the app redirects to the originally intended website, but, of course, the person clicking the link is revealed to the owners of search.app.

Does anyone have IOS + google and can confirm this behavior? search.app has no home page and no documentation or reporting about it that I could find (other than that it's a firebase app). The domain was registered to MarkMonitor Inc. in September of last year. But It's not clear to me what MarkMonitor's business actually is–it seems like they could just have registered it on behalf of someone.

top 2 comments
sorted by: hot top controversial new old
[-] sugar_in_your_tea@sh.itjust.works 6 points 3 months ago

Yes, it's Google:

Registrant Organization: Google LLC

You can get more details if you run whois on your machine (this is about half of the output):

refer:        whois.nic.google

domain:       APP

organisation: Charleston Road Registry Inc.
address:      1600 Amphitheatre Parkway
address:      Mountain View CA 94043
address:      United States of America (the)

contact:      administrative
name:         TLD Admin
organisation: Google Inc.
address:      111 8th Avenue
address:      New York NY 10011
address:      United States of America (the)
phone:        +1 404 978 8419
fax-no:       +1 650 492 5631
e-mail:       iana-contact@google.com

contact:      technical
name:         TLD Engineering
organisation: Google Inc
address:      76 Ninth Avenue, 4th Floor
address:      New York NY 10011
address:      United States of America (the)
phone:        +1 404 978 8419
fax-no:       +1 650 492 5631
e-mail:       crr-tech@google.com

nserver:      NS-TLD1.CHARLESTONROADREGISTRY.COM 2001:4860:4802:32:0:0:0:69 216.239.32.105
nserver:      NS-TLD2.CHARLESTONROADREGISTRY.COM 2001:4860:4802:34:0:0:0:69 216.239.34.105
nserver:      NS-TLD3.CHARLESTONROADREGISTRY.COM 2001:4860:4802:36:0:0:0:69 216.239.36.105
nserver:      NS-TLD4.CHARLESTONROADREGISTRY.COM 2001:4860:4802:38:0:0:0:69 216.239.38.105
nserver:      NS-TLD5.CHARLESTONROADREGISTRY.COM 2001:4860:4805:0:0:0:0:69 216.239.60.105
ds-rdata:     23684 8 2 3a5cc8a31e02c94aba6461912fabb7e9f5e34957bb6114a55a864d96aec31836

whois:        whois.nic.google

status:       ACTIVE
remarks:      Registration information: https://www.registry.google

created:      2015-06-25
changed:      2020-04-20
source:       IANA
[-] towerful@programming.dev 3 points 3 months ago

TL;dr:
My discovery process is kinda listed below.
https://www.slashgear.com/google-android-app-beta-makes-it-easier-to-share-search-results-20581224


MarkMonitor.

Corporate Domain Management

Your brand portfolio is exceptional. Shouldn’t your domain management service be the same?

Looks like they are a domain squatter, buying up domains and selling them at ridiculous prices.
They have a page showing some domains they have for sale https://www.markmonitor.com/domains-for-sale/top-level-domains/
But I don't see search.app listed. Doesn't mean they don't own it tho, or perhaps they managed the acquisition of it.
It's strange, because it seems like Google Domains is the registrant:
Registrant Organization: Google LLC.
Maybe MarkMonitor owned it and leased it to Google?

search.app.goo.gl probably also points to the same firebase app: https://websecblog.com/vulns/bypassing-firebase-authorization-to-create-custom-goo-gl-subdomains/

Both the Google subdomain and the TLD point to firebase hosting.

Firebase is essentially free hosting (and some Backend as a Service things).
I can't find any details on who is behind it tho, and I don't think there is any way to publicly find those details.
I'm guessing it's some sort of link obfuscation or shortener service.

It might be that it is an official Google service for their apps, which is why they are the registrant.

Ah, found something:

https://www.slashgear.com/google-android-app-beta-makes-it-easier-to-share-search-results-20581224

this post was submitted on 15 Aug 2024
10 points (91.7% liked)

privacy

3014 readers
24 users here now

Big tech and governments are monitoring and recording your eating activities. c/Privacy provides tips and tricks to protect your privacy against global surveillance.

Partners:

founded 2 years ago
MODERATORS