Probes from bc.googleusercontent.com

googleusercontent.com is a domain owned  by Google.  Users can use Goggle API to run programs and scripts.  And naturally some abuse this privilege. 

The following information obtained using WHOIS Search for Domain Registration Information Network Solutions explains that you need to use [email protected] if you want to complain:

NetRange:       173.255.112.0 - 173.255.127.255
CIDR:           173.255.112.0/20
NetName:        GOOGLE-CLOUD
NetHandle:      NET-173-255-112-0-1
Parent:         NET173 (NET-173-0-0-0-0)
NetType:        Direct Allocation
OriginAS:       AS15169
Organization:   Google Inc. (GOOGL-2)
RegDate:        2010-07-15
Updated:        2015-09-21
Ref:            http://whois.arin.net/rest/net/NET-173-255-112-0-1

OrgName:        Google Inc.
OrgId:          GOOGL-2
Address:        1600 Amphitheatre Parkway
City:           Mountain View
StateProv:      CA
PostalCode:     94043
Country:        US
RegDate:        2006-09-29
Updated:        2015-09-21
Ref:            http://whois.arin.net/rest/org/GOOGL-2


OrgAbuseHandle: GCABU-ARIN
OrgAbuseName:   GC Abuse
OrgAbusePhone:  +1-650-253-0000 
OrgAbuseEmail:  [email protected]
OrgAbuseRef:    http://whois.arin.net/rest/poc/GCABU-ARIN

OrgNOCHandle: GCABU-ARIN
OrgNOCName:   GC Abuse
OrgNOCPhone:  +1-650-253-0000 
OrgNOCEmail:  [email protected]
OrgNOCRef:    http://whois.arin.net/rest/poc/GCABU-ARIN

OrgTechHandle: ZG39-ARIN
OrgTechName:   Google Inc
OrgTechPhone:  +1-650-253-0000 
OrgTechEmail:  [email protected]
OrgTechRef:    http://whois.arin.net/rest/poc/ZG39-ARIN

Recently avalanche of probes was coming from this domain:

Processing Dec-2015.gz
Total records read in: 1027739

# 173.255.115.118 (118.115.255.173.bc.googleusercontent.com) 437 hits (437/437 probes). Of them none OK, POSTS= PHP=437 SHTML_trail=10
deny from 173.255.115.118

         //admin/categories.php/login.php?cPath=&action=new_product_preview : 145 hits
         shtml/=10
         php=437
         HTTP Codes
                 500=437

# 104.196.3.74 (74.3.196.104.bc.googleusercontent.com) 376 hits (376/376 probes). Of them none OK, POSTS= PHP=376 SHTML_trail=12
deny from 104.196.3.74

         //admin/categories.php/login.php?cPath=&action=new_product_preview : 124 hits
         php=376
         shtml/=12
         HTTP Codes
                 500=376

# 104.155.73.64 (64.73.155.104.bc.googleusercontent.com) 358 hits (358/358 probes). Of them none OK, POSTS= PHP=358 SHTML_trail=12
deny from 104.155.73.64

         //admin/categories.php/login.php?cPath=&action=new_product_preview : 118 hits
         shtml/=12
         php=358
         HTTP Codes
                 500=358

# 104.196.22.171 (171.22.196.104.bc.googleusercontent.com) 348 hits (348/348 probes). Of them none OK, POSTS= PHP=348 SHTML_trail=14
deny from 104.196.22.171

         //admin/categories.php/login.php?cPath=&action=new_product_preview : 116 hits
         shtml/=14
         php=348
         HTTP Codes
                 500=348

# 104.196.35.124 (124.35.196.104.bc.googleusercontent.com) 338 hits (338/338 probes). Of them none OK, POSTS= PHP=338 SHTML_trail=12
deny from 104.196.35.124

         //admin/categories.php/login.php?cPath=&action=new_product_preview : 112 hits
         shtml/=12
         php=338
         HTTP Codes
                 500=338

# 130.211.78.88 (88.78.211.130.bc.googleusercontent.com) 337 hits (337/337 probes). Of them none OK, POSTS= PHP=337 SHTML_trail=9
deny from 130.211.78.88

         //admin/categories.php/login.php?cPath=&action=new_product_preview : 111 hits
         shtml/=9
         php=337
         HTTP Codes
                 500=337

# 104.197.26.75 (75.26.197.104.bc.googleusercontent.com) 337 hits (337/337 probes). Of them none OK, POSTS= PHP=337 SHTML_trail=22
deny from 104.197.26.75

         //admin/categories.php/login.php?cPath=&action=new_product_preview : 111 hits
         shtml/=22
         php=337
         HTTP Codes
                 500=337

# 104.155.225.14 (14.225.155.104.bc.googleusercontent.com) 335 hits (335/335 probes). Of them none OK, POSTS= PHP=335 SHTML_trail=13
deny from 104.155.225.14

         //admin/categories.php/login.php?cPath=&action=new_product_preview : 112 hits
         shtml/=13
         php=335
         HTTP Codes
                 500=335

# 107.167.191.18 (18.191.167.107.bc.googleusercontent.com) 331 hits (331/331 probes). Of them none OK, POSTS= PHP=331 SHTML_trail=17
deny from 107.167.191.18

         //admin/categories.php/login.php?cPath=&action=new_product_preview : 110 hits
         shtml/=17
         php=331
         HTTP Codes
                 500=331

# 104.155.48.24 (24.48.155.104.bc.googleusercontent.com) 330 hits (330/330 probes). Of them none OK, POSTS= PHP=330 SHTML_trail=15
deny from 104.155.48.24

         //admin/categories.php/login.php?cPath=&action=new_product_preview : 108 hits
         php=330
         shtml/=15
         HTTP Codes
                 500=330

# 130.211.173.112 (112.173.211.130.bc.googleusercontent.com) 326 hits (326/326 probes). Of them none OK, POSTS= PHP=326 SHTML_trail=11
deny from 130.211.173.112

         //admin/categories.php/login.php?cPath=&action=new_product_preview : 108 hits
         php=326
         shtml/=11
         HTTP Codes
                 500=326

# 104.155.13.88 (88.13.155.104.bc.googleusercontent.com) 96 hits (96/96 probes). Of them none OK, POSTS= PHP=96 SHTML_trail=3
deny from 104.155.13.88

         //admin/categories.php/login.php?cPath=&action=new_product_preview : 30 hits
         shtml/=3
         php=96
         HTTP Codes
                 500=96

# 130.211.156.179 (179.156.211.130.bc.googleusercontent.com) 90 hits (90/90 probes). Of them none OK, POSTS= PHP=90 SHTML_trail=4
deny from 130.211.156.179

         //admin/categories.php/login.php?cPath=&action=new_product_preview : 30 hits
         shtml/=4
         php=90
         HTTP Codes
                 500=90

# 104.155.69.210 (210.69.155.104.bc.googleusercontent.com) 85 hits (85/85 probes). Of them none OK, POSTS= PHP=85 SHTML_trail=2
deny from 104.155.69.210

         //admin/categories.php/login.php?cPath=&action=new_product_preview : 27 hits
         php=85
         shtml/=2
         HTTP Codes
                 500=85

# 104.155.61.140 (140.61.155.104.bc.googleusercontent.com) 75 hits (75/75 probes). Of them none OK, POSTS= PHP=75 SHTML_trail=
deny from 104.155.61.140

         //admin/categories.php/login.php?cPath=&action=new_product_preview : 23 hits
         php=75
         HTTP Codes
                 500=75

# 104.196.20.109 (109.20.196.104.bc.googleusercontent.com) 75 hits (75/75 probes). Of them none OK, POSTS= PHP=75 SHTML_trail=1
deny from 104.196.20.109

         /WWW/HTTP_log_analysis//admin/categories.php/login.php?cPath=&action=new_product_preview : 25 hits
         shtml/=1
         php=75
         HTTP Codes
                 500=75

# 130.211.249.70 (70.249.211.130.bc.googleusercontent.com) 74 hits (74/74 probes). Of them none OK, POSTS= PHP=74 SHTML_trail=2
deny from 130.211.249.70

         //admin/categories.php/login.php?cPath=&action=new_product_preview : 24 hits
         shtml/=2
         php=74
         HTTP Codes
                 500=74

# 8.35.197.108 (108.197.35.8.bc.googleusercontent.com) 72 hits (72/72 probes). Of them none OK, POSTS= PHP=72 SHTML_trail=2
deny from 8.35.197.108

         //admin/categories.php/login.php?cPath=&action=new_product_preview : 24 hits
         php=72
         shtml/=2
         HTTP Codes
                 500=72

# 104.196.2.209 (209.2.196.104.bc.googleusercontent.com) 72 hits (72/72 probes). Of them none OK, POSTS= PHP=72 SHTML_trail=3
deny from 104.196.2.209

         /WWW/HTTP_log_analysis//admin/categories.php/login.php?cPath=&action=new_product_preview : 24 hits
         shtml/=3
         php=72
         HTTP Codes
                 500=72

# 104.199.143.187 (187.143.199.104.bc.googleusercontent.com) 70 hits (70/70 probes). Of them none OK, POSTS= PHP=70 SHTML_trail=1
deny from 104.199.143.187

         //admin/categories.php/login.php?cPath=&action=new_product_preview : 22 hits
         shtml/=1
         php=70
         HTTP Codes
                 500=70

# 104.196.1.39 (39.1.196.104.bc.googleusercontent.com) 66 hits (66/66 probes). Of them none OK, POSTS= PHP=66 SHTML_trail=3
deny from 104.196.1.39

         //admin/categories.php/login.php?cPath=&action=new_product_preview : 22 hits
         shtml/=3
         php=66
         HTTP Codes
                 500=66

# 146.148.58.13 (13.58.148.146.bc.googleusercontent.com) 63 hits (63/63 probes). Of them none OK, POSTS= PHP=63 SHTML_trail=3
deny from 146.148.58.13

         //admin/categories.php/login.php?cPath=&action=new_product_preview : 21 hits
         shtml/=3
         php=63
         HTTP Codes
                 500=63

# 104.199.130.118 (118.130.199.104.bc.googleusercontent.com) 48 hits (48/48 probes). Of them none OK, POSTS= PHP=48 SHTML_trail=5
deny from 104.199.130.118

         //admin/categories.php/login.php?cPath=&action=new_product_preview : 16 hits
         shtml/=5
         php=48
         HTTP Codes
                 500=48

# 104.155.72.73 (73.72.155.104.bc.googleusercontent.com) 42 hits (42/42 probes). Of them none OK, POSTS= PHP=42 SHTML_trail=2
deny from 104.155.72.73

         //admin/categories.php/login.php?cPath=&action=new_product_preview : 14 hits
         shtml/=2
         php=42
         HTTP Codes
                 500=42

# 104.155.31.3 (3.31.155.104.bc.googleusercontent.com) 39 hits (39/39 probes). Of them none OK, POSTS= PHP=39 SHTML_trail=3
deny from 104.155.31.3

         //admin/categories.php/login.php?cPath=&action=new_product_preview : 13 hits
         php=39
         shtml/=3
         HTTP Codes
                 500=39

# 162.222.176.249 (249.176.222.162.bc.googleusercontent.com) 39 hits (39/39 probes). Of them none OK, POSTS= PHP=39 SHTML_trail=1
deny from 162.222.176.249

         //admin/categories.php/login.php?cPath=&action=new_product_preview : 13 hits
         shtml/=1
         php=39
         HTTP Codes
                 500=39

# 104.155.29.159 (159.29.155.104.bc.googleusercontent.com) 36 hits (36/36 probes). Of them none OK, POSTS= PHP=36 SHTML_trail=2
deny from 104.155.29.159

         //admin/categories.php/login.php?cPath=&action=new_product_preview : 12 hits
         php=36
         shtml/=2
         HTTP Codes
                 500=36

# 104.155.212.215 (215.212.155.104.bc.googleusercontent.com) 35 hits (35/35 probes). Of them none OK, POSTS= PHP=35 SHTML_trail=4
deny from 104.155.212.215

         //admin/categories.php/login.php?cPath=&action=new_product_preview : 11 hits
         shtml/=4
         php=35
         HTTP Codes
                 500=35

# 104.155.204.34 (34.204.155.104.bc.googleusercontent.com) 33 hits (33/33 probes). Of them none OK, POSTS= PHP=33 SHTML_trail=1
deny from 104.155.204.34

         //admin/categories.php/login.php?cPath=&action=new_product_preview : 11 hits
         php=33
         shtml/=1
         HTTP Codes
                 500=33

# 104.197.25.169 (169.25.197.104.bc.googleusercontent.com) 33 hits (33/33 probes). Of them none OK, POSTS= PHP=33 SHTML_trail=1
deny from 104.197.25.169

         //admin/categories.php/login.php?cPath=&action=new_product_preview : 11 hits
         php=33
         shtml/=1
         HTTP Codes
                 500=33

# 104.155.213.192 (192.213.155.104.bc.googleusercontent.com) 33 hits (33/33 probes). Of them none OK, POSTS= PHP=33 SHTML_trail=3
deny from 104.155.213.192

         //admin/categories.php/login.php?cPath=&action=new_product_preview : 11 hits
         php=33
         shtml/=3
         HTTP Codes
                 500=33

# 130.211.136.110 (110.136.211.130.bc.googleusercontent.com) 30 hits (30/30 probes). Of them none OK, POSTS= PHP=30 SHTML_trail=
deny from 130.211.136.110

         //admin/categories.php/login.php?cPath=&action=new_product_preview : 10 hits
         php=30
         HTTP Codes
                 500=30

Here is a sample of requests

104.196.3.74 - - [08/Dec/2015:01:34:38 +0000] "GET /WWW/HTTP_log_analysis//admin/categories.php/login.php?cPath=&action=new_product_preview HTTP/1.1" 500 - "-" "libwww-perl/5.833"
104.196.3.74 - - [08/Dec/2015:01:34:38 +0000] "GET //admin/categories.php/login.php?cPath=&action=new_product_preview HTTP/1.1" 500 - "-" "libwww-perl/5.833"
104.196.3.74 - - [08/Dec/2015:01:34:39 +0000] "GET /WWW//admin/categories.php/login.php?cPath=&action=new_product_preview HTTP/1.1" 500 - "-" "libwww-perl/5.833"
104.196.3.74 - - [08/Dec/2015:02:00:47 +0000] "GET /WWW/HTTP_log_analysis//admin/categories.php/login.php?cPath=&action=new_product_preview HTTP/1.1" 500 - "-" "libwww-perl/5.833"
104.196.3.74 - - [08/Dec/2015:02:00:47 +0000] "GET //admin/categories.php/login.php?cPath=&action=new_product_preview HTTP/1.1" 500 - "-" "libwww-perl/5.833"
104.196.3.74 - - [08/Dec/2015:02:00:47 +0000] "GET /WWW//admin/categories.php/login.php?cPath=&action=new_product_preview HTTP/1.1" 500 - "-" "libwww-perl/5.833"
104.196.3.74 - - [08/Dec/2015:02:09:33 +0000] "GET /WWW/HTTP_log_analysis//admin/categories.php/login.php?cPath=&action=new_product_preview HTTP/1.1" 500 - "-" "libwww-perl/5.833"
104.196.3.74 - - [08/Dec/2015:02:09:33 +0000] "GET //admin/categories.php/login.php?cPath=&action=new_product_preview HTTP/1.1" 500 - "-" "libwww-perl/5.833"
104.196.3.74 - - [08/Dec/2015:02:09:33 +0000] "GET /WWW//admin/categories.php/login.php?cPath=&action=new_product_preview HTTP/1.1" 500 - "-" "libwww-perl/5.833"
104.196.3.74 - - [08/Dec/2015:02:12:43 +0000] "GET /About/Stats//admin/categories.php/login.php?cPath=&action=new_product_preview HTTP/1.1" 500 - "-" "libwww-perl/5.833"
104.196.3.74 - - [08/Dec/2015:02:12:43 +0000] "GET //admin/categories.php/login.php?cPath=&action=new_product_preview HTTP/1.1" 500 - "-" "libwww-perl/5.833"
104.196.3.74 - - [08/Dec/2015:02:12:43 +0000] "GET /About//admin/categories.php/login.php?cPath=&action=new_product_preview HTTP/1.1" 500 - "-" "libwww-perl/5.833"
104.196.3.74 - - [08/Dec/2015:02:16:09 +0000] "GET /WWW/HTTP_log_analysis//admin/categories.php/login.php?cPath=&action=new_product_preview HTTP/1.1" 500 - "-" "libwww-perl/5.833"
104.196.3.74 - - [08/Dec/2015:02:16:09 +0000] "GET //admin/categories.php/login.php?cPath=&action=new_product_preview HTTP/1.1" 500 - "-" "libwww-perl/5.833"
104.196.3.74 - - [08/Dec/2015:02:16:09 +0000] "GET /WWW//admin/categories.php/login.php?cPath=&action=new_product_preview HTTP/1.1" 500 - "-" "libwww-perl/5.833"
104.196.3.74 - - [08/Dec/2015:02:27:20 +0000] "GET /WWW/HTTP_log_analysis//admin/categories.php/login.php?cPath=&action=new_product_preview HTTP/1.1" 500 - "-" "libwww-perl/5.833"
104.196.3.74 - - [08/Dec/2015:02:27:20 +0000] "GET //admin/categories.php/login.php?cPath=&action=new_product_preview HTTP/1.1" 500 - "-" "libwww-perl/5.833"
104.196.3.74 - - [08/Dec/2015:02:27:20 +0000] "GET /WWW//admin/categories.php/login.php?cPath=&action=new_product_preview HTTP/1.1" 500 - "-" "libwww-perl/5.833"
104.196.3.74 - - [08/Dec/2015:02:40:10 +0000] "GET /WWW/HTTP_log_analysis//admin/categories.php/login.php?cPath=&action=new_product_preview HTTP/1.1" 500 - "-" "libwww-perl/5.833"
104.196.3.74 - - [08/Dec/2015:02:40:11 +0000] "GET //admin/categories.php/login.php?cPath=&action=new_product_preview HTTP/1.1" 500 - "-" "libwww-perl/5.833"
104.196.3.74 - - [08/Dec/2015:02:40:11 +0000] "GET /WWW//admin/categories.php/login.php?cPath=&action=new_product_preview HTTP/1.1" 500 - "-" "libwww-perl/5.833"
104.196.3.74 - - [08/Dec/2015:02:40:14 +0000] "GET /WWW/HTTP_log_analysis//admin/categories.php/login.php?cPath=&action=new_product_preview HTTP/1.1" 500 - "-" "libwww-perl/5.833"
104.196.3.74 - - [08/Dec/2015:02:40:14 +0000] "GET //admin/categories.php/login.php?cPath=&action=new_product_preview HTTP/1.1" 500 - "-" "libwww-perl/5.833"
104.196.3.74 - - [08/Dec/2015:02:40:15 +0000] "GET /WWW//admin/categories.php/login.php?cPath=&action=new_product_preview HTTP/1.1" 500 - "-" "libwww-perl/5.833"
104.196.3.74 - - [08/Dec/2015:02:43:19 +0000] "GET /WWW/HTTP_log_analysis//admin/categories.php/login.php?cPath=&action=new_product_preview HTTP/1.1" 500 - "-" "libwww-perl/5.833"
104.196.3.74 - - [08/Dec/2015:02:43:19 +0000] "GET //admin/categories.php/login.php?cPath=&action=new_product_preview HTTP/1.1" 500 - "-" "libwww-perl/5.833"
104.196.3.74 - - [08/Dec/2015:02:43:19 +0000] "GET /WWW//admin/categories.php/login.php?cPath=&action=new_product_preview HTTP/1.1" 500 - "-" "libwww-perl/5.833"
104.196.3.74 - - [08/Dec/2015:02:47:33 +0000] "GET /WWW/HTTP_log_analysis/requests_for_nonexisting_web_pages.shtml//admin/categories.php/login.php?cPath=&action=new_product_preview HTTP/1.1" 500 - "-" "libwww-perl/5.833"
104.196.3.74 - - [08/Dec/2015:02:47:33 +0000] "GET //admin/categories.php/login.php?cPath=&action=new_product_preview HTTP/1.1" 500 - "-" "libwww-perl/5.833"
104.196.3.74 - - [08/Dec/2015:02:47:33 +0000] "GET /WWW/HTTP_log_analysis//admin/categories.php/login.php?cPath=&action=new_product_preview HTTP/1.1" 500 - "-" "libwww-perl/5.833"
104.196.3.74 - - [08/Dec/2015:02:48:02 +0000] "GET /WWW/HTTP_log_analysis//admin/categories.php/login.php?cPath=&action=new_product_preview HTTP/1.1" 500 - "-" "libwww-perl/5.833"
104.196.3.74 - - [08/Dec/2015:02:48:02 +0000] "GET //admin/categories.php/login.php?cPath=&action=new_product_preview HTTP/1.1" 500 - "-" "libwww-perl/5.833"
104.196.3.74 - - [08/Dec/2015:02:48:02 +0000] "GET /WWW//admin/categories.php/login.php?cPath=&action=new_product_preview HTTP/1.1" 500 - "-" "libwww-perl/5.833"
104.196.3.74 - - [08/Dec/2015:02:54:50 +0000] "GET /WWW/HTTP_log_analysis//admin/categories.php/login.php?cPath=&action=new_product_preview HTTP/1.1" 500 - "-" "libwww-perl/5.833"
104.196.3.74 - - [08/Dec/2015:02:54:50 +0000] "GET //admin/categories.php/login.php?cPath=&action=new_product_preview HTTP/1.1" 500 - "-" "libwww-perl/5.833"
104.196.3.74 - - [08/Dec/2015:02:54:50 +0000] "GET /WWW//admin/categories.php/login.php?cPath=&action=new_product_preview HTTP/1.1" 500 - "-" "libwww-perl/5.833"
104.196.3.74 - - [08/Dec/2015:03:02:48 +0000] "GET /WWW/HTTP_log_analysis//admin/categories.php/login.php?cPath=&action=new_product_preview HTTP/1.1" 500 - "-" "libwww-perl/5.833"
104.196.3.74 - - [08/Dec/2015:03:02:48 +0000] "GET //admin/categories.php/login.php?cPath=&action=new_product_preview HTTP/1.1" 500 - "-" "libwww-perl/5.833"
104.196.3.74 - - [08/Dec/2015:03:02:48 +0000] "GET /WWW//admin/categories.php/login.php?cPath=&action=new_product_preview HTTP/1.1" 500 - "-" "libwww-perl/5.833"
104.196.3.74 - - [08/Dec/2015:03:13:55 +0000] "GET /WWW/HTTP_log_analysis//admin/categories.php/login.php?cPath=&action=new_product_preview HTTP/1.1" 500 - "-" "libwww-perl/5.833"
104.196.3.74 - - [08/Dec/2015:03:13:55 +0000] "GET //admin/categories.php/login.php?cPath=&action=new_product_preview HTTP/1.1" 500 - "-" "libwww-perl/5.833"
104.196.3.74 - - [08/Dec/2015:03:13:55 +0000] "GET /WWW//admin/categories.php/login.php?cPath=&action=new_product_preview HTTP/1.1" 500 - "-" "libwww-perl/5.833"
104.196.3.74 - - [08/Dec/2015:03:25:58 +0000] "GET /WWW/HTTP_log_analysis/requests_for_nonexisting_web_pages.shtml//admin/categories.php/login.php?cPath=&action=new_product_preview HTTP/1.1" 500 - "-" "libwww-perl/5.833"
104.196.3.74 - - [08/Dec/2015:03:25:58 +0000] "GET //admin/categories.php/login.php?cPath=&action=new_product_preview HTTP/1.1" 500 - "-" "libwww-perl/5.833"
104.196.3.74 - - [08/Dec/2015:03:25:58 +0000] "GET /WWW/HTTP_log_analysis//admin/categories.php/login.php?cPath=&action=new_product_preview HTTP/1.1" 500 - "-" "libwww-perl/5.833"
104.196.3.74 - - [08/Dec/2015:03:27:25 +0000] "GET /WWW/HTTP_log_analysis//admin/categories.php/login.php?cPath=&action=new_product_preview HTTP/1.1" 500 - "-" "libwww-perl/5.833"
104.196.3.74 - - [08/Dec/2015:03:27:25 +0000] "GET //admin/categories.php/login.php?cPath=&action=new_product_preview HTTP/1.1" 500 - "-" "libwww-perl/5.833"
104.196.3.74 - - [08/Dec/2015:03:27:25 +0000] "GET /WWW//admin/categories.php/login.php?cPath=&action=new_product_preview HTTP/1.1" 500 - "-" "libwww-perl/5.833"
104.196.3.74 - - [08/Dec/2015:03:47:18 +0000] "GET /WWW/HTTP_log_analysis//admin/categories.php/login.php?cPath=&action=new_product_preview HTTP/1.1" 500 - "-" "libwww-perl/5.833"
104.196.3.74 - - [08/Dec/2015:03:47:19 +0000] "GET //admin/categories.php/login.php?cPath=&action=new_product_preview HTTP/1.1" 500 - "-" "libwww-perl/5.833"
104.196.3.74 - - [08/Dec/2015:03:47:19 +0000] "GET /WWW//admin/categories.php/login.php?cPath=&action=new_product_preview HTTP/1.1" 500 - "-" "libwww-perl/5.833"
104.196.3.74 - - [08/Dec/2015:03:51:09 +0000] "GET /WWW/HTTP_log_analysis//admin/categories.php/login.php?cPath=&action=new_product_preview HTTP/1.1" 500 - "-" "libwww-perl/5.833"
104.196.3.74 - - [08/Dec/2015:03:51:09 +0000] "GET //admin/categories.php/login.php?cPath=&action=new_product_preview HTTP/1.1" 500 - "-" "libwww-perl/5.833"
104.196.3.74 - - [08/Dec/2015:03:51:09 +0000] "GET /WWW//admin/categories.php/login.php?cPath=&action=new_product_preview HTTP/1.1" 500 - "-" "libwww-perl/5.833"
104.196.3.74 - - [08/Dec/2015:03:53:12 +0000] "GET /WWW/HTTP_log_analysis//admin/categories.php/login.php?cPath=&action=new_product_preview HTTP/1.1" 500 - "-" "libwww-perl/5.833"
104.196.3.74 - - [08/Dec/2015:03:53:12 +0000] "GET //admin/categories.php/login.php?cPath=&action=new_product_preview HTTP/1.1" 500 - "-" "libwww-perl/5.833"
104.196.3.74 - - [08/Dec/2015:03:53:12 +0000] "GET /WWW//admin/categories.php/login.php?cPath=&action=new_product_preview HTTP/1.1" 500 - "-" "libwww-perl/5.833"

NEWS CONTENTS

• 20151213 : Googleusercontent.com can trip you up, if you disable third-party cookies Kerikas Blog Get on the same page! ( Googleusercontent.com can trip you up, if you disable third-party cookies Kerika's Blog Get on the same page!, Dec 13, 2015 )
• 20151213 : security - What do you do if you are being hacked by something coming from a supposedly legitimate IP address such as from Goog ( security - What do you do if you are being hacked by something coming from a supposedly legitimate IP address such as from Goog, )

Old News ;-)

[Dec 13, 2015] Googleusercontent.com can trip you up, if you disable third-party cookies Kerika's Blog Get on the same page!

Most browsers allow third-party cookies, by default. And, most of the time, these cookies are used by advertising networks to track users as they move across different websites.

Some folks take the trouble of disabling third-party cookies, which can be done using your browser's "Preferences" settings: the actual mechanism varies based upon which browser you are using.

If you do turn off third-party cookies, you may find that images that you upload to your Kerika pages do not appear correctly. That's because all files that you upload to your Kerika pages are stored in your own Google account, so when you are viewing a Kerika project page, some of that content is coming from your Google Docs account.

Recently, Google has started storing images in a new domain, called googleusercontent.com. This domain is used for a variety of purposes, including cached copies of websites visited by the Google search engine, but the general purpose of this domain appears to be to store static content: i.e. content that is not expected to change.

So, if you have turned off third-party cookies in your browser, you may find that images are not shown when you visit your Kerika page. And, the whole process may be something of a mystery to you, although our latest version includes a new warning message when we detect that this problem might exist.

It's easiest to spot this problem if you are using the Google Chrome browser because that shows you, at the far right end of the address bar, that there is a potential problem with cookies on the page you are currently viewing. Here's an example:

security - What do you do if you are being hacked by something coming from a supposedly legitimate IP address such as from Goog

What do you do if you are being hacked by something coming from a supposedly legitimate IP address such as from Google?

Earlier today I was prompted to use a CAPTCHA-because of suspicious search activity-when doing a Google search, So I assumed either a PC on my network had a virus or something.

After poking around I noticed-from my router logs-that there were tons of connections to my Raspberry Pi that I had set up as a web server-port forwarded to 80 and 22-so I pulled the card, turned off that port forward and re-imaged it this time as a "honey pot" and the results are very interesting

The honey pot is reporting that there are successful attempts to log in with the username/pass combination pi/raspberry, and logs the IP's -these are coming in almost every second-and some of the IP's when I investigate are supposed to be Google's IP.

So I don't know, are they doing, if it is supposed "white hat" stuff, or whatever. It seems like that is an illegal intrusion. They aren't doing anything after they log in.

Here is an example IP address: 23.236.57.199

Take a look at this, specifically the comment: whois.domaintools.com/23.236.57.199 – Qantas 94 Heavy Mar 22 at 1:14 Or you could use just +short to truly get only the core response answer like this: dig -x 23.236.57.199 +short Which would return: 199.57.236.23.bc.googleusercontent.com. The base domain name of googleusercontent.com clearly is what it says it is, "Google User Content" which is known to be connected to the Google App Engine "Platform as a Service" product. And that allows any user to create and deploy code in Python, Java, PHP & Go applications to their service. If you feel these accesses are malicious, you can report suspected abuse to Google directly via this page. Be sure to include your raw log data so Google staff can see exactly what you are seeing. Past any of that, this Stack Overflow answer explains how one can go about getting a list of IP addresses connected to the googleusercontent.com domain name. Could be useful if you want to filter "Google User Content" accesses from other system accesses.

Recommended Links

Softpanorama Recommended

Top articles

Sites

Top articles

Sites

• Requests for non-existing web pages
• Probes from bc.googleusercontent.com
• Bangers
• Blocking Referer Spam
• Bots that couse consistent 500 errors
• Broken or undebugged robots
• Requests for crossdomain.xml and other XML files
• Frivolous POSTs
• Lower case requests
• Mystery GET requests with URI scheme encoded PNG image in them
• Non-PHP Web probes
• PHP probes
• Fighting rogue robots
• Trailing junk in requests

Bob Jensen's Fraud Updates January 1-March 31, 2012