Recently links shared to me from IOS users using the google app have been obfuscated with search.app/SOMEUNIQUECODE where the app redirects to the originally intended website, but, of course, the person clicking the link is revealed to the owners of search.app.
Does anyone have IOS + google and can confirm this behavior? search.app has no home page and no documentation or reporting about it that I could find (other than that it’s a firebase app). The domain was registered to MarkMonitor Inc. in September of last year. But It’s not clear to me what MarkMonitor’s business actually is–it seems like they could just have registered it on behalf of someone.
TL;dr:
My discovery process is kinda listed below.
https://www.slashgear.com/google-android-app-beta-makes-it-easier-to-share-search-results-20581224
MarkMonitor.
Looks like they are a domain squatter, buying up domains and selling them at ridiculous prices.
They have a page showing some domains they have for sale https://www.markmonitor.com/domains-for-sale/top-level-domains/
But I don’t see
search.applisted. Doesn’t mean they don’t own it tho, or perhaps they managed the acquisition of it.It’s strange, because it seems like Google Domains is the registrant:
Registrant Organization: Google LLC.Maybe MarkMonitor owned it and leased it to Google?
search.app.goo.glprobably also points to the same firebase app: https://websecblog.com/vulns/bypassing-firebase-authorization-to-create-custom-goo-gl-subdomains/Both the Google subdomain and the TLD point to firebase hosting.
Firebase is essentially free hosting (and some Backend as a Service things).
I can’t find any details on who is behind it tho, and I don’t think there is any way to publicly find those details.
I’m guessing it’s some sort of link obfuscation or shortener service.
It might be that it is an official Google service for their apps, which is why they are the registrant.
Ah, found something:
https://www.slashgear.com/google-android-app-beta-makes-it-easier-to-share-search-results-20581224