Users with Google Proxy IPs

Question

On my website, we log user IPs to ensure we're able to properly moderate and prevent abuse.

We are aware of Proxies, such as Opera VPN, Tor, and others.

However, I am not aware of Google itself having a Proxy, other than the "Data Saver" functionality.

Some users are coming to my website with IPs such as:

66.102.8.219
66.249.91.121

There are a lot more IPs. These IPs are owner by AS15169 Google LLC and have these hostnames:

rate-limited-proxy-66-249-91-121.google.com
google-proxy-66-102-8-219.google.com

As per this page, https://developers.chrome.com/multidevice/data-compression
The header X-Forwarded-For will be present with the user's real IP.
And we do look into this header.

However, when I dump the headers when users come with the IPs above, this header is not present, and there's no other header with the user's IP, at all.

Plus, as per this page, https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cache-Control

The [Cache-Control] no-transform directive is redundant for content served over HTTPS, because proxies can not transform payloads over secure connections.

Therefore, I don't think the IPs above have to do with Data Saver functionality, because my website is fully SSLed.

-

What do you think these users are using in order to hide their real IP?

Answer 1

Read the user agent, its probably one of the Googlebots crawling. If you don't want to be indexed set robots.txt, they are well behaved.

On Google webmaster help, reference:

• Verifying Googlebot with DNS
• Google crawlers

Edit: if it isn't a crawler, it may be an attempt to use various Google services as a proxy. Many theories over at webmasters.se over the years, nothing conclusive: Is this Google proxy a fake crawler: google-proxy-66-249-81-131.google.com?

Whatever it is, decide if these agents are abusing your system. Block, rate limit, and try robots.txt anyway to see if they behave like a bot.