The Google for Education Community Platform

ParatrooperJoe · ‎09-25-2023

We have been seeing an uptick of student users fnding ways to access otherwise blocked gaming websites while at school (no way, right!).

Most recently, I have noticed url look like this example:

https://9pbkvq3vc4bauslnloca9t4bllk816a4-a-sites-opensocial.googleusercontent.com/gadgets/ifr?url=ht...

of course, the website this link is showing is at the very end of this link and is a google sites, which we have blocked, but if they access it from the above link it is bypassnig our filter and allowing the website to load.

I have not tested blocking that full url, but my guess is it will only block this one website and not other websites they might use the same method for. Any ideas on how they are finding such "urls". is this some sort of bit.ly type redirect service? Any ideas on how to block that so that not just the one gaming site gets blocked, but any other website they try and use this method to bypass the filters?

Why is it a problem and why do I care? Basically the students are playing games in class instead of doing work, and yes the teacher assignes whatever discipline is in the student hadn book, but it is becoming an annoying a daily occurrence that the Principals would love if we could find a way to just block this so the students will not be bypassing the web filters.

Thanks in advance for any insight/recommendations you can give!

Kim_Nilsson · ‎09-25-2023

I'm pretty sure that Securly would block it by adding *unblocked* to the block list.

--
https://wheretofind.me/@NoSubstitute

ParatrooperJoe · ‎09-26-2023

Thanks @Kim_Nilsson however, we already have that in our blocked list.

I could totally be wrong, but it seems like the filter is seeing and analyzing only "https://9pbkvq3vc4bauslnloca9t4bllk816a4-a-sites-opensocial.googleusercontent.com" before it sees the rest of the link "/gadgets/ifr?url=https://cdn.jsdelivr.net/gh/r3tq6l1/to9d2if10dv@80e256cb3ca3b5793665f5ffb7d62285f2805e86/g7kh63s/bit..."

And i am worried if I block "*.googleusercontent.com" I will block other things that we probably do not want to block..... and if I include the first part, it probably will block the one website, but I thinking that first part is specific to the one website?

Kim_Nilsson · ‎09-26-2023

Yes, you are right on both counts.

Google's built-in URL Blocking isn't very flexible.

--
https://wheretofind.me/@NoSubstitute

ParatrooperJoe · ‎09-27-2023

@Kim_Nilsson Do you, or anyone else know of how these links are being generated? Is there some service or website you know of that creates these types of links? I am guessing it has something to do with: http://cdn.jsdelivr.net ? also wondering what *opensocial.googleusercontent.com even is? Is that a core service provided by google or one of its products?

Kim_Nilsson · ‎09-27-2023

Nope, no clue where they come from.

--
https://wheretofind.me/@NoSubstitute

MaryGrant · ‎11-13-2023

Dealing with something similar with webcache.googleusercontent.com and then q=whatever game.... I feel I have exhausted all block logic in GoGuardian so I just added this URL to Google's built-in URL blocking and it doesn't seem to impact anything?? I am watching various kiddos accessing games through that URL in real time right now in GoGuardian. My last resort is to call in a few kids to manually clear their browser history so they lose the cache redirect....not sure that will address it and not sure if that's similar to opensocial or not but this is frustrating for sure!

The Google for Education Community Platform

weird url to bypass filtering