We were wrong about that. Recently, we started observing Googlebot making POST requests to thumbtack.com. As far as we can tell, such requests have not been openly observed before. These Apache access log excerpts show a few examples:
220.127.116.11 - - [04/Sep/2011:04:53:52 +0000] "POST /act/site/clienterror HTTP/1.1" 200 36 "http://www.thumbtack.com/ma/malden/dog-walking/dog-walking-and-pet-care-services" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" 18.104.22.168 - - [25/Sep/2011:04:27:50 +0000] "POST /act/site/clienterror HTTP/1.1" 200 36 "http://www.thumbtack.com/ca/solana-beach/wedding-photographers/photography-cary-pennington-photography" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" 22.214.171.124 - - [04/Oct/2011:09:53:08 +0000] "POST /act/site/clienterror HTTP/1.1" 200 36 "http://www.thumbtack.com/tx/san-antonio/painting/residential-commercial-construction-services" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"
We've verfied the requests are coming from real Google crawler IP addresses:
$ dig -x 126.96.36.199 +short crawl-66-249-71-47.googlebot.com. $ dig crawl-66-249-71-47.googlebot.com. +short 188.8.131.52
Now, this isn't necessarily harmful behavior. In discussing request safety, RFC 2616 sec. 9.1.1 states:
The important distinction here is that the user did not request the side-effects, so therefore cannot be held accountable for them.