What is gvt1.com [RESOLVED]

There is a lot of talk on the forums and online in general about what gvt1.com is and who own’s it.  I have seen many posts online where people say this domain is hosting malware/viruses/spyware I hope to clear a few things up in the post regarding this domain.

Who own’s this domain name ?

This domain is owned by Google – Full lookup details here

What is this domain used for ?

I have done a lot of traces and research on this domain and it appears to be used for Google Chrome updates.

Does this domain host malware/viruses/spyware ?

As far as I can tell no.  It is owned by Google and used by Google Chrome for updates.  I have seen this domain in our customers proxy logs and we have checked it ourselves and can see no evidence that it is linked to anything other than Google Chrome updates.




Example of URL

The following is an example of the URL taken for a proxy log, as you can see it is pulling “chrome_updater.exe” and also passing your external IP address.

http://r1—sn-aigl6ner.gvt1.com/edgedl/release2/chrome/ALTil6ikBe1K_60.0.3112.113/60.0.3112.113_60.0.3112.90_chrome_updater.exe?cms_redirect=yes&expire=1504097692&ip=YOUR.IP.ADDRESS.HERE&ipbits=0&mm=28&mn=sn-aigl6ner&ms=nvh&mt=1504083201&mv=m&pl=24&shardbypass=yes&sparams=expire,ip,ipbits,mm,mn,ms,mv,pl,shardbypass&signature=320A6E7FEF2C305B021E7E4BD0DDF4777BF0B4E0.57ACDDE44A887E8D1A3714DDB922CC932169D567&key=cms1

Some people also talk about the redirector part of this URL, again this appears to be linked to Google Chrome updates.

Example redirector URL – http://redirector.gvt1.com/edgedl/release2/chrome_component/F7bY6CiefPs_3943/3943_all_crl-set-delta-3942-66332048509882810.data.crx3





Duncan Newell

Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.

4 thoughts on “What is gvt1.com [RESOLVED]

  • July 26, 2019 at 6:23 pm
    Permalink

    Yup, and Android updates, too.

    Reply
  • November 5, 2019 at 8:48 am
    Permalink

    when you download apps in google play,will use this domain

    Reply
  • December 19, 2019 at 5:49 pm
    Permalink

    So why does Firefox want to go there in the middle of the night while the computer is asleep?

    Reply
  • September 16, 2020 at 6:07 pm
    Permalink

    actually its also android studio

    Reply

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: