What is gvt2.com [RESOLVED]
There is a lot of talk on the forums and online in general about what gvt2.com is and who own’s it. I have seen many posts online where people say this domain is hosting malware/viruses/spyware I hope to clear a few things up in the post regarding this domain.
Who own’s this domain name ?
This domain is owned by Google – Full lookup details here
What is this domain used for ?
Google services – To be confirmed …
Subdomains
We have identified the following subdomains associated to this site :-
beacons.gcp.gvt2.com
beacons.gvt2.com
beacons2.gvt2.com
beacons3.gvt2.com
beacons4.gvt2.com
beacons5.gvt2.com
Does this domain host malware/viruses/spyware ?
As far as I can tell no. It is owned by Google. I have seen this domain in our customers proxy logs and we have checked it ourselves and can see no evidence that it is linked to anything other than Google services.
If you are looking for information on gvt1.com then click here if you are looking for information on gvt3.com then click here.
Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.
I have those blocked with PiHole and I havent notice any difference at all.
Seems to be related to Android push messages. I did not get a VISA confirmation code push message from my bank and my blocker was full of this domain. When I stopped the blocker, it worked.
I whitelisted it for now.
Its the Govt tracking you. Spying!
It is a Google service, that allows backdoor entry for hackers (Developers) to access information, presumably to get analytics for their apps. But never the less. It is a back door. Just doubleclick,gooogleusercontent and all the others you see.
The ONLY issue I have noticed is that you can not get to the login pop-up for Domino’s Pizza (https://www.dominos.com/) with beacons.gcp.gvt2.com blocked. But that has been the ONLY issue so far
What is gsa,app being inbedded into Android then being remote view devices? While identifying an id thief…stalker I triggered the t mobile hack…caught the attack to my and many others under ip 174.240 series 205….while gsa fleet management was off it exposed all bad actor and name…I’d thief was identified and all operators in gsa and then came tombstones…then!…
Time line edits …like lots and lots of edits to the point. Operator requested in this area to remove google access services where gsa.app version example 13.2.4.67 and fms go was also in the bucket. Hum..bought ,,stolen,,cloned devices that can have google id disabled…lmao…
Regular guy 2.6 years investigation till unknown timeline editor gave the hell up. Tried update to my clone device bit disabled all update till Dec 2024.
The update was to trash all info I capture in my purposely left google take out!!!
Clone chrome versions 130.00000 113.00000
The default ring for your google account dissappear with an exchange of gsa google/ to the mobile.
Gsa towers not trucks catchers, stingray….nah.
Amazing big brothers house…I quote ” he’s got out contacts, we got to take this downtown”
This was captured in a screen recording that was capturing full mic,media,cam on there cloned gsa device.
Gsa fleet management was nothing more then bad actors using gsa.app and administrators selling gsa access credentials that could be used like account sharing issue Netflix experienced.
End story. No more timeline history in local gsa google no more info to identify the bad idiots!
I printed the google cloned server/gsa dhs history.
Ugly world.