When visiting a web page, whatever it may be, one of the factors that can tell us whether it is a legitimate site or not is the domain. The URL, the name itself, as well as whether or not it is encrypted. There are many threats that we can find when sailing. Many pages that pretend to be legitimate but are actually trying to steal information. In this article we echo certain domains owned by Google that many have considered suspicious.
GVT1.com, Google’s suspicious URL
These suspicious URLs correspond to GVT1.com . These are domains owned by Google that have caused Google Chrome browser users and computer security researchers to suspect that they are actually something dangerous.
These domains correspond to the URL redirector.gvt1.com and also gvt2.com. They are owned by the search giant and are generally used to carry out software updates, extensions and content related to the Google Chrome browser.
When browsing, for example, redirects to those domains may appear. In reality, it is, as we have said, Google’s own services. You may simply be trying to deliver a necessary browser update to us. However, this has raised the alarm on the part of many and they have begun to analyze the domains.
Some antivirus, as well as security researchers, have considered these URLs as malware and blocked them. When we see GVT, which appears in the domain gvt1.com, it is the acronym for Google Video Transcoding . It is used as a cache server for content and downloads used by Google applications and services.
Used to send official content
Therefore, we can say that Google uses these domains only to deliver official content . For example downloading updates or executables related to Android.
Now, a worrying point, as indicated by security researchers, is that Google continues to use an unencrypted URL, HTTP, to deliver official content. This is something that clashes a bit with current times, in which more and more pages have HTTPS encryption and even the browsers themselves often identify the pages that are not as insecure. Knowing how to analyze links and avoid problems is essential.
Ultimately, seeing traffic related to domains like .gvt1.com or .gvt2.com on our network would not be a cause for alarm, but simply a legitimate Chromium download. Of course, Google should switch to HTTPS to avoid possible Man-in-The-Middle attacks, and administrators should follow best practices, such as analyzing URL traffic.
We already know that the URL can be used by hackers to carry out their attacks. Sometimes we come across scam attempts that pretend to be legitimate pages but are actually Phishing attacks, for example. Also at other times they may even attack a legitimate site with the simple aim of sending malicious software. Hence, we must always have security programs in place, keep equipment updated and of course avoid making mistakes that could compromise our privacy on the network.