10

What is gen_204?

I saw it downloading earlier today only to find another copy of it in my downloads and deleted both. It just downloaded again. It was a small file with no extension. I searched Google and find some stuff about a Chrome error but nothing really specific or current related to what this thing is.

It has downloaded at sporadic times while browsing the internet. The first time I saw it pop up I was on Facebook and the other time I was in my ETrade account. I saw it appear on the bottom of my browser window with no extension. I'm running OSX Sierra.

(If you know what it is and want to improve the tags please feel free or if I find out what it is I'll update them myself. Not really sure how to tag this question in a useful way)

Improve this question
2
  • “This question has an open bounty and cannot be closed” – Seriously? As is, the question is super unclear. Where did you see it downloading? What is it even supposed to be? Just a file with no extension? How big was the file? Did you do anything with file? What where you doing when it downloaded? What software are you using?
    – Daniel B
    Commented Dec 19, 2017 at 18:20
  • 3
    @DanielB the bounty says, "not received enough attention." It clearly worked as intended since now you're asking me for more information which nobody had previously done.. I update the question to answer you as best I can.
    – Ryan
    Commented Dec 19, 2017 at 18:38

6 Answers 6

Reset to default
6
+50

When searching for "gen_204" I came across this post from Stackoverflow: javascript in google - what's it doing ? and is it trying to encrypt its work, where gen_204 is listed as part of a Google Javascript.

Troy Hunt on troyhunt.com (link) found out that it's foreign browsers with Javascript running, trying to find something that doesn't exist, quote:

That’s enough to draw some conclusions:

  1. The gen204 reference is coming from the Google Translate script
  2. It appears to be executing in the DOM context of the target site
  3. The script above is setting an image source of gen204 plus a query string
  4. I have no idea why this is happening (although best guess is a browser plugin)

On that last point, whilst I haven’t gone deep enough down the rabbit hole to explain why this is happening, I’ve seen enough to conclude it’s nothing that requires any effort on my part. It’s not a broken reference on my site nor is it a malicious attack, it’s simply some screwy JavaScript looking for something that doesn’t exist.

Perhaps a browser plugin of yours (a Google one) is doing something?

Improve this answer
8

For some reason, Chrome is downloading the gen_204 file. It isn't actually any malware or any useful file, although I am not quite sure why it is saving it.

Google uses gen_204 to generate a "204 No Content" response to your web browser. It is possible that an extension is making it download the file. Try disabling any extensions that force downloads of certain files and see if the problem continues.

Improve this answer
3

If I'm correct, you're not a native English speaker. I believe that has something to do with language translation based on the information here: "The gen204 reference is coming from the Google Translate script".

Improve this answer
1

See: https://support.honeywellaidc.com/s/article/Android-What-does-limited-or-no-Internet-Access-mean

http://www.google.com/gen_204 is basically a way to check/verify if you have real internet connectivity, as opposed to being behind a captive portal (example: wifi signup page at random cafe or airport) or a local only wifi network without internet connectivity at all (example: wifi from a printer that allows you to print, but can't reach the internet)

Normally these URLs should automatically be fetched in the background, successfully download nothing, and not result in anything being saved to disk.

The fact it's getting saved to disk sounds like a bug. It might be due to the fact that on some wifi networks it doesn't actually reach google at all, and instead gets intercepted by the network to give you a sign up page...

(I'm guessing there's similar captive portal / no network detection logic in Chrome, as there is in Android)

Improve this answer
0

I'm getting:

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

when I use following script tag in HTML:

script_tag: async defer src="https://maps.googleapis.com/maps/api/js?key=API_KEY&callback=initMap"

I presume that csp in this case stands for Content Security Policy.

The response is: {}

Improve this answer
3
  • Hi Kebten, were you able to resolve this issue ? can you help, I am facing same problem
    – user1005310
    Commented Feb 23 at 0:35
  • Most probably is the missing API_KEY the problem..either that or some network problem.. was a while ago.. don‘t remember if I resolved it.. anyhow it‘s clear that the google maps service wasn‘t able to / wasn‘t in a position to provide any geo data as a response.
    – kebten
    Commented Feb 28 at 15:00
  • I figured out, it was an expired API key, on regenerating the API key, issue was resolved
    – user1005310
    Commented Mar 1 at 16:01
-1

Maybe earlier it had other meaning like checking online connectivity of Android devices, but currently all those gen_204 requests are members of tracking/spying infrastructure. One does not need so many different parameters to check if device is online. They are tracking virtually everything down to mouse movement. If you know how to use developer tools in browser you can easily check that by yourself.

www.google.com gen_204 logs

maps.google.com gen_204 logs

Improve this answer
1
  • Your answer could be improved with additional supporting information. Please edit to add further details, such as citations or documentation, so that others can confirm that your answer is correct. You can find more information on how to write good answers in the help center.
    – Community Bot
    Commented Nov 17, 2021 at 16:33

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .