tag line

moving IT to the cloud with service not servers

URL List to bypass SSL inspection for Google

Google has recently moved all network traffic from HTTP to HTTPS.  If you are using any form of web filtering this traffic needs to be de-crypted  and re-encrypted on a edge security device if you want to peak inside the packet contents.

Google recommend that you bypass packet level inspect on data heading to Google and publish a list of site that need to be white listed.

The official Google URL list can be found in this Help Center article 

This list below incorporates this with a number of other 'real world' examples that have been posted on forums.


translate.googleapis.com
talkx.l.google.com
talk.google.com
maps.googleapis.com
accounts.gstatic.com
alt1-safebrowsing.google.com
android.clients.google.com

lh1.googleusercontent.com
lh2.googleusercontent.com
lh3.googleusercontent.com
lh4.googleusercontent.com
lh5.googleusercontent.com
lh6.googleusercontent.com
redirector.gvt1.com
www.google-analytics.com
ssl.google-analytics.com
chrome.google.com
cache.pack.google.com
accounts.google.com
accounts.youtube.com
client3.google.com
clients1.google.com
clients2.google.com
clients3.google.com
clients4.google.com
clients5.google.com
clients6.google.com
cros-omahaproxy.appspot.com
dl-ssl.google.com
dl.google.com
m.google.com
omahaproxy.appspot.com
safebrowsing-cache.google.com
m.safebrowsing-cache.google.com
safebrowsing.google.com
ssl.gstatic.com
tools.google.com
pack.google.com
www.gstatic.com
www.google.com
tools.google.com/service/update2
gweb-gettingstartedguide.appspot.com
www.googleapis.com
www.gmodules.com
mail.google.com
gg.google.com
id.google.com
talk.google.com
google.com/cloudprint
https://storage.googleapis.com
https://commondatastorage.googleapis.com