How to quickly check a domain using Safe Browsing by Google

Martin Brinkmann
Jul 19, 2014
Security
|
11

Web browsers such as Google Chrome or Mozilla Firefox use Google Safe Browsing to protect users before potentially malicious websites are loaded.

This works by checking sites against Safe Browsing's database to find out whether malware was hosted or distributed on the website in a 90 day period.

When you visit a flagged site in a browser supporting Safe Browsing, a warning page is displayed to you instead of the website itself.

Downloads on the other hand are blocked in Chrome when they are flagged, and the only option to complete a download is to open the download manager of Chrome to bypass the protection there.

The warning message

The warning depends on the nature of the attack. Phishing sites are for instance displayed in the following way:

Phishing attack ahead

Attackers on [domain-name] might try to trick you to steal your information (for example, passwords, messages, or credit cards).

It displays two options underneath: details and back to safety. Details adds more information and an option to visit the site regardless of the warning, while back to safety moves the user away from it without loading it.

Google Safe Browsing recently detected phishing on [domain-name]. Phishing sites pretend to be other websites to trick you.

If you understand the risks to your security, you may visit this infected site.

google phishing attack warning

Manually checking links using Safe Browsing

Before we take a look at how you can check any link against Google's Safe Browsing database, we should answer the question why you may want to do so.

There are several answers to that. As a webmaster, you may want to check your domains against the database regularly to make sure that nothing slips by you. While you may receive the information in Google Webmaster Tools, you may not always have access to the administrative interface, especially if you are not the owner of the domain.

The diagnostic page can also be used to check a link without visiting it. If you have disabled Safe Browsing, for privacy purposes, or use a browser that does not support it, you may use the manual method to check a link for malicious contents.

To check any link, add it to the end of this url: https://www.google.com/safebrowsing/diagnostic?site= and load the resulting address in the web browser of choice.

safe browsing diagnostic

The page answers the following questions:

  • What is the current listing status for it?
  • What happened when Google visited this site?
  • Has this site acted as an intermediary resulting in further distribution of malware?
  • Has this site hosted malware?

Conclusion

Google's Safe Browsing Diagnostic page is not the only option that you have to verify a url but it is straightforward and quickly done provided you know the core url of it.

I prefer to use Virustotal -- also a Google product now -- instead as it scans urls using more than 50 different engines and not just one increasing the chance that you are informed about malware or other malicious activities on it when you check it against the database.

Now Read: 5 Tips to stay safe on the Internet

Summary
How to quickly check a domain using Safe Browsing by Google
Article Name
How to quickly check a domain using Safe Browsing by Google
Description
Find out how to check any url against Google's Safe Browsing database without visiting the site in question.
Author
Advertisement

Previous Post: «
Next Post: «

Comments

  1. Rahul said on July 21, 2014 at 12:58 pm
    Reply

    Thanks for providing a great way to know about safe websites. it will help me to check my website whether it is safe or not.

  2. joe said on July 20, 2014 at 9:55 pm
    Reply

    All good tips!

    One more for the collection?
    Do a Google Search with:
    safebrowsing:aa.com <== or any other domain…
    (example URL: aa.com)

  3. fassoon said on July 20, 2014 at 5:19 am
    Reply

    Google Safe Browsing reports http://www.eset.com has 9 trojan + 3 virus on 2014-07-19.

    I wait for the usual denials from ESET.

  4. oscar said on July 20, 2014 at 12:18 am
    Reply

    Martin did you know there is noscript for android available ? http://noscript.net/nsa/

      1. oscar said on July 20, 2014 at 12:40 am
        Reply

        yes that’s it :-) ghacks rulez.

  5. Ficho said on July 19, 2014 at 7:20 pm
    Reply

    I am using Google Safe Browsing bookmarklet.
    Code :
    javascript:(function(){safediag=window.open(‘http://www.google.com/safebrowsing/diagnostic?site=’+document.domain,’_blank’,”);if(window.focus){safediag.focus()};})()

  6. guest said on July 19, 2014 at 4:42 pm
    Reply

    Adblock/NoScript/WOT – addons that will do a lot for you to this regard
    Then there’s someonewhocares.org/hosts

  7. Patrick said on July 19, 2014 at 4:18 pm
    Reply

    I use Zulu URL Risk Analyzer. How safe is your web destination?. First and then Virus Total.

    h**p://zulu.zscaler.com/
    Many thanks for this news letter.
    Patrick.

  8. exrelayman said on July 19, 2014 at 2:54 pm
    Reply

    For those who, like me, wondered how to find google safe browsing in firefox. It is incorporated in the checkbox ‘block reported attack sites’ which you access by tools/options/security. It is activated by default, and can be deactivated by clicking the checkmark in that box – not particularly a good idea for most users.

    If you use the web of trust add-on, their separate and different type of site evaluation is available in the pop up menu which appears when you right click any link.

    1. Martin Brinkmann said on July 19, 2014 at 3:01 pm
      Reply

      Good point. If you are using a third-party tool, be it add-on or security software, then you likely do not need to run Google Safe Browsing as well.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.