How to quickly check a domain using Safe Browsing by Google
Web browsers such as Google Chrome or Mozilla Firefox use Google Safe Browsing to protect users before potentially malicious websites are loaded.
This works by checking sites against Safe Browsing's database to find out whether malware was hosted or distributed on the website in a 90 day period.
When you visit a flagged site in a browser supporting Safe Browsing, a warning page is displayed to you instead of the website itself.
Downloads on the other hand are blocked in Chrome when they are flagged, and the only option to complete a download is to open the download manager of Chrome to bypass the protection there.
The warning message
The warning depends on the nature of the attack. Phishing sites are for instance displayed in the following way:
Phishing attack ahead
Attackers on [domain-name] might try to trick you to steal your information (for example, passwords, messages, or credit cards).
It displays two options underneath: details and back to safety. Details adds more information and an option to visit the site regardless of the warning, while back to safety moves the user away from it without loading it.
Google Safe Browsing recently detected phishing on [domain-name]. Phishing sites pretend to be other websites to trick you.
If you understand the risks to your security, you may visit this infected site.
Manually checking links using Safe Browsing
Before we take a look at how you can check any link against Google's Safe Browsing database, we should answer the question why you may want to do so.
There are several answers to that. As a webmaster, you may want to check your domains against the database regularly to make sure that nothing slips by you. While you may receive the information in Google Webmaster Tools, you may not always have access to the administrative interface, especially if you are not the owner of the domain.
The diagnostic page can also be used to check a link without visiting it. If you have disabled Safe Browsing, for privacy purposes, or use a browser that does not support it, you may use the manual method to check a link for malicious contents.
To check any link, add it to the end of this url: https://www.google.com/safebrowsing/diagnostic?site= and load the resulting address in the web browser of choice.
The page answers the following questions:
- What is the current listing status for it?
- What happened when Google visited this site?
- Has this site acted as an intermediary resulting in further distribution of malware?
- Has this site hosted malware?
Conclusion
Google's Safe Browsing Diagnostic page is not the only option that you have to verify a url but it is straightforward and quickly done provided you know the core url of it.
I prefer to use Virustotal -- also a Google product now -- instead as it scans urls using more than 50 different engines and not just one increasing the chance that you are informed about malware or other malicious activities on it when you check it against the database.
Now Read: 5 Tips to stay safe on the Internet
Thanks for providing a great way to know about safe websites. it will help me to check my website whether it is safe or not.
All good tips!
One more for the collection?
Do a Google Search with:
safebrowsing:aa.com <== or any other domain…
(example URL: aa.com)
Google Safe Browsing reports http://www.eset.com has 9 trojan + 3 virus on 2014-07-19.
I wait for the usual denials from ESET.
Martin did you know there is noscript for android available ? http://noscript.net/nsa/
Is it this? https://www.ghacks.net/2011/10/19/feature-complete-noscript-add-on-now-available-for-firefox-mobile/
yes that’s it :-) ghacks rulez.
I am using Google Safe Browsing bookmarklet.
Code :
javascript:(function(){safediag=window.open(‘http://www.google.com/safebrowsing/diagnostic?site=’+document.domain,’_blank’,”);if(window.focus){safediag.focus()};})()
Adblock/NoScript/WOT – addons that will do a lot for you to this regard
Then there’s someonewhocares.org/hosts
I use Zulu URL Risk Analyzer. How safe is your web destination?. First and then Virus Total.
h**p://zulu.zscaler.com/
Many thanks for this news letter.
Patrick.
For those who, like me, wondered how to find google safe browsing in firefox. It is incorporated in the checkbox ‘block reported attack sites’ which you access by tools/options/security. It is activated by default, and can be deactivated by clicking the checkmark in that box – not particularly a good idea for most users.
If you use the web of trust add-on, their separate and different type of site evaluation is available in the pop up menu which appears when you right click any link.
Good point. If you are using a third-party tool, be it add-on or security software, then you likely do not need to run Google Safe Browsing as well.