Determining Safe Websites in 3 Easy Steps

Hacker Proof SealYou know … periodically you get an email or tweet with a link in it. Doesn’t happen that often, right? Should you click on the link or not? Of course we all know to copy the URL from the source, paste it into the address bar directly, and look for a seal like the one to the right. But is that enough? Or is it too late at this point? Today, even many legitimate sites are being compromised and distributing malware … and they don’t even know it. We need something that potentially detects malware BEFORE visiting the site.

(Note: As part of a campaign to bring forward some of our older posts that we feel still benefit the community, we’ve added this article to our Best Of category that will periodically get tweeted out. Please mention it to me on Twitter or contact us if there are any other posts you feel we should include in this category. This post was previously categorized under Infosec Blogs/Podcasts and Securing Mom. [email protected]grecs)

Then last Friday I came across an article on CNET titled “How to check if a Web site is safe” that seemed to address this problem. In it the author mentions several great services (e.g., Unmasked Parasites) as well as accompanying browser add-ons (both independent and those that come in security suites) and application installs (e.g., AVG LinkScanner). He additionally mentions that most modern browsers have web site checking built in as well as a few tools for Android (Mobilation Android & Lookout Mobile Security).

I’ve been meaning to write something up like this for a while now and so this article gave me the motivation to push forward. Where the CNET article seemed to be targeted for general web users with several OS or browser integrated services, my goal is to target infosec pros that want both breadth of service coverage as well as depth in detail. Hopefully, this post will give you the additional details you need to perform a bit more research for our curious minds.

  1. Expand Shortened URLs and/or Check for Redirects Using UnmaskURL.com: For whatever reason the meta-scanning sites mentioned below do not effectively expand shortened links or take into account safe-looking sites that may redirect to potentially malicious ones. That’s were UnmaskURL comes in. Sure, you could learn all the extra ways of previewing URLs from the different shorteners (e.g., appending “+” to bit.ly addresses) but UnmaskURL does it all for you in one shot. It unshrinks URLs (even nested ones) as well as traverses redirections. Also be sure to check out the links at the top of this website. They offer several other tools that allow more detailed analysis, including encoding/decoding base 64 (unmaskBase64.com) and grabbing the raw HTML of a webpage without rendering it (unmaskContent.com).
  2. Scan Ultimate Domain with URLVoid.com: This service scans the entered domain or sub-domain with 18 malware website detection services (e.g., Google Diagnostic, hpHosts, Norton SafeWeb, and TrendMicro Web Reputation). After each scan it conveniently allows you to drill down further by automatically submitting the URL to any of the services individually to get more details or several other analysis sites (e.g., VScan that scans it with multiple AV engines). URLVoid also offers IPVoid.com that does the same thing but just by IP instead of domain, URL Dump that mimics unmaskContent, and Extract URL that performs limited unshortening.
  3. Perform Backup Scan with VirusTotal.com: Known in the security community for being able to upload files to be scanned with 40 or so antivirus engines, they also offer a site scanning capability that inspects URLs with 16 website malware services. I generally use this site as a backup for verification. Check out http://bit.ly/nScS8W for a direct link to their site scanner.

Now there are plenty of other ways to do this… What do you use to check if a website is safe to visit BEFORE actually going there? Let us know in the comments below.

17 comments for “Determining Safe Websites in 3 Easy Steps

  1. August 31, 2011 at 6:05 pm

    BLOGGED: Determining Safe Websites in 3 Easy Steps http://t.co/uFTMagf

  2. August 31, 2011 at 7:06 pm

    Determining Safe Websites in 3 Easy Steps http://t.co/N4mY5zk #security

  3. Michael
    August 31, 2011 at 7:24 pm

    I have been using sucuri.net. Very good so far.
    Regards,
    Michael (@_dark_knight_)

  4. August 31, 2011 at 9:57 pm

    Determining Safe Websites in 3 Easy Steps: [nova#infosecportal.com] You know periodically you get an email or… http://t.co/q8BICaf

  5. January 9, 2012 at 2:10 am

    That article also mentions http://t.co/Smk93vkE .. another shortener expander I’ll probably add to http://t.co/lCxbTJyv

  6. January 9, 2012 at 2:10 am

    Another expander to try … http://checkshorturl.com/

  7. February 26, 2012 at 11:38 am

    Another cool resource I saw @BrianKrebs tweet about.

    http://urlquery.net is fast becoming one of my favorite sites for figuring out what bad/hacked sites are up to

  8. March 26, 2012 at 12:39 am

    Best Of: Determining Safe Websites in 3 Easy Steps http://t.co/cWux3K6L

  9. May 4, 2012 at 8:10 am

    Determining Safe Websites in 3 Easy Steps http://t.co/IIxvm5dS

  10. May 8, 2012 at 11:59 pm

    Best Of: Determining Safe Websites in 3 Easy Steps http://t.co/PqTNfn0R

  11. May 11, 2012 at 2:02 pm

    Determining Safe Websites in 3 Easy Steps #security [Howto] http://t.co/7Qh0Ihnv

  12. May 22, 2012 at 2:43 am

    Best Of: Determining Safe Websites in 3 Easy Steps http://t.co/cWuswa5R

  13. November 19, 2012 at 9:18 am

    Best Of: Determining Safe Websites in 3 Easy Steps http://t.co/bkJFKYd9

  14. February 24, 2013 at 10:12 pm

    Best Of: Determining Safe Websites in 3 Easy Steps http://t.co/LDd15UntD0

  15. April 20, 2013 at 11:31 am

    Best Of: Determining Safe Websites in 3 Easy Steps http://t.co/UsaX1ju8l9

  16. March 11, 2014 at 11:53 am

    Best Of: Determining Safe Websites in 3 Easy Steps http://t.co/xE2hI7wsb5

  17. December 2, 2014 at 8:10 am

    Best Of: Determining Safe Websites in 3 Easy Steps http://t.co/zYrEX5kyan

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.