- Thread Author
- #1
so … you find a tiny url and feeling apprehensive … not sure if you can trust the url being safe. indeed, your concern is warranted. nowadays … just opening a web-page can release malware, exploits and ransomware into your environment.
tiny urls:
reasons for shortening url:
yes … sometime it does seem necessary to provide for, and substantiate for, shortened urls. for instance, google- maps/searches both have long addresses … many others as well. ever try inserting a long url inside a tweet? i'd rather not launch into the semantics here.
google (and others):
this morning i ran into a url … which propagated this post here. the url seemed to have been manifested via google (goo.gl/6okWTw). question being … how to find the true url hiding within the obfuscated/compressed version?
google offers its own tiny-url service (goo.gl) … so do a myriad of other providers (youtu.be, y.ahoo.it, amzn.to, bit.ly, etc.) … each with their own architecture.
one handy way, for goo.gl links, is by typing a plus-sign(+) at the rear of the url. for example, if the url is goo.gl/6okWTw … adding a "+" would finish the sequence as goo.gl/6okWTw+. pls refer to the bottom references if you wish to know the url's true identity*.
in the real world … say, you come across the goo.gl link … you'd need to copy the url … paste the url into the browser's address field. you would then type a plus-sign after the url … and, finally, hit "enter" on the keyboard. from there, google.com will refresh your web-page … deobfuscating the shortened url … finally divulging the expanded address**.
services offered:
other tiny url services offer different methods of deobfuscation. several different online portals out there offer to expand the url … some wanting sign-up first(wtf?) … some demand the person viewing to lower their ad-blocker … some even slap your face with ads. the following expanders seem to be universal and not proprietary:
add-ons:
there are add-ons which offer similar approaches … in which it's automated and, therefore, requires no copy/paste maneuvers. i present … 9inchurl.com … offering add-ons for both firefox as well as chrome. i have not tried either add-on personally … far as i know they are free and have not yet died.
virus-total:
last of all … our favorite virustotal.com comes to the rescue. not only can you check the link for malware … it will also point you to the originating url! check out line#4 … scroll all the way right.
pls note:
p.s. actually … yahoo decommissioned their y.ahoo.it exchange (11/2013).
ref:
tiny urls:
reasons for shortening url:
allows most small string fields
may be easier to remember
less typing
easier to copy/paste
may be easier to remember
less typing
easier to copy/paste
yes … sometime it does seem necessary to provide for, and substantiate for, shortened urls. for instance, google- maps/searches both have long addresses … many others as well. ever try inserting a long url inside a tweet? i'd rather not launch into the semantics here.
google (and others):
this morning i ran into a url … which propagated this post here. the url seemed to have been manifested via google (goo.gl/6okWTw). question being … how to find the true url hiding within the obfuscated/compressed version?
google offers its own tiny-url service (goo.gl) … so do a myriad of other providers (youtu.be, y.ahoo.it, amzn.to, bit.ly, etc.) … each with their own architecture.
one handy way, for goo.gl links, is by typing a plus-sign(+) at the rear of the url. for example, if the url is goo.gl/6okWTw … adding a "+" would finish the sequence as goo.gl/6okWTw+. pls refer to the bottom references if you wish to know the url's true identity*.
in the real world … say, you come across the goo.gl link … you'd need to copy the url … paste the url into the browser's address field. you would then type a plus-sign after the url … and, finally, hit "enter" on the keyboard. from there, google.com will refresh your web-page … deobfuscating the shortened url … finally divulging the expanded address**.
services offered:
other tiny url services offer different methods of deobfuscation. several different online portals out there offer to expand the url … some wanting sign-up first(wtf?) … some demand the person viewing to lower their ad-blocker … some even slap your face with ads. the following expanders seem to be universal and not proprietary:
checkshorturl.com (contained 1 ad and 8 trackers)
getlinkinfo.com (contained 9 trackers)
untiny.com (contained 1 ad and 3 trackers)
9inchurl.com (contained 1 trackers)
getlinkinfo.com (contained 9 trackers)
untiny.com (contained 1 ad and 3 trackers)
9inchurl.com (contained 1 trackers)
add-ons:
there are add-ons which offer similar approaches … in which it's automated and, therefore, requires no copy/paste maneuvers. i present … 9inchurl.com … offering add-ons for both firefox as well as chrome. i have not tried either add-on personally … far as i know they are free and have not yet died.
virus-total:
last of all … our favorite virustotal.com comes to the rescue. not only can you check the link for malware … it will also point you to the originating url! check out line#4 … scroll all the way right.
Code:
content-length: 66880
x-seen-by: m0j2EEknGIVUW/liY8BLLna/Y3lFyAIO6fJh1n72JsA=,1wy2ILu/S4rlWT/R4rqCrRuIDmz9IMyTDzWNWPvKo0o=,LwsIp90Tma5sliyMxJYVEi2yokv0wGdZxJj27ka7Yas=,1wy2ILu/S4rlWT/R4rqCrRuIDmz9IMyTDzWNWPvKo0o=,Tw2AanFDQ+Wwo8Xxk6ZL7rHKeAJXtkPxqn+uc4aMlOBIwTBgXpw0piCVV5ZIxFN9,I2ZOrNA1LIowGTY6Ll7mx3a/Y3lFyAIO6fJh1n72JsA=
content-language: en-US
set-cookie: hs=1674075430;Path=/;Domain=theghosthacker.wixsite.com;HttpOnly, svSession=c4d171f41467663073a9579b5860f01772ba7609e1a3c1f86e4162c3d851fc77cd19cd5db43af83b4a22e12cb3c9e48d1e60994d53964e647acf431e4f798bcd20f733950c851763ed6e244e03d71fad831e4c2577dc6914b61504dcf5ef2afe;Path=/theghosthacker;Domain=theghosthacker.wixsite.com;Expires=Sat, 08-Jan-2022 15:29:23 GMT
x-wix-renderer-server: app-jvm1b.42.wixprod.net
expires: Thu, 01 Jan 1970 00:00:00 GMT
vary: User-Agent
server: Pepyaka/1.11.3
connection: keep-alive
pragma: no-cache
cache-control: no-cache
date: Sun, 08 Jan 2017 15:29:24 GMT
x-wix-request-id: 1483889364.9021718369998784272
content-type: text/html;charset=utf-8Path=/theghosthacker;Domain=theghosthacker.wixsite.com
pls also note:HttpOnly ***
additionally, virus-total offers an ip-address as well.p.s. actually … yahoo decommissioned their y.ahoo.it exchange (11/2013).
ref:
virustotal.com
security.thejoshmeister.com/2009/04/how-to-preview-shortened-urls-tinyurl.html
theghosthacker.wixsite.com/theghosthacker (goo.gl/6okWTw) *
goo.gl/#analytics/goo.gl/6okWTw/all_time **
yahoodevelopers.tumblr.com/post/67403245494
security.thejoshmeister.com/2009/04/how-to-preview-shortened-urls-tinyurl.html
theghosthacker.wixsite.com/theghosthacker (goo.gl/6okWTw) *
goo.gl/#analytics/goo.gl/6okWTw/all_time **
checkshorturl.com
getlinkinfo.com
untiny.com
9inchurl.com
owasp.org/index.php/HttpOnly ***getlinkinfo.com
untiny.com
9inchurl.com
yahoodevelopers.tumblr.com/post/67403245494
addons.mozilla.org/en-us/firefox/addon/simple-url-extender/
chrome.google.com/webstore/detail/simple-url-extender/lmmoknkjcopjcbhmahpmogamfblhlpfa
chrome.google.com/webstore/detail/simple-url-extender/lmmoknkjcopjcbhmahpmogamfblhlpfa
- Joined
- Mar 14, 2023
- Messages
- 10,068
When dealing with shortened URLs like those from Google's goo.gl service, caution is necessary due to potential security risks. Here are some methods to expand these shortened URLs for further scrutiny and to ensure safety:
1. Google URLs - Add a Plus Sign:
- To reveal the actual link from a Google shortened URL like goo.gl/ABCDE, append a plus sign at the end to look like goo.gl/ABCDE+ and load the URL in your browser. This reveals the true destination.
2. Online URL Expanders:
- Various online services like CheckShortURL, GetLinkInfo, UnTiny, and 9inchurl offer URL expansion services that can reveal the true destination of shortened URLs. These services can help you view the full link without clicking on the shortened URL.
3. Browser Add-Ons for URL Expansion:
- If you frequently encounter shortened links, browser add-ons like those provided by 9inchurl can automatically expand the URLs for you, eliminating the need for manual processing.
4. VirusTotal Analysis:
- If you are still unsure about the safety of a link, running it through services like VirusTotal not only checks for malware but also unveils the underlying URL contained within the shortened link.
By utilizing these methods, you can safely expand and investigate shortened URLs to ensure they lead to legitimate sites without posing any security threats.
If you have any more questions or need further assistance, feel free to let me know!
1. Google URLs - Add a Plus Sign:
- To reveal the actual link from a Google shortened URL like goo.gl/ABCDE, append a plus sign at the end to look like goo.gl/ABCDE+ and load the URL in your browser. This reveals the true destination.
2. Online URL Expanders:
- Various online services like CheckShortURL, GetLinkInfo, UnTiny, and 9inchurl offer URL expansion services that can reveal the true destination of shortened URLs. These services can help you view the full link without clicking on the shortened URL.
3. Browser Add-Ons for URL Expansion:
- If you frequently encounter shortened links, browser add-ons like those provided by 9inchurl can automatically expand the URLs for you, eliminating the need for manual processing.
4. VirusTotal Analysis:
- If you are still unsure about the safety of a link, running it through services like VirusTotal not only checks for malware but also unveils the underlying URL contained within the shortened link.
By utilizing these methods, you can safely expand and investigate shortened URLs to ensure they lead to legitimate sites without posing any security threats.
If you have any more questions or need further assistance, feel free to let me know!
Similar threads
