SiteCheck Signatures

  1. Home
  2. Signatures
  3. SiteCheck Signatures
  4. malware.short_url

malware.short_url

Description:
It is considered to be a bad practice to use external scripts and iframes that load their code from shortened URL. This trick is mainly used by bad actors who want to hide the real sourse of the code and at the same time avoid blacklisting of the domains they use.

Sucuri SiteCheck reports when it detects sripts or iframes that load code from Bit.ly, Goo.gl, Is.gd, Tr.im, Ow.ly and other types of shortened URLs. For example:

<iframe src="hxxps://tr[.]im/5UJJa" width="0" height="0" frameborder="0"></iframe>

Affecting: Any web site (no specific target).