In [1]:
# Import necessary libraries
import re  # For pattern matching
import requests  # For making HTTP requests

In [2]:
def is_suspicious_url(url):
    """
    Analyze a URL for suspicious patterns.
    """
    # Define suspicious patterns
    phishing_patterns = [
        r"http[s]?://\d+\.\d+\.\d+\.\d+",  # IP-based URL
        r"@",  # "@" symbol in the URL
        r"free|login|verify|click|update",  # Common phishing keywords
    ]

    # Check for patterns
    for pattern in phishing_patterns:
        if re.search(pattern, url):
            return True  # Suspicious pattern found
    return False  # No suspicious patterns

In [3]:
def check_url_redirects(url):
    """
    Check if a URL redirects and return the final destination.
    """
    try:
        # Send an HTTP HEAD request
        response = requests.head(url, allow_redirects=True, timeout=5)

        # If redirected, the final URL will differ
        if response.url != url:
            return f"Redirect detected: {response.url}"
        return "No redirect"
    except Exception as e:
        return f"Error accessing URL: {e}"

In [4]:
def phishing_link_scanner(url):
    """
    Scan a URL for phishing indicators.
    """
    if is_suspicious_url(url):
        return "Suspicious URL detected (Pattern match)"

    redirection_result = check_url_redirects(url)
    return redirection_result

In [5]:
# List of test URLs
test_urls = [
    "http://192.168.1.1",  # IP-based URL
    "http://example.com/login",  # Contains phishing keywords
    "https://securebank.com@malicious-site.net",  # "@" symbol
    "https://www.google.com"  # Safe URL
]

# Test the URLs
for url in test_urls:
    result = phishing_link_scanner(url)
    print(f"URL: {url} -> {result}")

URL: http://192.168.1.1 -> Suspicious URL detected (Pattern match)
URL: http://example.com/login -> Suspicious URL detected (Pattern match)
URL: https://securebank.com@malicious-site.net -> Suspicious URL detected (Pattern match)
URL: https://www.google.com -> Redirect detected: https://www.google.com/


# **Running the Basic URL Pattern Detection**

In [6]:
def is_suspicious_url(url):
    phishing_patterns = [
        r"http[s]?://\d+\.\d+\.\d+\.\d+",  # IP-based URL
        r"@",  # "@" symbol in the URL
        r"free|login|verify|click|update",  # Common phishing keywords
    ]
    for pattern in phishing_patterns:
        if re.search(pattern, url):
            return True
    return False

# Test URLs
test_urls = [
    "http://192.168.1.1",
    "http://example.com/login",
    "https://securebank.com@malicious-site.net",
    "https://www.google.com"
]

# Test pattern detection
for url in test_urls:
    print(f"URL: {url} -> Suspicious: {is_suspicious_url(url)}")

URL: http://192.168.1.1 -> Suspicious: True
URL: http://example.com/login -> Suspicious: True
URL: https://securebank.com@malicious-site.net -> Suspicious: True
URL: https://www.google.com -> Suspicious: False


# **Running the URL Redirection Detection**

In [7]:
def check_url_redirects(url):
    try:
        response = requests.head(url, allow_redirects=True, timeout=5)
        if response.url != url:
            return f"Redirect detected: {response.url}"
        return "No redirect"
    except Exception as e:
        return f"Error accessing URL: {e}"

# Test URL redirections
for url in test_urls:
    print(f"URL: {url} -> {check_url_redirects(url)}")

URL: http://192.168.1.1 -> Error accessing URL: HTTPConnectionPool(host='192.168.1.1', port=80): Max retries exceeded with url: / (Caused by ConnectTimeoutError(<urllib3.connection.HTTPConnection object at 0x7b65d8b14520>, 'Connection to 192.168.1.1 timed out. (connect timeout=5)'))
URL: http://example.com/login -> No redirect
URL: https://securebank.com@malicious-site.net -> Error accessing URL: HTTPSConnectionPool(host='malicious-site.net', port=443): Max retries exceeded with url: / (Caused by NameResolutionError("<urllib3.connection.HTTPSConnection object at 0x7b65d8b17cd0>: Failed to resolve 'malicious-site.net' ([Errno -2] Name or service not known)"))
URL: https://www.google.com -> Redirect detected: https://www.google.com/


# **Running the Full Phishing Link Scanner**

In [8]:
def phishing_link_scanner(url):
    if is_suspicious_url(url):
        return "Suspicious URL detected (Pattern match)"
    return check_url_redirects(url)

# Full scan
for url in test_urls:
    result = phishing_link_scanner(url)
    print(f"URL: {url} -> {result}")

URL: http://192.168.1.1 -> Suspicious URL detected (Pattern match)
URL: http://example.com/login -> Suspicious URL detected (Pattern match)
URL: https://securebank.com@malicious-site.net -> Suspicious URL detected (Pattern match)
URL: https://www.google.com -> Redirect detected: https://www.google.com/
