Shortening URLs allows to deal with the problem of sharing difficult to digest internet page references. To avoid suffering from the various pitfalls of commercial online services, Fondation Restena deployed a public service for the attention of the Education and Research community--edu.lu & NGSOTI projects--. It leverages the OSS tool "short" from SURFnet.nl/edu.nl. In light of further securing our service and avoiding to shorten potentially malicious URLs, we are currently working on complementing the shortener with an URL Checker internal service in the backend: production target is February 2026, as per NGSOTI. The URL Checker Webservice will in the future collect the qualification of the scanned URLs, potentially orchestrate periodic rescans, interface with the URL Shortener Service and contribute to the open reporting of unsafe URLs.
Under the hood, the webservice will specifically leverage internally designed tools that request analyses from various providers (depending on URL's type: from open "local" sources--Lookyloo/MISP--or from "external" providers--VirusTotal,...--), as well as perform more targeted local sanity and security check actions. In addition, we intend to evaluate how running locally checks--YARA rules--can help us in catching potentially unreported malicious URLs and avoid completely external commercial dependencies.
By fusing all these results, the URL Checker Tools will derive indicators and finally triage URLs as safe or unsafe.
In the current talk, we put the focus and provide insights into the development of the URL Checker Tools, sharing our observations and analyses while exploring our results.