Lookyloo Interface

Start a New Capture

You can start a Lookyloo capture navigating to our website instance. Enter https://lookyloo.circl.lu/ in a browser. On the loaded page click Start a new capture.

lookyloo start new capture

Enter the the required fields to start a capture.

Capture Visualization

The Lookyloo interface is comprised of the following:

  • Tree of Domains

  • Lookyloo Menu

  • Tree Details

  • Legend

GitHub Capture

Tree of Domains

Lookyloo displays a tree of the domains that call one another.

Lookyloo Menu

  • Go back to index: Return to the index page (list of all the captures)

  • Show third party reports: (Optional) Query 3rd party services and display the result

  • Manage categories: (Optional) Manage the categories attached to this capture

  • Show statistics: Overview of the number of unique URLs/Hostnames, and cookies present in the capture

  • Download redirects: Download the redirects up to the final URL as displayed in the browser (text file)

  • Download screenshot: Download the screenshot of the page as it yould be displayed in the browser

  • Show screenshot: Show the screenshot of the page as it yould be displayed in the browser

  • Notify by mail: (Optional) Send a notification to the entity managing the platform

Tree Details

  • Root URL: Initial URL of the capture, before any processing

  • Start time: Start time of the capture

  • User Agent: User Agent passed to the capture

  • OS: Full text name of the Operating system (extracted from the User Agent)

  • Browser: Full text name of the browser (extracted from the User Agent)

Legend

sample github legend
  • Known node: The node only contains resources that are either part of CDNJS, or marked as known in lookyloo. Click on the hostname for details.

  • Malicious node: The node only contains resources that are marked as malicious in lookyloo. Click on the hostname for details.

  • Insecure requests: At least one for the requests in the node is unencrypted (HTTP).

  • Empty responses: All the responses in the node are empty.

  • Javascript: The responses contain javascript.

  • Cookie received: The responses contain cookies.

  • Cookie read: The requests contain cookies (cookies are sent to the server).

  • Redirect: The requests contain redirects.

  • Font: The responses contain fonts.

  • HTML: The responses contain HTML.

  • JSON: The responses contain Json.

  • CSS: The responses contain CSS.

  • EXE: The responses contain executables.

  • Image: The responses contain images

  • Video: The responses contain videos

  • iFrame: The responses are loaded from iFrames.

  • Content type not set/unknown: The content of the responses is unknown.