Lookyloo Interface
Start a New Capture
You can start a Lookyloo capture navigating to our website instance. Enter https://lookyloo.circl.lu/
in a browser. On the loaded page click Start a new capture.

Enter the the required fields to start a capture.
Capture Visualization
The Lookyloo interface is comprised of the following:
-
Tree of Domains
-
Lookyloo Menu
-
Tree Details
-
Legend

Lookyloo Menu
-
Go back to index: Return to the index page (list of all the captures)
-
Show third party reports: (Optional) Query 3rd party services and display the result
-
Manage categories: (Optional) Manage the categories attached to this capture
-
Show statistics: Overview of the number of unique URLs/Hostnames, and cookies present in the capture
-
Download redirects: Download the redirects up to the final URL as displayed in the browser (text file)
-
Download screenshot: Download the screenshot of the page as it yould be displayed in the browser
-
Show screenshot: Show the screenshot of the page as it yould be displayed in the browser
-
Notify by mail: (Optional) Send a notification to the entity managing the platform
Tree Details
-
Root URL: Initial URL of the capture, before any processing
-
Start time: Start time of the capture
-
User Agent: User Agent passed to the capture
-
OS: Full text name of the Operating system (extracted from the User Agent)
-
Browser: Full text name of the browser (extracted from the User Agent)
Legend

-
Known node: The node only contains resources that are either part of CDNJS, or marked as known in lookyloo. Click on the hostname for details.
-
Malicious node: The node only contains resources that are marked as malicious in lookyloo. Click on the hostname for details.
-
Insecure requests: At least one for the requests in the node is unencrypted (HTTP).
-
Empty responses: All the responses in the node are empty.
-
Javascript: The responses contain javascript.
-
Cookie received: The responses contain cookies.
-
Cookie read: The requests contain cookies (cookies are sent to the server).
-
Redirect: The requests contain redirects.
-
Font: The responses contain fonts.
-
HTML: The responses contain HTML.
-
JSON: The responses contain Json.
-
CSS: The responses contain CSS.
-
EXE: The responses contain executables.
-
Image: The responses contain images
-
Video: The responses contain videos
-
iFrame: The responses are loaded from iFrames.
-
Content type not set/unknown: The content of the responses is unknown.