mirror of https://github.com/CIRCL/lookyloo
111 lines
3.4 KiB
HTML
111 lines
3.4 KiB
HTML
{% from "macros.html" import shorten_string %}
|
|
|
|
<div>
|
|
{% if urlscan %}
|
|
<hr>
|
|
<center>
|
|
<h1 class="display-4">urlscan.io</h1>
|
|
<div>
|
|
{% if urlscan.get('permaurl') %}
|
|
<p>A scan was triggered for this capture,
|
|
<a href="{{ urlscan['permaurl'] }}">click to view it</a> on urlscan.io.</p>
|
|
{% if urlscan['malicious']%}
|
|
<p>It is considered malicious.</p>
|
|
{% endif%}
|
|
{% if urlscan['tags'] %}
|
|
<p>It is tagged as {{ ','.join(urlscan['tags']) }}.</p>
|
|
{% endif%}
|
|
|
|
{% elif urlscan.get('error_message') %}
|
|
<p> Unable to trigger the scan, urlscan.io returned the following message:</p>
|
|
<p class="font-italic">{{ urlscan.get('error_message') }}</p>
|
|
{% endif%}
|
|
</div>
|
|
</center>
|
|
{% endif%}
|
|
{% if phishtank and phishtank.get('urls') or phishtank.get('ips_hits') %}
|
|
<hr>
|
|
<center>
|
|
<h1 class="display-4">Phishtank</h1>
|
|
<div>
|
|
{% if phishtank.get('urls') %}
|
|
<p class="lead">Phishtank flagged the URLs below as phishing</p>
|
|
<dl class="row">
|
|
{% for url, permaurl in phishtank['urls'].items() %}
|
|
<dt class="col-sm-7">{{ shorten_string(url, 150) }}</dt>
|
|
<dd class="col-sm-3"><a href="{{ permaurl }}">View on phishtank</a></li></dd>
|
|
{% endfor %}
|
|
</dl>
|
|
{% endif%}
|
|
|
|
{% if phishtank.get('ips_hits') %}
|
|
<p class="lead">The IPs below are in the tree and are flagged as phishing on Phishtank</p>
|
|
{% for ip, entries in phishtank['ips_hits'].items() %}
|
|
<p>{{ ip }}</p>
|
|
<dl class="row">
|
|
{% for related_url, permaurl in entries %}
|
|
<dt class="col-sm-7">{{ shorten_string(related_url, 150) }}</dt>
|
|
<dd class="col-sm-3"><a href="{{ permaurl }}">View on phishtank</a></li></dd>
|
|
{% endfor %}
|
|
</dl>
|
|
{% endfor %}
|
|
{% endif%}
|
|
</div>
|
|
</center>
|
|
{% endif%}
|
|
{% if urlhaus and urlhaus.get('urls') %}
|
|
<hr>
|
|
<center>
|
|
<h1 class="display-4">URL Haus</h1>
|
|
<div>
|
|
{% if urlhaus.get('urls') %}
|
|
<p class="lead">URL Haus knows the URLs below</p>
|
|
<dl class="row">
|
|
{% for entry in urlhaus['urls'] %}
|
|
<dt class="col-sm-7">{{ shorten_string(entry['url'], 150) }}</dt>
|
|
<dd class="col-sm-3"><a href="{{ entry['urlhaus_reference'] }}">View on URL Haus</a></li></dd>
|
|
{% endfor %}
|
|
</dl>
|
|
{% endif%}
|
|
</div>
|
|
</center>
|
|
{% endif%}
|
|
{% if vt %}
|
|
<hr>
|
|
<center><h1 class="display-4">Virus Total</h1></center>
|
|
{% for url, entries in vt.items() %}
|
|
<div class="border-top my-3"></div>
|
|
<center>
|
|
<h3><small class="text-muted">URL</small>
|
|
{{ shorten_string(url, 50, with_title=True) }}
|
|
</h3>
|
|
</center>
|
|
{% if entries['malicious'] %}
|
|
<center>
|
|
<p class="lead">Detected as malicious by the following vendors</p>
|
|
<dl class="row">
|
|
{% for e in entries['malicious'] %}
|
|
<dt class="col-sm-3">{{ e[0] }}</dt>
|
|
<dd class="col-sm-3">{{ e[1] }}</dd>
|
|
{% endfor %}
|
|
</center>
|
|
</dl>
|
|
{% else %}
|
|
<p class="lead">No vendors consider this URL as malicious.</p>
|
|
{% endif%}
|
|
<h5 class="text-right"><a href="{{ entries['permaurl'] }}">Full report on VirusTotal</a></h5>
|
|
{% endfor %}
|
|
{% endif%}
|
|
{% if pi%}
|
|
<center><h1 class="display-4">Phishing Initiative</h1></center>
|
|
{% for url, tag in pi.items() %}
|
|
<center>
|
|
<h3><small class="text-muted">URL</small>
|
|
{{ shorten_string(url, 50, with_title=True) }}
|
|
</h3>
|
|
<div>This URL is tagged as <b>{{ tag }}</b> on Phishing Initiative</div>
|
|
</center>
|
|
{% endfor %}
|
|
{% endif%}
|
|
</div>
|