The complexity of websites is making extremely difficult for an analyst to investigate what is going on on a simple phishing website loading a few resources, it is barely doable on websites embedding ads content and loading sometimes over a thousand URLs in a few seconds, before the user has time to do anything, and give any kind of consent as required by laws like GDPR or CCPA.
In order to assist analysts to investigate a website, we developed Lookyloo. The goal is to help analysts, sysadmins, investigators and ever the odd lawyer or two, by allowing lookyloo users to control as many parameters (user agent, cookies, referers) as possible in order to compare captures over time.
Raphaël Vinot ,
Raphaël is a member is the Computer Incident Response Center Luxembourg, and developed or participated to the development of a lot of tools in order to support incident response. He's also explaining how the internet works to kids and adults on a regular basis, even if he's been doing that a bit less over the last year...