tools-basket.com
Open in
urlscan Pro
13.32.27.71
Public Scan
Effective URL: https://tools-basket.com/browser-extension/safeMode/index.html?to=aHR0cHM6Ly90cmFja2luZy50cmFja2luZ3JvdXRlci5jb20vY2xpY2s...
Submission: On November 12 via api from LU — Scanned from NL
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 16th 2023. Valid for: a year.
This is the only time tools-basket.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 35.204.193.90 35.204.193.90 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
4 | 13.32.27.71 13.32.27.71 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 34.90.81.51 34.90.81.51 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
5 | 3 |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 90.193.204.35.bc.googleusercontent.com
tracking.trackingrouter.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-71.fra56.r.cloudfront.net
tools-basket.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.81.90.34.bc.googleusercontent.com
tracking.prtrackings.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
tools-basket.com
tools-basket.com |
48 KB |
1 |
prtrackings.com
tracking.prtrackings.com — Cisco Umbrella Rank: 240039 |
813 B |
1 |
trackingrouter.com
1 redirects
tracking.trackingrouter.com — Cisco Umbrella Rank: 454847 |
440 B |
5 | 3 |
Domain | Requested by | |
---|---|---|
4 | tools-basket.com |
tools-basket.com
|
1 | tracking.prtrackings.com |
tools-basket.com
|
1 | tracking.trackingrouter.com | 1 redirects |
5 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
tracking.trackingrouter.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
bestdailyrewards.com Sectigo RSA Domain Validation Secure Server CA |
2023-03-16 - 2024-04-14 |
a year | crt.sh |
offers.primerevenues.com Sectigo RSA Domain Validation Secure Server CA |
2023-01-09 - 2024-02-08 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://tools-basket.com/browser-extension/safeMode/index.html?to=aHR0cHM6Ly90cmFja2luZy50cmFja2luZ3JvdXRlci5jb20vY2xpY2s/b2ZmZXJfaWQ9MjQzNDc3NSZwaWQ9NiZzdWIxPTE2ODA4NDM2MjExMDAwMTBUUk9UVjQxMzMzMjU2ODk5NFZjJnN1YjI9MzEwNDM4Nw==
Frame ID: 96B574E8E967948DA9472E08BB5A366B
Requests: 6 HTTP requests in this frame
Screenshot
Page Title
Safe modePage URL History Show full URLs
-
https://tracking.trackingrouter.com/click?pid=6&offer_id=2434775&l=1680598431&to=aHR0cHM6Ly90cmFja2luZy50cmFja2l...
HTTP 302
https://tools-basket.com/browser-extension/safeMode/index.html?to=aHR0cHM6Ly90cmFja2luZy50cmFja2luZ3J... Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
basket.js (JavaScript Libraries) Expand
Detected patterns
- basket.*\.js
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Install
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://tracking.trackingrouter.com/click?pid=6&offer_id=2434775&l=1680598431&to=aHR0cHM6Ly90cmFja2luZy50cmFja2luZ3JvdXRlci5jb20vY2xpY2s/cGlkPTYmb2ZmZXJfaWQ9MjQzNDc3NQ==&sub1=1680843621100010TROTV413332568994Vc&sub2=3104387
HTTP 302
https://tools-basket.com/browser-extension/safeMode/index.html?to=aHR0cHM6Ly90cmFja2luZy50cmFja2luZ3JvdXRlci5jb20vY2xpY2s/b2ZmZXJfaWQ9MjQzNDc3NSZwaWQ9NiZzdWIxPTE2ODA4NDM2MjExMDAwMTBUUk9UVjQxMzMzMjU2ODk5NFZjJnN1YjI9MzEwNDM4Nw== Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
5 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
index.html
tools-basket.com/browser-extension/safeMode/ Redirect Chain
|
25 KB 26 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
tools-basket.com/browser-extension/safeMode/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
translateelement.css
tools-basket.com/browser-extension/safeMode/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fileZip.png
tools-basket.com/browser-extension/safeMode/ |
23 KB 23 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
preland.js
tracking.prtrackings.com/ |
1 KB 813 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
492 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture function| checkBrowser object| d string| to function| base64_decode function| getParameterByName string| afurl2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
tracking.trackingrouter.com/ | Name: afclick Value: 65508a8b6ebed200013ac8e9 |
|
tracking.trackingrouter.com/ | Name: afoffers Value: {"2434775":1699777163} |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
tools-basket.com
tracking.prtrackings.com
tracking.trackingrouter.com
13.32.27.71
34.90.81.51
35.204.193.90
2e898095bacd02d29dacf21f6ecb896a313a8cbc002ce7e87d491699cc404c58
32cbabcc9e41fa2129708a6001ab15a55a0a6a97b1880691666fa45ef13edac4
c5bb019b840813826973f15575dc71b2c3089dfa47626af84e9c0dcbb55cff57
efdb5c069d3bf0839c26d33ca83b60ff9df84a3f1e885526f71a03ece7d9822d