tools-basket.com - urlscan.io

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 5 HTTP transactions. The main IP is 13.32.27.71, located in United States and belongs to AMAZON-02, US. The main domain is tools-basket.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 16th 2023. Valid for: a year.

This is the only time tools-basket.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	35.204.193.90 35.204.193.90	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	13.32.27.71 13.32.27.71	16509 (AMAZON-02) (AMAZON-02)
1	34.90.81.51 34.90.81.51	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	3

1 35.204.193.90 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 90.193.204.35.bc.googleusercontent.com

tracking.trackingrouter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.32.27.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-71.fra56.r.cloudfront.net

tools-basket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.90.81.51 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.81.90.34.bc.googleusercontent.com

tracking.prtrackings.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	tools-basket.com tools-basket.com	48 KB
1	prtrackings.com tracking.prtrackings.com — Cisco Umbrella Rank: 240039	813 B
1	trackingrouter.com 1 redirects tracking.trackingrouter.com — Cisco Umbrella Rank: 454847	440 B
5	3

	Domain	Requested by
4	tools-basket.com	tools-basket.com
1	tracking.prtrackings.com	tools-basket.com
1	tracking.trackingrouter.com	1 redirects
5	3

This site contains links to these domains. Also see Links.

Domain
tracking.trackingrouter.com

Subject Issuer	Validity	Valid
bestdailyrewards.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-16` - `2024-04-14`	a year	crt.sh
offers.primerevenues.com Sectigo RSA Domain Validation Secure Server CA	`2023-01-09` - `2024-02-08`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://tools-basket.com/browser-extension/safeMode/index.html?to=aHR0cHM6Ly90cmFja2luZy50cmFja2luZ3JvdXRlci5jb20vY2xpY2s/b2ZmZXJfaWQ9MjQzNDc3NSZwaWQ9NiZzdWIxPTE2ODA4NDM2MjExMDAwMTBUUk9UVjQxMzMzMjU2ODk5NFZjJnN1YjI9MzEwNDM4Nw==
Frame ID: 96B574E8E967948DA9472E08BB5A366B
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Safe mode

Page URL History Show full URLs

https://tracking.trackingrouter.com/click?pid=6&offer_id=2434775&l=1680598431&to=aHR0cHM6Ly90cmFja2luZy50cmFja2l... HTTP 302
https://tools-basket.com/browser-extension/safeMode/index.html?to=aHR0cHM6Ly90cmFja2luZy50cmFja2luZ3J... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

basket.js (JavaScript Libraries) Expand

Overall confidence: 10%
Detected patterns

basket.*\.js

Page Statistics

5
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

49 kB
Transfer

50 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://tracking.trackingrouter.com/click?offer_id=2434775&pid=6&sub1=1680843621100010TROTV413332568994Vc&sub2=3104387
Title: Install

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://tracking.trackingrouter.com/click?pid=6&offer_id=2434775&l=1680598431&to=aHR0cHM6Ly90cmFja2luZy50cmFja2luZ3JvdXRlci5jb20vY2xpY2s/cGlkPTYmb2ZmZXJfaWQ9MjQzNDc3NQ==&sub1=1680843621100010TROTV413332568994Vc&sub2=3104387 HTTP 302
https://tools-basket.com/browser-extension/safeMode/index.html?to=aHR0cHM6Ly90cmFja2luZy50cmFja2luZ3JvdXRlci5jb20vY2xpY2s/b2ZmZXJfaWQ9MjQzNDc3NSZwaWQ9NiZzdWIxPTE2ODA4NDM2MjExMDAwMTBUUk9UVjQxMzMzMjU2ODk5NFZjJnN1YjI9MzEwNDM4Nw== Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request index.html Show response tools-basket.com/browser-extension/safeMode/ Redirect Chain https://tracking.trackingrouter.com/click?pid=6&offer_id=2434775&l=1680598431&to=aHR0cHM6Ly90cmFja2luZy50cmFja2luZ3JvdXRlci5jb20vY2xpY2s/cGlkPTYmb2ZmZXJfaWQ9MjQzNDc3NQ==&sub1=1680843621100010TROTV4... https://tools-basket.com/browser-extension/safeMode/index.html?to=aHR0cHM6Ly90cmFja2luZy50cmFja2luZ3JvdXRlci5jb20vY2xpY2s/b2ZmZXJfaWQ9MjQzNDc3NSZwaWQ9NiZzdWIxPTE2ODA4NDM2MjExMDAwMTBUUk9UVjQxMzMzMjU...	25 KB 26 KB	131ms 41ms	Document text/html	13.32.27.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tools-basket.com/browser-extension/safeMode/index.html?to=aHR0cHM6Ly90cmFja2luZy50cmFja2luZ3JvdXRlci5jb20vY2xpY2s/b2ZmZXJfaWQ9MjQzNDc3NSZwaWQ9NiZzdWIxPTE2ODA4NDM2MjExMDAwMTBUUk9UVjQxMzMzMjU2ODk5NFZjJnN1YjI9MzEwNDM4Nw== Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-71.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash `efdb5c069d3bf0839c26d33ca83b60ff9df84a3f1e885526f71a03ece7d9822d` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.29 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers age 77977 content-length 25808 content-type text/html date Sat, 11 Nov 2023 10:39:47 GMT etag "a4d80855b94594d01a5650972fa5e166" last-modified Wed, 15 Feb 2023 07:33:45 GMT server AmazonS3 via 1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront) x-amz-cf-id T6K5Rtf6iGcvJoii60TFTt9kmjcW2Dcj8grRVI5Wttu3ijjhlnm0Jw== x-amz-cf-pop FRA56-C2 x-cache Hit from cloudfront Redirect headers access-control-allow-origin * content-length 0 date Sun, 12 Nov 2023 08:19:23 GMT location https://tools-basket.com/browser-extension/safeMode/index.html?to=aHR0cHM6Ly90cmFja2luZy50cmFja2luZ3JvdXRlci5jb20vY2xpY2s/b2ZmZXJfaWQ9MjQzNDc3NSZwaWQ9NiZzdWIxPTE2ODA4NDM2MjExMDAwMTBUUk9UVjQxMzMzMjU2ODk5NFZjJnN1YjI9MzEwNDM4Nw== server nginx x-adjust-use-original-forwarded-for 1
GET H2	404	bootstrap.min.css tools-basket.com/browser-extension/safeMode/	0 0	175ms 174ms	Stylesheet text/html	13.32.27.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tools-basket.com/browser-extension/safeMode/bootstrap.min.css Requested by Host: tools-basket.com URL: https://tools-basket.com/browser-extension/safeMode/index.html?to=aHR0cHM6Ly90cmFja2luZy50cmFja2luZ3JvdXRlci5jb20vY2xpY2s/b2ZmZXJfaWQ9MjQzNDc3NSZwaWQ9NiZzdWIxPTE2ODA4NDM2MjExMDAwMTBUUk9UVjQxMzMzMjU2ODk5NFZjJnN1YjI9MzEwNDM4Nw== Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-71.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash Request headers Referer https://tools-basket.com/browser-extension/safeMode/index.html?to=aHR0cHM6Ly90cmFja2luZy50cmFja2luZ3JvdXRlci5jb20vY2xpY2s/b2ZmZXJfaWQ9MjQzNDc3NSZwaWQ9NiZzdWIxPTE2ODA4NDM2MjExMDAwMTBUUk9UVjQxMzMzMjU2ODk5NFZjJnN1YjI9MzEwNDM4Nw== Origin https://tools-basket.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.29 Safari/537.36 Response headers date Sun, 12 Nov 2023 08:19:22 GMT via 1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront) server AmazonS3 x-amz-cf-pop FRA56-C2 x-cache Error from cloudfront content-type text/html; charset=utf-8 content-length 572 x-amz-cf-id Tnkl3GOqhMUwOp3PMaHuzXdC3o8fTZ36zpmowBoCnkwvrzvit6PnuQ==
GET H2	404	translateelement.css tools-basket.com/browser-extension/safeMode/	0 0	275ms 274ms	Stylesheet text/html	13.32.27.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tools-basket.com/browser-extension/safeMode/translateelement.css Requested by Host: tools-basket.com URL: https://tools-basket.com/browser-extension/safeMode/index.html?to=aHR0cHM6Ly90cmFja2luZy50cmFja2luZ3JvdXRlci5jb20vY2xpY2s/b2ZmZXJfaWQ9MjQzNDc3NSZwaWQ9NiZzdWIxPTE2ODA4NDM2MjExMDAwMTBUUk9UVjQxMzMzMjU2ODk5NFZjJnN1YjI9MzEwNDM4Nw== Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-71.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash Request headers accept-language nl-NL,nl;q=0.9 Referer https://tools-basket.com/browser-extension/safeMode/index.html?to=aHR0cHM6Ly90cmFja2luZy50cmFja2luZ3JvdXRlci5jb20vY2xpY2s/b2ZmZXJfaWQ9MjQzNDc3NSZwaWQ9NiZzdWIxPTE2ODA4NDM2MjExMDAwMTBUUk9UVjQxMzMzMjU2ODk5NFZjJnN1YjI9MzEwNDM4Nw== User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.29 Safari/537.36 Response headers date Sun, 12 Nov 2023 08:19:23 GMT via 1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront) server AmazonS3 x-amz-cf-pop FRA56-C2 x-cache Error from cloudfront content-type text/html; charset=utf-8 content-length 575 x-amz-cf-id M2ZpEUJzvwb-TWfcnwW8wGCaaTLDHkmcfoAijY7pP-zSppXp8cEObw==
GET H2	200	fileZip.png tools-basket.com/browser-extension/safeMode/	23 KB 23 KB	45ms 44ms	Image image/png	13.32.27.71 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://tools-basket.com/browser-extension/safeMode/fileZip.png Requested by Host: tools-basket.com URL: https://tools-basket.com/browser-extension/safeMode/index.html?to=aHR0cHM6Ly90cmFja2luZy50cmFja2luZ3JvdXRlci5jb20vY2xpY2s/b2ZmZXJfaWQ9MjQzNDc3NSZwaWQ9NiZzdWIxPTE2ODA4NDM2MjExMDAwMTBUUk9UVjQxMzMzMjU2ODk5NFZjJnN1YjI9MzEwNDM4Nw== Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-71.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash `c5bb019b840813826973f15575dc71b2c3089dfa47626af84e9c0dcbb55cff57` Request headers accept-language nl-NL,nl;q=0.9 Referer https://tools-basket.com/browser-extension/safeMode/index.html?to=aHR0cHM6Ly90cmFja2luZy50cmFja2luZ3JvdXRlci5jb20vY2xpY2s/b2ZmZXJfaWQ9MjQzNDc3NSZwaWQ9NiZzdWIxPTE2ODA4NDM2MjExMDAwMTBUUk9UVjQxMzMzMjU2ODk5NFZjJnN1YjI9MzEwNDM4Nw== User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.29 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:39:47 GMT via 1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront) last-modified Wed, 15 Feb 2023 05:59:48 GMT server AmazonS3 x-amz-cf-pop FRA56-C2 age 77977 etag "9a4b798240ee47c9388677857c8b73a8" x-cache Hit from cloudfront content-type image/png content-length 23073 x-amz-cf-id tpWtG5kXZJp0txzu-oUGusOLRwYnS4SvRnts9CRlXTtylXWeBUvQhw==
GET H2	200	preland.js Show response tracking.prtrackings.com/	1 KB 813 B	109ms 29ms	Script application/javascript	34.90.81.51 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://tracking.prtrackings.com/preland.js Requested by Host: tools-basket.com URL: https://tools-basket.com/browser-extension/safeMode/index.html?to=aHR0cHM6Ly90cmFja2luZy50cmFja2luZ3JvdXRlci5jb20vY2xpY2s/b2ZmZXJfaWQ9MjQzNDc3NSZwaWQ9NiZzdWIxPTE2ODA4NDM2MjExMDAwMTBUUk9UVjQxMzMzMjU2ODk5NFZjJnN1YjI9MzEwNDM4Nw== Protocol H2 Security TLS 1.3, , AES_256_GCM Server 34.90.81.51 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 51.81.90.34.bc.googleusercontent.com Software nginx / Resource Hash `2e898095bacd02d29dacf21f6ecb896a313a8cbc002ce7e87d491699cc404c58` Request headers accept-language nl-NL,nl;q=0.9 Referer https://tools-basket.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.29 Safari/537.36 Response headers access-control-allow-origin * date Sun, 12 Nov 2023 08:19:23 GMT content-encoding gzip server nginx content-type application/javascript
GET DATA	200 OK	truncated /	492 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `32cbabcc9e41fa2129708a6001ab15a55a0a6a97b1880691666fa45ef13edac4` Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.29 Safari/537.36 Response headers Content-Type image/png

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			tracking.trackingrouter.com/	1970-01-21 00:55:13	Name: afclick Value: 65508a8b6ebed200013ac8e9
			tracking.trackingrouter.com/	1970-01-21 00:55:13	Name: afoffers Value: {"2434775":1699777163}

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://tools-basket.com/browser-extension/safeMode/bootstrap.min.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://tools-basket.com/browser-extension/safeMode/translateelement.css Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

tools-basket.com
tracking.prtrackings.com
tracking.trackingrouter.com
13.32.27.71
34.90.81.51
35.204.193.90
2e898095bacd02d29dacf21f6ecb896a313a8cbc002ce7e87d491699cc404c58
32cbabcc9e41fa2129708a6001ab15a55a0a6a97b1880691666fa45ef13edac4
c5bb019b840813826973f15575dc71b2c3089dfa47626af84e9c0dcbb55cff57
efdb5c069d3bf0839c26d33ca83b60ff9df84a3f1e885526f71a03ece7d9822d

tools-basket.com Open in urlscan Pro 13.32.27.71 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

5 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

49 kBTransfer

50 kBSize

2 Cookies

1 Outgoing links

Page URL History

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

2 Cookies

2 Console Messages

Indicators

tools-basket.com Open in urlscan Pro
13.32.27.71 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

49 kB
Transfer

50 kB
Size

2
Cookies

5 HTTP transactions
1 data transactions