A bookmarklet for OSINT fraud investigations and cybersecurity research

Scam Surface Mapper is a browser bookmarklet designed for OSINT investigators, fact-checkers, and cybersecurity researchers. It analyzes web pages to identify and visualize potential scam infrastructure by mapping outgoing links, analyzing suspicious domains, tracking parameters, and presenting findings in an interactive graph interface. The tool was created with the assistance of Perplexity AI.

1. Copy the code: Open scam-surface-mapper.js and copy the entire content
2. Create new bookmark
3. Paste code: Set the URL field to the copied JavaScript code
4. Name it: Set name to "Scam Surface Mapper"
5. Save bookmark

1. Navigate to any suspicious webpage you want to analyze
2. Click the "Scam Surface Mapper" bookmark
3. Explore the analysis in the overlay interface

• Summary: Risk-ordered list of discovered hosts with detailed metrics
• Raw Links: Complete list of all discovered URLs with analysis
• Graph: Interactive visualization of host relationships

• Copy JSON: Copy complete analysis data to clipboard
• Download CSV: Export host and link data as CSV files
• Download JSON: Save complete analysis as JSON file
• Save PNG: Export graph visualization as image
• Fullscreen: Toggle fullscreen mode for better visibility
• Close: Close the analysis overlay

• Drag nodes: Click and drag to reposition graph elements
• Right-click nodes: Open context menu for OSINT actions

1. Initial Analysis: Run bookmarklet on suspicious landing page
2. Risk Assessment: Review summary tab for high-scoring domains
3. Domain Investigation: Right-click high-risk domains → SecurityTrails/urlscan.io
4. Data Export: Download JSON/CSV for further analysis or reporting
5. Documentation: Save graph PNG for investigation reports

• Mapping affiliate networks and redirect chains
• Identifying scam infrastructure clusters
• Tracking UTM campaign parameters
• Documenting fraudulent website relationships

• Analyzing phishing page infrastructure
• Identifying malicious redirect networks
• Mapping cryptocurrency scam operations
• Tracking affiliate marketing fraud

• Studying online fraud ecosystem structures
• Analyzing social engineering campaign infrastructure
• Researching digital manipulation techniques

This tool is designed for:

• ✅ Cybersecurity research and analysis
• ✅ OSINT investigations by authorized professionals
• ✅ Academic research on digital fraud
• ✅ Fact-checking and journalism
• ✅ Personal security awareness

• Tool operates entirely client-side (no data transmitted)
• Only analyzes publicly visible page content
• Exports contain URLs and metadata from the analyzed page
• No tracking or data collection by the tool itself

When using this tool for security research:

• Follow responsible disclosure practices
• Respect website terms of service
• Consider legal implications in your jurisdiction

Support my team on Patreon