r1.tracking.marketing

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 5 HTTP transactions. The main IP is 18.195.174.160, located in Cambridge, United States and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is r1.tracking.marketing.

This is the only time r1.tracking.marketing was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

maccleaner.pkg 7 MB application/x-xar

SHA256: 6cef00485243414b4c1f131abc1da7ff7c3e2149b93e1657d99c45f439c3ac06

MIME: xar archive version 1, SHA-1 checksum

Domain & IP information

	IP Address	AS Autonomous System
2	18.195.174.160 18.195.174.160	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	2600:9000:200... 2600:9000:200c:4400:13:66d4:24c0:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2600:9000:204... 2600:9000:2043:2400:0:bb7c:6000:21	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
5	3

2 18.195.174.160 (Cambridge, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-195-174-160.eu-central-1.compute.amazonaws.com

tracking.marketing	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r1.tracking.marketing	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:200c:4400:13:66d4:24c0:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

secure.speedytools.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2043:2400:0:bb7c:6000:21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

dl.smartmacutils.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	tracking.marketing tracking.marketing r1.tracking.marketing Failed	3 KB
1	smartmacutils.co dl.smartmacutils.co
1	speedytools.live secure.speedytools.live Failed	352 B
5	3

	Domain	Requested by
1	dl.smartmacutils.co	r1.tracking.marketing
1	secure.speedytools.live
1	r1.tracking.marketing	tracking.marketing
1	tracking.marketing
5	4

This site contains no links.

Subject Issuer	Validity	Valid
tracking.marketing COMODO RSA Domain Validation Secure Server CA	`2018-07-05` - `2019-07-05`	a year	crt.sh

This page contains 1 frames:

Frame: http://dl.smartmacutils.co/setups/cpmc/c4/maccleaner.pkg
Frame ID: 950F61FED7B2A79234BA797D15FADFD6
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://tracking.marketing/01b95c32-0288-40d1-a8b2-769770977c46?sc=f1be0f9b-24b9-4ef6-b115-1b6525e2d391... Page URL
http://r1.tracking.marketing/redirect?target=BASE64aHR0cHM6Ly9zZWN1cmUuc3BlZWR5dG9vbHMubGl2ZS8_b3M9bWFjJn... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

5
Requests

20 %
HTTPS

67 %
IPv6

3
Domains

4
Subdomains

3
IPs

1
Countries

3 kB
Transfer

2 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://tracking.marketing/01b95c32-0288-40d1-a8b2-769770977c46?sc=f1be0f9b-24b9-4ef6-b115-1b6525e2d391&zn=hotel-sec-nnvbHMQt&campid=475a5660-5036-4fda-88cf-2d70bc1be504&data=amc-s3 Page URL
http://r1.tracking.marketing/redirect?target=BASE64aHR0cHM6Ly9zZWN1cmUuc3BlZWR5dG9vbHMubGl2ZS8_b3M9bWFjJngtY29udGV4dD13UTBMN0hBQ0VFS0dSTFZMSFMzR0VQOVEmdXRtX3NvdXJjZT1tbWZ4bXJrdGRkbDMmdXRtX2NhbXBhaWduPW1tZnhtcmt0ZGRsM24mcHhsPU1NRjQwNzJfTU1GMzk3Nl9SVU5UJnV0bV9wdWJpZD1ob3RlbC1zZWMtbm52YkhNUXQmeC1hdD05YjgzZWY4YS0zYThiLTQyZDctYjE3YS1mNzUzZDQzNmI0NTAmb3ZlcnJpZGU9MQ&ts=1556027871292&hash=z3sBO6lEU-osONTmDYaeW1uuGcexJpwxqJTjPy6Diwg&rm=DJ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://secure.speedytools.live/?os=mac&x-context=wQ0L7HACEEKGRLVLHS3GEP9Q&utm_source=mmfxmrktddl3&utm_campaign=mmfxmrktddl3n&pxl=MMF4072_MMF3976_RUNT&utm_pubid=hotel-sec-nnvbHMQt&x-at=9b83ef8a-3a8b-42d7-b17a-f753d436b450&override=1 HTTP 302
http://dl.smartmacutils.co/setups/cpmc/c4/maccleaner.pkg

5 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Cookie set 01b95c32-0288-40d1-a8b2-769770977c46 Show response tracking.marketing/	1 KB 2 KB	319ms 16ms	Document text/html	18.195.174.160 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://tracking.marketing/01b95c32-0288-40d1-a8b2-769770977c46?sc=f1be0f9b-24b9-4ef6-b115-1b6525e2d391&zn=hotel-sec-nnvbHMQt&campid=475a5660-5036-4fda-88cf-2d70bc1be504&data=amc-s3 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.195.174.160 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-18-195-174-160.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash `bbcd39f808cc0d0fcf63aeb6f443bb8d410398941ce28fc30db6babb03dc8079` Request headers Host tracking.marketing Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Server nginx Date Tue, 23 Apr 2019 13:57:51 GMT Content-Type text/html;charset=UTF-8 Content-Length 1164 Connection keep-alive Cache-Control no-store, no-cache, pre-check=0, post-check=0 Expires Thu, 01 Jan 1970 00:00:00 GMT Pragma no-cache Set-Cookie 01b95c32-0288-40d1-a8b2-769770977c46-v4=01b95c32-0288-40d1-a8b2-769770977c46;domain=tracking.marketing;path=/;HttpOnly cc-v4=Wm2NqeeTX9W%2B3Y%2FbbL0izd2UmatH8ealSGLGY9d5q%2BNQMLhDt%2BfepmRUt91HazGQI%2BlkwuAECNejKHADDXkPaezZojNZsB7Arzpo6UctuO%2B06rtTSviBaPS%2F9j5XCYi7BlyjEVDPxFYp0pDl6K4ftQ%3D%3D;Max-Age=31536000;Expires=Wed, 22-Apr-2020 13:57:51 GMT;domain=tracking.marketing;path=/;HttpOnly
GET		redirect r1.tracking.marketing/	0 0

GET H/1.1	200 OK	Primary Request redirect Show response r1.tracking.marketing/	756 B 1 KB	90ms 15ms	Document text/html	18.195.174.160 Amazon.com
General Check archive.org Show headers Download Go to Full URL http://r1.tracking.marketing/redirect?target=BASE64aHR0cHM6Ly9zZWN1cmUuc3BlZWR5dG9vbHMubGl2ZS8_b3M9bWFjJngtY29udGV4dD13UTBMN0hBQ0VFS0dSTFZMSFMzR0VQOVEmdXRtX3NvdXJjZT1tbWZ4bXJrdGRkbDMmdXRtX2NhbXBhaWduPW1tZnhtcmt0ZGRsM24mcHhsPU1NRjQwNzJfTU1GMzk3Nl9SVU5UJnV0bV9wdWJpZD1ob3RlbC1zZWMtbm52YkhNUXQmeC1hdD05YjgzZWY4YS0zYThiLTQyZDctYjE3YS1mNzUzZDQzNmI0NTAmb3ZlcnJpZGU9MQ&ts=1556027871292&hash=z3sBO6lEU-osONTmDYaeW1uuGcexJpwxqJTjPy6Diwg&rm=DJ Requested by Host: tracking.marketing URL: https://tracking.marketing/01b95c32-0288-40d1-a8b2-769770977c46?sc=f1be0f9b-24b9-4ef6-b115-1b6525e2d391&zn=hotel-sec-nnvbHMQt&campid=475a5660-5036-4fda-88cf-2d70bc1be504&data=amc-s3 Protocol HTTP/1.1 Server 18.195.174.160 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-18-195-174-160.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash `bee40fcad5f8a0dc415bc611461a7459b440248242bcdfce610b77307a7de3b5` Request headers Host r1.tracking.marketing Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Accept-Encoding gzip, deflate Cookie 01b95c32-0288-40d1-a8b2-769770977c46-v4=01b95c32-0288-40d1-a8b2-769770977c46; cc-v4=Wm2NqeeTX9W%2B3Y%2FbbL0izd2UmatH8ealSGLGY9d5q%2BNQMLhDt%2BfepmRUt91HazGQI%2BlkwuAECNejKHADDXkPaezZojNZsB7Arzpo6UctuO%2B06rtTSviBaPS%2F9j5XCYi7BlyjEVDPxFYp0pDl6K4ftQ%3D%3D Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Server nginx Date Tue, 23 Apr 2019 13:57:51 GMT Content-Type text/html;charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Cache-Control no-store, no-cache, pre-check=0, post-check=0 Expires Thu, 01 Jan 1970 00:00:00 GMT Pragma no-cache
GET		/ secure.speedytools.live/	0 0

GET H/1.1	200 OK	maccleaner.pkg dl.smartmacutils.co/setups/cpmc/c4/ Redirect Chain https://secure.speedytools.live/?os=mac&x-context=wQ0L7HACEEKGRLVLHS3GEP9Q&utm_source=mmfxmrktddl3&utm_campaign=mmfxmrktddl3n&pxl=MMF4072_MMF3976_RUNT&utm_pubid=hotel-sec-nnvbHMQt&x-at=9b83ef8a-3a8... http://dl.smartmacutils.co/setups/cpmc/c4/maccleaner.pkg	0 0	19ms 9ms	Document application/octet-stream	2600:9000:2043:2400:0:bb7c:6000:21 Amazon.com
General Check archive.org Show headers Download Go to Full URL http://dl.smartmacutils.co/setups/cpmc/c4/maccleaner.pkg Requested by Host: r1.tracking.marketing URL: http://r1.tracking.marketing/redirect?target=BASE64aHR0cHM6Ly9zZWN1cmUuc3BlZWR5dG9vbHMubGl2ZS8_b3M9bWFjJngtY29udGV4dD13UTBMN0hBQ0VFS0dSTFZMSFMzR0VQOVEmdXRtX3NvdXJjZT1tbWZ4bXJrdGRkbDMmdXRtX2NhbXBhaWduPW1tZnhtcmt0ZGRsM24mcHhsPU1NRjQwNzJfTU1GMzk3Nl9SVU5UJnV0bV9wdWJpZD1ob3RlbC1zZWMtbm52YkhNUXQmeC1hdD05YjgzZWY4YS0zYThiLTQyZDctYjE3YS1mNzUzZDQzNmI0NTAmb3ZlcnJpZGU9MQ&ts=1556027871292&hash=z3sBO6lEU-osONTmDYaeW1uuGcexJpwxqJTjPy6Diwg&rm=DJ Protocol HTTP/1.1 Server 2600:9000:2043:2400:0:bb7c:6000:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software AmazonS3 / Resource Hash Request headers Host dl.smartmacutils.co Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Referer http://r1.tracking.marketing/redirect?target=BASE64aHR0cHM6Ly9zZWN1cmUuc3BlZWR5dG9vbHMubGl2ZS8_b3M9bWFjJngtY29udGV4dD13UTBMN0hBQ0VFS0dSTFZMSFMzR0VQOVEmdXRtX3NvdXJjZT1tbWZ4bXJrdGRkbDMmdXRtX2NhbXBhaWduPW1tZnhtcmt0ZGRsM24mcHhsPU1NRjQwNzJfTU1GMzk3Nl9SVU5UJnV0bV9wdWJpZD1ob3RlbC1zZWMtbm52YkhNUXQmeC1hdD05YjgzZWY4YS0zYThiLTQyZDctYjE3YS1mNzUzZDQzNmI0NTAmb3ZlcnJpZGU9MQ&ts=1556027871292&hash=z3sBO6lEU-osONTmDYaeW1uuGcexJpwxqJTjPy6Diwg&rm=DJ Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer http://r1.tracking.marketing/redirect?target=BASE64aHR0cHM6Ly9zZWN1cmUuc3BlZWR5dG9vbHMubGl2ZS8_b3M9bWFjJngtY29udGV4dD13UTBMN0hBQ0VFS0dSTFZMSFMzR0VQOVEmdXRtX3NvdXJjZT1tbWZ4bXJrdGRkbDMmdXRtX2NhbXBhaWduPW1tZnhtcmt0ZGRsM24mcHhsPU1NRjQwNzJfTU1GMzk3Nl9SVU5UJnV0bV9wdWJpZD1ob3RlbC1zZWMtbm52YkhNUXQmeC1hdD05YjgzZWY4YS0zYThiLTQyZDctYjE3YS1mNzUzZDQzNmI0NTAmb3ZlcnJpZGU9MQ&ts=1556027871292&hash=z3sBO6lEU-osONTmDYaeW1uuGcexJpwxqJTjPy6Diwg&rm=DJ Response headers Content-Type application/octet-stream Content-Length 7386032 Connection keep-alive Last-Modified Thu, 28 Mar 2019 13:40:15 GMT x-amz-meta-s3b-last-modified 20190328T133618Z Accept-Ranges bytes Server AmazonS3 Date Tue, 23 Apr 2019 05:53:34 GMT ETag "c7d6ff48274ed08cf0a3eb45f5c7afff" Age 30089 X-Cache Hit from cloudfront Via 1.1 b454a0b154ae18408006bc2a9abd88ec.cloudfront.net (CloudFront) X-Amz-Cf-Pop FRA54 X-Amz-Cf-Id jIBpJjlxUmYPLhfPWCrDy-BSP5YZ8OeyFD6L2Z6jw0lBpWNSX4rPpA== Redirect headers status 302 content-type application/json content-length 71 location http://dl.smartmacutils.co/setups/cpmc/c4/maccleaner.pkg date Tue, 23 Apr 2019 13:57:52 GMT x-amzn-requestid c905fff6-65cf-11e9-b0a6-1927e403ad99 x-amz-apigw-id YmD68FMAIAMF-hg= x-amzn-trace-id Root=1-5cbf19df-424d44b59a0d6c1b0479c65b;Sampled=0 x-cache Miss from cloudfront via 1.1 bb93dfaee440e32ac88831363641e2c2.cloudfront.net (CloudFront) x-amz-cf-id 2MxKlho42V36GcxubgCQcIwKiB-W3uJSHtKiGrvuwgQSUdArw7VUxw==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: r1.tracking.marketing
URL: http://r1.tracking.marketing/redirect?target=BASE64aHR0cHM6Ly9zZWN1cmUuc3BlZWR5dG9vbHMubGl2ZS8_b3M9bWFjJngtY29udGV4dD13UTBMN0hBQ0VFS0dSTFZMSFMzR0VQOVEmdXRtX3NvdXJjZT1tbWZ4bXJrdGRkbDMmdXRtX2NhbXBhaWduPW1tZnhtcmt0ZGRsM24mcHhsPU1NRjQwNzJfTU1GMzk3Nl9SVU5UJnV0bV9wdWJpZD1ob3RlbC1zZWMtbm52YkhNUXQmeC1hdD05YjgzZWY4YS0zYThiLTQyZDctYjE3YS1mNzUzZDQzNmI0NTAmb3ZlcnJpZGU9MQ&ts=1556027871292&hash=z3sBO6lEU-osONTmDYaeW1uuGcexJpwxqJTjPy6Diwg&rm=DJ

Domain: secure.speedytools.live
URL: https://secure.speedytools.live/?os=mac&x-context=wQ0L7HACEEKGRLVLHS3GEP9Q&utm_source=mmfxmrktddl3&utm_campaign=mmfxmrktddl3n&pxl=MMF4072_MMF3976_RUNT&utm_pubid=hotel-sec-nnvbHMQt&x-at=9b83ef8a-3a8b-42d7-b17a-f753d436b450&override=1

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.tracking.marketing/	1970-01-19 08:59:23	Name: cc-v4 Value: Wm2NqeeTX9W%2B3Y%2FbbL0izd2UmatH8ealSGLGY9d5q%2BNQMLhDt%2BfepmRUt91HazGQI%2BlkwuAECNejKHADDXkPaezZojNZsB7Arzpo6UctuO%2B06rtTSviBaPS%2F9j5XCYi7BlyjEVDPxFYp0pDl6K4ftQ%3D%3D
			.tracking.marketing/	1969-12-31 23:59:59	Name: 01b95c32-0288-40d1-a8b2-769770977c46-v4 Value: 01b95c32-0288-40d1-a8b2-769770977c46

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dl.smartmacutils.co
r1.tracking.marketing
secure.speedytools.live
tracking.marketing
r1.tracking.marketing
secure.speedytools.live
18.195.174.160
2600:9000:200c:4400:13:66d4:24c0:93a1
2600:9000:2043:2400:0:bb7c:6000:21
bbcd39f808cc0d0fcf63aeb6f443bb8d410398941ce28fc30db6babb03dc8079
bee40fcad5f8a0dc415bc611461a7459b440248242bcdfce610b77307a7de3b5

r1.tracking.marketing Open in urlscan Pro 18.195.174.160 Public Scan

Summary

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

5 Requests

20 %HTTPS

67 %IPv6

3 Domains

4 Subdomains

3 IPs

1 Countries

3 kBTransfer

2 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

2 Cookies

Indicators

r1.tracking.marketing Open in urlscan Pro
18.195.174.160 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

20 %
HTTPS

67 %
IPv6

3
Domains

4
Subdomains

3
IPs

1
Countries

3 kB
Transfer

2 kB
Size

2
Cookies

5 HTTP transactions
0 data transactions