Submitted URL: https://tracking.marketing/01b95c32-0288-40d1-a8b2-769770977c46?sc=f1be0f9b-24b9-4ef6-b115-1b6525e2d391&zn=hotel-sec-nnvbHM...
Effective URL: http://r1.tracking.marketing/redirect?target=BASE64aHR0cHM6Ly9zZWN1cmUuc3BlZWR5dG9vbHMubGl2ZS8_b3M9bWFjJngtY29udGV4dD13UTBMN0...
Submission: On April 23 via manual from TR

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 5 HTTP transactions. The main IP is 18.195.174.160, located in Cambridge, United States and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is r1.tracking.marketing.
This is the only time r1.tracking.marketing was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Domain & IP information

IP Address AS Autonomous System
2 18.195.174.160 16509 (AMAZON-02)
1 1 2600:9000:200... 16509 (AMAZON-02)
1 2600:9000:204... 16509 (AMAZON-02)
5 3
Domain Requested by
1 dl.smartmacutils.co r1.tracking.marketing
1 secure.speedytools.live
1 r1.tracking.marketing tracking.marketing
1 tracking.marketing
5 4

This site contains no links.

Subject Issuer Validity Valid
tracking.marketing
COMODO RSA Domain Validation Secure Server CA
2018-07-05 -
2019-07-05
a year crt.sh

This page contains 1 frames:

Frame: http://dl.smartmacutils.co/setups/cpmc/c4/maccleaner.pkg
Frame ID: 950F61FED7B2A79234BA797D15FADFD6
Requests: 5 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://tracking.marketing/01b95c32-0288-40d1-a8b2-769770977c46?sc=f1be0f9b-24b9-4ef6-b115-1b6525e2d391... Page URL
  2. http://r1.tracking.marketing/redirect?target=BASE64aHR0cHM6Ly9zZWN1cmUuc3BlZWR5dG9vbHMubGl2ZS8_b3M9bWFjJn... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

5
Requests

20 %
HTTPS

67 %
IPv6

3
Domains

4
Subdomains

3
IPs

1
Countries

3 kB
Transfer

2 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://tracking.marketing/01b95c32-0288-40d1-a8b2-769770977c46?sc=f1be0f9b-24b9-4ef6-b115-1b6525e2d391&zn=hotel-sec-nnvbHMQt&campid=475a5660-5036-4fda-88cf-2d70bc1be504&data=amc-s3 Page URL
  2. http://r1.tracking.marketing/redirect?target=BASE64aHR0cHM6Ly9zZWN1cmUuc3BlZWR5dG9vbHMubGl2ZS8_b3M9bWFjJngtY29udGV4dD13UTBMN0hBQ0VFS0dSTFZMSFMzR0VQOVEmdXRtX3NvdXJjZT1tbWZ4bXJrdGRkbDMmdXRtX2NhbXBhaWduPW1tZnhtcmt0ZGRsM24mcHhsPU1NRjQwNzJfTU1GMzk3Nl9SVU5UJnV0bV9wdWJpZD1ob3RlbC1zZWMtbm52YkhNUXQmeC1hdD05YjgzZWY4YS0zYThiLTQyZDctYjE3YS1mNzUzZDQzNmI0NTAmb3ZlcnJpZGU9MQ&ts=1556027871292&hash=z3sBO6lEU-osONTmDYaeW1uuGcexJpwxqJTjPy6Diwg&rm=DJ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://secure.speedytools.live/?os=mac&x-context=wQ0L7HACEEKGRLVLHS3GEP9Q&utm_source=mmfxmrktddl3&utm_campaign=mmfxmrktddl3n&pxl=MMF4072_MMF3976_RUNT&utm_pubid=hotel-sec-nnvbHMQt&x-at=9b83ef8a-3a8b-42d7-b17a-f753d436b450&override=1 HTTP 302
  • http://dl.smartmacutils.co/setups/cpmc/c4/maccleaner.pkg

5 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Cookie set 01b95c32-0288-40d1-a8b2-769770977c46
tracking.marketing/
1 KB
2 KB
Document
General
Full URL
https://tracking.marketing/01b95c32-0288-40d1-a8b2-769770977c46?sc=f1be0f9b-24b9-4ef6-b115-1b6525e2d391&zn=hotel-sec-nnvbHMQt&campid=475a5660-5036-4fda-88cf-2d70bc1be504&data=amc-s3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.174.160 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
bbcd39f808cc0d0fcf63aeb6f443bb8d410398941ce28fc30db6babb03dc8079

Request headers

Host
tracking.marketing
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server
nginx
Date
Tue, 23 Apr 2019 13:57:51 GMT
Content-Type
text/html;charset=UTF-8
Content-Length
1164
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Set-Cookie
01b95c32-0288-40d1-a8b2-769770977c46-v4=01b95c32-0288-40d1-a8b2-769770977c46;domain=tracking.marketing;path=/;HttpOnly cc-v4=Wm2NqeeTX9W%2B3Y%2FbbL0izd2UmatH8ealSGLGY9d5q%2BNQMLhDt%2BfepmRUt91HazGQI%2BlkwuAECNejKHADDXkPaezZojNZsB7Arzpo6UctuO%2B06rtTSviBaPS%2F9j5XCYi7BlyjEVDPxFYp0pDl6K4ftQ%3D%3D;Max-Age=31536000;Expires=Wed, 22-Apr-2020 13:57:51 GMT;domain=tracking.marketing;path=/;HttpOnly
redirect
r1.tracking.marketing/
0
0

Primary Request redirect
r1.tracking.marketing/
756 B
1 KB
Document
General
Full URL
http://r1.tracking.marketing/redirect?target=BASE64aHR0cHM6Ly9zZWN1cmUuc3BlZWR5dG9vbHMubGl2ZS8_b3M9bWFjJngtY29udGV4dD13UTBMN0hBQ0VFS0dSTFZMSFMzR0VQOVEmdXRtX3NvdXJjZT1tbWZ4bXJrdGRkbDMmdXRtX2NhbXBhaWduPW1tZnhtcmt0ZGRsM24mcHhsPU1NRjQwNzJfTU1GMzk3Nl9SVU5UJnV0bV9wdWJpZD1ob3RlbC1zZWMtbm52YkhNUXQmeC1hdD05YjgzZWY4YS0zYThiLTQyZDctYjE3YS1mNzUzZDQzNmI0NTAmb3ZlcnJpZGU9MQ&ts=1556027871292&hash=z3sBO6lEU-osONTmDYaeW1uuGcexJpwxqJTjPy6Diwg&rm=DJ
Requested by
Host: tracking.marketing
URL: https://tracking.marketing/01b95c32-0288-40d1-a8b2-769770977c46?sc=f1be0f9b-24b9-4ef6-b115-1b6525e2d391&zn=hotel-sec-nnvbHMQt&campid=475a5660-5036-4fda-88cf-2d70bc1be504&data=amc-s3
Protocol
HTTP/1.1
Server
18.195.174.160 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
bee40fcad5f8a0dc415bc611461a7459b440248242bcdfce610b77307a7de3b5

Request headers

Host
r1.tracking.marketing
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Cookie
01b95c32-0288-40d1-a8b2-769770977c46-v4=01b95c32-0288-40d1-a8b2-769770977c46; cc-v4=Wm2NqeeTX9W%2B3Y%2FbbL0izd2UmatH8ealSGLGY9d5q%2BNQMLhDt%2BfepmRUt91HazGQI%2BlkwuAECNejKHADDXkPaezZojNZsB7Arzpo6UctuO%2B06rtTSviBaPS%2F9j5XCYi7BlyjEVDPxFYp0pDl6K4ftQ%3D%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server
nginx
Date
Tue, 23 Apr 2019 13:57:51 GMT
Content-Type
text/html;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
/
secure.speedytools.live/
0
0

maccleaner.pkg
dl.smartmacutils.co/setups/cpmc/c4/
Redirect Chain
  • https://secure.speedytools.live/?os=mac&x-context=wQ0L7HACEEKGRLVLHS3GEP9Q&utm_source=mmfxmrktddl3&utm_campaign=mmfxmrktddl3n&pxl=MMF4072_MMF3976_RUNT&utm_pubid=hotel-sec-nnvbHMQt&x-at=9b83ef8a-3a8...
  • http://dl.smartmacutils.co/setups/cpmc/c4/maccleaner.pkg
0
0
Document
General
Full URL
http://dl.smartmacutils.co/setups/cpmc/c4/maccleaner.pkg
Requested by
Host: r1.tracking.marketing
URL: http://r1.tracking.marketing/redirect?target=BASE64aHR0cHM6Ly9zZWN1cmUuc3BlZWR5dG9vbHMubGl2ZS8_b3M9bWFjJngtY29udGV4dD13UTBMN0hBQ0VFS0dSTFZMSFMzR0VQOVEmdXRtX3NvdXJjZT1tbWZ4bXJrdGRkbDMmdXRtX2NhbXBhaWduPW1tZnhtcmt0ZGRsM24mcHhsPU1NRjQwNzJfTU1GMzk3Nl9SVU5UJnV0bV9wdWJpZD1ob3RlbC1zZWMtbm52YkhNUXQmeC1hdD05YjgzZWY4YS0zYThiLTQyZDctYjE3YS1mNzUzZDQzNmI0NTAmb3ZlcnJpZGU9MQ&ts=1556027871292&hash=z3sBO6lEU-osONTmDYaeW1uuGcexJpwxqJTjPy6Diwg&rm=DJ
Protocol
HTTP/1.1
Server
2600:9000:2043:2400:0:bb7c:6000:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Host
dl.smartmacutils.co
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://r1.tracking.marketing/redirect?target=BASE64aHR0cHM6Ly9zZWN1cmUuc3BlZWR5dG9vbHMubGl2ZS8_b3M9bWFjJngtY29udGV4dD13UTBMN0hBQ0VFS0dSTFZMSFMzR0VQOVEmdXRtX3NvdXJjZT1tbWZ4bXJrdGRkbDMmdXRtX2NhbXBhaWduPW1tZnhtcmt0ZGRsM24mcHhsPU1NRjQwNzJfTU1GMzk3Nl9SVU5UJnV0bV9wdWJpZD1ob3RlbC1zZWMtbm52YkhNUXQmeC1hdD05YjgzZWY4YS0zYThiLTQyZDctYjE3YS1mNzUzZDQzNmI0NTAmb3ZlcnJpZGU9MQ&ts=1556027871292&hash=z3sBO6lEU-osONTmDYaeW1uuGcexJpwxqJTjPy6Diwg&rm=DJ
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://r1.tracking.marketing/redirect?target=BASE64aHR0cHM6Ly9zZWN1cmUuc3BlZWR5dG9vbHMubGl2ZS8_b3M9bWFjJngtY29udGV4dD13UTBMN0hBQ0VFS0dSTFZMSFMzR0VQOVEmdXRtX3NvdXJjZT1tbWZ4bXJrdGRkbDMmdXRtX2NhbXBhaWduPW1tZnhtcmt0ZGRsM24mcHhsPU1NRjQwNzJfTU1GMzk3Nl9SVU5UJnV0bV9wdWJpZD1ob3RlbC1zZWMtbm52YkhNUXQmeC1hdD05YjgzZWY4YS0zYThiLTQyZDctYjE3YS1mNzUzZDQzNmI0NTAmb3ZlcnJpZGU9MQ&ts=1556027871292&hash=z3sBO6lEU-osONTmDYaeW1uuGcexJpwxqJTjPy6Diwg&rm=DJ

Response headers

Content-Type
application/octet-stream
Content-Length
7386032
Connection
keep-alive
Last-Modified
Thu, 28 Mar 2019 13:40:15 GMT
x-amz-meta-s3b-last-modified
20190328T133618Z
Accept-Ranges
bytes
Server
AmazonS3
Date
Tue, 23 Apr 2019 05:53:34 GMT
ETag
"c7d6ff48274ed08cf0a3eb45f5c7afff"
Age
30089
X-Cache
Hit from cloudfront
Via
1.1 b454a0b154ae18408006bc2a9abd88ec.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA54
X-Amz-Cf-Id
jIBpJjlxUmYPLhfPWCrDy-BSP5YZ8OeyFD6L2Z6jw0lBpWNSX4rPpA==

Redirect headers

status
302
content-type
application/json
content-length
71
location
http://dl.smartmacutils.co/setups/cpmc/c4/maccleaner.pkg
date
Tue, 23 Apr 2019 13:57:52 GMT
x-amzn-requestid
c905fff6-65cf-11e9-b0a6-1927e403ad99
x-amz-apigw-id
YmD68FMAIAMF-hg=
x-amzn-trace-id
Root=1-5cbf19df-424d44b59a0d6c1b0479c65b;Sampled=0
x-cache
Miss from cloudfront
via
1.1 bb93dfaee440e32ac88831363641e2c2.cloudfront.net (CloudFront)
x-amz-cf-id
2MxKlho42V36GcxubgCQcIwKiB-W3uJSHtKiGrvuwgQSUdArw7VUxw==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
r1.tracking.marketing
URL
http://r1.tracking.marketing/redirect?target=BASE64aHR0cHM6Ly9zZWN1cmUuc3BlZWR5dG9vbHMubGl2ZS8_b3M9bWFjJngtY29udGV4dD13UTBMN0hBQ0VFS0dSTFZMSFMzR0VQOVEmdXRtX3NvdXJjZT1tbWZ4bXJrdGRkbDMmdXRtX2NhbXBhaWduPW1tZnhtcmt0ZGRsM24mcHhsPU1NRjQwNzJfTU1GMzk3Nl9SVU5UJnV0bV9wdWJpZD1ob3RlbC1zZWMtbm52YkhNUXQmeC1hdD05YjgzZWY4YS0zYThiLTQyZDctYjE3YS1mNzUzZDQzNmI0NTAmb3ZlcnJpZGU9MQ&ts=1556027871292&hash=z3sBO6lEU-osONTmDYaeW1uuGcexJpwxqJTjPy6Diwg&rm=DJ
Domain
secure.speedytools.live
URL
https://secure.speedytools.live/?os=mac&x-context=wQ0L7HACEEKGRLVLHS3GEP9Q&utm_source=mmfxmrktddl3&utm_campaign=mmfxmrktddl3n&pxl=MMF4072_MMF3976_RUNT&utm_pubid=hotel-sec-nnvbHMQt&x-at=9b83ef8a-3a8b-42d7-b17a-f753d436b450&override=1

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

2 Cookies

Domain/Path Name / Value
.tracking.marketing/ Name: cc-v4
Value: Wm2NqeeTX9W%2B3Y%2FbbL0izd2UmatH8ealSGLGY9d5q%2BNQMLhDt%2BfepmRUt91HazGQI%2BlkwuAECNejKHADDXkPaezZojNZsB7Arzpo6UctuO%2B06rtTSviBaPS%2F9j5XCYi7BlyjEVDPxFYp0pDl6K4ftQ%3D%3D
.tracking.marketing/ Name: 01b95c32-0288-40d1-a8b2-769770977c46-v4
Value: 01b95c32-0288-40d1-a8b2-769770977c46