r1.tracking.marketing
Open in
urlscan Pro
18.195.174.160
Public Scan
Effective URL: http://r1.tracking.marketing/redirect?target=BASE64aHR0cHM6Ly9zZWN1cmUuc3BlZWR5dG9vbHMubGl2ZS8_b3M9bWFjJngtY29udGV4dD13UTBMN0...
Submission: On April 23 via manual from TR
Summary
This is the only time r1.tracking.marketing was scanned on urlscan.io!
urlscan.io Verdict: No classification
Downloads These files were downloaded by the website
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 18.195.174.160 18.195.174.160 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 1 | 2600:9000:200... 2600:9000:200c:4400:13:66d4:24c0:93a1 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 2600:9000:204... 2600:9000:2043:2400:0:bb7c:6000:21 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
5 | 3 |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
tracking.marketing | |
r1.tracking.marketing |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
secure.speedytools.live |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
dl.smartmacutils.co |
Apex Domain Subdomains |
Transfer | |
---|---|---|
2 |
tracking.marketing
tracking.marketing r1.tracking.marketing Failed |
3 KB |
1 |
smartmacutils.co
dl.smartmacutils.co |
|
1 |
speedytools.live
secure.speedytools.live Failed |
352 B |
5 | 3 |
Domain | Requested by | |
---|---|---|
1 | dl.smartmacutils.co |
r1.tracking.marketing
|
1 | secure.speedytools.live | |
1 | r1.tracking.marketing |
tracking.marketing
|
1 | tracking.marketing | |
5 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
tracking.marketing COMODO RSA Domain Validation Secure Server CA |
2018-07-05 - 2019-07-05 |
a year | crt.sh |
This page contains 1 frames:
Frame:
http://dl.smartmacutils.co/setups/cpmc/c4/maccleaner.pkg
Frame ID: 950F61FED7B2A79234BA797D15FADFD6
Requests: 5 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://tracking.marketing/01b95c32-0288-40d1-a8b2-769770977c46?sc=f1be0f9b-24b9-4ef6-b115-1b6525e2d391... Page URL
- http://r1.tracking.marketing/redirect?target=BASE64aHR0cHM6Ly9zZWN1cmUuc3BlZWR5dG9vbHMubGl2ZS8_b3M9bWFjJn... Page URL
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://tracking.marketing/01b95c32-0288-40d1-a8b2-769770977c46?sc=f1be0f9b-24b9-4ef6-b115-1b6525e2d391&zn=hotel-sec-nnvbHMQt&campid=475a5660-5036-4fda-88cf-2d70bc1be504&data=amc-s3 Page URL
- http://r1.tracking.marketing/redirect?target=BASE64aHR0cHM6Ly9zZWN1cmUuc3BlZWR5dG9vbHMubGl2ZS8_b3M9bWFjJngtY29udGV4dD13UTBMN0hBQ0VFS0dSTFZMSFMzR0VQOVEmdXRtX3NvdXJjZT1tbWZ4bXJrdGRkbDMmdXRtX2NhbXBhaWduPW1tZnhtcmt0ZGRsM24mcHhsPU1NRjQwNzJfTU1GMzk3Nl9SVU5UJnV0bV9wdWJpZD1ob3RlbC1zZWMtbm52YkhNUXQmeC1hdD05YjgzZWY4YS0zYThiLTQyZDctYjE3YS1mNzUzZDQzNmI0NTAmb3ZlcnJpZGU9MQ&ts=1556027871292&hash=z3sBO6lEU-osONTmDYaeW1uuGcexJpwxqJTjPy6Diwg&rm=DJ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 3- https://secure.speedytools.live/?os=mac&x-context=wQ0L7HACEEKGRLVLHS3GEP9Q&utm_source=mmfxmrktddl3&utm_campaign=mmfxmrktddl3n&pxl=MMF4072_MMF3976_RUNT&utm_pubid=hotel-sec-nnvbHMQt&x-at=9b83ef8a-3a8b-42d7-b17a-f753d436b450&override=1 HTTP 302
- http://dl.smartmacutils.co/setups/cpmc/c4/maccleaner.pkg
5 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Cookie set
01b95c32-0288-40d1-a8b2-769770977c46
tracking.marketing/ |
1 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
redirect
r1.tracking.marketing/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
redirect
r1.tracking.marketing/ |
756 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
secure.speedytools.live/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
maccleaner.pkg
dl.smartmacutils.co/setups/cpmc/c4/ Redirect Chain
|
0 0 |
Document
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- r1.tracking.marketing
- URL
- http://r1.tracking.marketing/redirect?target=BASE64aHR0cHM6Ly9zZWN1cmUuc3BlZWR5dG9vbHMubGl2ZS8_b3M9bWFjJngtY29udGV4dD13UTBMN0hBQ0VFS0dSTFZMSFMzR0VQOVEmdXRtX3NvdXJjZT1tbWZ4bXJrdGRkbDMmdXRtX2NhbXBhaWduPW1tZnhtcmt0ZGRsM24mcHhsPU1NRjQwNzJfTU1GMzk3Nl9SVU5UJnV0bV9wdWJpZD1ob3RlbC1zZWMtbm52YkhNUXQmeC1hdD05YjgzZWY4YS0zYThiLTQyZDctYjE3YS1mNzUzZDQzNmI0NTAmb3ZlcnJpZGU9MQ&ts=1556027871292&hash=z3sBO6lEU-osONTmDYaeW1uuGcexJpwxqJTjPy6Diwg&rm=DJ
- Domain
- secure.speedytools.live
- URL
- https://secure.speedytools.live/?os=mac&x-context=wQ0L7HACEEKGRLVLHS3GEP9Q&utm_source=mmfxmrktddl3&utm_campaign=mmfxmrktddl3n&pxl=MMF4072_MMF3976_RUNT&utm_pubid=hotel-sec-nnvbHMQt&x-at=9b83ef8a-3a8b-42d7-b17a-f753d436b450&override=1
Verdicts & Comments Add Verdict or Comment
3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.tracking.marketing/ | Name: cc-v4 Value: Wm2NqeeTX9W%2B3Y%2FbbL0izd2UmatH8ealSGLGY9d5q%2BNQMLhDt%2BfepmRUt91HazGQI%2BlkwuAECNejKHADDXkPaezZojNZsB7Arzpo6UctuO%2B06rtTSviBaPS%2F9j5XCYi7BlyjEVDPxFYp0pDl6K4ftQ%3D%3D |
|
.tracking.marketing/ | Name: 01b95c32-0288-40d1-a8b2-769770977c46-v4 Value: 01b95c32-0288-40d1-a8b2-769770977c46 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
dl.smartmacutils.co
r1.tracking.marketing
secure.speedytools.live
tracking.marketing
r1.tracking.marketing
secure.speedytools.live
18.195.174.160
2600:9000:200c:4400:13:66d4:24c0:93a1
2600:9000:2043:2400:0:bb7c:6000:21
bbcd39f808cc0d0fcf63aeb6f443bb8d410398941ce28fc30db6babb03dc8079
bee40fcad5f8a0dc415bc611461a7459b440248242bcdfce610b77307a7de3b5