What Is A Tracking Pixel Link to heading
A Tracking Pixel is a technique found these days in Email marketing, promotions, newsletters and even casual notifications contents of Email campaign services. It inserts a transparent 1px x 1px image to the mail body that is invisible to human eyes and uses the good-old Web technology to send information to whoever’s on the other end collecting as many aspects as they want about the person who reads the Email:
- Operating system
- Device model
- Type of the Email client
- The reader’s screen resolution
- When and how many times the Email was read or website visited
- Activities on the website in a session
- The IP address of the reader (this gives away the ISP information and even location based on some extremely precise GeoIP databases that are very easy to get)
A sample tracking pixel snippet from MailTrackerBlocker:
<a style="color: #770506;">
<img src="http://cdn.website.com/newsletter/logo.png" width="438" height="42" border="0" style="max-width: 90%; height: auto" alt="logo.png">
</a>
<br>
<a href="https://website.us5.list-manage.com/unsubscribe?u=abdef">Click here to unsubscribe</a> or <a href="https://website.us5.list-manage.com/profile?u=abdef">Update subscription preferences</a>
- <img width="0" height="0" class="mailtrack-img" alt="" style="display:flex" src="https://mailtrack.io/trace/mail/0eabccbe98c98e9b8e9a8b89eab89ce9ab89e8bc.png?u=1234567">
Note that the highlighted line of code inserts the invisible pixel of image to the mail body.
Actually very few people ever noticed that their behaviours were tracked (or to say harvested) by the people who sent the Emails. But as soon as one realises it, bad feelings come pouring in: you don’t know which Emails have tracking pixels; you can never “opt-out” a tracking pixel; you don’t know exactly what information were collected by the trackers and what they plan to do with it.
How to avoid being tracked? Link to heading
If you are using a macOS computer, check out the open-source project MailTrackerBlocker. It’s a plug-in for the Apple Mail app. Actually the list above was sorted out using this plug-in.
Alternatively you can choose an Email service that provides tracking pixel blocking natively, like Hey (paid). In fact the makers of Hey mail made this website to stand up against tracking pixels: https://notospypixels.com
For blocking tracking pixels on other platforms, applications or Email providers, you can write to me and tell me your method or tools. I’d be happy to add them here.
Who Are Tracking Me Link to heading
To name just a few Email senders I’ve caught embedding the tracking pixels, here’s a list:
| Sender | From Address | Tracking Pixel Service Provider |
|---|---|---|
| Sony PlayStation | [email protected] | Salesforce |
| Adobe | [email protected] [email protected] | Adobe |
| IFTTT | [email protected] | Customer.io |
| Nintendo | [email protected] | (Self-owned Tracker) |
| [email protected] | ||
| Duolingo | [email protected] | Amazon SES |
| Flickr | [email protected] | SparkPost |
| Lark Suite (a.k.a Feishu) | [email protected] | SendGrid |
| Bedroom Producers Blog | [email protected] | MailerLite |
| Trello | [email protected] [email protected] [email protected] | Atlassian |
| Dropbox | [email protected] | (Self-owned Tracker) |
| CodeSandbox | [email protected] | Mailgun |
| Mapbox | [email protected] [email protected] [email protected] [email protected] | Customer.io |
| MapTiler | [email protected] | |
| Mapillary | [email protected] | SendGrid |
| Apple App Store | [email protected] | Apple |
| iCloud (GCBD) | [email protected] | (Self-owned Tracker) |
| Apple iTunes Connect | [email protected] | (Self-owned Tracker) |
| Apple Developer | [email protected] | Apple |
| Be My Eyes | [email protected] [email protected] | Postmark Mixpanel |
| Goodreads | [email protected] | Amazon SES |
| Foursquare | [email protected] | SendGrid |
| Baidu | [email protected] | (Self-owned Tracker) |
| GitHub | [email protected] | GitHub |
| Microsoft | [email protected] [email protected] [email protected] | Microsoft |
| Cloudflare | [email protected] | (Self-owned Tracker) |
| Sentry | [email protected] | Hubspot |
| Upwork | [email protected] | Upwork |
| AWS | [email protected] | Amazon SES |
| [email protected] [email protected] | ||
| [email protected] | ||
| Paypal | [email protected] | (Self-owned Tracker) Return Path |
| Stripe | [email protected] | (Self-owned Tracker) |
| Auth0 | [email protected] [email protected] | SendGrid Mandrill |
| Airbnb | [email protected] | (Self-owned Tracker) |
| Coursera | [email protected] | SparkPost |
| Console.dev | [email protected] | Mailchimp |
| AudioThing | [email protected] | Mailchimp |
| BugSnag | [email protected] | (Self-owned Tracker) |
| Slite | [email protected] | SendGrid |
| GOG | [email protected] | GetResponse |
| IMDB | [email protected] | Amazon SES |
| CloudApp | [email protected] | Customer.io |
| PreSonus | [email protected] | (Self-owned Tracker) |
| Internet Archive | [email protected] | Mailchimp |
| Box | [email protected] | spmailtechnol |
| IHG (A hospitality company) | [email protected] | (Self-owned Tracker, more than 1 per mail) |
| TuringBook.com | [email protected] | Mailchimp |
| Raycast | [email protected] | SendGrid |
| RescueTime | [email protected] | Customer.io |
| Chatra | [email protected] | Postmark |
| Bandcamp | [email protected] | (Self-owned Tracker) |
| Craft.do | [email protected] | (Self-owned Tracker) |
| Journal | [email protected] | SendGrid |
| Mockaroo | [email protected] | Mailchimp |
| Ghost.org (A blogging software) | [email protected] | (Self-owned Tracker) |
| Asana | [email protected] | (Self-owned Tracker) |
| Remove.bg | [email protected] | (Self-owned Tracker) |
| uTalk | [email protected] | (Self-owned Tracker) |
| Envato | [email protected] | Mandrillapp |
| RapidAPI | [email protected] | Mailchimp |
| BundleHunt | [email protected] | Mailchimp |
| TIDAL | [email protected] | SendGrid |
| ClickUp | [email protected] [email protected] [email protected] [email protected] | Close |
| Clubhouse.io | [email protected] [email protected] | Intercom SendGrid |
| Postman.com | [email protected] | Fastic |
| Taiga | [email protected] | SendGrid |
| Koingo Software | [email protected] | SendGrid |
| Lobe.ai | [email protected] | Salesforce |
| Native Instruments | [email protected] | (Self-owned Tracker) |
| Atlassian | [email protected] | Return Path |
| Twitch | [email protected] | (Self-owned Tracker) |
| JustFont | [email protected] | |
| JFrog | [email protected] | (Self-owned Tracker) |
| NameSilo | [email protected] | MailerLite |
| Riot Games | [email protected] | SendGrid |
| NASA Mars | [email protected] | iContact |
| Zeplin | [email protected] | Mailchimp |
| Pipedream | [email protected] | SendGrid |
| Google Payments | [email protected] | |
| Google Workspace | [email protected] | |
| Google Cloud Platform | [email protected] | |
| Climb App | (hidden due to Apple Login) | SendGrid |
| China Merchants Bank | [email protected] | (Self-owned Tracker) |
| Magoosh | [email protected] | SendGrid |
| Todoist | [email protected] | SendGrid |
| MuseScore | [email protected] | (Self-owned Tracker) |
| GitGuardian | [email protected] [email protected] [email protected] | SendGrid Mailgun |
| Speed Dial 2 | [email protected] | Postmark |
| Sococo | [email protected] | Mandrill |
| Chamaileon | [email protected] | Sendy |
| Browserstack Team | [email protected] | Mailchimp |
| Ultimate Guitar | [email protected] | Mailtrain |
| Bunny Studio | [email protected] | SendGrid |
| Waymo | [email protected] | |
| 数码荔枝 lizhi.io | [email protected] | Mailchimp |
| Three Dots Labs | [email protected] | Mailchimp |
| Vercel | [email protected] | SendGrid |
| Guitar Pro | [email protected] | Mailchimp |
| Loom | [email protected] [email protected] [email protected] | Intercom Mandrill |
| Opstree | [email protected] | Hubspot |
| WeTransfer | [email protected] | SendGrid |
| Flim | [email protected] | Mailjet |
| Grab | [email protected] | Amazon SES |
| Pusher | [email protected] | Customer.io |
| Chess.com | [email protected] [email protected] [email protected] | Fastic SendGrid SendGrid |
| Soundtoys | [email protected] | Mailchimp |
| italki | [email protected] | Amazon SES |
| Codecov | [email protected] | (Self-owned Tracker) |
| Wurkr | [email protected] | Hubspot |
| Coinbase | [email protected] | Fastic |
| Zapier | [email protected] | Litmus |
| HBO Max | [email protected] | SendGrid |
| Malaysia Kini | [email protected] [email protected] | Amazon SES |
| Book Depository | [email protected] | Litmus |
| Anytype | [email protected] | SendGrid |
| Change.org | [email protected] | (Self-owned Tracker) |
| Flo | [email protected] | SendGrid |
| Medium | [email protected] | SendGrid |
| LingQ | [email protected] [email protected] | SendGrid |
| WordPress | [email protected] | WordPress |
| Leanpub | [email protected] | Mailchimp |
| Pocket Casts | [email protected] | Mandrill |
| Amazon Web Services | [email protected] | Amazon SES |
| Spotify | [email protected] | SendGrid |
| Los Angeles Valley Collage | [email protected] | iContact |
| StarWind | [email protected] | Hubspot |
| Product Hunt | [email protected] | Mailjet |
| Gengo Translator Team | [email protected] | SendGrid |
| Robinhood Snacks | [email protected] | SendGrid |
| Live2D | [email protected] | Mailchimp |
| JetBrains | [email protected] | Adobe |
| Docker | [email protected] | Mailgun |
| Discord | [email protected] | SendGrid |
| Skillshare | [email protected] | SendGrid |
| Kickstarter | [email protected] | SendGrid |
| MakeML | [email protected] | SendGrid |
| Roboflow | [email protected] | Customer.io |
| Unity | [email protected] | SendGrid |
| Otoy | [email protected] | Mailchimp |
| Memrise | [email protected] | SendGrid |
| Clozemaster | [email protected] | SendGrid |
| Descript | [email protected] | Customer.io |
| Heroku | [email protected] | Salesforce |
It can go very long as more and more services I use. And I was tracked all the way long.
Update 2021-03-22: It appears that many of the “Self-owned Trackers” are not owned by the business owners. They don’t reveal the actual vendor by using the custom domain names. Certain tracing was done to discover the actual campaign Email sender and the tracker, which showed a certain pattern of how the custom domain names are formed. E.g.
http://url1234.mail.some-service.io(certain parts were masked with dummy characters) points to the IP address that resolves to be in possession of SendGrid. Oh my they use thehttpthat scatters people’s information all around the web un-encrypted while relentlessly collecting them.