ritzmachine.com Open in urlscan Pro
192.95.30.59 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://qquu.trk.elasticemail.com/tracking/click?msgid=8gKs5jhohtuz7lQOHiKdxQ2&target=http%3a%2f%2fritzmachine.com%2findex.html&v=...
Effective URL:
http://ritzmachine.com/index.html
Submission: On January 29 via manual (January 29th 2018, 5:42:32 pm UTC) from US

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 9 HTTP transactions. The main IP is 192.95.30.59, located in Montréal, Canada and belongs to OVH, FR. The main domain is ritzmachine.com.

This is the only time ritzmachine.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DocuSign (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	46.105.88.234 46.105.88.234	16276 (OVH) (OVH)
9	192.95.30.59 192.95.30.59	16276 (OVH) (OVH)
9	1

1 46.105.88.234 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: api.elasticemail.com

qquu.trk.elasticemail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 192.95.30.59 (Montréal, Canada)

ASN16276 (OVH, FR)
PTR: web.smartwebsolutions.ca

ritzmachine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	ritzmachine.com ritzmachine.com	167 KB
1	elasticemail.com 1 redirects qquu.trk.elasticemail.com	411 B
9	2

	Domain	Requested by
9	ritzmachine.com	ritzmachine.com
1	qquu.trk.elasticemail.com	1 redirects
9	2

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://ritzmachine.com/index.html
Frame ID: (769AF9C16CF90DAD3AE64D4B9E6EBE24)
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://qquu.trk.elasticemail.com/tracking/click?msgid=8gKs5jhohtuz7lQOHiKdxQ2&target=http%3a%2f%2fritzmachine... HTTP 302
http://ritzmachine.com/index.html Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Page Statistics

9
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

167 kB
Transfer

165 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://qquu.trk.elasticemail.com/tracking/click?msgid=8gKs5jhohtuz7lQOHiKdxQ2&target=http%3a%2f%2fritzmachine.com%2findex.html&v=HR0x7RMoaOB6im779vJuFA2&lc=958013519088025714 HTTP 302
http://ritzmachine.com/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request index.html Show response ritzmachine.com/ Redirect Chain http://qquu.trk.elasticemail.com/tracking/click?msgid=8gKs5jhohtuz7lQOHiKdxQ2&target=http%3a%2f%2fritzmachine.com%2findex.html&v=HR0x7RMoaOB6im779vJuFA2&lc=958013519088025714 http://ritzmachine.com/index.html	3 KB 3 KB	201ms 91ms	Document text/html	192.95.30.59 OVH
General Check archive.org Show headers Download Go to Full URL http://ritzmachine.com/index.html Protocol HTTP/1.1 Server 192.95.30.59 Montréal, Canada, ASN16276 (OVH, FR), Reverse DNS web.smartwebsolutions.ca Software Apache / Resource Hash `693355524896f9dc6f4e9fddf838fd8ecd9e69cc388b5c3b45dc971c4cb1a2e2` Request headers Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Connection keep-alive Accept-Encoding gzip, deflate Host ritzmachine.com Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Mon, 29 Jan 2018 17:42:44 GMT Last-Modified Tue, 17 Jan 2017 08:17:56 GMT Server Apache Upgrade h2,h2c Connection Upgrade, Keep-Alive Accept-Ranges bytes Content-Type text/html Keep-Alive timeout=5, max=400 Content-Length 2576 Redirect headers Date Mon, 29 Jan 2018 17:42:20 GMT Server Microsoft-IIS/8.5 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Location http://ritzmachine.com/index.html Content-Type text/html; charset=utf-8 Access-Control-Allow-Origin * Cache-Control private X-Robots-Tag noindex, nofollow Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Content-Length 150
GET H/1.1	200 OK	a1.png ritzmachine.com/images/	2 KB 3 KB	92ms 91ms	Image image/png	192.95.30.59 OVH
General Check archive.org Show headers Download Go to Show image Full URL http://ritzmachine.com/images/a1.png Requested by Host: ritzmachine.com URL: http://ritzmachine.com/index.html Protocol HTTP/1.1 Server 192.95.30.59 Montréal, Canada, ASN16276 (OVH, FR), Reverse DNS web.smartwebsolutions.ca Software Apache / Resource Hash `7c234fc0ec732f44f01b1a0c4decbf651051fa05c881411ff55eb7c99dd704ee` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host ritzmachine.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://ritzmachine.com/index.html Connection keep-alive Cache-Control no-cache Referer http://ritzmachine.com/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Mon, 29 Jan 2018 17:42:44 GMT Last-Modified Fri, 23 Dec 2016 04:37:14 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=399 Content-Length 2477
GET H/1.1	200 OK	a6.png ritzmachine.com/images/	1 KB 1 KB	183ms 92ms	Image image/png	192.95.30.59 OVH
General Check archive.org Show headers Download Go to Show image Full URL http://ritzmachine.com/images/a6.png Requested by Host: ritzmachine.com URL: http://ritzmachine.com/index.html Protocol HTTP/1.1 Server 192.95.30.59 Montréal, Canada, ASN16276 (OVH, FR), Reverse DNS web.smartwebsolutions.ca Software Apache / Resource Hash `f082ddeec32b9fc26d35466aa4f6fba703897e98dec12dcb4f7ce5b6fc30aac4` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host ritzmachine.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://ritzmachine.com/index.html Connection keep-alive Cache-Control no-cache Referer http://ritzmachine.com/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Mon, 29 Jan 2018 17:42:44 GMT Last-Modified Fri, 23 Dec 2016 04:40:20 GMT Server Apache Upgrade h2,h2c Connection Upgrade, Keep-Alive Accept-Ranges bytes Content-Type image/png Keep-Alive timeout=5, max=400 Content-Length 1177
GET H/1.1	200 OK	a7.png ritzmachine.com/images/	923 B 1 KB	183ms 92ms	Image image/png	192.95.30.59 OVH
General Check archive.org Show headers Download Go to Show image Full URL http://ritzmachine.com/images/a7.png Requested by Host: ritzmachine.com URL: http://ritzmachine.com/index.html Protocol HTTP/1.1 Server 192.95.30.59 Montréal, Canada, ASN16276 (OVH, FR), Reverse DNS web.smartwebsolutions.ca Software Apache / Resource Hash `efdabd2b79991efb0cc7edccb4fcd14474aff2dcf9c9ce5dcb90e0cea64a6954` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host ritzmachine.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://ritzmachine.com/index.html Connection keep-alive Cache-Control no-cache Referer http://ritzmachine.com/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Mon, 29 Jan 2018 17:42:44 GMT Last-Modified Wed, 25 Jan 2017 08:24:24 GMT Server Apache Upgrade h2,h2c Connection Upgrade, Keep-Alive Accept-Ranges bytes Content-Type image/png Keep-Alive timeout=5, max=400 Content-Length 923
GET H/1.1	200 OK	a2.png ritzmachine.com/images/	115 KB 115 KB	184ms 92ms	Image image/png	192.95.30.59 OVH
General Check archive.org Show headers Download Go to Show image Full URL http://ritzmachine.com/images/a2.png Requested by Host: ritzmachine.com URL: http://ritzmachine.com/index.html Protocol HTTP/1.1 Server 192.95.30.59 Montréal, Canada, ASN16276 (OVH, FR), Reverse DNS web.smartwebsolutions.ca Software Apache / Resource Hash `aa8ee98f515cada0fab75e6b1314d9d38ad43b822571b3dfb5a960392c04174d` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host ritzmachine.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://ritzmachine.com/index.html Connection keep-alive Cache-Control no-cache Referer http://ritzmachine.com/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Mon, 29 Jan 2018 17:42:44 GMT Last-Modified Fri, 23 Dec 2016 04:44:14 GMT Server Apache Upgrade h2,h2c Connection Upgrade, Keep-Alive Accept-Ranges bytes Content-Type image/png Keep-Alive timeout=5, max=400 Content-Length 117746
GET H/1.1	200 OK	a3.png ritzmachine.com/images/	8 KB 9 KB	183ms 92ms	Image image/png	192.95.30.59 OVH
General Check archive.org Show headers Download Go to Show image Full URL http://ritzmachine.com/images/a3.png Requested by Host: ritzmachine.com URL: http://ritzmachine.com/index.html Protocol HTTP/1.1 Server 192.95.30.59 Montréal, Canada, ASN16276 (OVH, FR), Reverse DNS web.smartwebsolutions.ca Software Apache / Resource Hash `7a79475a6ee1e047cab079fdb66b32130c21ebf7d40123eebf8ae5ddfeed23a9` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host ritzmachine.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://ritzmachine.com/index.html Connection keep-alive Cache-Control no-cache Referer http://ritzmachine.com/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Mon, 29 Jan 2018 17:42:44 GMT Last-Modified Fri, 23 Dec 2016 04:38:58 GMT Server Apache Upgrade h2,h2c Connection Upgrade, Keep-Alive Accept-Ranges bytes Content-Type image/png Keep-Alive timeout=5, max=400 Content-Length 8440
GET H/1.1	200 OK	a4.png ritzmachine.com/images/	2 KB 2 KB	272ms 91ms	Image image/png	192.95.30.59 OVH
General Check archive.org Show headers Download Go to Show image Full URL http://ritzmachine.com/images/a4.png Requested by Host: ritzmachine.com URL: http://ritzmachine.com/index.html Protocol HTTP/1.1 Server 192.95.30.59 Montréal, Canada, ASN16276 (OVH, FR), Reverse DNS web.smartwebsolutions.ca Software Apache / Resource Hash `5514d5c6e4e02cbdf862a806bf532928ee3e98e90ad265c58ab8b687afd036e6` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host ritzmachine.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://ritzmachine.com/index.html Connection keep-alive Cache-Control no-cache Referer http://ritzmachine.com/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Mon, 29 Jan 2018 17:42:44 GMT Last-Modified Fri, 23 Dec 2016 04:39:24 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=397 Content-Length 2074
GET H/1.1	200 OK	a5.png ritzmachine.com/images/	13 KB 13 KB	178ms 91ms	Image image/png	192.95.30.59 OVH
General Check archive.org Show headers Download Go to Show image Full URL http://ritzmachine.com/images/a5.png Requested by Host: ritzmachine.com URL: http://ritzmachine.com/index.html Protocol HTTP/1.1 Server 192.95.30.59 Montréal, Canada, ASN16276 (OVH, FR), Reverse DNS web.smartwebsolutions.ca Software Apache / Resource Hash `1458c870deb4242d1b55ac22360ecf4205e17a8a8e6b0c53ef06598df57e15a6` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host ritzmachine.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://ritzmachine.com/index.html Connection keep-alive Cache-Control no-cache Referer http://ritzmachine.com/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Mon, 29 Jan 2018 17:42:44 GMT Last-Modified Fri, 23 Dec 2016 04:39:56 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=398 Content-Length 13177
GET H/1.1	200 OK	a8.png ritzmachine.com/images/	19 KB 20 KB	180ms 91ms	Image image/png	192.95.30.59 OVH
General Check archive.org Show headers Download Go to Show image Full URL http://ritzmachine.com/images/a8.png Requested by Host: ritzmachine.com URL: http://ritzmachine.com/index.html Protocol HTTP/1.1 Server 192.95.30.59 Montréal, Canada, ASN16276 (OVH, FR), Reverse DNS web.smartwebsolutions.ca Software Apache / Resource Hash `f47e916e6815782f42fd77f677b8a6645badc40416aa71fd26235fc7ad6f1abc` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host ritzmachine.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://ritzmachine.com/index.html Connection keep-alive Cache-Control no-cache Referer http://ritzmachine.com/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Mon, 29 Jan 2018 17:42:44 GMT Last-Modified Tue, 17 Jan 2017 08:02:58 GMT Server Apache Upgrade h2,h2c Connection Upgrade, Keep-Alive Accept-Ranges bytes Content-Type image/png Keep-Alive timeout=5, max=400 Content-Length 19926

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DocuSign (Online)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| unhideBody

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

qquu.trk.elasticemail.com
ritzmachine.com
192.95.30.59
46.105.88.234
1458c870deb4242d1b55ac22360ecf4205e17a8a8e6b0c53ef06598df57e15a6
5514d5c6e4e02cbdf862a806bf532928ee3e98e90ad265c58ab8b687afd036e6
693355524896f9dc6f4e9fddf838fd8ecd9e69cc388b5c3b45dc971c4cb1a2e2
7a79475a6ee1e047cab079fdb66b32130c21ebf7d40123eebf8ae5ddfeed23a9
7c234fc0ec732f44f01b1a0c4decbf651051fa05c881411ff55eb7c99dd704ee
aa8ee98f515cada0fab75e6b1314d9d38ad43b822571b3dfb5a960392c04174d
efdabd2b79991efb0cc7edccb4fcd14474aff2dcf9c9ce5dcb90e0cea64a6954
f082ddeec32b9fc26d35466aa4f6fba703897e98dec12dcb4f7ce5b6fc30aac4
f47e916e6815782f42fd77f677b8a6645badc40416aa71fd26235fc7ad6f1abc

ritzmachine.com Open in urlscan Pro 192.95.30.59 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

9 Requests

0 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

1 IPs

2 Countries

167 kBTransfer

165 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

1 JavaScript Global Variables

0 Cookies

Indicators

ritzmachine.com Open in urlscan Pro
192.95.30.59 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

167 kB
Transfer

165 kB
Size

0
Cookies

9 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!