Blocklist Incident - Page on ilabs.eccouncil.org embeds centosx.tk

Summary

Correlation: Exact
Matched By: Url
Matched Lists: GSBMalware , RiskIQ
Score: 100
Description: riq.auto.ip REP hosted on address serving EITest malicious redirector

Incident Details

Id: 148545718
Incident Date: 2016-03-09 10:24 AM PST
Incident Detected Date: 2016-03-09 10:33 AM PST
Cause: embed.src
Blocklist Resource IP: 85.93.0.33
Blocklist Resource AS: AS203973: Country: DE  Registry: ripencc
GUARDOMICRO-AS GUARDOMICRO S.R.L,RO
Phishing: false
Scam: false
Malware: true
Spam: false
PUP: false
Redir: false
Inject: false
Alexa Rank: 62608

Matched Lists

GSB Malware Match: centosx.tk/
Match Type: Host

ZList Details

ZList ID: 1366229
URL: http://centosx.tk/ifioeceicpenrkonlifckrbdmft/fmopdnseeocalbobpmcmfipldossokrf/drfeatsdekdm/mrilsriakofpaptapfs/
Match Type: Url
Description: riq.auto.ip REP hosted on address serving EITest malicious redirector
Score: 75
First Detected At: 2016-03-09 10:32:36.0
First Found On Crawl: 2882d699-3570-4a6f-84b4-96ec56daf04c
First Found On Page: 3c7055f1-96b8-4892-b836-4ff3b3fa5a52
First Found On Resource: 36edabf6-55b0-4bbf-bc24-82ef8ce84ecb

Blocklist Resource Details

URL: http://centosx.tk/ifioeceicpenrkonlifckrbdmft/fmopdnseeocalbobpmcmfipldossokrf/drfeatsdekdm/mrilsriakofpaptapfs/
Sequence: 4
Response Code: 200
Content Type: application/x-shockwave-flash
Referrer: https://ilabs.eccouncil.org/
Cause: embed.src
Location in Prior

Prior Page

Sequence in Crawl: 8
Guid: bab74d65-c728-4c78-b2ec-b97e3e552504
URL: https://www.eccouncil.org/certification/computer-hacking-forensics-investigator
IP Address: 66.129.123.225
Window Name: : TopLevelWindow@72b0f0d2

Resulting Page

Sequence in Crawl: 9
Guid: 3c7055f1-96b8-4892-b836-4ff3b3fa5a52
URL: https://ilabs.eccouncil.org/
IP Address: 66.129.123.229
Window Name: : TopLevelWindow@72b0f0d2

Crawl Details

Crawl Guid: 2882d699-3570-4a6f-84b4-96ec56daf04c
Crawl Date: 2016-03-09 10:24 AM PST
Frontier URL: http://www.intrinsecsecurity.com/
Metro Code: US - UT - Salt Lake City
Crawled Pages: 10
Error Pages: 0

Source Search

No Source Search Result found.

Sequence Overview

Seq­uence URL Ad Network Cause Response Code Frame Window Parent Window Lost Referrer Referrer
1 https://www.eccouncil.org/iLabs - topLevelRedirect 301 - - : TopLevelWindow@72b0f0d2 - https://www.eccouncil.org/cert...
2 http://ilabs.eccouncil.org/ - redirect 303 - - : TopLevelWindow@72b0f0d2 - https://www.eccouncil.org/cert...
3 https://ilabs.eccouncil.org/ - redirect 200 true true : TopLevelWindow@72b0f0d2 - https://www.eccouncil.org/cert...
4 http://centosx.tk/ifioeceicpenrkonlifckrbdmft/fmopdnseeocalb... - embed.src 200 - - : TopLevelWindow@72b0f0d2 - https://ilabs.eccouncil.org/

Sequence Details

Prior
Page
https://www.eccouncil.org/certification/computer-hacking-forensics-investigator
Window Name: : TopLevelWindow@72b0f0d2
Link xpath: /*[name()='html']/body/form/div[3]/div[4]/div/div[1]/div[4]/div/table/tbody/tr/td[2]/table/tbody/tr[2]/td/div[3]/div/div/table/tbody/tr[2]/td/div/div/a
Click on Link:

1

https://www.eccouncil.org/iLabs
Referrer: https://www.eccouncil.org/certification/computer-hacking-forensics-investigator
Cause: topLevelRedirect
Redirects To :

2

http://ilabs.eccouncil.org/
Referrer: https://www.eccouncil.org/certification/computer-hacking-forensics-investigator
Cause: redirect Path from prior: http://ilabs.eccouncil.org/
Redirects To :

3

https://ilabs.eccouncil.org/
Referrer: https://www.eccouncil.org/certification/computer-hacking-forensics-investigator
Cause: redirect Path from prior: https://ilabs.eccouncil.org/
Contains Element :

4

http://centosx.tk/ifioeceicpenrkonlifckrbdmft/fmopdnseeocalbobpmcmfipldossokrf/drfeatsdekdm/mrilsriakofpaptapfs/
Referrer: https://ilabs.eccouncil.org/
Cause: embed.src Path from prior: /*[name()='html']/*[name()='body']/*[name()='div'][2]/*[name()='object']/*[name()='embed']/@src