Blacklist Incident - Page on embeds


Correlation: Exact
Matched By: Host
Matched Lists: GSBMalware , Surbl , RiskIQ
Score: 35
Description: riq.ti REDIR directing traffic to Nuclear Pack exploit kit

Incident Details

Id: 82574586
Incident Date: 2014-11-09 03:37 AM PST
Incident Detected Date: 2014-11-16 03:41 AM PST
Cause: iframe.src
Blacklist Resource IP:
Blacklist Resource AS: AS16265: Country: US  Registry: arin
LEASEWEB-NETWORK Amsterdam, Netherlands,...
Phishing: false
Scam: false
Malware: true
Spam: false
Alexa Rank: 8213

Matched Lists

GSB Malware Match:
Match Type: Host
Surbl Match Lists: Malware
Match Type: Domain

ZList Details

ZList ID: 439454
Match Type: Host
Description: riq.ti REDIR directing traffic to Nuclear Pack exploit kit
Score: 100
First Detected At: 2014-11-12 22:49:19.0

Blacklist Resource Details

Sequence: 3
Response Code: 200
Content Type: text/html
Cause: iframe.src
Location in Prior

Resulting Page

Sequence in Crawl: 1
Guid: cf56566f-a2d2-4754-8d50-2e77f19ddf85
IP Address:
Window Name: : TopLevelWindow@40bed32e

Crawl Details

Crawl Guid: f962491f-9e3a-4e63-ba84-d2a9e7dabce1
Crawl Date: 2014-11-09 03:37 AM PST
Frontier URL:
Metro Code: none
Crawl Project: Alexa Top Sites 1-20k
Crawl Project ID: 1057
Crawled Pages: 3
Error Pages: 0

Source Search

No Source Search Result found.

Sequence Overview

Seq­uence URL Ad Network Cause Response Code Frame Window Parent Window Lost Referrer Referrer
1 - topLevelRedirect 301 - - : TopLevelWindow@40bed32e -
2 - redirect 200 true true : TopLevelWindow@40bed32e -
3 - iframe.src 200 true - : FrameWindow@4c0bea08 -

Sequence Details

Cause: topLevelRedirect
Redirects To :

Cause: redirect Path from prior:
Contains Element :

Cause: iframe.src Path from prior: /html/body/iframe[1]/@src