Blacklist Incident - Page on www.ekantipur.com embeds cdn17-jquery.com

Summary

Correlation: Exact
Matched By: Host
Matched Lists: GSBMalware , Surbl , RiskIQ
Score: 35
Description: riq.ti REDIR directing traffic to Nuclear Pack exploit kit

Incident Details

Id: 82574586
Incident Date: 2014-11-09 03:37 AM PST
Incident Detected Date: 2014-11-16 03:41 AM PST
Cause: iframe.src
Blacklist Resource IP: 5.61.36.2
Blacklist Resource AS: AS16265: Country: US  Registry: arin
LEASEWEB-NETWORK Amsterdam, Netherlands,...
Phishing: false
Scam: false
Malware: true
Spam: false
Alexa Rank: 8213

Matched Lists

GSB Malware Match: cdn17-jquery.com/
Match Type: Host
Surbl Match Lists: Malware
Match Type: Domain

ZList Details

ZList ID: 439454
URL: http://cdn17-jquery.com/
Match Type: Host
Description: riq.ti REDIR directing traffic to Nuclear Pack exploit kit
Score: 100
First Detected At: 2014-11-12 22:49:19.0

Blacklist Resource Details

URL: http://cdn17-jquery.com/ekantipur
Sequence: 3
Response Code: 200
Content Type: text/html
Referrer: http://www.ekantipur.com/
Cause: iframe.src
Location in Prior

Resulting Page

Sequence in Crawl: 1
Guid: cf56566f-a2d2-4754-8d50-2e77f19ddf85
URL: http://www.ekantipur.com/
IP Address: 208.109.100.198
Window Name: : TopLevelWindow@40bed32e

Crawl Details

Crawl Guid: f962491f-9e3a-4e63-ba84-d2a9e7dabce1
Crawl Date: 2014-11-09 03:37 AM PST
Frontier URL: http://ekantipur.com
Metro Code: none
Crawl Project: Alexa Top Sites 1-20k
Crawl Project ID: 1057
Crawled Pages: 3
Error Pages: 0

Source Search

No Source Search Result found.

Sequence Overview

Seq­uence URL Ad Network Cause Response Code Frame Window Parent Window Lost Referrer Referrer
1 http://ekantipur.com/ - topLevelRedirect 301 - - : TopLevelWindow@40bed32e -
2 http://www.ekantipur.com/ - redirect 200 true true : TopLevelWindow@40bed32e -
3 http://cdn17-jquery.com/ekantipur - iframe.src 200 true - : FrameWindow@4c0bea08 - http://www.ekantipur.com/

Sequence Details

1

http://ekantipur.com/
Referrer:
Cause: topLevelRedirect
Redirects To :

2

http://www.ekantipur.com/
Referrer:
Cause: redirect Path from prior: http://www.ekantipur.com/
Contains Element :

3

http://cdn17-jquery.com/ekantipur
Referrer: http://www.ekantipur.com/
Cause: iframe.src Path from prior: /html/body/iframe[1]/@src