Blacklist Incident - Page on www.bisnis.com embeds 194.204.20.1

Summary

Correlation: Exact
Matched By: Host
Matched Lists: GSBMalware , RiskIQ
Score: 60
Description: riq.ti REDIR directs malvertised traffic to malware posing as Adobe Flash updates

Incident Details

Id: 97093314
Incident Date: 2015-02-06 10:06 AM PST
Incident Detected Date: 2015-02-07 10:07 AM PST
Cause: script.src
Blacklist Resource IP: 194.204.20.1
Blacklist Resource AS: AS2586: Country: EE  Registry: ripencc
UNINET-AS Elisa Eesti AS, FI
Phishing: false
Scam: false
Malware: true
Spam: false
Alexa Rank: 5914

Matched Lists

GSB Malware Match: 194.204.20.1/
Match Type: Host

ZList Details

ZList ID: 594210
URL: http://194.204.20.1/
Match Type: Host
Description: riq.ti REDIR directs malvertised traffic to malware posing as Adobe Flash updates
Score: 80
First Detected At: 2015-02-07 23:44:02.0

Blacklist Resource Details

URL: http://194.204.20.1/openx/www/images/js/banner.js
Sequence: 4
Response Code: 200
Content Type: application/x-javascript
Referrer: http://www.bisnis.com/
Cause: script.src
Location in Prior

Resulting Page

Sequence in Crawl: 1
Guid: e7b62361-cff4-4004-867c-7d807e2e6e50
URL: http://www.bisnis.com/
IP Address: 27.123.222.121
Window Name: : TopLevelWindow@69b2e61f

Crawl Details

Crawl Guid: 04be8df0-7bbe-45e2-a6fe-1eb5455a3ea2
Crawl Date: 2015-02-06 10:06 AM PST
Frontier URL: http://bisnis.com
Metro Code: none
Crawl Project: Alexa Top Sites 1-20k
Crawl Project ID: 1057
Crawled Pages: 3
Error Pages: 2

Source Search

No Source Search Result found.

Sequence Overview

Seq­uence URL Ad Network Cause Response Code Frame Window Parent Window Lost Referrer Referrer
1 http://bisnis.com/ - topLevelRedirect 301 - - : TopLevelWindow@69b2e61f -
2 http://www.bisnis.com/ - redirect 200 true true : TopLevelWindow@69b2e61f -
3 http://ads.bisnis.com/www/delivery/ajs.php?zoneid=288&cb... - script.src 200 - - : TopLevelWindow@69b2e61f - http://www.bisnis.com/
4 http://194.204.20.1/openx/www/images/js/banner.js - script.src 200 - - : TopLevelWindow@69b2e61f - http://www.bisnis.com/

Sequence Details

1

http://bisnis.com/
Referrer:
Cause: topLevelRedirect
Redirects To :

2

http://www.bisnis.com/
Referrer:
Cause: redirect Path from prior: http://www.bisnis.com/
Contains Element :

3

http://ads.bisnis.com/www/delivery/ajs.php?zoneid=288&cb=12334771051&loc=http%3A//www.bisnis.com/
Referrer: http://www.bisnis.com/
Cause: script.src Path from prior: /html/body/div[1]/script[2]/@src
Contains Source :

4

http://194.204.20.1/openx/www/images/js/banner.js
Referrer: http://www.bisnis.com/
Cause: script.src Path from prior: /html/head/script[8]/@src