Attacked url: http://xn--kunsngen-3za.se/
Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)
Attack detected Mon, 12 Jun 2017 23:03:04 +0200

Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT3gQkIDbz2IDLnsLTWVMlHYbf5mUvyI%2BZAugEYxEczgAktM4g1YUrYmrwU7d%2FkUkbwaTZ5Qvk9xy46dlaN585DbOJ5zeWjmQ7ow5%2FOYqV9%2B2%2FaoDiu6PQEki7I%2FlDr2PdwCI6bakVwLRWrAMDym1vhrE3LT3Sy4YV8%2BQJ0pV3lZBSJsEJA9yzqmof3UTOOrjwhXLFWz95z2asjGy7PSGyMc88aLBI7Tcm6K8OL%2F9GekX3jXo011tgCKypd4Mimj4KS8Pbr%2BV89Q4AfmzBCvfW3oOiUCCYdqdJjrDzYex%2Bq3%2BuQgBF9bt5uKbZTY5WBtkd7wluWA5mWtV%2B5x7e%2B18kTcrcG6bLB72Fo3MnJD%2BqA2O1H0Eps6xOOYRciZl6t8Th%2Fn0PMTLe7H%2BEl%2F4OBmcsRPHHea8rzd1vBxU%2BICFec5si0XMIONmBz8ILC8tileXSuDjc90cAIeWXcS54ZwZqqeMhB7N5%2BaWM%2FWrM0IrfAZ6QWaB8MDeZCLWY3k3wfyfhaqOrNikYm2pSTy9F2sgDaHewwf4cZ7Et51x7cxdK6TkpMXuM2g5OvljmPvcpwzAhg%3D%3D

HTTP traffic without referer:
HTTP headers sent:
HEAD / HTTP/1.1
Host: xn--kunsngen-3za.se
Connection: Close

HTTP headers recieved:
HTTP/1.1 302 Found
Date: Mon, 12 Jun 2017 21:03:04 GMT
Server: Apache
X-Powered-By: PHP/5.4.45-0+deb7u8
Set-Cookie: __tad=1497301384.5322977; expires=Thu, 10-Jun-2027 21:03:04 GMT
Location: http://ww11.xn--kunsngen-3za.se/
Connection: close
Content-Type: text/html; charset=UTF-8


HTTP traffic with referer:
HTTP headers sent:
HEAD / HTTP/1.1
Host: xn--kunsngen-3za.se
Referer: http://www.google.com/search?q=xn--kunsngen-3za.se
Connection: Close

HTTP headers recieved:
HTTP/1.1 302 Found
Date: Mon, 12 Jun 2017 21:03:03 GMT
Server: Apache
X-Powered-By: PHP/5.4.45-0+deb7u8
Set-Cookie: __tad=1497301383.8976828; expires=Thu, 10-Jun-2027 21:03:03 GMT
Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT3gQkIDbz2IDLnsLTWVMlHYbf5mUvyI%2BZAugEYxEczgAktM4g1YUrYmrwU7d%2FkUkbwaTZ5Qvk9xy46dlaN585DbOJ5zeWjmQ7ow5%2FOYqV9%2B2%2FaoDiu6PQEki7I%2FlDr2PdwCI6bakVwLRWrAMDym1vhrE3LT3Sy4YV8%2BQJ0pV3lZBSJsEJA9yzqmof3UTOOrjwhXLFWz95z2asjGy7PSGyMc88aLBI7Tcm6K8OL%2F9GekX3jXo011tgCKypd4Mimj4KS8Pbr%2BV89Q4AfmzBCvfW3oOiUCCYdqdJjrDzYex%2Bq3%2BuQgBF9bt5uKbZTY5WBtkd7wluWA5mWtV%2B5x7e%2B18kTcrcG6bLB72Fo3MnJD%2BqA2O1H0Eps6xOOYRciZl6t8Th%2Fn0PMTLe7H%2BEl%2F4OBmcsRPHHea8rzd1vBxU%2BICFec5si0XMIONmBz8ILC8tileXSuDjc90cAIeWXcS54ZwZqqeMhB7N5%2BaWM%2FWrM0IrfAZ6QWaB8MDeZCLWY3k3wfyfhaqOrNikYm2pSTy9F2sgDaHewwf4cZ7Et51x7cxdK6TkpMXuM2g5OvljmPvcpwzAhg%3D%3D
Connection: close
Content-Type: text/html; charset=UTF-8

xn--kunsngen-3za.se is on 103.224.212.195
ASN for 103.224.212.195: 133618
Abusix contact information: abuse@trellian.com (information only)
103.224.212.195 corresponds with lb-212-195.above.com
Abuse.net does not have any reliable address for lb-212-195.above.com
Abuse address not found in whois.
Best guess from abuse.net: abuse@above.com abuse@lb-212-195.above.com