Attacked url: http://kuponginlosning.se/
Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)
Attack detected Thu, 15 Jun 2017 23:42:03 +0200

Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT1U1o%2BKUv4rfnFNSHzt%2B3mDkwwzhyXBS4Wm7Js6OScMgVrBZHojsVrcJktoTQErY%2Fc9j7x2C0Me55hWe8PctEzXnb6qe6UK14qGVoX%2BiJKniEPC1xR6VaPDmvhGAVsVAFJvWz02hk5yBwXJ43zzMyWJBrG4pKGPyzqFT0Y6Hz4Bm%2FXprsQS%2FaRR4O2RTyWpAEJ6%2BzpX4sLBFSudEIUY6QSPEa0unhmpz1vw3%2BO2RbNqork55z%2Focm8f83dTpm%2BjWXMDS7FsLSeMYB2sp%2Bg4Nfv8D8jtmMPQYifQEd%2FI9ts8nRxiP62q7yh%2BIGmteDGyp3g4dSCJN4kj1vBRO8iDvtIABEkBs518%2F8wPwZcgXTnso5dKp20aWuapDKiprlY70I4Q65vSZ6MQGSncREldoO0KSRx3iFDpW43l%2FrgIjpMathSz5eUnq4x0hAwSABHLtJfiwyLxnRb1glGWTvbtGeS0Y8qQWMCraQQ6DQCiZ%2B7U4AM44GbaV4wCBwy6TLD4xYCuDYEZWnMVrawx4T3O58lEMwZrpsqLweXsJ2T5e7sC05M6zUXiZ91pfi3AxqT28YA%3D%3D

HTTP traffic without referer:
HTTP headers sent:
HEAD / HTTP/1.1
Host: kuponginlosning.se
Connection: Close

HTTP headers recieved:
HTTP/1.1 302 Found
Date: Thu, 15 Jun 2017 21:42:03 GMT
Server: Apache
X-Powered-By: PHP/5.4.45-0+deb7u8
Set-Cookie: __tad=1497562923.5469609; expires=Sun, 13-Jun-2027 21:42:03 GMT
Location: http://ww11.kuponginlosning.se/
Connection: close
Content-Type: text/html; charset=UTF-8


HTTP traffic with referer:
HTTP headers sent:
HEAD / HTTP/1.1
Host: kuponginlosning.se
Referer: http://www.google.com/search?q=kuponginlosning.se
Connection: Close

HTTP headers recieved:
HTTP/1.1 302 Found
Date: Thu, 15 Jun 2017 21:42:02 GMT
Server: Apache
X-Powered-By: PHP/5.4.45-0+deb7u8
Set-Cookie: __tad=1497562922.1277758; expires=Sun, 13-Jun-2027 21:42:02 GMT
Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT1U1o%2BKUv4rfnFNSHzt%2B3mDkwwzhyXBS4Wm7Js6OScMgVrBZHojsVrcJktoTQErY%2Fc9j7x2C0Me55hWe8PctEzXnb6qe6UK14qGVoX%2BiJKniEPC1xR6VaPDmvhGAVsVAFJvWz02hk5yBwXJ43zzMyWJBrG4pKGPyzqFT0Y6Hz4Bm%2FXprsQS%2FaRR4O2RTyWpAEJ6%2BzpX4sLBFSudEIUY6QSPEa0unhmpz1vw3%2BO2RbNqork55z%2Focm8f83dTpm%2BjWXMDS7FsLSeMYB2sp%2Bg4Nfv8D8jtmMPQYifQEd%2FI9ts8nRxiP62q7yh%2BIGmteDGyp3g4dSCJN4kj1vBRO8iDvtIABEkBs518%2F8wPwZcgXTnso5dKp20aWuapDKiprlY70I4Q65vSZ6MQGSncREldoO0KSRx3iFDpW43l%2FrgIjpMathSz5eUnq4x0hAwSABHLtJfiwyLxnRb1glGWTvbtGeS0Y8qQWMCraQQ6DQCiZ%2B7U4AM44GbaV4wCBwy6TLD4xYCuDYEZWnMVrawx4T3O58lEMwZrpsqLweXsJ2T5e7sC05M6zUXiZ91pfi3AxqT28YA%3D%3D
Connection: close
Content-Type: text/html; charset=UTF-8

kuponginlosning.se is on 103.224.212.189
ASN for 103.224.212.189: 133618
Abusix contact information: abuse@trellian.com (information only)
103.224.212.189 corresponds with lb-212-189.above.com
Abuse.net does not have any reliable address for lb-212-189.above.com
Abuse address not found in whois.
Best guess from abuse.net: abuse@above.com abuse@lb-212-189.above.com