Attacked url: http://nerikesbilab.se/
Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)
Attack detected Fri, 16 Jun 2017 04:05:31 +0200

Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT1U1o%2BKUv4rfESzZ9lEPC5eslf0%2FNDO%2BmK15jwe5C0A6fqDporD6MfF7P5ySBPvAXKfsjUuUn%2B%2Bs%2BSnKImt%2BjE7Hsuyl9MsnVdVUqNeXem0KVRkUlk0x%2BHisGSgx78yo0G%2Fz5Vj1jkLeYo8Akze2C1wLma8HLDuecqcrmkHKfE3tKDXOm8%2FBhhv6G2KVbaLU5TKX2pQ93cWbl6qpeUEhIf8pup4usNw8Cf0TCNGIfhp1wU9PqdhpgW46oG8trQaLhVrCbz2cFUC2BwPiFmNXLGY2SR7B0trPE%2FPK7NFt%2FU%2Bv8Mlgij0GtAfOgIJ1q7JjCkyxYG61IY%2FyJBEIKNz92Blw3HBAVuIc%2FkRUYrPvKl%2Ff0Shie%2FhqlV1d57Jf1jxXz4m4N79tWindWO7a%2B7t0NGNcGdPq0LI66UL34f81lZs1PxiRNlf5MlBsXy46Gv0n5tscNW%2B7dxMOdTug0aZvwm3pbJNiiu%2Fs6w2o1Yq0IYKG9ImtEwPmRicp%2BXb3GrL6rV1FmERrOwZrEXSah1XRkC9wnGeVq5zKAzSrxqyJaTJv

HTTP traffic without referer:
HTTP headers sent:
HEAD / HTTP/1.1
Host: nerikesbilab.se
Connection: Close

HTTP headers recieved:
HTTP/1.1 302 Found
Date: Fri, 16 Jun 2017 02:05:31 GMT
Server: Apache
X-Powered-By: PHP/5.6.30-0+deb8u1
Set-Cookie: __tad=1497578731.7057776; expires=Mon, 14-Jun-2027 02:05:31 GMT; Max-Age=315360000
Location: http://ww11.nerikesbilab.se/
Connection: close
Content-Type: text/html; charset=UTF-8


HTTP traffic with referer:
HTTP headers sent:
HEAD / HTTP/1.1
Host: nerikesbilab.se
Referer: http://www.google.com/search?q=nerikesbilab.se
Connection: Close

HTTP headers recieved:
HTTP/1.1 302 Found
Date: Fri, 16 Jun 2017 02:05:30 GMT
Server: Apache
X-Powered-By: PHP/5.4.45-0+deb7u8
Set-Cookie: __tad=1497578730.7100090; expires=Mon, 14-Jun-2027 02:05:30 GMT
Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT1U1o%2BKUv4rfESzZ9lEPC5eslf0%2FNDO%2BmK15jwe5C0A6fqDporD6MfF7P5ySBPvAXKfsjUuUn%2B%2Bs%2BSnKImt%2BjE7Hsuyl9MsnVdVUqNeXem0KVRkUlk0x%2BHisGSgx78yo0G%2Fz5Vj1jkLeYo8Akze2C1wLma8HLDuecqcrmkHKfE3tKDXOm8%2FBhhv6G2KVbaLU5TKX2pQ93cWbl6qpeUEhIf8pup4usNw8Cf0TCNGIfhp1wU9PqdhpgW46oG8trQaLhVrCbz2cFUC2BwPiFmNXLGY2SR7B0trPE%2FPK7NFt%2FU%2Bv8Mlgij0GtAfOgIJ1q7JjCkyxYG61IY%2FyJBEIKNz92Blw3HBAVuIc%2FkRUYrPvKl%2Ff0Shie%2FhqlV1d57Jf1jxXz4m4N79tWindWO7a%2B7t0NGNcGdPq0LI66UL34f81lZs1PxiRNlf5MlBsXy46Gv0n5tscNW%2B7dxMOdTug0aZvwm3pbJNiiu%2Fs6w2o1Yq0IYKG9ImtEwPmRicp%2BXb3GrL6rV1FmERrOwZrEXSah1XRkC9wnGeVq5zKAzSrxqyJaTJv
Connection: close
Content-Type: text/html; charset=UTF-8

nerikesbilab.se is on 103.224.212.189
ASN for 103.224.212.189: 133618
Abusix contact information: abuse@trellian.com (information only)
103.224.212.189 corresponds with lb-212-189.above.com
Abuse.net does not have any reliable address for lb-212-189.above.com
Abuse address not found in whois.
Best guess from abuse.net: abuse@lb-212-189.above.com abuse@above.com