Attacked url: http://badschop.se/
Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)
Attack detected Fri, 16 Jun 2017 05:03:18 +0200

Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT1U1o%2BKUv4rfUVzcurUypFMXNN%2F0Yb%2FmfPjduKATVJhyPMeuQqZpw%2B4g3Q6qKvrObyzpEFp1nsqLMb%2F0x1pozSzbeLYxcxJHaYtaieBUA2bu74c0sdt1JqLxtFHA1Xo%2BBGMU38IuU8R3zM4ufF8JJ1%2FXAHd4hoj64%2BbFrU3sJ%2B1px7LWglfgaPGviXiXJLGLGqxCNxAtGt5ME65IaM4yAWPUVCgICDf8gkIq1y08vRg%2FtIDJKH6rLmTOtvmD%2Bz1JY4tCsu%2Fm28pbCaByyyLhyKhwoYBkYYLMKBodKjMzjT%2F4eEuNCwyr%2B7piCE%2FIEs3H5b5o%2FBdc0lkJW2ZPCf%2BCLSfIEoyA2Hk8%2FO8lPThKP05IOIS%2FdLgmwDgpCOx024rvVBXGTk39eZaznyCBQGSrby%2FkBh7ns70laTh7HY9jUj6QxxU3RYVOwgzk9gLb70OykgcVYtGQYChnynZovn2csGprXc16WxT14KvLDs7KW7MF%2BFuonwZYLUc0zjRNulcuOuUaguB8oqS4OfAIrGzMhDV1D%2BR7u5zukw%3D%3D

HTTP traffic without referer:
HTTP headers sent:
HEAD / HTTP/1.1
Host: badschop.se
Connection: Close

HTTP headers recieved:
HTTP/1.1 302 Found
Date: Fri, 16 Jun 2017 03:03:18 GMT
Server: Apache
X-Powered-By: PHP/5.6.30-0+deb8u1
Set-Cookie: __tad=1497582198.2545727; expires=Mon, 14-Jun-2027 03:03:18 GMT; Max-Age=315360000
Location: http://ww11.badschop.se/
Connection: close
Content-Type: text/html; charset=UTF-8


HTTP traffic with referer:
HTTP headers sent:
HEAD / HTTP/1.1
Host: badschop.se
Referer: http://www.google.com/search?q=badschop.se
Connection: Close

HTTP headers recieved:
HTTP/1.1 302 Found
Date: Fri, 16 Jun 2017 03:03:17 GMT
Server: Apache
X-Powered-By: PHP/5.6.30-0+deb8u1
Set-Cookie: __tad=1497582198.5501301; expires=Mon, 14-Jun-2027 03:03:18 GMT; Max-Age=315360000
Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT1U1o%2BKUv4rfUVzcurUypFMXNN%2F0Yb%2FmfPjduKATVJhyPMeuQqZpw%2B4g3Q6qKvrObyzpEFp1nsqLMb%2F0x1pozSzbeLYxcxJHaYtaieBUA2bu74c0sdt1JqLxtFHA1Xo%2BBGMU38IuU8R3zM4ufF8JJ1%2FXAHd4hoj64%2BbFrU3sJ%2B1px7LWglfgaPGviXiXJLGLGqxCNxAtGt5ME65IaM4yAWPUVCgICDf8gkIq1y08vRg%2FtIDJKH6rLmTOtvmD%2Bz1JY4tCsu%2Fm28pbCaByyyLhyKhwoYBkYYLMKBodKjMzjT%2F4eEuNCwyr%2B7piCE%2FIEs3H5b5o%2FBdc0lkJW2ZPCf%2BCLSfIEoyA2Hk8%2FO8lPThKP05IOIS%2FdLgmwDgpCOx024rvVBXGTk39eZaznyCBQGSrby%2FkBh7ns70laTh7HY9jUj6QxxU3RYVOwgzk9gLb70OykgcVYtGQYChnynZovn2csGprXc16WxT14KvLDs7KW7MF%2BFuonwZYLUc0zjRNulcuOuUaguB8oqS4OfAIrGzMhDV1D%2BR7u5zukw%3D%3D
Connection: close
Content-Type: text/html; charset=UTF-8

badschop.se is on 103.224.212.198
ASN for 103.224.212.198: 133618
Abusix contact information: abuse@trellian.com (information only)
103.224.212.198 corresponds with lb-212-198.above.com
Abuse.net does not have any reliable address for lb-212-198.above.com
Abuse address not found in whois.
Best guess from abuse.net: abuse@above.com abuse@lb-212-198.above.com