Attacked url: http://www-scandorama.se/
Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)
Attack detected Fri, 16 Jun 2017 10:43:41 +0200

Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT1U1o%2BKUv4rf8lkofOqHcTnTiFo7SozFq6Zhgy0%2FV1F%2BVNK7pws8%2B%2BSEHsbqVaquDFz58k1II8xAMZm5PTHb1yLt132UR6paPOdIoM6myMVlq8HPCTclicqT3nxobQqcemjrw5S8jSzHEk%2F9TPSuPEPsGyjjbWlqeenaLbXDi4O32pD7yc2CidY5Bkk7dcme02Pmk27R4JehBTqQjwjaY5XBDBzD0TwoyQVv73iO0lNA6Q7rjUk%2B%2By8hNm5ZN0mBMzlQJLYJrgBOt8VJRwF%2BOe6ZcFX%2B88tDpBdjYnJ6t4dXNc1i126J2KtmyCOj1pQn88%2BLIbUDkCxZrGLeQ0HBRwCJfvBwcojZotQ%2BHQbzTwMtN%2FeiL3UhIvoZCceGTn7fCx7uKNi5uiCO5idDvLs4z1IRE6eJMHl0Kp9FJvza0g5BzNcxfdJHxTYMUvzC2%2FciCBd%2FhXBkQOJhRCnWSshWZJUoSC4p03h1rPt31CB5MrUkxeCgrw4W3bGEFTBEe6nbO9p6hrOajrBXQxfy2hM%2FlxQO4MEQqVx6TFw6z3GG2FDl3wmQuovrVXI%3D

HTTP traffic without referer:
HTTP headers sent:
HEAD / HTTP/1.1
Host: www-scandorama.se
Connection: Close

HTTP headers recieved:
HTTP/1.1 302 Found
Date: Fri, 16 Jun 2017 08:43:41 GMT
Server: Apache
X-Powered-By: PHP/5.4.45-0+deb7u8
Set-Cookie: __tad=1497602621.7638532; expires=Mon, 14-Jun-2027 08:43:41 GMT
Location: http://ww11.www-scandorama.se/
Connection: close
Content-Type: text/html; charset=UTF-8


HTTP traffic with referer:
HTTP headers sent:
HEAD / HTTP/1.1
Host: www-scandorama.se
Referer: http://www.google.com/search?q=www-scandorama.se
Connection: Close

HTTP headers recieved:
HTTP/1.1 302 Found
Date: Fri, 16 Jun 2017 08:43:41 GMT
Server: Apache
X-Powered-By: PHP/5.4.45-0+deb7u8
Set-Cookie: __tad=1497602621.7563985; expires=Mon, 14-Jun-2027 08:43:41 GMT
Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT1U1o%2BKUv4rf8lkofOqHcTnTiFo7SozFq6Zhgy0%2FV1F%2BVNK7pws8%2B%2BSEHsbqVaquDFz58k1II8xAMZm5PTHb1yLt132UR6paPOdIoM6myMVlq8HPCTclicqT3nxobQqcemjrw5S8jSzHEk%2F9TPSuPEPsGyjjbWlqeenaLbXDi4O32pD7yc2CidY5Bkk7dcme02Pmk27R4JehBTqQjwjaY5XBDBzD0TwoyQVv73iO0lNA6Q7rjUk%2B%2By8hNm5ZN0mBMzlQJLYJrgBOt8VJRwF%2BOe6ZcFX%2B88tDpBdjYnJ6t4dXNc1i126J2KtmyCOj1pQn88%2BLIbUDkCxZrGLeQ0HBRwCJfvBwcojZotQ%2BHQbzTwMtN%2FeiL3UhIvoZCceGTn7fCx7uKNi5uiCO5idDvLs4z1IRE6eJMHl0Kp9FJvza0g5BzNcxfdJHxTYMUvzC2%2FciCBd%2FhXBkQOJhRCnWSshWZJUoSC4p03h1rPt31CB5MrUkxeCgrw4W3bGEFTBEe6nbO9p6hrOajrBXQxfy2hM%2FlxQO4MEQqVx6TFw6z3GG2FDl3wmQuovrVXI%3D
Connection: close
Content-Type: text/html; charset=UTF-8

www-scandorama.se is on 103.224.212.194
ASN for 103.224.212.194: 133618
Abusix contact information: abuse@trellian.com (information only)
103.224.212.194 corresponds with lb-212-194.above.com
Abuse.net does not have any reliable address for lb-212-194.above.com
Abuse address not found in whois.
Best guess from abuse.net: abuse@lb-212-194.above.com abuse@above.com