Attacked url: http://apoketet.se/
Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)
Attack detected Sun, 18 Jun 2017 14:18:46 +0200

Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT7BA%2F1fJaFPt8rxsYeQ6oG1MdlzbD6Ze%2BffHRAyfJf1zeuDVLHOwNZJDicHzTgQoihTXng5MLMNt%2Fp0X31uMCgwJAfflYrUDALxeu60PURz1qDiC7gyW9UZw%2F2Yx8eS9He%2BoUTU%2FKRey0UdTFkI3Xv4n8SRVsAmgBm8W1TWOUxsD%2BYXdSov10XyOQ6kxBe40cQeiBSutz7osU%2Fq%2FK4%2FC62hXeAXs3Wxu9XCLuu9xwlYvXOp9zC7zoeAcqE7TuCJkbLbLgB924b1dP%2BVVngEBZjiGxsCmLRwplmecaVl4J56grTROT%2FBkM27OquHa1md1bfDsIcZiaG2pamP85%2Bpypq5vun303VMIONex4yT47GJ37%2Bd9rvcX6oW59L90ICal2xNfs6L1715uPeWxiXjpiStnv9BjCnxmCVatag9QvI9nZ7WRbT5hERhCDHVNnj6dR1350R84n6Y6RElZS8D3hI8EH8Px6y854uW%2FFvLB3GvE9J%2Be0htsOyRNDg6hDrMAAkSCmC8H%2FW6z0B%2B84F5a1xg%3D

HTTP traffic without referer:
HTTP headers sent:
HEAD / HTTP/1.1
Host: apoketet.se
Connection: Close

HTTP headers recieved:
HTTP/1.1 302 Found
Date: Sun, 18 Jun 2017 12:18:46 GMT
Server: Apache
X-Powered-By: PHP/5.6.30-0+deb8u1
Set-Cookie: __tad=1497788326.2990820; expires=Wed, 16-Jun-2027 12:18:46 GMT; Max-Age=315360000
Location: http://ww11.apoketet.se/
Connection: close
Content-Type: text/html; charset=UTF-8


HTTP traffic with referer:
HTTP headers sent:
HEAD / HTTP/1.1
Host: apoketet.se
Referer: http://www.google.com/search?q=apoketet.se
Connection: Close

HTTP headers recieved:
HTTP/1.1 302 Found
Date: Sun, 18 Jun 2017 12:18:45 GMT
Server: Apache
X-Powered-By: PHP/5.6.30-0+deb8u1
Set-Cookie: __tad=1497788325.4948621; expires=Wed, 16-Jun-2027 12:18:45 GMT; Max-Age=315360000
Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT7BA%2F1fJaFPt8rxsYeQ6oG1MdlzbD6Ze%2BffHRAyfJf1zeuDVLHOwNZJDicHzTgQoihTXng5MLMNt%2Fp0X31uMCgwJAfflYrUDALxeu60PURz1qDiC7gyW9UZw%2F2Yx8eS9He%2BoUTU%2FKRey0UdTFkI3Xv4n8SRVsAmgBm8W1TWOUxsD%2BYXdSov10XyOQ6kxBe40cQeiBSutz7osU%2Fq%2FK4%2FC62hXeAXs3Wxu9XCLuu9xwlYvXOp9zC7zoeAcqE7TuCJkbLbLgB924b1dP%2BVVngEBZjiGxsCmLRwplmecaVl4J56grTROT%2FBkM27OquHa1md1bfDsIcZiaG2pamP85%2Bpypq5vun303VMIONex4yT47GJ37%2Bd9rvcX6oW59L90ICal2xNfs6L1715uPeWxiXjpiStnv9BjCnxmCVatag9QvI9nZ7WRbT5hERhCDHVNnj6dR1350R84n6Y6RElZS8D3hI8EH8Px6y854uW%2FFvLB3GvE9J%2Be0htsOyRNDg6hDrMAAkSCmC8H%2FW6z0B%2B84F5a1xg%3D
Connection: close
Content-Type: text/html; charset=UTF-8

apoketet.se is on 103.224.212.197
ASN for 103.224.212.197: 133618
Abusix contact information: abuse@trellian.com (information only)
103.224.212.197 corresponds with lb-212-197.above.com
Abuse.net does not have any reliable address for lb-212-197.above.com
Abuse address not found in whois.
Best guess from abuse.net: abuse@above.com abuse@lb-212-197.above.com