Attacked url: http://sollentunacivil.se/
Attack type: Header hijacking (see http://ikyon.com/attack-types/ for description)
Attack detected Tue, 05 Feb 2013 07:02:15 +0000

Hijacking with http header 'Refresh', redirecting visitors to http://shopforza.info/net

HTTP headers sent:
HEAD / HTTP/1.1
Host: sollentunacivil.se
Referer: http://www.google.com/search?q=sollentunacivil.se
Connection: Close

HTTP headers recieved:
HTTP/1.1 200 OK
Date: Tue, 05 Feb 2013 07:05:48 GMT
Server: Apache/2.2.22 (FreeBSD) PHP/5.3.10 with Suhosin-Patch mod_ssl/2.2.22 OpenSSL/0.9.8q
X-Powered-By: PHP/5.3.10
Refresh: 25; url="http://shopforza.info/net"
Set-Cookie: ff9b4532cd3f7b25058b4e7ba1f240e1=bae293f98be55fe53ab06d966c0cf913; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 05 Feb 2013 07:05:51 GMT
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8

sollentunacivil.se is on 194.9.95.100
ASN for 194.9.95.100: 39570
Abusix contact information: abuse@loopia.se (information only)
194.9.95.100 corresponds with s7.loopia.se
Abuse.net has 1 reliable address(es) for loopia.se
Found address(es): abuse@loopia.se