Attacked url: http://studio-glamour.se/
Attack type: Header hijacking (see http://ikyon.com/attack-types/ for description)
Attack detected Tue, 05 Feb 2013 11:00:38 +0000

Hijacking with http header 'Refresh', redirecting visitors to http://shopforza.info/net

HTTP headers sent:
HEAD / HTTP/1.1
Host: studio-glamour.se
Referer: http://www.google.com/search?q=studio-glamour.se
Connection: Close

HTTP headers recieved:
HTTP/1.1 200 OK
Date: Tue, 05 Feb 2013 11:04:14 GMT
Server: Apache/2.2.21 (Unix) mod_ssl/2.2.21 OpenSSL/0.9.8e-fips-rhel5 DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_jk/1.2.32 mod_qos/9.68 mod_perl/2.0.5 Perl/v5.8.8
X-Powered-By: PHP/5.3.6
Refresh: 25; url="http://shopforza.info/net"
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: e1708d188fb5b92d5fcdf8675a2ba4ce=de5d6877e5046cce97cf94cf19a61384; path=/
Set-Cookie: lang=deleted; expires=Mon, 06-Feb-2012 11:04:13 GMT; path=/
Set-Cookie: jfcookie=deleted; expires=Mon, 06-Feb-2012 11:04:13 GMT; path=/
Set-Cookie: jfcookie[lang]=deleted; expires=Mon, 06-Feb-2012 11:04:13 GMT; path=/
Set-Cookie: stdglamour_tpl=stdglamour; expires=Sun, 26-Jan-2014 11:04:14 GMT; path=/
Set-Cookie: virtuemart=de5d6877e5046cce97cf94cf19a61384
Set-Cookie: virtuemart=de5d6877e5046cce97cf94cf19a61384
Last-Modified: Tue, 05 Feb 2013 11:04:15 GMT
Connection: close
Content-Type: text/html; charset=utf-8

studio-glamour.se is on 81.93.152.95
ASN for 81.93.152.95: 29468
Abusix contact information: abuse@infracom.se (information only)
81.93.152.95 corresponds with srv02.cpanel.pin.se
Abuse.net does not have any reliable address for srv02.cpanel.pin.se
Found address in whois: abuse@infracom.se