Attacked url: http://studio-glamour.se/
Attack type: Header hijacking (see http://ikyon.com/attack-types/ for description)
Attack detected Thu, 07 Feb 2013 14:51:56 +0000

Hijacking with http header 'Refresh', redirecting visitors to http://bluehost-dz.com/done

HTTP headers sent:
HEAD / HTTP/1.1
Host: studio-glamour.se
Referer: http://www.google.com/search?q=studio-glamour.se
Connection: Close

HTTP headers recieved:
HTTP/1.1 200 OK
Date: Thu, 07 Feb 2013 14:55:40 GMT
Server: Apache/2.2.21 (Unix) mod_ssl/2.2.21 OpenSSL/0.9.8e-fips-rhel5 DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_jk/1.2.32 mod_qos/9.68 mod_perl/2.0.5 Perl/v5.8.8
X-Powered-By: PHP/5.3.6
Refresh: 25; url="http://bluehost-dz.com/done"
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: e1708d188fb5b92d5fcdf8675a2ba4ce=a44dd08d9b75928621e8b235089b4765; path=/
Set-Cookie: lang=deleted; expires=Wed, 08-Feb-2012 14:55:39 GMT; path=/
Set-Cookie: jfcookie=deleted; expires=Wed, 08-Feb-2012 14:55:39 GMT; path=/
Set-Cookie: jfcookie[lang]=deleted; expires=Wed, 08-Feb-2012 14:55:39 GMT; path=/
Set-Cookie: stdglamour_tpl=stdglamour; expires=Tue, 28-Jan-2014 14:55:40 GMT; path=/
Set-Cookie: virtuemart=a44dd08d9b75928621e8b235089b4765
Set-Cookie: virtuemart=a44dd08d9b75928621e8b235089b4765
Last-Modified: Thu, 07 Feb 2013 14:55:41 GMT
Connection: close
Content-Type: text/html; charset=utf-8

studio-glamour.se is on 81.93.152.95
ASN for 81.93.152.95: 29468
Abusix contact information: abuse@infracom.se (information only)
81.93.152.95 corresponds with srv02.cpanel.pin.se
Abuse.net does not have any reliable address for srv02.cpanel.pin.se
Found address in whois: abuse@infracom.se