Attacked url: http://www.almrinsrorservice.se/rea-oakley-motogp-plaintiff-online-p-133.html
Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)
Attack detected Tue, 03 Jun 2014 23:10:57 +0200

Visitors with referer are redirected to http://www.goodsellwholesaler.com

HTTP traffic without referer:
HTTP headers sent:
HEAD / HTTP/1.1
Host: www.almrinsrorservice.se
Connection: Close

HTTP headers recieved:
HTTP/1.1 200 OK
Date: Tue, 03 Jun 2014 21:10:55 GMT
Server: Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_perl/2.0.6 Perl/v5.10.1
X-Powered-By: PHP/5.3.27
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: zenid=04f46a64a6116066d7010538f7e62f94; path=/; domain=.www.almrinsrorservice.se; HttpOnly
Set-Cookie: USERID=twotime; path=/
Connection: close
Content-Type: text/html; charset=utf-8


HTTP traffic with referer:
HTTP headers sent:
HEAD / HTTP/1.1
Host: www.almrinsrorservice.se
Referer: http://www.google.com/search?q=www.almrinsrorservice.se
Connection: Close

HTTP headers recieved:
HTTP/1.1 302 Moved Temporarily
Date: Tue, 03 Jun 2014 21:10:54 GMT
Server: Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_perl/2.0.6 Perl/v5.10.1
X-Powered-By: PHP/5.3.27
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: zenid=73dcfd961db5fac3dccbd802799c898c; path=/; domain=.www.almrinsrorservice.se; HttpOnly
Set-Cookie: USERID=shine-check; path=/
Location: http://www.goodsellwholesaler.com
Connection: close
Content-Type: text/html; charset=utf-8

www.almrinsrorservice.se is on 176.53.24.118
ASN for 176.53.24.118: 0
Abusix contact information: abuse@as42926.net (information only)
176.53.24.118 corresponds with 176-53-24-118.turkrdns.com
Abuse.net has 5 reliable address(es) for turkrdns.com
Found address(es): abuse@theplanet.com abuse@myorderbox.com abuse@rh.com.tr abuse@ttnet.net.tr abuse@turkrdns.com