Säkrare hemsida med .sehttp://dev.crescent.se/ (195.74.38.117) - Serp-hijackingAttacked url: http://dev.crescent.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Thu, 23 May 2019 16:43:19 +0200<br><br>Visitors with referer are redirected to http://www.cheapshop123.com/cheap1.php <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: dev.crescent.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Thu, 23 May 2019 14:43:18 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45 <br>Expires: Thu, 19 Nov 1981 08:52:00 GMT <br>Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 <br>Pragma: no-cache <br>X-Pingback: http://dev.crescent.se/xmlrpc.php <br>Set-Cookie: PHPSESSID=efuf9n0i7mpg1l9toj39691ua7; path=/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: dev.crescent.se <br>Referer: http://www.google.com/search?q=dev.crescent.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Thu, 23 May 2019 14:43:13 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45 <br>Expires: Thu, 19 Nov 1981 08:52:00 GMT <br>Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 <br>Pragma: no-cache <br>X-Pingback: http://dev.crescent.se/xmlrpc.php <br>Set-Cookie: PHPSESSID=7h1l5kj1pvji2tbbn95ism55t3; path=/ <br>Location: http://www.cheapshop123.com/cheap1.php <br>Connection: close <br>Content-Type: text/html; charset=iso-8859-1<br><br>dev.crescent.se is on 195.74.38.117<br>ASN for 195.74.38.117: 35041<br>Abusix contact information: drift@binero.se (information only)<br>195.74.38.117 corresponds with cl-17.atm.binero.net<br>Abuse.net has 1 reliable address(es) for binero.net<br>Found address(es): abuse@binero.se1558699284http://nioelva.se/ (81.93.152.111) - Serp-hijackingAttacked url: http://nioelva.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 14 May 2019 17:59:29 +0200<br><br>Visitors with referer are redirected to http://www.fapp.pw/app/se.php <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: nioelva.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Cache-Control: private <br>Content-Length: 3886 <br>Content-Type: text/html <br>Server: Microsoft-IIS/7.5 <br>Set-Cookie: ASPSESSIONIDCSRQSTAD=OBLIMLABEOKGNKNIDAIJCLAN; path=/ <br>X-Powered-By: ASP.NET <br>Date: Tue, 14 May 2019 15:59:27 GMT <br>Connection: close <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: nioelva.se <br>Referer: http://www.google.com/search?q=nioelva.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Object moved <br>Cache-Control: private <br>Content-Length: 150 <br>Content-Type: text/html <br>Location: http://www.fapp.pw/app/se.php <br>Server: Microsoft-IIS/7.5 <br>Set-Cookie: ASPSESSIONIDCSRQSTAD=NBLIMLABEPCNLNCHHBFOCHLG; path=/ <br>X-Powered-By: ASP.NET <br>Date: Tue, 14 May 2019 15:59:27 GMT <br>Connection: close<br><br>nioelva.se is on 81.93.152.111<br>ASN for 81.93.152.111: 29468<br>Abusix contact information: abuse@pin.se (information only)<br>81.93.152.111 corresponds with wsp01.web.pin.se<br>Abuse.net does not have any reliable address for wsp01.web.pin.se<br>Found address in whois: abuse@pin.se1557920720http://dev.crescent.se/ (195.74.38.117) - Serp-hijackingAttacked url: http://dev.crescent.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 14 May 2019 01:07:08 +0200<br><br>Visitors with referer are redirected to http://www.cheapshop123.com/cheap1.php <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: dev.crescent.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Mon, 13 May 2019 23:07:07 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45 <br>Expires: Thu, 19 Nov 1981 08:52:00 GMT <br>Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 <br>Pragma: no-cache <br>X-Pingback: http://dev.crescent.se/xmlrpc.php <br>Set-Cookie: PHPSESSID=ohbqbk916d3gf7dq96qn4dh8f0; path=/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: dev.crescent.se <br>Referer: http://www.google.com/search?q=dev.crescent.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 13 May 2019 23:07:03 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45 <br>Expires: Thu, 19 Nov 1981 08:52:00 GMT <br>Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 <br>Pragma: no-cache <br>X-Pingback: http://dev.crescent.se/xmlrpc.php <br>Set-Cookie: PHPSESSID=1181ughkpk74g8bmbkt9530si7; path=/ <br>Location: http://www.cheapshop123.com/cheap1.php <br>Connection: close <br>Content-Type: text/html; charset=iso-8859-1<br><br>dev.crescent.se is on 195.74.38.117<br>ASN for 195.74.38.117: 35041<br>Abusix contact information: drift@binero.se (information only)<br>195.74.38.117 corresponds with cl-17.atm.binero.net<br>Abuse.net has 1 reliable address(es) for binero.net<br>Found address(es): abuse@binero.se1557839580http://webbexperterna.nu/ (81.95.105.73) - Serp-hijackingAttacked url: http://webbexperterna.nu/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 14 May 2019 00:41:42 +0200<br><br>Visitors with referer are redirected to http://ajax.auowen.com/libs/jquery.php <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: webbexperterna.nu <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Object moved <br>Cache-Control: private <br>Content-Length: 164 <br>Content-Type: text/html <br>Location: http://www.webbexperterna.se/sv/start.shtml <br>Server: Microsoft-IIS/10.0 <br>Set-Cookie: ASPSESSIONIDQCBARCCB=HCEDFJPAFJCGCKDNPLAFHKNO; path=/ <br>Date: Mon, 13 May 2019 22:41:42 GMT <br>Connection: close <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: webbexperterna.nu <br>Referer: http://www.google.com/search?q=webbexperterna.nu <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Object moved <br>Cache-Control: private <br>Content-Length: 159 <br>Content-Type: text/html <br>Location: http://ajax.auowen.com/libs/jquery.php <br>Server: Microsoft-IIS/10.0 <br>Set-Cookie: ASPSESSIONIDQCBARCCB=GCEDFJPAHODNHIMBELJPOGNI; path=/ <br>Date: Mon, 13 May 2019 22:41:42 GMT <br>Connection: close<br><br>webbexperterna.nu is on 81.95.105.73<br>ASN for 81.95.105.73: 25234<br>Abusix contact information: abuse@active24.cz (information only)<br>81.95.105.73 corresponds with iis107.windows.loopia.com<br>Abuse.net does not have any reliable address for iis107.windows.loopia.com<br>Found address in whois: abuse@active24.cz1557838677http://balsjomaskin.se/ (81.95.105.71) - Serp-hijackingAttacked url: http://balsjomaskin.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Fri, 10 May 2019 02:40:49 +0200<br><br>Visitors with referer are redirected to http://www.serverjump.com/jump.aspx?jumpid=0sichm <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: balsjomaskin.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Cache-Control: private <br>Content-Length: 16712 <br>Content-Type: text/html <br>Server: Microsoft-IIS/10.0 <br>Set-Cookie: unikTry=bes%F6k; expires=Sun, 09-Jun-2019 22:00:00 GMT; path=/ <br>Set-Cookie: ASPSESSIONIDAAACASQQ=ECNHEEGCMKKDILKEECOKAOJL; path=/ <br>Date: Fri, 10 May 2019 00:40:49 GMT <br>Connection: close <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: balsjomaskin.se <br>Referer: http://www.google.com/search?q=balsjomaskin.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 301 Moved Permanently <br>Content-Length: 172 <br>Content-Type: text/html; charset=UTF-8 <br>Location: http://www.serverjump.com/jump.aspx?jumpid=0sichm <br>Server: Microsoft-IIS/10.0 <br>Date: Fri, 10 May 2019 00:40:47 GMT <br>Connection: close<br><br>balsjomaskin.se is on 81.95.105.71<br>ASN for 81.95.105.71: 25234<br>Abusix contact information: abuse@active24.cz (information only)<br>81.95.105.71 corresponds with iis105.windows.loopia.com<br>Abuse.net does not have any reliable address for iis105.windows.loopia.com<br>Found address in whois: abuse@active24.cz1557492212http://dev.crescent.se/ (195.74.38.117) - Serp-hijackingAttacked url: http://dev.crescent.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Thu, 09 May 2019 15:05:48 +0200<br><br>Visitors with referer are redirected to http://www.cheapshop123.com/cheap1.php <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: dev.crescent.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Thu, 09 May 2019 13:05:47 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45 <br>Expires: Thu, 19 Nov 1981 08:52:00 GMT <br>Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 <br>Pragma: no-cache <br>X-Pingback: http://dev.crescent.se/xmlrpc.php <br>Set-Cookie: PHPSESSID=vs0rpar2v367ucok289fi7mbv0; path=/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: dev.crescent.se <br>Referer: http://www.google.com/search?q=dev.crescent.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Thu, 09 May 2019 13:05:43 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45 <br>Expires: Thu, 19 Nov 1981 08:52:00 GMT <br>Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 <br>Pragma: no-cache <br>X-Pingback: http://dev.crescent.se/xmlrpc.php <br>Set-Cookie: PHPSESSID=3ifn0423s3eri48rir7kb9ad02; path=/ <br>Location: http://www.cheapshop123.com/cheap1.php <br>Connection: close <br>Content-Type: text/html; charset=iso-8859-1<br><br>dev.crescent.se is on 195.74.38.117<br>ASN for 195.74.38.117: 35041<br>Abusix contact information: drift@binero.se (information only)<br>195.74.38.117 corresponds with cl-17.atm.binero.net<br>Abuse.net has 1 reliable address(es) for binero.net<br>Found address(es): abuse@binero.se1557489992http://webbwebb.nu/ (193.42.159.250) - Serp-hijackingAttacked url: http://webbwebb.nu/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Thu, 02 May 2019 16:52:39 +0200<br><br>Visitors with referer are redirected to http://146.66.237.76 <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: webbwebb.nu <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 502 Bad Gateway <br>Server: nginx <br>Date: Thu, 02 May 2019 14:52:39 GMT <br>Content-Type: text/html <br>Content-Length: 133 <br>Connection: close <br>ETag: &quot;59fb37dd-85&quot; <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: webbwebb.nu <br>Referer: http://www.google.com/search?q=webbwebb.nu <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx <br>Date: Thu, 02 May 2019 14:51:40 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Location: http://146.66.237.76<br><br>webbwebb.nu is on 193.42.159.250<br>ASN for 193.42.159.250: 3246<br>Abusix contact information: abuse@tdc.se (information only)<br>193.42.159.250 corresponds with egensajt.se<br>Abuse.net does not have any reliable address for egensajt.se<br>Found address in whois: abuse@tdc.se1556869654http://dev.crescent.se/ (195.74.38.117) - Serp-hijackingAttacked url: http://dev.crescent.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 16 Apr 2019 18:43:11 +0200<br><br>Visitors with referer are redirected to http://www.cheapshop123.com/cheap1.php <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: dev.crescent.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Tue, 16 Apr 2019 16:43:10 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45 <br>Expires: Thu, 19 Nov 1981 08:52:00 GMT <br>Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 <br>Pragma: no-cache <br>X-Pingback: http://dev.crescent.se/xmlrpc.php <br>Set-Cookie: PHPSESSID=fac55fieff4q77bdvtsv4v0v40; path=/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: dev.crescent.se <br>Referer: http://www.google.com/search?q=dev.crescent.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 16 Apr 2019 16:43:08 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45 <br>Expires: Thu, 19 Nov 1981 08:52:00 GMT <br>Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 <br>Pragma: no-cache <br>X-Pingback: http://dev.crescent.se/xmlrpc.php <br>Set-Cookie: PHPSESSID=b13uoj0jgro8ia8njf1ceb05k1; path=/ <br>Location: http://www.cheapshop123.com/cheap1.php <br>Connection: close <br>Content-Type: text/html; charset=iso-8859-1<br><br>dev.crescent.se is on 195.74.38.117<br>ASN for 195.74.38.117: 35041<br>Abusix contact information: drift@binero.se (information only)<br>195.74.38.117 corresponds with cl-17.atm.binero.net<br>Abuse.net has 1 reliable address(es) for binero.net<br>Found address(es): abuse@binero.se1555506714http://dev.crescent.se/ (195.74.38.117) - Serp-hijackingAttacked url: http://dev.crescent.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 15 Apr 2019 16:53:46 +0200<br><br>Visitors with referer are redirected to http://www.cheapshop123.com/cheap1.php <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: dev.crescent.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Mon, 15 Apr 2019 14:53:46 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45 <br>Expires: Thu, 19 Nov 1981 08:52:00 GMT <br>Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 <br>Pragma: no-cache <br>X-Pingback: http://dev.crescent.se/xmlrpc.php <br>Set-Cookie: PHPSESSID=3ujgatt04a2vceosa8hf166o91; path=/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: dev.crescent.se <br>Referer: http://www.google.com/search?q=dev.crescent.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 15 Apr 2019 14:53:42 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45 <br>Expires: Thu, 19 Nov 1981 08:52:00 GMT <br>Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 <br>Pragma: no-cache <br>X-Pingback: http://dev.crescent.se/xmlrpc.php <br>Set-Cookie: PHPSESSID=lfov5oa7h2fe60l21rut53og42; path=/ <br>Location: http://www.cheapshop123.com/cheap1.php <br>Connection: close <br>Content-Type: text/html; charset=iso-8859-1<br><br>dev.crescent.se is on 195.74.38.117<br>ASN for 195.74.38.117: 35041<br>Abusix contact information: drift@binero.se (information only)<br>195.74.38.117 corresponds with cl-17.atm.binero.net<br>Abuse.net has 1 reliable address(es) for binero.net<br>Found address(es): abuse@binero.se1555416927http://joopot.se/ (195.74.38.63) - Serp-hijackingAttacked url: http://joopot.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Thu, 11 Apr 2019 14:04:52 +0200<br><br>Visitors with referer are redirected to http://www.tatlitarifleri.tv/2670/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: joopot.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 403 Forbidden <br>Date: Thu, 11 Apr 2019 12:04:52 GMT <br>Server: Apache <br>Vary: accept-language,accept-charset <br>Accept-Ranges: bytes <br>Connection: close <br>Content-Type: text/html; charset=iso-8859-1 <br>Content-Language: en <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: joopot.se <br>Referer: http://www.google.com/search?q=joopot.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Thu, 11 Apr 2019 12:04:52 GMT <br>Server: Apache <br>Location: http://www.tatlitarifleri.tv/2670/ <br>Connection: close <br>Content-Type: text/html; charset=iso-8859-1<br><br>joopot.se is on 195.74.38.63<br>ASN for 195.74.38.63: 35041<br>Abusix contact information: drift@binero.se (information only)<br>195.74.38.63 corresponds with cl-02.atm.binero.net<br>Abuse.net has 1 reliable address(es) for binero.net<br>Found address(es): abuse@binero.se1554991384http://webbexperterna.nu/ (81.95.105.73) - Serp-hijackingAttacked url: http://webbexperterna.nu/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 10 Apr 2019 15:29:56 +0200<br><br>Visitors with referer are redirected to http://ajax.auowen.com/libs/jquery.php <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: webbexperterna.nu <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Object moved <br>Cache-Control: private <br>Content-Length: 164 <br>Content-Type: text/html <br>Location: http://www.webbexperterna.se/sv/start.shtml <br>Server: Microsoft-IIS/10.0 <br>Set-Cookie: ASPSESSIONIDCADRBBCD=PDNJOHPCNMFIHGKNKFNHIHEE; path=/ <br>Date: Wed, 10 Apr 2019 13:29:55 GMT <br>Connection: close <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: webbexperterna.nu <br>Referer: http://www.google.com/search?q=webbexperterna.nu <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Object moved <br>Cache-Control: private <br>Content-Length: 159 <br>Content-Type: text/html <br>Location: http://ajax.auowen.com/libs/jquery.php <br>Server: Microsoft-IIS/10.0 <br>Set-Cookie: ASPSESSIONIDCADRBBCD=ODNJOHPCMBNLEEBHCCMMOIIH; path=/ <br>Date: Wed, 10 Apr 2019 13:29:55 GMT <br>Connection: close<br><br>webbexperterna.nu is on 81.95.105.73<br>ASN for 81.95.105.73: 25234<br>Abusix contact information: abuse@active24.cz (information only)<br>81.95.105.73 corresponds with iis107.windows.loopia.com<br>Abuse.net does not have any reliable address for iis107.windows.loopia.com<br>Found address in whois: abuse@active24.cz1554987608http://exceltips.se/ (89.221.250.113) - Serp-hijackingAttacked url: http://exceltips.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 09 Apr 2019 15:58:34 +0200<br><br>Visitors with referer are redirected to http://fapp.pw/app/se.php <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: exceltips.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Cache-Control: private <br>Content-Length: 18992 <br>Content-Type: text/html <br>Server: Microsoft-IIS/7.0 <br>Set-Cookie: ASPSESSIONIDQAATAQDQ=MNKFPAFCEOOHBDMMNHAFFONF; path=/ <br>X-Powered-By: ASP.NET <br>Date: Tue, 09 Apr 2019 13:56:55 GMT <br>Connection: close <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: exceltips.se <br>Referer: http://www.google.com/search?q=exceltips.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Redirect <br>Content-Length: 148 <br>Content-Type: text/html; charset=UTF-8 <br>Location: http://fapp.pw/app/se.php <br>Server: Microsoft-IIS/7.0 <br>X-Powered-By: ASP.NET <br>Date: Tue, 09 Apr 2019 13:56:55 GMT <br>Connection: close<br><br>exceltips.se is on 89.221.250.113<br>ASN for 89.221.250.113: 1257<br>89.221.250.113 manually set to use abuse@aname.net1554901409http://kinaskakor.se/ (89.221.250.111) - Serp-hijackingAttacked url: http://kinaskakor.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 09 Apr 2019 15:18:42 +0200<br><br>Visitors with referer are redirected to http://ajax.auowen.com/libs/jquery.php <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: kinaskakor.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Cache-Control: private <br>Content-Length: 11412 <br>Content-Type: text/html <br>Server: Microsoft-IIS/7.0 <br>Set-Cookie: ASPSESSIONIDQQSRRSQC=NDFFKNECIEDMKBKMEAGIKMFC; path=/ <br>X-Powered-By: ASP.NET <br>Date: Tue, 09 Apr 2019 13:17:04 GMT <br>Connection: close <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: kinaskakor.se <br>Referer: http://www.google.com/search?q=kinaskakor.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Object moved <br>Cache-Control: private <br>Content-Length: 159 <br>Content-Type: text/html <br>Location: http://ajax.auowen.com/libs/jquery.php <br>Server: Microsoft-IIS/7.0 <br>Set-Cookie: ASPSESSIONIDQQSRRSQC=MDFFKNECINMMJPMHJIHLKKLL; path=/ <br>X-Powered-By: ASP.NET <br>Date: Tue, 09 Apr 2019 13:16:57 GMT <br>Connection: close<br><br>kinaskakor.se is on 89.221.250.111<br>ASN for 89.221.250.111: 1257<br>89.221.250.111 manually set to use abuse@aname.net1554901338http://vaffeljarn.se/ (89.221.250.22) - Serp-hijackingAttacked url: http://vaffeljarn.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 09 Apr 2019 09:53:11 +0200<br><br>Visitors with referer are redirected to http://jindalo.ru:8080/forum/links/public_version.php <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: vaffeljarn.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Tue, 09 Apr 2019 07:53:11 GMT <br>Server: Apache <br>Last-Modified: Wed, 11 May 2011 09:58:07 GMT <br>ETag: &quot;2fc26e7-90c-4a2fd1bff89c0&quot; <br>Accept-Ranges: bytes <br>Content-Length: 2316 <br>Vary: Accept-Encoding <br>Connection: close <br>Content-Type: text/html <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: vaffeljarn.se <br>Referer: http://www.google.com/search?q=vaffeljarn.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 301 Moved Permanently <br>Date: Tue, 09 Apr 2019 07:53:05 GMT <br>Server: Apache <br>Location: http://jindalo.ru:8080/forum/links/public_version.php <br>Connection: close <br>Content-Type: text/html; charset=iso-8859-1<br><br>vaffeljarn.se is on 89.221.250.22<br>ASN for 89.221.250.22: 1257<br>89.221.250.22 manually set to use abuse@aname.net1554882731http://usagi.se/ (81.93.152.111) - Serp-hijackingAttacked url: http://usagi.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 08 Apr 2019 09:41:26 +0200<br><br>Visitors with referer are redirected to http://ajax.auowen.com/libs/jquery.php <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: usagi.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Cache-Control: private <br>Content-Length: 33833 <br>Content-Type: text/html <br>Server: Microsoft-IIS/7.5 <br>Set-Cookie: ASPSESSIONIDSQCTSSCT=IEMFIJHBBLDBNCHEBFAFNLCO; path=/ <br>X-Powered-By: ASP.NET <br>Date: Mon, 08 Apr 2019 07:41:26 GMT <br>Connection: close <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: usagi.se <br>Referer: http://www.google.com/search?q=usagi.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Object moved <br>Cache-Control: private <br>Content-Length: 159 <br>Content-Type: text/html <br>Location: http://ajax.auowen.com/libs/jquery.php <br>Server: Microsoft-IIS/7.5 <br>Set-Cookie: ASPSESSIONIDSQCTSSCT=HEMFIJHBDPBIAJLBEMLJLFHP; path=/ <br>X-Powered-By: ASP.NET <br>Date: Mon, 08 Apr 2019 07:41:26 GMT <br>Connection: close<br><br>usagi.se is on 81.93.152.111<br>ASN for 81.93.152.111: 29468<br>Abusix contact information: abuse@pin.se (information only)<br>81.93.152.111 corresponds with wsp01.web.pin.se<br>Abuse.net does not have any reliable address for wsp01.web.pin.se<br>Found address in whois: abuse@pin.se1554731297http://sunone.nu/ (159.69.63.122) - Serp-hijackingAttacked url: http://sunone.nu/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Thu, 04 Apr 2019 15:32:46 +0200<br><br>Visitors with referer are redirected to http://companyupdate.ru/settings/index.php <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: sunone.nu <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Last-Modified: Tue, 30 Jan 2018 13:43:29 GMT <br>Content-Type: text/html <br>Content-Length: 3241 <br>Accept-Ranges: bytes <br>Date: Thu, 04 Apr 2019 13:32:46 GMT <br>Server: LiteSpeed <br>Connection: close <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: sunone.nu <br>Referer: http://www.google.com/search?q=sunone.nu <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 301 Moved Permanently <br>Date: Thu, 04 Apr 2019 13:32:46 GMT <br>Server: LiteSpeed <br>Location: http://companyupdate.ru/settings/index.php <br>Connection: close<br><br>sunone.nu is on 159.69.63.122<br>ASN for 159.69.63.122: 24940<br>Abusix contact information: abuse@hetzner.de (information only)<br>159.69.63.122 corresponds with falk1.azehosting.net<br>Abuse.net does not have any reliable address for falk1.azehosting.net<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@falk1.azehosting.net abuse@azehosting.net1554465040http://vaffeldagen.se/ (89.221.250.22) - Serp-hijackingAttacked url: http://vaffeldagen.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Thu, 28 Mar 2019 17:14:51 +0100<br><br>Visitors with referer are redirected to http://jindalo.ru:8080/forum/links/public_version.php <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: vaffeldagen.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Thu, 28 Mar 2019 16:15:11 GMT <br>Server: Apache <br>Last-Modified: Wed, 11 May 2011 09:58:07 GMT <br>ETag: &quot;2fc26e7-90c-4a2fd1bff89c0&quot; <br>Accept-Ranges: bytes <br>Content-Length: 2316 <br>Vary: Accept-Encoding <br>Connection: close <br>Content-Type: text/html <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: vaffeldagen.se <br>Referer: http://www.google.com/search?q=vaffeldagen.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 301 Moved Permanently <br>Date: Thu, 28 Mar 2019 16:15:05 GMT <br>Server: Apache <br>Location: http://jindalo.ru:8080/forum/links/public_version.php <br>Connection: close <br>Content-Type: text/html; charset=iso-8859-1<br><br>vaffeldagen.se is on 89.221.250.22<br>ASN for 89.221.250.22: 1257<br>89.221.250.22 manually set to use abuse@aname.net1554112284http://exceltips.se/ (89.221.250.113) - Serp-hijackingAttacked url: http://exceltips.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 25 Mar 2019 17:27:09 +0100<br><br>Visitors with referer are redirected to http://fapp.pw/app/se.php <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: exceltips.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Cache-Control: private <br>Content-Length: 18789 <br>Content-Type: text/html <br>Server: Microsoft-IIS/7.0 <br>Set-Cookie: ASPSESSIONIDSAATASCR=OOGHPJHAOMHFHHJHOILBAFJC; path=/ <br>X-Powered-By: ASP.NET <br>Date: Mon, 25 Mar 2019 16:25:59 GMT <br>Connection: close <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: exceltips.se <br>Referer: http://www.google.com/search?q=exceltips.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Redirect <br>Content-Length: 148 <br>Content-Type: text/html; charset=UTF-8 <br>Location: http://fapp.pw/app/se.php <br>Server: Microsoft-IIS/7.0 <br>X-Powered-By: ASP.NET <br>Date: Mon, 25 Mar 2019 16:25:59 GMT <br>Connection: close<br><br>exceltips.se is on 89.221.250.113<br>ASN for 89.221.250.113: 1257<br>89.221.250.113 manually set to use abuse@aname.net1553607274http://shineonyou.se/ (195.74.38.97) - Serp-hijackingAttacked url: http://shineonyou.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 04 Mar 2019 18:49:45 +0100<br><br>Visitors with referer are redirected to http://islas.co.uk/college/image/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: shineonyou.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Moved Temporarily <br>Date: Mon, 04 Mar 2019 17:49:45 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.3.29 <br>Set-Cookie: http_uid_utm=1; expires=Wed, 06-Mar-2019 17:49:45 GMT <br>Location: http://134.249.116.78/index.php <br>Connection: close <br>Content-Type: text/html <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: shineonyou.se <br>Referer: http://www.google.com/search?q=shineonyou.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Moved Temporarily <br>Date: Mon, 04 Mar 2019 17:49:41 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.3.29 <br>Location: http://islas.co.uk/college/image/ <br>Connection: close <br>Content-Type: text/html<br><br>shineonyou.se is on 195.74.38.97<br>ASN for 195.74.38.97: 35041<br>Abusix contact information: drift@binero.se (information only)<br>195.74.38.97 corresponds with cl-13.atm.binero.net<br>Abuse.net has 1 reliable address(es) for binero.net<br>Found address(es): abuse@binero.se1551790859http://sunone.nu/ (159.69.63.122) - Serp-hijackingAttacked url: http://sunone.nu/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Fri, 15 Feb 2019 02:02:35 +0100<br><br>Visitors with referer are redirected to http://companyupdate.ru/settings/index.php <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: sunone.nu <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Last-Modified: Tue, 30 Jan 2018 13:43:29 GMT <br>Content-Type: text/html <br>Content-Length: 3241 <br>Accept-Ranges: bytes <br>Date: Fri, 15 Feb 2019 01:02:35 GMT <br>Server: LiteSpeed <br>Connection: close <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: sunone.nu <br>Referer: http://www.google.com/search?q=sunone.nu <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 301 Moved Permanently <br>Date: Fri, 15 Feb 2019 01:02:35 GMT <br>Server: LiteSpeed <br>Location: http://companyupdate.ru/settings/index.php <br>Connection: close<br><br>sunone.nu is on 159.69.63.122<br>ASN for 159.69.63.122: 24940<br>Abusix contact information: abuse@hetzner.de (information only)<br>159.69.63.122 corresponds with falk1.azehosting.net<br>Abuse.net does not have any reliable address for falk1.azehosting.net<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@falk1.azehosting.net abuse@azehosting.net1550238227http://dev.crescent.se/ (195.74.38.117) - Serp-hijackingAttacked url: http://dev.crescent.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 06 Feb 2019 23:55:37 +0100<br><br>Visitors with referer are redirected to http://www.cheapshop123.com/cheap1.php <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: dev.crescent.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Wed, 06 Feb 2019 22:55:40 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45 <br>Expires: Thu, 19 Nov 1981 08:52:00 GMT <br>Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 <br>Pragma: no-cache <br>X-Pingback: http://dev.crescent.se/xmlrpc.php <br>Set-Cookie: PHPSESSID=eag5kg1aquvb4rck1rbpuciek5; path=/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: dev.crescent.se <br>Referer: http://www.google.com/search?q=dev.crescent.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Wed, 06 Feb 2019 22:55:39 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45 <br>Expires: Thu, 19 Nov 1981 08:52:00 GMT <br>Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 <br>Pragma: no-cache <br>X-Pingback: http://dev.crescent.se/xmlrpc.php <br>Set-Cookie: PHPSESSID=0oditomucqkpckfgomkr5v9ee2; path=/ <br>Location: http://www.cheapshop123.com/cheap1.php <br>Connection: close <br>Content-Type: text/html; charset=iso-8859-1<br><br>dev.crescent.se is on 195.74.38.117<br>ASN for 195.74.38.117: 35041<br>Abusix contact information: drift@binero.se (information only)<br>195.74.38.117 corresponds with cl-17.atm.binero.net<br>Abuse.net has 1 reliable address(es) for binero.net<br>Found address(es): abuse@binero.se1549545003http://kinaskakor.se/ (89.221.250.111) - Serp-hijackingAttacked url: http://kinaskakor.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 06 Feb 2019 21:16:57 +0100<br><br>Visitors with referer are redirected to http://ajax.auowen.com/libs/jquery.php <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: kinaskakor.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Cache-Control: private <br>Content-Length: 11412 <br>Content-Type: text/html <br>Server: Microsoft-IIS/7.0 <br>Set-Cookie: ASPSESSIONIDSQQQQRRD=HJFHLKJBLCCCDGGKLDEMFCNL; path=/ <br>X-Powered-By: ASP.NET <br>Date: Wed, 06 Feb 2019 20:15:11 GMT <br>Connection: close <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: kinaskakor.se <br>Referer: http://www.google.com/search?q=kinaskakor.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Object moved <br>Cache-Control: private <br>Content-Length: 159 <br>Content-Type: text/html <br>Location: http://ajax.auowen.com/libs/jquery.php <br>Server: Microsoft-IIS/7.0 <br>Set-Cookie: ASPSESSIONIDSQQQQRRD=GJFHLKJBJAPPAHOCFKCPGGDJ; path=/ <br>X-Powered-By: ASP.NET <br>Date: Wed, 06 Feb 2019 20:15:11 GMT <br>Connection: close<br><br>kinaskakor.se is on 89.221.250.111<br>ASN for 89.221.250.111: 1257<br>89.221.250.111 manually set to use abuse@aname.net1549544787http://exceltips.se/ (89.221.250.113) - Serp-hijackingAttacked url: http://exceltips.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Fri, 18 Jan 2019 03:49:16 +0100<br><br>Visitors with referer are redirected to http://fapp.pw/app/se.php <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: exceltips.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Cache-Control: private <br>Content-Length: 18792 <br>Content-Type: text/html <br>Server: Microsoft-IIS/7.0 <br>Set-Cookie: ASPSESSIONIDSCARDBBC=BGPDPKJANCPMBJECLCGMNOBI; path=/ <br>X-Powered-By: ASP.NET <br>Date: Fri, 18 Jan 2019 02:47:28 GMT <br>Connection: close <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: exceltips.se <br>Referer: http://www.google.com/search?q=exceltips.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Redirect <br>Content-Length: 148 <br>Content-Type: text/html; charset=UTF-8 <br>Location: http://fapp.pw/app/se.php <br>Server: Microsoft-IIS/7.0 <br>X-Powered-By: ASP.NET <br>Date: Fri, 18 Jan 2019 02:47:23 GMT <br>Connection: close<br><br>exceltips.se is on 89.221.250.113<br>ASN for 89.221.250.113: 1257<br>89.221.250.113 manually set to use abuse@aname.net1547817897http://vaffeljarn.se/ (89.221.250.22) - Serp-hijackingAttacked url: http://vaffeljarn.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Thu, 17 Jan 2019 23:59:05 +0100<br><br>Visitors with referer are redirected to http://jindalo.ru:8080/forum/links/public_version.php <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: vaffeljarn.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Thu, 17 Jan 2019 22:59:05 GMT <br>Server: Apache <br>Last-Modified: Wed, 11 May 2011 09:58:07 GMT <br>ETag: &quot;2fc26e7-90c-4a2fd1bff89c0&quot; <br>Accept-Ranges: bytes <br>Content-Length: 2316 <br>Vary: Accept-Encoding <br>Connection: close <br>Content-Type: text/html <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: vaffeljarn.se <br>Referer: http://www.google.com/search?q=vaffeljarn.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 301 Moved Permanently <br>Date: Thu, 17 Jan 2019 22:59:04 GMT <br>Server: Apache <br>Location: http://jindalo.ru:8080/forum/links/public_version.php <br>Connection: close <br>Content-Type: text/html; charset=iso-8859-1<br><br>vaffeljarn.se is on 89.221.250.22<br>ASN for 89.221.250.22: 1257<br>89.221.250.22 manually set to use abuse@aname.net1547817676http://ssmab.se/ (65.254.248.137) - Serp-hijackingAttacked url: http://ssmab.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Thu, 10 Jan 2019 14:56:39 +0100<br><br>Visitors with referer are redirected to http://fast-pharmacy.com/product/Cialis.html <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: ssmab.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 301 Moved Permanently <br>Date: Thu, 10 Jan 2019 13:56:39 GMT <br>Content-Type: text/html; charset=iso-8859-1 <br>Connection: close <br>Server: Apache/2 <br>X-Powered-By: PHP/5.6.30 <br>Location: http://www.ssmab.se/ <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: ssmab.se <br>Referer: http://www.google.com/search?q=ssmab.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 301 Moved Permanently <br>Date: Thu, 10 Jan 2019 13:56:05 GMT <br>Content-Type: text/html; charset=iso-8859-1 <br>Connection: close <br>Server: Apache/2 <br>X-Powered-By: PHP/5.6.30 <br>Location: http://fast-pharmacy.com/product/Cialis.html<br><br>ssmab.se is on 65.254.248.137<br>ASN for 65.254.248.137: 29873<br>Abusix contact information: eig-abuse@endurance.com (information only)<br>65.254.248.137 corresponds with 65-254-248-137.yourhostingaccount.com<br>Abuse.net has 3 reliable address(es) for yourhostingaccount.com<br>Found address(es): abuse@enduranceinternational.com abuse@maileig.com abuse@yourhostingaccount.com1547214507http://webbexperterna.nu/ (81.95.105.73) - Serp-hijackingAttacked url: http://webbexperterna.nu/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 09 Jan 2019 16:21:30 +0100<br><br>Visitors with referer are redirected to http://ajax.auowen.com/libs/jquery.php <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: webbexperterna.nu <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Object moved <br>Cache-Control: private <br>Content-Length: 164 <br>Content-Type: text/html <br>Location: http://www.webbexperterna.se/sv/start.shtml <br>Server: Microsoft-IIS/10.0 <br>Set-Cookie: ASPSESSIONIDCQRRBCDB=KEPNLIADHPLNGKDHFHAGHKPP; path=/ <br>Date: Wed, 09 Jan 2019 15:21:30 GMT <br>Connection: close <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: webbexperterna.nu <br>Referer: http://www.google.com/search?q=webbexperterna.nu <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Object moved <br>Cache-Control: private <br>Content-Length: 159 <br>Content-Type: text/html <br>Location: http://ajax.auowen.com/libs/jquery.php <br>Server: Microsoft-IIS/10.0 <br>Set-Cookie: ASPSESSIONIDCQRRBCDB=JEPNLIADIJLFGIBNBFCIGKLP; path=/ <br>Date: Wed, 09 Jan 2019 15:21:30 GMT <br>Connection: close<br><br>webbexperterna.nu is on 81.95.105.73<br>ASN for 81.95.105.73: 25234<br>Abusix contact information: abuse@active24.cz (information only)<br>81.95.105.73 corresponds with iis107.windows.loopia.com<br>Abuse.net does not have any reliable address for iis107.windows.loopia.com<br>Found address in whois: abuse@active24.cz1547127666http://lostriders.se/ (66.96.149.1) - Serp-hijackingAttacked url: http://lostriders.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 09 Jan 2019 15:45:54 +0100<br><br>Visitors with referer are redirected to http://fast-pharmacy.com/product/Viagra.html <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: lostriders.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Wed, 09 Jan 2019 14:45:54 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Server: Apache/2 <br>X-Powered-By: PHP/5.6.30 <br>Expires: Wed, 11 Jan 1984 05:00:00 GMT <br>Cache-Control: no-cache, must-revalidate, max-age=0 <br>Pragma: no-cache <br>Link: &lt;http://lostriders.se/index.php?rest_route=/&gt;; rel=&quot;https://api.w.org/&quot; <br>Link: &lt;https://wp.me/9n7Ru&gt;; rel=shortlink <br>Age: 1 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: lostriders.se <br>Referer: http://www.google.com/search?q=lostriders.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 301 Moved Permanently <br>Date: Wed, 09 Jan 2019 14:45:53 GMT <br>Content-Type: text/html; charset=iso-8859-1 <br>Connection: close <br>Server: Apache/2 <br>X-Powered-By: PHP/5.6.30 <br>Expires: Wed, 11 Jan 1984 05:00:00 GMT <br>Cache-Control: no-cache, must-revalidate, max-age=0 <br>Pragma: no-cache <br>Location: http://fast-pharmacy.com/product/Viagra.html <br>Age: 1<br><br>lostriders.se is on 66.96.149.1<br>ASN for 66.96.149.1: 29873<br>Abusix contact information: eig-abuse@endurance.com (information only)<br>66.96.149.1 corresponds with 1.149.96.66.static.eigbox.net<br>Abuse.net has 1 reliable address(es) for eigbox.net<br>Found address(es): cogentabuse@maileig.com1547125411http://dev.crescent.se/ (195.74.38.117) - Serp-hijackingAttacked url: http://dev.crescent.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 18 Dec 2018 17:05:54 +0100<br><br>Visitors with referer are redirected to http://www.cheapshop123.com/cheap1.php <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: dev.crescent.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Tue, 18 Dec 2018 16:06:09 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45 <br>Expires: Thu, 19 Nov 1981 08:52:00 GMT <br>Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 <br>Pragma: no-cache <br>X-Pingback: http://dev.crescent.se/xmlrpc.php <br>Set-Cookie: PHPSESSID=404gm7pke9car2uvaq00et1tl3; path=/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: dev.crescent.se <br>Referer: http://www.google.com/search?q=dev.crescent.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 18 Dec 2018 16:06:06 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45 <br>Expires: Thu, 19 Nov 1981 08:52:00 GMT <br>Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 <br>Pragma: no-cache <br>X-Pingback: http://dev.crescent.se/xmlrpc.php <br>Set-Cookie: PHPSESSID=90aae572q395qtu9oarh9lmg04; path=/ <br>Location: http://www.cheapshop123.com/cheap1.php <br>Connection: close <br>Content-Type: text/html; charset=iso-8859-1<br><br>dev.crescent.se is on 195.74.38.117<br>ASN for 195.74.38.117: 35041<br>Abusix contact information: drift@binero.se (information only)<br>195.74.38.117 corresponds with cl-17.atm.binero.net<br>Abuse.net has 1 reliable address(es) for binero.net<br>Found address(es): abuse@binero.se1545229609http://vaffeldagen.se/ (89.221.250.22) - Serp-hijackingAttacked url: http://vaffeldagen.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 18 Dec 2018 14:47:53 +0100<br><br>Visitors with referer are redirected to http://jindalo.ru:8080/forum/links/public_version.php <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: vaffeldagen.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Tue, 18 Dec 2018 13:47:53 GMT <br>Server: Apache <br>Last-Modified: Wed, 11 May 2011 09:58:07 GMT <br>ETag: &quot;2fc26e7-90c-4a2fd1bff89c0&quot; <br>Accept-Ranges: bytes <br>Content-Length: 2316 <br>Vary: Accept-Encoding <br>Connection: close <br>Content-Type: text/html <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: vaffeldagen.se <br>Referer: http://www.google.com/search?q=vaffeldagen.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 301 Moved Permanently <br>Date: Tue, 18 Dec 2018 13:47:53 GMT <br>Server: Apache <br>Location: http://jindalo.ru:8080/forum/links/public_version.php <br>Connection: close <br>Content-Type: text/html; charset=iso-8859-1<br><br>vaffeldagen.se is on 89.221.250.22<br>ASN for 89.221.250.22: 1257<br>89.221.250.22 manually set to use abuse@aname.net1545223497http://shineonyou.se/ (195.74.38.97) - Serp-hijackingAttacked url: http://shineonyou.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 05 Dec 2018 14:20:30 +0100<br><br>Visitors with referer are redirected to http://islas.co.uk/college/image/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: shineonyou.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Wed, 05 Dec 2018 13:20:30 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.3.29 <br>Expires: Thu, 19 Nov 1981 08:52:00 GMT <br>Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 <br>Pragma: no-cache <br>X-Pingback: http://shineonyou.se/xmlrpc.php <br>Set-Cookie: PHPSESSID=5lsvb4s9vetdab5ris6olj58f7; path=/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: shineonyou.se <br>Referer: http://www.google.com/search?q=shineonyou.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Moved Temporarily <br>Date: Wed, 05 Dec 2018 13:20:15 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.3.29 <br>Location: http://islas.co.uk/college/image/ <br>Connection: close <br>Content-Type: text/html<br><br>shineonyou.se is on 195.74.38.97<br>ASN for 195.74.38.97: 35041<br>Abusix contact information: drift@binero.se (information only)<br>195.74.38.97 corresponds with cl-13.atm.binero.net<br>Abuse.net has 1 reliable address(es) for binero.net<br>Found address(es): abuse@binero.se1544097987http://dev.crescent.se/ (195.74.38.117) - Serp-hijackingAttacked url: http://dev.crescent.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 27 Nov 2018 22:27:52 +0100<br><br>Visitors with referer are redirected to http://www.cheapshop123.com/cheap1.php <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: dev.crescent.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Tue, 27 Nov 2018 21:28:05 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45 <br>Expires: Thu, 19 Nov 1981 08:52:00 GMT <br>Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 <br>Pragma: no-cache <br>X-Pingback: http://dev.crescent.se/xmlrpc.php <br>Set-Cookie: PHPSESSID=d6gkih7s3fipnf00otunqo34l4; path=/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: dev.crescent.se <br>Referer: http://www.google.com/search?q=dev.crescent.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 27 Nov 2018 21:28:03 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45 <br>Expires: Thu, 19 Nov 1981 08:52:00 GMT <br>Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 <br>Pragma: no-cache <br>X-Pingback: http://dev.crescent.se/xmlrpc.php <br>Set-Cookie: PHPSESSID=kfosbvvgqg00cod81c9l24lt82; path=/ <br>Location: http://www.cheapshop123.com/cheap1.php <br>Connection: close <br>Content-Type: text/html; charset=iso-8859-1<br><br>dev.crescent.se is on 195.74.38.117<br>ASN for 195.74.38.117: 35041<br>Abusix contact information: drift@binero.se (information only)<br>195.74.38.117 corresponds with cl-17.atm.binero.net<br>Abuse.net has 1 reliable address(es) for binero.net<br>Found address(es): abuse@binero.se1543413644http://nioelva.se/ (81.93.152.111) - Serp-hijackingAttacked url: http://nioelva.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 27 Nov 2018 21:03:26 +0100<br><br>Visitors with referer are redirected to http://www.fapp.pw/app/se.php <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: nioelva.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Cache-Control: private <br>Content-Length: 3886 <br>Content-Type: text/html <br>Server: Microsoft-IIS/7.5 <br>Set-Cookie: ASPSESSIONIDSQCBRABD=FEEEPCFCNNLFLINEIJFHPAHE; path=/ <br>X-Powered-By: ASP.NET <br>Date: Tue, 27 Nov 2018 20:03:17 GMT <br>Connection: close <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: nioelva.se <br>Referer: http://www.google.com/search?q=nioelva.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Object moved <br>Cache-Control: private <br>Content-Length: 150 <br>Content-Type: text/html <br>Location: http://www.fapp.pw/app/se.php <br>Server: Microsoft-IIS/7.5 <br>Set-Cookie: ASPSESSIONIDSQCBRABD=EEEEPCFCBKCLAJCOFLOKKFOI; path=/ <br>X-Powered-By: ASP.NET <br>Date: Tue, 27 Nov 2018 20:03:17 GMT <br>Connection: close<br><br>nioelva.se is on 81.93.152.111<br>ASN for 81.93.152.111: 29468<br>Abusix contact information: abuse@pin.se (information only)<br>81.93.152.111 corresponds with wsp01.web.pin.se<br>Abuse.net does not have any reliable address for wsp01.web.pin.se<br>Found address in whois: abuse@pin.se1543413355http://exceltips.se/ (89.221.250.113) - Serp-hijackingAttacked url: http://exceltips.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 26 Nov 2018 21:06:59 +0100<br><br>Visitors with referer are redirected to http://fapp.pw/app/se.php <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: exceltips.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Cache-Control: private <br>Content-Length: 18558 <br>Content-Type: text/html <br>Server: Microsoft-IIS/7.0 <br>Set-Cookie: ASPSESSIONIDQABRTCAC=AIIFBJCCLKKLGGBMLACHHOPL; path=/ <br>X-Powered-By: ASP.NET <br>Date: Mon, 26 Nov 2018 20:06:01 GMT <br>Connection: close <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: exceltips.se <br>Referer: http://www.google.com/search?q=exceltips.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Redirect <br>Content-Length: 148 <br>Content-Type: text/html; charset=UTF-8 <br>Location: http://fapp.pw/app/se.php <br>Server: Microsoft-IIS/7.0 <br>X-Powered-By: ASP.NET <br>Date: Mon, 26 Nov 2018 20:05:55 GMT <br>Connection: close<br><br>exceltips.se is on 89.221.250.113<br>ASN for 89.221.250.113: 1257<br>89.221.250.113 manually set to use abuse@aname.net1543334361http://dev.crescent.se/ (195.74.38.117) - Serp-hijackingAttacked url: http://dev.crescent.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 26 Nov 2018 18:31:32 +0100<br><br>Visitors with referer are redirected to http://www.cheapshop123.com/cheap1.php <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: dev.crescent.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Mon, 26 Nov 2018 17:31:31 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45 <br>Expires: Thu, 19 Nov 1981 08:52:00 GMT <br>Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 <br>Pragma: no-cache <br>X-Pingback: http://dev.crescent.se/xmlrpc.php <br>Set-Cookie: PHPSESSID=btp8q7dvvso9rupl822l2dqmd3; path=/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: dev.crescent.se <br>Referer: http://www.google.com/search?q=dev.crescent.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 26 Nov 2018 17:31:27 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45 <br>Expires: Thu, 19 Nov 1981 08:52:00 GMT <br>Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 <br>Pragma: no-cache <br>X-Pingback: http://dev.crescent.se/xmlrpc.php <br>Set-Cookie: PHPSESSID=sqn3q4t17a1gdus1tvc3nve9j2; path=/ <br>Location: http://www.cheapshop123.com/cheap1.php <br>Connection: close <br>Content-Type: text/html; charset=iso-8859-1<br><br>dev.crescent.se is on 195.74.38.117<br>ASN for 195.74.38.117: 35041<br>Abusix contact information: drift@binero.se (information only)<br>195.74.38.117 corresponds with cl-17.atm.binero.net<br>Abuse.net has 1 reliable address(es) for binero.net<br>Found address(es): abuse@binero.se1543334067http://kinaskakor.se/ (89.221.250.111) - Serp-hijackingAttacked url: http://kinaskakor.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 26 Nov 2018 17:36:20 +0100<br><br>Visitors with referer are redirected to http://ajax.auowen.com/libs/jquery.php <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: kinaskakor.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Cache-Control: private <br>Content-Length: 11418 <br>Content-Type: text/html <br>Server: Microsoft-IIS/7.0 <br>Set-Cookie: ASPSESSIONIDQARBSAAC=GAOLPOACHMMHLLEHBLNNJBCD; path=/ <br>X-Powered-By: ASP.NET <br>Date: Mon, 26 Nov 2018 16:35:38 GMT <br>Connection: close <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: kinaskakor.se <br>Referer: http://www.google.com/search?q=kinaskakor.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Object moved <br>Cache-Control: private <br>Content-Length: 159 <br>Content-Type: text/html <br>Location: http://ajax.auowen.com/libs/jquery.php <br>Server: Microsoft-IIS/7.0 <br>Set-Cookie: ASPSESSIONIDQARBSAAC=FAOLPOACDBGDMNGIPKBLHMKN; path=/ <br>X-Powered-By: ASP.NET <br>Date: Mon, 26 Nov 2018 16:35:36 GMT <br>Connection: close<br><br>kinaskakor.se is on 89.221.250.111<br>ASN for 89.221.250.111: 1257<br>89.221.250.111 manually set to use abuse@aname.net1543331482http://forlagetorda.se/ (93.188.2.53) - Serp-hijackingAttacked url: http://forlagetorda.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Thu, 22 Nov 2018 10:59:00 +0100<br><br>Visitors with referer are redirected to http://islas.co.uk/college/image/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: forlagetorda.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx <br>Date: Thu, 22 Nov 2018 09:59:14 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>X-Powered-By: PHP/5.6.38 <br>Set-Cookie: PHPSESSID=91680451b538a56015d15d83d8164567; path=/ <br>Expires: Thu, 19 Nov 1981 08:52:00 GMT <br>Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 <br>Pragma: no-cache <br>X-Pingback: http://forlagetorda.se/xmlrpc.php <br>Link: &lt;http://forlagetorda.se/&gt;; rel=shortlink <br>X-Loopia-Node: 172.22.223.22 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: forlagetorda.se <br>Referer: http://www.google.com/search?q=forlagetorda.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx <br>Date: Thu, 22 Nov 2018 09:59:14 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>X-Powered-By: PHP/5.6.38 <br>Location: http://islas.co.uk/college/image/ <br>X-Loopia-Node: 172.22.223.22<br><br>forlagetorda.se is on 93.188.2.53<br>ASN for 93.188.2.53: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>93.188.2.53 corresponds with webfront3.webcluster.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1542900133http://pilgrimstid.nu/ (81.27.47.157) - Serp-hijackingAttacked url: http://pilgrimstid.nu/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 21 Nov 2018 14:12:07 +0100<br><br>Visitors with referer are redirected to http://www.sneakerses.com <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: pilgrimstid.nu <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Cache-Control: private <br>Content-Length: 30544 <br>Content-Type: text/html <br>Server: Microsoft-IIS/7.5 <br>Set-Cookie: ASPSESSIONIDCCARAABQ=LDFLNMKCMOIGECDJOFDLFGGL; path=/ <br>X-Powered-By: ASP.NET <br>Date: Wed, 21 Nov 2018 13:12:22 GMT <br>Connection: close <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: pilgrimstid.nu <br>Referer: http://www.google.com/search?q=pilgrimstid.nu <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Object moved <br>Cache-Control: private <br>Content-Length: 146 <br>Content-Type: text/html <br>Location: http://www.sneakerses.com <br>Server: Microsoft-IIS/7.5 <br>Set-Cookie: ASPSESSIONIDCCARAABQ=KDFLNMKCGJNPFPFPFJJBJNCI; path=/ <br>X-Powered-By: ASP.NET <br>Date: Wed, 21 Nov 2018 13:12:22 GMT <br>Connection: close<br><br>pilgrimstid.nu is on 81.27.47.157<br>ASN for 81.27.47.157: 8542<br>Abusix contact information: abuse@webhuset.no (information only)<br>rDNS not found for 81.27.47.157<br>Found address in whois: abuse@webhuset.no1542888120http://vaffeldagen.se/ (89.221.250.22) - Serp-hijackingAttacked url: http://vaffeldagen.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 20 Nov 2018 02:56:37 +0100<br><br>Visitors with referer are redirected to http://jindalo.ru:8080/forum/links/public_version.php <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: vaffeldagen.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Tue, 20 Nov 2018 01:56:50 GMT <br>Server: Apache <br>Last-Modified: Wed, 11 May 2011 09:58:07 GMT <br>ETag: &quot;2fc26e7-90c-4a2fd1bff89c0&quot; <br>Accept-Ranges: bytes <br>Content-Length: 2316 <br>Vary: Accept-Encoding <br>Connection: close <br>Content-Type: text/html <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: vaffeldagen.se <br>Referer: http://www.google.com/search?q=vaffeldagen.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 301 Moved Permanently <br>Date: Tue, 20 Nov 2018 01:56:50 GMT <br>Server: Apache <br>Location: http://jindalo.ru:8080/forum/links/public_version.php <br>Connection: close <br>Content-Type: text/html; charset=iso-8859-1<br><br>vaffeldagen.se is on 89.221.250.22<br>ASN for 89.221.250.22: 1257<br>89.221.250.22 manually set to use abuse@aname.net1542721248http://kinaskakor.se/ (89.221.250.111) - Serp-hijackingAttacked url: http://kinaskakor.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 20 Nov 2018 02:28:44 +0100<br><br>Visitors with referer are redirected to http://ajax.auowen.com/libs/jquery.php <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: kinaskakor.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Cache-Control: private <br>Content-Length: 11418 <br>Content-Type: text/html <br>Server: Microsoft-IIS/7.0 <br>Set-Cookie: ASPSESSIONIDCQCQTQTA=JBMDJBLBMKOBGFEBOBJCCGAH; path=/ <br>X-Powered-By: ASP.NET <br>Date: Tue, 20 Nov 2018 01:28:09 GMT <br>Connection: close <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: kinaskakor.se <br>Referer: http://www.google.com/search?q=kinaskakor.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Object moved <br>Cache-Control: private <br>Content-Length: 159 <br>Content-Type: text/html <br>Location: http://ajax.auowen.com/libs/jquery.php <br>Server: Microsoft-IIS/7.0 <br>Set-Cookie: ASPSESSIONIDCQCQTQTA=IBMDJBLBJJAJCBKHCGCAIPCN; path=/ <br>X-Powered-By: ASP.NET <br>Date: Tue, 20 Nov 2018 01:28:07 GMT <br>Connection: close<br><br>kinaskakor.se is on 89.221.250.111<br>ASN for 89.221.250.111: 1257<br>89.221.250.111 manually set to use abuse@aname.net1542721218http://studioolga.se/ (93.90.145.83) - Serp-hijackingAttacked url: http://studioolga.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 19 Nov 2018 21:52:30 +0100<br><br>Visitors with referer are redirected to http://www.fapp.pw/app/se.php <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: studioolga.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Cache-Control: private <br>Content-Length: 2940 <br>Content-Type: text/html <br>ETag: &quot;&quot; <br>Server: Microsoft-IIS/8.5 <br>Set-Cookie: ASPSESSIONIDACATTSAB=CMIHDBJBLLKLFJDGGLLJPHKH; path=/ <br>X-Powered-By: ASP.NET <br>Date: Mon, 19 Nov 2018 20:52:43 GMT <br>Connection: close <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: studioolga.se <br>Referer: http://www.google.com/search?q=studioolga.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Object moved <br>Cache-Control: private <br>Content-Length: 150 <br>Content-Type: text/html <br>ETag: &quot;&quot; <br>Location: http://www.fapp.pw/app/se.php <br>Server: Microsoft-IIS/8.5 <br>Set-Cookie: ASPSESSIONIDACATTSAB=BMIHDBJBKCMECEOALFLIGJDC; path=/ <br>X-Powered-By: ASP.NET <br>Date: Mon, 19 Nov 2018 20:52:43 GMT <br>Connection: close<br><br>studioolga.se is on 93.90.145.83<br>ASN for 93.90.145.83: 35041<br>Abusix contact information: abuse@levonline.com (information only)<br>rDNS not found for 93.90.145.83<br>Found address in whois: abuse@levonline.com1542720984http://vaffeljarn.se/ (89.221.250.22) - Serp-hijackingAttacked url: http://vaffeljarn.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 19 Nov 2018 17:03:42 +0100<br><br>Visitors with referer are redirected to http://jindalo.ru:8080/forum/links/public_version.php <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: vaffeljarn.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Mon, 19 Nov 2018 16:03:55 GMT <br>Server: Apache <br>Last-Modified: Wed, 11 May 2011 09:58:07 GMT <br>ETag: &quot;2fc26e7-90c-4a2fd1bff89c0&quot; <br>Accept-Ranges: bytes <br>Content-Length: 2316 <br>Vary: Accept-Encoding <br>Connection: close <br>Content-Type: text/html <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: vaffeljarn.se <br>Referer: http://www.google.com/search?q=vaffeljarn.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 301 Moved Permanently <br>Date: Mon, 19 Nov 2018 16:03:55 GMT <br>Server: Apache <br>Location: http://jindalo.ru:8080/forum/links/public_version.php <br>Connection: close <br>Content-Type: text/html; charset=iso-8859-1<br><br>vaffeljarn.se is on 89.221.250.22<br>ASN for 89.221.250.22: 1257<br>89.221.250.22 manually set to use abuse@aname.net1542720664http://usagi.se/ (81.93.152.111) - Serp-hijackingAttacked url: http://usagi.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Fri, 16 Nov 2018 07:52:45 +0100<br><br>Visitors with referer are redirected to http://ajax.auowen.com/libs/jquery.php <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: usagi.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Cache-Control: private <br>Content-Length: 32921 <br>Content-Type: text/html <br>Server: Microsoft-IIS/7.5 <br>Set-Cookie: ASPSESSIONIDQQACSBBC=NJIFNHCDAAAHGAMGIMCCCHCA; path=/ <br>X-Powered-By: ASP.NET <br>Date: Fri, 16 Nov 2018 06:52:48 GMT <br>Connection: close <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: usagi.se <br>Referer: http://www.google.com/search?q=usagi.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Object moved <br>Cache-Control: private <br>Content-Length: 159 <br>Content-Type: text/html <br>Location: http://ajax.auowen.com/libs/jquery.php <br>Server: Microsoft-IIS/7.5 <br>Set-Cookie: ASPSESSIONIDQQACSBBC=MJIFNHCDPAIAGIKLMMFADGJE; path=/ <br>X-Powered-By: ASP.NET <br>Date: Fri, 16 Nov 2018 06:52:46 GMT <br>Connection: close<br><br>usagi.se is on 81.93.152.111<br>ASN for 81.93.152.111: 29468<br>Abusix contact information: abuse@pin.se (information only)<br>81.93.152.111 corresponds with wsp01.web.pin.se<br>Abuse.net does not have any reliable address for wsp01.web.pin.se<br>Found address in whois: abuse@pin.se1542376250http://studioolga.se/ (93.90.145.83) - Serp-hijackingAttacked url: http://studioolga.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Thu, 15 Nov 2018 16:22:16 +0100<br><br>Visitors with referer are redirected to http://www.fapp.pw/app/se.php <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: studioolga.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Cache-Control: private <br>Content-Length: 2940 <br>Content-Type: text/html <br>ETag: &quot;&quot; <br>Server: Microsoft-IIS/8.5 <br>Set-Cookie: ASPSESSIONIDCSDTARQA=LNDDJHMCJICBNFHLMELNDBHH; path=/ <br>X-Powered-By: ASP.NET <br>Date: Thu, 15 Nov 2018 15:22:15 GMT <br>Connection: close <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: studioolga.se <br>Referer: http://www.google.com/search?q=studioolga.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Object moved <br>Cache-Control: private <br>Content-Length: 150 <br>Content-Type: text/html <br>ETag: &quot;&quot; <br>Location: http://www.fapp.pw/app/se.php <br>Server: Microsoft-IIS/8.5 <br>Set-Cookie: ASPSESSIONIDCSDTARQA=KNDDJHMCJLLFKMJKMLDEBCGJ; path=/ <br>X-Powered-By: ASP.NET <br>Date: Thu, 15 Nov 2018 15:22:15 GMT <br>Connection: close<br><br>studioolga.se is on 93.90.145.83<br>ASN for 93.90.145.83: 35041<br>Abusix contact information: abuse@levonline.com (information only)<br>rDNS not found for 93.90.145.83<br>Found address in whois: abuse@levonline.com1542374356http://nietlater.nu/ (37.97.223.41) - MalwareOffensive html code:<br>&lt;script type=&quot;text/javascript&quot; src=&quot;http://heirem-art.de/crpzw3bh.php?id=595921&quot;&gt;<br><br>Offensive url: http://heirem-art.de/crpzw3bh.php?id=595921<br>Url is blacklisted in Google Safe Browsing<br><br>nietlater.nu is on 37.97.223.41<br>ASN for 37.97.223.41: 20857<br>Abusix contact information: abuse@transip.nl (information only)<br>37.97.223.41 corresponds with dbasehosting.nl<br>Abuse.net does not have any reliable address for dbasehosting.nl<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@dbasehosting.nl1542283389http://pionbutiken.se/ (93.90.145.81) - Serp-hijackingAttacked url: http://pionbutiken.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 12 Nov 2018 09:41:43 +0100<br><br>Visitors with referer are redirected to http://www.fapp.pw/app/se.php <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: pionbutiken.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Cache-Control: private <br>Content-Length: 785 <br>Content-Type: text/html <br>ETag: &quot;&quot; <br>Server: Microsoft-IIS/8.5 <br>Set-Cookie: ASPSESSIONIDQATASCRR=EPBBKNJAAMEFAIHNLDCABNNJ; path=/ <br>X-Powered-By: ASP.NET <br>Date: Mon, 12 Nov 2018 08:41:56 GMT <br>Connection: close <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: pionbutiken.se <br>Referer: http://www.google.com/search?q=pionbutiken.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Object moved <br>Cache-Control: private <br>Content-Length: 150 <br>Content-Type: text/html <br>ETag: &quot;&quot; <br>Location: http://www.fapp.pw/app/se.php <br>Server: Microsoft-IIS/8.5 <br>Set-Cookie: ASPSESSIONIDQATASCRR=DPBBKNJAKJAPHDMIPLIBICMI; path=/ <br>X-Powered-By: ASP.NET <br>Date: Mon, 12 Nov 2018 08:41:55 GMT <br>Connection: close<br><br>pionbutiken.se is on 93.90.145.81<br>ASN for 93.90.145.81: 35041<br>Abusix contact information: abuse@levonline.com (information only)<br>93.90.145.81 corresponds with iis-01.crystone.se<br>Abuse.net has 2 reliable address(es) for crystone.se<br>Found address(es): abuse@crystone.se abuse@crystone.net1542027866http://exceltips.se/ (89.221.250.113) - Serp-hijackingAttacked url: http://exceltips.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 12 Nov 2018 08:49:04 +0100<br><br>Visitors with referer are redirected to http://fapp.pw/app/se.php <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: exceltips.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Cache-Control: private <br>Content-Length: 18828 <br>Content-Type: text/html <br>Server: Microsoft-IIS/7.0 <br>Set-Cookie: ASPSESSIONIDSQCRCARQ=BFPDBMIACGGNHFAAFBMGFKLO; path=/ <br>X-Powered-By: ASP.NET <br>Date: Mon, 12 Nov 2018 07:47:40 GMT <br>Connection: close <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: exceltips.se <br>Referer: http://www.google.com/search?q=exceltips.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Redirect <br>Content-Length: 148 <br>Content-Type: text/html; charset=UTF-8 <br>Location: http://fapp.pw/app/se.php <br>Server: Microsoft-IIS/7.0 <br>X-Powered-By: ASP.NET <br>Date: Mon, 12 Nov 2018 07:47:40 GMT <br>Connection: close<br><br>exceltips.se is on 89.221.250.113<br>ASN for 89.221.250.113: 1257<br>89.221.250.113 manually set to use abuse@aname.net1542027860http://landsbygdskraft.se/ (93.188.2.52) - Serp-hijackingAttacked url: http://landsbygdskraft.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 07 Nov 2018 22:52:39 +0100<br><br>Visitors with referer are redirected to http://islas.co.uk/college/image/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: landsbygdskraft.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx <br>Date: Wed, 07 Nov 2018 21:52:52 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>X-Powered-By: PHP/5.6.38 <br>Vary: Cookie <br>X-Pingback: http://landsbygdskraft.se/xmlrpc.php <br>X-Loopia-Node: 172.22.223.35 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: landsbygdskraft.se <br>Referer: http://www.google.com/search?q=landsbygdskraft.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx <br>Date: Wed, 07 Nov 2018 21:52:52 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>X-Powered-By: PHP/5.6.38 <br>Location: http://islas.co.uk/college/image/ <br>X-Loopia-Node: 172.22.223.35<br><br>landsbygdskraft.se is on 93.188.2.52<br>ASN for 93.188.2.52: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>93.188.2.52 corresponds with webfront2.webcluster.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1541683133http://zogg.se/ (93.188.2.52) - Serp-hijackingAttacked url: http://zogg.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 07 Nov 2018 21:37:50 +0100<br><br>Visitors with referer are redirected to http://islas.co.uk/college/image/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: zogg.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx <br>Date: Wed, 07 Nov 2018 20:38:03 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>X-Powered-By: PHP/5.6.38 <br>Vary: Accept-Encoding,Cookie <br>Cache-Control: max-age=3, must-revalidate <br>WP-Super-Cache: Served supercache file from PHP <br>X-Loopia-Node: 172.22.223.35 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: zogg.se <br>Referer: http://www.google.com/search?q=zogg.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx <br>Date: Wed, 07 Nov 2018 20:38:03 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>X-Powered-By: PHP/5.6.38 <br>Location: http://islas.co.uk/college/image/ <br>X-Loopia-Node: 172.22.223.35<br><br>zogg.se is on 93.188.2.52<br>ASN for 93.188.2.52: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>93.188.2.52 corresponds with webfront2.webcluster.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1541683116http://vaffeljarn.se/ (89.221.250.22) - Serp-hijackingAttacked url: http://vaffeljarn.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 06 Nov 2018 10:52:35 +0100<br><br>Visitors with referer are redirected to http://jindalo.ru:8080/forum/links/public_version.php <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: vaffeljarn.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Tue, 06 Nov 2018 09:52:35 GMT <br>Server: Apache <br>Last-Modified: Wed, 11 May 2011 09:58:07 GMT <br>ETag: &quot;2fc26e7-90c-4a2fd1bff89c0&quot; <br>Accept-Ranges: bytes <br>Content-Length: 2316 <br>Vary: Accept-Encoding <br>Connection: close <br>Content-Type: text/html <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: vaffeljarn.se <br>Referer: http://www.google.com/search?q=vaffeljarn.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 301 Moved Permanently <br>Date: Tue, 06 Nov 2018 09:52:35 GMT <br>Server: Apache <br>Location: http://jindalo.ru:8080/forum/links/public_version.php <br>Connection: close <br>Content-Type: text/html; charset=iso-8859-1<br><br>vaffeljarn.se is on 89.221.250.22<br>ASN for 89.221.250.22: 1257<br>89.221.250.22 manually set to use abuse@aname.net1541506485http://zogg.se/2013/01/01/vags-ande/ (93.188.2.52) - Serp-hijackingAttacked url: http://zogg.se/2013/01/01/vags-ande/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 06 Nov 2018 06:02:44 +0100<br><br>Visitors with referer are redirected to http://islas.co.uk/college/image/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: zogg.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx <br>Date: Tue, 06 Nov 2018 05:02:57 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>X-Powered-By: PHP/5.6.38 <br>Vary: Cookie <br>X-Pingback: http://zogg.se/xmlrpc.php <br>X-Loopia-Node: 172.22.223.35 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: zogg.se <br>Referer: http://www.google.com/search?q=zogg.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx <br>Date: Tue, 06 Nov 2018 05:02:57 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>X-Powered-By: PHP/5.6.38 <br>Location: http://islas.co.uk/college/image/ <br>X-Loopia-Node: 172.22.223.35<br><br>zogg.se is on 93.188.2.52<br>ASN for 93.188.2.52: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>93.188.2.52 corresponds with webfront2.webcluster.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1541506423