Säkrare hemsida med .sehttp://bussfabriken.se/ (103.224.212.185) - Serp-hijackingAttacked url: http://bussfabriken.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 21 Jun 2017 14:33:24 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT3OnBIzJNWcRt1c%2FS253LSKS1A73V6xOVcjqjfmwR8rb%2Brv2bq8XHuMPFCW6%2FX69DJX5f4XD5TQ0NkxC9t7KJ2N%2FZ%2BzRaj%2FO3sY8iSNmGt3Y316bpVkNtV02z3WujUe9bJOWS33jey5zUb4I2DXHYKk1YiuYGhdpfntz%2BMT3Xcqg2ZBgSgvgFly4liDzc7hcilyYs9IpXt41krGHb7Ar5cJeCSqsI8ccRJPf6M9ftM0Lk8l5EnMCHIa9Tz8eSJlc0t5IY5w1uOdH8Bh6oZSLbNjjDNxVrPXMnZInskEGfjcLkNbaJdxvFTh5RGi5RWVKrbi8HD8zwXEsXZxRabgAL%2FYwnrO9wS1uUGYtzufDN9xgCyCWskj0cDfZBNK4qEOXNwHWr2SkEZRT%2FgdaPmGUdP9haWV%2BP80Gl%2FMdFXYbNKqFRkI7iugo42SMWlCHhzBP0a6SNVksD5NApMhdmf4aRBBH7G6jMy%2Bgv6F0mb2nyRtBQ0dqu9XIwmKXpu%2F1W1JZ5rRfA5un%2FSMTnf%2FORoIFv3hAwfrW0tvzWjTkMX7PQhXp <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: bussfabriken.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Wed, 21 Jun 2017 12:33:24 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1498048404.2154130; expires=Sat, 19-Jun-2027 12:33:24 GMT; Max-Age=315360000 <br>Location: http://ww38.bussfabriken.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: bussfabriken.se <br>Referer: http://www.google.com/search?q=bussfabriken.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Wed, 21 Jun 2017 12:33:23 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45-0+deb7u8 <br>Set-Cookie: __tad=1498048403.3088131; expires=Sat, 19-Jun-2027 12:33:23 GMT <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT3OnBIzJNWcRt1c%2FS253LSKS1A73V6xOVcjqjfmwR8rb%2Brv2bq8XHuMPFCW6%2FX69DJX5f4XD5TQ0NkxC9t7KJ2N%2FZ%2BzRaj%2FO3sY8iSNmGt3Y316bpVkNtV02z3WujUe9bJOWS33jey5zUb4I2DXHYKk1YiuYGhdpfntz%2BMT3Xcqg2ZBgSgvgFly4liDzc7hcilyYs9IpXt41krGHb7Ar5cJeCSqsI8ccRJPf6M9ftM0Lk8l5EnMCHIa9Tz8eSJlc0t5IY5w1uOdH8Bh6oZSLbNjjDNxVrPXMnZInskEGfjcLkNbaJdxvFTh5RGi5RWVKrbi8HD8zwXEsXZxRabgAL%2FYwnrO9wS1uUGYtzufDN9xgCyCWskj0cDfZBNK4qEOXNwHWr2SkEZRT%2FgdaPmGUdP9haWV%2BP80Gl%2FMdFXYbNKqFRkI7iugo42SMWlCHhzBP0a6SNVksD5NApMhdmf4aRBBH7G6jMy%2Bgv6F0mb2nyRtBQ0dqu9XIwmKXpu%2F1W1JZ5rRfA5un%2FSMTnf%2FORoIFv3hAwfrW0tvzWjTkMX7PQhXp <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>bussfabriken.se is on 103.224.212.185<br>ASN for 103.224.212.185: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.185 corresponds with lb-212-185.above.com<br>Abuse.net does not have any reliable address for lb-212-185.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-185.above.com1498050424http://custome.se/ (103.224.212.194) - Serp-hijackingAttacked url: http://custome.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 21 Jun 2017 12:33:57 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT3OnBIzJNWcR%2BqbJJlwzrrKzgt4luon%2BNVV7nxgFthsJbp9OJ8q3yXBQiOqsMRpMsuI47GYTc8NHwPisnaLfO122qK1cZz69PBaUeaJ4uzNcitmOnHfs0%2BO5haOFwtA7sJQH4HgKmSyoHQmj6m5EZ3F3lmk5VeTK7wylvkNyOFdXObCUzWIpaSMNf1iI5Pg9IE9aZcUNK8Yah4%2BOYtrfwhXGC2ivxOOwPY9DPZ13TzTSPy5dP0Y%2FRaFCRjb56cw5ywaYtVs8jvpjJjcnI%2FvoIoiqa1uXMbC5EW8bSEUBMWWkQGMqwWDh2%2FerX8ShefP7ziRoHETp7rnQqVdTvDL%2BOVgNT%2BCPxVh6PnK4%2FQE5Y%2FP7Qc6zsmTMsnW1pfnxbcZELMXs0JCyhSE0RLjYNasW1tjb%2FKygEykpFAJwdQnXJmrLR36xgoNQMCLVJaqlF96b1iXtBVAdyiNjrStv6dQic%2BFTqoRws3AXkHaeY67kyEzKX9NQBAzmM7ofb3yfesvqRBDPXACDwNqeroGqozAak%2BY%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: custome.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Wed, 21 Jun 2017 10:33:58 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45-0+deb7u8 <br>Set-Cookie: __tad=1498041238.7405988; expires=Sat, 19-Jun-2027 10:33:58 GMT <br>Location: http://ww11.custome.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: custome.se <br>Referer: http://www.google.com/search?q=custome.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Wed, 21 Jun 2017 10:33:57 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1498041237.7087007; expires=Sat, 19-Jun-2027 10:33:57 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT3OnBIzJNWcR%2BqbJJlwzrrKzgt4luon%2BNVV7nxgFthsJbp9OJ8q3yXBQiOqsMRpMsuI47GYTc8NHwPisnaLfO122qK1cZz69PBaUeaJ4uzNcitmOnHfs0%2BO5haOFwtA7sJQH4HgKmSyoHQmj6m5EZ3F3lmk5VeTK7wylvkNyOFdXObCUzWIpaSMNf1iI5Pg9IE9aZcUNK8Yah4%2BOYtrfwhXGC2ivxOOwPY9DPZ13TzTSPy5dP0Y%2FRaFCRjb56cw5ywaYtVs8jvpjJjcnI%2FvoIoiqa1uXMbC5EW8bSEUBMWWkQGMqwWDh2%2FerX8ShefP7ziRoHETp7rnQqVdTvDL%2BOVgNT%2BCPxVh6PnK4%2FQE5Y%2FP7Qc6zsmTMsnW1pfnxbcZELMXs0JCyhSE0RLjYNasW1tjb%2FKygEykpFAJwdQnXJmrLR36xgoNQMCLVJaqlF96b1iXtBVAdyiNjrStv6dQic%2BFTqoRws3AXkHaeY67kyEzKX9NQBAzmM7ofb3yfesvqRBDPXACDwNqeroGqozAak%2BY%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>custome.se is on 103.224.212.194<br>ASN for 103.224.212.194: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.194 corresponds with lb-212-194.above.com<br>Abuse.net does not have any reliable address for lb-212-194.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-212-194.above.com abuse@above.com1498050380http://erikolssons.se/ (103.224.212.199) - Serp-hijackingAttacked url: http://erikolssons.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 21 Jun 2017 12:31:47 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT3OnBIzJNWcRoRzkhZ0wEcPnCNnKz0G5Z7E%2B%2BdBRTcWlJ3YcWWnPWxSHqeGcBJ6fY6UNHOdoiVBm%2FVQwYswgoqVxLuKQilk3lLLouSbEUWZjjdWb9pKF%2ByEG3cRqmJpi%2ByLkQeYNoBLeDGq121nBt5cEtoUAJSX82tjHg0tJtpQKMA9J0nTZ2Ghxu1XDQfVwB7ugPzpqAlMmMNnItOpUVLdxv%2FmcCi8GaXBC6rKjs5Yzs2Z3gGtq23sqgzZ4JM9uIzpEE5StuMyQ6OzkYpg%2Fot5O7bigX3wVmFMgAv83%2BiINppY9m7OLBWBQnqQCnxaMaZsTqonkL6aWb6ibJEhzTNgRUSEX78FizNXzSC4vNIgGheOpSPq6Tii36Y6ecMhvh1CtTFQpV6f3DZ4hgcZBK%2B1FZSH36Hd6iACyH%2Bgb%2F8Wr9Luiiys52pyXEcw27q9BRicf04peiBpBJxtvk3JouD1mzH4xeEVaThM4Ez3uhJaoZS61pQDh86xv%2BHbx2wF2q0e6X49FPNwpD0I4Adrt0HdXcaxq2vEu0sn%2BFOh3yOI5 <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: erikolssons.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Wed, 21 Jun 2017 10:31:47 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45-0+deb7u8 <br>Set-Cookie: __tad=1498041107.2067397; expires=Sat, 19-Jun-2027 10:31:47 GMT <br>Location: http://ww11.erikolssons.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: erikolssons.se <br>Referer: http://www.google.com/search?q=erikolssons.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Wed, 21 Jun 2017 10:31:46 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1498041106.2464823; expires=Sat, 19-Jun-2027 10:31:46 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT3OnBIzJNWcRoRzkhZ0wEcPnCNnKz0G5Z7E%2B%2BdBRTcWlJ3YcWWnPWxSHqeGcBJ6fY6UNHOdoiVBm%2FVQwYswgoqVxLuKQilk3lLLouSbEUWZjjdWb9pKF%2ByEG3cRqmJpi%2ByLkQeYNoBLeDGq121nBt5cEtoUAJSX82tjHg0tJtpQKMA9J0nTZ2Ghxu1XDQfVwB7ugPzpqAlMmMNnItOpUVLdxv%2FmcCi8GaXBC6rKjs5Yzs2Z3gGtq23sqgzZ4JM9uIzpEE5StuMyQ6OzkYpg%2Fot5O7bigX3wVmFMgAv83%2BiINppY9m7OLBWBQnqQCnxaMaZsTqonkL6aWb6ibJEhzTNgRUSEX78FizNXzSC4vNIgGheOpSPq6Tii36Y6ecMhvh1CtTFQpV6f3DZ4hgcZBK%2B1FZSH36Hd6iACyH%2Bgb%2F8Wr9Luiiys52pyXEcw27q9BRicf04peiBpBJxtvk3JouD1mzH4xeEVaThM4Ez3uhJaoZS61pQDh86xv%2BHbx2wF2q0e6X49FPNwpD0I4Adrt0HdXcaxq2vEu0sn%2BFOh3yOI5 <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>erikolssons.se is on 103.224.212.199<br>ASN for 103.224.212.199: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.199 corresponds with lb-212-199.above.com<br>Abuse.net does not have any reliable address for lb-212-199.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-212-199.above.com abuse@above.com1498050372http://dayft.se/ (103.224.212.187) - Serp-hijackingAttacked url: http://dayft.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 21 Jun 2017 09:36:36 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT3OnBIzJNWcR4jDfYUGbkt30hozeFf1KgqEuWTNnD3YRJsearYS94l%2FIQaou8Lgpurnx%2B0oiGMu%2BR8ytqG3BmOMBzZzvER9kAqTytWKaYdAiH6XB%2B7HB4ExGgd4Hi97EYFLBsL24o49fXV8MC9ke6Dbg5wlSfLg8YT0qH8TAhPymDsKDNPHBD4PIwcpp3vnQc5WMVtotYR23lg%2BqHkCZXwGch5HuCno6EccszmAz5F7cAWM7gJARlgEn0xNQAAAeJ%2B8voYhjiiZoBRkc9639kXuSqpVYmViCT%2FDtSqcw%2FjTDKYmIvPzFtutxFyKa94ft63pmgQ7yLRcYZ5qPNuEAXEyAJRj%2FqZJDKWZjjz1OXN1PC7sTDs0EImCLJb4CxT%2FRUCGZ%2F31WQRUBmBC6FLU9j%2FrAfjdhbf5vFjLePUj802G5uEYiKZPR7%2BoxR%2B4EDiVtXL5yUXBLMi3PkbOPUZOPXRJUTIjEC8BEA6O5%2Fudm967%2Bs8J%2BewpDt2k8UuTSt5PNuDTZOLwqTS9KL8MuFySRT%2Bs%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: dayft.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Wed, 21 Jun 2017 07:36:37 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1498030597.2038070; expires=Sat, 19-Jun-2027 07:36:37 GMT; Max-Age=315360000 <br>Location: http://ww11.dayft.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: dayft.se <br>Referer: http://www.google.com/search?q=dayft.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Wed, 21 Jun 2017 07:36:36 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1498030596.6782974; expires=Sat, 19-Jun-2027 07:36:36 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT3OnBIzJNWcR4jDfYUGbkt30hozeFf1KgqEuWTNnD3YRJsearYS94l%2FIQaou8Lgpurnx%2B0oiGMu%2BR8ytqG3BmOMBzZzvER9kAqTytWKaYdAiH6XB%2B7HB4ExGgd4Hi97EYFLBsL24o49fXV8MC9ke6Dbg5wlSfLg8YT0qH8TAhPymDsKDNPHBD4PIwcpp3vnQc5WMVtotYR23lg%2BqHkCZXwGch5HuCno6EccszmAz5F7cAWM7gJARlgEn0xNQAAAeJ%2B8voYhjiiZoBRkc9639kXuSqpVYmViCT%2FDtSqcw%2FjTDKYmIvPzFtutxFyKa94ft63pmgQ7yLRcYZ5qPNuEAXEyAJRj%2FqZJDKWZjjz1OXN1PC7sTDs0EImCLJb4CxT%2FRUCGZ%2F31WQRUBmBC6FLU9j%2FrAfjdhbf5vFjLePUj802G5uEYiKZPR7%2BoxR%2B4EDiVtXL5yUXBLMi3PkbOPUZOPXRJUTIjEC8BEA6O5%2Fudm967%2Bs8J%2BewpDt2k8UuTSt5PNuDTZOLwqTS9KL8MuFySRT%2Bs%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>dayft.se is on 103.224.212.187<br>ASN for 103.224.212.187: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.187 corresponds with lb-212-187.above.com<br>Abuse.net does not have any reliable address for lb-212-187.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-212-187.above.com abuse@above.com1498050293http://idottonline.se/ (103.224.212.189) - Serp-hijackingAttacked url: http://idottonline.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 21 Jun 2017 04:25:58 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT3OnBIzJNWcRqFOTUX0vCceXog1OA1wTVUHVzujKZNyNvLHROmPXTMfjyx2cBk6tLPQYb%2BOM6ScJXTFvX%2B%2BURnMDOptkA1PrZG%2BFBPsJuesbn6LSVRuLQN5D%2BTig36wSB4qBS9Z5dsy%2FM52GpP4JiNbFO92Wisg6xfnybs6PCK0XL68nM5mN%2Bbj5yMAHi6a6eyfyzEcVg5UC6RHvvXaZ3AlxEXqO3fUWvwaOYyvh2FONZU28zBtAhPm8LcEfrABAfiNqvLm9jflgY5IWzThbaWrRVFa5qgo%2FJqDFC2l8W7rC8kG1VbMXWJ4BI8myXbnm4q6A%2FwPRHGy%2FEpr613eTGlPRcIoGZBd9QSdi7UYg2aezHfRwuUc6eKLbhEQ2YCGYwxugN%2BqNStnP3Ovko%2FFxcM3xvE5fYYsWoEOA9X5kVviuC7oo0vAKWMYyT7XFyRDY9c1H8heBrP7DI2h%2BhhlogKG8mh0MeS%2BFNUvqxSvCPnjWB9ZYj2bK5KQvLxR6RhCHx9Fb9qF35d43lbbnDWwtaWp3xvxFCQ4E%2BsAhnUorFkmW <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: idottonline.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Wed, 21 Jun 2017 02:25:58 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1498011958.6158096; expires=Sat, 19-Jun-2027 02:25:58 GMT; Max-Age=315360000 <br>Location: http://ww11.idottonline.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: idottonline.se <br>Referer: http://www.google.com/search?q=idottonline.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Wed, 21 Jun 2017 02:25:57 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45-0+deb7u8 <br>Set-Cookie: __tad=1498011957.6000890; expires=Sat, 19-Jun-2027 02:25:57 GMT <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT3OnBIzJNWcRqFOTUX0vCceXog1OA1wTVUHVzujKZNyNvLHROmPXTMfjyx2cBk6tLPQYb%2BOM6ScJXTFvX%2B%2BURnMDOptkA1PrZG%2BFBPsJuesbn6LSVRuLQN5D%2BTig36wSB4qBS9Z5dsy%2FM52GpP4JiNbFO92Wisg6xfnybs6PCK0XL68nM5mN%2Bbj5yMAHi6a6eyfyzEcVg5UC6RHvvXaZ3AlxEXqO3fUWvwaOYyvh2FONZU28zBtAhPm8LcEfrABAfiNqvLm9jflgY5IWzThbaWrRVFa5qgo%2FJqDFC2l8W7rC8kG1VbMXWJ4BI8myXbnm4q6A%2FwPRHGy%2FEpr613eTGlPRcIoGZBd9QSdi7UYg2aezHfRwuUc6eKLbhEQ2YCGYwxugN%2BqNStnP3Ovko%2FFxcM3xvE5fYYsWoEOA9X5kVviuC7oo0vAKWMYyT7XFyRDY9c1H8heBrP7DI2h%2BhhlogKG8mh0MeS%2BFNUvqxSvCPnjWB9ZYj2bK5KQvLxR6RhCHx9Fb9qF35d43lbbnDWwtaWp3xvxFCQ4E%2BsAhnUorFkmW <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>idottonline.se is on 103.224.212.189<br>ASN for 103.224.212.189: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.189 corresponds with lb-212-189.above.com<br>Abuse.net does not have any reliable address for lb-212-189.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-189.above.com1498050215http://marktmedia.se/ (103.224.212.195) - Serp-hijackingAttacked url: http://marktmedia.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 21 Jun 2017 03:21:43 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT3OnBIzJNWcRgvk79gtlWt29Mg%2B40fVZMghl3lJQo%2FjKO9JKK%2Fw4x%2BEBXAUaU1qLy5wHYmKyXvhB6zoBOe2HsaBeKldXR2%2BybNb95qvnJm7HSVT46poULdla3xO7o8Fm3zc3pejauJdhy0oQ28iG39Tumz5Q2H9z0z3NJTNMUylbH9rXNfBQVOoLoB4RP%2B94%2FrHNOhi2zKOsOfZGouw5CHZcxqdsuvWPl7%2FPLGeogT%2FCNdluykbB9GP59FAKpd2%2BNLxo8pJAfKALjyUGVA2ULj0REZOGhgwGFGEkpDw6FMlZ%2BKfP9ebjzr14aw2X9DePvgZgMTnVtH7qZroMSJL514V%2BeQauDUN4vlCIpChNfkS4q%2Bw8sxC74e0zRXzRdh%2B4Ao4Ga5cvyb7TFVplRqPhhXMSmhyh5rh7R%2B171sHup10L1rSsr1YCIuC19T91I9VNvLCfr3osy6d75dW5OOr2tG%2FSSNIPaWT67D0NNT6FR2OY3GASuwWNNfQAR7uJwu%2BBK%2F4mcnQQelDWkMpnggCPSkK2eE1RtrlDPA%3D%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: marktmedia.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Wed, 21 Jun 2017 01:21:44 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1498008104.8636732; expires=Sat, 19-Jun-2027 01:21:44 GMT; Max-Age=315360000 <br>Location: http://ww11.marktmedia.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: marktmedia.se <br>Referer: http://www.google.com/search?q=marktmedia.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Wed, 21 Jun 2017 01:21:43 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1498008103.5356352; expires=Sat, 19-Jun-2027 01:21:43 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT3OnBIzJNWcRgvk79gtlWt29Mg%2B40fVZMghl3lJQo%2FjKO9JKK%2Fw4x%2BEBXAUaU1qLy5wHYmKyXvhB6zoBOe2HsaBeKldXR2%2BybNb95qvnJm7HSVT46poULdla3xO7o8Fm3zc3pejauJdhy0oQ28iG39Tumz5Q2H9z0z3NJTNMUylbH9rXNfBQVOoLoB4RP%2B94%2FrHNOhi2zKOsOfZGouw5CHZcxqdsuvWPl7%2FPLGeogT%2FCNdluykbB9GP59FAKpd2%2BNLxo8pJAfKALjyUGVA2ULj0REZOGhgwGFGEkpDw6FMlZ%2BKfP9ebjzr14aw2X9DePvgZgMTnVtH7qZroMSJL514V%2BeQauDUN4vlCIpChNfkS4q%2Bw8sxC74e0zRXzRdh%2B4Ao4Ga5cvyb7TFVplRqPhhXMSmhyh5rh7R%2B171sHup10L1rSsr1YCIuC19T91I9VNvLCfr3osy6d75dW5OOr2tG%2FSSNIPaWT67D0NNT6FR2OY3GASuwWNNfQAR7uJwu%2BBK%2F4mcnQQelDWkMpnggCPSkK2eE1RtrlDPA%3D%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>marktmedia.se is on 103.224.212.195<br>ASN for 103.224.212.195: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.195 corresponds with lb-212-195.above.com<br>Abuse.net does not have any reliable address for lb-212-195.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-195.above.com1498050207http://saxnasgarden.se/ (103.224.212.186) - Serp-hijackingAttacked url: http://saxnasgarden.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 21 Jun 2017 01:34:05 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT3OnBIzJNWcRCv2r1EbeNq%2Bkd5xI0xPS4HhMU9CTqfit2xraN7z8JoYAheqRJj%2BL5FqsWOx4xsIk4VT570z09mT%2BEbFbQWlVXrmLOpLaNYMoEAaXDscW7yMi5N6ZXi5gbOR3aXXQVI3dWnUbN5bEAO7kHkw4izbnertJl1fz9XhbOyT%2BJ4VVzCNEXAXh01A1y%2BsAwHTuZPtjF9YN1U2%2FFUVzLFp4lO%2FQIgj97WXe%2BW9sdi1sqzng59k%2FR1xID394mvPfg5aJy5Z5UET1He7Cc0rf6qX%2BBCmkxGr%2FsZkvHRcQ4J8m5asDyxKEMCBZVLekIUzpyaRQljgMMA2irRGgKFlOeVbsX3Zo1OzAzhHNbpqVlRCKSSwt3RnIAKoxvsoCvP8TSSNogfPGr%2Fui1IQ9YQx%2FrB00ViYluj0T0IUsnViK9EIcXPZoFwvUpzQprJiQMtu3JioOYAUWKRk8jv4UYpMxS6Iw3OQXRThOCMa3QlVtQWstZDOMkqVQCYTYGf3cO5UsaqbIhqCoLCTcRompDjDCSA9Al78ZkDKTPybGJ5Tt <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: saxnasgarden.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 20 Jun 2017 23:34:06 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1498001646.7958361; expires=Fri, 18-Jun-2027 23:34:06 GMT; Max-Age=315360000 <br>Location: http://ww11.saxnasgarden.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: saxnasgarden.se <br>Referer: http://www.google.com/search?q=saxnasgarden.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 20 Jun 2017 23:34:05 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1498001645.4498003; expires=Fri, 18-Jun-2027 23:34:05 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT3OnBIzJNWcRCv2r1EbeNq%2Bkd5xI0xPS4HhMU9CTqfit2xraN7z8JoYAheqRJj%2BL5FqsWOx4xsIk4VT570z09mT%2BEbFbQWlVXrmLOpLaNYMoEAaXDscW7yMi5N6ZXi5gbOR3aXXQVI3dWnUbN5bEAO7kHkw4izbnertJl1fz9XhbOyT%2BJ4VVzCNEXAXh01A1y%2BsAwHTuZPtjF9YN1U2%2FFUVzLFp4lO%2FQIgj97WXe%2BW9sdi1sqzng59k%2FR1xID394mvPfg5aJy5Z5UET1He7Cc0rf6qX%2BBCmkxGr%2FsZkvHRcQ4J8m5asDyxKEMCBZVLekIUzpyaRQljgMMA2irRGgKFlOeVbsX3Zo1OzAzhHNbpqVlRCKSSwt3RnIAKoxvsoCvP8TSSNogfPGr%2Fui1IQ9YQx%2FrB00ViYluj0T0IUsnViK9EIcXPZoFwvUpzQprJiQMtu3JioOYAUWKRk8jv4UYpMxS6Iw3OQXRThOCMa3QlVtQWstZDOMkqVQCYTYGf3cO5UsaqbIhqCoLCTcRompDjDCSA9Al78ZkDKTPybGJ5Tt <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>saxnasgarden.se is on 103.224.212.186<br>ASN for 103.224.212.186: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.186 corresponds with lb-212-186.above.com<br>Abuse.net does not have any reliable address for lb-212-186.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-186.above.com1498050193http://fastpomemap.se/ (103.224.212.184) - Serp-hijackingAttacked url: http://fastpomemap.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 21 Jun 2017 00:53:21 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT3OnBIzJNWcRtBPX6TcbAWWhKoYfds0YBAnjaCuuePwIzMz2Za8ksEiCZV3lQ8OcEmChGbquz%2FmyvogoAE36UBxFKH2fnQ7dd87RMEzFVA2X97sN5%2FGIKjJXQyxdPew3WIbT76ksfLn%2BUxAW6oQt4cbfAbedBiXTA0hifOk%2F56k8Ki%2FP3RL52RDAk4JjDbnV8GmmTaKm4wbg5x5ZSuDMHsUXS07m49MniYvEtcx9cnu6SlzM2PLlX2iyzYa2gLpS41B%2B8nbi9Ii1fizsypJwJz%2BCI99kImttsD9CYv0HjXImbbIGrhvafDEyt6RWeixMix5ObJRhbapXBg0B1tbtt4ZPiS9HWasUvOAkqWKwdQ45g34uspUlS74kjbM1KFqRJVBrrbYEsEJYNfY3Oh7AUefo3AquNkqpTKg6a%2BM%2FLvNf0dSzYXa57Xa5zqTxvUznquyJpA0Yx2GPATVrtUXQDPSvtu6wX80jVAt7oSyZkRCdvDggTq3nE%2BszwSL2bKnh26995GcJ5UCLcybgvtOkdOnvgvRlG5ivbQ%3D%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: fastpomemap.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 20 Jun 2017 22:53:22 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497999202.3483056; expires=Fri, 18-Jun-2027 22:53:22 GMT; Max-Age=315360000 <br>Location: http://ww11.fastpomemap.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: fastpomemap.se <br>Referer: http://www.google.com/search?q=fastpomemap.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 20 Jun 2017 22:53:21 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45-0+deb7u8 <br>Set-Cookie: __tad=1497999201.6702966; expires=Fri, 18-Jun-2027 22:53:21 GMT <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT3OnBIzJNWcRtBPX6TcbAWWhKoYfds0YBAnjaCuuePwIzMz2Za8ksEiCZV3lQ8OcEmChGbquz%2FmyvogoAE36UBxFKH2fnQ7dd87RMEzFVA2X97sN5%2FGIKjJXQyxdPew3WIbT76ksfLn%2BUxAW6oQt4cbfAbedBiXTA0hifOk%2F56k8Ki%2FP3RL52RDAk4JjDbnV8GmmTaKm4wbg5x5ZSuDMHsUXS07m49MniYvEtcx9cnu6SlzM2PLlX2iyzYa2gLpS41B%2B8nbi9Ii1fizsypJwJz%2BCI99kImttsD9CYv0HjXImbbIGrhvafDEyt6RWeixMix5ObJRhbapXBg0B1tbtt4ZPiS9HWasUvOAkqWKwdQ45g34uspUlS74kjbM1KFqRJVBrrbYEsEJYNfY3Oh7AUefo3AquNkqpTKg6a%2BM%2FLvNf0dSzYXa57Xa5zqTxvUznquyJpA0Yx2GPATVrtUXQDPSvtu6wX80jVAt7oSyZkRCdvDggTq3nE%2BszwSL2bKnh26995GcJ5UCLcybgvtOkdOnvgvRlG5ivbQ%3D%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>fastpomemap.se is on 103.224.212.184<br>ASN for 103.224.212.184: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.184 corresponds with lb-212-184.above.com<br>Abuse.net does not have any reliable address for lb-212-184.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-184.above.com1498050168http://prpellerheads.se/ (103.224.212.191) - Serp-hijackingAttacked url: http://prpellerheads.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 21 Jun 2017 00:31:38 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT3OnBIzJNWcRE2%2Byq3Sn0scxs3%2F5KmCsVnl7PUBYsGhh99ZZQ%2BGmi1oHV5TeLSa%2FlQL5CfEs0Na4wYgVTmc8sKZQl4WorCFwZizk41TkToEXU%2BXTGpVmphoGZOuCbBW41PYjE3Pk4Wh1eWBrp04dvh1h%2FYGG72kjv1%2BjXeWiFSzWzEW8CYyoReZ3b2BQXKbSvGkPY2i%2BZSkInl9loHBYe5ViJNaYOl5KNT6owZ%2B4ajM6jBr7k0EuDK5v3m44Us5vs8xMEFAwixgvkaowSW63kUVb0IMLMnSoXHQ23RgCbbqrd35SA1NNqSE9J07HMQJ%2Fi1L%2B76P9xVODxWdLxWNBVBatJGS%2FRZfP9z3Le5IbG8l6ulL8YP%2FGR9hva3ygtabYbWumd%2BG57oLtGTlXu%2FtF9jcFVi1qTdo28LI20vuLUQbxwJDufwrkvQRNjN1IGE4JHJSrTb%2B00uoqHOaBC%2Fb2Hv00ygo768QyVeEFKzt4DiQ%2BUuTcyRHNSpHvEApQu2UP%2BXvRYDQicIA5x65OF6jPwD%2FMy8g2fc9zsJZWjmM9uQ1iE8mzQHStT2c%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: prpellerheads.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 20 Jun 2017 22:31:39 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45-0+deb7u8 <br>Set-Cookie: __tad=1497997899.3491548; expires=Fri, 18-Jun-2027 22:31:39 GMT <br>Location: http://ww11.prpellerheads.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: prpellerheads.se <br>Referer: http://www.google.com/search?q=prpellerheads.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 20 Jun 2017 22:31:38 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497997898.7315708; expires=Fri, 18-Jun-2027 22:31:38 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT3OnBIzJNWcRE2%2Byq3Sn0scxs3%2F5KmCsVnl7PUBYsGhh99ZZQ%2BGmi1oHV5TeLSa%2FlQL5CfEs0Na4wYgVTmc8sKZQl4WorCFwZizk41TkToEXU%2BXTGpVmphoGZOuCbBW41PYjE3Pk4Wh1eWBrp04dvh1h%2FYGG72kjv1%2BjXeWiFSzWzEW8CYyoReZ3b2BQXKbSvGkPY2i%2BZSkInl9loHBYe5ViJNaYOl5KNT6owZ%2B4ajM6jBr7k0EuDK5v3m44Us5vs8xMEFAwixgvkaowSW63kUVb0IMLMnSoXHQ23RgCbbqrd35SA1NNqSE9J07HMQJ%2Fi1L%2B76P9xVODxWdLxWNBVBatJGS%2FRZfP9z3Le5IbG8l6ulL8YP%2FGR9hva3ygtabYbWumd%2BG57oLtGTlXu%2FtF9jcFVi1qTdo28LI20vuLUQbxwJDufwrkvQRNjN1IGE4JHJSrTb%2B00uoqHOaBC%2Fb2Hv00ygo768QyVeEFKzt4DiQ%2BUuTcyRHNSpHvEApQu2UP%2BXvRYDQicIA5x65OF6jPwD%2FMy8g2fc9zsJZWjmM9uQ1iE8mzQHStT2c%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>prpellerheads.se is on 103.224.212.191<br>ASN for 103.224.212.191: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.191 corresponds with lb-212-191.above.com<br>Abuse.net does not have any reliable address for lb-212-191.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-191.above.com1498050154http://ydrekommun.se/ (103.224.212.194) - Serp-hijackingAttacked url: http://ydrekommun.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 20 Jun 2017 22:31:09 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT3OnBIzJNWcRjbwNGFEWTS7m3yGkGG9nHJ3WpFA8X2w7UchZA669xCFJy3FJqFMmZF92ho0ECdfg0yfe3pGWouKfbS1Zkm0QVKiMpF%2FQI4pCgEyObkQdiUHiq7B%2B4lHfsd5strzuPf2xh32%2BjLJ02qyJCy%2BBwg%2FUmAsthfzmBLsHCYl8RP1KSMu8fdVH5kwXvekY3uqxQKaGNmR7XiOO%2FxvmmWmSO4oApiLnJOfxVw1neQpBHeKfad8aBTv1BEbzbyPW3dpfZA5D1Y3GOF60XrN9nP3mrDdAyt%2B66OqhQroP4f5IR5GJRAcsdb4pHtWqZOE%2B4OqX4qmSQr%2F32arCztHykLpdnnPkulhbdgqFRkXnxewOtjpqkN8TavkCzXO0NSGT5wDAZAeXQv8L%2BtGcpdrM5cypNY9y%2FKYadZgr%2F2SO%2Bx5%2BqFyvNidcnrQ3n0sZtcBVk4Q0OTC57uA099xJ23ww11Rbs7IBJzoPfXAbB9d4CPSHs2HuZMdIIjOpPjNtvoqT9aI708c%2BqLCm2boKPAJp%2BmZ0fg4aAg%3D%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: ydrekommun.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 20 Jun 2017 20:31:09 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497990669.6161816; expires=Fri, 18-Jun-2027 20:31:09 GMT; Max-Age=315360000 <br>Location: http://ww11.ydrekommun.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: ydrekommun.se <br>Referer: http://www.google.com/search?q=ydrekommun.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 20 Jun 2017 20:31:08 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497990668.3961200; expires=Fri, 18-Jun-2027 20:31:08 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT3OnBIzJNWcRjbwNGFEWTS7m3yGkGG9nHJ3WpFA8X2w7UchZA669xCFJy3FJqFMmZF92ho0ECdfg0yfe3pGWouKfbS1Zkm0QVKiMpF%2FQI4pCgEyObkQdiUHiq7B%2B4lHfsd5strzuPf2xh32%2BjLJ02qyJCy%2BBwg%2FUmAsthfzmBLsHCYl8RP1KSMu8fdVH5kwXvekY3uqxQKaGNmR7XiOO%2FxvmmWmSO4oApiLnJOfxVw1neQpBHeKfad8aBTv1BEbzbyPW3dpfZA5D1Y3GOF60XrN9nP3mrDdAyt%2B66OqhQroP4f5IR5GJRAcsdb4pHtWqZOE%2B4OqX4qmSQr%2F32arCztHykLpdnnPkulhbdgqFRkXnxewOtjpqkN8TavkCzXO0NSGT5wDAZAeXQv8L%2BtGcpdrM5cypNY9y%2FKYadZgr%2F2SO%2Bx5%2BqFyvNidcnrQ3n0sZtcBVk4Q0OTC57uA099xJ23ww11Rbs7IBJzoPfXAbB9d4CPSHs2HuZMdIIjOpPjNtvoqT9aI708c%2BqLCm2boKPAJp%2BmZ0fg4aAg%3D%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>ydrekommun.se is on 103.224.212.194<br>ASN for 103.224.212.194: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.194 corresponds with lb-212-194.above.com<br>Abuse.net does not have any reliable address for lb-212-194.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-212-194.above.com abuse@above.com1498050053http://fernanda.se/ (103.224.212.198) - Serp-hijackingAttacked url: http://fernanda.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 20 Jun 2017 21:32:04 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT3OnBIzJNWcRVt4OtSj%2F20rMoIo0nutKxYTeAUgVsWp1IoJtjbRkv7uGvKhYnuL1YdaEwPMj%2B9dprXI2YQ1oHGoRrK7jLEEDTUxVc4Gb7yus88RKb7mpyCp1e0vbNfNPw9eSAhbOEzK4AtzJLeziw9WI463AHKvKt7s6qVoou%2B%2Bo38XLFBM6Iov%2FxTbFRqN05SHqbNoRX%2FylqKODUzXWc0GpusBdk1Y0pazhzlHYNEX61eBRwzGLShehroYhPPmRl9KV6YuoPwl8WgqwztnxCgyydrdlW%2FWiucOm4gSfOoBdAx4bUIe5%2FaW1SO%2B%2ByqtpS66jmH6EL9iykIJ6F5xaFE8rpQpYczQd2brKSVeb1%2FzgeOaWiH1BCLYCL2JxjUtmGua2xJJCWUjNWao5MRTrgNBY9YlxGSrsvntORwaPTJLdVfTXeMgMtxhHxH57M9Yt%2B%2BLdRPoO9Dh47y6Rr2fwKysGILyYw%2BVwG4Ach%2BmsSYKJt%2FNx8G7bvcdwsbaSp4ag9Mz1JNc8lyZ7mLLhCNMJXrg%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: fernanda.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 20 Jun 2017 19:32:04 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497987124.5031990; expires=Fri, 18-Jun-2027 19:32:04 GMT; Max-Age=315360000 <br>Location: http://ww11.fernanda.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: fernanda.se <br>Referer: http://www.google.com/search?q=fernanda.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 20 Jun 2017 19:32:03 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45-0+deb7u8 <br>Set-Cookie: __tad=1497987123.8233451; expires=Fri, 18-Jun-2027 19:32:03 GMT <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT3OnBIzJNWcRVt4OtSj%2F20rMoIo0nutKxYTeAUgVsWp1IoJtjbRkv7uGvKhYnuL1YdaEwPMj%2B9dprXI2YQ1oHGoRrK7jLEEDTUxVc4Gb7yus88RKb7mpyCp1e0vbNfNPw9eSAhbOEzK4AtzJLeziw9WI463AHKvKt7s6qVoou%2B%2Bo38XLFBM6Iov%2FxTbFRqN05SHqbNoRX%2FylqKODUzXWc0GpusBdk1Y0pazhzlHYNEX61eBRwzGLShehroYhPPmRl9KV6YuoPwl8WgqwztnxCgyydrdlW%2FWiucOm4gSfOoBdAx4bUIe5%2FaW1SO%2B%2ByqtpS66jmH6EL9iykIJ6F5xaFE8rpQpYczQd2brKSVeb1%2FzgeOaWiH1BCLYCL2JxjUtmGua2xJJCWUjNWao5MRTrgNBY9YlxGSrsvntORwaPTJLdVfTXeMgMtxhHxH57M9Yt%2B%2BLdRPoO9Dh47y6Rr2fwKysGILyYw%2BVwG4Ach%2BmsSYKJt%2FNx8G7bvcdwsbaSp4ag9Mz1JNc8lyZ7mLLhCNMJXrg%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>fernanda.se is on 103.224.212.198<br>ASN for 103.224.212.198: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.198 corresponds with lb-212-198.above.com<br>Abuse.net does not have any reliable address for lb-212-198.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-212-198.above.com abuse@above.com1498049977http://grandparym.se/ (103.224.212.199) - Serp-hijackingAttacked url: http://grandparym.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 20 Jun 2017 20:14:29 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT3OnBIzJNWcRh9YWONv73tvX3pSlKnjnS4Sa%2FE8Y1AaP6Y9Z%2B8dNv67%2FBnxqDayeBrvt3XY8wT5rzsyoKkZnS2dMxFAPAoheDP4wawo0jjoE0xISs0NVkqrflx4vqs9gxRBYeIJnCwgpfy6nTUo4NUdhrOVujqsCIidpAKJbdzGFG23yzEaOxTJc5SgPFgl1Am7%2FyX1WX%2BqpUvxlAsf60wTzX0lK8VSxvYlx%2BXKSsvab52%2BuMjJL89%2BapgHzUsdukiBa%2FjHnj%2BzbFrbrlKKOCK3yAygqQZVPT0Fo70dMc2aeTXVeTpt9SsSQaqNDpMWnnxffKlDx02DlGzAW8w5DGcPPB%2BV1LgHuizqvdaa9E7jzosgrctdmRAl6Jyo%2FX1qOiJqF%2FOSWcybqFanYKxlPqpmpOAdUXjPjVf0Ba82H3h4EjC6WbQeznhXFp8ywOaRt5lYjmXKczdMfvSwFgM%2F5MwKChI9mYF2P4g%2FpYVstghkP2wjA42%2F%2FcmcBzEfRZVaw7VxSM9fBfaj4P3LfuOQGKaAUA%2BAf%2FeW7xGJQcLhx7H1T <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: grandparym.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 20 Jun 2017 18:14:30 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497982470.1454974; expires=Fri, 18-Jun-2027 18:14:30 GMT; Max-Age=315360000 <br>Location: http://ww11.grandparym.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: grandparym.se <br>Referer: http://www.google.com/search?q=grandparym.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 20 Jun 2017 18:14:29 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497982469.2038799; expires=Fri, 18-Jun-2027 18:14:29 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT3OnBIzJNWcRh9YWONv73tvX3pSlKnjnS4Sa%2FE8Y1AaP6Y9Z%2B8dNv67%2FBnxqDayeBrvt3XY8wT5rzsyoKkZnS2dMxFAPAoheDP4wawo0jjoE0xISs0NVkqrflx4vqs9gxRBYeIJnCwgpfy6nTUo4NUdhrOVujqsCIidpAKJbdzGFG23yzEaOxTJc5SgPFgl1Am7%2FyX1WX%2BqpUvxlAsf60wTzX0lK8VSxvYlx%2BXKSsvab52%2BuMjJL89%2BapgHzUsdukiBa%2FjHnj%2BzbFrbrlKKOCK3yAygqQZVPT0Fo70dMc2aeTXVeTpt9SsSQaqNDpMWnnxffKlDx02DlGzAW8w5DGcPPB%2BV1LgHuizqvdaa9E7jzosgrctdmRAl6Jyo%2FX1qOiJqF%2FOSWcybqFanYKxlPqpmpOAdUXjPjVf0Ba82H3h4EjC6WbQeznhXFp8ywOaRt5lYjmXKczdMfvSwFgM%2F5MwKChI9mYF2P4g%2FpYVstghkP2wjA42%2F%2FcmcBzEfRZVaw7VxSM9fBfaj4P3LfuOQGKaAUA%2BAf%2FeW7xGJQcLhx7H1T <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>grandparym.se is on 103.224.212.199<br>ASN for 103.224.212.199: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.199 corresponds with lb-212-199.above.com<br>Abuse.net does not have any reliable address for lb-212-199.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-199.above.com1498049975http://upplyssningen.se/ (103.224.212.191) - Serp-hijackingAttacked url: http://upplyssningen.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 20 Jun 2017 19:48:51 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT3OnBIzJNWcRbV%2FSkcN5fQnrfGj%2BRB90xoQR3IoOE0jZmxT5QPwu%2Fha79YoLkOld7yXNdufbKurLhCDpYa3T%2BND4Vw7Boxg2v6BgDIOirsKg04GRJNk2VLSDveewjV2OKvPwFuhQHGeVbhYlrzesu3GGMqHJcK1v%2BGFe%2FuTJhSIALfwpkiHrQ9zd6mRi%2FfsZScT0CammeSdN2LHQ2u96NROuAv%2BgtVGp42p6U8srxTpkgAbrVjiA42HQ%2F0Ic0kNEu6jCWuSS2NXrdk3RNQJKF7d6qcuic%2FIeS6f75XGhoBliKcGH5yDM4BCIcI8AO3JXaZmJ67sTaC9dafe8ZU0Qy5h260tB6fg55Wh%2FLZo3fxxvWhVsCdHhQc0Ofwl8hMfXZu7cOO9rewMdrYmSMxf28CdZrxzuH0xYnTN6V%2FoI8AVVhrE0bXyvgkFUEIfhTLM6zVg2JSqHhYYg3pm5GtqgZtERjh88%2F%2BOiKCLnU4rwL2Z58iNgpiakNW%2FEoVAUlM0uSZTJ5Ojpqy9h3xbesCxhLN8Hz8SKgoaPJzToWyBLF7Eh <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: upplyssningen.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 20 Jun 2017 17:48:51 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497980931.8484170; expires=Fri, 18-Jun-2027 17:48:51 GMT; Max-Age=315360000 <br>Location: http://ww11.upplyssningen.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: upplyssningen.se <br>Referer: http://www.google.com/search?q=upplyssningen.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 20 Jun 2017 17:48:50 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497980930.6636569; expires=Fri, 18-Jun-2027 17:48:50 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT3OnBIzJNWcRbV%2FSkcN5fQnrfGj%2BRB90xoQR3IoOE0jZmxT5QPwu%2Fha79YoLkOld7yXNdufbKurLhCDpYa3T%2BND4Vw7Boxg2v6BgDIOirsKg04GRJNk2VLSDveewjV2OKvPwFuhQHGeVbhYlrzesu3GGMqHJcK1v%2BGFe%2FuTJhSIALfwpkiHrQ9zd6mRi%2FfsZScT0CammeSdN2LHQ2u96NROuAv%2BgtVGp42p6U8srxTpkgAbrVjiA42HQ%2F0Ic0kNEu6jCWuSS2NXrdk3RNQJKF7d6qcuic%2FIeS6f75XGhoBliKcGH5yDM4BCIcI8AO3JXaZmJ67sTaC9dafe8ZU0Qy5h260tB6fg55Wh%2FLZo3fxxvWhVsCdHhQc0Ofwl8hMfXZu7cOO9rewMdrYmSMxf28CdZrxzuH0xYnTN6V%2FoI8AVVhrE0bXyvgkFUEIfhTLM6zVg2JSqHhYYg3pm5GtqgZtERjh88%2F%2BOiKCLnU4rwL2Z58iNgpiakNW%2FEoVAUlM0uSZTJ5Ojpqy9h3xbesCxhLN8Hz8SKgoaPJzToWyBLF7Eh <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>upplyssningen.se is on 103.224.212.191<br>ASN for 103.224.212.191: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.191 corresponds with lb-212-191.above.com<br>Abuse.net does not have any reliable address for lb-212-191.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-212-191.above.com abuse@above.com1498049969http://nenonnet.se/ (103.224.212.185) - Serp-hijackingAttacked url: http://nenonnet.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 20 Jun 2017 16:11:14 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT3OnBIzJNWcRvfhMZyUq9ZowYo7RUAtP7nl%2FfGVqqvzZMy5nLzsYOXEzD%2BG4odFc6j38e0aS3obdrPNWy%2FNQerssTtIBZRFUvjIm6YWl6J6V4Ib0heVwHAtSwfV3B5JnXO6PV9Z6FWPGo6C0KSvM3zs6DVMOIkNGHDqMWt6y%2B3zBeqCFEgkNhxbobjp7Ekp5CENKWSw%2BXlMfTEwBla6GsU%2BtIq5whw9Dro9017KXxJmLjW0wiAKguW%2Fj3wdW7xrpTLjlZKHyd%2FVuD2HT41VTrzkS4puqDou2QZms%2B9uRg1dpwEKwKUaqlGjP1Tm3Y0qeZDhIA6YqNDKI6wrAc5ifo5EPpMQh%2BHjN1v8MDmZxQzkqDwi%2F8ZAihmUkKoUnmYLBcPl5%2BdhjhIu1oD5HjOJiiGdu%2F8nN0FqC4EnrW%2FVeiC%2FYcmkorCLSHzW%2F2wSez9MESCS3W0ocQiCbUfwu2Dnh1P0aF0WRLubSMmwTcCV3DnMVECgjFgWg29NdNBm5tZiHJ5CAnYSCo9Ms1cgr8W83W84%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: nenonnet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 20 Jun 2017 14:11:14 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497967874.3389931; expires=Fri, 18-Jun-2027 14:11:14 GMT; Max-Age=315360000 <br>Location: http://ww1.nenonnet.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: nenonnet.se <br>Referer: http://www.google.com/search?q=nenonnet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 20 Jun 2017 14:11:13 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497967873.7655622; expires=Fri, 18-Jun-2027 14:11:13 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT3OnBIzJNWcRvfhMZyUq9ZowYo7RUAtP7nl%2FfGVqqvzZMy5nLzsYOXEzD%2BG4odFc6j38e0aS3obdrPNWy%2FNQerssTtIBZRFUvjIm6YWl6J6V4Ib0heVwHAtSwfV3B5JnXO6PV9Z6FWPGo6C0KSvM3zs6DVMOIkNGHDqMWt6y%2B3zBeqCFEgkNhxbobjp7Ekp5CENKWSw%2BXlMfTEwBla6GsU%2BtIq5whw9Dro9017KXxJmLjW0wiAKguW%2Fj3wdW7xrpTLjlZKHyd%2FVuD2HT41VTrzkS4puqDou2QZms%2B9uRg1dpwEKwKUaqlGjP1Tm3Y0qeZDhIA6YqNDKI6wrAc5ifo5EPpMQh%2BHjN1v8MDmZxQzkqDwi%2F8ZAihmUkKoUnmYLBcPl5%2BdhjhIu1oD5HjOJiiGdu%2F8nN0FqC4EnrW%2FVeiC%2FYcmkorCLSHzW%2F2wSez9MESCS3W0ocQiCbUfwu2Dnh1P0aF0WRLubSMmwTcCV3DnMVECgjFgWg29NdNBm5tZiHJ5CAnYSCo9Ms1cgr8W83W84%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>nenonnet.se is on 103.224.212.185<br>ASN for 103.224.212.185: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.185 corresponds with lb-212-185.above.com<br>Abuse.net does not have any reliable address for lb-212-185.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-185.above.com1498049870http://bokaidrott.se/ (103.224.212.192) - Serp-hijackingAttacked url: http://bokaidrott.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 20 Jun 2017 15:10:24 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT4XKo%2Fgxkdz1CUMRvFm0EWZEAfURYFRp7Xv%2BMiBobgVtpGdT3UAv6VCrue5QJx%2B4gkLxolVxnFzaGjtbIYakOyVsLZT8dcNtlJEqIvWDQKJjeArYfIrnGDG1iBqZgif4duKkPSN83ye0ay%2FXnCYVEk1hSQSPXPUDLdGCJctX9BQwEEdetOpsiz59uZZYmt3w1QVVLvkUIu%2BZcBqYfxMUUsZr3TU2RBq6TbH1%2FppF8P3GpFQgQis9mYA0PX1MiOncSVZckQqpxVrJuh7cdVP8Ne0jFj1JbCLtm9Z7jMoP7QIa5%2Fi9WrKs25zC6MbuLyswrBdWfwkGfAn%2FNzaCPPApWvSYSeFLiyL43BsUIdLLgtUhbU6CLeEPNQM514C97O%2FnJSTaGXDnP%2BxOoWowAkxdIM8ROBL59Z9rVY7wjrRW37E3gWI0vGByre%2FCBcG1VpmADsULo1CCZCgygfVbkwDhQW6ICnVVotovuE%2B4xhvwFiyl3Grvk9eUVfUgMaVxogMlXPxNi9zwCM2yM8M1ZFodn7IFOA0ZA0RwGM4o3fgvPz1x <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: bokaidrott.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 20 Jun 2017 13:10:25 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497964225.3848005; expires=Fri, 18-Jun-2027 13:10:25 GMT; Max-Age=315360000 <br>Location: http://ww11.bokaidrott.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: bokaidrott.se <br>Referer: http://www.google.com/search?q=bokaidrott.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 20 Jun 2017 13:10:24 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45-0+deb7u8 <br>Set-Cookie: __tad=1497964224.2687274; expires=Fri, 18-Jun-2027 13:10:24 GMT <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT4XKo%2Fgxkdz1CUMRvFm0EWZEAfURYFRp7Xv%2BMiBobgVtpGdT3UAv6VCrue5QJx%2B4gkLxolVxnFzaGjtbIYakOyVsLZT8dcNtlJEqIvWDQKJjeArYfIrnGDG1iBqZgif4duKkPSN83ye0ay%2FXnCYVEk1hSQSPXPUDLdGCJctX9BQwEEdetOpsiz59uZZYmt3w1QVVLvkUIu%2BZcBqYfxMUUsZr3TU2RBq6TbH1%2FppF8P3GpFQgQis9mYA0PX1MiOncSVZckQqpxVrJuh7cdVP8Ne0jFj1JbCLtm9Z7jMoP7QIa5%2Fi9WrKs25zC6MbuLyswrBdWfwkGfAn%2FNzaCPPApWvSYSeFLiyL43BsUIdLLgtUhbU6CLeEPNQM514C97O%2FnJSTaGXDnP%2BxOoWowAkxdIM8ROBL59Z9rVY7wjrRW37E3gWI0vGByre%2FCBcG1VpmADsULo1CCZCgygfVbkwDhQW6ICnVVotovuE%2B4xhvwFiyl3Grvk9eUVfUgMaVxogMlXPxNi9zwCM2yM8M1ZFodn7IFOA0ZA0RwGM4o3fgvPz1x <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>bokaidrott.se is on 103.224.212.192<br>ASN for 103.224.212.192: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.192 corresponds with lb-212-192.above.com<br>Abuse.net does not have any reliable address for lb-212-192.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-212-192.above.com abuse@above.com1498049862http://wjo.se/ (103.224.212.190) - Serp-hijackingAttacked url: http://wjo.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 20 Jun 2017 14:59:38 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT4XKo%2Fgxkdz1v4aR9Nu598tmgDInYXemmdZCpijafVL%2BbBOw7sqiarOLGOmh4mGk8jxMz6hvgegw%2F6wHYX6pZpIdUXLsIGZ1iabAvsVTtaFnuJt6rc6PdfKYjR5xQMbonILlHGKvjd0Q21wJQc0ld9FOsSvjDERIH406Aeb2nD4YsbmBbRwms8FklAfM6zlwHlQ4Ri%2FcRvzl3lG9CcaNBrJYZT2pX%2FL5U6qQNj8proOQSEtCRc5Q9MBYUnReAoQeuSKRaXHn47fwGVktLBd5RJvrTHo2IwP1Y%2BElBY95HcMbN%2Fb2Mzfy%2FCZyULiueirPxKg54e4wvKI%2BXFKdD9kY3m7zoOCLRTbj%2F4d0QOSeru%2B3mRo0BjkBkANZ3cFMIf2QPK%2BzhDbiHqF0Zpqa7MmXAavAofsYgqKbixEn7yQ6caE5Hu2OYXnMKDWfg%2BUno1VR2H5K8YsWiAeWeqKGcvUKkUVUH8QARUKZ4v%2FPTEZJzpyVcU2pe4RChgau20tQB1LlrQ%3D%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: wjo.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 20 Jun 2017 12:59:39 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497963579.3360927; expires=Fri, 18-Jun-2027 12:59:39 GMT; Max-Age=315360000 <br>Location: http://ww11.wjo.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: wjo.se <br>Referer: http://www.google.com/search?q=wjo.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 20 Jun 2017 12:59:38 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45-0+deb7u8 <br>Set-Cookie: __tad=1497963578.4791181; expires=Fri, 18-Jun-2027 12:59:38 GMT <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT4XKo%2Fgxkdz1v4aR9Nu598tmgDInYXemmdZCpijafVL%2BbBOw7sqiarOLGOmh4mGk8jxMz6hvgegw%2F6wHYX6pZpIdUXLsIGZ1iabAvsVTtaFnuJt6rc6PdfKYjR5xQMbonILlHGKvjd0Q21wJQc0ld9FOsSvjDERIH406Aeb2nD4YsbmBbRwms8FklAfM6zlwHlQ4Ri%2FcRvzl3lG9CcaNBrJYZT2pX%2FL5U6qQNj8proOQSEtCRc5Q9MBYUnReAoQeuSKRaXHn47fwGVktLBd5RJvrTHo2IwP1Y%2BElBY95HcMbN%2Fb2Mzfy%2FCZyULiueirPxKg54e4wvKI%2BXFKdD9kY3m7zoOCLRTbj%2F4d0QOSeru%2B3mRo0BjkBkANZ3cFMIf2QPK%2BzhDbiHqF0Zpqa7MmXAavAofsYgqKbixEn7yQ6caE5Hu2OYXnMKDWfg%2BUno1VR2H5K8YsWiAeWeqKGcvUKkUVUH8QARUKZ4v%2FPTEZJzpyVcU2pe4RChgau20tQB1LlrQ%3D%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>wjo.se is on 103.224.212.190<br>ASN for 103.224.212.190: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.190 corresponds with lb-212-190.above.com<br>Abuse.net does not have any reliable address for lb-212-190.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-212-190.above.com abuse@above.com1498049860http://ifmetallakassa.se/ (103.224.212.191) - Serp-hijackingAttacked url: http://ifmetallakassa.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 20 Jun 2017 05:01:25 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT4XKo%2Fgxkdz1ZjM7aoRp8SSztnYuEPHsm22fFTf1KMZ9gkjmlneMP5W5yQtmPaKG%2BekAiU33k4y4eU3PcUvQbVaiuRbBRT2cFe3GiWsnXt1r%2BilVn0cmUBp8nBRia0Mz6bT8mbMweTyIvMKqytP4ScuVAHXtMUBUgKnAJ0PH6e46jqueyqVCJkaP9MZQ86asCIrsdnsMFDSJnmRF0NwXU49r%2FL%2FdtUco4WFjJqcUF5ZiXTqUr7Tv7x3YxctpbzoCwoiwGQRKnAHqPaGFpoqBwHfH1RVl5J4zUz6FoatZUrx9AfZiouRFvkeTMCa5q%2FI221WyvH7yL9zQ84iLAsQsTmc%2Fx1WW%2BSB3SKQqOzEqH2OlYK6kALKzpuSmg0nWT%2F0bBESILo3ak%2FSmeFOZR9sDN%2Bz%2BvjFBFrZUArjocr1PrxnbxykpNLcxRkIjuwHYMiTvLlEiEtw21t9Y47Z5ZeNKnG8Hyl64KArcDBSjsBwTMbGrUoLvH8o5JNi%2BuSeU6zrVHb1r2POfN2u1prQf1Jzqay1Xe5bGs4%2FKZ54Nu%2B43t7wm <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: ifmetallakassa.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 20 Jun 2017 03:01:26 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45-0+deb7u8 <br>Set-Cookie: __tad=1497927686.3997423; expires=Fri, 18-Jun-2027 03:01:26 GMT <br>Location: http://ww38.ifmetallakassa.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: ifmetallakassa.se <br>Referer: http://www.google.com/search?q=ifmetallakassa.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 20 Jun 2017 03:01:25 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497927685.5615534; expires=Fri, 18-Jun-2027 03:01:25 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT4XKo%2Fgxkdz1ZjM7aoRp8SSztnYuEPHsm22fFTf1KMZ9gkjmlneMP5W5yQtmPaKG%2BekAiU33k4y4eU3PcUvQbVaiuRbBRT2cFe3GiWsnXt1r%2BilVn0cmUBp8nBRia0Mz6bT8mbMweTyIvMKqytP4ScuVAHXtMUBUgKnAJ0PH6e46jqueyqVCJkaP9MZQ86asCIrsdnsMFDSJnmRF0NwXU49r%2FL%2FdtUco4WFjJqcUF5ZiXTqUr7Tv7x3YxctpbzoCwoiwGQRKnAHqPaGFpoqBwHfH1RVl5J4zUz6FoatZUrx9AfZiouRFvkeTMCa5q%2FI221WyvH7yL9zQ84iLAsQsTmc%2Fx1WW%2BSB3SKQqOzEqH2OlYK6kALKzpuSmg0nWT%2F0bBESILo3ak%2FSmeFOZR9sDN%2Bz%2BvjFBFrZUArjocr1PrxnbxykpNLcxRkIjuwHYMiTvLlEiEtw21t9Y47Z5ZeNKnG8Hyl64KArcDBSjsBwTMbGrUoLvH8o5JNi%2BuSeU6zrVHb1r2POfN2u1prQf1Jzqay1Xe5bGs4%2FKZ54Nu%2B43t7wm <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>ifmetallakassa.se is on 103.224.212.191<br>ASN for 103.224.212.191: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.191 corresponds with lb-212-191.above.com<br>Abuse.net does not have any reliable address for lb-212-191.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-191.above.com1497971104http://aftonbladete.se/ (103.224.212.196) - Serp-hijackingAttacked url: http://aftonbladete.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 20 Jun 2017 03:03:02 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT4XKo%2Fgxkdz1HxSHyWqf%2BP%2Bv1YwYFKiR5AX5b%2FGtktJ6V5cTIE3rW8s%2B6BhPoOE4ChQOVFGYcefuWsC9XPzSOf2fOhuSX8uX04ed4fcHpX%2BoYt3Vs6oyfJfPjGzuPS3Qg0OPjiGs09t974uQeVxiCFsbjBKysHm33qlz7yde%2F3FikNe6ZP6vnMX74D08BduL%2B8W8asw%2FTecHD68JRTm0xTvtgAd6nEJlDWfdZ1c%2B8aEANgEDZ5IxgBl4uRfwQFj5E0MQiD7k3udtLd2lW6KM5dFhTNqNTu9gXpWUJYATCb1Ag1lhWvIJG94%2Fvv%2FdR08NGQ1SMBr8rSfhEFdOnN3nlz%2FvTYyMP6WEYTy%2Bjm8aLF8fIV8uu8yEGSBMQXrrABYnppKalko22CDeToTmdtaTx%2BvjBKL3aQTkqq5%2BkHWL%2FJEG%2B8jmtwEKzBsqyAiB32nng%2BjYe5m7prGOYZ%2FO7uZqyx7V4c0a%2BPDl9nPu12rYI9Zr8oe0KUhA9ScnDXrx1k2HDE1xKXXP47HrNPpfz4BCqJ3ptDa4dlDCjg%3D%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: aftonbladete.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 20 Jun 2017 01:03:02 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45-0+deb7u8 <br>Set-Cookie: __tad=1497920582.7316556; expires=Fri, 18-Jun-2027 01:03:02 GMT <br>Location: http://ww11.aftonbladete.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: aftonbladete.se <br>Referer: http://www.google.com/search?q=aftonbladete.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 20 Jun 2017 01:03:01 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497920581.1810055; expires=Fri, 18-Jun-2027 01:03:01 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT4XKo%2Fgxkdz1HxSHyWqf%2BP%2Bv1YwYFKiR5AX5b%2FGtktJ6V5cTIE3rW8s%2B6BhPoOE4ChQOVFGYcefuWsC9XPzSOf2fOhuSX8uX04ed4fcHpX%2BoYt3Vs6oyfJfPjGzuPS3Qg0OPjiGs09t974uQeVxiCFsbjBKysHm33qlz7yde%2F3FikNe6ZP6vnMX74D08BduL%2B8W8asw%2FTecHD68JRTm0xTvtgAd6nEJlDWfdZ1c%2B8aEANgEDZ5IxgBl4uRfwQFj5E0MQiD7k3udtLd2lW6KM5dFhTNqNTu9gXpWUJYATCb1Ag1lhWvIJG94%2Fvv%2FdR08NGQ1SMBr8rSfhEFdOnN3nlz%2FvTYyMP6WEYTy%2Bjm8aLF8fIV8uu8yEGSBMQXrrABYnppKalko22CDeToTmdtaTx%2BvjBKL3aQTkqq5%2BkHWL%2FJEG%2B8jmtwEKzBsqyAiB32nng%2BjYe5m7prGOYZ%2FO7uZqyx7V4c0a%2BPDl9nPu12rYI9Zr8oe0KUhA9ScnDXrx1k2HDE1xKXXP47HrNPpfz4BCqJ3ptDa4dlDCjg%3D%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>aftonbladete.se is on 103.224.212.196<br>ASN for 103.224.212.196: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.196 corresponds with lb-212-196.above.com<br>Abuse.net does not have any reliable address for lb-212-196.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-212-196.above.com abuse@above.com1497971092http://trend7tra.nu/ (103.224.182.249) - Serp-hijackingAttacked url: http://trend7tra.nu/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 20 Jun 2017 02:32:11 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT4XKo%2Fgxkdz1HmTwvZPcuyosKYU5dp8wQNyyWJiqx%2FIeX2roPJiCEM2WXXnrAD7IXUp9GSFOjrM68lvAVePinx0NuKHHsEZRAzgSU112p3L5NAIvRwr%2F9SGr9r4VSbVwqd5WzK42JAFS2hyPkyPk6KnTnvKLacCVLp1jokeCe2RwY24kGu%2BhX%2BAUclStNK%2FqH%2BFo%2F86Q7oENXXU7PN6dZiU4MABoDQp6c8BQBN%2Bq5hnEfLpDvQCkbDfjQaKJPNIYDE%2FXJBE5mh3U6ARh%2BpdRmR%2FANzIwRIfsDrZP5QR0iOUrjJOeMWamPFJ0G1r3gL0LIevOgQIrVNUMPSgCfd6FD4Vhxa8n4MGNDIs8rjscKdBlLoHGEDPH3eCrTe4tUUaYXjrpcDetSH7ms6GLXez7HNHxEZDfOsLlAKIrt19YLoY6ReX1KxYkdgp4BWPdiZ1muLHuoaI0DK4O9JkrowbS0vJFpFyfv%2Fpzd7RQa2dnnAxV%2BdtSVLfjo%2BAuIKGxO92i1VVZzvxsWGDHg5hWLGW2lZ8ifbZKmP58UA%3D%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: trend7tra.nu <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 20 Jun 2017 00:32:12 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497918732.1088573; expires=Fri, 18-Jun-2027 00:32:12 GMT; Max-Age=315360000 <br>Location: http://ww11.trend7tra.nu/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: trend7tra.nu <br>Referer: http://www.google.com/search?q=trend7tra.nu <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 20 Jun 2017 00:32:11 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497918731.6918405; expires=Fri, 18-Jun-2027 00:32:11 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT4XKo%2Fgxkdz1HmTwvZPcuyosKYU5dp8wQNyyWJiqx%2FIeX2roPJiCEM2WXXnrAD7IXUp9GSFOjrM68lvAVePinx0NuKHHsEZRAzgSU112p3L5NAIvRwr%2F9SGr9r4VSbVwqd5WzK42JAFS2hyPkyPk6KnTnvKLacCVLp1jokeCe2RwY24kGu%2BhX%2BAUclStNK%2FqH%2BFo%2F86Q7oENXXU7PN6dZiU4MABoDQp6c8BQBN%2Bq5hnEfLpDvQCkbDfjQaKJPNIYDE%2FXJBE5mh3U6ARh%2BpdRmR%2FANzIwRIfsDrZP5QR0iOUrjJOeMWamPFJ0G1r3gL0LIevOgQIrVNUMPSgCfd6FD4Vhxa8n4MGNDIs8rjscKdBlLoHGEDPH3eCrTe4tUUaYXjrpcDetSH7ms6GLXez7HNHxEZDfOsLlAKIrt19YLoY6ReX1KxYkdgp4BWPdiZ1muLHuoaI0DK4O9JkrowbS0vJFpFyfv%2Fpzd7RQa2dnnAxV%2BdtSVLfjo%2BAuIKGxO92i1VVZzvxsWGDHg5hWLGW2lZ8ifbZKmP58UA%3D%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>trend7tra.nu is on 103.224.182.249<br>ASN for 103.224.182.249: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.182.249 corresponds with lb-182-249.above.com<br>Abuse.net does not have any reliable address for lb-182-249.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-182-249.above.com abuse@above.com1497971084http://ftritidsresor.se/ (103.224.212.197) - Serp-hijackingAttacked url: http://ftritidsresor.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 19 Jun 2017 21:46:45 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT4XKo%2Fgxkdz1Ob7AIytleo7r%2B4l7oFVM7btL7NKjrhHy0VisLWPmQ2b2p%2B8JsnaRNy%2B5qhhBXnwMv1GLPtk0PTw4r0wMotKNCag0Jyf%2F5ZCiieBxu6kp938xk3UZAbmqQJEnMUlKsvjgswbiZVwUpl2ndnncCcaKQVo3za5WCsmjZDiyGMS%2BYPJMAaPt70UKZE9roLeceaGotGUJkqaPuYRf1lDeluBVmENmzZn39DOR1Lllw8FEGXKQzVzhu7mySmgzXVW%2FCpF9cha4qCYMsGq4W7Iqh5JJojW1aPd7SarY7Lo8Pg6jmXaFMpcxPQWsGTCJ23703uRlOejjaV6AKqGdcv2qmnX9Z1m1HByMSIAJCN%2BqMMwBwzFSDs81NMgcnS3oE3HXCGq6NEC4zsyJIf1tqO2zG%2F%2BwXZqJjwkHX%2B3xr4OMy5vwCHFcZKjnMYRKgZZP7RFvQMZiARqzlBZ6gN%2BbjkJHkWKtug0mHsuTT4cY%2FuOAHo0PNYIWXo9Dhj8NPBA0z11RNLqy9%2Fv4GBA52A%2B00YWRnIm8jc1eblqShCEU <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: ftritidsresor.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 19 Jun 2017 19:46:46 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497901606.7370886; expires=Thu, 17-Jun-2027 19:46:46 GMT; Max-Age=315360000 <br>Location: http://ww11.ftritidsresor.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: ftritidsresor.se <br>Referer: http://www.google.com/search?q=ftritidsresor.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 19 Jun 2017 19:46:45 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497901605.1797504; expires=Thu, 17-Jun-2027 19:46:45 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT4XKo%2Fgxkdz1Ob7AIytleo7r%2B4l7oFVM7btL7NKjrhHy0VisLWPmQ2b2p%2B8JsnaRNy%2B5qhhBXnwMv1GLPtk0PTw4r0wMotKNCag0Jyf%2F5ZCiieBxu6kp938xk3UZAbmqQJEnMUlKsvjgswbiZVwUpl2ndnncCcaKQVo3za5WCsmjZDiyGMS%2BYPJMAaPt70UKZE9roLeceaGotGUJkqaPuYRf1lDeluBVmENmzZn39DOR1Lllw8FEGXKQzVzhu7mySmgzXVW%2FCpF9cha4qCYMsGq4W7Iqh5JJojW1aPd7SarY7Lo8Pg6jmXaFMpcxPQWsGTCJ23703uRlOejjaV6AKqGdcv2qmnX9Z1m1HByMSIAJCN%2BqMMwBwzFSDs81NMgcnS3oE3HXCGq6NEC4zsyJIf1tqO2zG%2F%2BwXZqJjwkHX%2B3xr4OMy5vwCHFcZKjnMYRKgZZP7RFvQMZiARqzlBZ6gN%2BbjkJHkWKtug0mHsuTT4cY%2FuOAHo0PNYIWXo9Dhj8NPBA0z11RNLqy9%2Fv4GBA52A%2B00YWRnIm8jc1eblqShCEU <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>ftritidsresor.se is on 103.224.212.197<br>ASN for 103.224.212.197: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.197 corresponds with lb-212-197.above.com<br>Abuse.net does not have any reliable address for lb-212-197.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-212-197.above.com abuse@above.com1497970340http://perbjornson.se/ (103.224.212.187) - Serp-hijackingAttacked url: http://perbjornson.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 19 Jun 2017 21:04:04 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT4XKo%2Fgxkdz14TYvoZOtN6P%2B2gWXaqns1tPNwa%2F1GDCoTzMF3CM3E5lGt7TXiE%2BS9kEfOYIH290dHesG1WKY63xgo5FCd9ppY9pcm39BnuxdLxkg8ZMd2KOIFNAIhHTPoP3NC%2FryccXDfgc0UoUGYPfCqiRck7NBrAsDkxVz6UrAPnnJohE3WWdtho3D3JipsYIptN4lP31Rx9QKFcjoVDeQl%2BLmJuT5Wiq2yoj5RwAFbySG3Qi4kojouZdZQm1bz87rgY8FevnMttJKUcBXDUdXx2vQ0bSm%2FlBu4RB6cA8994b0%2F33tHiDZOCrjwcJGR8B3T7ZbpcJH4iUoWOaK3ooXmeSO%2Bgu2i3RSTg2u4StAUXBM8N8nZHhPqOvSfJxMhXt%2Bf7KDDaeQ6l0liGsZOjewIC1pOTaJtJqye4morHZFVfSCwL0hDxnQf1UZ8b7RS%2FLrcIimCYZBZXSAv5tsGoiUGZvCsNf8id0PKhCBvUdKryuFvOThzwKqztHMZtsgfyOf%2FQ82v%2Fm9Ddi9BgxtG8%2Fz8BlYu5pld7AyEks5FX5%2B <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: perbjornson.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 19 Jun 2017 19:04:05 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497899045.6709859; expires=Thu, 17-Jun-2027 19:04:05 GMT; Max-Age=315360000 <br>Location: http://ww11.perbjornson.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: perbjornson.se <br>Referer: http://www.google.com/search?q=perbjornson.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 19 Jun 2017 19:04:04 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45-0+deb7u8 <br>Set-Cookie: __tad=1497899044.6750725; expires=Thu, 17-Jun-2027 19:04:04 GMT <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT4XKo%2Fgxkdz14TYvoZOtN6P%2B2gWXaqns1tPNwa%2F1GDCoTzMF3CM3E5lGt7TXiE%2BS9kEfOYIH290dHesG1WKY63xgo5FCd9ppY9pcm39BnuxdLxkg8ZMd2KOIFNAIhHTPoP3NC%2FryccXDfgc0UoUGYPfCqiRck7NBrAsDkxVz6UrAPnnJohE3WWdtho3D3JipsYIptN4lP31Rx9QKFcjoVDeQl%2BLmJuT5Wiq2yoj5RwAFbySG3Qi4kojouZdZQm1bz87rgY8FevnMttJKUcBXDUdXx2vQ0bSm%2FlBu4RB6cA8994b0%2F33tHiDZOCrjwcJGR8B3T7ZbpcJH4iUoWOaK3ooXmeSO%2Bgu2i3RSTg2u4StAUXBM8N8nZHhPqOvSfJxMhXt%2Bf7KDDaeQ6l0liGsZOjewIC1pOTaJtJqye4morHZFVfSCwL0hDxnQf1UZ8b7RS%2FLrcIimCYZBZXSAv5tsGoiUGZvCsNf8id0PKhCBvUdKryuFvOThzwKqztHMZtsgfyOf%2FQ82v%2Fm9Ddi9BgxtG8%2Fz8BlYu5pld7AyEks5FX5%2B <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>perbjornson.se is on 103.224.212.187<br>ASN for 103.224.212.187: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.187 corresponds with lb-212-187.above.com<br>Abuse.net does not have any reliable address for lb-212-187.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-212-187.above.com abuse@above.com1497970321http://tticnet.se/ (103.224.212.199) - Serp-hijackingAttacked url: http://tticnet.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 19 Jun 2017 18:02:34 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT4XKo%2Fgxkdz1L8mnv6g9K9twPtIu2%2BkZC%2B4KEj8h57FARXc%2BOveXaJ2eqFqqyH2dH9xSIL4%2FblIl0FJaj%2FNwFbSF%2BlyOHjEqHrY%2Ff2kzM94xaaxF3pLQY4QuhDKJrLX6wfpTF4DlfhjC3wpy51BX4OmFeVd4AmrJaavBzZNLwPrxjjSQZ66AeBoGrwjJRvTnTToIrcZj9AE9blogJu01ELjcOoRZSxlsaTfAUWcsLzE%2Fn4xgGsYrCIezZrmp9E95jDyeR4llwuR4Fycnpm4jQZ9y8Pt9ey9RX5rvgpiYesYoisD4%2F3WjPyQxOEvfdxeM%2FRxihQx7%2BiEGiJzEyZSfoNe%2FXIUk%2FkWbqjeIzxDBdmvhu6qRInJolGYevOksZXMlkj3g1A6GqcTGaxjeHc4pew3RIukgcnysnAVsnsxDU3%2BrVQD9mCVPu2izzdM%2B%2Bunua38B6WSt3YJ8gJZ0PV3x6lFDzxYXnea3VyVRb4JsaT5bzCRBJjxEgCEsyOrwELXP4ANsX2%2F4KbDmOMBqc%2FgDFCA%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: tticnet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 19 Jun 2017 16:02:34 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497888154.4175290; expires=Thu, 17-Jun-2027 16:02:34 GMT; Max-Age=315360000 <br>Location: http://ww11.tticnet.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: tticnet.se <br>Referer: http://www.google.com/search?q=tticnet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 19 Jun 2017 16:02:33 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45-0+deb7u8 <br>Set-Cookie: __tad=1497888153.4270890; expires=Thu, 17-Jun-2027 16:02:33 GMT <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT4XKo%2Fgxkdz1L8mnv6g9K9twPtIu2%2BkZC%2B4KEj8h57FARXc%2BOveXaJ2eqFqqyH2dH9xSIL4%2FblIl0FJaj%2FNwFbSF%2BlyOHjEqHrY%2Ff2kzM94xaaxF3pLQY4QuhDKJrLX6wfpTF4DlfhjC3wpy51BX4OmFeVd4AmrJaavBzZNLwPrxjjSQZ66AeBoGrwjJRvTnTToIrcZj9AE9blogJu01ELjcOoRZSxlsaTfAUWcsLzE%2Fn4xgGsYrCIezZrmp9E95jDyeR4llwuR4Fycnpm4jQZ9y8Pt9ey9RX5rvgpiYesYoisD4%2F3WjPyQxOEvfdxeM%2FRxihQx7%2BiEGiJzEyZSfoNe%2FXIUk%2FkWbqjeIzxDBdmvhu6qRInJolGYevOksZXMlkj3g1A6GqcTGaxjeHc4pew3RIukgcnysnAVsnsxDU3%2BrVQD9mCVPu2izzdM%2B%2Bunua38B6WSt3YJ8gJZ0PV3x6lFDzxYXnea3VyVRb4JsaT5bzCRBJjxEgCEsyOrwELXP4ANsX2%2F4KbDmOMBqc%2FgDFCA%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>tticnet.se is on 103.224.212.199<br>ASN for 103.224.212.199: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.199 corresponds with lb-212-199.above.com<br>Abuse.net does not have any reliable address for lb-212-199.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-212-199.above.com abuse@above.com1497970214http://flaskorochburkar.se/ (103.224.212.187) - Serp-hijackingAttacked url: http://flaskorochburkar.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 19 Jun 2017 08:24:08 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT9c2HXXKlhVj1x9uF1dOcGFa4BJrmvun2SAF%2Frk2cI2gx4LsId9Tctzxd4Mogs489zRRQS7OdPcV7Wbn8Hww4kWr%2BF6D%2B8i6uWXV7gTaPqxz51wZbeQTjC1iUnYYRXcUnmAoZ2jjNrSIRBpRrlLrid0DvD1K76sRsHxGwdbyHLij1JnGOIvU%2Bzj7yAle38lVA5Kv0fkLzEkxSIzOZllt5RgKIAeHPecRAkNnVX%2F8ASEFFRWmZFcuMkrm2nS9hCGXaFycP0UJN5VvtgeplFiOnRb4yI%2BGV7x8N%2BJjzzEbJ6RfXeVC0fHhVRvziaM%2FPskxNTc6eQOph7IZuYk4v2MsoXv0rPckmRW9%2BF6WGdF1JRACXrujTSwbpuJpoUcuyO51d2%2FsFUmsWBrVROYvkCwwPmYM9MPqanY%2F1lbF1e%2FCV1N2UHXcMjxDD00BNyb26JPWJ3gLQvB5haO%2BM3a%2F%2BgO0Vyz7I15J4K52l0rRVICq69S8aQWK1kTqd6aUHLrxT%2FkzBPjx2UR%2FW9hxtq8y398oqNu1QkbRbfjLS9Aez%2F1voPKbtALlNsd56keKhspAp%2Fl8dq4Fyu5ZQ1JjzyplXXYhFSE%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: flaskorochburkar.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 19 Jun 2017 06:24:09 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497853449.5930172; expires=Thu, 17-Jun-2027 06:24:09 GMT; Max-Age=315360000 <br>Location: http://ww11.flaskorochburkar.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: flaskorochburkar.se <br>Referer: http://www.google.com/search?q=flaskorochburkar.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 19 Jun 2017 06:24:08 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497853448.7344386; expires=Thu, 17-Jun-2027 06:24:08 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT9c2HXXKlhVj1x9uF1dOcGFa4BJrmvun2SAF%2Frk2cI2gx4LsId9Tctzxd4Mogs489zRRQS7OdPcV7Wbn8Hww4kWr%2BF6D%2B8i6uWXV7gTaPqxz51wZbeQTjC1iUnYYRXcUnmAoZ2jjNrSIRBpRrlLrid0DvD1K76sRsHxGwdbyHLij1JnGOIvU%2Bzj7yAle38lVA5Kv0fkLzEkxSIzOZllt5RgKIAeHPecRAkNnVX%2F8ASEFFRWmZFcuMkrm2nS9hCGXaFycP0UJN5VvtgeplFiOnRb4yI%2BGV7x8N%2BJjzzEbJ6RfXeVC0fHhVRvziaM%2FPskxNTc6eQOph7IZuYk4v2MsoXv0rPckmRW9%2BF6WGdF1JRACXrujTSwbpuJpoUcuyO51d2%2FsFUmsWBrVROYvkCwwPmYM9MPqanY%2F1lbF1e%2FCV1N2UHXcMjxDD00BNyb26JPWJ3gLQvB5haO%2BM3a%2F%2BgO0Vyz7I15J4K52l0rRVICq69S8aQWK1kTqd6aUHLrxT%2FkzBPjx2UR%2FW9hxtq8y398oqNu1QkbRbfjLS9Aez%2F1voPKbtALlNsd56keKhspAp%2Fl8dq4Fyu5ZQ1JjzyplXXYhFSE%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>flaskorochburkar.se is on 103.224.212.187<br>ASN for 103.224.212.187: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.187 corresponds with lb-212-187.above.com<br>Abuse.net does not have any reliable address for lb-212-187.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-187.above.com1497853629http://spedparts.se/ (103.224.212.185) - Serp-hijackingAttacked url: http://spedparts.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 19 Jun 2017 07:44:38 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT9c2HXXKlhVjjRNQqSXNhDJnYDupGWWnU8TKTrtQ80t%2FLtnneiujc9EAT73kX%2BlW7gGIfWpg6r1svJguq%2BWrWKc5%2FZrbsDAye0KXNlm4w%2Bj2milTxQxSIRB3Mxbqh%2Fbo3v%2BYHhqYU81o3Ij8kgJQUl%2ByQ13f9IGFWMBKothdBxNVQLebm35iNCv%2B6J3BE8UnchCfV9CDFnrivmzh9BmID0t%2FLNxldaS0QNhoU20z2JmIpUul3NOKXwViJnVHOdBWIQwXazhUGWuFYIlsmuE88uJT8WOqXmTPjWcCKT4uV%2BNZBpWYNKVZLk%2FbEuwhA2%2BTEjCSpmvJDjbO0WCflDM4cRxaIPBtkIzmxC2duG%2F0SuSHgDV0Pj3dXAMOgfbcfDAjHcxXGJ5uwHqT%2F1GacIoEn4ITNopi9cYmA%2BP9vGpYX%2BiDQvQnuoc6TK8jQ4OrRJJdcL2qGW82%2B1ufj6tCSmYgZ4vdL80V6%2BPf6FPQYyOiq6SKd%2B%2FHjyC3OYwDlDTlY7ER99KhToKyw2lACsPfOJg89Ys%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: spedparts.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 19 Jun 2017 05:44:38 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497851078.2552990; expires=Thu, 17-Jun-2027 05:44:38 GMT; Max-Age=315360000 <br>Location: http://ww11.spedparts.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: spedparts.se <br>Referer: http://www.google.com/search?q=spedparts.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 19 Jun 2017 05:44:37 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497851077.3096354; expires=Thu, 17-Jun-2027 05:44:37 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT9c2HXXKlhVjjRNQqSXNhDJnYDupGWWnU8TKTrtQ80t%2FLtnneiujc9EAT73kX%2BlW7gGIfWpg6r1svJguq%2BWrWKc5%2FZrbsDAye0KXNlm4w%2Bj2milTxQxSIRB3Mxbqh%2Fbo3v%2BYHhqYU81o3Ij8kgJQUl%2ByQ13f9IGFWMBKothdBxNVQLebm35iNCv%2B6J3BE8UnchCfV9CDFnrivmzh9BmID0t%2FLNxldaS0QNhoU20z2JmIpUul3NOKXwViJnVHOdBWIQwXazhUGWuFYIlsmuE88uJT8WOqXmTPjWcCKT4uV%2BNZBpWYNKVZLk%2FbEuwhA2%2BTEjCSpmvJDjbO0WCflDM4cRxaIPBtkIzmxC2duG%2F0SuSHgDV0Pj3dXAMOgfbcfDAjHcxXGJ5uwHqT%2F1GacIoEn4ITNopi9cYmA%2BP9vGpYX%2BiDQvQnuoc6TK8jQ4OrRJJdcL2qGW82%2B1ufj6tCSmYgZ4vdL80V6%2BPf6FPQYyOiq6SKd%2B%2FHjyC3OYwDlDTlY7ER99KhToKyw2lACsPfOJg89Ys%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>spedparts.se is on 103.224.212.185<br>ASN for 103.224.212.185: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.185 corresponds with lb-212-185.above.com<br>Abuse.net does not have any reliable address for lb-212-185.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-212-185.above.com abuse@above.com1497853628http://blul.se/ (103.224.212.185) - Serp-hijackingAttacked url: http://blul.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 19 Jun 2017 07:23:21 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT9c2HXXKlhVjUcvatu8ol5OvITisoyQOepVo8dVIX5XRY95boNxRqXe%2Fdj5G3oNs6oQKl5uDVlAi74KUFMUt3nOetYOeXobLQVxXabkf5j8QRL5urVgHvjtPWDLH1DyLmus7GtaoQ98QpXmAwU6syupT%2BPW8qHodRxnq30%2FvntJoMkI2u7yaV8%2BGZArrpIOOXCmW2eGWOunJlw8SxJ%2FZKnZn3Pnr15DnLO8wz8abPd2XKwePzXfyaW5FScXUzNTZOsEmEzKSnb82ZU4PKWETxQUG%2FRGViwnDPS%2BSyZ1SqdriF7dEUg7V%2B7U67lyfKha73ih79LkIjr01FEBuDRTQJoTk4wAsiNoF7ngh3EC8S4PzBUMA1R7RtOtL8aNJzzH7j3COfJCRJN0vTCF5ebSI3VPoTVF83ch29MvLYG8jypgDKaYN67T9LQKFg%2Bs8iVPuCDeTej8WJ5mlWrr2Cy5ZnRKgf2EQ%2BXBe0Dj81wZBcvJRIiUUh4A63Bmt2IAgyQaUBer4sqLBoFSu <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: blul.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 19 Jun 2017 05:23:21 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497849801.7066559; expires=Thu, 17-Jun-2027 05:23:21 GMT; Max-Age=315360000 <br>Location: http://ww11.blul.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: blul.se <br>Referer: http://www.google.com/search?q=blul.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 19 Jun 2017 05:23:20 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497849800.8999197; expires=Thu, 17-Jun-2027 05:23:20 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT9c2HXXKlhVjUcvatu8ol5OvITisoyQOepVo8dVIX5XRY95boNxRqXe%2Fdj5G3oNs6oQKl5uDVlAi74KUFMUt3nOetYOeXobLQVxXabkf5j8QRL5urVgHvjtPWDLH1DyLmus7GtaoQ98QpXmAwU6syupT%2BPW8qHodRxnq30%2FvntJoMkI2u7yaV8%2BGZArrpIOOXCmW2eGWOunJlw8SxJ%2FZKnZn3Pnr15DnLO8wz8abPd2XKwePzXfyaW5FScXUzNTZOsEmEzKSnb82ZU4PKWETxQUG%2FRGViwnDPS%2BSyZ1SqdriF7dEUg7V%2B7U67lyfKha73ih79LkIjr01FEBuDRTQJoTk4wAsiNoF7ngh3EC8S4PzBUMA1R7RtOtL8aNJzzH7j3COfJCRJN0vTCF5ebSI3VPoTVF83ch29MvLYG8jypgDKaYN67T9LQKFg%2Bs8iVPuCDeTej8WJ5mlWrr2Cy5ZnRKgf2EQ%2BXBe0Dj81wZBcvJRIiUUh4A63Bmt2IAgyQaUBer4sqLBoFSu <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>blul.se is on 103.224.212.185<br>ASN for 103.224.212.185: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.185 corresponds with lb-212-185.above.com<br>Abuse.net does not have any reliable address for lb-212-185.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-185.above.com1497853626http://dxa.se/ (103.224.212.185) - Serp-hijackingAttacked url: http://dxa.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 19 Jun 2017 07:04:25 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT9c2HXXKlhVjgOcReg45Hw2yXCaxTF6MJZioTmDQTI9j9XUnT9g7BSux5lH7mnIlU%2BIVHCDN4I2Orx0cm4386L1oWcugee2t3XfmkuxS7Yr1eU%2BDhiGzrHXrH7QTN%2B%2FTgX5pjpC%2FAk6FU2TWNGXcSfcVg%2FAcSdxby7etKK5zU6MT79FjrDsF5dCeFfwRPkG3kkIblHE5cmWpkL8Ypdh%2BIhYE9d7HeKFsS8VAs6VgQhstd4CVWVVGE6hUbjXD1hoCiCDRrkWiNOwNOewc4NAkdJdj1M0xY2NUbOyqHv9mWAKnwq6GTCLeRsVvMgstzW%2ByjYtZEYLrS8qktpR6exUNIQEQFtqDyQGFad%2Bs9iCUggJlnwzc8F%2BKJeJiF0Ulxt05B%2FJaCO%2FVh8sCeF4fSCtU1VPmqzvcna9iIjGif%2Fw5d78sJ%2FJaIF4dTmDAWqJwixppHIc9Lgro%2FQ4IgyseB%2B04wkhevsLxfW%2BbU9zLvgHDd%2BWmItdMeFTtZwTnv%2Bc1L0PrImlmzj4pBxq%2F <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: dxa.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 19 Jun 2017 05:04:25 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497848665.2595405; expires=Thu, 17-Jun-2027 05:04:25 GMT; Max-Age=315360000 <br>Location: http://ww11.dxa.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: dxa.se <br>Referer: http://www.google.com/search?q=dxa.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 19 Jun 2017 05:04:24 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497848664.2235959; expires=Thu, 17-Jun-2027 05:04:24 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT9c2HXXKlhVjgOcReg45Hw2yXCaxTF6MJZioTmDQTI9j9XUnT9g7BSux5lH7mnIlU%2BIVHCDN4I2Orx0cm4386L1oWcugee2t3XfmkuxS7Yr1eU%2BDhiGzrHXrH7QTN%2B%2FTgX5pjpC%2FAk6FU2TWNGXcSfcVg%2FAcSdxby7etKK5zU6MT79FjrDsF5dCeFfwRPkG3kkIblHE5cmWpkL8Ypdh%2BIhYE9d7HeKFsS8VAs6VgQhstd4CVWVVGE6hUbjXD1hoCiCDRrkWiNOwNOewc4NAkdJdj1M0xY2NUbOyqHv9mWAKnwq6GTCLeRsVvMgstzW%2ByjYtZEYLrS8qktpR6exUNIQEQFtqDyQGFad%2Bs9iCUggJlnwzc8F%2BKJeJiF0Ulxt05B%2FJaCO%2FVh8sCeF4fSCtU1VPmqzvcna9iIjGif%2Fw5d78sJ%2FJaIF4dTmDAWqJwixppHIc9Lgro%2FQ4IgyseB%2B04wkhevsLxfW%2BbU9zLvgHDd%2BWmItdMeFTtZwTnv%2Bc1L0PrImlmzj4pBxq%2F <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>dxa.se is on 103.224.212.185<br>ASN for 103.224.212.185: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.185 corresponds with lb-212-185.above.com<br>Abuse.net does not have any reliable address for lb-212-185.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-185.above.com1497853624http://isoo.se/ (103.224.212.188) - Serp-hijackingAttacked url: http://isoo.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 19 Jun 2017 06:50:16 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT9c2HXXKlhVjAZ8lVVIZg8NXRo%2Bq8NznUHnkmxwZb6XJiua9%2FvG0dXld4vnMMz0aSkIqCc9J%2BZpy8dxxaeiM2O4GHrLpOows3YO%2FnrBK8rV0iGxeKODnCNaYaUnd2uOoTdkROYjcEaUc29Wxec7IRI%2BGfb4PYyXToY8RcM7snlHkCv%2FWIqrdDFHz026eVg5TqjlmPYzbRgHmP2aIWSaK0vWoc%2Fu7Fz8wiwzISFRXCfOo8dUh5F8TxbbnulxWOq78YO%2F7dctAZo6YQXb2ZIxm4%2B3Kgf8ZcCHMizDtyFycKsuy0a4zJ3mmHDUkXnJb%2Fr0ZQ9eCBTi9eZNuNcAPmoA6%2FJtl1dTiUjBMoyDNRgg4XSf7ImK7Epx7PEC%2BeoJTzcxseEPLdylSq5KNLP4Z2VyVPznu4Z8rA%2BiFjYGXWyblVF86Zv%2FbKwm88rs7btuNzmK58KfKCJET%2Fkp2dEsiQTQfKTCt15492X2BzKmDwI%2FcdEW2A5fMWyqqIIc1Rv7YHUx1A2gIRAT1eJf8 <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: isoo.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 19 Jun 2017 04:50:17 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497847817.7685911; expires=Thu, 17-Jun-2027 04:50:17 GMT; Max-Age=315360000 <br>Location: http://ww11.isoo.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: isoo.se <br>Referer: http://www.google.com/search?q=isoo.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 19 Jun 2017 04:50:16 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497847816.8439171; expires=Thu, 17-Jun-2027 04:50:16 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT9c2HXXKlhVjAZ8lVVIZg8NXRo%2Bq8NznUHnkmxwZb6XJiua9%2FvG0dXld4vnMMz0aSkIqCc9J%2BZpy8dxxaeiM2O4GHrLpOows3YO%2FnrBK8rV0iGxeKODnCNaYaUnd2uOoTdkROYjcEaUc29Wxec7IRI%2BGfb4PYyXToY8RcM7snlHkCv%2FWIqrdDFHz026eVg5TqjlmPYzbRgHmP2aIWSaK0vWoc%2Fu7Fz8wiwzISFRXCfOo8dUh5F8TxbbnulxWOq78YO%2F7dctAZo6YQXb2ZIxm4%2B3Kgf8ZcCHMizDtyFycKsuy0a4zJ3mmHDUkXnJb%2Fr0ZQ9eCBTi9eZNuNcAPmoA6%2FJtl1dTiUjBMoyDNRgg4XSf7ImK7Epx7PEC%2BeoJTzcxseEPLdylSq5KNLP4Z2VyVPznu4Z8rA%2BiFjYGXWyblVF86Zv%2FbKwm88rs7btuNzmK58KfKCJET%2Fkp2dEsiQTQfKTCt15492X2BzKmDwI%2FcdEW2A5fMWyqqIIc1Rv7YHUx1A2gIRAT1eJf8 <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>isoo.se is on 103.224.212.188<br>ASN for 103.224.212.188: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.188 corresponds with lb-212-188.above.com<br>Abuse.net does not have any reliable address for lb-212-188.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-212-188.above.com abuse@above.com1497853618http://prisejakt.se/ (103.224.212.188) - Serp-hijackingAttacked url: http://prisejakt.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 19 Jun 2017 05:38:32 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT9c2HXXKlhVjBfHj7lk9LrYplL7lD%2FuXDq50v9qdETEoEtI6fiJRGeOjVlG5QCJmeODhbgJNogK8S6h%2B8PXM5KLKk5%2Bq9g0poYHXgQhAu2rAYRYKy0NQvsh22Qx0kWrTdLGBnYgPYG27nIKgddgsX%2BUVOJYEUygLLY76I5yG6HFX8E1%2Bi01N%2BQ%2F5o7i1YrXYrl9oDefEtNdPJ%2BNYkOUy3mEubpMB3Vi8F%2B5Fv6fQ%2B6BAQtFSOO3dbmQsZr904JqT9tMbtY1Yw3c7PQhH0sAxlSAIId7dPV4Tg1B%2BpTxPHOTbIoQQuI4I6BN4DTfTQUkWKuHJ8A4uYBQZAE3gIlfOmLb8GuYUQMvzs17XhJYrdoiRM0YJBXRR4Cub5A2NN9EReozaTS%2FAJP3TpMI%2F1jyPHpKBiiEu1IV6di7vnvvTGmMUcgAdkJTfIIiNvcXfjXys0vF1ZeWaTeCRuQbhQG%2FRU9ouwnDfCm9TNfevcnr1N%2Ftw8J9WRo3A%2BigTa0d2iJpmmUdln0dpTA9zZDjqHrMFydrBE4Y7yKCA81YpknJEqpdP <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: prisejakt.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 19 Jun 2017 03:38:33 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497843513.3858640; expires=Thu, 17-Jun-2027 03:38:33 GMT; Max-Age=315360000 <br>Location: http://ww38.prisejakt.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: prisejakt.se <br>Referer: http://www.google.com/search?q=prisejakt.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 19 Jun 2017 03:38:32 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497843512.3887863; expires=Thu, 17-Jun-2027 03:38:32 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT9c2HXXKlhVjBfHj7lk9LrYplL7lD%2FuXDq50v9qdETEoEtI6fiJRGeOjVlG5QCJmeODhbgJNogK8S6h%2B8PXM5KLKk5%2Bq9g0poYHXgQhAu2rAYRYKy0NQvsh22Qx0kWrTdLGBnYgPYG27nIKgddgsX%2BUVOJYEUygLLY76I5yG6HFX8E1%2Bi01N%2BQ%2F5o7i1YrXYrl9oDefEtNdPJ%2BNYkOUy3mEubpMB3Vi8F%2B5Fv6fQ%2B6BAQtFSOO3dbmQsZr904JqT9tMbtY1Yw3c7PQhH0sAxlSAIId7dPV4Tg1B%2BpTxPHOTbIoQQuI4I6BN4DTfTQUkWKuHJ8A4uYBQZAE3gIlfOmLb8GuYUQMvzs17XhJYrdoiRM0YJBXRR4Cub5A2NN9EReozaTS%2FAJP3TpMI%2F1jyPHpKBiiEu1IV6di7vnvvTGmMUcgAdkJTfIIiNvcXfjXys0vF1ZeWaTeCRuQbhQG%2FRU9ouwnDfCm9TNfevcnr1N%2Ftw8J9WRo3A%2BigTa0d2iJpmmUdln0dpTA9zZDjqHrMFydrBE4Y7yKCA81YpknJEqpdP <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>prisejakt.se is on 103.224.212.188<br>ASN for 103.224.212.188: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.188 corresponds with lb-212-188.above.com<br>Abuse.net does not have any reliable address for lb-212-188.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-188.above.com1497853607http://hemment.se/ (103.224.212.198) - Serp-hijackingAttacked url: http://hemment.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 19 Jun 2017 05:20:41 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT9c2HXXKlhVjIeAYDFgchMrHEUHSKYWUPC2LH%2B1SOiiFksJRJPsMXDAWiUYBdwTPYDOzZ29c1jdQkZiGokZDUnRXYmZVUpmZxIZRJd4JgESTgo9J4111254DRJONmXTdt0592TFKxxJ250nUuTGSnCjAK528QVUYrcdJn5NZz1%2FBf9K0eFNmSl6BowXNLbt6JGzuuzBPvqJB8EXSzPm8APaKPcYPkYQTJeLKs%2BTdLa41%2B1eyDbqfZ50%2BFv1UPmwMRpwcvu7jwMH%2B%2Fi9zqEc84JYwMaDFoZh6Gt9M7tfnDQjNxv6I6mmxCxP1HyxrX5WkDlPrGqZF4IZnN%2Bfx%2FwaWkK%2BXeZCgBSTtygJHr9GQGu2oPlNdqoyIktugvjoxpQd%2F48ePMGOhIgVRrRT%2FkbCLEgf1pVGPqYpyAc3oyBgNc540dhmelxHpAA0XEIPlc5RZCsrj%2FOQvigCylhix2yUihugSYR10l2QIpSCgcLHWJS7OS%2Fu7JSX6m5qvHEq1BHegGn1CwVEtx2ZBLvWPFJQf9XFF8M0CtycrpQ%3D%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: hemment.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 19 Jun 2017 03:20:42 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45-0+deb7u8 <br>Set-Cookie: __tad=1497842442.6700011; expires=Thu, 17-Jun-2027 03:20:42 GMT <br>Location: http://ww11.hemment.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: hemment.se <br>Referer: http://www.google.com/search?q=hemment.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 19 Jun 2017 03:20:41 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45-0+deb7u8 <br>Set-Cookie: __tad=1497842441.4701028; expires=Thu, 17-Jun-2027 03:20:41 GMT <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT9c2HXXKlhVjIeAYDFgchMrHEUHSKYWUPC2LH%2B1SOiiFksJRJPsMXDAWiUYBdwTPYDOzZ29c1jdQkZiGokZDUnRXYmZVUpmZxIZRJd4JgESTgo9J4111254DRJONmXTdt0592TFKxxJ250nUuTGSnCjAK528QVUYrcdJn5NZz1%2FBf9K0eFNmSl6BowXNLbt6JGzuuzBPvqJB8EXSzPm8APaKPcYPkYQTJeLKs%2BTdLa41%2B1eyDbqfZ50%2BFv1UPmwMRpwcvu7jwMH%2B%2Fi9zqEc84JYwMaDFoZh6Gt9M7tfnDQjNxv6I6mmxCxP1HyxrX5WkDlPrGqZF4IZnN%2Bfx%2FwaWkK%2BXeZCgBSTtygJHr9GQGu2oPlNdqoyIktugvjoxpQd%2F48ePMGOhIgVRrRT%2FkbCLEgf1pVGPqYpyAc3oyBgNc540dhmelxHpAA0XEIPlc5RZCsrj%2FOQvigCylhix2yUihugSYR10l2QIpSCgcLHWJS7OS%2Fu7JSX6m5qvHEq1BHegGn1CwVEtx2ZBLvWPFJQf9XFF8M0CtycrpQ%3D%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>hemment.se is on 103.224.212.198<br>ASN for 103.224.212.198: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.198 corresponds with lb-212-198.above.com<br>Abuse.net does not have any reliable address for lb-212-198.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-198.above.com1497853560http://fotballskanalen.se/ (103.224.212.186) - Serp-hijackingAttacked url: http://fotballskanalen.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 19 Jun 2017 05:12:38 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT9c2HXXKlhVj9%2BjeSF9LDnLtc2d30z%2BB5D5VslUU3KxI9Mf0LVQitqrgjmZNOChMADzffhPFMpqy%2Fp9s6p%2FFB%2FLMfaLcG3OBtX49gGdQxBm98TH5BDpXUalvw22kCoCE63XNYlogQNW%2BoiUroMzXdr1OhroUdQ79yX0Zpo7TzwzgmZm1JXGZHMTyvGjIhKAywEtzKgmudLCJjos3mVlRoiO%2FUGBdTwtuYnAPs5VfJxXNqjIfPxFmAdsE6KHKqD5rFzbfXzad62Fl6D0HGlhcUiReJ7Ce4yhZEtcGf0ZCBg02U07URTJA%2BQIIA1%2BFUAj2T1LAo%2FBMDhxoNY5H8yVAbb1f04aK9Yh487LxG%2FhgDcQKc%2Fg%2B0pa%2B7MD3LhZ7FaR84zk%2F7yK9DD5oN7F31AwSGgVCKWMtBfoMkjlsoH6MRLitdioDWlchpniuxFVYqnT3BmiLJ7Z1OzyIrHJ6G7emEuyFWbAxKERcquEH30KMelNlMY1P7nOO7C7ZTQhwerMNZWfH8i4rPuUFWIvT%2FkaBClkpm6VX%2BSb7wVxsndOgdechj5bJAofX1KE%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: fotballskanalen.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 19 Jun 2017 03:12:38 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45-0+deb7u8 <br>Set-Cookie: __tad=1497841958.4540948; expires=Thu, 17-Jun-2027 03:12:38 GMT <br>Location: http://ww38.fotballskanalen.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: fotballskanalen.se <br>Referer: http://www.google.com/search?q=fotballskanalen.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 19 Jun 2017 03:12:37 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45-0+deb7u8 <br>Set-Cookie: __tad=1497841957.6038958; expires=Thu, 17-Jun-2027 03:12:37 GMT <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT9c2HXXKlhVj9%2BjeSF9LDnLtc2d30z%2BB5D5VslUU3KxI9Mf0LVQitqrgjmZNOChMADzffhPFMpqy%2Fp9s6p%2FFB%2FLMfaLcG3OBtX49gGdQxBm98TH5BDpXUalvw22kCoCE63XNYlogQNW%2BoiUroMzXdr1OhroUdQ79yX0Zpo7TzwzgmZm1JXGZHMTyvGjIhKAywEtzKgmudLCJjos3mVlRoiO%2FUGBdTwtuYnAPs5VfJxXNqjIfPxFmAdsE6KHKqD5rFzbfXzad62Fl6D0HGlhcUiReJ7Ce4yhZEtcGf0ZCBg02U07URTJA%2BQIIA1%2BFUAj2T1LAo%2FBMDhxoNY5H8yVAbb1f04aK9Yh487LxG%2FhgDcQKc%2Fg%2B0pa%2B7MD3LhZ7FaR84zk%2F7yK9DD5oN7F31AwSGgVCKWMtBfoMkjlsoH6MRLitdioDWlchpniuxFVYqnT3BmiLJ7Z1OzyIrHJ6G7emEuyFWbAxKERcquEH30KMelNlMY1P7nOO7C7ZTQhwerMNZWfH8i4rPuUFWIvT%2FkaBClkpm6VX%2BSb7wVxsndOgdechj5bJAofX1KE%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>fotballskanalen.se is on 103.224.212.186<br>ASN for 103.224.212.186: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.186 corresponds with lb-212-186.above.com<br>Abuse.net does not have any reliable address for lb-212-186.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-212-186.above.com abuse@above.com1497853558http://sharpminds.se/ (103.224.212.189) - Serp-hijackingAttacked url: http://sharpminds.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 19 Jun 2017 03:16:10 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT9c2HXXKlhVjF3Y5Un8ruz%2FT3%2B4mkAZNFI%2B%2B8pElx%2BJBy0KHSCiNxpsABugLRoyDnAP5zFd2s8gbk%2FRsVY7PtfxFMcXlJV1Sdy1nYXZMPXqv2x6DDSvL%2FDbzLlFJ9ozeEqn%2F9rQ9KCg%2FKSnQUU3PUOrc6ZTb%2FLhbJOt9qThlgHCMovDBP4ZwT%2BatX%2FSjcs%2B51ovlNKRe1kFH4EP2kRGCtiulea2eUGjkcutA4uEqXbfRi%2BBJk5mVy4F7DYCe9JdBODL3kVqfuSspJDY1K11G8szYBSmgs87JTSjyaYbqvqM85acH0rLyL25Hy0OAyaapKAb3WdBI%2FMGYimhtdsRJyMQBKvPvU0QAu28FDa3wKppSr4lyZJawHoH8rM624oIcL6SzJpYsFiZCAiBLGGmew1tgbRxTlyVQnJlIKs2onYHNE9W3yY1EuaZFuxmOyeiP5%2BNoIqVPlBXY%2BFGJYFZPzi4owrjjsbANW28U%2BPLSO5%2F9yyqtQA3TmD0yCnNKs1U2SdWRQsP4nVT%2BasRUQ05X%2BOWbG75nCiRzoWsp9sjhlB%2Ba <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: sharpminds.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 19 Jun 2017 01:16:09 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45-0+deb7u8 <br>Set-Cookie: __tad=1497834970.3275134; expires=Thu, 17-Jun-2027 01:16:10 GMT <br>Location: http://ww11.sharpminds.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: sharpminds.se <br>Referer: http://www.google.com/search?q=sharpminds.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 19 Jun 2017 01:16:08 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497834968.1317616; expires=Thu, 17-Jun-2027 01:16:08 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT9c2HXXKlhVjF3Y5Un8ruz%2FT3%2B4mkAZNFI%2B%2B8pElx%2BJBy0KHSCiNxpsABugLRoyDnAP5zFd2s8gbk%2FRsVY7PtfxFMcXlJV1Sdy1nYXZMPXqv2x6DDSvL%2FDbzLlFJ9ozeEqn%2F9rQ9KCg%2FKSnQUU3PUOrc6ZTb%2FLhbJOt9qThlgHCMovDBP4ZwT%2BatX%2FSjcs%2B51ovlNKRe1kFH4EP2kRGCtiulea2eUGjkcutA4uEqXbfRi%2BBJk5mVy4F7DYCe9JdBODL3kVqfuSspJDY1K11G8szYBSmgs87JTSjyaYbqvqM85acH0rLyL25Hy0OAyaapKAb3WdBI%2FMGYimhtdsRJyMQBKvPvU0QAu28FDa3wKppSr4lyZJawHoH8rM624oIcL6SzJpYsFiZCAiBLGGmew1tgbRxTlyVQnJlIKs2onYHNE9W3yY1EuaZFuxmOyeiP5%2BNoIqVPlBXY%2BFGJYFZPzi4owrjjsbANW28U%2BPLSO5%2F9yyqtQA3TmD0yCnNKs1U2SdWRQsP4nVT%2BasRUQ05X%2BOWbG75nCiRzoWsp9sjhlB%2Ba <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>sharpminds.se is on 103.224.212.189<br>ASN for 103.224.212.189: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.189 corresponds with lb-212-189.above.com<br>Abuse.net does not have any reliable address for lb-212-189.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-189.above.com1497853547http://christina-aguilera.nu/ (103.224.182.249) - Serp-hijackingAttacked url: http://christina-aguilera.nu/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 19 Jun 2017 02:42:58 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT9c2HXXKlhVjyecYeRbyGG%2BvX0m4jYju3btOinrsg5SYMmTfE6EO5FWwvrP3bZeRf%2BW0OPMkA%2BKVns%2FPxdRZW3h8tGfVrzFRzh1rQWBglrsqikMe8Q2j6h9OFP9N7ibUDdiOhTF9RRU9bpfAyOv%2FlgnDQTTOpUmaQGvh4s0581h8FUwJq2lXTFZWHFXORjY0VG6VuXqGqVqR18TBR3MpzLEbaLfacey4wh%2Ban8Piawip23Kn%2B5qvC7ybIqENGnVuBGgJ1Gm8tNiUHR8kpQPe%2B9PUYcv1iAFsM3cDAqsQlCHbi0mimv8lEw8dpY3t5lL5DgBumJvBa4WrCHtMGZoaojTLBLc1bNVYiof0exp8%2B8p8MdCgNMwDlGljbGfuD2ykoND%2Fx1UWOzeCllML2DdeLGpcwSHfOpJTXxjkN2mongoiInv6S49fGQEhvfdTQ89kwosG9PdtU0XjaI6fmpWwac2JDGx5Om0AtpWGPihLXyA906EPFIyRbpSohksOk7VNy50Vb3bwngdXOEek0iw5ceeQEMVJQolFsyLbWrEatVNIlolLuRzVvfmcG0BKDiF9Q8W1J9N8Jcsg <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: christina-aguilera.nu <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 19 Jun 2017 00:42:58 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45-0+deb7u8 <br>Set-Cookie: __tad=1497832978.4204740; expires=Thu, 17-Jun-2027 00:42:58 GMT <br>Location: http://ww11.christina-aguilera.nu/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: christina-aguilera.nu <br>Referer: http://www.google.com/search?q=christina-aguilera.nu <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 19 Jun 2017 00:42:57 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497832977.5696951; expires=Thu, 17-Jun-2027 00:42:57 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT9c2HXXKlhVjyecYeRbyGG%2BvX0m4jYju3btOinrsg5SYMmTfE6EO5FWwvrP3bZeRf%2BW0OPMkA%2BKVns%2FPxdRZW3h8tGfVrzFRzh1rQWBglrsqikMe8Q2j6h9OFP9N7ibUDdiOhTF9RRU9bpfAyOv%2FlgnDQTTOpUmaQGvh4s0581h8FUwJq2lXTFZWHFXORjY0VG6VuXqGqVqR18TBR3MpzLEbaLfacey4wh%2Ban8Piawip23Kn%2B5qvC7ybIqENGnVuBGgJ1Gm8tNiUHR8kpQPe%2B9PUYcv1iAFsM3cDAqsQlCHbi0mimv8lEw8dpY3t5lL5DgBumJvBa4WrCHtMGZoaojTLBLc1bNVYiof0exp8%2B8p8MdCgNMwDlGljbGfuD2ykoND%2Fx1UWOzeCllML2DdeLGpcwSHfOpJTXxjkN2mongoiInv6S49fGQEhvfdTQ89kwosG9PdtU0XjaI6fmpWwac2JDGx5Om0AtpWGPihLXyA906EPFIyRbpSohksOk7VNy50Vb3bwngdXOEek0iw5ceeQEMVJQolFsyLbWrEatVNIlolLuRzVvfmcG0BKDiF9Q8W1J9N8Jcsg <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>christina-aguilera.nu is on 103.224.182.249<br>ASN for 103.224.182.249: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.182.249 corresponds with lb-182-249.above.com<br>Abuse.net does not have any reliable address for lb-182-249.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-182-249.above.com1497853543http://carqvistbil.se/ (103.224.212.185) - Serp-hijackingAttacked url: http://carqvistbil.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 19 Jun 2017 02:09:12 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT9c2HXXKlhVj3%2B9U5CWNdY8BjcI8b1EZIFskQNUu4luN9ubumd7CL%2Bc6V2TuV0WAqWrJEg3437YhAvqGHCalPXuce8xrgZyBCvzsDaOStM8LnNKd3iRkfQ%2BFWtjsKg%2FaPldT%2FoX6SVzGX4TNMhS%2BOa1srp4GIs6jBy2ogeOWKaTBpC%2BtMEDFVWqgl%2FwEOUD33ZP0orHzO0zcY9W7iKNuo5ijTJ%2FRqHu92eab35qIAjeCOoM%2FYfSflpdyPNF%2FyGFDQNHd0swzHe%2Fx7Q0i6d0UVK8GsiACDf%2Fc%2Bz63nT%2FiUGIp2AHEMEndmVcJeJAY%2BwZ1n3ajy3ulnEXGVdKIRF%2BC2u7fF0Qgteb8r8f5sxtx%2BJFomZhEm8jApGdWhNzYUFjAQvimY2VB99jW42Xev5ue7pcsZMlFXj46BnTTyr%2FZCcWekTwBMmy35Mn1hbWFPjeX%2B4Ldk2j0esbwOdlP6pVmDdwKoPnZspDsevdoT%2BbrqZmHrPvo6%2FITgZ9p0Bcq14GWti2VfJPijHZLFjne7Al3kkMONYAJBzT%2F7g%3D%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: carqvistbil.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 19 Jun 2017 00:09:12 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45-0+deb7u8 <br>Set-Cookie: __tad=1497830952.1555372; expires=Thu, 17-Jun-2027 00:09:12 GMT <br>Location: http://ww11.carqvistbil.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: carqvistbil.se <br>Referer: http://www.google.com/search?q=carqvistbil.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 19 Jun 2017 00:09:11 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45-0+deb7u8 <br>Set-Cookie: __tad=1497830951.3342426; expires=Thu, 17-Jun-2027 00:09:11 GMT <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT9c2HXXKlhVj3%2B9U5CWNdY8BjcI8b1EZIFskQNUu4luN9ubumd7CL%2Bc6V2TuV0WAqWrJEg3437YhAvqGHCalPXuce8xrgZyBCvzsDaOStM8LnNKd3iRkfQ%2BFWtjsKg%2FaPldT%2FoX6SVzGX4TNMhS%2BOa1srp4GIs6jBy2ogeOWKaTBpC%2BtMEDFVWqgl%2FwEOUD33ZP0orHzO0zcY9W7iKNuo5ijTJ%2FRqHu92eab35qIAjeCOoM%2FYfSflpdyPNF%2FyGFDQNHd0swzHe%2Fx7Q0i6d0UVK8GsiACDf%2Fc%2Bz63nT%2FiUGIp2AHEMEndmVcJeJAY%2BwZ1n3ajy3ulnEXGVdKIRF%2BC2u7fF0Qgteb8r8f5sxtx%2BJFomZhEm8jApGdWhNzYUFjAQvimY2VB99jW42Xev5ue7pcsZMlFXj46BnTTyr%2FZCcWekTwBMmy35Mn1hbWFPjeX%2B4Ldk2j0esbwOdlP6pVmDdwKoPnZspDsevdoT%2BbrqZmHrPvo6%2FITgZ9p0Bcq14GWti2VfJPijHZLFjne7Al3kkMONYAJBzT%2F7g%3D%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>carqvistbil.se is on 103.224.212.185<br>ASN for 103.224.212.185: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.185 corresponds with lb-212-185.above.com<br>Abuse.net does not have any reliable address for lb-212-185.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-212-185.above.com abuse@above.com1497853541http://niinis.se/ (103.224.212.195) - Serp-hijackingAttacked url: http://niinis.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 19 Jun 2017 01:44:18 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT9c2HXXKlhVjJvHJhvP4q8J8JSYC4Cj1WXvXnPisT69VSn652%2BxUnujuGgBpI4FcQGcq7qtMV7mMTbmumOrTPc%2FxoowXQHuhBJrCsYmfjAr9eGeSceh7MWEih7ku7hMY2oGjIuQZaZ%2BMxxXXhgA4XZkwLiye%2BbBfvE6vZWo0APvGT345Jb4sWyICV%2FvyGKLFcPYDvBdX%2Fil0L0P%2Foux5U%2BVsNhqEvq7uCgog4vKMxv4k0Lms9iCUZOPEuPUhu%2BquDq3SmLxSDdjbmMT0fIV7HrcV8E6gg5SC8m%2BgipV%2F047ThLOqMwv%2FDWxIFmZiDDWBUiUq3aAgNdHV0cHDHmFadnJHpQUe4ghpJRBdUuuTzTyVkOtXASfZ9KZBBWVTtVullWCZcNfA3wO2HTpjczC%2BaPi20nCp5E6qdC0GHUEHz3aQ5xQ5UauTMfnmr6F67uXVulv3hbLGXt4e2XmC52oXGOi%2BCk0xSyYziLaE3BdNqd122lVOF64phJR5vRoPxrWrCdGvITOk2a0Z <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: niinis.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Sun, 18 Jun 2017 23:44:18 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497829458.8107049; expires=Wed, 16-Jun-2027 23:44:18 GMT; Max-Age=315360000 <br>Location: http://ww38.niinis.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: niinis.se <br>Referer: http://www.google.com/search?q=niinis.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Sun, 18 Jun 2017 23:44:17 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45-0+deb7u8 <br>Set-Cookie: __tad=1497829457.1472079; expires=Wed, 16-Jun-2027 23:44:17 GMT <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT9c2HXXKlhVjJvHJhvP4q8J8JSYC4Cj1WXvXnPisT69VSn652%2BxUnujuGgBpI4FcQGcq7qtMV7mMTbmumOrTPc%2FxoowXQHuhBJrCsYmfjAr9eGeSceh7MWEih7ku7hMY2oGjIuQZaZ%2BMxxXXhgA4XZkwLiye%2BbBfvE6vZWo0APvGT345Jb4sWyICV%2FvyGKLFcPYDvBdX%2Fil0L0P%2Foux5U%2BVsNhqEvq7uCgog4vKMxv4k0Lms9iCUZOPEuPUhu%2BquDq3SmLxSDdjbmMT0fIV7HrcV8E6gg5SC8m%2BgipV%2F047ThLOqMwv%2FDWxIFmZiDDWBUiUq3aAgNdHV0cHDHmFadnJHpQUe4ghpJRBdUuuTzTyVkOtXASfZ9KZBBWVTtVullWCZcNfA3wO2HTpjczC%2BaPi20nCp5E6qdC0GHUEHz3aQ5xQ5UauTMfnmr6F67uXVulv3hbLGXt4e2XmC52oXGOi%2BCk0xSyYziLaE3BdNqd122lVOF64phJR5vRoPxrWrCdGvITOk2a0Z <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>niinis.se is on 103.224.212.195<br>ASN for 103.224.212.195: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.195 corresponds with lb-212-195.above.com<br>Abuse.net does not have any reliable address for lb-212-195.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-195.above.com1497853540http://hjarntorget.nu/ (103.224.182.249) - Serp-hijackingAttacked url: http://hjarntorget.nu/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 19 Jun 2017 01:07:55 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT9c2HXXKlhVjirmy8PGgNC2YvwLwaVR04yKZFU3%2FqqQ30HQz7YtD00Iy%2BGEJJLEYx2yw0qf7E%2Fxl90%2F31089ZbY57NKNkrNwT9qxx2fkdvRXezCyXIhEkSHGdJw99bEsDNXKloD5aQ9aBUwNq9lruKb3EISl9kmrhGRJ%2BsV%2Bp6vKM1IhIf%2FJYhwr6Wcfav%2BjO6zaH4mhAhfglJa%2F7ep7WlJR3DNAGOxZgQNmq7JlsrT5NpruMZW8kiScUdLfKRnNTBZJTljYZ7GbztIbbSpTAJmyvTg9os3llK6h7GERleAt54hPc7Qk1juBIlJQlcTtsPlKvsULrt3y%2BJsmVOGCoyWYLIq5MTcpZI2Dpdw%2BH1gkNyc8Y4yl3qkXpKJYZ9hqW7ruy%2FcU%2BkiNatqt7gfxwuxmTZrGlcpDhkEjni%2BOAPE8QnyesnrNl6Le0afUFsGoI%2B8x5bvl54qbKWalrHxQYS09VOZbkeeJy4%2FEKJcerr5B6BYso9d4sTFTAi6hdux%2FQfHlkam%2BQrXrgt7GK93vKHTmV%2BI5iHwUQg%3D%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: hjarntorget.nu <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Sun, 18 Jun 2017 23:07:56 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497827276.2772061; expires=Wed, 16-Jun-2027 23:07:56 GMT; Max-Age=315360000 <br>Location: http://ww11.hjarntorget.nu/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: hjarntorget.nu <br>Referer: http://www.google.com/search?q=hjarntorget.nu <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Sun, 18 Jun 2017 23:07:55 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497827275.2614831; expires=Wed, 16-Jun-2027 23:07:55 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT9c2HXXKlhVjirmy8PGgNC2YvwLwaVR04yKZFU3%2FqqQ30HQz7YtD00Iy%2BGEJJLEYx2yw0qf7E%2Fxl90%2F31089ZbY57NKNkrNwT9qxx2fkdvRXezCyXIhEkSHGdJw99bEsDNXKloD5aQ9aBUwNq9lruKb3EISl9kmrhGRJ%2BsV%2Bp6vKM1IhIf%2FJYhwr6Wcfav%2BjO6zaH4mhAhfglJa%2F7ep7WlJR3DNAGOxZgQNmq7JlsrT5NpruMZW8kiScUdLfKRnNTBZJTljYZ7GbztIbbSpTAJmyvTg9os3llK6h7GERleAt54hPc7Qk1juBIlJQlcTtsPlKvsULrt3y%2BJsmVOGCoyWYLIq5MTcpZI2Dpdw%2BH1gkNyc8Y4yl3qkXpKJYZ9hqW7ruy%2FcU%2BkiNatqt7gfxwuxmTZrGlcpDhkEjni%2BOAPE8QnyesnrNl6Le0afUFsGoI%2B8x5bvl54qbKWalrHxQYS09VOZbkeeJy4%2FEKJcerr5B6BYso9d4sTFTAi6hdux%2FQfHlkam%2BQrXrgt7GK93vKHTmV%2BI5iHwUQg%3D%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>hjarntorget.nu is on 103.224.182.249<br>ASN for 103.224.182.249: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.182.249 corresponds with lb-182-249.above.com<br>Abuse.net does not have any reliable address for lb-182-249.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-182-249.above.com1497853533http://hrcommittment.se/ (103.224.212.195) - Serp-hijackingAttacked url: http://hrcommittment.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 19 Jun 2017 00:23:40 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT9c2HXXKlhVjZBXIXJ2PKx68NoD%2BriNeKkbmT%2FynmSKuT8HRjHuL4LfnLSMUa9cZyMt%2F6Ksix0%2BwZvwaE4Eala8v6tRVyVa4SA3YIRpRjXT7QW6giILWy65e9WgO2fFohQcKK2KMW%2FOG0i5erFjd1ixZJPa07cTjMzXfFIu7MYa7nvzYim48Uu4wJvjT2JY00dDv%2FnzVigGDgc8eFRE3%2BXsSWDMIIsIhfKp%2B8djqXAW6vQPnf5rnoLDRzlvvPmv%2B0jYJaO6z9yJqU0xbyUxGPpBZNe0W1%2BdJQkSq9fynMGmgI7FS1xgpH%2BlNlDbYWgYA7g%2FaM3vwj4LIpUButZRBQf43omnGZlHUUNHQyy07eZREinTLR45oxsanZg3qL7HMYh0ruhX%2Bxr%2FraQ3jLMKvosAUEIBXPEqXD1t75CCg1FsIg0FsgtARXyhA8HH6D4rh1dWXli4qF0LEJnrTDW27MC31FJuq2owbfvnaB325o1Y%2Bn8Jp9%2FaVRvw7rsCmn%2FDPkneaEldh%2BsRy3JbAGDzn6%2ByB%2B2rGn8uVeAzOkGRW1cAV4YJ%2FXmmZAgg%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: hrcommittment.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Sun, 18 Jun 2017 22:23:41 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497824621.1672618; expires=Wed, 16-Jun-2027 22:23:41 GMT; Max-Age=315360000 <br>Location: http://ww11.hrcommittment.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: hrcommittment.se <br>Referer: http://www.google.com/search?q=hrcommittment.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Sun, 18 Jun 2017 22:23:40 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497824620.3209166; expires=Wed, 16-Jun-2027 22:23:40 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT9c2HXXKlhVjZBXIXJ2PKx68NoD%2BriNeKkbmT%2FynmSKuT8HRjHuL4LfnLSMUa9cZyMt%2F6Ksix0%2BwZvwaE4Eala8v6tRVyVa4SA3YIRpRjXT7QW6giILWy65e9WgO2fFohQcKK2KMW%2FOG0i5erFjd1ixZJPa07cTjMzXfFIu7MYa7nvzYim48Uu4wJvjT2JY00dDv%2FnzVigGDgc8eFRE3%2BXsSWDMIIsIhfKp%2B8djqXAW6vQPnf5rnoLDRzlvvPmv%2B0jYJaO6z9yJqU0xbyUxGPpBZNe0W1%2BdJQkSq9fynMGmgI7FS1xgpH%2BlNlDbYWgYA7g%2FaM3vwj4LIpUButZRBQf43omnGZlHUUNHQyy07eZREinTLR45oxsanZg3qL7HMYh0ruhX%2Bxr%2FraQ3jLMKvosAUEIBXPEqXD1t75CCg1FsIg0FsgtARXyhA8HH6D4rh1dWXli4qF0LEJnrTDW27MC31FJuq2owbfvnaB325o1Y%2Bn8Jp9%2FaVRvw7rsCmn%2FDPkneaEldh%2BsRy3JbAGDzn6%2ByB%2B2rGn8uVeAzOkGRW1cAV4YJ%2FXmmZAgg%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>hrcommittment.se is on 103.224.212.195<br>ASN for 103.224.212.195: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.195 corresponds with lb-212-195.above.com<br>Abuse.net does not have any reliable address for lb-212-195.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-212-195.above.com abuse@above.com1497853532http://salongelisabeth.se/ (103.224.212.186) - Serp-hijackingAttacked url: http://salongelisabeth.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Sun, 18 Jun 2017 23:20:07 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT9c2HXXKlhVj%2B6qW37pQMoqV2nVU3P6GDkkEd7HbvkFOfCATxmPgxkdsQ9kB%2FxN1Krl0kffsn%2BbiNrO36UcVNhhb9mbUMWqtQfcRu8s0ZIGzkBOL8Vp4CsdHHtVeUKSMskoDgN090Tct8bIUmr9qYWwy49A9QGtc5s5worOyscOOTm5Pm9MuYpDeJF9uPYkIs2QrgH%2FS3Tf%2FipaDwzHog7OVcbyHd%2F3IYYcd4oowJBHUnNs5dgF%2Fv3q%2BRlhMafWQH9AeUJbKksW14aVx6PQiITb0jXjbrPsh9qGxpKu%2FywoNxSM4CUxtI7kCjdMSsW16Le46EkHMSkYfplXleaAFFsxIVqR4PmXIxKhGe4LncRRKG46UAQTygHrhZsDF5E%2FlT%2BTWAhRrfe93s7L2jCdQOZu%2B1XTFftRoufiRFCr%2BZC3RmT66qk36ilju5BUnS8n5TLNnx8W%2FyfYIDGSo3u9E385YlZTxjBebVctBU2ZIwsGHmGYR1SQVEpxLoAk%2FqKO1SRiNo3xgwCV%2Bv7QzTZKl6ZShFQROncBI3lF97q2%2Ftkq849or2LFRfGg%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: salongelisabeth.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Sun, 18 Jun 2017 21:20:07 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497820807.8646712; expires=Wed, 16-Jun-2027 21:20:07 GMT; Max-Age=315360000 <br>Location: http://ww11.salongelisabeth.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: salongelisabeth.se <br>Referer: http://www.google.com/search?q=salongelisabeth.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Sun, 18 Jun 2017 21:20:06 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497820807.8783928; expires=Wed, 16-Jun-2027 21:20:07 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT9c2HXXKlhVj%2B6qW37pQMoqV2nVU3P6GDkkEd7HbvkFOfCATxmPgxkdsQ9kB%2FxN1Krl0kffsn%2BbiNrO36UcVNhhb9mbUMWqtQfcRu8s0ZIGzkBOL8Vp4CsdHHtVeUKSMskoDgN090Tct8bIUmr9qYWwy49A9QGtc5s5worOyscOOTm5Pm9MuYpDeJF9uPYkIs2QrgH%2FS3Tf%2FipaDwzHog7OVcbyHd%2F3IYYcd4oowJBHUnNs5dgF%2Fv3q%2BRlhMafWQH9AeUJbKksW14aVx6PQiITb0jXjbrPsh9qGxpKu%2FywoNxSM4CUxtI7kCjdMSsW16Le46EkHMSkYfplXleaAFFsxIVqR4PmXIxKhGe4LncRRKG46UAQTygHrhZsDF5E%2FlT%2BTWAhRrfe93s7L2jCdQOZu%2B1XTFftRoufiRFCr%2BZC3RmT66qk36ilju5BUnS8n5TLNnx8W%2FyfYIDGSo3u9E385YlZTxjBebVctBU2ZIwsGHmGYR1SQVEpxLoAk%2FqKO1SRiNo3xgwCV%2Bv7QzTZKl6ZShFQROncBI3lF97q2%2Ftkq849or2LFRfGg%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>salongelisabeth.se is on 103.224.212.186<br>ASN for 103.224.212.186: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.186 corresponds with lb-212-186.above.com<br>Abuse.net does not have any reliable address for lb-212-186.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-212-186.above.com abuse@above.com1497853530http://anatgning.se/ (103.224.212.198) - Serp-hijackingAttacked url: http://anatgning.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Sun, 18 Jun 2017 23:05:05 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT9c2HXXKlhVjn9L6xIgxgdeC%2BTeMlXLxkg5WiaVD0zWNbpBYxlF8UgYZWPCSx5LHpggYBjdZpA1obpo8wjWhtel6j253tDnxvOCuY%2BxG%2BBec2P0e0hsKhypmxGgiQTUgLvkjEJoRCTNo2FPIg0kX5Nw6l2VPyQ3kAZYzSREJvA%2BJ7OjU2t%2FCwv4oM3KUWEtLqg7JGdOiAf8ammAu2MOWuMAxIRcT7Fp7x%2F5aIibmwbK7zROHOczQzilToJxHLlOyNBLDoj0OPP%2Fe9s85dz6PX%2Fp2OcF1q2HbqrYEc5yG%2BjnnqGoKFXJEpC5Q0lSwX%2BFHJOdI1az91s4%2BBVY%2BcjgKf%2BS8jgJAwInjeT3YjbZuJwut2Q8k8Rk8yt2EgLFdnSa64vqvim%2BzOe46eiJPv3KXhnC7S3MDsWAGOZOGfLPv77LQDrIFEmP3xJurDPFnqeKutCSrqarMyfZDf00u6YXdX0B4ZxVI%2FpANol8dBPu6pTwXkvfiQ%2FH5MYEMZR0c5IumL2MVs%2BnSpuan%2ByMBvjpiyHhG0byvBFWX%2BLUeXjuOn9L1 <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: anatgning.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Sun, 18 Jun 2017 21:05:06 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45-0+deb7u8 <br>Set-Cookie: __tad=1497819906.3998253; expires=Wed, 16-Jun-2027 21:05:06 GMT <br>Location: http://ww38.anatgning.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: anatgning.se <br>Referer: http://www.google.com/search?q=anatgning.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Sun, 18 Jun 2017 21:05:05 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497819905.7468986; expires=Wed, 16-Jun-2027 21:05:05 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT9c2HXXKlhVjn9L6xIgxgdeC%2BTeMlXLxkg5WiaVD0zWNbpBYxlF8UgYZWPCSx5LHpggYBjdZpA1obpo8wjWhtel6j253tDnxvOCuY%2BxG%2BBec2P0e0hsKhypmxGgiQTUgLvkjEJoRCTNo2FPIg0kX5Nw6l2VPyQ3kAZYzSREJvA%2BJ7OjU2t%2FCwv4oM3KUWEtLqg7JGdOiAf8ammAu2MOWuMAxIRcT7Fp7x%2F5aIibmwbK7zROHOczQzilToJxHLlOyNBLDoj0OPP%2Fe9s85dz6PX%2Fp2OcF1q2HbqrYEc5yG%2BjnnqGoKFXJEpC5Q0lSwX%2BFHJOdI1az91s4%2BBVY%2BcjgKf%2BS8jgJAwInjeT3YjbZuJwut2Q8k8Rk8yt2EgLFdnSa64vqvim%2BzOe46eiJPv3KXhnC7S3MDsWAGOZOGfLPv77LQDrIFEmP3xJurDPFnqeKutCSrqarMyfZDf00u6YXdX0B4ZxVI%2FpANol8dBPu6pTwXkvfiQ%2FH5MYEMZR0c5IumL2MVs%2BnSpuan%2ByMBvjpiyHhG0byvBFWX%2BLUeXjuOn9L1 <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>anatgning.se is on 103.224.212.198<br>ASN for 103.224.212.198: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.198 corresponds with lb-212-198.above.com<br>Abuse.net does not have any reliable address for lb-212-198.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-198.above.com1497853517http://pokemast.se/ (103.224.212.195) - Serp-hijackingAttacked url: http://pokemast.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Sun, 18 Jun 2017 22:48:01 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT9c2HXXKlhVjA6RlB3Gjni43ltFvpWS5YKDwaKFIhO2N33XoR4XrnWkt%2B2n9kkQut%2FurTci74pIBpeuPrs02dw0x6S8f800k1trERcIUxhtCTZ1z%2FoBP1%2Fmwu9jIcl%2F9e97tzyZNPE5UZ2PRsztGgjeHh%2BI7b9HZmUnWQ4VDZeM%2FHTIEn5PzkyQLAUttub2YSdTLZAPpxclr5Ay0RIx3uubVWu%2FrkQbETjWdLoFjJL%2BVPV2p9ShfN8V0YaLNnYKG3Wgt%2FUvl3Ifdc1aRhqlf%2Fa0riHO0rXBp10ZANYZRx92EP6i9L%2BjDkynK1J%2FBcLQF87AvU%2F9hH%2BX8xuTiNmJlJ84%2B%2FIo1Hwbrh3BJ6%2FZcYiNce18j4GMKMu%2F3KcyoZ9mnSSLF%2B8%2FrABPm3vlSR2Pxog1ei00feBQ2KD2nl7aMAWtAAzDwHl%2FyMCJf156QseZ4cgZ6xRxBESvNm%2FSlY5%2BWpW2%2F%2BmM3OF%2BPYNGLhjjoyGgQHuwWDBDZdmlzs85MvJrBCzjurm5R5BKSOMfjdNbJCgI%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: pokemast.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Sun, 18 Jun 2017 20:48:02 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45-0+deb7u8 <br>Set-Cookie: __tad=1497818882.5084805; expires=Wed, 16-Jun-2027 20:48:02 GMT <br>Location: http://ww11.pokemast.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: pokemast.se <br>Referer: http://www.google.com/search?q=pokemast.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Sun, 18 Jun 2017 20:48:01 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497818881.4283170; expires=Wed, 16-Jun-2027 20:48:01 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT9c2HXXKlhVjA6RlB3Gjni43ltFvpWS5YKDwaKFIhO2N33XoR4XrnWkt%2B2n9kkQut%2FurTci74pIBpeuPrs02dw0x6S8f800k1trERcIUxhtCTZ1z%2FoBP1%2Fmwu9jIcl%2F9e97tzyZNPE5UZ2PRsztGgjeHh%2BI7b9HZmUnWQ4VDZeM%2FHTIEn5PzkyQLAUttub2YSdTLZAPpxclr5Ay0RIx3uubVWu%2FrkQbETjWdLoFjJL%2BVPV2p9ShfN8V0YaLNnYKG3Wgt%2FUvl3Ifdc1aRhqlf%2Fa0riHO0rXBp10ZANYZRx92EP6i9L%2BjDkynK1J%2FBcLQF87AvU%2F9hH%2BX8xuTiNmJlJ84%2B%2FIo1Hwbrh3BJ6%2FZcYiNce18j4GMKMu%2F3KcyoZ9mnSSLF%2B8%2FrABPm3vlSR2Pxog1ei00feBQ2KD2nl7aMAWtAAzDwHl%2FyMCJf156QseZ4cgZ6xRxBESvNm%2FSlY5%2BWpW2%2F%2BmM3OF%2BPYNGLhjjoyGgQHuwWDBDZdmlzs85MvJrBCzjurm5R5BKSOMfjdNbJCgI%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>pokemast.se is on 103.224.212.195<br>ASN for 103.224.212.195: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.195 corresponds with lb-212-195.above.com<br>Abuse.net does not have any reliable address for lb-212-195.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-212-195.above.com abuse@above.com1497853509http://swefilmers.se/ (103.224.212.191) - Serp-hijackingAttacked url: http://swefilmers.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Sun, 18 Jun 2017 21:37:30 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT9c2HXXKlhVj2qNfgiOy%2BYdsEPPuQSwitKzsFjtfJOhLX5r7S0b%2BG7ayqLn9onlEhdesdpL%2Bc1Mrkf8LGeTfUQ3OOaRhWWTg93WBWl72zWDqEv1guIFH5P%2BgOuSPuWMv0he9GYJxgc5kfSkw3roupOykaY9TSI06NnRYYuRuqiJtTglU82JKK4EkRsWtX4%2F5%2BEDINpCueue7JnXqeZJ3fsmqpRAyJ3CUiE7l97iSIzwtfi38%2FGtdkxoUreM7qJmLJ5K%2FQGFOncUevEvjUxA0gDfoh8PJPai%2BGDes%2BW52L3TtSEn3z4v7XB0Vc5aXplJa%2BQOleOIQO0CKQOV4%2B%2BoTc4ao5osUZM1vzvR8ijmfwEVj8KSl5qUQZNns8%2BCV116LlGCiN3GuGP86IuR0H85LSLH3gwdo3bMsHUDc%2BbiRyW9zKpcVzeNxNRJY76hGixfO2aRIDgp7pQibzHhsl59ZqilEujuKgEyU3NB04sWAg1KHyeZRok12aRWdE98dBs5j19kxJsg2YV1AoH0xdjffWbZrTeM%2Bp6ONiA%3D%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: swefilmers.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Sun, 18 Jun 2017 19:37:30 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45-0+deb7u8 <br>Set-Cookie: __tad=1497814650.7859357; expires=Wed, 16-Jun-2027 19:37:30 GMT <br>Location: http://ww11.swefilmers.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: swefilmers.se <br>Referer: http://www.google.com/search?q=swefilmers.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Sun, 18 Jun 2017 19:37:29 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497814649.5195256; expires=Wed, 16-Jun-2027 19:37:29 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT9c2HXXKlhVj2qNfgiOy%2BYdsEPPuQSwitKzsFjtfJOhLX5r7S0b%2BG7ayqLn9onlEhdesdpL%2Bc1Mrkf8LGeTfUQ3OOaRhWWTg93WBWl72zWDqEv1guIFH5P%2BgOuSPuWMv0he9GYJxgc5kfSkw3roupOykaY9TSI06NnRYYuRuqiJtTglU82JKK4EkRsWtX4%2F5%2BEDINpCueue7JnXqeZJ3fsmqpRAyJ3CUiE7l97iSIzwtfi38%2FGtdkxoUreM7qJmLJ5K%2FQGFOncUevEvjUxA0gDfoh8PJPai%2BGDes%2BW52L3TtSEn3z4v7XB0Vc5aXplJa%2BQOleOIQO0CKQOV4%2B%2BoTc4ao5osUZM1vzvR8ijmfwEVj8KSl5qUQZNns8%2BCV116LlGCiN3GuGP86IuR0H85LSLH3gwdo3bMsHUDc%2BbiRyW9zKpcVzeNxNRJY76hGixfO2aRIDgp7pQibzHhsl59ZqilEujuKgEyU3NB04sWAg1KHyeZRok12aRWdE98dBs5j19kxJsg2YV1AoH0xdjffWbZrTeM%2Bp6ONiA%3D%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>swefilmers.se is on 103.224.212.191<br>ASN for 103.224.212.191: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.191 corresponds with lb-212-191.above.com<br>Abuse.net does not have any reliable address for lb-212-191.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-191.above.com1497853506http://huddiksvall.se/ (103.224.212.199) - Serp-hijackingAttacked url: http://huddiksvall.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Sun, 18 Jun 2017 20:33:58 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT9c2HXXKlhVjlnV0weLyTyCbFJvVQF3zniMmdKT%2FvAbKCBTO3053XaQpdGg0lJ9aUaFJTXCm8KBThoZD2sBPrROKX02EkeRMo97oXWhLbx%2BShgRylDmZlGFayx8tSVOHO8oMnUEazJUWWfHg8CUt2siWfn6kO8n6DmVGrqjN7ruQGqjfbYEYOqBg%2FMdVezs5JR0%2F4OA4kH5v3CkGUQmcDQEDvxeRlCxi3bl9Eb4ahSXHUTMvZ7guhthm02CgOwpdDgjxJLi2VzYVlIhtwFRipnxhN0jyAicbLBtNsK3qgdh4xTikXTtV8KafphXeDEi9HgE6XYbvSB3y%2Fj6zTSaGIRNpY07DYRxGJlyr8EwwunzLWxREjyeY%2BDdn1t5EP3q4ECcOcwYVPz77z0n7aVeuzWOlKKm1S2MNRc8mKMOBoffFAp56RS0ZeL131damDI900SMjaJQ71a5L%2Bfog6drVtPsrbe8gI9Qz%2BpvwLTfHrNZ%2FVuBwHINXJX%2BU%2FITJzfu15cpU7vkMfA38vnpppFfkkU7sekBXftN05Hx5z%2FlroPCb <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: huddiksvall.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Sun, 18 Jun 2017 18:33:59 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497810839.8119869; expires=Wed, 16-Jun-2027 18:33:59 GMT; Max-Age=315360000 <br>Location: http://ww11.huddiksvall.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: huddiksvall.se <br>Referer: http://www.google.com/search?q=huddiksvall.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Sun, 18 Jun 2017 18:33:58 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497810838.1494382; expires=Wed, 16-Jun-2027 18:33:58 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT9c2HXXKlhVjlnV0weLyTyCbFJvVQF3zniMmdKT%2FvAbKCBTO3053XaQpdGg0lJ9aUaFJTXCm8KBThoZD2sBPrROKX02EkeRMo97oXWhLbx%2BShgRylDmZlGFayx8tSVOHO8oMnUEazJUWWfHg8CUt2siWfn6kO8n6DmVGrqjN7ruQGqjfbYEYOqBg%2FMdVezs5JR0%2F4OA4kH5v3CkGUQmcDQEDvxeRlCxi3bl9Eb4ahSXHUTMvZ7guhthm02CgOwpdDgjxJLi2VzYVlIhtwFRipnxhN0jyAicbLBtNsK3qgdh4xTikXTtV8KafphXeDEi9HgE6XYbvSB3y%2Fj6zTSaGIRNpY07DYRxGJlyr8EwwunzLWxREjyeY%2BDdn1t5EP3q4ECcOcwYVPz77z0n7aVeuzWOlKKm1S2MNRc8mKMOBoffFAp56RS0ZeL131damDI900SMjaJQ71a5L%2Bfog6drVtPsrbe8gI9Qz%2BpvwLTfHrNZ%2FVuBwHINXJX%2BU%2FITJzfu15cpU7vkMfA38vnpppFfkkU7sekBXftN05Hx5z%2FlroPCb <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>huddiksvall.se is on 103.224.212.199<br>ASN for 103.224.212.199: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.199 corresponds with lb-212-199.above.com<br>Abuse.net does not have any reliable address for lb-212-199.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-212-199.above.com abuse@above.com1497853497http://korkortsportale.se/ (103.224.212.189) - Serp-hijackingAttacked url: http://korkortsportale.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Sun, 18 Jun 2017 19:18:23 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT9c2HXXKlhVjqRi%2FeSVUCLZWmX%2FZ%2BN9w5BSdHamh1YoMW6X8rmdacMFw48bQLLNQCu%2FI0qAAQe1Gx63XPex%2Byz7%2FNHrdsEc%2BEZvLXoy%2BYqmT2EFoW6pYWkJlCf9YpAksJ8Edpda88xMnObXCnml%2FBiqwxPpfcvcvFN8hHOzwzBli3d40olXd6p%2F4vvCTDGon7%2B2FHmbQ%2BkTNz5leYg6V3iJQmMnMKSsgFyDAwqRf%2F94f35dS7MFTr5I6%2BGi7cA7lZBPS023CnwSxMCMRevkYUX3dk2lGWwFJBge9C4WJmr4bpPCQGJytFYeBXRdNtGLhEzCxCMhJpzXF3BHEqSX83bPsxs0ol30WzhRraXxNI4Xzd3GPZrfraNQZu%2FOyu7i8ZmWydhR%2BUOA0XBU%2FjLKTT1T8fXCkw%2FWW%2BDcLq5xhJhQEPYbFM5Lw20QDQY0PPcbuvYTv1mk7GRjqe5LQn6KnttoU1ErILeUeyLbwFBHaUK4iUpDN%2B2cbs0u7q6RUcWs46KhRE4RKBtljQTqW9CFTz8XhufVyNuylJjDQQLTgr1i48hAUDRRA4G1IZK4PTnsdvQ%3D%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: korkortsportale.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Sun, 18 Jun 2017 17:18:23 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497806303.1174041; expires=Wed, 16-Jun-2027 17:18:23 GMT; Max-Age=315360000 <br>Location: http://ww11.korkortsportale.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: korkortsportale.se <br>Referer: http://www.google.com/search?q=korkortsportale.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Sun, 18 Jun 2017 17:18:22 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45-0+deb7u8 <br>Set-Cookie: __tad=1497806302.5018884; expires=Wed, 16-Jun-2027 17:18:22 GMT <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT9c2HXXKlhVjqRi%2FeSVUCLZWmX%2FZ%2BN9w5BSdHamh1YoMW6X8rmdacMFw48bQLLNQCu%2FI0qAAQe1Gx63XPex%2Byz7%2FNHrdsEc%2BEZvLXoy%2BYqmT2EFoW6pYWkJlCf9YpAksJ8Edpda88xMnObXCnml%2FBiqwxPpfcvcvFN8hHOzwzBli3d40olXd6p%2F4vvCTDGon7%2B2FHmbQ%2BkTNz5leYg6V3iJQmMnMKSsgFyDAwqRf%2F94f35dS7MFTr5I6%2BGi7cA7lZBPS023CnwSxMCMRevkYUX3dk2lGWwFJBge9C4WJmr4bpPCQGJytFYeBXRdNtGLhEzCxCMhJpzXF3BHEqSX83bPsxs0ol30WzhRraXxNI4Xzd3GPZrfraNQZu%2FOyu7i8ZmWydhR%2BUOA0XBU%2FjLKTT1T8fXCkw%2FWW%2BDcLq5xhJhQEPYbFM5Lw20QDQY0PPcbuvYTv1mk7GRjqe5LQn6KnttoU1ErILeUeyLbwFBHaUK4iUpDN%2B2cbs0u7q6RUcWs46KhRE4RKBtljQTqW9CFTz8XhufVyNuylJjDQQLTgr1i48hAUDRRA4G1IZK4PTnsdvQ%3D%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>korkortsportale.se is on 103.224.212.189<br>ASN for 103.224.212.189: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.189 corresponds with lb-212-189.above.com<br>Abuse.net does not have any reliable address for lb-212-189.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-212-189.above.com abuse@above.com1497853483http://sibf.se/ (103.224.212.187) - Serp-hijackingAttacked url: http://sibf.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Sun, 18 Jun 2017 17:06:58 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT9c2HXXKlhVjTMeTxzJSs5%2Bk9gSw%2FdPrP4jrBx8GkY16OkjJhmz60F1VIBfpdcSmXphn0cgzBTWR3uV7ixBtOw6I8sEA8PTMiFUHEFigvN71ZtFDbT0ZQIAa2pI2Olz2QKr86LhCIm53R%2BqZKLKSANjqvWCAm0Q0TVhGH4TfLjzwLGwLz%2FjgErtJPKnzZYPZXGWeQINtcNsV85JD5AMV4nchXpPjMpIcCtGq9pYbjEVThoMmpUdZrFT8OreALvquCDtgBscnLIMjyBD1hoHJlc9PIt0unpuzqb40u%2Fv44IzaguhkXIBBn0cXQNXI%2BcWEXc2m5Yu7dSXd%2FT5o8Sqe2%2FRj8TEB0WV62QGPkCaRTuAmNRgDO8qm2t0v7OggTuwi%2Fj%2Fk24ocMDSDnKbfF5v5DAciDYHjA4pdl20U8r9Wd%2BjzqJQVk2%2Fg6SXbYbcSxCnau9KGEA0UNJAEohNQ3b4ICDEVIouvr38hh3NU7KdorgKduYfP%2FY0P2GhETMVbLAcZ4fD4g9%2BSuGNt <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: sibf.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Sun, 18 Jun 2017 15:06:58 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45-0+deb7u8 <br>Set-Cookie: __tad=1497798418.1326352; expires=Wed, 16-Jun-2027 15:06:58 GMT <br>Location: http://ww11.sibf.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: sibf.se <br>Referer: http://www.google.com/search?q=sibf.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Sun, 18 Jun 2017 15:06:57 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497798418.8761986; expires=Wed, 16-Jun-2027 15:06:58 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT9c2HXXKlhVjTMeTxzJSs5%2Bk9gSw%2FdPrP4jrBx8GkY16OkjJhmz60F1VIBfpdcSmXphn0cgzBTWR3uV7ixBtOw6I8sEA8PTMiFUHEFigvN71ZtFDbT0ZQIAa2pI2Olz2QKr86LhCIm53R%2BqZKLKSANjqvWCAm0Q0TVhGH4TfLjzwLGwLz%2FjgErtJPKnzZYPZXGWeQINtcNsV85JD5AMV4nchXpPjMpIcCtGq9pYbjEVThoMmpUdZrFT8OreALvquCDtgBscnLIMjyBD1hoHJlc9PIt0unpuzqb40u%2Fv44IzaguhkXIBBn0cXQNXI%2BcWEXc2m5Yu7dSXd%2FT5o8Sqe2%2FRj8TEB0WV62QGPkCaRTuAmNRgDO8qm2t0v7OggTuwi%2Fj%2Fk24ocMDSDnKbfF5v5DAciDYHjA4pdl20U8r9Wd%2BjzqJQVk2%2Fg6SXbYbcSxCnau9KGEA0UNJAEohNQ3b4ICDEVIouvr38hh3NU7KdorgKduYfP%2FY0P2GhETMVbLAcZ4fD4g9%2BSuGNt <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>sibf.se is on 103.224.212.187<br>ASN for 103.224.212.187: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.187 corresponds with lb-212-187.above.com<br>Abuse.net does not have any reliable address for lb-212-187.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-212-187.above.com abuse@above.com1497853445http://bergmanphoto.se/ (103.224.212.187) - Serp-hijackingAttacked url: http://bergmanphoto.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Sun, 18 Jun 2017 15:27:06 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT7BA%2F1fJaFPtXg%2BsOZqsnjrIq4iqN6r4M8YgJqcY7Xrtm5VBliyzrRnrIGEtgNY9j6QFN84z6OS4ybHpIh1iNuwLTDnxu3k%2F%2FIy5UYLur2IBU%2FWfF6wc1j6FtRDPqpiV2L0Wzwasxkke62h%2FdTF4dhBe2zM8t5JGBDhAXp2H1YcYhkAfBm5TKB8lK%2BwN64PYQysnQXFXgC%2BVHUFTs3LXsQeGkDZXTyWb6Se8pQj%2F6uUIO0rzu3%2FtRVJpfYjBEbVxfjYdp3I%2BIIg0VRbkPv89gxXvjYX2m87VatN5UGoy0PLA%2FrD6AqecNLDIPX34PzX%2BqOoqC51zQRbLoQUslhlWCwB1qeJRG6%2F9OgUb2uf0SJILfMeNG6oSZmt0CqNwSSD0O96ArZeKwmZ6VX72zcRVyzV9eeCJ3suJSFRFUMeeFU%2BTCQceLTft%2B58iOdJDh2jO2Q03r71lu8wEwZ8%2F2oFBhpbKcBIVeNsTHJg2xg5xrDxwuwmY%2FHuMgeDLSyI52Sc5rrTI3ZGeiohHV1N2uuqgr18R%2BuNHnE%2Bcact9Vp9ATfot <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: bergmanphoto.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Sun, 18 Jun 2017 13:27:06 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45-0+deb7u8 <br>Set-Cookie: __tad=1497792426.8784602; expires=Wed, 16-Jun-2027 13:27:06 GMT <br>Location: http://ww11.bergmanphoto.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: bergmanphoto.se <br>Referer: http://www.google.com/search?q=bergmanphoto.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Sun, 18 Jun 2017 13:27:05 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45-0+deb7u8 <br>Set-Cookie: __tad=1497792425.2461399; expires=Wed, 16-Jun-2027 13:27:05 GMT <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT7BA%2F1fJaFPtXg%2BsOZqsnjrIq4iqN6r4M8YgJqcY7Xrtm5VBliyzrRnrIGEtgNY9j6QFN84z6OS4ybHpIh1iNuwLTDnxu3k%2F%2FIy5UYLur2IBU%2FWfF6wc1j6FtRDPqpiV2L0Wzwasxkke62h%2FdTF4dhBe2zM8t5JGBDhAXp2H1YcYhkAfBm5TKB8lK%2BwN64PYQysnQXFXgC%2BVHUFTs3LXsQeGkDZXTyWb6Se8pQj%2F6uUIO0rzu3%2FtRVJpfYjBEbVxfjYdp3I%2BIIg0VRbkPv89gxXvjYX2m87VatN5UGoy0PLA%2FrD6AqecNLDIPX34PzX%2BqOoqC51zQRbLoQUslhlWCwB1qeJRG6%2F9OgUb2uf0SJILfMeNG6oSZmt0CqNwSSD0O96ArZeKwmZ6VX72zcRVyzV9eeCJ3suJSFRFUMeeFU%2BTCQceLTft%2B58iOdJDh2jO2Q03r71lu8wEwZ8%2F2oFBhpbKcBIVeNsTHJg2xg5xrDxwuwmY%2FHuMgeDLSyI52Sc5rrTI3ZGeiohHV1N2uuqgr18R%2BuNHnE%2Bcact9Vp9ATfot <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>bergmanphoto.se is on 103.224.212.187<br>ASN for 103.224.212.187: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.187 corresponds with lb-212-187.above.com<br>Abuse.net does not have any reliable address for lb-212-187.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-212-187.above.com abuse@above.com1497853377http://apoketet.se/ (103.224.212.197) - Serp-hijackingAttacked url: http://apoketet.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Sun, 18 Jun 2017 14:18:46 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT7BA%2F1fJaFPt8rxsYeQ6oG1MdlzbD6Ze%2BffHRAyfJf1zeuDVLHOwNZJDicHzTgQoihTXng5MLMNt%2Fp0X31uMCgwJAfflYrUDALxeu60PURz1qDiC7gyW9UZw%2F2Yx8eS9He%2BoUTU%2FKRey0UdTFkI3Xv4n8SRVsAmgBm8W1TWOUxsD%2BYXdSov10XyOQ6kxBe40cQeiBSutz7osU%2Fq%2FK4%2FC62hXeAXs3Wxu9XCLuu9xwlYvXOp9zC7zoeAcqE7TuCJkbLbLgB924b1dP%2BVVngEBZjiGxsCmLRwplmecaVl4J56grTROT%2FBkM27OquHa1md1bfDsIcZiaG2pamP85%2Bpypq5vun303VMIONex4yT47GJ37%2Bd9rvcX6oW59L90ICal2xNfs6L1715uPeWxiXjpiStnv9BjCnxmCVatag9QvI9nZ7WRbT5hERhCDHVNnj6dR1350R84n6Y6RElZS8D3hI8EH8Px6y854uW%2FFvLB3GvE9J%2Be0htsOyRNDg6hDrMAAkSCmC8H%2FW6z0B%2B84F5a1xg%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: apoketet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Sun, 18 Jun 2017 12:18:46 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497788326.2990820; expires=Wed, 16-Jun-2027 12:18:46 GMT; Max-Age=315360000 <br>Location: http://ww11.apoketet.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: apoketet.se <br>Referer: http://www.google.com/search?q=apoketet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Sun, 18 Jun 2017 12:18:45 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497788325.4948621; expires=Wed, 16-Jun-2027 12:18:45 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT7BA%2F1fJaFPt8rxsYeQ6oG1MdlzbD6Ze%2BffHRAyfJf1zeuDVLHOwNZJDicHzTgQoihTXng5MLMNt%2Fp0X31uMCgwJAfflYrUDALxeu60PURz1qDiC7gyW9UZw%2F2Yx8eS9He%2BoUTU%2FKRey0UdTFkI3Xv4n8SRVsAmgBm8W1TWOUxsD%2BYXdSov10XyOQ6kxBe40cQeiBSutz7osU%2Fq%2FK4%2FC62hXeAXs3Wxu9XCLuu9xwlYvXOp9zC7zoeAcqE7TuCJkbLbLgB924b1dP%2BVVngEBZjiGxsCmLRwplmecaVl4J56grTROT%2FBkM27OquHa1md1bfDsIcZiaG2pamP85%2Bpypq5vun303VMIONex4yT47GJ37%2Bd9rvcX6oW59L90ICal2xNfs6L1715uPeWxiXjpiStnv9BjCnxmCVatag9QvI9nZ7WRbT5hERhCDHVNnj6dR1350R84n6Y6RElZS8D3hI8EH8Px6y854uW%2FFvLB3GvE9J%2Be0htsOyRNDg6hDrMAAkSCmC8H%2FW6z0B%2B84F5a1xg%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>apoketet.se is on 103.224.212.197<br>ASN for 103.224.212.197: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.197 corresponds with lb-212-197.above.com<br>Abuse.net does not have any reliable address for lb-212-197.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-197.above.com1497853369http://burmaresor.se/ (103.224.212.188) - Serp-hijackingAttacked url: http://burmaresor.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Sun, 18 Jun 2017 14:14:26 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT7BA%2F1fJaFPtCBCwbbz8RRItXZ7h1cor11Gri1Yz3P4Au4t%2B%2FlfB4jjCw%2FfD8seNpqJSxzNyy1dkA3ADPoB6yKXacrXggI%2BGiinepJvd%2F8qwAseMyifEIMfTNn%2F3MWYdu26C1yEqiBYQNzywpV1aYHjw4eNSMjclm6Jv%2FZdnya1NcldqJ8E11BNeDA%2Fb2W1fzOMPDZFvPDX%2FFXBzxKPOMzIChYqRn2K1%2FWPl1UTv0iGlyAz4TkFOMUZZZaHggMYuLMLmDltCG4nTxO74Lm%2BFId9hRLHRMXjCxLPUucVsh0GD%2FKxLVKcCtbmAf5Vo0jCykGpkkicXbWyJI0kECjIkEp4Ur%2F%2BtWgJsQ41xgVk6pxNV2ismY9A5pYzC8Le8bY0wmQhC6A7OVEQRfeLRiA%2FI9zC2LdKokktAZUBm0u0HCAyLNBrzm9mGtbeNHE36SCq0vA5Msa3zqJSGD2bZ8Aw76tfeyWdOvSNiJV0FIHEYItan7Rg0h1HjXd8tqoSfFKZcYkG1rW0%2FIuNi2TzAgUWiPdW9FoFnEkD5DNarGdpgP%2Bf7 <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: burmaresor.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Sun, 18 Jun 2017 12:14:27 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45-0+deb7u8 <br>Set-Cookie: __tad=1497788067.6165244; expires=Wed, 16-Jun-2027 12:14:27 GMT <br>Location: http://ww11.burmaresor.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: burmaresor.se <br>Referer: http://www.google.com/search?q=burmaresor.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Sun, 18 Jun 2017 12:14:26 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497788066.2133423; expires=Wed, 16-Jun-2027 12:14:26 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT7BA%2F1fJaFPtCBCwbbz8RRItXZ7h1cor11Gri1Yz3P4Au4t%2B%2FlfB4jjCw%2FfD8seNpqJSxzNyy1dkA3ADPoB6yKXacrXggI%2BGiinepJvd%2F8qwAseMyifEIMfTNn%2F3MWYdu26C1yEqiBYQNzywpV1aYHjw4eNSMjclm6Jv%2FZdnya1NcldqJ8E11BNeDA%2Fb2W1fzOMPDZFvPDX%2FFXBzxKPOMzIChYqRn2K1%2FWPl1UTv0iGlyAz4TkFOMUZZZaHggMYuLMLmDltCG4nTxO74Lm%2BFId9hRLHRMXjCxLPUucVsh0GD%2FKxLVKcCtbmAf5Vo0jCykGpkkicXbWyJI0kECjIkEp4Ur%2F%2BtWgJsQ41xgVk6pxNV2ismY9A5pYzC8Le8bY0wmQhC6A7OVEQRfeLRiA%2FI9zC2LdKokktAZUBm0u0HCAyLNBrzm9mGtbeNHE36SCq0vA5Msa3zqJSGD2bZ8Aw76tfeyWdOvSNiJV0FIHEYItan7Rg0h1HjXd8tqoSfFKZcYkG1rW0%2FIuNi2TzAgUWiPdW9FoFnEkD5DNarGdpgP%2Bf7 <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>burmaresor.se is on 103.224.212.188<br>ASN for 103.224.212.188: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.188 corresponds with lb-212-188.above.com<br>Abuse.net does not have any reliable address for lb-212-188.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-188.above.com1497853367http://idhaonline.se/ (103.224.212.192) - Serp-hijackingAttacked url: http://idhaonline.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Sun, 18 Jun 2017 13:34:11 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT7BA%2F1fJaFPtgv%2B5Y5IgbaZoDCdeIZhx2Bcce%2Fs3bMTbC2esrxNwhihbE6jjKAoHn01Bgnn0nmGmFXj4vwxt6nuyBoPfDPhg9PCIQNaOU4j1cg8Um6b74MutLgETk4rSN7x0Gwq8Hiy57ao1HnHculC%2BJCkxx0RwLwyJLpB1a%2B%2BEjBJNwsSElOhyuXbZKQHc%2FvS1%2FLuS0rttBbHCGN49DJnCgNy%2FPizwCakPwjety%2B5FHq6qRZUy%2BnMGiAjQBq2orp%2FfSrX3n%2FQ0fl1DHDaWHXm%2FpuqmFQtG3Sb6CvAwmK99xodBLOHNFK9Hst5hSEivwu%2FLcF5ok8nEXMVJJyQcLP4ChjluaPoXzN%2F9XSaKAZMnR5sSXlHCQLTz%2F5RbPYvx5CUMQgNHzEZoWu9wk6IS5TjbK3TELKxL05LdCx8yVwP6SM1k66LH8VG1clONxuPLGzH3PIFD0dpExRxxbX2iyjFNW0%2FLylJFSw1CgZAFlG4n%2By7pOxJCmHVao71xlAsbzK6ckUY5vQ7uuMdym7iAjW0Pmgk3KkoDcQ%3D%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: idhaonline.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Sun, 18 Jun 2017 11:34:11 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497785651.4786904; expires=Wed, 16-Jun-2027 11:34:11 GMT; Max-Age=315360000 <br>Location: http://ww11.idhaonline.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: idhaonline.se <br>Referer: http://www.google.com/search?q=idhaonline.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Sun, 18 Jun 2017 11:34:10 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497785650.7103474; expires=Wed, 16-Jun-2027 11:34:10 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT7BA%2F1fJaFPtgv%2B5Y5IgbaZoDCdeIZhx2Bcce%2Fs3bMTbC2esrxNwhihbE6jjKAoHn01Bgnn0nmGmFXj4vwxt6nuyBoPfDPhg9PCIQNaOU4j1cg8Um6b74MutLgETk4rSN7x0Gwq8Hiy57ao1HnHculC%2BJCkxx0RwLwyJLpB1a%2B%2BEjBJNwsSElOhyuXbZKQHc%2FvS1%2FLuS0rttBbHCGN49DJnCgNy%2FPizwCakPwjety%2B5FHq6qRZUy%2BnMGiAjQBq2orp%2FfSrX3n%2FQ0fl1DHDaWHXm%2FpuqmFQtG3Sb6CvAwmK99xodBLOHNFK9Hst5hSEivwu%2FLcF5ok8nEXMVJJyQcLP4ChjluaPoXzN%2F9XSaKAZMnR5sSXlHCQLTz%2F5RbPYvx5CUMQgNHzEZoWu9wk6IS5TjbK3TELKxL05LdCx8yVwP6SM1k66LH8VG1clONxuPLGzH3PIFD0dpExRxxbX2iyjFNW0%2FLylJFSw1CgZAFlG4n%2By7pOxJCmHVao71xlAsbzK6ckUY5vQ7uuMdym7iAjW0Pmgk3KkoDcQ%3D%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>idhaonline.se is on 103.224.212.192<br>ASN for 103.224.212.192: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.192 corresponds with lb-212-192.above.com<br>Abuse.net does not have any reliable address for lb-212-192.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-192.above.com1497853353http://ludvikakomun.se/ (103.224.212.194) - Serp-hijackingAttacked url: http://ludvikakomun.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Sun, 18 Jun 2017 12:40:23 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT7BA%2F1fJaFPtZqvow9Q7a%2B%2FtGZIjTaFsRmt1sb59TUdbyObwzSHsLiPw%2BRKX4MVnJVwr1IJIsrUA%2FEVC%2B%2FUX%2BUnQrVLCBxJ0jTJ2a%2BtZkg%2FYwgPvMwaFkLvPJxPtYoXTcxXqDXO0Hu%2BWLNkjKgNycRZs2VY%2Bi%2BjCxJF77zJCl%2B0Pi9wv7bDf6fliZW6aQqj%2BmfcyITkcH85GgxBkcijAkbYsr6al%2BGNYUcv4AZSrMxIeIJ5%2BWt6FDFkZ9Ud3DNxHmWZLHu9TJUDlSim4lxn69Z74Oni1SkLeJJPC3bTT9X69XWiObe1oY0Dpt2ChLAb5TeFihh4Evi%2BUJnhSzqhA8rcHBvdE8OygUWVQmyrTpiCnxjMsXutPmgixTFg4zQL0YdZMKywKeEko0DMJDa40j9NhQiuYzgoflJotqhs%2B62LlFMPdii%2FUCixD49BEU%2BJsF4hyACCCMKaE%2FrhdkC1iMJWOFkWAKxouuSwVWFyb%2Fv65WIli9699TMmpH1jJKeQznb1%2FM1%2F0xAVOIDxGrXqbYprMRFHndfciR0p7Xmu4PiASvc5WeV0xzTZpcYiTnhcLHl7gepVpe0Iq <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: ludvikakomun.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Sun, 18 Jun 2017 10:40:24 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497782424.3227931; expires=Wed, 16-Jun-2027 10:40:24 GMT; Max-Age=315360000 <br>Location: http://ww11.ludvikakomun.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: ludvikakomun.se <br>Referer: http://www.google.com/search?q=ludvikakomun.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Sun, 18 Jun 2017 10:40:23 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45-0+deb7u8 <br>Set-Cookie: __tad=1497782423.4915702; expires=Wed, 16-Jun-2027 10:40:23 GMT <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT7BA%2F1fJaFPtZqvow9Q7a%2B%2FtGZIjTaFsRmt1sb59TUdbyObwzSHsLiPw%2BRKX4MVnJVwr1IJIsrUA%2FEVC%2B%2FUX%2BUnQrVLCBxJ0jTJ2a%2BtZkg%2FYwgPvMwaFkLvPJxPtYoXTcxXqDXO0Hu%2BWLNkjKgNycRZs2VY%2Bi%2BjCxJF77zJCl%2B0Pi9wv7bDf6fliZW6aQqj%2BmfcyITkcH85GgxBkcijAkbYsr6al%2BGNYUcv4AZSrMxIeIJ5%2BWt6FDFkZ9Ud3DNxHmWZLHu9TJUDlSim4lxn69Z74Oni1SkLeJJPC3bTT9X69XWiObe1oY0Dpt2ChLAb5TeFihh4Evi%2BUJnhSzqhA8rcHBvdE8OygUWVQmyrTpiCnxjMsXutPmgixTFg4zQL0YdZMKywKeEko0DMJDa40j9NhQiuYzgoflJotqhs%2B62LlFMPdii%2FUCixD49BEU%2BJsF4hyACCCMKaE%2FrhdkC1iMJWOFkWAKxouuSwVWFyb%2Fv65WIli9699TMmpH1jJKeQznb1%2FM1%2F0xAVOIDxGrXqbYprMRFHndfciR0p7Xmu4PiASvc5WeV0xzTZpcYiTnhcLHl7gepVpe0Iq <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>ludvikakomun.se is on 103.224.212.194<br>ASN for 103.224.212.194: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.194 corresponds with lb-212-194.above.com<br>Abuse.net does not have any reliable address for lb-212-194.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-194.above.com1497853344http://weekendhouse.se/ (103.224.212.186) - Serp-hijackingAttacked url: http://weekendhouse.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Sun, 18 Jun 2017 12:22:08 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT7BA%2F1fJaFPt3vPeQ4taqdiQeDq%2FMs%2F2f9L%2FT083%2BqlG41lYoUW7p3VwnSvfPh2cACCaUXD1KJD1Vp3F49w%2Bh7KJfIbgc8Cv4KcwkMHY7Fh5PKL0d97VG2tIkI7nPf9nVkJotA9%2B2LellnLSgeqteudrM0UUHdvMzlQPDS2%2FGS%2BH58t%2FFvBME8BaxiUx2m%2B6YE4YXVFRyN5kiaKEkD%2Ft8cnKOLkKLs9QZFAqLo8yVSYyELk63RBskrgkFJPkAMfy0riR%2BNGQRWtBLheQIGKB9GyBIZUBW5QVwRDKcURyAY1g1eAPXMObBEwtKjZ%2BnDr%2BDGZ8aqr%2FSupVq7C8J6bqLjIeN9JE7BvfAbLeFCaEKwL71PeXvhZuC%2Bxp5uPQ9Y4M0YBapnNjwzrjNPqa8cxRmo6Y7bRZyRoX9%2Bs5hLoYasBJriThV1u%2FfyF1SdbjT2xhCuzIG9R0R70FVQr8emq2qufUION%2B2WMiP1JpWMcS7ZUIOpXn28eiMLdyyYQUpdbWskgmj38%2B5ejZiFLIOqqDI49NawX%2F4rc6eOMDjvGpFMLx <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: weekendhouse.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Sun, 18 Jun 2017 10:22:09 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497781329.1831087; expires=Wed, 16-Jun-2027 10:22:09 GMT; Max-Age=315360000 <br>Location: http://ww11.weekendhouse.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: weekendhouse.se <br>Referer: http://www.google.com/search?q=weekendhouse.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Sun, 18 Jun 2017 10:22:09 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497781329.6620144; expires=Wed, 16-Jun-2027 10:22:09 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT7BA%2F1fJaFPt3vPeQ4taqdiQeDq%2FMs%2F2f9L%2FT083%2BqlG41lYoUW7p3VwnSvfPh2cACCaUXD1KJD1Vp3F49w%2Bh7KJfIbgc8Cv4KcwkMHY7Fh5PKL0d97VG2tIkI7nPf9nVkJotA9%2B2LellnLSgeqteudrM0UUHdvMzlQPDS2%2FGS%2BH58t%2FFvBME8BaxiUx2m%2B6YE4YXVFRyN5kiaKEkD%2Ft8cnKOLkKLs9QZFAqLo8yVSYyELk63RBskrgkFJPkAMfy0riR%2BNGQRWtBLheQIGKB9GyBIZUBW5QVwRDKcURyAY1g1eAPXMObBEwtKjZ%2BnDr%2BDGZ8aqr%2FSupVq7C8J6bqLjIeN9JE7BvfAbLeFCaEKwL71PeXvhZuC%2Bxp5uPQ9Y4M0YBapnNjwzrjNPqa8cxRmo6Y7bRZyRoX9%2Bs5hLoYasBJriThV1u%2FfyF1SdbjT2xhCuzIG9R0R70FVQr8emq2qufUION%2B2WMiP1JpWMcS7ZUIOpXn28eiMLdyyYQUpdbWskgmj38%2B5ejZiFLIOqqDI49NawX%2F4rc6eOMDjvGpFMLx <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>weekendhouse.se is on 103.224.212.186<br>ASN for 103.224.212.186: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.186 corresponds with lb-212-186.above.com<br>Abuse.net does not have any reliable address for lb-212-186.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-186.above.com1497853341http://svenskfastig.se/ (103.224.212.196) - Serp-hijackingAttacked url: http://svenskfastig.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Sun, 18 Jun 2017 11:04:22 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT7BA%2F1fJaFPtQWSF5LNqZozhTL2l3G2Bfgutez2ubMoyJLmOXBTKnRSN6xPrxrhsZ4NH4Ydswj3CfiA3iqBRIiY3L86WWxCl%2FtvHcGFz6ygJc1sG42HW358AHNh7jJrrTHXYo1jb4dnlPmtbTP4JU1OPE%2FLTbO61w8bqCiuQwMvyOxSZJ12fR0M3StvgUjvyVVdjJtrfe3j6fDBqI6GupMwArRUbtAWnzGw%2Bjewm2VudLkAo4%2FmQi0jRnyOmwXYOesy%2FO1rbGHaf%2FRGchtJOOepIF%2B42qOPWu1HGztG2gba4RJZSFfFlOZytAxIw2xLLFyfyFjwnY2y8h9398%2FGGTY%2BD9N9dtbWSQDNefu2PF7Orqt9LNJ2hWI1nk%2FuTQhn2K86GgI5YXagmfQWkoJRCgVSR38txJnkGd4SmHS9RXjbkWZYp5V%2BFVYYbQk%2BRlCyL%2BXeXoDg6NCn9syumTWi%2BzsEhpNhh%2B9Zeh%2FjKqs6Ubni9sigPYzqlCWJIEWB9ZjoEn9JNlH9WEhLqDLFOt3Ra9BDxb9vqXi7%2FyDplzwQv%2BfVKD%2FSdVjVyC0E%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: svenskfastig.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Sun, 18 Jun 2017 09:04:22 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45-0+deb7u8 <br>Set-Cookie: __tad=1497776662.6525161; expires=Wed, 16-Jun-2027 09:04:22 GMT <br>Location: http://ww11.svenskfastig.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: svenskfastig.se <br>Referer: http://www.google.com/search?q=svenskfastig.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Sun, 18 Jun 2017 09:04:21 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497776661.5455390; expires=Wed, 16-Jun-2027 09:04:21 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT7BA%2F1fJaFPtQWSF5LNqZozhTL2l3G2Bfgutez2ubMoyJLmOXBTKnRSN6xPrxrhsZ4NH4Ydswj3CfiA3iqBRIiY3L86WWxCl%2FtvHcGFz6ygJc1sG42HW358AHNh7jJrrTHXYo1jb4dnlPmtbTP4JU1OPE%2FLTbO61w8bqCiuQwMvyOxSZJ12fR0M3StvgUjvyVVdjJtrfe3j6fDBqI6GupMwArRUbtAWnzGw%2Bjewm2VudLkAo4%2FmQi0jRnyOmwXYOesy%2FO1rbGHaf%2FRGchtJOOepIF%2B42qOPWu1HGztG2gba4RJZSFfFlOZytAxIw2xLLFyfyFjwnY2y8h9398%2FGGTY%2BD9N9dtbWSQDNefu2PF7Orqt9LNJ2hWI1nk%2FuTQhn2K86GgI5YXagmfQWkoJRCgVSR38txJnkGd4SmHS9RXjbkWZYp5V%2BFVYYbQk%2BRlCyL%2BXeXoDg6NCn9syumTWi%2BzsEhpNhh%2B9Zeh%2FjKqs6Ubni9sigPYzqlCWJIEWB9ZjoEn9JNlH9WEhLqDLFOt3Ra9BDxb9vqXi7%2FyDplzwQv%2BfVKD%2FSdVjVyC0E%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>svenskfastig.se is on 103.224.212.196<br>ASN for 103.224.212.196: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.196 corresponds with lb-212-196.above.com<br>Abuse.net does not have any reliable address for lb-212-196.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-196.above.com1497853334