Säkrare hemsida med .sehttp://cracked.se/ (103.224.212.191) - Serp-hijackingAttacked url: http://cracked.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 12 Jul 2017 12:44:45 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT%2Bzwn10jVoD4M3PpgSppK69kT%2B6Kf6kmE2XqyworK8mVt68vvvgxbNZ0W6e%2FcZuip%2FL1OCQXV5glVeLyHkfM7IwuOQr0%2BpmRG2%2FofFKMK%2B%2Bw7SOhRZ58YtUK1GQdWknk1h4%2BSWbU591%2FfDqKiDrPX6qc2XyE%2FWPT1q5sqgH1Vxr6XZ3bKNvvoSY%2FPthOpKFLGzPecvsm6umSeplOCW1qUS%2BeNDFDEPrrEQOtBT6itOuQVl54ig%2F3e9H%2BrSfNq6GtgG04Yu1pdibGMnEIve5NQeeW00ccflZ4Jh7aK3sSzHgNdbxqRQju%2FzCQodKpggOcHyvKiRWjQUJ3WgOjz04Bi%2BJnU3rAGAZeT3eGfseswSwTXF1WB4bcV3xRFchgRwncfbw89Vxh9vTudTzdn9MOqduXF%2FlymtBClI5xHVxhU87sMnJLqehMI3xG4Q4QA29R42N7rBG%2BfEWbHtsjOVIiHCH31Yh%2Fcq0CIodx2X7367uFNZfSllBNYIE0%2BgpzQxxhuEGK4Os9JNltmqBDp6GbqGw%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: cracked.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Wed, 12 Jul 2017 10:44:45 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499856285.3068132; expires=Sat, 10-Jul-2027 10:44:45 GMT; Max-Age=315360000 <br>Location: http://ww11.cracked.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: cracked.se <br>Referer: http://www.google.com/search?q=cracked.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Wed, 12 Jul 2017 10:44:44 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499856284.4468484; expires=Sat, 10-Jul-2027 10:44:44 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT%2Bzwn10jVoD4M3PpgSppK69kT%2B6Kf6kmE2XqyworK8mVt68vvvgxbNZ0W6e%2FcZuip%2FL1OCQXV5glVeLyHkfM7IwuOQr0%2BpmRG2%2FofFKMK%2B%2Bw7SOhRZ58YtUK1GQdWknk1h4%2BSWbU591%2FfDqKiDrPX6qc2XyE%2FWPT1q5sqgH1Vxr6XZ3bKNvvoSY%2FPthOpKFLGzPecvsm6umSeplOCW1qUS%2BeNDFDEPrrEQOtBT6itOuQVl54ig%2F3e9H%2BrSfNq6GtgG04Yu1pdibGMnEIve5NQeeW00ccflZ4Jh7aK3sSzHgNdbxqRQju%2FzCQodKpggOcHyvKiRWjQUJ3WgOjz04Bi%2BJnU3rAGAZeT3eGfseswSwTXF1WB4bcV3xRFchgRwncfbw89Vxh9vTudTzdn9MOqduXF%2FlymtBClI5xHVxhU87sMnJLqehMI3xG4Q4QA29R42N7rBG%2BfEWbHtsjOVIiHCH31Yh%2Fcq0CIodx2X7367uFNZfSllBNYIE0%2BgpzQxxhuEGK4Os9JNltmqBDp6GbqGw%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>cracked.se is on 103.224.212.191<br>ASN for 103.224.212.191: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.191 corresponds with lb-212-191.above.com<br>Abuse.net does not have any reliable address for lb-212-191.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-191.above.com1499859845http://namdemansgarden.se/ (103.224.212.199) - Serp-hijackingAttacked url: http://namdemansgarden.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 12 Jul 2017 11:59:43 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT%2Bzwn10jVoD4Ivwc1x5zJe7bo8yb2KiOAjojBqKUFISEE01d7cImddASUjbFKnfy%2BOskmjzJj4ZMnAu03Kli0oS%2B5jSUZa8pTZ4VWWKARjahi3xweCbIg0FVy%2BlRRqDK4NmwATfZR76bqoUWirb88oQRvys23SRzKkFW5f7FdYhyhwj4VeIAAyaxJ0LW9MkTcdn7fRy1hbwMeo6RcgENW0uVXDafL4rDN9y0%2BDDUctVUS%2BPS9eJAqcyRJeGPJyMyOWTYSyvJ4OCNfxtYmcL%2Ba%2BOw6o%2BJLGwVip8CfixCpZzBnPADbZfflBbGvS1OumPZQd%2F%2B%2FeVdMFLX7FCwRUE60ZyMiv7hkTkNpVdt9fa2oKPnYnLwg%2FzXo%2F0UfAjpXo0JURWyEhrVrnQ6UPqpcLrx0%2Bzob45JdIvy0ito6esOtmvvvK1%2F0m0Mz9ZOyc4l5Lc6IPc6jZbWDKbxwN0IBnGcvPWnfwlRcgUXrhCbxP0H2Iy3PLGXrumQkIWOO3czSsO5PxC90r%2FgUTKvuXQT0tPlEPN2%2B5tv%2Fy%2B7wEOawvN51Vze <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: namdemansgarden.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Wed, 12 Jul 2017 09:59:50 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499853590.2013695; expires=Sat, 10-Jul-2027 09:59:50 GMT; Max-Age=315360000 <br>Location: http://ww11.namdemansgarden.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: namdemansgarden.se <br>Referer: http://www.google.com/search?q=namdemansgarden.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Wed, 12 Jul 2017 09:59:49 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499853589.5262090; expires=Sat, 10-Jul-2027 09:59:49 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT%2Bzwn10jVoD4Ivwc1x5zJe7bo8yb2KiOAjojBqKUFISEE01d7cImddASUjbFKnfy%2BOskmjzJj4ZMnAu03Kli0oS%2B5jSUZa8pTZ4VWWKARjahi3xweCbIg0FVy%2BlRRqDK4NmwATfZR76bqoUWirb88oQRvys23SRzKkFW5f7FdYhyhwj4VeIAAyaxJ0LW9MkTcdn7fRy1hbwMeo6RcgENW0uVXDafL4rDN9y0%2BDDUctVUS%2BPS9eJAqcyRJeGPJyMyOWTYSyvJ4OCNfxtYmcL%2Ba%2BOw6o%2BJLGwVip8CfixCpZzBnPADbZfflBbGvS1OumPZQd%2F%2B%2FeVdMFLX7FCwRUE60ZyMiv7hkTkNpVdt9fa2oKPnYnLwg%2FzXo%2F0UfAjpXo0JURWyEhrVrnQ6UPqpcLrx0%2Bzob45JdIvy0ito6esOtmvvvK1%2F0m0Mz9ZOyc4l5Lc6IPc6jZbWDKbxwN0IBnGcvPWnfwlRcgUXrhCbxP0H2Iy3PLGXrumQkIWOO3czSsO5PxC90r%2FgUTKvuXQT0tPlEPN2%2B5tv%2Fy%2B7wEOawvN51Vze <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>namdemansgarden.se is on 103.224.212.199<br>ASN for 103.224.212.199: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.199 corresponds with lb-212-199.above.com<br>Abuse.net does not have any reliable address for lb-212-199.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-199.above.com1499859754http://hyllingebus.se/ (103.224.212.187) - Serp-hijackingAttacked url: http://hyllingebus.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 12 Jul 2017 11:45:57 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT%2Bzwn10jVoD4ZeYBChUL5KtGKr4TbbCWea5LU32AfpfUbc4lIzaTcT%2FSuaeCZQxRPEQdfv5cOBezhiEZA%2FEryOLsbh8tnZJvzU0beJwG7IlcpOtDP4Qcd5mI0p8n3b%2BhqBoCSPmiGmtq3pK6yojHYOWAWk7jvJgvYgNSQJUeAgKCBHK%2BXQtHKFyfuSwsK%2FJGDKB8QWFhVcwD3x%2FTzLGomwD4kHeOJGhiyZdoDrs2Myx2JyVQdEUEIBkz2928TBUQS5t7%2BceRNp3IwHD6hCPpy8qiWo2fGdfTwTH6iRotRrNmvQsRTbjmT7%2Ft1%2FbgFRW9qHiLDeIPKYSh0H93VVgSFug4aRvMW2vKqT2mf8kDXNB3v3Ni%2BfPKgOhlwJb8S9dWTse6hdOoDylcM1DWpJlmPTzCfGTkJ1EGSzXmEvazlqVbPjna6uWyVyyyTFOSN%2BviC314MKkBzu16HcAdfZHj8H1teFGs7CXd1pDYZqeK9KudL8O3QKWXN%2F98%2BNedpxFlyJdtKgpidxbp5L3k6IVzDCBIiy6ItzOcXw%3D%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: hyllingebus.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Wed, 12 Jul 2017 09:45:57 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499852757.1714777; expires=Sat, 10-Jul-2027 09:45:57 GMT; Max-Age=315360000 <br>Location: http://ww11.hyllingebus.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: hyllingebus.se <br>Referer: http://www.google.com/search?q=hyllingebus.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Wed, 12 Jul 2017 09:45:56 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499852756.1087853; expires=Sat, 10-Jul-2027 09:45:56 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT%2Bzwn10jVoD4ZeYBChUL5KtGKr4TbbCWea5LU32AfpfUbc4lIzaTcT%2FSuaeCZQxRPEQdfv5cOBezhiEZA%2FEryOLsbh8tnZJvzU0beJwG7IlcpOtDP4Qcd5mI0p8n3b%2BhqBoCSPmiGmtq3pK6yojHYOWAWk7jvJgvYgNSQJUeAgKCBHK%2BXQtHKFyfuSwsK%2FJGDKB8QWFhVcwD3x%2FTzLGomwD4kHeOJGhiyZdoDrs2Myx2JyVQdEUEIBkz2928TBUQS5t7%2BceRNp3IwHD6hCPpy8qiWo2fGdfTwTH6iRotRrNmvQsRTbjmT7%2Ft1%2FbgFRW9qHiLDeIPKYSh0H93VVgSFug4aRvMW2vKqT2mf8kDXNB3v3Ni%2BfPKgOhlwJb8S9dWTse6hdOoDylcM1DWpJlmPTzCfGTkJ1EGSzXmEvazlqVbPjna6uWyVyyyTFOSN%2BviC314MKkBzu16HcAdfZHj8H1teFGs7CXd1pDYZqeK9KudL8O3QKWXN%2F98%2BNedpxFlyJdtKgpidxbp5L3k6IVzDCBIiy6ItzOcXw%3D%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>hyllingebus.se is on 103.224.212.187<br>ASN for 103.224.212.187: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.187 corresponds with lb-212-187.above.com<br>Abuse.net does not have any reliable address for lb-212-187.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-212-187.above.com abuse@above.com1499859733http://aftpnbladet.se/ (103.224.212.195) - Serp-hijackingAttacked url: http://aftpnbladet.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 12 Jul 2017 11:39:50 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT%2Bzwn10jVoD4rwIU0%2Bs%2FVpadwLsXiUXR7j0mo56mV8Y1aieyqysSIjn5lp7dWTSGWMxUYZVajIFiJR8%2B9cJ1RNFcI%2F0%2BKiGcBLrxpKresjGUpA0f%2FfdPhPzFgzjvYpMvKnYoTTeVFsPPFQCuO6FwDw%2FGPbb6HkMwf5Ih8fiiGaopo30OKWOHuZUp29D0Gyq0oqaczN5PIKk9X8OwQUSDis%2Bm1%2BPX5dBE3ha8Eg4PqBGb2D3sygLhb6XK66OctS1Vj9AXpHxphd6tpHi%2BtNhLJKbFQjbDXickCozvm%2Fb5L6d25y1hyRCBSkkmcX69SPCIAJEXuRTzJBWzKXXRJTKXlzwb2WZ1rtXQnP9RQEb%2BbcjnkNU3WPuZKdlqBH5Ouq334x4fm9ocEG7us59lbybxyOIiB2FEHfQrCW9KLj8Fmi2JAPH6u8ebSOh0LI72lBmi7Q9freBIanf34kx0DCv99fAMVMOdXaLg2RE2f3PlS%2Bgg4A0qCpPGrMZ5pr%2B1588XH9Hw2fBtRVsOedx7RcnCS5Op5c05b%2BxzDdp7t4F27hnZ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: aftpnbladet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Wed, 12 Jul 2017 09:39:57 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499852397.7700387; expires=Sat, 10-Jul-2027 09:39:57 GMT; Max-Age=315360000 <br>Location: http://ww38.aftpnbladet.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: aftpnbladet.se <br>Referer: http://www.google.com/search?q=aftpnbladet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Wed, 12 Jul 2017 09:39:56 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499852396.5526884; expires=Sat, 10-Jul-2027 09:39:56 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT%2Bzwn10jVoD4rwIU0%2Bs%2FVpadwLsXiUXR7j0mo56mV8Y1aieyqysSIjn5lp7dWTSGWMxUYZVajIFiJR8%2B9cJ1RNFcI%2F0%2BKiGcBLrxpKresjGUpA0f%2FfdPhPzFgzjvYpMvKnYoTTeVFsPPFQCuO6FwDw%2FGPbb6HkMwf5Ih8fiiGaopo30OKWOHuZUp29D0Gyq0oqaczN5PIKk9X8OwQUSDis%2Bm1%2BPX5dBE3ha8Eg4PqBGb2D3sygLhb6XK66OctS1Vj9AXpHxphd6tpHi%2BtNhLJKbFQjbDXickCozvm%2Fb5L6d25y1hyRCBSkkmcX69SPCIAJEXuRTzJBWzKXXRJTKXlzwb2WZ1rtXQnP9RQEb%2BbcjnkNU3WPuZKdlqBH5Ouq334x4fm9ocEG7us59lbybxyOIiB2FEHfQrCW9KLj8Fmi2JAPH6u8ebSOh0LI72lBmi7Q9freBIanf34kx0DCv99fAMVMOdXaLg2RE2f3PlS%2Bgg4A0qCpPGrMZ5pr%2B1588XH9Hw2fBtRVsOedx7RcnCS5Op5c05b%2BxzDdp7t4F27hnZ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>aftpnbladet.se is on 103.224.212.195<br>ASN for 103.224.212.195: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.195 corresponds with lb-212-195.above.com<br>Abuse.net does not have any reliable address for lb-212-195.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-195.above.com1499859727http://skolkompassen.se/ (103.224.212.187) - Serp-hijackingAttacked url: http://skolkompassen.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 12 Jul 2017 10:02:57 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT%2Bzwn10jVoD4tgZVvtwzpHUBNrXhyrdDjkPPBXOfdDBdlYMNFaQ0JW4GNYnDr%2BbLRBHm0SxwPiAwPMDKtoLLlsGVM9aMTuG7Xe05MWOsmabT2B%2BShdL%2BtzJZUP2xtRqNYJSbruPK89tFSZAwBSkVHFyfnZwBjsPPlWKULzi2%2B6SFRFUsK8QbPGpJW3pqzEJDSsjkat99TY8YYYhxl%2F%2FBBMPsypEV%2F7KovBQ7MI4uneTapfu3Rww1l09CRcB63%2Bxu3cX20kgSSDGSKLAuOrYORnJc4Utp%2BOx6dCyAAKILcJS0t1Gx4IZ2ceM0%2FqW7jYIz1T%2BMMReUvnJ2UvuQbH10rcW%2FmUgaVnARMsuyURqiiHYufeQ63fwEcnvBHE0fL76ExFV%2FS0Qk0K3HRuaAx7UgMNwNtOtf2KEGP2qLPaY%2FS5ownU%2BojzayQ%2B4MIQ%2BKunpUMBgMs0HPgvCvSOIAoGjqTqGnDXcBQqiZaW%2BjwRnwHPW97XeUU7JzgcZEybJbxSVyG%2FyiSp2tUVBMVzzQSbjHylfg2j1ZZ03GvyBWYSX8KWl%2B <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: skolkompassen.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Wed, 12 Jul 2017 08:02:57 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499846577.1799800; expires=Sat, 10-Jul-2027 08:02:57 GMT; Max-Age=315360000 <br>Location: http://ww38.skolkompassen.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: skolkompassen.se <br>Referer: http://www.google.com/search?q=skolkompassen.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Wed, 12 Jul 2017 08:02:56 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499846576.2528834; expires=Sat, 10-Jul-2027 08:02:56 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT%2Bzwn10jVoD4tgZVvtwzpHUBNrXhyrdDjkPPBXOfdDBdlYMNFaQ0JW4GNYnDr%2BbLRBHm0SxwPiAwPMDKtoLLlsGVM9aMTuG7Xe05MWOsmabT2B%2BShdL%2BtzJZUP2xtRqNYJSbruPK89tFSZAwBSkVHFyfnZwBjsPPlWKULzi2%2B6SFRFUsK8QbPGpJW3pqzEJDSsjkat99TY8YYYhxl%2F%2FBBMPsypEV%2F7KovBQ7MI4uneTapfu3Rww1l09CRcB63%2Bxu3cX20kgSSDGSKLAuOrYORnJc4Utp%2BOx6dCyAAKILcJS0t1Gx4IZ2ceM0%2FqW7jYIz1T%2BMMReUvnJ2UvuQbH10rcW%2FmUgaVnARMsuyURqiiHYufeQ63fwEcnvBHE0fL76ExFV%2FS0Qk0K3HRuaAx7UgMNwNtOtf2KEGP2qLPaY%2FS5ownU%2BojzayQ%2B4MIQ%2BKunpUMBgMs0HPgvCvSOIAoGjqTqGnDXcBQqiZaW%2BjwRnwHPW97XeUU7JzgcZEybJbxSVyG%2FyiSp2tUVBMVzzQSbjHylfg2j1ZZ03GvyBWYSX8KWl%2B <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>skolkompassen.se is on 103.224.212.187<br>ASN for 103.224.212.187: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.187 corresponds with lb-212-187.above.com<br>Abuse.net does not have any reliable address for lb-212-187.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-212-187.above.com abuse@above.com1499859592http://vikinglline.se/ (103.224.212.199) - Serp-hijackingAttacked url: http://vikinglline.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 12 Jul 2017 08:48:43 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT%2Bzwn10jVoD4WY4esDyspdB0pv7hat1ysvpLap7bTM6jt4z7JcSZpXpl9GVyYsWfz%2BtLQAIyCT9yix3v9P2gxuv2e7ADf%2BwCetG0PJFTiGuK88WRro2AkqIUOIzeL%2B78SdwROUDjyOUfuUidBTINdmV%2FduLkhT9Jn5xzrBh3JSRySTpD6nb5fgbyG8mqGxku6qPTbctyMBlHGw9JOFwFa6Z%2BHj%2B%2BWG573VPGfe0EpnjRGZz1kOM%2FOd5mzzJf7HNGAzMtAt7veigWQqicvdsUNBcqhUbDZvVeoHmVmwqEjwN3Xqq9xikSCIxZVMZhK6mDGwJzOdeWws%2Bi0fpgef6yUj8hYsGG529YPjPkwDwl%2BOG9cbek8vUEg08Vs2jnRaRn92sW%2F%2FithhLUROwPyWenEIi%2Bgtl3kW%2BXFpFYUnzqRwP61XDqSAFpV3jDv9ZW%2FsX%2FQvlfwsGqaLUNIn758XbZYj%2BFgEUc9Jxp%2BmJBKB64%2BPMZNxpRYC3y%2FyzTsX%2BCWQSanlh%2Fk4TagPxtTYybl4eGIhMQ602UdvrdpQ%3D%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: vikinglline.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Wed, 12 Jul 2017 06:48:43 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499842123.2064961; expires=Sat, 10-Jul-2027 06:48:43 GMT; Max-Age=315360000 <br>Location: http://ww11.vikinglline.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: vikinglline.se <br>Referer: http://www.google.com/search?q=vikinglline.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Wed, 12 Jul 2017 06:48:42 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499842122.5387221; expires=Sat, 10-Jul-2027 06:48:42 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT%2Bzwn10jVoD4WY4esDyspdB0pv7hat1ysvpLap7bTM6jt4z7JcSZpXpl9GVyYsWfz%2BtLQAIyCT9yix3v9P2gxuv2e7ADf%2BwCetG0PJFTiGuK88WRro2AkqIUOIzeL%2B78SdwROUDjyOUfuUidBTINdmV%2FduLkhT9Jn5xzrBh3JSRySTpD6nb5fgbyG8mqGxku6qPTbctyMBlHGw9JOFwFa6Z%2BHj%2B%2BWG573VPGfe0EpnjRGZz1kOM%2FOd5mzzJf7HNGAzMtAt7veigWQqicvdsUNBcqhUbDZvVeoHmVmwqEjwN3Xqq9xikSCIxZVMZhK6mDGwJzOdeWws%2Bi0fpgef6yUj8hYsGG529YPjPkwDwl%2BOG9cbek8vUEg08Vs2jnRaRn92sW%2F%2FithhLUROwPyWenEIi%2Bgtl3kW%2BXFpFYUnzqRwP61XDqSAFpV3jDv9ZW%2FsX%2FQvlfwsGqaLUNIn758XbZYj%2BFgEUc9Jxp%2BmJBKB64%2BPMZNxpRYC3y%2FyzTsX%2BCWQSanlh%2Fk4TagPxtTYybl4eGIhMQ602UdvrdpQ%3D%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>vikinglline.se is on 103.224.212.199<br>ASN for 103.224.212.199: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.199 corresponds with lb-212-199.above.com<br>Abuse.net does not have any reliable address for lb-212-199.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-199.above.com1499845111http://narutoge.se/ (103.224.212.190) - Serp-hijackingAttacked url: http://narutoge.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 12 Jul 2017 07:44:27 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT%2Bzwn10jVoD4IdLzzGPCkCvnOlb7PgCnhb8VcasUDBrGjCLT1Fsbsa3kosx7%2F3ZTVKHnqJ6wLp02VoSzIUp6fD%2FosIY8erh9N3%2BWkfROy3iKm9XUb9713PuLtKGK7yNPU6vgxipMFvbT%2BrLO6ejOkWJ2todSp%2BQV4LAcO2noXVGvU9P8gvhslVBdeb2albgq3l9EnUYAj9nWsj2Q7Euokfknbni%2BiKE2cWDmH7SpzdLbovyC%2FVxRatnNc4MdUUwzfMaR6pW9nxL8BSbM9mqTh69FCBJe5GOc5lTLoYXK0fZO37rFvJmkEd7JYUHiDCIlUGbsajzdm%2F5B2b0JG4wVa5Jpi6jALNh7iptvUzENFH%2BIKiinQduHrEmP%2B7S%2FaLDQTpmxC3OClTqWk5AlxZ1IbfyVNRk9Byi2y%2B%2FVwxDcbq2FEbTTzBUSMEl8dw36sG9KKNCnPSjhHuDhLy%2FKi%2BGlhVOOfBvvg1l9S8kvm4mbjNEemsUbVWf7Dd4aenGg8LaGn3QagtGNjkLJnlxeat8aR3I%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: narutoge.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Wed, 12 Jul 2017 05:44:27 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499838267.7596076; expires=Sat, 10-Jul-2027 05:44:27 GMT; Max-Age=315360000 <br>Location: http://ww11.narutoge.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: narutoge.se <br>Referer: http://www.google.com/search?q=narutoge.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Wed, 12 Jul 2017 05:44:26 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499838266.5959309; expires=Sat, 10-Jul-2027 05:44:26 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT%2Bzwn10jVoD4IdLzzGPCkCvnOlb7PgCnhb8VcasUDBrGjCLT1Fsbsa3kosx7%2F3ZTVKHnqJ6wLp02VoSzIUp6fD%2FosIY8erh9N3%2BWkfROy3iKm9XUb9713PuLtKGK7yNPU6vgxipMFvbT%2BrLO6ejOkWJ2todSp%2BQV4LAcO2noXVGvU9P8gvhslVBdeb2albgq3l9EnUYAj9nWsj2Q7Euokfknbni%2BiKE2cWDmH7SpzdLbovyC%2FVxRatnNc4MdUUwzfMaR6pW9nxL8BSbM9mqTh69FCBJe5GOc5lTLoYXK0fZO37rFvJmkEd7JYUHiDCIlUGbsajzdm%2F5B2b0JG4wVa5Jpi6jALNh7iptvUzENFH%2BIKiinQduHrEmP%2B7S%2FaLDQTpmxC3OClTqWk5AlxZ1IbfyVNRk9Byi2y%2B%2FVwxDcbq2FEbTTzBUSMEl8dw36sG9KKNCnPSjhHuDhLy%2FKi%2BGlhVOOfBvvg1l9S8kvm4mbjNEemsUbVWf7Dd4aenGg8LaGn3QagtGNjkLJnlxeat8aR3I%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>narutoge.se is on 103.224.212.190<br>ASN for 103.224.212.190: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.190 corresponds with lb-212-190.above.com<br>Abuse.net does not have any reliable address for lb-212-190.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-190.above.com1499845093http://racingspel.se/ (103.224.212.196) - Serp-hijackingAttacked url: http://racingspel.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 12 Jul 2017 06:59:07 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT%2Bzwn10jVoD47dDRnW6uoXfBoCZHKStFNNqb05VDEz6%2BKq7dGrEJgpL6iS9pdCtpAoK5iKJQudh6mRppchEFLHYGhpsV70XhZ04%2FS9m1%2FGvMrQk%2Bu3hcs%2BJ4f1WEEbwCg%2F%2BPtJi6w4mpyjPbuzVWHcIEXSEiHXWt1pjriEYtq67BcLlUcaThet5L%2Br9EY6uYtI%2BEqhP5SU2VlU3WQG9RBN2j3CkViYB0STO5gmBiFQCrah4qBuXKqN15dLIYshlEmOYu6P7o8CxE5lrFTOTQQ9LzS8A%2FPFpKh8papzpr%2FPQ3fjHOHptYe06AhudFY7VnGUaTwYb7S3d%2FWdZ3PmbMeEdqGIWSkEydRBrRKJI2J32Ow0f0BJDFsBfiF3XCNpT4pVtYvrCVuH7iMiWO5G%2FFB6pKHI377Y1lOVckNKa2Re8BJLMrlRmm4j575b7PAT1uD7oSoyCGzRiHGcL0%2BfNHywJeOamH7f%2Bu%2B9HodpUptHd%2FXUjZqAK%2BFQekYFxBOJ6kc%2BZX1fwjpFVNQzjJ31VTqhLdBeaufHhesg%3D%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: racingspel.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Wed, 12 Jul 2017 04:59:14 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499835554.2808358; expires=Sat, 10-Jul-2027 04:59:14 GMT; Max-Age=315360000 <br>Location: http://ww11.racingspel.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: racingspel.se <br>Referer: http://www.google.com/search?q=racingspel.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Wed, 12 Jul 2017 04:59:13 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499835554.2302951; expires=Sat, 10-Jul-2027 04:59:14 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT%2Bzwn10jVoD47dDRnW6uoXfBoCZHKStFNNqb05VDEz6%2BKq7dGrEJgpL6iS9pdCtpAoK5iKJQudh6mRppchEFLHYGhpsV70XhZ04%2FS9m1%2FGvMrQk%2Bu3hcs%2BJ4f1WEEbwCg%2F%2BPtJi6w4mpyjPbuzVWHcIEXSEiHXWt1pjriEYtq67BcLlUcaThet5L%2Br9EY6uYtI%2BEqhP5SU2VlU3WQG9RBN2j3CkViYB0STO5gmBiFQCrah4qBuXKqN15dLIYshlEmOYu6P7o8CxE5lrFTOTQQ9LzS8A%2FPFpKh8papzpr%2FPQ3fjHOHptYe06AhudFY7VnGUaTwYb7S3d%2FWdZ3PmbMeEdqGIWSkEydRBrRKJI2J32Ow0f0BJDFsBfiF3XCNpT4pVtYvrCVuH7iMiWO5G%2FFB6pKHI377Y1lOVckNKa2Re8BJLMrlRmm4j575b7PAT1uD7oSoyCGzRiHGcL0%2BfNHywJeOamH7f%2Bu%2B9HodpUptHd%2FXUjZqAK%2BFQekYFxBOJ6kc%2BZX1fwjpFVNQzjJ31VTqhLdBeaufHhesg%3D%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>racingspel.se is on 103.224.212.196<br>ASN for 103.224.212.196: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.196 corresponds with lb-212-196.above.com<br>Abuse.net does not have any reliable address for lb-212-196.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-212-196.above.com abuse@above.com1499845065http://xn--bjrnbio-b1a.se/ (103.224.212.192) - Serp-hijackingAttacked url: http://xn--bjrnbio-b1a.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 12 Jul 2017 04:30:01 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT%2Bzwn10jVoD4npwLaleydww%2F%2F8g%2FdKH89ZWt0cg1thkNxM%2BTrHdSOHA8s%2BmYhU457nIWMIRaXm8pQyfOjGogyd61FuD81H3Bu8gNIY%2FuHHxVN9W34zH5aM7yRbJZ56MGivC%2BoUq3onz3wBvYDJ5HZ4BnA%2FcF9kFsGPXHPTWCnBTW7YUD4e28KPkSoo7H1uYzmdMSosYN1LfBxF52gbkAvgN7C0As7nFevHOaMzQNKSO0TAQjOH8grqPf5OiBLk%2Be2dX5bnUFSfFNqJ1%2BAmkUyHNoI7HwOTPXTRh1E%2FbHzVdt4qcO0SpJ1Z5yTsQQpTHzE7oc1t0lw5qMXlZuTmJJn58lHpxBVtnIUaf%2F90XbcgHeiq2GRjKP3NrGXkJSczTjGR9XC1WgDyFfUCGcANu5C6ZlEJXCmADHXJr%2B6G4lLOGDb5I4RDB%2B3ljRZJ%2BOjPcYfb6Uq%2BAmiZznltN0rQobwc6F4rBvjtDLRg5eVBKm5jLeHHPg%2BthQVIn%2F5qF3EfLieOoLnlEoyVIbSPwkH0l0%2Bc12Vizp%2Fn3AZMWXJX%2BaA9Jy <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: xn--bjrnbio-b1a.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Wed, 12 Jul 2017 02:30:08 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499826608.4435002; expires=Sat, 10-Jul-2027 02:30:08 GMT; Max-Age=315360000 <br>Location: http://ww38.xn--bjrnbio-b1a.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: xn--bjrnbio-b1a.se <br>Referer: http://www.google.com/search?q=xn--bjrnbio-b1a.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Wed, 12 Jul 2017 02:30:07 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499826607.8224461; expires=Sat, 10-Jul-2027 02:30:07 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT%2Bzwn10jVoD4npwLaleydww%2F%2F8g%2FdKH89ZWt0cg1thkNxM%2BTrHdSOHA8s%2BmYhU457nIWMIRaXm8pQyfOjGogyd61FuD81H3Bu8gNIY%2FuHHxVN9W34zH5aM7yRbJZ56MGivC%2BoUq3onz3wBvYDJ5HZ4BnA%2FcF9kFsGPXHPTWCnBTW7YUD4e28KPkSoo7H1uYzmdMSosYN1LfBxF52gbkAvgN7C0As7nFevHOaMzQNKSO0TAQjOH8grqPf5OiBLk%2Be2dX5bnUFSfFNqJ1%2BAmkUyHNoI7HwOTPXTRh1E%2FbHzVdt4qcO0SpJ1Z5yTsQQpTHzE7oc1t0lw5qMXlZuTmJJn58lHpxBVtnIUaf%2F90XbcgHeiq2GRjKP3NrGXkJSczTjGR9XC1WgDyFfUCGcANu5C6ZlEJXCmADHXJr%2B6G4lLOGDb5I4RDB%2B3ljRZJ%2BOjPcYfb6Uq%2BAmiZznltN0rQobwc6F4rBvjtDLRg5eVBKm5jLeHHPg%2BthQVIn%2F5qF3EfLieOoLnlEoyVIbSPwkH0l0%2Bc12Vizp%2Fn3AZMWXJX%2BaA9Jy <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>xn--bjrnbio-b1a.se is on 103.224.212.192<br>ASN for 103.224.212.192: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.192 corresponds with lb-212-192.above.com<br>Abuse.net does not have any reliable address for lb-212-192.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-212-192.above.com abuse@above.com1499844954http://apicellae.se/ (103.224.212.193) - Serp-hijackingAttacked url: http://apicellae.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 11 Jul 2017 23:57:21 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT%2Bzwn10jVoD4TGYzYLwDltswBhmLch%2BDNGmNGd6PYSpWBJsfuLYQkdvPI%2F%2F%2BObu8Dx6m05iP5kfRLPAHlctfahHb3MB0THN9Ny5hCL%2FQGVmds8%2F2cBhT1djNEHBeHigaVIYTtyQyyp9bQfDkrV3vAupAzA2A4j%2F%2ByPWQfHS7er17alQWhoYMboBZ4YE3xd25EYRmFZYfUUHKAaZDQl6CjBEPkR5hIh0Ea8B62%2BCtjRmzMu23iE%2FquwE4v2ZFL0Qqp1kMKNtysC%2BOZZtzRRf5jvV%2FNpScHyAIkzUimeBkbnIZSGtDBxC7iGf5alNRC7NQK81%2Fllz4EuhqaGpz6L%2F9m70RuM9YAd%2BnFlC7MsEjjz%2Bj3SsBzSVhxFadNB6iGWelTptT9k%2FFosbap%2BncR7S47NmvbK47k7an2GPkl6CdePjql4BzBUzAn4F9CwckwhMAcyGm7ggZuV93dBBPYMlQ9chY9wyZ76hm%2B14LtSvxEuvpFCbowYwJgYVQ%2BtGZIaRZ9bxsqsvwLSXH42JgZG7qwG0%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: apicellae.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 11 Jul 2017 21:57:28 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499810248.3318563; expires=Fri, 09-Jul-2027 21:57:28 GMT; Max-Age=315360000 <br>Location: http://ww11.apicellae.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: apicellae.se <br>Referer: http://www.google.com/search?q=apicellae.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 11 Jul 2017 21:57:27 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499810247.1519885; expires=Fri, 09-Jul-2027 21:57:27 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT%2Bzwn10jVoD4TGYzYLwDltswBhmLch%2BDNGmNGd6PYSpWBJsfuLYQkdvPI%2F%2F%2BObu8Dx6m05iP5kfRLPAHlctfahHb3MB0THN9Ny5hCL%2FQGVmds8%2F2cBhT1djNEHBeHigaVIYTtyQyyp9bQfDkrV3vAupAzA2A4j%2F%2ByPWQfHS7er17alQWhoYMboBZ4YE3xd25EYRmFZYfUUHKAaZDQl6CjBEPkR5hIh0Ea8B62%2BCtjRmzMu23iE%2FquwE4v2ZFL0Qqp1kMKNtysC%2BOZZtzRRf5jvV%2FNpScHyAIkzUimeBkbnIZSGtDBxC7iGf5alNRC7NQK81%2Fllz4EuhqaGpz6L%2F9m70RuM9YAd%2BnFlC7MsEjjz%2Bj3SsBzSVhxFadNB6iGWelTptT9k%2FFosbap%2BncR7S47NmvbK47k7an2GPkl6CdePjql4BzBUzAn4F9CwckwhMAcyGm7ggZuV93dBBPYMlQ9chY9wyZ76hm%2B14LtSvxEuvpFCbowYwJgYVQ%2BtGZIaRZ9bxsqsvwLSXH42JgZG7qwG0%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>apicellae.se is on 103.224.212.193<br>ASN for 103.224.212.193: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.193 corresponds with lb-212-193.above.com<br>Abuse.net does not have any reliable address for lb-212-193.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-212-193.above.com abuse@above.com1499844096http://luv.nu/ (103.224.182.249) - Serp-hijackingAttacked url: http://luv.nu/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 11 Jul 2017 23:56:43 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT%2Bzwn10jVoD41mCkxmFpFIXsSqdGeHfRLtbj4EgsFUSNO9YqjzrvwGIZ3jWlQ0rZzE5gCn8XMgcxISpmnJXUoeJV1IQUHbzcKzsg8rvrjY0fqKmEfAyChkHbb8ZEbKqlbiSfr56AHaB5Nnhrabbd%2BAcex9SMh7yklqA2YGKifrGmPtBGvZL%2FXYbjhb6Pnxtm%2F3GW16X%2FPpx%2Fo%2FaAiGIMOhLGTcMxKOhf4FxeuuahtMhYPNcP3nqZj9s1xBHHnwq0J3oP0tahmkRHD4vkk6C5Lu0ECyLRtAFDSB%2F229DRtWvPq9G0RhSpYkwpNe%2FLs8Vmn7CgLN1gQSPMts0rqBM6w474eq7Ic0axjQynk%2BvD8n9ot3%2B8s3gZiNUQ7mfxIWzrgHb5noz6nm3%2FmXM2XdfkwSm1ou6qhuLln4CTtn%2FwIoiQLSKXviGM7QIAvbHlxO8n8N5AIBtU%2FYnaTJUSQl0cY%2FplOgAUkYfxP5BKSlJLlZpJEyuVewqUytb3C9UHDB3daA%3D%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: luv.nu <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 11 Jul 2017 21:56:50 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499810210.2188065; expires=Fri, 09-Jul-2027 21:56:50 GMT; Max-Age=315360000 <br>Location: http://ww11.luv.nu/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: luv.nu <br>Referer: http://www.google.com/search?q=luv.nu <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 11 Jul 2017 21:56:49 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499810209.7956473; expires=Fri, 09-Jul-2027 21:56:49 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT%2Bzwn10jVoD41mCkxmFpFIXsSqdGeHfRLtbj4EgsFUSNO9YqjzrvwGIZ3jWlQ0rZzE5gCn8XMgcxISpmnJXUoeJV1IQUHbzcKzsg8rvrjY0fqKmEfAyChkHbb8ZEbKqlbiSfr56AHaB5Nnhrabbd%2BAcex9SMh7yklqA2YGKifrGmPtBGvZL%2FXYbjhb6Pnxtm%2F3GW16X%2FPpx%2Fo%2FaAiGIMOhLGTcMxKOhf4FxeuuahtMhYPNcP3nqZj9s1xBHHnwq0J3oP0tahmkRHD4vkk6C5Lu0ECyLRtAFDSB%2F229DRtWvPq9G0RhSpYkwpNe%2FLs8Vmn7CgLN1gQSPMts0rqBM6w474eq7Ic0axjQynk%2BvD8n9ot3%2B8s3gZiNUQ7mfxIWzrgHb5noz6nm3%2FmXM2XdfkwSm1ou6qhuLln4CTtn%2FwIoiQLSKXviGM7QIAvbHlxO8n8N5AIBtU%2FYnaTJUSQl0cY%2FplOgAUkYfxP5BKSlJLlZpJEyuVewqUytb3C9UHDB3daA%3D%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>luv.nu is on 103.224.182.249<br>ASN for 103.224.182.249: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.182.249 corresponds with lb-182-249.above.com<br>Abuse.net does not have any reliable address for lb-182-249.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-182-249.above.com abuse@above.com1499844094http://skollen.se/ (103.224.212.193) - Serp-hijackingAttacked url: http://skollen.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 11 Jul 2017 22:20:20 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT%2Bzwn10jVoD4N2M2UUS09dXQTH4wCAT%2B0Ygu9mAS4KUmhn4EitcuKrXSsrZkydb5PKSZMn2En1LWTHLVYzxNyNfOjA27p3AhIPs90K%2BltHGwseiOb5Itl037El%2FgHqKk6brVtWJqHT8T3Z5L1E3CTjcvvPIpGyTqhDd%2BdW38hGkDszgnUHxf7Y9MM0qQeUDjxmTH6jbtR54WYJp0aqiacSM%2FQQsMB2sO7SO0uZ4umaeg7qkLQrbytHr5sf3n9EcKbpxFJjvYbkWdXHopgs%2FnWXiNKhAelV%2FgbOHZwy4iXlwgzafKq2hVAKlpJ4aGGU2cHIyl11zSa1BP1CjVHFBGyb5oozUDDp7IuzC7Lu8C405Q4ne3Hkn%2BR63hvIZhUsKp3KFt8AdREkHzed%2BlUmedMwYhyNg2xyqAgQeFRLvpYgRS7OqFJh1qCvCEZ21RRDCnreBIigJ8GlrguHjDGPyavTgs%2Fvm%2BhnOhPvBSsiFB21tIrPBu1wKqGSYL7Jos%2Fyieoeuq9joX1x3ageOkhpmJ1iA%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: skollen.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 11 Jul 2017 20:20:27 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499804427.6258746; expires=Fri, 09-Jul-2027 20:20:27 GMT; Max-Age=315360000 <br>Location: http://ww11.skollen.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: skollen.se <br>Referer: http://www.google.com/search?q=skollen.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 11 Jul 2017 20:20:27 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499804427.4884867; expires=Fri, 09-Jul-2027 20:20:27 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT%2Bzwn10jVoD4N2M2UUS09dXQTH4wCAT%2B0Ygu9mAS4KUmhn4EitcuKrXSsrZkydb5PKSZMn2En1LWTHLVYzxNyNfOjA27p3AhIPs90K%2BltHGwseiOb5Itl037El%2FgHqKk6brVtWJqHT8T3Z5L1E3CTjcvvPIpGyTqhDd%2BdW38hGkDszgnUHxf7Y9MM0qQeUDjxmTH6jbtR54WYJp0aqiacSM%2FQQsMB2sO7SO0uZ4umaeg7qkLQrbytHr5sf3n9EcKbpxFJjvYbkWdXHopgs%2FnWXiNKhAelV%2FgbOHZwy4iXlwgzafKq2hVAKlpJ4aGGU2cHIyl11zSa1BP1CjVHFBGyb5oozUDDp7IuzC7Lu8C405Q4ne3Hkn%2BR63hvIZhUsKp3KFt8AdREkHzed%2BlUmedMwYhyNg2xyqAgQeFRLvpYgRS7OqFJh1qCvCEZ21RRDCnreBIigJ8GlrguHjDGPyavTgs%2Fvm%2BhnOhPvBSsiFB21tIrPBu1wKqGSYL7Jos%2Fyieoeuq9joX1x3ageOkhpmJ1iA%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>skollen.se is on 103.224.212.193<br>ASN for 103.224.212.193: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.193 corresponds with lb-212-193.above.com<br>Abuse.net does not have any reliable address for lb-212-193.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-193.above.com1499843997http://bloei.nu/ (103.224.182.249) - Serp-hijackingAttacked url: http://bloei.nu/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 11 Jul 2017 22:06:11 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT%2Bzwn10jVoD4w8Yx4r26cxNI2hMD2ruWt88NhvjWtVJi5ie6XAgm5XszaOkNEcEKCO%2FOH7AgFeUPqb5m5zprMOBwn2NJHIIpQ05t3Fd07iODbY5z4ggNUEpixefeFZQGH1cAr0lb%2Bogyv98xP%2Fec0FiHdVwRvYImKs9Wdeu4CaDXDrA3LOIppg2%2BvB6AueGOlPwPfty7eMPSJpQN7%2BRkCqU1k7higSsU%2BxDvDk0TA1Bpu5LLbGiIMBmPJSdA6GR%2BLer3nS4rie1aqVqBH5Lv2soC8e1abZiRZZ%2Bka6aO%2BRNiFxeAfle2xQR%2BgsIPTQD%2BIgQBTpoChabq8D8494pjx5qI0BFGHrqaj8%2BT8ZyckI%2B80M7izQ%2BYKxCS7E56R18aNT%2BUMp96rPbgCXrR4OFNZ2RDIgKytNFqgCPRVrqFxBbnFHsOHbkWEHTx1vTGBSZ8zVCSmUCxf%2FEbBaJDq39aipLNuk8PZvWFtNakaZsZ2bmIZKttxU93hel82XOzB8rp0Umh0yo9aKwb <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: bloei.nu <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 11 Jul 2017 20:06:11 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499803571.7055870; expires=Fri, 09-Jul-2027 20:06:11 GMT; Max-Age=315360000 <br>Location: http://ww11.bloei.nu/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: bloei.nu <br>Referer: http://www.google.com/search?q=bloei.nu <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 11 Jul 2017 20:06:10 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499803571.8590828; expires=Fri, 09-Jul-2027 20:06:11 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT%2Bzwn10jVoD4w8Yx4r26cxNI2hMD2ruWt88NhvjWtVJi5ie6XAgm5XszaOkNEcEKCO%2FOH7AgFeUPqb5m5zprMOBwn2NJHIIpQ05t3Fd07iODbY5z4ggNUEpixefeFZQGH1cAr0lb%2Bogyv98xP%2Fec0FiHdVwRvYImKs9Wdeu4CaDXDrA3LOIppg2%2BvB6AueGOlPwPfty7eMPSJpQN7%2BRkCqU1k7higSsU%2BxDvDk0TA1Bpu5LLbGiIMBmPJSdA6GR%2BLer3nS4rie1aqVqBH5Lv2soC8e1abZiRZZ%2Bka6aO%2BRNiFxeAfle2xQR%2BgsIPTQD%2BIgQBTpoChabq8D8494pjx5qI0BFGHrqaj8%2BT8ZyckI%2B80M7izQ%2BYKxCS7E56R18aNT%2BUMp96rPbgCXrR4OFNZ2RDIgKytNFqgCPRVrqFxBbnFHsOHbkWEHTx1vTGBSZ8zVCSmUCxf%2FEbBaJDq39aipLNuk8PZvWFtNakaZsZ2bmIZKttxU93hel82XOzB8rp0Umh0yo9aKwb <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>bloei.nu is on 103.224.182.249<br>ASN for 103.224.182.249: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.182.249 corresponds with lb-182-249.above.com<br>Abuse.net does not have any reliable address for lb-182-249.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-182-249.above.com abuse@above.com1499843986http://mon.nu/ (103.224.182.249) - Serp-hijackingAttacked url: http://mon.nu/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 11 Jul 2017 19:47:13 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT%2Bzwn10jVoD495iPG7T0uJTPAfnP2U4mjSHjc22eLMBWMs43vNVRsHXSetXxOQaXDlx9RWpfRl9QdlieE3ztq4CIBF6ub715awxlC8ZNBWGVeFB0qpZCozoYTqP504inxZ8gM51cbMq233Fif2X4F2QZnk4%2B3Gw9hL6ejF4kHjTGArbketyRTtI443D%2FRCnuKe2qXEnrrkyGKehJz1xMTZ8Whx1UfWpksEf8rNEtOYKOQt18zkhLhvS8Pj1lSzctmSfir9y7qPECLYYyDJ3KkY4Zk2cjmXMsVm%2FihuGBDqSHDfZMJsOqPL8K7owaqotwLIrCEfj5%2Bq0IdYHDaeVxM3x55eEycR2opbYJ6YHNkCf1TW02uO5TMso3aT5%2BK%2B83hfMgKw%2BGjySoIVeLdrk6xhHH%2FZMTyW%2Ftqla%2FwqrUa87Bsw4UTscaxLe329wAtKBB0ja%2BbJf3ocaRowNPsU9mz%2F1dIv%2FzfiGu6oZ9mDxG3bxqPmPYPJ1vNmwOC3otiCUMQVmQwFMnZNMy <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: mon.nu <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 11 Jul 2017 17:47:13 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499795233.8446400; expires=Fri, 09-Jul-2027 17:47:13 GMT; Max-Age=315360000 <br>Location: http://ww38.mon.nu/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: mon.nu <br>Referer: http://www.google.com/search?q=mon.nu <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 11 Jul 2017 17:47:12 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499795232.3322523; expires=Fri, 09-Jul-2027 17:47:12 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT%2Bzwn10jVoD495iPG7T0uJTPAfnP2U4mjSHjc22eLMBWMs43vNVRsHXSetXxOQaXDlx9RWpfRl9QdlieE3ztq4CIBF6ub715awxlC8ZNBWGVeFB0qpZCozoYTqP504inxZ8gM51cbMq233Fif2X4F2QZnk4%2B3Gw9hL6ejF4kHjTGArbketyRTtI443D%2FRCnuKe2qXEnrrkyGKehJz1xMTZ8Whx1UfWpksEf8rNEtOYKOQt18zkhLhvS8Pj1lSzctmSfir9y7qPECLYYyDJ3KkY4Zk2cjmXMsVm%2FihuGBDqSHDfZMJsOqPL8K7owaqotwLIrCEfj5%2Bq0IdYHDaeVxM3x55eEycR2opbYJ6YHNkCf1TW02uO5TMso3aT5%2BK%2B83hfMgKw%2BGjySoIVeLdrk6xhHH%2FZMTyW%2Ftqla%2FwqrUa87Bsw4UTscaxLe329wAtKBB0ja%2BbJf3ocaRowNPsU9mz%2F1dIv%2FzfiGu6oZ9mDxG3bxqPmPYPJ1vNmwOC3otiCUMQVmQwFMnZNMy <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>mon.nu is on 103.224.182.249<br>ASN for 103.224.182.249: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.182.249 corresponds with lb-182-249.above.com<br>Abuse.net does not have any reliable address for lb-182-249.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-182-249.above.com1499843826http://kungligaopera.se/ (103.224.212.187) - Serp-hijackingAttacked url: http://kungligaopera.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 11 Jul 2017 19:04:41 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT%2Bzwn10jVoD4Fcp8F%2BpnpThBNNxN7Ea8inIZHv9JMWquouclyDMOmeNbfEW46KC2P%2BUJMw%2F2%2BtIWl%2F11n%2BkCl7%2FzQhc74bThj3pX3mWBqEVhrfGScfwKMcnZ9h4sx6KZygXdoBPLoeG3W3UDQp7i9ASbHPRysuAeY8w2xzu8%2FLs4YWNisF6dSFa%2BB8nnZsEqY%2BKiM8PLbhD01MrqmlCSPG%2FcZ5TpQ6Y4p6T8qF0Tkx6gBZHz%2FODATEdt9zEYSxtvkOSi4cjdbM1ubmAABkXg5wYzuWxwzHQpwjKqrkgqoYcx%2FSci7UNR4plQrhbsL3Sbx8zxaNEcLKzT2Cu6ixFSxRz%2FqvjhLppk3hxMR18dXSr9Ncnl5Jl767aGynPjOrtwmntktN2mjYw1rZzParL9eUJajJyu%2B9y2R69IoXV8ivvKxxmbay9ml1Jf%2F18OaWJj%2F0C%2B3TPzEf5fEl4DuOmAo6lFIK62CZK1KwxXpo%2BhYfuKSiKEO1IO0RvdiHa5A1%2BiKwl8xXIxK5pobtEN1%2BOHdhb5TZ7CbADMf9fLrZpHR05Yjn24Zkaw2M0%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: kungligaopera.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 11 Jul 2017 17:04:48 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499792688.4037330; expires=Fri, 09-Jul-2027 17:04:48 GMT; Max-Age=315360000 <br>Location: http://ww11.kungligaopera.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: kungligaopera.se <br>Referer: http://www.google.com/search?q=kungligaopera.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 11 Jul 2017 17:04:47 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499792687.8774233; expires=Fri, 09-Jul-2027 17:04:47 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT%2Bzwn10jVoD4Fcp8F%2BpnpThBNNxN7Ea8inIZHv9JMWquouclyDMOmeNbfEW46KC2P%2BUJMw%2F2%2BtIWl%2F11n%2BkCl7%2FzQhc74bThj3pX3mWBqEVhrfGScfwKMcnZ9h4sx6KZygXdoBPLoeG3W3UDQp7i9ASbHPRysuAeY8w2xzu8%2FLs4YWNisF6dSFa%2BB8nnZsEqY%2BKiM8PLbhD01MrqmlCSPG%2FcZ5TpQ6Y4p6T8qF0Tkx6gBZHz%2FODATEdt9zEYSxtvkOSi4cjdbM1ubmAABkXg5wYzuWxwzHQpwjKqrkgqoYcx%2FSci7UNR4plQrhbsL3Sbx8zxaNEcLKzT2Cu6ixFSxRz%2FqvjhLppk3hxMR18dXSr9Ncnl5Jl767aGynPjOrtwmntktN2mjYw1rZzParL9eUJajJyu%2B9y2R69IoXV8ivvKxxmbay9ml1Jf%2F18OaWJj%2F0C%2B3TPzEf5fEl4DuOmAo6lFIK62CZK1KwxXpo%2BhYfuKSiKEO1IO0RvdiHa5A1%2BiKwl8xXIxK5pobtEN1%2BOHdhb5TZ7CbADMf9fLrZpHR05Yjn24Zkaw2M0%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>kungligaopera.se is on 103.224.212.187<br>ASN for 103.224.212.187: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.187 corresponds with lb-212-187.above.com<br>Abuse.net does not have any reliable address for lb-212-187.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-187.above.com1499843738http://recidens.se/ (103.224.212.190) - Serp-hijackingAttacked url: http://recidens.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 11 Jul 2017 14:40:46 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT8mzzSI%2FqzPKooec5LfKgNDdhZixtKRm8cJasBDieQ6396hk%2FH%2Fo8IxVq81pdeJO60z80jRKpbDsxQZ3knpMJJpgaJM5wj4EYNRDMApWQdxTsDGSDIvfQBcw5KlqEFlyqNMBXj1P28krjS%2FyRiJB4a8Gv0sypa2W8Lx2fVN01ZgtMf1qqzAlGHa2HrhVTw44QE4lin5rYrVtqTyLq9jQO3oLOYYt5Y7oxL%2ByoKoCD%2FhxtaR%2Bewp3b3pC8BcmcgrHRx9D0o6%2BIA0SEaQOobkNs5HbFCVGUw58mvY53aGbBiBuiaYKnpe4MU%2FW%2FVwoEARO2XMn2Ir4EAq1edEGriFuctLoG4fyxLIDWXiaDpbP9to0eeNWC9YemuyPWTW1dZ%2BZ9xj1LAjr9qrTvxUgDH%2BM7HiV3PinnyLEZtnDfzBgsIOO%2FrP6H96hgZEDEtyLlyIUa5IEzTtaCrcmseb5sP0YNJltLsQL%2B6XGwqaDfEhPoDujnTa5iAOehRd4sj3CPXvUzD1czQNOWn8FdWggHqfyggQ%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: recidens.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 11 Jul 2017 12:40:46 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499776846.5534591; expires=Fri, 09-Jul-2027 12:40:46 GMT; Max-Age=315360000 <br>Location: http://ww11.recidens.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: recidens.se <br>Referer: http://www.google.com/search?q=recidens.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 11 Jul 2017 12:40:45 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499776845.7683350; expires=Fri, 09-Jul-2027 12:40:45 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT8mzzSI%2FqzPKooec5LfKgNDdhZixtKRm8cJasBDieQ6396hk%2FH%2Fo8IxVq81pdeJO60z80jRKpbDsxQZ3knpMJJpgaJM5wj4EYNRDMApWQdxTsDGSDIvfQBcw5KlqEFlyqNMBXj1P28krjS%2FyRiJB4a8Gv0sypa2W8Lx2fVN01ZgtMf1qqzAlGHa2HrhVTw44QE4lin5rYrVtqTyLq9jQO3oLOYYt5Y7oxL%2ByoKoCD%2FhxtaR%2Bewp3b3pC8BcmcgrHRx9D0o6%2BIA0SEaQOobkNs5HbFCVGUw58mvY53aGbBiBuiaYKnpe4MU%2FW%2FVwoEARO2XMn2Ir4EAq1edEGriFuctLoG4fyxLIDWXiaDpbP9to0eeNWC9YemuyPWTW1dZ%2BZ9xj1LAjr9qrTvxUgDH%2BM7HiV3PinnyLEZtnDfzBgsIOO%2FrP6H96hgZEDEtyLlyIUa5IEzTtaCrcmseb5sP0YNJltLsQL%2B6XGwqaDfEhPoDujnTa5iAOehRd4sj3CPXvUzD1czQNOWn8FdWggHqfyggQ%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>recidens.se is on 103.224.212.190<br>ASN for 103.224.212.190: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.190 corresponds with lb-212-190.above.com<br>Abuse.net does not have any reliable address for lb-212-190.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-190.above.com1499843548http://xn--wsab-5qa.se/ (103.224.212.193) - Serp-hijackingAttacked url: http://xn--wsab-5qa.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 11 Jul 2017 10:57:04 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT8mzzSI%2FqzPKc9nDsfgrrkLGiwRHm%2BmFj7sa5KKBKXCvwgIgGenvCt4UGLOLoKOuNaVnK68cdjdXtOy8Q0%2F0Pq6I6G7Q5K3YcxyHf1iqKrNEL0UOIEt2W0IRk0Pt6HJBwjrp7QnaNMUkiyPn%2FJ%2Be8q1%2Fv6VS0ZbAIx7JvV0px2ZiEKQQ7eiEEKAgq2eoWX7gx7tJiafbZBP1HNSUp4EtJqymHagrvzGtSWOs7ikTCnIyXc1H%2BRp7BsN5rY2qVIFYqmMoyoFJvLhmd7NbKL17niVssRB4F74Ox1Rv4FknMbwZn9tpNvzzOlhCXfrZGqgWmo00cYLxW3aLB7pikjv68k5j43QoAUeNYHnR4apdy%2F6pEmFX2lwm3qXL4bXUYmTxanFcKgiGAAzZuRgg5PyQMXJsLbq3aUs%2B9C61DCsjZGyGNDhSVnLkWbROC3Fru%2Fup8G7MRp9DcSZzQc%2BoI63xeiaXZyq6uRdCvpzYaYZC%2FyzAxqHtjMTvxOCDGZLSCaVk7ApqCQuZgex%2FCPveJQyaIKCserl%2Fqqr5JAW3UEKUKnOi <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: xn--wsab-5qa.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 11 Jul 2017 08:57:11 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499763431.7382374; expires=Fri, 09-Jul-2027 08:57:11 GMT; Max-Age=315360000 <br>Location: http://ww38.xn--wsab-5qa.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: xn--wsab-5qa.se <br>Referer: http://www.google.com/search?q=xn--wsab-5qa.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 11 Jul 2017 08:57:10 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499763430.4178424; expires=Fri, 09-Jul-2027 08:57:10 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT8mzzSI%2FqzPKc9nDsfgrrkLGiwRHm%2BmFj7sa5KKBKXCvwgIgGenvCt4UGLOLoKOuNaVnK68cdjdXtOy8Q0%2F0Pq6I6G7Q5K3YcxyHf1iqKrNEL0UOIEt2W0IRk0Pt6HJBwjrp7QnaNMUkiyPn%2FJ%2Be8q1%2Fv6VS0ZbAIx7JvV0px2ZiEKQQ7eiEEKAgq2eoWX7gx7tJiafbZBP1HNSUp4EtJqymHagrvzGtSWOs7ikTCnIyXc1H%2BRp7BsN5rY2qVIFYqmMoyoFJvLhmd7NbKL17niVssRB4F74Ox1Rv4FknMbwZn9tpNvzzOlhCXfrZGqgWmo00cYLxW3aLB7pikjv68k5j43QoAUeNYHnR4apdy%2F6pEmFX2lwm3qXL4bXUYmTxanFcKgiGAAzZuRgg5PyQMXJsLbq3aUs%2B9C61DCsjZGyGNDhSVnLkWbROC3Fru%2Fup8G7MRp9DcSZzQc%2BoI63xeiaXZyq6uRdCvpzYaYZC%2FyzAxqHtjMTvxOCDGZLSCaVk7ApqCQuZgex%2FCPveJQyaIKCserl%2Fqqr5JAW3UEKUKnOi <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>xn--wsab-5qa.se is on 103.224.212.193<br>ASN for 103.224.212.193: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.193 corresponds with lb-212-193.above.com<br>Abuse.net does not have any reliable address for lb-212-193.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-193.above.com1499843245http://miljomlotteriet.se/ (103.224.212.197) - Serp-hijackingAttacked url: http://miljomlotteriet.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 11 Jul 2017 10:39:23 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT8mzzSI%2FqzPKRAcsn2cLte%2FgERNPqGZWN7tLniyCahAS8SFQXi%2Bh5R2VJEx1Xkf5GM65xJJXc33aWOFFFlwWratFtjOQ1QmIoRmMy45QqghL8hv5%2F2zFMYQU68ghlAp%2BkNTid1F2VULpZ6ctC2Jyb8dUvB%2FjzLGbG7qzQQqjQhd2Tdri%2Fm9c6obfmB%2BxT%2FpIoqHlkcdAFe4mL5a0FgNZWIgQtn49Ga8Fy2OUxwAMWt%2BKyV5A%2FbBRXqilpKzrJjWVnzisEo7Ah5hbd6zBuiyN6qZ0hcKOXY3s1I7jw7UQR2E8ncyKyWvjsCHdxz%2Bdg2AM%2BR6bchCb8egiyUCETvGuX29eHK2YkAXGQ9pCbkl4Jzhn1Z8XPRRYgPeeFMT6QJo7j%2B5ThJGPNn5CJmQ2lzAZ%2Fyp6cKYZBB4hdwVabKK1peirly0fawKbJHzjaqpihoX9RKJ2mPvXrZxIjE4Hc5OxXnauu2NpJsoR8OkLCzWgostBWc%2FLvurygBICRSXDdGUQBtT0rbDlN2FCC40SMguauYQoROCoIUyyMW0TheGUJMeV <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: miljomlotteriet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 11 Jul 2017 08:39:30 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499762370.5623066; expires=Fri, 09-Jul-2027 08:39:30 GMT; Max-Age=315360000 <br>Location: http://ww11.miljomlotteriet.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: miljomlotteriet.se <br>Referer: http://www.google.com/search?q=miljomlotteriet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 11 Jul 2017 08:39:29 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499762370.2174154; expires=Fri, 09-Jul-2027 08:39:30 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT8mzzSI%2FqzPKRAcsn2cLte%2FgERNPqGZWN7tLniyCahAS8SFQXi%2Bh5R2VJEx1Xkf5GM65xJJXc33aWOFFFlwWratFtjOQ1QmIoRmMy45QqghL8hv5%2F2zFMYQU68ghlAp%2BkNTid1F2VULpZ6ctC2Jyb8dUvB%2FjzLGbG7qzQQqjQhd2Tdri%2Fm9c6obfmB%2BxT%2FpIoqHlkcdAFe4mL5a0FgNZWIgQtn49Ga8Fy2OUxwAMWt%2BKyV5A%2FbBRXqilpKzrJjWVnzisEo7Ah5hbd6zBuiyN6qZ0hcKOXY3s1I7jw7UQR2E8ncyKyWvjsCHdxz%2Bdg2AM%2BR6bchCb8egiyUCETvGuX29eHK2YkAXGQ9pCbkl4Jzhn1Z8XPRRYgPeeFMT6QJo7j%2B5ThJGPNn5CJmQ2lzAZ%2Fyp6cKYZBB4hdwVabKK1peirly0fawKbJHzjaqpihoX9RKJ2mPvXrZxIjE4Hc5OxXnauu2NpJsoR8OkLCzWgostBWc%2FLvurygBICRSXDdGUQBtT0rbDlN2FCC40SMguauYQoROCoIUyyMW0TheGUJMeV <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>miljomlotteriet.se is on 103.224.212.197<br>ASN for 103.224.212.197: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.197 corresponds with lb-212-197.above.com<br>Abuse.net does not have any reliable address for lb-212-197.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-197.above.com1499843205http://jiicomp.se/ (103.224.212.196) - Serp-hijackingAttacked url: http://jiicomp.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 04 Jul 2017 14:28:22 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoTyhEAxOsUZ48t6XvRv0X12qR9pSQ7bZVI6yusL%2BJzAuMgBAIFFwl%2FEQ3MmFGvOkh2Hdj%2F834hXqQt1OLp6Fd1I74NA01%2FdaCmiHiLOzPiorOIyBA%2FWvUNf4FeDMlZ%2FrwO%2BU11Rua%2BB%2FMHGNBlPtHcfp3QFzbGzedWC%2FWD1%2FPujFTud7wWa%2Bul3m3MV3MhXtozQNo66mikk3%2BI5p3dpw4kRZjN%2FlC%2FWtd%2BG6KlMt9kjOuWnqb4gJa%2FsF6DxG0LQ%2BN7NG0JW5fiBhRD9zfI%2FdEa2AdCKldUHPCnFzVgpafsjO5JIfbouVQrNXUukhDF6M4l6gr76Tqb6czctOmdoJePphvwbJ07ArCNXgHTfpvMnlMN3drao%2B4hMSOYVxsOqk7YYkZhkBfnNh%2F6b%2FWjTtS3LEmaeDzAplKqhBpItSM6%2F1GXvdBruKJOolAvcQ%2FKtsMB%2BcHWIuk5bkGeI29MKOUuks0DU8F02IrmdvPvJmW7vExv%2B3%2FTi2i8CiIHuacBaAjXS7XTvSHqbdl <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: jiicomp.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 04 Jul 2017 12:28:27 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499171307.6226082; expires=Fri, 02-Jul-2027 12:28:27 GMT; Max-Age=315360000 <br>Location: http://ww11.jiicomp.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: jiicomp.se <br>Referer: http://www.google.com/search?q=jiicomp.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 04 Jul 2017 12:28:26 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499171306.5256322; expires=Fri, 02-Jul-2027 12:28:26 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoTyhEAxOsUZ48t6XvRv0X12qR9pSQ7bZVI6yusL%2BJzAuMgBAIFFwl%2FEQ3MmFGvOkh2Hdj%2F834hXqQt1OLp6Fd1I74NA01%2FdaCmiHiLOzPiorOIyBA%2FWvUNf4FeDMlZ%2FrwO%2BU11Rua%2BB%2FMHGNBlPtHcfp3QFzbGzedWC%2FWD1%2FPujFTud7wWa%2Bul3m3MV3MhXtozQNo66mikk3%2BI5p3dpw4kRZjN%2FlC%2FWtd%2BG6KlMt9kjOuWnqb4gJa%2FsF6DxG0LQ%2BN7NG0JW5fiBhRD9zfI%2FdEa2AdCKldUHPCnFzVgpafsjO5JIfbouVQrNXUukhDF6M4l6gr76Tqb6czctOmdoJePphvwbJ07ArCNXgHTfpvMnlMN3drao%2B4hMSOYVxsOqk7YYkZhkBfnNh%2F6b%2FWjTtS3LEmaeDzAplKqhBpItSM6%2F1GXvdBruKJOolAvcQ%2FKtsMB%2BcHWIuk5bkGeI29MKOUuks0DU8F02IrmdvPvJmW7vExv%2B3%2FTi2i8CiIHuacBaAjXS7XTvSHqbdl <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>jiicomp.se is on 103.224.212.196<br>ASN for 103.224.212.196: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.196 corresponds with lb-212-196.above.com<br>Abuse.net does not have any reliable address for lb-212-196.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-212-196.above.com abuse@above.com1499173351http://manti.se/ (103.224.212.196) - Serp-hijackingAttacked url: http://manti.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 04 Jul 2017 13:43:18 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoTyhEAxOsUZ485u3PJjYJPJWKuJrDcfvUFzGXCelpeKccDV5wO0PY2%2F14hXdRlQXQok8Hlenlqr2ijYofhRyM5I8Je%2B3JUv507Vn4W%2FQQnhWna92UtlUx9HyGyllMm51%2FDGume2X6FPr32Q3HLT1O%2BXSevTATkfXlD%2FJ8sJjzNFHEhY%2FYu0HaFxqr24DUyUWj2h%2Fa6t4HAQoNxTYhjO06MK%2BHIor5ca9G%2Bmu7cMSgyO7anCuensmIu3Z2PO4XJ637I7JGuT0vel%2BqxJ2Kx%2BZE99R%2BKO86YZKqool%2F768FUlXxqD8I5CE%2BzlfOJPAMZb1%2BQ9eIadoTJjj7nWe7qBPD%2FYm%2BbxofrA3KeEZ%2BQy0FP76JUQcrtEPU%2B%2F5vVBVcBBy8gSQaKa6t8IDfiFHq4iDhsVduHYMl1yZvtSL5Szx7%2B3b41g830Sadg2uLL2hhwYX0DWhLFyGR4E9DtGfEgFAcPVn4Yv0nlNb8jTC3jn40O0HEilTdqvKLIqSmAAr6XAM3gw%3D%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: manti.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 04 Jul 2017 11:43:23 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499168603.8550394; expires=Fri, 02-Jul-2027 11:43:23 GMT; Max-Age=315360000 <br>Location: http://ww11.manti.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: manti.se <br>Referer: http://www.google.com/search?q=manti.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 04 Jul 2017 11:43:22 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499168602.7698825; expires=Fri, 02-Jul-2027 11:43:22 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoTyhEAxOsUZ485u3PJjYJPJWKuJrDcfvUFzGXCelpeKccDV5wO0PY2%2F14hXdRlQXQok8Hlenlqr2ijYofhRyM5I8Je%2B3JUv507Vn4W%2FQQnhWna92UtlUx9HyGyllMm51%2FDGume2X6FPr32Q3HLT1O%2BXSevTATkfXlD%2FJ8sJjzNFHEhY%2FYu0HaFxqr24DUyUWj2h%2Fa6t4HAQoNxTYhjO06MK%2BHIor5ca9G%2Bmu7cMSgyO7anCuensmIu3Z2PO4XJ637I7JGuT0vel%2BqxJ2Kx%2BZE99R%2BKO86YZKqool%2F768FUlXxqD8I5CE%2BzlfOJPAMZb1%2BQ9eIadoTJjj7nWe7qBPD%2FYm%2BbxofrA3KeEZ%2BQy0FP76JUQcrtEPU%2B%2F5vVBVcBBy8gSQaKa6t8IDfiFHq4iDhsVduHYMl1yZvtSL5Szx7%2B3b41g830Sadg2uLL2hhwYX0DWhLFyGR4E9DtGfEgFAcPVn4Yv0nlNb8jTC3jn40O0HEilTdqvKLIqSmAAr6XAM3gw%3D%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>manti.se is on 103.224.212.196<br>ASN for 103.224.212.196: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.196 corresponds with lb-212-196.above.com<br>Abuse.net does not have any reliable address for lb-212-196.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-196.above.com1499173344http://dinheiro.se/ (103.224.212.191) - Serp-hijackingAttacked url: http://dinheiro.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 04 Jul 2017 11:17:41 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoTyhEAxOsUZ48xdzY%2FBCRBS0yknPn7XsnRwPO9IECWnz5%2BgRoe%2F5H396oUedeBAKqTYLLYPvUcDeZ9g0LM0zNW%2FpsDavvneqGOI5h8317tLxXGquCM2MLjRcv%2B0drU0D%2FT8lE2tSJBI5dC6PbX6PcSFBcOaW5eMqoehlESZwXwjJB5Hfo20RaQrm7P%2FoY0WF2xqp0f70FM9OpsZqzMAeITzkd7mt0DLejX4gnIsAYW%2Ff6p0L%2BIi7o9rpGHrIJ2KaYPSGJrVqzGc8TyhIrhRSxnOfgT9%2ByowH5PZpjPT%2Bbdj2s6S2aJdRN%2FyMLKSg9vEoV%2BnPQttR2jdeXjKQL2p02gMBy341LOIVBlahKUFOslARWAHFLNWwo5E4CV%2B4fAHyfDBiOYaRlllBkHY4MZl9E%2BVSEv3fcsvwyxrZl%2Bq8DqlzaH2Vy%2ByZ122WnkYhx58JS23orDjj79bTtq%2BSJXagVkVeT7ERRt0w7s04ZLS6WAsgLNmMlik3UcWZ%2F395dFS%2BLtsZR3r9pZnWmgOTAx1UwaBY%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: dinheiro.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 04 Jul 2017 09:17:46 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499159866.6762647; expires=Fri, 02-Jul-2027 09:17:46 GMT; Max-Age=315360000 <br>Location: http://ww11.dinheiro.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: dinheiro.se <br>Referer: http://www.google.com/search?q=dinheiro.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 04 Jul 2017 09:17:45 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499159865.6240944; expires=Fri, 02-Jul-2027 09:17:45 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoTyhEAxOsUZ48xdzY%2FBCRBS0yknPn7XsnRwPO9IECWnz5%2BgRoe%2F5H396oUedeBAKqTYLLYPvUcDeZ9g0LM0zNW%2FpsDavvneqGOI5h8317tLxXGquCM2MLjRcv%2B0drU0D%2FT8lE2tSJBI5dC6PbX6PcSFBcOaW5eMqoehlESZwXwjJB5Hfo20RaQrm7P%2FoY0WF2xqp0f70FM9OpsZqzMAeITzkd7mt0DLejX4gnIsAYW%2Ff6p0L%2BIi7o9rpGHrIJ2KaYPSGJrVqzGc8TyhIrhRSxnOfgT9%2ByowH5PZpjPT%2Bbdj2s6S2aJdRN%2FyMLKSg9vEoV%2BnPQttR2jdeXjKQL2p02gMBy341LOIVBlahKUFOslARWAHFLNWwo5E4CV%2B4fAHyfDBiOYaRlllBkHY4MZl9E%2BVSEv3fcsvwyxrZl%2Bq8DqlzaH2Vy%2ByZ122WnkYhx58JS23orDjj79bTtq%2BSJXagVkVeT7ERRt0w7s04ZLS6WAsgLNmMlik3UcWZ%2F395dFS%2BLtsZR3r9pZnWmgOTAx1UwaBY%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>dinheiro.se is on 103.224.212.191<br>ASN for 103.224.212.191: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.191 corresponds with lb-212-191.above.com<br>Abuse.net does not have any reliable address for lb-212-191.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-191.above.com1499173327http://v75kollen.se/ (103.224.212.191) - Serp-hijackingAttacked url: http://v75kollen.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 04 Jul 2017 09:19:08 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoTyhEAxOsUZ48%2B2g9mfWUOwenwGE6hW168UEJQ7%2FzjS8RhX%2BHmHFYGVwa7nXRlpeEikYuHBOSf6jzPHtozNAxpGtvi8Ok7gMu055H5m9I4vLS5L%2B4Gyz6ZV0RIUvR2aKDICN%2FpGQagmdaoVqB7Qi%2Fy%2FpoU5rPoCRvOEmynEcx3GS2%2BvG3n82l9jQZndWzZr6fs%2Fs7JqsxiaDmJESDJiYaQIcTfaO0UXdqUwViNJexH%2FE%2Bya19PojBZquUQCiLhimd9Lvn1NRIgdEFXVp6dAnUVOKQ1p9v0gwafD6ngCtiGCEDFBjxCIZXlagNOdAORD3vKCmB4dn5N7eLXAkmjr%2BfNGGJLrARcAkvIJm89SMimnd76nXauss%2B2T8P%2FRj%2Bmv3B0ai3fVyf4Uu6UZGKraK5qLXe4g8DVvAnffoO38%2FijWRhx2GscP6JQjCKWfXuQIx0Yob3GmTw1w%2F5ZgLuhsaFCQDjFfMpBcXs92fPdhyZf5Bx3xfl4BltHifsgvUz7piwQeVMFbmH054wm8%2Bpl8x8my0%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: v75kollen.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 04 Jul 2017 07:19:13 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499152753.3173639; expires=Fri, 02-Jul-2027 07:19:13 GMT; Max-Age=315360000 <br>Location: http://ww11.v75kollen.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: v75kollen.se <br>Referer: http://www.google.com/search?q=v75kollen.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 04 Jul 2017 07:19:12 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499152752.8718424; expires=Fri, 02-Jul-2027 07:19:12 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoTyhEAxOsUZ48%2B2g9mfWUOwenwGE6hW168UEJQ7%2FzjS8RhX%2BHmHFYGVwa7nXRlpeEikYuHBOSf6jzPHtozNAxpGtvi8Ok7gMu055H5m9I4vLS5L%2B4Gyz6ZV0RIUvR2aKDICN%2FpGQagmdaoVqB7Qi%2Fy%2FpoU5rPoCRvOEmynEcx3GS2%2BvG3n82l9jQZndWzZr6fs%2Fs7JqsxiaDmJESDJiYaQIcTfaO0UXdqUwViNJexH%2FE%2Bya19PojBZquUQCiLhimd9Lvn1NRIgdEFXVp6dAnUVOKQ1p9v0gwafD6ngCtiGCEDFBjxCIZXlagNOdAORD3vKCmB4dn5N7eLXAkmjr%2BfNGGJLrARcAkvIJm89SMimnd76nXauss%2B2T8P%2FRj%2Bmv3B0ai3fVyf4Uu6UZGKraK5qLXe4g8DVvAnffoO38%2FijWRhx2GscP6JQjCKWfXuQIx0Yob3GmTw1w%2F5ZgLuhsaFCQDjFfMpBcXs92fPdhyZf5Bx3xfl4BltHifsgvUz7piwQeVMFbmH054wm8%2Bpl8x8my0%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>v75kollen.se is on 103.224.212.191<br>ASN for 103.224.212.191: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.191 corresponds with lb-212-191.above.com<br>Abuse.net does not have any reliable address for lb-212-191.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-191.above.com1499173312http://specsawer.se/ (103.224.212.197) - Serp-hijackingAttacked url: http://specsawer.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 04 Jul 2017 07:40:06 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoTyhEAxOsUZ48YLSBJ2BBhJ%2BtrndEtlfuhG4pwUsu9xrx7cgBQs2pexGtu4RJIDOWGi00qrGkyfiVQ9BOurz1XdBx%2B8gXn8Kl1zIEiUWukFT5zD%2BMzT2rY55858o3WGl3JsI0nnwOC0hsupO19yI6lJa8CdeI8sUN8sKyaznTPG4La2wk2CstlveS58eEXGGAei0Fy8dKoF8iz0ThMjZoVITFcRfnAxzq0YSpu0%2BiizIb3obYxeqCHLBWomQPW8U3%2FuZXfeB5qsPZ6uU%2FWPAVstNQJedINkcZeP9xF18yCC2rtwGA6%2Bvi3VIPhMr09bjEOF07Ed4gGH5FuyTGsEW2hcxUEqXM3EpkDwPOVzLijha0SP6xyaBCWhNdtDDiF9IRQIHwWhleYuwW8xs5nr%2FXokJlePbBdauwPfV%2FgxF40nUA9w%2FNqdaxazDq2RyTPcfuG2waewuyTvFY9fNUuI1n19eSAq5AQhs%2B0IUALyVjUG8osSqiahCprnUoHd7l%2FTbn6EjelpNVwQqGj92HVrzNjH0%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: specsawer.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 04 Jul 2017 05:40:11 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499146811.1982452; expires=Fri, 02-Jul-2027 05:40:11 GMT; Max-Age=315360000 <br>Location: http://ww11.specsawer.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: specsawer.se <br>Referer: http://www.google.com/search?q=specsawer.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 04 Jul 2017 05:40:10 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499146810.8323291; expires=Fri, 02-Jul-2027 05:40:10 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoTyhEAxOsUZ48YLSBJ2BBhJ%2BtrndEtlfuhG4pwUsu9xrx7cgBQs2pexGtu4RJIDOWGi00qrGkyfiVQ9BOurz1XdBx%2B8gXn8Kl1zIEiUWukFT5zD%2BMzT2rY55858o3WGl3JsI0nnwOC0hsupO19yI6lJa8CdeI8sUN8sKyaznTPG4La2wk2CstlveS58eEXGGAei0Fy8dKoF8iz0ThMjZoVITFcRfnAxzq0YSpu0%2BiizIb3obYxeqCHLBWomQPW8U3%2FuZXfeB5qsPZ6uU%2FWPAVstNQJedINkcZeP9xF18yCC2rtwGA6%2Bvi3VIPhMr09bjEOF07Ed4gGH5FuyTGsEW2hcxUEqXM3EpkDwPOVzLijha0SP6xyaBCWhNdtDDiF9IRQIHwWhleYuwW8xs5nr%2FXokJlePbBdauwPfV%2FgxF40nUA9w%2FNqdaxazDq2RyTPcfuG2waewuyTvFY9fNUuI1n19eSAq5AQhs%2B0IUALyVjUG8osSqiahCprnUoHd7l%2FTbn6EjelpNVwQqGj92HVrzNjH0%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>specsawer.se is on 103.224.212.197<br>ASN for 103.224.212.197: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.197 corresponds with lb-212-197.above.com<br>Abuse.net does not have any reliable address for lb-212-197.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-197.above.com1499173308http://handm.se/ (103.224.212.197) - Serp-hijackingAttacked url: http://handm.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 04 Jul 2017 05:05:55 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoTyhEAxOsUZ48RmAdbh4vCz%2BBAMZg48CX4mtIbgYXlsZeFB949unFPmYyzA7bFlgDn6S1NpJz0YObL0aVAd81PhybyHtRv7AeFRBBBlECgTj5vdjHVHrZLMXvdK6E%2Fat4aJw05L5bw7YF%2BrSfTZEVRbv9tpphDJYR%2Bic2y4t54326v%2BDRodVfUXZI7rsXs1nj9kmTrbDR%2BgiapRyAOfM04Su9Mg907eS83s2d3n1R7hg8Qepq%2FNbJPil%2BXDFr%2Fdx8AfkdD5xZhBC7QpxsHWrY8QZpjDQ0RNbV4x75bp7wlX%2BM5Q17JRueHA4%2FhuEwRlVnssY4fcbTvAJ37jeT%2F410iQDLD7a1g4IVjhxGyiseeMDa1jfn26T2iiakSrCi04YsamgaL7UGu4rrjBDMJFOgMo7WDSsngN8gDHrSB81WopBcs2yu0Trd8M9Gtwxv4xXjz7WKzMZsi%2FMJTg2pY4fUO2qdoM1jlQb1RsyYUBZ7oh%2FNaGRq88qTNuQFTBWqxR9%2BCL5HusfHiymR <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: handm.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 04 Jul 2017 03:06:00 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499137560.4879849; expires=Fri, 02-Jul-2027 03:06:00 GMT; Max-Age=315360000 <br>Location: http://ww38.handm.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: handm.se <br>Referer: http://www.google.com/search?q=handm.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 04 Jul 2017 03:05:59 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499137560.2974674; expires=Fri, 02-Jul-2027 03:06:00 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoTyhEAxOsUZ48RmAdbh4vCz%2BBAMZg48CX4mtIbgYXlsZeFB949unFPmYyzA7bFlgDn6S1NpJz0YObL0aVAd81PhybyHtRv7AeFRBBBlECgTj5vdjHVHrZLMXvdK6E%2Fat4aJw05L5bw7YF%2BrSfTZEVRbv9tpphDJYR%2Bic2y4t54326v%2BDRodVfUXZI7rsXs1nj9kmTrbDR%2BgiapRyAOfM04Su9Mg907eS83s2d3n1R7hg8Qepq%2FNbJPil%2BXDFr%2Fdx8AfkdD5xZhBC7QpxsHWrY8QZpjDQ0RNbV4x75bp7wlX%2BM5Q17JRueHA4%2FhuEwRlVnssY4fcbTvAJ37jeT%2F410iQDLD7a1g4IVjhxGyiseeMDa1jfn26T2iiakSrCi04YsamgaL7UGu4rrjBDMJFOgMo7WDSsngN8gDHrSB81WopBcs2yu0Trd8M9Gtwxv4xXjz7WKzMZsi%2FMJTg2pY4fUO2qdoM1jlQb1RsyYUBZ7oh%2FNaGRq88qTNuQFTBWqxR9%2BCL5HusfHiymR <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>handm.se is on 103.224.212.197<br>ASN for 103.224.212.197: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.197 corresponds with lb-212-197.above.com<br>Abuse.net does not have any reliable address for lb-212-197.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-197.above.com1499173300http://mp3free.se/ (103.224.212.193) - Serp-hijackingAttacked url: http://mp3free.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 04 Jul 2017 05:02:45 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoTyhEAxOsUZ48Ox8OaogQyjM59od%2FFW%2B4q8PE5K8BhHal1PPInOPBIGvgsL9GNwRPgX64a22rhsHo41Gn3hyBjWl%2BPqXc1VVAAq1NeAArAYEdWvB0hFe7lIgsXgrpRdvLxGoE6lU9k5jS5fLZ8HclFExUYV2oTY%2B4UTUvn3R%2BLEGR8P%2FK4wmcpkyOPkJH%2F4kbOj5BopbWHF57hZgq1Q77ZLOdAbv10hCCt%2FDYdHB2OYfbFJTnJyu58vl0c8mlCCOzR8f3qIfu8MsBmkjuPCySyOLpGn5i0IjzaikJv2CeaYUCB84LuCs%2BAjuiP0NLg7HnkFxRiELmfYsGYZ3Zc6hNywu4lct9%2FIBji5FomzlGrT2yycOmZnkXMShkMYx0V%2BSjCa96CNMTpqShFQp9EMn6JoG%2BrLVEMCvvTk%2Bv9GTcqa3NKUfOtB8FkBzN5hYZPGRIe%2BLM3fKSNunqt4vKoNeaG9r9vd9xlqnfEqJIPZ8rHn9aalbTRDEnFyRklLpa1raamlYoLHsuS8kH <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: mp3free.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 04 Jul 2017 03:02:45 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499137365.7749436; expires=Fri, 02-Jul-2027 03:02:45 GMT; Max-Age=315360000 <br>Location: http://ww11.mp3free.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: mp3free.se <br>Referer: http://www.google.com/search?q=mp3free.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 04 Jul 2017 03:02:44 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499137364.1606313; expires=Fri, 02-Jul-2027 03:02:44 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoTyhEAxOsUZ48Ox8OaogQyjM59od%2FFW%2B4q8PE5K8BhHal1PPInOPBIGvgsL9GNwRPgX64a22rhsHo41Gn3hyBjWl%2BPqXc1VVAAq1NeAArAYEdWvB0hFe7lIgsXgrpRdvLxGoE6lU9k5jS5fLZ8HclFExUYV2oTY%2B4UTUvn3R%2BLEGR8P%2FK4wmcpkyOPkJH%2F4kbOj5BopbWHF57hZgq1Q77ZLOdAbv10hCCt%2FDYdHB2OYfbFJTnJyu58vl0c8mlCCOzR8f3qIfu8MsBmkjuPCySyOLpGn5i0IjzaikJv2CeaYUCB84LuCs%2BAjuiP0NLg7HnkFxRiELmfYsGYZ3Zc6hNywu4lct9%2FIBji5FomzlGrT2yycOmZnkXMShkMYx0V%2BSjCa96CNMTpqShFQp9EMn6JoG%2BrLVEMCvvTk%2Bv9GTcqa3NKUfOtB8FkBzN5hYZPGRIe%2BLM3fKSNunqt4vKoNeaG9r9vd9xlqnfEqJIPZ8rHn9aalbTRDEnFyRklLpa1raamlYoLHsuS8kH <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>mp3free.se is on 103.224.212.193<br>ASN for 103.224.212.193: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.193 corresponds with lb-212-193.above.com<br>Abuse.net does not have any reliable address for lb-212-193.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-193.above.com1499173298http://lagabas.se/ (103.224.212.198) - Serp-hijackingAttacked url: http://lagabas.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 04 Jul 2017 01:35:13 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoTyhEAxOsUZ487VCrrWL6cQWLvyQAa9lgt%2BrnZ2%2FgLXlOByroCR%2Bky8hjdKiQUCNkn61%2BQMOkIFOzMBBwsIUbxSBU7k%2BVFnJ0fv9V9trYHBOe5OsqUMidou%2F8UUWIWH0hmjJQdZGMk2JP0H%2F9sF%2Bj1z4R3ljqaf2RBn0gpCCpbZrtJkAiY0wnicqdUWqyAwHa9v74RqXh4k6j7wlq1lcxjdnKIhQGXlHYz6ke0oTnaMbheIfnO0CPk43%2BevbnCoqKPwAyDQY3hr4xzkSr1FzeAcvsLZmppspA3l8dbAUGDQInl2BnjzdsXHQrBpIlgW87VZGTfqyjGzb6XEhhJIovrPFRX32jrHN5PCAulLKw%2BEH9KQrl0NUwRh9seZjPP9y%2BycXnpRRI8i9BV1sK9SvUKQM0q7WSbv4TID%2FTHudWBdxt9kFpLf7JeZQtonCZf%2FA7ayoESpjFoFQkVep1uKtKAiCj1Tx%2BpWIDFEYQwsbxTQUAuwaCDrdkFVuBihivn5HDRc7V5Q%2FFDgKBep7mTuuuH5s%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: lagabas.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 03 Jul 2017 23:35:18 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499124918.7923697; expires=Thu, 01-Jul-2027 23:35:18 GMT; Max-Age=315360000 <br>Location: http://ww11.lagabas.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: lagabas.se <br>Referer: http://www.google.com/search?q=lagabas.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 03 Jul 2017 23:35:17 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499124917.8356931; expires=Thu, 01-Jul-2027 23:35:17 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoTyhEAxOsUZ487VCrrWL6cQWLvyQAa9lgt%2BrnZ2%2FgLXlOByroCR%2Bky8hjdKiQUCNkn61%2BQMOkIFOzMBBwsIUbxSBU7k%2BVFnJ0fv9V9trYHBOe5OsqUMidou%2F8UUWIWH0hmjJQdZGMk2JP0H%2F9sF%2Bj1z4R3ljqaf2RBn0gpCCpbZrtJkAiY0wnicqdUWqyAwHa9v74RqXh4k6j7wlq1lcxjdnKIhQGXlHYz6ke0oTnaMbheIfnO0CPk43%2BevbnCoqKPwAyDQY3hr4xzkSr1FzeAcvsLZmppspA3l8dbAUGDQInl2BnjzdsXHQrBpIlgW87VZGTfqyjGzb6XEhhJIovrPFRX32jrHN5PCAulLKw%2BEH9KQrl0NUwRh9seZjPP9y%2BycXnpRRI8i9BV1sK9SvUKQM0q7WSbv4TID%2FTHudWBdxt9kFpLf7JeZQtonCZf%2FA7ayoESpjFoFQkVep1uKtKAiCj1Tx%2BpWIDFEYQwsbxTQUAuwaCDrdkFVuBihivn5HDRc7V5Q%2FFDgKBep7mTuuuH5s%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>lagabas.se is on 103.224.212.198<br>ASN for 103.224.212.198: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.198 corresponds with lb-212-198.above.com<br>Abuse.net does not have any reliable address for lb-212-198.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-198.above.com1499173255http://bornholmstraffiken.se/ (103.224.212.187) - Serp-hijackingAttacked url: http://bornholmstraffiken.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 04 Jul 2017 00:45:42 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoTyhEAxOsUZ48CPldIpHuRj%2BlRI%2FPvbm%2Bw5d328DlW8Zg9PvK0yOdp0t7xMZ5bJBmFHAZZNGbtgdzJ1N29IzgQGB9XeqOf1FdJI615hv1u873Cfj2GwmvTGO747%2B3XfNc%2BLZd3Wt%2FOaJhLXdmaKoiuQz8Qwawh2K8K0Sa2EcOylUZ8UT8YQI68%2BHRk7HiukR2RtcO1oe3JVr2%2F0aBmFXuTkWhBbpnAtqZCRZWXmo8ZodFW1QoKhfWIb26eKYzd4kmMDWYy%2FAmke8d9DXMx9zNTBQgQtoSb%2BTDRj%2FDWzoyzfigrqMSoqXa0qNHGvpuiFFl8911yizNNwMi7S5a4zre5OJbZX3OtY3pviLjuA1aLT%2Bhh5we%2BXiyF8a2iQMtivo4%2BPM3pLlduJZKg%2BRAWFHv%2FcKPDpnvH3kAdVaocIj67FRvl6%2BEraWzUMrM9dfkVqTCWGkwkI1PjtICgZYOeRoHhdvYiG4LB0WSFA7KaMHtDR6Vb1s%2BBh66EI68E1o2a23jsmYicI%2BbUmapwZocV0gyl82SAiJA5YQWJtbFhGK%2F4PAmJz8PU1U6mEc%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: bornholmstraffiken.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 03 Jul 2017 22:45:42 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499121942.2632978; expires=Thu, 01-Jul-2027 22:45:42 GMT; Max-Age=315360000 <br>Location: http://ww11.bornholmstraffiken.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: bornholmstraffiken.se <br>Referer: http://www.google.com/search?q=bornholmstraffiken.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 03 Jul 2017 22:45:41 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499121941.4494204; expires=Thu, 01-Jul-2027 22:45:41 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoTyhEAxOsUZ48CPldIpHuRj%2BlRI%2FPvbm%2Bw5d328DlW8Zg9PvK0yOdp0t7xMZ5bJBmFHAZZNGbtgdzJ1N29IzgQGB9XeqOf1FdJI615hv1u873Cfj2GwmvTGO747%2B3XfNc%2BLZd3Wt%2FOaJhLXdmaKoiuQz8Qwawh2K8K0Sa2EcOylUZ8UT8YQI68%2BHRk7HiukR2RtcO1oe3JVr2%2F0aBmFXuTkWhBbpnAtqZCRZWXmo8ZodFW1QoKhfWIb26eKYzd4kmMDWYy%2FAmke8d9DXMx9zNTBQgQtoSb%2BTDRj%2FDWzoyzfigrqMSoqXa0qNHGvpuiFFl8911yizNNwMi7S5a4zre5OJbZX3OtY3pviLjuA1aLT%2Bhh5we%2BXiyF8a2iQMtivo4%2BPM3pLlduJZKg%2BRAWFHv%2FcKPDpnvH3kAdVaocIj67FRvl6%2BEraWzUMrM9dfkVqTCWGkwkI1PjtICgZYOeRoHhdvYiG4LB0WSFA7KaMHtDR6Vb1s%2BBh66EI68E1o2a23jsmYicI%2BbUmapwZocV0gyl82SAiJA5YQWJtbFhGK%2F4PAmJz8PU1U6mEc%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>bornholmstraffiken.se is on 103.224.212.187<br>ASN for 103.224.212.187: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.187 corresponds with lb-212-187.above.com<br>Abuse.net does not have any reliable address for lb-212-187.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-187.above.com1499173248http://knaser.nu/ (103.224.182.249) - Serp-hijackingAttacked url: http://knaser.nu/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 04 Jul 2017 00:14:47 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoTyhEAxOsUZ48LA6FrUCOWOla8cSfE5qdGZjyOS4Lro1MqrXvmYi3ln2z%2BiMJ%2FEOCwGovaX4ECa8ILPb6kXf77I7qKPXXiMidmyrKoDE2GcwJWrzssS1%2BbSLZbhP6OSxVqrRkdXitCTQVq4VBxJEPQTz5Voh8Gl7oGudRp%2Bzuv%2B6v4HXuATnRVHQDAnzT2vtG6AmIxfHTL5DqnkdNShoSzrBFLPdUzgNhseNhid%2FyQ%2FBZENUClagSIZrE1SxviTXbYcmsb3ZySWs0M9Ex7rTrdlZGCpFuV1rClNKrozbPCz6TURBUVIG7ecZ47Jgr1p8FlDzdlfjfyIm20c0rC6ZWdobcK2%2BdAfcXMutnd0yLiLj9YBmuN47dfsBY6NjP%2B%2FBsd45ODDCpV1azQOQnEsSULkY5xlR6flZc%2BaoWKRUs0zR7kcMZFpKv3a0kq3XzwIFZbIjoLsSpuvP1CJsGePe94S1FK40flJkMVsW%2BYnRCfKLbRRd4ClezkxTaJVpE84dNGOIz%2FZkFCbIGaeYdsw6YcUQ%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: knaser.nu <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 03 Jul 2017 22:14:52 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499120092.5188312; expires=Thu, 01-Jul-2027 22:14:52 GMT; Max-Age=315360000 <br>Location: http://ww11.knaser.nu/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: knaser.nu <br>Referer: http://www.google.com/search?q=knaser.nu <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 03 Jul 2017 22:14:51 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499120091.8875415; expires=Thu, 01-Jul-2027 22:14:51 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoTyhEAxOsUZ48LA6FrUCOWOla8cSfE5qdGZjyOS4Lro1MqrXvmYi3ln2z%2BiMJ%2FEOCwGovaX4ECa8ILPb6kXf77I7qKPXXiMidmyrKoDE2GcwJWrzssS1%2BbSLZbhP6OSxVqrRkdXitCTQVq4VBxJEPQTz5Voh8Gl7oGudRp%2Bzuv%2B6v4HXuATnRVHQDAnzT2vtG6AmIxfHTL5DqnkdNShoSzrBFLPdUzgNhseNhid%2FyQ%2FBZENUClagSIZrE1SxviTXbYcmsb3ZySWs0M9Ex7rTrdlZGCpFuV1rClNKrozbPCz6TURBUVIG7ecZ47Jgr1p8FlDzdlfjfyIm20c0rC6ZWdobcK2%2BdAfcXMutnd0yLiLj9YBmuN47dfsBY6NjP%2B%2FBsd45ODDCpV1azQOQnEsSULkY5xlR6flZc%2BaoWKRUs0zR7kcMZFpKv3a0kq3XzwIFZbIjoLsSpuvP1CJsGePe94S1FK40flJkMVsW%2BYnRCfKLbRRd4ClezkxTaJVpE84dNGOIz%2FZkFCbIGaeYdsw6YcUQ%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>knaser.nu is on 103.224.182.249<br>ASN for 103.224.182.249: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.182.249 corresponds with lb-182-249.above.com<br>Abuse.net does not have any reliable address for lb-182-249.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-182-249.above.com abuse@above.com1499173243http://sgarmaturen.se/ (103.224.212.184) - Serp-hijackingAttacked url: http://sgarmaturen.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 03 Jul 2017 21:43:13 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoTyhEAxOsUZ48hmuKzYNSATKSvvvnXuBRLsjT4RKHPtBBpDMnUAONFI6V736WlC0kcUwmUbfg2xABafHKOPZBJ5k93NpRN%2B1DFjMhoPtPwGN3oC3ZUMdwCKMyGKnh2zBwMpP2BmBnPKNaaaWE%2Fqivx33vwchJYK43rDBLeH6pMp3nh2suXP9anLWfPWxhAYo97KKPleq%2FnYNrdmeKeVvV%2FMXZD3%2F7sdHstQ%2BFVNmYsS2zkzwA0wj1yt1%2FiZ9t8BEIq%2BgC56o7CbcQbxzh9XwpeF8eEK%2Bl5hOskTQmgYiqFcpUf7APo8rESnIiWWq0OapWxLkWjKkv3qf956XneaKV4lyLtc1Ucj5pExHuZPpWTKTDmlClpWnh%2FUUIzh7rgFlYEhShyc%2FsaRIBKUwSBUtNJn0mAmd8WJzVmhMcxyhszvTxgegoUkrwENpStgfaOchcq6jnNzl23eQzqXbcWKBIWEK%2BEx1b%2BEyoMuoaKItSxaoaQfTPnimeqKzq97PdihvRyAOaWeDjk0LJabMpczjVcigzqY8wdnA3IQ%3D%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: sgarmaturen.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 03 Jul 2017 19:43:18 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499110998.4637565; expires=Thu, 01-Jul-2027 19:43:18 GMT; Max-Age=315360000 <br>Location: http://ww38.sgarmaturen.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: sgarmaturen.se <br>Referer: http://www.google.com/search?q=sgarmaturen.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 03 Jul 2017 19:43:17 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499110997.3410239; expires=Thu, 01-Jul-2027 19:43:17 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoTyhEAxOsUZ48hmuKzYNSATKSvvvnXuBRLsjT4RKHPtBBpDMnUAONFI6V736WlC0kcUwmUbfg2xABafHKOPZBJ5k93NpRN%2B1DFjMhoPtPwGN3oC3ZUMdwCKMyGKnh2zBwMpP2BmBnPKNaaaWE%2Fqivx33vwchJYK43rDBLeH6pMp3nh2suXP9anLWfPWxhAYo97KKPleq%2FnYNrdmeKeVvV%2FMXZD3%2F7sdHstQ%2BFVNmYsS2zkzwA0wj1yt1%2FiZ9t8BEIq%2BgC56o7CbcQbxzh9XwpeF8eEK%2Bl5hOskTQmgYiqFcpUf7APo8rESnIiWWq0OapWxLkWjKkv3qf956XneaKV4lyLtc1Ucj5pExHuZPpWTKTDmlClpWnh%2FUUIzh7rgFlYEhShyc%2FsaRIBKUwSBUtNJn0mAmd8WJzVmhMcxyhszvTxgegoUkrwENpStgfaOchcq6jnNzl23eQzqXbcWKBIWEK%2BEx1b%2BEyoMuoaKItSxaoaQfTPnimeqKzq97PdihvRyAOaWeDjk0LJabMpczjVcigzqY8wdnA3IQ%3D%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>sgarmaturen.se is on 103.224.212.184<br>ASN for 103.224.212.184: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.184 corresponds with lb-212-184.above.com<br>Abuse.net does not have any reliable address for lb-212-184.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-212-184.above.com abuse@above.com1499173200http://piahinterior.se/ (103.224.212.193) - Serp-hijackingAttacked url: http://piahinterior.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 03 Jul 2017 20:18:40 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoTyhEAxOsUZ48eJI6rHuJVX2wK9Ez5qHpojzEeQwZRQ1SUMqmcYtk%2BN%2F%2FpNXzzFM3lQurfV3hroFvufNG8J9gsH7YbU9wctgL8AlwxQHti0GfERJt8ehrtKV484E9rTJqsce4boXo1b627FtUbFhh1GfyrNX8P%2BQyiBIT%2FoKr4nwfx%2FxkeXC8J8%2BdnzEAy%2FRVF%2FYhAtqcree9OYShsqiFPH1en%2BH1JycaIXtvWCh%2BiROLoTqRJ2J%2B1XlykScinWdpQTLYHSlgNFMYcnJMfkuHmOkzn%2FzrdWwhsA1XCiBW0WCFKRTj3PItdCDBBVO%2BLeXB1e0hp1eCKJScWZG0l9sn7L%2F7SVqd0DMVJa68Sh4k3dc%2BKabt9F53Eo7bK6MMaSN5TMBJcymz%2FkSfvCgvnVLBTQwaCE8NLW9%2BiIovzMziy47LReeoZhuJjOT9IOllZEFGTxfp5aFPGeYDELVKcDbEjddXQ5dc9psbZr2yIA4GQd8W2e5ptV%2BFTxj5EaFtzkcqIWdL2888TLBRNc8F20wK3qM2c2QpFXk4tGjRmLUO4fbF <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: piahinterior.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 03 Jul 2017 18:18:45 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499105925.1650963; expires=Thu, 01-Jul-2027 18:18:45 GMT; Max-Age=315360000 <br>Location: http://ww11.piahinterior.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: piahinterior.se <br>Referer: http://www.google.com/search?q=piahinterior.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 03 Jul 2017 18:18:44 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499105924.2286682; expires=Thu, 01-Jul-2027 18:18:44 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoTyhEAxOsUZ48eJI6rHuJVX2wK9Ez5qHpojzEeQwZRQ1SUMqmcYtk%2BN%2F%2FpNXzzFM3lQurfV3hroFvufNG8J9gsH7YbU9wctgL8AlwxQHti0GfERJt8ehrtKV484E9rTJqsce4boXo1b627FtUbFhh1GfyrNX8P%2BQyiBIT%2FoKr4nwfx%2FxkeXC8J8%2BdnzEAy%2FRVF%2FYhAtqcree9OYShsqiFPH1en%2BH1JycaIXtvWCh%2BiROLoTqRJ2J%2B1XlykScinWdpQTLYHSlgNFMYcnJMfkuHmOkzn%2FzrdWwhsA1XCiBW0WCFKRTj3PItdCDBBVO%2BLeXB1e0hp1eCKJScWZG0l9sn7L%2F7SVqd0DMVJa68Sh4k3dc%2BKabt9F53Eo7bK6MMaSN5TMBJcymz%2FkSfvCgvnVLBTQwaCE8NLW9%2BiIovzMziy47LReeoZhuJjOT9IOllZEFGTxfp5aFPGeYDELVKcDbEjddXQ5dc9psbZr2yIA4GQd8W2e5ptV%2BFTxj5EaFtzkcqIWdL2888TLBRNc8F20wK3qM2c2QpFXk4tGjRmLUO4fbF <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>piahinterior.se is on 103.224.212.193<br>ASN for 103.224.212.193: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.193 corresponds with lb-212-193.above.com<br>Abuse.net does not have any reliable address for lb-212-193.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-212-193.above.com abuse@above.com1499173195http://custommer.se/ (103.224.212.191) - Serp-hijackingAttacked url: http://custommer.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 03 Jul 2017 18:51:00 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoTyhEAxOsUZ48jnAil%2FS%2Bb0QRe%2BBKJ6XYWIWatPWtIIjcH5A95EAlO0r5Z%2FSqhwsQAPpSrlWjQ%2FIr40draH%2FRe09xw0aRTqJogUQyzS%2Bf3JAw0f8JUKZw4OISTA5Rf1ZrgUNb5X872DOV8PJXnvDjiC6s4XTN7dJSG4sJKbTUgj8Nx15XfMUU9vXPg2wvOXAkpiw4BqIoyebEl8fePbQTlvceHPmpIDOYGBfTQj2Q934%2FE4FmpGBIvsiQY5LyHfSJ3lAm5O%2FyQRlCfrROb84%2FABam346SdMnkucv85nWSE7VBz4PMsSTSVEuCTg6%2BPBapw5vpDpwQrBxpQi9ttu%2Be7fjGCJnWAWIMeVUWQLdVXw%2Bwl0p16ee55Pj%2B4KcEoHfBPNnoIn9X%2FgXGMKjJKx8H4jb8Sc5D12F8v%2BfFLUSMRY94kLvaiTDFJ4phtJhN5O8CDYzopLeIXn7FPbsm72%2BezGhs1NtD3HfUAOQLf861rEc1NDiC6NdDmZJpuwkThhIorEFQglIM4hnuedd156YEmcMO%2FU3FtiEXnA%3D%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: custommer.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 03 Jul 2017 16:51:05 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499100665.2018792; expires=Thu, 01-Jul-2027 16:51:05 GMT; Max-Age=315360000 <br>Location: http://ww38.custommer.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: custommer.se <br>Referer: http://www.google.com/search?q=custommer.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 03 Jul 2017 16:51:04 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499100664.3456945; expires=Thu, 01-Jul-2027 16:51:04 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoTyhEAxOsUZ48jnAil%2FS%2Bb0QRe%2BBKJ6XYWIWatPWtIIjcH5A95EAlO0r5Z%2FSqhwsQAPpSrlWjQ%2FIr40draH%2FRe09xw0aRTqJogUQyzS%2Bf3JAw0f8JUKZw4OISTA5Rf1ZrgUNb5X872DOV8PJXnvDjiC6s4XTN7dJSG4sJKbTUgj8Nx15XfMUU9vXPg2wvOXAkpiw4BqIoyebEl8fePbQTlvceHPmpIDOYGBfTQj2Q934%2FE4FmpGBIvsiQY5LyHfSJ3lAm5O%2FyQRlCfrROb84%2FABam346SdMnkucv85nWSE7VBz4PMsSTSVEuCTg6%2BPBapw5vpDpwQrBxpQi9ttu%2Be7fjGCJnWAWIMeVUWQLdVXw%2Bwl0p16ee55Pj%2B4KcEoHfBPNnoIn9X%2FgXGMKjJKx8H4jb8Sc5D12F8v%2BfFLUSMRY94kLvaiTDFJ4phtJhN5O8CDYzopLeIXn7FPbsm72%2BezGhs1NtD3HfUAOQLf861rEc1NDiC6NdDmZJpuwkThhIorEFQglIM4hnuedd156YEmcMO%2FU3FtiEXnA%3D%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>custommer.se is on 103.224.212.191<br>ASN for 103.224.212.191: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.191 corresponds with lb-212-191.above.com<br>Abuse.net does not have any reliable address for lb-212-191.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-212-191.above.com abuse@above.com1499173185http://sekai.nu/ (103.224.182.249) - Serp-hijackingAttacked url: http://sekai.nu/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 03 Jul 2017 17:53:35 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoTyhEAxOsUZ482nD8nVHIqHHq4UuPObwuA02zE1TIjKyvjvzvwCjLZRlzOiTiE1abu4iUQGTRh9xdAH86pEQakdzXshUJlh9ecQnynP5nALLYLGIOabD8gdV%2B51Th5mZd6%2FC5YxU2lZWaF9QNXsRgYTtsW3gz36CdoKKaKaB9x%2BOiDJzwOzBXnlcRv2LpRHAcTYE67QonaxnPhLlx%2F1lNxkG869hruqJrt9L0fF6kv8L38deIh3k352bHIlhUQNVzBvsjqfRM6ahVPlJGNTl2Y0kIiHHXcRDgvxCwW9PvznwiStDiXP3PAup9jaqEzp7XxlyDhdqmU4YIfoSzQHTiyuCOf7B56az36nN0LBCA0666VWh4lG%2FjYpk84b6d5vpPSc5gu9hMSA7CjpF3KxpsjFxW8PuZ0vniXM0eI7bihJ70j1jx6OQWthqGGn0L2Id9LXqo7h7UpFNKR6vwDv6j2Eg5ksWoWky2G%2BjEjvAbAKtByGII5RS%2FvvHd1DnDvkHv9MMdGuUQQiNm <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: sekai.nu <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 03 Jul 2017 15:53:35 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499097215.3217619; expires=Thu, 01-Jul-2027 15:53:35 GMT; Max-Age=315360000 <br>Location: http://ww11.sekai.nu/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: sekai.nu <br>Referer: http://www.google.com/search?q=sekai.nu <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 03 Jul 2017 15:53:34 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499097215.3633069; expires=Thu, 01-Jul-2027 15:53:35 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoTyhEAxOsUZ482nD8nVHIqHHq4UuPObwuA02zE1TIjKyvjvzvwCjLZRlzOiTiE1abu4iUQGTRh9xdAH86pEQakdzXshUJlh9ecQnynP5nALLYLGIOabD8gdV%2B51Th5mZd6%2FC5YxU2lZWaF9QNXsRgYTtsW3gz36CdoKKaKaB9x%2BOiDJzwOzBXnlcRv2LpRHAcTYE67QonaxnPhLlx%2F1lNxkG869hruqJrt9L0fF6kv8L38deIh3k352bHIlhUQNVzBvsjqfRM6ahVPlJGNTl2Y0kIiHHXcRDgvxCwW9PvznwiStDiXP3PAup9jaqEzp7XxlyDhdqmU4YIfoSzQHTiyuCOf7B56az36nN0LBCA0666VWh4lG%2FjYpk84b6d5vpPSc5gu9hMSA7CjpF3KxpsjFxW8PuZ0vniXM0eI7bihJ70j1jx6OQWthqGGn0L2Id9LXqo7h7UpFNKR6vwDv6j2Eg5ksWoWky2G%2BjEjvAbAKtByGII5RS%2FvvHd1DnDvkHv9MMdGuUQQiNm <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>sekai.nu is on 103.224.182.249<br>ASN for 103.224.182.249: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.182.249 corresponds with lb-182-249.above.com<br>Abuse.net does not have any reliable address for lb-182-249.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-182-249.above.com1499173157http://cudata.se/ (103.224.212.186) - Serp-hijackingAttacked url: http://cudata.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 03 Jul 2017 14:39:36 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT4H%2FTForGCHA0qB5yLgcQSXAIJD1Dow3bbJ5E%2Bk7YIQSnTFWY8rTE3xNbxPsQXhohRHzgn8qJodAioheWacgICQt25vWfFvPy0FbI1%2FixvSV1E845OLRYSdWB%2FNlkW3NMt%2FfD75z3khOhQCF75VviBEjRScwBDvteQnXCx2WZEuaUY%2F%2BhGTaD%2FBK%2BIkOctPEOui99i9KzmjKHsaHBIdqvHTNlBhBRD2dLBmsBrFfM7WawQvLF9fh3jtCUQcpey531yZ11LVc07xqWb%2B5rjnNMRKPHWZ9gpAPwgAXV8G%2FQj3WPPEvX76qnqoa4CiKTiSkl5YJofa3cvfgdHWa8tFaHXBuePZHq9g82V8zDtOYxHxYKzVbzMquBwzdoHw%2BDo8W5wqeVVaXQB%2ByOra6oYiod7bcmapembD9Portak1ebNxZIirOmqRI7xOk9dAhacP7O3c28TjYAmBrzzhiNvBNnj1q1LNlIiS3H%2B7AW1%2FPv5kaWjMdbGi1VV54r%2B9Bcm5YDe%2BugaD7j8TAGdYUKLv8WGY%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: cudata.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 03 Jul 2017 12:39:41 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499085581.6260214; expires=Thu, 01-Jul-2027 12:39:41 GMT; Max-Age=315360000 <br>Location: http://ww11.cudata.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: cudata.se <br>Referer: http://www.google.com/search?q=cudata.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 03 Jul 2017 12:39:40 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499085580.6321875; expires=Thu, 01-Jul-2027 12:39:40 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT4H%2FTForGCHA0qB5yLgcQSXAIJD1Dow3bbJ5E%2Bk7YIQSnTFWY8rTE3xNbxPsQXhohRHzgn8qJodAioheWacgICQt25vWfFvPy0FbI1%2FixvSV1E845OLRYSdWB%2FNlkW3NMt%2FfD75z3khOhQCF75VviBEjRScwBDvteQnXCx2WZEuaUY%2F%2BhGTaD%2FBK%2BIkOctPEOui99i9KzmjKHsaHBIdqvHTNlBhBRD2dLBmsBrFfM7WawQvLF9fh3jtCUQcpey531yZ11LVc07xqWb%2B5rjnNMRKPHWZ9gpAPwgAXV8G%2FQj3WPPEvX76qnqoa4CiKTiSkl5YJofa3cvfgdHWa8tFaHXBuePZHq9g82V8zDtOYxHxYKzVbzMquBwzdoHw%2BDo8W5wqeVVaXQB%2ByOra6oYiod7bcmapembD9Portak1ebNxZIirOmqRI7xOk9dAhacP7O3c28TjYAmBrzzhiNvBNnj1q1LNlIiS3H%2B7AW1%2FPv5kaWjMdbGi1VV54r%2B9Bcm5YDe%2BugaD7j8TAGdYUKLv8WGY%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>cudata.se is on 103.224.212.186<br>ASN for 103.224.212.186: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.186 corresponds with lb-212-186.above.com<br>Abuse.net does not have any reliable address for lb-212-186.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-186.above.com1499087743http://bjornekullawhisky.se/ (103.224.212.192) - Serp-hijackingAttacked url: http://bjornekullawhisky.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 03 Jul 2017 14:08:16 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT4H%2FTForGCHATS8z02ylW51vCQA1oheQI9i6Y4Mz1MhOczl7ziYU5HvbmPU7FmD0zKVkpVzeC6n54QEQdfRpiCNdnUvp64hsNZGNeQVMCqHwdtWh%2B0l6DqBg9TCffei%2BaRoGN8v7bVDyN8NJ%2FAT8p5QSdDj9Ij%2B8hB631urpPwGqeEvOzj7qUFaRFDGQqwBtGm5iNVqHyTizqUlCmu6CPIij7SDnTYODEzyag5%2B5nGWbJS8JBE31rAREm4%2Bc837SgGePUB7rDLdVmO409ESJLVvgoRcxIRsqDVAxJOLiSgpfm04y7S2%2BtYpd8RkU6%2BkHrOfCvxji%2F%2BS5edjPp2Tl22h15Ompv5yX2ApDbzjUL0r%2FLofV%2BeLxWdV4IK8hCrvvUx5SIR2JFeayo3xjsCpAaFOcqeZwyur1RQGg5O3Wyxf%2FIDVfoIp8DCqyBFx1o9xSPW%2FW1pWjRGxsZwCcUaefAzXYzs5MrhAM%2BStXsfDvx5fLNE3GRWsKIxAocoO1GR8%2BFVfs0nbyfNlN3JcK9jdjTlh%2F5EKXNO8d7y8ndtv9Z5kGb2rcK87kCI8%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: bjornekullawhisky.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 03 Jul 2017 12:08:16 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499083696.5562252; expires=Thu, 01-Jul-2027 12:08:16 GMT; Max-Age=315360000 <br>Location: http://ww11.bjornekullawhisky.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: bjornekullawhisky.se <br>Referer: http://www.google.com/search?q=bjornekullawhisky.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 03 Jul 2017 12:08:15 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499083695.5132069; expires=Thu, 01-Jul-2027 12:08:15 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT4H%2FTForGCHATS8z02ylW51vCQA1oheQI9i6Y4Mz1MhOczl7ziYU5HvbmPU7FmD0zKVkpVzeC6n54QEQdfRpiCNdnUvp64hsNZGNeQVMCqHwdtWh%2B0l6DqBg9TCffei%2BaRoGN8v7bVDyN8NJ%2FAT8p5QSdDj9Ij%2B8hB631urpPwGqeEvOzj7qUFaRFDGQqwBtGm5iNVqHyTizqUlCmu6CPIij7SDnTYODEzyag5%2B5nGWbJS8JBE31rAREm4%2Bc837SgGePUB7rDLdVmO409ESJLVvgoRcxIRsqDVAxJOLiSgpfm04y7S2%2BtYpd8RkU6%2BkHrOfCvxji%2F%2BS5edjPp2Tl22h15Ompv5yX2ApDbzjUL0r%2FLofV%2BeLxWdV4IK8hCrvvUx5SIR2JFeayo3xjsCpAaFOcqeZwyur1RQGg5O3Wyxf%2FIDVfoIp8DCqyBFx1o9xSPW%2FW1pWjRGxsZwCcUaefAzXYzs5MrhAM%2BStXsfDvx5fLNE3GRWsKIxAocoO1GR8%2BFVfs0nbyfNlN3JcK9jdjTlh%2F5EKXNO8d7y8ndtv9Z5kGb2rcK87kCI8%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>bjornekullawhisky.se is on 103.224.212.192<br>ASN for 103.224.212.192: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.192 corresponds with lb-212-192.above.com<br>Abuse.net does not have any reliable address for lb-212-192.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-212-192.above.com abuse@above.com1499087736http://letta.se/ (103.224.212.197) - Serp-hijackingAttacked url: http://letta.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 03 Jul 2017 13:09:54 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT4H%2FTForGCHA3zQZdGZuO%2Fib0dRlNnsEjQBelTuKX%2FEXi2c4dowCqanCihZBJWK1IKsfAQnpo4WSMWztkOH3%2BnB2PUAJi5t5EotsWZtamJ5rlp5WvcbslVqZ4%2Br%2Fy1uOrMYOl%2F7%2Fh1If2lpYqRrxrYydzmvtVicD7m0QNCxH6Tslxm4JX4H7EU%2BS6AKqze80iENH1YRr3veXkSulx3%2BFY52nx%2BGq0f0FD6JZec9crXDJvx79YHrKc%2BCjcGO1J3%2F11tYVdbOB7VchuiRDoWr%2FNhkJThCrjL5mT2033tzi4KqUrlzcCuAYtyCXqgu%2B%2F9kRHyW5W6boIMYg2y0ewPfbisdWbdy4CiduXjBwvwsxtV8lUu45i6W8hnCKDtLEEWladC8dxtU7tXyY34Bk%2FUyDEbvFuEplLcx9begAULstmH1u%2BfDJTfnCDs3K7scmrzACB9STwAkRmIOWqXlb9bE2HNNNU053KT%2FY%2FjDehCYg%2Fd%2Fk4LFEUACt1874xI7EHaNcJPAvU0FxYJJX <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: letta.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 03 Jul 2017 11:09:59 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499080199.7822184; expires=Thu, 01-Jul-2027 11:09:59 GMT; Max-Age=315360000 <br>Location: http://ww11.letta.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: letta.se <br>Referer: http://www.google.com/search?q=letta.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 03 Jul 2017 11:09:58 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499080198.3636473; expires=Thu, 01-Jul-2027 11:09:58 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT4H%2FTForGCHA3zQZdGZuO%2Fib0dRlNnsEjQBelTuKX%2FEXi2c4dowCqanCihZBJWK1IKsfAQnpo4WSMWztkOH3%2BnB2PUAJi5t5EotsWZtamJ5rlp5WvcbslVqZ4%2Br%2Fy1uOrMYOl%2F7%2Fh1If2lpYqRrxrYydzmvtVicD7m0QNCxH6Tslxm4JX4H7EU%2BS6AKqze80iENH1YRr3veXkSulx3%2BFY52nx%2BGq0f0FD6JZec9crXDJvx79YHrKc%2BCjcGO1J3%2F11tYVdbOB7VchuiRDoWr%2FNhkJThCrjL5mT2033tzi4KqUrlzcCuAYtyCXqgu%2B%2F9kRHyW5W6boIMYg2y0ewPfbisdWbdy4CiduXjBwvwsxtV8lUu45i6W8hnCKDtLEEWladC8dxtU7tXyY34Bk%2FUyDEbvFuEplLcx9begAULstmH1u%2BfDJTfnCDs3K7scmrzACB9STwAkRmIOWqXlb9bE2HNNNU053KT%2FY%2FjDehCYg%2Fd%2Fk4LFEUACt1874xI7EHaNcJPAvU0FxYJJX <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>letta.se is on 103.224.212.197<br>ASN for 103.224.212.197: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.197 corresponds with lb-212-197.above.com<br>Abuse.net does not have any reliable address for lb-212-197.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-197.above.com1499087732http://shpilka.nu/ (103.224.182.249) - Serp-hijackingAttacked url: http://shpilka.nu/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 03 Jul 2017 11:40:28 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT4H%2FTForGCHASivPljoKCpHSJX2G9FYwhKC842rHgEuFBegrZJiacPXPVm35WBl5WGZXWDWqfoGDhRISVrh2%2FoV18l15hugoznCHovR9Bsl5NYNm3pmg066eMB4LHZBUVzzH2s%2BjhhPkFyRBXk1yswh22WqcvXqPfnzpnKg%2BW4N0vRVwKg5J3CAEP8WIRhg8z46tkWboEOrHB4kHoSwbcR5Hyc6uYsvV8DTxt013j17utW179PJfJ3cM4kbl8QeDd9PW8acxnIgp84J54ada09lihXhs1ZRNtCTATv8QTVmFGlLTsmD9LJVOxpTnubwYGvgkVY8rAj4Kdj0RLCEDrhMbI5PqT7Wfnkcc4DWUsAk44%2FNjXJ6qyHF3KR325SOOZvnq0F9RlR4TFHXAyrruZVYaPcX9wIzDzGctHMP8Ssz5TeLS5UbmvR1b30xGDqWHhfEoJeviBytmYUZR8D1XGGEp%2FZVi%2Bp6Eo1rNyk3lxl0ED6HGnKxKzHjKpAdkLUpeMtWKeRr1a6NA <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: shpilka.nu <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 03 Jul 2017 09:40:33 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499074833.4675662; expires=Thu, 01-Jul-2027 09:40:33 GMT; Max-Age=315360000 <br>Location: http://ww1.shpilka.nu/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: shpilka.nu <br>Referer: http://www.google.com/search?q=shpilka.nu <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 03 Jul 2017 09:40:32 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499074832.4433155; expires=Thu, 01-Jul-2027 09:40:32 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT4H%2FTForGCHASivPljoKCpHSJX2G9FYwhKC842rHgEuFBegrZJiacPXPVm35WBl5WGZXWDWqfoGDhRISVrh2%2FoV18l15hugoznCHovR9Bsl5NYNm3pmg066eMB4LHZBUVzzH2s%2BjhhPkFyRBXk1yswh22WqcvXqPfnzpnKg%2BW4N0vRVwKg5J3CAEP8WIRhg8z46tkWboEOrHB4kHoSwbcR5Hyc6uYsvV8DTxt013j17utW179PJfJ3cM4kbl8QeDd9PW8acxnIgp84J54ada09lihXhs1ZRNtCTATv8QTVmFGlLTsmD9LJVOxpTnubwYGvgkVY8rAj4Kdj0RLCEDrhMbI5PqT7Wfnkcc4DWUsAk44%2FNjXJ6qyHF3KR325SOOZvnq0F9RlR4TFHXAyrruZVYaPcX9wIzDzGctHMP8Ssz5TeLS5UbmvR1b30xGDqWHhfEoJeviBytmYUZR8D1XGGEp%2FZVi%2Bp6Eo1rNyk3lxl0ED6HGnKxKzHjKpAdkLUpeMtWKeRr1a6NA <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>shpilka.nu is on 103.224.182.249<br>ASN for 103.224.182.249: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.182.249 corresponds with lb-182-249.above.com<br>Abuse.net does not have any reliable address for lb-182-249.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-182-249.above.com abuse@above.com1499087730http://pitratebay.se/ (103.224.212.197) - Serp-hijackingAttacked url: http://pitratebay.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 03 Jul 2017 09:48:15 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT4H%2FTForGCHAqUXvHsEtqY5HIbPcISZvOk8me9JRJ3HVqqrDq4jk0Xz2tObcBWu5ps%2F%2FeJn4OEKOS5DU2S7LL9xJm61G2NgWDW%2Bo4edRlwfsGBqZWMDDk3b7hI8LEuoFslC0kuCISZUm6KZc2dgpcYe%2BzjSVsdy8H%2BKSKRV3uHxy7rV8EhuM3flVanyu6rlLtDh%2FPoOdhYbraevBY3Ktgori%2BMJR89lwJ9ZxOx1o%2FGXvtMKrLZwa2d2nIlTtWU%2BJTQWf9GfQZuIqno36V6pyJk%2FggnkiLtG7huupJ8MECB7jULm%2ByMjcLS8jJweSrIn0vFL6J8nMdQMRKseN5yLkUDMzJrHcxiWtJFC32WwcI38mtA5A7vhM49VjdYzJ8LTKMfCYVBiKQxb7RMKFzMr%2Bf17efBK1K0WzVoeKmN%2FMWb%2BX%2F10%2BWplG70QyRUPWZ1MxYHe6GIxSW8hI2lMSqZOBqsnfQ7vsWy7eQplZY0aZYd5he3Kado%2FpVliw6zxMf64GJu0HrjGC02%2FU9kzGUGs%2B852EnzdyfOqmxPuS%2F1lbBigYOEpYzJQUfs8%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: pitratebay.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 03 Jul 2017 07:48:20 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499068100.5587337; expires=Thu, 01-Jul-2027 07:48:20 GMT; Max-Age=315360000 <br>Location: http://ww38.pitratebay.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: pitratebay.se <br>Referer: http://www.google.com/search?q=pitratebay.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 03 Jul 2017 07:48:19 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499068099.3479449; expires=Thu, 01-Jul-2027 07:48:19 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT4H%2FTForGCHAqUXvHsEtqY5HIbPcISZvOk8me9JRJ3HVqqrDq4jk0Xz2tObcBWu5ps%2F%2FeJn4OEKOS5DU2S7LL9xJm61G2NgWDW%2Bo4edRlwfsGBqZWMDDk3b7hI8LEuoFslC0kuCISZUm6KZc2dgpcYe%2BzjSVsdy8H%2BKSKRV3uHxy7rV8EhuM3flVanyu6rlLtDh%2FPoOdhYbraevBY3Ktgori%2BMJR89lwJ9ZxOx1o%2FGXvtMKrLZwa2d2nIlTtWU%2BJTQWf9GfQZuIqno36V6pyJk%2FggnkiLtG7huupJ8MECB7jULm%2ByMjcLS8jJweSrIn0vFL6J8nMdQMRKseN5yLkUDMzJrHcxiWtJFC32WwcI38mtA5A7vhM49VjdYzJ8LTKMfCYVBiKQxb7RMKFzMr%2Bf17efBK1K0WzVoeKmN%2FMWb%2BX%2F10%2BWplG70QyRUPWZ1MxYHe6GIxSW8hI2lMSqZOBqsnfQ7vsWy7eQplZY0aZYd5he3Kado%2FpVliw6zxMf64GJu0HrjGC02%2FU9kzGUGs%2B852EnzdyfOqmxPuS%2F1lbBigYOEpYzJQUfs8%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>pitratebay.se is on 103.224.212.197<br>ASN for 103.224.212.197: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.197 corresponds with lb-212-197.above.com<br>Abuse.net does not have any reliable address for lb-212-197.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-212-197.above.com abuse@above.com1499087720http://redaktionnord.se/ (103.224.212.186) - Serp-hijackingAttacked url: http://redaktionnord.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 03 Jul 2017 07:24:56 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT4H%2FTForGCHA4zX1k6rqUwaJumro7joGH70R7BRZE7g6NvxxWKF8RUj37XX04QEJHn89gVrb%2Fvi%2FL9yXSrtIFUIt7FlnxnvdE%2Bz%2Bf2UsBRCLTCFnNpqzcD6jQ8ntMZ91PviuX%2FM2mC%2BS9Or9LMOILlvX8Llt9WyHrRU3YMnh1O3ccM9Zd%2FzLhQcCJBAea8ZrmlAPioqLpGe5IJzdKwY%2FBw%2B0lC9DFviKqI2QdAodCY05SkNyWcE9CqquM4p0koS5U2c%2Bqaz76GDqi2EWSJ8ETy6KxWGXifCrnvxb1%2FV%2FDyRDbfY7luQ2ha2E9NMjBSpOL7ufQ1Cy2aT9qemTRXf3PyVRTv9T8f1urGQJOqnfpTwLeJoa%2FU53XekYNPI1vIKTx2k1aE%2BcxLvXQ8xELnNDBlizsZ0T3o0mZDTB6g7xPOIdqAp2BcCuuDZiCb6X%2BwjgTRf%2F3Vxk7h%2FaQWfL%2BQeSFhPruOYJUaKALt37OiWoGIxR3bubfpRhF4i6rC0wvIpKwHjtgrgLlEvMiw1k5O8LtzpPIcpOSft7tqkcKQjCQQ9qlfom5NgPiUY%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: redaktionnord.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 03 Jul 2017 05:24:56 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499059496.7458051; expires=Thu, 01-Jul-2027 05:24:56 GMT; Max-Age=315360000 <br>Location: http://ww11.redaktionnord.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: redaktionnord.se <br>Referer: http://www.google.com/search?q=redaktionnord.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 03 Jul 2017 05:24:55 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499059495.4219396; expires=Thu, 01-Jul-2027 05:24:55 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT4H%2FTForGCHA4zX1k6rqUwaJumro7joGH70R7BRZE7g6NvxxWKF8RUj37XX04QEJHn89gVrb%2Fvi%2FL9yXSrtIFUIt7FlnxnvdE%2Bz%2Bf2UsBRCLTCFnNpqzcD6jQ8ntMZ91PviuX%2FM2mC%2BS9Or9LMOILlvX8Llt9WyHrRU3YMnh1O3ccM9Zd%2FzLhQcCJBAea8ZrmlAPioqLpGe5IJzdKwY%2FBw%2B0lC9DFviKqI2QdAodCY05SkNyWcE9CqquM4p0koS5U2c%2Bqaz76GDqi2EWSJ8ETy6KxWGXifCrnvxb1%2FV%2FDyRDbfY7luQ2ha2E9NMjBSpOL7ufQ1Cy2aT9qemTRXf3PyVRTv9T8f1urGQJOqnfpTwLeJoa%2FU53XekYNPI1vIKTx2k1aE%2BcxLvXQ8xELnNDBlizsZ0T3o0mZDTB6g7xPOIdqAp2BcCuuDZiCb6X%2BwjgTRf%2F3Vxk7h%2FaQWfL%2BQeSFhPruOYJUaKALt37OiWoGIxR3bubfpRhF4i6rC0wvIpKwHjtgrgLlEvMiw1k5O8LtzpPIcpOSft7tqkcKQjCQQ9qlfom5NgPiUY%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>redaktionnord.se is on 103.224.212.186<br>ASN for 103.224.212.186: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.186 corresponds with lb-212-186.above.com<br>Abuse.net does not have any reliable address for lb-212-186.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-186.above.com1499087683http://abilar.se/ (103.224.212.195) - Serp-hijackingAttacked url: http://abilar.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 03 Jul 2017 06:02:30 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT4H%2FTForGCHADg%2B%2BmjD%2FTZgAiKRg9INwzxhSRRz0WCSDpoPKtxPCD3945x9dLcjoJoBVzcaWYsWD1%2BzvXsN%2F%2B8RykwKlIdm6P4tLvZazqEWhMsz1yfTf0n71V6pErOmUfhUkUnUyBEuaLyquyKpHEtI5j8PTS9kR7VJaDvpgFkLV50DRMjSqmmKU6Aiy5PDCF5QaPsTl%2B%2FJKfF1Z7Dj5MQ8cUZH1tR1dAtb11JxX8J%2FAk6zprkVxnTWp5SK7TglZGAXA4t5aqMRTeUMgsd4OEjEo412LIVyIYZhLO6yrx95Qd6E%2F4LDlVCY4eNLl61gZLfppaNG1QEWivTZO2%2FlMagJSFI5kDWDdvJcMtkV4Ho0vOszwo%2FOtxBYuDRDcssCrVVFWLlxigEYz%2Bc4ZZfJznsHhEDMsEm2SS0eJYltt5uFJ4BILdFrFWPCjN062Pnf%2FuDwjIjhrIUlin3gwC5KK5r2JFOC%2BypRQMdW%2Bp9eGJ4hZQipUBSuKu5k3LQp67UeINYgLGaNsut7XfBvW7wihdow%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: abilar.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 03 Jul 2017 04:02:35 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499054555.6408529; expires=Thu, 01-Jul-2027 04:02:35 GMT; Max-Age=315360000 <br>Location: http://ww11.abilar.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: abilar.se <br>Referer: http://www.google.com/search?q=abilar.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 03 Jul 2017 04:02:34 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499054554.5523102; expires=Thu, 01-Jul-2027 04:02:34 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT4H%2FTForGCHADg%2B%2BmjD%2FTZgAiKRg9INwzxhSRRz0WCSDpoPKtxPCD3945x9dLcjoJoBVzcaWYsWD1%2BzvXsN%2F%2B8RykwKlIdm6P4tLvZazqEWhMsz1yfTf0n71V6pErOmUfhUkUnUyBEuaLyquyKpHEtI5j8PTS9kR7VJaDvpgFkLV50DRMjSqmmKU6Aiy5PDCF5QaPsTl%2B%2FJKfF1Z7Dj5MQ8cUZH1tR1dAtb11JxX8J%2FAk6zprkVxnTWp5SK7TglZGAXA4t5aqMRTeUMgsd4OEjEo412LIVyIYZhLO6yrx95Qd6E%2F4LDlVCY4eNLl61gZLfppaNG1QEWivTZO2%2FlMagJSFI5kDWDdvJcMtkV4Ho0vOszwo%2FOtxBYuDRDcssCrVVFWLlxigEYz%2Bc4ZZfJznsHhEDMsEm2SS0eJYltt5uFJ4BILdFrFWPCjN062Pnf%2FuDwjIjhrIUlin3gwC5KK5r2JFOC%2BypRQMdW%2Bp9eGJ4hZQipUBSuKu5k3LQp67UeINYgLGaNsut7XfBvW7wihdow%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>abilar.se is on 103.224.212.195<br>ASN for 103.224.212.195: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.195 corresponds with lb-212-195.above.com<br>Abuse.net does not have any reliable address for lb-212-195.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-212-195.above.com abuse@above.com1499087681http://fritider.se/ (103.224.212.190) - Serp-hijackingAttacked url: http://fritider.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 03 Jul 2017 03:18:20 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT4H%2FTForGCHAW3NCrgQdGWACOm6jwIgoILdK5y0TY7thToaAkIrGAIoOxlL60y4x%2Fi4nqGSi%2Fo2wWcH1LA%2BZYPE4eFmAyd01STtLol%2FxBZj6pvlDOqmRa0frS91v4vmRFFdEmqnmLrgy6tJH1LVxWfSE9cqb2n8UV52t8K8CQndhX3lk7Z9D09%2BnIO0SRA7QNYOSIWc9sGBSTOm%2Bl1K6hB2TeSwFcVMnhzf1WB4SXndRSa3B5bHLd1jvT6ZKgEhcRh8NmV%2B9iHGK4Anww7PBIFO0WWn%2F2Nchl5BclowMqhctAYAmPHSIxlRHrWxNhKMA4bmmYm6NmecmggCRIh%2BAvyCD6GyVO76r7DieMGGEkfOtF0%2B5zQ7Kx4E3NCaJr6IA7vSqO9P%2F5VW0VbvrVLRe8nAsUpFAT9%2BpGxZry3%2Fd95OLw5cKhUy38QDhr5DPmJXyDqE46WglEl4aMrbt2jyFUmHfwlw6lBs5r%2BsZr2iE%2Fy1KRzSpPvHAYKR3QIS2kECSOeY4fJPw7lHrKG2bW0NLkU4%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: fritider.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 03 Jul 2017 01:18:25 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499044705.4753445; expires=Thu, 01-Jul-2027 01:18:25 GMT; Max-Age=315360000 <br>Location: http://ww38.fritider.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: fritider.se <br>Referer: http://www.google.com/search?q=fritider.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 03 Jul 2017 01:18:24 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499044704.5539206; expires=Thu, 01-Jul-2027 01:18:24 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT4H%2FTForGCHAW3NCrgQdGWACOm6jwIgoILdK5y0TY7thToaAkIrGAIoOxlL60y4x%2Fi4nqGSi%2Fo2wWcH1LA%2BZYPE4eFmAyd01STtLol%2FxBZj6pvlDOqmRa0frS91v4vmRFFdEmqnmLrgy6tJH1LVxWfSE9cqb2n8UV52t8K8CQndhX3lk7Z9D09%2BnIO0SRA7QNYOSIWc9sGBSTOm%2Bl1K6hB2TeSwFcVMnhzf1WB4SXndRSa3B5bHLd1jvT6ZKgEhcRh8NmV%2B9iHGK4Anww7PBIFO0WWn%2F2Nchl5BclowMqhctAYAmPHSIxlRHrWxNhKMA4bmmYm6NmecmggCRIh%2BAvyCD6GyVO76r7DieMGGEkfOtF0%2B5zQ7Kx4E3NCaJr6IA7vSqO9P%2F5VW0VbvrVLRe8nAsUpFAT9%2BpGxZry3%2Fd95OLw5cKhUy38QDhr5DPmJXyDqE46WglEl4aMrbt2jyFUmHfwlw6lBs5r%2BsZr2iE%2Fy1KRzSpPvHAYKR3QIS2kECSOeY4fJPw7lHrKG2bW0NLkU4%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>fritider.se is on 103.224.212.190<br>ASN for 103.224.212.190: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.190 corresponds with lb-212-190.above.com<br>Abuse.net does not have any reliable address for lb-212-190.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-190.above.com1499087674http://ftritidsresor.se/ (103.224.212.197) - Serp-hijackingAttacked url: http://ftritidsresor.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 03 Jul 2017 02:10:01 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT4H%2FTForGCHAeJJch%2BcYtfAf4ukrifCyL6HUWHqegQP7FiG5DQNi1bZZrmlk9l%2BfqCycmhHlB4HX9VXKq9%2BgpC9eikYqVHxBRevqdFmZHPNHLD9wp0U%2FjWqApv4%2F03l0bwvnZ%2B%2FU7IF3T8X2o5%2Bm%2FCoNB2dDzYJfbK0KxmIedFTPS%2F3uctpX21XiFWolsAQH48HPQ5L9lBGjTxGQcr62WfqPPKdyZMOlva9KWeWUz6xWuVwdrhV2HdhIbr%2BHbW0SCh0rfro%2FugNqo%2BE41UJ4%2B%2FmojvS0X%2F0N%2BuF5O775vHI%2FXue0ZwtL8A721qqTihkh%2B4HAHgGRoyY3nX3JloHLbDSznZmsfp9TWVMAgno%2BN4878JgXXlWIpQea3D1nka%2ByHh5nUfczLaOIqRyuLsElby08RfdHmVtpGHes1BNyyOy4lUGyXDbCYclT5cTtKXnQZkQsbmV9xElOGkfpj5YbQS711YG7VoN5buSplXAt6jq2yP7x%2BAXa%2FFZMczJQ50AOACrqLay4R7ykryR0h0sATt1583K1h%2F%2Fk6eN2wwdqWrmh <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: ftritidsresor.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 03 Jul 2017 00:10:06 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499040606.7555338; expires=Thu, 01-Jul-2027 00:10:06 GMT; Max-Age=315360000 <br>Location: http://ww11.ftritidsresor.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: ftritidsresor.se <br>Referer: http://www.google.com/search?q=ftritidsresor.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 03 Jul 2017 00:10:06 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499040606.5254938; expires=Thu, 01-Jul-2027 00:10:06 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT4H%2FTForGCHAeJJch%2BcYtfAf4ukrifCyL6HUWHqegQP7FiG5DQNi1bZZrmlk9l%2BfqCycmhHlB4HX9VXKq9%2BgpC9eikYqVHxBRevqdFmZHPNHLD9wp0U%2FjWqApv4%2F03l0bwvnZ%2B%2FU7IF3T8X2o5%2Bm%2FCoNB2dDzYJfbK0KxmIedFTPS%2F3uctpX21XiFWolsAQH48HPQ5L9lBGjTxGQcr62WfqPPKdyZMOlva9KWeWUz6xWuVwdrhV2HdhIbr%2BHbW0SCh0rfro%2FugNqo%2BE41UJ4%2B%2FmojvS0X%2F0N%2BuF5O775vHI%2FXue0ZwtL8A721qqTihkh%2B4HAHgGRoyY3nX3JloHLbDSznZmsfp9TWVMAgno%2BN4878JgXXlWIpQea3D1nka%2ByHh5nUfczLaOIqRyuLsElby08RfdHmVtpGHes1BNyyOy4lUGyXDbCYclT5cTtKXnQZkQsbmV9xElOGkfpj5YbQS711YG7VoN5buSplXAt6jq2yP7x%2BAXa%2FFZMczJQ50AOACrqLay4R7ykryR0h0sATt1583K1h%2F%2Fk6eN2wwdqWrmh <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>ftritidsresor.se is on 103.224.212.197<br>ASN for 103.224.212.197: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.197 corresponds with lb-212-197.above.com<br>Abuse.net does not have any reliable address for lb-212-197.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-212-197.above.com abuse@above.com1499087672http://llva.se/ (103.224.212.194) - Serp-hijackingAttacked url: http://llva.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 03 Jul 2017 01:40:06 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT4H%2FTForGCHAmsjaBWaDmp5yAMa20HrXYEo9ekQDQt0XEGEyEg5Tv8X9H2Oz3HOily8MhelFv1iIavN6pLC%2FZN%2By0qEtCm%2B50dDmb1vxy2knu0UbeyZPVBmuy44SbGd5bhy%2BJ7tbTu2YxSNQeikp6rxdq9v8qs8voDLxOQvHr5dh9by2ud1%2BsKjl%2FBvhm22FDwVgyOnuEQhRmvSsFFKnuMLvmcsqiuaplZ%2BAEoVpAqT1HrcKkwc282S6eWqk6b%2BeN7%2Bb%2BAA3pS0Alox7pvMgSX1mMj4fuflSXQn2JINOawzlwXufq0x%2FrvsM%2Fr3fvOgZ4s7aXoXsBqSENGd4O1YUe3gpw1AUA0zJnv7Lm9ebzQZ8R6QztCfgdaBPDP93GUC87au7jFv5rNWGaguQLVb1KORsb053T4apo8HdXdnAgWHBe3GG1Uw6GbbFLcVj%2BT0bzHLpGjo%2FBo9axXBDAEza9HbUdCUK7ZiNmPuZ%2F53h4vE4DdJFa%2FWYAUOmlL6B9UfpQw%3D%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: llva.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Sun, 02 Jul 2017 23:40:06 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499038806.5971687; expires=Wed, 30-Jun-2027 23:40:06 GMT; Max-Age=315360000 <br>Location: http://ww38.llva.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: llva.se <br>Referer: http://www.google.com/search?q=llva.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Sun, 02 Jul 2017 23:40:05 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499038805.7124159; expires=Wed, 30-Jun-2027 23:40:05 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT4H%2FTForGCHAmsjaBWaDmp5yAMa20HrXYEo9ekQDQt0XEGEyEg5Tv8X9H2Oz3HOily8MhelFv1iIavN6pLC%2FZN%2By0qEtCm%2B50dDmb1vxy2knu0UbeyZPVBmuy44SbGd5bhy%2BJ7tbTu2YxSNQeikp6rxdq9v8qs8voDLxOQvHr5dh9by2ud1%2BsKjl%2FBvhm22FDwVgyOnuEQhRmvSsFFKnuMLvmcsqiuaplZ%2BAEoVpAqT1HrcKkwc282S6eWqk6b%2BeN7%2Bb%2BAA3pS0Alox7pvMgSX1mMj4fuflSXQn2JINOawzlwXufq0x%2FrvsM%2Fr3fvOgZ4s7aXoXsBqSENGd4O1YUe3gpw1AUA0zJnv7Lm9ebzQZ8R6QztCfgdaBPDP93GUC87au7jFv5rNWGaguQLVb1KORsb053T4apo8HdXdnAgWHBe3GG1Uw6GbbFLcVj%2BT0bzHLpGjo%2FBo9axXBDAEza9HbUdCUK7ZiNmPuZ%2F53h4vE4DdJFa%2FWYAUOmlL6B9UfpQw%3D%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>llva.se is on 103.224.212.194<br>ASN for 103.224.212.194: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.194 corresponds with lb-212-194.above.com<br>Abuse.net does not have any reliable address for lb-212-194.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-212-194.above.com abuse@above.com1499087666http://diables.se/ (103.224.212.197) - Serp-hijackingAttacked url: http://diables.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Sun, 02 Jul 2017 23:10:32 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT4H%2FTForGCHAzhn%2B8LQeMnVYhOQV1hzuwqdXMUij%2BbJpa4Tp5CBaTTj7DWS2J8vRC%2Bod2zB2OoSJ5XSoeCcCjjfESvouL3NLIdfeT3JG4lbUL%2BMpuB3eRII74LXnzRMxKGncb3pvmUw4v007TFUBMHlVrP2V1W%2BDbDBaYfn%2FHg4meGG7QzAjRtA1eljQy%2F4r8KyH4dWJPw9psyH7%2BwoAKqOTq0V6qoGfy2Ls3JHCRvUH%2FgJfzcsFNPV1OsABmPFoiliWtbq2CnxES4TlcuOuXAgtZaXa%2Bguidif7r7D3euIEtyQGcf37KZsBsuoELdIp311XE%2BBi9g0i%2Fkz2WnPG98hjMRj3WOTf%2Fg503TLXt%2FivTaeJ7Ab0J8KSUvfPlsMuIBZfBtIe4xYH2dQANWBJt2m0nafozsQ76QI5zkxSvKZrDP8%2BIVnKQi8Llem1p%2BqC3eleMzQ6xXzkf%2BOSgC0VhFjPAlx%2FCKYJStmSzlVcxZ2Ej5I5XfOdUsfE9%2BC3jq2R1%2FqSY3XsayUS <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: diables.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Sun, 02 Jul 2017 21:10:37 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499029837.6690594; expires=Wed, 30-Jun-2027 21:10:37 GMT; Max-Age=315360000 <br>Location: http://ww11.diables.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: diables.se <br>Referer: http://www.google.com/search?q=diables.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Sun, 02 Jul 2017 21:10:36 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499029836.6796675; expires=Wed, 30-Jun-2027 21:10:36 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT4H%2FTForGCHAzhn%2B8LQeMnVYhOQV1hzuwqdXMUij%2BbJpa4Tp5CBaTTj7DWS2J8vRC%2Bod2zB2OoSJ5XSoeCcCjjfESvouL3NLIdfeT3JG4lbUL%2BMpuB3eRII74LXnzRMxKGncb3pvmUw4v007TFUBMHlVrP2V1W%2BDbDBaYfn%2FHg4meGG7QzAjRtA1eljQy%2F4r8KyH4dWJPw9psyH7%2BwoAKqOTq0V6qoGfy2Ls3JHCRvUH%2FgJfzcsFNPV1OsABmPFoiliWtbq2CnxES4TlcuOuXAgtZaXa%2Bguidif7r7D3euIEtyQGcf37KZsBsuoELdIp311XE%2BBi9g0i%2Fkz2WnPG98hjMRj3WOTf%2Fg503TLXt%2FivTaeJ7Ab0J8KSUvfPlsMuIBZfBtIe4xYH2dQANWBJt2m0nafozsQ76QI5zkxSvKZrDP8%2BIVnKQi8Llem1p%2BqC3eleMzQ6xXzkf%2BOSgC0VhFjPAlx%2FCKYJStmSzlVcxZ2Ej5I5XfOdUsfE9%2BC3jq2R1%2FqSY3XsayUS <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>diables.se is on 103.224.212.197<br>ASN for 103.224.212.197: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.197 corresponds with lb-212-197.above.com<br>Abuse.net does not have any reliable address for lb-212-197.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-212-197.above.com abuse@above.com1499087658http://essential.nu/ (103.224.182.249) - Serp-hijackingAttacked url: http://essential.nu/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Sun, 02 Jul 2017 21:46:02 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT4H%2FTForGCHA5q%2B6HFJVDpJymrbwVyU3YguZzyAi%2FzNYyA6B%2Fzo1odxeDZjpbsSex1U5%2BEEp3NEIN8hsIAK9n2klFE5mYY7lAiOQcQdhL0fuCIr9zu%2BNw%2BMfeHFPdD4r1RPN3ZHcT8QcjuGGebhncH33PiyG1u7A8d3F1%2FiUkJzAewq%2BDae64QI%2BDTbyEb1J23THDM7o4wZigZP3N1oEF4ILsPQ4HLa6A64u%2F6N%2FrNHKvwM3Qoxbs0SHZ6XDeyY2RWrRmJju78fi04aegxtKlEk5RT444iAFE5%2FclYKkizKj%2FB9FHSIraa2V6mxd0zmSxtXnKxUhpiD7aJp%2FJ8lm%2F9JSa4YHS0sdu14zFsfgiG5lDJSadc2TEfKcfwyobFmwTY4Be6KOugiY7nNbdF5Mpsw6i59%2BPxlgzpq2KQ%2BRdga04sxAZF8CKDk3ITKzTjlkmezcDNBbS5VbeL0jTJqOZX9gCwwqE0K%2BYa66qCQ3KVqXtD0TIlsyKEpildYvf1Uhf8%2FrYoyBXev%2Bmxyz0USivamhUbcXjW7Ciw%3D%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: essential.nu <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Sun, 02 Jul 2017 19:46:06 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499024766.3033949; expires=Wed, 30-Jun-2027 19:46:06 GMT; Max-Age=315360000 <br>Location: http://ww11.essential.nu/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: essential.nu <br>Referer: http://www.google.com/search?q=essential.nu <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Sun, 02 Jul 2017 19:46:05 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499024765.2784098; expires=Wed, 30-Jun-2027 19:46:05 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT4H%2FTForGCHA5q%2B6HFJVDpJymrbwVyU3YguZzyAi%2FzNYyA6B%2Fzo1odxeDZjpbsSex1U5%2BEEp3NEIN8hsIAK9n2klFE5mYY7lAiOQcQdhL0fuCIr9zu%2BNw%2BMfeHFPdD4r1RPN3ZHcT8QcjuGGebhncH33PiyG1u7A8d3F1%2FiUkJzAewq%2BDae64QI%2BDTbyEb1J23THDM7o4wZigZP3N1oEF4ILsPQ4HLa6A64u%2F6N%2FrNHKvwM3Qoxbs0SHZ6XDeyY2RWrRmJju78fi04aegxtKlEk5RT444iAFE5%2FclYKkizKj%2FB9FHSIraa2V6mxd0zmSxtXnKxUhpiD7aJp%2FJ8lm%2F9JSa4YHS0sdu14zFsfgiG5lDJSadc2TEfKcfwyobFmwTY4Be6KOugiY7nNbdF5Mpsw6i59%2BPxlgzpq2KQ%2BRdga04sxAZF8CKDk3ITKzTjlkmezcDNBbS5VbeL0jTJqOZX9gCwwqE0K%2BYa66qCQ3KVqXtD0TIlsyKEpildYvf1Uhf8%2FrYoyBXev%2Bmxyz0USivamhUbcXjW7Ciw%3D%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>essential.nu is on 103.224.182.249<br>ASN for 103.224.182.249: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.182.249 corresponds with lb-182-249.above.com<br>Abuse.net does not have any reliable address for lb-182-249.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-182-249.above.com abuse@above.com1499087648http://sgsforest.se/ (103.224.212.195) - Serp-hijackingAttacked url: http://sgsforest.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Sun, 02 Jul 2017 16:44:46 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT4H%2FTForGCHAoqAPdxXuKhlCBdfAYKhCL3cOJ%2Fd4YBhY0rAKch8Yf0j3gIM%2BypUpqpWI42%2BRkeBr2ECc%2BlQhgRItmkw37ztAkg0pm7%2ByfL%2FH4zntkQ0J%2BMR66WCFg3pVoaZHIOgcJ6OSBaqTiLXOZpCi0S0%2F%2BC28D5kN8nDh3YJc9dnIhPE89iBORL2DF0x9VQOPsZP4zLIY4bgkF%2BepC%2BDtOLL65q5tIBBtZDGefLNmrL2%2BUnwCjNkSwbfxLQ5H2X7ABXmYnKNuUoKZaYAX5TXgdbWKXrabVJO07zsLWlQH3TPMZ4Nxwfw3jfsEUkQ0AgnAjaPEkAgPYgCUfNb0ztBImbYe5MA0qf%2BaVvIvJI3ktWVpQOjah0ZbIu0tDvgOGY3E%2Bahn4vXa29mtYWxC4q4g5CbwnNO%2BFWUROnCj2qrd77vC%2Bot5NyMDNeG3cSREOYfnvMGxvMEreXN9xxtvv7cxsyHXWk0dd3oN8OX8vg0rD4rs8rY%2Byw%2FakeDNxqVopjBzMTKyeMngCiv97LGLPYw%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: sgsforest.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Sun, 02 Jul 2017 14:44:50 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499006690.6072806; expires=Wed, 30-Jun-2027 14:44:50 GMT; Max-Age=315360000 <br>Location: http://ww11.sgsforest.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: sgsforest.se <br>Referer: http://www.google.com/search?q=sgsforest.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Sun, 02 Jul 2017 14:44:49 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499006689.8508481; expires=Wed, 30-Jun-2027 14:44:49 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT4H%2FTForGCHAoqAPdxXuKhlCBdfAYKhCL3cOJ%2Fd4YBhY0rAKch8Yf0j3gIM%2BypUpqpWI42%2BRkeBr2ECc%2BlQhgRItmkw37ztAkg0pm7%2ByfL%2FH4zntkQ0J%2BMR66WCFg3pVoaZHIOgcJ6OSBaqTiLXOZpCi0S0%2F%2BC28D5kN8nDh3YJc9dnIhPE89iBORL2DF0x9VQOPsZP4zLIY4bgkF%2BepC%2BDtOLL65q5tIBBtZDGefLNmrL2%2BUnwCjNkSwbfxLQ5H2X7ABXmYnKNuUoKZaYAX5TXgdbWKXrabVJO07zsLWlQH3TPMZ4Nxwfw3jfsEUkQ0AgnAjaPEkAgPYgCUfNb0ztBImbYe5MA0qf%2BaVvIvJI3ktWVpQOjah0ZbIu0tDvgOGY3E%2Bahn4vXa29mtYWxC4q4g5CbwnNO%2BFWUROnCj2qrd77vC%2Bot5NyMDNeG3cSREOYfnvMGxvMEreXN9xxtvv7cxsyHXWk0dd3oN8OX8vg0rD4rs8rY%2Byw%2FakeDNxqVopjBzMTKyeMngCiv97LGLPYw%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>sgsforest.se is on 103.224.212.195<br>ASN for 103.224.212.195: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.195 corresponds with lb-212-195.above.com<br>Abuse.net does not have any reliable address for lb-212-195.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-212-195.above.com abuse@above.com1499087587http://prvataaffarer.se/ (103.224.212.189) - Serp-hijackingAttacked url: http://prvataaffarer.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Sun, 02 Jul 2017 15:48:12 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT975B72Xra3VhQ4xCt9x6dCE%2F9fHhFe91UUkU2WLqE7%2FJeJN6oC74r3MPFY%2FIOiDun0cSA50hGJv%2FAFcyfGHILN24OThWWjLHR%2FwPLMVvYBDnpETlg8yoQY4Br0T4bc1nU%2F2U2ioNDN8UWeoR2uk3dxxw4wIMeHHg%2BE0HHAOf%2FUHXRkTy%2FYbXGaUgIbvmryXqpTpTDcRK34PNz%2BGAcFg2dBQC%2FqgbcCR1%2B8pJ567ZnSGL2rbsu%2BJLt9pmO6NFZXIjn6cMXIOnC8dIF6gkhzYa1ZCb969tIv50tj9QWNpj%2BwCDKtPuxpcvnSasFYUZFasIEl5OgUs06XvIMu3x2CQuyLNMC79RpNJMXwr%2BknJvpnlFPyajFj3qe%2BMs9X6XPFl0qrzsvEVUXZtRbyZSSmi5QR7yaxLdqZEijnWk8j6yiMSvo0Z293cmzBH%2FoNhK5JLEiEVD%2BGYPe2ChgGOMsDYgU3gEwRuZyy4OyxD4UJodZ%2FxkaFfLFavKRv6BsHF1RsWd2oNOJg%2F%2FXxmCM0JEOU81HljTjJeIh7PIOKZLEImcQ3hfaQMMw7%2Fi2w%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: prvataaffarer.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Sun, 02 Jul 2017 13:48:12 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499003292.2325976; expires=Wed, 30-Jun-2027 13:48:12 GMT; Max-Age=315360000 <br>Location: http://ww38.prvataaffarer.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: prvataaffarer.se <br>Referer: http://www.google.com/search?q=prvataaffarer.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Sun, 02 Jul 2017 13:48:11 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499003291.6364679; expires=Wed, 30-Jun-2027 13:48:11 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT975B72Xra3VhQ4xCt9x6dCE%2F9fHhFe91UUkU2WLqE7%2FJeJN6oC74r3MPFY%2FIOiDun0cSA50hGJv%2FAFcyfGHILN24OThWWjLHR%2FwPLMVvYBDnpETlg8yoQY4Br0T4bc1nU%2F2U2ioNDN8UWeoR2uk3dxxw4wIMeHHg%2BE0HHAOf%2FUHXRkTy%2FYbXGaUgIbvmryXqpTpTDcRK34PNz%2BGAcFg2dBQC%2FqgbcCR1%2B8pJ567ZnSGL2rbsu%2BJLt9pmO6NFZXIjn6cMXIOnC8dIF6gkhzYa1ZCb969tIv50tj9QWNpj%2BwCDKtPuxpcvnSasFYUZFasIEl5OgUs06XvIMu3x2CQuyLNMC79RpNJMXwr%2BknJvpnlFPyajFj3qe%2BMs9X6XPFl0qrzsvEVUXZtRbyZSSmi5QR7yaxLdqZEijnWk8j6yiMSvo0Z293cmzBH%2FoNhK5JLEiEVD%2BGYPe2ChgGOMsDYgU3gEwRuZyy4OyxD4UJodZ%2FxkaFfLFavKRv6BsHF1RsWd2oNOJg%2F%2FXxmCM0JEOU81HljTjJeIh7PIOKZLEImcQ3hfaQMMw7%2Fi2w%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>prvataaffarer.se is on 103.224.212.189<br>ASN for 103.224.212.189: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.189 corresponds with lb-212-189.above.com<br>Abuse.net does not have any reliable address for lb-212-189.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-212-189.above.com abuse@above.com1499087581http://stadoil.se/ (103.224.212.186) - Serp-hijackingAttacked url: http://stadoil.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 28 Jun 2017 06:37:58 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT52gR5xz5JzTCuS3ms6HEEJIQ0g%2FmA1r77CZ9KRM84kCkoxiV%2B5V0M4KtDf5IWOtcw2J8haHP2asc2G2lK%2BWmlFWrEMYGfOe6aLQyqhsl5712h%2F8jiEchyy1YohSLk%2BpR1K1tP3iwuYUmcwoMlUg%2BjMtRlUGTZywl5j%2FsE%2Bbr%2BuOSZRvWvn%2FayC7ofYFuY9YQQqJX9QfDWYaCQh9kISIwG9gnlI8X2oRW%2FDdvpovwDWTp6zMvCoDZU%2FPBShTy0NpCdgbi9FJDof%2FTQCYTPrci51rQtWL4vGb2pIpyxqwuF%2F4VvPZnFIdcs8xYIuZuV31j%2BChQClGjeweKQmTqvu36jSHeBjzBIpssSODkssO6h03tgUnhVfq%2FfNIIHyazRg3VHQuKj0nxQcpVTe67beAVDwPMHgt88f6wSlaX5l4e5HCTYlmQ8egAqfTljB%2F5NBHgQHLAT%2BmQwc3zgqgD0xRc7%2BeLIGi5itxVqrjfeixhFh9VxaE8YbnOE0zqCfHNRBKlBILdDzXrrr0 <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: stadoil.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Wed, 28 Jun 2017 04:38:01 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1498624681.4897437; expires=Sat, 26-Jun-2027 04:38:01 GMT; Max-Age=315360000 <br>Location: http://ww11.stadoil.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: stadoil.se <br>Referer: http://www.google.com/search?q=stadoil.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Wed, 28 Jun 2017 04:38:01 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1498624681.7887831; expires=Sat, 26-Jun-2027 04:38:01 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT52gR5xz5JzTCuS3ms6HEEJIQ0g%2FmA1r77CZ9KRM84kCkoxiV%2B5V0M4KtDf5IWOtcw2J8haHP2asc2G2lK%2BWmlFWrEMYGfOe6aLQyqhsl5712h%2F8jiEchyy1YohSLk%2BpR1K1tP3iwuYUmcwoMlUg%2BjMtRlUGTZywl5j%2FsE%2Bbr%2BuOSZRvWvn%2FayC7ofYFuY9YQQqJX9QfDWYaCQh9kISIwG9gnlI8X2oRW%2FDdvpovwDWTp6zMvCoDZU%2FPBShTy0NpCdgbi9FJDof%2FTQCYTPrci51rQtWL4vGb2pIpyxqwuF%2F4VvPZnFIdcs8xYIuZuV31j%2BChQClGjeweKQmTqvu36jSHeBjzBIpssSODkssO6h03tgUnhVfq%2FfNIIHyazRg3VHQuKj0nxQcpVTe67beAVDwPMHgt88f6wSlaX5l4e5HCTYlmQ8egAqfTljB%2F5NBHgQHLAT%2BmQwc3zgqgD0xRc7%2BeLIGi5itxVqrjfeixhFh9VxaE8YbnOE0zqCfHNRBKlBILdDzXrrr0 <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>stadoil.se is on 103.224.212.186<br>ASN for 103.224.212.186: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.186 corresponds with lb-212-186.above.com<br>Abuse.net does not have any reliable address for lb-212-186.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-186.above.com1498637364http://pop-corntime.se/ (103.224.212.197) - Serp-hijackingAttacked url: http://pop-corntime.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 28 Jun 2017 05:54:44 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT52gR5xz5JzTt6HZ0RsjFD5crYltt3bs9jj8RABUkPmFhJjduoVEsqf497pMWVOzCW44XHDi6F4bdD%2F5B%2FjWiprFYHwvpK0LUxCXCl8UwS6%2FxK7VyNuF1XswPqU5pCBsHIGprRbULMxKdbF%2FkPlYnBt8Lrk4amJqmfxz9nc4cnNTSjDW8FuVLA63DULO6mBKOP9Bmjc%2Ba3FXrSzizs1X6lRagkAuwnZ9lj6g42wrTkfMXIdZg2%2FgYeRdbzqiZk5HohltZur8E%2F0HZ9NV54WxhohuZioyLjYOplFX%2BnGhUjj8F3ScuQZ3%2B0zhCuw2AzkFT85pYwAEvb9nIhCZ%2BD3y62OOjNlTU1ysCDSlfSybKkkhCUAwro%2BkXsBvB0JrskrwfDLx1KsvuOAne%2B6TRkgbLskhYE5Bpc9Lya93vtj0IR5Miw%2BA6zSyWympTJ21FUxjDkaRPo0PhU9bsLb4WROgEc9ZL3G1JX5JZP2uo2D8qpvDex1CSWrbLTzQRyovozXR%2F5r1IhJitj%2FpPEUEbzEpPbWvo%2B6RsRq0x5MjnQ2DEku7 <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: pop-corntime.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Wed, 28 Jun 2017 03:54:44 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1498622084.2707395; expires=Sat, 26-Jun-2027 03:54:44 GMT; Max-Age=315360000 <br>Location: http://ww11.pop-corntime.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: pop-corntime.se <br>Referer: http://www.google.com/search?q=pop-corntime.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Wed, 28 Jun 2017 03:54:43 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1498622083.2315527; expires=Sat, 26-Jun-2027 03:54:43 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT52gR5xz5JzTt6HZ0RsjFD5crYltt3bs9jj8RABUkPmFhJjduoVEsqf497pMWVOzCW44XHDi6F4bdD%2F5B%2FjWiprFYHwvpK0LUxCXCl8UwS6%2FxK7VyNuF1XswPqU5pCBsHIGprRbULMxKdbF%2FkPlYnBt8Lrk4amJqmfxz9nc4cnNTSjDW8FuVLA63DULO6mBKOP9Bmjc%2Ba3FXrSzizs1X6lRagkAuwnZ9lj6g42wrTkfMXIdZg2%2FgYeRdbzqiZk5HohltZur8E%2F0HZ9NV54WxhohuZioyLjYOplFX%2BnGhUjj8F3ScuQZ3%2B0zhCuw2AzkFT85pYwAEvb9nIhCZ%2BD3y62OOjNlTU1ysCDSlfSybKkkhCUAwro%2BkXsBvB0JrskrwfDLx1KsvuOAne%2B6TRkgbLskhYE5Bpc9Lya93vtj0IR5Miw%2BA6zSyWympTJ21FUxjDkaRPo0PhU9bsLb4WROgEc9ZL3G1JX5JZP2uo2D8qpvDex1CSWrbLTzQRyovozXR%2F5r1IhJitj%2FpPEUEbzEpPbWvo%2B6RsRq0x5MjnQ2DEku7 <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>pop-corntime.se is on 103.224.212.197<br>ASN for 103.224.212.197: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.197 corresponds with lb-212-197.above.com<br>Abuse.net does not have any reliable address for lb-212-197.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-197.above.com1498637359http://inscrever.se/ (103.224.212.190) - Serp-hijackingAttacked url: http://inscrever.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 28 Jun 2017 05:35:42 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT52gR5xz5JzTfl9jeiksmJPtELUjsY6OTBsy1bWJGu3qcsh6R4LpjdAqCEupQ59RqPddCy5zSzNtNCM7cajRkLSELmxcYGJIDr7M6TmnFVQLq1mPo%2FK58c6oBB74K8wyd%2Fy6L4jfGCFmWag4W5awk%2BopeNQKTeYIG%2BeOeRMOnMx7os18eoZmI6cKambLV%2BFYuRYQ9T3KSXFOc8bdF3SQeBKFHRmzmPEe6Uk1vU%2B%2BgcHd4kMhO6xoAKG3qk8forhpNmNcoiQCbC8bWigRSvwesr53A464fiqS0AQXxMFAcYnPZ38trPaDxFRHmiTS5v56kkHf84JDU97B8hJX%2FdaDvR2tS4SUVk%2BYpZP4alULavKBgWfRojCGDCEF1D%2B6xwaCftcRfr7XjEP3TCi0SMC60SMDjoZN32DqSBj89bD%2BpNy5m6VBOt%2F16MjPHptH24GDgCvXf1OnTFDOg1VpMbs38W9vX3hP5%2BAZTruiN0pnPJRC07so%2Bl4Ba96XS%2FImicmOjgP6V2xbMj%2FtyTxHFcCNqfPZMGdVV53QMg%3D%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: inscrever.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Wed, 28 Jun 2017 03:35:42 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1498620942.7208033; expires=Sat, 26-Jun-2027 03:35:42 GMT; Max-Age=315360000 <br>Location: http://ww11.inscrever.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: inscrever.se <br>Referer: http://www.google.com/search?q=inscrever.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Wed, 28 Jun 2017 03:35:41 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1498620941.6077106; expires=Sat, 26-Jun-2027 03:35:41 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT52gR5xz5JzTfl9jeiksmJPtELUjsY6OTBsy1bWJGu3qcsh6R4LpjdAqCEupQ59RqPddCy5zSzNtNCM7cajRkLSELmxcYGJIDr7M6TmnFVQLq1mPo%2FK58c6oBB74K8wyd%2Fy6L4jfGCFmWag4W5awk%2BopeNQKTeYIG%2BeOeRMOnMx7os18eoZmI6cKambLV%2BFYuRYQ9T3KSXFOc8bdF3SQeBKFHRmzmPEe6Uk1vU%2B%2BgcHd4kMhO6xoAKG3qk8forhpNmNcoiQCbC8bWigRSvwesr53A464fiqS0AQXxMFAcYnPZ38trPaDxFRHmiTS5v56kkHf84JDU97B8hJX%2FdaDvR2tS4SUVk%2BYpZP4alULavKBgWfRojCGDCEF1D%2B6xwaCftcRfr7XjEP3TCi0SMC60SMDjoZN32DqSBj89bD%2BpNy5m6VBOt%2F16MjPHptH24GDgCvXf1OnTFDOg1VpMbs38W9vX3hP5%2BAZTruiN0pnPJRC07so%2Bl4Ba96XS%2FImicmOjgP6V2xbMj%2FtyTxHFcCNqfPZMGdVV53QMg%3D%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>inscrever.se is on 103.224.212.190<br>ASN for 103.224.212.190: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.190 corresponds with lb-212-190.above.com<br>Abuse.net does not have any reliable address for lb-212-190.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-212-190.above.com abuse@above.com1498637358http://lanssforsakringar.se/ (103.224.212.188) - Serp-hijackingAttacked url: http://lanssforsakringar.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 28 Jun 2017 05:04:42 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT52gR5xz5JzTdIB1gMQ6UvruZ3U5XJVFj6s9NfUD8Z%2BiTTvknVh5bsl2OPsPTsrFuD0Ae5HrjEg8KcilaqVuR8VAZ9G4WmD%2Fsim6Upc1jIHALxtSbTtGTm1UAjr9L9iqMOJBADcSan01SX9CYlihg1n1TEiAnJM9rqFi916bnQfdveP5J9eq2v9PhyCUD%2BPl0tc5CwstvR9YHnOoOqlwG6ssGGDyGfglpQ%2B8BuM%2B3ifHbhU9JOw8AOVEHCQTykJHt0vv3QNXkG6WvwglWG%2BK3XgJwK6QWjsuZ4YJtiO%2FJAh2H6QCpvM81D8cXeKFBNo0Sox2VyGYCOXtaY7k0BnBGFXtIV%2BrUDNb6eoRXlAAO4ANkjLGj8nQM5zApcukuPo0RMVPUKGhmqaX%2BmMM2dEgh1H1L2l1zHTSDwbRa07gAnz5Eajt%2Birds%2F8bblLqNwKsEmINCbVihkMlg6kA9i7tQec7CqDdgHBEAlZ1Is%2FsOxO%2F7ovtcWoLTU4teZoSu7dkCeTQXubLbEV4s9%2F7xkSteZHXeS4abvH2pkn%2BvtrMjaLyiN6ST2Wcg%2BOJPYcxIt6Pbw%3D%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: lanssforsakringar.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Wed, 28 Jun 2017 03:04:45 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1498619085.6462423; expires=Sat, 26-Jun-2027 03:04:45 GMT; Max-Age=315360000 <br>Location: http://ww11.lanssforsakringar.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: lanssforsakringar.se <br>Referer: http://www.google.com/search?q=lanssforsakringar.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Wed, 28 Jun 2017 03:04:44 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1498619084.2992198; expires=Sat, 26-Jun-2027 03:04:44 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT52gR5xz5JzTdIB1gMQ6UvruZ3U5XJVFj6s9NfUD8Z%2BiTTvknVh5bsl2OPsPTsrFuD0Ae5HrjEg8KcilaqVuR8VAZ9G4WmD%2Fsim6Upc1jIHALxtSbTtGTm1UAjr9L9iqMOJBADcSan01SX9CYlihg1n1TEiAnJM9rqFi916bnQfdveP5J9eq2v9PhyCUD%2BPl0tc5CwstvR9YHnOoOqlwG6ssGGDyGfglpQ%2B8BuM%2B3ifHbhU9JOw8AOVEHCQTykJHt0vv3QNXkG6WvwglWG%2BK3XgJwK6QWjsuZ4YJtiO%2FJAh2H6QCpvM81D8cXeKFBNo0Sox2VyGYCOXtaY7k0BnBGFXtIV%2BrUDNb6eoRXlAAO4ANkjLGj8nQM5zApcukuPo0RMVPUKGhmqaX%2BmMM2dEgh1H1L2l1zHTSDwbRa07gAnz5Eajt%2Birds%2F8bblLqNwKsEmINCbVihkMlg6kA9i7tQec7CqDdgHBEAlZ1Is%2FsOxO%2F7ovtcWoLTU4teZoSu7dkCeTQXubLbEV4s9%2F7xkSteZHXeS4abvH2pkn%2BvtrMjaLyiN6ST2Wcg%2BOJPYcxIt6Pbw%3D%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>lanssforsakringar.se is on 103.224.212.188<br>ASN for 103.224.212.188: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.188 corresponds with lb-212-188.above.com<br>Abuse.net does not have any reliable address for lb-212-188.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-188.above.com1498637353