Säkrare hemsida med .sehttp://styrelsefolk.se/ (93.90.145.83) - Serp-hijackingAttacked url: http://styrelsefolk.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 12 Sep 2017 23:50:03 +0200<br><br>Visitors with referer are redirected to http://www.doaat.com/download.php?pid= <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: styrelsefolk.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Cache-Control: private <br>Content-Length: 0 <br>Content-Type: text/html <br>ETag: &quot;&quot; <br>Server: Microsoft-IIS/8.5 <br>Set-Cookie: ASPSESSIONIDACDTACBQ=IKBLOKNDPMLFKPCGFOJCGLMK; path=/ <br>X-Powered-By: ASP.NET <br>Date: Tue, 12 Sep 2017 21:50:03 GMT <br>Connection: close <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: styrelsefolk.se <br>Referer: http://www.google.com/search?q=styrelsefolk.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Object moved <br>Cache-Control: private <br>Content-Length: 159 <br>Content-Type: text/html <br>ETag: &quot;&quot; <br>Location: http://www.doaat.com/download.php?pid= <br>Server: Microsoft-IIS/8.5 <br>Set-Cookie: ASPSESSIONIDACDTACBQ=HKBLOKNDMKNEDHNOGKDMIFBD; path=/ <br>X-Powered-By: ASP.NET <br>Date: Tue, 12 Sep 2017 21:49:33 GMT <br>Connection: close<br><br>styrelsefolk.se is on 93.90.145.83<br>ASN for 93.90.145.83: 35041<br>Abusix contact information: abuse@levonline.com (information only)<br>rDNS not found for 93.90.145.83<br>Found address in whois: abuse@levonline.com1505314702http://styrelsefolk.se/ (93.90.145.83) - Serp-hijackingAttacked url: http://styrelsefolk.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Thu, 07 Sep 2017 11:41:47 +0200<br><br>Visitors with referer are redirected to http://www.doaat.com/download.php?pid= <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: styrelsefolk.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Cache-Control: private <br>Content-Length: 0 <br>Content-Type: text/html <br>ETag: &quot;&quot; <br>Server: Microsoft-IIS/8.5 <br>Set-Cookie: ASPSESSIONIDSCAQTCCQ=NLPBICHAPBJEAFNAGMAGLFDK; path=/ <br>X-Powered-By: ASP.NET <br>Date: Thu, 07 Sep 2017 09:41:47 GMT <br>Connection: close <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: styrelsefolk.se <br>Referer: http://www.google.com/search?q=styrelsefolk.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Object moved <br>Cache-Control: private <br>Content-Length: 159 <br>Content-Type: text/html <br>ETag: &quot;&quot; <br>Location: http://www.doaat.com/download.php?pid= <br>Server: Microsoft-IIS/8.5 <br>Set-Cookie: ASPSESSIONIDSCAQTCCQ=JLPBICHAPJCMCDGFICCMILHE; path=/ <br>X-Powered-By: ASP.NET <br>Date: Thu, 07 Sep 2017 09:41:17 GMT <br>Connection: close<br><br>styrelsefolk.se is on 93.90.145.83<br>ASN for 93.90.145.83: 35041<br>Abusix contact information: abuse@levonline.com (information only)<br>rDNS not found for 93.90.145.83<br>Found address in whois: abuse@levonline.com1504790999http://pionbutiken.se/ (93.90.145.81) - Serp-hijackingAttacked url: http://pionbutiken.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 15 Aug 2017 13:36:43 +0200<br><br>Visitors with referer are redirected to http://www.fapp.pw/app/se.php <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: pionbutiken.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Cache-Control: private <br>Content-Length: 701 <br>Content-Type: text/html <br>ETag: &quot;&quot; <br>Server: Microsoft-IIS/8.5 <br>Set-Cookie: ASPSESSIONIDSATCTDDT=PIMHHDFBKKDKLOODAIHCDGKH; path=/ <br>X-Powered-By: ASP.NET <br>Date: Tue, 15 Aug 2017 11:36:42 GMT <br>Connection: close <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: pionbutiken.se <br>Referer: http://www.google.com/search?q=pionbutiken.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Object moved <br>Cache-Control: private <br>Content-Length: 150 <br>Content-Type: text/html <br>ETag: &quot;&quot; <br>Location: http://www.fapp.pw/app/se.php <br>Server: Microsoft-IIS/8.5 <br>Set-Cookie: ASPSESSIONIDSATCTDDT=OIMHHDFBCCHKDAECLDCOICFA; path=/ <br>X-Powered-By: ASP.NET <br>Date: Tue, 15 Aug 2017 11:36:42 GMT <br>Connection: close<br><br>pionbutiken.se is on 93.90.145.81<br>ASN for 93.90.145.81: 35041<br>Abusix contact information: abuse@levonline.com (information only)<br>93.90.145.81 corresponds with iis-01.crystone.se<br>Abuse.net has 2 reliable address(es) for crystone.se<br>Found address(es): abuse@crystone.net abuse@crystone.se1502805221http://guldsmedsgarden.se/ (93.90.145.81) - Serp-hijackingAttacked url: http://guldsmedsgarden.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 15 Aug 2017 06:55:05 +0200<br><br>Visitors with referer are redirected to http://www.fapp.pw/app/se.php <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: guldsmedsgarden.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Cache-Control: private <br>Content-Length: 617 <br>Content-Type: text/html <br>ETag: &quot;&quot; <br>Server: Microsoft-IIS/8.5 <br>Set-Cookie: ASPSESSIONIDSSSCRBDT=IIJMIGPALDHCKIEPGLFHAAJK; path=/ <br>X-Powered-By: ASP.NET <br>Date: Tue, 15 Aug 2017 04:55:04 GMT <br>Connection: close <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: guldsmedsgarden.se <br>Referer: http://www.google.com/search?q=guldsmedsgarden.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Object moved <br>Cache-Control: private <br>Content-Length: 150 <br>Content-Type: text/html <br>ETag: &quot;&quot; <br>Location: http://www.fapp.pw/app/se.php <br>Server: Microsoft-IIS/8.5 <br>Set-Cookie: ASPSESSIONIDSSSCRBDT=HIJMIGPAMOEIGLDFEHGJMLIJ; path=/ <br>X-Powered-By: ASP.NET <br>Date: Tue, 15 Aug 2017 04:55:04 GMT <br>Connection: close<br><br>guldsmedsgarden.se is on 93.90.145.81<br>ASN for 93.90.145.81: 35041<br>Abusix contact information: abuse@levonline.com (information only)<br>93.90.145.81 corresponds with iis-01.crystone.se<br>Abuse.net has 2 reliable address(es) for crystone.se<br>Found address(es): abuse@crystone.net abuse@crystone.se1502783008http://skarstadbygg.se/ (93.90.145.83) - Serp-hijackingAttacked url: http://skarstadbygg.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 12 Jul 2017 12:32:42 +0200<br><br>Visitors with referer are redirected to http://www.fapp.pw/app/se.php <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: skarstadbygg.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Cache-Control: private <br>Content-Length: 748 <br>Content-Type: text/html <br>ETag: &quot;&quot; <br>Server: Microsoft-IIS/8.5 <br>Set-Cookie: ASPSESSIONIDSCBSQBAS=JALJGNPCLKNMDLIHKDFNFPOB; path=/ <br>X-Powered-By: ASP.NET <br>Date: Wed, 12 Jul 2017 10:32:49 GMT <br>Connection: close <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: skarstadbygg.se <br>Referer: http://www.google.com/search?q=skarstadbygg.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Object moved <br>Cache-Control: private <br>Content-Length: 150 <br>Content-Type: text/html <br>ETag: &quot;&quot; <br>Location: http://www.fapp.pw/app/se.php <br>Server: Microsoft-IIS/8.5 <br>Set-Cookie: ASPSESSIONIDSCBSQBAS=IALJGNPCJCGFJKJADEIFHNBO; path=/ <br>X-Powered-By: ASP.NET <br>Date: Wed, 12 Jul 2017 10:32:49 GMT <br>Connection: close<br><br>skarstadbygg.se is on 93.90.145.83<br>ASN for 93.90.145.83: 35041<br>Abusix contact information: abuse@levonline.com (information only)<br>rDNS not found for 93.90.145.83<br>Found address in whois: abuse@levonline.com1499859835http://styrelsefolk.se/ (93.90.145.83) - Serp-hijackingAttacked url: http://styrelsefolk.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 21 Jun 2017 05:32:29 +0200<br><br>Visitors with referer are redirected to http://www.doaat.com/download.php?pid= <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: styrelsefolk.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Cache-Control: private <br>Content-Length: 15 <br>Content-Type: text/html <br>ETag: &quot;&quot; <br>Server: Microsoft-IIS/8.5 <br>Set-Cookie: ASPSESSIONIDQABRQABS=CHGDCOKAGGENPNJBBDHBAHAI; path=/ <br>X-Powered-By: ASP.NET <br>Date: Wed, 21 Jun 2017 03:32:29 GMT <br>Connection: close <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: styrelsefolk.se <br>Referer: http://www.google.com/search?q=styrelsefolk.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Object moved <br>Cache-Control: private <br>Content-Length: 159 <br>Content-Type: text/html <br>ETag: &quot;&quot; <br>Location: http://www.doaat.com/download.php?pid= <br>Server: Microsoft-IIS/8.5 <br>Set-Cookie: ASPSESSIONIDQABRQABS=BHGDCOKAFGJCAFJMJOBKBFOF; path=/ <br>X-Powered-By: ASP.NET <br>Date: Wed, 21 Jun 2017 03:32:28 GMT <br>Connection: close<br><br>styrelsefolk.se is on 93.90.145.83<br>ASN for 93.90.145.83: 35041<br>Abusix contact information: abuse@levonline.com (information only)<br>rDNS not found for 93.90.145.83<br>Found address in whois: abuse@levonline.com1498050247http://mccenter.se/ (93.90.145.83) - Serp-hijackingAttacked url: http://mccenter.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 21 Jun 2017 04:19:27 +0200<br><br>Visitors with referer are redirected to http://blog.163.com/cheapfifa16coins <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: mccenter.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Cache-Control: private <br>Content-Length: 890 <br>Content-Type: text/html <br>ETag: &quot;&quot; <br>Server: Microsoft-IIS/8.5 <br>Set-Cookie: ASPSESSIONIDCADRBBAR=CPJPPFNAHNLEIAABIDJLKCGH; path=/ <br>X-Powered-By: ASP.NET <br>Date: Wed, 21 Jun 2017 02:19:28 GMT <br>Connection: close <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: mccenter.se <br>Referer: http://www.google.com/search?q=mccenter.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Object moved <br>Cache-Control: private <br>Content-Length: 157 <br>Content-Type: text/html <br>ETag: &quot;&quot; <br>Location: http://blog.163.com/cheapfifa16coins <br>Server: Microsoft-IIS/8.5 <br>Set-Cookie: ASPSESSIONIDCADRBBAR=BPJPPFNAPJIAJBODJIHMCEFL; path=/ <br>X-Powered-By: ASP.NET <br>Date: Wed, 21 Jun 2017 02:19:28 GMT <br>Connection: close<br><br>mccenter.se is on 93.90.145.83<br>ASN for 93.90.145.83: 35041<br>Abusix contact information: abuse@levonline.com (information only)<br>rDNS not found for 93.90.145.83<br>Found address in whois: abuse@levonline.com1498050212http://empatiabokochbild.se/ (93.90.145.83) - Serp-hijackingAttacked url: http://empatiabokochbild.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 20 Jun 2017 22:23:53 +0200<br><br>Visitors with referer are redirected to http://www.lampsnext.com/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: empatiabokochbild.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Cache-Control: private <br>Content-Length: 7030 <br>Content-Type: text/html <br>ETag: &quot;&quot; <br>Server: Microsoft-IIS/8.5 <br>Set-Cookie: ASPSESSIONIDQQSCBCDS=PAEBLPBANKDFPCCLLJGMBEDG; path=/ <br>X-Powered-By: ASP.NET <br>Date: Tue, 20 Jun 2017 20:23:54 GMT <br>Connection: close <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: empatiabokochbild.se <br>Referer: http://www.google.com/search?q=empatiabokochbild.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Object moved <br>Cache-Control: private <br>Content-Length: 146 <br>Content-Type: text/html <br>ETag: &quot;&quot; <br>Location: http://www.lampsnext.com/ <br>Server: Microsoft-IIS/8.5 <br>Set-Cookie: ASPSESSIONIDQQSCBCDS=OAEBLPBAFCMGKLNJKBILBFKB; path=/ <br>X-Powered-By: ASP.NET <br>Date: Tue, 20 Jun 2017 20:23:54 GMT <br>Connection: close<br><br>empatiabokochbild.se is on 93.90.145.83<br>ASN for 93.90.145.83: 35041<br>Abusix contact information: abuse@levonline.com (information only)<br>rDNS not found for 93.90.145.83<br>Found address in whois: abuse@levonline.com1498050050http://mybill.se/ (93.90.145.103) - Serp-hijackingAttacked url: http://mybill.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 20 Jun 2017 17:50:31 +0200<br><br>Visitors with referer are redirected to http://medical-brothers.com/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: mybill.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 500 Internal Server Error <br>Date: Tue, 20 Jun 2017 15:50:30 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.3.29 <br>Expires: Wed, 11 Jan 1984 05:00:00 GMT <br>Cache-Control: no-cache, must-revalidate, max-age=0 <br>Pragma: no-cache <br>Connection: close <br>Content-Type: text/html; charset=utf-8 <br>Pool-Info: /Common/cry-apache-03 10.160.41.3 80 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: mybill.se <br>Referer: http://www.google.com/search?q=mybill.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 301 Moved Permanently <br>Date: Tue, 20 Jun 2017 15:50:30 GMT <br>Server: Apache <br>Location: http://medical-brothers.com/ <br>Connection: close <br>Content-Type: text/html; charset=iso-8859-1 <br>Pool-Info: /Common/cry-apache-03 10.160.41.3 80<br><br>mybill.se is on 93.90.145.103<br>ASN for 93.90.145.103: 35041<br>Abusix contact information: abuse@levonline.com (information only)<br>93.90.145.103 corresponds with apache-03.crystone.se<br>Abuse.net has 2 reliable address(es) for crystone.se<br>Found address(es): abuse@crystone.se abuse@crystone.net1498049944http://studioolga.se/ (83.168.226.90) - Serp-hijackingAttacked url: http://studioolga.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 08 May 2017 16:27:52 +0200<br><br>Visitors with referer are redirected to http://www.fapp.pw/app/se.php <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: studioolga.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Cache-Control: private <br>Content-Length: 2940 <br>Content-Type: text/html <br>Server: Microsoft-IIS/7.5 <br>Set-Cookie: ASPSESSIONIDAAAQSARR=MMNJJODACFJKNEBGKIBMCGHN; path=/ <br>X-Powered-By: ASP.NET <br>X-App-Hosting: pool=classic <br>Date: Mon, 08 May 2017 14:27:54 GMT <br>Connection: close <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: studioolga.se <br>Referer: http://www.google.com/search?q=studioolga.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Object moved <br>Cache-Control: private <br>Content-Length: 150 <br>Content-Type: text/html <br>Location: http://www.fapp.pw/app/se.php <br>Server: Microsoft-IIS/7.5 <br>Set-Cookie: ASPSESSIONIDAAAQSARR=LMNJJODACKENBBEHMCNPKDHO; path=/ <br>X-Powered-By: ASP.NET <br>X-App-Hosting: pool=classic <br>Date: Mon, 08 May 2017 14:27:54 GMT <br>Connection: close<br><br>studioolga.se is on 83.168.226.90<br>ASN for 83.168.226.90: 35041<br>Abusix contact information: abuse@crystone.se (information only)<br>83.168.226.90 corresponds with winweb-11.pem.crystone.net<br>Abuse.net has 1 reliable address(es) for crystone.net<br>Found address(es): abuse@crystone.net1494328776http://styrelsefolk.se/ (83.168.226.36) - Serp-hijackingAttacked url: http://styrelsefolk.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 29 Mar 2017 00:44:06 +0200<br><br>Visitors with referer are redirected to http://www.doaat.com/download.php?pid= <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: styrelsefolk.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Connection: close <br>Date: Tue, 28 Mar 2017 22:44:18 GMT <br>Server: Microsoft-IIS/6.0 <br>X-Powered-By: ASP.NET <br>Content-Length: 15 <br>Content-Type: text/html <br>Set-Cookie: ASPSESSIONIDQCBSBRCB=GOMDBJGBLANDMCJLILJOLPNO; path=/ <br>Cache-control: private <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: styrelsefolk.se <br>Referer: http://www.google.com/search?q=styrelsefolk.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Object moved <br>Connection: close <br>Date: Tue, 28 Mar 2017 22:44:18 GMT <br>Server: Microsoft-IIS/6.0 <br>X-Powered-By: ASP.NET <br>Location: http://www.doaat.com/download.php?pid= <br>Content-Length: 159 <br>Content-Type: text/html <br>Set-Cookie: ASPSESSIONIDQCBSBRCB=FOMDBJGBNNGAGDNFCNOMFKGF; path=/ <br>Cache-control: private<br><br>styrelsefolk.se is on 83.168.226.36<br>ASN for 83.168.226.36: 35041<br>Abusix contact information: abuse@crystone.se (information only)<br>83.168.226.36 corresponds with winweb-1.pem.crystone.net<br>Abuse.net has 1 reliable address(es) for crystone.net<br>Found address(es): abuse@crystone.net1490800157http://mybill.se/ (83.168.226.230) - Serp-hijackingAttacked url: http://mybill.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Thu, 23 Mar 2017 01:03:37 +0100<br><br>Visitors with referer are redirected to http://medical-brothers.com/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: mybill.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Thu, 23 Mar 2017 00:03:42 GMT <br>Server: Apache/2.2.11 (Unix) mod_mono/2.4 <br>X-Pingback: http://mybill.se/xmlrpc.php <br>Set-Cookie: wc_session_cookie_b4e80a7cb212c99c50967110c99e3419=3u3z9wE6i5RXShb8sXGVQX5DIiaIXRhM%7C%7C1490400222%7C%7C1490396622%7C%7C4b9d6546b8c24fbcb23adcb1bf5f6099; expires=Sat, 25-Mar-2017 00:03:42 GMT; path=/; httponly <br>Set-Cookie: woocommerce_items_in_cart=0; expires=Wed, 22-Mar-2017 23:03:42 GMT; path=/ <br>Set-Cookie: woocommerce_cart_hash=0; expires=Wed, 22-Mar-2017 23:03:42 GMT; path=/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: mybill.se <br>Referer: http://www.google.com/search?q=mybill.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 301 Moved Permanently <br>Date: Thu, 23 Mar 2017 00:03:42 GMT <br>Server: Apache/2.2.11 (Unix) mod_mono/2.4 <br>Location: http://medical-brothers.com/ <br>Connection: close <br>Content-Type: text/html; charset=iso-8859-1<br><br>mybill.se is on 83.168.226.230<br>ASN for 83.168.226.230: 35041<br>Abusix contact information: abuse@crystone.se (information only)<br>83.168.226.230 corresponds with pemlinweb09.crystone.net<br>Abuse.net has 1 reliable address(es) for crystone.net<br>Found address(es): abuse@crystone.net1490272448http://stipendiet.se/ (217.70.32.136) - Serp-hijackingAttacked url: http://stipendiet.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Thu, 02 Mar 2017 02:21:55 +0100<br><br>Visitors with referer are redirected to http://www.basketball-clothes.com/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: stipendiet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Thu, 02 Mar 2017 01:21:53 GMT <br>Server: Apache <br>Accept-Ranges: bytes <br>X-Powered-By: PHP/5.2.17 <br>Set-Cookie: USERID=twotime; path=/ <br>X-Pingback: http://stipendiet.se/xmlrpc.php <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: stipendiet.se <br>Referer: http://www.google.com/search?q=stipendiet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Thu, 02 Mar 2017 01:21:53 GMT <br>Server: Apache <br>Accept-Ranges: bytes <br>X-Powered-By: PHP/5.2.17 <br>Set-Cookie: USERID=shine-check; path=/ <br>Location: http://www.basketball-clothes.com/ <br>X-Pingback: http://stipendiet.se/xmlrpc.php <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>stipendiet.se is on 217.70.32.136<br>ASN for 217.70.32.136: 35041<br>Abusix contact information: abuse@levonline.com (information only)<br>217.70.32.136 corresponds with www1-php52.fordon.levonline.com<br>Abuse.net has 1 reliable address(es) for levonline.com<br>Found address(es): abuse@levonline.com1488437677http://stipendiet.se/ (217.70.32.136) - Serp-hijackingAttacked url: http://stipendiet.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 27 Feb 2017 18:39:46 +0100<br><br>Visitors with referer are redirected to http://www.basketball-clothes.com/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: stipendiet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Mon, 27 Feb 2017 17:39:45 GMT <br>Server: Apache <br>Accept-Ranges: bytes <br>X-Powered-By: PHP/5.2.17 <br>Set-Cookie: USERID=twotime; path=/ <br>X-Pingback: http://stipendiet.se/xmlrpc.php <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: stipendiet.se <br>Referer: http://www.google.com/search?q=stipendiet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Mon, 27 Feb 2017 17:39:45 GMT <br>Server: Apache <br>Accept-Ranges: bytes <br>X-Powered-By: PHP/5.2.17 <br>Set-Cookie: USERID=shine-check; path=/ <br>Location: http://www.basketball-clothes.com/ <br>X-Pingback: http://stipendiet.se/xmlrpc.php <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>stipendiet.se is on 217.70.32.136<br>ASN for 217.70.32.136: 35041<br>Abusix contact information: abuse@levonline.com (information only)<br>217.70.32.136 corresponds with www1-php52.fordon.levonline.com<br>Abuse.net has 1 reliable address(es) for levonline.com<br>Found address(es): abuse@levonline.com1488265814http://stipendiet.se/ (217.70.32.136) - Serp-hijackingAttacked url: http://stipendiet.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Thu, 23 Feb 2017 04:09:17 +0100<br><br>Visitors with referer are redirected to http://www.basketball-clothes.com/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: stipendiet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Thu, 23 Feb 2017 03:09:17 GMT <br>Server: Apache <br>Accept-Ranges: bytes <br>X-Powered-By: PHP/5.2.17 <br>Set-Cookie: USERID=twotime; path=/ <br>X-Pingback: http://stipendiet.se/xmlrpc.php <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: stipendiet.se <br>Referer: http://www.google.com/search?q=stipendiet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Thu, 23 Feb 2017 03:09:16 GMT <br>Server: Apache <br>Accept-Ranges: bytes <br>X-Powered-By: PHP/5.2.17 <br>Set-Cookie: USERID=shine-check; path=/ <br>Location: http://www.basketball-clothes.com/ <br>X-Pingback: http://stipendiet.se/xmlrpc.php <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>stipendiet.se is on 217.70.32.136<br>ASN for 217.70.32.136: 35041<br>Abusix contact information: abuse@levonline.com (information only)<br>217.70.32.136 corresponds with www1-php52.fordon.levonline.com<br>Abuse.net has 1 reliable address(es) for levonline.com<br>Found address(es): abuse@levonline.com1487838143http://mccenter.se/ (93.90.145.83) - Serp-hijackingAttacked url: http://mccenter.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 22 Feb 2017 03:27:56 +0100<br><br>Visitors with referer are redirected to http://blog.163.com/cheapfifa16coins <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: mccenter.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Cache-Control: private <br>Content-Length: 890 <br>Content-Type: text/html <br>ETag: &quot;&quot; <br>Server: Microsoft-IIS/8.5 <br>Set-Cookie: ASPSESSIONIDSSSDCADS=BFNHJLHCCJECEBHJDPGNEJOI; path=/ <br>X-Powered-By: ASP.NET <br>Date: Wed, 22 Feb 2017 02:27:57 GMT <br>Connection: close <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: mccenter.se <br>Referer: http://www.google.com/search?q=mccenter.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Object moved <br>Cache-Control: private <br>Content-Length: 157 <br>Content-Type: text/html <br>ETag: &quot;&quot; <br>Location: http://blog.163.com/cheapfifa16coins <br>Server: Microsoft-IIS/8.5 <br>Set-Cookie: ASPSESSIONIDSSSDCADS=AFNHJLHCJPGMDAGLHHFIGNHI; path=/ <br>X-Powered-By: ASP.NET <br>Date: Wed, 22 Feb 2017 02:27:57 GMT <br>Connection: close<br><br>mccenter.se is on 93.90.145.83<br>ASN for 93.90.145.83: 35041<br>Abusix contact information: abuse@levonline.com (information only)<br>rDNS not found for 93.90.145.83<br>Found address in whois: abuse@levonline.com1487767856http://stipendiet.se/ (217.70.32.136) - Serp-hijackingAttacked url: http://stipendiet.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 21 Feb 2017 16:02:18 +0100<br><br>Visitors with referer are redirected to http://www.basketball-clothes.com/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: stipendiet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Tue, 21 Feb 2017 15:02:20 GMT <br>Server: Apache <br>Accept-Ranges: bytes <br>X-Powered-By: PHP/5.2.17 <br>Set-Cookie: USERID=twotime; path=/ <br>X-Pingback: http://stipendiet.se/xmlrpc.php <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: stipendiet.se <br>Referer: http://www.google.com/search?q=stipendiet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Tue, 21 Feb 2017 15:02:20 GMT <br>Server: Apache <br>Accept-Ranges: bytes <br>X-Powered-By: PHP/5.2.17 <br>Set-Cookie: USERID=shine-check; path=/ <br>Location: http://www.basketball-clothes.com/ <br>X-Pingback: http://stipendiet.se/xmlrpc.php <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>stipendiet.se is on 217.70.32.136<br>ASN for 217.70.32.136: 35041<br>Abusix contact information: abuse@levonline.com (information only)<br>217.70.32.136 corresponds with www1-php52.fordon.levonline.com<br>Abuse.net has 1 reliable address(es) for levonline.com<br>Found address(es): abuse@levonline.com1487767517http://jureka.se/ (83.168.244.28) - Serp-hijackingAttacked url: http://jureka.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Thu, 16 Feb 2017 20:12:23 +0100<br><br>Visitors with referer are redirected to http://www.billigafotbollsskor-online.com/#jurekaa <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: jureka.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Connection: close <br>Date: Thu, 16 Feb 2017 19:12:21 GMT <br>Server: Microsoft-IIS/6.0 <br>X-Powered-By: ASP.NET <br>Content-Length: 4539 <br>Content-Type: text/html <br>Set-Cookie: ASPSESSIONIDAARTRDDA=BLEHJJJCHLDOOMBANKHAIDIH; path=/ <br>Cache-control: private <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: jureka.se <br>Referer: http://www.google.com/search?q=jureka.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Object moved <br>Connection: close <br>Date: Thu, 16 Feb 2017 19:12:21 GMT <br>Server: Microsoft-IIS/6.0 <br>X-Powered-By: ASP.NET <br>Location: http://www.billigafotbollsskor-online.com/#jurekaa <br>Content-Length: 171 <br>Content-Type: text/html <br>Set-Cookie: ASPSESSIONIDAARTRDDA=ALEHJJJCEDPDDKKPHDAIEKBJ; path=/ <br>Cache-control: private<br><br>jureka.se is on 83.168.244.28<br>ASN for 83.168.244.28: 35041<br>Abusix contact information: abuse@crystone.se (information only)<br>83.168.244.28 corresponds with web-10.crystone.se<br>Abuse.net has 2 reliable address(es) for crystone.se<br>Found address(es): abuse@crystone.se abuse@crystone.net1487321744http://stipendiet.se/ (217.70.32.136) - Serp-hijackingAttacked url: http://stipendiet.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Thu, 16 Feb 2017 16:50:43 +0100<br><br>Visitors with referer are redirected to http://www.basketball-clothes.com/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: stipendiet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Thu, 16 Feb 2017 15:50:43 GMT <br>Server: Apache <br>Accept-Ranges: bytes <br>X-Powered-By: PHP/5.2.17 <br>Set-Cookie: USERID=twotime; path=/ <br>X-Pingback: http://stipendiet.se/xmlrpc.php <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: stipendiet.se <br>Referer: http://www.google.com/search?q=stipendiet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Thu, 16 Feb 2017 15:50:42 GMT <br>Server: Apache <br>Accept-Ranges: bytes <br>X-Powered-By: PHP/5.2.17 <br>Set-Cookie: USERID=shine-check; path=/ <br>Location: http://www.basketball-clothes.com/ <br>X-Pingback: http://stipendiet.se/xmlrpc.php <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>stipendiet.se is on 217.70.32.136<br>ASN for 217.70.32.136: 35041<br>Abusix contact information: abuse@levonline.com (information only)<br>217.70.32.136 corresponds with www1-php52.fordon.levonline.com<br>Abuse.net has 1 reliable address(es) for levonline.com<br>Found address(es): abuse@levonline.com1487321732http://stipendiet.se/ (217.70.32.136) - Serp-hijackingAttacked url: http://stipendiet.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 15 Feb 2017 08:57:31 +0100<br><br>Visitors with referer are redirected to http://www.basketball-clothes.com/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: stipendiet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Wed, 15 Feb 2017 07:57:28 GMT <br>Server: Apache <br>Accept-Ranges: bytes <br>X-Powered-By: PHP/5.2.17 <br>Set-Cookie: USERID=twotime; path=/ <br>X-Pingback: http://stipendiet.se/xmlrpc.php <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: stipendiet.se <br>Referer: http://www.google.com/search?q=stipendiet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Wed, 15 Feb 2017 07:57:28 GMT <br>Server: Apache <br>Accept-Ranges: bytes <br>X-Powered-By: PHP/5.2.17 <br>Set-Cookie: USERID=shine-check; path=/ <br>Location: http://www.basketball-clothes.com/ <br>X-Pingback: http://stipendiet.se/xmlrpc.php <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>stipendiet.se is on 217.70.32.136<br>ASN for 217.70.32.136: 35041<br>Abusix contact information: abuse@levonline.com (information only)<br>217.70.32.136 corresponds with www1-php52.fordon.levonline.com<br>Abuse.net has 1 reliable address(es) for levonline.com<br>Found address(es): abuse@levonline.com1487230664http://stipendiet.se/ (217.70.32.136) - Serp-hijackingAttacked url: http://stipendiet.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 14 Feb 2017 00:08:53 +0100<br><br>Visitors with referer are redirected to http://www.basketball-clothes.com/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: stipendiet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Mon, 13 Feb 2017 23:08:49 GMT <br>Server: Apache <br>Accept-Ranges: bytes <br>X-Powered-By: PHP/5.2.17 <br>Set-Cookie: USERID=twotime; path=/ <br>X-Pingback: http://stipendiet.se/xmlrpc.php <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: stipendiet.se <br>Referer: http://www.google.com/search?q=stipendiet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Mon, 13 Feb 2017 23:08:49 GMT <br>Server: Apache <br>Accept-Ranges: bytes <br>X-Powered-By: PHP/5.2.17 <br>Set-Cookie: USERID=shine-check; path=/ <br>Location: http://www.basketball-clothes.com/ <br>X-Pingback: http://stipendiet.se/xmlrpc.php <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>stipendiet.se is on 217.70.32.136<br>ASN for 217.70.32.136: 35041<br>Abusix contact information: abuse@levonline.com (information only)<br>217.70.32.136 corresponds with www1-php52.fordon.levonline.com<br>Abuse.net has 1 reliable address(es) for levonline.com<br>Found address(es): abuse@levonline.com1487058221http://stipendiet.se/ (217.70.32.136) - Serp-hijackingAttacked url: http://stipendiet.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Sun, 12 Feb 2017 15:23:15 +0100<br><br>Visitors with referer are redirected to http://www.basketball-clothes.com/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: stipendiet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Sun, 12 Feb 2017 14:23:14 GMT <br>Server: Apache <br>Accept-Ranges: bytes <br>X-Powered-By: PHP/5.2.17 <br>Set-Cookie: USERID=twotime; path=/ <br>X-Pingback: http://stipendiet.se/xmlrpc.php <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: stipendiet.se <br>Referer: http://www.google.com/search?q=stipendiet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Sun, 12 Feb 2017 14:23:14 GMT <br>Server: Apache <br>Accept-Ranges: bytes <br>X-Powered-By: PHP/5.2.17 <br>Set-Cookie: USERID=shine-check; path=/ <br>Location: http://www.basketball-clothes.com/ <br>X-Pingback: http://stipendiet.se/xmlrpc.php <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>stipendiet.se is on 217.70.32.136<br>ASN for 217.70.32.136: 35041<br>Abusix contact information: abuse@levonline.com (information only)<br>217.70.32.136 corresponds with www1-php52.fordon.levonline.com<br>Abuse.net has 1 reliable address(es) for levonline.com<br>Found address(es): abuse@levonline.com1486969405http://stipendiet.se/ (217.70.32.136) - Serp-hijackingAttacked url: http://stipendiet.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Thu, 09 Feb 2017 22:01:49 +0100<br><br>Visitors with referer are redirected to http://www.basketball-clothes.com/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: stipendiet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Thu, 09 Feb 2017 21:01:48 GMT <br>Server: Apache <br>Accept-Ranges: bytes <br>X-Powered-By: PHP/5.2.17 <br>Set-Cookie: USERID=twotime; path=/ <br>X-Pingback: http://stipendiet.se/xmlrpc.php <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: stipendiet.se <br>Referer: http://www.google.com/search?q=stipendiet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Thu, 09 Feb 2017 21:01:48 GMT <br>Server: Apache <br>Accept-Ranges: bytes <br>X-Powered-By: PHP/5.2.17 <br>Set-Cookie: USERID=shine-check; path=/ <br>Location: http://www.basketball-clothes.com/ <br>X-Pingback: http://stipendiet.se/xmlrpc.php <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>stipendiet.se is on 217.70.32.136<br>ASN for 217.70.32.136: 35041<br>Abusix contact information: abuse@levonline.com (information only)<br>217.70.32.136 corresponds with www1-php52.fordon.levonline.com<br>Abuse.net has 1 reliable address(es) for levonline.com<br>Found address(es): abuse@levonline.com1486711728http://stipendiet.se/ (217.70.32.136) - Serp-hijackingAttacked url: http://stipendiet.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 07 Feb 2017 02:10:41 +0100<br><br>Visitors with referer are redirected to http://www.basketball-clothes.com/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: stipendiet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Tue, 07 Feb 2017 01:10:39 GMT <br>Server: Apache <br>Accept-Ranges: bytes <br>X-Powered-By: PHP/5.2.17 <br>Set-Cookie: USERID=twotime; path=/ <br>X-Pingback: http://stipendiet.se/xmlrpc.php <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: stipendiet.se <br>Referer: http://www.google.com/search?q=stipendiet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Tue, 07 Feb 2017 01:10:38 GMT <br>Server: Apache <br>Accept-Ranges: bytes <br>X-Powered-By: PHP/5.2.17 <br>Set-Cookie: USERID=shine-check; path=/ <br>Location: http://www.basketball-clothes.com/ <br>X-Pingback: http://stipendiet.se/xmlrpc.php <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>stipendiet.se is on 217.70.32.136<br>ASN for 217.70.32.136: 35041<br>Abusix contact information: abuse@levonline.com (information only)<br>217.70.32.136 corresponds with www1-php52.fordon.levonline.com<br>Abuse.net has 1 reliable address(es) for levonline.com<br>Found address(es): abuse@levonline.com1486452230http://stipendiet.se/ (217.70.32.136) - Serp-hijackingAttacked url: http://stipendiet.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Fri, 03 Feb 2017 07:16:30 +0100<br><br>Visitors with referer are redirected to http://www.basketball-clothes.com/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: stipendiet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Fri, 03 Feb 2017 06:16:28 GMT <br>Server: Apache <br>Accept-Ranges: bytes <br>X-Powered-By: PHP/5.2.17 <br>Set-Cookie: USERID=twotime; path=/ <br>X-Pingback: http://stipendiet.se/xmlrpc.php <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: stipendiet.se <br>Referer: http://www.google.com/search?q=stipendiet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Fri, 03 Feb 2017 06:16:28 GMT <br>Server: Apache <br>Accept-Ranges: bytes <br>X-Powered-By: PHP/5.2.17 <br>Set-Cookie: USERID=shine-check; path=/ <br>Location: http://www.basketball-clothes.com/ <br>X-Pingback: http://stipendiet.se/xmlrpc.php <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>stipendiet.se is on 217.70.32.136<br>ASN for 217.70.32.136: 35041<br>Abusix contact information: abuse@levonline.com (information only)<br>217.70.32.136 corresponds with www1-php52.fordon.levonline.com<br>Abuse.net has 1 reliable address(es) for levonline.com<br>Found address(es): abuse@levonline.com1486109342http://jureka.se/ (83.168.244.28) - Serp-hijackingAttacked url: http://jureka.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Thu, 02 Feb 2017 20:20:07 +0100<br><br>Visitors with referer are redirected to http://www.billigafotbollsskor-online.com/#jurekaa <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: jureka.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Connection: close <br>Date: Thu, 02 Feb 2017 19:20:05 GMT <br>Server: Microsoft-IIS/6.0 <br>X-Powered-By: ASP.NET <br>Content-Length: 4539 <br>Content-Type: text/html <br>Set-Cookie: ASPSESSIONIDACSQQCCB=BPCCPOHBOOPMEFGKIJNLEKIB; path=/ <br>Cache-control: private <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: jureka.se <br>Referer: http://www.google.com/search?q=jureka.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Object moved <br>Connection: close <br>Date: Thu, 02 Feb 2017 19:20:05 GMT <br>Server: Microsoft-IIS/6.0 <br>X-Powered-By: ASP.NET <br>Location: http://www.billigafotbollsskor-online.com/#jurekaa <br>Content-Length: 171 <br>Content-Type: text/html <br>Set-Cookie: ASPSESSIONIDACSQQCCB=APCCPOHBNBAOBEBBBEFLPNAL; path=/ <br>Cache-control: private<br><br>jureka.se is on 83.168.244.28<br>ASN for 83.168.244.28: 35041<br>Abusix contact information: abuse@crystone.se (information only)<br>83.168.244.28 corresponds with web-10.crystone.se<br>Abuse.net has 2 reliable address(es) for crystone.se<br>Found address(es): abuse@crystone.se abuse@crystone.net1486109319http://empatiabokochbild.se/ (83.168.226.72) - Serp-hijackingAttacked url: http://empatiabokochbild.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Thu, 02 Feb 2017 08:34:31 +0100<br><br>Visitors with referer are redirected to http://www.lampsnext.com/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: empatiabokochbild.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Connection: close <br>Date: Thu, 02 Feb 2017 07:34:18 GMT <br>Server: Microsoft-IIS/6.0 <br>X-Powered-By: ASP.NET <br>Content-Length: 7030 <br>Content-Type: text/html <br>Set-Cookie: ASPSESSIONIDQQRATCSS=IIPFDBBBEHDADGLACAOENGCE; path=/ <br>Cache-control: private <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: empatiabokochbild.se <br>Referer: http://www.google.com/search?q=empatiabokochbild.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Object moved <br>Connection: close <br>Date: Thu, 02 Feb 2017 07:34:18 GMT <br>Server: Microsoft-IIS/6.0 <br>X-Powered-By: ASP.NET <br>Location: http://www.lampsnext.com/ <br>Content-Length: 146 <br>Content-Type: text/html <br>Set-Cookie: ASPSESSIONIDQQRATCSS=HIPFDBBBHKHLJPCANFBPNMCO; path=/ <br>Cache-control: private<br><br>empatiabokochbild.se is on 83.168.226.72<br>ASN for 83.168.226.72: 35041<br>Abusix contact information: abuse@crystone.se (information only)<br>83.168.226.72 corresponds with winweb-5.pem.crystone.net<br>Abuse.net has 1 reliable address(es) for crystone.net<br>Found address(es): abuse@crystone.net1486046927http://stipendiet.se/ (217.70.32.136) - Serp-hijackingAttacked url: http://stipendiet.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 01 Feb 2017 23:59:40 +0100<br><br>Visitors with referer are redirected to http://www.basketball-clothes.com/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: stipendiet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Wed, 01 Feb 2017 22:59:37 GMT <br>Server: Apache <br>Accept-Ranges: bytes <br>X-Powered-By: PHP/5.2.17 <br>Set-Cookie: USERID=twotime; path=/ <br>X-Pingback: http://stipendiet.se/xmlrpc.php <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: stipendiet.se <br>Referer: http://www.google.com/search?q=stipendiet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Wed, 01 Feb 2017 22:59:36 GMT <br>Server: Apache <br>Accept-Ranges: bytes <br>X-Powered-By: PHP/5.2.17 <br>Set-Cookie: USERID=shine-check; path=/ <br>Location: http://www.basketball-clothes.com/ <br>X-Pingback: http://stipendiet.se/xmlrpc.php <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>stipendiet.se is on 217.70.32.136<br>ASN for 217.70.32.136: 35041<br>Abusix contact information: abuse@levonline.com (information only)<br>217.70.32.136 corresponds with www1-php52.fordon.levonline.com<br>Abuse.net has 1 reliable address(es) for levonline.com<br>Found address(es): abuse@levonline.com1486046899http://restaurangstrandkanten.se/ (83.168.226.72) - Serp-hijackingAttacked url: http://restaurangstrandkanten.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 01 Feb 2017 23:28:41 +0100<br><br>Visitors with referer are redirected to http://www.lampsnext.com/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: restaurangstrandkanten.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Connection: close <br>Date: Wed, 01 Feb 2017 22:28:41 GMT <br>Server: Microsoft-IIS/6.0 <br>X-Powered-By: ASP.NET <br>Content-Length: 11744 <br>Content-Type: text/html <br>Set-Cookie: ASPSESSIONIDSSSBRCTT=EANJBMOAGGLGNMFFBBMAAOJN; path=/ <br>Cache-control: private <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: restaurangstrandkanten.se <br>Referer: http://www.google.com/search?q=restaurangstrandkanten.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Object moved <br>Connection: close <br>Date: Wed, 01 Feb 2017 22:28:41 GMT <br>Server: Microsoft-IIS/6.0 <br>X-Powered-By: ASP.NET <br>Location: http://www.lampsnext.com/ <br>Content-Length: 146 <br>Content-Type: text/html <br>Set-Cookie: ASPSESSIONIDSSSBRCTT=DANJBMOAAFAEEMLIKCJCMGHJ; path=/ <br>Cache-control: private<br><br>restaurangstrandkanten.se is on 83.168.226.72<br>ASN for 83.168.226.72: 35041<br>Abusix contact information: abuse@crystone.se (information only)<br>83.168.226.72 corresponds with winweb-5.pem.crystone.net<br>Abuse.net has 1 reliable address(es) for crystone.net<br>Found address(es): abuse@crystone.net1486046896http://storegardens.se/ (195.43.38.11) - MalwareOffensive html code:<br>&lt;script type=&quot;text/javascript&quot; src=&quot;http://103.30.41.50/t.js&quot;&gt;<br><br>Offensive url: http://103.30.41.50/t.js<br>Url is blacklisted in Google Safe Browsing<br><br>storegardens.se is on 195.43.38.11<br>ASN for 195.43.38.11: 35041<br>Abusix contact information: abuse@crystone.se (information only)<br>195.43.38.11 corresponds with s11.digisrv.net<br>Abuse.net does not have any reliable address for s11.digisrv.net<br>Found address in whois: abuse@crystone.se1485847195http://stipendiet.se/ (217.70.32.136) - Serp-hijackingAttacked url: http://stipendiet.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 30 Jan 2017 13:20:11 +0100<br><br>Visitors with referer are redirected to http://www.basketball-clothes.com/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: stipendiet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Mon, 30 Jan 2017 12:20:10 GMT <br>Server: Apache <br>Accept-Ranges: bytes <br>X-Powered-By: PHP/5.2.17 <br>Set-Cookie: USERID=twotime; path=/ <br>X-Pingback: http://stipendiet.se/xmlrpc.php <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: stipendiet.se <br>Referer: http://www.google.com/search?q=stipendiet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Mon, 30 Jan 2017 12:20:09 GMT <br>Server: Apache <br>Accept-Ranges: bytes <br>X-Powered-By: PHP/5.2.17 <br>Set-Cookie: USERID=shine-check; path=/ <br>Location: http://www.basketball-clothes.com/ <br>X-Pingback: http://stipendiet.se/xmlrpc.php <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>stipendiet.se is on 217.70.32.136<br>ASN for 217.70.32.136: 35041<br>Abusix contact information: abuse@levonline.com (information only)<br>217.70.32.136 corresponds with www1-php52.fordon.levonline.com<br>Abuse.net has 1 reliable address(es) for levonline.com<br>Found address(es): abuse@levonline.com1485847148http://stipendiet.se/ (217.70.32.136) - Serp-hijackingAttacked url: http://stipendiet.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Thu, 26 Jan 2017 07:29:08 +0100<br><br>Visitors with referer are redirected to http://www.basketball-clothes.com/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: stipendiet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Thu, 26 Jan 2017 06:29:05 GMT <br>Server: Apache <br>Accept-Ranges: bytes <br>X-Powered-By: PHP/5.2.17 <br>Set-Cookie: USERID=twotime; path=/ <br>X-Pingback: http://stipendiet.se/xmlrpc.php <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: stipendiet.se <br>Referer: http://www.google.com/search?q=stipendiet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Thu, 26 Jan 2017 06:29:04 GMT <br>Server: Apache <br>Accept-Ranges: bytes <br>X-Powered-By: PHP/5.2.17 <br>Set-Cookie: USERID=shine-check; path=/ <br>Location: http://www.basketball-clothes.com/ <br>X-Pingback: http://stipendiet.se/xmlrpc.php <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>stipendiet.se is on 217.70.32.136<br>ASN for 217.70.32.136: 35041<br>Abusix contact information: abuse@levonline.com (information only)<br>217.70.32.136 corresponds with www1-php52.fordon.levonline.com<br>Abuse.net has 1 reliable address(es) for levonline.com<br>Found address(es): abuse@levonline.com1485427433http://playground.se/ (195.43.38.11) - MalwareOffensive html code:<br>&lt;script type=&quot;text/javascript&quot; src=&quot;http://103.30.41.50/t.js&quot;&gt;<br><br>Offensive url: http://103.30.41.50/t.js<br>Url is blacklisted in Google Safe Browsing<br><br>playground.se is on 195.43.38.11<br>ASN for 195.43.38.11: 35041<br>Abusix contact information: abuse@crystone.se (information only)<br>195.43.38.11 corresponds with s11.digisrv.net<br>Abuse.net does not have any reliable address for s11.digisrv.net<br>Found address in whois: abuse@crystone.se1485427426http://yesgroup.se/ (195.43.38.60) - MalwareOffensive html code:<br>&lt;script type=&quot;text/javascript&quot; src=&quot;http://103.30.41.50/t.js&quot;&gt;<br><br>Offensive url: http://103.30.41.50/t.js<br>Url is blacklisted in Google Safe Browsing<br><br>yesgroup.se is on 195.43.38.60<br>ASN for 195.43.38.60: 35041<br>Abusix contact information: abuse@crystone.se (information only)<br>rDNS not found for 195.43.38.60<br>Found address in whois: abuse@crystone.se1485427372http://stipendiet.se/ (217.70.32.136) - Serp-hijackingAttacked url: http://stipendiet.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 24 Jan 2017 03:27:23 +0100<br><br>Visitors with referer are redirected to http://www.basketball-clothes.com/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: stipendiet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Tue, 24 Jan 2017 02:27:21 GMT <br>Server: Apache <br>Accept-Ranges: bytes <br>X-Powered-By: PHP/5.2.17 <br>Set-Cookie: USERID=twotime; path=/ <br>X-Pingback: http://stipendiet.se/xmlrpc.php <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: stipendiet.se <br>Referer: http://www.google.com/search?q=stipendiet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Tue, 24 Jan 2017 02:27:21 GMT <br>Server: Apache <br>Accept-Ranges: bytes <br>X-Powered-By: PHP/5.2.17 <br>Set-Cookie: USERID=shine-check; path=/ <br>Location: http://www.basketball-clothes.com/ <br>X-Pingback: http://stipendiet.se/xmlrpc.php <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>stipendiet.se is on 217.70.32.136<br>ASN for 217.70.32.136: 35041<br>Abusix contact information: abuse@levonline.com (information only)<br>217.70.32.136 corresponds with www1-php52.fordon.levonline.com<br>Abuse.net has 1 reliable address(es) for levonline.com<br>Found address(es): abuse@levonline.com1485249955http://stipendiet.se/ (217.70.32.136) - Serp-hijackingAttacked url: http://stipendiet.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 18 Jan 2017 00:47:05 +0100<br><br>Visitors with referer are redirected to http://www.basketball-clothes.com/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: stipendiet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Tue, 17 Jan 2017 23:47:00 GMT <br>Server: Apache <br>Accept-Ranges: bytes <br>X-Powered-By: PHP/5.2.17 <br>Set-Cookie: USERID=twotime; path=/ <br>X-Pingback: http://stipendiet.se/xmlrpc.php <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: stipendiet.se <br>Referer: http://www.google.com/search?q=stipendiet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Tue, 17 Jan 2017 23:47:00 GMT <br>Server: Apache <br>Accept-Ranges: bytes <br>X-Powered-By: PHP/5.2.17 <br>Set-Cookie: USERID=shine-check; path=/ <br>Location: http://www.basketball-clothes.com/ <br>X-Pingback: http://stipendiet.se/xmlrpc.php <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>stipendiet.se is on 217.70.32.136<br>ASN for 217.70.32.136: 35041<br>Abusix contact information: abuse@levonline.com (information only)<br>217.70.32.136 corresponds with www1-php52.fordon.levonline.com<br>Abuse.net has 1 reliable address(es) for levonline.com<br>Found address(es): abuse@levonline.com1484730886http://stipendiet.se/ (217.70.32.136) - Serp-hijackingAttacked url: http://stipendiet.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 17 Jan 2017 00:27:19 +0100<br><br>Visitors with referer are redirected to http://www.basketball-clothes.com/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: stipendiet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Mon, 16 Jan 2017 23:27:05 GMT <br>Server: Apache <br>Accept-Ranges: bytes <br>X-Powered-By: PHP/5.2.17 <br>Set-Cookie: USERID=twotime; path=/ <br>X-Pingback: http://stipendiet.se/xmlrpc.php <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: stipendiet.se <br>Referer: http://www.google.com/search?q=stipendiet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Mon, 16 Jan 2017 23:27:05 GMT <br>Server: Apache <br>Accept-Ranges: bytes <br>X-Powered-By: PHP/5.2.17 <br>Set-Cookie: USERID=shine-check; path=/ <br>Location: http://www.basketball-clothes.com/ <br>X-Pingback: http://stipendiet.se/xmlrpc.php <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>stipendiet.se is on 217.70.32.136<br>ASN for 217.70.32.136: 35041<br>Abusix contact information: abuse@levonline.com (information only)<br>217.70.32.136 corresponds with www1-php52.fordon.levonline.com<br>Abuse.net has 1 reliable address(es) for levonline.com<br>Found address(es): abuse@levonline.com1484635978http://ssbl.se/ (93.90.145.101) - MalwareOffensive html code:<br>&lt;iframe src=&quot;http://qccydvx.ddnsking.com/wordpress/?ARX8&quot; width=&quot;250&quot; height=&quot;250&quot;&gt;<br><br>Offensive url: http://qccydvx.ddnsking.com/wordpress/?ARX8<br>Url is blacklisted in Google Safe Browsing<br><br>ssbl.se is on 93.90.145.101<br>ASN for 93.90.145.101: 35041<br>Abusix contact information: abuse@levonline.com (information only)<br>93.90.145.101 corresponds with apache-01.crystone.se<br>Abuse.net has 2 reliable address(es) for crystone.se<br>Found address(es): abuse@crystone.net abuse@crystone.se1484635930http://stipendiet.se/ (217.70.32.136) - Serp-hijackingAttacked url: http://stipendiet.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Thu, 12 Jan 2017 09:53:27 +0100<br><br>Visitors with referer are redirected to http://www.basketball-clothes.com/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: stipendiet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Thu, 12 Jan 2017 08:53:21 GMT <br>Server: Apache <br>Accept-Ranges: bytes <br>X-Powered-By: PHP/5.2.17 <br>Set-Cookie: USERID=twotime; path=/ <br>X-Pingback: http://stipendiet.se/xmlrpc.php <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: stipendiet.se <br>Referer: http://www.google.com/search?q=stipendiet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Thu, 12 Jan 2017 08:53:21 GMT <br>Server: Apache <br>Accept-Ranges: bytes <br>X-Powered-By: PHP/5.2.17 <br>Set-Cookie: USERID=shine-check; path=/ <br>Location: http://www.basketball-clothes.com/ <br>X-Pingback: http://stipendiet.se/xmlrpc.php <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>stipendiet.se is on 217.70.32.136<br>ASN for 217.70.32.136: 35041<br>Abusix contact information: abuse@levonline.com (information only)<br>217.70.32.136 corresponds with www1-php52.fordon.levonline.com<br>Abuse.net has 1 reliable address(es) for levonline.com<br>Found address(es): abuse@levonline.com1484292392http://jureka.se/ (83.168.244.28) - Serp-hijackingAttacked url: http://jureka.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Thu, 12 Jan 2017 05:18:23 +0100<br><br>Visitors with referer are redirected to http://www.billigafotbollsskor-online.com/#jurekaa <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: jureka.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Connection: close <br>Date: Thu, 12 Jan 2017 04:18:19 GMT <br>Server: Microsoft-IIS/6.0 <br>X-Powered-By: ASP.NET <br>Content-Length: 4539 <br>Content-Type: text/html <br>Set-Cookie: ASPSESSIONIDACRQQADB=NPGNMDBDDNFHLLOBMDBKNJPI; path=/ <br>Cache-control: private <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: jureka.se <br>Referer: http://www.google.com/search?q=jureka.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Object moved <br>Connection: close <br>Date: Thu, 12 Jan 2017 04:18:19 GMT <br>Server: Microsoft-IIS/6.0 <br>X-Powered-By: ASP.NET <br>Location: http://www.billigafotbollsskor-online.com/#jurekaa <br>Content-Length: 171 <br>Content-Type: text/html <br>Set-Cookie: ASPSESSIONIDACRQQADB=MPGNMDBDPDEAPGEBPOFJJOEH; path=/ <br>Cache-control: private<br><br>jureka.se is on 83.168.244.28<br>ASN for 83.168.244.28: 35041<br>Abusix contact information: abuse@crystone.se (information only)<br>83.168.244.28 corresponds with web-10.crystone.se<br>Abuse.net has 2 reliable address(es) for crystone.se<br>Found address(es): abuse@crystone.se abuse@crystone.net1484204252http://skyddsrummet.se/ (93.90.145.82) - Serp-hijackingAttacked url: http://skyddsrummet.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 11 Jan 2017 00:30:04 +0100<br><br>Visitors with referer are redirected to http://www.lampsnext.com/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: skyddsrummet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Cache-Control: private <br>Content-Length: 6207 <br>Content-Type: text/html <br>ETag: &quot;&quot; <br>Server: Microsoft-IIS/8.5 <br>Set-Cookie: ASPSESSIONIDCACQDDBQ=FNBFMEHCFIJFEGNEMHODKHEL; path=/ <br>X-Powered-By: ASP.NET <br>Date: Tue, 10 Jan 2017 23:29:57 GMT <br>Connection: close <br>Pool-Info: /Common/cry-iis-02 10.161.43.2 80 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: skyddsrummet.se <br>Referer: http://www.google.com/search?q=skyddsrummet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Object moved <br>Cache-Control: private <br>Content-Length: 146 <br>Content-Type: text/html <br>ETag: &quot;&quot; <br>Location: http://www.lampsnext.com/ <br>Server: Microsoft-IIS/8.5 <br>Set-Cookie: ASPSESSIONIDCACQDDBQ=ENBFMEHCHOBCFLPNJIMOMCHM; path=/ <br>X-Powered-By: ASP.NET <br>Date: Tue, 10 Jan 2017 23:29:57 GMT <br>Connection: close <br>Pool-Info: /Common/cry-iis-02 10.161.43.2 80<br><br>skyddsrummet.se is on 93.90.145.82<br>ASN for 93.90.145.82: 35041<br>Abusix contact information: abuse@levonline.com (information only)<br>93.90.145.82 corresponds with iis-02.crystone.se<br>Abuse.net has 2 reliable address(es) for crystone.se<br>Found address(es): abuse@crystone.net abuse@crystone.se1484119828http://restaurangstrandkanten.se/ (83.168.226.72) - Serp-hijackingAttacked url: http://restaurangstrandkanten.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 14 Dec 2016 18:47:48 +0100<br><br>Visitors with referer are redirected to http://www.lampsnext.com/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: restaurangstrandkanten.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Connection: close <br>Date: Wed, 14 Dec 2016 17:47:51 GMT <br>Server: Microsoft-IIS/6.0 <br>X-Powered-By: ASP.NET <br>Content-Length: 11744 <br>Content-Type: text/html <br>Set-Cookie: ASPSESSIONIDQSSTADRS=BLKFHOKABOMFKAJPIGBCIMLO; path=/ <br>Cache-control: private <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: restaurangstrandkanten.se <br>Referer: http://www.google.com/search?q=restaurangstrandkanten.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Object moved <br>Connection: close <br>Date: Wed, 14 Dec 2016 17:47:51 GMT <br>Server: Microsoft-IIS/6.0 <br>X-Powered-By: ASP.NET <br>Location: http://www.lampsnext.com/ <br>Content-Length: 146 <br>Content-Type: text/html <br>Set-Cookie: ASPSESSIONIDQSSTADRS=ALKFHOKAMAKHOHHJLJCNGOJN; path=/ <br>Cache-control: private<br><br>restaurangstrandkanten.se is on 83.168.226.72<br>ASN for 83.168.226.72: 35041<br>Abusix contact information: abuse@crystone.se (information only)<br>83.168.226.72 corresponds with winweb-5.pem.crystone.net<br>Abuse.net has 1 reliable address(es) for crystone.net<br>Found address(es): abuse@crystone.net1481786569http://stipendiet.se/ (217.70.32.136) - Serp-hijackingAttacked url: http://stipendiet.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 07 Dec 2016 09:02:10 +0100<br><br>Visitors with referer are redirected to http://www.basketball-clothes.com/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: stipendiet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Wed, 07 Dec 2016 08:02:00 GMT <br>Server: Apache <br>Accept-Ranges: bytes <br>X-Powered-By: PHP/5.2.17 <br>Set-Cookie: USERID=twotime; path=/ <br>X-Pingback: http://stipendiet.se/xmlrpc.php <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: stipendiet.se <br>Referer: http://www.google.com/search?q=stipendiet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Wed, 07 Dec 2016 08:01:59 GMT <br>Server: Apache <br>Accept-Ranges: bytes <br>X-Powered-By: PHP/5.2.17 <br>Set-Cookie: USERID=shine-check; path=/ <br>Location: http://www.basketball-clothes.com/ <br>X-Pingback: http://stipendiet.se/xmlrpc.php <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>stipendiet.se is on 217.70.32.136<br>ASN for 217.70.32.136: 35041<br>Abusix contact information: abuse@levonline.com (information only)<br>217.70.32.136 corresponds with www1-php52.fordon.levonline.com<br>Abuse.net has 1 reliable address(es) for levonline.com<br>Found address(es): abuse@levonline.com1481181014http://stio.se/ (83.168.226.77) - Serp-hijackingAttacked url: http://stio.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 07 Dec 2016 05:46:15 +0100<br><br>Visitors with referer are redirected to http://www.lampsnext.com/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: stio.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Connection: close <br>Date: Wed, 07 Dec 2016 04:46:09 GMT <br>Server: Microsoft-IIS/6.0 <br>X-Powered-By: ASP.NET <br>Content-Length: 19330 <br>Content-Type: text/html <br>Set-Cookie: ASPSESSIONIDAQTQTQSS=DILEGEGDEHJEPENFMPKPFMEC; path=/ <br>Cache-control: private <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: stio.se <br>Referer: http://www.google.com/search?q=stio.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Object moved <br>Connection: close <br>Date: Wed, 07 Dec 2016 04:46:08 GMT <br>Server: Microsoft-IIS/6.0 <br>X-Powered-By: ASP.NET <br>Location: http://www.lampsnext.com/ <br>Content-Length: 146 <br>Content-Type: text/html <br>Set-Cookie: ASPSESSIONIDAQTQTQSS=CILEGEGDOOJLHBBHELGKJMJC; path=/ <br>Cache-control: private<br><br>stio.se is on 83.168.226.77<br>ASN for 83.168.226.77: 35041<br>Abusix contact information: abuse@crystone.se (information only)<br>83.168.226.77 corresponds with winweb-7.pem.crystone.net<br>Abuse.net has 1 reliable address(es) for crystone.net<br>Found address(es): abuse@crystone.net1481095255http://vojje.se/ (83.168.226.82) - Serp-hijackingAttacked url: http://vojje.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 06 Dec 2016 23:42:45 +0100<br><br>Visitors with referer are redirected to http://www.doaat.com/download.php?pid= <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: vojje.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Connection: close <br>Date: Tue, 06 Dec 2016 22:42:41 GMT <br>Server: Microsoft-IIS/6.0 <br>X-Powered-By: ASP.NET <br>Content-Length: 13388 <br>Content-Type: text/html <br>Set-Cookie: ASPSESSIONIDCCQDTARS=EPDFOCADOIFPOEEJAPEKAHGJ; path=/ <br>Cache-control: private <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: vojje.se <br>Referer: http://www.google.com/search?q=vojje.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Object moved <br>Connection: close <br>Date: Tue, 06 Dec 2016 22:42:40 GMT <br>Server: Microsoft-IIS/6.0 <br>X-Powered-By: ASP.NET <br>Location: http://www.doaat.com/download.php?pid= <br>Content-Length: 159 <br>Content-Type: text/html <br>Set-Cookie: ASPSESSIONIDCCQDTARS=DPDFOCADDPJHOBJMDPJGBAOH; path=/ <br>Cache-control: private<br><br>vojje.se is on 83.168.226.82<br>ASN for 83.168.226.82: 35041<br>Abusix contact information: abuse@crystone.se (information only)<br>83.168.226.82 corresponds with winweb-9.pem.crystone.net<br>Abuse.net has 1 reliable address(es) for crystone.net<br>Found address(es): abuse@crystone.net1481094792http://gibson-band.se/ (83.168.226.77) - Serp-hijackingAttacked url: http://gibson-band.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Thu, 01 Dec 2016 17:06:14 +0100<br><br>Visitors with referer are redirected to http://www.lampsnext.com/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: gibson-band.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Connection: close <br>Date: Thu, 01 Dec 2016 16:06:14 GMT <br>Server: Microsoft-IIS/6.0 <br>X-Powered-By: ASP.NET <br>Content-Length: 19330 <br>Content-Type: text/html <br>Set-Cookie: ASPSESSIONIDAQSQRRSS=OMFEAHGDMNJINBDDLBGDKBFA; path=/ <br>Cache-control: private <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: gibson-band.se <br>Referer: http://www.google.com/search?q=gibson-band.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Object moved <br>Connection: close <br>Date: Thu, 01 Dec 2016 16:06:13 GMT <br>Server: Microsoft-IIS/6.0 <br>X-Powered-By: ASP.NET <br>Location: http://www.lampsnext.com/ <br>Content-Length: 146 <br>Content-Type: text/html <br>Set-Cookie: ASPSESSIONIDAQSQRRSS=NMFEAHGDCNNFJFJFJJBOIFBJ; path=/ <br>Cache-control: private<br><br>gibson-band.se is on 83.168.226.77<br>ASN for 83.168.226.77: 35041<br>Abusix contact information: abuse@crystone.se (information only)<br>83.168.226.77 corresponds with winweb-7.pem.crystone.net<br>Abuse.net has 1 reliable address(es) for crystone.net<br>Found address(es): abuse@crystone.net1480663013http://stipendiet.se/ (217.70.32.136) - Serp-hijackingAttacked url: http://stipendiet.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Sun, 27 Nov 2016 09:12:50 +0100<br><br>Visitors with referer are redirected to http://www.basketball-clothes.com/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: stipendiet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Sun, 27 Nov 2016 08:12:43 GMT <br>Server: Apache <br>Accept-Ranges: bytes <br>X-Powered-By: PHP/5.2.17 <br>Set-Cookie: USERID=twotime; path=/ <br>X-Pingback: http://stipendiet.se/xmlrpc.php <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: stipendiet.se <br>Referer: http://www.google.com/search?q=stipendiet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Sun, 27 Nov 2016 08:12:42 GMT <br>Server: Apache <br>Accept-Ranges: bytes <br>X-Powered-By: PHP/5.2.17 <br>Set-Cookie: USERID=shine-check; path=/ <br>Location: http://www.basketball-clothes.com/ <br>X-Pingback: http://stipendiet.se/xmlrpc.php <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>stipendiet.se is on 217.70.32.136<br>ASN for 217.70.32.136: 35041<br>Abusix contact information: abuse@levonline.com (information only)<br>217.70.32.136 corresponds with www1-php52.fordon.levonline.com<br>Abuse.net has 1 reliable address(es) for levonline.com<br>Found address(es): abuse@levonline.com1480317401http://stipendiet.se/ (217.70.32.136) - Serp-hijackingAttacked url: http://stipendiet.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Thu, 24 Nov 2016 12:01:08 +0100<br><br>Visitors with referer are redirected to http://www.basketball-clothes.com/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: stipendiet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Thu, 24 Nov 2016 11:01:04 GMT <br>Server: Apache <br>Accept-Ranges: bytes <br>X-Powered-By: PHP/5.2.17 <br>Set-Cookie: USERID=twotime; path=/ <br>X-Pingback: http://stipendiet.se/xmlrpc.php <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: stipendiet.se <br>Referer: http://www.google.com/search?q=stipendiet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Thu, 24 Nov 2016 11:01:04 GMT <br>Server: Apache <br>Accept-Ranges: bytes <br>X-Powered-By: PHP/5.2.17 <br>Set-Cookie: USERID=shine-check; path=/ <br>Location: http://www.basketball-clothes.com/ <br>X-Pingback: http://stipendiet.se/xmlrpc.php <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>stipendiet.se is on 217.70.32.136<br>ASN for 217.70.32.136: 35041<br>Abusix contact information: abuse@levonline.com (information only)<br>217.70.32.136 corresponds with www1-php52.fordon.levonline.com<br>Abuse.net has 1 reliable address(es) for levonline.com<br>Found address(es): abuse@levonline.com1479994214http://jureka.se/ (83.168.244.28) - Serp-hijackingAttacked url: http://jureka.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Thu, 24 Nov 2016 06:57:05 +0100<br><br>Visitors with referer are redirected to http://www.billigafotbollsskor-online.com/#jurekaa <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: jureka.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Connection: close <br>Date: Thu, 24 Nov 2016 05:53:34 GMT <br>Server: Microsoft-IIS/6.0 <br>X-Powered-By: ASP.NET <br>Content-Length: 4539 <br>Content-Type: text/html <br>Set-Cookie: ASPSESSIONIDCCCTDSBT=HGDLOFOCGDMCMMLGIPMBFLNI; path=/ <br>Cache-control: private <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: jureka.se <br>Referer: http://www.google.com/search?q=jureka.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Object moved <br>Connection: close <br>Date: Thu, 24 Nov 2016 05:53:34 GMT <br>Server: Microsoft-IIS/6.0 <br>X-Powered-By: ASP.NET <br>Location: http://www.billigafotbollsskor-online.com/#jurekaa <br>Content-Length: 171 <br>Content-Type: text/html <br>Set-Cookie: ASPSESSIONIDCCCTDSBT=GGDLOFOCIJDCCGGPHHHOJKNC; path=/ <br>Cache-control: private<br><br>jureka.se is on 83.168.244.28<br>ASN for 83.168.244.28: 35041<br>Abusix contact information: abuse@crystone.se (information only)<br>83.168.244.28 corresponds with web-10.crystone.se<br>Abuse.net has 2 reliable address(es) for crystone.se<br>Found address(es): abuse@crystone.net abuse@crystone.se1479993981http://stipendiet.se/ (217.70.32.136) - Serp-hijackingAttacked url: http://stipendiet.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Sun, 20 Nov 2016 19:10:35 +0100<br><br>Visitors with referer are redirected to http://www.basketball-clothes.com/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: stipendiet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Sun, 20 Nov 2016 18:10:34 GMT <br>Server: Apache <br>Accept-Ranges: bytes <br>X-Powered-By: PHP/5.2.17 <br>Set-Cookie: USERID=twotime; path=/ <br>X-Pingback: http://stipendiet.se/xmlrpc.php <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: stipendiet.se <br>Referer: http://www.google.com/search?q=stipendiet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Date: Sun, 20 Nov 2016 18:10:33 GMT <br>Server: Apache <br>Accept-Ranges: bytes <br>X-Powered-By: PHP/5.2.17 <br>Set-Cookie: USERID=shine-check; path=/ <br>Location: http://www.basketball-clothes.com/ <br>X-Pingback: http://stipendiet.se/xmlrpc.php <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>stipendiet.se is on 217.70.32.136<br>ASN for 217.70.32.136: 35041<br>Abusix contact information: abuse@levonline.com (information only)<br>217.70.32.136 corresponds with www1-php52.fordon.levonline.com<br>Abuse.net has 1 reliable address(es) for levonline.com<br>Found address(es): abuse@levonline.com1479715127