Säkrare hemsida med .sehttp://zogg.se/page/2/ (194.9.94.194) - Serp-hijackingAttacked url: http://zogg.se/page/2/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 18 Oct 2017 21:04:31 +0200<br><br>Visitors with referer are redirected to http://islas.co.uk/college/image/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: zogg.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.12.1 <br>Date: Wed, 18 Oct 2017 19:04:48 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: Cookie <br>X-Powered-By: PHP/5.6.30 <br>X-Pingback: http://zogg.se/xmlrpc.php <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: zogg.se <br>Referer: http://www.google.com/search?q=zogg.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.12.1 <br>Date: Wed, 18 Oct 2017 19:04:47 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://islas.co.uk/college/image/<br><br>zogg.se is on 194.9.94.194<br>ASN for 194.9.94.194: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.194 corresponds with s407.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1508412374http://purefitbars.se/ (194.9.94.38) - Serp-hijackingAttacked url: http://purefitbars.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 16 Oct 2017 17:27:23 +0200<br><br>Visitors with referer are redirected to http://islas.co.uk/college/image/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: purefitbars.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.12.1 <br>Date: Mon, 16 Oct 2017 15:27:23 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Set-Cookie: wfvt_505271604=59e4cfdba373b; expires=Mon, 16-Oct-2017 15:57:23 GMT; Max-Age=1800; path=/; httponly <br>Link: &lt;http://purefitbars.se/wp-json/&gt;; rel=&quot;https://api.w.org/&quot; <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: purefitbars.se <br>Referer: http://www.google.com/search?q=purefitbars.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.12.1 <br>Date: Mon, 16 Oct 2017 15:27:19 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://islas.co.uk/college/image/<br><br>purefitbars.se is on 194.9.94.38<br>ASN for 194.9.94.38: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.38 corresponds with s439.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1508232818http://zogg.se/2013/01/03/stadig-frukost/ (194.9.94.194) - Serp-hijackingAttacked url: http://zogg.se/2013/01/03/stadig-frukost/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Thu, 12 Oct 2017 22:15:18 +0200<br><br>Visitors with referer are redirected to http://islas.co.uk/college/image/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: zogg.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.12.1 <br>Date: Thu, 12 Oct 2017 20:15:18 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: Accept-Encoding,Cookie <br>X-Powered-By: PHP/5.6.30 <br>Cache-Control: max-age=3, must-revalidate <br>WP-Super-Cache: Served supercache file from PHP <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: zogg.se <br>Referer: http://www.google.com/search?q=zogg.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.12.1 <br>Date: Thu, 12 Oct 2017 20:15:18 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://islas.co.uk/college/image/<br><br>zogg.se is on 194.9.94.194<br>ASN for 194.9.94.194: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.194 corresponds with s407.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1507879643http://zogg.se/2013/01/01/vags-ande/ (194.9.94.194) - Serp-hijackingAttacked url: http://zogg.se/2013/01/01/vags-ande/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Thu, 12 Oct 2017 21:27:11 +0200<br><br>Visitors with referer are redirected to http://islas.co.uk/college/image/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: zogg.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.12.1 <br>Date: Thu, 12 Oct 2017 19:27:27 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: Accept-Encoding,Cookie <br>X-Powered-By: PHP/5.6.30 <br>Cache-Control: max-age=3, must-revalidate <br>WP-Super-Cache: Served supercache file from PHP <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: zogg.se <br>Referer: http://www.google.com/search?q=zogg.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.12.1 <br>Date: Thu, 12 Oct 2017 19:27:27 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://islas.co.uk/college/image/<br><br>zogg.se is on 194.9.94.194<br>ASN for 194.9.94.194: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.194 corresponds with s407.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1507879618http://buttlekvarn.nu/ (93.188.2.51) - Serp-hijackingAttacked url: http://buttlekvarn.nu/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Thu, 12 Oct 2017 10:54:16 +0200<br><br>Visitors with referer are redirected to http://www.fapp.pw/app/se.php <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: buttlekvarn.nu <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx <br>Date: Thu, 12 Oct 2017 08:54:31 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>X-Powered-By: PHP/7.1.10 <br>Vary: Accept-Encoding,Cookie <br>Cache-Control: max-age=3, must-revalidate <br>X-Loopia-Node: 172.22.223.25 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: buttlekvarn.nu <br>Referer: http://www.google.com/search?q=buttlekvarn.nu <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 301 Moved Permanently <br>Server: nginx <br>Date: Thu, 12 Oct 2017 08:54:31 GMT <br>Content-Type: text/html; charset=iso-8859-1 <br>Connection: close <br>Location: http://www.fapp.pw/app/se.php <br>X-Loopia-Node: 172.22.223.25<br><br>buttlekvarn.nu is on 93.188.2.51<br>ASN for 93.188.2.51: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>93.188.2.51 corresponds with webfront1.webcluster.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1507879596http://djurahembygdsforening.se/ (194.9.94.7) - Serp-hijackingAttacked url: http://djurahembygdsforening.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 10 Oct 2017 20:23:16 +0200<br><br>Visitors with referer are redirected to http://islas.co.uk/college/image/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: djurahembygdsforening.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.12.1 <br>Date: Tue, 10 Oct 2017 18:23:16 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>X-Pingback: http://djurahembygdsforening.se/xmlrpc.php <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: djurahembygdsforening.se <br>Referer: http://www.google.com/search?q=djurahembygdsforening.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.12.1 <br>Date: Tue, 10 Oct 2017 18:23:15 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://islas.co.uk/college/image/<br><br>djurahembygdsforening.se is on 194.9.94.7<br>ASN for 194.9.94.7: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.7 corresponds with s98.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1507720858http://zogg.se/ (194.9.94.194) - Serp-hijackingAttacked url: http://zogg.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 10 Oct 2017 14:07:12 +0200<br><br>Visitors with referer are redirected to http://islas.co.uk/college/image/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: zogg.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.12.1 <br>Date: Tue, 10 Oct 2017 12:07:27 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: Cookie <br>X-Powered-By: PHP/5.6.30 <br>X-Pingback: http://zogg.se/xmlrpc.php <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: zogg.se <br>Referer: http://www.google.com/search?q=zogg.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.12.1 <br>Date: Tue, 10 Oct 2017 12:07:25 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://islas.co.uk/college/image/<br><br>zogg.se is on 194.9.94.194<br>ASN for 194.9.94.194: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.194 corresponds with s407.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1507720835http://purefitbars.se/ (194.9.94.38) - Serp-hijackingAttacked url: http://purefitbars.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 09 Oct 2017 11:35:27 +0200<br><br>Visitors with referer are redirected to http://islas.co.uk/college/image/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: purefitbars.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.12.1 <br>Date: Mon, 09 Oct 2017 09:35:41 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Set-Cookie: wfvt_505271604=59db42ed9aff0; expires=Mon, 09-Oct-2017 10:05:41 GMT; Max-Age=1800; path=/; httponly <br>Link: &lt;http://purefitbars.se/wp-json/&gt;; rel=&quot;https://api.w.org/&quot; <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: purefitbars.se <br>Referer: http://www.google.com/search?q=purefitbars.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.12.1 <br>Date: Mon, 09 Oct 2017 09:35:39 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://islas.co.uk/college/image/<br><br>purefitbars.se is on 194.9.94.38<br>ASN for 194.9.94.38: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.38 corresponds with s439.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1507558486http://manspodden.se/ (194.9.94.15) - Serp-hijackingAttacked url: http://manspodden.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 09 Oct 2017 06:28:22 +0200<br><br>Visitors with referer are redirected to http://islas.co.uk/college/image/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: manspodden.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.12.1 <br>Date: Mon, 09 Oct 2017 04:28:37 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Link: &lt;http://manspodden.se/wp-json/&gt;; rel=&quot;https://api.w.org/&quot; <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: manspodden.se <br>Referer: http://www.google.com/search?q=manspodden.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.12.1 <br>Date: Mon, 09 Oct 2017 04:28:36 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Set-Cookie: redirectCookie=1; expires=Tue, 10-Oct-2017 04:28:36 GMT; Max-Age=86400 <br>Location: http://islas.co.uk/college/image/<br><br>manspodden.se is on 194.9.94.15<br>ASN for 194.9.94.15: 39570<br>Abusix contact information: (information only)<br>194.9.94.15 corresponds with s515.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1507558473http://zogg.se/2013/01/03/stadig-frukost/ (194.9.94.194) - Serp-hijackingAttacked url: http://zogg.se/2013/01/03/stadig-frukost/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Sun, 08 Oct 2017 21:54:46 +0200<br><br>Visitors with referer are redirected to http://islas.co.uk/college/image/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: zogg.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.12.1 <br>Date: Sun, 08 Oct 2017 19:54:46 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: Accept-Encoding,Cookie <br>X-Powered-By: PHP/5.6.30 <br>Cache-Control: max-age=3, must-revalidate <br>WP-Super-Cache: Served supercache file from PHP <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: zogg.se <br>Referer: http://www.google.com/search?q=zogg.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.12.1 <br>Date: Sun, 08 Oct 2017 19:54:46 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://islas.co.uk/college/image/<br><br>zogg.se is on 194.9.94.194<br>ASN for 194.9.94.194: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.194 corresponds with s407.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1507558407http://zogg.se/2013/01/01/vags-ande/ (194.9.94.194) - Serp-hijackingAttacked url: http://zogg.se/2013/01/01/vags-ande/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Sun, 08 Oct 2017 21:09:11 +0200<br><br>Visitors with referer are redirected to http://islas.co.uk/college/image/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: zogg.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.12.1 <br>Date: Sun, 08 Oct 2017 19:09:25 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: Accept-Encoding,Cookie <br>X-Powered-By: PHP/5.6.30 <br>Cache-Control: max-age=3, must-revalidate <br>WP-Super-Cache: Served supercache file from PHP <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: zogg.se <br>Referer: http://www.google.com/search?q=zogg.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.12.1 <br>Date: Sun, 08 Oct 2017 19:09:25 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://islas.co.uk/college/image/<br><br>zogg.se is on 194.9.94.194<br>ASN for 194.9.94.194: 39570<br>Abusix contact information: (information only)<br>194.9.94.194 corresponds with s407.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1507558401http://zogg.se/page/2/ (194.9.94.194) - Serp-hijackingAttacked url: http://zogg.se/page/2/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Sun, 08 Oct 2017 20:24:35 +0200<br><br>Visitors with referer are redirected to http://islas.co.uk/college/image/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: zogg.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.12.1 <br>Date: Sun, 08 Oct 2017 18:24:49 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: Cookie <br>X-Powered-By: PHP/5.6.30 <br>X-Pingback: http://zogg.se/xmlrpc.php <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: zogg.se <br>Referer: http://www.google.com/search?q=zogg.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.12.1 <br>Date: Sun, 08 Oct 2017 18:24:49 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://islas.co.uk/college/image/<br><br>zogg.se is on 194.9.94.194<br>ASN for 194.9.94.194: 39570<br>Abusix contact information: (information only)<br>194.9.94.194 corresponds with s407.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1507558398http://wilkon.se/ (194.9.94.17) - Serp-hijackingAttacked url: http://wilkon.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Thu, 05 Oct 2017 07:49:43 +0200<br><br>Visitors with referer are redirected to http://islas.co.uk/college/image/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: wilkon.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.12.1 <br>Date: Thu, 05 Oct 2017 05:49:57 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For,Accept-Encoding <br>X-Powered-By: PHP/5.6.30 <br>Set-Cookie: nm_transient_id=nmtr_f7c517fb03d706ba461cb6c3bfc664662ca4cfc8; path=/ <br>Set-Cookie: PHPSESSID=06k9oathq1mv26q5p105r1ktr0; path=/ <br>Expires: Thu, 19 Nov 1981 08:52:00 GMT <br>Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 <br>Pragma: no-cache <br>Link: &lt;http://wilkon.se/wp-json/&gt;; rel=&quot;https://api.w.org/&quot; <br>Link: &lt;http://wilkon.se/&gt;; rel=shortlink <br>Link: &lt;http://wilkon.se/wp-json&gt;; rel=&quot;https://github.com/WP-API/WP-API&quot; <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: wilkon.se <br>Referer: http://www.google.com/search?q=wilkon.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.12.1 <br>Date: Thu, 05 Oct 2017 05:49:55 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For,Accept-Encoding <br>X-Powered-By: PHP/5.6.30 <br>Location: http://islas.co.uk/college/image/ <br>Cache-Control: max-age=86400 <br>Expires: Fri, 06 Oct 2017 05:49:29 GMT<br><br>wilkon.se is on 194.9.94.17<br>ASN for 194.9.94.17: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.17 corresponds with s540.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1507210865http://forlagetorda.se/ (194.9.95.100) - Serp-hijackingAttacked url: http://forlagetorda.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Sun, 01 Oct 2017 21:12:55 +0200<br><br>Visitors with referer are redirected to http://islas.co.uk/college/image/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: forlagetorda.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.12.1 <br>Date: Sun, 01 Oct 2017 19:12:55 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Set-Cookie: PHPSESSID=d3192vk2b74nl8c62arnohu276; path=/ <br>Expires: Thu, 19 Nov 1981 08:52:00 GMT <br>Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 <br>Pragma: no-cache <br>X-Pingback: http://forlagetorda.se/xmlrpc.php <br>Link: &lt;http://forlagetorda.se/&gt;; rel=shortlink <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: forlagetorda.se <br>Referer: http://www.google.com/search?q=forlagetorda.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.12.1 <br>Date: Sun, 01 Oct 2017 19:12:55 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://islas.co.uk/college/image/<br><br>forlagetorda.se is on 194.9.95.100<br>ASN for 194.9.95.100: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.95.100 corresponds with s7.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1506933731http://forlagetorda.se/ (194.9.95.100) - Serp-hijackingAttacked url: http://forlagetorda.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Fri, 29 Sep 2017 11:50:27 +0200<br><br>Visitors with referer are redirected to http://islas.co.uk/college/image/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: forlagetorda.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.12.1 <br>Date: Fri, 29 Sep 2017 09:50:40 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Set-Cookie: PHPSESSID=75kukkeihc7f360dsh9qk9ocj4; path=/ <br>Expires: Thu, 19 Nov 1981 08:52:00 GMT <br>Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 <br>Pragma: no-cache <br>X-Pingback: http://forlagetorda.se/xmlrpc.php <br>Link: &lt;http://forlagetorda.se/&gt;; rel=shortlink <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: forlagetorda.se <br>Referer: http://www.google.com/search?q=forlagetorda.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.12.1 <br>Date: Fri, 29 Sep 2017 09:50:39 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://islas.co.uk/college/image/<br><br>forlagetorda.se is on 194.9.95.100<br>ASN for 194.9.95.100: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.95.100 corresponds with s7.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1506693580http://kaffehornan.se/ (194.9.94.54) - Serp-hijackingAttacked url: http://kaffehornan.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Fri, 29 Sep 2017 07:56:35 +0200<br><br>Visitors with referer are redirected to http://vados.biz/gosw?keyword=&amp;pill= <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: kaffehornan.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.12.1 <br>Date: Fri, 29 Sep 2017 05:56:48 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Link: &lt;http://kaffehornan.se/wp-json/&gt;; rel=&quot;https://api.w.org/&quot; <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: kaffehornan.se <br>Referer: http://www.google.com/search?q=kaffehornan.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.12.1 <br>Date: Fri, 29 Sep 2017 05:56:46 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://vados.biz/gosw?keyword=&amp;pill=<br><br>kaffehornan.se is on 194.9.94.54<br>ASN for 194.9.94.54: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.54 corresponds with s517.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1506693568http://zogg.se/2013/01/03/stadig-frukost/ (194.9.94.194) - Serp-hijackingAttacked url: http://zogg.se/2013/01/03/stadig-frukost/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Thu, 28 Sep 2017 20:53:57 +0200<br><br>Visitors with referer are redirected to http://islas.co.uk/college/image/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: zogg.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.12.1 <br>Date: Thu, 28 Sep 2017 18:54:09 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: Accept-Encoding,Cookie <br>X-Powered-By: PHP/5.6.30 <br>Cache-Control: max-age=3, must-revalidate <br>WP-Super-Cache: Served supercache file from PHP <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: zogg.se <br>Referer: http://www.google.com/search?q=zogg.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.12.1 <br>Date: Thu, 28 Sep 2017 18:54:09 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://islas.co.uk/college/image/<br><br>zogg.se is on 194.9.94.194<br>ASN for 194.9.94.194: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.194 corresponds with s407.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1506693546http://konditoriregnbagen.se/ (194.9.94.14) - Serp-hijackingAttacked url: http://konditoriregnbagen.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Thu, 28 Sep 2017 17:19:54 +0200<br><br>Visitors with referer are redirected to http://islas.co.uk/college/image/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: konditoriregnbagen.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.12.1 <br>Date: Thu, 28 Sep 2017 15:19:54 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: Cookie <br>X-Powered-By: PHP/5.6.30 <br>Link: &lt;http://konditoriregnbagen.se/wp-json/&gt;; rel=&quot;https://api.w.org/&quot; <br>Link: &lt;http://konditoriregnbagen.se/&gt;; rel=shortlink <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: konditoriregnbagen.se <br>Referer: http://www.google.com/search?q=konditoriregnbagen.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.12.1 <br>Date: Thu, 28 Sep 2017 15:19:50 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://islas.co.uk/college/image/<br><br>konditoriregnbagen.se is on 194.9.94.14<br>ASN for 194.9.94.14: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.14 corresponds with s514.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1506693541http://landsbygdskraft.se/ (194.9.94.194) - Serp-hijackingAttacked url: http://landsbygdskraft.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 27 Sep 2017 10:51:09 +0200<br><br>Visitors with referer are redirected to http://islas.co.uk/college/image/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: landsbygdskraft.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.12.1 <br>Date: Wed, 27 Sep 2017 08:51:09 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: Cookie <br>X-Powered-By: PHP/5.6.30 <br>X-Pingback: http://landsbygdskraft.se/xmlrpc.php <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: landsbygdskraft.se <br>Referer: http://www.google.com/search?q=landsbygdskraft.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.12.1 <br>Date: Wed, 27 Sep 2017 08:51:07 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://islas.co.uk/college/image/<br><br>landsbygdskraft.se is on 194.9.94.194<br>ASN for 194.9.94.194: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.194 corresponds with s407.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1506509967http://mhs.se/ (194.9.94.228) - Serp-hijackingAttacked url: http://mhs.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 27 Sep 2017 08:46:15 +0200<br><br>Visitors with referer are redirected to http://vados.biz/gosw?keyword=&amp;pill= <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: mhs.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.12.1 <br>Date: Wed, 27 Sep 2017 06:46:27 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Set-Cookie: wfvt_159242594=59cb494350559; expires=Wed, 27-Sep-2017 07:16:27 GMT; Max-Age=1800; path=/; httponly <br>Link: &lt;http://mhs.se/wp-json/&gt;; rel=&quot;https://api.w.org/&quot; <br>Link: &lt;http://mhs.se/&gt;; rel=shortlink <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: mhs.se <br>Referer: http://www.google.com/search?q=mhs.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.12.1 <br>Date: Wed, 27 Sep 2017 06:46:25 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://vados.biz/gosw?keyword=&amp;pill=<br><br>mhs.se is on 194.9.94.228<br>ASN for 194.9.94.228: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.228 corresponds with s169.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1506509942http://ithu.se/ (194.9.94.15) - Serp-hijackingAttacked url: http://ithu.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 27 Sep 2017 08:36:53 +0200<br><br>Visitors with referer are redirected to http://04b962.localtds.com/?bxbTNJ&amp;keyword=&amp;pill= <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: ithu.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 301 Moved Permanently <br>Server: nginx/1.12.1 <br>Date: Wed, 27 Sep 2017 06:36:53 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://ny.ithu.se/ <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: ithu.se <br>Referer: http://www.google.com/search?q=ithu.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.12.1 <br>Date: Wed, 27 Sep 2017 06:36:52 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://04b962.localtds.com/?bxbTNJ&amp;keyword=&amp;pill=<br><br>ithu.se is on 194.9.94.15<br>ASN for 194.9.94.15: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.15 corresponds with s515.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1506509931http://zogg.se/ (194.9.94.194) - Serp-hijackingAttacked url: http://zogg.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 27 Sep 2017 01:23:33 +0200<br><br>Visitors with referer are redirected to http://islas.co.uk/college/image/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: zogg.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.12.1 <br>Date: Tue, 26 Sep 2017 23:23:33 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: Cookie <br>X-Powered-By: PHP/5.6.30 <br>X-Pingback: http://zogg.se/xmlrpc.php <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: zogg.se <br>Referer: http://www.google.com/search?q=zogg.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.12.1 <br>Date: Tue, 26 Sep 2017 23:23:32 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://islas.co.uk/college/image/<br><br>zogg.se is on 194.9.94.194<br>ASN for 194.9.94.194: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.194 corresponds with s407.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1506509901http://secon.se/ (194.9.94.102) - Serp-hijackingAttacked url: http://secon.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 26 Sep 2017 21:01:50 +0200<br><br>Visitors with referer are redirected to http://c2b1.localtds.com/?bxbTNJ&amp;keyword=&amp;pill= <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: secon.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.12.1 <br>Date: Tue, 26 Sep 2017 19:02:02 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>X-Pingback: http://secon.se/xmlrpc.php <br>Link: &lt;http://secon.se/?p=24&gt;; rel=shortlink <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: secon.se <br>Referer: http://www.google.com/search?q=secon.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.12.1 <br>Date: Tue, 26 Sep 2017 19:02:00 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://c2b1.localtds.com/?bxbTNJ&amp;keyword=&amp;pill=<br><br>secon.se is on 194.9.94.102<br>ASN for 194.9.94.102: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.102 corresponds with s377.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1506509881http://zogg.se/2013/01/01/vags-ande/ (194.9.94.194) - Serp-hijackingAttacked url: http://zogg.se/2013/01/01/vags-ande/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 26 Sep 2017 20:18:39 +0200<br><br>Visitors with referer are redirected to http://islas.co.uk/college/image/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: zogg.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.12.1 <br>Date: Tue, 26 Sep 2017 18:18:51 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: Accept-Encoding,Cookie <br>X-Powered-By: PHP/5.6.30 <br>Cache-Control: max-age=3, must-revalidate <br>WP-Super-Cache: Served supercache file from PHP <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: zogg.se <br>Referer: http://www.google.com/search?q=zogg.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.12.1 <br>Date: Tue, 26 Sep 2017 18:18:51 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://islas.co.uk/college/image/<br><br>zogg.se is on 194.9.94.194<br>ASN for 194.9.94.194: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.194 corresponds with s407.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1506509876http://stadsmagasinet.se/ (194.9.95.119) - Serp-hijackingAttacked url: http://stadsmagasinet.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 26 Sep 2017 18:57:16 +0200<br><br>Visitors with referer are redirected to http://1e7.localtds.com/?bxbTNJ&amp;keyword=&amp;pill= <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: stadsmagasinet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.12.1 <br>Date: Tue, 26 Sep 2017 16:57:27 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Link: &lt;http://stadsmagasinet.se/wp-json/&gt;; rel=&quot;https://api.w.org/&quot; <br>Link: &lt;http://stadsmagasinet.se/&gt;; rel=shortlink <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: stadsmagasinet.se <br>Referer: http://www.google.com/search?q=stadsmagasinet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.12.1 <br>Date: Tue, 26 Sep 2017 16:57:26 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://1e7.localtds.com/?bxbTNJ&amp;keyword=&amp;pill=<br><br>stadsmagasinet.se is on 194.9.95.119<br>ASN for 194.9.95.119: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.95.119 corresponds with s298.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1506509865http://manspodden.se/ (194.9.94.15) - Serp-hijackingAttacked url: http://manspodden.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 26 Sep 2017 07:21:38 +0200<br><br>Visitors with referer are redirected to http://islas.co.uk/college/image/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: manspodden.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.12.1 <br>Date: Tue, 26 Sep 2017 05:21:38 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Link: &lt;http://manspodden.se/wp-json/&gt;; rel=&quot;https://api.w.org/&quot; <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: manspodden.se <br>Referer: http://www.google.com/search?q=manspodden.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.12.1 <br>Date: Tue, 26 Sep 2017 05:21:37 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Set-Cookie: redirectCookie=1; expires=Wed, 27-Sep-2017 05:21:37 GMT; Max-Age=86400 <br>Location: http://islas.co.uk/college/image/<br><br>manspodden.se is on 194.9.94.15<br>ASN for 194.9.94.15: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.15 corresponds with s515.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1506410915http://zogg.se/2013/01/01/vags-ande/ (194.9.94.194) - Serp-hijackingAttacked url: http://zogg.se/2013/01/01/vags-ande/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 25 Sep 2017 20:28:19 +0200<br><br>Visitors with referer are redirected to http://islas.co.uk/college/image/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: zogg.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.12.1 <br>Date: Mon, 25 Sep 2017 18:28:30 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: Accept-Encoding,Cookie <br>X-Powered-By: PHP/5.6.30 <br>Cache-Control: max-age=3, must-revalidate <br>WP-Super-Cache: Served supercache file from PHP <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: zogg.se <br>Referer: http://www.google.com/search?q=zogg.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.12.1 <br>Date: Mon, 25 Sep 2017 18:28:30 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://islas.co.uk/college/image/<br><br>zogg.se is on 194.9.94.194<br>ASN for 194.9.94.194: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.194 corresponds with s407.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1506410864http://purefitbars.se/ (194.9.94.38) - Serp-hijackingAttacked url: http://purefitbars.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 25 Sep 2017 06:38:50 +0200<br><br>Visitors with referer are redirected to http://islas.co.uk/college/image/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: purefitbars.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.12.1 <br>Date: Mon, 25 Sep 2017 04:38:50 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Set-Cookie: wfvt_505271604=59c8885ab07e7; expires=Mon, 25-Sep-2017 05:08:50 GMT; Max-Age=1800; path=/; httponly <br>Link: &lt;http://purefitbars.se/wp-json/&gt;; rel=&quot;https://api.w.org/&quot; <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: purefitbars.se <br>Referer: http://www.google.com/search?q=purefitbars.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.12.1 <br>Date: Mon, 25 Sep 2017 04:38:49 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://islas.co.uk/college/image/<br><br>purefitbars.se is on 194.9.94.38<br>ASN for 194.9.94.38: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.38 corresponds with s439.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1506338358http://forlagetorda.se/ (194.9.95.100) - Serp-hijackingAttacked url: http://forlagetorda.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 25 Sep 2017 01:15:53 +0200<br><br>Visitors with referer are redirected to http://islas.co.uk/college/image/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: forlagetorda.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.12.1 <br>Date: Sun, 24 Sep 2017 23:16:04 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Set-Cookie: PHPSESSID=kc7b647tdbliq4090e4ivv3841; path=/ <br>Expires: Thu, 19 Nov 1981 08:52:00 GMT <br>Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 <br>Pragma: no-cache <br>X-Pingback: http://forlagetorda.se/xmlrpc.php <br>Link: &lt;http://forlagetorda.se/&gt;; rel=shortlink <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: forlagetorda.se <br>Referer: http://www.google.com/search?q=forlagetorda.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.12.1 <br>Date: Sun, 24 Sep 2017 23:16:04 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://islas.co.uk/college/image/<br><br>forlagetorda.se is on 194.9.95.100<br>ASN for 194.9.95.100: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.95.100 corresponds with s7.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1506338356http://zogg.se/2013/01/01/vags-ande/ (194.9.94.194) - Serp-hijackingAttacked url: http://zogg.se/2013/01/01/vags-ande/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Sun, 24 Sep 2017 20:26:58 +0200<br><br>Visitors with referer are redirected to http://islas.co.uk/college/image/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: zogg.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.12.1 <br>Date: Sun, 24 Sep 2017 18:26:58 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: Accept-Encoding,Cookie <br>X-Powered-By: PHP/5.6.30 <br>Cache-Control: max-age=3, must-revalidate <br>WP-Super-Cache: Served supercache file from PHP <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: zogg.se <br>Referer: http://www.google.com/search?q=zogg.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.12.1 <br>Date: Sun, 24 Sep 2017 18:26:58 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://islas.co.uk/college/image/<br><br>zogg.se is on 194.9.94.194<br>ASN for 194.9.94.194: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.194 corresponds with s407.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1506338346http://purefitbars.se/ (194.9.94.38) - Serp-hijackingAttacked url: http://purefitbars.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Thu, 21 Sep 2017 21:16:56 +0200<br><br>Visitors with referer are redirected to http://islas.co.uk/college/image/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: purefitbars.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.12.1 <br>Date: Thu, 21 Sep 2017 19:16:56 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Set-Cookie: wfvt_505271604=59c4102880c71; expires=Thu, 21-Sep-2017 19:46:56 GMT; Max-Age=1800; path=/; httponly <br>Link: &lt;http://purefitbars.se/wp-json/&gt;; rel=&quot;https://api.w.org/&quot; <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: purefitbars.se <br>Referer: http://www.google.com/search?q=purefitbars.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.12.1 <br>Date: Thu, 21 Sep 2017 19:16:53 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://islas.co.uk/college/image/<br><br>purefitbars.se is on 194.9.94.38<br>ASN for 194.9.94.38: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.38 corresponds with s439.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1506073190http://zogg.se/2013/01/03/stadig-frukost/ (194.9.94.194) - Serp-hijackingAttacked url: http://zogg.se/2013/01/03/stadig-frukost/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Thu, 21 Sep 2017 20:31:58 +0200<br><br>Visitors with referer are redirected to http://islas.co.uk/college/image/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: zogg.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.12.1 <br>Date: Thu, 21 Sep 2017 18:32:09 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: Accept-Encoding,Cookie <br>X-Powered-By: PHP/5.6.30 <br>Cache-Control: max-age=3, must-revalidate <br>WP-Super-Cache: Served supercache file from PHP <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: zogg.se <br>Referer: http://www.google.com/search?q=zogg.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.12.1 <br>Date: Thu, 21 Sep 2017 18:32:09 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://islas.co.uk/college/image/<br><br>zogg.se is on 194.9.94.194<br>ASN for 194.9.94.194: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.194 corresponds with s407.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1506073188http://zogg.se/page/2/ (194.9.94.194) - Serp-hijackingAttacked url: http://zogg.se/page/2/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Thu, 21 Sep 2017 19:41:46 +0200<br><br>Visitors with referer are redirected to http://islas.co.uk/college/image/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: zogg.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.12.1 <br>Date: Thu, 21 Sep 2017 17:41:46 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: Cookie <br>X-Powered-By: PHP/5.6.30 <br>X-Pingback: http://zogg.se/xmlrpc.php <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: zogg.se <br>Referer: http://www.google.com/search?q=zogg.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.12.1 <br>Date: Thu, 21 Sep 2017 17:41:45 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://islas.co.uk/college/image/<br><br>zogg.se is on 194.9.94.194<br>ASN for 194.9.94.194: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.194 corresponds with s407.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1506073177http://zogg.se/page/2/ (194.9.94.194) - Serp-hijackingAttacked url: http://zogg.se/page/2/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 20 Sep 2017 19:19:34 +0200<br><br>Visitors with referer are redirected to http://islas.co.uk/college/image/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: zogg.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.12.1 <br>Date: Wed, 20 Sep 2017 17:19:44 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: Accept-Encoding,Cookie <br>X-Powered-By: PHP/5.6.30 <br>Cache-Control: max-age=3, must-revalidate <br>WP-Super-Cache: Served supercache file from PHP <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: zogg.se <br>Referer: http://www.google.com/search?q=zogg.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.12.1 <br>Date: Wed, 20 Sep 2017 17:19:44 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://islas.co.uk/college/image/<br><br>zogg.se is on 194.9.94.194<br>ASN for 194.9.94.194: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.194 corresponds with s407.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1505996503http://stadsmagasinet.se/ (194.9.95.119) - Serp-hijackingAttacked url: http://stadsmagasinet.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 20 Sep 2017 15:40:41 +0200<br><br>Visitors with referer are redirected to http://1e7.localtds.com/?bxbTNJ&amp;keyword=&amp;pill= <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: stadsmagasinet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.12.1 <br>Date: Wed, 20 Sep 2017 13:40:41 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Link: &lt;http://stadsmagasinet.se/wp-json/&gt;; rel=&quot;https://api.w.org/&quot; <br>Link: &lt;http://stadsmagasinet.se/&gt;; rel=shortlink <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: stadsmagasinet.se <br>Referer: http://www.google.com/search?q=stadsmagasinet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.12.1 <br>Date: Wed, 20 Sep 2017 13:40:39 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://1e7.localtds.com/?bxbTNJ&amp;keyword=&amp;pill=<br><br>stadsmagasinet.se is on 194.9.95.119<br>ASN for 194.9.95.119: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.95.119 corresponds with s298.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1505996483http://buttlekvarn.nu/ (93.188.2.51) - Serp-hijackingAttacked url: http://buttlekvarn.nu/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Fri, 15 Sep 2017 13:11:04 +0200<br><br>Visitors with referer are redirected to http://www.fapp.pw/app/se.php <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: buttlekvarn.nu <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx <br>Date: Fri, 15 Sep 2017 11:11:14 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>X-Powered-By: PHP/7.1.8 <br>Vary: Accept-Encoding,Cookie <br>Cache-Control: max-age=3, must-revalidate <br>X-Loopia-Node: 172.22.223.25 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: buttlekvarn.nu <br>Referer: http://www.google.com/search?q=buttlekvarn.nu <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 301 Moved Permanently <br>Server: nginx <br>Date: Fri, 15 Sep 2017 11:11:14 GMT <br>Content-Type: text/html; charset=iso-8859-1 <br>Connection: close <br>Location: http://www.fapp.pw/app/se.php <br>X-Loopia-Node: 172.22.223.25<br><br>buttlekvarn.nu is on 93.188.2.51<br>ASN for 93.188.2.51: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>93.188.2.51 corresponds with webfront1.webcluster.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1505476867http://davidlilja.se/ (194.9.95.75) - Serp-hijackingAttacked url: http://davidlilja.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Fri, 15 Sep 2017 05:41:20 +0200<br><br>Visitors with referer are redirected to http://vados.biz/gosw?keyword=&amp;pill= <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: davidlilja.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.12.1 <br>Date: Fri, 15 Sep 2017 03:41:30 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Link: &lt;http://davidlilja.se/wp-json/&gt;; rel=&quot;https://api.w.org/&quot; <br>Link: &lt;http://wp.me/P8xTbr-nK&gt;; rel=shortlink <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: davidlilja.se <br>Referer: http://www.google.com/search?q=davidlilja.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.12.1 <br>Date: Fri, 15 Sep 2017 03:41:29 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://vados.biz/gosw?keyword=&amp;pill=<br><br>davidlilja.se is on 194.9.95.75<br>ASN for 194.9.95.75: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.95.75 corresponds with s190.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1505476397http://konditoriregnbagen.se/ (194.9.94.14) - Serp-hijackingAttacked url: http://konditoriregnbagen.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Fri, 15 Sep 2017 01:11:33 +0200<br><br>Visitors with referer are redirected to http://islas.co.uk/college/image/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: konditoriregnbagen.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.12.1 <br>Date: Thu, 14 Sep 2017 23:11:42 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: Cookie <br>X-Powered-By: PHP/5.6.30 <br>Link: &lt;http://konditoriregnbagen.se/wp-json/&gt;; rel=&quot;https://api.w.org/&quot; <br>Link: &lt;http://konditoriregnbagen.se/&gt;; rel=shortlink <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: konditoriregnbagen.se <br>Referer: http://www.google.com/search?q=konditoriregnbagen.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.12.1 <br>Date: Thu, 14 Sep 2017 23:11:40 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://islas.co.uk/college/image/<br><br>konditoriregnbagen.se is on 194.9.94.14<br>ASN for 194.9.94.14: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.14 corresponds with s514.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1505476222http://zogg.se/ (194.9.94.194) - Serp-hijackingAttacked url: http://zogg.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Fri, 15 Sep 2017 00:10:13 +0200<br><br>Visitors with referer are redirected to http://islas.co.uk/college/image/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: zogg.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.12.1 <br>Date: Thu, 14 Sep 2017 22:10:22 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: Cookie <br>X-Powered-By: PHP/5.6.30 <br>X-Pingback: http://zogg.se/xmlrpc.php <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: zogg.se <br>Referer: http://www.google.com/search?q=zogg.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.12.1 <br>Date: Thu, 14 Sep 2017 22:10:20 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://islas.co.uk/college/image/<br><br>zogg.se is on 194.9.94.194<br>ASN for 194.9.94.194: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.194 corresponds with s407.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1505476194http://khal.se/ (194.9.94.137) - Serp-hijackingAttacked url: http://khal.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Thu, 14 Sep 2017 17:09:20 +0200<br><br>Visitors with referer are redirected to http://vados.biz/cialisse?keyword=&amp;pill= <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: khal.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.12.1 <br>Date: Thu, 14 Sep 2017 15:09:29 GMT <br>Content-Type: text/html; charset=utf-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Set-Cookie: c025e142ae5dd797a899add9154e4949=lqs0iahlr97gv4cbor9lt8lur7; path=/; HttpOnly <br>P3P: CP=&quot;NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM&quot; <br>Expires: Mon, 1 Jan 2001 00:00:00 GMT <br>Last-Modified: Thu, 14 Sep 2017 15:09:29 GMT <br>Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 <br>Pragma: no-cache <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: khal.se <br>Referer: http://www.google.com/search?q=khal.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.12.1 <br>Date: Thu, 14 Sep 2017 15:09:28 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://vados.biz/cialisse?keyword=&amp;pill=<br><br>khal.se is on 194.9.94.137<br>ASN for 194.9.94.137: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.137 corresponds with s529.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1505475990http://purefitbars.se/ (194.9.94.38) - Serp-hijackingAttacked url: http://purefitbars.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Thu, 14 Sep 2017 11:58:37 +0200<br><br>Visitors with referer are redirected to http://islas.co.uk/college/image/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: purefitbars.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.12.1 <br>Date: Thu, 14 Sep 2017 09:58:47 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Set-Cookie: wfvt_505271604=59ba52d6ed616; expires=Thu, 14-Sep-2017 10:28:46 GMT; Max-Age=1800; path=/; httponly <br>Link: &lt;http://purefitbars.se/wp-json/&gt;; rel=&quot;https://api.w.org/&quot; <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: purefitbars.se <br>Referer: http://www.google.com/search?q=purefitbars.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.12.1 <br>Date: Thu, 14 Sep 2017 09:58:44 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://islas.co.uk/college/image/<br><br>purefitbars.se is on 194.9.94.38<br>ASN for 194.9.94.38: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.38 corresponds with s439.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1505389493http://wilkon.se/ (194.9.94.17) - Serp-hijackingAttacked url: http://wilkon.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Thu, 14 Sep 2017 10:18:08 +0200<br><br>Visitors with referer are redirected to http://islas.co.uk/college/image/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: wilkon.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.12.1 <br>Date: Thu, 14 Sep 2017 08:18:08 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For,Accept-Encoding <br>X-Powered-By: PHP/5.6.30 <br>Set-Cookie: nm_transient_id=nmtr_9f17ceeb86740bf16b49311bf084c952b0ed8bc4; path=/ <br>Set-Cookie: PHPSESSID=rki7djji51qfcplmjof8qicn44; path=/ <br>Expires: Thu, 19 Nov 1981 08:52:00 GMT <br>Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 <br>Pragma: no-cache <br>Link: &lt;http://wilkon.se/wp-json/&gt;; rel=&quot;https://api.w.org/&quot; <br>Link: &lt;http://wilkon.se/&gt;; rel=shortlink <br>Link: &lt;http://wilkon.se/wp-json&gt;; rel=&quot;https://github.com/WP-API/WP-API&quot; <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: wilkon.se <br>Referer: http://www.google.com/search?q=wilkon.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.12.1 <br>Date: Thu, 14 Sep 2017 08:18:05 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For,Accept-Encoding <br>X-Powered-By: PHP/5.6.30 <br>Location: http://islas.co.uk/college/image/ <br>Cache-Control: max-age=86400 <br>Expires: Fri, 15 Sep 2017 08:18:01 GMT<br><br>wilkon.se is on 194.9.94.17<br>ASN for 194.9.94.17: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.17 corresponds with s540.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1505389487http://stadsmagasinet.se/ (194.9.95.119) - Serp-hijackingAttacked url: http://stadsmagasinet.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Thu, 14 Sep 2017 06:43:45 +0200<br><br>Visitors with referer are redirected to http://1e7.localtds.com/?bxbTNJ&amp;keyword=&amp;pill= <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: stadsmagasinet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.12.1 <br>Date: Thu, 14 Sep 2017 04:43:54 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Link: &lt;http://stadsmagasinet.se/wp-json/&gt;; rel=&quot;https://api.w.org/&quot; <br>Link: &lt;http://stadsmagasinet.se/&gt;; rel=shortlink <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: stadsmagasinet.se <br>Referer: http://www.google.com/search?q=stadsmagasinet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.12.1 <br>Date: Thu, 14 Sep 2017 04:43:53 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://1e7.localtds.com/?bxbTNJ&amp;keyword=&amp;pill=<br><br>stadsmagasinet.se is on 194.9.95.119<br>ASN for 194.9.95.119: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.95.119 corresponds with s298.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1505389461http://konditoriregnbagen.se/ (194.9.94.14) - Serp-hijackingAttacked url: http://konditoriregnbagen.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 13 Sep 2017 22:46:34 +0200<br><br>Visitors with referer are redirected to http://islas.co.uk/college/image/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: konditoriregnbagen.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.12.1 <br>Date: Wed, 13 Sep 2017 20:46:34 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: Cookie <br>X-Powered-By: PHP/5.6.30 <br>Link: &lt;http://konditoriregnbagen.se/wp-json/&gt;; rel=&quot;https://api.w.org/&quot; <br>Link: &lt;http://konditoriregnbagen.se/&gt;; rel=shortlink <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: konditoriregnbagen.se <br>Referer: http://www.google.com/search?q=konditoriregnbagen.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.12.1 <br>Date: Wed, 13 Sep 2017 20:46:32 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://islas.co.uk/college/image/<br><br>konditoriregnbagen.se is on 194.9.94.14<br>ASN for 194.9.94.14: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.14 corresponds with s514.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1505389220http://konditoriregnbagen.se/ (194.9.94.14) - Serp-hijackingAttacked url: http://konditoriregnbagen.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 12 Sep 2017 20:09:57 +0200<br><br>Visitors with referer are redirected to http://islas.co.uk/college/image/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: konditoriregnbagen.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.12.1 <br>Date: Tue, 12 Sep 2017 18:10:06 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: Cookie <br>X-Powered-By: PHP/5.6.30 <br>Link: &lt;http://konditoriregnbagen.se/wp-json/&gt;; rel=&quot;https://api.w.org/&quot; <br>Link: &lt;http://konditoriregnbagen.se/&gt;; rel=shortlink <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: konditoriregnbagen.se <br>Referer: http://www.google.com/search?q=konditoriregnbagen.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.12.1 <br>Date: Tue, 12 Sep 2017 18:10:03 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://islas.co.uk/college/image/<br><br>konditoriregnbagen.se is on 194.9.94.14<br>ASN for 194.9.94.14: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.14 corresponds with s514.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1505312567http://zogg.se/2013/01/01/vags-ande/ (194.9.94.194) - Serp-hijackingAttacked url: http://zogg.se/2013/01/01/vags-ande/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 12 Sep 2017 19:14:21 +0200<br><br>Visitors with referer are redirected to http://islas.co.uk/college/image/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: zogg.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.12.1 <br>Date: Tue, 12 Sep 2017 17:14:21 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: Cookie <br>X-Powered-By: PHP/5.6.30 <br>X-Pingback: http://zogg.se/xmlrpc.php <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: zogg.se <br>Referer: http://www.google.com/search?q=zogg.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.12.1 <br>Date: Tue, 12 Sep 2017 17:14:20 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://islas.co.uk/college/image/<br><br>zogg.se is on 194.9.94.194<br>ASN for 194.9.94.194: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.194 corresponds with s407.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1505312536http://zogg.se/ (194.9.94.194) - Serp-hijackingAttacked url: http://zogg.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 12 Sep 2017 09:44:35 +0200<br><br>Visitors with referer are redirected to http://islas.co.uk/college/image/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: zogg.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.12.1 <br>Date: Tue, 12 Sep 2017 07:44:35 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: Accept-Encoding,Cookie <br>X-Powered-By: PHP/5.6.30 <br>Cache-Control: max-age=3, must-revalidate <br>WP-Super-Cache: Served supercache file from PHP <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: zogg.se <br>Referer: http://www.google.com/search?q=zogg.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.12.1 <br>Date: Tue, 12 Sep 2017 07:44:35 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://islas.co.uk/college/image/<br><br>zogg.se is on 194.9.94.194<br>ASN for 194.9.94.194: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.194 corresponds with s407.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1505221482http://purefitbars.se/ (194.9.94.38) - Serp-hijackingAttacked url: http://purefitbars.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 12 Sep 2017 07:08:55 +0200<br><br>Visitors with referer are redirected to http://islas.co.uk/college/image/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: purefitbars.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.12.1 <br>Date: Tue, 12 Sep 2017 05:09:03 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Set-Cookie: wfvt_505271604=59b76befa8f86; expires=Tue, 12-Sep-2017 05:39:03 GMT; Max-Age=1800; path=/; httponly <br>Link: &lt;http://purefitbars.se/wp-json/&gt;; rel=&quot;https://api.w.org/&quot; <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: purefitbars.se <br>Referer: http://www.google.com/search?q=purefitbars.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.12.1 <br>Date: Tue, 12 Sep 2017 05:09:00 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://islas.co.uk/college/image/<br><br>purefitbars.se is on 194.9.94.38<br>ASN for 194.9.94.38: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.38 corresponds with s439.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1505221067http://passivist.se/ (194.9.94.213) - Serp-hijackingAttacked url: http://passivist.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 12 Sep 2017 04:32:08 +0200<br><br>Visitors with referer are redirected to http://islas.co.uk/college/image/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: passivist.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 301 Moved Permanently <br>Server: nginx/1.12.1 <br>Date: Tue, 12 Sep 2017 02:32:08 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: Cookie <br>X-Powered-By: PHP/5.6.30 <br>Location: http://www.igpassivhus.se/ <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: passivist.se <br>Referer: http://www.google.com/search?q=passivist.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.12.1 <br>Date: Tue, 12 Sep 2017 02:32:06 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://islas.co.uk/college/image/<br><br>passivist.se is on 194.9.94.213<br>ASN for 194.9.94.213: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.213 corresponds with s368.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1505221023http://igpassivhus.se/ (194.9.94.213) - Serp-hijackingAttacked url: http://igpassivhus.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 12 Sep 2017 00:53:40 +0200<br><br>Visitors with referer are redirected to http://islas.co.uk/college/image/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: igpassivhus.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 301 Moved Permanently <br>Server: nginx/1.12.1 <br>Date: Mon, 11 Sep 2017 22:53:49 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: Cookie <br>X-Powered-By: PHP/5.6.30 <br>Location: http://www.igpassivhus.se/ <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: igpassivhus.se <br>Referer: http://www.google.com/search?q=igpassivhus.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.12.1 <br>Date: Mon, 11 Sep 2017 22:53:48 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://islas.co.uk/college/image/<br><br>igpassivhus.se is on 194.9.94.213<br>ASN for 194.9.94.213: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.213 corresponds with s368.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1505220814