Säkrare hemsida med .sehttp://prvataaffarer.se/ (103.224.212.189) - Serp-hijackingAttacked url: http://prvataaffarer.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Sun, 02 Jul 2017 15:48:12 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT975B72Xra3VhQ4xCt9x6dCE%2F9fHhFe91UUkU2WLqE7%2FJeJN6oC74r3MPFY%2FIOiDun0cSA50hGJv%2FAFcyfGHILN24OThWWjLHR%2FwPLMVvYBDnpETlg8yoQY4Br0T4bc1nU%2F2U2ioNDN8UWeoR2uk3dxxw4wIMeHHg%2BE0HHAOf%2FUHXRkTy%2FYbXGaUgIbvmryXqpTpTDcRK34PNz%2BGAcFg2dBQC%2FqgbcCR1%2B8pJ567ZnSGL2rbsu%2BJLt9pmO6NFZXIjn6cMXIOnC8dIF6gkhzYa1ZCb969tIv50tj9QWNpj%2BwCDKtPuxpcvnSasFYUZFasIEl5OgUs06XvIMu3x2CQuyLNMC79RpNJMXwr%2BknJvpnlFPyajFj3qe%2BMs9X6XPFl0qrzsvEVUXZtRbyZSSmi5QR7yaxLdqZEijnWk8j6yiMSvo0Z293cmzBH%2FoNhK5JLEiEVD%2BGYPe2ChgGOMsDYgU3gEwRuZyy4OyxD4UJodZ%2FxkaFfLFavKRv6BsHF1RsWd2oNOJg%2F%2FXxmCM0JEOU81HljTjJeIh7PIOKZLEImcQ3hfaQMMw7%2Fi2w%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: prvataaffarer.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Sun, 02 Jul 2017 13:48:12 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499003292.2325976; expires=Wed, 30-Jun-2027 13:48:12 GMT; Max-Age=315360000 <br>Location: http://ww38.prvataaffarer.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: prvataaffarer.se <br>Referer: http://www.google.com/search?q=prvataaffarer.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Sun, 02 Jul 2017 13:48:11 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499003291.6364679; expires=Wed, 30-Jun-2027 13:48:11 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT975B72Xra3VhQ4xCt9x6dCE%2F9fHhFe91UUkU2WLqE7%2FJeJN6oC74r3MPFY%2FIOiDun0cSA50hGJv%2FAFcyfGHILN24OThWWjLHR%2FwPLMVvYBDnpETlg8yoQY4Br0T4bc1nU%2F2U2ioNDN8UWeoR2uk3dxxw4wIMeHHg%2BE0HHAOf%2FUHXRkTy%2FYbXGaUgIbvmryXqpTpTDcRK34PNz%2BGAcFg2dBQC%2FqgbcCR1%2B8pJ567ZnSGL2rbsu%2BJLt9pmO6NFZXIjn6cMXIOnC8dIF6gkhzYa1ZCb969tIv50tj9QWNpj%2BwCDKtPuxpcvnSasFYUZFasIEl5OgUs06XvIMu3x2CQuyLNMC79RpNJMXwr%2BknJvpnlFPyajFj3qe%2BMs9X6XPFl0qrzsvEVUXZtRbyZSSmi5QR7yaxLdqZEijnWk8j6yiMSvo0Z293cmzBH%2FoNhK5JLEiEVD%2BGYPe2ChgGOMsDYgU3gEwRuZyy4OyxD4UJodZ%2FxkaFfLFavKRv6BsHF1RsWd2oNOJg%2F%2FXxmCM0JEOU81HljTjJeIh7PIOKZLEImcQ3hfaQMMw7%2Fi2w%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>prvataaffarer.se is on 103.224.212.189<br>ASN for 103.224.212.189: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.189 corresponds with lb-212-189.above.com<br>Abuse.net does not have any reliable address for lb-212-189.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-212-189.above.com abuse@above.com1499087581http://chisy.se/ (103.224.212.189) - Serp-hijackingAttacked url: http://chisy.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 26 Jun 2017 10:53:36 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT6sSzkBksKiZ5rkvwXqAmMFd4sfsUYxaoo%2FleH8xrzbt8Ryxi3G5PJcfAZTbdMKQ4t0iV%2FiM7NtE%2FrrdGex7GoVIwoeYW5pzYYNgBgXIIv2hfLg9fDEIZsUyx6YWD4c9J9I%2BDNYweZib7l150uu2Hz7rqaeQrJWyqs0H%2BIeADH%2BGruBT6DMQAnhHaPMw9LFfrWAiJ1%2F3NytDDf5qAaC4Q2BzBVSvDvgZ4wydw7gg6jnoYG6Q2pgv7ywIh6%2FdA2uznebIFBSbhtSE3YJUHE5Jsx5QCJJ%2B5oNLA9PwB6AbvJVIHmhBN7bBZHZR5xNCcK%2FE4fIiNpeS9f7HUpb4ikXFdTaJLn2SfIIdlE%2FzMl5ZLKxvh5aZMmwDk7hzeSfbJFhUadWz4pSpZTtz1sslLLNYQa3wHE4o0Nvd%2F1QDhcL%2FLXw8%2FwR6IyxlFyLyArsFeZ4Byvpz9obaCnVeQzbLrQNvAZzb9n9NJQsVwsSIvfDLe%2BGN9Rol0QK6sUqw8zOWAFJrvn6YJemdSfcOZd7eymuzrgc%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: chisy.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 26 Jun 2017 08:53:39 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1498467219.4293346; expires=Thu, 24-Jun-2027 08:53:39 GMT; Max-Age=315360000 <br>Location: http://ww11.chisy.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: chisy.se <br>Referer: http://www.google.com/search?q=chisy.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 26 Jun 2017 08:53:38 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1498467218.3083293; expires=Thu, 24-Jun-2027 08:53:38 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT6sSzkBksKiZ5rkvwXqAmMFd4sfsUYxaoo%2FleH8xrzbt8Ryxi3G5PJcfAZTbdMKQ4t0iV%2FiM7NtE%2FrrdGex7GoVIwoeYW5pzYYNgBgXIIv2hfLg9fDEIZsUyx6YWD4c9J9I%2BDNYweZib7l150uu2Hz7rqaeQrJWyqs0H%2BIeADH%2BGruBT6DMQAnhHaPMw9LFfrWAiJ1%2F3NytDDf5qAaC4Q2BzBVSvDvgZ4wydw7gg6jnoYG6Q2pgv7ywIh6%2FdA2uznebIFBSbhtSE3YJUHE5Jsx5QCJJ%2B5oNLA9PwB6AbvJVIHmhBN7bBZHZR5xNCcK%2FE4fIiNpeS9f7HUpb4ikXFdTaJLn2SfIIdlE%2FzMl5ZLKxvh5aZMmwDk7hzeSfbJFhUadWz4pSpZTtz1sslLLNYQa3wHE4o0Nvd%2F1QDhcL%2FLXw8%2FwR6IyxlFyLyArsFeZ4Byvpz9obaCnVeQzbLrQNvAZzb9n9NJQsVwsSIvfDLe%2BGN9Rol0QK6sUqw8zOWAFJrvn6YJemdSfcOZd7eymuzrgc%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>chisy.se is on 103.224.212.189<br>ASN for 103.224.212.189: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.189 corresponds with lb-212-189.above.com<br>Abuse.net does not have any reliable address for lb-212-189.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-189.above.com1498482299http://indiskaambassaden.se/ (103.224.212.189) - Serp-hijackingAttacked url: http://indiskaambassaden.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Sun, 25 Jun 2017 19:51:18 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT6sSzkBksKiZ1aZoVu8espexVWV55OmM6Ukwnuf38uH%2B0epdvFaHkYqpy0gYvRAxy2pjn6jhHde07MIEwgkf8T4E%2Bqi0BY5gOW01%2FPEOra%2BGvdFDrjHJEVZ1pDdx8MN%2Bit%2BHC2dCdNavMImLEgCki4tqGppqrHNxrn0czwQ4PqhJ8Ic9aBcli0UbZC%2BupQ%2FeUbuGpGaUCv9qdfQPkjgyJ4d2Os6CNLhfbA%2BOKl1CSjVTLKm0oBjUJ7zuxu05iz%2FT93JzQFIBXqyjlg7QMi9QwpbiBNVa3pMVF%2FgwnQU8d8pRaRcumNMTy68HVFjkPnW1VlMWlGr5bLqdMInGPEEwjHsabaTiLjvJmnaWIVXR39MZ5e3HbGciMRJeEJVfpFvTH6uL9lfB%2BnQIxYgC%2Fq4T82JU9rhJZyze1XOkQuSYE2v%2FSR%2F08t2GXxjq77DjogFmnue9u86J5icR4I4XO6L8WEvgEe1YH%2F0YTS8437pOiAnIUBNftNvroKXbAEJssBBrYKW3mPmzj0vlFvfClDyLLvF16zUFfFdU2UKpsAtp02jayZz%2BDP7uvEE%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: indiskaambassaden.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Sun, 25 Jun 2017 17:51:21 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1498413081.2210855; expires=Wed, 23-Jun-2027 17:51:21 GMT; Max-Age=315360000 <br>Location: http://ww38.indiskaambassaden.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: indiskaambassaden.se <br>Referer: http://www.google.com/search?q=indiskaambassaden.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Sun, 25 Jun 2017 17:51:20 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1498413080.4859392; expires=Wed, 23-Jun-2027 17:51:20 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT6sSzkBksKiZ1aZoVu8espexVWV55OmM6Ukwnuf38uH%2B0epdvFaHkYqpy0gYvRAxy2pjn6jhHde07MIEwgkf8T4E%2Bqi0BY5gOW01%2FPEOra%2BGvdFDrjHJEVZ1pDdx8MN%2Bit%2BHC2dCdNavMImLEgCki4tqGppqrHNxrn0czwQ4PqhJ8Ic9aBcli0UbZC%2BupQ%2FeUbuGpGaUCv9qdfQPkjgyJ4d2Os6CNLhfbA%2BOKl1CSjVTLKm0oBjUJ7zuxu05iz%2FT93JzQFIBXqyjlg7QMi9QwpbiBNVa3pMVF%2FgwnQU8d8pRaRcumNMTy68HVFjkPnW1VlMWlGr5bLqdMInGPEEwjHsabaTiLjvJmnaWIVXR39MZ5e3HbGciMRJeEJVfpFvTH6uL9lfB%2BnQIxYgC%2Fq4T82JU9rhJZyze1XOkQuSYE2v%2FSR%2F08t2GXxjq77DjogFmnue9u86J5icR4I4XO6L8WEvgEe1YH%2F0YTS8437pOiAnIUBNftNvroKXbAEJssBBrYKW3mPmzj0vlFvfClDyLLvF16zUFfFdU2UKpsAtp02jayZz%2BDP7uvEE%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>indiskaambassaden.se is on 103.224.212.189<br>ASN for 103.224.212.189: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.189 corresponds with lb-212-189.above.com<br>Abuse.net does not have any reliable address for lb-212-189.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-212-189.above.com abuse@above.com1498482221http://idottonline.se/ (103.224.212.189) - Serp-hijackingAttacked url: http://idottonline.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 21 Jun 2017 04:25:58 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT3OnBIzJNWcRqFOTUX0vCceXog1OA1wTVUHVzujKZNyNvLHROmPXTMfjyx2cBk6tLPQYb%2BOM6ScJXTFvX%2B%2BURnMDOptkA1PrZG%2BFBPsJuesbn6LSVRuLQN5D%2BTig36wSB4qBS9Z5dsy%2FM52GpP4JiNbFO92Wisg6xfnybs6PCK0XL68nM5mN%2Bbj5yMAHi6a6eyfyzEcVg5UC6RHvvXaZ3AlxEXqO3fUWvwaOYyvh2FONZU28zBtAhPm8LcEfrABAfiNqvLm9jflgY5IWzThbaWrRVFa5qgo%2FJqDFC2l8W7rC8kG1VbMXWJ4BI8myXbnm4q6A%2FwPRHGy%2FEpr613eTGlPRcIoGZBd9QSdi7UYg2aezHfRwuUc6eKLbhEQ2YCGYwxugN%2BqNStnP3Ovko%2FFxcM3xvE5fYYsWoEOA9X5kVviuC7oo0vAKWMYyT7XFyRDY9c1H8heBrP7DI2h%2BhhlogKG8mh0MeS%2BFNUvqxSvCPnjWB9ZYj2bK5KQvLxR6RhCHx9Fb9qF35d43lbbnDWwtaWp3xvxFCQ4E%2BsAhnUorFkmW <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: idottonline.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Wed, 21 Jun 2017 02:25:58 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1498011958.6158096; expires=Sat, 19-Jun-2027 02:25:58 GMT; Max-Age=315360000 <br>Location: http://ww11.idottonline.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: idottonline.se <br>Referer: http://www.google.com/search?q=idottonline.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Wed, 21 Jun 2017 02:25:57 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45-0+deb7u8 <br>Set-Cookie: __tad=1498011957.6000890; expires=Sat, 19-Jun-2027 02:25:57 GMT <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT3OnBIzJNWcRqFOTUX0vCceXog1OA1wTVUHVzujKZNyNvLHROmPXTMfjyx2cBk6tLPQYb%2BOM6ScJXTFvX%2B%2BURnMDOptkA1PrZG%2BFBPsJuesbn6LSVRuLQN5D%2BTig36wSB4qBS9Z5dsy%2FM52GpP4JiNbFO92Wisg6xfnybs6PCK0XL68nM5mN%2Bbj5yMAHi6a6eyfyzEcVg5UC6RHvvXaZ3AlxEXqO3fUWvwaOYyvh2FONZU28zBtAhPm8LcEfrABAfiNqvLm9jflgY5IWzThbaWrRVFa5qgo%2FJqDFC2l8W7rC8kG1VbMXWJ4BI8myXbnm4q6A%2FwPRHGy%2FEpr613eTGlPRcIoGZBd9QSdi7UYg2aezHfRwuUc6eKLbhEQ2YCGYwxugN%2BqNStnP3Ovko%2FFxcM3xvE5fYYsWoEOA9X5kVviuC7oo0vAKWMYyT7XFyRDY9c1H8heBrP7DI2h%2BhhlogKG8mh0MeS%2BFNUvqxSvCPnjWB9ZYj2bK5KQvLxR6RhCHx9Fb9qF35d43lbbnDWwtaWp3xvxFCQ4E%2BsAhnUorFkmW <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>idottonline.se is on 103.224.212.189<br>ASN for 103.224.212.189: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.189 corresponds with lb-212-189.above.com<br>Abuse.net does not have any reliable address for lb-212-189.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-189.above.com1498050215http://sharpminds.se/ (103.224.212.189) - Serp-hijackingAttacked url: http://sharpminds.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 19 Jun 2017 03:16:10 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT9c2HXXKlhVjF3Y5Un8ruz%2FT3%2B4mkAZNFI%2B%2B8pElx%2BJBy0KHSCiNxpsABugLRoyDnAP5zFd2s8gbk%2FRsVY7PtfxFMcXlJV1Sdy1nYXZMPXqv2x6DDSvL%2FDbzLlFJ9ozeEqn%2F9rQ9KCg%2FKSnQUU3PUOrc6ZTb%2FLhbJOt9qThlgHCMovDBP4ZwT%2BatX%2FSjcs%2B51ovlNKRe1kFH4EP2kRGCtiulea2eUGjkcutA4uEqXbfRi%2BBJk5mVy4F7DYCe9JdBODL3kVqfuSspJDY1K11G8szYBSmgs87JTSjyaYbqvqM85acH0rLyL25Hy0OAyaapKAb3WdBI%2FMGYimhtdsRJyMQBKvPvU0QAu28FDa3wKppSr4lyZJawHoH8rM624oIcL6SzJpYsFiZCAiBLGGmew1tgbRxTlyVQnJlIKs2onYHNE9W3yY1EuaZFuxmOyeiP5%2BNoIqVPlBXY%2BFGJYFZPzi4owrjjsbANW28U%2BPLSO5%2F9yyqtQA3TmD0yCnNKs1U2SdWRQsP4nVT%2BasRUQ05X%2BOWbG75nCiRzoWsp9sjhlB%2Ba <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: sharpminds.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 19 Jun 2017 01:16:09 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45-0+deb7u8 <br>Set-Cookie: __tad=1497834970.3275134; expires=Thu, 17-Jun-2027 01:16:10 GMT <br>Location: http://ww11.sharpminds.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: sharpminds.se <br>Referer: http://www.google.com/search?q=sharpminds.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 19 Jun 2017 01:16:08 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497834968.1317616; expires=Thu, 17-Jun-2027 01:16:08 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT9c2HXXKlhVjF3Y5Un8ruz%2FT3%2B4mkAZNFI%2B%2B8pElx%2BJBy0KHSCiNxpsABugLRoyDnAP5zFd2s8gbk%2FRsVY7PtfxFMcXlJV1Sdy1nYXZMPXqv2x6DDSvL%2FDbzLlFJ9ozeEqn%2F9rQ9KCg%2FKSnQUU3PUOrc6ZTb%2FLhbJOt9qThlgHCMovDBP4ZwT%2BatX%2FSjcs%2B51ovlNKRe1kFH4EP2kRGCtiulea2eUGjkcutA4uEqXbfRi%2BBJk5mVy4F7DYCe9JdBODL3kVqfuSspJDY1K11G8szYBSmgs87JTSjyaYbqvqM85acH0rLyL25Hy0OAyaapKAb3WdBI%2FMGYimhtdsRJyMQBKvPvU0QAu28FDa3wKppSr4lyZJawHoH8rM624oIcL6SzJpYsFiZCAiBLGGmew1tgbRxTlyVQnJlIKs2onYHNE9W3yY1EuaZFuxmOyeiP5%2BNoIqVPlBXY%2BFGJYFZPzi4owrjjsbANW28U%2BPLSO5%2F9yyqtQA3TmD0yCnNKs1U2SdWRQsP4nVT%2BasRUQ05X%2BOWbG75nCiRzoWsp9sjhlB%2Ba <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>sharpminds.se is on 103.224.212.189<br>ASN for 103.224.212.189: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.189 corresponds with lb-212-189.above.com<br>Abuse.net does not have any reliable address for lb-212-189.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-189.above.com1497853547http://korkortsportale.se/ (103.224.212.189) - Serp-hijackingAttacked url: http://korkortsportale.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Sun, 18 Jun 2017 19:18:23 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT9c2HXXKlhVjqRi%2FeSVUCLZWmX%2FZ%2BN9w5BSdHamh1YoMW6X8rmdacMFw48bQLLNQCu%2FI0qAAQe1Gx63XPex%2Byz7%2FNHrdsEc%2BEZvLXoy%2BYqmT2EFoW6pYWkJlCf9YpAksJ8Edpda88xMnObXCnml%2FBiqwxPpfcvcvFN8hHOzwzBli3d40olXd6p%2F4vvCTDGon7%2B2FHmbQ%2BkTNz5leYg6V3iJQmMnMKSsgFyDAwqRf%2F94f35dS7MFTr5I6%2BGi7cA7lZBPS023CnwSxMCMRevkYUX3dk2lGWwFJBge9C4WJmr4bpPCQGJytFYeBXRdNtGLhEzCxCMhJpzXF3BHEqSX83bPsxs0ol30WzhRraXxNI4Xzd3GPZrfraNQZu%2FOyu7i8ZmWydhR%2BUOA0XBU%2FjLKTT1T8fXCkw%2FWW%2BDcLq5xhJhQEPYbFM5Lw20QDQY0PPcbuvYTv1mk7GRjqe5LQn6KnttoU1ErILeUeyLbwFBHaUK4iUpDN%2B2cbs0u7q6RUcWs46KhRE4RKBtljQTqW9CFTz8XhufVyNuylJjDQQLTgr1i48hAUDRRA4G1IZK4PTnsdvQ%3D%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: korkortsportale.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Sun, 18 Jun 2017 17:18:23 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497806303.1174041; expires=Wed, 16-Jun-2027 17:18:23 GMT; Max-Age=315360000 <br>Location: http://ww11.korkortsportale.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: korkortsportale.se <br>Referer: http://www.google.com/search?q=korkortsportale.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Sun, 18 Jun 2017 17:18:22 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45-0+deb7u8 <br>Set-Cookie: __tad=1497806302.5018884; expires=Wed, 16-Jun-2027 17:18:22 GMT <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT9c2HXXKlhVjqRi%2FeSVUCLZWmX%2FZ%2BN9w5BSdHamh1YoMW6X8rmdacMFw48bQLLNQCu%2FI0qAAQe1Gx63XPex%2Byz7%2FNHrdsEc%2BEZvLXoy%2BYqmT2EFoW6pYWkJlCf9YpAksJ8Edpda88xMnObXCnml%2FBiqwxPpfcvcvFN8hHOzwzBli3d40olXd6p%2F4vvCTDGon7%2B2FHmbQ%2BkTNz5leYg6V3iJQmMnMKSsgFyDAwqRf%2F94f35dS7MFTr5I6%2BGi7cA7lZBPS023CnwSxMCMRevkYUX3dk2lGWwFJBge9C4WJmr4bpPCQGJytFYeBXRdNtGLhEzCxCMhJpzXF3BHEqSX83bPsxs0ol30WzhRraXxNI4Xzd3GPZrfraNQZu%2FOyu7i8ZmWydhR%2BUOA0XBU%2FjLKTT1T8fXCkw%2FWW%2BDcLq5xhJhQEPYbFM5Lw20QDQY0PPcbuvYTv1mk7GRjqe5LQn6KnttoU1ErILeUeyLbwFBHaUK4iUpDN%2B2cbs0u7q6RUcWs46KhRE4RKBtljQTqW9CFTz8XhufVyNuylJjDQQLTgr1i48hAUDRRA4G1IZK4PTnsdvQ%3D%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>korkortsportale.se is on 103.224.212.189<br>ASN for 103.224.212.189: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.189 corresponds with lb-212-189.above.com<br>Abuse.net does not have any reliable address for lb-212-189.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-212-189.above.com abuse@above.com1497853483http://nerikesbilab.se/ (103.224.212.189) - Serp-hijackingAttacked url: http://nerikesbilab.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Fri, 16 Jun 2017 04:05:31 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT1U1o%2BKUv4rfESzZ9lEPC5eslf0%2FNDO%2BmK15jwe5C0A6fqDporD6MfF7P5ySBPvAXKfsjUuUn%2B%2Bs%2BSnKImt%2BjE7Hsuyl9MsnVdVUqNeXem0KVRkUlk0x%2BHisGSgx78yo0G%2Fz5Vj1jkLeYo8Akze2C1wLma8HLDuecqcrmkHKfE3tKDXOm8%2FBhhv6G2KVbaLU5TKX2pQ93cWbl6qpeUEhIf8pup4usNw8Cf0TCNGIfhp1wU9PqdhpgW46oG8trQaLhVrCbz2cFUC2BwPiFmNXLGY2SR7B0trPE%2FPK7NFt%2FU%2Bv8Mlgij0GtAfOgIJ1q7JjCkyxYG61IY%2FyJBEIKNz92Blw3HBAVuIc%2FkRUYrPvKl%2Ff0Shie%2FhqlV1d57Jf1jxXz4m4N79tWindWO7a%2B7t0NGNcGdPq0LI66UL34f81lZs1PxiRNlf5MlBsXy46Gv0n5tscNW%2B7dxMOdTug0aZvwm3pbJNiiu%2Fs6w2o1Yq0IYKG9ImtEwPmRicp%2BXb3GrL6rV1FmERrOwZrEXSah1XRkC9wnGeVq5zKAzSrxqyJaTJv <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: nerikesbilab.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Fri, 16 Jun 2017 02:05:31 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497578731.7057776; expires=Mon, 14-Jun-2027 02:05:31 GMT; Max-Age=315360000 <br>Location: http://ww11.nerikesbilab.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: nerikesbilab.se <br>Referer: http://www.google.com/search?q=nerikesbilab.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Fri, 16 Jun 2017 02:05:30 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45-0+deb7u8 <br>Set-Cookie: __tad=1497578730.7100090; expires=Mon, 14-Jun-2027 02:05:30 GMT <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT1U1o%2BKUv4rfESzZ9lEPC5eslf0%2FNDO%2BmK15jwe5C0A6fqDporD6MfF7P5ySBPvAXKfsjUuUn%2B%2Bs%2BSnKImt%2BjE7Hsuyl9MsnVdVUqNeXem0KVRkUlk0x%2BHisGSgx78yo0G%2Fz5Vj1jkLeYo8Akze2C1wLma8HLDuecqcrmkHKfE3tKDXOm8%2FBhhv6G2KVbaLU5TKX2pQ93cWbl6qpeUEhIf8pup4usNw8Cf0TCNGIfhp1wU9PqdhpgW46oG8trQaLhVrCbz2cFUC2BwPiFmNXLGY2SR7B0trPE%2FPK7NFt%2FU%2Bv8Mlgij0GtAfOgIJ1q7JjCkyxYG61IY%2FyJBEIKNz92Blw3HBAVuIc%2FkRUYrPvKl%2Ff0Shie%2FhqlV1d57Jf1jxXz4m4N79tWindWO7a%2B7t0NGNcGdPq0LI66UL34f81lZs1PxiRNlf5MlBsXy46Gv0n5tscNW%2B7dxMOdTug0aZvwm3pbJNiiu%2Fs6w2o1Yq0IYKG9ImtEwPmRicp%2BXb3GrL6rV1FmERrOwZrEXSah1XRkC9wnGeVq5zKAzSrxqyJaTJv <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>nerikesbilab.se is on 103.224.212.189<br>ASN for 103.224.212.189: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.189 corresponds with lb-212-189.above.com<br>Abuse.net does not have any reliable address for lb-212-189.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-212-189.above.com abuse@above.com1497625553http://kuponginlosning.se/ (103.224.212.189) - Serp-hijackingAttacked url: http://kuponginlosning.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Thu, 15 Jun 2017 23:42:03 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT1U1o%2BKUv4rfnFNSHzt%2B3mDkwwzhyXBS4Wm7Js6OScMgVrBZHojsVrcJktoTQErY%2Fc9j7x2C0Me55hWe8PctEzXnb6qe6UK14qGVoX%2BiJKniEPC1xR6VaPDmvhGAVsVAFJvWz02hk5yBwXJ43zzMyWJBrG4pKGPyzqFT0Y6Hz4Bm%2FXprsQS%2FaRR4O2RTyWpAEJ6%2BzpX4sLBFSudEIUY6QSPEa0unhmpz1vw3%2BO2RbNqork55z%2Focm8f83dTpm%2BjWXMDS7FsLSeMYB2sp%2Bg4Nfv8D8jtmMPQYifQEd%2FI9ts8nRxiP62q7yh%2BIGmteDGyp3g4dSCJN4kj1vBRO8iDvtIABEkBs518%2F8wPwZcgXTnso5dKp20aWuapDKiprlY70I4Q65vSZ6MQGSncREldoO0KSRx3iFDpW43l%2FrgIjpMathSz5eUnq4x0hAwSABHLtJfiwyLxnRb1glGWTvbtGeS0Y8qQWMCraQQ6DQCiZ%2B7U4AM44GbaV4wCBwy6TLD4xYCuDYEZWnMVrawx4T3O58lEMwZrpsqLweXsJ2T5e7sC05M6zUXiZ91pfi3AxqT28YA%3D%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: kuponginlosning.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Thu, 15 Jun 2017 21:42:03 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45-0+deb7u8 <br>Set-Cookie: __tad=1497562923.5469609; expires=Sun, 13-Jun-2027 21:42:03 GMT <br>Location: http://ww11.kuponginlosning.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: kuponginlosning.se <br>Referer: http://www.google.com/search?q=kuponginlosning.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Thu, 15 Jun 2017 21:42:02 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45-0+deb7u8 <br>Set-Cookie: __tad=1497562922.1277758; expires=Sun, 13-Jun-2027 21:42:02 GMT <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT1U1o%2BKUv4rfnFNSHzt%2B3mDkwwzhyXBS4Wm7Js6OScMgVrBZHojsVrcJktoTQErY%2Fc9j7x2C0Me55hWe8PctEzXnb6qe6UK14qGVoX%2BiJKniEPC1xR6VaPDmvhGAVsVAFJvWz02hk5yBwXJ43zzMyWJBrG4pKGPyzqFT0Y6Hz4Bm%2FXprsQS%2FaRR4O2RTyWpAEJ6%2BzpX4sLBFSudEIUY6QSPEa0unhmpz1vw3%2BO2RbNqork55z%2Focm8f83dTpm%2BjWXMDS7FsLSeMYB2sp%2Bg4Nfv8D8jtmMPQYifQEd%2FI9ts8nRxiP62q7yh%2BIGmteDGyp3g4dSCJN4kj1vBRO8iDvtIABEkBs518%2F8wPwZcgXTnso5dKp20aWuapDKiprlY70I4Q65vSZ6MQGSncREldoO0KSRx3iFDpW43l%2FrgIjpMathSz5eUnq4x0hAwSABHLtJfiwyLxnRb1glGWTvbtGeS0Y8qQWMCraQQ6DQCiZ%2B7U4AM44GbaV4wCBwy6TLD4xYCuDYEZWnMVrawx4T3O58lEMwZrpsqLweXsJ2T5e7sC05M6zUXiZ91pfi3AxqT28YA%3D%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>kuponginlosning.se is on 103.224.212.189<br>ASN for 103.224.212.189: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.189 corresponds with lb-212-189.above.com<br>Abuse.net does not have any reliable address for lb-212-189.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-189.above.com1497625301