Säkrare hemsida med .sehttp://cracked.se/ (103.224.212.191) - Serp-hijackingAttacked url: http://cracked.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 12 Jul 2017 12:44:45 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT%2Bzwn10jVoD4M3PpgSppK69kT%2B6Kf6kmE2XqyworK8mVt68vvvgxbNZ0W6e%2FcZuip%2FL1OCQXV5glVeLyHkfM7IwuOQr0%2BpmRG2%2FofFKMK%2B%2Bw7SOhRZ58YtUK1GQdWknk1h4%2BSWbU591%2FfDqKiDrPX6qc2XyE%2FWPT1q5sqgH1Vxr6XZ3bKNvvoSY%2FPthOpKFLGzPecvsm6umSeplOCW1qUS%2BeNDFDEPrrEQOtBT6itOuQVl54ig%2F3e9H%2BrSfNq6GtgG04Yu1pdibGMnEIve5NQeeW00ccflZ4Jh7aK3sSzHgNdbxqRQju%2FzCQodKpggOcHyvKiRWjQUJ3WgOjz04Bi%2BJnU3rAGAZeT3eGfseswSwTXF1WB4bcV3xRFchgRwncfbw89Vxh9vTudTzdn9MOqduXF%2FlymtBClI5xHVxhU87sMnJLqehMI3xG4Q4QA29R42N7rBG%2BfEWbHtsjOVIiHCH31Yh%2Fcq0CIodx2X7367uFNZfSllBNYIE0%2BgpzQxxhuEGK4Os9JNltmqBDp6GbqGw%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: cracked.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Wed, 12 Jul 2017 10:44:45 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499856285.3068132; expires=Sat, 10-Jul-2027 10:44:45 GMT; Max-Age=315360000 <br>Location: http://ww11.cracked.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: cracked.se <br>Referer: http://www.google.com/search?q=cracked.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Wed, 12 Jul 2017 10:44:44 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499856284.4468484; expires=Sat, 10-Jul-2027 10:44:44 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT%2Bzwn10jVoD4M3PpgSppK69kT%2B6Kf6kmE2XqyworK8mVt68vvvgxbNZ0W6e%2FcZuip%2FL1OCQXV5glVeLyHkfM7IwuOQr0%2BpmRG2%2FofFKMK%2B%2Bw7SOhRZ58YtUK1GQdWknk1h4%2BSWbU591%2FfDqKiDrPX6qc2XyE%2FWPT1q5sqgH1Vxr6XZ3bKNvvoSY%2FPthOpKFLGzPecvsm6umSeplOCW1qUS%2BeNDFDEPrrEQOtBT6itOuQVl54ig%2F3e9H%2BrSfNq6GtgG04Yu1pdibGMnEIve5NQeeW00ccflZ4Jh7aK3sSzHgNdbxqRQju%2FzCQodKpggOcHyvKiRWjQUJ3WgOjz04Bi%2BJnU3rAGAZeT3eGfseswSwTXF1WB4bcV3xRFchgRwncfbw89Vxh9vTudTzdn9MOqduXF%2FlymtBClI5xHVxhU87sMnJLqehMI3xG4Q4QA29R42N7rBG%2BfEWbHtsjOVIiHCH31Yh%2Fcq0CIodx2X7367uFNZfSllBNYIE0%2BgpzQxxhuEGK4Os9JNltmqBDp6GbqGw%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>cracked.se is on 103.224.212.191<br>ASN for 103.224.212.191: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.191 corresponds with lb-212-191.above.com<br>Abuse.net does not have any reliable address for lb-212-191.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-191.above.com1499859845http://dinheiro.se/ (103.224.212.191) - Serp-hijackingAttacked url: http://dinheiro.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 04 Jul 2017 11:17:41 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoTyhEAxOsUZ48xdzY%2FBCRBS0yknPn7XsnRwPO9IECWnz5%2BgRoe%2F5H396oUedeBAKqTYLLYPvUcDeZ9g0LM0zNW%2FpsDavvneqGOI5h8317tLxXGquCM2MLjRcv%2B0drU0D%2FT8lE2tSJBI5dC6PbX6PcSFBcOaW5eMqoehlESZwXwjJB5Hfo20RaQrm7P%2FoY0WF2xqp0f70FM9OpsZqzMAeITzkd7mt0DLejX4gnIsAYW%2Ff6p0L%2BIi7o9rpGHrIJ2KaYPSGJrVqzGc8TyhIrhRSxnOfgT9%2ByowH5PZpjPT%2Bbdj2s6S2aJdRN%2FyMLKSg9vEoV%2BnPQttR2jdeXjKQL2p02gMBy341LOIVBlahKUFOslARWAHFLNWwo5E4CV%2B4fAHyfDBiOYaRlllBkHY4MZl9E%2BVSEv3fcsvwyxrZl%2Bq8DqlzaH2Vy%2ByZ122WnkYhx58JS23orDjj79bTtq%2BSJXagVkVeT7ERRt0w7s04ZLS6WAsgLNmMlik3UcWZ%2F395dFS%2BLtsZR3r9pZnWmgOTAx1UwaBY%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: dinheiro.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 04 Jul 2017 09:17:46 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499159866.6762647; expires=Fri, 02-Jul-2027 09:17:46 GMT; Max-Age=315360000 <br>Location: http://ww11.dinheiro.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: dinheiro.se <br>Referer: http://www.google.com/search?q=dinheiro.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 04 Jul 2017 09:17:45 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499159865.6240944; expires=Fri, 02-Jul-2027 09:17:45 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoTyhEAxOsUZ48xdzY%2FBCRBS0yknPn7XsnRwPO9IECWnz5%2BgRoe%2F5H396oUedeBAKqTYLLYPvUcDeZ9g0LM0zNW%2FpsDavvneqGOI5h8317tLxXGquCM2MLjRcv%2B0drU0D%2FT8lE2tSJBI5dC6PbX6PcSFBcOaW5eMqoehlESZwXwjJB5Hfo20RaQrm7P%2FoY0WF2xqp0f70FM9OpsZqzMAeITzkd7mt0DLejX4gnIsAYW%2Ff6p0L%2BIi7o9rpGHrIJ2KaYPSGJrVqzGc8TyhIrhRSxnOfgT9%2ByowH5PZpjPT%2Bbdj2s6S2aJdRN%2FyMLKSg9vEoV%2BnPQttR2jdeXjKQL2p02gMBy341LOIVBlahKUFOslARWAHFLNWwo5E4CV%2B4fAHyfDBiOYaRlllBkHY4MZl9E%2BVSEv3fcsvwyxrZl%2Bq8DqlzaH2Vy%2ByZ122WnkYhx58JS23orDjj79bTtq%2BSJXagVkVeT7ERRt0w7s04ZLS6WAsgLNmMlik3UcWZ%2F395dFS%2BLtsZR3r9pZnWmgOTAx1UwaBY%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>dinheiro.se is on 103.224.212.191<br>ASN for 103.224.212.191: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.191 corresponds with lb-212-191.above.com<br>Abuse.net does not have any reliable address for lb-212-191.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-191.above.com1499173327http://v75kollen.se/ (103.224.212.191) - Serp-hijackingAttacked url: http://v75kollen.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 04 Jul 2017 09:19:08 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoTyhEAxOsUZ48%2B2g9mfWUOwenwGE6hW168UEJQ7%2FzjS8RhX%2BHmHFYGVwa7nXRlpeEikYuHBOSf6jzPHtozNAxpGtvi8Ok7gMu055H5m9I4vLS5L%2B4Gyz6ZV0RIUvR2aKDICN%2FpGQagmdaoVqB7Qi%2Fy%2FpoU5rPoCRvOEmynEcx3GS2%2BvG3n82l9jQZndWzZr6fs%2Fs7JqsxiaDmJESDJiYaQIcTfaO0UXdqUwViNJexH%2FE%2Bya19PojBZquUQCiLhimd9Lvn1NRIgdEFXVp6dAnUVOKQ1p9v0gwafD6ngCtiGCEDFBjxCIZXlagNOdAORD3vKCmB4dn5N7eLXAkmjr%2BfNGGJLrARcAkvIJm89SMimnd76nXauss%2B2T8P%2FRj%2Bmv3B0ai3fVyf4Uu6UZGKraK5qLXe4g8DVvAnffoO38%2FijWRhx2GscP6JQjCKWfXuQIx0Yob3GmTw1w%2F5ZgLuhsaFCQDjFfMpBcXs92fPdhyZf5Bx3xfl4BltHifsgvUz7piwQeVMFbmH054wm8%2Bpl8x8my0%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: v75kollen.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 04 Jul 2017 07:19:13 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499152753.3173639; expires=Fri, 02-Jul-2027 07:19:13 GMT; Max-Age=315360000 <br>Location: http://ww11.v75kollen.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: v75kollen.se <br>Referer: http://www.google.com/search?q=v75kollen.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 04 Jul 2017 07:19:12 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499152752.8718424; expires=Fri, 02-Jul-2027 07:19:12 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoTyhEAxOsUZ48%2B2g9mfWUOwenwGE6hW168UEJQ7%2FzjS8RhX%2BHmHFYGVwa7nXRlpeEikYuHBOSf6jzPHtozNAxpGtvi8Ok7gMu055H5m9I4vLS5L%2B4Gyz6ZV0RIUvR2aKDICN%2FpGQagmdaoVqB7Qi%2Fy%2FpoU5rPoCRvOEmynEcx3GS2%2BvG3n82l9jQZndWzZr6fs%2Fs7JqsxiaDmJESDJiYaQIcTfaO0UXdqUwViNJexH%2FE%2Bya19PojBZquUQCiLhimd9Lvn1NRIgdEFXVp6dAnUVOKQ1p9v0gwafD6ngCtiGCEDFBjxCIZXlagNOdAORD3vKCmB4dn5N7eLXAkmjr%2BfNGGJLrARcAkvIJm89SMimnd76nXauss%2B2T8P%2FRj%2Bmv3B0ai3fVyf4Uu6UZGKraK5qLXe4g8DVvAnffoO38%2FijWRhx2GscP6JQjCKWfXuQIx0Yob3GmTw1w%2F5ZgLuhsaFCQDjFfMpBcXs92fPdhyZf5Bx3xfl4BltHifsgvUz7piwQeVMFbmH054wm8%2Bpl8x8my0%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>v75kollen.se is on 103.224.212.191<br>ASN for 103.224.212.191: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.191 corresponds with lb-212-191.above.com<br>Abuse.net does not have any reliable address for lb-212-191.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-191.above.com1499173312http://custommer.se/ (103.224.212.191) - Serp-hijackingAttacked url: http://custommer.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 03 Jul 2017 18:51:00 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoTyhEAxOsUZ48jnAil%2FS%2Bb0QRe%2BBKJ6XYWIWatPWtIIjcH5A95EAlO0r5Z%2FSqhwsQAPpSrlWjQ%2FIr40draH%2FRe09xw0aRTqJogUQyzS%2Bf3JAw0f8JUKZw4OISTA5Rf1ZrgUNb5X872DOV8PJXnvDjiC6s4XTN7dJSG4sJKbTUgj8Nx15XfMUU9vXPg2wvOXAkpiw4BqIoyebEl8fePbQTlvceHPmpIDOYGBfTQj2Q934%2FE4FmpGBIvsiQY5LyHfSJ3lAm5O%2FyQRlCfrROb84%2FABam346SdMnkucv85nWSE7VBz4PMsSTSVEuCTg6%2BPBapw5vpDpwQrBxpQi9ttu%2Be7fjGCJnWAWIMeVUWQLdVXw%2Bwl0p16ee55Pj%2B4KcEoHfBPNnoIn9X%2FgXGMKjJKx8H4jb8Sc5D12F8v%2BfFLUSMRY94kLvaiTDFJ4phtJhN5O8CDYzopLeIXn7FPbsm72%2BezGhs1NtD3HfUAOQLf861rEc1NDiC6NdDmZJpuwkThhIorEFQglIM4hnuedd156YEmcMO%2FU3FtiEXnA%3D%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: custommer.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 03 Jul 2017 16:51:05 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499100665.2018792; expires=Thu, 01-Jul-2027 16:51:05 GMT; Max-Age=315360000 <br>Location: http://ww38.custommer.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: custommer.se <br>Referer: http://www.google.com/search?q=custommer.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 03 Jul 2017 16:51:04 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499100664.3456945; expires=Thu, 01-Jul-2027 16:51:04 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoTyhEAxOsUZ48jnAil%2FS%2Bb0QRe%2BBKJ6XYWIWatPWtIIjcH5A95EAlO0r5Z%2FSqhwsQAPpSrlWjQ%2FIr40draH%2FRe09xw0aRTqJogUQyzS%2Bf3JAw0f8JUKZw4OISTA5Rf1ZrgUNb5X872DOV8PJXnvDjiC6s4XTN7dJSG4sJKbTUgj8Nx15XfMUU9vXPg2wvOXAkpiw4BqIoyebEl8fePbQTlvceHPmpIDOYGBfTQj2Q934%2FE4FmpGBIvsiQY5LyHfSJ3lAm5O%2FyQRlCfrROb84%2FABam346SdMnkucv85nWSE7VBz4PMsSTSVEuCTg6%2BPBapw5vpDpwQrBxpQi9ttu%2Be7fjGCJnWAWIMeVUWQLdVXw%2Bwl0p16ee55Pj%2B4KcEoHfBPNnoIn9X%2FgXGMKjJKx8H4jb8Sc5D12F8v%2BfFLUSMRY94kLvaiTDFJ4phtJhN5O8CDYzopLeIXn7FPbsm72%2BezGhs1NtD3HfUAOQLf861rEc1NDiC6NdDmZJpuwkThhIorEFQglIM4hnuedd156YEmcMO%2FU3FtiEXnA%3D%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>custommer.se is on 103.224.212.191<br>ASN for 103.224.212.191: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.191 corresponds with lb-212-191.above.com<br>Abuse.net does not have any reliable address for lb-212-191.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-212-191.above.com abuse@above.com1499173185http://canalgigital.se/ (103.224.212.191) - Serp-hijackingAttacked url: http://canalgigital.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 26 Jun 2017 11:32:34 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT6sSzkBksKiZJ76njm9cuQfLrHY6JSImI68HLZNNjPIuLusUYhXp8p13801UO8ycp6m%2FzZxC71OGyMhafLytyz4yDRPiX3e2nwA6qo2fX9d0uPO%2FtDxSB8DWUXG%2F%2FEPQGztAiF2e8A%2FhhkspwsdZUu9Txq6AIbWPpggFngV9atmJxR182ZZ6gBN5g3b3NwkPBEYNolQrEmV6YwbMMmAAPtqJ8r7fB66y58bJ6MsBFYnNZTWaZu4qvtitR0N92utd1tvwvIFqjgxiOnFNa4ScvPD%2B5F9NN%2FXReSOvAGcvGtbvebS8fTK%2BbZON7QEN%2Fk8Oo5tAKHWznYKAlyAcYKdX83sO3pJMx5TSUBLLed%2FJlHNFMMXzTJ4QCVSVq8D%2FwLA9%2FCwgKjfMVlDSfbUZU3ZBnuZgR2iID%2B%2FJZrW1hVuW9ZKeNFszWHQqg1MvZB1ZR8MP4b8iMuor4Z4LHY54mqfh6Lh3RaLgGVI8toyMrQweRPOkUBPxDB8pccxail0nd%2Bby1ChC97GbCuGYPYr48MnoLwp2Dbxm2MLgEw%3D%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: canalgigital.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 26 Jun 2017 09:32:34 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1498469554.6017635; expires=Thu, 24-Jun-2027 09:32:34 GMT; Max-Age=315360000 <br>Location: http://ww38.canalgigital.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: canalgigital.se <br>Referer: http://www.google.com/search?q=canalgigital.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 26 Jun 2017 09:32:33 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1498469553.3178485; expires=Thu, 24-Jun-2027 09:32:33 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT6sSzkBksKiZJ76njm9cuQfLrHY6JSImI68HLZNNjPIuLusUYhXp8p13801UO8ycp6m%2FzZxC71OGyMhafLytyz4yDRPiX3e2nwA6qo2fX9d0uPO%2FtDxSB8DWUXG%2F%2FEPQGztAiF2e8A%2FhhkspwsdZUu9Txq6AIbWPpggFngV9atmJxR182ZZ6gBN5g3b3NwkPBEYNolQrEmV6YwbMMmAAPtqJ8r7fB66y58bJ6MsBFYnNZTWaZu4qvtitR0N92utd1tvwvIFqjgxiOnFNa4ScvPD%2B5F9NN%2FXReSOvAGcvGtbvebS8fTK%2BbZON7QEN%2Fk8Oo5tAKHWznYKAlyAcYKdX83sO3pJMx5TSUBLLed%2FJlHNFMMXzTJ4QCVSVq8D%2FwLA9%2FCwgKjfMVlDSfbUZU3ZBnuZgR2iID%2B%2FJZrW1hVuW9ZKeNFszWHQqg1MvZB1ZR8MP4b8iMuor4Z4LHY54mqfh6Lh3RaLgGVI8toyMrQweRPOkUBPxDB8pccxail0nd%2Bby1ChC97GbCuGYPYr48MnoLwp2Dbxm2MLgEw%3D%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>canalgigital.se is on 103.224.212.191<br>ASN for 103.224.212.191: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.191 corresponds with lb-212-191.above.com<br>Abuse.net does not have any reliable address for lb-212-191.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-212-191.above.com abuse@above.com1498482308http://prpellerheads.se/ (103.224.212.191) - Serp-hijackingAttacked url: http://prpellerheads.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 21 Jun 2017 00:31:38 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT3OnBIzJNWcRE2%2Byq3Sn0scxs3%2F5KmCsVnl7PUBYsGhh99ZZQ%2BGmi1oHV5TeLSa%2FlQL5CfEs0Na4wYgVTmc8sKZQl4WorCFwZizk41TkToEXU%2BXTGpVmphoGZOuCbBW41PYjE3Pk4Wh1eWBrp04dvh1h%2FYGG72kjv1%2BjXeWiFSzWzEW8CYyoReZ3b2BQXKbSvGkPY2i%2BZSkInl9loHBYe5ViJNaYOl5KNT6owZ%2B4ajM6jBr7k0EuDK5v3m44Us5vs8xMEFAwixgvkaowSW63kUVb0IMLMnSoXHQ23RgCbbqrd35SA1NNqSE9J07HMQJ%2Fi1L%2B76P9xVODxWdLxWNBVBatJGS%2FRZfP9z3Le5IbG8l6ulL8YP%2FGR9hva3ygtabYbWumd%2BG57oLtGTlXu%2FtF9jcFVi1qTdo28LI20vuLUQbxwJDufwrkvQRNjN1IGE4JHJSrTb%2B00uoqHOaBC%2Fb2Hv00ygo768QyVeEFKzt4DiQ%2BUuTcyRHNSpHvEApQu2UP%2BXvRYDQicIA5x65OF6jPwD%2FMy8g2fc9zsJZWjmM9uQ1iE8mzQHStT2c%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: prpellerheads.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 20 Jun 2017 22:31:39 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45-0+deb7u8 <br>Set-Cookie: __tad=1497997899.3491548; expires=Fri, 18-Jun-2027 22:31:39 GMT <br>Location: http://ww11.prpellerheads.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: prpellerheads.se <br>Referer: http://www.google.com/search?q=prpellerheads.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 20 Jun 2017 22:31:38 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497997898.7315708; expires=Fri, 18-Jun-2027 22:31:38 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT3OnBIzJNWcRE2%2Byq3Sn0scxs3%2F5KmCsVnl7PUBYsGhh99ZZQ%2BGmi1oHV5TeLSa%2FlQL5CfEs0Na4wYgVTmc8sKZQl4WorCFwZizk41TkToEXU%2BXTGpVmphoGZOuCbBW41PYjE3Pk4Wh1eWBrp04dvh1h%2FYGG72kjv1%2BjXeWiFSzWzEW8CYyoReZ3b2BQXKbSvGkPY2i%2BZSkInl9loHBYe5ViJNaYOl5KNT6owZ%2B4ajM6jBr7k0EuDK5v3m44Us5vs8xMEFAwixgvkaowSW63kUVb0IMLMnSoXHQ23RgCbbqrd35SA1NNqSE9J07HMQJ%2Fi1L%2B76P9xVODxWdLxWNBVBatJGS%2FRZfP9z3Le5IbG8l6ulL8YP%2FGR9hva3ygtabYbWumd%2BG57oLtGTlXu%2FtF9jcFVi1qTdo28LI20vuLUQbxwJDufwrkvQRNjN1IGE4JHJSrTb%2B00uoqHOaBC%2Fb2Hv00ygo768QyVeEFKzt4DiQ%2BUuTcyRHNSpHvEApQu2UP%2BXvRYDQicIA5x65OF6jPwD%2FMy8g2fc9zsJZWjmM9uQ1iE8mzQHStT2c%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>prpellerheads.se is on 103.224.212.191<br>ASN for 103.224.212.191: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.191 corresponds with lb-212-191.above.com<br>Abuse.net does not have any reliable address for lb-212-191.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-191.above.com1498050154http://upplyssningen.se/ (103.224.212.191) - Serp-hijackingAttacked url: http://upplyssningen.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 20 Jun 2017 19:48:51 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT3OnBIzJNWcRbV%2FSkcN5fQnrfGj%2BRB90xoQR3IoOE0jZmxT5QPwu%2Fha79YoLkOld7yXNdufbKurLhCDpYa3T%2BND4Vw7Boxg2v6BgDIOirsKg04GRJNk2VLSDveewjV2OKvPwFuhQHGeVbhYlrzesu3GGMqHJcK1v%2BGFe%2FuTJhSIALfwpkiHrQ9zd6mRi%2FfsZScT0CammeSdN2LHQ2u96NROuAv%2BgtVGp42p6U8srxTpkgAbrVjiA42HQ%2F0Ic0kNEu6jCWuSS2NXrdk3RNQJKF7d6qcuic%2FIeS6f75XGhoBliKcGH5yDM4BCIcI8AO3JXaZmJ67sTaC9dafe8ZU0Qy5h260tB6fg55Wh%2FLZo3fxxvWhVsCdHhQc0Ofwl8hMfXZu7cOO9rewMdrYmSMxf28CdZrxzuH0xYnTN6V%2FoI8AVVhrE0bXyvgkFUEIfhTLM6zVg2JSqHhYYg3pm5GtqgZtERjh88%2F%2BOiKCLnU4rwL2Z58iNgpiakNW%2FEoVAUlM0uSZTJ5Ojpqy9h3xbesCxhLN8Hz8SKgoaPJzToWyBLF7Eh <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: upplyssningen.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 20 Jun 2017 17:48:51 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497980931.8484170; expires=Fri, 18-Jun-2027 17:48:51 GMT; Max-Age=315360000 <br>Location: http://ww11.upplyssningen.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: upplyssningen.se <br>Referer: http://www.google.com/search?q=upplyssningen.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 20 Jun 2017 17:48:50 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497980930.6636569; expires=Fri, 18-Jun-2027 17:48:50 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT3OnBIzJNWcRbV%2FSkcN5fQnrfGj%2BRB90xoQR3IoOE0jZmxT5QPwu%2Fha79YoLkOld7yXNdufbKurLhCDpYa3T%2BND4Vw7Boxg2v6BgDIOirsKg04GRJNk2VLSDveewjV2OKvPwFuhQHGeVbhYlrzesu3GGMqHJcK1v%2BGFe%2FuTJhSIALfwpkiHrQ9zd6mRi%2FfsZScT0CammeSdN2LHQ2u96NROuAv%2BgtVGp42p6U8srxTpkgAbrVjiA42HQ%2F0Ic0kNEu6jCWuSS2NXrdk3RNQJKF7d6qcuic%2FIeS6f75XGhoBliKcGH5yDM4BCIcI8AO3JXaZmJ67sTaC9dafe8ZU0Qy5h260tB6fg55Wh%2FLZo3fxxvWhVsCdHhQc0Ofwl8hMfXZu7cOO9rewMdrYmSMxf28CdZrxzuH0xYnTN6V%2FoI8AVVhrE0bXyvgkFUEIfhTLM6zVg2JSqHhYYg3pm5GtqgZtERjh88%2F%2BOiKCLnU4rwL2Z58iNgpiakNW%2FEoVAUlM0uSZTJ5Ojpqy9h3xbesCxhLN8Hz8SKgoaPJzToWyBLF7Eh <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>upplyssningen.se is on 103.224.212.191<br>ASN for 103.224.212.191: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.191 corresponds with lb-212-191.above.com<br>Abuse.net does not have any reliable address for lb-212-191.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-212-191.above.com abuse@above.com1498049969http://ifmetallakassa.se/ (103.224.212.191) - Serp-hijackingAttacked url: http://ifmetallakassa.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 20 Jun 2017 05:01:25 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT4XKo%2Fgxkdz1ZjM7aoRp8SSztnYuEPHsm22fFTf1KMZ9gkjmlneMP5W5yQtmPaKG%2BekAiU33k4y4eU3PcUvQbVaiuRbBRT2cFe3GiWsnXt1r%2BilVn0cmUBp8nBRia0Mz6bT8mbMweTyIvMKqytP4ScuVAHXtMUBUgKnAJ0PH6e46jqueyqVCJkaP9MZQ86asCIrsdnsMFDSJnmRF0NwXU49r%2FL%2FdtUco4WFjJqcUF5ZiXTqUr7Tv7x3YxctpbzoCwoiwGQRKnAHqPaGFpoqBwHfH1RVl5J4zUz6FoatZUrx9AfZiouRFvkeTMCa5q%2FI221WyvH7yL9zQ84iLAsQsTmc%2Fx1WW%2BSB3SKQqOzEqH2OlYK6kALKzpuSmg0nWT%2F0bBESILo3ak%2FSmeFOZR9sDN%2Bz%2BvjFBFrZUArjocr1PrxnbxykpNLcxRkIjuwHYMiTvLlEiEtw21t9Y47Z5ZeNKnG8Hyl64KArcDBSjsBwTMbGrUoLvH8o5JNi%2BuSeU6zrVHb1r2POfN2u1prQf1Jzqay1Xe5bGs4%2FKZ54Nu%2B43t7wm <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: ifmetallakassa.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 20 Jun 2017 03:01:26 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45-0+deb7u8 <br>Set-Cookie: __tad=1497927686.3997423; expires=Fri, 18-Jun-2027 03:01:26 GMT <br>Location: http://ww38.ifmetallakassa.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: ifmetallakassa.se <br>Referer: http://www.google.com/search?q=ifmetallakassa.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 20 Jun 2017 03:01:25 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497927685.5615534; expires=Fri, 18-Jun-2027 03:01:25 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT4XKo%2Fgxkdz1ZjM7aoRp8SSztnYuEPHsm22fFTf1KMZ9gkjmlneMP5W5yQtmPaKG%2BekAiU33k4y4eU3PcUvQbVaiuRbBRT2cFe3GiWsnXt1r%2BilVn0cmUBp8nBRia0Mz6bT8mbMweTyIvMKqytP4ScuVAHXtMUBUgKnAJ0PH6e46jqueyqVCJkaP9MZQ86asCIrsdnsMFDSJnmRF0NwXU49r%2FL%2FdtUco4WFjJqcUF5ZiXTqUr7Tv7x3YxctpbzoCwoiwGQRKnAHqPaGFpoqBwHfH1RVl5J4zUz6FoatZUrx9AfZiouRFvkeTMCa5q%2FI221WyvH7yL9zQ84iLAsQsTmc%2Fx1WW%2BSB3SKQqOzEqH2OlYK6kALKzpuSmg0nWT%2F0bBESILo3ak%2FSmeFOZR9sDN%2Bz%2BvjFBFrZUArjocr1PrxnbxykpNLcxRkIjuwHYMiTvLlEiEtw21t9Y47Z5ZeNKnG8Hyl64KArcDBSjsBwTMbGrUoLvH8o5JNi%2BuSeU6zrVHb1r2POfN2u1prQf1Jzqay1Xe5bGs4%2FKZ54Nu%2B43t7wm <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>ifmetallakassa.se is on 103.224.212.191<br>ASN for 103.224.212.191: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.191 corresponds with lb-212-191.above.com<br>Abuse.net does not have any reliable address for lb-212-191.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-191.above.com1497971104http://swefilmers.se/ (103.224.212.191) - Serp-hijackingAttacked url: http://swefilmers.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Sun, 18 Jun 2017 21:37:30 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT9c2HXXKlhVj2qNfgiOy%2BYdsEPPuQSwitKzsFjtfJOhLX5r7S0b%2BG7ayqLn9onlEhdesdpL%2Bc1Mrkf8LGeTfUQ3OOaRhWWTg93WBWl72zWDqEv1guIFH5P%2BgOuSPuWMv0he9GYJxgc5kfSkw3roupOykaY9TSI06NnRYYuRuqiJtTglU82JKK4EkRsWtX4%2F5%2BEDINpCueue7JnXqeZJ3fsmqpRAyJ3CUiE7l97iSIzwtfi38%2FGtdkxoUreM7qJmLJ5K%2FQGFOncUevEvjUxA0gDfoh8PJPai%2BGDes%2BW52L3TtSEn3z4v7XB0Vc5aXplJa%2BQOleOIQO0CKQOV4%2B%2BoTc4ao5osUZM1vzvR8ijmfwEVj8KSl5qUQZNns8%2BCV116LlGCiN3GuGP86IuR0H85LSLH3gwdo3bMsHUDc%2BbiRyW9zKpcVzeNxNRJY76hGixfO2aRIDgp7pQibzHhsl59ZqilEujuKgEyU3NB04sWAg1KHyeZRok12aRWdE98dBs5j19kxJsg2YV1AoH0xdjffWbZrTeM%2Bp6ONiA%3D%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: swefilmers.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Sun, 18 Jun 2017 19:37:30 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45-0+deb7u8 <br>Set-Cookie: __tad=1497814650.7859357; expires=Wed, 16-Jun-2027 19:37:30 GMT <br>Location: http://ww11.swefilmers.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: swefilmers.se <br>Referer: http://www.google.com/search?q=swefilmers.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Sun, 18 Jun 2017 19:37:29 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497814649.5195256; expires=Wed, 16-Jun-2027 19:37:29 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT9c2HXXKlhVj2qNfgiOy%2BYdsEPPuQSwitKzsFjtfJOhLX5r7S0b%2BG7ayqLn9onlEhdesdpL%2Bc1Mrkf8LGeTfUQ3OOaRhWWTg93WBWl72zWDqEv1guIFH5P%2BgOuSPuWMv0he9GYJxgc5kfSkw3roupOykaY9TSI06NnRYYuRuqiJtTglU82JKK4EkRsWtX4%2F5%2BEDINpCueue7JnXqeZJ3fsmqpRAyJ3CUiE7l97iSIzwtfi38%2FGtdkxoUreM7qJmLJ5K%2FQGFOncUevEvjUxA0gDfoh8PJPai%2BGDes%2BW52L3TtSEn3z4v7XB0Vc5aXplJa%2BQOleOIQO0CKQOV4%2B%2BoTc4ao5osUZM1vzvR8ijmfwEVj8KSl5qUQZNns8%2BCV116LlGCiN3GuGP86IuR0H85LSLH3gwdo3bMsHUDc%2BbiRyW9zKpcVzeNxNRJY76hGixfO2aRIDgp7pQibzHhsl59ZqilEujuKgEyU3NB04sWAg1KHyeZRok12aRWdE98dBs5j19kxJsg2YV1AoH0xdjffWbZrTeM%2Bp6ONiA%3D%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>swefilmers.se is on 103.224.212.191<br>ASN for 103.224.212.191: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.191 corresponds with lb-212-191.above.com<br>Abuse.net does not have any reliable address for lb-212-191.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-191.above.com1497853506http://pricerunnere.se/ (103.224.212.191) - Serp-hijackingAttacked url: http://pricerunnere.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Fri, 16 Jun 2017 09:54:41 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT1U1o%2BKUv4rfXH2IwEPeiz%2BHLr16nCdI96hxWGtUPzzGcvrvX6%2BxdyVT34D0fevQKUWSNa5QH32nrB9T31sa5lRTi%2B5ysEAMLsv%2FMUxZNOS9ntCGCGH93m%2FsLiUCsbO%2Bq01NArzJG78Dm4840O2XJPdkMVoO1bezr6P4aoqebfnIRFZjUwm8ebr1rFhf0If9EoI3NfRgZpronRx7TQAdiUlWYo9mF1pSP4i5mkx5bk4hAKgtaSjAeFQq4ArKkMYl1tzq%2B4o0luk1zbEmioP7VC3SxB%2FMdbIzvGAqK%2FjXe%2BWKONBya9YxeMd8HIwYTNm44sthF9Q8owZYxprTc7V7YkWXyShl8YkBh%2FIBgaHn%2F6VX5JSsILmsqRub01n6LGZBmC0b0vJ2cQzquh4RSFfS3UYpbKP81QQhsXWgTFWBYcLmY0UV3dFH0keInAhT3F9cmS7DMSQNhbvKhAEiRBftlNUEfZhzswx%2FyVCsMwy5AUUpGLfR%2BH%2BWxO6lj8Cb%2F3VcELAPzma5xLwj9IQSOiQeyyIxiK6kvAaGcRVP40y1jxgzLmUY7w7wz9o%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: pricerunnere.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Fri, 16 Jun 2017 07:54:41 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45-0+deb7u8 <br>Set-Cookie: __tad=1497599681.5624479; expires=Mon, 14-Jun-2027 07:54:41 GMT <br>Location: http://ww11.pricerunnere.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: pricerunnere.se <br>Referer: http://www.google.com/search?q=pricerunnere.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Fri, 16 Jun 2017 07:54:40 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45-0+deb7u8 <br>Set-Cookie: __tad=1497599680.8211206; expires=Mon, 14-Jun-2027 07:54:40 GMT <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT1U1o%2BKUv4rfXH2IwEPeiz%2BHLr16nCdI96hxWGtUPzzGcvrvX6%2BxdyVT34D0fevQKUWSNa5QH32nrB9T31sa5lRTi%2B5ysEAMLsv%2FMUxZNOS9ntCGCGH93m%2FsLiUCsbO%2Bq01NArzJG78Dm4840O2XJPdkMVoO1bezr6P4aoqebfnIRFZjUwm8ebr1rFhf0If9EoI3NfRgZpronRx7TQAdiUlWYo9mF1pSP4i5mkx5bk4hAKgtaSjAeFQq4ArKkMYl1tzq%2B4o0luk1zbEmioP7VC3SxB%2FMdbIzvGAqK%2FjXe%2BWKONBya9YxeMd8HIwYTNm44sthF9Q8owZYxprTc7V7YkWXyShl8YkBh%2FIBgaHn%2F6VX5JSsILmsqRub01n6LGZBmC0b0vJ2cQzquh4RSFfS3UYpbKP81QQhsXWgTFWBYcLmY0UV3dFH0keInAhT3F9cmS7DMSQNhbvKhAEiRBftlNUEfZhzswx%2FyVCsMwy5AUUpGLfR%2BH%2BWxO6lj8Cb%2F3VcELAPzma5xLwj9IQSOiQeyyIxiK6kvAaGcRVP40y1jxgzLmUY7w7wz9o%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>pricerunnere.se is on 103.224.212.191<br>ASN for 103.224.212.191: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.191 corresponds with lb-212-191.above.com<br>Abuse.net does not have any reliable address for lb-212-191.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-191.above.com1497625709http://nordencamping.se/ (103.224.212.191) - Serp-hijackingAttacked url: http://nordencamping.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Thu, 15 Jun 2017 17:21:16 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT1U1o%2BKUv4rfJ6fWKAJy5hAi8VeEKBge5CrwaDxFRyn9aLgjYyV8YuqplGDxWLJCc%2Bp63FdO%2BZ3C4o2jYT%2FQ0fz3CyHXaMkAQj2LOk0iYYjBDC7Hk5%2F3Z1dOQHp48EtLUlA0vj6LH8D40OpF6oQ71MCeHLyNxqDuA77IOSVe%2BJy2m7eFjcJF6bf0NGWzUebB45lwQRsITzbXQimcMwXjMON6KvfTGmJt%2F%2F41cCzDJG%2FHCeTSnYewbbRM%2BXObRfVkip%2F%2Bk%2BppCsP39v37VoB3%2BwfhDSCq9ox%2BZpwzE%2B773zhAnJ2BAuvS1BnlFx0F%2F3D8O48BcpGcxMgwiaS7kgRSsrNKP21J7SYLtCoCEBpC5HmbWSZ9M9oQJWQGyL%2FuCYaxClgbAzsqbWvjmoemHueglE2XlYD30QDunLL%2BjoN%2BpNfRPsi5%2FhlDkb%2FIgW4iDw4pNE9OuQd9TV%2Bh3Se%2FC1ORAu3KBdwx9bM03UIWw4KB22XZ8wBuJViL4oGqdXMBIQGXIEMd7dloDo19XMHAbctyh%2F9Kzi4c6FXFpgsK9YcB5t%2BB%2BSX9Qlu21zg%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: nordencamping.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Thu, 15 Jun 2017 15:21:16 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45-0+deb7u8 <br>Set-Cookie: __tad=1497540076.1806771; expires=Sun, 13-Jun-2027 15:21:16 GMT <br>Location: http://ww11.nordencamping.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: nordencamping.se <br>Referer: http://www.google.com/search?q=nordencamping.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Thu, 15 Jun 2017 15:21:15 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45-0+deb7u8 <br>Set-Cookie: __tad=1497540076.7974564; expires=Sun, 13-Jun-2027 15:21:16 GMT <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT1U1o%2BKUv4rfJ6fWKAJy5hAi8VeEKBge5CrwaDxFRyn9aLgjYyV8YuqplGDxWLJCc%2Bp63FdO%2BZ3C4o2jYT%2FQ0fz3CyHXaMkAQj2LOk0iYYjBDC7Hk5%2F3Z1dOQHp48EtLUlA0vj6LH8D40OpF6oQ71MCeHLyNxqDuA77IOSVe%2BJy2m7eFjcJF6bf0NGWzUebB45lwQRsITzbXQimcMwXjMON6KvfTGmJt%2F%2F41cCzDJG%2FHCeTSnYewbbRM%2BXObRfVkip%2F%2Bk%2BppCsP39v37VoB3%2BwfhDSCq9ox%2BZpwzE%2B773zhAnJ2BAuvS1BnlFx0F%2F3D8O48BcpGcxMgwiaS7kgRSsrNKP21J7SYLtCoCEBpC5HmbWSZ9M9oQJWQGyL%2FuCYaxClgbAzsqbWvjmoemHueglE2XlYD30QDunLL%2BjoN%2BpNfRPsi5%2FhlDkb%2FIgW4iDw4pNE9OuQd9TV%2Bh3Se%2FC1ORAu3KBdwx9bM03UIWw4KB22XZ8wBuJViL4oGqdXMBIQGXIEMd7dloDo19XMHAbctyh%2F9Kzi4c6FXFpgsK9YcB5t%2BB%2BSX9Qlu21zg%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>nordencamping.se is on 103.224.212.191<br>ASN for 103.224.212.191: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.191 corresponds with lb-212-191.above.com<br>Abuse.net does not have any reliable address for lb-212-191.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-191.above.com1497624889