Säkrare hemsida med .sehttp://xn--bjrnbio-b1a.se/ (103.224.212.192) - Serp-hijackingAttacked url: http://xn--bjrnbio-b1a.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 12 Jul 2017 04:30:01 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT%2Bzwn10jVoD4npwLaleydww%2F%2F8g%2FdKH89ZWt0cg1thkNxM%2BTrHdSOHA8s%2BmYhU457nIWMIRaXm8pQyfOjGogyd61FuD81H3Bu8gNIY%2FuHHxVN9W34zH5aM7yRbJZ56MGivC%2BoUq3onz3wBvYDJ5HZ4BnA%2FcF9kFsGPXHPTWCnBTW7YUD4e28KPkSoo7H1uYzmdMSosYN1LfBxF52gbkAvgN7C0As7nFevHOaMzQNKSO0TAQjOH8grqPf5OiBLk%2Be2dX5bnUFSfFNqJ1%2BAmkUyHNoI7HwOTPXTRh1E%2FbHzVdt4qcO0SpJ1Z5yTsQQpTHzE7oc1t0lw5qMXlZuTmJJn58lHpxBVtnIUaf%2F90XbcgHeiq2GRjKP3NrGXkJSczTjGR9XC1WgDyFfUCGcANu5C6ZlEJXCmADHXJr%2B6G4lLOGDb5I4RDB%2B3ljRZJ%2BOjPcYfb6Uq%2BAmiZznltN0rQobwc6F4rBvjtDLRg5eVBKm5jLeHHPg%2BthQVIn%2F5qF3EfLieOoLnlEoyVIbSPwkH0l0%2Bc12Vizp%2Fn3AZMWXJX%2BaA9Jy <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: xn--bjrnbio-b1a.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Wed, 12 Jul 2017 02:30:08 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499826608.4435002; expires=Sat, 10-Jul-2027 02:30:08 GMT; Max-Age=315360000 <br>Location: http://ww38.xn--bjrnbio-b1a.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: xn--bjrnbio-b1a.se <br>Referer: http://www.google.com/search?q=xn--bjrnbio-b1a.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Wed, 12 Jul 2017 02:30:07 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499826607.8224461; expires=Sat, 10-Jul-2027 02:30:07 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT%2Bzwn10jVoD4npwLaleydww%2F%2F8g%2FdKH89ZWt0cg1thkNxM%2BTrHdSOHA8s%2BmYhU457nIWMIRaXm8pQyfOjGogyd61FuD81H3Bu8gNIY%2FuHHxVN9W34zH5aM7yRbJZ56MGivC%2BoUq3onz3wBvYDJ5HZ4BnA%2FcF9kFsGPXHPTWCnBTW7YUD4e28KPkSoo7H1uYzmdMSosYN1LfBxF52gbkAvgN7C0As7nFevHOaMzQNKSO0TAQjOH8grqPf5OiBLk%2Be2dX5bnUFSfFNqJ1%2BAmkUyHNoI7HwOTPXTRh1E%2FbHzVdt4qcO0SpJ1Z5yTsQQpTHzE7oc1t0lw5qMXlZuTmJJn58lHpxBVtnIUaf%2F90XbcgHeiq2GRjKP3NrGXkJSczTjGR9XC1WgDyFfUCGcANu5C6ZlEJXCmADHXJr%2B6G4lLOGDb5I4RDB%2B3ljRZJ%2BOjPcYfb6Uq%2BAmiZznltN0rQobwc6F4rBvjtDLRg5eVBKm5jLeHHPg%2BthQVIn%2F5qF3EfLieOoLnlEoyVIbSPwkH0l0%2Bc12Vizp%2Fn3AZMWXJX%2BaA9Jy <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>xn--bjrnbio-b1a.se is on 103.224.212.192<br>ASN for 103.224.212.192: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.192 corresponds with lb-212-192.above.com<br>Abuse.net does not have any reliable address for lb-212-192.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-212-192.above.com abuse@above.com1499844954http://bjornekullawhisky.se/ (103.224.212.192) - Serp-hijackingAttacked url: http://bjornekullawhisky.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 03 Jul 2017 14:08:16 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT4H%2FTForGCHATS8z02ylW51vCQA1oheQI9i6Y4Mz1MhOczl7ziYU5HvbmPU7FmD0zKVkpVzeC6n54QEQdfRpiCNdnUvp64hsNZGNeQVMCqHwdtWh%2B0l6DqBg9TCffei%2BaRoGN8v7bVDyN8NJ%2FAT8p5QSdDj9Ij%2B8hB631urpPwGqeEvOzj7qUFaRFDGQqwBtGm5iNVqHyTizqUlCmu6CPIij7SDnTYODEzyag5%2B5nGWbJS8JBE31rAREm4%2Bc837SgGePUB7rDLdVmO409ESJLVvgoRcxIRsqDVAxJOLiSgpfm04y7S2%2BtYpd8RkU6%2BkHrOfCvxji%2F%2BS5edjPp2Tl22h15Ompv5yX2ApDbzjUL0r%2FLofV%2BeLxWdV4IK8hCrvvUx5SIR2JFeayo3xjsCpAaFOcqeZwyur1RQGg5O3Wyxf%2FIDVfoIp8DCqyBFx1o9xSPW%2FW1pWjRGxsZwCcUaefAzXYzs5MrhAM%2BStXsfDvx5fLNE3GRWsKIxAocoO1GR8%2BFVfs0nbyfNlN3JcK9jdjTlh%2F5EKXNO8d7y8ndtv9Z5kGb2rcK87kCI8%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: bjornekullawhisky.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 03 Jul 2017 12:08:16 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499083696.5562252; expires=Thu, 01-Jul-2027 12:08:16 GMT; Max-Age=315360000 <br>Location: http://ww11.bjornekullawhisky.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: bjornekullawhisky.se <br>Referer: http://www.google.com/search?q=bjornekullawhisky.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 03 Jul 2017 12:08:15 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499083695.5132069; expires=Thu, 01-Jul-2027 12:08:15 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT4H%2FTForGCHATS8z02ylW51vCQA1oheQI9i6Y4Mz1MhOczl7ziYU5HvbmPU7FmD0zKVkpVzeC6n54QEQdfRpiCNdnUvp64hsNZGNeQVMCqHwdtWh%2B0l6DqBg9TCffei%2BaRoGN8v7bVDyN8NJ%2FAT8p5QSdDj9Ij%2B8hB631urpPwGqeEvOzj7qUFaRFDGQqwBtGm5iNVqHyTizqUlCmu6CPIij7SDnTYODEzyag5%2B5nGWbJS8JBE31rAREm4%2Bc837SgGePUB7rDLdVmO409ESJLVvgoRcxIRsqDVAxJOLiSgpfm04y7S2%2BtYpd8RkU6%2BkHrOfCvxji%2F%2BS5edjPp2Tl22h15Ompv5yX2ApDbzjUL0r%2FLofV%2BeLxWdV4IK8hCrvvUx5SIR2JFeayo3xjsCpAaFOcqeZwyur1RQGg5O3Wyxf%2FIDVfoIp8DCqyBFx1o9xSPW%2FW1pWjRGxsZwCcUaefAzXYzs5MrhAM%2BStXsfDvx5fLNE3GRWsKIxAocoO1GR8%2BFVfs0nbyfNlN3JcK9jdjTlh%2F5EKXNO8d7y8ndtv9Z5kGb2rcK87kCI8%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>bjornekullawhisky.se is on 103.224.212.192<br>ASN for 103.224.212.192: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.192 corresponds with lb-212-192.above.com<br>Abuse.net does not have any reliable address for lb-212-192.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-212-192.above.com abuse@above.com1499087736http://erstaskondal.se/ (103.224.212.192) - Serp-hijackingAttacked url: http://erstaskondal.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 27 Jun 2017 13:46:01 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT%2Fw3RvM%2FjGiD6LRlHG7Z7QvgiP9NZ7UsYylk%2FaQ11HA%2BYjRHDJCWP4h%2BDH4sR4ub980LabE6%2Fs7zzRnncSYu7VWM4%2Byi86HIk9IL4RMWF%2BF2ZojT%2FSeUwdVTzBMWz0w1Sn2o33s1PLYBOsh%2Fc9KLB1dE79hOYV0ihBgSsTyfR4Jn8hV4D44761ernaKwRUG5IVmLunn75YxnWNkNHyJaIMlP0tORKUAMS%2FoW7INKY73Y6Okc%2FfBPVt6fQjvklED6uhF4wkIheFUIVU08RuVUTDDFz9nX2gIZ4r9d4H4z5QeXDXofTbewDIELt1ialJfyLk7%2BkGhtu1MyoGCJQMrLlxNpc%2F39W12x5%2BNTuenicT8MskUUQjMw%2FAsq8TSyUdW4fvMg4cEDQ%2FgFRfTY94x5s9vOk6ax35Uvzt6eO8cEG94JIsBlZKPpHf5bECXNV0bO%2BQBSMcppTBVaTVab6BNV%2BgnnjjIJ9yhzgP%2Bbc2%2FCdrjzDv7Es1yc%2BUI%2F9YfX1JX8zLo8JS%2F8f182NrdPBLw8HKCFAwbCH5zbkA%3D%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: erstaskondal.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 27 Jun 2017 11:46:04 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1498563964.8511578; expires=Fri, 25-Jun-2027 11:46:04 GMT; Max-Age=315360000 <br>Location: http://ww11.erstaskondal.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: erstaskondal.se <br>Referer: http://www.google.com/search?q=erstaskondal.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 27 Jun 2017 11:46:03 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1498563963.6647295; expires=Fri, 25-Jun-2027 11:46:03 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT%2Fw3RvM%2FjGiD6LRlHG7Z7QvgiP9NZ7UsYylk%2FaQ11HA%2BYjRHDJCWP4h%2BDH4sR4ub980LabE6%2Fs7zzRnncSYu7VWM4%2Byi86HIk9IL4RMWF%2BF2ZojT%2FSeUwdVTzBMWz0w1Sn2o33s1PLYBOsh%2Fc9KLB1dE79hOYV0ihBgSsTyfR4Jn8hV4D44761ernaKwRUG5IVmLunn75YxnWNkNHyJaIMlP0tORKUAMS%2FoW7INKY73Y6Okc%2FfBPVt6fQjvklED6uhF4wkIheFUIVU08RuVUTDDFz9nX2gIZ4r9d4H4z5QeXDXofTbewDIELt1ialJfyLk7%2BkGhtu1MyoGCJQMrLlxNpc%2F39W12x5%2BNTuenicT8MskUUQjMw%2FAsq8TSyUdW4fvMg4cEDQ%2FgFRfTY94x5s9vOk6ax35Uvzt6eO8cEG94JIsBlZKPpHf5bECXNV0bO%2BQBSMcppTBVaTVab6BNV%2BgnnjjIJ9yhzgP%2Bbc2%2FCdrjzDv7Es1yc%2BUI%2F9YfX1JX8zLo8JS%2F8f182NrdPBLw8HKCFAwbCH5zbkA%3D%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>erstaskondal.se is on 103.224.212.192<br>ASN for 103.224.212.192: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.192 corresponds with lb-212-192.above.com<br>Abuse.net does not have any reliable address for lb-212-192.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-192.above.com1498637094http://bokaidrott.se/ (103.224.212.192) - Serp-hijackingAttacked url: http://bokaidrott.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 20 Jun 2017 15:10:24 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT4XKo%2Fgxkdz1CUMRvFm0EWZEAfURYFRp7Xv%2BMiBobgVtpGdT3UAv6VCrue5QJx%2B4gkLxolVxnFzaGjtbIYakOyVsLZT8dcNtlJEqIvWDQKJjeArYfIrnGDG1iBqZgif4duKkPSN83ye0ay%2FXnCYVEk1hSQSPXPUDLdGCJctX9BQwEEdetOpsiz59uZZYmt3w1QVVLvkUIu%2BZcBqYfxMUUsZr3TU2RBq6TbH1%2FppF8P3GpFQgQis9mYA0PX1MiOncSVZckQqpxVrJuh7cdVP8Ne0jFj1JbCLtm9Z7jMoP7QIa5%2Fi9WrKs25zC6MbuLyswrBdWfwkGfAn%2FNzaCPPApWvSYSeFLiyL43BsUIdLLgtUhbU6CLeEPNQM514C97O%2FnJSTaGXDnP%2BxOoWowAkxdIM8ROBL59Z9rVY7wjrRW37E3gWI0vGByre%2FCBcG1VpmADsULo1CCZCgygfVbkwDhQW6ICnVVotovuE%2B4xhvwFiyl3Grvk9eUVfUgMaVxogMlXPxNi9zwCM2yM8M1ZFodn7IFOA0ZA0RwGM4o3fgvPz1x <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: bokaidrott.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 20 Jun 2017 13:10:25 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497964225.3848005; expires=Fri, 18-Jun-2027 13:10:25 GMT; Max-Age=315360000 <br>Location: http://ww11.bokaidrott.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: bokaidrott.se <br>Referer: http://www.google.com/search?q=bokaidrott.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 20 Jun 2017 13:10:24 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45-0+deb7u8 <br>Set-Cookie: __tad=1497964224.2687274; expires=Fri, 18-Jun-2027 13:10:24 GMT <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT4XKo%2Fgxkdz1CUMRvFm0EWZEAfURYFRp7Xv%2BMiBobgVtpGdT3UAv6VCrue5QJx%2B4gkLxolVxnFzaGjtbIYakOyVsLZT8dcNtlJEqIvWDQKJjeArYfIrnGDG1iBqZgif4duKkPSN83ye0ay%2FXnCYVEk1hSQSPXPUDLdGCJctX9BQwEEdetOpsiz59uZZYmt3w1QVVLvkUIu%2BZcBqYfxMUUsZr3TU2RBq6TbH1%2FppF8P3GpFQgQis9mYA0PX1MiOncSVZckQqpxVrJuh7cdVP8Ne0jFj1JbCLtm9Z7jMoP7QIa5%2Fi9WrKs25zC6MbuLyswrBdWfwkGfAn%2FNzaCPPApWvSYSeFLiyL43BsUIdLLgtUhbU6CLeEPNQM514C97O%2FnJSTaGXDnP%2BxOoWowAkxdIM8ROBL59Z9rVY7wjrRW37E3gWI0vGByre%2FCBcG1VpmADsULo1CCZCgygfVbkwDhQW6ICnVVotovuE%2B4xhvwFiyl3Grvk9eUVfUgMaVxogMlXPxNi9zwCM2yM8M1ZFodn7IFOA0ZA0RwGM4o3fgvPz1x <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>bokaidrott.se is on 103.224.212.192<br>ASN for 103.224.212.192: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.192 corresponds with lb-212-192.above.com<br>Abuse.net does not have any reliable address for lb-212-192.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-212-192.above.com abuse@above.com1498049862http://idhaonline.se/ (103.224.212.192) - Serp-hijackingAttacked url: http://idhaonline.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Sun, 18 Jun 2017 13:34:11 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT7BA%2F1fJaFPtgv%2B5Y5IgbaZoDCdeIZhx2Bcce%2Fs3bMTbC2esrxNwhihbE6jjKAoHn01Bgnn0nmGmFXj4vwxt6nuyBoPfDPhg9PCIQNaOU4j1cg8Um6b74MutLgETk4rSN7x0Gwq8Hiy57ao1HnHculC%2BJCkxx0RwLwyJLpB1a%2B%2BEjBJNwsSElOhyuXbZKQHc%2FvS1%2FLuS0rttBbHCGN49DJnCgNy%2FPizwCakPwjety%2B5FHq6qRZUy%2BnMGiAjQBq2orp%2FfSrX3n%2FQ0fl1DHDaWHXm%2FpuqmFQtG3Sb6CvAwmK99xodBLOHNFK9Hst5hSEivwu%2FLcF5ok8nEXMVJJyQcLP4ChjluaPoXzN%2F9XSaKAZMnR5sSXlHCQLTz%2F5RbPYvx5CUMQgNHzEZoWu9wk6IS5TjbK3TELKxL05LdCx8yVwP6SM1k66LH8VG1clONxuPLGzH3PIFD0dpExRxxbX2iyjFNW0%2FLylJFSw1CgZAFlG4n%2By7pOxJCmHVao71xlAsbzK6ckUY5vQ7uuMdym7iAjW0Pmgk3KkoDcQ%3D%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: idhaonline.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Sun, 18 Jun 2017 11:34:11 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497785651.4786904; expires=Wed, 16-Jun-2027 11:34:11 GMT; Max-Age=315360000 <br>Location: http://ww11.idhaonline.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: idhaonline.se <br>Referer: http://www.google.com/search?q=idhaonline.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Sun, 18 Jun 2017 11:34:10 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497785650.7103474; expires=Wed, 16-Jun-2027 11:34:10 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT7BA%2F1fJaFPtgv%2B5Y5IgbaZoDCdeIZhx2Bcce%2Fs3bMTbC2esrxNwhihbE6jjKAoHn01Bgnn0nmGmFXj4vwxt6nuyBoPfDPhg9PCIQNaOU4j1cg8Um6b74MutLgETk4rSN7x0Gwq8Hiy57ao1HnHculC%2BJCkxx0RwLwyJLpB1a%2B%2BEjBJNwsSElOhyuXbZKQHc%2FvS1%2FLuS0rttBbHCGN49DJnCgNy%2FPizwCakPwjety%2B5FHq6qRZUy%2BnMGiAjQBq2orp%2FfSrX3n%2FQ0fl1DHDaWHXm%2FpuqmFQtG3Sb6CvAwmK99xodBLOHNFK9Hst5hSEivwu%2FLcF5ok8nEXMVJJyQcLP4ChjluaPoXzN%2F9XSaKAZMnR5sSXlHCQLTz%2F5RbPYvx5CUMQgNHzEZoWu9wk6IS5TjbK3TELKxL05LdCx8yVwP6SM1k66LH8VG1clONxuPLGzH3PIFD0dpExRxxbX2iyjFNW0%2FLylJFSw1CgZAFlG4n%2By7pOxJCmHVao71xlAsbzK6ckUY5vQ7uuMdym7iAjW0Pmgk3KkoDcQ%3D%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>idhaonline.se is on 103.224.212.192<br>ASN for 103.224.212.192: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.192 corresponds with lb-212-192.above.com<br>Abuse.net does not have any reliable address for lb-212-192.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-192.above.com1497853353http://laurelltrains.se/ (103.224.212.192) - Serp-hijackingAttacked url: http://laurelltrains.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Fri, 16 Jun 2017 13:30:42 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT1U1o%2BKUv4rfxph%2FuRiexLlu7UlM%2BngncBpm7iKBDckFXXmi0TrcxUahFP6VjgGTI1Acjy%2FWLgYt1P3eFKF3MtJEIxGD4mgcrkgbyQ7m8bjNxvjgz6EzdhCHdy8HPBGE3KdWgi69hDb9FDiKcF6XzvkfLujVbjS5PDs%2B82aTCiODQ1rZsYqiwYlhhrmYJ7Aw5FtHgiexCY2Fhj77dY1PI87jLR82uLpXvbXQ%2BATVzks3BQOYBazq2p%2BduW2Pi0W7chYYeaanhMoVnD1Ifzr2SFPSdsQGYCnswDtD%2FeQWwaafuW2qKoknqBHBugYOiTg3502poMQ379N20WnJwCyCipCTUh6SczWfUgLpbNR6di8A2TlpvnRWs5eJzRpwYVbozJTnm%2F5b9d8JNbt0MLl8bVdu%2F0PTuMKyvePvBI3xXi3pre8UL%2B9mfWeylDvqAK%2FN0l%2FWeLz32beML4xSLFZaH8YJVKLMPmeKaeUg%2BZS9RDcFDcqlIAHy4iTlQ5NtRJAIWkXObTu6Jg03ZDrZkkSXBe4Dx%2BHruffH4jZD3iuZu7Jvc6%2BDOzO2fho%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: laurelltrains.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Fri, 16 Jun 2017 11:30:42 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497612642.1641462; expires=Mon, 14-Jun-2027 11:30:42 GMT; Max-Age=315360000 <br>Location: http://ww11.laurelltrains.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: laurelltrains.se <br>Referer: http://www.google.com/search?q=laurelltrains.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Fri, 16 Jun 2017 11:30:41 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497612641.2743196; expires=Mon, 14-Jun-2027 11:30:41 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT1U1o%2BKUv4rfxph%2FuRiexLlu7UlM%2BngncBpm7iKBDckFXXmi0TrcxUahFP6VjgGTI1Acjy%2FWLgYt1P3eFKF3MtJEIxGD4mgcrkgbyQ7m8bjNxvjgz6EzdhCHdy8HPBGE3KdWgi69hDb9FDiKcF6XzvkfLujVbjS5PDs%2B82aTCiODQ1rZsYqiwYlhhrmYJ7Aw5FtHgiexCY2Fhj77dY1PI87jLR82uLpXvbXQ%2BATVzks3BQOYBazq2p%2BduW2Pi0W7chYYeaanhMoVnD1Ifzr2SFPSdsQGYCnswDtD%2FeQWwaafuW2qKoknqBHBugYOiTg3502poMQ379N20WnJwCyCipCTUh6SczWfUgLpbNR6di8A2TlpvnRWs5eJzRpwYVbozJTnm%2F5b9d8JNbt0MLl8bVdu%2F0PTuMKyvePvBI3xXi3pre8UL%2B9mfWeylDvqAK%2FN0l%2FWeLz32beML4xSLFZaH8YJVKLMPmeKaeUg%2BZS9RDcFDcqlIAHy4iTlQ5NtRJAIWkXObTu6Jg03ZDrZkkSXBe4Dx%2BHruffH4jZD3iuZu7Jvc6%2BDOzO2fho%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>laurelltrains.se is on 103.224.212.192<br>ASN for 103.224.212.192: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.192 corresponds with lb-212-192.above.com<br>Abuse.net does not have any reliable address for lb-212-192.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-192.above.com1497625768http://thaiambassy.se/ (103.224.212.192) - Serp-hijackingAttacked url: http://thaiambassy.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Fri, 16 Jun 2017 07:04:56 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT1U1o%2BKUv4rfWFI%2FnbZcgOg16M6H89zpRwa7WPvqKGxCto%2BJZVXz3XDtX9JCELcEM2tTM43VVUZ5%2FFl0UHo32rZ8%2FhCJH1qvG6WfzCcseYE%2BvxC3hS0kizd5mFbdvCUAqkkxPLWo7oihbjFxTrgfwoIWHYT1cE%2B%2BFZRASwvCwgjm3yvQ7J%2BL07QLbApa9V4xxLUusFzb1DMwAlI7%2BmnDVdb86jjZG2USvG1k%2FkYnzXNLYeVl0V8P8CUOcfh8xOEm0e0KsJJ3rU7NWrdQ8sS2DVCmRQ5%2FDrgcIE4d25G7zyDmNRCHpcy3Md9tnr00%2BZXdhC8CKJnjq2gfAIcTxEH%2B%2FMiOo%2Fga1%2F3re%2Blgmt96UffWN5cKnhqkoOCBDGv7x6bALHd8801SZdCPmEXD5sG8XU2%2FbrFmc2eFqlz%2FyEogc2grORD9BDgUPyoP00HisZGdAZsZG6LX%2BoHYYGm2xPFKZ2P9R1gXnlvrR9XtYtpS9uub32TuEI7OpAX31VZFAIHCT%2B56Lw2AFUW7082Za%2Fqyci%2FerY43J80%2BTA%3D%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: thaiambassy.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Fri, 16 Jun 2017 05:04:56 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45-0+deb7u8 <br>Set-Cookie: __tad=1497589496.6783221; expires=Mon, 14-Jun-2027 05:04:56 GMT <br>Location: http://ww38.thaiambassy.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: thaiambassy.se <br>Referer: http://www.google.com/search?q=thaiambassy.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Fri, 16 Jun 2017 05:04:55 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497589495.2977338; expires=Mon, 14-Jun-2027 05:04:55 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT1U1o%2BKUv4rfWFI%2FnbZcgOg16M6H89zpRwa7WPvqKGxCto%2BJZVXz3XDtX9JCELcEM2tTM43VVUZ5%2FFl0UHo32rZ8%2FhCJH1qvG6WfzCcseYE%2BvxC3hS0kizd5mFbdvCUAqkkxPLWo7oihbjFxTrgfwoIWHYT1cE%2B%2BFZRASwvCwgjm3yvQ7J%2BL07QLbApa9V4xxLUusFzb1DMwAlI7%2BmnDVdb86jjZG2USvG1k%2FkYnzXNLYeVl0V8P8CUOcfh8xOEm0e0KsJJ3rU7NWrdQ8sS2DVCmRQ5%2FDrgcIE4d25G7zyDmNRCHpcy3Md9tnr00%2BZXdhC8CKJnjq2gfAIcTxEH%2B%2FMiOo%2Fga1%2F3re%2Blgmt96UffWN5cKnhqkoOCBDGv7x6bALHd8801SZdCPmEXD5sG8XU2%2FbrFmc2eFqlz%2FyEogc2grORD9BDgUPyoP00HisZGdAZsZG6LX%2BoHYYGm2xPFKZ2P9R1gXnlvrR9XtYtpS9uub32TuEI7OpAX31VZFAIHCT%2B56Lw2AFUW7082Za%2Fqyci%2FerY43J80%2BTA%3D%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>thaiambassy.se is on 103.224.212.192<br>ASN for 103.224.212.192: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.192 corresponds with lb-212-192.above.com<br>Abuse.net does not have any reliable address for lb-212-192.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-212-192.above.com abuse@above.com1497625621http://wwwhermods.se/ (103.224.212.192) - Serp-hijackingAttacked url: http://wwwhermods.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Thu, 15 Jun 2017 22:35:00 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT1U1o%2BKUv4rfvVUZZAfC26jAfCExO1u5JR0n0q2vvfmfZHbwN7yw%2FESN%2BLItoRrhVeI5%2BX9zNfGLBDJx%2FAXORHuePV1AZITe%2BNQr37QjDVvhJjmFWppdhB3CYiBb%2BI5liLvNYRYs11QHx6CT0FHimIwaPAR2czEM%2BRISm1k6DyHeLiXLVG7vBHhOcGHSANXHWz%2BOMkvh6zXBqP4A8zKK13kv7MVrLz4yFsASpmbTMIX%2Ffss5Y0Q3UvjP4R4YCFq10rjtriBpVLj17CXDAVTG0WWaKlYChh8uO15S1fzS45nNsnVGMVLU0ULdUkR6W9jB8o1h%2F3rooP9D0HmsEhXD%2BjMmD0Wl6WBfHB6FWV1e0z6fl9gW9wH5H0P3j%2Fc84KZxhgMcgfMC%2FEHVcIcjbRs9dmzvkQtN9IqgFi923e8gYAGJLaYA9ycVwoGvcmwoDyivRKSiETa4q4GKxO3zqFYqU36NSz4RRzSG2RdGC9tzeA23Pw%2Br7c8PlGHoiJoGk2Ay80b%2Blq94dlRiksEGrE5KULJPnVIcFZG5c1nQfE7o9%2BgI <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: wwwhermods.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Thu, 15 Jun 2017 20:35:00 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497558900.7684266; expires=Sun, 13-Jun-2027 20:35:00 GMT; Max-Age=315360000 <br>Location: http://ww11.wwwhermods.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: wwwhermods.se <br>Referer: http://www.google.com/search?q=wwwhermods.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Thu, 15 Jun 2017 20:34:59 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45-0+deb7u8 <br>Set-Cookie: __tad=1497558899.4182905; expires=Sun, 13-Jun-2027 20:34:59 GMT <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT1U1o%2BKUv4rfvVUZZAfC26jAfCExO1u5JR0n0q2vvfmfZHbwN7yw%2FESN%2BLItoRrhVeI5%2BX9zNfGLBDJx%2FAXORHuePV1AZITe%2BNQr37QjDVvhJjmFWppdhB3CYiBb%2BI5liLvNYRYs11QHx6CT0FHimIwaPAR2czEM%2BRISm1k6DyHeLiXLVG7vBHhOcGHSANXHWz%2BOMkvh6zXBqP4A8zKK13kv7MVrLz4yFsASpmbTMIX%2Ffss5Y0Q3UvjP4R4YCFq10rjtriBpVLj17CXDAVTG0WWaKlYChh8uO15S1fzS45nNsnVGMVLU0ULdUkR6W9jB8o1h%2F3rooP9D0HmsEhXD%2BjMmD0Wl6WBfHB6FWV1e0z6fl9gW9wH5H0P3j%2Fc84KZxhgMcgfMC%2FEHVcIcjbRs9dmzvkQtN9IqgFi923e8gYAGJLaYA9ycVwoGvcmwoDyivRKSiETa4q4GKxO3zqFYqU36NSz4RRzSG2RdGC9tzeA23Pw%2Br7c8PlGHoiJoGk2Ay80b%2Blq94dlRiksEGrE5KULJPnVIcFZG5c1nQfE7o9%2BgI <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>wwwhermods.se is on 103.224.212.192<br>ASN for 103.224.212.192: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.192 corresponds with lb-212-192.above.com<br>Abuse.net does not have any reliable address for lb-212-192.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-212-192.above.com abuse@above.com1497625166http://wwwbubbelroom.se/ (103.224.212.192) - Serp-hijackingAttacked url: http://wwwbubbelroom.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 13 Jun 2017 03:30:52 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT3gQkIDbz2IDNwm42hD8Uile%2FYBoviWTa9Vc%2BBn37V14DDsz10QWAXbfE9p1yTGC9eljaf8h9alPbCfm1sVbRKYZU%2FGH1TNpNzJ59mRRNQ9gCHjAdW0TI%2FUalyHH58FQFVicYhCQHhwtGCIYZhRJBxHo%2BsPkRtGARkdCByBQK8QPjrGDw%2B8xBdthZoa4P%2B2VAg4MSo2pr7J6AGsFmaKIjtu87a7rkGlT2ydBANiR3Lb%2BcIeTkFLGdhj11wz6W8XtUWtUlVTJm0jmZXIqfb%2FGa6IhU42hFpJgv6r2LcxX8b%2BD2OKNgLko%2F8YRhJwKjvPc4Qmx%2Bp%2FU2%2BRyEMaMPye7jxjbMbSZltHS5nMrBgbvlVt%2FwMC5ApUkwIkTGsLA1zoDOo9NG11nZvmafTGry8qw7Ykn01WbAHj3OrO8tAnmzzAlNKnffj%2B%2F%2Boxg4BrV5ZUxL%2F1P87LqWfrKIj1AlL1YiVWcUZPvkso0hFoA5ffvvfEHxhPDIatXr6g%2FIYdDx2JBCK%2B%2FpyutnXEcdQXsun3HUwcxSB4gAENhOi%2FboLGZuTJbs2YV32qBntU%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: wwwbubbelroom.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 13 Jun 2017 01:31:00 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45-0+deb7u8 <br>Set-Cookie: __tad=1497317460.1628911; expires=Fri, 11-Jun-2027 01:31:00 GMT <br>Location: http://ww11.wwwbubbelroom.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: wwwbubbelroom.se <br>Referer: http://www.google.com/search?q=wwwbubbelroom.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 13 Jun 2017 01:30:59 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497317459.7146470; expires=Fri, 11-Jun-2027 01:30:59 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT3gQkIDbz2IDNwm42hD8Uile%2FYBoviWTa9Vc%2BBn37V14DDsz10QWAXbfE9p1yTGC9eljaf8h9alPbCfm1sVbRKYZU%2FGH1TNpNzJ59mRRNQ9gCHjAdW0TI%2FUalyHH58FQFVicYhCQHhwtGCIYZhRJBxHo%2BsPkRtGARkdCByBQK8QPjrGDw%2B8xBdthZoa4P%2B2VAg4MSo2pr7J6AGsFmaKIjtu87a7rkGlT2ydBANiR3Lb%2BcIeTkFLGdhj11wz6W8XtUWtUlVTJm0jmZXIqfb%2FGa6IhU42hFpJgv6r2LcxX8b%2BD2OKNgLko%2F8YRhJwKjvPc4Qmx%2Bp%2FU2%2BRyEMaMPye7jxjbMbSZltHS5nMrBgbvlVt%2FwMC5ApUkwIkTGsLA1zoDOo9NG11nZvmafTGry8qw7Ykn01WbAHj3OrO8tAnmzzAlNKnffj%2B%2F%2Boxg4BrV5ZUxL%2F1P87LqWfrKIj1AlL1YiVWcUZPvkso0hFoA5ffvvfEHxhPDIatXr6g%2FIYdDx2JBCK%2B%2FpyutnXEcdQXsun3HUwcxSB4gAENhOi%2FboLGZuTJbs2YV32qBntU%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>wwwbubbelroom.se is on 103.224.212.192<br>ASN for 103.224.212.192: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.192 corresponds with lb-212-192.above.com<br>Abuse.net does not have any reliable address for lb-212-192.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-212-192.above.com abuse@above.com1497350387