Säkrare hemsida med .sehttp://miljomlotteriet.se/ (103.224.212.197) - Serp-hijackingAttacked url: http://miljomlotteriet.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 11 Jul 2017 10:39:23 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT8mzzSI%2FqzPKRAcsn2cLte%2FgERNPqGZWN7tLniyCahAS8SFQXi%2Bh5R2VJEx1Xkf5GM65xJJXc33aWOFFFlwWratFtjOQ1QmIoRmMy45QqghL8hv5%2F2zFMYQU68ghlAp%2BkNTid1F2VULpZ6ctC2Jyb8dUvB%2FjzLGbG7qzQQqjQhd2Tdri%2Fm9c6obfmB%2BxT%2FpIoqHlkcdAFe4mL5a0FgNZWIgQtn49Ga8Fy2OUxwAMWt%2BKyV5A%2FbBRXqilpKzrJjWVnzisEo7Ah5hbd6zBuiyN6qZ0hcKOXY3s1I7jw7UQR2E8ncyKyWvjsCHdxz%2Bdg2AM%2BR6bchCb8egiyUCETvGuX29eHK2YkAXGQ9pCbkl4Jzhn1Z8XPRRYgPeeFMT6QJo7j%2B5ThJGPNn5CJmQ2lzAZ%2Fyp6cKYZBB4hdwVabKK1peirly0fawKbJHzjaqpihoX9RKJ2mPvXrZxIjE4Hc5OxXnauu2NpJsoR8OkLCzWgostBWc%2FLvurygBICRSXDdGUQBtT0rbDlN2FCC40SMguauYQoROCoIUyyMW0TheGUJMeV <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: miljomlotteriet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 11 Jul 2017 08:39:30 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499762370.5623066; expires=Fri, 09-Jul-2027 08:39:30 GMT; Max-Age=315360000 <br>Location: http://ww11.miljomlotteriet.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: miljomlotteriet.se <br>Referer: http://www.google.com/search?q=miljomlotteriet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 11 Jul 2017 08:39:29 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499762370.2174154; expires=Fri, 09-Jul-2027 08:39:30 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT8mzzSI%2FqzPKRAcsn2cLte%2FgERNPqGZWN7tLniyCahAS8SFQXi%2Bh5R2VJEx1Xkf5GM65xJJXc33aWOFFFlwWratFtjOQ1QmIoRmMy45QqghL8hv5%2F2zFMYQU68ghlAp%2BkNTid1F2VULpZ6ctC2Jyb8dUvB%2FjzLGbG7qzQQqjQhd2Tdri%2Fm9c6obfmB%2BxT%2FpIoqHlkcdAFe4mL5a0FgNZWIgQtn49Ga8Fy2OUxwAMWt%2BKyV5A%2FbBRXqilpKzrJjWVnzisEo7Ah5hbd6zBuiyN6qZ0hcKOXY3s1I7jw7UQR2E8ncyKyWvjsCHdxz%2Bdg2AM%2BR6bchCb8egiyUCETvGuX29eHK2YkAXGQ9pCbkl4Jzhn1Z8XPRRYgPeeFMT6QJo7j%2B5ThJGPNn5CJmQ2lzAZ%2Fyp6cKYZBB4hdwVabKK1peirly0fawKbJHzjaqpihoX9RKJ2mPvXrZxIjE4Hc5OxXnauu2NpJsoR8OkLCzWgostBWc%2FLvurygBICRSXDdGUQBtT0rbDlN2FCC40SMguauYQoROCoIUyyMW0TheGUJMeV <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>miljomlotteriet.se is on 103.224.212.197<br>ASN for 103.224.212.197: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.197 corresponds with lb-212-197.above.com<br>Abuse.net does not have any reliable address for lb-212-197.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-197.above.com1499843205http://specsawer.se/ (103.224.212.197) - Serp-hijackingAttacked url: http://specsawer.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 04 Jul 2017 07:40:06 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoTyhEAxOsUZ48YLSBJ2BBhJ%2BtrndEtlfuhG4pwUsu9xrx7cgBQs2pexGtu4RJIDOWGi00qrGkyfiVQ9BOurz1XdBx%2B8gXn8Kl1zIEiUWukFT5zD%2BMzT2rY55858o3WGl3JsI0nnwOC0hsupO19yI6lJa8CdeI8sUN8sKyaznTPG4La2wk2CstlveS58eEXGGAei0Fy8dKoF8iz0ThMjZoVITFcRfnAxzq0YSpu0%2BiizIb3obYxeqCHLBWomQPW8U3%2FuZXfeB5qsPZ6uU%2FWPAVstNQJedINkcZeP9xF18yCC2rtwGA6%2Bvi3VIPhMr09bjEOF07Ed4gGH5FuyTGsEW2hcxUEqXM3EpkDwPOVzLijha0SP6xyaBCWhNdtDDiF9IRQIHwWhleYuwW8xs5nr%2FXokJlePbBdauwPfV%2FgxF40nUA9w%2FNqdaxazDq2RyTPcfuG2waewuyTvFY9fNUuI1n19eSAq5AQhs%2B0IUALyVjUG8osSqiahCprnUoHd7l%2FTbn6EjelpNVwQqGj92HVrzNjH0%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: specsawer.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 04 Jul 2017 05:40:11 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499146811.1982452; expires=Fri, 02-Jul-2027 05:40:11 GMT; Max-Age=315360000 <br>Location: http://ww11.specsawer.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: specsawer.se <br>Referer: http://www.google.com/search?q=specsawer.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 04 Jul 2017 05:40:10 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499146810.8323291; expires=Fri, 02-Jul-2027 05:40:10 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoTyhEAxOsUZ48YLSBJ2BBhJ%2BtrndEtlfuhG4pwUsu9xrx7cgBQs2pexGtu4RJIDOWGi00qrGkyfiVQ9BOurz1XdBx%2B8gXn8Kl1zIEiUWukFT5zD%2BMzT2rY55858o3WGl3JsI0nnwOC0hsupO19yI6lJa8CdeI8sUN8sKyaznTPG4La2wk2CstlveS58eEXGGAei0Fy8dKoF8iz0ThMjZoVITFcRfnAxzq0YSpu0%2BiizIb3obYxeqCHLBWomQPW8U3%2FuZXfeB5qsPZ6uU%2FWPAVstNQJedINkcZeP9xF18yCC2rtwGA6%2Bvi3VIPhMr09bjEOF07Ed4gGH5FuyTGsEW2hcxUEqXM3EpkDwPOVzLijha0SP6xyaBCWhNdtDDiF9IRQIHwWhleYuwW8xs5nr%2FXokJlePbBdauwPfV%2FgxF40nUA9w%2FNqdaxazDq2RyTPcfuG2waewuyTvFY9fNUuI1n19eSAq5AQhs%2B0IUALyVjUG8osSqiahCprnUoHd7l%2FTbn6EjelpNVwQqGj92HVrzNjH0%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>specsawer.se is on 103.224.212.197<br>ASN for 103.224.212.197: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.197 corresponds with lb-212-197.above.com<br>Abuse.net does not have any reliable address for lb-212-197.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-197.above.com1499173308http://handm.se/ (103.224.212.197) - Serp-hijackingAttacked url: http://handm.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 04 Jul 2017 05:05:55 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoTyhEAxOsUZ48RmAdbh4vCz%2BBAMZg48CX4mtIbgYXlsZeFB949unFPmYyzA7bFlgDn6S1NpJz0YObL0aVAd81PhybyHtRv7AeFRBBBlECgTj5vdjHVHrZLMXvdK6E%2Fat4aJw05L5bw7YF%2BrSfTZEVRbv9tpphDJYR%2Bic2y4t54326v%2BDRodVfUXZI7rsXs1nj9kmTrbDR%2BgiapRyAOfM04Su9Mg907eS83s2d3n1R7hg8Qepq%2FNbJPil%2BXDFr%2Fdx8AfkdD5xZhBC7QpxsHWrY8QZpjDQ0RNbV4x75bp7wlX%2BM5Q17JRueHA4%2FhuEwRlVnssY4fcbTvAJ37jeT%2F410iQDLD7a1g4IVjhxGyiseeMDa1jfn26T2iiakSrCi04YsamgaL7UGu4rrjBDMJFOgMo7WDSsngN8gDHrSB81WopBcs2yu0Trd8M9Gtwxv4xXjz7WKzMZsi%2FMJTg2pY4fUO2qdoM1jlQb1RsyYUBZ7oh%2FNaGRq88qTNuQFTBWqxR9%2BCL5HusfHiymR <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: handm.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 04 Jul 2017 03:06:00 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499137560.4879849; expires=Fri, 02-Jul-2027 03:06:00 GMT; Max-Age=315360000 <br>Location: http://ww38.handm.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: handm.se <br>Referer: http://www.google.com/search?q=handm.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Tue, 04 Jul 2017 03:05:59 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499137560.2974674; expires=Fri, 02-Jul-2027 03:06:00 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoTyhEAxOsUZ48RmAdbh4vCz%2BBAMZg48CX4mtIbgYXlsZeFB949unFPmYyzA7bFlgDn6S1NpJz0YObL0aVAd81PhybyHtRv7AeFRBBBlECgTj5vdjHVHrZLMXvdK6E%2Fat4aJw05L5bw7YF%2BrSfTZEVRbv9tpphDJYR%2Bic2y4t54326v%2BDRodVfUXZI7rsXs1nj9kmTrbDR%2BgiapRyAOfM04Su9Mg907eS83s2d3n1R7hg8Qepq%2FNbJPil%2BXDFr%2Fdx8AfkdD5xZhBC7QpxsHWrY8QZpjDQ0RNbV4x75bp7wlX%2BM5Q17JRueHA4%2FhuEwRlVnssY4fcbTvAJ37jeT%2F410iQDLD7a1g4IVjhxGyiseeMDa1jfn26T2iiakSrCi04YsamgaL7UGu4rrjBDMJFOgMo7WDSsngN8gDHrSB81WopBcs2yu0Trd8M9Gtwxv4xXjz7WKzMZsi%2FMJTg2pY4fUO2qdoM1jlQb1RsyYUBZ7oh%2FNaGRq88qTNuQFTBWqxR9%2BCL5HusfHiymR <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>handm.se is on 103.224.212.197<br>ASN for 103.224.212.197: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.197 corresponds with lb-212-197.above.com<br>Abuse.net does not have any reliable address for lb-212-197.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-197.above.com1499173300http://letta.se/ (103.224.212.197) - Serp-hijackingAttacked url: http://letta.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 03 Jul 2017 13:09:54 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT4H%2FTForGCHA3zQZdGZuO%2Fib0dRlNnsEjQBelTuKX%2FEXi2c4dowCqanCihZBJWK1IKsfAQnpo4WSMWztkOH3%2BnB2PUAJi5t5EotsWZtamJ5rlp5WvcbslVqZ4%2Br%2Fy1uOrMYOl%2F7%2Fh1If2lpYqRrxrYydzmvtVicD7m0QNCxH6Tslxm4JX4H7EU%2BS6AKqze80iENH1YRr3veXkSulx3%2BFY52nx%2BGq0f0FD6JZec9crXDJvx79YHrKc%2BCjcGO1J3%2F11tYVdbOB7VchuiRDoWr%2FNhkJThCrjL5mT2033tzi4KqUrlzcCuAYtyCXqgu%2B%2F9kRHyW5W6boIMYg2y0ewPfbisdWbdy4CiduXjBwvwsxtV8lUu45i6W8hnCKDtLEEWladC8dxtU7tXyY34Bk%2FUyDEbvFuEplLcx9begAULstmH1u%2BfDJTfnCDs3K7scmrzACB9STwAkRmIOWqXlb9bE2HNNNU053KT%2FY%2FjDehCYg%2Fd%2Fk4LFEUACt1874xI7EHaNcJPAvU0FxYJJX <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: letta.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 03 Jul 2017 11:09:59 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499080199.7822184; expires=Thu, 01-Jul-2027 11:09:59 GMT; Max-Age=315360000 <br>Location: http://ww11.letta.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: letta.se <br>Referer: http://www.google.com/search?q=letta.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 03 Jul 2017 11:09:58 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499080198.3636473; expires=Thu, 01-Jul-2027 11:09:58 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT4H%2FTForGCHA3zQZdGZuO%2Fib0dRlNnsEjQBelTuKX%2FEXi2c4dowCqanCihZBJWK1IKsfAQnpo4WSMWztkOH3%2BnB2PUAJi5t5EotsWZtamJ5rlp5WvcbslVqZ4%2Br%2Fy1uOrMYOl%2F7%2Fh1If2lpYqRrxrYydzmvtVicD7m0QNCxH6Tslxm4JX4H7EU%2BS6AKqze80iENH1YRr3veXkSulx3%2BFY52nx%2BGq0f0FD6JZec9crXDJvx79YHrKc%2BCjcGO1J3%2F11tYVdbOB7VchuiRDoWr%2FNhkJThCrjL5mT2033tzi4KqUrlzcCuAYtyCXqgu%2B%2F9kRHyW5W6boIMYg2y0ewPfbisdWbdy4CiduXjBwvwsxtV8lUu45i6W8hnCKDtLEEWladC8dxtU7tXyY34Bk%2FUyDEbvFuEplLcx9begAULstmH1u%2BfDJTfnCDs3K7scmrzACB9STwAkRmIOWqXlb9bE2HNNNU053KT%2FY%2FjDehCYg%2Fd%2Fk4LFEUACt1874xI7EHaNcJPAvU0FxYJJX <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>letta.se is on 103.224.212.197<br>ASN for 103.224.212.197: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.197 corresponds with lb-212-197.above.com<br>Abuse.net does not have any reliable address for lb-212-197.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-197.above.com1499087732http://pitratebay.se/ (103.224.212.197) - Serp-hijackingAttacked url: http://pitratebay.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 03 Jul 2017 09:48:15 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT4H%2FTForGCHAqUXvHsEtqY5HIbPcISZvOk8me9JRJ3HVqqrDq4jk0Xz2tObcBWu5ps%2F%2FeJn4OEKOS5DU2S7LL9xJm61G2NgWDW%2Bo4edRlwfsGBqZWMDDk3b7hI8LEuoFslC0kuCISZUm6KZc2dgpcYe%2BzjSVsdy8H%2BKSKRV3uHxy7rV8EhuM3flVanyu6rlLtDh%2FPoOdhYbraevBY3Ktgori%2BMJR89lwJ9ZxOx1o%2FGXvtMKrLZwa2d2nIlTtWU%2BJTQWf9GfQZuIqno36V6pyJk%2FggnkiLtG7huupJ8MECB7jULm%2ByMjcLS8jJweSrIn0vFL6J8nMdQMRKseN5yLkUDMzJrHcxiWtJFC32WwcI38mtA5A7vhM49VjdYzJ8LTKMfCYVBiKQxb7RMKFzMr%2Bf17efBK1K0WzVoeKmN%2FMWb%2BX%2F10%2BWplG70QyRUPWZ1MxYHe6GIxSW8hI2lMSqZOBqsnfQ7vsWy7eQplZY0aZYd5he3Kado%2FpVliw6zxMf64GJu0HrjGC02%2FU9kzGUGs%2B852EnzdyfOqmxPuS%2F1lbBigYOEpYzJQUfs8%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: pitratebay.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 03 Jul 2017 07:48:20 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499068100.5587337; expires=Thu, 01-Jul-2027 07:48:20 GMT; Max-Age=315360000 <br>Location: http://ww38.pitratebay.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: pitratebay.se <br>Referer: http://www.google.com/search?q=pitratebay.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 03 Jul 2017 07:48:19 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499068099.3479449; expires=Thu, 01-Jul-2027 07:48:19 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT4H%2FTForGCHAqUXvHsEtqY5HIbPcISZvOk8me9JRJ3HVqqrDq4jk0Xz2tObcBWu5ps%2F%2FeJn4OEKOS5DU2S7LL9xJm61G2NgWDW%2Bo4edRlwfsGBqZWMDDk3b7hI8LEuoFslC0kuCISZUm6KZc2dgpcYe%2BzjSVsdy8H%2BKSKRV3uHxy7rV8EhuM3flVanyu6rlLtDh%2FPoOdhYbraevBY3Ktgori%2BMJR89lwJ9ZxOx1o%2FGXvtMKrLZwa2d2nIlTtWU%2BJTQWf9GfQZuIqno36V6pyJk%2FggnkiLtG7huupJ8MECB7jULm%2ByMjcLS8jJweSrIn0vFL6J8nMdQMRKseN5yLkUDMzJrHcxiWtJFC32WwcI38mtA5A7vhM49VjdYzJ8LTKMfCYVBiKQxb7RMKFzMr%2Bf17efBK1K0WzVoeKmN%2FMWb%2BX%2F10%2BWplG70QyRUPWZ1MxYHe6GIxSW8hI2lMSqZOBqsnfQ7vsWy7eQplZY0aZYd5he3Kado%2FpVliw6zxMf64GJu0HrjGC02%2FU9kzGUGs%2B852EnzdyfOqmxPuS%2F1lbBigYOEpYzJQUfs8%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>pitratebay.se is on 103.224.212.197<br>ASN for 103.224.212.197: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.197 corresponds with lb-212-197.above.com<br>Abuse.net does not have any reliable address for lb-212-197.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-212-197.above.com abuse@above.com1499087720http://ftritidsresor.se/ (103.224.212.197) - Serp-hijackingAttacked url: http://ftritidsresor.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 03 Jul 2017 02:10:01 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT4H%2FTForGCHAeJJch%2BcYtfAf4ukrifCyL6HUWHqegQP7FiG5DQNi1bZZrmlk9l%2BfqCycmhHlB4HX9VXKq9%2BgpC9eikYqVHxBRevqdFmZHPNHLD9wp0U%2FjWqApv4%2F03l0bwvnZ%2B%2FU7IF3T8X2o5%2Bm%2FCoNB2dDzYJfbK0KxmIedFTPS%2F3uctpX21XiFWolsAQH48HPQ5L9lBGjTxGQcr62WfqPPKdyZMOlva9KWeWUz6xWuVwdrhV2HdhIbr%2BHbW0SCh0rfro%2FugNqo%2BE41UJ4%2B%2FmojvS0X%2F0N%2BuF5O775vHI%2FXue0ZwtL8A721qqTihkh%2B4HAHgGRoyY3nX3JloHLbDSznZmsfp9TWVMAgno%2BN4878JgXXlWIpQea3D1nka%2ByHh5nUfczLaOIqRyuLsElby08RfdHmVtpGHes1BNyyOy4lUGyXDbCYclT5cTtKXnQZkQsbmV9xElOGkfpj5YbQS711YG7VoN5buSplXAt6jq2yP7x%2BAXa%2FFZMczJQ50AOACrqLay4R7ykryR0h0sATt1583K1h%2F%2Fk6eN2wwdqWrmh <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: ftritidsresor.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 03 Jul 2017 00:10:06 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499040606.7555338; expires=Thu, 01-Jul-2027 00:10:06 GMT; Max-Age=315360000 <br>Location: http://ww11.ftritidsresor.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: ftritidsresor.se <br>Referer: http://www.google.com/search?q=ftritidsresor.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 03 Jul 2017 00:10:06 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499040606.5254938; expires=Thu, 01-Jul-2027 00:10:06 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT4H%2FTForGCHAeJJch%2BcYtfAf4ukrifCyL6HUWHqegQP7FiG5DQNi1bZZrmlk9l%2BfqCycmhHlB4HX9VXKq9%2BgpC9eikYqVHxBRevqdFmZHPNHLD9wp0U%2FjWqApv4%2F03l0bwvnZ%2B%2FU7IF3T8X2o5%2Bm%2FCoNB2dDzYJfbK0KxmIedFTPS%2F3uctpX21XiFWolsAQH48HPQ5L9lBGjTxGQcr62WfqPPKdyZMOlva9KWeWUz6xWuVwdrhV2HdhIbr%2BHbW0SCh0rfro%2FugNqo%2BE41UJ4%2B%2FmojvS0X%2F0N%2BuF5O775vHI%2FXue0ZwtL8A721qqTihkh%2B4HAHgGRoyY3nX3JloHLbDSznZmsfp9TWVMAgno%2BN4878JgXXlWIpQea3D1nka%2ByHh5nUfczLaOIqRyuLsElby08RfdHmVtpGHes1BNyyOy4lUGyXDbCYclT5cTtKXnQZkQsbmV9xElOGkfpj5YbQS711YG7VoN5buSplXAt6jq2yP7x%2BAXa%2FFZMczJQ50AOACrqLay4R7ykryR0h0sATt1583K1h%2F%2Fk6eN2wwdqWrmh <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>ftritidsresor.se is on 103.224.212.197<br>ASN for 103.224.212.197: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.197 corresponds with lb-212-197.above.com<br>Abuse.net does not have any reliable address for lb-212-197.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-212-197.above.com abuse@above.com1499087672http://diables.se/ (103.224.212.197) - Serp-hijackingAttacked url: http://diables.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Sun, 02 Jul 2017 23:10:32 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT4H%2FTForGCHAzhn%2B8LQeMnVYhOQV1hzuwqdXMUij%2BbJpa4Tp5CBaTTj7DWS2J8vRC%2Bod2zB2OoSJ5XSoeCcCjjfESvouL3NLIdfeT3JG4lbUL%2BMpuB3eRII74LXnzRMxKGncb3pvmUw4v007TFUBMHlVrP2V1W%2BDbDBaYfn%2FHg4meGG7QzAjRtA1eljQy%2F4r8KyH4dWJPw9psyH7%2BwoAKqOTq0V6qoGfy2Ls3JHCRvUH%2FgJfzcsFNPV1OsABmPFoiliWtbq2CnxES4TlcuOuXAgtZaXa%2Bguidif7r7D3euIEtyQGcf37KZsBsuoELdIp311XE%2BBi9g0i%2Fkz2WnPG98hjMRj3WOTf%2Fg503TLXt%2FivTaeJ7Ab0J8KSUvfPlsMuIBZfBtIe4xYH2dQANWBJt2m0nafozsQ76QI5zkxSvKZrDP8%2BIVnKQi8Llem1p%2BqC3eleMzQ6xXzkf%2BOSgC0VhFjPAlx%2FCKYJStmSzlVcxZ2Ej5I5XfOdUsfE9%2BC3jq2R1%2FqSY3XsayUS <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: diables.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Sun, 02 Jul 2017 21:10:37 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499029837.6690594; expires=Wed, 30-Jun-2027 21:10:37 GMT; Max-Age=315360000 <br>Location: http://ww11.diables.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: diables.se <br>Referer: http://www.google.com/search?q=diables.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Sun, 02 Jul 2017 21:10:36 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1499029836.6796675; expires=Wed, 30-Jun-2027 21:10:36 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT4H%2FTForGCHAzhn%2B8LQeMnVYhOQV1hzuwqdXMUij%2BbJpa4Tp5CBaTTj7DWS2J8vRC%2Bod2zB2OoSJ5XSoeCcCjjfESvouL3NLIdfeT3JG4lbUL%2BMpuB3eRII74LXnzRMxKGncb3pvmUw4v007TFUBMHlVrP2V1W%2BDbDBaYfn%2FHg4meGG7QzAjRtA1eljQy%2F4r8KyH4dWJPw9psyH7%2BwoAKqOTq0V6qoGfy2Ls3JHCRvUH%2FgJfzcsFNPV1OsABmPFoiliWtbq2CnxES4TlcuOuXAgtZaXa%2Bguidif7r7D3euIEtyQGcf37KZsBsuoELdIp311XE%2BBi9g0i%2Fkz2WnPG98hjMRj3WOTf%2Fg503TLXt%2FivTaeJ7Ab0J8KSUvfPlsMuIBZfBtIe4xYH2dQANWBJt2m0nafozsQ76QI5zkxSvKZrDP8%2BIVnKQi8Llem1p%2BqC3eleMzQ6xXzkf%2BOSgC0VhFjPAlx%2FCKYJStmSzlVcxZ2Ej5I5XfOdUsfE9%2BC3jq2R1%2FqSY3XsayUS <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>diables.se is on 103.224.212.197<br>ASN for 103.224.212.197: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.197 corresponds with lb-212-197.above.com<br>Abuse.net does not have any reliable address for lb-212-197.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-212-197.above.com abuse@above.com1499087658http://pop-corntime.se/ (103.224.212.197) - Serp-hijackingAttacked url: http://pop-corntime.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 28 Jun 2017 05:54:44 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT52gR5xz5JzTt6HZ0RsjFD5crYltt3bs9jj8RABUkPmFhJjduoVEsqf497pMWVOzCW44XHDi6F4bdD%2F5B%2FjWiprFYHwvpK0LUxCXCl8UwS6%2FxK7VyNuF1XswPqU5pCBsHIGprRbULMxKdbF%2FkPlYnBt8Lrk4amJqmfxz9nc4cnNTSjDW8FuVLA63DULO6mBKOP9Bmjc%2Ba3FXrSzizs1X6lRagkAuwnZ9lj6g42wrTkfMXIdZg2%2FgYeRdbzqiZk5HohltZur8E%2F0HZ9NV54WxhohuZioyLjYOplFX%2BnGhUjj8F3ScuQZ3%2B0zhCuw2AzkFT85pYwAEvb9nIhCZ%2BD3y62OOjNlTU1ysCDSlfSybKkkhCUAwro%2BkXsBvB0JrskrwfDLx1KsvuOAne%2B6TRkgbLskhYE5Bpc9Lya93vtj0IR5Miw%2BA6zSyWympTJ21FUxjDkaRPo0PhU9bsLb4WROgEc9ZL3G1JX5JZP2uo2D8qpvDex1CSWrbLTzQRyovozXR%2F5r1IhJitj%2FpPEUEbzEpPbWvo%2B6RsRq0x5MjnQ2DEku7 <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: pop-corntime.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Wed, 28 Jun 2017 03:54:44 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1498622084.2707395; expires=Sat, 26-Jun-2027 03:54:44 GMT; Max-Age=315360000 <br>Location: http://ww11.pop-corntime.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: pop-corntime.se <br>Referer: http://www.google.com/search?q=pop-corntime.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Wed, 28 Jun 2017 03:54:43 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1498622083.2315527; expires=Sat, 26-Jun-2027 03:54:43 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT52gR5xz5JzTt6HZ0RsjFD5crYltt3bs9jj8RABUkPmFhJjduoVEsqf497pMWVOzCW44XHDi6F4bdD%2F5B%2FjWiprFYHwvpK0LUxCXCl8UwS6%2FxK7VyNuF1XswPqU5pCBsHIGprRbULMxKdbF%2FkPlYnBt8Lrk4amJqmfxz9nc4cnNTSjDW8FuVLA63DULO6mBKOP9Bmjc%2Ba3FXrSzizs1X6lRagkAuwnZ9lj6g42wrTkfMXIdZg2%2FgYeRdbzqiZk5HohltZur8E%2F0HZ9NV54WxhohuZioyLjYOplFX%2BnGhUjj8F3ScuQZ3%2B0zhCuw2AzkFT85pYwAEvb9nIhCZ%2BD3y62OOjNlTU1ysCDSlfSybKkkhCUAwro%2BkXsBvB0JrskrwfDLx1KsvuOAne%2B6TRkgbLskhYE5Bpc9Lya93vtj0IR5Miw%2BA6zSyWympTJ21FUxjDkaRPo0PhU9bsLb4WROgEc9ZL3G1JX5JZP2uo2D8qpvDex1CSWrbLTzQRyovozXR%2F5r1IhJitj%2FpPEUEbzEpPbWvo%2B6RsRq0x5MjnQ2DEku7 <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>pop-corntime.se is on 103.224.212.197<br>ASN for 103.224.212.197: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.197 corresponds with lb-212-197.above.com<br>Abuse.net does not have any reliable address for lb-212-197.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-197.above.com1498637359http://synpnymer.se/ (103.224.212.197) - Serp-hijackingAttacked url: http://synpnymer.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 26 Jun 2017 04:08:47 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT6sSzkBksKiZD8W40BUBh2U%2F6V1jnZ63bVYBlHjZGpF5BMA8i2hdRLHN%2BaB%2FE%2F6gxMnKbKAwguGlHlVUmZbi%2F8YEFyOP2hAVNlr0FtrK%2Fkn%2B%2Boz5Hl7CQcszqlPzRr42Id%2BtsluQiaOipBWirkhe749gN%2Fufqv89cKh5pnw7z8%2FP6JROgccLBzCHzT%2FTSbPy4ftJZbae9o9%2F8M8jLt7QjWmgvS5abtToZ%2BjMrXmJzsbGn0P4ykVSM7erEcSB0gxr0YTKgoi7N9mS8htSvt5HypHCm%2FeD0TADGTfEukfwDgBFMbUl1afuSIwqt5dMBm2opkcJR5Ev3fkLqEz74%2Fk2MZ48JqgwpwyofP8h3cn9e8drmcAQBrGgi27PuCpUrLmOYfnM05%2FyJ8LZ3ywNyJoby7IcqvNQj%2FY5MJ0IeRlY2cYLmn7T%2FqsKkUMDm8zxO6wKC%2FrO6FQl2GNUNtzA7gYsR163tSWYzEcr4QjiwLs8LApArOi03XUHeP9epFDZ6Oqtmr9%2FFj1jxtoYs%2BWsXbfK3Ws%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: synpnymer.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 26 Jun 2017 02:08:47 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1498442927.8882701; expires=Thu, 24-Jun-2027 02:08:47 GMT; Max-Age=315360000 <br>Location: http://ww38.synpnymer.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: synpnymer.se <br>Referer: http://www.google.com/search?q=synpnymer.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 26 Jun 2017 02:08:46 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1498442926.6769749; expires=Thu, 24-Jun-2027 02:08:46 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT6sSzkBksKiZD8W40BUBh2U%2F6V1jnZ63bVYBlHjZGpF5BMA8i2hdRLHN%2BaB%2FE%2F6gxMnKbKAwguGlHlVUmZbi%2F8YEFyOP2hAVNlr0FtrK%2Fkn%2B%2Boz5Hl7CQcszqlPzRr42Id%2BtsluQiaOipBWirkhe749gN%2Fufqv89cKh5pnw7z8%2FP6JROgccLBzCHzT%2FTSbPy4ftJZbae9o9%2F8M8jLt7QjWmgvS5abtToZ%2BjMrXmJzsbGn0P4ykVSM7erEcSB0gxr0YTKgoi7N9mS8htSvt5HypHCm%2FeD0TADGTfEukfwDgBFMbUl1afuSIwqt5dMBm2opkcJR5Ev3fkLqEz74%2Fk2MZ48JqgwpwyofP8h3cn9e8drmcAQBrGgi27PuCpUrLmOYfnM05%2FyJ8LZ3ywNyJoby7IcqvNQj%2FY5MJ0IeRlY2cYLmn7T%2FqsKkUMDm8zxO6wKC%2FrO6FQl2GNUNtzA7gYsR163tSWYzEcr4QjiwLs8LApArOi03XUHeP9epFDZ6Oqtmr9%2FFj1jxtoYs%2BWsXbfK3Ws%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>synpnymer.se is on 103.224.212.197<br>ASN for 103.224.212.197: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.197 corresponds with lb-212-197.above.com<br>Abuse.net does not have any reliable address for lb-212-197.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-197.above.com1498482256http://ftritidsresor.se/ (103.224.212.197) - Serp-hijackingAttacked url: http://ftritidsresor.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 19 Jun 2017 21:46:45 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT4XKo%2Fgxkdz1Ob7AIytleo7r%2B4l7oFVM7btL7NKjrhHy0VisLWPmQ2b2p%2B8JsnaRNy%2B5qhhBXnwMv1GLPtk0PTw4r0wMotKNCag0Jyf%2F5ZCiieBxu6kp938xk3UZAbmqQJEnMUlKsvjgswbiZVwUpl2ndnncCcaKQVo3za5WCsmjZDiyGMS%2BYPJMAaPt70UKZE9roLeceaGotGUJkqaPuYRf1lDeluBVmENmzZn39DOR1Lllw8FEGXKQzVzhu7mySmgzXVW%2FCpF9cha4qCYMsGq4W7Iqh5JJojW1aPd7SarY7Lo8Pg6jmXaFMpcxPQWsGTCJ23703uRlOejjaV6AKqGdcv2qmnX9Z1m1HByMSIAJCN%2BqMMwBwzFSDs81NMgcnS3oE3HXCGq6NEC4zsyJIf1tqO2zG%2F%2BwXZqJjwkHX%2B3xr4OMy5vwCHFcZKjnMYRKgZZP7RFvQMZiARqzlBZ6gN%2BbjkJHkWKtug0mHsuTT4cY%2FuOAHo0PNYIWXo9Dhj8NPBA0z11RNLqy9%2Fv4GBA52A%2B00YWRnIm8jc1eblqShCEU <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: ftritidsresor.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 19 Jun 2017 19:46:46 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497901606.7370886; expires=Thu, 17-Jun-2027 19:46:46 GMT; Max-Age=315360000 <br>Location: http://ww11.ftritidsresor.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: ftritidsresor.se <br>Referer: http://www.google.com/search?q=ftritidsresor.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 19 Jun 2017 19:46:45 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497901605.1797504; expires=Thu, 17-Jun-2027 19:46:45 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT4XKo%2Fgxkdz1Ob7AIytleo7r%2B4l7oFVM7btL7NKjrhHy0VisLWPmQ2b2p%2B8JsnaRNy%2B5qhhBXnwMv1GLPtk0PTw4r0wMotKNCag0Jyf%2F5ZCiieBxu6kp938xk3UZAbmqQJEnMUlKsvjgswbiZVwUpl2ndnncCcaKQVo3za5WCsmjZDiyGMS%2BYPJMAaPt70UKZE9roLeceaGotGUJkqaPuYRf1lDeluBVmENmzZn39DOR1Lllw8FEGXKQzVzhu7mySmgzXVW%2FCpF9cha4qCYMsGq4W7Iqh5JJojW1aPd7SarY7Lo8Pg6jmXaFMpcxPQWsGTCJ23703uRlOejjaV6AKqGdcv2qmnX9Z1m1HByMSIAJCN%2BqMMwBwzFSDs81NMgcnS3oE3HXCGq6NEC4zsyJIf1tqO2zG%2F%2BwXZqJjwkHX%2B3xr4OMy5vwCHFcZKjnMYRKgZZP7RFvQMZiARqzlBZ6gN%2BbjkJHkWKtug0mHsuTT4cY%2FuOAHo0PNYIWXo9Dhj8NPBA0z11RNLqy9%2Fv4GBA52A%2B00YWRnIm8jc1eblqShCEU <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>ftritidsresor.se is on 103.224.212.197<br>ASN for 103.224.212.197: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.197 corresponds with lb-212-197.above.com<br>Abuse.net does not have any reliable address for lb-212-197.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-212-197.above.com abuse@above.com1497970340http://apoketet.se/ (103.224.212.197) - Serp-hijackingAttacked url: http://apoketet.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Sun, 18 Jun 2017 14:18:46 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT7BA%2F1fJaFPt8rxsYeQ6oG1MdlzbD6Ze%2BffHRAyfJf1zeuDVLHOwNZJDicHzTgQoihTXng5MLMNt%2Fp0X31uMCgwJAfflYrUDALxeu60PURz1qDiC7gyW9UZw%2F2Yx8eS9He%2BoUTU%2FKRey0UdTFkI3Xv4n8SRVsAmgBm8W1TWOUxsD%2BYXdSov10XyOQ6kxBe40cQeiBSutz7osU%2Fq%2FK4%2FC62hXeAXs3Wxu9XCLuu9xwlYvXOp9zC7zoeAcqE7TuCJkbLbLgB924b1dP%2BVVngEBZjiGxsCmLRwplmecaVl4J56grTROT%2FBkM27OquHa1md1bfDsIcZiaG2pamP85%2Bpypq5vun303VMIONex4yT47GJ37%2Bd9rvcX6oW59L90ICal2xNfs6L1715uPeWxiXjpiStnv9BjCnxmCVatag9QvI9nZ7WRbT5hERhCDHVNnj6dR1350R84n6Y6RElZS8D3hI8EH8Px6y854uW%2FFvLB3GvE9J%2Be0htsOyRNDg6hDrMAAkSCmC8H%2FW6z0B%2B84F5a1xg%3D <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: apoketet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Sun, 18 Jun 2017 12:18:46 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497788326.2990820; expires=Wed, 16-Jun-2027 12:18:46 GMT; Max-Age=315360000 <br>Location: http://ww11.apoketet.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: apoketet.se <br>Referer: http://www.google.com/search?q=apoketet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Sun, 18 Jun 2017 12:18:45 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497788325.4948621; expires=Wed, 16-Jun-2027 12:18:45 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT7BA%2F1fJaFPt8rxsYeQ6oG1MdlzbD6Ze%2BffHRAyfJf1zeuDVLHOwNZJDicHzTgQoihTXng5MLMNt%2Fp0X31uMCgwJAfflYrUDALxeu60PURz1qDiC7gyW9UZw%2F2Yx8eS9He%2BoUTU%2FKRey0UdTFkI3Xv4n8SRVsAmgBm8W1TWOUxsD%2BYXdSov10XyOQ6kxBe40cQeiBSutz7osU%2Fq%2FK4%2FC62hXeAXs3Wxu9XCLuu9xwlYvXOp9zC7zoeAcqE7TuCJkbLbLgB924b1dP%2BVVngEBZjiGxsCmLRwplmecaVl4J56grTROT%2FBkM27OquHa1md1bfDsIcZiaG2pamP85%2Bpypq5vun303VMIONex4yT47GJ37%2Bd9rvcX6oW59L90ICal2xNfs6L1715uPeWxiXjpiStnv9BjCnxmCVatag9QvI9nZ7WRbT5hERhCDHVNnj6dR1350R84n6Y6RElZS8D3hI8EH8Px6y854uW%2FFvLB3GvE9J%2Be0htsOyRNDg6hDrMAAkSCmC8H%2FW6z0B%2B84F5a1xg%3D <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>apoketet.se is on 103.224.212.197<br>ASN for 103.224.212.197: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.197 corresponds with lb-212-197.above.com<br>Abuse.net does not have any reliable address for lb-212-197.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-197.above.com1497853369http://ratslt.se/ (103.224.212.197) - Serp-hijackingAttacked url: http://ratslt.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Fri, 16 Jun 2017 06:08:28 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT1U1o%2BKUv4rfd1zxsAvwkp0HQvm1jg3uXT5cNe0zzTGYJoCDRWKK%2FQ4MCzehR0UIvqUK7CoGsih6Hg%2BlA%2BKO0Ci2NjejiF4T13kZMZyXvleqPuV78r6SqyCiQVVs50%2F32PpqV6cCZTvfUazGtg6XlMHA%2F37m3tU7z849dhTEvq%2F0SuOjkhAA%2FhLgiauvMntAYqgjSO4BDKYn8QguzfLJi6MdWP97pPdGU%2FlBMWqp7KTKPFKNNDvRIvcEctDlcbQ3OppqonTwLglq51pYFpdnmPSueOByJUNODvPgY4FE9qeMuzNLYnRMEdnx%2BKf737uTVtbb%2FVkK3QA96EMYjDZ8uGjZKIsCgZ8jRwecviMlh9LpPVf9iciBTbfGtRSqQzI7JTCIydeMxpWODokASYDr60kgmYW%2F1eKL9GwGlJ3TeiyXzf6%2B6kC1XsGp4XuyuhWx5YDKZQMkSOZPL5Z6vLuqD9ffFgsvIkoCwa%2FsDXq1NH%2FHuvFJcHlAT56w2IG9vjocJ75DKeWrYBac <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: ratslt.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Fri, 16 Jun 2017 04:08:28 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45-0+deb7u8 <br>Set-Cookie: __tad=1497586108.4483922; expires=Mon, 14-Jun-2027 04:08:28 GMT <br>Location: http://ww11.ratslt.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: ratslt.se <br>Referer: http://www.google.com/search?q=ratslt.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Fri, 16 Jun 2017 04:08:27 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.6.30-0+deb8u1 <br>Set-Cookie: __tad=1497586108.4182618; expires=Mon, 14-Jun-2027 04:08:28 GMT; Max-Age=315360000 <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT1U1o%2BKUv4rfd1zxsAvwkp0HQvm1jg3uXT5cNe0zzTGYJoCDRWKK%2FQ4MCzehR0UIvqUK7CoGsih6Hg%2BlA%2BKO0Ci2NjejiF4T13kZMZyXvleqPuV78r6SqyCiQVVs50%2F32PpqV6cCZTvfUazGtg6XlMHA%2F37m3tU7z849dhTEvq%2F0SuOjkhAA%2FhLgiauvMntAYqgjSO4BDKYn8QguzfLJi6MdWP97pPdGU%2FlBMWqp7KTKPFKNNDvRIvcEctDlcbQ3OppqonTwLglq51pYFpdnmPSueOByJUNODvPgY4FE9qeMuzNLYnRMEdnx%2BKf737uTVtbb%2FVkK3QA96EMYjDZ8uGjZKIsCgZ8jRwecviMlh9LpPVf9iciBTbfGtRSqQzI7JTCIydeMxpWODokASYDr60kgmYW%2F1eKL9GwGlJ3TeiyXzf6%2B6kC1XsGp4XuyuhWx5YDKZQMkSOZPL5Z6vLuqD9ffFgsvIkoCwa%2FsDXq1NH%2FHuvFJcHlAT56w2IG9vjocJ75DKeWrYBac <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>ratslt.se is on 103.224.212.197<br>ASN for 103.224.212.197: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.197 corresponds with lb-212-197.above.com<br>Abuse.net does not have any reliable address for lb-212-197.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@lb-212-197.above.com abuse@above.com1497625608http://www-solresor.se/ (103.224.212.197) - Serp-hijackingAttacked url: http://www-solresor.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 12 Jun 2017 23:31:41 +0200<br><br>Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT3gQkIDbz2IDkhEZ5wDlA4C%2FMdmgk09c5Xn8ab1aa4gtNLLbuaP%2BOBPxoN1SQkNVta50x5b79rJ%2FqTpO3bmwNwrpGhPbutMPK3TmdauygP0m0%2BOePKOc9SB1tGruk%2Byo9P%2F0xK5RbEDvbTjbpFWVj%2FZYxGL139FtUSyKMt%2B9WPxWe6Iivwk%2BE%2BXcY352o3Cldfv4QWWN1DgE6QF2vgwwbMAloyrAu9Dv1h9LSVgMdw%2F%2BZ1TLap1mnza9BrDuYWNB2jaThXfO%2Bl6nC7iKQQOFAR2sPUGGHG1org6NFcFJB0prEbpgG%2BPBJ3%2FioOlKaR9t0oLfLUiSYB%2BsYh0m6MnG2KkqYGjBQbaR1EyG2MVt8UsqGJJp7nOV0yG7nxxz%2F8A9ixbY2uARuWx94weS%2Bq685erfRxzoXfpzAzLZoIRwkP9B%2Bbf7YvFaBJUU6qmldzdSLuPtNuYS8SjXPLOBZ%2Bz72LCyT4lLaY0stkB5daXXt1gCSlyHnjXeW3rOasCig0wGka0i77w31RdFRMqsO%2FnXV7sBXNRz8804d9PARhelFbJR <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: www-solresor.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 12 Jun 2017 21:31:41 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45-0+deb7u8 <br>Set-Cookie: __tad=1497303101.5411084; expires=Thu, 10-Jun-2027 21:31:41 GMT <br>Location: http://ww11.www-solresor.se/ <br>Connection: close <br>Content-Type: text/html; charset=UTF-8 <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: www-solresor.se <br>Referer: http://www.google.com/search?q=www-solresor.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Date: Mon, 12 Jun 2017 21:31:41 GMT <br>Server: Apache <br>X-Powered-By: PHP/5.4.45-0+deb7u8 <br>Set-Cookie: __tad=1497303101.7671814; expires=Thu, 10-Jun-2027 21:31:41 GMT <br>Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT3gQkIDbz2IDkhEZ5wDlA4C%2FMdmgk09c5Xn8ab1aa4gtNLLbuaP%2BOBPxoN1SQkNVta50x5b79rJ%2FqTpO3bmwNwrpGhPbutMPK3TmdauygP0m0%2BOePKOc9SB1tGruk%2Byo9P%2F0xK5RbEDvbTjbpFWVj%2FZYxGL139FtUSyKMt%2B9WPxWe6Iivwk%2BE%2BXcY352o3Cldfv4QWWN1DgE6QF2vgwwbMAloyrAu9Dv1h9LSVgMdw%2F%2BZ1TLap1mnza9BrDuYWNB2jaThXfO%2Bl6nC7iKQQOFAR2sPUGGHG1org6NFcFJB0prEbpgG%2BPBJ3%2FioOlKaR9t0oLfLUiSYB%2BsYh0m6MnG2KkqYGjBQbaR1EyG2MVt8UsqGJJp7nOV0yG7nxxz%2F8A9ixbY2uARuWx94weS%2Bq685erfRxzoXfpzAzLZoIRwkP9B%2Bbf7YvFaBJUU6qmldzdSLuPtNuYS8SjXPLOBZ%2Bz72LCyT4lLaY0stkB5daXXt1gCSlyHnjXeW3rOasCig0wGka0i77w31RdFRMqsO%2FnXV7sBXNRz8804d9PARhelFbJR <br>Connection: close <br>Content-Type: text/html; charset=UTF-8<br><br>www-solresor.se is on 103.224.212.197<br>ASN for 103.224.212.197: 133618<br>Abusix contact information: abuse@trellian.com (information only)<br>103.224.212.197 corresponds with lb-212-197.above.com<br>Abuse.net does not have any reliable address for lb-212-197.above.com<br>Abuse address not found in whois.<br>Best guess from abuse.net: abuse@above.com abuse@lb-212-197.above.com1497349771