Attacked url: http://wwwbubbelroom.se/
Attack type: SERP-hijacking (see http://ikyon.com/attack-types/ for description)
Attack detected Tue, 13 Jun 2017 03:30:52 +0200

Visitors with referer are redirected to http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT3gQkIDbz2IDNwm42hD8Uile%2FYBoviWTa9Vc%2BBn37V14DDsz10QWAXbfE9p1yTGC9eljaf8h9alPbCfm1sVbRKYZU%2FGH1TNpNzJ59mRRNQ9gCHjAdW0TI%2FUalyHH58FQFVicYhCQHhwtGCIYZhRJBxHo%2BsPkRtGARkdCByBQK8QPjrGDw%2B8xBdthZoa4P%2B2VAg4MSo2pr7J6AGsFmaKIjtu87a7rkGlT2ydBANiR3Lb%2BcIeTkFLGdhj11wz6W8XtUWtUlVTJm0jmZXIqfb%2FGa6IhU42hFpJgv6r2LcxX8b%2BD2OKNgLko%2F8YRhJwKjvPc4Qmx%2Bp%2FU2%2BRyEMaMPye7jxjbMbSZltHS5nMrBgbvlVt%2FwMC5ApUkwIkTGsLA1zoDOo9NG11nZvmafTGry8qw7Ykn01WbAHj3OrO8tAnmzzAlNKnffj%2B%2F%2Boxg4BrV5ZUxL%2F1P87LqWfrKIj1AlL1YiVWcUZPvkso0hFoA5ffvvfEHxhPDIatXr6g%2FIYdDx2JBCK%2B%2FpyutnXEcdQXsun3HUwcxSB4gAENhOi%2FboLGZuTJbs2YV32qBntU%3D

HTTP traffic without referer:
HTTP headers sent:
HEAD / HTTP/1.1
Host: wwwbubbelroom.se
Connection: Close

HTTP headers recieved:
HTTP/1.1 302 Found
Date: Tue, 13 Jun 2017 01:31:00 GMT
Server: Apache
X-Powered-By: PHP/5.4.45-0+deb7u8
Set-Cookie: __tad=1497317460.1628911; expires=Fri, 11-Jun-2027 01:31:00 GMT
Location: http://ww11.wwwbubbelroom.se/
Connection: close
Content-Type: text/html; charset=UTF-8


HTTP traffic with referer:
HTTP headers sent:
HEAD / HTTP/1.1
Host: wwwbubbelroom.se
Referer: http://www.google.com/search?q=wwwbubbelroom.se
Connection: Close

HTTP headers recieved:
HTTP/1.1 302 Found
Date: Tue, 13 Jun 2017 01:30:59 GMT
Server: Apache
X-Powered-By: PHP/5.6.30-0+deb8u1
Set-Cookie: __tad=1497317459.7146470; expires=Fri, 11-Jun-2027 01:30:59 GMT; Max-Age=315360000
Location: http://bidr.trellian.com/r2.php?e=cF8L0S4UvzZFbF2sJTBoT3gQkIDbz2IDNwm42hD8Uile%2FYBoviWTa9Vc%2BBn37V14DDsz10QWAXbfE9p1yTGC9eljaf8h9alPbCfm1sVbRKYZU%2FGH1TNpNzJ59mRRNQ9gCHjAdW0TI%2FUalyHH58FQFVicYhCQHhwtGCIYZhRJBxHo%2BsPkRtGARkdCByBQK8QPjrGDw%2B8xBdthZoa4P%2B2VAg4MSo2pr7J6AGsFmaKIjtu87a7rkGlT2ydBANiR3Lb%2BcIeTkFLGdhj11wz6W8XtUWtUlVTJm0jmZXIqfb%2FGa6IhU42hFpJgv6r2LcxX8b%2BD2OKNgLko%2F8YRhJwKjvPc4Qmx%2Bp%2FU2%2BRyEMaMPye7jxjbMbSZltHS5nMrBgbvlVt%2FwMC5ApUkwIkTGsLA1zoDOo9NG11nZvmafTGry8qw7Ykn01WbAHj3OrO8tAnmzzAlNKnffj%2B%2F%2Boxg4BrV5ZUxL%2F1P87LqWfrKIj1AlL1YiVWcUZPvkso0hFoA5ffvvfEHxhPDIatXr6g%2FIYdDx2JBCK%2B%2FpyutnXEcdQXsun3HUwcxSB4gAENhOi%2FboLGZuTJbs2YV32qBntU%3D
Connection: close
Content-Type: text/html; charset=UTF-8

wwwbubbelroom.se is on 103.224.212.192
ASN for 103.224.212.192: 133618
Abusix contact information: abuse@trellian.com (information only)
103.224.212.192 corresponds with lb-212-192.above.com
Abuse.net does not have any reliable address for lb-212-192.above.com
Abuse address not found in whois.
Best guess from abuse.net: abuse@lb-212-192.above.com abuse@above.com