typing website address opens the correct website but google link takes me to different website

Hello,
a friend has a website http://fondazioneroberthollman.it that works fine when typing the address in the address bar.
However if the link is opened through a search engine, it opens up a website that sells bags.
It isn't a virus on the client side since I've tried it on different computers on different network, it seems more of a dns problem, or some website hack maybe (it's a very old website).

For example on google it shows the correct name but the description is the one of the bags website

google.PNG
and on bing the name is the one of the bags website

bing.PNG
by accessing the page by typing the address and viewing the page source I cannot find any redirect, so I'm not sure if it's a dns problem of the provider or some kind of hack I'm not aware of
uilliAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Chris HInfrastructure ManagerCommented:
0
Chris HInfrastructure ManagerCommented:
I'm also not ruling out that the web host has port 80 bindings correct.  You may also want to contact your web host.

Correction:  Closer examination shows that neither host is related by any means.  This is Google's fault.
0
uilliAuthor Commented:
what is strange is that it's not only google, but I tried bing and yahoo and I get the same problem
0
Turn Raw Data into a Real Career

There’s a growing demand for qualified analysts who can make sense of Big Data. With an MS in Data Analytics, you can become the data mining, management, mapping, and munging expert that today’s leading corporations desperately need.

Chris HInfrastructure ManagerCommented:
This webserver is compromised.  

This script is called on a non-indexed page:
3/31/2015 2:20:50 PM      http://www.drdrebeats.eu/ugg/airmax-it.js|>{gzip} [L] HTML:Iframe-inf (0)

I can no longer access this script on the server side now, so it's either tamper-aware, you're in the process of fixing it or a hacker just cloaked.  

I do a google search and it shows several nike airmax ads in different languages.  Your's appears to be in Italian.

https://www.google.com/#safe=off&q=http:%2F%2Fwww.fondazioneroberthollman.it%2F+nike

See for yourself.

The only valid answer here is to rebuild from scratch.  Ethically, you should too, as this is probably a jump point for malware now.

Is this a hosted server?
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Chris HInfrastructure ManagerCommented:
Also, I'd remove any mention to any email addresses listed.  Those guys have to get a buttload of spam.
http://fondazioneroberthollman.it/eng/contatti.htm
0
uilliAuthor Commented:
thanks for the research. the website is hosted by a company and doing a search on the company domain like you suggested it seems it's their webserver that has been compromised

https://www.google.it/search?client=opera&q=advertendo&sourceid=opera&ie=UTF-8&oe=UTF-8#q=www.advertendo.com%2F+nike

this shows advertising websites on their domain as well. Does this mean their webserver got hacked?
0
Chris HInfrastructure ManagerCommented:
The host is definitely compromised to where it's effecting your product.  I'd walk and try a different host.  Does he have a backup of the website before this happened?  I'd consider using that or at least comparing the original source (espeically scripts) to the code that exists.  With encryption and randomization, the only person who could probably tell you how and what got compromised is the person who compromised it.  It may be time, too, that he updates the website technology to a more efficient, search engine friendly, mobile supported platform.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Network Security

From novice to tech pro — start learning today.