• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 258
  • Last Modified:

typing website address opens the correct website but google link takes me to different website

Hello,
a friend has a website http://fondazioneroberthollman.it that works fine when typing the address in the address bar.
However if the link is opened through a search engine, it opens up a website that sells bags.
It isn't a virus on the client side since I've tried it on different computers on different network, it seems more of a dns problem, or some website hack maybe (it's a very old website).

For example on google it shows the correct name but the description is the one of the bags website

google.PNG
and on bing the name is the one of the bags website

bing.PNG
by accessing the page by typing the address and viewing the page source I cannot find any redirect, so I'm not sure if it's a dns problem of the provider or some kind of hack I'm not aware of
0
uilli
Asked:
uilli
  • 5
  • 2
1 Solution
 
Chris HInfrastructure ManagerCommented:
0
 
Chris HInfrastructure ManagerCommented:
I'm also not ruling out that the web host has port 80 bindings correct.  You may also want to contact your web host.

Correction:  Closer examination shows that neither host is related by any means.  This is Google's fault.
0
 
uilliAuthor Commented:
what is strange is that it's not only google, but I tried bing and yahoo and I get the same problem
0
Managing Security Policy in a Changing Environment

The enterprise network environment is evolving rapidly as companies extend their physical data centers to embrace cloud computing and software-defined networking. This new reality means that the challenge of managing the security policy is much more dynamic and complex.

 
Chris HInfrastructure ManagerCommented:
This webserver is compromised.  

This script is called on a non-indexed page:
3/31/2015 2:20:50 PM      http://www.drdrebeats.eu/ugg/airmax-it.js|>{gzip} [L] HTML:Iframe-inf (0)

I can no longer access this script on the server side now, so it's either tamper-aware, you're in the process of fixing it or a hacker just cloaked.  

I do a google search and it shows several nike airmax ads in different languages.  Your's appears to be in Italian.

https://www.google.com/#safe=off&q=http:%2F%2Fwww.fondazioneroberthollman.it%2F+nike

See for yourself.

The only valid answer here is to rebuild from scratch.  Ethically, you should too, as this is probably a jump point for malware now.

Is this a hosted server?
0
 
Chris HInfrastructure ManagerCommented:
Also, I'd remove any mention to any email addresses listed.  Those guys have to get a buttload of spam.
http://fondazioneroberthollman.it/eng/contatti.htm
0
 
uilliAuthor Commented:
thanks for the research. the website is hosted by a company and doing a search on the company domain like you suggested it seems it's their webserver that has been compromised

https://www.google.it/search?client=opera&q=advertendo&sourceid=opera&ie=UTF-8&oe=UTF-8#q=www.advertendo.com%2F+nike

this shows advertising websites on their domain as well. Does this mean their webserver got hacked?
0
 
Chris HInfrastructure ManagerCommented:
The host is definitely compromised to where it's effecting your product.  I'd walk and try a different host.  Does he have a backup of the website before this happened?  I'd consider using that or at least comparing the original source (espeically scripts) to the code that exists.  With encryption and randomization, the only person who could probably tell you how and what got compromised is the person who compromised it.  It may be time, too, that he updates the website technology to a more efficient, search engine friendly, mobile supported platform.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Managing Security & Risk at the Speed of Business

Gartner Research VP, Neil McDonald & AlgoSec CTO, Prof. Avishai Wool, discuss the business-driven approach to automated security policy management, its benefits and how to align security policy management with business processes to address today's security challenges.

  • 5
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now