Hi guys, I am looking for help tracking how a client's site has been hacked.
The site is located at kingcards.com
It gets redirected to various different fake malware sites, an invalid page on a .ru website or sometime just back to google.com. Sometimes there is no redirect at all and it works as normal. His site is first on Google for a search on "kingcards". This results in a redirect too.
I am unable to find out exactly where the redirect is and this is what is causing the frustration. I have used redirect checkers and "view as Googlebot" tools and they all render the site properly as it should.
His webhost is not being much help and using this as an excuse to sell him a VPN.
If anybody could give me any ideas on where to start looking I would be grateful.