I coded my own website and uploaded to a host. Some days ago I realized that in front page suddenly redirects to an unknown websites, until 3-4 redirects.
The redirects ends up at: http://59016823.g05.info/?p=NGNmN2JjNTYyNmIwMGE3YTU5MjgzNmNiOWNjOWMzNGF8MXxEaXJlY3RMaW5rfFRYbFBZbVoxWTJGMFpTQkNiMlI1VEdGNVpYST18MTAwMHw1OTAxNjgyMw==
The latter part of the URL query is a base64 string that resolves to somthing encoded:
4cf7bc5626b00a7a592836cb9cc9c34a|1|DirectLink|TXlPYmZ1Y2F0ZSBCb2R5TGF5ZXI=|1000|59016823
Virustotal does report the site as a "Malware Site".
You should look into your web server logs to figure out how/when this code got injected in the first place. Is it because your sever is compromised or is it because you are using some vulnerable plugin ? is it because of malvertisement ?
A proper look at the codes and a complete clean-up would be required to avoid any future infections.
