SE redirect on website going to blacklisted destination.

Viruses and worms
1

See: https://aw-snap.info/file-viewer/?tgt=http%3A%2F%2Fmaginfoitems.com&ref_sel=GSP2&ua_sel=ff&fs=1
Content-Location: hxtp://unokesyh.dumb1.com/index.html
Note: This line has redirected the request to htxp://unokesyh.dumb1.com/index.html
Blacklist status for unokesyh.dumb1.com: http://labs.sucuri.net/?blacklist=unokesyh.dumb1.com
IP address information
Domain -unokesyh.dumb1.com is at: 46.21.144.53 (46.21.144.53)
All malware-related domains at this IP address:
-brugge.osa.pl
-chromium.my03.com
-costabrava.bee.pl
-denver.dumb1.com
-dns-dns.dns-dns.com
-dubstep.dumb1.com
-dubstep.onedumb.com
-ertyuiop.itsaol.com
-goodmorning.25u.com
-google.2waky.com
-ibontu.25u.com
-industry.bee.pl
-isfart.fartit.com
-kmlps.mrslove.com
-loopdown.lflinkup.com
-lpistw.4pu.com
-namesti.bee.pl
-netavia.jetos.com
-onotiw.dnset.com
-qertea.instanthq.com
-qrue.qpoe.com
-relellre.4pu.com
-rnd.jkub.com
-runzor.dnsrd.com
-smooth.ygto.com
-stlp.4pu.com
-trimas.xxuz.com
-unokesyh.dumb1.com
-up2day.25u.com
-vaclavska.bee.pl
-wkpb.25u.com

WordPress issues on website: Warning User Enumeration is possible
The first two user ID’s were tested to determine if user enumeration is possible.

ID User Login
1 None admin
2 None
It is recommended to rename the admin user account to reduce the chance of brute force attacks occurring. As this will reduce the chance of automated password attackers gaining access. However it is important to understand that if the author archives are enabled it is usually possible to enumerate all users within a WordPress installation.

Adblockable scripts: Script loaded: -https://s.ytimg.com/yts/jsbin/www-embed-player-vfl52enfD/www-embed-player.js
Script loaded: -https://s.ytimg.com/yts/jsbin/player-en_US-vfldefdPl/base.js
Script loaded: -https://www.google.com/js/bg/l-S9HtQ-Ty6kP-nB2daKFnRgzBnUXHbDvxr32JjN4QA.js
Script loaded: -https://static.doubleclick.net/instream/ad_status.js

Website Malware malware-entry-mwblacklisted35 -http://maginfoitems.com/category/drugie-zametki/
Suspicious domain detected. Details: -http://sucuri.net/malware/malware-entry-mwblacklisted35
Location: -http://unokesyh.dumb1.com/

The campaign has been long ongoing, since 2012 at least: http://ask.metafilter.com/229603/My-Google-results-are-being-hacked

polonus