See:
http://killmalware.com/writemymortgage.com/#SE visitors redirects
Visitors from search engines are redirected
to: htxp://redoperabwo dot ru
redoperabwo dot ru is reported by Google as suspicious
1243 sites infected with redirects to this URL
See:
http://sitecheck.sucuri.net/scanner/?scan=http%3A%2F%2Fwritemymortgage.com%2FWordPress version outdated: Upgrade required.
Suspicious domain detected:
http://sucuri.net/malware/malware-entry-mwblacklisted35Javascript check suspicious: uspicious
rm" action="htxp://redoperabwo dot ru/parking.php" method="get" name="searchform"><fieldset><input type="hidden" name="ses" value="y3jlptezotu0ndq5njgmdgnpzd1yzwrvcgvyywj3by5ydtuzmmnjy...
404-error check: Suspicious 404 Page:
.ru/parking.php" method="get" name="searchform"><fieldset><input type="hidden" name="ses" value="y3jlptezotu0ndq5njkmdgn
External links to: htxp://www.sedo.com/services/parking.php3
because virus tracker classification: writemymortgage dot com,192.254.234.8,ns6495.hostgator dot com,Parked/expired,
polonus