Description:
Detected suspicious script that redirects traffic coming from search engines to third-party sites. This behavior is typical for Black Hat SEO attacks that make a compromised site rank for spammy keywords and then redirect search traffic to a third-party beneficiary site.
There are multiple types of redirect scripts. Here's one of them:
var s=document.referrer;
if(s.indexOf("google")>0 || s.indexOf("bing")>0 || s.indexOf("aol")>0 || s.indexOf("yahoo")>0)
{
self.location='hxxp://www.sunonhead[.]com';
}
Affecting: Any web site (no specific target).