302 redirect hijacking


If we have sent you a link to this page we expect prompt action will be taken and an immediate response that you are taking this matter seriously.

Your website is hosting content that is stolen from our sites / brands. This can range from one paragraph of text to an entire page, with or without graphics. It’s likely this has not be done by yourself but as a result of your server being compromised by a hacker who is performing or attempting to perform a 302 redirect hijack. You may not be able to directly see our content on your site as the hacker will have also installed a redirect which relocates the visitor to another site which they generate advert or affiliate revenue.

If you have any issues understanding what has occurred please seek advice from a professional expert within the cyber security field.

Your next steps:

  • Take your site offline immediately
  • Remove all our content from your website
  • Change your server and FTP passwords
  • Patch and update any CMS or plugins used on your site
  • Put your site back online
  • Continue to monitor your site by searching for all indexed pages with Google

Our actions:

We have recored your domain name and links with our content. We will also monitor these to ensure our data is removed quickly. If the data is not removed we will serve a DMCA notice to your hosting company and request the entire removal of your site for copyright infringement.

How and why has your site been hacked?

A hacker takes our sites content and places it on your site within a folder. Their version contains links or redirects to another site which they can generate money from the traffic. They place a 302 redirect back to our site to trick Google into thinking your site is the original owner of the content. When a 3rd party searches for keywords that ranked well for our site, they see your page and steal our search engine traffic.

If your site uses a CMS system like WordPress, Joomla, etc then it’s quite easy for a hacker to gain control of your site as many plug-ins have security issues. The image below shows an example of our domain cybersex.dating being hijacked for the search “cybersex dating”.

302 redirect hijacking