Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=9ihotel.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://9ihotel.com/ | HTTP/1.1 200 OK Date: Sat, 12 Apr 2014 18:11:34 GMT Accept-Ranges: bytes ETag: "58ccb1f36f96ce1:47d1" Server: Microsoft-IIS/6.0 Content-Length: 18748 Content-Location: http://9ihotel.com/index.html Content-Type: text/html Last-Modified: Sun, 11 Aug 2013 08:51:21 GMT X-Powered-By: ASP.NET | clean |
http://9ihotel.com/index.html | 200 OK Content-Length: 18748 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: 172.241.204.106 ...[1020 bytes skipped]... c='/function.js' ></script> <body> <div id="main"> <div id="header"> <div id="logo"><a href="/" name="top"><img src="/templets/laundry/images/logo.gif" alt="ÌìèÓéÀÖ³Ç" /></a></div> <div id="head_right"></div> <br /><span onclick="var strHref=window.location.href;this.style.behavior='url(#default#homepage)';this.setHomePage('http://172.241.204.106');" style="CURSOR: hand">ÉèΪÊ×Ò³</span><br><span style="CURSOR: hand" onClick="window.external.addFavorite('http://172.241.204.106','ÌìèÓéÀÖ³Ç_ÓéÀÖ³Ç×îÐÂÓÅ»Ý_¿ª»§ËÍ18ÔªÌåÑé½ð_Ãâ·ÑËÍ18Ôª_×¢²áËÍ18ÔªÏÖ½ð_ÓéÀÖ³Ç×¢²áËÍ18ÌåÑé½ð_²¨Òô×¢²áËͲʽð')" title="ÌìèÓéÀÖ³Ç">Êղر¾Õ¾</span> </div> <!--µ¼º½¿ªÊ¼--> <ul id="nav"> <li><a href='/'>Ê× Ò³</a></li> <li>< ...[21991 bytes skipped]... | ||
http://9ihotel.com/function.js | 200 OK Content-Length: 151 Content-Type: application/x-javascript | malicious |
Malicious code found. Script contains blacklisted domain: 55881111.com document.writeln("<iframe height=\"1930px\" width=\"100%\" src=\"http:\/\/55881111.com\" scrolling=\"no\" style=\"border:0px; margin:0px\"><\/iframe>") Decoded script: <iframe height="1930px" width="100%" src="http://55881111.com" scrolling="no" style="border:0px; margin:0px"></iframe> | ||
http://9ihotel.com/total.js | 200 OK Content-Length: 149 Content-Type: application/x-javascript | clean |
http://9ihotel.com/ganxidianlirun/ | HTTP/1.1 200 OK Date: Sat, 12 Apr 2014 18:11:36 GMT Accept-Ranges: bytes ETag: "5e47f1516384ce1:47d1" Server: Microsoft-IIS/6.0 Content-Length: 10644 Content-Location: http://9ihotel.com/ganxidianlirun/index.html Content-Type: text/html Last-Modified: Fri, 19 Jul 2013 09:35:35 GMT X-Powered-By: ASP.NET | clean |
http://9ihotel.com/ganxidianlirun/index.html | 200 OK Content-Length: 10644 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: 172.241.204.106 ...[1136 bytes skipped]... c='/function.js' ></script> <body> <div id="main"> <div id="header"> <div id="logo"><a href="/" name="top"><img src="/templets/laundry/images/logo.gif" alt="ÌìèÓéÀÖ³Ç" /></a></div> <div id="head_right"></div> <br /><span onclick="var strHref=window.location.href;this.style.behavior='url(#default#homepage)';this.setHomePage('http://172.241.204.106');" style="CURSOR: hand">ÉèΪÊ×Ò³</span><br><span style="CURSOR: hand" onClick="window.external.addFavorite('http://172.241.204.106','ÌìèÓéÀÖ³Ç_ÓéÀÖ³Ç×îÐÂÓÅ»Ý_¿ª»§ËÍ18ÔªÌåÑé½ð_Ãâ·ÑËÍ18Ôª_×¢²áËÍ18ÔªÏÖ½ð_ÓéÀÖ³Ç×¢²áËÍ18ÌåÑé½ð_²¨Òô×¢²áËͲʽð')" title="ÌìèÓéÀÖ³Ç">Êղر¾Õ¾</span> </div> <!--µ¼º½¿ªÊ¼--> <ul id="nav"> <li><a href='/'>Ê× Ò³</a></li> <li>< ...[11171 bytes skipped]... | ||
http://9ihotel.com/images/js/jquery.min.js | 200 OK Content-Length: 72174 Content-Type: application/x-javascript | clean |
http://9ihotel.com/ganxidianchengben/ | HTTP/1.1 200 OK Date: Sat, 12 Apr 2014 18:11:39 GMT Accept-Ranges: bytes ETag: "c28f7b526384ce1:47d1" Server: Microsoft-IIS/6.0 Content-Length: 10918 Content-Location: http://9ihotel.com/ganxidianchengben/index.html Content-Type: text/html Last-Modified: Fri, 19 Jul 2013 09:35:36 GMT X-Powered-By: ASP.NET | clean |
http://9ihotel.com/ganxidianchengben/index.html | 200 OK Content-Length: 10918 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: 172.241.204.106 ...[1136 bytes skipped]... c='/function.js' ></script> <body> <div id="main"> <div id="header"> <div id="logo"><a href="/" name="top"><img src="/templets/laundry/images/logo.gif" alt="ÌìèÓéÀÖ³Ç" /></a></div> <div id="head_right"></div> <br /><span onclick="var strHref=window.location.href;this.style.behavior='url(#default#homepage)';this.setHomePage('http://172.241.204.106');" style="CURSOR: hand">ÉèΪÊ×Ò³</span><br><span style="CURSOR: hand" onClick="window.external.addFavorite('http://172.241.204.106','ÌìèÓéÀÖ³Ç_ÓéÀÖ³Ç×îÐÂÓÅ»Ý_¿ª»§ËÍ18ÔªÌåÑé½ð_Ãâ·ÑËÍ18Ôª_×¢²áËÍ18ÔªÏÖ½ð_ÓéÀÖ³Ç×¢²áËÍ18ÌåÑé½ð_²¨Òô×¢²áËͲʽð')" title="ÌìèÓéÀÖ³Ç">Êղر¾Õ¾</span> </div> <!--µ¼º½¿ªÊ¼--> <ul id="nav"> <li><a href='/'>Ê× Ò³</a></li> <li>< ...[11445 bytes skipped]... | ||
http://9ihotel.com/ganxijijiage/ | HTTP/1.1 200 OK Date: Sat, 12 Apr 2014 18:11:42 GMT Accept-Ranges: bytes ETag: "a8af7526384ce1:47d1" Server: Microsoft-IIS/6.0 Content-Length: 10901 Content-Location: http://9ihotel.com/ganxijijiage/index.html Content-Type: text/html Last-Modified: Fri, 19 Jul 2013 09:35:36 GMT X-Powered-By: ASP.NET | clean |
http://9ihotel.com/ganxijijiage/index.html | 200 OK Content-Length: 10901 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: 172.241.204.106 ...[1136 bytes skipped]... c='/function.js' ></script> <body> <div id="main"> <div id="header"> <div id="logo"><a href="/" name="top"><img src="/templets/laundry/images/logo.gif" alt="ÌìèÓéÀÖ³Ç" /></a></div> <div id="head_right"></div> <br /><span onclick="var strHref=window.location.href;this.style.behavior='url(#default#homepage)';this.setHomePage('http://172.241.204.106');" style="CURSOR: hand">ÉèΪÊ×Ò³</span><br><span style="CURSOR: hand" onClick="window.external.addFavorite('http://172.241.204.106','ÌìèÓéÀÖ³Ç_ÓéÀÖ³Ç×îÐÂÓÅ»Ý_¿ª»§ËÍ18ÔªÌåÑé½ð_Ãâ·ÑËÍ18Ôª_×¢²áËÍ18ÔªÏÖ½ð_ÓéÀÖ³Ç×¢²áËÍ18ÌåÑé½ð_²¨Òô×¢²áËͲʽð')" title="ÌìèÓéÀÖ³Ç">Êղر¾Õ¾</span> </div> <!--µ¼º½¿ªÊ¼--> <ul id="nav"> <li><a href='/'>Ê× Ò³</a></li> <li>< ...[11428 bytes skipped]... | ||
http://9ihotel.com/ganxidianjiamengzhinan/ | HTTP/1.1 200 OK Date: Sat, 12 Apr 2014 18:11:43 GMT Accept-Ranges: bytes ETag: "14707f536384ce1:47d1" Server: Microsoft-IIS/6.0 Content-Length: 11208 Content-Location: http://9ihotel.com/ganxidianjiamengzhinan/index.html Content-Type: text/html Last-Modified: Fri, 19 Jul 2013 09:35:37 GMT X-Powered-By: ASP.NET | clean |
http://9ihotel.com/ganxidianjiamengzhinan/index.html | 200 OK Content-Length: 11208 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: 172.241.204.106 ...[1136 bytes skipped]... c='/function.js' ></script> <body> <div id="main"> <div id="header"> <div id="logo"><a href="/" name="top"><img src="/templets/laundry/images/logo.gif" alt="ÌìèÓéÀÖ³Ç" /></a></div> <div id="head_right"></div> <br /><span onclick="var strHref=window.location.href;this.style.behavior='url(#default#homepage)';this.setHomePage('http://172.241.204.106');" style="CURSOR: hand">ÉèΪÊ×Ò³</span><br><span style="CURSOR: hand" onClick="window.external.addFavorite('http://172.241.204.106','ÌìèÓéÀÖ³Ç_ÓéÀÖ³Ç×îÐÂÓÅ»Ý_¿ª»§ËÍ18ÔªÌåÑé½ð_Ãâ·ÑËÍ18Ôª_×¢²áËÍ18ÔªÏÖ½ð_ÓéÀÖ³Ç×¢²áËÍ18ÌåÑé½ð_²¨Òô×¢²áËͲʽð')" title="ÌìèÓéÀÖ³Ç">Êղر¾Õ¾</span> </div> <!--µ¼º½¿ªÊ¼--> <ul id="nav"> <li><a href='/'>Ê× Ò³</a></li> <li>< ...[11777 bytes skipped]... | ||
http://9ihotel.com/ganxishebei/ | HTTP/1.1 200 OK Date: Sat, 12 Apr 2014 18:11:45 GMT Accept-Ranges: bytes ETag: "2c7de546384ce1:47d1" Server: Microsoft-IIS/6.0 Content-Length: 8033 Content-Location: http://9ihotel.com/ganxishebei/index.html Content-Type: text/html Last-Modified: Fri, 19 Jul 2013 09:35:38 GMT X-Powered-By: ASP.NET | clean |
http://9ihotel.com/ganxishebei/index.html | 200 OK Content-Length: 8033 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: 172.241.204.106 ...[1136 bytes skipped]... c='/function.js' ></script> <body> <div id="main"> <div id="header"> <div id="logo"><a href="/" name="top"><img src="/templets/laundry/images/logo.gif" alt="ÌìèÓéÀÖ³Ç" /></a></div> <div id="head_right"></div> <br /><span onclick="var strHref=window.location.href;this.style.behavior='url(#default#homepage)';this.setHomePage('http://172.241.204.106');" style="CURSOR: hand">ÉèΪÊ×Ò³</span><br><span style="CURSOR: hand" onClick="window.external.addFavorite('http://172.241.204.106','ÌìèÓéÀÖ³Ç_ÓéÀÖ³Ç×îÐÂÓÅ»Ý_¿ª»§ËÍ18ÔªÌåÑé½ð_Ãâ·ÑËÍ18Ôª_×¢²áËÍ18ÔªÏÖ½ð_ÓéÀÖ³Ç×¢²áËÍ18ÌåÑé½ð_²¨Òô×¢²áËͲʽð')" title="ÌìèÓéÀÖ³Ç">Êղر¾Õ¾</span> </div> <!--µ¼º½¿ªÊ¼--> <ul id="nav"> <li><a href='/'>Ê× Ò³</a></li> <li>< ...[8086 bytes skipped]... | ||
http://9ihotel.com/jiamengxiyi/ | HTTP/1.1 200 OK Date: Sat, 12 Apr 2014 18:11:46 GMT Accept-Ranges: bytes ETag: "6edd40fc6f96ce1:47d1" Server: Microsoft-IIS/6.0 Content-Length: 14227 Content-Location: http://9ihotel.com/jiamengxiyi/index.html Content-Type: text/html Last-Modified: Sun, 11 Aug 2013 08:51:35 GMT X-Powered-By: ASP.NET | clean |
http://9ihotel.com/jiamengxiyi/index.html | 200 OK Content-Length: 14227 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: 172.241.204.106 ...[1136 bytes skipped]... c='/function.js' ></script> <body> <div id="main"> <div id="header"> <div id="logo"><a href="/" name="top"><img src="/templets/laundry/images/logo.gif" alt="ÌìèÓéÀÖ³Ç" /></a></div> <div id="head_right"></div> <br /><span onclick="var strHref=window.location.href;this.style.behavior='url(#default#homepage)';this.setHomePage('http://172.241.204.106');" style="CURSOR: hand">ÉèΪÊ×Ò³</span><br><span style="CURSOR: hand" onClick="window.external.addFavorite('http://172.241.204.106','ÌìèÓéÀÖ³Ç_ÓéÀÖ³Ç×îÐÂÓÅ»Ý_¿ª»§ËÍ18ÔªÌåÑé½ð_Ãâ·ÑËÍ18Ôª_×¢²áËÍ18ÔªÏÖ½ð_ÓéÀÖ³Ç×¢²áËÍ18ÌåÑé½ð_²¨Òô×¢²áËͲʽð')" title="ÌìèÓéÀÖ³Ç">Êղر¾Õ¾</span> </div> <!--µ¼º½¿ªÊ¼--> <ul id="nav"> <li><a href='/'>Ê× Ò³</a></li> <li>< ...[15294 bytes skipped]... | ||
http://9ihotel.com/ganxidianjiamenganli/ | HTTP/1.1 200 OK Date: Sat, 12 Apr 2014 18:11:48 GMT Accept-Ranges: bytes ETag: "a8d227556384ce1:47d1" Server: Microsoft-IIS/6.0 Content-Length: 9330 Content-Location: http://9ihotel.com/ganxidianjiamenganli/index.html Content-Type: text/html Last-Modified: Fri, 19 Jul 2013 09:35:40 GMT X-Powered-By: ASP.NET | clean |
http://9ihotel.com/ganxidianjiamenganli/index.html | 200 OK Content-Length: 9330 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: 172.241.204.106 ...[1142 bytes skipped]... c='/function.js' ></script> <body> <div id="main"> <div id="header"> <div id="logo"><a href="/" name="top"><img src="/templets/laundry/images/logo.gif" alt="ÌìèÓéÀÖ³Ç" /></a></div> <div id="head_right"></div> <br /><span onclick="var strHref=window.location.href;this.style.behavior='url(#default#homepage)';this.setHomePage('http://172.241.204.106');" style="CURSOR: hand">ÉèΪÊ×Ò³</span><br><span style="CURSOR: hand" onClick="window.external.addFavorite('http://172.241.204.106','ÌìèÓéÀÖ³Ç_ÓéÀÖ³Ç×îÐÂÓÅ»Ý_¿ª»§ËÍ18ÔªÌåÑé½ð_Ãâ·ÑËÍ18Ôª_×¢²áËÍ18ÔªÏÖ½ð_ÓéÀÖ³Ç×¢²áËÍ18ÌåÑé½ð_²¨Òô×¢²áËͲʽð')" title="ÌìèÓéÀÖ³Ç">Êղر¾Õ¾</span> </div> <!--µ¼º½¿ªÊ¼--> <ul id="nav"> <li><a href='/'>Ê× Ò³</a></li> <li>< ...[9611 bytes skipped]... | ||
http://9ihotel.com/ganxidianxiangguanwenda/ | HTTP/1.1 200 OK Date: Sat, 12 Apr 2014 18:11:50 GMT Accept-Ranges: bytes ETag: "2869c0556384ce1:47d1" Server: Microsoft-IIS/6.0 Content-Length: 11417 Content-Location: http://9ihotel.com/ganxidianxiangguanwenda/index.html Content-Type: text/html Last-Modified: Fri, 19 Jul 2013 09:35:41 GMT X-Powered-By: ASP.NET | clean |
http://9ihotel.com/ganxidianxiangguanwenda/index.html | 200 OK Content-Length: 11417 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: 172.241.204.106 ...[1136 bytes skipped]... c='/function.js' ></script> <body> <div id="main"> <div id="header"> <div id="logo"><a href="/" name="top"><img src="/templets/laundry/images/logo.gif" alt="ÌìèÓéÀÖ³Ç" /></a></div> <div id="head_right"></div> <br /><span onclick="var strHref=window.location.href;this.style.behavior='url(#default#homepage)';this.setHomePage('http://172.241.204.106');" style="CURSOR: hand">ÉèΪÊ×Ò³</span><br><span style="CURSOR: hand" onClick="window.external.addFavorite('http://172.241.204.106','ÌìèÓéÀÖ³Ç_ÓéÀÖ³Ç×îÐÂÓÅ»Ý_¿ª»§ËÍ18ÔªÌåÑé½ð_Ãâ·ÑËÍ18Ôª_×¢²áËÍ18ÔªÏÖ½ð_ÓéÀÖ³Ç×¢²áËÍ18ÌåÑé½ð_²¨Òô×¢²áËͲʽð')" title="ÌìèÓéÀÖ³Ç">Êղر¾Õ¾</span> </div> <!--µ¼º½¿ªÊ¼--> <ul id="nav"> <li><a href='/'>Ê× Ò³</a></li> <li>< ...[11986 bytes skipped]... | ||
http://9ihotel.com/ganxijiamengdianzhanshi/ | HTTP/1.1 200 OK Date: Sat, 12 Apr 2014 18:11:51 GMT Accept-Ranges: bytes ETag: "8cb14a566384ce1:47d1" Server: Microsoft-IIS/6.0 Content-Length: 8229 Content-Location: http://9ihotel.com/ganxijiamengdianzhanshi/index.html Content-Type: text/html Last-Modified: Fri, 19 Jul 2013 09:35:42 GMT X-Powered-By: ASP.NET | clean |
http://9ihotel.com/ganxijiamengdianzhanshi/index.html | 200 OK Content-Length: 8229 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: 172.241.204.106 ...[1136 bytes skipped]... c='/function.js' ></script> <body> <div id="main"> <div id="header"> <div id="logo"><a href="/" name="top"><img src="/templets/laundry/images/logo.gif" alt="ÌìèÓéÀÖ³Ç" /></a></div> <div id="head_right"></div> <br /><span onclick="var strHref=window.location.href;this.style.behavior='url(#default#homepage)';this.setHomePage('http://172.241.204.106');" style="CURSOR: hand">ÉèΪÊ×Ò³</span><br><span style="CURSOR: hand" onClick="window.external.addFavorite('http://172.241.204.106','ÌìèÓéÀÖ³Ç_ÓéÀÖ³Ç×îÐÂÓÅ»Ý_¿ª»§ËÍ18ÔªÌåÑé½ð_Ãâ·ÑËÍ18Ôª_×¢²áËÍ18ÔªÏÖ½ð_ÓéÀÖ³Ç×¢²áËÍ18ÌåÑé½ð_²¨Òô×¢²áËͲʽð')" title="ÌìèÓéÀÖ³Ç">Êղر¾Õ¾</span> </div> <!--µ¼º½¿ªÊ¼--> <ul id="nav"> <li><a href='/'>Ê× Ò³</a></li> <li>< ...[8282 bytes skipped]... | ||
http://9ihotel.com/ganxijiamengdianzhanshi/2013/0718/695.html | 200 OK Content-Length: 7420 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: 172.241.204.106 ...[700 bytes skipped]... c='/function.js' ></script> <body> <div id="main"> <div id="header"> <div id="logo"><a href="/" name="top"><img src="/templets/laundry/images/logo.gif" alt="ÌìèÓéÀÖ³Ç" /></a></div> <div id="head_right"></div> <br /><span onclick="var strHref=window.location.href;this.style.behavior='url(#default#homepage)';this.setHomePage('http://172.241.204.106');" style="CURSOR: hand">ÉèΪÊ×Ò³</span><br><span style="CURSOR: hand" onClick="window.external.addFavorite('http://172.241.204.106','ÌìèÓéÀÖ³Ç_ÓéÀÖ³Ç×îÐÂÓÅ»Ý_¿ª»§ËÍ18ÔªÌåÑé½ð_Ãâ·ÑËÍ18Ôª_×¢²áËÍ18ÔªÏÖ½ð_ÓéÀÖ³Ç×¢²áËÍ18ÌåÑé½ð_²¨Òô×¢²áËͲʽð')" title="ÌìèÓéÀÖ³Ç">Êղر¾Õ¾</span> </div> <!--µ¼º½¿ªÊ¼--> <ul id="nav"> <li><a href='/'>Ê× Ò³</a></li> <li>< ...[7716 bytes skipped]... | ||
http://9ihotel.com/ganxijiamengdianzhanshi/2013/0718/696.html | 200 OK Content-Length: 7360 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: 172.241.204.106 ...[700 bytes skipped]... c='/function.js' ></script> <body> <div id="main"> <div id="header"> <div id="logo"><a href="/" name="top"><img src="/templets/laundry/images/logo.gif" alt="ÌìèÓéÀÖ³Ç" /></a></div> <div id="head_right"></div> <br /><span onclick="var strHref=window.location.href;this.style.behavior='url(#default#homepage)';this.setHomePage('http://172.241.204.106');" style="CURSOR: hand">ÉèΪÊ×Ò³</span><br><span style="CURSOR: hand" onClick="window.external.addFavorite('http://172.241.204.106','ÌìèÓéÀÖ³Ç_ÓéÀÖ³Ç×îÐÂÓÅ»Ý_¿ª»§ËÍ18ÔªÌåÑé½ð_Ãâ·ÑËÍ18Ôª_×¢²áËÍ18ÔªÏÖ½ð_ÓéÀÖ³Ç×¢²áËÍ18ÌåÑé½ð_²¨Òô×¢²áËͲʽð')" title="ÌìèÓéÀÖ³Ç">Êղر¾Õ¾</span> </div> <!--µ¼º½¿ªÊ¼--> <ul id="nav"> <li><a href='/'>Ê× Ò³</a></li> <li>< ...[7644 bytes skipped]... | ||
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: 9ihotel.com
Result:
HTTP/1.1 200 OK
Date: Sat, 12 Apr 2014 18:11:34 GMT
Accept-Ranges: bytes
ETag: "58ccb1f36f96ce1:47d1"
Server: Microsoft-IIS/6.0
Content-Length: 18748
Content-Location: http://9ihotel.com/index.html
Content-Type: text/html
Last-Modified: Sun, 11 Aug 2013 08:51:21 GMT
X-Powered-By: ASP.NET
...18748 bytes of data.
GET / HTTP/1.1
Host: 9ihotel.com
Result:
HTTP/1.1 200 OK
Date: Sat, 12 Apr 2014 18:11:34 GMT
Accept-Ranges: bytes
ETag: "58ccb1f36f96ce1:47d1"
Server: Microsoft-IIS/6.0
Content-Length: 18748
Content-Location: http://9ihotel.com/index.html
Content-Type: text/html
Last-Modified: Sun, 11 Aug 2013 08:51:21 GMT
X-Powered-By: ASP.NET
...18748 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: 9ihotel.com
Referer: http://www.google.com/search?q=9ihotel.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: 9ihotel.com
Referer: http://www.google.com/search?q=9ihotel.com
Result:
The result is similar to the first query. There are no suspicious redirects found.