Blacklisted site running exploitable theme?

See: http://killmalware.com/camburgracing.com/
& https://www.virustotal.com/nb/url/fad95171e746425fbf3842799b32ad891e1ed02e0b976d1d736cb5207097ad4a/analysis/1419183189/
Blacklisted: http://www.yandex.com/infected?url=camburg.com&l10n=en
Vulnerable WP theme used: https://wordpress.org/support/topic/headway-themes-wordpress-and-security
See: http://toolbar.netcraft.com/site_report/?url=+http%3A%2F%2Fcamburg.com
Issue concerning:

 define( 'WPSC_CUSTOMER_COOKIE_PATH', '/' ); 

XFN enabled site.
Threat: Detected suspicious redirection to external web resources at HTTP level
WOT flags as yellow: https://www.mywot.com/en/scorecard/camburg.com?utm_source=addon&utm_content=popup

pol

https://www.virustotal.com/nb/file/fb5b183b557328ca551beec1e39d252be8a3050d73736fd0c43fb2185e6874d3/analysis/1419190683/

Hi Pondus,

It is not often that problems arise from WP kernel code, but rather via (3rd party) themes and plug-ins
As for that theme on that site, these were reported here: https://wordpress.org/support/topic/series-of-crippling-problems-since-update-to-35
but in essence these errors can stem from header php errors.
Yandex complaints about site having an exploit. With fetch I get Connection%20error, in a second instance: http://fetch.scritch.org/%2Bfetch/?url=http%3A%2F%2Fcamburg.com&useragent=Fetch+useragent&accept_encoding=#seo_tab
There could be heavy-admin-ajax-php-usage also for spinner.
Funny Sucuri states the wesite is an asp site, also killmalware has this info, and scanning at asafaweb I get apache as server.
I get 11004 [11004] Valid name, no data record (check DNS setup)

polonus

Webbug has: HTTP/1.1 200 OK
Date: Mon, 22 Dec 2014 00:25:51 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=vfmptivv9b4i1j00jujnimudl7; path=/
Set-Cookie: wpsc_customer_cookie_cea54ddcc6dbae2e1c7c4439ca4950a3=_hpxII%25niBdA%40%7C1419380751%7C7537981e18fabf1cfe918c0946e11240; expires=Wed, 24-Dec-2014 00:25:51 GMT; path=/; httponly
Connection: close

On fetch I get 504 Gateway Time-out
Content-Type: text/html; charset=UTF-8

This is the urlquery dot net scan result: http://urlquery.net/report.php?id=1419208119902

pol