domain was blocked -> PLEASE UNBLOCK

Viruses and worms
1

Resolved

2

Hi, I’ll notify Polonus to check it over. You might’ve missed something if it’s still blocked.

3

Sucuri was unable to scan it… Site down?
http://sitecheck.sucuri.net/results/www.hgads.com

Sophos still detects it as Malware infected: https://www.virustotal.com/en/url/9ba38e80210e3057af6567d49e3a559822a88d578de642de970afa7c798514f8/analysis/1383822697/

URLQuery: http://urlquery.net/report.php?id=7492083

Note: Blank Page. Looks like your Client did some serious damage. Avast! still detecting it. I’ve also asked Polonus to take a look into the site

4

URLvoid. http://www.urlvoid.com/scan/hgads.com/

UrlQuery. http://urlquery.net/report.php?id=7492083 IDS alert on IP

ET RBN Known Russian Business Network IP

Russian Business Network. http://en.wikipedia.org/wiki/Russian_Business_Network

5

Also being blacklisted here: http://www.avgthreatlabs.com/website-safety-reports/domain/hgads.com/

Excessive header info passed apache-coyote/1.1 (vulnerable to information-disclosure vulnerability and authentication bypass)
CMS:

Website also has a clickjacking vulnerability

CRLF Injection Attack code →
Read about attack → http://www.acunetix.com/websitesecurity/crlf-injection/
GET / HTTP/1.1[CRLF] x0DOA
Host: www.hgads.com[CRLF]
Connection: close[CRLF]
User-Agent: Web-sniffer/1.0.46 (+http://web-sniffer.net/)[CRLF]
Accept-Encoding: gzip[CRLF]
Accept-Charset: ISO-8859-1,UTF-8;q=0.7,*;q=0.7[CRLF]
Cache-Control: no-cache[CRLF]
Accept-Language: de,en;q=0.7,en-us;q=0.3[CRLF]

Response Header HTTP/1.1 404 Not Found
HTTP/1.1 404 Not Found
Server: Apache-Coyote/1.1
Content-Length: 0
Date: Thu, 07 Nov 2013 14:50:04 GMT
Connection: close

Referer: http://web-sniffer.net/[CRLF]
[CRLF]

polonus