See: http://evuln.com/tools/malware-scanner/www.nqok.com/rescan/
and also flagged here: http://sitecheck.sucuri.net/results/www.nqok.com/
security warnings flagged: https://asafaweb.com/Scan?Url=www.nqok.com
The infection campaign: http://evuln.com/labs/iddqd.compress.to/
How WP was targeted can be reconstructed from another example here: http://ninjamonitoring.com/malware/index.php?threat=2013-05-25.01
and read about here: http://www.webhostingtalk.com/showthread.php?t=1269454 (posted by Zixt)
search for “$qazplm=headers_sent();”…
also see threat description: http://labs.sucuri.net/db/malware/malware-entry-mwblacklisted35
avast! does not block site nor redirection site. Redirection site is being blocked by Bitdefender’s TrafficLight!
→ https://www.virustotal.com/nl/url/b87ea290ce72697cf03c57a6c947bdce1ae9387043991f21cbe0106dfa5caf65/analysis/1390687428/ (0/0)
polonus