New scan:

Malware Scanner report for woonkl.com

Malicious/Suspicious/Total urls checked
1/0/5
1 page has malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://woonkl.com/
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 03 May 2014 09:44:48 GMT
Location: http://www.woonkl.com/
Server: nginx/1.0.15
Content-Length: 185
Content-Type: text/html
clean
http://www.woonkl.com/
200 OK
Content-Length: 6215
Content-Type: text/html
clean
http://www.woonkl.com/js/count.js
200 OK
Content-Length: 744
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

document.write("<script language=\"javascript\" type=\"text/javascript\" src=\"http://js.users.51.la/16133093.js\"></script>");

document.write ('<script language="javascript" type="text/javascript" src="http://js.users.51.la/16836213.js"></script>');

document.write ("<script type=\"text/javascript\">var _gaq = _gaq || [];_gaq.push(['_setAccount', 'UA-42441003-4']);_gaq.push(['_trackPageview']);(function() {var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true;ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);})();</script>");

Antivirus reports:

Kaspersky
HEUR:Trojan.Script.Generic
Microsoft
Trojan:JS/IframeRef.J

http://woonkl.com/test404page.js
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 03 May 2014 09:44:53 GMT
Location: http://www.woonkl.com/test404page.js
Server: nginx/1.0.15
Content-Length: 185
Content-Type: text/html
clean
http://www.woonkl.com/test404page.js
404 Not Found
Content-Length: 571
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: woonkl.com

Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 03 May 2014 09:44:48 GMT
Location: http://www.woonkl.com/
Server: nginx/1.0.15
Content-Length: 185
Content-Type: text/html

...185 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: woonkl.com
Referer: http://www.google.com/search?q=woonkl.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=woonkl.com

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://woonkl.com/

Result: woonkl.com is not infected or malware details are not published yet.