New scan:

Malware Scanner report for whoissteveyager.com

Malicious/Suspicious/Total urls checked
0/8/25
8 pages have suspicious code. See details below
Blacklists
OK
Malicious redirects
Found
The website redirects visitors from search engines to the 3rd-party URL:
->http://89.248.172.68/hitin.php?land=20&affid=20102
11 websites infected.

The website "whoissteveyager.com" is most probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues. Here is our redirects fixing guide.
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Malicious/Suspicious Redirects

RequestServer responseStatus
URL: http://whoissteveyager.com/
(imitation of visitor from search engine)

GET / HTTP/1.1
Host: whoissteveyager.com
Referer: http://www.google.com/search?q=redirect+check1
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 27 Sep 2014 16:32:29 GMT
Location: http://89.248.172.68/hitin.php?land=20&affid=20102
Server: Apache mod_fcgid/2.3.7 mod_auth_pgsql/2.0.3
Vary: Accept-Encoding
Content-Length: 262
Content-Type: text/html; charset=iso-8859-1
malicious

Scanned pages/files

RequestServer responseStatus
http://whoissteveyager.com/
200 OK
Content-Length: 300366
Content-Type: text/html
suspicious
Page code contains blacklisted domain: www.thehowtoplaypoker.com

...[1974 bytes skipped]...

text-decoration:none;
color:#000000;
border-bottom:1px dotted #000000;
}
.calnk a span {
display:none;
}
.calnk a:hover span {
color:#333333;
background:#F6F79B; html">ti3x</a>
<a href="http://www.hi-fixhangers.com/31747/teresa-robledo.html">teresa robledo</a>
<a href="http://www.thehowtoplaypoker.com/31728/685999-referer-secreto1php-secretos-trucosblackjackcom.html">685999 referer secreto1.php secretos trucosblackjack.com</a>
<a href="http://www.fonfags.com/40/hurricane-tracer.html">hurricane tracer</a>
<a href="http://www.ahujamatch.com/31744/charthouse-html-restaurant.html">charthouse html restaurant</a>
<a href="http://www.cityguideoftunis.com/32276/artificial-device-larynx-sample-sound.html">artificial device larynx s
...[1638 bytes skipped]...

http://whoissteveyager.com/wp-content/themes/wpdreamtheme/includes/js/dropdown.js
200 OK
Content-Length: 422
Content-Type: application/javascript
clean
http://taf.socialtwist.com:80/taf/js/shoppr.core.js?id=0000000001
HTTP/1.1 302 MOVED_TEMPORARILY
Connection: close
Date: Sat, 27 Sep 2014 16:32:35 GMT
Location: http://cdn.socialtwist.com/0000000001/script.js
Server: Mach3 web server
Content-Length: 0
Expires: Sun, 28 Sep 2014 16:32 GMT
clean
http://cdn.socialtwist.com/0000000001/script.js
200 OK
Content-Length: 2400
Content-Type: application/x-javascript
clean
http://whoissteveyager.com/wp-content/themes/wpdreamtheme/includes/js/jquery-1.1.3.1.min.js
200 OK
Content-Length: 31640
Content-Type: application/javascript
clean
http://whoissteveyager.com/wp-content/themes/wpdreamtheme/includes/js/tabs.js
200 OK
Content-Length: 1289
Content-Type: application/javascript
clean
http://whoissteveyager.com/?page_id=2
200 OK
Content-Length: 300366
Content-Type: text/html
suspicious
Page code contains blacklisted domain: www.thehowtoplaypoker.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head profile="http://gmpg.org/xfn/11">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>About | Who Is Steve Yager</title>
<meta name="generator" content="WordPress 2.7.1" />
<link rel="stylesheet"
...[4089 bytes skipped]...

http://whoissteveyager.com/?page_id=13
200 OK
Content-Length: 300366
Content-Type: text/html
suspicious
Page code contains blacklisted domain: www.thehowtoplaypoker.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head profile="http://gmpg.org/xfn/11">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Calendar | Who Is Steve Yager</title>
<meta name="generator" content="WordPress 2.7.1" />
<link rel="styleshe
...[4149 bytes skipped]...

http://whoissteveyager.com/?page_id=11
200 OK
Content-Length: 300366
Content-Type: text/html
suspicious
Page code contains blacklisted domain: www.thehowtoplaypoker.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head profile="http://gmpg.org/xfn/11">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Contact | Who Is Steve Yager</title>
<meta name="generator" content="WordPress 2.7.1" />
<link rel="styleshee
...[4121 bytes skipped]...

http://whoissteveyager.com/?feed=rss2
200 OK
Content-Length: 300279
Content-Type: text/xml
suspicious
Page code contains blacklisted domain: www.thehowtoplaypoker.com

<?xml version="1.0" encoding="UTF-8"?>
<rss version="2.0"
xmlns:content="http://purl.org/rss/1.0/modules/content/"
xmlns:wfw="http://wellformedweb.org/CommentAPI/"
xmlns:dc="http://purl.org/dc/elements/1.1/"
xmlns:atom="http://www.w3.org/2005/Atom"
xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
>
<channel>
<title>Who Is Steve Yager</title>
<atom:link href="http://whois
...[4374 bytes skipped]...

http://whoissteveyager.com/test404page.js
HTTP/1.1 302 Found
Connection: close
Date: Sat, 27 Sep 2014 16:32:48 GMT
Location: https://supremecenter103.com/404/
Server: Apache mod_fcgid/2.3.7 mod_auth_pgsql/2.0.3
Vary: Accept-Encoding
Content-Length: 217
Content-Type: text/html; charset=iso-8859-1
clean
https://supremecenter103.com/404/
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 27 Sep 2014 16:32:49 GMT
Location: http://us.cloudlogin.co/404/
Server: Apache mod_fcgid/2.3.7 mod_auth_pgsql/2.0.3
Vary: Accept-Encoding
Content-Length: 236
Content-Type: text/html; charset=iso-8859-1
clean
http://us.cloudlogin.co/404/
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 27 Sep 2014 16:32:49 GMT
Location: https://us.cloudlogin.co/404/
Server: Apache
Vary: Accept-Encoding
Content-Length: 303
Content-Type: text/html; charset=iso-8859-1
clean
https://us.cloudlogin.co/404/
HTTP/1.1 302 Found
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 27 Sep 2014 16:32:50 GMT
Pragma: no-cache
Location: /login/
Server: Apache
Vary: Accept-Encoding
Content-Length: 0
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: WHCP=287kpb3a1l1kf19i8uv8bvuea5; path=/
X-Powered-By: PHP/5.4.4-14+deb7u14
clean
https://us.cloudlogin.co/login/
200 OK
Content-Length: 5887
Content-Type: text/html
clean
https://us.cloudlogin.co/js/jses.min.js?v=1404979296
200 OK
Content-Length: 303104
Content-Type: application/javascript
clean
http://whoissteveyager.com/js/jquery_plugins/jquery-fonteffect-1.0.0.min.js
HTTP/1.1 302 Found
Connection: close
Date: Sat, 27 Sep 2014 16:32:56 GMT
Location: https://supremecenter103.com/404/
Server: Apache mod_fcgid/2.3.7 mod_auth_pgsql/2.0.3
Vary: Accept-Encoding
Content-Length: 217
Content-Type: text/html; charset=iso-8859-1
clean
http://supremecenter103.com/test404page.js
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 27 Sep 2014 16:32:57 GMT
Location: http://us.cloudlogin.co/test404page.js
Server: Apache mod_fcgid/2.3.7 mod_auth_pgsql/2.0.3
Vary: Accept-Encoding
Content-Length: 246
Content-Type: text/html; charset=iso-8859-1
clean
http://us.cloudlogin.co/test404page.js
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 27 Sep 2014 16:32:57 GMT
Location: https://us.cloudlogin.co/test404page.js
Server: Apache
Vary: Accept-Encoding
Content-Length: 313
Content-Type: text/html; charset=iso-8859-1
clean
https://us.cloudlogin.co/test404page.js
HTTP/1.1 302 Found
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 27 Sep 2014 16:32:59 GMT
Pragma: no-cache
Location: /login/
Server: Apache
Vary: Accept-Encoding
Content-Length: 0
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: WHCP=t7s6fm1mb1o5f61gal8mmses83; path=/
X-Powered-By: PHP/5.4.4-14+deb7u14
clean
http://whoissteveyager.com/js/video-js/video.min.js
HTTP/1.1 302 Found
Connection: close
Date: Sat, 27 Sep 2014 16:32:59 GMT
Location: https://supremecenter103.com/404/
Server: Apache mod_fcgid/2.3.7 mod_auth_pgsql/2.0.3
Vary: Accept-Encoding
Content-Length: 217
Content-Type: text/html; charset=iso-8859-1
clean
https://www.corecounter.net/counter.php?user=59
200 OK
Content-Length: 482
Content-Type: text/html
clean
http://whoissteveyager.com/?p=10
200 OK
Content-Length: 300366
Content-Type: text/html
suspicious
Page code contains blacklisted domain: www.thehowtoplaypoker.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head profile="http://gmpg.org/xfn/11">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Hello World | Who Is Steve Yager</title>
<meta name="generator" content="WordPress 2.7.1" />
<link rel="style
...[4139 bytes skipped]...

http://whoissteveyager.com/?p=10feed
200 OK
Content-Length: 300118
Content-Type: text/html
suspicious
Page code contains blacklisted domain: www.thehowtoplaypoker.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head profile="http://gmpg.org/xfn/11">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Hello World | Who Is Steve Yager</title>
<meta name="generator" content="WordPress 2.7.1" />
<link rel="style
...[4129 bytes skipped]...

http://whoissteveyager.com/?author=1
200 OK
Content-Length: 301566
Content-Type: text/html
suspicious
Page code contains blacklisted domain: www.thehowtoplaypoker.com

...[3279 bytes skipped]...
f="http://www.texasholdem-pokeronline.net/31728/usbankhomemortgagecom.html">usbankhomemortgage.com</a>
<a href="http://www.ex-tension.dk/50/newyorknewyorkhotelandcasino.html">newyorknewyorkhotelandcasino</a>
<a href="http://www.businesslego.co.uk/31734/ti3x.html">ti3x</a>
<a href="http://www.hi-fixhangers.com/31747/teresa-robledo.html">teresa robledo</a>
<a href="http://www.thehowtoplaypoker.com/31728/685999-referer-secreto1php-secretos-trucosblackjackcom.html">685999 referer secreto1.php secretos trucosblackjack.com</a>
<a href="http://www.fonfags.com/40/hurricane-tracer.html">hurricane tracer</a>
<a href="http://www.ahujamatch.com/31744/charthouse-html-restaurant.html">charthouse html restaurant</a>
<a href="http://www.cityguideoftunis.com/32276/artificial-device-larynx-sample-sound.html">artificial device larynx s
...[372 bytes skipped]...

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=whoissteveyager.com

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://whoissteveyager.com/

Result: whoissteveyager.com is not infected or malware details are not published yet.