New scan:

Malware Scanner report for marble-box.com

Malicious/Suspicious/Total urls checked
2/0/15
2 pages have malicious code. See details below
Blacklists
OK
Malicious redirects
Found
The website redirects visitors from search engines to the 3rd-party URL:
->http://hecodat.de/zwmd.html?h=1620318
371 websites infected.

The website "marble-box.com" is most probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues. Here is our redirects fixing guide.
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Malicious/Suspicious Redirects

RequestServer responseStatus
URL: http://www.marble-box.com/
(imitation of visitor from search engine)

GET / HTTP/1.1
Host: www.marble-box.com
Referer: http://www.google.com/search?q=redirect+check1
HTTP/1.1 302 Found
Connection: close
Date: Wed, 10 Sep 2014 18:00:24 GMT
Location: http://hecodat.de/zwmd.html?h=1620318
Server: Apache
Content-Length: 289
Content-Type: text/html; charset=iso-8859-1
malicious

Scanned pages/files

RequestServer responseStatus
http://www.marble-box.com/
200 OK
Content-Length: 59928
Content-Type: text/html
clean
http://www.marble-box.com/js/modernizr.js
200 OK
Content-Length: 9313
Content-Type: application/javascript
clean
http://www.marble-box.com/js/jquery_013.js
200 OK
Content-Length: 93682
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

document.write('');


(function(e,t){function _(e){var t=M[e]={};return v.each(e.split(y),function(e,n){t[n]=!0}),t}function H(e,n,r){if(r===t&&e.nodeType===1){var i="data-"+n.replace(P,"-$1").toLowerCase();r=e.getAttribute(i);if(typeof r=="string"){try{r=r==="true"?!0:r==="false"?!1:r==="null"?null:+r+""===r?+r:D.test(r)?v.parseJSON(r):r}catch(s){}v.data(e,n,r)}else r=t}return r}function B(e){var t;for(t in e){if(t==="data"&&v.isEmptyObject(e[t]))continue;if(t!=="
... 3225 bytes are skipped ...
var n;if(E===2){if(!s){s={};while(n=pn.exec(i))s[n[1].toLowerCase()]=n[2]}n=s[e.toLowerCase()]}return n===t?null:n},overrideMimeType:function(e){return E||(c.mimeType=e),this},abort:function(e){return e=e||S,o&&o.abort(e),T(0,e),this}};d.promise(x),x.success=x.done,x.error=x.fail,x.complete=m.add,x.statusCode=function(e){if(e){var t;if(E<2)for(t in e)g[t]=[g[t],e[t]];else t=e[x.status],x.always(t)}return this},c.url=((e||c.url)+"").replace(hn,"").replace(mn,ln[1]+"jQuery.noConflict();

Antivirus reports:

AntiVir
HTML/TwitScroll.B
Avast
JS:Iframe-AMP [Trj]
nProtect
Trojan.Iframe.BZW
Comodo
TrojWare.JS.Iframe.FK
McAfee-GW-Edition
JS/IFrame.gen.j
Kaspersky
HEUR:Trojan.Script.Generic
Microsoft
Exploit:HTML/IframeRef.DM
MicroWorld-eScan
Trojan.Iframe.BZW
Fortinet
JS/Iframe.JG!tr
PCTools
Exploit.IFrame
McAfee
JS/IFrame.gen.j
F-Secure
Trojan.Iframe.BZW
VIPRE
Exploit.HTML.Iframe.dm (v)
AVG
HTML/Framer
Norman
Iframe.UW
Sophos
Troj/Iframe-JG
GData
Trojan.Iframe.BZW
Symantec
IFrame.Exploit
ESET-NOD32
JS/Iframe.HH
BitDefender
Trojan.Iframe.BZW

http://www.marble-box.com/js/jquery-ui.js
200 OK
Content-Length: 237738
Content-Type: application/javascript
clean
http://www.marble-box.com/js/jquery_011.js
200 OK
Content-Length: 200933
Content-Type: application/javascript
clean
http://www.marble-box.com/js/jquery_012.js
200 OK
Content-Length: 17149
Content-Type: application/javascript
clean
http://www.marble-box.com/js/jquery_015.js
200 OK
Content-Length: 53946
Content-Type: application/javascript
clean
http://www.marble-box.com/js/jquery_002.js
200 OK
Content-Length: 5469
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

document.write('');


jQuery.easing['jswing']=jQuery.easing['swing'];jQuery.extend(jQuery.easing,{def:'easeOutQuad',swing:function(x,t,b,c,d){return jQuery.easing[jQuery.easing.def](x,t,b,c,d);},easeInQuad:function(x,t,b,c,d){return c*(t/=d)*t+b;},easeOutQuad:function(x,t,b,c,d){return-c*(t/=d)*(t-2)+b;},easeInOutQuad:function(x,t,b,c,d){if((t/=d/2)<1)return c/2*t*t+b;return-c/2*((--t)*(t-2)-1)+b;},easeInCubic:function(x,t,b,c,d){return c*(t/=d)*t*t+b;},easeOutCubic:function(x,
... 2698 bytes are skipped ...
b,c,d){return c-jQuery.easing.easeOutBounce(x,d-t,0,c,d)+b;},easeOutBounce:function(x,t,b,c,d){if((t/=d)<(1/2.75)){return c*(7.5625*t*t)+b;}else if(t<(2/2.75)){return c*(7.5625*(t-=(1.5/2.75))*t+.75)+b;}else if(t<(2.5/2.75)){return c*(7.5625*(t-=(2.25/2.75))*t+.9375)+b;}else{return c*(7.5625*(t-=(2.625/2.75))*t+.984375)+b;}},easeInOutBounce:function(x,t,b,c,d){if(t<d/2)return jQuery.easing.easeInBounce(x,t*2,0,c,d)*.5+b;return jQuery.easing.easeOutBounce(x,t*2-d,0,c,d)*.5+c*.5+b;}});

Antivirus reports:

AntiVir
JS/iFrame.bzw.14
nProtect
Trojan.Iframe.BZW
Comodo
TrojWare.JS.Iframe.FK
McAfee-GW-Edition
JS/IFrame.gen.j
Kaspersky
HEUR:Trojan.Script.Generic
Microsoft
Exploit:HTML/IframeRef.DM
MicroWorld-eScan
Trojan.Iframe.BZW
PCTools
Exploit.IFrame
McAfee
JS/IFrame.gen.j
F-Secure
Trojan.Iframe.BZW
VIPRE
Malware.JS.Generic (JS)
F-Prot
IFrame.gen
AVG
HTML/Framer
Norman
Iframe.UW
Sophos
Troj/Iframe-JG
GData
Trojan.Iframe.BZW
Symantec
IFrame.Exploit
Commtouch
IFrame.gen
ESET-NOD32
JS/Iframe.HH
BitDefender
Trojan.Iframe.BZW

http://www.marble-box.com/js/jquery_004.js
200 OK
Content-Length: 5643
Content-Type: application/javascript
clean
http://www.marble-box.com/js/App.js
404 Not Found
Content-Length: 404
Content-Type: text/html
clean
http://www.marble-box.com/test404page.js
404 Not Found
Content-Length: 404
Content-Type: text/html
clean
http://www.marble-box.com/js/foundation.js
200 OK
Content-Length: 218662
Content-Type: application/javascript
clean
http://www.marble-box.com/js/app.js
200 OK
Content-Length: 23175
Content-Type: application/javascript
clean
http://www.marble-box.com/js/jquery_010.js
200 OK
Content-Length: 17149
Content-Type: application/javascript
clean
http://www.marble-box.com/js/jquery_014.js
200 OK
Content-Length: 53946
Content-Type: application/javascript
clean

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=marble-box.com

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://marble-box.com/

Result: marble-box.com is not infected or malware details are not published yet.