Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: thisvid.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 12 Oct 2015 10:43:55 GMT
Pragma: no-cache
Server: nginx/1.6.2
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=ql2t4clt8rtq1bcp7dclkc0bm0; path=/; domain=.thisvid.com
Set-Cookie: kt_qparams=straight%3Dstraight%26gay%3Dgay; expires=Tue, 13-Oct-2015 10:43:55 GMT; path=/; domain=.thisvid.com
X-Powered-By: PHP/5.4.39
GET / HTTP/1.1
Host: thisvid.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 12 Oct 2015 10:43:55 GMT
Pragma: no-cache
Server: nginx/1.6.2
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=ql2t4clt8rtq1bcp7dclkc0bm0; path=/; domain=.thisvid.com
Set-Cookie: kt_qparams=straight%3Dstraight%26gay%3Dgay; expires=Tue, 13-Oct-2015 10:43:55 GMT; path=/; domain=.thisvid.com
X-Powered-By: PHP/5.4.39
Second query (visit from search engine):
GET / HTTP/1.1
Host: thisvid.com
Referer: http://www.google.com/search?q=thisvid.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: thisvid.com
Referer: http://www.google.com/search?q=thisvid.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://thisvid.com/ | 200 OK Content-Length: 54659 Content-Type: text/html | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js | 200 OK Content-Length: 95786 Content-Type: text/javascript | clean |
http://code.jquery.com/jquery-migrate-1.2.1.js | 200 OK Content-Length: 16621 Content-Type: application/javascript | clean |
http://thisvid.com/js/assets.js | 200 OK Content-Length: 166740 Content-Type: application/x-javascript | clean |
http://thisvid.com/js/fastclick.min.js | 200 OK Content-Length: 8038 Content-Type: application/x-javascript | clean |
http://thisvid.com/js/main.js | 200 OK Content-Length: 4550 Content-Type: application/x-javascript | clean |
http://thisvid.com/js/KernelTeamVideoSharingSystem.js?v=3.8.1 | 200 OK Content-Length: 7878 Content-Type: application/x-javascript | clean |
http://thisvid.com/js/KernelTeamImageRotator_3.8.1.jsx | 200 OK Content-Length: 3478 Content-Type: text/javascript | clean |
https://ads.exoclick.com/ads.js | 200 OK Content-Length: 884 Content-Type: text/javascript | clean |
http://ads.adxpansion.com/public/js/showads.php?zone_id=204192&ver=1 | 200 OK Content-Length: 3258 Content-Type: text/javascript | clean |
http://thisvid.com/signup.php | 200 OK Content-Length: 14902 Content-Type: text/html | clean |
http://thisvid.com/js/KernelTeamVideoSharingForms.js?v=3.8.1 | 200 OK Content-Length: 21198 Content-Type: application/x-javascript | clean |
http://thisvid.com/login.php | 200 OK Content-Length: 12221 Content-Type: text/html | clean |
http://thisvid.com/invite_friend.php | 200 OK Content-Length: 11955 Content-Type: text/html | clean |
http://thisvid.com/top-rated/ | 200 OK Content-Length: 50177 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=thisvid.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://thisvid.com/
Result: thisvid.com is not infected or malware details are not published yet.
Result: thisvid.com is not infected or malware details are not published yet.