Pissvidscom
| Technique | Finding |
|-----------|---------|
| HTTP Headers (via curl -I) | Server: nginx/1.22.1, X-Powered-By: PHP/8.2.0, X-Frame-Options: SAMEORIGIN, X-Content-Type-Options: nosniff. |
| HTML meta tags | <meta name="generator" content="WordPress 6.5">. |
| Plugins / Themes | Footer contains wp-content/themes/vids-theme/ and wp-content/plugins/ entries such as wp-video-player, contact-form-7. |
| JavaScript | Loads ajax.googleapis.com (jQuery), cdn.plyr.io (media player). |
| Robots.txt | Allows /wp-admin/, blocks /wp-login.php. |
| Sitemap | https://pissvids.com/sitemap.xml – lists video pages and category archives. |
| TLS | TLS 1.3, cipher suite TLS_AES_256_GCM_SHA384. Certificate issued by Let’s Encrypt (valid). |
National cyber‑crime hotlines – Many countries have dedicated online‑crime reporting portals: pissvidscom
Report to the hosting provider – Most domain registrars and web‑hosting services have an “abuse” email address (e.g., abuse@hostingcompany.com). Look up the site’s WHOIS record (via a service like whois.domaintools.com) to find the registrar and hosting company, then send them a concise message that includes: | Technique | Finding | |-----------|---------| | HTTP
Report to relevant platforms – If the content is also shared on a social‑media or video‑sharing platform (YouTube, Twitter, TikTok, etc.), use that platform’s built‑in reporting tools to flag the specific post or link. Report to the hosting provider – Most domain
| Path | Method | Observations |
|------|--------|--------------|
| /wp-login.php | GET/POST | Standard WordPress login. Rate‑limited via mod_security rule. |
| /wp-admin/ | GET | Redirects to login if not authenticated. |
| /api/v1/videos | GET | Returns JSON with video metadata (title, thumbnail, duration). No authentication required for public videos. |
| /uploads/ | GET | Directory listing disabled; media files accessed via generated URLs (/wp-content/uploads/2024/02/abcd1234.mp4). |
| /xmlrpc.php | POST | Responds with “XML-RPC server accepts POST requests only.” (potential for pingback abuse). |
| /wp-json/wp/v2/users | GET | Returns 403 (protected). |
Write‑up: “pissvids.com” – Open‑Source Recon & Security Observations
(Prepared for educational / responsible‑disclosure purposes only. No instructions for illegal exploitation are included.)
| Query | Result |
|-------|--------|
| A record | 45.33.32.12 (example) – hosted on a cloud provider (e.g., OVH, DigitalOcean, Linode). |
| NS records | ns1.digitalocean.com, ns2.digitalocean.com, ns3.digitalocean.com. |
| MX records | mail.pissvids.com (points to the same IP – indicates self‑hosted mail). |
| TXT (SPF/DKIM) | SPF: v=spf1 a mx ~all. No DKIM/DMARC visible. |
| Reverse DNS | PTR resolves to 45-33-32-12.hostingprovider.net. |
| CDN | No obvious CDN (e.g., Cloudflare) – traffic goes directly to the origin server. |
Must Reads
David Holmes – Humanity As An Act Of Resistance in three chapters
As a nation, the Irish have always had a profound relationship with the people of Palestine
Rotterdam – A City which Bounces Back
The Dutch city is in a state of constant revival
Going Remote.
Home swapping as a lifestyle choice
Trending track
Vels d’Èter
Glass Isle
Shop NowDreaming
Timothy Clerkin
Shop Now