Created
August 19, 2017 23:02
-
-
Save dweekly/c12458128d541d9ba8c1c449fcf3c042 to your computer and use it in GitHub Desktop.
FB Sex Spam Rabbit Hole 3
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
https://www.facebook.com/profile.php?id=100021634270674&fref=jewel | |
Hello dear, | |
I will introduce my latest sex video ==> https://goo.gl/Qyiz1G | |
Feel the latest sensation | |
 | |
<3 | |
 | |
<3 | |
$ curl -v -v "https://goo.gl/Qyiz1G" | |
* Trying 216.58.195.78... | |
* TCP_NODELAY set | |
* Connected to goo.gl (216.58.195.78) port 443 (#0) | |
* TLS 1.2 connection using TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 | |
* Server certificate: *.google.com | |
* Server certificate: Google Internet Authority G2 | |
* Server certificate: GeoTrust Global CA | |
> GET /Qyiz1G HTTP/1.1 | |
> Host: goo.gl | |
> User-Agent: curl/7.54.0 | |
> Accept: */* | |
> | |
< HTTP/1.1 301 Moved Permanently | |
< Strict-Transport-Security: max-age=63072000; includeSubDomains; preload | |
< Content-Type: text/html; charset=UTF-8 | |
< Cache-Control: no-cache, no-store, max-age=0, must-revalidate | |
< Pragma: no-cache | |
< Expires: Mon, 01 Jan 1990 00:00:00 GMT | |
< Date: Sat, 19 Aug 2017 22:57:10 GMT | |
< Location: http://floretta.lesenel.top/70remrofsnart_43209748.rm | |
< X-Content-Type-Options: nosniff | |
< X-Frame-Options: SAMEORIGIN | |
< X-XSS-Protection: 1; mode=block | |
< Server: GSE | |
< Alt-Svc: quic=":443"; ma=2592000; v="39,38,37,35" | |
< Accept-Ranges: none | |
< Vary: Accept-Encoding | |
< Transfer-Encoding: chunked | |
< | |
<HTML> | |
<HEAD> | |
<TITLE>Moved Permanently</TITLE> | |
</HEAD> | |
<BODY BGCOLOR="#FFFFFF" TEXT="#000000"> | |
<H1>Moved Permanently</H1> | |
The document has moved <A HREF="http://floretta.lesenel.top/70remrofsnart_43209748.rm">here</A>. | |
</BODY> | |
</HTML> | |
* Connection #0 to host goo.gl left intact | |
dweekly-macbookpro3:~ dweekly$ curl -v -v "http://floretta.lesenel.top/70remrofsnart_43209748.rm" | |
* Trying 158.69.52.21... | |
* TCP_NODELAY set | |
* Connected to floretta.lesenel.top (158.69.52.21) port 80 (#0) | |
> GET /70remrofsnart_43209748.rm HTTP/1.1 | |
> Host: floretta.lesenel.top | |
> User-Agent: curl/7.54.0 | |
> Accept: */* | |
> | |
< HTTP/1.1 200 OK | |
< Server: nginx/1.4.6 (Ubuntu) | |
< Date: Sat, 19 Aug 2017 23:00:39 GMT | |
< Content-Type: text/html | |
< Transfer-Encoding: chunked | |
< Connection: keep-alive | |
< X-Powered-By: PHP/5.5.9-1ubuntu4.20 | |
< | |
<head><meta name="referrer" content="never"><noscript><META http-equiv="refresh" content="0;URL=load.php?user=TRANSFORMER07&grup=GREENCORPS"></noscript></head><script>window.opener = null; location.replace("load.php?user=TRANSFORMER07&grup=GREENCORPS")</script> | |
* Connection #0 to host floretta.lesenel.top left intact | |
dweekly-macbookpro3:~ dweekly$ curl -v -v "http://floretta.lesenel.top/load.php?user=TRANSFORMER07&grup=GREENCORPS" | |
* Trying 158.69.52.21... | |
* TCP_NODELAY set | |
* Connected to floretta.lesenel.top (158.69.52.21) port 80 (#0) | |
> GET /load.php?user=TRANSFORMER07&grup=GREENCORPS HTTP/1.1 | |
> Host: floretta.lesenel.top | |
> User-Agent: curl/7.54.0 | |
> Accept: */* | |
> | |
< HTTP/1.1 299 OK | |
< Server: nginx/1.4.6 (Ubuntu) | |
< Date: Sat, 19 Aug 2017 23:00:54 GMT | |
< Content-Type: text/html | |
< Transfer-Encoding: chunked | |
< Connection: keep-alive | |
< X-Powered-By: PHP/5.5.9-1ubuntu4.20 | |
< | |
<head><meta name="referrer" content="never"> | |
<script type="text/javascript"> | |
(function(i,s,o,g,r,a,m){i["GoogleAnalyticsObject"]=r;i[r]=i[r]||function(){ | |
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o), | |
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m) | |
})(window,document,"script","https://www.google-analytics.com/analytics.js","ga"); | |
ga("create", "UA-84047128-1", "auto"); | |
ga("send", "pageview"); | |
</script> | |
<noscript><META http-equiv="refresh" content="0;URL=http://couwzhen.life/?clk=1503183654&sid1=GREENCORPS&sid2=TRANSFORMER07"></noscript></head><script>window.opener = null; location.replace("http://couwzhen.life/?clk=1503183654&sid1=GREENCORPS&sid2=TRANSFORMER07")</script> | |
* Connection #0 to host floretta.lesenel.top left intact | |
dweekly-macbookpro3:~ dweekly$ curl -v -v "http://couwzhen.life/?clk=1503183654&sid1=GREENCORPS&sid2=TRANSFORMER07" | |
* Trying 159.203.1.35... | |
* TCP_NODELAY set | |
* Connected to couwzhen.life (159.203.1.35) port 80 (#0) | |
> GET /?clk=1503183654&sid1=GREENCORPS&sid2=TRANSFORMER07 HTTP/1.1 | |
> Host: couwzhen.life | |
> User-Agent: curl/7.54.0 | |
> Accept: */* | |
> | |
< HTTP/1.1 200 OK | |
< Date: Sat, 19 Aug 2017 22:57:41 GMT | |
< Server: Apache/2.4.7 (Ubuntu) | |
< X-Powered-By: PHP/5.5.9-1ubuntu4.14 | |
< Vary: Accept-Encoding | |
< Content-Length: 301 | |
< Content-Type: text/html | |
< | |
<head><meta name="referrer" content="origin"><noscript><META http-equiv="refresh" content="0;URL=http://pinarak.org/all.php?grup=GREENCORPS&user=TRANSFORMER07"></noscript></head><script>window.opener = null; location.replace("http://pinarak.org/all.php?grup=GREENCORPS&user=TRANSFORMER07")</script> | |
* Connection #0 to host couwzhen.life left intact | |
dweekly-macbookpro3:~ dweekly$ curl -v -v "http://pinarak.org/all.php?grup=GREENCORPS&user=TRANSFORMER07" | |
* Trying 45.55.150.45... | |
* TCP_NODELAY set | |
* Connected to pinarak.org (45.55.150.45) port 80 (#0) | |
> GET /all.php?grup=GREENCORPS&user=TRANSFORMER07 HTTP/1.1 | |
> Host: pinarak.org | |
> User-Agent: curl/7.54.0 | |
> Accept: */* | |
> | |
< HTTP/1.1 200 OK | |
< Date: Sat, 19 Aug 2017 22:57:56 GMT | |
< Server: Apache/2.4.10 (Ubuntu) | |
< Vary: Accept-Encoding | |
< Content-Length: 1296 | |
< Content-Type: text/html; charset=UTF-8 | |
< | |
<!DOCTYPE html> | |
<html lang="en"> | |
<head> | |
<title> Please Wait...</title> | |
<meta charset="utf-8"> | |
<meta http-equiv="X-UA-Compatible" content="IE=edge"> | |
<meta name="robots" content="noindex, nofollow"> | |
<script type="text/javascript"> | |
(function(i,s,o,g,r,a,m){i["GoogleAnalyticsObject"]=r;i[r]=i[r]||function(){ | |
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o), | |
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m) | |
})(window,document,"script","https://www.google-analytics.com/analytics.js","ga"); | |
ga("create", "UA-68587210-1", "auto"); | |
ga("send", "pageview"); | |
</script> | |
<noscript> <style>html{display:none;}</style><meta http-equiv="refresh" content="0;http://ssl-cd.com/?a=43274&c=151297&s1=&s3=GREENCORPS&s4=TRANSFORMER07"></noscript> | |
<script type = "text/javascript"> | |
window.setTimeout("autoClick()", 500); // 10 seconds delay | |
function autoClick() { | |
var linkPage = document.getElementById("dynLink").href; | |
window.location.href = linkPage; | |
} | |
</script> | |
</head> | |
<body> | |
<a href="http://ssl-cd.com/?a=43274&c=151297&s1=&s3=GREENCORPS&s4=TRANSFORMER07 " id="dynLink"></a> | |
</body> | |
</html> | |
* Connection #0 to host pinarak.org left intact | |
dweekly-macbookpro3:~ dweekly$ curl -v -v "http://ssl-cd.com/?a=43274&c=151297&s1=&s3=GREENCORPS&s4=TRANSFORMER07" | |
* Trying 54.174.134.18... | |
* TCP_NODELAY set | |
* Connected to ssl-cd.com (54.174.134.18) port 80 (#0) | |
> GET /?a=43274&c=151297&s1=&s3=GREENCORPS&s4=TRANSFORMER07 HTTP/1.1 | |
> Host: ssl-cd.com | |
> User-Agent: curl/7.54.0 | |
> Accept: */* | |
> | |
< HTTP/1.1 302 Found | |
< Cache-Control: private | |
< Content-Type: text/html; charset=utf-8 | |
< Location: https://cdprivate.com/?a=43274&c=151297&s1=&s3=GREENCORPS&s4=TRANSFORMER07&ckmguid=fb390254-05fa-46fa-90e1-7128684c3749 | |
< Date: Sat, 19 Aug 2017 22:57:48 GMT | |
< Content-Length: 256 | |
< | |
<html><head><title>Object moved</title></head><body> | |
<h2>Object moved to <a href="https://cdprivate.com/?a=43274&c=151297&s1=&s3=GREENCORPS&s4=TRANSFORMER07&ckmguid=fb390254-05fa-46fa-90e1-7128684c3749">here</a>.</h2> | |
</body></html> | |
* Connection #0 to host ssl-cd.com left intact | |
dweekly-macbookpro3:~ dweekly$ curl -v -v "https://cdprivate.com/?a=43274&c=151297&s1=&s3=GREENCORPS&s4=TRANSFORMER07&ckmguid=fb390254-05fa-46fa-90e1-7128684c3749" | |
* Trying 52.202.232.0... | |
* TCP_NODELAY set | |
* Connected to cdprivate.com (52.202.232.0) port 443 (#0) | |
* TLS 1.2 connection using TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 | |
* Server certificate: *.cdprivate.com | |
* Server certificate: AlphaSSL CA - SHA256 - G2 | |
* Server certificate: GlobalSign Root CA | |
> GET /?a=43274&c=151297&s1=&s3=GREENCORPS&s4=TRANSFORMER07&ckmguid=fb390254-05fa-46fa-90e1-7128684c3749 HTTP/1.1 | |
> Host: cdprivate.com | |
> User-Agent: curl/7.54.0 | |
> Accept: */* | |
> | |
< HTTP/1.1 302 Found | |
< Cache-Control: private | |
< Content-Type: text/html; charset=utf-8 | |
< Location: http://varm.gake.gdn/?kw={kw}&s1=-1&s2=6370383286 | |
< p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" | |
< Set-Cookie: sq=RVCSLW5emayMvhV8IcoVhb7VVk8ysUd7N2WNj9XgzrRamOlJD7vM4A==; domain=.cdprivate.com; path=/; HttpOnly | |
< Set-Cookie: tfl=NSsc4ppAT3NhXLwayMmQZr7VVk8ysUd7N2WNj9XgzrRamOlJD7vM4A==; domain=.cdprivate.com; expires=Fri, 19-Aug-2022 22:57:58 GMT; path=/; HttpOnly | |
< Date: Sat, 19 Aug 2017 22:57:58 GMT | |
< Content-Length: 174 | |
< | |
<html><head><title>Object moved</title></head><body> | |
<h2>Object moved to <a href="http://varm.gake.gdn/?kw={kw}&s1=-1&s2=6370383286">here</a>.</h2> | |
</body></html> | |
* Connection #0 to host cdprivate.com left intact | |
dweekly-macbookpro3:~ dweekly$ curl -v -v "http://varm.gake.gdn/?kw={kw}&s1=-1&s2=6370383286" | |
* Trying 198.255.32.244... | |
* TCP_NODELAY set | |
* Connected to varm.gake.gdn (198.255.32.244) port 80 (#0) | |
> GET /?kw=kw&s1=-1&s2=6370383286 HTTP/1.1 | |
> Host: varm.gake.gdn | |
> User-Agent: curl/7.54.0 | |
> Accept: */* | |
> | |
< HTTP/1.1 200 OK | |
< Server: openresty/1.11.2.2 | |
< Date: Sat, 19 Aug 2017 22:58:24 GMT | |
< Content-Type: text/html; charset=UTF-8 | |
< Transfer-Encoding: chunked | |
< Connection: keep-alive | |
< X-ImpID: e7ccb226-8531-11e7-9223-aa1f778d2780 | |
< | |
<!DOCTYPE html><head><noscript><meta http-equiv="refresh" content="0; url=http://127.0.0.1?&%3Bs1=-1&%3Bs2=6370383286&pid=1597&redid=7988&gsid=68&campaign_id=42&p_id=1597&id=XNSX.-r7988-t68&impid=e7ccb226-8531-11e7-9223-aa1f778d2780&js_enabled=0&init_ev=1"></noscript></head><body> | |
<form id="rform" action="http://127.0.0.1?&%3Bs1=-1&%3Bs2=6370383286&pid=1597&redid=7988&gsid=68&campaign_id=42&p_id=1597&id=XNSX.-r7988-t68&impid=e7ccb226-8531-11e7-9223-aa1f778d2780" method="POST"> | |
<input type="hidden" name="payload" value="288dec30176944909d1c4a71a6276e6c53851f1be2c5f65f5af6c86c3b794691c8aa36a7bccf034eb11db5e41875a9434b8cab57b2ad536f89ebfb195c3d083cb893d16230cd586d8425c27b7c3272395ca4f240b8c4f50c12e56ac30cd81be1d9856e7f53020e4b48cf795234686f58f49cfcc6eb7f0e584477f71864ad67fed0a34a71d4272ebb00cd673b9da3c8fd73a8e7f49971e10adb8826710d17a7312924fad97ef639769033b1ade035cf5a655eaa6d44e3bab8ae41f833210940cd0a4f2b0b6a87a589e67be83bf345e4d9be5fc2080cf34956d449ab7d081925aab163035136be86f9cd1bfefcabd9af1764d15f828def8f9778264ad955535254068cfbe6802feb4fc9d7b406ef40a0ddf101d79f9a7550413eed13929bcdfa1850ad0a310c0be74b276a75e2a24826c3d1a31dead1e9b42040d46e7555ca0ce35b7bb7397cf3d096d082493cd3c94a165328624613ea7a24b36012827009a6b7c85cdb2e02eaeed438da9559889c0e2783fd3b7b51b468477ab0baf531d58ad6c3f0c511e34d63a968bab550485304fb3ec565675442f4f2f9aaee13437952f56f52dba8286680dfc44791d325b111f4133fc513e36274132e5700c3ed822edc16a6b8c18023d8db245b8587378490afe2725933bac3836640066a29dbd0fd8832e4de744a14e83827527098cf3d0f76ee87f777ca0894a18668c795c4ba20d0287c5521df05b66f2c6cd2fd20e65e945bdf701420e9081d9fe9e5d885007c555694d0667e8deeeb240985c71d1986bc86e393d172768fba868ebe009c650f0fc3cc34050fc67516c7f8971f9a73eb4da037a2e6ca9a26128867d6e3d76fb60fbd673130fd1e3c5f84abe8cfb3a0aa1e558c6447cf94a1ade3529d5d2acb349c3f8501b3c6539458b1ae005226e46859b32e4d15f77a710941ff1e5d2cefd43197ec68c4fd64cacb7de2d9cd9174cf3386d04ea8d96cf06eb27d30b85eb2261c454d67bd1fb74d9dbbfd0095139ee5a296592c10784d06"> | |
<input type="hidden" name="js_enabled" value="1"> | |
<input type="hidden" name="init_ev" value="1"> | |
<input type="hidden" name="iv" value="c8d26ccbdc77228023558a15b736672e"> | |
* Connection #0 to host varm.gake.gdn left intact | |
</form><script type="text/javascript">document.getElementById('rform').submitddwedwdweekdwdwdwdwdwddddweedweedwdddd |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment