Skip to content

Instantly share code, notes, and snippets.

@dweekly

dweekly/gist:c12458128d541d9ba8c1c449fcf3c042

Created August 19, 2017 23:02
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save dweekly/c12458128d541d9ba8c1c449fcf3c042 to your computer and use it in GitHub Desktop.
Save dweekly/c12458128d541d9ba8c1c449fcf3c042 to your computer and use it in GitHub Desktop.
Download ZIP
FB Sex Spam Rabbit Hole 3
Raw
gistfile1.txt
https://www.facebook.com/profile.php?id=100021634270674&fref=jewel
Hello dear,
I will introduce my latest sex video ==> https://goo.gl/Qyiz1G
Feel the latest sensation 
<3 
<3
$ curl -v -v "https://goo.gl/Qyiz1G"
* Trying 216.58.195.78...
* TCP_NODELAY set
* Connected to goo.gl (216.58.195.78) port 443 (#0)
* TLS 1.2 connection using TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
* Server certificate: *.google.com
* Server certificate: Google Internet Authority G2
* Server certificate: GeoTrust Global CA
> GET /Qyiz1G HTTP/1.1
> Host: goo.gl
> User-Agent: curl/7.54.0
> Accept: */*
>
< HTTP/1.1 301 Moved Permanently
< Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
< Content-Type: text/html; charset=UTF-8
< Cache-Control: no-cache, no-store, max-age=0, must-revalidate
< Pragma: no-cache
< Expires: Mon, 01 Jan 1990 00:00:00 GMT
< Date: Sat, 19 Aug 2017 22:57:10 GMT
< Location: http://floretta.lesenel.top/70remrofsnart_43209748.rm
< X-Content-Type-Options: nosniff
< X-Frame-Options: SAMEORIGIN
< X-XSS-Protection: 1; mode=block
< Server: GSE
< Alt-Svc: quic=":443"; ma=2592000; v="39,38,37,35"
< Accept-Ranges: none
< Vary: Accept-Encoding
< Transfer-Encoding: chunked
<
<HTML>
<HEAD>
<TITLE>Moved Permanently</TITLE>
</HEAD>
<BODY BGCOLOR="#FFFFFF" TEXT="#000000">
<H1>Moved Permanently</H1>
The document has moved <A HREF="http://floretta.lesenel.top/70remrofsnart_43209748.rm">here</A>.
</BODY>
</HTML>
* Connection #0 to host goo.gl left intact
dweekly-macbookpro3:~ dweekly$ curl -v -v "http://floretta.lesenel.top/70remrofsnart_43209748.rm"
* Trying 158.69.52.21...
* TCP_NODELAY set
* Connected to floretta.lesenel.top (158.69.52.21) port 80 (#0)
> GET /70remrofsnart_43209748.rm HTTP/1.1
> Host: floretta.lesenel.top
> User-Agent: curl/7.54.0
> Accept: */*
>
< HTTP/1.1 200 OK
< Server: nginx/1.4.6 (Ubuntu)
< Date: Sat, 19 Aug 2017 23:00:39 GMT
< Content-Type: text/html
< Transfer-Encoding: chunked
< Connection: keep-alive
< X-Powered-By: PHP/5.5.9-1ubuntu4.20
<
<head><meta name="referrer" content="never"><noscript><META http-equiv="refresh" content="0;URL=load.php?user=TRANSFORMER07&grup=GREENCORPS"></noscript></head><script>window.opener = null; location.replace("load.php?user=TRANSFORMER07&grup=GREENCORPS")</script>
* Connection #0 to host floretta.lesenel.top left intact
dweekly-macbookpro3:~ dweekly$ curl -v -v "http://floretta.lesenel.top/load.php?user=TRANSFORMER07&grup=GREENCORPS"
* Trying 158.69.52.21...
* TCP_NODELAY set
* Connected to floretta.lesenel.top (158.69.52.21) port 80 (#0)
> GET /load.php?user=TRANSFORMER07&grup=GREENCORPS HTTP/1.1
> Host: floretta.lesenel.top
> User-Agent: curl/7.54.0
> Accept: */*
>
< HTTP/1.1 299 OK
< Server: nginx/1.4.6 (Ubuntu)
< Date: Sat, 19 Aug 2017 23:00:54 GMT
< Content-Type: text/html
< Transfer-Encoding: chunked
< Connection: keep-alive
< X-Powered-By: PHP/5.5.9-1ubuntu4.20
<
<head><meta name="referrer" content="never">
<script type="text/javascript">
(function(i,s,o,g,r,a,m){i["GoogleAnalyticsObject"]=r;i[r]=i[r]||function(){
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
})(window,document,"script","https://www.google-analytics.com/analytics.js","ga");
ga("create", "UA-84047128-1", "auto");
ga("send", "pageview");
</script>
<noscript><META http-equiv="refresh" content="0;URL=http://couwzhen.life/?clk=1503183654&sid1=GREENCORPS&sid2=TRANSFORMER07"></noscript></head><script>window.opener = null; location.replace("http://couwzhen.life/?clk=1503183654&sid1=GREENCORPS&sid2=TRANSFORMER07")</script>
* Connection #0 to host floretta.lesenel.top left intact
dweekly-macbookpro3:~ dweekly$ curl -v -v "http://couwzhen.life/?clk=1503183654&sid1=GREENCORPS&sid2=TRANSFORMER07"
* Trying 159.203.1.35...
* TCP_NODELAY set
* Connected to couwzhen.life (159.203.1.35) port 80 (#0)
> GET /?clk=1503183654&sid1=GREENCORPS&sid2=TRANSFORMER07 HTTP/1.1
> Host: couwzhen.life
> User-Agent: curl/7.54.0
> Accept: */*
>
< HTTP/1.1 200 OK
< Date: Sat, 19 Aug 2017 22:57:41 GMT
< Server: Apache/2.4.7 (Ubuntu)
< X-Powered-By: PHP/5.5.9-1ubuntu4.14
< Vary: Accept-Encoding
< Content-Length: 301
< Content-Type: text/html
<
<head><meta name="referrer" content="origin"><noscript><META http-equiv="refresh" content="0;URL=http://pinarak.org/all.php?grup=GREENCORPS&user=TRANSFORMER07"></noscript></head><script>window.opener = null; location.replace("http://pinarak.org/all.php?grup=GREENCORPS&user=TRANSFORMER07")</script>
* Connection #0 to host couwzhen.life left intact
dweekly-macbookpro3:~ dweekly$ curl -v -v "http://pinarak.org/all.php?grup=GREENCORPS&user=TRANSFORMER07"
* Trying 45.55.150.45...
* TCP_NODELAY set
* Connected to pinarak.org (45.55.150.45) port 80 (#0)
> GET /all.php?grup=GREENCORPS&user=TRANSFORMER07 HTTP/1.1
> Host: pinarak.org
> User-Agent: curl/7.54.0
> Accept: */*
>
< HTTP/1.1 200 OK
< Date: Sat, 19 Aug 2017 22:57:56 GMT
< Server: Apache/2.4.10 (Ubuntu)
< Vary: Accept-Encoding
< Content-Length: 1296
< Content-Type: text/html; charset=UTF-8
<
<!DOCTYPE html>
<html lang="en">
<head>
<title> Please Wait...</title>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="robots" content="noindex, nofollow">
<script type="text/javascript">
(function(i,s,o,g,r,a,m){i["GoogleAnalyticsObject"]=r;i[r]=i[r]||function(){
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
})(window,document,"script","https://www.google-analytics.com/analytics.js","ga");
ga("create", "UA-68587210-1", "auto");
ga("send", "pageview");
</script>
<noscript> <style>html{display:none;}</style><meta http-equiv="refresh" content="0;http://ssl-cd.com/?a=43274&c=151297&s1=&s3=GREENCORPS&s4=TRANSFORMER07"></noscript>
<script type = "text/javascript">
window.setTimeout("autoClick()", 500); // 10 seconds delay
function autoClick() {
var linkPage = document.getElementById("dynLink").href;
window.location.href = linkPage;
}
</script>
</head>
<body>
<a href="http://ssl-cd.com/?a=43274&c=151297&s1=&s3=GREENCORPS&s4=TRANSFORMER07 " id="dynLink"></a>
</body>
</html>
* Connection #0 to host pinarak.org left intact
dweekly-macbookpro3:~ dweekly$ curl -v -v "http://ssl-cd.com/?a=43274&c=151297&s1=&s3=GREENCORPS&s4=TRANSFORMER07"
* Trying 54.174.134.18...
* TCP_NODELAY set
* Connected to ssl-cd.com (54.174.134.18) port 80 (#0)
> GET /?a=43274&c=151297&s1=&s3=GREENCORPS&s4=TRANSFORMER07 HTTP/1.1
> Host: ssl-cd.com
> User-Agent: curl/7.54.0
> Accept: */*
>
< HTTP/1.1 302 Found
< Cache-Control: private
< Content-Type: text/html; charset=utf-8
< Location: https://cdprivate.com/?a=43274&c=151297&s1=&s3=GREENCORPS&s4=TRANSFORMER07&ckmguid=fb390254-05fa-46fa-90e1-7128684c3749
< Date: Sat, 19 Aug 2017 22:57:48 GMT
< Content-Length: 256
<
<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://cdprivate.com/?a=43274&amp;c=151297&amp;s1=&amp;s3=GREENCORPS&amp;s4=TRANSFORMER07&amp;ckmguid=fb390254-05fa-46fa-90e1-7128684c3749">here</a>.</h2>
</body></html>
* Connection #0 to host ssl-cd.com left intact
dweekly-macbookpro3:~ dweekly$ curl -v -v "https://cdprivate.com/?a=43274&amp;c=151297&amp;s1=&amp;s3=GREENCORPS&amp;s4=TRANSFORMER07&amp;ckmguid=fb390254-05fa-46fa-90e1-7128684c3749"
* Trying 52.202.232.0...
* TCP_NODELAY set
* Connected to cdprivate.com (52.202.232.0) port 443 (#0)
* TLS 1.2 connection using TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
* Server certificate: *.cdprivate.com
* Server certificate: AlphaSSL CA - SHA256 - G2
* Server certificate: GlobalSign Root CA
> GET /?a=43274&amp;c=151297&amp;s1=&amp;s3=GREENCORPS&amp;s4=TRANSFORMER07&amp;ckmguid=fb390254-05fa-46fa-90e1-7128684c3749 HTTP/1.1
> Host: cdprivate.com
> User-Agent: curl/7.54.0
> Accept: */*
>
< HTTP/1.1 302 Found
< Cache-Control: private
< Content-Type: text/html; charset=utf-8
< Location: http://varm.gake.gdn/?kw={kw}&s1=-1&s2=6370383286
< p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
< Set-Cookie: sq=RVCSLW5emayMvhV8IcoVhb7VVk8ysUd7N2WNj9XgzrRamOlJD7vM4A==; domain=.cdprivate.com; path=/; HttpOnly
< Set-Cookie: tfl=NSsc4ppAT3NhXLwayMmQZr7VVk8ysUd7N2WNj9XgzrRamOlJD7vM4A==; domain=.cdprivate.com; expires=Fri, 19-Aug-2022 22:57:58 GMT; path=/; HttpOnly
< Date: Sat, 19 Aug 2017 22:57:58 GMT
< Content-Length: 174
<
<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="http://varm.gake.gdn/?kw={kw}&amp;s1=-1&amp;s2=6370383286">here</a>.</h2>
</body></html>
* Connection #0 to host cdprivate.com left intact
dweekly-macbookpro3:~ dweekly$ curl -v -v "http://varm.gake.gdn/?kw={kw}&amp;s1=-1&amp;s2=6370383286"
* Trying 198.255.32.244...
* TCP_NODELAY set
* Connected to varm.gake.gdn (198.255.32.244) port 80 (#0)
> GET /?kw=kw&amp;s1=-1&amp;s2=6370383286 HTTP/1.1
> Host: varm.gake.gdn
> User-Agent: curl/7.54.0
> Accept: */*
>
< HTTP/1.1 200 OK
< Server: openresty/1.11.2.2
< Date: Sat, 19 Aug 2017 22:58:24 GMT
< Content-Type: text/html; charset=UTF-8
< Transfer-Encoding: chunked
< Connection: keep-alive
< X-ImpID: e7ccb226-8531-11e7-9223-aa1f778d2780
<
<!DOCTYPE html><head><noscript><meta http-equiv="refresh" content="0; url=http://127.0.0.1?&amp%3Bs1=-1&amp%3Bs2=6370383286&pid=1597&redid=7988&gsid=68&campaign_id=42&p_id=1597&id=XNSX.-r7988-t68&impid=e7ccb226-8531-11e7-9223-aa1f778d2780&js_enabled=0&init_ev=1"></noscript></head><body>
<form id="rform" action="http://127.0.0.1?&amp%3Bs1=-1&amp%3Bs2=6370383286&pid=1597&redid=7988&gsid=68&campaign_id=42&p_id=1597&id=XNSX.-r7988-t68&impid=e7ccb226-8531-11e7-9223-aa1f778d2780" method="POST">
<input type="hidden" name="payload" value="288dec30176944909d1c4a71a6276e6c53851f1be2c5f65f5af6c86c3b794691c8aa36a7bccf034eb11db5e41875a9434b8cab57b2ad536f89ebfb195c3d083cb893d16230cd586d8425c27b7c3272395ca4f240b8c4f50c12e56ac30cd81be1d9856e7f53020e4b48cf795234686f58f49cfcc6eb7f0e584477f71864ad67fed0a34a71d4272ebb00cd673b9da3c8fd73a8e7f49971e10adb8826710d17a7312924fad97ef639769033b1ade035cf5a655eaa6d44e3bab8ae41f833210940cd0a4f2b0b6a87a589e67be83bf345e4d9be5fc2080cf34956d449ab7d081925aab163035136be86f9cd1bfefcabd9af1764d15f828def8f9778264ad955535254068cfbe6802feb4fc9d7b406ef40a0ddf101d79f9a7550413eed13929bcdfa1850ad0a310c0be74b276a75e2a24826c3d1a31dead1e9b42040d46e7555ca0ce35b7bb7397cf3d096d082493cd3c94a165328624613ea7a24b36012827009a6b7c85cdb2e02eaeed438da9559889c0e2783fd3b7b51b468477ab0baf531d58ad6c3f0c511e34d63a968bab550485304fb3ec565675442f4f2f9aaee13437952f56f52dba8286680dfc44791d325b111f4133fc513e36274132e5700c3ed822edc16a6b8c18023d8db245b8587378490afe2725933bac3836640066a29dbd0fd8832e4de744a14e83827527098cf3d0f76ee87f777ca0894a18668c795c4ba20d0287c5521df05b66f2c6cd2fd20e65e945bdf701420e9081d9fe9e5d885007c555694d0667e8deeeb240985c71d1986bc86e393d172768fba868ebe009c650f0fc3cc34050fc67516c7f8971f9a73eb4da037a2e6ca9a26128867d6e3d76fb60fbd673130fd1e3c5f84abe8cfb3a0aa1e558c6447cf94a1ade3529d5d2acb349c3f8501b3c6539458b1ae005226e46859b32e4d15f77a710941ff1e5d2cefd43197ec68c4fd64cacb7de2d9cd9174cf3386d04ea8d96cf06eb27d30b85eb2261c454d67bd1fb74d9dbbfd0095139ee5a296592c10784d06">
<input type="hidden" name="js_enabled" value="1">
<input type="hidden" name="init_ev" value="1">
<input type="hidden" name="iv" value="c8d26ccbdc77228023558a15b736672e">
* Connection #0 to host varm.gake.gdn left intact
</form><script type="text/javascript">document.getElementById('rform').submitddwedwdweekdwdwdwdwdwddddweedweedwdddd
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment