<?php
// Disable output buffering
@ini_set('output_buffering', 'off');
@ini_set('zlib.output_compression', false);
while (ob_get_level() > 0) ob_end_flush();
ob_implicit_flush(true);

session_start();

if(!isset($_SESSION["logged"])){
  die("session expired");
}




if($_SERVER['REQUEST_URI'] === '/oauth-logout'){
    header('Location: /');
    exit;
}

 if(preg_match('/profile/', $_SERVER['REQUEST_URI'])
 || preg_match('/api\/social\/like?filters/', $_SERVER['REQUEST_URI'])
 || preg_match('/user\/me/', $_SERVER['REQUEST_URI'])
 || preg_match('/create-enhance/', $_SERVER['REQUEST_URI'])
 || preg_match('/retouch/', $_SERVER['REQUEST_URI'])
 || preg_match('/pikaso\/ai-video-generator/', $_SERVER['REQUEST_URI'])
 || preg_match('/icon-generator/', $_SERVER['REQUEST_URI'])
 ){
    header($_SERVER['SERVER_PROTOCOL'].' 403 Bad Request');
    exit();
 }
 
if(preg_match('/pikaso\/api\/video/', $_SERVER["REQUEST_URI"])){
    header($_SERVER['SERVER_PROTOCOL'].' 403 Bad Request');
    exit();
}
 

function requri($pathToRemove) {
    return str_replace($pathToRemove, '', $_SERVER["REQUEST_URI"]);
}

if(preg_match("/assetsx/", $_SERVER["REQUEST_URI"])){
    $url = "https://cdn.oaistatic.com" . requri("/assetsx");
}elseif(preg_match("/abx/", $_SERVER["REQUEST_URI"])){
    $url = "https://ab.app.stealthwriter.ai" . requri("/abx");
}elseif(preg_match("/avatarx/", $_SERVER["REQUEST_URI"])){
    $url = "https://avatar.freepik.com" . requri("/avatarx");
}elseif(preg_match("/imgx/", $_SERVER["REQUEST_URI"])){
    $url = "https://img.freepik.com" . requri("/imgx");
}elseif(preg_match("/fpsx/", $_SERVER["REQUEST_URI"])){
    $url = "https://fps.cdnpk.net" . requri("/fpsx");
}elseif(preg_match("/pikasox/", $_SERVER["REQUEST_URI"])){
    $url = "https://pikaso.cdnpk.net" . requri("/pikasox");
}elseif(preg_match("/pikaso-datax/", $_SERVER["REQUEST_URI"])){
    $url = "https://pikaso-data.freepik.com" . requri("/pikaso-datax");
}else{
    $url = "https://app.stealthwriter.ai" . $_SERVER["REQUEST_URI"];
}




// include "check.php";

    // $url = "https://www.freepik.com" . $_SERVER["REQUEST_URI"];


// Private web proxy script by Heiswayi Nrird (http://heiswayi.github.io)
// Released under MIT license
// Free Software should work like this: whatever you take for free, you must give back for free.

ob_start("ob_gzhandler");

if (!function_exists("curl_init")) die ("This proxy requires PHP's cURL extension. Please install/enable it on your server and try again.");

//Adapted from http://www.php.net/manual/en/function.getallheaders.php#99814
if (!function_exists("getallheaders")) {
  function getallheaders() {
    $result = array();
    foreach($_SERVER as $key => $value) {
      if (substr($key, 0, 500) == "HTTP_") {
        $key = str_replace(" ", "-", ucwords(strtolower(str_replace("_", " ", substr($key, 5)))));
        $result[$key] = $value;
      } else {
        $result[$key] = $value;
      }
    }
    return $result;
  }
}

//define("PROXY_PREFIX", "http" . (isset($_SERVER['HTTPS']) ? "s" : "") . "://" . $_SERVER["SERVER_NAME"] . ($_SERVER["SERVER_PORT"] != 80 ? ":" . $_SERVER["SERVER_PORT"] : "") . $_SERVER["SCRIPT_NAME"] . "/");

//Makes an HTTP request via cURL, using request data that was passed directly to this script.
function makeRequest($url) {

  //Tell cURL to make the request using the brower's user-agent if there is one, or a fallback user-agent otherwise.
 // $user_agent = "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.119 Safari/537.36";
  
  $ch = curl_init();
//  curl_setopt($ch, CURLOPT_USERAGENT, $user_agent);

  //Proxy the browser's request headers.
  $browserRequestHeaders = getallheaders();
  //(...but let cURL set some of these headers on its own.)
  //TODO: The unset()s below assume that browsers' request headers
  //will use casing (capitalizations) that appear within them.
  unset($browserRequestHeaders["Host"]);
  unset($browserRequestHeaders["Content-Length"]);
  //Throw away the browser's Accept-Encoding header if any;
  //let cURL make the request using gzip if possible.
  unset($browserRequestHeaders["Accept-Encoding"]);
//   unset($browserRequestHeaders["Cookie"]);
  // curl_setopt($ch, CURLOPT_ENCODING, "");
  //Transform the associative array from getallheaders() into an
  //indexed array of header strings to be passed to cURL.
  $curlRequestHeaders = array();
  foreach ($browserRequestHeaders as $name => $value) {
    $curlRequestHeaders[] = $name . ": " . $value;
  }
  //curl_setopt($ch, CURLOPT_HTTPHEADER, $curlRequestHeaders);

  //Proxy any received GET/POST/PUT data.
//   switch ($_SERVER["REQUEST_METHOD"]) {
//     case "GET":
//       $getData = array();
//       foreach ($_GET as $key => $value) {
//           $getData[] = urlencode($key) . "=" . urlencode($value);
//       }
//       if (count($getData) > 0) {
//         //Remove any GET data from the URL, and re-add what was read.
//         //TODO: Is the code in this "GET" case necessary?
//         //It reads, strips, then re-adds all GET data; this may be a no-op.
//         $url = substr($url, 0, strrpos($url, "?"));
//         $url .= "?" . implode("&", $getData);
//       }
//     break;
//     case "POST":
//       curl_setopt($ch, CURLOPT_POST, true);
//       //For some reason, $HTTP_RAW_POST_DATA isn't working as documented at
//       //http://php.net/manual/en/reserved.variables.httprawpostdata.php
//       //but the php://input method works. This is likely to be flaky
//       //across different server environments.
//       //More info here: http://stackoverflow.com/questions/8899239/http-raw-post-data-not-being-populated-after-upgrade-to-php-5-3
//       curl_setopt($ch, CURLOPT_POSTFIELDS, file_get_contents("php://input"));
//     break;
//     case "PUT":
//       curl_setopt($ch, CURLOPT_PUT, true);
//       curl_setopt($ch, CURLOPT_INFILE, fopen("php://input"));
//     break;
//   }
  
  
$r = ['next-action', 'next-router-state-tree',  'oai-device-id', 'oai-language', 'userIDToken', 'openai-sentinel-turnstile-token', 'openai-sentinel-proof-token', 'openai-sentinel-chat-requirements-token', 'oai-language', 'oai-echo-logs', 'oai-device-id', 'x-client-version', 'traceparent', 'credentials', 'dpr', 'pragma', 'organization', 'x-amz-date', 'x-amz-content-sha256', 'x-amz-security-token', 'x-amz-user-agent', 'token', 'x-kt-token', 'sentry-trace', 'baggage','traceparent', 'openai-sentinel-chat-requiements-token', 'oai-echo-logs', 'openai-sentinel-proof-token', 'oenai-sentinel-chat-requirements-token', 'oai-device-id', 'openai-sentinel-arkose-token', 'oai-language', 'accept', 'accept-language', 'x-requested-with', 'main-request', 'x-newrelic-id', 'x-xsrf-token', 'authorization', 'x-access-token', 'x-human-token', 'x-csrf-token', 'x-requested-with', 'sec-fetch-user', 'sec-fetch-mode', 'sec-fetch-dest' , 'content-type'];

foreach (getallheaders() as $n => $v)
{
  if($n == "content_type"){
    $contenttype = $v;
  }
    if (in_array(strtolower($n) , $r))
    {
        $headers[] = $n . ':' . $v;
    }
}


// $proxy_ip = "188.68.1.26";
// $proxy_port = "5895";
// $proxy_username = "aqbjjasr";
// $proxy_password = "v7zhmnx0ea22";


$proxy_ip = "188.68.1.26";
$proxy_port = "5895";
$proxy_username = "aqbjjasr";
$proxy_password = "v7zhmnx0ea22";


//   include 'cookie.php';
  // $cookie2 = $cookiedb;
  
  $cookie2 = 'sb-vqdtifewupwhdypyimkf-auth-token.0=base64-eyJhY2Nlc3NfdG9rZW4iOiJleUpoYkdjaU9pSkZVekkxTmlJc0ltdHBaQ0k2SW1ZNFkyUmpZekEyTFdNell6Z3ROR1UyTnkxaFptUmhMVFV5WldNeFkyRXdZbUZoWmlJc0luUjVjQ0k2SWtwWFZDSjkuZXlKcGMzTWlPaUpvZEhSd2N6b3ZMM1p4WkhScFptVjNkWEIzYUdSNWNIbHBiV3RtTG5OMWNHRmlZWE5sTG1OdkwyRjFkR2d2ZGpFaUxDSnpkV0lpT2lJNE0yWmpOV0ZrTUMwNE1XRmhMVFJtTlRjdE9XUm1ZaTAwTlRobE5tWTNaalF3WlRnaUxDSmhkV1FpT2lKaGRYUm9aVzUwYVdOaGRHVmtJaXdpWlhod0lqb3hOelUzT0RNeE1qazVMQ0pwWVhRaU9qRTNOVGM0TWpjM016Y3NJbVZ0WVdsc0lqb2labUZqWldKdmIydHlZV3RsYzJneVFHZHRZV2xzTG1OdmJTSXNJbkJvYjI1bElqb2lJaXdpWVhCd1gyMWxkR0ZrWVhSaElqcDdJbkJ5YjNacFpHVnlJam9pWjI5dloyeGxJaXdpY0hKdmRtbGtaWEp6SWpwYkltZHZiMmRzWlNKZGZTd2lkWE5sY2w5dFpYUmhaR0YwWVNJNmV5SmhkbUYwWVhKZmRYSnNJam9pYUhSMGNITTZMeTlzYURNdVoyOXZaMnhsZFhObGNtTnZiblJsYm5RdVkyOXRMMkV2UVVObk9HOWpURFpJWWxad1kwbzJTblZxTVhVMWFWZFBjbHAxYlRKd2J6RnhYMUE0WVhkQ04zWnVaelpXYkVKcU9VZHlPRU5CUFhNNU5pMWpJaXdpWlcxaGFXd2lPaUptWVdObFltOXZhM0poYTJWemFESkFaMjFoYVd3dVkyOXRJaXdpWlcxaGFXeGZkbVZ5YVdacFpXUWlPblJ5ZFdVc0ltWjFiR3hmYm1GdFpTSTZJa1poWTJWaWIyOXJJRkpoYTJWemFDSXNJbWx6Y3lJNkltaDBkSEJ6T2k4dllXTmpiM1Z1ZEhNdVoyOXZaMnhsTG1OdmJTSXNJbTVoYldVaU9pSkdZV05sWW05dmF5QlNZV3RsYzJnaUxDSndhRzl1WlY5MlpYSnBabWxsWkNJNlptRnNjMlVzSW5CcFkzUjFjbVVpT2lKb2RIUndjem92TDJ4b015NW5iMjluYkdWMWMyVnlZMjl1ZEdWdWRDNWpiMjB2WVM5QlEyYzRiMk5NTmtoaVZuQmpTalpLZFdveGRUVnBWMDl5V25WdE1uQnZNWEZmVURoaGQwSTNkbTVuTmxac1FtbzVSM0k0UTBFOWN6azJMV01pTENKd2NtOTJhV1JsY2w5cFpDSTZJakV4TnpBd05qYzRORFV5TXprME1qSTBNRE16TlNJc0luTjFZaUk2SWpFeE56QXdOamM0TkRVeU16azBNakkwTURNek5TSjlMQ0p5YjJ4bElqb2lZWFYwYUdWdWRHbGpZWFJsWkNJc0ltRmhiQ0k2SW1GaGJERWlMQ0poYlhJaU9sdDdJbTFsZEdodlpDSTZJbTloZFhSb0lpd2lkR2x0WlhOMFlXMXdJam94TnpVM09ESTNOek0zZlYwc0luTmxjM05wYjI1ZmFXUWlPaUptWkRsaFpqVmtOaTFqTXpka0xUUTJOamN0WWpka01DMDJaalE0WWpWaE5UTXpORE1pTENKcGMxOWhibTl1ZVcxdmRYTWlPbVpoYkhObGZRLjBiLUZrVzJwbnJaclYtYWs1aXlUWDBPZkhnM0lqalJzTHZPM1ZCZ29zM3d2ZXdMeUM5NkotQlRSb25lajNMOHlKN0lpMDJQX2MwQ0FlT1djQjR1ckFBIiwidG9rZW5fdHlwZSI6ImJlYXJlciIsImV4cGlyZXNfaW4iOjM1NjIsImV4cGlyZXNfYXQiOjE3NTc4MzEyOTksInJlZnJlc2hfdG9rZW4iOiI0d3dib2ZmYndiYmIiLCJ1c2VyIjp7ImlkIjoiODNmYzVhZDAtODFhYS00ZjU3LTlkZmItNDU4ZTZmN2Y0MGU4IiwiYXVkIjoiYXV0aGVudGljYXRlZCIsInJvbGUiOiJhdXRoZW50aWNhdGVkIiwiZW1haWwiOiJmYWNlYm9va3Jha2VzaDJAZ21haWwuY29tIiwiZW1haWxfY29uZmlybWVkX2F0IjoiMjAyMy0xMS0yM1QwOTozOTozMC45NDMzNTZaIiwicGhvbmUiOiIiLCJjb25maXJtZWRfYXQiOiIyMDIzLTExLTIzVDA5OjM5OjMwLjk0MzM1NloiLCJsYXN0X3NpZ25faW5fYXQiOiIyMDI1LTA5LTE0VDA1OjI4OjU3LjE1NjA2OTYxNVoiLCJhcHBfbWV0YWRhdGEiOnsicHJvdmlkZXIiOiJnb29nbGUiLCJwcm92aWRlcnMiOlsiZ29vZ2xlIl19LCJ1c2VyX21ldGFkYXRhIjp7ImF2YXRhcl91cmwiOiJodHRwczovL2xoMy5nb29nbGV1c2VyY29udGVudC5jb20vYS9BQ2c4b2NMNkhiVnBjSjZKdWoxdTVpV09yWnVtMnBvMXFfUDhhd0I3dm5nNlZsQmo5R3I4Q0E9czk2LWMiLCJlbWFpbCI6ImZhY2Vib29rcmFrZXNoMkBnbWFpbC5jb20iLCJlbWFpbF92ZXJpZmllZCI6dHJ1ZSwiZnVsbF9uYW1lIjoiRmFjZWJvb2sgUmFrZXNoIiwiaXNzIjoiaHR0cHM6Ly9hY2NvdW50cy5nb29nbGUuY29tIiwibmFtZSI6IkZhY2Vib29rIFJha2VzaCIsInBob25lX3ZlcmlmaWVkIjpmYWxzZSwicGljdHVyZSI6Imh0dHBzOi8vbGgzLmdvb2dsZXVzZXJjb250ZW50LmNvbS9hL0FDZzhvY0w2SGJWcGNKNkp1ajF1NWlXT3JadW0ycG8xcV9QOGF3Qjd2bmc2VmxCajlHcjhDQT1zOTYtYyIsInByb3ZpZGVyX2lkIjoiMTE3MDA2Nzg0NTIzOTQyMjQwMzM1Iiwic3ViIjoiMTE3MDA2Nzg0NTIzOTQyMjQwMzM1In0sImlkZW50aXRpZXMiOlt7ImlkZW50aXR5X2lkIjoiN2I3MTM0NDktZTUzNi00M;sb-vqdtifewupwhdypyimkf-auth-token.1=GViLTg3MzktYWU4YzI4ZTY2Mzk1IiwiaWQiOiIxMTcwMDY3ODQ1MjM5NDIyNDAzMzUiLCJ1c2VyX2lkIjoiODNmYzVhZDAtODFhYS00ZjU3LTlkZmItNDU4ZTZmN2Y0MGU4IiwiaWRlbnRpdHlfZGF0YSI6eyJhdmF0YXJfdXJsIjoiaHR0cHM6Ly9saDMuZ29vZ2xldXNlcmNvbnRlbnQuY29tL2EvQUNnOG9jTDZIYlZwY0o2SnVqMXU1aVdPclp1bTJwbzFxX1A4YXdCN3ZuZzZWbEJqOUdyOENBPXM5Ni1jIiwiZW1haWwiOiJmYWNlYm9va3Jha2VzaDJAZ21haWwuY29tIiwiZW1haWxfdmVyaWZpZWQiOnRydWUsImZ1bGxfbmFtZSI6IkZhY2Vib29rIFJha2VzaCIsImlzcyI6Imh0dHBzOi8vYWNjb3VudHMuZ29vZ2xlLmNvbSIsIm5hbWUiOiJGYWNlYm9vayBSYWtlc2giLCJwaG9uZV92ZXJpZmllZCI6ZmFsc2UsInBpY3R1cmUiOiJodHRwczovL2xoMy5nb29nbGV1c2VyY29udGVudC5jb20vYS9BQ2c4b2NMNkhiVnBjSjZKdWoxdTVpV09yWnVtMnBvMXFfUDhhd0I3dm5nNlZsQmo5R3I4Q0E9czk2LWMiLCJwcm92aWRlcl9pZCI6IjExNzAwNjc4NDUyMzk0MjI0MDMzNSIsInN1YiI6IjExNzAwNjc4NDUyMzk0MjI0MDMzNSJ9LCJwcm92aWRlciI6Imdvb2dsZSIsImxhc3Rfc2lnbl9pbl9hdCI6IjIwMjMtMTEtMjNUMDk6Mzk6MzAuOTM3NzI4WiIsImNyZWF0ZWRfYXQiOiIyMDIzLTExLTIzVDA5OjM5OjMwLjkzNzc2OFoiLCJ1cGRhdGVkX2F0IjoiMjAyNS0wOS0xNFQwNToyODo1NS4zNDgwMjNaIiwiZW1haWwiOiJmYWNlYm9va3Jha2VzaDJAZ21haWwuY29tIn1dLCJjcmVhdGVkX2F0IjoiMjAyMy0xMS0yM1QwOTozOTozMC45Mjc2MDJaIiwidXBkYXRlZF9hdCI6IjIwMjUtMDktMTRUMDU6Mjg6NTcuMTU3NjQ5WiIsImlzX2Fub255bW91cyI6ZmFsc2V9LCJwcm92aWRlcl90b2tlbiI6InlhMjkuYTBBUzNINk53cFZzZl9aZGR6bDRMaW5zSDBfcjdTUW9FZV8xQUZjekdDX3dSNzZWUC1MN3k3Y21CNktzY1NlX3RCdGNyZjBMeVVpZ2FXWDMtZ3pJbHNGMENpSGxVZVJZejlEZjRaU0locG9aT3hGS3pXTmU2LUJnSmFLUHF6Q1E1T2ROTUFxdDhCQ0I1OVFVU2R5emk4WURnSUp5dllkOU5tSWg3UUxuR1QzTEZDOWt2WHdpNUNTQm5QT3RIYV9jLU8xcjhoQ004YUNnWUtBWlVTQVJVU0ZRSEdYMk1pNThIbV9PMFZUOFF5OUpUejQ1c1RqQTAyMDYifQ;_gcl_au=1.1.390666022.1754372551;intercom-device-id-esc25l7u=fdbe3049-b888-4773-8c31-c4198e2c70b9;intercom-id-esc25l7u=cefb3738-a698-40c3-b13d-1a6f1e20d669;intercom-session-esc25l7u=RkVPNW1RMjd4Vk9BSDAwTnNaZ2xrczltSXV6eVJuTlRIM2g5aS9TTXJoUXBkVWhQYVJpSFRRMm05eTNucHRCeFpvR1RQaThRczlaOTIwdWJOZ0lha08xc21HdXBSVzAybk9qTCtBUW9UaGM9LS1VcStRaXN4UzVGbzg3UmdaVTJ4VlhBPT0=--b9fce01d30c93d04a28a8aa5546277e9a85b2dce';
  
$headers[] = "cookie: $cookie2";

// Add new headers or overwrite existing headers
// $headers[] = "content-type: application/json";
$headers[] = "Origin: https://app.stealthwriter.ai";
$headers[] = "referer: https://app.stealthwriter.ai/";
 $headers[] = 'Sec-Ch-Ua-Platform: "Windows"';
 $headers[] = 'sec-ch-ua-mobile: ?0';
 $headers[] = 'sec-fetch-site: same-origin';
 $headers[] = 'upgrade-insecure-requests: 1';
 $headers[] = 'sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"';

$headers[] = 'User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36';



    $cookie = 'cookie.txt';
    //  $cookie = '/home/toolszmc/plustools.net/panel/auth/curl/freepik.txt';


    $agent = "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36";
  // Other cURL options.
  curl_setopt($ch, CURLOPT_HEADER, true);
  curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
  curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
    // curl_setopt($ch, CURLOPT_TIMEOUT, 0);
    // curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie);
    // curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie);
    // curl_setopt($ch, CURLOPT_REFERER, $url);
    curl_setopt($ch, CURLOPT_USERAGENT, $agent); 
    // curl_setopt ($ch, CURLOPT_FAILONERROR, true);
    curl_setopt ($ch, CURLOPT_CUSTOMREQUEST, $_SERVER["REQUEST_METHOD"]);
    curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
    curl_setopt($ch, CURLOPT_TIMEOUT, 20); // Avoids long waits
    curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5); // Faster fail if slow to connect
    curl_setopt($ch, CURLOPT_DNS_CACHE_TIMEOUT, 300); // Reuse DNS resolutions


    
    
    if($_SERVER["REQUEST_METHOD"] == "POST"){
        $payload = file_get_contents("php://input");
        
        // $payload = json_decode($payload, true);
        
        // if($payload["events"][0]["statsigMetadata"]["currentPage"]){
        //   $payload["events"][0]["statsigMetadata"]["currentPage"] = str_replace($_SERVER['HTTP_HOST'], "app.stealthwriter.ai", $payload["events"][0]["statsigMetadata"]["currentPage"]);
        // }
        
        // $payload = json_encode($payload, true);

        curl_setopt($ch, CURLOPT_POST, true);
        curl_setopt($ch, CURLOPT_POSTFIELDS, $payload);
    }
    // curl_setopt($ch, CURLOPT_PUT, true);


    // if(preg_match('/api/', $_SERVER['REQUEST_URI'])){
    //   if(preg_match('/backend-api\/conversation/', $_SERVER['REQUEST_URI'])){
    //         header('Content-Type: text/event-stream');
    //   }else{
    //         header('Content-Type: application/json');
    //   }
      
    //   // Disable output buffering
    //   @ini_set('output_buffering', 'off');
    //   @ini_set('zlib.output_compression', false);
    //   while (ob_get_level() > 0) ob_end_flush();
    //   ob_implicit_flush(true);

    //   // header('Content-Type: text/event-stream');
    //   header('Cache-Control: no-cache');
    //   header('X-Accel-Buffering: no'); // For nginx

    //     curl_setopt($ch, CURLOPT_HEADER, false);
    //     curl_setopt($ch, CURLOPT_BUFFERSIZE, 1); // Reuse DNS resolutions

    //   curl_setopt($ch, CURLOPT_WRITEFUNCTION, function ($ch, $data) {
    //       // Output chunked JSON data
    //       echo $data;
    //       ob_flush();
    //       flush(); // Force output to client
    //       return strlen($data);
    //   });
    // }

    // if(!preg_match('/assetsx/', $_SERVER['REQUEST_URI'])){
    //   curl_setopt($ch, CURLOPT_HTTPPROXYTUNNEL, 1);
    //   curl_setopt($ch, CURLOPT_PROXY, $proxy_ip);
    //   curl_setopt($ch, CURLOPT_PROXYPORT, $proxy_port);
    //   curl_setopt($ch, CURLOPT_PROXYTYPE, 'HTTP');
    //   curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
    //   curl_setopt($ch, CURLOPT_PROXYUSERPWD, $proxy_username . ":" . $proxy_password);
    // }
  

//  curl_setopt($ch, CURLOPT_COOKIE, "host=plustools.net; km_ni=jadersondapaz1@gmail.com; km_lv=x; km_ai=jadersondapaz1@gmail.com; __utmz=222526621.1621854618.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __adroll_fpc=eb92861e23e1f95b848447831661dde0-1621854619455; __ar_v4=LJZZ2FR4DBF6VBE3Y6JRRQ:20210523:6|XZKOSCTQYNAN7GPG77G4CP:20210523:23|R66JUCUFRZCG5AJHMQEGA4:20210523:23|KADNOU2AURG7HNUPOYHPUW:20210523:17; __utma=222526621.1524567690.1621854618.1621861365.1621867016.3; _ga=GA1.1.1457956668.1624391945; _jsuid=1793719557; remember_user_token=eyJfcmFpbHMiOnsibWVzc2FnZSI6Ilcxc3pNREExTlROZExDSWtNbUVrTVRJa2N6VnBRMVowZWpaTFptbG1NVVpRZWpkdGRYWjJkU0lzSWpFMk1qUTRPRFkyTnpVdU1qY3pORFF4TXlKZCIsImV4cCI6IjIwMjEtMDctMTJUMTM6MjQ6MzUuMjczWiIsInB1ciI6ImNvb2tpZS5yZW1lbWJlcl91c2VyX3Rva2VuIn19--64c68d469a6895eaf4347861b8029bc57c55f335; _wordai_rails_session=TtiLLwb3Kae6JW8bcI0ffQZe91UKaXEppUqyH2BfLHJtwGpOtaShFfAtye72f4OYwMjnmEuUMFPgIRB+kYOm+Vw2PhXTTn4GfBnJ/A1vtwQXj15uLd7s314Wmi44aTw/l16YOPdXllZGxmX0Am0BkxYowjOuimlgqvUodVERiH9gDrJu+S36pNOC6Df+XxQMpmUnZsotu8SBNmiXUWgeMF+LuRtPyXJOrmqlXR3SpZAk4vbfEP++7rYuV5eHJ79IGyPZckfWCL679rmIvDklwEuCegw0lLU3YvaRtM5LTweb3bNmrbg6u5JlaKoIbH4Vycu4mrAkWinufAPKx2ne6ULcslsMB3uMvThwu+y0WYG+dty0RAWA6pWoUDVEyORcJpQvBdEAH7BaC5iLxYyArtyn5LeU--OQZMzRqRy3QEcy5N--Ph6mjd3Xpwet5OsNIVMN2A==; _ga_J6KTZN2VVY=GS1.1.1624950055.13.1.1624950056.0; kvcd=1624950056083; km_vs=1");

  //Set the request URL.
  curl_setopt($ch, CURLOPT_URL, $url);

  //Make the request.
  $response = curl_exec($ch);
  $responseInfo = curl_getinfo($ch);
  $headerSize = curl_getinfo($ch, CURLINFO_HEADER_SIZE);
  curl_close($ch);

  //Setting CURLOPT_HEADER to true above forces the response headers and body
  //to be output together--separate them.
  $responseHeaders = substr($response, 0, $headerSize);
  $responseBody = substr($response, $headerSize);

  return array("headers" => $responseHeaders, "body" => $responseBody, "responseInfo" => $responseInfo);
}

//Converts relative URLs to absolute ones, given a base URL.
//Modified version of code found at http://nashruddin.com/PHP_Script_for_Converting_Relative_to_Absolute_URL
function rel2abs($rel, $base) {
  if (empty($rel)) $rel = ".";
  if (parse_url($rel, PHP_URL_SCHEME) != "" || strpos($rel, "//") === 0) return $rel; //Return if already an absolute URL
  if ($rel[0] == "#" || $rel[0] == "?") return $base.$rel; //Queries and anchors
  extract(parse_url($base)); //Parse base URL and convert to local variables: $scheme, $host, $path
  $path = isset($path) ? preg_replace('#/[^/]*$#', "", $path) : "/"; //Remove non-directory element from path
  if ($rel[0] == '/') $path = ""; //Destroy path if relative url points to root
  $port = isset($port) && $port != 80 ? ":" . $port : "";
  $auth = "";
  if (isset($user)) {
    $auth = $user;
    if (isset($pass)) {
      $auth .= ":" . $pass;
    }
    $auth .= "@";
  }
  $abs = "$auth$host$path$port/$rel"; //Dirty absolute URL
  for ($n = 1; $n > 0; $abs = preg_replace(array("#(/\.?/)#", "#/(?!\.\.)[^/]+/\.\./#"), "/", $abs, -1, $n)) {} //Replace '//' or '/./' or '/foo/../' with '/'
  return $scheme . "://" . $abs; //Absolute URL is ready.
}

//Proxify contents of url() references in blocks of CSS text.
function proxifyCSS($css, $baseURL) {
  return preg_replace_callback(
    '/url\((.*?)\)/i',
    function($matches) use ($baseURL) {
        $url = $matches[1];
        //Remove any surrounding single or double quotes from the URL so it can be passed to rel2abs - the quotes are optional in CSS
        //Assume that if there is a leading quote then there should be a trailing quote, so just use trim() to remove them
        if (strpos($url, "'") === 0) {
          $url = trim($url, "'");
        }
        if (strpos($url, "\"") === 0) {
          $url = trim($url, "\"");
        }
        if (stripos($url, "data:") === 0) return "url(" . $url . ")"; //The URL isn't an HTTP URL but is actual binary data. Don't proxify it.
        //return "url(" . PROXY_PREFIX . rel2abs($url, $baseURL) . ")";
    },
    $css);
}

// // Create log
// function recordLog($url) {
//   $userip = $_SERVER['REMOTE_ADDR'];
//   $rdate = date("d-m-Y", time());
//   $data = $rdate.','.$userip.','.$url.PHP_EOL;
//   $logfile = 'logs/'.$userip.'_log.txt';
//   $fp = fopen($logfile, 'a');
//   fwrite($fp, $data);
// }

// recordLog($url);
//cURL can make multiple requests internally (while following 302 redirects), and reports
//headers for every request it makes. Only proxy the last set of received response headers,
//corresponding to the final request made by cURL for any given call to makeRequest().


//$proxy_prefix = PROXY_PREFIX;
$htmlcode = <<<ENDHTML
<script></script>
ENDHTML;


/**/
// $url = "https://tool3.toolszap.com" . $_SERVER["REQUEST_URI"];
/**/

/**/


/**/
if (strpos($url, "//") === 0){
    /**/
    $url = "http:" . $url; // assume that any supplied URLs starting with // are HTTP URLs.
    /**/
} 

/**/
if (!preg_match("@^.*://@", $url)){
    /**/
    $url = "http://" . $url; // assume that any supplied URLs without a scheme are HTTP URLs.
    /**/
} 

/**/
$response = makeRequest($url);
/**/
$rawResponseHeaders = $response["headers"];
/**/
$responseBody = $response["body"];

$responseInfo = $response["responseInfo"];
/**/
$responseHeaderBlocks = array_filter(explode("\r\n\r\n", $rawResponseHeaders));
/**/
$lastHeaderBlock = end($responseHeaderBlocks);

// $lastHeaderBlock = $responseHeaderBlocks[1];
/**/
$headerLines = explode("\r\n", $lastHeaderBlock);
/**/

/**/
foreach ($headerLines as $header){
    /**/
    if (stripos($header, "Content-Length") === false && stripos($header, "Transfer-Encoding") === false){
        /**/
        header($header);
        /**/
    }
}

/**/
$contentType = $responseInfo["content_type"] ?? "text/html";
/**/



 //$responseBody = str_replace('/__static__/', 'https://elevenlabs.io/__static__/', $responseBody);
 
$responseBody = (str_replace("https://toolszap.com/auth/login","https://toolszm.com/login",$responseBody));

$responseBody = (str_replace('cdn.oaistatic.com', $_SERVER['HTTP_HOST'] . '/assetsx', $responseBody));
$responseBody = (str_replace('fps.cdnpk.net', $_SERVER['HTTP_HOST'] . '/fpsx', $responseBody));
$responseBody = (str_replace('pikaso.cdnpk.net', $_SERVER['HTTP_HOST'] . '/pikasox', $responseBody));
$responseBody = (str_replace('pikaso-data.freepik.com', $_SERVER['HTTP_HOST'] . '/pikaso-datax', $responseBody));
$responseBody = (str_replace('img.freepik.com', $_SERVER['HTTP_HOST'] . '/imgx', $responseBody));
$responseBody = (str_replace('ab.app.stealthwriter.ai', $_SERVER['HTTP_HOST'] . '/abx', $responseBody));
$responseBody = (str_replace('app.stealthwriter.ai', $_SERVER['HTTP_HOST'], $responseBody));

$responseBody = (str_replace('avatar.freepik.com.freepik.com', $_SERVER['HTTP_HOST'] . '/avatarx', $responseBody));

// $responseBody = (str_replace('"pikaso-data.freepik."',  'window.location.hostname + "/pikaso-datax"', $responseBody)); 
$responseBody = (str_replace('l.hostname,"pikaso-data.freepik."+(c?"com":"es"))',  'l.hostname, window.location.hostname + "/pikaso-datax")', $responseBody)); 

$responseBody = (str_replace('//freepik.com', '//' . $_SERVER['HTTP_HOST'], $responseBody)); 
$responseBody = (str_replace('"freepik.com"', '"'.$_SERVER['HTTP_HOST'].'"', $responseBody)); 

$responseBody = str_replace('6Lc6cXQpAAAAADTJ5mUS9JEqt1GM3MlSAMocgSBj', '6Ldwd0smAAAAAK2TAV7XLUk7pCmgwaN7E80wd95W', $responseBody);



$responseBody = str_replace("identitytoolkit.googleapis.com",$_SERVER['HTTP_HOST'] . '/googleapis',$responseBody);
$responseBody = str_replace("securetoken.googleapis.com",$_SERVER['HTTP_HOST'] . "/securetoken",$responseBody);

$responseBody = str_replace("assets.vyond.com",$_SERVER['HTTP_HOST'] . '/assetx',$responseBody);
$responseBody = str_replace("d2bm7x1jqouzel.cloudfront.net",$_SERVER['HTTP_HOST'] . '/cloudx',$responseBody);

 
$responseBody = str_replace("integrity", 'inty',$responseBody);


$responseBody = str_replace('cognito-idp." + e + ".amazonaws.com',  $_SERVER["HTTP_HOST"] , $responseBody);

$responseBody = str_replace('//members.junglescout.com',  "//" . $_SERVER['HTTP_HOST'] , $responseBody);

                
$responseBody = str_replace('"https://cognito-idp."+e+".amazonaws.com/"',  '"https://" + window.location.hostname + "/securetoken/"', $responseBody);
$responseBody = str_replace('"cognito-idp."+i+".amazonaws.com/"',  '"https://" + window.location.hostname + "/securetoken/"', $responseBody);
$responseBody = str_replace('"https://cognito-identity.".concat(t,".").concat((0,_.b)(t))',  '"https://" + window.location.hostname + "/googleapis/"', $responseBody);

$js = file_get_contents("js.php");

$responseBody = str_replace('</script></head>', '</script><script>' . $js. "</script>" . $htmlcode."</head>", $responseBody);
// $responseBody = str_replace('</footer><!-- /footer -->', $htmlcode."</footer><!-- /footer -->", $responseBody);
// $responseBody = str_replace('</script></body></html>', '</script>'.$htmlcode."</body></html>", $responseBody);


$responseBody = str_replace('"brand-settings-images130431-pictory",".s3.us-east-2.amazonaws.com"',  'window.location.hostname + "/brand-settings-images130431-pictoryx"', $responseBody);
$responseBody = str_replace('"brand-settings-images130431-pictory.s3.us-east-2.amazonaws.com",',  'window.location.hostname + "/brand-settings-images130431-pictoryx",', $responseBody);
$responseBody = str_replace('"brand-settings-images130431-pictory.s3.us-east-2.amazonaws.com"',  '"joker.toolszm.com/brand-settings-images130431-pictoryx"', $responseBody);
$responseBody = str_replace('brand-settings-images130431-pictory',  'brandx', $responseBody);

// header('Access-Control-Allow-Origin: *');
// header('access-control-allow-credentials: true');
header_remove('content-encoding');
header_remove('content-security-policy');
// header_remove('Content-Length');
// header_remove('set-cookie');


// /**/ 
// if (stripos($contentType, "application/json") !== false){
//     /**/
//     $responseBody = str_replace('href="/', 'href="https://ahrefs.com/', $responseBody);
//     /**/
//     $responseBody = str_replace('src="/', 'src="https://ahrefs.com/', $responseBody);
//     /**/
//     echo $responseBody;
//     /**/
// }
// else if (stripos($contentType, "application/css") !== false){ 
//     /**/
//     echo proxifyCSS($responseBody, $url); // this is CSS, so proxify url() references.
//     /**/
// }
// else {
//     /**/
//     header("Content-Length: " . strlen($responseBody));  // this isn't a web page or CSS, so serve unmodified through the proxy with the correct headers (images, JavaScript, etc.)
//     /**/
  

//     echo $responseBody;
//     /**/
// }


echo $responseBody;


header_remove('content-encoding');
die;