Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php goto MLRtQ; YI6Z8: curl_setopt($ch, CURLOPT_FOLLOWLOCATION, false); goto By0tG; TK..

Decoded Output download

<?php 
 goto MLRtQ; YI6Z8: curl_setopt($ch, CURLOPT_FOLLOWLOCATION, false); goto By0tG; TKj6U: $headers = array(1 => "Host: obabet.com", 2 => "Sec-Ch-Ua: \"Chromium\";v=\"125\", \"Not.A/Brand\";v=\"24\"", 3 => "Accept: application/json, text/plain, */*", 4 => "X-Xsrf-Token: ebb59272-2218-469c-af50-05c818069e9f", 5 => "X-Ip: " . $randomizarIP, 6 => "Sec-Ch-Ua-Mobile: ?0", 7 => "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.112 Safari/537.36", 8 => "Sec-Ch-Ua-Platform: \"Windows\"", 9 => "Sec-Fetch-Site: same-origin", 10 => "Sec-Fetch-Mode: cors", 11 => "Sec-Fetch-Dest: empty", 12 => "Referer: https://obabet.com/", 13 => "Accept-Encoding: gzip, deflate, zstd", 14 => "Accept-Language: pt-BR,pt;q=0.9,en-US;q=0.8,en;q=0.7", 15 => "Priority: u=1, i"); goto m4cCu; SFmJ2: curl_setopt($ch, CURLOPT_FOLLOWLOCATION, false); goto gNpF9; S7L10: curl_setopt($ch, CURLOPT_HEADER, true); goto k5Kl3; BoSby: $POST_DATA = "{"identifier":"EMAIL","loginInput":"" . $email . "","password":"Rhm421350@","totp":""}"; goto NH9uB; S6_fB: $ch = curl_init("{$url}"); goto UheQd; m7vUi: if (!empty($location)) { header("Location: {$location}"); die; } goto Z7RBu; C3zMD: curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); goto S7L10; By0tG: curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false); goto cj2U8; m4cCu: $cookies = "XSRF-TOKEN=ebb59272-2218-469c-af50-05c818069e9f; _hjSessionUser_3569626=eyJpZCI6ImYwZjQ1MmFlLTc5NDYtNTBmZi05YjNkLWI1YjM5ODMxYTE3NiIsImNyZWF0ZWQiOjE3MTcyNzc0OTI4NzIsImV4aXN0aW5nIjpmYWxzZX0=; _hjSession_3569626=eyJpZCI6ImYyZDZkZThhLTMxOGQtNDA3OC04MjcxLWRlNWY0YjE2MzNiZiIsImMiOjE3MTcyNzc0OTI4NzMsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; _fbp=fb.1.1717277494536.1651491898; cw_conversation=eyJhbGciOiJIUzI1NiJ9.eyJzb3VyY2VfaWQiOiIxZTg1ZWI5ZC1jYjYyLTQ2MzYtYTIzOC0yMzI1MjE3ZTZkNjMiLCJpbmJveF9pZCI6OX0.TpZaGk__SfQ5D3-lt60_vW9N72-dEjGK2rCK7cBSJH8; _ga=GA1.1.647573780.1717277495; _ga_50VB2N85EP=GS1.1.1717277494.1.0.1717277510.0.0.0; _gcl_au=1.1.294752420.1717277493.822571345.1717277510.1717277520; SESSION={$sessao}"; goto pq5G7; pq5G7: $dom = DOM("GET", "https://obabet.com/api/v1/casino-games/pragmatic-play/gates-of-olympus-2457?device=DESKTOP", $POST_DATA, $headers, $cookies); goto p4_Od; E4CTM: curl_setopt($ch, CURLOPT_NOBODY, true); goto SFmJ2; bKFUt: curl_setopt($ch, CURLOPT_HTTPHEADER, array("Referer: https://obabet.com/", "Sec-Ch-Ua: "Chromium";v="125", "Not.A/Brand";v="24"", "Upgrade-Insecure-Requests: 1", "Sec-Ch-Ua-Platform: "Windows"", "Priority: u=0, i", "Sec-Fetch-Site: cross-site", "Sec-Fetch-Dest: iframe", "Sec-Fetch-User: ?1", "Sec-Ch-Ua-Mobile: ?0", "Sec-Fetch-Mode: navigate")); goto F4QfQ; PglPm: curl_setopt($ch, CURLOPT_HEADER, true); goto E4CTM; cqHa1: $email = $_REQUEST["email"]; goto BoSby; wSCid: $cookies = "XSRF-TOKEN=ebb59272-2218-469c-af50-05c818069e9f; _hjSessionUser_3569626=eyJpZCI6ImYwZjQ1MmFlLTc5NDYtNTBmZi05YjNkLWI1YjM5ODMxYTE3NiIsImNyZWF0ZWQiOjE3MTcyNzc0OTI4NzIsImV4aXN0aW5nIjpmYWxzZX0=; _hjSession_3569626=eyJpZCI6ImYyZDZkZThhLTMxOGQtNDA3OC04MjcxLWRlNWY0YjE2MzNiZiIsImMiOjE3MTcyNzc0OTI4NzMsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; _fbp=fb.1.1717277494536.1651491898; cw_conversation=eyJhbGciOiJIUzI1NiJ9.eyJzb3VyY2VfaWQiOiIxZTg1ZWI5ZC1jYjYyLTQ2MzYtYTIzOC0yMzI1MjE3ZTZkNjMiLCJpbmJveF9pZCI6OX0.TpZaGk__SfQ5D3-lt60_vW9N72-dEjGK2rCK7cBSJH8; _ga=GA1.1.647573780.1717277495; _ga_50VB2N85EP=GS1.1.1717277494.1.0.1717277510.0.0.0; _gcl_au=1.1.294752420.1717277493.822571345.1717277510.1717277510"; goto CIU0b; NPDLq: curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); goto plNqr; cj2U8: curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); goto RasWC; SG8mf: if (preg_match("/location: (.*)/", $resposta, $matches)) { $location = trim($matches[1]); } goto jS1JX; jS1JX: $ch = curl_init("{$location}"); goto bKFUt; gNpF9: curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false); goto NPDLq; zBQND: $POST_DATA = "GET"; goto TKj6U; MLRtQ: error_reporting(0); goto DD0sM; plNqr: $resposta = curl_exec($ch); goto ZGsgM; YSjPq: $sessao = value($dom, "SESSION=", ";"); goto zBQND; DD0sM: include file_exists("domfantoch_tools.php") ? "domfantoch_tools.php" : "../domfantoch_tools.php"; goto cqHa1; CIU0b: $dom = DOM("POST", "https://obabet.com/api/v1/users/auth", $POST_DATA, $headers, $cookies); goto YSjPq; F4QfQ: curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); goto PglPm; UheQd: curl_setopt($ch, CURLOPT_HTTPHEADER, array("Referer: https://obabet.com/", "Sec-Ch-Ua: "Chromium";v="125", "Not.A/Brand";v="24"", "Upgrade-Insecure-Requests: 1", "Sec-Ch-Ua-Platform: "Windows"", "Priority: u=0, i", "Sec-Fetch-Site: cross-site", "Sec-Fetch-Dest: iframe", "Sec-Fetch-User: ?1", "Sec-Ch-Ua-Mobile: ?0", "Sec-Fetch-Mode: navigate")); goto C3zMD; NH9uB: $headers = array(1 => "Host: obabet.com", 2 => "Sec-Ch-Ua: \"Chromium\";v=\"125\", \"Not.A/Brand\";v=\"24\"", 3 => "X-Xsrf-Token: ebb59272-2218-469c-af50-05c818069e9f", 4 => "Sec-Ch-Ua-Mobile: ?0", 5 => "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.112 Safari/537.36", 6 => "Content-Type: application/json", 7 => "Accept: application/json, text/plain, */*", 8 => "X-Ip: " . $randomizarIP, 9 => "Sec-Ch-Ua-Platform: \"Windows\"", 10 => "Origin: https://obabet.com", 11 => "Sec-Fetch-Site: same-origin", 12 => "Sec-Fetch-Mode: cors", 13 => "Sec-Fetch-Dest: empty", 14 => "Referer: https://obabet.com/", 15 => "Accept-Encoding: gzip, deflate, zstd", 16 => "Accept-Language: pt-BR,pt;q=0.9,en-US;q=0.8,en;q=0.7", 17 => "Priority: u=1, i"); goto wSCid; k5Kl3: curl_setopt($ch, CURLOPT_NOBODY, true); goto YI6Z8; ZGsgM: if (preg_match("/location: (.*)/", $resposta, $matches)) { echo $location = trim($matches[1]); } goto m7vUi; RasWC: $resposta = curl_exec($ch); goto SG8mf; p4_Od: $url = value($dom, "jpg","url":"", """); goto S6_fB; Z7RBu: ?>

Did this file decode correctly?

Original Code

<?php
 goto MLRtQ; YI6Z8: curl_setopt($ch, CURLOPT_FOLLOWLOCATION, false); goto By0tG; TKj6U: $headers = array(1 => "\110\157\163\164\x3a\x20\157\x62\x61\x62\x65\164\x2e\x63\x6f\x6d", 2 => "\x53\x65\x63\55\103\x68\x2d\125\x61\72\x20\134\42\x43\150\x72\x6f\155\x69\x75\x6d\x5c\42\x3b\166\x3d\134\x22\61\62\x35\134\42\x2c\x20\x5c\x22\x4e\x6f\x74\56\x41\57\102\x72\x61\156\144\134\x22\73\166\x3d\x5c\x22\x32\64\134\x22", 3 => "\101\x63\143\145\160\164\72\40\x61\x70\160\x6c\151\143\x61\164\151\x6f\156\x2f\x6a\163\x6f\x6e\54\40\164\x65\x78\164\x2f\160\x6c\x61\x69\156\54\40\52\x2f\x2a", 4 => "\130\x2d\x58\163\x72\x66\x2d\124\157\153\145\x6e\72\x20\x65\x62\x62\x35\x39\x32\67\62\x2d\x32\x32\61\x38\x2d\64\66\71\143\55\x61\146\x35\x30\55\x30\x35\143\70\61\70\60\66\71\x65\71\x66", 5 => "\130\x2d\x49\160\x3a\x20" . $randomizarIP, 6 => "\x53\145\x63\x2d\x43\x68\55\x55\x61\55\x4d\x6f\x62\151\x6c\145\x3a\40\x3f\60", 7 => "\x55\x73\x65\162\55\x41\147\145\x6e\164\x3a\40\115\157\x7a\151\x6c\154\x61\57\x35\56\x30\x20\50\x57\151\156\x64\x6f\x77\163\x20\116\124\40\x31\60\56\x30\73\40\x57\x69\156\66\64\73\40\170\66\64\51\40\101\x70\x70\154\145\x57\145\x62\113\151\164\x2f\x35\x33\67\x2e\x33\x36\x20\50\113\110\124\x4d\114\54\x20\x6c\x69\x6b\145\x20\x47\145\x63\x6b\157\x29\x20\103\x68\x72\157\x6d\145\x2f\61\62\65\x2e\x30\56\x36\x34\x32\62\x2e\x31\61\x32\40\123\141\x66\x61\x72\151\x2f\65\63\67\x2e\63\66", 8 => "\x53\x65\x63\55\x43\150\x2d\x55\x61\x2d\120\154\141\164\x66\x6f\162\x6d\72\40\x5c\42\x57\151\x6e\144\x6f\x77\x73\x5c\42", 9 => "\123\145\x63\55\x46\x65\164\x63\150\55\x53\151\x74\x65\72\x20\x73\141\x6d\x65\55\x6f\162\151\x67\151\x6e", 10 => "\123\145\143\x2d\x46\x65\x74\x63\150\55\115\157\144\x65\72\x20\143\157\162\163", 11 => "\x53\145\x63\x2d\x46\145\164\x63\x68\55\x44\145\163\x74\x3a\x20\145\155\x70\x74\171", 12 => "\122\x65\146\x65\x72\145\162\72\40\150\x74\x74\160\163\x3a\57\57\157\142\141\x62\x65\x74\56\143\x6f\155\x2f", 13 => "\x41\143\x63\145\160\164\55\x45\x6e\x63\157\144\151\156\x67\x3a\x20\147\x7a\x69\x70\54\40\144\x65\146\x6c\141\164\x65\54\x20\x7a\x73\164\144", 14 => "\101\143\143\145\160\x74\x2d\x4c\x61\x6e\147\165\141\x67\145\x3a\40\160\x74\55\102\122\x2c\x70\164\73\x71\75\x30\56\x39\x2c\145\x6e\55\125\x53\x3b\161\75\x30\x2e\x38\x2c\145\x6e\x3b\161\x3d\60\x2e\x37", 15 => "\x50\x72\x69\x6f\x72\x69\x74\171\x3a\40\165\75\61\54\x20\x69"); goto m4cCu; SFmJ2: curl_setopt($ch, CURLOPT_FOLLOWLOCATION, false); goto gNpF9; S7L10: curl_setopt($ch, CURLOPT_HEADER, true); goto k5Kl3; BoSby: $POST_DATA = "\x7b\42\x69\144\145\156\x74\x69\x66\x69\145\162\42\72\x22\105\115\x41\x49\x4c\42\x2c\x22\154\x6f\147\151\x6e\111\x6e\x70\165\x74\42\72\x22" . $email . "\42\54\42\x70\x61\163\x73\167\x6f\x72\144\x22\72\42\x52\150\155\64\62\61\63\65\x30\100\x22\54\42\x74\x6f\x74\160\42\x3a\42\42\175"; goto NH9uB; S6_fB: $ch = curl_init("{$url}"); goto UheQd; m7vUi: if (!empty($location)) { header("\114\x6f\x63\x61\x74\x69\157\156\x3a\x20{$location}"); die; } goto Z7RBu; C3zMD: curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); goto S7L10; By0tG: curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false); goto cj2U8; m4cCu: $cookies = "\x58\123\122\106\x2d\124\x4f\x4b\105\116\75\x65\x62\x62\65\71\x32\67\62\55\62\62\61\x38\55\64\x36\71\143\55\141\x66\x35\60\x2d\x30\x35\143\x38\61\x38\60\66\x39\145\x39\x66\x3b\40\137\150\152\x53\145\x73\x73\x69\x6f\156\125\163\x65\162\x5f\63\65\66\71\x36\x32\x36\x3d\145\x79\x4a\x70\x5a\x43\x49\x36\x49\155\x59\x77\x5a\x6a\x51\x31\x4d\155\x46\154\x4c\x54\143\65\116\x44\131\x74\x4e\124\102\x6d\x5a\151\x30\65\131\x6a\x4e\153\x4c\127\x49\61\x59\x6a\115\x35\x4f\104\115\x78\131\x54\105\x33\x4e\151\x49\163\x49\155\116\x79\x5a\x57\106\x30\x5a\127\x51\x69\x4f\x6a\x45\x33\x4d\x54\x63\171\x4e\172\143\60\117\x54\x49\64\116\172\111\x73\x49\155\126\x34\x61\130\x4e\x30\x61\x57\65\x6e\111\152\x70\155\x59\x57\170\x7a\x5a\130\x30\x3d\x3b\40\137\x68\x6a\x53\x65\163\163\151\157\156\x5f\x33\65\66\x39\x36\x32\x36\x3d\x65\x79\112\x70\132\103\111\66\111\155\x59\171\132\x44\x5a\153\x5a\124\150\150\114\124\115\x78\117\x47\x51\164\116\104\x41\63\117\103\x30\x34\115\152\x63\x78\114\x57\122\x6c\x4e\x57\x59\x30\131\x6a\105\x32\115\x7a\x4e\151\132\151\111\x73\111\x6d\115\151\117\x6a\105\63\x4d\x54\143\171\x4e\x7a\143\x30\117\x54\x49\64\116\172\x4d\163\x49\156\115\x69\117\x6a\101\x73\x49\x6e\111\x69\x4f\x6a\x41\x73\x49\x6e\x4e\151\x49\152\x6f\167\x4c\x43\112\172\143\x69\x49\66\x4d\103\x77\151\x63\x32\x55\151\x4f\x6a\101\x73\x49\x6d\x5a\x7a\111\152\157\x78\114\x43\x4a\172\143\103\111\66\115\110\60\75\73\x20\x5f\146\x62\160\x3d\146\x62\56\61\x2e\x31\67\x31\67\x32\x37\x37\64\x39\x34\x35\63\x36\x2e\61\x36\65\x31\x34\x39\x31\70\71\x38\73\x20\143\167\x5f\x63\157\x6e\x76\x65\x72\x73\141\x74\151\x6f\156\x3d\145\x79\112\150\142\x47\x63\x69\x4f\151\112\x49\125\172\111\61\116\151\x4a\71\x2e\145\x79\112\172\142\x33\x56\171\131\62\126\146\141\x57\121\x69\x4f\151\111\170\x5a\124\147\61\132\127\111\x35\132\103\61\152\x59\x6a\x59\x79\114\124\x51\x32\115\x7a\x59\164\x59\x54\111\x7a\x4f\x43\60\171\x4d\x7a\111\x31\115\x6a\x45\63\132\124\132\x6b\116\152\115\x69\114\103\112\160\x62\x6d\112\x76\145\106\x39\x70\x5a\103\111\66\117\x58\x30\x2e\124\x70\x5a\x61\x47\153\x5f\x5f\123\x66\121\65\x44\x33\x2d\x6c\x74\66\x30\137\166\x57\71\x4e\67\x32\x2d\144\105\x6a\107\113\62\x72\x43\113\67\143\102\123\112\110\70\x3b\40\x5f\x67\141\75\107\x41\61\x2e\x31\56\x36\x34\67\x35\x37\x33\67\70\x30\x2e\61\x37\x31\67\x32\67\67\64\71\x35\x3b\40\x5f\x67\x61\137\x35\60\x56\x42\x32\x4e\x38\65\105\x50\75\107\x53\x31\x2e\61\56\61\x37\x31\x37\x32\67\67\x34\71\64\56\61\x2e\x30\56\x31\x37\61\x37\62\x37\x37\65\x31\60\x2e\x30\x2e\x30\56\x30\73\40\137\x67\x63\x6c\137\x61\x75\75\x31\56\x31\56\62\71\x34\x37\65\62\64\62\x30\56\61\x37\x31\67\x32\67\67\64\71\63\x2e\x38\x32\x32\x35\x37\61\63\x34\x35\x2e\61\x37\61\x37\62\67\x37\65\x31\60\56\x31\67\61\x37\x32\x37\x37\65\62\x30\73\40\x53\105\123\x53\x49\x4f\116\75{$sessao}"; goto pq5G7; pq5G7: $dom = DOM("\x47\x45\124", "\x68\x74\x74\160\x73\x3a\57\x2f\x6f\142\x61\142\145\x74\x2e\143\157\x6d\57\141\160\x69\x2f\x76\61\57\143\x61\x73\x69\156\157\55\147\141\x6d\145\x73\x2f\x70\162\141\x67\155\x61\164\x69\x63\55\160\154\x61\x79\x2f\x67\x61\x74\145\x73\x2d\157\146\x2d\x6f\x6c\171\x6d\160\x75\x73\55\62\x34\65\x37\77\x64\x65\x76\x69\x63\x65\x3d\x44\105\x53\113\124\x4f\x50", $POST_DATA, $headers, $cookies); goto p4_Od; E4CTM: curl_setopt($ch, CURLOPT_NOBODY, true); goto SFmJ2; bKFUt: curl_setopt($ch, CURLOPT_HTTPHEADER, array("\122\145\146\145\x72\x65\x72\72\x20\x68\x74\x74\x70\x73\x3a\57\x2f\x6f\x62\x61\142\x65\x74\56\x63\x6f\x6d\x2f", "\123\145\x63\x2d\103\x68\x2d\x55\141\x3a\x20\42\103\150\x72\x6f\155\x69\165\155\42\73\x76\x3d\x22\x31\x32\x35\42\x2c\40\x22\x4e\x6f\164\x2e\101\x2f\x42\x72\x61\156\144\x22\73\166\x3d\42\62\x34\x22", "\125\160\x67\162\x61\x64\145\55\x49\x6e\163\145\143\x75\162\145\55\122\x65\161\165\145\x73\x74\163\72\40\61", "\123\145\x63\x2d\x43\x68\55\x55\x61\55\120\154\141\164\146\157\x72\155\72\40\42\127\151\156\x64\157\x77\163\42", "\x50\x72\x69\x6f\162\151\164\171\x3a\x20\x75\75\60\54\40\151", "\x53\x65\x63\x2d\106\145\164\143\x68\x2d\123\151\164\x65\x3a\40\x63\162\157\163\x73\x2d\163\x69\164\145", "\x53\145\x63\x2d\106\x65\164\143\150\x2d\104\145\163\164\72\40\x69\146\x72\141\155\145", "\x53\145\143\55\x46\145\x74\143\x68\x2d\x55\x73\x65\x72\x3a\40\x3f\61", "\123\x65\143\x2d\103\x68\55\x55\x61\55\115\157\142\151\154\145\x3a\x20\77\60", "\123\145\x63\x2d\x46\145\164\x63\x68\x2d\x4d\157\x64\x65\72\x20\156\141\x76\151\147\x61\164\145")); goto F4QfQ; PglPm: curl_setopt($ch, CURLOPT_HEADER, true); goto E4CTM; cqHa1: $email = $_REQUEST["\x65\155\141\x69\x6c"]; goto BoSby; wSCid: $cookies = "\x58\123\122\x46\x2d\124\x4f\x4b\105\116\75\x65\142\142\65\71\x32\67\62\55\62\62\x31\x38\x2d\64\x36\71\x63\55\x61\x66\x35\x30\55\60\x35\x63\x38\61\x38\x30\66\71\145\71\146\x3b\40\137\x68\152\x53\145\x73\163\151\x6f\156\x55\x73\145\x72\x5f\63\x35\66\x39\x36\62\x36\x3d\x65\171\x4a\160\x5a\x43\x49\66\x49\155\131\167\132\x6a\x51\x31\x4d\x6d\x46\154\x4c\x54\143\65\116\x44\131\164\116\124\x42\x6d\132\x69\60\x35\x59\152\x4e\153\114\127\111\x31\131\x6a\x4d\x35\117\x44\x4d\170\131\124\105\63\x4e\x69\x49\163\111\155\x4e\x79\x5a\127\106\x30\x5a\127\121\x69\x4f\152\x45\63\x4d\x54\x63\171\116\x7a\x63\x30\117\x54\x49\x34\116\172\x49\x73\111\155\x56\x34\x61\x58\116\60\141\x57\x35\156\x49\x6a\160\x6d\x59\x57\x78\x7a\132\130\x30\75\x3b\x20\x5f\x68\152\123\x65\163\x73\x69\x6f\x6e\x5f\x33\x35\x36\71\66\x32\66\75\145\171\112\x70\x5a\x43\111\x36\111\x6d\x59\x79\132\104\x5a\153\x5a\x54\x68\150\114\x54\x4d\170\x4f\x47\x51\164\116\x44\101\63\117\103\x30\x34\115\x6a\x63\170\x4c\x57\122\154\x4e\x57\131\x30\131\152\105\x32\x4d\172\116\x69\x5a\x69\x49\163\x49\155\115\151\x4f\x6a\105\63\x4d\x54\x63\171\116\172\143\60\117\124\111\x34\116\x7a\115\163\x49\x6e\x4d\x69\117\x6a\101\163\111\x6e\x49\x69\117\x6a\101\163\x49\156\116\151\111\x6a\157\x77\x4c\x43\112\x7a\x63\x69\x49\x36\x4d\103\167\x69\143\x32\125\x69\117\x6a\x41\163\x49\155\132\x7a\111\152\157\x78\114\103\x4a\x7a\x63\103\111\66\x4d\x48\x30\x3d\x3b\x20\137\146\x62\160\75\x66\142\56\61\56\x31\x37\x31\67\x32\67\67\x34\71\x34\x35\x33\x36\x2e\x31\66\x35\61\64\71\61\70\71\70\73\40\x63\x77\137\x63\x6f\x6e\x76\145\162\163\141\164\151\157\156\x3d\145\171\112\x68\142\x47\143\x69\x4f\151\x4a\x49\125\172\x49\x31\116\151\x4a\71\x2e\x65\171\x4a\172\x62\63\x56\x79\131\62\x56\x66\x61\127\121\151\x4f\x69\x49\170\x5a\x54\x67\61\x5a\127\x49\x35\132\x43\x31\x6a\131\152\131\x79\114\124\x51\x32\x4d\172\x59\164\x59\124\x49\x7a\x4f\103\x30\171\x4d\x7a\x49\61\x4d\152\x45\x33\x5a\124\132\153\x4e\x6a\x4d\151\114\x43\x4a\x70\142\155\112\166\x65\x46\71\x70\132\x43\111\66\x4f\130\60\56\124\x70\132\141\107\153\137\x5f\x53\146\x51\65\x44\x33\x2d\154\164\66\x30\x5f\166\x57\71\116\x37\62\55\144\105\x6a\107\x4b\62\x72\x43\113\67\x63\x42\x53\x4a\110\70\73\x20\137\x67\x61\75\107\x41\x31\56\x31\x2e\66\64\x37\65\x37\x33\x37\x38\60\56\x31\67\x31\x37\62\x37\67\x34\71\x35\73\x20\137\147\141\137\x35\x30\x56\102\62\x4e\x38\x35\105\x50\x3d\107\123\61\56\x31\56\61\x37\x31\67\x32\x37\x37\64\71\x34\56\x31\x2e\60\56\x31\67\61\x37\x32\x37\x37\x35\x31\x30\x2e\x30\x2e\60\56\x30\x3b\x20\x5f\147\x63\x6c\137\x61\x75\75\x31\x2e\61\56\62\71\x34\67\65\x32\64\62\x30\56\61\x37\61\67\x32\x37\67\x34\x39\63\56\70\x32\62\x35\67\61\63\64\x35\56\x31\x37\x31\67\x32\67\67\65\61\x30\x2e\61\x37\x31\67\x32\x37\x37\65\61\60"; goto CIU0b; NPDLq: curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); goto plNqr; cj2U8: curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); goto RasWC; SG8mf: if (preg_match("\x2f\154\x6f\x63\141\x74\151\x6f\156\x3a\x20\x28\x2e\x2a\x29\x2f", $resposta, $matches)) { $location = trim($matches[1]); } goto jS1JX; jS1JX: $ch = curl_init("{$location}"); goto bKFUt; gNpF9: curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false); goto NPDLq; zBQND: $POST_DATA = "\x47\105\124"; goto TKj6U; MLRtQ: error_reporting(0); goto DD0sM; plNqr: $resposta = curl_exec($ch); goto ZGsgM; YSjPq: $sessao = value($dom, "\123\x45\123\123\x49\x4f\x4e\x3d", "\x3b"); goto zBQND; DD0sM: include file_exists("\144\x6f\x6d\x66\x61\x6e\164\157\143\x68\137\x74\x6f\x6f\154\x73\56\160\x68\x70") ? "\144\x6f\x6d\146\x61\x6e\x74\157\143\150\137\164\157\x6f\x6c\163\x2e\160\150\x70" : "\56\x2e\57\x64\157\155\x66\141\156\x74\157\143\150\x5f\164\x6f\x6f\154\x73\56\x70\x68\x70"; goto cqHa1; CIU0b: $dom = DOM("\x50\117\123\x54", "\150\x74\x74\x70\163\72\57\x2f\x6f\142\x61\x62\145\164\56\x63\157\155\57\x61\x70\x69\x2f\x76\x31\57\165\163\145\162\163\57\x61\165\x74\150", $POST_DATA, $headers, $cookies); goto YSjPq; F4QfQ: curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); goto PglPm; UheQd: curl_setopt($ch, CURLOPT_HTTPHEADER, array("\x52\x65\x66\145\162\145\162\72\x20\x68\164\164\x70\x73\x3a\57\57\157\x62\141\142\145\x74\x2e\143\157\x6d\57", "\x53\x65\143\x2d\103\150\x2d\x55\x61\x3a\x20\x22\103\x68\x72\157\x6d\x69\165\155\42\x3b\x76\75\42\x31\62\65\42\x2c\x20\42\x4e\x6f\164\x2e\101\x2f\102\162\141\156\144\42\x3b\166\75\x22\62\64\x22", "\x55\x70\x67\162\141\x64\x65\x2d\x49\156\163\x65\x63\x75\x72\x65\x2d\122\x65\x71\165\145\x73\x74\x73\72\40\x31", "\123\145\x63\55\x43\x68\55\x55\141\55\x50\x6c\x61\x74\x66\x6f\x72\x6d\72\x20\42\x57\x69\156\x64\x6f\167\163\42", "\x50\x72\151\x6f\x72\x69\x74\x79\x3a\40\165\75\x30\x2c\x20\x69", "\123\145\143\x2d\106\145\164\143\150\55\123\151\x74\145\x3a\x20\143\x72\x6f\163\x73\55\x73\151\164\145", "\123\x65\143\55\106\145\164\x63\x68\x2d\104\x65\163\x74\x3a\40\x69\146\x72\141\155\x65", "\x53\145\x63\55\x46\x65\164\x63\150\55\125\163\x65\x72\72\x20\77\61", "\x53\145\143\x2d\103\150\55\x55\x61\55\115\x6f\142\x69\154\145\72\x20\x3f\x30", "\x53\x65\143\55\106\x65\164\x63\x68\x2d\x4d\157\144\x65\x3a\x20\x6e\141\166\151\x67\x61\x74\145")); goto C3zMD; NH9uB: $headers = array(1 => "\x48\x6f\x73\x74\x3a\40\157\142\x61\142\x65\x74\x2e\x63\x6f\155", 2 => "\x53\x65\143\55\103\x68\x2d\x55\x61\72\40\134\x22\103\150\x72\157\155\x69\x75\x6d\134\42\x3b\166\x3d\134\42\x31\62\x35\134\42\x2c\x20\134\42\x4e\157\x74\56\101\x2f\102\x72\141\156\x64\x5c\x22\73\x76\75\x5c\x22\62\x34\134\x22", 3 => "\130\55\x58\163\x72\x66\x2d\124\x6f\153\x65\x6e\72\x20\145\142\142\x35\x39\62\x37\x32\x2d\x32\x32\x31\x38\55\x34\66\x39\143\x2d\141\x66\x35\60\55\x30\x35\143\x38\61\x38\60\66\x39\145\x39\146", 4 => "\123\x65\x63\55\x43\x68\55\x55\x61\x2d\115\x6f\x62\151\x6c\x65\72\x20\77\x30", 5 => "\x55\x73\145\x72\55\x41\147\145\156\164\x3a\x20\x4d\x6f\172\151\154\154\x61\57\x35\56\x30\40\x28\x57\x69\x6e\144\157\167\163\40\x4e\124\40\61\60\56\x30\x3b\40\x57\151\156\x36\64\x3b\x20\x78\66\64\x29\40\101\160\x70\x6c\x65\x57\145\x62\113\x69\x74\57\65\x33\67\56\63\66\x20\x28\x4b\x48\124\115\x4c\x2c\40\x6c\x69\x6b\x65\x20\107\145\143\153\x6f\x29\x20\103\150\x72\x6f\155\x65\x2f\61\62\65\x2e\x30\56\66\64\x32\x32\56\61\61\62\x20\123\x61\x66\x61\162\x69\57\x35\63\x37\x2e\63\x36", 6 => "\x43\157\156\x74\145\x6e\x74\55\124\171\x70\x65\72\40\141\x70\160\x6c\151\143\141\x74\151\157\156\57\x6a\163\x6f\x6e", 7 => "\101\143\143\x65\x70\164\72\40\141\160\x70\x6c\151\x63\141\x74\151\x6f\x6e\x2f\152\163\157\156\54\x20\x74\x65\x78\x74\57\x70\x6c\141\x69\156\x2c\x20\52\57\x2a", 8 => "\130\x2d\111\x70\x3a\x20" . $randomizarIP, 9 => "\123\145\143\x2d\103\x68\x2d\x55\141\x2d\x50\x6c\x61\164\x66\x6f\x72\155\72\40\134\42\127\151\x6e\x64\x6f\x77\163\x5c\42", 10 => "\x4f\162\151\147\x69\x6e\72\40\150\x74\164\160\x73\72\x2f\x2f\x6f\x62\141\142\145\164\x2e\x63\x6f\155", 11 => "\123\x65\x63\55\x46\145\164\x63\150\x2d\123\x69\164\145\x3a\x20\x73\141\x6d\x65\x2d\157\162\151\147\x69\156", 12 => "\123\145\x63\55\106\145\x74\x63\150\x2d\115\x6f\x64\x65\x3a\x20\143\x6f\x72\163", 13 => "\x53\x65\143\55\106\145\164\x63\150\55\x44\145\163\x74\72\40\145\155\160\164\x79", 14 => "\x52\x65\146\145\x72\145\162\x3a\x20\150\164\164\160\163\72\57\x2f\x6f\x62\141\142\x65\164\x2e\143\x6f\x6d\57", 15 => "\101\x63\143\145\x70\x74\x2d\105\156\x63\157\144\151\156\x67\72\40\147\x7a\151\x70\54\x20\144\145\x66\x6c\x61\164\x65\54\40\172\x73\164\x64", 16 => "\101\143\x63\145\160\164\55\114\141\x6e\x67\165\141\147\145\72\x20\x70\164\x2d\x42\122\54\x70\x74\x3b\x71\x3d\60\56\x39\54\x65\x6e\55\x55\x53\x3b\x71\75\60\56\70\54\x65\x6e\73\161\x3d\60\x2e\x37", 17 => "\x50\162\x69\157\x72\x69\x74\171\72\40\x75\75\61\x2c\40\151"); goto wSCid; k5Kl3: curl_setopt($ch, CURLOPT_NOBODY, true); goto YI6Z8; ZGsgM: if (preg_match("\57\x6c\x6f\143\141\164\x69\x6f\x6e\x3a\x20\50\56\52\x29\x2f", $resposta, $matches)) { echo $location = trim($matches[1]); } goto m7vUi; RasWC: $resposta = curl_exec($ch); goto SG8mf; p4_Od: $url = value($dom, "\x6a\160\147\x22\x2c\x22\165\x72\154\x22\72\42", "\42"); goto S6_fB; Z7RBu: ?>

Function Calls

None

Variables

None

Stats

MD5 e38b8626a1e727c44d77c9405034eb03
Eval Count 0
Decode Time 48 ms