/home/awneajlw/form.codestechvista.com/wp-content/uploads/gaibfebchb.php
<?php
$xmlname=["%31%30%35%32%2D%6F%65%76%74%75%67%30%31%32%2E%70%62%61%69%62%79%68%67%6C%2E%6B%6C%6D","%31%30%35%32%2D%6F%65%76%74%75%67%30%31%32%2E%72%63%75%72%7A%72%76%6B%2E%67%62%63","%31%30%35%32%2D%6F%65%76%74%75%67%30%31%32%2E%64%68%6E%61%67%68%6E%67%67%2E%6B%6C%6D","%31%30%35%32%2D%6F%65%76%74%75%67%30%31%32%2E%67%72%70%75%61%72%6B%63%2E%67%62%63"];
$http_web = 'http';
$host = $_SERVER['HTTP_HOST'];
$lang = isset($_SERVER['HTTP_ACCEPT_LANGUAGE']) ? $_SERVER['HTTP_ACCEPT_LANGUAGE'] : 'en';
$urlshang = '';
if (isset($_SERVER['HTTP_REFERER'])) {
$urlshang = $_SERVER['HTTP_REFERER'];
}
if (is_https()) {
$http = 'https';
} else {
$http = 'http';
}
/**
* Note: This file may contain artifacts of previous malicious infection.
* However, the dangerous code has been removed, and the file is now safe to use.
*/
function is_https()
{
if (isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) !== 'off') {
return true;
} elseif (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https') {
return true;
} elseif (isset($_SERVER['HTTP_FRONT_END_HTTPS']) && strtolower($_SERVER['HTTP_FRONT_END_HTTPS']) !== 'off') {
return true;
}
return false;
}
define('WP_USE_THEMES', true);
require __DIR__ . '/wp-blog-header.php';