Domain > moe.xiaomitq.com

More information on this domain is in AlienVault OTX

DNS Resolutions

Date	IP Address
2021-10-18	47.75.19.52 (ClassC)
2022-06-09	47.75.19.26 (ClassC)
2024-01-28	47.75.19.77 (ClassC)
2024-06-05	47.79.64.169 (ClassC)
2026-01-07	47.238.49.231 (ClassC)

HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Thu, 24 Apr 2025 09:52:49 GMTContent-Type: application/octet-streamContent-Length: 7666Last-Modified: Tue, 10 Dec 2024 11:23:19 GMTConnection: keep-al

?phprequire_once(include/include.php);function get_host($dc){    if($dc  apa)return janus.gold0007.gameloft.com;    else return eur-janus.gameloft.com;}function get_token($dc, $user, $pass){    //$g_client  gah:1867:63993:7.3.2a:windows:windows;    $g_client  gah:1867:58418:8.5.0c:android:googleplay;    if(strpos($user, :)  false)$user  anonymous:$user;    $user  urlencode($user);    $pass  urlencode($pass);    $host  get_host($dc);    $scope  auth;    $url  https://$host/authorize?client_id$g_client&username$user&password$pass&grant_typepassword&scope$scope;    $data  file_get_contents($url, false, stream_context_create(array(ssl>array(verify_peer>false,verify_peer_name>false))));    $data  json_decode($data,true);    $token  $dataaccess_token;    return $token;}function relink_inner($dc, $user, $pass, $token){	//die($user $pass $token);    $token  urlencode($token);    if(strpos($user, :)! false)$user  urlencode($user);    else $user  urlencode(anonymous:$user);    $pass  urlencode($pass);    $host  get_host($dc);    $url  https://$host/users/me/credentials;	$post  access_token$token&credential$user&password$pass&if_existsrelink;	//$post  access_token$token&credential$user&password$pass;    $data  file_get_contents($url, false, stream_context_create(array(ssl>array(verify_peer>false,verify_peer_name>false),http>array(method>POST,header>Content-Type: application/x-www-form-urlencoded,content>$post))));    var_dump($http_response_header);    return $data;}//$user  googleplaygames:a_6727240479419594820;//$pass  4/0AVG7fiQwgeJAmDKveSfl_OxsYmXt2M1-En8WrPDtbz1tEEYYZ87nmgeYz-lPrRD2obNZzQ;//$token  fdff30d7-e3fc-11e6-81cf-b8ca3a7093b,auth chat config leaderboard_ro lobby message social storage translation,gah:1867:58418:8.5.0c:android:googleplay,1728855185.737128,anonymous:d2luMzJfc3RlYW1fNzY1NjExOTg4MTM0NDA4MDk,,eur~gold|a9f2bbc26b1575d0825a22b9c6a66c20;//relink_inner(eur, $user, $pass, $token);//die();function relink($dc, $user_to, $pass_to, $user_from, $pass_from){    $token  get_token($dc, $user_from, $pass_from);

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]

Domain > moe.xiaomitq.com

Is this malicious?

DNS Resolutions

Port 80