Malware Analysis Report

2024-09-09 17:38

Sample ID 240614-h57g9stdnp
Target a87ec6a33d2d0bd534eb7c4c66d1c4e8_JaffaCakes118
SHA256 7f09cf0c2937db58fcf91d1d7bcae7d18aa8807a43f5e9bd721f45435a560e6a
Tags
discovery impact
score
6/10

Table of Contents

Analysis Overview

MITRE ATT&CK Matrix

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
6/10

SHA256

7f09cf0c2937db58fcf91d1d7bcae7d18aa8807a43f5e9bd721f45435a560e6a

Threat Level: Shows suspicious behavior

The file a87ec6a33d2d0bd534eb7c4c66d1c4e8_JaffaCakes118 was found to be: Shows suspicious behavior.

Malicious Activity Summary

discovery impact

Queries information about the current Wi-Fi connection

Queries the unique device ID (IMEI, MEID, IMSI)

Requests dangerous framework permissions

Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

Queries information about active data network

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data)

Checks CPU information

MITRE ATT&CK Matrix

N/A

Analysis: static1

Detonation Overview

Reported

2024-06-14 07:20

Signatures

Requests dangerous framework permissions

Description Indicator Process Target
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an application to read or write the system settings. android.permission.WRITE_SETTINGS N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-14 07:20

Reported

2024-06-14 07:23

Platform

android-x86-arm-20240611.1-en

Max time kernel

11s

Max time network

186s

Command Line

com.east2d.everyimage

Signatures

Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

Description Indicator Process Target
N/A alog.umeng.com N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Reads information about phone network operator.

discovery

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Processes

com.east2d.everyimage

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 oc.umeng.com udp
CN 59.82.23.79:80 oc.umeng.com tcp
US 1.1.1.1:53 alog.umeng.com udp
CN 223.109.148.130:80 alog.umeng.com tcp
US 1.1.1.1:53 hmma.baidu.com udp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 1.1.1.1:53 tupian.nikankan.com udp
US 1.1.1.1:53 qingman.nikankan.com udp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 1.1.1.1:53 r.qingman.cc udp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 1.1.1.1:53 ww25.r.qingman.cc udp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
GB 142.250.187.206:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.206:443 android.apis.google.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 1.1.1.1:53 oc.umeng.com udp
HK 103.235.47.161:80 hmma.baidu.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
GB 172.217.169.10:443 tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp

Files

/data/data/com.east2d.everyimage/files/umeng_it.cache

MD5 8551ac082d64f90a098ac09d6c5ad3d1
SHA1 a3864f61cafb15271a8fc532321fe72747c75980
SHA256 3ec777b5495b24e3cdbf61ade1a300f048dae66bf59c3cd8b0f42d6567cf074e
SHA512 2e79fd9c49e9ec79500364caca9404c16168d4f485189517c058477315000a91f1defc59ff33529df9482c20f3a75d064a34e3a3ce668fa739cdb9cf69e163a2

/storage/emulated/0/backups/.SystemConfig/.cuid

MD5 b7f9f4bf6f0b93cc7cdf5e46418b6e62
SHA1 e0f928fd033cdaca799ddd1fa0e68d7f2ab4e2cd
SHA256 b010ab2b6953e8bf32a4a761add06c596f72bb5dafb3aa8a9f2b108d08f296d4
SHA512 9a3958219329c7060d0862a70efa0041cdcdae1dfeffc5e491b1f6d6f8aa5286ca31cfc726538f9311a3d28fdbe86f80ae436c0aa13e02eb29fe47259df8efcb

/data/data/com.east2d.everyimage/files/__local_last_session.json

MD5 c4b8fd04e3151973f6931b7d0d13cc5c
SHA1 0ca136895f745baa2149713d7ec06966ec18dcf4
SHA256 981eee717917c658b30d23cda4dacdad869053c2e99858038ef29a9c7e75558b
SHA512 89ea851ca50cdad226acb8b5524c07b5e01e047883d6e8d3e80f9056e935b3d6dd99fdf0e6320db741d4f310afa2e6967f64b9f7a85645c0ab614dd4a5c002cc

/data/data/com.east2d.everyimage/files/__local_stat_cache.json

MD5 2d805b13f2f28dc3ca9bbcc000f49bb5
SHA1 9eac165b4d81258fd3967cde5cc53b53b1dabcb1
SHA256 c8a6624f390568f0ddcb9841336aec6a564460fdaf6624e562b32935b8956f19
SHA512 5db8c57bab36bcf9db698c1dce70318cbffc156dd1d1c1e09e5b7ba60aff07b598ebbf26c4bd8a2b03bd6e59ef2dde2d944a22a8d8a19ecc8378e83afb7c83b0

/data/data/com.east2d.everyimage/files/__local_except_cache.json

MD5 e6e2d9b98201e2251c5b1d9dc939582f
SHA1 79ffc88641e732dfa07464da1e3b8dbbef8d70b1
SHA256 e5921c6227a5a645e6d26e6e56ec39ec7e999bf834cf10805cc913c3686ef542
SHA512 fdb37323b6167c2d29027a7306d9e4068c03279141beff862179811e3810a4050563db2c841eac145683a082374b4f1e810ec03f27d97a522a656c1f3314cbf0

/storage/emulated/0/crash/crash-2024-06-14-07-20-34-1718349634560.log

MD5 78800c75a3899a9a89d8a02aab0405bb
SHA1 2816ed0ef4eea55559e4fa8c21cdeda18a4b819a
SHA256 e55b4892b404ed4372caceba83667c040f9e05d8a53d92118fac8c8175f5379c
SHA512 3455d198bbf033ffe100406c03381d482e1016e238fbd38b71f4a73e80545316f1029e72988d847973b461edfcad321cf0bb7fd8ca047a00e01d8090c0388ecd

/data/data/com.east2d.everyimage/files/__local_last_session.json

MD5 d4a2339d819972a5061830b667781e53
SHA1 7cfb26c3d51197d1964809aa10720370b32f040f
SHA256 262ad5d1e6cb5c644a928b7def936aa119b62aeb7455cebed50cfeb721ad3fe1
SHA512 bf52536138fbe5dbd361c4b94899ef6d30777edbf79e2d8e771d56072866b011a636e381c0843774e843032816e4ed0b481b0a998a403fc98d37d6970fec1761

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-14 07:20

Reported

2024-06-14 07:23

Platform

android-x64-20240611.1-en

Max time kernel

7s

Max time network

189s

Command Line

com.east2d.everyimage

Signatures

Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

Description Indicator Process Target
N/A alog.umeng.com N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Queries the unique device ID (IMEI, MEID, IMSI)

discovery

Reads information about phone network operator.

discovery

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Processes

com.east2d.everyimage

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.179.234:443 tcp
US 1.1.1.1:53 oc.umeng.com udp
CN 59.82.23.79:80 oc.umeng.com tcp
US 1.1.1.1:53 alog.umeng.com udp
SG 47.246.109.109:80 alog.umeng.com tcp
US 1.1.1.1:53 hmma.baidu.com udp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 216.58.204.72:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 tupian.nikankan.com udp
US 1.1.1.1:53 qingman.nikankan.com udp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 1.1.1.1:53 r.qingman.cc udp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 1.1.1.1:53 ww25.r.qingman.cc udp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.206:443 android.apis.google.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 1.1.1.1:53 oc.umeng.com udp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 1.1.1.1:53 oc.umeng.com udp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
GB 216.58.204.78:443 tcp
GB 142.250.200.14:443 tcp
GB 172.217.169.66:443 tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
GB 216.58.201.100:443 tcp
GB 216.58.201.100:443 tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 1.1.1.1:53 oc.umeng.com udp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
US 1.1.1.1:53 hmma.baidu.com udp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp

Files

/data/data/com.east2d.everyimage/files/umeng_it.cache

MD5 48d5cb00571a201ac68fe792ec82728f
SHA1 bbac128a96c48012820747de9da629f03d0fc5fa
SHA256 ab7a1e322519c2d211d2eaa44d7e29e32bcdc5d67d5ec6e98ae3f4547715a9b3
SHA512 630f9fa11847bf01c48f10f9891c7166e55ab1a2ede0de634e438323cdeac40049e9be2960a99d14910ca5066f854549542c403bbce0c4b762709953a2345007

/data/data/com.east2d.everyimage/files/.imprint

MD5 277eb637875c4e482764238da38799db
SHA1 2815667c08d6488b10ff59e2037c4e58615b1b64
SHA256 354d7675658f5e05041e528e17742efd0debfca644bfb705796b15a622f5158d
SHA512 7c334739f58368cd8f7dc9b097de3a2b140066922995e68d0c19a14a7a8971caf593915eba5f970198982cf85574bc8e636bcc707b15bd9c886b9a1776999b81

/data/data/com.east2d.everyimage/files/__local_stat_cache.json

MD5 2d805b13f2f28dc3ca9bbcc000f49bb5
SHA1 9eac165b4d81258fd3967cde5cc53b53b1dabcb1
SHA256 c8a6624f390568f0ddcb9841336aec6a564460fdaf6624e562b32935b8956f19
SHA512 5db8c57bab36bcf9db698c1dce70318cbffc156dd1d1c1e09e5b7ba60aff07b598ebbf26c4bd8a2b03bd6e59ef2dde2d944a22a8d8a19ecc8378e83afb7c83b0

/data/data/com.east2d.everyimage/files/umeng_it.cache

MD5 f1d9eba5bcce55dc6ffc4c1e53d1cb99
SHA1 729598fb101fd8d379612ac80ac95ebc4a899389
SHA256 8e05d0863e877d7ae3178e902384f817225923d976db07e4e4f8aef2f7779759
SHA512 32501b21bea7f68f31ca6afedaf72c3aeea7ef4badc70466494255fe27a5a7a38c7b33ec56f92a864a4d24ca2037f8393f9373b3b698571cc59dd3dfc6a99f12

/data/data/com.east2d.everyimage/files/__local_last_session.json

MD5 ebda53cf8dea498c5906263ab414e710
SHA1 11b19a76f4a8ed9f5e14886dbc482c7d62fae118
SHA256 303d8eac02dd7f9de41716f4d4deb2849fb941f68557cba81151d072b6222c04
SHA512 226f4cadcdd37cc665344b4f8e532b7e46a25b603cbd94b43abe3a9370a0fb27cbaeb589003f6abce734c93f90e14d782b5f534d446658649a28dd72ea5d336a

/data/data/com.east2d.everyimage/files/__local_except_cache.json

MD5 2a882ca6b6b509e985ca32e5fbb2a71c
SHA1 1b181750662f500bb6af6af2f79d0722412b3c99
SHA256 b0d226f7f356f42a03ae9601c684265ebd5a5a332d5be7739d0f9d26ae0c873f
SHA512 1f5ad565454eddf09857d67d0f712e34150d78e380576c9c35e8fe786965fb81053e73ba9851e5fc7ff5b361fd3ab6242845fbb7fbd059e338218dfba507572b

/data/data/com.east2d.everyimage/files/mobclick_agent_cached_com.east2d.everyimage22

MD5 a000e66bd332a82066cdad4bdb27d758
SHA1 e4f00fdd0444b4d58f833ba7df8f7fd3e22d9751
SHA256 4be8b865d06984ea47829b586256efd0a24492951330b0f97052ff281fa0ed4f
SHA512 2c17088217e389b394fade7feb3fa3e44f4084d6172f6ae1e3d449037350e2b53db74f9d8465167480bdabca866c201d4b31aa6e13a2c925bb25cac218a4db0e

/storage/emulated/0/crash/crash-2024-06-14-07-20-31-1718349631005.log

MD5 1e5a2d6c402c21a04a166be2cf29020a
SHA1 de2965c4714cb90d2b395884cc0d3520d10d262a
SHA256 261298fd2eae66f236170a419c3ff6380463bfe3b19e671d4fed837d2ab9117b
SHA512 4ceab6577390672deb2db6d47a8e24dd5b2e96e15386657f42cdf2e9a667dc4e97e334670bd4263af11f6437bbf0e5490b427e11c3e9ff2991ed1c7436da2c0f

Analysis: behavioral3

Detonation Overview

Submitted

2024-06-14 07:20

Reported

2024-06-14 07:23

Platform

android-x64-arm64-20240611.1-en

Max time kernel

12s

Max time network

188s

Command Line

com.east2d.everyimage

Signatures

Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

Description Indicator Process Target
N/A alog.umeng.com N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Reads information about phone network operator.

discovery

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Processes

com.east2d.everyimage

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.187.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.179.238:443 android.apis.google.com tcp
US 1.1.1.1:53 oc.umeng.com udp
CN 59.82.23.79:80 oc.umeng.com tcp
US 1.1.1.1:53 alog.umeng.com udp
CN 223.109.148.179:80 alog.umeng.com tcp
US 1.1.1.1:53 hmma.baidu.com udp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 1.1.1.1:53 tupian.nikankan.com udp
US 1.1.1.1:53 qingman.nikankan.com udp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.187.200:443 ssl.google-analytics.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 1.1.1.1:53 r.qingman.cc udp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 1.1.1.1:53 ww25.r.qingman.cc udp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
GB 142.250.180.4:443 tcp
GB 142.250.180.4:443 tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 1.1.1.1:53 oc.umeng.com udp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 172.67.132.95:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 103.224.212.215:80 r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
US 199.59.243.226:80 ww25.r.qingman.cc tcp
US 104.21.12.192:80 qingman.nikankan.com tcp
CN 59.82.23.79:80 oc.umeng.com tcp
HK 103.235.47.161:80 hmma.baidu.com tcp

Files

/data/user/0/com.east2d.everyimage/files/umeng_it.cache

MD5 448b448f68c39891a066504991f6ef08
SHA1 2b21b37b3626f77d774ad45ea49e9aa93fe47f02
SHA256 117c609c6f5e0a1a3a23438440b1701917378c6de1e6392e38c7c2e3cecbe062
SHA512 4dbfbc97dfc41e20714c937bf71c8b05dfd30f114aaa17f20c8ebcef3182d278f7487d1b1fd91e9355778b8fa2cc8ff01d4a03be572a47e1418ec917d3ef156d

/data/user/0/com.east2d.everyimage/files/__local_stat_cache.json

MD5 2d805b13f2f28dc3ca9bbcc000f49bb5
SHA1 9eac165b4d81258fd3967cde5cc53b53b1dabcb1
SHA256 c8a6624f390568f0ddcb9841336aec6a564460fdaf6624e562b32935b8956f19
SHA512 5db8c57bab36bcf9db698c1dce70318cbffc156dd1d1c1e09e5b7ba60aff07b598ebbf26c4bd8a2b03bd6e59ef2dde2d944a22a8d8a19ecc8378e83afb7c83b0

/data/user/0/com.east2d.everyimage/files/__local_last_session.json

MD5 4fcaf853e2af4e21b34777797ef08d95
SHA1 c2bd62ab086229c3fad237bc7fcd3886916b1c67
SHA256 f129ffd9e9bfc15c6a201e14eeb8ce44d6b7cde95b1e0791694d409e05c808bc
SHA512 deb094ea72e0db28150e89da77ab4e415bc8221b75cee9592c682febfb1ccb84ad216a87f1d4e6f87060ec8fb95491aff120f05f68741c79d542d67ec58990e8

/data/user/0/com.east2d.everyimage/files/__local_except_cache.json

MD5 3c401a4a60c3223e01ca2e997c938912
SHA1 7bb8dba9d9ed3013388d3ec41f106d707b7dfa71
SHA256 4174bbaaae1a5016ad667e375212cfb71205284be7e6864e85ae766e99557626
SHA512 e15627453acd974177b4b20cf0e78741aa054d47ab142c229806356469125491b9c6a969a0cd1a9b8ec1e30f237db137018a7a4cf75117a4841d65ae9f72eb01

/storage/emulated/0/crash/crash-2024-06-14-07-20-35-1718349635238.log

MD5 3653fcdb6c3f242c166a3f8fe53f6469
SHA1 b1c515318bf2292029a0469ab234cdc6a2ae4428
SHA256 923d2604eb95976a459139c4f55b15d6b7341100fb241850fc9ce66f8b6f475e
SHA512 21444049f19d8ae585b79fd85ef019d4808d1b4019d2fc0914ffbf3cdd04eef9deafb7a46b30a8a2156ea74c16f446e6a0b6c98371b4ca2672d318f6c4cd8a39