Analysis Overview
SHA256
9309bf7534acfa1eaea0c9832c155e9b555c85e52c4c2ef48df0fd333c1b9cfa
Threat Level: Shows suspicious behavior
The file a96f98dd11fa9e2ce4878c17a55f83f4_JaffaCakes118 was found to be: Shows suspicious behavior.
Malicious Activity Summary
Requests cell location
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Requests cell location
Queries information about the current nearby Wi-Fi networks
Queries information about running processes on the device
Queries the phone number (MSISDN for GSM devices)
Acquires the wake lock
Reads information about phone network operator.
Queries information about the current Wi-Fi connection
Requests dangerous framework permissions
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
Queries the unique device ID (IMEI, MEID, IMSI)
Queries information about active data network
Uses Crypto APIs (Might try to encrypt user data)
Registers a broadcast receiver at runtime (usually for listening for system events)
Checks CPU information
MITRE ATT&CK Matrix
Analysis: static1
Detonation Overview
Reported
2024-06-14 11:29
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Required to be able to access the camera device. | android.permission.CAMERA | N/A | N/A |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
| Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. | android.permission.SYSTEM_ALERT_WINDOW | N/A | N/A |
| Allows an app to access precise location. | android.permission.ACCESS_FINE_LOCATION | N/A | N/A |
| Allows an application to read or write the system settings. | android.permission.WRITE_SETTINGS | N/A | N/A |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call. | android.permission.CALL_PHONE | N/A | N/A |
| Allows an application to record audio. | android.permission.RECORD_AUDIO | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-14 11:29
Reported
2024-06-14 11:32
Platform
android-x86-arm-20240611.1-en
Max time kernel
179s
Max time network
188s
Command Line
Signatures
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Queries information about the current nearby Wi-Fi networks
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getScanResults | N/A | N/A |
| Framework service call | android.net.wifi.IWifiManager.getScanResults | N/A | N/A |
Queries the phone number (MSISDN for GSM devices)
Requests cell location
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getCellLocation | N/A | N/A |
| Framework service call | com.android.internal.telephony.ITelephony.getAllCellInfo | N/A | N/A |
Acquires the wake lock
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
| Description | Indicator | Process | Target |
| N/A | alog.umeng.com | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Reads information about phone network operator.
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Processes
com.kidswant.ss
com.kidswant.ss:pushservice
com.kidswant.ss:remote
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | sapi.map.baidu.com | udp |
| HK | 103.235.46.245:443 | sapi.map.baidu.com | tcp |
| US | 1.1.1.1:53 | msg.haiziwang.com | udp |
| US | 1.1.1.1:53 | cms.haiziwang.com | udp |
| US | 1.1.1.1:53 | buy.haiziwang.com | udp |
| US | 1.1.1.1:53 | address.haiziwang.com | udp |
| US | 1.1.1.1:53 | alog.umeng.com | udp |
| SG | 47.246.109.108:80 | alog.umeng.com | tcp |
| CN | 42.177.83.82:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.82:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.111:80 | cms.haiziwang.com | tcp |
| CN | 58.144.235.61:80 | address.haiziwang.com | tcp |
| US | 1.1.1.1:53 | sdk.open.talk.igexin.com | udp |
| CN | 183.134.98.102:5224 | sdk.open.talk.igexin.com | tcp |
| CN | 116.153.64.182:80 | address.haiziwang.com | tcp |
| US | 1.1.1.1:53 | loc.map.baidu.com | udp |
| HK | 103.235.47.89:80 | loc.map.baidu.com | tcp |
| HK | 103.235.47.89:80 | loc.map.baidu.com | tcp |
| US | 1.1.1.1:53 | sapi.skyhookwireless.com | udp |
| HK | 103.235.47.89:80 | loc.map.baidu.com | tcp |
| US | 1.1.1.1:53 | dns.map.baidu.com | udp |
| FR | 15.188.116.26:443 | sapi.skyhookwireless.com | tcp |
| CN | 182.61.62.50:80 | dns.map.baidu.com | tcp |
| CN | 42.177.83.134:80 | cms.haiziwang.com | tcp |
| CN | 116.153.46.40:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.214:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.78:80 | cms.haiziwang.com | tcp |
| GB | 142.250.187.206:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.206:443 | android.apis.google.com | tcp |
| CN | 42.177.83.78:80 | cms.haiziwang.com | tcp |
| CN | 211.97.81.229:80 | cms.haiziwang.com | tcp |
| CN | 211.97.81.229:80 | cms.haiziwang.com | tcp |
| CN | 60.13.97.138:80 | cms.haiziwang.com | tcp |
| CN | 220.194.123.111:80 | address.haiziwang.com | tcp |
| CN | 60.13.97.138:80 | cms.haiziwang.com | tcp |
| CN | 1.56.98.101:80 | address.haiziwang.com | tcp |
| CN | 42.177.83.82:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.82:80 | cms.haiziwang.com | tcp |
| N/A | 10.0.0.172:80 | tcp | |
| CN | 211.97.81.229:80 | cms.haiziwang.com | tcp |
| CN | 211.97.81.229:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.224:80 | cms.haiziwang.com | tcp |
| CN | 182.61.62.50:80 | dns.map.baidu.com | tcp |
| CN | 42.177.83.224:80 | cms.haiziwang.com | tcp |
| CN | 183.134.98.102:5224 | sdk.open.talk.igexin.com | tcp |
| CN | 42.177.83.115:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.115:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.115:80 | cms.haiziwang.com | tcp |
| CN | 14.205.47.136:80 | cms.haiziwang.com | tcp |
| CN | 14.205.47.136:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.87:80 | cms.haiziwang.com | tcp |
| CN | 112.84.131.82:80 | address.haiziwang.com | tcp |
| CN | 42.177.83.87:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.87:80 | cms.haiziwang.com | tcp |
| CN | 122.188.38.123:80 | address.haiziwang.com | tcp |
| CN | 14.205.47.136:80 | cms.haiziwang.com | tcp |
| CN | 14.205.47.136:80 | cms.haiziwang.com | tcp |
| CN | 14.205.47.136:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.225:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.225:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.225:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.111:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.111:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.111:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.134:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.134:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.115:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.115:80 | cms.haiziwang.com | tcp |
| CN | 116.177.225.247:80 | address.haiziwang.com | tcp |
| CN | 42.177.83.134:80 | cms.haiziwang.com | tcp |
| CN | 116.153.46.40:80 | cms.haiziwang.com | tcp |
| CN | 116.153.46.40:80 | cms.haiziwang.com | tcp |
| FR | 15.188.116.26:443 | sapi.skyhookwireless.com | tcp |
| HK | 103.235.47.89:80 | loc.map.baidu.com | tcp |
| CN | 182.61.62.50:80 | dns.map.baidu.com | tcp |
| CN | 220.194.123.111:80 | address.haiziwang.com | tcp |
| CN | 116.153.46.40:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.214:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.214:80 | cms.haiziwang.com | tcp |
| CN | 183.134.98.102:5224 | sdk.open.talk.igexin.com | tcp |
| CN | 42.177.83.214:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.78:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.78:80 | cms.haiziwang.com | tcp |
| CN | 60.13.97.138:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.111:80 | cms.haiziwang.com | tcp |
| CN | 60.13.97.138:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.82:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.134:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.134:80 | cms.haiziwang.com | tcp |
| CN | 116.153.64.182:80 | address.haiziwang.com | tcp |
| CN | 42.177.83.134:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.82:80 | cms.haiziwang.com | tcp |
| CN | 211.97.81.229:80 | cms.haiziwang.com | tcp |
| CN | 112.84.131.82:80 | address.haiziwang.com | tcp |
| CN | 116.153.46.40:80 | cms.haiziwang.com | tcp |
| CN | 211.97.81.229:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.224:80 | cms.haiziwang.com | tcp |
| N/A | 10.0.0.172:80 | tcp | |
| CN | 42.177.83.214:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.224:80 | cms.haiziwang.com | tcp |
| CN | 182.61.62.50:80 | dns.map.baidu.com | tcp |
| CN | 42.177.83.78:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.115:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.111:80 | cms.haiziwang.com | tcp |
| CN | 60.13.97.138:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.87:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.78:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.78:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.134:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.82:80 | cms.haiziwang.com | tcp |
| CN | 58.251.62.192:80 | address.haiziwang.com | tcp |
| CN | 14.205.47.136:80 | cms.haiziwang.com | tcp |
| CN | 58.251.62.191:80 | address.haiziwang.com | tcp |
| US | 1.1.1.1:53 | sdk.open.talk.getui.net | udp |
| CN | 183.134.98.112:5224 | sdk.open.talk.getui.net | tcp |
| CN | 116.153.46.40:80 | cms.haiziwang.com | tcp |
| CN | 211.97.81.229:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.225:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.214:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.224:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.78:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.115:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.111:80 | cms.haiziwang.com | tcp |
| CN | 60.13.97.138:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.87:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.225:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.225:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.134:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.82:80 | cms.haiziwang.com | tcp |
| CN | 14.205.47.136:80 | cms.haiziwang.com | tcp |
| CN | 211.97.95.244:80 | address.haiziwang.com | tcp |
| FR | 15.188.116.26:443 | sapi.skyhookwireless.com | tcp |
| CN | 182.61.62.50:80 | dns.map.baidu.com | tcp |
| HK | 103.235.47.89:80 | loc.map.baidu.com | tcp |
| CN | 58.251.62.110:80 | address.haiziwang.com | tcp |
| CN | 116.153.46.40:80 | cms.haiziwang.com | tcp |
| CN | 211.97.81.229:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.225:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.214:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.224:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.78:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.115:80 | cms.haiziwang.com | tcp |
| US | 1.1.1.1:53 | msg.haiziwang.com | udp |
| CN | 60.13.97.138:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.87:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.225:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.214:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.214:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.82:80 | msg.haiziwang.com | tcp |
| CN | 14.205.47.136:80 | msg.haiziwang.com | tcp |
| CN | 61.241.148.88:80 | address.haiziwang.com | tcp |
| CN | 211.97.95.244:80 | address.haiziwang.com | tcp |
| CN | 183.134.98.112:5224 | sdk.open.talk.getui.net | tcp |
| CN | 42.177.83.115:80 | msg.haiziwang.com | tcp |
| CN | 211.97.81.229:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.225:80 | msg.haiziwang.com | tcp |
| N/A | 10.0.0.172:80 | tcp | |
| CN | 42.177.83.224:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.224:80 | msg.haiziwang.com | tcp |
| CN | 182.61.62.50:80 | dns.map.baidu.com | tcp |
| CN | 42.177.83.111:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.115:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.78:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.225:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.87:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.134:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.87:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.87:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.115:80 | msg.haiziwang.com | tcp |
| CN | 14.205.47.136:80 | msg.haiziwang.com | tcp |
| CN | 112.84.131.83:80 | address.haiziwang.com | tcp |
| CN | 58.251.62.189:80 | address.haiziwang.com | tcp |
| CN | 42.177.83.87:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.224:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.225:80 | msg.haiziwang.com | tcp |
| CN | 60.13.97.138:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.111:80 | msg.haiziwang.com | tcp |
| CN | 116.153.46.40:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.78:80 | msg.haiziwang.com | tcp |
| CN | 211.97.81.229:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.225:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.134:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.82:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.111:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.111:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.115:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.87:80 | msg.haiziwang.com | tcp |
| US | 1.1.1.1:53 | sapi.skyhookwireless.com | udp |
| HK | 103.235.47.89:80 | loc.map.baidu.com | tcp |
| CN | 182.61.62.50:80 | dns.map.baidu.com | tcp |
| FR | 15.188.116.26:443 | sapi.skyhookwireless.com | tcp |
| CN | 122.188.38.123:80 | address.haiziwang.com | tcp |
| CN | 58.251.62.192:80 | address.haiziwang.com | tcp |
| CN | 14.205.47.136:80 | msg.haiziwang.com | tcp |
| CN | 183.134.98.112:5224 | sdk.open.talk.getui.net | tcp |
| CN | 42.177.83.224:80 | msg.haiziwang.com | tcp |
| CN | 60.13.97.138:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.214:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.111:80 | msg.haiziwang.com | tcp |
| CN | 116.153.46.40:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.78:80 | msg.haiziwang.com | tcp |
| CN | 211.97.81.229:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.225:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.134:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.82:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.224:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.224:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.115:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.87:80 | msg.haiziwang.com | tcp |
| CN | 14.205.47.136:80 | msg.haiziwang.com | tcp |
| CN | 58.251.62.110:80 | address.haiziwang.com | tcp |
| CN | 116.177.225.247:80 | address.haiziwang.com | tcp |
| CN | 42.177.83.224:80 | msg.haiziwang.com | tcp |
| CN | 60.13.97.138:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.214:80 | msg.haiziwang.com | tcp |
| N/A | 10.0.0.172:80 | tcp | |
| CN | 42.177.83.111:80 | msg.haiziwang.com | tcp |
| CN | 116.153.46.40:80 | msg.haiziwang.com | tcp |
| CN | 182.61.62.50:80 | dns.map.baidu.com | tcp |
| CN | 42.177.83.78:80 | msg.haiziwang.com | tcp |
| CN | 211.97.81.229:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.225:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.134:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.82:80 | msg.haiziwang.com | tcp |
| CN | 60.13.97.138:80 | msg.haiziwang.com | tcp |
| CN | 60.13.97.138:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.115:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.87:80 | msg.haiziwang.com | tcp |
| CN | 14.205.47.136:80 | msg.haiziwang.com | tcp |
| CN | 1.56.98.101:80 | address.haiziwang.com | tcp |
| CN | 61.241.148.88:80 | address.haiziwang.com | tcp |
| CN | 42.177.83.224:80 | msg.haiziwang.com | tcp |
| CN | 60.13.97.138:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.214:80 | msg.haiziwang.com | tcp |
| US | 1.1.1.1:53 | sdk.open.talk.gepush.com | udp |
| CN | 183.134.98.112:5224 | sdk.open.talk.gepush.com | tcp |
| CN | 42.177.83.111:80 | msg.haiziwang.com | tcp |
| CN | 116.153.46.40:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.78:80 | msg.haiziwang.com | tcp |
| CN | 211.97.81.229:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.225:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.134:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.82:80 | msg.haiziwang.com | tcp |
| CN | 116.153.46.40:80 | msg.haiziwang.com | tcp |
| CN | 116.153.46.40:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.115:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.87:80 | msg.haiziwang.com | tcp |
| CN | 14.205.47.136:80 | msg.haiziwang.com | tcp |
| FR | 15.188.116.26:443 | sapi.skyhookwireless.com | tcp |
| CN | 182.61.62.50:80 | dns.map.baidu.com | tcp |
| HK | 103.235.47.89:80 | loc.map.baidu.com | tcp |
| CN | 58.251.62.191:80 | address.haiziwang.com | tcp |
| CN | 58.144.235.61:80 | address.haiziwang.com | tcp |
| CN | 42.177.83.224:80 | msg.haiziwang.com | tcp |
| CN | 60.13.97.138:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.214:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.111:80 | msg.haiziwang.com | tcp |
| CN | 116.153.46.40:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.78:80 | msg.haiziwang.com | tcp |
| CN | 211.97.81.229:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.225:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.134:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.82:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.115:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.87:80 | msg.haiziwang.com | tcp |
| CN | 14.205.47.136:80 | msg.haiziwang.com | tcp |
| CN | 58.251.62.189:80 | address.haiziwang.com | tcp |
| CN | 221.204.43.242:80 | address.haiziwang.com | tcp |
| CN | 42.177.83.224:80 | msg.haiziwang.com | tcp |
| CN | 60.13.97.138:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.214:80 | msg.haiziwang.com | tcp |
| N/A | 10.0.0.172:80 | tcp | |
| CN | 42.177.83.111:80 | msg.haiziwang.com | tcp |
| CN | 116.153.46.40:80 | msg.haiziwang.com | tcp |
| CN | 183.134.98.112:5224 | sdk.open.talk.gepush.com | tcp |
| CN | 182.61.62.50:80 | dns.map.baidu.com | tcp |
| CN | 42.177.83.78:80 | msg.haiziwang.com | tcp |
| CN | 211.97.81.229:80 | msg.haiziwang.com | tcp |
| US | 1.1.1.1:53 | msg.haiziwang.com | udp |
| CN | 42.177.83.134:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.82:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.87:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.87:80 | msg.haiziwang.com | tcp |
| CN | 14.205.47.136:80 | msg.haiziwang.com | tcp |
| CN | 221.204.43.242:80 | address.haiziwang.com | tcp |
| CN | 42.177.83.115:80 | msg.haiziwang.com | tcp |
| CN | 112.84.131.83:80 | address.haiziwang.com | tcp |
| CN | 60.13.97.138:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.214:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.134:80 | msg.haiziwang.com | tcp |
| CN | 116.153.46.40:80 | msg.haiziwang.com | tcp |
| CN | 60.13.97.138:80 | msg.haiziwang.com | tcp |
| CN | 211.97.81.229:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.111:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.87:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.82:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.224:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.115:80 | msg.haiziwang.com | tcp |
| CN | 14.205.47.136:80 | msg.haiziwang.com | tcp |
| US | 1.1.1.1:53 | sapi.skyhookwireless.com | udp |
| HK | 103.235.47.89:80 | loc.map.baidu.com | tcp |
| CN | 182.61.62.50:80 | dns.map.baidu.com | tcp |
| FR | 15.188.116.26:443 | sapi.skyhookwireless.com | tcp |
| CN | 211.97.81.229:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.134:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.214:80 | msg.haiziwang.com | tcp |
| CN | 14.205.47.136:80 | msg.haiziwang.com | tcp |
| CN | 60.13.97.138:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.82:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.111:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.225:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.87:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.224:80 | msg.haiziwang.com | tcp |
| CN | 183.134.98.112:5224 | sdk.open.talk.gepush.com | tcp |
| CN | 42.177.83.78:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.115:80 | msg.haiziwang.com | tcp |
| CN | 211.97.81.229:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.214:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.134:80 | msg.haiziwang.com | tcp |
| CN | 14.205.47.136:80 | msg.haiziwang.com | tcp |
| N/A | 10.0.0.172:80 | tcp | |
| CN | 116.153.46.40:80 | msg.haiziwang.com | tcp |
| CN | 60.13.97.138:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.82:80 | msg.haiziwang.com | tcp |
| CN | 182.61.62.50:80 | dns.map.baidu.com | tcp |
| CN | 42.177.83.111:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.225:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.87:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.224:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.78:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.115:80 | msg.haiziwang.com | tcp |
| CN | 211.97.81.229:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.214:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.134:80 | msg.haiziwang.com | tcp |
| CN | 14.205.47.136:80 | msg.haiziwang.com | tcp |
| CN | 116.153.46.40:80 | msg.haiziwang.com | tcp |
| CN | 60.13.97.138:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.82:80 | msg.haiziwang.com | tcp |
Files
/storage/emulated/0/Android/data/com.kidswant.ss/cache/uil-images/journal.tmp
| MD5 | 7055f774688e119031fffc0785c733f6 |
| SHA1 | 6c829edfdded8de291517f215c9cd2bf4c6c9906 |
| SHA256 | 655c2af5f594b6dd56d63abe196d39738c21326ca7c7c81fdd58031077c98402 |
| SHA512 | 1740638cb0c499aac3cdfd926f70347acc6c226fab46905021c5d8d0bae921dd42b38660710d99e62d54f8407f1a4957b56352615ae1ec2749f2a78910303ac3 |
/storage/emulated/0/baidu/.cuid
| MD5 | ff4db0eb7f9a326fd146584988a1c9cb |
| SHA1 | 9a4aab11ec6355602fa7f9b1643218a0a1068e28 |
| SHA256 | 3e3b6c4a9f87293ee92288ffd7f56d064ae5f4ecc53901ef384bedaa1b991cbd |
| SHA512 | 14f5bd05392924595906d2b096e8921b5f889412ae349a23c6a4d7bb2d771c61b9a952467548da0f6edeec26474d73de93a23d0bf9e4d65579eb839a6481dab6 |
/data/data/com.kidswant.ss/databases/beacon-db-journal
| MD5 | a1889e5d31dfcfedd42cf392f4d161b0 |
| SHA1 | 982263bb10afa93b785474f8d067982ae7aada34 |
| SHA256 | 4262684dfe4452000b63cfb8c515f739a4c950c6b29b603e0e7a796a50885d92 |
| SHA512 | acf1701156d4a81f41acf1ef6fdb94d60bc8fa3eb107f130686b7d358a82c53a3abf7d778e7f885944e2d1974750bcd62183087119a7c436928c6ab59251cded |
/data/data/com.kidswant.ss/databases/beacon-db
| MD5 | 1c4274aa7a9a5cac8c6d1df71e4588c6 |
| SHA1 | abaecd685e01cc68801292e3dc7085654a22feba |
| SHA256 | 3f6cd5f480ae69859b7841450f3d032c528ba385ebf9f371b9c8fdc6eb4231be |
| SHA512 | 1adb95935798607bd36cedcd183924d3068f50097d017b278da7caee7771532b61ec3606f6189b6dec8426eb038fe40be75079ce35894b1a8e0d1d815261150c |
/data/data/com.kidswant.ss/databases/beacon-db-wal
| MD5 | 076bcc4d53b57aae193fbeb6579fb7c7 |
| SHA1 | 6859ba59ce9fd5343fdeb97c38a9ee13a5ec9861 |
| SHA256 | 31a28ee66c5e4cab996de879bec1cca430b97f8b086fe08e9ab962a587ab282f |
| SHA512 | b6bd69585e2c50b3fc4229aadf2ac07c10b790097fdfbb2b90e45329d909a93fbfa011a2265fa704b821c16bf9a682bdb41cabfe9a61bf15e975878a455e06cf |
/data/data/com.kidswant.ss/files/umeng_it.cache
| MD5 | a30df463b1df01b825e1880cc62896a2 |
| SHA1 | 24e5222f7e21126a4ea9bbbcc1db51272145d31e |
| SHA256 | f5ab14e90d79c97e0186f94aa0701889db861c2986ee382fb8f532ae9947b3fb |
| SHA512 | 1c8555a7d627fcec6f2b203600d97e3d33a09e9d5e5d11e495806caff0f6176226dca18829863761f51e3ae38cdb77d754b2281dd2be29469380e4694433ec59 |
/data/data/com.kidswant.ss/files/.umeng/exchangeIdentity.json
| MD5 | a21bf2c809b470a1c647f3e12bd87109 |
| SHA1 | f929004b8d03af7d74487685d11f4576e4572ef3 |
| SHA256 | c75abe83b082ed8a6c09e092b09dc9358958832fd74b32c4b328c30fb8f2c897 |
| SHA512 | c8bd834a0807ba2a2570e3d41965faa3e57bd87777086d084d8659d7ed1d70d9f40cc5800de85cb94a03f2cef195c1c9d7f04fe119ceaa7864d01f45267fa5e4 |
/data/data/com.kidswant.ss/databases/pushsdk.db
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/com.kidswant.ss/databases/pushsdk.db-wal
| MD5 | 6bf82d87089ea6bf7eb6abc2f37c34c0 |
| SHA1 | aa8b27477dbcd44e585f0a041e4cb07364e84eb1 |
| SHA256 | 70673b72527303e74518a6cb204e0491885bde565eb1bd4887b56596da37e567 |
| SHA512 | e9bce9c820b55960d294f167d2f7d70c69c9a8a06ed047cf9adcc5d62a769dba55f3d4d5ade1db4adde17cea60dfef55e8fb738e60ec1bb0d6c18024945ca3c2 |
/data/data/com.kidswant.ss/files/.imprint
| MD5 | bc01be6d8d8a73ebb1ab51f12cfe0a4a |
| SHA1 | 683002337d82220d83ceb3274ef68630754ef616 |
| SHA256 | ac6b34ac930a866183bd10c906abe3a445b4cd57d50febadc9dc4bfd6e83bb46 |
| SHA512 | b165e7fbfc5068aff3ab645a17542afe0e055fbf9ac6cece42f688d91877159b4dd01d1ec712fb17b68a4ddc1cb01b1c91b63b7e4773b2ad55b467addf5f0635 |
/data/data/com.kidswant.ss/files/umeng_it.cache
| MD5 | 846d3f5ce7a44f2838e95129231fa7fd |
| SHA1 | ad6911ff02fbb4311779f5148b3a1495dd2acda4 |
| SHA256 | 49e1ab00fb96c70019eb0250116cc6f0b1f8f379a14ed3c3b0e4bad9e995328a |
| SHA512 | cdb2c240a412bf783ad19b28eb43c8e314df5a8c3fe320699070cbd3e1415c82e721975587d01c24dfa3671ffb77e81164661e147201bae1b1837d83427f5174 |
/data/data/com.kidswant.ss/files/ofld/ofl_statistics.db-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/com.kidswant.ss/files/ofld/ofl_statistics.db-wal
| MD5 | f6856e1d197c345e639372e39a843e7c |
| SHA1 | b1444e76b5652bf09008b29e42a156a291fa4717 |
| SHA256 | c63a7a9eaf034a52f968afdfb982ca2c15b65a95abca382b1110c404643bf47a |
| SHA512 | 127b3c8fd3e421636b715c8f1aff0733109abe77d28bd3bf6b55a07d8f4dc190316ade81ce8ad53ea6e161e31cd1352ad4df724bdd051353cc825fe20a06811c |
/data/data/com.kidswant.ss/files/lldt/firll.dat
| MD5 | de35bfd4c09fb826f3a745c10f555d73 |
| SHA1 | f437fd6d418bdb90319926dfaaa138a1438db64c |
| SHA256 | 1ded58801fe37d1b45e500e0b42140e68fc92b1390834635aa7eb56ea11c5b46 |
| SHA512 | 3c3258af9a736544a07a9ad0fd39c1b670d6516617b8925716524a2a05751735ee9158ac6b997eae5d5cd82b975119e79e9f17237a9a58e891acfeeed3f19f1b |
/storage/emulated/0/baidu/tempdata/lcvif.dat
| MD5 | 4602a90836ea1e0fa7e8cfc8c75a9f53 |
| SHA1 | e7eae241d44b146064680b5f44e9f4252d422e30 |
| SHA256 | 24d3194b1a57ebbaceae862e76b10fbbd1695dc2e1d3f9e5080ac34c865a7237 |
| SHA512 | 9b0c23eee383e9711d8fb7b0d2417bfbeb3d1588ebc4d76192d5302a688ff8e7d971d80bc0bd2091b281316fa58e30aae9796b803024917365ace0a1afdb1993 |
/storage/emulated/0/Android/data/com.kidswant.ss/files/baidu/tempdata/llg.dat
| MD5 | 161557b06b4a4d3ce095528dea370eb7 |
| SHA1 | 8bfe9c4d916fe58d856b5a6ecaf8cd9ea4df2c9f |
| SHA256 | f054ef19481234ee5b2db1d1c681839dab235a857ed3a4bc02efa8f785f478d4 |
| SHA512 | 96ce8aedbdbb387438efc86aaabd13a6378628bfae203d2bc25ea1cd7daa6ddbd6dd2c81d631fbdc9b653a93011d3c80f0c085580275b683d5e0bce077e6e449 |
/storage/emulated/0/Android/data/com.kidswant.ss/files/baidu/tempdata/llg.dat
| MD5 | c797c6aeba3b9fdd0b03db086289106b |
| SHA1 | 6f4b6fa1ead6af7f5db3d992dc460d14f985935f |
| SHA256 | 5506f1e215d271b03254b40585d9de050bc5f92a59a27cf91c9f690f2ba24115 |
| SHA512 | f0fe1a611b7068e0657b34fb487af874375fa4304d50440e809b23ec6871c238b72e6f662f8b6e8638400754a66f7137196e1861e1e3be19a8e919b39be579e9 |
/storage/emulated/0/Android/data/com.kidswant.ss/files/baidu/tempdata/conlts.dat
| MD5 | 8d80bc8ea90e9cac010d3ddf97bda5f5 |
| SHA1 | f063bc0d356e6ba9ab1eb9a851131ffbefd8fa07 |
| SHA256 | f52db31332534833414abd5e870f78c810b8ebbe5b134bbf599506beecfd1b93 |
| SHA512 | 9ea732dd572a9a4ba91b70891972230a09576687ca1bc19e62d5a98b5b84e0f2ae11985108008bc9fbccf357219b8bd3dbf146bb70752f618f70dc5d0c46a7c7 |
/storage/emulated/0/Android/data/com.kidswant.ss/files/baidu/tempdata/conlts.dat
| MD5 | 8d36fc98dfb7c03549777a4957dff7a8 |
| SHA1 | f4f2129b540c8fee376cc6ded0286a0fd925ec77 |
| SHA256 | 47767076c716756575ff7ed13178b462c8e74eecd63839d903ae5c3b0fc643f9 |
| SHA512 | bb0199cc1da2f95b90d0d7c5d6db8fd9d3dc0a4c40b57a7d844fa0277aff41d7c5d7d6bdcc07371c272606855ed1ef9b6256827c95bf5a6cfacf2c0e7c0e27da |
/data/data/com.kidswant.ss/files/ofld/ofl.config
| MD5 | 907cfc5aa267d414e32e7e9b75f9287c |
| SHA1 | a63faf84228ecc0f706c3169b0272cbe7f175125 |
| SHA256 | 37b5ae22894e8f529a26b9b7f5d644c8c6cbdb1cdd73f7e480c6120c3dc648dc |
| SHA512 | 13705b09ad584ec5be1178c900237abeabf40e5cf8f97817a9847b26bd9c38d9c50f5a3f096334dc391143e9a3390c467d24ad790b16c3cbae4f5c1cb686c75e |
/storage/emulated/0/Android/data/com.kidswant.ss/files/baidu/tempdata/llg.dat
| MD5 | 883592a9f0829f3b7123a2411a1734c2 |
| SHA1 | 2074918453a401563d7628befb6629a459166561 |
| SHA256 | ac30d4abb84c02a1adb78bdd5e79544f3111563f6562355b0ef5f29fc9046814 |
| SHA512 | 29ed690a057fd42bf8442a75a58037ad4fef6e860884d113480875a486033827e1284cd6777e6fd351f4cec31f71bba62d1d41a0bae90e4a02b8740edbb58d28 |
/storage/emulated/0/Android/data/com.kidswant.ss/files/baidu/tempdata/llg.dat
| MD5 | e5269e0a9d7ae987b54c60822bbd8ebc |
| SHA1 | 3f7f2049da8a03a7ead84f2e95f234187f5dd84f |
| SHA256 | c3eebd8af0f232a6a607601e809c950695731112bc0133d152c6b351ebbac3c6 |
| SHA512 | 72d642fdaa1cf8a5c22021d06a0e7e9e9ab54eb0e6ec4fccaabc6ab3c0ef236014fdc5cca99c872f169c38aeebaf1dce6ae9e77bd992825c96cdadf210b1d432 |
/storage/emulated/0/Android/data/com.kidswant.ss/files/baidu/tempdata/llg.dat
| MD5 | 65627d7f23b931dce0686f51d7adced3 |
| SHA1 | 6ae6124f50d1f10bcab20e2d7524a7a338e280a9 |
| SHA256 | 497fb7e54364d6c01170472c07879ea760fae80c5b8f9c06dd62ad8d28c93071 |
| SHA512 | 76788671e64e8edbd7076e918a50c8e5264570cbb4485dadc2b18c8a9a8d5a26972dc4b93b6d8d7c09da4e0aa8d38de36efeb63493c5a5819cf5a574e1ed85f2 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-14 11:29
Reported
2024-06-14 11:32
Platform
android-x64-20240611.1-en
Max time kernel
176s
Max time network
191s
Command Line
Signatures
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Queries information about the current nearby Wi-Fi networks
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getScanResults | N/A | N/A |
| Framework service call | android.net.wifi.IWifiManager.getScanResults | N/A | N/A |
Queries the phone number (MSISDN for GSM devices)
Requests cell location
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getAllCellInfo | N/A | N/A |
| Framework service call | com.android.internal.telephony.ITelephony.getCellLocation | N/A | N/A |
Acquires the wake lock
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
| Description | Indicator | Process | Target |
| N/A | alog.umeng.com | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Queries the unique device ID (IMEI, MEID, IMSI)
Reads information about phone network operator.
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Processes
com.kidswant.ss
com.kidswant.ss:pushservice
com.kidswant.ss:remote
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.178.8:443 | ssl.google-analytics.com | tcp |
| GB | 142.250.200.10:443 | tcp | |
| US | 1.1.1.1:53 | sapi.map.baidu.com | udp |
| HK | 103.235.46.245:443 | sapi.map.baidu.com | tcp |
| US | 1.1.1.1:53 | msg.haiziwang.com | udp |
| US | 1.1.1.1:53 | address.haiziwang.com | udp |
| US | 1.1.1.1:53 | buy.haiziwang.com | udp |
| CN | 58.144.235.61:80 | buy.haiziwang.com | tcp |
| US | 1.1.1.1:53 | cms.haiziwang.com | udp |
| CN | 220.194.123.111:80 | buy.haiziwang.com | tcp |
| US | 1.1.1.1:53 | alog.umeng.com | udp |
| CN | 223.109.148.176:80 | alog.umeng.com | tcp |
| CN | 14.205.47.136:80 | cms.haiziwang.com | tcp |
| CN | 14.205.47.136:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.134:80 | cms.haiziwang.com | tcp |
| US | 1.1.1.1:53 | sdk.open.talk.igexin.com | udp |
| CN | 183.134.98.112:5224 | sdk.open.talk.igexin.com | tcp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.206:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | loc.map.baidu.com | udp |
| HK | 103.235.46.246:80 | loc.map.baidu.com | tcp |
| GB | 142.250.200.46:443 | tcp | |
| CN | 42.177.83.82:80 | cms.haiziwang.com | tcp |
| HK | 103.235.46.246:80 | loc.map.baidu.com | tcp |
| HK | 103.235.46.246:80 | loc.map.baidu.com | tcp |
| US | 1.1.1.1:53 | sapi.skyhookwireless.com | udp |
| US | 1.1.1.1:53 | dns.map.baidu.com | udp |
| FR | 15.188.116.26:443 | sapi.skyhookwireless.com | tcp |
| CN | 182.61.62.50:80 | dns.map.baidu.com | tcp |
| CN | 42.177.83.225:80 | cms.haiziwang.com | tcp |
| CN | 116.153.46.40:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.224:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.224:80 | cms.haiziwang.com | tcp |
| CN | 220.194.123.111:80 | buy.haiziwang.com | tcp |
| CN | 116.153.64.182:80 | buy.haiziwang.com | tcp |
| CN | 223.109.148.130:80 | alog.umeng.com | tcp |
| CN | 42.177.83.214:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.214:80 | cms.haiziwang.com | tcp |
| CN | 14.205.47.136:80 | cms.haiziwang.com | tcp |
| CN | 14.205.47.136:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.214:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.214:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.111:80 | cms.haiziwang.com | tcp |
| N/A | 10.0.0.172:80 | tcp | |
| CN | 42.177.83.111:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.115:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.115:80 | cms.haiziwang.com | tcp |
| CN | 183.134.98.112:5224 | sdk.open.talk.igexin.com | tcp |
| CN | 182.61.62.50:80 | dns.map.baidu.com | tcp |
| CN | 211.97.81.229:80 | cms.haiziwang.com | tcp |
| CN | 211.97.81.229:80 | cms.haiziwang.com | tcp |
| CN | 211.97.81.229:80 | cms.haiziwang.com | tcp |
| CN | 58.251.62.189:80 | buy.haiziwang.com | tcp |
| CN | 122.188.38.123:80 | buy.haiziwang.com | tcp |
| CN | 223.109.148.177:80 | alog.umeng.com | tcp |
| CN | 42.177.83.224:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.224:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.87:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.87:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.87:80 | cms.haiziwang.com | tcp |
| CN | 60.13.97.138:80 | cms.haiziwang.com | tcp |
| CN | 60.13.97.138:80 | cms.haiziwang.com | tcp |
| CN | 60.13.97.138:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.78:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.78:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.78:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.134:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.134:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.134:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.82:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.82:80 | cms.haiziwang.com | tcp |
| CN | 116.177.225.247:80 | buy.haiziwang.com | tcp |
| CN | 116.177.225.247:80 | buy.haiziwang.com | tcp |
| GB | 216.58.212.238:443 | tcp | |
| GB | 142.250.200.2:443 | tcp | |
| CN | 42.177.83.87:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.87:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.82:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.225:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.225:80 | cms.haiziwang.com | tcp |
| US | 1.1.1.1:53 | sapi.skyhookwireless.com | udp |
| HK | 103.235.46.246:80 | loc.map.baidu.com | tcp |
| CN | 182.61.62.50:80 | dns.map.baidu.com | tcp |
| FR | 15.188.116.26:443 | sapi.skyhookwireless.com | tcp |
| CN | 42.177.83.225:80 | cms.haiziwang.com | tcp |
| CN | 116.153.46.40:80 | cms.haiziwang.com | tcp |
| CN | 116.153.46.40:80 | cms.haiziwang.com | tcp |
| GB | 172.217.169.68:443 | tcp | |
| GB | 172.217.169.68:443 | tcp | |
| CN | 183.134.98.112:5224 | sdk.open.talk.igexin.com | tcp |
| CN | 116.153.46.40:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.224:80 | cms.haiziwang.com | tcp |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 172.217.16.228:443 | www.google.com | tcp |
| CN | 42.177.83.224:80 | cms.haiziwang.com | tcp |
| CN | 14.205.47.136:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.134:80 | cms.haiziwang.com | tcp |
| CN | 14.205.47.136:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.214:80 | cms.haiziwang.com | tcp |
| CN | 221.204.43.242:80 | buy.haiziwang.com | tcp |
| CN | 58.251.62.189:80 | buy.haiziwang.com | tcp |
| CN | 42.177.83.134:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.134:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.82:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.214:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.111:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.225:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.111:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.115:80 | cms.haiziwang.com | tcp |
| N/A | 10.0.0.172:80 | tcp | |
| CN | 182.61.62.50:80 | dns.map.baidu.com | tcp |
| CN | 116.153.46.40:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.115:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.224:80 | cms.haiziwang.com | tcp |
| CN | 211.97.81.229:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.134:80 | cms.haiziwang.com | tcp |
| CN | 14.205.47.136:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.87:80 | cms.haiziwang.com | tcp |
| CN | 58.251.62.192:80 | buy.haiziwang.com | tcp |
| CN | 58.251.62.192:80 | buy.haiziwang.com | tcp |
| CN | 60.13.97.138:80 | cms.haiziwang.com | tcp |
| CN | 60.13.97.138:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.82:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.214:80 | cms.haiziwang.com | tcp |
| CN | 60.13.97.138:80 | cms.haiziwang.com | tcp |
| US | 1.1.1.1:53 | sdk.open.talk.getui.net | udp |
| CN | 183.134.98.76:5224 | sdk.open.talk.getui.net | tcp |
| CN | 42.177.83.225:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.111:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.78:80 | cms.haiziwang.com | tcp |
| CN | 116.153.46.40:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.115:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.224:80 | cms.haiziwang.com | tcp |
| CN | 211.97.81.229:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.134:80 | cms.haiziwang.com | tcp |
| CN | 14.205.47.136:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.87:80 | cms.haiziwang.com | tcp |
| CN | 211.97.95.244:80 | buy.haiziwang.com | tcp |
| CN | 1.56.98.101:80 | buy.haiziwang.com | tcp |
| CN | 42.177.83.78:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.78:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.82:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.214:80 | cms.haiziwang.com | tcp |
| CN | 60.13.97.138:80 | cms.haiziwang.com | tcp |
| US | 1.1.1.1:53 | sapi.skyhookwireless.com | udp |
| HK | 103.235.46.246:80 | loc.map.baidu.com | tcp |
| CN | 182.61.62.50:80 | dns.map.baidu.com | tcp |
| FR | 15.188.116.26:443 | sapi.skyhookwireless.com | tcp |
| CN | 42.177.83.225:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.111:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.78:80 | cms.haiziwang.com | tcp |
| CN | 116.153.46.40:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.115:80 | cms.haiziwang.com | tcp |
| CN | 42.177.83.224:80 | cms.haiziwang.com | tcp |
| CN | 211.97.81.229:80 | cms.haiziwang.com | tcp |
| US | 1.1.1.1:53 | msg.haiziwang.com | udp |
| CN | 14.205.47.136:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.87:80 | msg.haiziwang.com | tcp |
| CN | 61.241.148.88:80 | buy.haiziwang.com | tcp |
| CN | 61.241.148.88:80 | buy.haiziwang.com | tcp |
| CN | 14.205.47.136:80 | msg.haiziwang.com | tcp |
| CN | 116.153.46.40:80 | msg.haiziwang.com | tcp |
| CN | 116.153.46.40:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.214:80 | msg.haiziwang.com | tcp |
| CN | 60.13.97.138:80 | msg.haiziwang.com | tcp |
| CN | 183.134.98.76:5224 | sdk.open.talk.getui.net | tcp |
| CN | 42.177.83.87:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.111:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.78:80 | msg.haiziwang.com | tcp |
| N/A | 10.0.0.172:80 | tcp | |
| US | 1.1.1.1:53 | dns.map.baidu.com | udp |
| CN | 182.61.62.50:80 | dns.map.baidu.com | tcp |
| CN | 60.13.97.138:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.115:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.225:80 | msg.haiziwang.com | tcp |
| CN | 211.97.81.229:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.82:80 | msg.haiziwang.com | tcp |
| CN | 14.205.47.136:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.87:80 | msg.haiziwang.com | tcp |
| CN | 112.84.131.83:80 | buy.haiziwang.com | tcp |
| CN | 211.97.95.244:80 | buy.haiziwang.com | tcp |
| CN | 42.177.83.115:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.214:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.115:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.87:80 | msg.haiziwang.com | tcp |
| CN | 60.13.97.138:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.115:80 | msg.haiziwang.com | tcp |
| CN | 60.13.97.138:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.78:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.224:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.225:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.111:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.82:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.134:80 | msg.haiziwang.com | tcp |
| CN | 14.205.47.136:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.214:80 | msg.haiziwang.com | tcp |
| CN | 122.188.38.123:80 | buy.haiziwang.com | tcp |
| CN | 112.84.131.82:80 | buy.haiziwang.com | tcp |
| CN | 42.177.83.82:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.78:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.82:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.87:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.115:80 | msg.haiziwang.com | tcp |
| FR | 15.188.116.26:443 | sapi.skyhookwireless.com | tcp |
| HK | 103.235.46.246:80 | loc.map.baidu.com | tcp |
| CN | 182.61.62.50:80 | dns.map.baidu.com | tcp |
| CN | 183.134.98.76:5224 | sdk.open.talk.getui.net | tcp |
| CN | 211.97.81.229:80 | msg.haiziwang.com | tcp |
| CN | 60.13.97.138:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.224:80 | msg.haiziwang.com | tcp |
| CN | 116.153.46.40:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.225:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.111:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.82:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.134:80 | msg.haiziwang.com | tcp |
| CN | 14.205.47.136:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.214:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.78:80 | msg.haiziwang.com | tcp |
| CN | 58.251.62.110:80 | buy.haiziwang.com | tcp |
| CN | 58.251.62.110:80 | buy.haiziwang.com | tcp |
| CN | 211.97.81.229:80 | msg.haiziwang.com | tcp |
| CN | 211.97.81.229:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.87:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.115:80 | msg.haiziwang.com | tcp |
| CN | 211.97.81.229:80 | msg.haiziwang.com | tcp |
| CN | 60.13.97.138:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.224:80 | msg.haiziwang.com | tcp |
| CN | 116.153.46.40:80 | msg.haiziwang.com | tcp |
| N/A | 10.0.0.172:80 | tcp | |
| CN | 182.61.62.50:80 | dns.map.baidu.com | tcp |
| CN | 42.177.83.225:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.111:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.82:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.134:80 | msg.haiziwang.com | tcp |
| CN | 14.205.47.136:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.214:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.78:80 | msg.haiziwang.com | tcp |
| CN | 1.56.98.101:80 | buy.haiziwang.com | tcp |
| CN | 112.84.131.83:80 | buy.haiziwang.com | tcp |
| CN | 42.177.83.225:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.225:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.87:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.115:80 | msg.haiziwang.com | tcp |
| CN | 211.97.81.229:80 | msg.haiziwang.com | tcp |
| US | 1.1.1.1:53 | sdk.open.talk.gepush.com | udp |
| CN | 183.134.98.102:5224 | sdk.open.talk.gepush.com | tcp |
| CN | 60.13.97.138:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.224:80 | msg.haiziwang.com | tcp |
| CN | 116.153.46.40:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.225:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.111:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.82:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.134:80 | msg.haiziwang.com | tcp |
| CN | 14.205.47.136:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.214:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.78:80 | msg.haiziwang.com | tcp |
| CN | 58.251.62.191:80 | buy.haiziwang.com | tcp |
| CN | 58.251.62.191:80 | buy.haiziwang.com | tcp |
| CN | 42.177.83.111:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.111:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.87:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.115:80 | msg.haiziwang.com | tcp |
| CN | 211.97.81.229:80 | msg.haiziwang.com | tcp |
| US | 1.1.1.1:53 | sapi.skyhookwireless.com | udp |
| HK | 103.235.46.246:80 | loc.map.baidu.com | tcp |
| US | 1.1.1.1:53 | dns.map.baidu.com | udp |
| FR | 15.188.116.26:443 | sapi.skyhookwireless.com | tcp |
| CN | 182.61.62.50:80 | dns.map.baidu.com | tcp |
| CN | 60.13.97.138:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.224:80 | msg.haiziwang.com | tcp |
| CN | 116.153.46.40:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.225:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.111:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.82:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.134:80 | msg.haiziwang.com | tcp |
| CN | 14.205.47.136:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.214:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.78:80 | msg.haiziwang.com | tcp |
| CN | 58.144.235.61:80 | buy.haiziwang.com | tcp |
| CN | 112.84.131.82:80 | buy.haiziwang.com | tcp |
| CN | 42.177.83.87:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.115:80 | msg.haiziwang.com | tcp |
| CN | 211.97.81.229:80 | msg.haiziwang.com | tcp |
| CN | 60.13.97.138:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.224:80 | msg.haiziwang.com | tcp |
| CN | 116.153.46.40:80 | msg.haiziwang.com | tcp |
| N/A | 10.0.0.172:80 | tcp | |
| CN | 182.61.62.50:80 | dns.map.baidu.com | tcp |
| CN | 183.134.98.102:5224 | sdk.open.talk.gepush.com | tcp |
| CN | 42.177.83.225:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.111:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.82:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.134:80 | msg.haiziwang.com | tcp |
| US | 1.1.1.1:53 | msg.haiziwang.com | udp |
| CN | 42.177.83.214:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.78:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.115:80 | msg.haiziwang.com | tcp |
| CN | 221.204.43.242:80 | buy.haiziwang.com | tcp |
| CN | 116.153.64.182:80 | buy.haiziwang.com | tcp |
| CN | 42.177.83.115:80 | msg.haiziwang.com | tcp |
| CN | 211.97.81.229:80 | msg.haiziwang.com | tcp |
| CN | 60.13.97.138:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.224:80 | msg.haiziwang.com | tcp |
| CN | 116.153.46.40:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.82:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.111:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.111:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.134:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.87:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.115:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.78:80 | msg.haiziwang.com | tcp |
| CN | 14.205.47.136:80 | msg.haiziwang.com | tcp |
| CN | 60.13.97.138:80 | msg.haiziwang.com | tcp |
| CN | 211.97.81.229:80 | msg.haiziwang.com | tcp |
| FR | 15.188.116.26:443 | sapi.skyhookwireless.com | tcp |
| HK | 103.235.46.246:80 | loc.map.baidu.com | tcp |
| CN | 182.61.62.50:80 | dns.map.baidu.com | tcp |
| CN | 42.177.83.134:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.82:80 | msg.haiziwang.com | tcp |
| CN | 116.153.46.40:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.78:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.111:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.214:80 | msg.haiziwang.com | tcp |
| CN | 183.134.98.102:5224 | sdk.open.talk.gepush.com | tcp |
| CN | 42.177.83.87:80 | msg.haiziwang.com | tcp |
| CN | 211.97.81.229:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.115:80 | msg.haiziwang.com | tcp |
| CN | 14.205.47.136:80 | msg.haiziwang.com | tcp |
| CN | 116.153.46.40:80 | msg.haiziwang.com | tcp |
| CN | 60.13.97.138:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.134:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.224:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.82:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.78:80 | msg.haiziwang.com | tcp |
| N/A | 10.0.0.172:80 | tcp | |
| CN | 182.61.62.50:80 | dns.map.baidu.com | tcp |
| CN | 42.177.83.225:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.111:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.214:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.87:80 | msg.haiziwang.com | tcp |
| CN | 211.97.81.229:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.115:80 | msg.haiziwang.com | tcp |
| CN | 14.205.47.136:80 | msg.haiziwang.com | tcp |
| CN | 116.153.46.40:80 | msg.haiziwang.com | tcp |
| CN | 60.13.97.138:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.134:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.224:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.82:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.78:80 | msg.haiziwang.com | tcp |
| CN | 42.177.83.225:80 | msg.haiziwang.com | tcp |
Files
/storage/emulated/0/Android/data/com.kidswant.ss/cache/uil-images/journal.tmp
| MD5 | 15266aa8a747d4d801445fc5442cda9c |
| SHA1 | 48a59412dd3616d5b8ef502fc480bcbf66039974 |
| SHA256 | 0ec818a3ba13df50f6fe41f625d2474690d7c6e732b130885be4b1aa08345ddb |
| SHA512 | ea0bec8adb0fdd0eca692fb747fa61b9b382490542348c89e87c93e114e771a2be3f48b57b0f14232b21a4b9d59d559711cc2be7ee7e823f4ce04a8ed711fb20 |
/data/data/com.kidswant.ss/databases/beacon-db-journal
| MD5 | 3c115d9845f99b48f977bb19b368c9bd |
| SHA1 | ea24b61040e79b217180e3c1640308e70b2db553 |
| SHA256 | e7cbfaedc9f1851e5002eeb7d06d2b38dba2d3d51b355a057c40acde61518790 |
| SHA512 | 09d74a70649ae5895e07d743bef0b7995c27e623b1629b8caed77fb559be886522c63d337522610d89746c43f1b5edbee843b2d6a9b1160cc98864bbca511587 |
/data/data/com.kidswant.ss/databases/beacon-db
| MD5 | fd168f394c695f0805b86ce719f7054e |
| SHA1 | 566774a8698a7372fb2f72c42bc8f7d1e90c98ee |
| SHA256 | 88c32c722cc185eb1ddb011e9d648d89e99978469d555e3603545136b6cb5fbb |
| SHA512 | 7c4514667ff39d5961177cda7c34d38d8642c3299b2c0a6bb85b4832c566fc03a481e1a1117618659385e2b933268dcaee201e83a936d4959148df6a732293c1 |
/data/data/com.kidswant.ss/databases/beacon-db-journal
| MD5 | 6434fba63e40c37c189b0071af3ee76d |
| SHA1 | 387b002a216179457607b8a489194f2542b5222d |
| SHA256 | 663af74ac0a01f991d341a0d472eb4b97951f1911fa190d6bacf5acaac8b58b2 |
| SHA512 | f68cd6a03f08b1e5764888c426a5f9758dd000c61996d5c00d9a8a6a624fe152b1302421812e4e57bd5b43172d797e14b1e8fd420087d5e3d414e3a0afb44429 |
/data/data/com.kidswant.ss/databases/beacon-db-journal
| MD5 | e737c7d44b0a3b01e3f184a2385e9ca6 |
| SHA1 | 3395e116a2ee7858592a2c0b1efac4d09626af45 |
| SHA256 | 77a7f65b5873eccadf26aaff32a73f138a00514a539778148d97cdf4be67bad6 |
| SHA512 | f32a4edccab758db1555ef14f0ee1eb821783bf3fc693926d57caacc97f637e53e41d56e6614a20486638ba95d7f51f23e179330ca61645f2645f2b34d2274f2 |
/data/data/com.kidswant.ss/files/umeng_it.cache
| MD5 | c915cec1e7df8553f5b6860d2a25de8d |
| SHA1 | 51b1e710ce7e63b214c31ab07b3deaa8c846d475 |
| SHA256 | 8d5052bf0cc499dbb23dbe51fb2238088e6f7e0ac13cbceec6aa2e9f952e3ef7 |
| SHA512 | bb13097fdc7dee26eef78bfa7c5733f1054188ba924fa7f3b12059e4aa28db162bd1762981c8f6570690ebe87936cbc11fefd482e4f16ebe12d3fbffa09b7e8c |
/data/data/com.kidswant.ss/files/.umeng/exchangeIdentity.json
| MD5 | e44b5d21dd5a51bfa452339a58eacd74 |
| SHA1 | 9fd3eaa5b783b23742acb443562063e9a3d9c3bc |
| SHA256 | a2f955323157a4e6647ae2f1be36824053480711380c98db44cca34ebbee1a3c |
| SHA512 | 0afeb309131711839130195d7cbc6aa99105438779f86af229b93052c9523d19c4990ae73f88053bf4dbc99ccf922ad99f6b44f614745dfe1b390f61bde2323e |
/data/data/com.kidswant.ss/databases/pushsdk.db
| MD5 | 8031e7932f4d03ecc8ce35d52b228fce |
| SHA1 | cff205bdc906abe6ed0a10cc95d677b79bcb6744 |
| SHA256 | a5c37b370406dd25d1f0e714d4a248f8cefb8955dc983aa2ca946a2f7858d4c3 |
| SHA512 | 6ebcf9c71aa8592f09ca570bfa28cd591d3e0482cd19799de3f8539b48f9b07e7191486d14c4fddfd3e462146e3c59a8306e05ec9104c7cabf1727383a4cc459 |
/data/data/com.kidswant.ss/databases/pushsdk.db-journal
| MD5 | 2cd47ada17ad7a4e3d5e2717cb2762c6 |
| SHA1 | 7cb844672cec4a3bce75c8cf81e80e8ad7cc49e5 |
| SHA256 | 5f266f7cf5a44a3cfcc9bfbba94735081851edc224cb071fa6e650227e214279 |
| SHA512 | c25229cca649bc8ef54c0770a976034801c0a300d181c107c41879d7f6b7056c6282210c98661428078381032dc6fb0872112dde7e8efb1a9f9b333877f18dae |
/data/data/com.kidswant.ss/files/ofld/ofl_location.db
| MD5 | 19bd1f5aa63bc981766e8c15ccb69cb5 |
| SHA1 | eef2419338fdda9d0b5c3066d90488f74ae8e192 |
| SHA256 | 2c89601a78321761c44575c6e740109b0ef9b3b1f49b17ee827a0981a73f048a |
| SHA512 | 8518a7b2f99be4648fd3e0bd5d4c89c69ae9392cfa3313d8c2e19618dfca2243a2d1797b94d29ae336582cd5d07c7f9613057c6032e66f5c56b42a2700ecff28 |
/data/data/com.kidswant.ss/files/ofld/ofl_location.db-journal
| MD5 | 5dcb0c577ba4a5e8a3b3f9aa8ce48545 |
| SHA1 | 7ebffe3d8b2657c7ce0908946de7a6f68e48ab94 |
| SHA256 | 0aadc556ab88b326dcb0e7534517bc27619658971b3587c170d95a2087cba52a |
| SHA512 | aaf9d9a42aa80e4c76de1b117d7519dd599bf3620a62de334c5a7048ca054aa24d58c448c65082577f5c0e62e84ab0df97302ef813e50ae2bd2f6e9867ad0df0 |
/data/data/com.kidswant.ss/files/ofld/ofl_location.db-journal
| MD5 | eeaf3b8f6d0ba1d4a362ad7ddf8eb699 |
| SHA1 | b536ae5349111343f3b6c160575c8b2358b4acd7 |
| SHA256 | 246f3fa4a5445defabdd6afc6aa1dacdbb9f1d26937d310059e42be1f4cc7a50 |
| SHA512 | d68a61c9ac0b70b332c2da547d05cb92e2c1a2cd547ad91a94864fbd84902c3c0884fa3e921c3aa5081452a7caf878af7fd5c7d1b0b595ffb58f623d40f337e5 |
/data/data/com.kidswant.ss/files/ofld/ofl_location.db-journal
| MD5 | 0c245951f43f6fb1c19448ff6c8b1ddc |
| SHA1 | 8e2d663e17b9ef8d9b62b49a2b877cb658a7dd3a |
| SHA256 | ceb9416a7525e30cd18ebb7d518acc639a5f877354cc6d25cfb93c01934d1507 |
| SHA512 | e8c2f12f1ba4cbd48ef584d980d15a67a92c0ad01c2f19ccd70790b02685ae9a70f77a9f42bce4c3f185cdace328cd0708758abba82defd5f54ec99cdf276219 |
/data/data/com.kidswant.ss/files/ofld/ofl_statistics.db-journal
| MD5 | dc79db8cec4ed39c529f074ab0e4028a |
| SHA1 | 80e42c44f16d2c7db8ce59d7201251449e178ceb |
| SHA256 | 4072e775927ea32714df552a3f15bc5bbb7f5fd85730d552637403d8e7cd86b7 |
| SHA512 | a9b660b6138392faf72395df2a1db3a652466d8b9c9e0595358fb7bbd4a2256e329544874fe0e9722cdb57d60f174da565e2251e7df4060464da5e741618fad7 |
/data/data/com.kidswant.ss/files/ofld/ofl_statistics.db
| MD5 | 744ba4d6f58e22f8f82d56a50e4b5373 |
| SHA1 | 535e389f9b7f2e0d14e550fdd00011dfc255e0b6 |
| SHA256 | 8b47d5b310d68b6911dbcfd7ecda4d7131351f66365f81db82f2979ae2f53592 |
| SHA512 | e888ccb7fc6722eaf8fb6bb8370c55f9eaab299be08db7c57038efaf945569b62b7b6b2dde5169044c5d60a4a9a9051ee7a7c2146153aa7d22d8b7c8f3310055 |
/data/data/com.kidswant.ss/files/ofld/ofl_statistics.db-journal
| MD5 | 60172c59f274fcbc1143b90434fff57e |
| SHA1 | 7139dca4c924650eb8409b4ca4eb7de1f5540ebc |
| SHA256 | aa57f1e143583b858df358a3326d974170257be40ce2e5f6bea53116eb779614 |
| SHA512 | 863de0fc15f94669aa416a6d695b410f515d529be2aec8345c1429883cffe0edc7e58ee0bd2c6e769127690bdf57788502b716f18223ed2187a7881a4a9f5f5a |
/data/data/com.kidswant.ss/files/ofld/ofl_statistics.db-journal
| MD5 | 67a3e12aac2043f605e73d29995f4428 |
| SHA1 | f86f465592c367e8a45fdcb1e13fb883ee020647 |
| SHA256 | b5622259c9b235b956304351648f619f6a5dd8f9cb2a22658043ae6888ffc4f4 |
| SHA512 | afecd3c334324e9ce84ebac42f7422c993a0a47922aed59140667e20addba9cf7a741d92a40c90e331518dd38ddf6c196297cfcaff8d553ed192388155c6b288 |
/data/data/com.kidswant.ss/files/ofld/ofl_statistics.db-journal
| MD5 | 36305a1117f557420112cbc12938d51b |
| SHA1 | e2aef225de93566c5ed1131cc3482d1e84b35cb2 |
| SHA256 | 245b7ee71af41a3a11834cf0012c7610af56219ab5441f3bbe766b795db7f98d |
| SHA512 | 5d68b464fe5a662e79e6d2b1bee1330e5722b96921d41dc729e2efb0c5061febc4dd1c51443d5ae7d74089ffd8112be5c4479bf215dc5dc3c82a399144c290e3 |
/data/data/com.kidswant.ss/files/ofld/ofl_statistics.db-journal
| MD5 | 15cf6c884bfb49a61234830ac4430069 |
| SHA1 | e6b43135295ae8de2c811bca457fae776f951220 |
| SHA256 | aa093f8b27f77eed05e59be07effc9662f979aac8d8cb5837d1debb3512c0383 |
| SHA512 | d8f6e7055ec6234547040819cda3d38caa73a0ad076fe766a12da7bd1cf62b6416f75498091da619fe92a8fa682d55b366370c25a57afca5140a3d145cd7bf4e |
/data/data/com.kidswant.ss/files/ofld/ofl_statistics.db-journal
| MD5 | 710689e23db1d50ecef0c7ca96fc2dd5 |
| SHA1 | 55e5a69ce9339bf195be851f32c0da8f9a032c99 |
| SHA256 | 452bc9d3e3972d1d97a5565eb53507b1ffffd3b71ab50da1838d7e06f574dc34 |
| SHA512 | 38c26266798402efe5796f71d5e3a471ee51e34dbd71990c8a28bebfd0c857070448d75ac0f82cdf7c29185d33dd7f11912d263d09298359d4c29dccf949ec74 |
/data/data/com.kidswant.ss/files/lldt/firll.dat
| MD5 | 496e0b7cb9f1bd755af234891c9442b6 |
| SHA1 | 0ba354db7adb8bb8760a1680bec2c22e6ee1dbae |
| SHA256 | 66762ef8883e2c6b8f841b7a07f64a90519f4ab86445d13d1133625d160f1d9b |
| SHA512 | 97eab8ffc4ea7bc0ed23308cfc2c7a3aa4a58b3ef6f5652ac73dd93a6c57709ae81d439f623972c14e931a8f02516f669f80855d28fa8be629032640eb2bade7 |
/storage/emulated/0/baidu/tempdata/lcvif.dat
| MD5 | a411b3ae19c92e5eddc22aaa5aa96220 |
| SHA1 | fc85e6eed9df85915de67dd77bd7e528d71c5500 |
| SHA256 | 65d7ffdbb538fadb6c7d74f55ca5b2c33c200373fc9330b6127136864ff49b43 |
| SHA512 | decd895f0126309a7b0688455e36b3e731dd8afe96615ffa9eb54ebeb1efcb7e2996b68dcbb491121c51ffa4f989d3749009016e5a39532e0386fc24141c02e7 |
/data/data/com.kidswant.ss/files/ofld/ofl.config
| MD5 | f0375f9300fd8a6ca3e6c317771304ef |
| SHA1 | 4acffc6827591783c9d86b1e4ba0e53e7ee1615c |
| SHA256 | adeaa8b028dbe2c4f9f6556b5cdc2d8446b996f845c31d64f390422545878c04 |
| SHA512 | 8978753410895e8bd4dcaa4fb823b0b0bdf8e0c7734369910f84a3b4f7ab6d07978715e3d3ea3a8a318a93daaa572f47adf95a375925626d0dea00a56d6183bc |
/storage/emulated/0/Android/data/com.kidswant.ss/files/baidu/tempdata/llg.dat
| MD5 | 161557b06b4a4d3ce095528dea370eb7 |
| SHA1 | 8bfe9c4d916fe58d856b5a6ecaf8cd9ea4df2c9f |
| SHA256 | f054ef19481234ee5b2db1d1c681839dab235a857ed3a4bc02efa8f785f478d4 |
| SHA512 | 96ce8aedbdbb387438efc86aaabd13a6378628bfae203d2bc25ea1cd7daa6ddbd6dd2c81d631fbdc9b653a93011d3c80f0c085580275b683d5e0bce077e6e449 |
/storage/emulated/0/Android/data/com.kidswant.ss/files/baidu/tempdata/conlts.dat
| MD5 | 8d80bc8ea90e9cac010d3ddf97bda5f5 |
| SHA1 | f063bc0d356e6ba9ab1eb9a851131ffbefd8fa07 |
| SHA256 | f52db31332534833414abd5e870f78c810b8ebbe5b134bbf599506beecfd1b93 |
| SHA512 | 9ea732dd572a9a4ba91b70891972230a09576687ca1bc19e62d5a98b5b84e0f2ae11985108008bc9fbccf357219b8bd3dbf146bb70752f618f70dc5d0c46a7c7 |
/storage/emulated/0/Android/data/com.kidswant.ss/files/baidu/tempdata/llg.dat
| MD5 | ce16bcfb70910ff3b1c83511db068668 |
| SHA1 | 2083f30075bdb440c88bd8869407f1d1e60a5c11 |
| SHA256 | 8a74abc89762e1aadebe54c76124fd3fb21a99e8af297bb6a55050699f4928d5 |
| SHA512 | dd6f64b48c3eed009acc5f318e7cd072fb1727933b7ef04b1744bf3266c02528fc66644bddb7ac4d88e3deb0c2dd233d9470564b4ad74833bcfb37d155e8c6cc |
/storage/emulated/0/Android/data/com.kidswant.ss/files/baidu/tempdata/conlts.dat
| MD5 | 8d36fc98dfb7c03549777a4957dff7a8 |
| SHA1 | f4f2129b540c8fee376cc6ded0286a0fd925ec77 |
| SHA256 | 47767076c716756575ff7ed13178b462c8e74eecd63839d903ae5c3b0fc643f9 |
| SHA512 | bb0199cc1da2f95b90d0d7c5d6db8fd9d3dc0a4c40b57a7d844fa0277aff41d7c5d7d6bdcc07371c272606855ed1ef9b6256827c95bf5a6cfacf2c0e7c0e27da |
/storage/emulated/0/Android/data/com.kidswant.ss/files/baidu/tempdata/llg.dat
| MD5 | 8d19d579e7b81902508ecb809d07cc49 |
| SHA1 | ebc5686e9a3e64023a3b0a6ad7e5460af994c352 |
| SHA256 | 564d9431b608baff20c7353b7d4f7552e986e99c53766940e17d209a03bdb2a4 |
| SHA512 | afa22151ca4fef1dbbf4cc15b96de5a97b5faadca139156076e82aa36f3fe30d70b32b5f3307254804b60e913949a936b446a54f23bef85e34ab841aec965e12 |
/storage/emulated/0/Android/data/com.kidswant.ss/files/baidu/tempdata/llg.dat
| MD5 | 0b2bab650dcebb2a88f409a7776daa33 |
| SHA1 | 2b037d0b158b65f8db55396b893a511f5c331743 |
| SHA256 | 95f7e57ba46a4c2526f06eb25e121cb66a26cb314a4ccb1d8d9a3eadc336496c |
| SHA512 | 552ad1e3284b7d5d3239cd8b523c0f7e019e9fe64db80eb32754ea4140edafd97874d4d0b9846d5edfdf1891161110df43b3a872d2a9fd1d2f4ee6c651797296 |
/storage/emulated/0/Android/data/com.kidswant.ss/files/baidu/tempdata/llg.dat
| MD5 | 1a88ef2bcf0a5823b2de0abfdfb4dd16 |
| SHA1 | d5966fe5c7f2b74110472c3a7fa9de5a45c1537a |
| SHA256 | 2220e8ec003528da7677d2aa412fd51f1e4ba55e27dab4dd2a4bb7b6513f7c78 |
| SHA512 | c386ecb400f6bc7ad0ddc1c5b5cb726ec6ccc485b16c42cd7be541d939a771822386e3ea0f4175e7d00a13976e0c19dcb5c8e9406b7c6c93ccc3712e31fbb039 |