0/60

Threat

de.idealo.android

idealo

Analyzed on 2022-01-01T10:04:24.703147

13

permissions

33

activities

9

services

7

receivers

114

domains

File sums

MD5 6df242b31571d8a8379b826872b4f780
SHA1 82ae749607509cb23dc2e915f6f92d05a9b9635d
SHA256 0dad5399b99d1c2cd66ccf2a4e280afebb8b58b4bac9884b23d9fb618c227a67
Size 11.63MB

APKiD

Information computed with APKiD.

/tmp/tmprydse1s3!classes.dex
anti_disassembly
  • illegal class name
anti_vm
  • Build.MODEL check
  • Build.MANUFACTURER check
  • Build.PRODUCT check
  • Build.TAGS check
anti_debug
  • Debug.isDebuggerConnected() check
compiler
  • dx
/tmp/tmprydse1s3!res/raw/android_wear_micro_apk.apk!classes.dex
anti_disassembly
  • illegal class name
anti_vm
  • Build.MANUFACTURER check
compiler
  • dx

SSdeep

Information computed with ssdeep.

APK file 196608:CYlMCn03JFlmsDnhOZcPwao6U257IdMurOHwJlxi+OQGKdivU+cx4VumWrbKemAG:CPymJFEigZcxo1K72MurEwJlfOSH4AFc
Manifest 768:PGgSOOywrTBgGh1ltxK9EmhgSrgqmQHXU2nzZMwio1NKaZczR88Ew3/m3OzXBGd9:…
classes.dex 49152:gFDQBFrvng1pwUjDQe7vCYKWJeWF918dMD48fgahtE:gFsRqwAN/20EMD48N8

Dexofuzzy

Information computed with Dexofuzzy.

APK file 3072:b3PzShq5ZPhgcMBGyskoqsjxPQPhUJjhAAp5p8FzZ6U03dAlOJpHXIK0wMq8mcY9…
classes.dex 3072:b3PzShq5ZPhgcMBGyskoqsjxPQPhUJjhAAp5p8FzZ6U03dAlOJpHXIK0wMq8mcY9…

APK details

Information computed with AndroGuard and Pithus.

Package de.idealo.android
App name idealo
Version name 6.0.4
Version code 135
SDK 15 - 23
UAID d379e32ec5f54bc66e70829ac1d1265eaebdb88e
Signature Signature V1
Frosting Not frosted

Certificate details

Information computed with AndroGuard.

MD5 d476d8d3af288b1ff540490626201fc9
SHA1 aa6503ea76bc460f19cb4fb4cd1d5530d79cad4f
SHA256 fd1d5294e45d00764043f87a700b0d31466bd54038d5c79d7863ee2a810e2066
Issuer Organization: Idealo Internet GmbH, Locality: Berlin, State/Province: Berlin, Country: DE
Not before 2010-06-01T16:46:50+00:00
Not after 2040-05-24T16:46:50+00:00

Manifest analysis

Information computed with MobSF.

Medium Application Data can be Backed up[android:allowBackup=true]
This flag allows anyone to backup your application data via adb. It allows users who have enabled USB debugging to copy application data off of the device.
High Launch Mode of Activity (de.idealo.android.MainActivity) is not standard.
An Activity should not be having the launch mode attribute set to "singleTask/singleInstance" as it becomes root Activity and it is possible for other applications to read the contents of the calling Intent. So it is required to use the "standard" launch mode attribute when sensitive information is included in an Intent.
High Activity (de.idealo.android.activity.ProcessTextActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (de.idealo.android.activity.VoucherDialog) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Launch Mode of Activity (de.idealo.android.activity.CoachmarkActivity) is not standard.
An Activity should not be having the launch mode attribute set to "singleTask/singleInstance" as it becomes root Activity and it is possible for other applications to read the contents of the calling Intent. So it is required to use the "standard" launch mode attribute when sensitive information is included in an Intent.
High Launch Mode of Activity (de.idealo.android.activity.BubbleActivity) is not standard.
An Activity should not be having the launch mode attribute set to "singleTask/singleInstance" as it becomes root Activity and it is possible for other applications to read the contents of the calling Intent. So it is required to use the "standard" launch mode attribute when sensitive information is included in an Intent.
High Launch Mode of Activity (de.idealo.android.activity.SearchWidgetActivity) is not standard.
An Activity should not be having the launch mode attribute set to "singleTask/singleInstance" as it becomes root Activity and it is possible for other applications to read the contents of the calling Intent. So it is required to use the "standard" launch mode attribute when sensitive information is included in an Intent.
High Activity (de.idealo.android.activity.SearchWidgetActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (de.idealo.android.activity.ScannerActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (de.idealo.android.activity.ScannerShortcutActivity) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High Activity (de.idealo.android.activity.SearchShortcutActivity) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High Activity (de.idealo.android.widget.bargains.BargainsPreferenceActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (de.idealo.android.widget.bargains.BargainsStackPreferenceActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (de.idealo.android.activity.ScanFromWidgetTrackingActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (de.idealo.android.auth.AuthenticatorActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Service (de.idealo.android.util.chromecustomtab.KeepAliveService) is not Protected. [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Broadcast Receiver (de.idealo.android.C2DMReceiver) is Protected by a permission, but the protection level of the permission should be checked.
Permission: com.google.android.c2dm.permission.SEND [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Broadcast Receiver (de.idealo.android.widget.bargains.BargainsListProvider) is not Protected.An intent-filter exists.
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Broadcast Receiver is explicitly exported.
High Broadcast Receiver (de.idealo.android.widget.bargains.BargainsStackProvider) is not Protected.An intent-filter exists.
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Broadcast Receiver is explicitly exported.
High Broadcast Receiver (de.idealo.android.widget.search.SearchBarProvider) is not Protected.An intent-filter exists.
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Broadcast Receiver is explicitly exported.
High Broadcast Receiver (de.idealo.android.widget.favorites.FavsListProvider) is not Protected.An intent-filter exists.
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Broadcast Receiver is explicitly exported.
High Broadcast Receiver (de.idealo.android.tracking.SendIntentBroadcastReceiver) is not Protected. [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Content Provider (de.idealo.android.SuggestProvider) is not Protected. [android:exported=true]
A Content Provider is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Broadcast Receiver (de.idealo.android.util.IPCCampaignTrackingReceiver) is not Protected. [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Service (de.idealo.android.wear.WearListenerService) is not Protected.An intent-filter exists.
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Service is explicitly exported.
High Service (com.google.android.gms.auth.api.signin.RevocationBoundService) is Protected by a permission, but the protection level of the permission should be checked.
Permission: com.google.android.gms.auth.api.signin.permission.REVOCATION_NOTIFICATION [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.

Browsable activities

Information computed with MobSF.

de.idealo.android.MainActivity

Hosts: deeplink www.idealo.de www.idealo.at www.idealo.co.uk www.idealo.fr www.idealo.pl www.idealo.it www.idealo.es www.idealo.in

Schemes: @string/optimizely_data_scheme:// ipc:// http://

Mime types: text/plain

Main Activity

Information computed with AndroGuard.

de.idealo.android.MainActivity

Activities

Information computed with AndroGuard.

de.idealo.android.MainActivity
de.idealo.android.activity.ProcessTextActivity
de.idealo.android.activity.VoucherDialog
de.idealo.android.activity.CoachmarkActivity
de.idealo.android.activity.BubbleActivity
de.idealo.android.activity.onboarding.AdvertiseLoginActivity
de.idealo.android.activity.onboarding.LanguageChooseActivity
de.idealo.android.activity.SearchWidgetActivity
de.idealo.android.activity.ImageZoomActivity
de.idealo.android.activity.ProspectActivity
de.idealo.android.activity.IPCPreferenceActivity
de.idealo.android.activity.TuevActivity
de.idealo.android.activity.AboutLibrariesActivity
de.idealo.android.activity.TermsImprintActivity
de.idealo.android.activity.FeedbackActivity
de.idealo.android.activity.ReportErrorActivity
de.idealo.android.activity.ShopRatingsActivity
de.idealo.android.activity.TrackingDebugActivity
de.idealo.android.activity.OfferWebViewActivity
de.idealo.android.activity.PriceWatcherDialogActivity
de.idealo.android.activity.ScannerActivity
de.idealo.android.activity.ScannerShortcutActivity
de.idealo.android.activity.SearchShortcutActivity
de.idealo.android.activity.SearchFilterActivity
de.idealo.android.widget.bargains.BargainsPreferenceActivity
de.idealo.android.widget.bargains.BargainsStackPreferenceActivity
de.idealo.android.activity.ScanFromWidgetTrackingActivity
de.idealo.android.activity.WebViewDialogActivity
de.idealo.android.activity.SimpleWebViewActivity
de.idealo.android.auth.AuthenticatorActivity
de.idealo.android.auth.RegistrationActivity
com.google.android.gms.auth.api.signin.internal.SignInHubActivity
com.mikepenz.aboutlibraries.ui.LibsActivity

Receivers

Information computed with AndroGuard.

de.idealo.android.C2DMReceiver
de.idealo.android.widget.bargains.BargainsListProvider
de.idealo.android.widget.bargains.BargainsStackProvider
de.idealo.android.widget.search.SearchBarProvider
de.idealo.android.widget.favorites.FavsListProvider
de.idealo.android.tracking.SendIntentBroadcastReceiver
de.idealo.android.util.IPCCampaignTrackingReceiver

Services

Information computed with AndroGuard.

de.idealo.android.auth.IPCAuthenticatorService
de.idealo.android.util.chromecustomtab.KeepAliveService
de.idealo.android.sync.FavoritesSyncService
de.idealo.android.widget.bargains.BargainsRemoteViewsService
de.idealo.android.widget.bargains.BargainsStackService
de.idealo.android.widget.favorites.FavsRemoteViewsService
com.google.android.gms.analytics.CampaignTrackingService
de.idealo.android.wear.WearListenerService
com.google.android.gms.auth.api.signin.RevocationBoundService

Sample timeline

Certificate valid not before June 1, 2010, 4:46 p.m.
Oldest file found in APK June 1, 2016, 6:52 p.m.
Latest file found in APK June 1, 2016, 6:54 p.m.
First submission on VT June 3, 2016, 10:47 a.m.
Last submission on VT June 20, 2016, 7:52 a.m.
Upload on Pithus Jan. 1, 2022, 10:04 a.m.
Certificate valid not after May 24, 2040, 4:46 p.m.

NIAP analysis

Information computed with MobSF.

FCS_RBG_EXT.1.1 The application invoke platform-provided DRBG functionality for its cryptographic operations.
Random Bit Generation Services
FCS_STO_EXT.1.1 The application does not store any credentials to non-volatile memory.
Storage of Credentials
FCS_CKM_EXT.1.1 The application generate no asymmetric cryptographic keys.
Cryptographic Key Generation Services
FDP_DEC_EXT.1.1 The application has access to ['network connectivity', 'camera'].
Access to Platform Resources
FDP_DEC_EXT.1.2 The application has access to no sensitive information repositories.
Access to Platform Resources
FDP_NET_EXT.1.1 The application has user/application initiated network communications.
Network Communications
FDP_DAR_EXT.1.1 The application implement functionality to encrypt sensitive data in non-volatile memory.
Encryption Of Sensitive Application Data
FMT_MEC_EXT.1.1 The application invoke the mechanisms recommended by the platform vendor for storing and setting configuration options.
Supported Configuration Mechanism
FTP_DIT_EXT.1.1 The application does encrypt some transmitted data with HTTPS/TLS/SSH between itself and another trusted IT product.
Protection of Data in Transit
FCS_RBG_EXT.2.1
FCS_RBG_EXT.2.2
The application perform all deterministic random bit generation (DRBG) services in accordance with NIST Special Publication 800-90A using Hash_DRBG. The deterministic RBG is seeded by an entropy source that accumulates entropy from a platform-based DRBG and a software-based noise source, with a minimum of 256 bits of entropy at least equal to the greatest security strength (according to NIST SP 800-57) of the keys and hashes that it will generate.
Random Bit Generation from Application
FCS_COP.1.1(2) The application perform cryptographic hashing services not in accordance with FCS_COP.1.1(2) and uses the cryptographic algorithm RC2/RC4/MD4/MD5.
Cryptographic Operation - Hashing
FCS_HTTPS_EXT.1.1 The application implement the HTTPS protocol that complies with RFC 2818.
HTTPS Protocol
FCS_HTTPS_EXT.1.2 The application implement HTTPS using TLS.
HTTPS Protocol
FCS_HTTPS_EXT.1.3 The application notify the user and not establish the connection or request application authorization to establish the connection if the peer certificate is deemed invalid.
HTTPS Protocol
FIA_X509_EXT.1.1 The application invoked platform-provided functionality to validate certificates in accordance with the following rules: ['The certificate path must terminate with a trusted CA certificate'].
X.509 Certificate Validation
FIA_X509_EXT.2.1 The application use X.509v3 certificates as defined by RFC 5280 to support authentication for HTTPS , TLS.
X.509 Certificate Authentication
FPT_TUD_EXT.2.1 The application shall be distributed using the format of the platform-supported package manager.
Integrity for Installation and Update

Code analysis

Information computed with MobSF.

Info
CVSS:0
This App uses SSL certificate pinning to detect or prevent MITM attacks in secure communication channel.
MASVS: MSTG-NETWORK-4
Files:
 defpackage/dff.java
defpackage/cws.java
High
CVSS:7.4
Insecure WebView Implementation. WebView ignores SSL Certificate errors and accept any SSL Certificate. This application is vulnerable to MITM attacks
MASVS: MSTG-NETWORK-3
CWE-295 Improper Certificate Validation
M3: Insecure Communication
Files:
 defpackage/czj.java
High
CVSS:5.9
SHA-1 is a weak hash known to have hash collisions.
MASVS: MSTG-CRYPTO-4
CWE-327 Use of a Broken or Risky Cryptographic Algorithm
M5: Insufficient Cryptography
Files:
 defpackage/dff.java
defpackage/dcc.java
High
CVSS:5.9
App uses SQLite Database and execute raw SQL query. Untrusted user input in raw SQL queries can cause SQL Injection. Also sensitive information should be encrypted and written to the database.
CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
M7: Client Code Quality
Files:
 defpackage/bri.java
defpackage/aah.java
defpackage/ctm.java
defpackage/ctj.java
defpackage/ckk.java
defpackage/aai.java
High
CVSS:7.5
The App uses an insecure Random Number Generator.
MASVS: MSTG-CRYPTO-6
CWE-330 Use of Insufficiently Random Values
M5: Insufficient Cryptography
Files:
 defpackage/yq.java
butterknife/internal/ImmutableList.java
com/adjust/sdk/Util.java
defpackage/bup.java
Low
CVSS:7.5
The App logs information. Sensitive information should never be logged.
MASVS: MSTG-STORAGE-3
CWE-532 Insertion of Sensitive Information into Log File
Files:
 defpackage/aia.java
defpackage/alp.java
defpackage/zv.java
defpackage/awd.java
defpackage/anv.java
defpackage/div.java
de/idealo/android/model/SearchRow.java
defpackage/ahk.java
defpackage/ank.java
defpackage/awc.java
defpackage/avi.java
defpackage/azn.java
defpackage/aie.java
defpackage/aht.java
defpackage/ali.java
defpackage/auq.java
defpackage/ahm.java
defpackage/zf.java
defpackage/ayj.java
com/androidplot/Plot.java
defpackage/asi.java
org/slf4j/helpers/Util.java
defpackage/avx.java
defpackage/ayk.java
defpackage/alk.java
defpackage/dda.java
defpackage/iv.java
defpackage/axs.java
defpackage/anw.java
de/idealo/android/model/CloneableModel.java
defpackage/atk.java
defpackage/aje.java
defpackage/awr.java
Low
CVSS:0
This App copies data to clipboard. Sensitive data should not be copied to clipboard as other applications can access it.
MASVS: MSTG-STORAGE-10
Files:
 defpackage/cvd.java
defpackage/cld.java
Medium
CVSS:4.3
IP Address disclosure
MASVS: MSTG-CODE-2
CWE-200 Information Exposure
Files:
 defpackage/dbm.java
defpackage/day.java
High
CVSS:5.5
App can read/write to External Storage. Any App can read data written to External Storage.
MASVS: MSTG-STORAGE-2
CWE-276 Incorrect Default Permissions
M2: Insecure Data Storage
Files:
 defpackage/dbc.java
High
CVSS:7.4
MD5 is a weak hash known to have hash collisions.
MASVS: MSTG-CRYPTO-4
CWE-327 Use of a Broken or Risky Cryptographic Algorithm
M5: Insufficient Cryptography
Files:
 defpackage/cvs.java
defpackage/dhl.java
Info
CVSS:0
This App may have root detection capabilities.
MASVS: MSTG-RESILIENCE-1
Files:
 defpackage/dcc.java
High
CVSS:7.4
Files may contain hardcoded sensitive informations like usernames, passwords, keys etc.
MASVS: MSTG-STORAGE-14
CWE-312 Cleartext Storage of Sensitive Information
M9: Reverse Engineering
Files:
 defpackage/dbr.java
Pygal Australia: 100 Switzerland: 100 China: 100 Germany: 2000 France: 200 Korea, Republic of: 200 Netherlands: 200 Russian Federation: 100 Sweden: 100 Singapore: 200 United States: 7400

Map computed by Pithus.

Domains analysis

Information computed with MobSF.

US nineoldandroids.com 192.30.252.154
DE www.adjust.com 178.162.216.219
www.optimizelysockets.com
US groups.google.com 173.194.76.101
DE www.idealo.es 2.16.186.232
US androidannotations.org 151.101.16.133
US nostra13android.blogspot.co.at 142.250.185.129
US libphonenumber.googlecode.com 66.102.1.82
US google.com 142.250.185.78
US orhanobut.com 192.64.119.13
US creativecommons.org 104.20.150.16
settings.crashlytics.com
DE jakewharton.com 13.35.253.3
US code-troopers.com 104.21.5.211
DE www.idealo.de 2.16.186.232
DE www.avast.com 23.37.59.181
US code.google.com 142.250.185.174
US commons.apache.org 151.101.2.132
DE www.jetbrains.org 143.204.98.81
AU umanoapp.com 35.213.220.144
DE www.idealo.co.uk 2.16.186.232
US accounts.google.com 142.250.184.237
US jeffgilfelt.com 3.18.7.81
DE cdn.optimizely.com 104.84.56.161
DE www.idealo.fr 2.16.186.243
DE app.optimizely.com 104.111.247.207
DE direktkauf-stg.idealo.de 62.146.17.79
US actionbarsherlock.com 192.30.252.153
NL developers.facebook.com 157.240.236.15
US aidanfollestad.com 216.239.36.21
DE www.idealo.at 2.16.186.243
US ilexiconn.net 199.59.243.200
US jsoup.org 104.21.12.108
US svn.apache.org 13.90.137.153
US android.googlesource.com 66.102.1.82
DE www.idealo.in 62.146.17.21
US unsplash.com 151.101.129.181
US koush.com 185.199.108.153
FR www.freepik.com 51.210.235.65
US fasterxml.com 52.216.93.82
US www.activeandroid.com 107.170.99.102
US opensource.org 159.65.34.8
US www.piwai.info 185.199.110.153
US ksoichiro.github.io 185.199.109.153
US xipdev.wordpress.com 192.0.78.12
US www.apache.org 151.101.2.132
US wiresareobsolete.com 151.101.65.195
e.crashlytics.com
KR path.com 27.0.237.47
US www.twitter.com 104.244.42.65
US facebook.github.io 185.199.109.153
US diogobernardino.com 192.64.119.100
US joanzapata.com 172.67.170.194
RU daimajia.com 79.133.177.218
US www.google-analytics.com 142.250.181.238
SE emilsjolander.se 185.76.64.185
US goo.gl 142.250.185.78
US inthecheesefactory.com 104.21.5.227
US github.com 140.82.121.4
US danlew.net 216.239.36.21
US tozny.com 104.196.169.139
US androidplot.com 165.22.0.250
CN baoyz.com 118.24.62.125
DE www.amazon.com 99.86.4.201
US ksoichiro.blogspot.pt 142.250.184.225
SG 2359media.com 54.251.229.160
FR paymill.com 46.105.57.169
US greendao-orm.com 208.91.197.27
US bitbucket.org 104.192.141.1
US jhy.io 104.21.25.4
US satyan.github.io 185.199.109.153
US gmariotti.blogspot.it 142.250.185.129
US app.adjust.com 185.151.204.6
US errors.client.optimizely.com 3.224.118.21
US reactivex.io 185.199.111.153
US medium.com 162.159.152.4
US jakewharton.github.io 185.199.111.153
US www.gnu.org 209.51.188.116
schemas.android.com
US www.joanzapata.com 172.67.170.194
US schema.org 142.250.185.110
US play.google.com 142.250.185.206
US square.github.io 185.199.111.153
DE realm.io 143.204.98.33
DE direktkauf.idealo.de 2.16.186.243
US apache.org 151.101.2.132
US www.fabric.io 216.239.32.29
US google.github.io 185.199.111.153
US roomorama.com 199.59.243.200
DE viewpagerindicator.com 64.190.62.111
CH www.slf4j.org 83.173.251.158
KR developer.lge.com 15.164.137.86
wiki.fasterxml.com
US ssl.google-analytics.com 142.250.186.40
US wasabeef.jp 151.101.1.195
US amlcurran.github.io 185.199.111.153
US www.williammora.com 185.199.109.153
SG malinskiy.com 128.199.183.89
NL www.facebook.com 157.240.236.35
US fsf.org 209.51.188.174
DE www.idealo.pl 62.116.130.8
DE www.idealo.it 2.16.186.232
www.pkmmte.com
US joda-time.sourceforge.net 204.68.111.100
DE secure.idealo.de 62.146.17.62
US blog.wiresareobsolete.com 142.250.185.147
US source.android.com