Technical information
- Android.DownLoader.1051.origin
- UDP(DNS) 8####.8.4.4:53
- TCP(TLS/1.0) api.topon####.com:443
- TCP(TLS/1.0) laun####.appsf####.com:443
- TCP(TLS/1.0) da.topon####.com:443
- TCP(TLS/1.0) api.byteg####.ak####.net:443
- TCP(TLS/1.0) t####.likeev####.ru:443
- TCP(TLS/1.0) p####.birdg####.com:443
- TCP(TLS/1.0) 64.2####.164.94:443
- TCP(TLS/1.0) g####.face####.com:443
- TCP(TLS/1.0) pangol####.isn####.com.####.net:443
- TCP(TLS/1.0) net.ray####.com:443
- TCP(TLS/1.0) rr9---s####.g####.com:443
- TCP(TLS/1.0) im####.tab####.com:443
- TCP(TLS/1.0) configv####.unit####.uni####.com:443
- TCP(TLS/1.0) api.appsfly####.com.####.net:443
- TCP(TLS/1.0) adx-vg####.topon####.com:443
- TCP(TLS/1.0) hy####.ray####.com:443
- TCP(TLS/1.0) firebas####.google####.com:443
- TCP(TLS/1.0) nginx-a####.unit####.uni####.com:443
- TCP(TLS/1.0) httpk####.unit####.uni####.com:443
- TCP(TLS/1.0) tnc16-a####.isn####.com.####.net:443
- TCP(TLS/1.0) d2zi34f####.cloudf####.net:443
- TCP(TLS/1.0) pla####.google####.com:443
- TCP(TLS/1.0) raw.githubu####.com:443
- TCP(TLS/1.0) ad####.ray####.com:443
- TCP(TLS/1.0) web.next####.me:443
- TCP(TLS/1.0) sh####.zhuifen####.top:443
- TCP(TLS/1.0) sf16-st####.i18n-pg####.com.####.net:443
- TCP(TLS/1.0) www.googlet####.com:443
- TCP(TLS/1.0) us01####.ray####.com:443
- TCP(TLS/1.0) app-mea####.com:443
- TCP(TLS/1.0) f####.gst####.com:443
- TCP(TLS/1.0) in####.appsf####.com:443
- TCP(TLS/1.0) tk.topon####.com:443
- TCP(TLS/1.0) trk.m####.ru:443
- TCP(TLS/1.0) vg-ne####.ray####.com:443
- TCP(TLS/1.0) ad####.topon####.com:443
- TCP(TLS/1.0) gc####.appsf####.com:443
- TCP(TLS/1.0) aa.birdg####.com:443
- TCP(TLS/1.0) gdl.i9####.ru.####.com:443
- TCP(TLS/1.0) unit####.edges####.net:443
- TCP(TLS/1.0) vg-aws-####.ray####.com:443
- TCP(TLS/1.2) firebas####.google####.com:443
- TCP(TLS/1.2) 64.2####.164.94:443
- TCP d####.topon####.com:9377
- aa.birdg####.com
- ad####.ray####.com
- ad####.topon####.com
- adx-vg####.topon####.com
- api.tab####.com
- api.topon####.com
- api.you####.tech
- api16-a####.pa####.io
- app-mea####.com
- auction####.unit####.uni####.com
- cdn-set####.appsfly####.com
- co####.unit####.uni####.com
- conf####.unit####.uni####.com
- d####.topon####.com
- d2zi34f####.cloudf####.net
- da.topon####.com
- f####.gst####.com
- firebas####.google####.com
- g####.face####.com
- gc####.appsf####.com
- gdl.i9####.ru
- httpk####.unit####.uni####.com
- hy####.ray####.com
- im####.tab####.com
- in####.appsf####.com
- laun####.appsf####.com
- net.ray####.com
- p####.birdg####.com
- pangol####.isn####.com
- pla####.google####.com
- raw.githubu####.com
- rr9---s####.g####.com
- sf16-st####.i18n-pg####.com
- sh####.zhuifen####.top
- t####.q1####.ru
- tk.topon####.com
- tnc16-a####.isn####.com
- trk.m####.ru
- us01####.ray####.com
- vg-aws-####.ray####.com
- vg-ne####.ray####.com
- web.next####.me
- www.googlet####.com
- ad####.ray####.com:443/impression?opri=NjQ5OTliN2U3ZjU3NjcwMI6s-bsZcwlG-...
- ad####.ray####.com:443/impression?opri=NjQ5OTliNWM0YmQ1MGIwMEo62rQyHsC8O...
- ad####.ray####.com:443/impression?opri=NjQ5OTliNWQ5ODg5MDIwMAu62hq-3aPzY...
- ad####.ray####.com:443/impression?opri=NjQ5OTliNzIzYzYyNjQwMN8Hhd1kXmHAC...
- api.appsfly####.com.####.net:443/android/v1/5c0b04b26d739ca97d3c9edfde0f...
- configv####.unit####.uni####.com:443/games/5239676/configuration?deviceM...
- d2zi34f####.cloudf####.net:443/i/22/06/12/01/58/u-thPqTHOMq4.jpg
- d2zi34f####.cloudf####.net:443/i/23/03/31/17/55/u-uFhYtnu3qR.jpg
- d2zi34f####.cloudf####.net:443/i/23/04/05/13/25/u-80LWy3BqW0.jpg
- d2zi34f####.cloudf####.net:443/i/23/04/05/13/26/u-G3VtJWvMxY.jpg
- d2zi34f####.cloudf####.net:443/i/23/05/05/19/18/u-wbpoqxUkFr.jpg
- d2zi34f####.cloudf####.net:443/i/23/06/22/16/58/u-Oqw9Iy89rK.jpg
- gc####.appsf####.com:443/install_data/v4.0/<Package>?devkey=####&device_...
- hy####.ray####.com:443/m-banner/banner-1114/banner-1114.html?wfr=####&mo...
- raw.githubu####.com:443/StevenBlack/hosts/master/hosts
- sf16-st####.i18n-pg####.com.####.net:443/obj/ad-pattern-sg/renderer/1aff...
- sf16-st####.i18n-pg####.com.####.net:443/obj/ad-pattern-sg/renderer/pack...
- sf16-st####.i18n-pg####.com.####.net:443/obj/ad-pattern-va/renderer/1aff...
- sf16-st####.i18n-pg####.com.####.net:443/obj/ad-pattern-va/renderer/pack...
- tnc16-a####.isn####.com.####.net:443/get_domains/v4/?version_code=####&d...
- trk.m####.ru:443/i/p7w8y4?clickid=####&eririd=####&mt_adset=####&mt_camp...
- unit####.edges####.net:443/webview/4.0.0/ef10a55a545a4284efb40b0c6c58eed...
- us01####.ray####.com:443/impression?k=####&mp=####&exp_ids=####&s=D-JA-#...
- us01####.ray####.com:443/impression?k=####&z=####&q=a_i09####&x=####&r=#...
- us01####.ray####.com:443/impression?k=####&z=####&q=a_i09####&x=####&r=e...
- us01####.ray####.com:443/impression?k=####&z=MTI4M####&q=a_i09####&x=###...
- us01####.ray####.com:443/onlyImpression?k=####&mp=fUNP####&exp_ids=####&...
- us01####.ray####.com:443/onlyImpression?k=####&p=####&csp=inJ####&c=####...
- us01####.ray####.com:443/onlyImpression?k=####&p=MjI5N####&csp=inJ####&c...
- vg-aws-####.ray####.com:443/loss?token=####&win_price=####&auction_curre...
- vg-aws-####.ray####.com:443/win?token=####
- vg-ne####.ray####.com:443/win?token=####
- aa.birdg####.com:443/v1/d_api
- ad####.topon####.com:443/bid
- adx-vg####.topon####.com:443/request
- api.byteg####.ak####.net:443/api/ad/union/sdk/get_ads/?aid=####&device_p...
- api.byteg####.ak####.net:443/api/ad/union/sdk/stats/batch/
- api.topon####.com:443/v2/open/app
- api.topon####.com:443/v2/open/placement
- configv####.unit####.uni####.com:443/webview/4.4.1/release/config.json
- da.topon####.com:443/v1/open/da
- firebas####.google####.com:443/v1/projects/lite-browser-21dbd/installati...
- httpk####.unit####.uni####.com:443/v1/events
- in####.appsf####.com:443/api/v6.9/androidevent?app_id=####&buildnumber=#...
- laun####.appsf####.com:443/api/v6.9/androidevent?app_id=####&buildnumber...
- nginx-a####.unit####.uni####.com:443/v6/games/5239676/requests?idfi=####...
- p####.birdg####.com:443/v1/ptk
- pangol####.isn####.com.####.net:443/api/ad/union/mediation/settings/
- pangol####.isn####.com.####.net:443/api/ad/union/sdk/stats/batch/
- sh####.zhuifen####.top:443/v1/init?id=####
- sh####.zhuifen####.top:443/v1/mr?id=####
- tk.topon####.com:443/v1/open/tk
- /data/data/####/.
- /data/data/####/. .flock (deleted)
- /data/data/####/.
- /data/data/####/.
- /data/data/####/.
- /data/data/####/. .flock (deleted)
- /data/data/####/.
- /data/data/####/.
- /data/data/####/.
- /data/data/####/.
- /data/data/####/. .flock (deleted)
- /data/data/####/011134986548f3458aa3e7e2a7fceb8d
- /data/data/####/028f86688c0c2e80_0
- /data/data/####/05d192f959e89a24_0
- /data/data/####/06295c68ae8cabf0_0
- /data/data/####/0d4989959346fa50_0
- /data/data/####/0dc2b191e7d004a7_0
- /data/data/####/0dc2b191e7d004a7_0 (deleted)
- /data/data/####/114419peq
- /data/data/####/114419peq.dex
- /data/data/####/114419peq.dex.flock (deleted)
- /data/data/####/114542peq
- /data/data/####/114542peq.dex
- /data/data/####/114542peq.dex.flock (deleted)
- /data/data/####/118fc9235216528a_0
- /data/data/####/141960ec93124f2b65ebc7d94cfc9607
- /data/data/####/14b2828e106df6e2_0
- /data/data/####/14b2828e106df6e2_1
- /data/data/####/1664557424545.dex
- /data/data/####/1664557424545.dex.flock (deleted)
- /data/data/####/1664557424545.jar
- /data/data/####/1664557424545.tmp
- /data/data/####/1687788389184
- /data/data/####/1687788389215
- /data/data/####/1687788389355
- /data/data/####/1687788390555
- /data/data/####/1687788394080
- /data/data/####/1687788394252
- /data/data/####/1687788395728
- /data/data/####/1687788401250
- /data/data/####/1687788402090
- /data/data/####/1687788404085
- /data/data/####/1687788407383
- /data/data/####/1687788414528
- /data/data/####/1687788417114
- /data/data/####/1687788417190
- /data/data/####/1687788419020
- /data/data/####/1687788427286
- /data/data/####/1687788430095
- /data/data/####/1687788431257
- /data/data/####/1687788431260
- /data/data/####/1687788432717
- /data/data/####/1a79ecb4ef5580f1_0
- /data/data/####/213a79949f7d46f3_0
- /data/data/####/2448f702a3ffe0af_0
- /data/data/####/2859cd33aba3d737_0
- /data/data/####/2d4ac9634bc3c5e9_0
- /data/data/####/2d4ac9634bc3c5e9_1
- /data/data/####/3158ae9a19333efa_0
- /data/data/####/3158ae9a19333efa_1
- /data/data/####/3c323bde2085dc19ff6630567ca66d47
- /data/data/####/48d75272350bd23e_0
- /data/data/####/525e550b5a67530d_0
- /data/data/####/597347388f175955_0
- /data/data/####/5c90b63332089ce96249bba50cd01780
- /data/data/####/634e052bef261407_0
- /data/data/####/6927c0af8fd662d0_0
- /data/data/####/73ae7d7def345b90_0
- /data/data/####/73ae7d7def345b90_1
- /data/data/####/761339f8da52c94ef5b0a2d7f7b99620
- /data/data/####/76bc4dad5b03e436d7fa0e9aeb77e626
- /data/data/####/7c033d265b21a10c046fab04c369c104.xml
- /data/data/####/7c033d265b21a10c046fab04c369c104.xml.bak
- /data/data/####/87ff3404ec1a1bd1_0
- /data/data/####/AppEventsLogger.persistedevents
- /data/data/####/Cookies-journal
- /data/data/####/FirebaseHeartBeatW0RFRkFVTFRd+MToyNzQ0MjEwNTMzO...Zk.xml
- /data/data/####/FirebaseHeartBeatW0RFRkFVTFRd+MToyNzQ0MjEwNTMzO...ml.bak
- /data/data/####/Ninja4.db
- /data/data/####/Ninja4.db-journal
- /data/data/####/PersistedInstallation.W0RFRkFVTFRd+MToyNzQ0MjEw...k.json
- /data/data/####/PersistedInstallation667070575tmp
- /data/data/####/PersistedInstallation994686712tmp
- /data/data/####/UnityAdsStorage-private-data.json
- /data/data/####/UnityAdsStorage-public-data.json
- /data/data/####/WebViewChromiumPrefs.xml
- /data/data/####/a24150e0af10f476_0
- /data/data/####/ab69bf58c08a58e3_0
- /data/data/####/aed19624b7670c85_0
- /data/data/####/afae674a5bb501fd22038217665373da
- /data/data/####/androidx.work.workdb-journal
- /data/data/####/androidx.work.workdb-journal (deleted)
- /data/data/####/anythink.db-journal
- /data/data/####/anythink_agent_log
- /data/data/####/anythink_hb_cache_file.xml
- /data/data/####/anythink_hb_cache_file.xml.bak
- /data/data/####/anythink_myoffer-journal
- /data/data/####/anythink_placement_load.xml
- /data/data/####/anythink_placement_strategy_update_check.xml
- /data/data/####/anythink_sdk.xml
- /data/data/####/anythink_sdk.xml.bak
- /data/data/####/anythink_sdk.xml.bak (deleted)
- /data/data/####/anythink_share_date.xml
- /data/data/####/anythink_share_date.xml.bak
- /data/data/####/anythink_temp_log
- /data/data/####/anythink_wt_cache_info.xml
- /data/data/####/anythinkadx_file.xml
- /data/data/####/appsflyer-data.xml
- /data/data/####/appsflyer-data.xml.bak
- /data/data/####/b433cfbf7d54de26_0
- /data/data/####/c8c5d3789479387c_0
- /data/data/####/com.facebook.sdk.USER_SETTINGS.xml
- /data/data/####/com.facebook.sdk.appEventPreferences.xml
- /data/data/####/com.google.android.gms.measurement.prefs.xml
- /data/data/####/com.google.android.gms.measurement.prefs.xml.bak
- /data/data/####/com.hb.lite.browser_preferences.xml
- /data/data/####/com.hb.lite.browser_preferences.xml.bak
- /data/data/####/dd3afd7d0a444916_0
- /data/data/####/e79474b4b52f9b63_0
- /data/data/####/e9552435595c5d26_0
- /data/data/####/exc_log.xml
- /data/data/####/fa0fc4434cf3680f_0
- /data/data/####/fa0fc4434cf3680f_1
- /data/data/####/fb57c1d69528b911_0
- /data/data/####/fb57c1d69528b911_1
- /data/data/####/generatefid.lock
- /data/data/####/google_app_measurement_local.db
- /data/data/####/google_app_measurement_local.db-journal
- /data/data/####/hosts.txt
- /data/data/####/index
- /data/data/####/metrics_guid
- /data/data/####/proc_auxv
- /data/data/####/sp_global_app_id.xml
- /data/data/####/sp_global_file.xml
- /data/data/####/sp_global_file.xml.bak
- /data/data/####/sp_global_icon_id.xml
- /data/data/####/sp_global_privacy.xml
- /data/data/####/sp_last_ad_show_cache_show_ad.xml
- /data/data/####/sp_multi_info.xml
- /data/data/####/sp_multi_ttadnet_config.xml
- /data/data/####/ss_app_config.xml
- /data/data/####/temp.txt
- /data/data/####/temp.txt (deleted)
- /data/data/####/temp_pkg_info.json
- /data/data/####/the-real-index
- /data/data/####/tramini.db-journal
- /data/data/####/tramini.xml
- /data/data/####/tt_ad_sdk_sp.xml
- /data/data/####/tt_ads_conf
- /data/data/####/tt_sdk_event_db_ad.xml
- /data/data/####/tt_sdk_event_db_state.xml
- /data/data/####/tt_sdk_event_db_trail.xml
- /data/data/####/tt_sdk_event_get_ad.xml
- /data/data/####/tt_sdk_event_net_ad.xml
- /data/data/####/tt_sdk_event_net_state.xml
- /data/data/####/tt_sdk_event_net_trail.xml
- /data/data/####/tt_sdk_settings.prop
- /data/data/####/tt_sdk_settings.xml
- /data/data/####/tt_sp_app_env.xml
- /data/data/####/ttnet_tnc_config1371.xml
- /data/data/####/ttopenadsdk.xml
- /data/data/####/ttopenadsdk.xml.bak
- /data/data/####/ttopensdk.db-journal
- /data/data/####/unityads-installinfo.xml
- /data/media/####/-1088146576.tmp
- /data/media/####/-388739215.tmp
- /data/media/####/-632552476.tmp
- /data/media/####/.nomedia
- /data/media/####/1199095053
- /data/media/####/1199095053.tmp
- /data/media/####/1921483969
- /data/media/####/1921483969.tmp
- /data/media/####/2037464170.tmp
- /data/media/####/914d2d0d22d2ed5f28ee31b5deb5a11d.html
- /data/media/####/UnityAdsTest.txt (deleted)
- /data/media/####/UnityAdsWebApp.html
- /data/media/####/UnityAdsWebViewConfiguration.json
- /data/media/####/c00997cca4549e624e19570ed3b632e3.html
- /data/media/####/deb793e9835b9dd82f633dbda3f7dd43.html
- /data/misc/####/primary.prof
- getprop ro.build.version.emui
- getprop ro.letv.release.version
- getprop ro.vivo.os.build.display.id
- libPglmetasec_ov
- AES-CBC-PKCS5Padding
- AES-CBC-PKCS7PADDING
- AES-ECB-PKCS5Padding
- AES-CBC-PKCS5Padding