Technical information
- Android.DownLoader.1051.origin
- UDP(DNS) 8####.8.4.4:53
- TCP(TLS/1.0) d2zi34f####.cloudf####.net:443
- TCP(TLS/1.0) pangol####.isn####.com.####.net:443
- TCP(TLS/1.0) api16-a####.pa####.io.####.net:443
- TCP(TLS/1.0) da.topon####.com:443
- TCP(TLS/1.0) p####.birdg####.com:443
- TCP(TLS/1.0) hy####.ray####.com:443
- TCP(TLS/1.0) 46.46.1####.42:443
- TCP(TLS/1.0) ad####.ray####.com:443
- TCP(TLS/1.0) gc####.appsf####.com:443
- TCP(TLS/1.0) app-mea####.com:443
- TCP(TLS/1.0) api.appsfly####.com.####.net:443
- TCP(TLS/1.0) 64.2####.164.94:443
- TCP(TLS/1.0) api.topon####.com:443
- TCP(TLS/1.0) unit####.edges####.net:443
- TCP(TLS/1.0) p####.google####.com:443
- TCP(TLS/1.0) net.ray####.com:443
- TCP(TLS/1.0) vg-ne####.ray####.com:443
- TCP(TLS/1.0) adx-vg####.topon####.com:443
- TCP(TLS/1.0) googl####.g.doublec####.net:443
- TCP(TLS/1.0) ya####.ru:443
- TCP(TLS/1.0) rr9---s####.g####.com:443
- TCP(TLS/1.0) nginx-a####.unit####.uni####.com:443
- TCP(TLS/1.0) f####.gst####.com:443
- TCP(TLS/1.0) co####.ads.vu####.com:443
- TCP(TLS/1.0) ad####.topon####.com:443
- TCP(TLS/1.0) t####.likeev####.ru:443
- TCP(TLS/1.0) laun####.appsf####.com:443
- TCP(TLS/1.0) adx.ads.vu####.com:443
- TCP(TLS/1.0) vg-aws-####.ray####.com:443
- TCP(TLS/1.0) pla####.google####.com:443
- TCP(TLS/1.0) configv####.unit####.uni####.com:443
- TCP(TLS/1.0) in####.appsf####.com:443
- TCP(TLS/1.0) api.byteg####.ak####.net:443
- TCP(TLS/1.0) yast####.net:443
- TCP(TLS/1.0) tk.topon####.com:443
- TCP(TLS/1.0) raw.githubu####.com:443
- TCP(TLS/1.0) g####.face####.com:443
- TCP(TLS/1.0) tls.vu####.edges####.net:443
- TCP(TLS/1.0) sh####.zhuifen####.top:443
- TCP(TLS/1.0) httpk####.unit####.uni####.com:443
- TCP(TLS/1.0) aa.birdg####.com:443
- TCP(TLS/1.0) us01####.ray####.com:443
- TCP(TLS/1.0) sf16-st####.i18n-pg####.com.####.net:443
- TCP(TLS/1.0) new.ads.vu####.com:443
- TCP(TLS/1.0) web.next####.me:443
- TCP(TLS/1.0) tnc16-a####.isn####.com.####.net:443
- TCP(TLS/1.2) p####.google####.com:443
- TCP(TLS/1.2) 64.2####.164.94:443
- TCP gdl.news####.s####.####.com:443
- TCP strm-####.s####.ya####.net:443
- TCP s####.ya####.ru:443
- TCP d####.topon####.com:9377
- aa.birdg####.com
- ad####.ray####.com
- ad####.topon####.com
- adx-vg####.topon####.com
- adx.ads.vu####.com
- api.topon####.com
- api.you####.tech
- api16-a####.pa####.io
- app-mea####.com
- auction####.unit####.uni####.com
- cd####.vu####.com
- cdn-set####.appsfly####.com
- co####.ads.vu####.com
- co####.unit####.uni####.com
- conf####.unit####.uni####.com
- d####.topon####.com
- d2zi34f####.cloudf####.net
- da.topon####.com
- f####.gst####.com
- firebas####.google####.com
- g####.face####.com
- gc####.appsf####.com
- gdl.i9####.ru
- gdl.news####.site
- googl####.g.doublec####.net
- httpk####.unit####.uni####.com
- hy####.ray####.com
- in####.appsf####.com
- laun####.appsf####.com
- m####.go####.com
- net.ray####.com
- new.ads.vu####.com
- p####.birdg####.com
- p####.google####.com
- pangol####.isn####.com
- pla####.google####.com
- raw.githubu####.com
- rr9---s####.g####.com
- s####.ya####.ru
- sf16-st####.i18n-pg####.com
- sh####.zhuifen####.top
- strm-####.s####.ya####.net
- t####.q1####.ru
- tk.topon####.com
- tnc16-a####.isn####.com
- us01####.ray####.com
- vg-aws-####.ray####.com
- vg-aws-####.ray####.com
- vg-ne####.ray####.com
- web.next####.me
- ya####.ru
- yast####.net
- ad####.ray####.com:443/impression?opri=NjQ5YTIzMTY1NmU2ZTEwMGRMusj3jFs3b...
- ad####.ray####.com:443/impression?opri=NjQ5YTIzMTY3MGNhYjYwMFpsfgi3axkzo...
- ad####.ray####.com:443/impression?opri=NjQ5YTIzMjdlNmI0NzAwMBaCS49REHXb8...
- ad####.ray####.com:443/impression?opri=NjQ5YTIzMzk4NzZkMDEwMKKth0A3_Z2vG...
- ad####.ray####.com:443/impression?opri=NjQ5YTIzNDJkNDFkODcwMLlLPixSPNAcV...
- ad####.ray####.com:443/impression?opri=NjQ5YTIzNDMwN2E0MzkwMJSW2vwPWW6bE...
- api.appsfly####.com.####.net:443/android/v1/5c0b04b26d739ca97d3c9edfde0f...
- configv####.unit####.uni####.com:443/games/5239676/configuration?deviceM...
- d2zi34f####.cloudf####.net:443/i/23/04/05/13/25/u-Aes5TN04fQ.jpg
- d2zi34f####.cloudf####.net:443/i/23/04/05/13/26/u-G3VtJWvMxY.jpg
- gc####.appsf####.com:443/install_data/v4.0/<Package>?devkey=####&device_...
- hy####.ray####.com:443/m-banner/banner-1114/banner-1114.html?wfr=####&mo...
- new.ads.vu####.com:443/api/v5/new?ifa=####&app_id=####
- raw.githubu####.com:443/StevenBlack/hosts/master/hosts
- sf16-st####.i18n-pg####.com.####.net:443/obj/ad-pattern-sg/renderer/1aff...
- sf16-st####.i18n-pg####.com.####.net:443/obj/ad-pattern-sg/renderer/pack...
- sf16-st####.i18n-pg####.com.####.net:443/obj/ad-pattern-va/renderer/1aff...
- sf16-st####.i18n-pg####.com.####.net:443/obj/ad-pattern-va/renderer/pack...
- tls.vu####.edges####.net:443/vm/1.4.1/6bd1fe6.zip
- tnc16-a####.isn####.com.####.net:443/get_domains/v4/?version_code=####&d...
- unit####.edges####.net:443/webview/4.0.0/2e120e727f29b090f70d089b35f4620...
- us01####.ray####.com:443/impression?k=####&mp=fUNP####&exp_ids=####&s=D-...
- us01####.ray####.com:443/impression?k=####&z=MTI4M####&q=a_i09####&x=###...
- us01####.ray####.com:443/impression?k=####&z=MTI4e####&q=a_i09####&x=###...
- us01####.ray####.com:443/onlyImpression?k=####&mp=####&exp_ids=####&s=D-...
- us01####.ray####.com:443/onlyImpression?k=####&mp=fUNP####&exp_ids=####&...
- us01####.ray####.com:443/onlyImpression?k=####&p=####&csp=####&c=####&rs...
- us01####.ray####.com:443/onlyImpression?k=####&p=MjI5N####&csp=inJ####&c...
- vg-aws-####.ray####.com:443/loss?token=####&win_price=####&auction_curre...
- vg-aws-####.ray####.com:443/win?token=####
- vg-ne####.ray####.com:443/win?token=####
- aa.birdg####.com:443/v1/d_api
- ad####.topon####.com:443/bid
- adx-vg####.topon####.com:443/request
- adx.ads.vu####.com:443/api/v5/ads
- api.byteg####.ak####.net:443/api/ad/union/sdk/get_ads/?aid=####&device_p...
- api.byteg####.ak####.net:443/api/ad/union/sdk/stats/batch/
- api.topon####.com:443/v2/open/app
- api.topon####.com:443/v2/open/placement
- api16-a####.pa####.io.####.net:443/api/ad/union/sdk/get_ads/?aid=####&de...
- co####.ads.vu####.com:443/api/v5/config
- configv####.unit####.uni####.com:443/webview/4.4.1/release/config.json
- httpk####.unit####.uni####.com:443/v1/events
- in####.appsf####.com:443/api/v6.9/androidevent?app_id=####&buildnumber=#...
- laun####.appsf####.com:443/api/v6.9/androidevent?app_id=####&buildnumber...
- nginx-a####.unit####.uni####.com:443/v6/games/5239676/requests?idfi=####...
- p####.birdg####.com:443/v1/ptk
- p####.google####.com:443/v1/projects/lite-browser-21dbd/installations
- pangol####.isn####.com.####.net:443/api/ad/union/mediation/settings/
- pangol####.isn####.com.####.net:443/api/ad/union/sdk/stats/batch/
- sh####.zhuifen####.top:443/v1/init?id=####
- sh####.zhuifen####.top:443/v1/mr?id=####
- tk.topon####.com:443/v1/open/tk
- /data/data/####/-632552476.tmp
- /data/data/####/.
- /data/data/####/.
- /data/data/####/. .flock (deleted)
- /data/data/####/.
- /data/data/####/. .flock (deleted)
- /data/data/####/.
- /data/data/####/.
- /data/data/####/.
- /data/data/####/011134986548f3458aa3e7e2a7fceb8d
- /data/data/####/05d192f959e89a24_0
- /data/data/####/0J3np7.mp4
- /data/data/####/0a7f5c57c0c66893_0
- /data/data/####/0dc2b191e7d004a7_0
- /data/data/####/0dc2b191e7d004a7_0 (deleted)
- /data/data/####/0e9607b7414f76e5_0
- /data/data/####/0e9607b7414f76e5_1
- /data/data/####/114461peq
- /data/data/####/114461peq.dex
- /data/data/####/114461peq.dex.flock (deleted)
- /data/data/####/114584peq
- /data/data/####/114584peq.dex
- /data/data/####/114584peq.dex.flock (deleted)
- /data/data/####/139a295838822223_0
- /data/data/####/141960ec93124f2b65ebc7d94cfc9607
- /data/data/####/14b2828e106df6e2_0
- /data/data/####/14b2828e106df6e2_1
- /data/data/####/1664557424545.dex
- /data/data/####/1664557424545.dex.flock (deleted)
- /data/data/####/1664557424545.jar
- /data/data/####/1664557424545.tmp
- /data/data/####/1687823132201
- /data/data/####/1687823132204
- /data/data/####/1687823133378
- /data/data/####/1687823133521
- /data/data/####/1687823133748
- /data/data/####/1687823136871
- /data/data/####/1687823143608
- /data/data/####/1687823143686
- /data/data/####/1687823145569
- /data/data/####/1687823147082
- /data/data/####/1687823148411
- /data/data/####/1687823148434
- /data/data/####/1687823150505
- /data/data/####/1687823151464
- /data/data/####/1687823154161
- /data/data/####/1687823154209
- /data/data/####/1687823161259
- /data/data/####/1687823161382
- /data/data/####/1687823163237
- /data/data/####/1687823172032
- /data/data/####/1687823172251
- /data/data/####/1687823172876
- /data/data/####/1687823174486
- /data/data/####/1723052677.tmp
- /data/data/####/1JRpwU.png
- /data/data/####/2859cd33aba3d737_0
- /data/data/####/286ded952dd07285_0
- /data/data/####/2d4ac9634bc3c5e9_0
- /data/data/####/2d4ac9634bc3c5e9_1
- /data/data/####/3158ae9a19333efa_0
- /data/data/####/3158ae9a19333efa_1
- /data/data/####/347b38e63334d850_0
- /data/data/####/3c323bde2085dc19ff6630567ca66d47
- /data/data/####/3f91df6399ab7203295d1e41723b5349.html
- /data/data/####/4e82c275b6ef941a_0
- /data/data/####/4e82c275b6ef941a_1
- /data/data/####/55779fb4cc173205_0
- /data/data/####/55779fb4cc173205_1
- /data/data/####/5c90b63332089ce96249bba50cd01780
- /data/data/####/6927c0af8fd662d0_0
- /data/data/####/6e3b309e505cec69_0
- /data/data/####/714c2d673b414063_0
- /data/data/####/73ae7d7def345b90_0
- /data/data/####/73ae7d7def345b90_1
- /data/data/####/761339f8da52c94ef5b0a2d7f7b99620
- /data/data/####/76bc4dad5b03e436d7fa0e9aeb77e626
- /data/data/####/7c033d265b21a10c046fab04c369c104.xml
- /data/data/####/7c033d265b21a10c046fab04c369c104.xml.bak
- /data/data/####/7e5e3502048f1163_0
- /data/data/####/7e5e3502048f1163_1
- /data/data/####/7ebe0c9d809e3c54e6e9df8b932432de.html
- /data/data/####/860c60b7b29b6416_0
- /data/data/####/860c60b7b29b6416_1
- /data/data/####/8a41c0acbbc9df5ce59766de0737d974.html
- /data/data/####/8b13f18147e268ea_0
- /data/data/####/914d2d0d22d2ed5f28ee31b5deb5a11d.html
- /data/data/####/97cd647a6bb8451b_0
- /data/data/####/97cd647a6bb8451b_1
- /data/data/####/97d339f64edb50db_0
- /data/data/####/AppEventsLogger.persistedevents
- /data/data/####/Cookies-journal
- /data/data/####/FirebaseHeartBeatW0RFRkFVTFRd+MToyNzQ0MjEwNTMzO...Zk.xml
- /data/data/####/H264_640_360_900.mp4
- /data/data/####/Ninja4.db
- /data/data/####/Ninja4.db-journal
- /data/data/####/PersistedInstallation1576255537tmp
- /data/data/####/PersistedInstallation288100407tmp
- /data/data/####/UnityAdsStorage-private-data.json
- /data/data/####/UnityAdsStorage-public-data.json
- /data/data/####/UnityAdsTest.txt
- /data/data/####/UnityAdsTest.txt (deleted)
- /data/data/####/UnityAdsWebApp.html
- /data/data/####/UnityAdsWebViewConfiguration.json
- /data/data/####/WebViewChromiumPrefs.xml
- /data/data/####/X2ceN9-h_TvSnuMJH2PV6ov2AglyHILWNC8_I4q0nrk=
- /data/data/####/X2ceN9-h_TvSnuMJH2PV6ov2AglyHILWNC8_I4q0nrk=.vng_meta
- /data/data/####/ZzdkGR6BjqXC-rdlorS6J2AiQIEma0vwB0ugHT6Sxm4=
- /data/data/####/ZzdkGR6BjqXC-rdlorS6J2AiQIEma0vwB0ugHT6Sxm4=.vng_meta
- /data/data/####/afae674a5bb501fd22038217665373da
- /data/data/####/androidx.work.workdb-journal
- /data/data/####/androidx.work.workdb-journal (deleted)
- /data/data/####/anythink.db-journal
- /data/data/####/anythink_agent_log
- /data/data/####/anythink_hb_cache_file.xml
- /data/data/####/anythink_hb_cache_file.xml.bak
- /data/data/####/anythink_myoffer-journal
- /data/data/####/anythink_placement_load.xml
- /data/data/####/anythink_placement_strategy_update_check.xml
- /data/data/####/anythink_sdk.xml
- /data/data/####/anythink_sdk.xml.bak
- /data/data/####/anythink_share_date.xml
- /data/data/####/anythink_temp_log
- /data/data/####/anythink_wt_cache_info.xml
- /data/data/####/anythinkadx_file.xml
- /data/data/####/app_set_id_storage.xml
- /data/data/####/app_set_id_storage.xml.bak (deleted)
- /data/data/####/appsflyer-data.xml
- /data/data/####/appsflyer-data.xml.bak
- /data/data/####/b69a49d5fb3ec9fa_0
- /data/data/####/b69a49d5fb3ec9fa_1
- /data/data/####/c1005b7eea6b7677cb57eab01c577653.html
- /data/data/####/c125a5f33b935b61_0
- /data/data/####/c8c5d3789479387c_0
- /data/data/####/cache_policy_journal
- /data/data/####/cache_touch_timestamp
- /data/data/####/cc9e274d78d0e00c_0
- /data/data/####/cf6b12f26a4aa42f_0
- /data/data/####/com.facebook.internal.preferences.APP_GATEKEEPERS.xml
- /data/data/####/com.facebook.internal.preferences.APP_SETTINGS.xml
- /data/data/####/com.facebook.sdk.USER_SETTINGS.xml
- /data/data/####/com.facebook.sdk.appEventPreferences.xml
- /data/data/####/com.google.android.gms.measurement.prefs.xml
- /data/data/####/com.google.android.gms.measurement.prefs.xml.bak
- /data/data/####/com.hb.lite.browser_preferences.xml
- /data/data/####/com.hb.lite.browser_preferences.xml.bak
- /data/data/####/com.hb.lite.browser_preferences.xml.bak (deleted)
- /data/data/####/com.vungle.sdk.xml
- /data/data/####/d3eb96d80db553a1_0
- /data/data/####/dfe6b2497a7513ba_0
- /data/data/####/e6a996ff76483133_0
- /data/data/####/eGZeNzx1TW12TK_5dUH5mDkaMfnJCfLD2_TOeKhtlJ4=
- /data/data/####/eGZeNzx1TW12TK_5dUH5mDkaMfnJCfLD2_TOeKhtlJ4=.vng_meta
- /data/data/####/exc_log.xml
- /data/data/####/f038e94cb33282ab_0
- /data/data/####/f614f337723ac1c5_0
- /data/data/####/f614f337723ac1c5_1
- /data/data/####/fb57c1d69528b911_0
- /data/data/####/fb57c1d69528b911_1
- /data/data/####/generatefid.lock
- /data/data/####/google_app_measurement_local.db
- /data/data/####/google_app_measurement_local.db-journal
- /data/data/####/hosts.txt
- /data/data/####/https_googleads.g.doubleclick.net_0.localstorage-journal
- /data/data/####/index
- /data/data/####/index.html
- /data/data/####/ki3NNKCaTs0W4S0EeHFflDJ1N4OKmgzp99xbv550sMQ=
- /data/data/####/ki3NNKCaTs0W4S0EeHFflDJ1N4OKmgzp99xbv550sMQ=.vng_meta
- /data/data/####/log_168782312714861cbd894-a493-41a6-9424-9b124b343f44
- /data/data/####/metrics_guid
- /data/data/####/mraid.js
- /data/data/####/proc_auxv
- /data/data/####/sp_global_app_id.xml
- /data/data/####/sp_global_file.xml
- /data/data/####/sp_global_icon_id.xml
- /data/data/####/sp_global_privacy.xml
- /data/data/####/sp_global_privacy.xml.bak
- /data/data/####/sp_last_ad_show_cache_show_ad.xml
- /data/data/####/sp_multi_info.xml
- /data/data/####/sp_multi_ttadnet_config.xml
- /data/data/####/ss_app_config.xml
- /data/data/####/temp.txt
- /data/data/####/temp_pkg_info.json
- /data/data/####/template
- /data/data/####/the-real-index
- /data/data/####/tramini.db-journal
- /data/data/####/tramini.xml
- /data/data/####/tramini.xml.bak
- /data/data/####/tt_ad_sdk_sp.xml
- /data/data/####/tt_ads_conf
- /data/data/####/tt_sdk_event_db_ad.xml
- /data/data/####/tt_sdk_event_db_state.xml
- /data/data/####/tt_sdk_event_db_trail.xml
- /data/data/####/tt_sdk_event_get_ad.xml
- /data/data/####/tt_sdk_event_net_ad.xml
- /data/data/####/tt_sdk_event_net_state.xml
- /data/data/####/tt_sdk_event_net_trail.xml
- /data/data/####/tt_sdk_settings.prop
- /data/data/####/tt_sdk_settings.xml
- /data/data/####/tt_sp_app_env.xml
- /data/data/####/ttnet_tnc_config1371.xml
- /data/data/####/ttopenadsdk.xml
- /data/data/####/ttopenadsdk.xml.bak
- /data/data/####/ttopensdk.db-journal
- /data/data/####/unityads-installinfo.xml
- /data/data/####/vungle_db-journal
- /data/data/####/vungle_settings
- /data/data/####/vungle_settings (deleted)
- /data/misc/####/primary.prof
- getprop ro.build.version.emui
- getprop ro.letv.release.version
- getprop ro.vivo.os.build.display.id
- libPglmetasec_ov
- AES-CBC-PKCS5Padding
- AES-CBC-PKCS7PADDING
- AES-ECB-PKCS5Padding
- AES-CBC-PKCS5Padding