Analysis Overview
SHA256
cfda3707a17da15bba49270b2a101465d0d049cd177e181707f7f338b2b82250
Threat Level: Shows suspicious behavior
The file cfda3707a17da15bba49270b2a101465d0d049cd177e181707f7f338b2b82250.bin was found to be: Shows suspicious behavior.
Malicious Activity Summary
Obtains sensitive information copied to the device clipboard
Queries the mobile country code (MCC)
Declares services with permission to bind to the system
Requests dangerous framework permissions
Registers a broadcast receiver at runtime (usually for listening for system events)
Checks CPU information
Checks memory information
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-10-16 22:31
Signatures
Declares services with permission to bind to the system
| Description | Indicator | Process | Target |
| Required by notification listener services to bind with the system. Allows apps to listen to and interact with notifications on the device. | android.permission.BIND_NOTIFICATION_LISTENER_SERVICE | N/A | N/A |
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an application to receive SMS messages. | android.permission.RECEIVE_SMS | N/A | N/A |
| Allows an application to read SMS messages. | android.permission.READ_SMS | N/A | N/A |
| Allows an application to send SMS messages. | android.permission.SEND_SMS | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-10-16 22:31
Reported
2024-10-16 22:33
Platform
android-x86-arm-20240624-en
Max time kernel
137s
Max time network
145s
Command Line
Signatures
Queries the mobile country code (MCC)
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.google.mailtet13
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | semanticlocation-pa.googleapis.com | udp |
| US | 1.1.1.1:53 | our-wedding.link | udp |
| US | 172.67.162.120:443 | our-wedding.link | tcp |
| US | 1.1.1.1:53 | cdnjs.cloudflare.com | udp |
| US | 1.1.1.1:53 | fastly.jsdelivr.net | udp |
| US | 1.1.1.1:53 | api.our-wedding.link | udp |
| US | 151.101.193.229:443 | fastly.jsdelivr.net | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 1.1.1.1:53 | images.unsplash.com | udp |
| US | 151.101.66.208:443 | images.unsplash.com | tcp |
| US | 1.1.1.1:53 | static.cloudflareinsights.com | udp |
| US | 104.16.79.73:443 | static.cloudflareinsights.com | tcp |
| US | 1.1.1.1:53 | api.owlink.id | udp |
| US | 104.21.46.10:443 | api.owlink.id | tcp |
| US | 1.1.1.1:53 | unpkg.com | udp |
| US | 1.1.1.1:53 | cdn.jsdelivr.net | udp |
| US | 1.1.1.1:53 | code.jquery.com | udp |
| US | 1.1.1.1:53 | wowjs.uk | udp |
| US | 104.17.249.203:443 | unpkg.com | tcp |
| US | 104.17.249.203:443 | unpkg.com | tcp |
| US | 172.67.144.82:443 | wowjs.uk | tcp |
| US | 151.101.194.137:443 | code.jquery.com | tcp |
| US | 1.1.1.1:53 | www.youtube.com | udp |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 142.250.187.238:443 | www.youtube.com | tcp |
| GB | 142.250.200.36:443 | www.google.com | tcp |
| US | 104.21.49.117:443 | api.our-wedding.link | tcp |
| US | 104.21.49.117:443 | api.our-wedding.link | tcp |
| US | 1.1.1.1:53 | maps.gstatic.com | udp |
| US | 1.1.1.1:53 | maps.googleapis.com | udp |
| GB | 172.217.169.10:443 | maps.googleapis.com | tcp |
| GB | 142.250.178.3:443 | maps.gstatic.com | tcp |
| US | 1.1.1.1:53 | googleads.g.doubleclick.net | udp |
| GB | 216.58.201.98:443 | googleads.g.doubleclick.net | tcp |
| US | 1.1.1.1:53 | static.doubleclick.net | udp |
| GB | 172.217.169.38:443 | static.doubleclick.net | tcp |
| US | 1.1.1.1:53 | static.hotjar.com | udp |
| US | 1.1.1.1:53 | cdn.amplitude.com | udp |
| GB | 13.224.245.87:443 | static.hotjar.com | tcp |
| US | 1.1.1.1:53 | analytics.tiktok.com | udp |
| GB | 18.154.84.20:443 | cdn.amplitude.com | tcp |
| GB | 2.21.67.25:443 | analytics.tiktok.com | tcp |
| US | 1.1.1.1:53 | connect.facebook.net | udp |
| GB | 157.240.214.11:443 | connect.facebook.net | tcp |
| US | 1.1.1.1:53 | script.hotjar.com | udp |
| US | 1.1.1.1:53 | www.facebook.com | udp |
| GB | 157.240.214.35:443 | www.facebook.com | tcp |
| GB | 157.240.214.35:443 | www.facebook.com | tcp |
| US | 1.1.1.1:53 | jnn-pa.googleapis.com | udp |
| US | 1.1.1.1:53 | i.ytimg.com | udp |
| GB | 172.217.16.246:443 | i.ytimg.com | tcp |
| US | 1.1.1.1:53 | yt3.ggpht.com | udp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 18.245.253.22:443 | script.hotjar.com | tcp |
| GB | 18.245.253.22:443 | script.hotjar.com | tcp |
| US | 1.1.1.1:53 | play.google.com | udp |
| GB | 216.58.201.110:443 | play.google.com | tcp |
| US | 1.1.1.1:53 | rr3---sn-aigzrn7z.googlevideo.com | udp |
| GB | 173.194.135.104:443 | rr3---sn-aigzrn7z.googlevideo.com | tcp |
| GB | 173.194.135.104:443 | rr3---sn-aigzrn7z.googlevideo.com | tcp |
| GB | 216.58.201.110:443 | play.google.com | tcp |
| GB | 142.250.187.202:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.187.202:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.187.202:443 | jnn-pa.googleapis.com | tcp |
| GB | 216.58.201.110:443 | play.google.com | tcp |
| GB | 172.217.169.33:443 | yt3.ggpht.com | tcp |
| GB | 172.217.169.33:443 | yt3.ggpht.com | tcp |
| GB | 172.217.169.33:443 | yt3.ggpht.com | tcp |
| GB | 172.217.169.33:443 | yt3.ggpht.com | tcp |
| GB | 172.217.169.33:443 | yt3.ggpht.com | tcp |
| GB | 142.250.200.14:443 | android.apis.google.com | tcp |
| GB | 142.250.178.10:443 | jnn-pa.googleapis.com | tcp |
Files
/data/data/com.google.mailtet13/logs/20241016223128369.log
| MD5 | f422f07c24540a8f0805e46a44efac71 |
| SHA1 | 63f2fea776488839b1c86bd6cc7a8154cecc661f |
| SHA256 | a1f633ac1ce13f6532179fead50b173c71c2528eda9f345d6089afb4140955e3 |
| SHA512 | b2be0685322c59008c4482bd8af192e1feb5b269e71a0a90c3214204fb0e42e2b265ccd4eb9d095a6e731f45f57e297078e58f9dfd910148bc3aed9cf74db4e8 |
/data/data/com.google.mailtet13/no_backup/androidx.work.workdb-journal
| MD5 | 623297d731541c3dfb07bcfdd73f7a11 |
| SHA1 | 8749e225b6441ec456d37ff74b3634efc0e26993 |
| SHA256 | 59bcce533ca9c6264507b38942004c56165d8e90ddc8f0ddcf05605f9b187883 |
| SHA512 | dde7806ea3ecf3507b5d6d663789b9bbfcaf68a70f42749a7579f20bec2c00e5d5873490f93ff54c21a8c33c00ac4205b08fb5a1666be6ef93c3db2a37775542 |
/data/data/com.google.mailtet13/no_backup/androidx.work.workdb
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/com.google.mailtet13/no_backup/androidx.work.workdb-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/com.google.mailtet13/no_backup/androidx.work.workdb-wal
| MD5 | 0a4946c515f7056d061c2e5eb0b2ff7a |
| SHA1 | c169059714efb77a7534679fe4c1244ad63fa23d |
| SHA256 | 3cbd9e7062d305fda704e251ac0681371b74ef55b5242e2d64efae08619be08a |
| SHA512 | aafa1f9d62dc98ec67f767f053d1ca4112626421193d7344bc6ea6302cdba2a6ad41b97b15f03db2808bb1cc0eceacfe9cc8a1efdba4dc436c8e523d1b17cb75 |
/data/data/com.google.mailtet13/no_backup/androidx.work.workdb-wal
| MD5 | e48bb40424adc6fb20b7b564e750779e |
| SHA1 | 6f0e089aa65b1581e967a2ef6de6ef0f12c99401 |
| SHA256 | 0f0f70caaaa2f4e132fb98b9de74bc3cb93e44935fb262ec90a53f3c15c964b9 |
| SHA512 | fbcc2eda4890c6115d742cbd8bb851b11e41c80b0486135ff1e6c98249163539d5142db1119011cb052f591025666d7f63f84425f95dfdc3fb7dc2911b44fea9 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-10-16 22:31
Reported
2024-10-16 22:33
Platform
android-x64-20240910-en
Max time kernel
143s
Max time network
150s
Command Line
Signatures
Obtains sensitive information copied to the device clipboard
| Description | Indicator | Process | Target |
| Framework service call | android.content.IClipboard.addPrimaryClipChangedListener | N/A | N/A |
Queries the mobile country code (MCC)
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.google.mailtet13
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.187.234:443 | tcp | |
| GB | 216.58.201.110:443 | tcp | |
| GB | 216.58.201.110:443 | tcp | |
| GB | 216.58.201.110:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 216.58.204.78:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | our-wedding.link | udp |
| US | 104.21.49.117:443 | our-wedding.link | tcp |
| US | 1.1.1.1:53 | cdnjs.cloudflare.com | udp |
| US | 1.1.1.1:53 | api.our-wedding.link | udp |
| US | 1.1.1.1:53 | fastly.jsdelivr.net | udp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 151.101.1.229:443 | fastly.jsdelivr.net | tcp |
| US | 1.1.1.1:53 | images.unsplash.com | udp |
| US | 1.1.1.1:53 | static.cloudflareinsights.com | udp |
| US | 151.101.194.208:443 | images.unsplash.com | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 1.1.1.1:53 | api.owlink.id | udp |
| US | 1.1.1.1:53 | region1.analytics.google.com | udp |
| US | 1.1.1.1:53 | stats.g.doubleclick.net | udp |
| US | 1.1.1.1:53 | www.google.co.uk | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| BE | 64.233.167.155:443 | stats.g.doubleclick.net | tcp |
| GB | 142.250.200.35:443 | www.google.co.uk | tcp |
| US | 172.67.222.58:443 | api.owlink.id | tcp |
| US | 1.1.1.1:53 | www.youtube.com | udp |
| US | 1.1.1.1:53 | www.google.com | udp |
| US | 1.1.1.1:53 | wowjs.uk | udp |
| US | 1.1.1.1:53 | unpkg.com | udp |
| US | 1.1.1.1:53 | cdn.jsdelivr.net | udp |
| GB | 172.217.169.46:443 | www.youtube.com | tcp |
| US | 1.1.1.1:53 | code.jquery.com | udp |
| US | 172.67.144.82:443 | wowjs.uk | tcp |
| US | 151.101.130.137:443 | code.jquery.com | tcp |
| US | 172.67.144.82:443 | wowjs.uk | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 216.58.201.104:443 | ssl.google-analytics.com | tcp |
| US | 104.21.49.117:443 | api.our-wedding.link | tcp |
| US | 1.1.1.1:53 | googleads.g.doubleclick.net | udp |
| US | 1.1.1.1:53 | static.doubleclick.net | udp |
| GB | 216.58.201.98:443 | googleads.g.doubleclick.net | tcp |
| GB | 172.217.169.38:443 | static.doubleclick.net | tcp |
| US | 1.1.1.1:53 | jnn-pa.googleapis.com | udp |
| GB | 172.217.169.74:443 | jnn-pa.googleapis.com | tcp |
| US | 1.1.1.1:53 | i.ytimg.com | udp |
| GB | 142.250.187.214:443 | i.ytimg.com | tcp |
| US | 1.1.1.1:53 | yt3.ggpht.com | udp |
| GB | 142.250.200.33:443 | yt3.ggpht.com | tcp |
| US | 1.1.1.1:53 | play.google.com | udp |
| GB | 216.58.212.206:443 | play.google.com | tcp |
| GB | 216.58.212.206:443 | play.google.com | tcp |
| GB | 216.58.212.206:443 | play.google.com | tcp |
| US | 104.16.79.73:443 | static.cloudflareinsights.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 104.17.248.203:443 | unpkg.com | tcp |
| US | 104.17.248.203:443 | unpkg.com | tcp |
| US | 1.1.1.1:53 | maps.gstatic.com | udp |
| US | 1.1.1.1:53 | maps.googleapis.com | udp |
| GB | 142.250.178.3:443 | maps.gstatic.com | tcp |
| US | 1.1.1.1:53 | static.hotjar.com | udp |
| US | 1.1.1.1:53 | cdn.amplitude.com | udp |
| US | 1.1.1.1:53 | analytics.tiktok.com | udp |
| GB | 13.224.245.87:443 | static.hotjar.com | tcp |
| US | 1.1.1.1:53 | connect.facebook.net | udp |
| GB | 157.240.214.11:443 | connect.facebook.net | tcp |
| GB | 157.240.214.11:443 | connect.facebook.net | tcp |
| US | 1.1.1.1:53 | script.hotjar.com | udp |
| GB | 18.245.253.79:443 | script.hotjar.com | tcp |
| US | 1.1.1.1:53 | www.facebook.com | udp |
| GB | 157.240.214.35:443 | www.facebook.com | tcp |
| US | 1.1.1.1:53 | rr3---sn-aigl6nzs.googlevideo.com | udp |
| GB | 74.125.175.72:443 | rr3---sn-aigl6nzs.googlevideo.com | tcp |
| GB | 74.125.175.72:443 | rr3---sn-aigl6nzs.googlevideo.com | tcp |
| US | 1.1.1.1:53 | cdn.amplitude.com | udp |
| US | 1.1.1.1:53 | analytics.tiktok.com | udp |
| GB | 18.154.84.20:443 | cdn.amplitude.com | tcp |
| GB | 184.28.198.187:443 | analytics.tiktok.com | tcp |
Files
/data/data/com.google.mailtet13/logs/20241016223124494.log
| MD5 | c405adfdbc2b7baf20b326afdd3cc378 |
| SHA1 | 5de56895d6cfe2d45be595bc77f21c4c09ec41c5 |
| SHA256 | ef030c3017b1fec958089fde917489227e5546f265de65f01cf7b63f87ecff58 |
| SHA512 | cc28b53d2f65e3752a3300a37d3ac20465f670d5e3f960c112c2f54ff4ef070fae45efc1760750d449e83e004bead3f81237f1f92bb58e01d5b65deb5a9f371d |
/data/data/com.google.mailtet13/no_backup/androidx.work.workdb-journal
| MD5 | 41d674e5366405120817032eb67999d5 |
| SHA1 | 85e191eb53501bbbb53a12059dbf0e5f3662f3f1 |
| SHA256 | 2ac148d31ddef7dc5f9e944a9228d3a63856e090b237f16e60a5392a15dfbb93 |
| SHA512 | 5e2d711c17c935166f75c3818994a9e098058ee11df2de35e93c6f63e40ac036d6e72e0f12dd01a0ac716a30baf5bf18b24c264acdde8546cab36f6a8794c6da |
/data/data/com.google.mailtet13/no_backup/androidx.work.workdb
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/com.google.mailtet13/no_backup/androidx.work.workdb-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/com.google.mailtet13/no_backup/androidx.work.workdb-wal
| MD5 | e164a0e7e7eda9cd6e56ace87c08dd0f |
| SHA1 | 073f048d857534cbbce08cd144c01eb9337f0e37 |
| SHA256 | f6b4629272c90d7647f8319e7ffde456723e8a21c339265c2a9ab1982e48c2cd |
| SHA512 | b80b32da6c7a3728ae61c1aa918f9e330810bec91249c596d8801d0e88ed3b03d64a0e6078a632726c9248f917ffa28197a3c875835ddbc3d6d79fc8a175d17f |
/data/data/com.google.mailtet13/no_backup/androidx.work.workdb-wal
| MD5 | dc1a5c5a245641adee07669eed24cd78 |
| SHA1 | 917137eadf00de07320f3d1bb150fe93013f3c4a |
| SHA256 | 90c5a36c828adf1d09261311ef3d3d5fa9b19508137f385c6455f0218ded5830 |
| SHA512 | 2a8539a9ba444d52daa6433f18d0fe27d202c24c1fe9975f230b53342f581d59f8a8ca9025643fb1eb19a2c2fa2a0027fdddd3ad60afbd1dec31ba5c3d872c93 |
Analysis: behavioral3
Detonation Overview
Submitted
2024-10-16 22:31
Reported
2024-10-16 22:33
Platform
android-x64-arm64-20240910-en
Max time kernel
149s
Max time network
151s
Command Line
Signatures
Obtains sensitive information copied to the device clipboard
| Description | Indicator | Process | Target |
| Framework service call | android.content.IClipboard.addPrimaryClipChangedListener | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.google.mailtet13
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.200.14:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| US | 1.1.1.1:53 | www.youtube.com | udp |
| GB | 142.250.187.206:443 | www.youtube.com | tcp |
| GB | 142.250.187.206:443 | www.youtube.com | tcp |
| GB | 142.250.187.206:443 | www.youtube.com | tcp |
| US | 216.239.36.223:443 | tcp | |
| US | 1.1.1.1:53 | our-wedding.link | udp |
| US | 104.21.49.117:443 | our-wedding.link | tcp |
| US | 1.1.1.1:53 | cdnjs.cloudflare.com | udp |
| US | 1.1.1.1:53 | api.our-wedding.link | udp |
| US | 1.1.1.1:53 | fastly.jsdelivr.net | udp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 151.101.1.229:443 | fastly.jsdelivr.net | tcp |
| US | 1.1.1.1:53 | images.unsplash.com | udp |
| US | 151.101.66.208:443 | images.unsplash.com | tcp |
| US | 1.1.1.1:53 | static.cloudflareinsights.com | udp |
| US | 104.16.80.73:443 | static.cloudflareinsights.com | tcp |
| US | 1.1.1.1:53 | api.owlink.id | udp |
| US | 172.67.222.58:443 | api.owlink.id | tcp |
| US | 1.1.1.1:53 | region1.analytics.google.com | udp |
| US | 1.1.1.1:53 | stats.g.doubleclick.net | udp |
| US | 1.1.1.1:53 | www.google.co.uk | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| GB | 74.125.71.156:443 | stats.g.doubleclick.net | tcp |
| GB | 142.250.200.35:443 | www.google.co.uk | tcp |
| US | 1.1.1.1:53 | wowjs.uk | udp |
| US | 1.1.1.1:53 | unpkg.com | udp |
| US | 1.1.1.1:53 | cdn.jsdelivr.net | udp |
| US | 1.1.1.1:53 | code.jquery.com | udp |
| US | 1.1.1.1:53 | www.google.com | udp |
| US | 104.21.63.81:443 | wowjs.uk | tcp |
| GB | 142.250.187.206:443 | www.youtube.com | tcp |
| US | 104.18.187.31:443 | cdn.jsdelivr.net | tcp |
| US | 104.17.249.203:443 | unpkg.com | tcp |
| US | 104.17.249.203:443 | unpkg.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 151.101.194.137:443 | code.jquery.com | tcp |
| US | 172.67.162.120:443 | api.our-wedding.link | tcp |
| US | 1.1.1.1:53 | googleads.g.doubleclick.net | udp |
| US | 1.1.1.1:53 | static.doubleclick.net | udp |
| GB | 142.250.180.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 216.58.212.198:443 | static.doubleclick.net | tcp |
| US | 1.1.1.1:53 | maps.gstatic.com | udp |
| US | 1.1.1.1:53 | maps.googleapis.com | udp |
| GB | 216.58.201.99:443 | maps.gstatic.com | tcp |
| GB | 216.58.204.74:443 | maps.googleapis.com | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| US | 1.1.1.1:53 | jnn-pa.googleapis.com | udp |
| GB | 142.250.200.40:443 | ssl.google-analytics.com | tcp |
| GB | 142.250.200.10:443 | jnn-pa.googleapis.com | tcp |
| US | 1.1.1.1:53 | i.ytimg.com | udp |
| GB | 216.58.204.74:443 | jnn-pa.googleapis.com | tcp |
| US | 1.1.1.1:53 | yt3.ggpht.com | udp |
| GB | 172.217.169.22:443 | i.ytimg.com | tcp |
| GB | 172.217.169.33:443 | yt3.ggpht.com | tcp |
| US | 1.1.1.1:53 | play.google.com | udp |
| GB | 142.250.178.14:443 | play.google.com | tcp |
| GB | 142.250.178.14:443 | play.google.com | tcp |
| GB | 142.250.178.14:443 | play.google.com | tcp |
| US | 1.1.1.1:53 | static.hotjar.com | udp |
| US | 1.1.1.1:53 | cdn.amplitude.com | udp |
| US | 1.1.1.1:53 | analytics.tiktok.com | udp |
| GB | 13.224.245.27:443 | static.hotjar.com | tcp |
| GB | 2.21.67.11:443 | analytics.tiktok.com | tcp |
| GB | 18.154.84.124:443 | cdn.amplitude.com | tcp |
| US | 1.1.1.1:53 | connect.facebook.net | udp |
| GB | 157.240.214.11:443 | connect.facebook.net | tcp |
| US | 1.1.1.1:53 | script.hotjar.com | udp |
| GB | 18.245.253.22:443 | script.hotjar.com | tcp |
| US | 1.1.1.1:53 | www.facebook.com | udp |
| GB | 157.240.214.35:443 | www.facebook.com | tcp |
| US | 1.1.1.1:53 | rr3---sn-aigzrn7z.googlevideo.com | udp |
| GB | 173.194.135.104:443 | rr3---sn-aigzrn7z.googlevideo.com | tcp |
| GB | 173.194.135.104:443 | rr3---sn-aigzrn7z.googlevideo.com | tcp |
| GB | 142.250.187.193:443 | tcp | |
| US | 216.239.36.223:443 | tcp | |
| GB | 142.250.187.193:443 | tcp | |
| US | 216.239.36.223:443 | tcp | |
| GB | 216.58.204.74:443 | jnn-pa.googleapis.com | tcp |
Files
/data/data/com.google.mailtet13/logs/20241016223124450.log
| MD5 | 11bb013e172c04a508584e53de1642e1 |
| SHA1 | 1d7276f22289a156f35cb1976deb543835521570 |
| SHA256 | 965a8fcd00b7c55ae840186e6ecf6f5d8648567e5e1beec25bbd1461ad70e58e |
| SHA512 | f98b1a16a9b81e4396f86891d906e13eba8e6e69fc272db6712929799d22a000590b276a9ef9b82e59009cee7a62261aab8d2c3fcf8790046ae4956c93de6072 |
/data/data/com.google.mailtet13/no_backup/androidx.work.workdb-journal
| MD5 | c97202d0ecb8cdb62d9b12f3e4230fb4 |
| SHA1 | a6c724508b013e1795aeadaf10e4d0043bed9392 |
| SHA256 | a6ebfe0ecdd61cbe83b2c0ef7c871d166a99344e6a118f3493f68b8cdcbf341a |
| SHA512 | 84ef3f02d6a049509d7339cbc99d2d88ce591e26ba8c29ec55a56cafa00ecaf37545c675be87dcb076fa23215c7dde3db6f2c9fbd2b607de4a40acbba5840c61 |
/data/data/com.google.mailtet13/no_backup/androidx.work.workdb
| MD5 | 7e858c4054eb00fcddc653a04e5cd1c6 |
| SHA1 | 2e056bf31a8d78df136f02a62afeeca77f4faccf |
| SHA256 | 9010186c5c083155a45673017d1e31c2a178e63cc15a57bbffde4d1956a23dad |
| SHA512 | d0c7a120940c8e637d5566ef179d01eff88a2c2650afda69ad2a46aad76533eaace192028bba3d60407b4e34a950e7560f95d9f9b8eebe361ef62897d88b30cb |
/data/data/com.google.mailtet13/no_backup/androidx.work.workdb-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/com.google.mailtet13/no_backup/androidx.work.workdb-wal
| MD5 | 5439ad151023490feed3d894871c32d2 |
| SHA1 | e85e1fa4a6b3235637c6c788e4fe91b3aad9d820 |
| SHA256 | b1a78fc6fc197c976b07b20099da9f8105c4bc3a3e9526c40917e0ea531cd300 |
| SHA512 | 8696154dd274d7fbba21efeea5a5863c12650ec7a2313e02c75f2a8d72f93eeca8effdbfbc3af6beb49be62d6e13b9d0324766e262bc2b0ec01c05d83f936681 |
/data/data/com.google.mailtet13/no_backup/androidx.work.workdb-wal
| MD5 | f9519ff3db2a8f94c8da96a493c236d6 |
| SHA1 | 2984e52030ac3400795cefc7dce630a409d92b50 |
| SHA256 | c1adc5f7292e7d67847e5e9cc179c30dfbf95dae2de7c5ad4a55216482bb4223 |
| SHA512 | e0ff344817f86882680591ecd48e316a891ead35e55fdbe3e15af52f947f0266e0acd383075f832fcca3daac3cf2db147e31fa7ce0ac4721fbdb6dc317feef95 |