Moderate Risk

Threat level

com.julofinance.juloapp

JULO

Analyzed on 2022-01-21T07:03:48.125052

19

permissions

174

activities

29

services

24

receivers

50

domains

File sums

MD5 75b849cbb6035cb78c5a6d9ee211d720
SHA1 3104021e131b30b854810d25933a625b68b9cac8
SHA256 486aa38cbfd2fb9e94cc78107d4ae8f0f302b5bf7e12410d1b6cd8a64cb2aa5d
Size 52.45MB

APKiD

Information computed with APKiD.

/tmp/tmptg0tm113!classes.dex
anti_vm
  • Build.FINGERPRINT check
  • Build.MODEL check
  • Build.MANUFACTURER check
  • Build.BRAND check
  • Build.DEVICE check
  • Build.PRODUCT check
  • Build.TAGS check
  • SIM operator check
  • network operator name check
  • ro.kernel.qemu check
obfuscator
  • unreadable field names
  • unreadable method names
compiler
  • r8
/tmp/tmptg0tm113!classes2.dex
anti_vm
  • Build.FINGERPRINT check
  • Build.MODEL check
  • Build.MANUFACTURER check
  • Build.PRODUCT check
  • Build.HARDWARE check
  • Build.TAGS check
  • possible VM check
anti_debug
  • Debug.isDebuggerConnected() check
compiler
  • r8 without marker (suspicious)
/tmp/tmptg0tm113!classes3.dex
compiler
  • r8 without marker (suspicious)
/tmp/tmptg0tm113!classes4.dex
compiler
  • r8 without marker (suspicious)
/tmp/tmptg0tm113!classes5.dex
anti_vm
  • Build.MANUFACTURER check
compiler
  • r8 without marker (suspicious)
/tmp/tmptg0tm113!classes6.dex
anti_vm
  • Build.MANUFACTURER check
  • possible Build.SERIAL check
  • Build.TAGS check
  • possible ro.secure check
compiler
  • r8 without marker (suspicious)

SSdeep

Information computed with ssdeep.

APK file 786432:BP3d4Fpn6yVekBTTnEdG7HILrfLUQ9yjOhPYVFkqv7wF0Gyr0PkhFmlCu9Mlixlr:BP3KprJXEdeu9Rukqv7wKvrnKMUQxgh
Manifest 768:zrnrazdrKTABRxcKBs6XccSbqUQtoTYo9OegLo5GEtyisQ/HKcQpWtCUdDa4F/sh:…
classes.dex 196608:I2rJYjT23e0P+AVshw47dYVHJBplQO00dU2JigU:9SMF7JJif
classes2.dex 49152:qq4Ls+D/ON4g2ZLEZNrKWCTh8NEa0rymtHo1w2+a4X7TgwIYzUEze3I9ggoMmI6…
classes3.dex 49152:sFmAeDqenB13sfgRrglHTqfRLnxgL3gvHGLAe3MQ68qJAU0J+gdjV:sFn7enr3O…
classes4.dex 98304:VBPo2Aua9g4VBoz4bkZe34qpKlCErJHzp:V5osaxVFqqpKEErJHzp
classes5.dex 24576:J+5osIicOq2XzwuCnvFQrDWsqe1ve3srMIwAhW5YLuUa:0YGCHe1ve3wM/Ac6Lu…
classes6.dex 49152:gECZh2D+MUR6nsMTy11LP+FI525esQl/mwtee3rgte8rPAye:gtPgUeTyVMepVm…

Dexofuzzy

Information computed with Dexofuzzy.

APK file 12288:4CZDN9rhA1fJVs1OtmJq2kEHhG7956NnFoyBm3+WMny3DjL9vwkzNg:JhyDVs2m…
classes.dex 6144:4C5OODN99Zyz8A1fB+ujdVvhW1OS4mrzR8mxq2kT3JwTccWDKd1hGLzNNa:4CZDN…
classes2.dex 6144:u56NNnpBlisiDoJIWfrXSByMze/dbU3+kA2x:u56NnFoyBm3+Wx
classes3.dex 3072:sj7I4a9ih4fhujET/zo4oaooEalkj7lD7sqqqSqqFKqLkqaL4BqqBLqL1GiEVqLW…
classes4.dex 1536:HG+w1SqSUfSlsBgTd6dDkTKTbRsHNcUfHB1E8KaS5VCiVduiuvMHuqjko:HG+w1S…
classes5.dex 768:uDm8PpRpemMYgN/AT+8y9vaYn2UVEcZ4OmLBE7nGQAM5UEuXjGDYOKgn0TXswfi1:…
classes6.dex 3072:aj0m0fyiSV/rmRmcEEHB2Jj7pwvrRWOBjB7LZTDbDunWKEv6VgKrEZ5J1EZfeHfH…

APK details

Information computed with AndroGuard and Pithus.

Package com.julofinance.juloapp
App name JULO
Version name 6.1.0
Version code 2262
SDK 21 - 30
UAID d08fd09ff057ca3757865d6554005e1ec779c99b
Signature Signature V1 Signature V2
Frosting Not frosted
Blocks found within V2 signature:
  • 0x7109871a: Unknown
  • 0x504b4453: Dependency metadata
  • 0x42726577: Verity padding

Certificate details

Information computed with AndroGuard.

MD5 a49ee2adc826b56e869ac7e94288e769
SHA1 011b126663a6c59bcf0eee8d10d4055a6b53b456
SHA256 625387da6d842d60e29b6822eb2fc16859215f4608d6fb5075f34380ae6e0011
Issuer Common Name: Victor Darmadi, Organizational Unit: Mobile Development, Organization: Julo Finance, Locality: Jakarta, State/Province: Jakarta, Country: ID
Not before 2016-11-23T08:06:16+00:00
Not after 2041-11-17T08:06:16+00:00

Manifest analysis

Information computed with MobSF.

High Clear text traffic is Enabled For App[android:usesCleartextTraffic=true]
The app intends to use cleartext network traffic, such as cleartext HTTP, FTP stacks, DownloadManager, and MediaPlayer. The default value for apps that target API level 27 or lower is "true". Apps that target API level 28 or higher default to "false". The key reason for avoiding cleartext traffic is the lack of confidentiality, authenticity, and protections against tampering; a network attacker can eavesdrop on transmitted data and also modify it without being detected.
Low App has a Network Security Configuration[android:networkSecurityConfig=@xml/network_security_config]
The Network Security Configuration feature lets apps customize their network security settings in a safe, declarative configuration file without modifying app code. These settings can be configured for specific domains and for a specific app.
High Service (com.julofinance.juloapp.services.deprecatedScrape.DataScrapeServiceV2) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.BIND_JOB_SERVICE [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Service (com.julofinance.juloapp.services.MyFirebaseMessagingService) is not Protected.An intent-filter exists.
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Service is explicitly exported.
High Broadcast Receiver (com.julofinance.juloapp.services.AppsFlyerService) is not Protected. [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Broadcast Receiver (com.julofinance.juloapp.services.InboxCountReceiver) is not Protected.An intent-filter exists.
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Broadcast Receiver is explicitly exported.
High Broadcast Receiver (com.julofinance.juloapp.services.notifdndlogging.AlarmReceiver) is not Protected. [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Broadcast Receiver (com.julofinance.juloapp.services.notifdndlogging.BootCompletedIntentReceiver) is not Protected.An intent-filter exists.
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Broadcast Receiver is explicitly exported.
High TaskAffinity is set for Activity
(com.chuckerteam.chucker.internal.ui.MainActivity)
If taskAffinity is set, then other application could read the Intents sent to Activities belonging to another task. Always use the default setting keeping the affinity as the package name in order to prevent sensitive information inside sent or received Intents from being read by another application.
High TaskAffinity is set for Activity
(com.readystatesoftware.chuck.internal.ui.MainActivity)
If taskAffinity is set, then other application could read the Intents sent to Activities belonging to another task. Always use the default setting keeping the affinity as the package name in order to prevent sensitive information inside sent or received Intents from being read by another application.
High Service (androidx.work.impl.background.systemjob.SystemJobService) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.BIND_JOB_SERVICE [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Broadcast Receiver (androidx.work.impl.diagnostics.DiagnosticsReceiver) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.DUMP [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Broadcast Receiver (com.google.firebase.iid.FirebaseInstanceIdReceiver) is Protected by a permission, but the protection level of the permission should be checked.
Permission: com.google.android.c2dm.permission.SEND [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Service (com.google.android.gms.auth.api.signin.RevocationBoundService) is Protected by a permission, but the protection level of the permission should be checked.
Permission: com.google.android.gms.auth.api.signin.permission.REVOCATION_NOTIFICATION [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Service (com.google.android.play.core.assetpacks.AssetPackExtractionService) is not Protected. [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.zopim.android.sdk.prechat.ZopimChatActivity) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High Broadcast Receiver (com.instacart.library.truetime.BootCompletedBroadcastReceiver) is not Protected.An intent-filter exists.
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Broadcast Receiver is explicitly exported.
High TaskAffinity is set for Activity
(com.moengage.pushbase.activities.PushClickDialogTracker)
If taskAffinity is set, then other application could read the Intents sent to Activities belonging to another task. Always use the default setting keeping the affinity as the package name in order to prevent sensitive information inside sent or received Intents from being read by another application.
High Activity (com.moengage.integrationverifier.internal.IntegrationVerificationActivity) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.

Browsable activities

Information computed with MobSF.

com.julofinance.juloapp.activity.SplashActivity

Schemes: julo:// mtl:// stl:// agunan:// aktivitaspinjaman:// ketentuan:// homescreen:// productselection:// howtopay://

com.moengage.integrationverifier.internal.IntegrationVerificationActivity

Hosts: integration

Schemes: moengage://

Main Activity

Information computed with AndroGuard.

com.julofinance.juloapp.activity.SplashActivity

Activities

Information computed with AndroGuard.

com.julofinance.juloapp.feature.home.AllProductActivity
com.julofinance.juloapp.feature.disbursement.phone.postpaid.PostpaidPhoneActivity
com.julofinance.juloapp.feature.disbursement.bpjs.DisburseBpjsActivity
com.julofinance.juloapp.activity.SplashActivity
com.julofinance.juloapp.activity.JuloBaseActivity
com.julofinance.juloapp.feature.landing.LandingActivity
com.julofinance.juloapp.feature.testCoreModular.TestingCoreActivity
com.julofinance.juloapp.feature.pin.GetPINActivity
com.julofinance.juloapp.feature.loan.main.LoanJuloActivity
com.julofinance.juloapp.feature.loan.historyDonePayment.HistoryDonePaymentActivity
com.julofinance.juloapp.feature.loan.detailPayment.DetailPaymentActivity
com.julofinance.juloapp.feature.loan.transactionSummary.TransactionSummaryActivity
com.julofinance.juloapp.activity.BoosterNewActivity
com.julofinance.juloapp.activity.PersonalDataOTPActivity
com.julofinance.juloapp.activity.PrivacyAgreementActivity
com.julofinance.juloapp.activity.CorruptInstallActivity
com.julofinance.juloapp.camera.ImagePreviewActivity
com.julofinance.juloapp.camera.ImagePreviewLandscapeActivity
com.julofinance.juloapp.camera.KTPImagePreviewActivity
com.julofinance.juloapp.camera.CameraActivity
com.julofinance.juloapp.camera.KTPCameraActivity
com.julofinance.juloapp.camera.CameraActivityLandscape
com.julofinance.juloapp.camera.CameraActivityPotrait
com.julofinance.juloapp.activity.LoanSuccessfulActivity
com.julofinance.juloapp.activity.sphp.DigiSphpActivity
com.julofinance.juloapp.activity.sphp.OldSPHPActivity
com.julofinance.juloapp.activity.DocumentDigiWebActivity
com.julofinance.juloapp.activity.sphp.PrivySphpActivity
com.julofinance.juloapp.activity.LargerPhotoViewActivity
com.julofinance.juloapp.signature.SignatureActivity
com.julofinance.juloapp.activity.ProductsAndRatesSectionActivity
com.julofinance.juloapp.activity.SubmitErrorActivity
com.julofinance.juloapp.activity.ProductDetailActivity
com.julofinance.juloapp.feature.profile.ProfileActivity
com.julofinance.juloapp.feature.pin.changepin.CheckOldPINActivity
com.julofinance.juloapp.feature.pin.check.CheckPINActivity
com.julofinance.juloapp.feature.pin.create.CreatePINActivity
com.julofinance.juloapp.activity.PermissionLandingActivity
com.julofinance.juloapp.feature.loan.paymentMethod.PaymentMethodActivity
com.julofinance.juloapp.feature.reapply.unclean.ReapplyActivity
com.julofinance.juloapp.activity.FraudActivity
com.julofinance.juloapp.activity.MyAddressActivity
com.julofinance.juloapp.base.JuloUncaughtException
com.julofinance.juloapp.feature.cashback.unclean.CashbackActivity
com.julofinance.juloapp.activity.NominalProductActivity
com.julofinance.juloapp.activity.StatementDetailActivity
com.julofinance.juloapp.activity.StatementDetailListActivity
com.julofinance.juloapp.activity.PINConfigurationActivity
com.julofinance.juloapp.activity.LOCPinRegistrationActivity
com.julofinance.juloapp.feature.pin.changepin.ChangePINActivity
com.julofinance.juloapp.activity.LOCPinUpdateActivity
com.julofinance.juloapp.activity.LOCPinResetActivity
com.julofinance.juloapp.activity.LOCPinConfirmationActivity
com.julofinance.juloapp.activity.RegisterV3Activity
com.julofinance.juloapp.activity.ZenChatActivity
com.julofinance.juloapp.activity.DocumentInputActivity
com.julofinance.juloapp.feature.loanAgreement.qris.QrisLoanAgreementActivity
com.julofinance.juloapp.feature.loanAgreement.LoanAgreementJ1Activity
com.julofinance.juloapp.feature.loanAgreement.manualSignature.ManualSignatureJ1Activity
com.julofinance.juloapp.feature.loanAgreement.content.LoanAgreementContentActivity
com.julofinance.juloapp.feature.loanAgreement.unclean.privy.PrivySignJ1Activity
com.julofinance.juloapp.activity.WebviewActivity
com.julofinance.juloapp.BFILoanSuccessActivity
com.julofinance.juloapp.activity.HowToPayActivity
com.julofinance.juloapp.feature.cashback.unclean.CashbackDisbursementMethodActivity
com.julofinance.juloapp.feature.cashback.unclean.CashbackOTPActivity
com.julofinance.juloapp.feature.cashback.unclean.CashbackOtpActivityV2
com.julofinance.juloapp.activity.BankAccountValidationActivity
com.julofinance.juloapp.feature.validation.bankAccount.BankAccountValidationActivity
com.julofinance.juloapp.activity.registerv4.RegisterV4Activity
com.julofinance.juloapp.activity.registerv4.RegisterReviewV4Activity
com.julofinance.juloapp.activity.rating.RatingActivity
com.julofinance.juloapp.activity.BPJSWebActivity
com.julofinance.juloapp.activity.BankWebActivity
com.julofinance.juloapp.activity.home.Julo1HomeActivity
com.julofinance.juloapp.feature.disbursement.phone.prepaid.DisbursePhoneActivity
com.julofinance.juloapp.feature.disbursement.ewallet.DisburseEWalletActivity
com.julofinance.juloapp.feature.disbursement.pln.PLNActivity
com.julofinance.juloapp.feature.loanAgreement.unclean.audio.AudioRecordingActivity
com.moe.pushlibrary.activities.MoEActivity
com.julofinance.juloapp.activity.moEngage.PNActivity
com.julofinance.juloapp.feature.loan.transaction.TransactionListActivity
com.julofinance.juloapp.feature.location.TestLocationActivity
com.julofinance.juloapp.feature.notification.custom.CustomNotificationActivity
com.julofinance.juloapp.feature.tokenAuth.ExpiredTokenActivity
com.julofinance.juloapp.feature.loan.bcaDebit.welcome.BCAWelcomeActivity
com.julofinance.juloapp.feature.loan.bcaDebit.login.BCADebitLoginActivity
com.julofinance.juloapp.feature.loan.bcaDebit.tutorialPage.BCADebitTutorialActivity
com.julofinance.juloapp.feature.loan.bcaDebit.tutorialPage.BCATutorialVideoActivity
com.julofinance.library_liveness.feature.LivenessTutorialActivity
com.julofinance.library_liveness.feature.LivenessCameraActivity
com.julofinance.feature.account.feature.changePhone.ChangePhoneActivity
com.julofinance.feature.account.feature.profile.TestActivity
com.julofinance.feature.account.feature.referral.ReferralActivity
com.julofinance.feature.account.feature.referral.ReferralTermActivity
com.julofinance.feature.account.feature.help.HelpCenterActivity
com.julofinance.feature.account.feature.aboutUs.AboutUsActivity
com.julofinance.feature.account.feature.faq.FaqActivity
com.julofinance.feature.account.feature.faqDetail.FaqDetailActivity
com.julofinance.feature.account.feature.requireHelp.ContactHelpActivity
com.julofinance.feature.account.feature.terms.TermsAndConditionActivity
com.julofinance.feature.account.feature.changeEmail.ChangeEmailActivity
com.julofinance.feature.account.feature.changeEmail.ChangeEmailOtpActivity
com.julofinance.feature.account.feature.profileDetail.ProfileDetailActivity
com.julofinance.feature.account.feature.changeEmail.PasswordAuthActivity
com.julofinance.feature.login.feature.LoginJuloV2Activity
com.julofinance.feature.login.feature.LoginJuloProgressActivity
com.julofinance.feature.login.feature.LoginOtpActivityV2
com.julofinance.feature.login.feature.OtpEmailTutorialActivity
com.julofinance.juloapp.feature.disbursement.feature.ecommerce.EcommerceDisburseActivity
com.julofinance.juloapp.feature.disbursement.feature.ecommerce.welcomepage.EcommerceDisburseWelcomeActivity
com.julofinance.juloapp.feature.disbursement.feature.bank.DisburseActivity
com.julofinance.juloapp.feature.disbursement.feature.bank.choose.BankAccountActivity
com.julofinance.juloapp.feature.disbursement.feature.bank.add.AddBankAccountActivity
com.julofinance.juloapp.feature.disbursement.feature.bank.verify.VerifyBankAccountActivity
com.julofinance.juloapp.feature.disbursement.feature.ecommerce.virtualaccount.choose.ECommerceVAListActivity
com.julofinance.juloapp.feature.disbursement.feature.ecommerce.virtualaccount.add.AddVAAccountActivity
com.julofinance.juloapp.feature.disbursement.feature.otp.OtpDisbursementActivityV2
com.julofinance.juloapp.feature.disbursement.feature.ecommerce.inquiry.EcommerceVaDisburseActivity
com.julofinance.juloapp.feature.disburseqris.feature.scan.QRisActivity
com.julofinance.juloapp.feature.disburseqris.feature.inquiry.QRDisburseActivity
com.julofinance.juloapp.feature.disburseqris.feature.welcome.QrisWelcomeActivity
com.julofinance.juloapp.feature.disburseqris.feature.otp.QRisOTPActitvity
com.julofinance.juloapp.feature.disburseqris.feature.status.QrisStatusActivity
com.julofinance.juloapp.feature.cashback.feature.CashbackActivity
com.julofinance.juloapp.feature.cashback.feature.redeem.CashbackRedeemActivity
com.julofinance.juloapp.feature.mission.feature.CreditScroreActivity
com.julofinance.juloapp.feature.mission.feature.phone.VerifyPhoneNumberActivity
com.julofinance.juloapp.feature.mission.feature.billProof.UploadBillProofActivity
com.julofinance.juloapp.feature.mission.feature.phone.AddFamilyContactActivity
com.julofinance.juloapp.feature.mission.feature.phone.AddOfficeContactActivity
com.julofinance.juloapp.feature.mission.feature.address.VerifyAddressActivity
com.julofinance.juloapp.feature.mission.feature.redeem.RedeemMissionActivity
com.julofinance.juloapp.feature.mission.feature.DemoOnlyActivity
com.julofinance.juloapp.feature.mission.feature.bank.MissionBankActivity
com.julofinance.juloapp.feature.mission.feature.bpjs.MissionBPJSActivity
com.julofinance.juloapp.feature.mission.feature.faq.FaqActivity
com.julofinance.juloapp.feature.mission.feature.social.SocialMissionActivity
com.julofinance.library.otp.feature.OTPActivity
com.julofinance.library.otp.feature.tutorial.OTPPhoneTutorialActivity
com.julofinance.feature.register.feature.PreSignupJuloActivity
com.julofinance.feature.register.feature.SignupJuloActivity
com.julofinance.feature.register.feature.SignupCreatePINActivity
com.julofinance.feature.register.feature.SignupProgressActivity
com.julofinance.feature.pin.reset.resetPin.ResetPINActivity
com.julofinance.library.pin.VerifyPINActivity
com.julofinance.feature.home.feature.callback.CallbackActivity
com.julofinance.feature.home.feature.ptp.PTPActivity
com.julofinance.juloapp.feature.longform.feature.SampleFormActivity
com.julofinance.library.camera.feature.v1.V1CameraActivity
com.julofinance.library.camera.feature.v1.V1ImagePreviewActivity
com.julofinance.library.camera.feature.v2.V2CameraActivity
com.julofinance.library.camera.feature.v2.V2ImagePreviewActivity
com.julofinance.library.camera.feature.v3.V3CameraActivity
com.julofinance.library.camera.feature.v3.V3ImagePreviewActivity
com.julofinance.library.camera.feature.imageDetail.ImageDetailActivity
com.julofinance.feature.boilerplate.feature.BoilerActivity
com.julofinance.core.view.util.JuloUncaughtExceptions
com.chuckerteam.chucker.internal.ui.MainActivity
com.chuckerteam.chucker.internal.ui.transaction.TransactionActivity
com.chuckerteam.chucker.internal.ui.throwable.ThrowableActivity
saschpe.android.customtabs.WebViewActivity
com.google.android.libraries.places.widget.AutocompleteActivity
com.readystatesoftware.chuck.internal.ui.MainActivity
com.readystatesoftware.chuck.internal.ui.TransactionActivity
com.google.android.gms.auth.api.signin.internal.SignInHubActivity
com.google.android.gms.common.api.GoogleApiActivity
com.google.android.play.core.missingsplits.PlayCoreMissingSplitsActivity
com.google.android.play.core.common.PlayCoreDialogWrapperActivity
com.zopim.android.sdk.prechat.ZopimChatActivity
com.zopim.android.sdk.chatlog.ZopimCommentActivity
com.moengage.pushbase.activities.PushTracker
com.moengage.pushbase.activities.PushClickDialogTracker
com.moengage.integrationverifier.internal.IntegrationVerificationActivity

Receivers

Information computed with AndroGuard.

com.julofinance.juloapp.services.deprecatedScrape.DataScrapeReceiver
com.julofinance.juloapp.services.AppsFlyerService
com.julofinance.juloapp.services.notificationEvent.NotificationDismissedReceiver
com.julofinance.juloapp.services.notificationEvent.NotificationActionButtonClicked
com.julofinance.juloapp.services.InboxCountReceiver
com.julofinance.juloapp.services.notifdndlogging.AlarmReceiver
com.julofinance.juloapp.services.notifdndlogging.BootCompletedIntentReceiver
com.julofinance.juloapp.feature.mission.util.MissionApplicationReceiver
androidx.work.impl.utils.ForceStopRunnable$BroadcastReceiver
androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy
androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy
androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy
androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy
androidx.work.impl.background.systemalarm.RescheduleReceiver
androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver
androidx.work.impl.diagnostics.DiagnosticsReceiver
com.google.firebase.iid.FirebaseInstanceIdReceiver
com.google.android.gms.measurement.AppMeasurementReceiver
com.google.android.datatransport.runtime.scheduling.jobscheduling.AlarmManagerSchedulerBroadcastReceiver
com.instacart.library.truetime.BootCompletedBroadcastReceiver
com.moengage.core.MoEAlarmReceiver
com.moengage.pushbase.MoEPushReceiver
com.moengage.pushamp.internal.PushAmpAlarmReceiver
com.moengage.addon.trigger.DTSyncAlarmReceiver

Services

Information computed with AndroGuard.

com.julofinance.juloapp.services.deprecatedScrape.DataScrapeServiceV2
com.julofinance.juloapp.services.deprecatedScrape.DataScrapeService
com.julofinance.juloapp.services.MyFirebaseMessagingService
com.julofinance.juloapp.services.OnKillAppService
com.amazonaws.mobileconnectors.s3.transferutility.TransferService
com.chuckerteam.chucker.internal.support.ClearDatabaseService
com.google.firebase.components.ComponentDiscoveryService
com.readystatesoftware.chuck.internal.support.ClearTransactionsService
androidx.work.impl.background.systemalarm.SystemAlarmService
androidx.work.impl.background.systemjob.SystemJobService
androidx.work.impl.foreground.SystemForegroundService
com.google.firebase.messaging.FirebaseMessagingService
com.google.android.gms.measurement.AppMeasurementService
com.google.android.gms.measurement.AppMeasurementJobService
com.google.android.gms.auth.api.signin.RevocationBoundService
com.google.mlkit.common.internal.MlKitComponentDiscoveryService
androidx.room.MultiInstanceInvalidationService
com.google.android.play.core.assetpacks.AssetPackExtractionService
com.zopim.android.sdk.api.ChatService
com.zopim.android.sdk.widget.ChatWidgetService
com.google.android.datatransport.runtime.backends.TransportBackendDiscovery
com.google.android.datatransport.runtime.scheduling.jobscheduling.JobInfoSchedulerService
com.moengage.core.MoEWorker
com.moengage.core.DataSyncJob
com.moengage.pushbase.push.MoEPushWorker
com.moengage.pushamp.internal.PushAmpIntentService
com.moengage.pushamp.internal.PushAmpSyncJob
com.moengage.addon.trigger.DTIntentService
com.moengage.addon.trigger.DTSyncJob

NIAP analysis

Information computed with MobSF.

FCS_RBG_EXT.1.1 The application invoke platform-provided DRBG functionality for its cryptographic operations.
Random Bit Generation Services
FCS_STO_EXT.1.1 The application does not store any credentials to non-volatile memory.
Storage of Credentials
FCS_CKM_EXT.1.1 The application implement asymmetric key generation.
Cryptographic Key Generation Services
FDP_DEC_EXT.1.1 The application has access to ['network connectivity', 'camera', 'location', 'bluetooth', 'microphone'].
Access to Platform Resources
FDP_DEC_EXT.1.2 The application has access to no sensitive information repositories.
Access to Platform Resources
FDP_NET_EXT.1.1 The application has user/application initiated network communications.
Network Communications
FDP_DAR_EXT.1.1 The application implement functionality to encrypt sensitive data in non-volatile memory.
Encryption Of Sensitive Application Data
FMT_MEC_EXT.1.1 The application invoke the mechanisms recommended by the platform vendor for storing and setting configuration options.
Supported Configuration Mechanism
FTP_DIT_EXT.1.1 The application does encrypt some transmitted data with HTTPS/TLS/SSH between itself and another trusted IT product.
Protection of Data in Transit
FCS_RBG_EXT.2.1
FCS_RBG_EXT.2.2
The application perform all deterministic random bit generation (DRBG) services in accordance with NIST Special Publication 800-90A using Hash_DRBG. The deterministic RBG is seeded by an entropy source that accumulates entropy from a platform-based DRBG and a software-based noise source, with a minimum of 256 bits of entropy at least equal to the greatest security strength (according to NIST SP 800-57) of the keys and hashes that it will generate.
Random Bit Generation from Application
FCS_COP.1.1(1) The application perform encryption/decryption in accordance with a specified cryptographic algorithm AES-CBC (as defined in NIST SP 800-38A) mode or AES-GCM (as defined in NIST SP 800-38D) and cryptographic key sizes 256-bit/128-bit.
Cryptographic Operation - Encryption/Decryption
FCS_COP.1.1(2) The application perform cryptographic hashing services not in accordance with FCS_COP.1.1(2) and uses the cryptographic algorithm RC2/RC4/MD4/MD5.
Cryptographic Operation - Hashing
FCS_HTTPS_EXT.1.1 The application implement the HTTPS protocol that complies with RFC 2818.
HTTPS Protocol
FCS_HTTPS_EXT.1.2 The application implement HTTPS using TLS.
HTTPS Protocol
FCS_HTTPS_EXT.1.3 The application notify the user and not establish the connection or request application authorization to establish the connection if the peer certificate is deemed invalid.
HTTPS Protocol
FIA_X509_EXT.2.1 The application use X.509v3 certificates as defined by RFC 5280 to support authentication for HTTPS , TLS.
X.509 Certificate Authentication
FPT_TUD_EXT.2.1 The application shall be distributed using the format of the platform-supported package manager.
Integrity for Installation and Update
FCS_CKM.1.1(2) The application shall generate symmetric cryptographic keys using a Random Bit Generator as specified in FCS_RBG_EXT.1 and specified cryptographic key sizes 128 bit or 256 bit.
Cryptographic Symmetric Key Generation

Code analysis

Information computed with MobSF.

Low
CVSS:7.5
The App logs information. Sensitive information should never be logged.
MASVS: MSTG-STORAGE-3
CWE-532 Insertion of Sensitive Information into Log File
Files:
 t6/x.java
com/julofinance/juloapp/feature/loan/transaction/active/ActiveTransactionViewModel.java
w0/d.java
e6/l.java
i5/l0.java
z5/e.java
k5/q.java
i/a.java
t6/a0.java
k5/g0.java
ir/e.java
com/bumptech/glide/load/engine/l.java
com/zopim/android/sdk/data/LivechatChatLogPath.java
i1/j.java
w4/b.java
t6/z.java
com/bumptech/glide/Glide.java
d8/o.java
com/julofinance/juloapp/feature/disbursement/pln/PLNViewModel$reloadDurationData$1.java
com/julofinance/juloapp/feature/cashback/feature/redeemPPoB/CashbackTrasnferPPoBFragment.java
l7/c.java
com/julofinance/juloapp/feature/landing/unclean/LandingFragment$setupViewPager$1$1.java
l6/v.java
z5/c.java
k9/k0.java
g9/c.java
fc/b.java
t6/x0.java
t6/i.java
k9/e0.java
i5/x0.java
com/bumptech/glide/load/engine/e.java
p0/j.java
t70/b.java
r9/c.java
k5/l0.java
k9/f.java
l6/i.java
f5/a.java
d7/a.java
i5/n1.java
i7/c.java
ua/a.java
wz/c.java
l6/t9.java
com/appsflyer/AFLogger.java
dh/b.java
com/amazonaws/mobileconnectors/s3/transferutility/e.java
i5/w0.java
u/c.java
os/d.java
b00/c.java
com/amazonaws/mobileconnectors/s3/transferutility/TransferService.java
k5/t0.java
h5/h.java
f5/o.java
i5/v1.java
com/julofinance/juloapp/feature/notification/adapter/CustomNotificationAdapter$CustomNotificationViewHolder$bind$4.java
com/wdullaer/materialdatetimepicker/time/a.java
z0/k.java
com/amazonaws/mobileconnectors/s3/transferutility/a.java
i5/h2.java
com/julofinance/juloapp/feature/mission/feature/social/SocialMissionActivity.java
n5/a.java
wy/a.java
g7/a.java
hr/a.java
q0/c.java
g5/x.java
f1/e.java
l6/b0.java
com/julofinance/juloapp/feature/notification/custom/CustomNotificationActivity.java
com/julofinance/juloapp/fragment/registerv4/RegisterFinancialV4Fragment.java
com/julofinance/juloapp/activity/registerv4/RegisterV4Activity.java
e6/e.java
z0/i.java
k5/b.java
com/julofinance/juloapp/feature/loan/unclean/gopay/FragmentGopayPaymentMethod$fetchFreeAdminFeeSetting$1.java
f1/f.java
t6/t0.java
z0/c.java
ca/k.java
k5/t.java
com/bumptech/glide/load/resource/gif/a.java
com/sun/jna/Native.java
f1/l.java
k9/o0.java
oh/c.java
mr/a.java
e6/j.java
t0/i.java
com/julofinance/juloapp/fragment/sphp/digi/DigiActivationFragment$setUICallback$2.java
z5/d.java
p0/l.java
l1/a.java
com/julofinance/juloapp/feature/loan/transaction/history/HistoryTransactionViewModel.java
l6/d0.java
z0/p.java
cf/f.java
w0/c.java
na/e.java
w5/j.java
z0/v.java
s5/a.java
k5/e.java
com/amazonaws/mobileconnectors/s3/transferutility/f.java
w4/c.java
com/julofinance/juloapp/feature/notification/adapter/CustomNotificationAdapter.java
com/julofinance/juloapp/feature/disbursement/skinny/pln/SkinnyPLNViewModel.java
h6/z.java
com/julofinance/juloapp/feature/loan/bcaDebit/login/BCADebitLoginActivity$setUICallback$1.java
yy/a.java
com/wdullaer/materialdatetimepicker/time/RadialPickerLayout.java
com/julofinance/juloapp/feature/longform/feature/SampleFormActivity.java
i8/l.java
t6/l.java
com/julofinance/juloapp/feature/rating/InAppRatingComponent.java
x6/k.java
g5/f.java
g5/d.java
k9/b0.java
l6/i1.java
d9/b.java
e6/b.java
e6/k.java
f1/k.java
com/julofinance/juloapp/services/notificationEvent/NotificationDismissedReceiver.java
r7/u.java
i5/o0.java
d1/b.java
p0/b.java
df/s.java
com/zendesk/belvedere/BelvedereStorage.java
u1/s.java
ut/l.java
t6/u.java
com/zendesk/belvedere/BelvedereDialog.java
f8/f.java
com/julofinance/juloapp/feature/loanAgreement/unclean/privy/PrivySignFragment$setUICallback$2.java
com/julofinance/core/view/util/JuloUncaughtExceptions.java
l6/a0.java
ca/j.java
k9/r0.java
f5/p.java
com/julofinance/juloapp/base/JuloUncaughtException.java
com/readystatesoftware/chuck/a.java
com/philliphsu/bottomsheetpickers/time/grid/GridPickerLayout.java
l6/u.java
l6/r.java
w0/t.java
r7/b.java
mw/f.java
k5/k0.java
i0/a.java
rz/a.java
s0/k.java
j1/j.java
x7/c.java
t5/q.java
i5/j0.java
com/julofinance/feature/account/feature/changeEmail/ChangeEmailActivity.java
com/julofinance/juloapp/feature/disburseqris/feature/scan/QRisActivity.java
z0/l.java
f1/o.java
z/f.java
z0/x.java
f9/b.java
com/julofinance/juloapp/camera/KTPImagePreviewActivity.java
t5/r.java
s0/j.java
n4/a.java
com/bumptech/glide/load/resource/gif/d.java
k5/q0.java
n1/a.java
com/zopim/android/sdk/api/ChatService.java
com/bumptech/glide/load/engine/f.java
com/julofinance/juloapp/feature/home/HomeViewModel$startLoopingGetCreditInfo$1.java
hr/d.java
a7/t3.java
t0/e.java
f5/e.java
m6/s3.java
t5/g.java
dr/a.java
z5/b.java
f1/n.java
w0/s.java
t6/q.java
i5/e0.java
u0/a.java
n0/e.java
mv/g.java
f5/f.java
com/amazonaws/mobileconnectors/s3/transferutility/c.java
g5/b.java
com/zopim/android/sdk/api/WebBinder.java
k9/a.java
com/zendesk/logger/Logger.java
k9/h0.java
k9/b.java
n0/d.java
e6/o3.java
d8/g.java
f7/a.java
com/zendesk/belvedere/BelvedereFileProvider.java
t6/b0.java
com/zopim/android/sdk/data/observers/ViewModelFactory.java
l4/i.java
g1/e.java
com/julofinance/juloapp/feature/booster/unclean/bank/BankFragment$setUICallback$4.java
k9/g0.java
com/philliphsu/bottomsheetpickers/date/DayPickerViewPager.java
jc/m.java
i5/r1.java
com/bumptech/glide/load/engine/g.java
l6/w.java
l6/f2.java
eightbitlab/com/blurview/BlurView.java
w0/f.java
o6/o3.java
g5/n.java
q0/e.java
High
CVSS:5.9
App uses SQLite Database and execute raw SQL query. Untrusted user input in raw SQL queries can cause SQL Injection. Also sensitive information should be encrypted and written to the database.
CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
M7: Client Code Quality
Files:
 a7/e9.java
com/moengage/core/internal/storage/database/b.java
b50/f.java
r4/e0.java
r4/b0.java
i/a.java
r4/h0.java
a7/s9.java
z/g.java
Info
CVSS:0
This App uses SSL certificate pinning to detect or prevent MITM attacks in secure communication channel.
MASVS: MSTG-NETWORK-4
Files:
 te/m1.java
com/julofinance/juloapp/util/deprecated_api/a.java
ps/j.java
cj/a0.java
h50/c.java
er/b.java
High
CVSS:7.5
The App uses an insecure Random Number Generator.
MASVS: MSTG-CRYPTO-6
CWE-330 Use of Insufficiently Random Values
M5: Insufficient Cryptography
Files:
 o10/d.java
m6/h2.java
p6/p0.java
o6/v.java
f20/a.java
o6/f1.java
e6/q.java
e6/y0.java
ta/s.java
l6/q1.java
e20/b.java
p40/e.java
q30/f.java
o6/e2.java
o10/z.java
x9/d.java
t6/r2.java
o10/w.java
n6/j1.java
com/innovatrics/android/dot/face/livenesscheck/liveness/DotPosition.java
m6/a1.java
n6/x1.java
o6/w0.java
com/appsflyer/internal/d.java
t6/z3.java
e20/a.java
q30/b.java
m6/x2.java
p6/w2.java
o10/l.java
t6/h1.java
a7/j9.java
p6/y1.java
p6/p3.java
t6/r4.java
n6/o3.java
n6/v2.java
n6/p1.java
l6/f4.java
t6/z2.java
e6/r2.java
m6/f1.java
g10/r.java
n6/n0.java
k8/b0.java
o10/b0.java
s50/o.java
l6/x4.java
l6/m3.java
m6/a0.java
l6/y2.java
l6/s2.java
o6/x2.java
p6/q1.java
ba/l.java
l6/g3.java
e6/s0.java
High
CVSS:7.4
Files may contain hardcoded sensitive informations like usernames, passwords, keys etc.
MASVS: MSTG-STORAGE-14
CWE-312 Cleartext Storage of Sensitive Information
M9: Reverse Engineering
Files:
 gj/r0.java
com/zopim/android/sdk/store/VisitorInfoPrefsStorage.java
com/appsflyer/CreateOneLinkHttpTask.java
wv/h.java
com/julofinance/juloapp/data/model/JuloUser.java
tj/a.java
com/julofinance/juloapp/model/GopayCashbackTransactionTransfer.java
com/julofinance/juloapp/feature/cashback/unclean/CashbackDisbursementMethodActivity.java
com/julofinance/juloapp/domain/entity/loan/LoanAgreementJ1Response.java
com/julofinance/juloapp/data/model/request/JuloSignupRequest.java
com/julofinance/juloapp/data/model/JuloEmail.java
com/julofinance/juloapp/domain/entity/signup/SignupRequest.java
o0/d.java
com/zopim/android/sdk/api/ChatService.java
com/zopim/android/sdk/store/MachineIdPrefsStorage.java
com/julofinance/juloapp/domain/model/JuloLoanAgreementJ1.java
com/bumptech/glide/load/engine/i.java
com/julofinance/juloapp/data/model/request/JuloLoginRequest.java
nw/h.java
com/julofinance/juloapp/data/model/request/otp/JuloOtpRequest.java
com/julofinance/juloapp/feature/cashback/unclean/CashbackOTPActivity.java
com/julofinance/juloapp/data/model/request/otp/JuloCheckOtpAvailabilityRequest.java
r0/l.java
wj/b.java
k8/d.java
wj/c.java
com/appsflyer/AppsFlyerProperties.java
r0/b.java
com/julofinance/juloapp/feature/pin/check/CheckPINActivity.java
com/julofinance/juloapp/data/model/response/cashback/TransactionDataResponse.java
com/julofinance/juloapp/data/model/JuloConfig.java
gj/q.java
rw/d.java
High
CVSS:7.4
Insecure WebView Implementation. WebView ignores SSL Certificate errors and accept any SSL Certificate. This application is vulnerable to MITM attacks
MASVS: MSTG-NETWORK-3
CWE-295 Improper Certificate Validation
M3: Insecure Communication
Files:
 com/julofinance/juloapp/feature/booster/unclean/bpjs/BPJSFragment$setUICallback$3.java
com/julofinance/juloapp/fragment/sphp/digi/DigiSignFragment$setUICallback$4.java
com/julofinance/juloapp/fragment/sphp/digi/DigiDigitalSphpFragment$setUICallBack$3.java
com/julofinance/juloapp/feature/loan/bcaDebit/login/BCADebitLoginActivity$setUICallback$1.java
com/julofinance/juloapp/fragment/dialog/DigiTutorialDialog$setContentView$1$1.java
com/julofinance/juloapp/feature/loanAgreement/unclean/privy/PrivySignFragment$setUICallback$2.java
com/julofinance/juloapp/fragment/sphp/SphpFragment$setUICallBack$3.java
com/julofinance/juloapp/fragment/sphp/digi/DigiActivationFragment$setUICallback$2.java
com/julofinance/juloapp/fragment/sphp/privy/PrivyDigitalSPHPFragment$setUICallBack$3.java
Low
CVSS:0
This App copies data to clipboard. Sensitive data should not be copied to clipboard as other applications can access it.
MASVS: MSTG-STORAGE-10
Files:
 com/julofinance/juloapp/fragment/loanInstallment/LoanDetailFragment.java
bx/e.java
com/julofinance/feature/account/feature/referral/NewReferralFragment$initUiCallback$2.java
com/julofinance/feature/account/feature/referral/ReferralFragment.java
com/julofinance/juloapp/feature/home/HomeJ1Fragment.java
com/julofinance/juloapp/feature/loan/main/LoanJuloFragment.java
High
CVSS:7.4
MD5 is a weak hash known to have hash collisions.
MASVS: MSTG-CRYPTO-4
CWE-327 Use of a Broken or Risky Cryptographic Algorithm
M5: Insufficient Cryptography
Files:
 a7/j9.java
com/appsflyer/internal/z.java
sx/c.java
Info
CVSS:0
This App may have root detection capabilities.
MASVS: MSTG-RESILIENCE-1
Files:
 r7/n.java
l6/v.java
qz/b.java
i8/g.java
t6/u.java
High
CVSS:7.4
Insecure Implementation of SSL. Trusting all the certificates or accepting self signed certificates is a critical Security Hole. This application is vulnerable to MITM attacks
MASVS: MSTG-NETWORK-3
CWE-295 Improper Certificate Validation
M3: Insecure Communication
Files:
 com/adroitinfosol/adroithttplibrary/b.java
High
CVSS:5.9
SHA-1 is a weak hash known to have hash collisions.
MASVS: MSTG-CRYPTO-4
CWE-327 Use of a Broken or Risky Cryptographic Algorithm
M5: Insufficient Cryptography
Files:
 gb/g.java
bx/e.java
com/appsflyer/internal/z.java
f9/b.java
Low
CVSS:3.9
App can write to App Directory. Sensitive Information should be encrypted.
MASVS: MSTG-STORAGE-14
CWE-276 Incorrect Default Permissions
Files:
 we/b.java
ev/a.java
we/d.java
lu/a.java
xw/a.java
ic/i.java
Medium
CVSS:4.3
IP Address disclosure
MASVS: MSTG-CODE-2
CWE-200 Information Exposure
Files:
 com/zendesk/belvedere/BuildConfig.java
Medium
CVSS:8.8
Insecure WebView Implementation. Execution of user controlled code in WebView is a critical Security Hole.
MASVS: MSTG-PLATFORM-7
CWE-749 Exposed Dangerous Method or Function
M1: Improper Platform Usage
Files:
 com/julofinance/juloapp/fragment/sphp/digi/DigiActivationFragment.java
com/julofinance/juloapp/fragment/sphp/digi/DigiSignFragment.java
com/zopim/android/sdk/api/WebBinder.java
High
CVSS:5.5
App creates temp file. Sensitive information should never be written into a temp file.
MASVS: MSTG-STORAGE-2
CWE-276 Incorrect Default Permissions
M2: Insecure Data Storage
Files:
 dv/a.java
f9/c.java
com/sun/jna/Native.java
High
CVSS:5.5
App can read/write to External Storage. Any App can read data written to External Storage.
MASVS: MSTG-STORAGE-2
CWE-276 Incorrect Default Permissions
M2: Insecure Data Storage
Files:
 oz/e.java
Pygal Germany: 200 Indonesia: 1000 Russian Federation: 300 United States: 3300

Map computed by Pithus.

Network analysis

Information computed with MobSF.

High Domain config is insecurely configured to permit clear text traffic to these domains in scope.
Scope: ['apiary-mock.com']

Domains analysis

Information computed with MobSF.

US tools.android.com 142.250.181.243
ID julo-assets-staging.oss-ap-southeast-5.aliyuncs.com 149.129.200.34
US www.youtube.com 142.250.74.206
US icons-for-free.com 104.21.88.204
US google.com 142.250.185.110
US julo-finance.firebaseio.com 35.201.97.85
ID blog.julo.co.id 149.129.219.162
US 1a359aa3-11d4-44fb-8e0d-5aa397eb5364.mock.pstmn.io 54.159.130.23
ID julo.co.id 149.129.219.162
DE private-bebec-juloppob.apiary-mock.com 2.16.186.195
US console.firebase.google.com 142.250.186.46
ID julofiles-staging.oss-ap-southeast-5.aliyuncs.com 149.129.200.34
DE private-18a9af-juloone.apiary-mock.com 2.16.186.162
US public-trace-http-intake.logs.datadoghq.com 3.233.147.191
US pagead2.googlesyndication.com 142.250.185.194
RU privy.julo.co.id 79.133.177.225
reports.crashlytics.com
US www.google.com 142.250.185.228
US accounts.google.com 216.58.212.173
ID julostatics.oss-ap-southeast-5.aliyuncs.com 149.129.200.69
ID prod-cluster.julo.co.id 149.129.193.20
ID api.julo.co.id 147.139.198.141
US go.onelink.me 65.9.58.121
US mobile-http-intake.logs.datadoghq.com 3.233.147.176
ID ana-prod.julo.co.id 147.139.198.141
US update.crashlytics.com 142.250.186.131
RU view.julo.co.id 79.133.177.232
US openmp.llvm.org 54.67.122.174
US xml.apache.org 151.101.2.132
US dashboard.zopim.com 104.16.104.139
schemas.android.com
US www.googleadservices.com 142.250.186.162
US firebase.google.com 142.250.185.78
US bugs.llvm.org 54.67.122.174
US firebase-settings.crashlytics.com 142.250.185.131
US www.example.com 93.184.216.34
US app-measurement.com 142.250.74.206
US www.w3.org 128.30.52.100
US mikepenz.com 104.21.27.65
US rum-http-intake.logs.datadoghq.com 3.233.149.203
US play.google.com 142.250.185.78
ID julo-assets-uat.oss-ap-southeast-5.aliyuncs.com 149.129.200.38
RU app.julo.co.id 79.133.177.226
US plus.google.com 142.250.186.174
US www.julofinance.com 160.153.92.37
US img.youtube.com 142.250.186.110
US goo.gl 142.250.185.238
US github.com 140.82.121.4
ID www.julo.co.id 149.129.192.8
US developer.android.com 142.250.184.238

URL analysis

Information computed with MobSF.

https://github.com/ReactiveX/RxJava/wiki/What's-different-in-2.0#error-handling
Defined in io/reactivex/exceptions/UndeliverableException.java
https://github.com/ReactiveX/RxJava/wiki/Error-Handling
Defined in io/reactivex/exceptions/OnErrorNotImplementedException.java
www.google.com
https://www.google.com
https://www.googleadservices.com/pagead/conversion/app/deeplink?id_type=adid&sdk_version=%s&rdid=%s&bundleid=%s&retry=%s
https://goo.gl/NAOOOI.
https://goo.gl/NAOOOI
Defined in a7/j9.java
www.google.com
https://www.google.com
https://www.googleadservices.com/pagead/conversion/app/deeplink?id_type=adid&sdk_version=%s&rdid=%s&bundleid=%s&retry=%s
https://goo.gl/NAOOOI.
https://goo.gl/NAOOOI
Defined in a7/j9.java
www.google.com
https://www.google.com
https://www.googleadservices.com/pagead/conversion/app/deeplink?id_type=adid&sdk_version=%s&rdid=%s&bundleid=%s&retry=%s
https://goo.gl/NAOOOI.
https://goo.gl/NAOOOI
Defined in a7/j9.java
www.google.com
https://www.google.com
https://www.googleadservices.com/pagead/conversion/app/deeplink?id_type=adid&sdk_version=%s&rdid=%s&bundleid=%s&retry=%s
https://goo.gl/NAOOOI.
https://goo.gl/NAOOOI
Defined in a7/j9.java
https://firebase.google.com/support/guides/disable-analytics
Defined in a7/p3.java
https://google.com/search?
Defined in a7/s6.java
https://app-measurement.com/a
Defined in a7/q.java
https://www.example.com
Defined in q1/b.java
https://julo-assets-uat.oss-ap-southeast-5.aliyuncs.com/info-card/rectangle_1489.png
https://julo-assets-staging.oss-ap-southeast-5.aliyuncs.com/info-card/designs_real.png
Defined in el/j.java
https://julo-assets-uat.oss-ap-southeast-5.aliyuncs.com/info-card/rectangle_1489.png
https://julo-assets-staging.oss-ap-southeast-5.aliyuncs.com/info-card/designs_real.png
Defined in el/j.java
https://julofiles-staging.oss-ap-southeast-5.aliyuncs.com/static_test/tarik_dana.png
https://julofiles-staging.oss-ap-southeast-5.aliyuncs.com/static_test/kirim_dana.png
https://julofiles-staging.oss-ap-southeast-5.aliyuncs.com/static_test/pulsa_data.png
https://julofiles-staging.oss-ap-southeast-5.aliyuncs.com/static_test/listrik_pln.png
Defined in el/i.java
https://julofiles-staging.oss-ap-southeast-5.aliyuncs.com/static_test/tarik_dana.png
https://julofiles-staging.oss-ap-southeast-5.aliyuncs.com/static_test/kirim_dana.png
https://julofiles-staging.oss-ap-southeast-5.aliyuncs.com/static_test/pulsa_data.png
https://julofiles-staging.oss-ap-southeast-5.aliyuncs.com/static_test/listrik_pln.png
Defined in el/i.java
https://julofiles-staging.oss-ap-southeast-5.aliyuncs.com/static_test/tarik_dana.png
https://julofiles-staging.oss-ap-southeast-5.aliyuncs.com/static_test/kirim_dana.png
https://julofiles-staging.oss-ap-southeast-5.aliyuncs.com/static_test/pulsa_data.png
https://julofiles-staging.oss-ap-southeast-5.aliyuncs.com/static_test/listrik_pln.png
Defined in el/i.java
https://julofiles-staging.oss-ap-southeast-5.aliyuncs.com/static_test/tarik_dana.png
https://julofiles-staging.oss-ap-southeast-5.aliyuncs.com/static_test/kirim_dana.png
https://julofiles-staging.oss-ap-southeast-5.aliyuncs.com/static_test/pulsa_data.png
https://julofiles-staging.oss-ap-southeast-5.aliyuncs.com/static_test/listrik_pln.png
Defined in el/i.java
http://www.w3.org/2000/svg
Defined in ns/c.java
https://github.com/mikepenz/FastAdapter/blob/develop/library-core/src/main/java/com/mikepenz/fastadapter/items/AbstractItem.java#L189)
Defined in mv/g.java
https://pagead2.googlesyndication.com/pagead/gen_204?id=gmob-apps
Defined in w4/b.java
https://developer.android.com/reference/com/google/android/play/core/install/model/InstallErrorCode#
Defined in q7/a.java
https://www.youtube.com
Defined in uy/a.java
http://tools.android.com/tech-docs/new-build-system/user-guide/manifest-merger
Defined in com/zendesk/belvedere/BelvedereStorage.java
http://schemas.android.com/apk/res/android
Defined in com/alimuzaffar/lib/pin/PinEntryEditText.java
https://play.google.com/store/apps/details?id=
Defined in com/julofinance/juloapp/activity/CorruptInstallActivity.java
https://www.julo.co.id/syarat.html
Defined in com/julofinance/juloapp/fragment/BaseFragment.java
https://julostatics.oss-ap-southeast-5.aliyuncs.com/loan_success/index.html
Defined in com/julofinance/juloapp/fragment/BFILoanSuccessfulFragment.java
https://play.google.com/store/apps/details?id=com.android.chrome
Defined in com/julofinance/juloapp/fragment/register/FormRegisterReviewFragment.java
http://www.julofinance.com/android/goto/
http://www.julofinance.com/android/goto/regen_evoucher
http://www.julofinance.com/android/goto/bank_account_verification
http://www.julofinance.com/android/goto/agreement
http://www.julofinance.com/android/goto/activate_evoucher
Defined in com/julofinance/juloapp/fragment/home/HomeFragment.java
http://www.julofinance.com/android/goto/
http://www.julofinance.com/android/goto/regen_evoucher
http://www.julofinance.com/android/goto/bank_account_verification
http://www.julofinance.com/android/goto/agreement
http://www.julofinance.com/android/goto/activate_evoucher
Defined in com/julofinance/juloapp/fragment/home/HomeFragment.java
http://www.julofinance.com/android/goto/
http://www.julofinance.com/android/goto/regen_evoucher
http://www.julofinance.com/android/goto/bank_account_verification
http://www.julofinance.com/android/goto/agreement
http://www.julofinance.com/android/goto/activate_evoucher
Defined in com/julofinance/juloapp/fragment/home/HomeFragment.java
http://www.julofinance.com/android/goto/
http://www.julofinance.com/android/goto/regen_evoucher
http://www.julofinance.com/android/goto/bank_account_verification
http://www.julofinance.com/android/goto/agreement
http://www.julofinance.com/android/goto/activate_evoucher
Defined in com