安全分析报告:
安全分数
安全分数 41/100
风险评级
等级
- A
- B
- C
- F
严重性分布 (%)
隐私风险
15
用户/设备跟踪器
调研结果
高危
8
中危
22
信息
2
安全
2
关注
2
高危 域配置不安全地配置为允许明文流量到达范围内的这些域。
Scope: 127.0.0.1
高危 该文件是World Writable。任何应用程序都可以写入文件
该文件是World Writable。任何应用程序都可以写入文件 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#testing-local-storage-for-sensitive-data-mstg-storage-1-and-mstg-storage-2 Files: com/ironsource/mediationsdk/utils/IronSourceUtils.java, line(s) 484
高危 应用程序在加密算法中使用ECB模式。ECB模式是已知的弱模式,因为它对相同的明文块[UNK]产生相同的密文
应用程序在加密算法中使用ECB模式。ECB模式是已知的弱模式,因为它对相同的明文块[UNK]产生相同的密文 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#weak-block-cipher-mode Files: com/inmobi/media/ih.java, line(s) 42,55
高危 已启用远程WebView调试
已启用远程WebView调试 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04c-Tampering-and-Reverse-Engineering.md#debugging-and-tracing Files: com/safedk/android/internal/SafeDKWebAppInterface.java, line(s) 201,8
高危 如果一个应用程序使用WebView.loadDataWithBaseURL方法来加载一个网页到WebView,那么这个应用程序可能会遭受跨站脚本攻击
如果一个应用程序使用WebView.loadDataWithBaseURL方法来加载一个网页到WebView,那么这个应用程序可能会遭受跨站脚本攻击 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05h-Testing-Platform-Interaction.md#static-analysis-7 Files: bolts/WebViewAppLinkResolver.java, line(s) 137,8,9 com/helpshift/chat/HSChatFragment.java, line(s) 149,16 com/helpshift/faq/HSHelpcenterFragment.java, line(s) 130,8 com/safedk/android/internal/partials/AdMobNetworkBridge.java, line(s) 93,3,4 com/safedk/android/internal/partials/AppLovinNetworkBridge.java, line(s) 92,3,4 com/safedk/android/internal/partials/InMobiNetworkBridge.java, line(s) 104,3 com/safedk/android/internal/partials/UnityAdsNetworkBridge.java, line(s) 30,3,4 com/safedk/android/internal/partials/UnityCoreNetworkBridge.java, line(s) 91,3
高危 启用了调试配置。生产版本不能是可调试的
启用了调试配置。生产版本不能是可调试的 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04c-Tampering-and-Reverse-Engineering.md#debugging-and-tracing Files: com/unity/purchasing/BuildConfig.java, line(s) 3,5
高危 应用程序使用带PKCS5/PKCS7填充的加密模式CBC。此配置容易受到填充oracle攻击。
应用程序使用带PKCS5/PKCS7填充的加密模式CBC。此配置容易受到填充oracle攻击。 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: com/ironsource/mediationsdk/utils/IronSourceAES.java, line(s) 70,136
高危 应用程序包含隐私跟踪程序
此应用程序有多个15隐私跟踪程序。跟踪器可以跟踪设备或用户,是终端用户的隐私问题。
中危 基本配置配置为信任系统证书。
Scope: *
中危 应用程序数据存在被泄露的风险
未设置[android:allowBackup]标志 这个标志 [android:allowBackup]应该设置为false。默认情况下它被设置为true,允许任何人通过adb备份你的应用程序数据。它允许已经启用了USB调试的用户从设备上复制应用程序数据。
中危 Activity (com.facebook.unity.FBUnityAppLinkActivity) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Activity (com.facebook.unity.FBUnityDeepLinkingActivity) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Content Provider (com.facebook.FacebookContentProvider) 未被保护。
[android:exported=true] 发现 Content Provider与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Activity (com.facebook.CustomTabActivity) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Activity (com.google.firebase.auth.internal.GenericIdpActivity) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Activity (com.google.firebase.auth.internal.RecaptchaActivity) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Broadcast Receiver (com.google.firebase.iid.FirebaseInstanceIdReceiver) 受权限保护, 但是应该检查权限的保护级别。
Permission: com.google.android.c2dm.permission.SEND [android:exported=true] 发现一个 Broadcast Receiver被共享给了设备上的其他应用程序,因此让它可以被设备上的任何其他应用程序访问。它受到一个在分析的应用程序中没有定义的权限的保护。因此,应该在定义它的地方检查权限的保护级别。如果它被设置为普通或危险,一个恶意应用程序可以请求并获得这个权限,并与该组件交互。如果它被设置为签名,只有使用相同证书签名的应用程序才能获得这个权限。
中危 Service (androidx.work.impl.background.systemjob.SystemJobService) 受权限保护, 但是应该检查权限的保护级别。
Permission: android.permission.BIND_JOB_SERVICE [android:exported=true] 发现一个 Service被共享给了设备上的其他应用程序,因此让它可以被设备上的任何其他应用程序访问。它受到一个在分析的应用程序中没有定义的权限的保护。因此,应该在定义它的地方检查权限的保护级别。如果它被设置为普通或危险,一个恶意应用程序可以请求并获得这个权限,并与该组件交互。如果它被设置为签名,只有使用相同证书签名的应用程序才能获得这个权限。
中危 Broadcast Receiver (androidx.work.impl.diagnostics.DiagnosticsReceiver) 受权限保护, 但是应该检查权限的保护级别。
Permission: android.permission.DUMP [android:exported=true] 发现一个 Broadcast Receiver被共享给了设备上的其他应用程序,因此让它可以被设备上的任何其他应用程序访问。它受到一个在分析的应用程序中没有定义的权限的保护。因此,应该在定义它的地方检查权限的保护级别。如果它被设置为普通或危险,一个恶意应用程序可以请求并获得这个权限,并与该组件交互。如果它被设置为签名,只有使用相同证书签名的应用程序才能获得这个权限。
中危 文件可能包含硬编码的敏感信息,如用户名、密码、密钥等
文件可能包含硬编码的敏感信息,如用户名、密码、密钥等 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#checking-memory-for-sensitive-data-mstg-storage-10 Files: bolts/MeasurementEvent.java, line(s) 21,22 com/applovin/impl/sdk/n.java, line(s) 1621 com/applovin/mediation/ads/MaxAdView.java, line(s) 191,186 com/applovin/mediation/ads/MaxAppOpenAd.java, line(s) 88 com/applovin/mediation/ads/MaxInterstitialAd.java, line(s) 129,124 com/applovin/mediation/ads/MaxRewardedAd.java, line(s) 120,115 com/applovin/mediation/ads/MaxRewardedInterstitialAd.java, line(s) 123,118 com/applovin/mediation/nativeAds/MaxNativeAdLoader.java, line(s) 111,106 com/applovin/sdk/AppLovinSdk.java, line(s) 234 com/applovin/sdk/AppLovinSdkSettings.java, line(s) 197 com/applovin/sdk/AppLovinWebViewActivity.java, line(s) 32 com/helpshift/migrator/MigrationLogger.java, line(s) 10 com/helpshift/migrator/MigratorSharedPrefConstants.java, line(s) 6,10 com/helpshift/migrator/NativeToSdkxMigrator.java, line(s) 57,61,59,58,60 com/helpshift/util/ConfigValues.java, line(s) 11,14,23,24 com/inmobi/commons/core/configs/AdConfig.java, line(s) 93 com/inmobi/media/be.java, line(s) 17 com/ironsource/adapters/ironsource/IronSourceAdapter.java, line(s) 84,49,48,727,268 com/ironsource/adapters/supersonicads/SupersonicAdsAdapter.java, line(s) 89,271,755 com/ironsource/adapters/supersonicads/SupersonicConfig.java, line(s) 23 com/ironsource/mediationsdk/C1065d.java, line(s) 221,336 com/ironsource/mediationsdk/CachedResponse.java, line(s) 37 com/ironsource/mediationsdk/InitConfig.java, line(s) 43 com/ironsource/mediationsdk/L.java, line(s) 1921,1904 com/ironsource/mediationsdk/server/ServerURL.java, line(s) 25,50 com/ironsource/mediationsdk/utils/IronSourceConstants.java, line(s) 91,102 com/safedk/android/analytics/brandsafety/BannerFinder.java, line(s) 307,541,206,214,240,248,256,263,270 com/safedk/android/analytics/brandsafety/FullScreenActivitiesCollection.java, line(s) 69 com/safedk/android/analytics/brandsafety/NativeFinder.java, line(s) 297,121,129,137,144,151,94,102 com/safedk/android/analytics/brandsafety/creatives/discoveries/c.java, line(s) 933 com/safedk/android/analytics/brandsafety/k.java, line(s) 215 com/safedk/android/internal/d.java, line(s) 384,582,603 com/safedk/android/utils/PersistentConcurrentHashMap.java, line(s) 222,213,232 com/unity/androidnotifications/UnityNotificationManager.java, line(s) 53,55 com/unity/androidnotifications/UnityNotificationUtilities.java, line(s) 30,29 com/unity3d/ads/metadata/InAppPurchaseMetaData.java, line(s) 14 com/unity3d/services/ads/gmascar/utils/ScarConstants.java, line(s) 4,5,6,8,9 com/unity3d/services/core/configuration/ExperimentObject.java, line(s) 7,8 com/unity3d/services/core/device/reader/DeviceInfoReaderFilterProvider.java, line(s) 11,12 com/unity3d/services/core/device/reader/JsonStorageKeyNames.java, line(s) 4,6,7,9,10,11,8,12,5,13,14,15 com/unity3d/services/core/properties/SdkProperties.java, line(s) 27 com/vungle/warren/log/LogManager.java, line(s) 24,25,26,27 com/vungle/warren/log/LogSender.java, line(s) 22,23 com/vungle/warren/model/Cookie.java, line(s) 21,22 io/grpc/internal/DnsNameResolver.java, line(s) 75,73,74,76 io/grpc/internal/TransportFrameUtil.java, line(s) 33
中危 应用程序使用SQLite数据库并执行原始SQL查询。原始SQL查询中不受信任的用户输入可能会导致SQL注入。敏感信息也应加密并写入数据库
应用程序使用SQLite数据库并执行原始SQL查询。原始SQL查询中不受信任的用户输入可能会导致SQL注入。敏感信息也应加密并写入数据库 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04h-Testing-Code-Quality.md#injection-flaws-mstg-arch-2-and-mstg-platform-2 Files: com/inmobi/media/hj.java, line(s) 5,117 com/ironsource/b/a.java, line(s) 6,7,165 com/ironsource/environment/f.java, line(s) 6,7,25 com/vungle/warren/persistence/DatabaseHelper.java, line(s) 9,10,80 com/vungle/warren/persistence/Repository.java, line(s) 7,966
中危 应用程序可以读取/写入外部存储器,任何应用程序都可以读取写入外部存储器的数据
应用程序可以读取/写入外部存储器,任何应用程序都可以读取写入外部存储器的数据 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#external-storage Files: com/inmobi/media/ir.java, line(s) 251,260,318,327 com/ironsource/environment/h.java, line(s) 513,323 com/ironsource/mediationsdk/utils/h.java, line(s) 229,351 com/ironsource/sdk/utils/SDKUtils.java, line(s) 285 com/safedk/android/utils/b.java, line(s) 169 com/unity3d/services/core/cache/CacheDirectory.java, line(s) 33 com/vungle/warren/VungleApiClient.java, line(s) 748 com/vungle/warren/persistence/CacheManager.java, line(s) 53,55 com/vungle/warren/persistence/Repository.java, line(s) 989,990 com/vungle/warren/utility/platform/AndroidPlatform.java, line(s) 88
中危 SHA-1是已知存在哈希冲突的弱哈希
SHA-1是已知存在哈希冲突的弱哈希 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: com/applovin/impl/sdk/utils/StringUtils.java, line(s) 167 com/applovin/impl/sdk/utils/p.java, line(s) 372 com/appsflyer/internal/ag.java, line(s) 32,52 com/ironsource/sdk/utils/SDKUtils.java, line(s) 82 com/unity3d/services/core/device/Device.java, line(s) 488
中危 MD5是已知存在哈希冲突的弱哈希
MD5是已知存在哈希冲突的弱哈希 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: com/ironsource/mediationsdk/utils/IronSourceUtils.java, line(s) 385 com/ironsource/sdk/controller/t.java, line(s) 24 com/ironsource/sdk/utils/SDKUtils.java, line(s) 206 com/safedk/android/analytics/a.java, line(s) 59 com/safedk/android/analytics/brandsafety/BrandSafetyUtils.java, line(s) 493,1202
中危 应用程序使用不安全的随机数生成器
应用程序使用不安全的随机数生成器 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#weak-random-number-generators Files: com/applovin/exoplayer2/h/z.java, line(s) 4 com/applovin/impl/b/m.java, line(s) 18 com/appsflyer/internal/e.java, line(s) 16 com/helpshift/unityproxy/utils/IntentProvider.java, line(s) 9 com/inmobi/media/ay.java, line(s) 10 com/inmobi/media/bm.java, line(s) 5 com/ironsource/mediationsdk/utils/e.java, line(s) 14 com/ironsource/mediationsdk/utils/g.java, line(s) 6 com/lite/apks/up.java, line(s) 36 com/safedk/android/analytics/brandsafety/BrandSafetyUtils.java, line(s) 49 com/unity/androidnotifications/UnityNotificationManager.java, line(s) 36 com/unity3d/services/core/request/metrics/SDKMetrics.java, line(s) 9 io/grpc/internal/DnsNameResolver.java, line(s) 34 io/grpc/internal/ExponentialBackoffPolicy.java, line(s) 5 io/grpc/internal/RetriableStream.java, line(s) 24 io/grpc/okhttp/OkHttpClientTransport.java, line(s) 76 io/grpc/util/OutlierDetectionLoadBalancer.java, line(s) 27 io/grpc/util/RoundRobinLoadBalancer.java, line(s) 22
中危 IP地址泄露
IP地址泄露 Files: com/applovin/mediation/adapters/FacebookMediationAdapter.java, line(s) 85 com/applovin/mediation/adapters/GoogleMediationAdapter.java, line(s) 100 com/applovin/mediation/adapters/InMobiMediationAdapter.java, line(s) 74 com/applovin/mediation/adapters/IronSourceMediationAdapter.java, line(s) 79 com/applovin/mediation/adapters/NimbusMediationAdapter.java, line(s) 32 com/applovin/mediation/adapters/UnityAdsMediationAdapter.java, line(s) 47 com/applovin/mediation/adapters/VungleMediationAdapter.java, line(s) 65 io/grpc/okhttp/OkHttpClientTransport.java, line(s) 226 io/grpc/okhttp/OkHttpServerTransport.java, line(s) 571,586,592,677
中危 不安全的Web视图实现。可能存在WebView任意代码执行漏洞
不安全的Web视图实现。可能存在WebView任意代码执行漏洞 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05h-Testing-Platform-Interaction.md#testing-javascript-execution-in-webviews-mstg-platform-5 Files: bolts/WebViewAppLinkResolver.java, line(s) 127,92 com/inmobi/media/q.java, line(s) 1178,1173 com/unity3d/services/ads/webplayer/WebPlayerView.java, line(s) 109,93 com/unity3d/services/core/webview/WebView.java, line(s) 110,83
中危 可能存在跨域漏洞。在 WebView 中启用从 URL 访问文件可能会泄漏文件系统中的敏感信息
可能存在跨域漏洞。在 WebView 中启用从 URL 访问文件可能会泄漏文件系统中的敏感信息 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05h-Testing-Platform-Interaction.md#static-analysis-6 Files: com/helpshift/views/HSWebView.java, line(s) 69,61 com/ironsource/sdk/utils/d.java, line(s) 33,35 com/unity3d/services/core/webview/WebView.java, line(s) 57,83 com/vungle/warren/ui/view/WebSettingsUtils.java, line(s) 14,10
中危 Firebase远程配置已启用
Firebase 远程配置在 https://firebaseremoteconfig.googleapis.com/v1/projects/686239729981/namespaces/firebase:fetch?key=AIzaSyAZW4fNcXHz4HHt0yMsNSpE6NxDIdcnZfI 已启用。请确保这些配置不包含敏感信息。响应内容如下所示:
{'entries': {'banners': '{"banners":[{"img":"banner_ValentinesDay","start":1676307600,"end":1676591999,"anchor":"store"},{"img":"1689093139991_litgingamebannertiktokdropshadowresize","url":"https://www.tiktok.com/@loveislandgameofficial"},{"img":"banner_Facebook","url":"https://www.facebook.com/LoveIslandGame"},{"img":"banner_Instagram","url":"https://www.instagram.com/loveisland_game"}]}', 'bannersDev': '{"banners":[{"img":"banner_ValentinesDay","start":1676307600,"end":1676591999,"anchor":"store"},{"img":"1726055986028_s9_survey_banner","url":"forms.gle/99dubZWQ37GYzVzc7"},{"img":"1692709712847_stickortwistlowercase_rounded","start":1692781200},{"img":"1689093139991_litgingamebannertiktokdropshadowresize","url":"https://www.tiktok.com/@loveislandgameofficial"},{"img":"banner_Facebook","url":"https://www.facebook.com/LoveIslandGame"},{"img":"banner_Instagram","url":"https://www.instagram.com/loveisland_game"}]}', 'closet': '{"loveisland_4":{"closetPrices":{"swimwear.10":15,"swimwear.11":23,"swimwear.12":15,"swimwear.13":15,"swimwear.14":15,"swimwear.15":38,"swimwear.16":15,"swimwear.17":23,"partywear.14":23,"partywear.15":15,"partywear.16":15,"partywear.17":15,"partywear.18":23,"partywear.19":23,"partywear.20":15,"partywear.21":30,"hair.11":15,"hair.17":15,"hair.18":23,".hotdog":23,".easterskin":23,".egg":23,"necklace.10":15,"earrings.8":5,"shoes.11":23,"shoes.12":23,"shoes.13":23,"partywear.9":23,"partywear.10":15,"partywear.11":23,"partywear.12":15,"partywear.13":15,"necklace.4":15,"necklace.6":15,"necklace.8":15,"necklace.9":15,"earrings.6":15,"earrings.7":15,"piercing.1":5,"piercing.2":5,"piercing.3":5,"piercing.4":5,"piercing.5":5,"piercing.6":5,"tattooarm.2":5,"tattooarm.3":5,"tattooarm.4":15,"tattooarm.5":15,"tattoolegs.2":5,"tattoolegs.3":5,"tattoolegs.4":15,"tattoolegs.5":15,"tattootorso.2":5,"tattootorso.3":5,"tattootorso.4":15,"tattootorso.5":15,"hair.5":15,"hair.6":15,"hair.9":15,"hair.10":15,"hair.12":15,"hair.16":15,"hair.1_extra":15,"hair.2_extra":23,"hair.4_extra":15,"hair.6_extra":23,"hair.7_extra":23,"daywear.2":15,"daywear.3":23,"daywear.4":15,"daywear.5":23,"daywear.6":23,"daywear.7":15,"daywear.8":23,"daywear.9":23,"partywear.1":23,"partywear.2":15,"partywear.3":15,"partywear.6":15,"partywear.7":23,"partywear.8":23,"swimwear.1":23,"swimwear.2":23,"swimwear.3":23,"swimwear.4":15,"swimwear.5":15,"swimwear.6":15,"swimwear.7":23,"swimwear.8":23,"sleep.2":15,"sleep.3":15,"sleep.4":15,"sleep.5":15,"finale.1":23,"finale.2":15,"promwear.1":15,"promwear.2":23,"heartrate.1":15,"heartrate.2":23,"hotdogoutfit":23,"blindfold":23,"earrings.2":23,"earrings.3":23,"earrings.4":23,"necklace.2":23,"necklace.3":23,"shoes.4":23,"shoes.5":23,"shoes.6":23,"shoes.7":23,"shoes.8":23,"shoes.9":23,"shoes.10":23}},"loveisland_5":{"closetPrices":{"piercing.1":5,"piercing.2":5,"piercing.3":5,"piercing.4":5,"piercing.5":15,"tattooarm.2":5,"tattooarm.3":5,"tattooarm.4":15,"tattooarm.5":15,"tattooarm.6":15,"tattooarm.7":23,"tattooarm.8":15,"tattoolegs.2":15,"tattoolegs.3":15,"tattoolegs.4":5,"tattoolegs.5":23,"tattootorso.3":15,"tattootorso.4":5,"hair.3":15,"hair.7":15,"hair.8":15,"hair.10":15,"hair.19":23,"hair.20":23,"hair.21_extra":30,"hair.22":23,"hair.22_extra":30,"hair.16":23,"hair.17":23,"hair.18":23,"partywear.2":15,"partywear.3":15,"partywear.4":15,"partywear.5":20,"partywear.6":20,"partywear.7":15,"partywear.8":20,"partywear.9":30,"partywear.10":20,"partywear.11":23,"partywear.12":50,"partywear.13":60,"partywear.14":70,"partywear.15":30,"partywear.16":30,"partywear.25":23,"partywear.17":23,"daywear.2":15,"daywear.3":15,"daywear.4":15,"daywear.5":15,"daywear.6":15,"daywear.7":15,"daywear.8":15,"daywear.9":23,"daywear.10":10,"daywear.11":15,"daywear.12":15,"daywear.13":15,"daywear.14":30,"daywear.15":20,"daywear.16":20,"daywear.17":30,"daywear.18":20,"daywear.19":30,"daywear.20":23,"daywear.21":23,"daywear.22":23,"daywear.23":15,"daywear.24":23,"daywear.25":30,"daywear.26":23,"daywear.27":30,"daywear.28":30,"daywear.29":30,"sleep.2":15,"sleep.3":15,"sleep.4":15,"sleep.5":15,"sleep.6":15,"sleep.7":15,"sleep.8":20,"sleep.9":15,"sleep.10":15,"sleep.11":20,"sleep.12":23,"sleep.13":15,"sleep.16":23,"sleep.17":30,"sleep.18":15,"sleep.19":23,"sleep.20":23,"sleep.22":23,"eveningwear.2":15,"eveningwear.3":15,"eveningwear.4":15,"eveningwear.5":15,"eveningwear.6":15,"eveningwear.7":15,"eveningwear.8":23,"eveningwear.9":30,"eveningwear.10":30,"eveningwear.11":10,"eveningwear.12":10,"eveningwear.13":23,"eveningwear.14":40,"eveningwear.15":30,"eveningwear.16":30,"earrings.3":15,"earrings.4":15,"earrings.5":23,"earrings.6":15,"earrings.7":23,"earrings.8":15,"necklace.3":15,"necklace.4":23,"necklace.5":15,"necklace.6":15,"necklace.7":23,"necklace.8":23,"necklace.9":15,"necklace.10":23,"shoes.3":23,"shoes.4":23,"shoes.5":23,"shoes.6":23,"shoes.7":23,"shoes.8":23,"shoes.9":23,"shoes.10":23,"shoes.11":23,"shoes.12":23,"shoes.13":23,"shoes.14":23,"shoes.15":23,"shoes.16":30,"shoes.17":23,"shoes.18":23,"shoes.19":23,"shoes.20":30,"shoes.21":30,"shoes.22":23,"shoes.23":30,"shoes.24":23,"shoes.25":23,"shoes.26":30,"lipstick.14":15,"lipstick.15":15,"heartrate.2":15,"sleep.14":30,"sleep.15":30,"hair.23":20,"hair.24":25,"hair.25":20,"hair.26":20,"hair.27":30,"hair.28":15,"hair.29":15,"hair.29_extra":30,"hair.31":23,"hair.32":23,"hair.33":23,"hair.34":15,"lipstick.16":50,"heartrate2.2":23,"heartrate2.3":23,"heartrate2.4":23,"heartrate2.5":23,"finale.2":30,"finale.3":30,"finale.4":30,"finale.5":30,"finale.6":23,"finale.7":23}}}', 'closetDev': '{}', 'config': '{"version":"1.0.0","tag":"LITG2-PROD","Lives":{"fillingCost":1200,"maxLives":2,"minutesToRecover":120},"Misc":{"defaultBook":"loveisland_8","restartVolumeCost":1,"rateUsLevelAppear":17,"rateUsLevelAppear2":60,"minutesBetweenInboxFetch":60,"shareAppLink":"http://share.fuseboxgames.com/share/litg/index.html"},"Narrative":{"gemsPremiumChoiceC":29,"gemsPremiumChoice":17,"gemsPremiumChoiceE":10,"askBeforeConsumeGems":false},"Ads":{"enabled":true}}', 'configDev': '{"version":"1.0.0","tag":"LITG2-DEV","Lives":{"fillingCost":1200,"maxLives":2,"minutesToRecover":30},"Misc":{"defaultBook":"loveisland_8","restartVolumeCost":1,"rateUsLevelAppear":17,"rateUsLevelAppear2":60,"minutesBetweenInboxFetch":60,"shareAppLink":"http://share.fuseboxgames.com/share/litg/index.html"},"Narrative":{"gemsPremiumChoiceC":29,"gemsPremiumChoice":17,"gemsPremiumChoiceE":10,"askBeforeConsumeGems":false},"Ads":{"enabled":true}}', 'dailyPrizes': '{"enabled":true,"days":[[{"key":"gems","quantity":2}],[{"key":"gems","quantity":2}],[{"key":"lives","quantity":1}],[{"key":"gems","quantity":2}],[{"key":"lives","quantity":1}],[{"key":"gems","quantity":2}],[{"key":"lives","quantity":1},{"key":"gems","quantity":6}]]}', 'dailyPrizesDev': '{"enabled":true,"creationTS":0,"lastClaimTS":0,"daysClaimed":0,"days":[[{"key":"gems","quantity":2}],[{"key":"gems","quantity":2}],[{"key":"lives","quantity":1}],[{"key":"gems","quantity":2}],[{"key":"lives","quantity":1}],[{"key":"gems","quantity":2}],[{"key":"lives","quantity":1},{"key":"gems","quantity":6}]]}', 'endEpisodeAd': '{"enabled":true,"adNumber":1}', 'endEpisodeAdDev': '{"enabled":true,"adNumber":0}', 'homeRewardedAd': '{"enabled":false}', 'homeRewardedAdDev': '{"itemInShop":true,"profiles":[{"id":"profile1","condition":"{time_since_install <= 86400} and {time_last_purchase >= 1555200}","cooldown":900,"maxPerDay":4,"gems":[1,1,2]},{"id":"profile2","condition":"{time_since_install > 86400} and {time_since_install <= 345600} and {time_last_purchase >= 1555200}","cooldown":1500,"maxPerDay":2,"gems":[1,1,1]},{"id":"profile3","condition":"{time_since_install > 345600} and {time_since_install <= 1296000} and {time_last_purchase >= 1555200} and {gems <= 25}","cooldown":1500,"maxPerDay":4,"gems":[1,1,1,1]},{"id":"profile4","condition":"{time_since_install > 345600} and {time_since_install <= 1296000} and {time_last_purchase >= 1555200} and {gems > 25} and {gems <= 50}","cooldown":1500,"maxPerDay":4,"gems":[1,1,1,2]},{"id":"profile5","condition":"{time_since_install > 345600} and {time_since_install <= 1296000} and {time_last_purchase >= 1555200} and {gems > 50}","cooldown":1500,"maxPerDay":4,"gems":[1,1]},{"id":"profile6","condition":"{time_since_install > 1296000} and {time_last_purchase >= 1555200} and {gems <= 50}","cooldown":1500,"maxPerDay":4,"gems":[1,1,2]},{"id":"profile7","condition":"{time_since_install > 1296000} and {time_last_purchase >= 1555200} and {gems > 50} and {gems <= 100}","cooldown":1500,"maxPerDay":3,"gems":[1,1]},{"id":"profile8","condition":"{time_since_install > 1296000} and {time_last_purchase >= 1555200} and {gems > 100}","cooldown":1500,"maxPerDay":2,"gems":[1]},{"id":"profile9Payer","condition":"{time_since_install > 86400} and {time_last_purchase < 1555200}","cooldown":1500,"maxPerDay":2,"gems":[1,1]}]}', 'homeRewardedAdTestDev': '{"comment":"","enabled":true,"itemInShop":true,"profiles":[{"id":"profile1","cooldown":20,"gems":[5,7]}]}', 'initialValues': '{"gems":60}', 'initialValuesDev': '{"gems":33, "tickets": 3}', 'liveOpsConfig': '{}', 'liveOpsConfigDev': '[{"id":"comp_0007","type":"competition","goals":[{"currency":"GEMS","tiers":[{"threshold":50,"rewards":[{"currency":"TOKENS","amount":1}]},{"threshold":75,"rewards":[{"currency":"TOKENS","amount":1}]},{"threshold":100,"rewards":[{"currency":"TOKENS","amount":1}]}]},{"currency":"EPISODES","tiers":[{"threshold":1,"rewards":[{"currency":"TOKENS","amount":1}]},{"threshold":10,"rewards":[{"currency":"TOKENS","amount":1}]},{"threshold":25,"rewards":[{"currency":"TOKENS","amount":1}]}]}],"start_time":{"epoch":1716332460},"end_time":{"epoch":1718233199}}]', 'notifications': '{}', 'notificationsDev': '[{"id":"come_back1_24hrs","time":86400,"title":"Romance awaits in the Villa!❤️🏝️","text":"Dive in to get grafting and continue your love story!"},{"id":"come_back1a_48hrs","time":31536000,"title":"Summer romance is one tap away!","text":"Return to the Villa to bring the drama and find love!"},{"id":"come_back2_3days","time":31536000,"title":"Ready to dive back in?","text":"The Islanders are waiting! Play now to crack on and turn heads!"},{"id":"come_back3_10days","time":31536000,"title":"Make a fiery return to the Villa!","text":"Play now to reunite with the Islanders and get grafting!","gems":10,"tickets":2,"limit":1,"cooldown_days":30},{"id":"come_back4_30days","time":31536000,"title":"We miss you...","text":"Dive back into the Villa to pick up where you left off!","gems":25,"tickets":5}]', 'promptNextSeason': 'true', 'promptNextSeasonDev': 'true', 'sceneChangeAd': '{}', 'sceneChangeAdDev': '{}', 'seasonalGift': '{}', 'seasonalGiftDev': '{}', 'seasonalGifts': '{"popups":[{"Key":"season10advertMain","Prefab":"season10advertMain","Profiles":[{"ID":"profile1","Condition":"{time_since_install > 0}","Cooldown":60,"Limit":1}]}]}', 'seasonalGiftsDev': '{"popups":[{"Key":"season10advert","Prefab":"season10advert","Profiles":[{"ID":"profile1","Condition":"{time_since_install > 0}","Cooldown":60,"Limit":1}]}]}', 'shopConfig': '{"ref":"https://docs.google.com/spreadsheets/d/1xeAun_vsjCNUXW6jHdkfNqadH41alKFIe15L2G4zzk0/edit#gid=1203411744","shopItems":{"offer_starter299":{"content":[{"key":"gems","quantity":90}],"prefab":"offer_starter_no_tickets","name":"offer_starter","offer":true,"order":2,"baseStore":true},"gems2":{"baseStore":true,"content":[{"key":"gems","quantity":65}],"order":3},"gems3":{"baseStore":true,"content":[{"key":"gems","quantity":140}],"order":4},"gems1":{"baseStore":true,"content":[{"key":"gems","quantity":20}],"order":5},"gems4":{"baseStore":true,"content":[{"key":"gems","quantity":300}],"order":6},"gems5":{"baseStore":true,"content":[{"key":"gems","quantity":850}],"order":7},"tickets1":{"content":[{"key":"lives","quantity":5}],"order":8,"baseStore":true},"tickets2":{"content":[{"key":"lives","quantity":15}],"order":9,"baseStore":true}},"inapps":["gems1","gems2","gems3","gems4","gems5","gems099","gems199","gems799","gems1999","gems2999","offer_special","offer_starter","offer_starter299","offer_starter499","offer_starter599","tickets1","tickets2"],"tag":"Store Alpha","version":"1.0.0"}', 'shopConfigDev': '{"ref":"https://docs.google.com/spreadsheets/d/1xeAun_vsjCNUXW6jHdkfNqadH41alKFIe15L2G4zzk0/edit#gid=1203411744","shopItems":{"gems009":{"content":[{"key":"gems","quantity":90}],"prefab":"offer_starter_no_tickets","name":"offer_starter","offer":true,"order":2,"baseStore":true},"gems009 (copy)":{"baseStore":true,"content":[{"key":"gems","quantity":65}],"prefab":"gems2","order":3},"gems009 (copy 2)":{"baseStore":true,"content":[{"key":"gems","quantity":140}],"prefab":"gems3","order":4},"gems009 (copy 3)":{"baseStore":true,"content":[{"key":"gems","quantity":20}],"prefab":"gems1","order":5},"gems009 (copy 4)":{"baseStore":true,"content":[{"key":"gems","quantity":300}],"prefab":"gems4","order":6},"gems009 (copy 5)":{"baseStore":true,"content":[{"key":"gems","quantity":850}],"prefab":"gems5","order":7},"gems009 (copy 6)":{"content":[{"key":"lives","quantity":5}],"prefab":"tickets1","order":8,"baseStore":true},"gems009 (copy 7)":{"content":[{"key":"lives","quantity":15}],"prefab":"tickets2","order":9,"baseStore":true}},"inapps":["gems1","gems2","gems3","gems4","gems5","gems009","gems099","gems199","gems799","gems1999","gems2999","offer_special","offer_starter","offer_starter299","offer_starter499","offer_starter599","tickets1","tickets2"],"tag":"Store Alpha","version":"1.0.0"}', 'shopConfigTestDev': '{"ref":"https://docs.google.com/spreadsheets/d/1xeAun_vsjCNUXW6jHdkfNqadH41alKFIe15L2G4zzk0/edit#gid=1203411744","shopItems":{"offer_starter499":{"content":[{"key":"gems","quantity":150},{"key":"lives","quantity":7}],"prefab":"offer_starter","name":"offer_starter","offer":true,"order":2,"baseStore":true},"gems199":{"baseStore":true,"content":[{"key":"gems","quantity":50}],"prefab":"gems2","order":3},"gems799":{"baseStore":true,"content":[{"key":"gems","quantity":270}],"prefab":"gems3","quantityOrig":250,"badge":"most_popular","info":"Temporary offer","order":4},"gems099":{"baseStore":true,"content":[{"key":"gems","quantity":20}],"prefab":"gems1","order":5},"gems1999":{"baseStore":true,"content":[{"key":"gems","quantity":550}],"prefab":"gems4","order":6},"gems2999":{"baseStore":true,"content":[{"key":"gems","quantity":800}],"prefab":"gems5","order":7},"tickets1":{"content":[{"key":"lives","quantity":5}],"order":8,"baseStore":true},"tickets2":{"content":[{"key":"lives","quantity":15}],"order":9,"baseStore":true}},"inapps":["gems1","gems2","gems3","gems4","gems5","gems099","gems199","gems799","gems1999","gems2999","offer_special","offer_starter","offer_starter499","tickets1","tickets2"],"tag":"Store Alpha","version":"1.0.0"}', 'specialOfferDev': '{"shopItems":{"offerone":{"name":"starterpack18jun21","content":[{"key":"gems","quantity":6000},{"key":"lives_infinite","quantity":120}],"discount":"80%","condition":"{level >= 3}","start":1624003200,"duration":86400}}}', 'spinwheel': '{"disabled":true,"profiles":[{"id":"profile1","condition":"{time_since_install < 86400}","autopopup":true,"freespin":false,"spinswithads":2,"probabilities_info":"six prizes: 1gem, 2gems, 5gems, 1ticket, 5tickets and 5gems5tickets. probabilities must have six values (one per prize) and they have to sum 100","probabilities":[35,35,15,5,2,8]},{"id":"profile2","condition":"{time_since_install >= 86400}","autopopup":true,"freespin":false,"spinswithads":4,"probabilities_info":"six prizes: 1gem, 2gems, 5gems, 1ticket, 5tickets and 5gems5tickets. probabilities must have six values (one per prize) and they have to sum 100","probabilities":[65,10,2,20,2,1]}]}', 'spinwheelDev': '{"disabled":true,"profiles":[{"id":"profile1","condition":"{time_since_install < 86400}","autopopup":true,"freespin":false,"spinswithads":2,"probabilities_info":"six prizes: 1gem, 2gems, 5gems, 1ticket, 5tickets and 5gems5tickets. probabilities must have six values (one per prize) and they have to sum 100","probabilities":[35,35,15,5,2,8]},{"id":"profile2","condition":"{time_since_install >= 86400}","autopopup":true,"freespin":false,"spinswithads":4,"probabilities_info":"six prizes: 1gem, 2gems, 5gems, 1ticket, 5tickets and 5gems5tickets. probabilities must have six values (one per prize) and they have to sum 100","probabilities":[65,10,2,20,2,1]}]}', 'zABNarrative': '{}', 'zABNarrativeDev': '{"5":{"1":"b","2":"b","3":"b","4":"b","5":"b","6":"b"}}', 'zABS5UnlockAllCloset': '{}', 'zABS5UnlockAllClosetDev': '{}'}, 'state': 'UPDATE', 'templateVersion': '633'}
中危 此应用可能包含硬编码机密信息
从应用程序中识别出以下机密确保这些不是机密或私人信息 凭证信息=> "com.google.android.gms.games.APP_ID" : "\ 686239729981" AdMob广告平台的=> "com.google.android.gms.ads.APPLICATION_ID" : "ca-app-pub-7804333680125754~1967795043" AppLovin广告SDK的=> "applovin.sdk.key" : "PnD_FJPiQqbXVTJuCSc5OIRNDdzlhLO67c5MwV3LJeup7ChKfIP2brPpTNX9ixFqXLBSrFp9uhz0ueKXykaXT_" "google_api_key" : "AIzaSyAZW4fNcXHz4HHt0yMsNSpE6NxDIdcnZfI" "google_crash_reporting_api_key" : "AIzaSyAZW4fNcXHz4HHt0yMsNSpE6NxDIdcnZfI" "firebase_database_url" : "https://love-island-2da-default-rtdb.firebaseio.com" "com.google.firebase.crashlytics.unity_version" : "2020.3.46f1" Y29tLmlyb25zb3VyY2Uuc2RrLmNvbnRyb2xsZXIuT3BlblVybEFjdGl2aXR5 29015bbfcc182d80e7f75bd2c38e4521 9b8f518b086098de3d77736f9458a3d2f6f95a37 cc2751449a350f668590264ed76692694a80308a a4b7452e2ed8f5f191058ca7bbfd26b0d3214bfc HSrCHRtOan6wp2kwOIGJC1RDtuSrF2mWVbio2aBcMHX9KF3iTJ1lLSzCKP1ZSo5yNolPNw1kCTtWpxELFF4ah1 b9b88d70c3d018bfbda46cd93ba3ddca daaea35726ab7cd457ab61d4538fb822 2438bce1ddb7bd026d5ff89f598b3b5e5bb824b3 df6b721c8b4d3b6eb44c861d4415007e5a35fc95 ed01172dc7edce0416bde7fa240784c2bd3c9d5a E3F9E1E0CF99D0E56A055BA65E241B3399F7CEA524326B0CDD6EC1327ED0FDC1 C38FB23A402222A0C17D34A92F971D1F c56fb7d591ba6704df047fd98f535372fea00211 217e8f437c9fc4244d6e74653ac8a8c7 74616804a7dc29147dfb0afe122a9fd2 FBA3AF4E7757D9016E953FB3EE4671CA2BD9AF725F9A53D52ED4A38EAAA08901 FFE391E0EA186D0734ED601E4E70E3224B7309D48E2075BAC46D8C667EAE7212 7eac188d3286b05ccbba774f63a2c049 Y29tLnZ1bmdsZS5wdWJsaXNoZXIuRmxleFZpZXdBZEFjdGl2aXR5fGNvbS5pbm1vYmkuYWRzLnJlbmRlcmluZy5Jbk1vYmlBZEFjdGl2aXR5fGNvbS52dW5nbGUucHVibGlzaGVyLlZpZGVvRnVsbFNjcmVlbkFkQWN0aXZpdHl8Y29tLmJ5dGVkYW5jZS5zZGsub3BlbmFkc2RrLmFjdGl2aXR5LlRURnVsbFNjcmVlblZpZGVvQWN0aXZpdHl8Y29tLmdvb2dsZS5hZHMuQWRBY3Rpdml0eXxjb20udW5pdHkzZC5hZHMuYWR1bml0LkFkVW5pdEFjdGl2aXR5fGNvbS5hcHBsb3Zpbi5hZHZpZXcuQXBwTG92aW5JbnRlcnN0aXRpYWxBY3Rpdml0eXxjb20uYXBwbG92aW4uYWR2aWV3LkFwcExvdmluRnVsbHNjcmVlblRoZW1lZEFjdGl2aXR5fGNvbS5tYnJpZGdlLm1zZGsucmV3YXJkLnBsYXllci5NQlJld2FyZFZpZGVvQWN0aXZpdHl8Y29tLmJ5dGVkYW5jZS5zZGsub3BlbmFkc2RrLmFjdGl2aXR5LlRUUmV3YXJkVmlkZW9BY3Rpdml0eXxjb20udW5pdHkzZC5hZHMuYW5kcm9pZC52aWV3LlVuaXR5QWRzRnVsbHNjcmVlbkFjdGl2aXR5fGNvbS5tYnJpZGdlLm1zZGsuaW50ZXJhY3RpdmVhZHMuYWN0aXZpdHkuSW50ZXJhY3RpdmVTaG93QWN0aXZpdHl8Y29tLnZ1bmdsZS53YXJyZW4udWkuVnVuZ2xlQWN0aXZpdHl8Y29tLnVuaXR5M2Quc2VydmljZXMuYWRzLmFkdW5pdC5BZFVuaXRTb2Z0d2FyZUFjdGl2aXR5fGNvbS52dW5nbGUucHVibGlzaGVyLk1yYWlkRnVsbFNjcmVlbkFkQWN0aXZpdHl8Y29tLmdvb2dsZS5hbmRyb2lkLmdtcy5hZHMuQWRBY3Rpdml0eXxjb20uc21hYXRvLnNkay5pbnRlcnN0aXRpYWwuSW50ZXJzdGl0aWFsQWRBY3Rpdml0eXxjb20udW5pdHkzZC5zZXJ2aWNlcy5hZHMuYWR1bml0LkFkVW5pdEFjdGl2aXR5fGNvbS5hcHBsb3Zpbi5pbXBsLmFkdmlldy5BcHBMb3Zpbk9yaWVudGF0aW9uQXdhcmVJbnRlcnN0aXRpYWxBY3Rpdml0eXxjb20ubWludGVncmFsLm1zZGsucmV3YXJkLnBsYXllci5NVEdSZXdhcmRWaWRlb0FjdGl2aXR5fGNvbS5ieXRlZGFuY2Uuc2RrLm9wZW5hZHNkay5hY3Rpdml0eS5UVEZ1bGxTY3JlZW5FeHByZXNzVmlkZW9BY3Rpdml0eXxjb20udW5pdHkzZC5hZHMuYWR1bml0LkFkVW5pdFNvZnR3YXJlQWN0aXZpdHl8Y29tLmlyb25zb3VyY2Uuc2RrLmNvbnRyb2xsZXIuSW50ZXJzdGl0aWFsQWN0aXZpdHl8Y29tLmFkY29sb255LnNkay5BZENvbG9ueUFkVmlld0FjdGl2aXR5fGNvbS5taW50ZWdyYWwubXNkay5pbnRlcnN0aXRpYWwudmlldy5NVEdJbnRlcnN0aXRpYWxBY3Rpdml0eXxjb20ubWJyaWRnZS5tc2RrLmludGVyc3RpdGlhbC52aWV3Lk1CSW50ZXJzdGl0aWFsQWN0aXZpdHl8Y29tLm1pbnRlZ3JhbC5tc2RrLmludGVyYWN0aXZlYWRzLmFjdGl2aXR5LkludGVyYWN0aXZlU2hvd0FjdGl2aXR5fGNvbS5ieXRlZGFuY2Uuc2RrLm9wZW5hZHNkay5hY3Rpdml0eS5UVFJld2FyZEV4cHJlc3NWaWRlb0FjdGl2aXR5fGNvbS52dW5nbGUucHVibGlzaGVyLkZ1bGxTY3JlZW5BZEFjdGl2aXR5fGNvbS5zdXBlcnNvbmljYWRzLnNkay5jb250cm9sbGVyLkludGVyc3RpdGlhbEFjdGl2aXR5fGNvbS5zbWFhdG8uc2RrLnJld2FyZGVkLndpZGdldC5SZXdhcmRlZEludGVyc3RpdGlhbEFkQWN0aXZpdHl8Y29tLmFwcGxvdmluLmFkdmlldy5BcHBMb3ZpbkZ1bGxzY3JlZW5BY3Rpdml0eXxjb20uZnliZXIuaW5uZXJhY3RpdmUuc2RrLmFjdGl2aXRpZXMuSW5uZXJhY3RpdmVGdWxsc2NyZWVuQWRBY3Rpdml0eXxjb20udnVuZ2xlLndhcnJlbi51aS5WdW5nbGVGbGV4Vmlld0FjdGl2aXR5fGNvbS5zdXBlcnNvbmljYWRzLnNkay5jb250cm9sbGVyLkNvbnRyb2xsZXJBY3Rpdml0eXxjb20uaXJvbnNvdXJjZS5zZGsuY29udHJvbGxlci5Db250cm9sbGVyQWN0aXZpdHl8Y29tLmFkY29sb255LnNkay5BZENvbG9ueUludGVyc3RpdGlhbEFjdGl2aXR5fGNvbS5ieXRlZGFuY2Uuc2RrLm9wZW5hZHNkay5hY3Rpdml0eS5UVEFwcE9wZW5BZEFjdGl2aXR5fGNvbS5zbWFhdG8uc2RrLnJld2FyZGVkLnZpZXcuUmV3YXJkZWRJbnRlcnN0aXRpYWxBZEFjdGl2aXR5fGNvbS5zbWFhdG8uc2RrLmludGVyc3RpdGlhbC52aWV3LkludGVyc3RpdGlhbEFkQWN0aXZpdHl8Y29tLnZ1bmdsZS5hZHMuaW50ZXJuYWwudWkuVnVuZ2xlQWN0aXZpdHl8Y29tLmZpdmVfY29ycC5hZC5BZEFjdGl2aXR5 1cd25093e0b187dede2869d94281a264 8a3c4b262d721acd49a4bf97d5213199c86fa2b9 FJPiQqbXVTJuCSc5OIRNDdzlhLO67c5MwV3LJeup7ChKfIP2brPpTNX9ixFqXLBSrFp9uhz0ueKXykaXT 3BAF59A2E5331C30675FAB35FF5FFF0D116142D3D4664F1C3CB804068B40614F
信息 应用程序记录日志信息,不得记录敏感信息
应用程序记录日志信息,不得记录敏感信息 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#logs Files: bitter/jnibridge/JNIBridge.java, line(s) 64 bolts/MeasurementEvent.java, line(s) 63,75 com/applovin/exoplayer2/l/q.java, line(s) 14,40,20,30 com/applovin/impl/sdk/a/f.java, line(s) 107,113,119 com/applovin/impl/sdk/x.java, line(s) 41,50,74,70,101,54,78,62,82 com/applovin/mediation/unity/MaxUnityAdManager.java, line(s) 1225,1229,1546,882 com/applovin/mediation/unity/MaxUnityPlugin.java, line(s) 235,254,263,272,281,293,982,1119,1125 com/appsflyer/AFLogger.java, line(s) 50,79,129,48,14,68,61 com/helpshift/HSDebugLog.java, line(s) 91,111,129,101,117,81,143 com/helpshift/activities/HSDebugActivity.java, line(s) 82 com/helpshift/activities/HSMainActivity.java, line(s) 50,68 com/helpshift/core/HSContext.java, line(s) 253 com/helpshift/log/InternalHelpshiftLogger.java, line(s) 60,56,58 com/helpshift/log/LogCollector.java, line(s) 41,77,82 com/helpshift/migrator/MigrationFailureLogProvider.java, line(s) 62,101 com/helpshift/migrator/MigrationLogger.java, line(s) 39,22,34 com/helpshift/migrator/NativeToSdkxMigrator.java, line(s) 97,112,164,177,220,460 com/helpshift/notification/HSNotificationManager.java, line(s) 94 com/helpshift/unityproxy/HelpshiftUnity.java, line(s) 27 com/helpshift/unityproxy/HelpshiftUnityAPI.java, line(s) 40,58,69 com/helpshift/unityproxy/activity/UnityDelegateActivity.java, line(s) 35 com/helpshift/unityproxy/utils/InstallUtils.java, line(s) 24 com/helpshift/util/AssetsUtil.java, line(s) 56 com/iab/omid/library/applovin/publisher/b.java, line(s) 45,47 com/iab/omid/library/applovin/utils/d.java, line(s) 18,11 com/iab/omid/library/inmobi/d/c.java, line(s) 18,11 com/iab/omid/library/ironsrc/utils/d.java, line(s) 18,11 com/iab/omid/library/vungle/d/c.java, line(s) 18,11 com/inmobi/media/h.java, line(s) 67 com/inmobi/media/ih.java, line(s) 46 com/inmobi/media/ij.java, line(s) 20,29,33,36,60,64,12,51 com/ironsource/a/b.java, line(s) 44 com/ironsource/adapters/ironsource/IronSourceAdapter.java, line(s) 702 com/ironsource/adapters/supersonicads/SupersonicAdsAdapter.java, line(s) 726 com/ironsource/b/a.java, line(s) 77,129,151 com/ironsource/d/b.java, line(s) 130 com/ironsource/environment/a.java, line(s) 45,376 com/ironsource/environment/e.java, line(s) 95,191,203,208,209 com/ironsource/environment/k.java, line(s) 66 com/ironsource/lifecycle/a/a.java, line(s) 59 com/ironsource/mediationsdk/C1072p.java, line(s) 192 com/ironsource/mediationsdk/L.java, line(s) 517,519,527,529,1858,1881 com/ironsource/mediationsdk/T.java, line(s) 118 com/ironsource/mediationsdk/adunit/c/d.java, line(s) 155 com/ironsource/mediationsdk/bidding/b.java, line(s) 46 com/ironsource/mediationsdk/integration/IntegrationHelper.java, line(s) 145,54,81,88,103,108,167,181,185,199,204,220,225,288,298,310,321,46,60,65,84,99,106,133,158,164,177,195,202,214,215,218,223,302,313,319,67,308 com/ironsource/mediationsdk/logger/a.java, line(s) 34,27,23,29 com/ironsource/sdk/a/d.java, line(s) 39 com/ironsource/sdk/b/b.java, line(s) 36,62,101 com/ironsource/sdk/c/c.java, line(s) 120,189 com/ironsource/sdk/controller/x.java, line(s) 398,406,486,1057,1152,1172,1201,1221,1243,1263,1289,1309,1338,1495,1513,2236,2793,2796,2798,2808,2816,2829,2838,2840,1985 com/ironsource/sdk/service/Connectivity/a.java, line(s) 51 com/ironsource/sdk/service/Connectivity/e.java, line(s) 83,97 com/ironsource/sdk/service/d.java, line(s) 48 com/ironsource/sdk/utils/Logger.java, line(s) 12,18,24,30,40,48,53,59,65,71 com/pairip/VMRunner.java, line(s) 42,49,80,147,174,179,184 com/safedk/android/utils/Logger.java, line(s) 35,42,53,56,99,105,83,91,62,66,21,28,70,74,78 com/safedk/android/utils/b.java, line(s) 76,131 com/unity/androidnotifications/UnityNotificationBackgroundThread.java, line(s) 171 com/unity/androidnotifications/UnityNotificationManager.java, line(s) 365,487,490,592,626 com/unity/androidnotifications/UnityNotificationUtilities.java, line(s) 78,94,97,140,165,168,221,224,409,415,537,543,579,581,627,629,603,607,612 com/unity3d/ads/UnityAdsBaseOptions.java, line(s) 18 com/unity3d/ads/metadata/InAppPurchaseMetaData.java, line(s) 63,78,82 com/unity3d/ads/metadata/MetaData.java, line(s) 73,82 com/unity3d/services/UnityServices.java, line(s) 29,66,73,78,89,94,107,123,99,101,111,42 com/unity3d/services/ads/UnityAdsImplementation.java, line(s) 44,138 com/unity3d/services/ads/adunit/AdUnitActivity.java, line(s) 437,439,59,122,144,166,189,227,358,403,194 com/unity3d/services/ads/adunit/AdUnitViewHandlerFactory.java, line(s) 22 com/unity3d/services/ads/adunit/VideoPlayerHandler.java, line(s) 34,52 com/unity3d/services/ads/api/AdUnit.java, line(s) 90,93,96,99,122,436,442,494,498,503,507,113,126,131,136,168,258,350,366,395,402 com/unity3d/services/ads/api/VideoPlayer.java, line(s) 57,75,93,111,129,165 com/unity3d/services/ads/api/WebPlayer.java, line(s) 134 com/unity3d/services/ads/configuration/AdsModuleConfiguration.java, line(s) 50,61,69 com/unity3d/services/ads/gmascar/adapters/ScarAdapterFactory.java, line(s) 63 com/unity3d/services/ads/gmascar/bridges/AdapterStatusBridge.java, line(s) 26,35 com/unity3d/services/ads/gmascar/bridges/InitializeListenerBridge.java, line(s) 26,49 com/unity3d/services/ads/gmascar/bridges/mobileads/MobileAdsBridge.java, line(s) 35 com/unity3d/services/ads/gmascar/bridges/mobileads/MobileAdsBridgeLegacy.java, line(s) 42 com/unity3d/services/ads/gmascar/finder/GMAInitializer.java, line(s) 49 com/unity3d/services/ads/gmascar/finder/ScarVersionFinder.java, line(s) 34,50 com/unity3d/services/ads/token/AsyncTokenStorage.java, line(s) 174,204 com/unity3d/services/ads/token/NativeTokenGenerator.java, line(s) 41 com/unity3d/services/ads/video/VideoPlayerView.java, line(s) 74,110,113,134,177,183,243,254,281 com/unity3d/services/ads/webplayer/WebPlayerView.java, line(s) 85,185,222,226,320,333,345,358,424,486 com/unity3d/services/banners/BannerView.java, line(s) 127 com/unity3d/services/banners/UnityBanners.java, line(s) 151 com/unity3d/services/core/api/Cache.java, line(s) 181,195,47,117,134,161,200,210 com/unity3d/services/core/api/DeviceInfo.java, line(s) 206,229,247,302,309,339,511 com/unity3d/services/core/api/Intent.java, line(s) 105,123,147,183,197 com/unity3d/services/core/api/Request.java, line(s) 33,45,63,75,92,104 com/unity3d/services/core/api/Sdk.java, line(s) 17,43,98,110,80,92,86 com/unity3d/services/core/broadcast/BroadcastEventReceiver.java, line(s) 36 com/unity3d/services/core/cache/CacheDirectory.java, line(s) 44,48,55,95,99,105,112,121,123,37,58,126 com/unity3d/services/core/cache/CacheThread.java, line(s) 30 com/unity3d/services/core/cache/CacheThreadHandler.java, line(s) 48,148,151,155,628,631,635,261,336,348,369,393,414,438,459,483,504,528,549,573,594 com/unity3d/services/core/configuration/ConfigurationReader.java, line(s) 40 com/unity3d/services/core/configuration/ConfigurationRequestFactory.java, line(s) 39 com/unity3d/services/core/configuration/EnvironmentCheck.java, line(s) 21,40,24,27,30,33,43 com/unity3d/services/core/configuration/ExperimentObject.java, line(s) 32 com/unity3d/services/core/configuration/ExperimentsReader.java, line(s) 33 com/unity3d/services/core/configuration/InitializationNotificationCenter.java, line(s) 66 com/unity3d/services/core/configuration/InitializeEventsMetricSender.java, line(s) 68,85,108,123,131,152 com/unity3d/services/core/configuration/InitializeThread.java, line(s) 191,199,222,414,429,505,537,635,647,667,63,72,479,514,517,544,547,587,621,671,735,828,334,421,457,809 com/unity3d/services/core/configuration/PrivacyConfigurationLoader.java, line(s) 29 com/unity3d/services/core/connectivity/ConnectivityMonitor.java, line(s) 113,130,157,102,149 com/unity3d/services/core/device/AdvertisingId.java, line(s) 177,49,59 com/unity3d/services/core/device/Device.java, line(s) 321,329,340,350,380,396,405,490,597,610,625,129 com/unity3d/services/core/device/OpenAdvertisingId.java, line(s) 168,57,64 com/unity3d/services/core/device/Storage.java, line(s) 36,40,70 com/unity3d/services/core/device/reader/DeviceInfoReaderCompressor.java, line(s) 40,44 com/unity3d/services/core/device/reader/DeviceInfoReaderExtended.java, line(s) 47 com/unity3d/services/core/domain/task/InitializeStateConfig$doWork$2.java, line(s) 55 com/unity3d/services/core/domain/task/InitializeStateCreate$doWork$2.java, line(s) 55,61,79 com/unity3d/services/core/domain/task/InitializeStateCreateWithRemote$doWork$2.java, line(s) 55,60,78 com/unity3d/services/core/domain/task/InitializeStateError$doWork$2.java, line(s) 52 com/unity3d/services/core/domain/task/InitializeStateLoadCache$doWork$2.java, line(s) 57,64 com/unity3d/services/core/domain/task/InitializeStateLoadCache.java, line(s) 88 com/unity3d/services/core/domain/task/InitializeStateLoadConfigFile$doWork$2.java, line(s) 56,64 com/unity3d/services/core/domain/task/InitializeStateLoadWeb$doWork$2.java, line(s) 108,81 com/unity3d/services/core/domain/task/InitializeStateNetworkError$doWork$2.java, line(s) 53 com/unity3d/services/core/domain/task/InitializeStateNetworkError.java, line(s) 50,68 com/unity3d/services/core/domain/task/InitializeStateReset$doWork$2.java, line(s) 64 com/unity3d/services/core/extensions/TaskExtensionsKt.java, line(s) 205 com/unity3d/services/core/log/DeviceLog.java, line(s) 188,228,235 com/unity3d/services/core/misc/JsonFlattener.java, line(s) 39 com/unity3d/services/core/misc/JsonStorage.java, line(s) 63,57,66,75,87,123,143,161,167 com/unity3d/services/core/misc/JsonStorageAggregator.java, line(s) 24 com/unity3d/services/core/misc/Utilities.java, line(s) 140,50,71,110,116,121,134 com/unity3d/services/core/misc/ViewUtilities.java, line(s) 18,27 com/unity3d/services/core/preferences/AndroidPreferences.java, line(s) 20,32,44,56,68 com/unity3d/services/core/properties/ClientProperties.java, line(s) 67,86,98,100 com/unity3d/services/core/properties/SdkProperties.java, line(s) 218,220,141 com/unity3d/services/core/reflection/GenericBridge.java, line(s) 32,39,58,73,82,88,95,101 com/unity3d/services/core/request/WebRequest.java, line(s) 254,154,160 com/unity3d/services/core/request/WebRequestRunnable.java, line(s) 35,39,82 com/unity3d/services/core/request/WebRequestThread.java, line(s) 45,158,172 com/unity3d/services/core/request/metrics/MetricCommonTags.java, line(s) 127 com/unity3d/services/core/request/metrics/MetricSender.java, line(s) 52,71,75,79,91,93,96 com/unity3d/services/core/request/metrics/MetricSenderWithBatch.java, line(s) 40 com/unity3d/services/core/request/metrics/SDKMetrics.java, line(s) 20,31,76,91,96 com/unity3d/services/core/sensorinfo/SensorInfoListener.java, line(s) 53 com/unity3d/services/core/timer/BaseTimer.java, line(s) 147 com/unity3d/services/core/webview/WebView.java, line(s) 119,65,145,149 com/unity3d/services/core/webview/WebViewApp.java, line(s) 121,140,161,190,415,419,153,183,226,264,280,314,398,427,431,434 com/unity3d/services/core/webview/WebViewUrlBuilder.java, line(s) 27 com/unity3d/services/core/webview/bridge/Invocation.java, line(s) 55 com/unity3d/services/core/webview/bridge/NativeCallback.java, line(s) 45 com/unity3d/services/core/webview/bridge/WebViewBridge.java, line(s) 101 com/unity3d/services/core/webview/bridge/WebViewBridgeInterface.java, line(s) 35,51 com/unity3d/services/core/webview/bridge/WebViewCallback.java, line(s) 56 com/unity3d/services/store/core/StoreLifecycleListener.java, line(s) 55 com/unity3d/services/store/gpbl/bridges/CommonJsonResponseBridge.java, line(s) 38 com/unity3d/services/store/gpbl/bridges/PurchaseBridge.java, line(s) 37 com/vungle/warren/AdActivity.java, line(s) 143,221,223,241,259 com/vungle/warren/AdEventListener.java, line(s) 99,55,67 com/vungle/warren/AdLoader.java, line(s) 495,540,562,631,695,820,1101,1148,1413,477,611,619,783,891,1252,1296,1308,1318,1397,1429,546,1178,1190,539,1492 com/vungle/warren/AdvertisementPresentationFactory.java, line(s) 499,502,182,205,212,241,286,291,302,310,314,380,385,396,403,468,493 com/vungle/warren/Banners.java, line(s) 29,34,38,43,56,95,109 com/vungle/warren/CacheBustManager.java, line(s) 28 com/vungle/warren/NativeAd.java, line(s) 232,201,196,334 com/vungle/warren/NativeAdLayout.java, line(s) 108,124,136,144,163,172,178,184,196,203,217 com/vungle/warren/Plugin.java, line(s) 26,29 com/vungle/warren/SessionTracker.java, line(s) 181,185,109,268 com/vungle/warren/Vungle.java, line(s) 176,183,486,519,1232,156,188,397,407,459,528,557,573,580,601,615,619,624,635,676,744,782,844,886,906,931,950,981,995,1012,1022,1032,1042,1053,1156,1162,1210,1221,775 com/vungle/warren/VungleApiClient.java, line(s) 237,374,545,331,351,376,380,393,733,750,409,863,866,872 com/vungle/warren/VungleBanner.java, line(s) 57,65,82,106,113,124,147,149,173,213 com/vungle/warren/VungleJobRunner.java, line(s) 78 com/vungle/warren/VungleLogger.java, line(s) 52,89,98,112,74,81,41,30,63 com/vungle/warren/analytics/VungleAnalytics.java, line(s) 68,73,44,45,48,50,53,99 com/vungle/warren/downloader/AssetDownloader.java, line(s) 125,173,230,317,333,346,398,435,466,568,616,617,689,738,772,774,807,888,914,922,952,992,1033,1076,1095,1118,1159,1208,1235,1256,1269,1303,1305,1322,1342,1378,1392,1394,1421,1440,1465,1479,1481,1518,1544,1552,1579,1593,1606,1629,1630,1643,1678,1712,1728,1775,1794,1807,1937,1971,1981,1996,2019,2030,2036,2069,2071,2074,2076,2105,2108,2112,2116,2127,2128,2130,2136,2250,2255,2281,2301,2306,2364,2375,2406,2437,155,426,559,680,729,798,879,943,983,1024,1067,1150,1199,1223,1535,1570,1702,1719,1815,2150,2205,2410,332 com/vungle/warren/downloader/CleverCache.java, line(s) 67,71,84,91,125,129,135,150,156,171,180,193,211 com/vungle/warren/log/BaseFilePersistor.java, line(s) 71,184 com/vungle/warren/log/LogManager.java, line(s) 163,168,212,217,226 com/vungle/warren/log/LogPersister.java, line(s) 78,57,136,82,93,122 com/vungle/warren/log/LogSender.java, line(s) 44,80 com/vungle/warren/model/Advertisement.java, line(s) 857 com/vungle/warren/model/Placement.java, line(s) 91 com/vungle/warren/network/OkHttpCall.java, line(s) 44,60 com/vungle/warren/persistence/CacheManager.java, line(s) 202 com/vungle/warren/persistence/FutureResult.java, line(s) 41,55,37,51,58 com/vungle/warren/persistence/GraphicDesigner.java, line(s) 66,86 com/vungle/warren/persistence/Repository.java, line(s) 247,250,544,994,1002,1008,1017,1023,1034,1044,272,314,361,779,666 com/vungle/warren/tasks/CacheBustJob.java, line(s) 83,123,146,156,180,50,77,86,89,172,174,196,48 com/vungle/warren/tasks/CleanupJob.java, line(s) 40,52,78,80,97,88,66 com/vungle/warren/tasks/JobInfo.java, line(s) 111 com/vungle/warren/tasks/SendReportsJob.java, line(s) 48,57 com/vungle/warren/tasks/runnable/JobRunnable.java, line(s) 39,48,50,56,41,60,62 com/vungle/warren/ui/JavascriptBridge.java, line(s) 23 com/vungle/warren/ui/presenter/LocalAdPresenter.java, line(s) 216,609,614,621 com/vungle/warren/ui/presenter/MRAIDAdPresenter.java, line(s) 180,480,539,602 com/vungle/warren/ui/presenter/NativeAdPresenter.java, line(s) 138,149,173,199,212,222,279,121,126 com/vungle/warren/ui/view/BaseAdView.java, line(s) 64,68 com/vungle/warren/ui/view/FullAdWidget.java, line(s) 294,351,361 com/vungle/warren/ui/view/LocalAdView.java, line(s) 213,139,164 com/vungle/warren/ui/view/NativeAdView.java, line(s) 83 com/vungle/warren/ui/view/VungleBannerView.java, line(s) 99,242,246 com/vungle/warren/ui/view/VungleWebClient.java, line(s) 111,150,226,113,252,253,263,264,274,275,299,337 com/vungle/warren/utility/ActivityManager.java, line(s) 297 com/vungle/warren/utility/CookieUtil.java, line(s) 20 com/vungle/warren/utility/ExternalRouter.java, line(s) 25,24,40 com/vungle/warren/utility/FileUtility.java, line(s) 185,226,237,245,103,106 com/vungle/warren/utility/ImageLoader.java, line(s) 45,47,72 com/vungle/warren/utility/ImpressionTracker.java, line(s) 66,71 com/vungle/warren/utility/NetworkProvider.java, line(s) 141,84 com/vungle/warren/utility/UnzipUtility.java, line(s) 133 com/vungle/warren/utility/VungleUrlUtility.java, line(s) 14 com/vungle/warren/utility/platform/AndroidPlatform.java, line(s) 110,134,136,140,190,123 com/yasirkula/unity/NativeShare.java, line(s) 65,72,42,178,201 com/yasirkula/unity/NativeShareBroadcastListener.java, line(s) 23,27,31 com/yasirkula/unity/NativeShareContentProvider.java, line(s) 145 com/yasirkula/unity/NativeShareCustomShareDialog.java, line(s) 156,171 com/yasirkula/unity/NativeShareFragment.java, line(s) 70,79 io/grpc/android/AndroidChannelBuilder.java, line(s) 45,48,52,56,125 io/grpc/okhttp/internal/Platform.java, line(s) 71 org/fmod/FMODAudioDevice.java, line(s) 73 org/fmod/a.java, line(s) 77
信息 应用与Firebase数据库通信
该应用与位于 https://love-island-2da-default-rtdb.firebaseio.com 的 Firebase 数据库进行通信
安全 基本配置配置为禁止到所有域的明文流量。
Scope: *
安全 此应用程序使用SSL Pinning 来检测或防止安全通信通道中的MITM攻击
此应用程序使用SSL Pinning 来检测或防止安全通信通道中的MITM攻击 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05g-Testing-Network-Communication.md#testing-custom-certificate-stores-and-certificate-pinning-mstg-network-4 Files: com/inmobi/media/dm.java, line(s) 69,72 io/grpc/okhttp/OkHttpChannelBuilder.java, line(s) 420,421,508,434,506,506 io/grpc/okhttp/OkHttpServerBuilder.java, line(s) 226,227,240 io/grpc/util/AdvancedTlsX509TrustManager.java, line(s) 108,98,106,106,124
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (firebase-settings.crashlytics.com) 通信。
{'ip': '180.163.150.162', 'country_short': 'CN', 'country_long': '中国', 'region': '上海', 'city': '上海', 'latitude': '31.224333', 'longitude': '121.468948'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (i.l.inmobicdn.net) 通信。
{'ip': '152.199.39.108', 'country_short': 'HK', 'country_long': '中国', 'region': '香港', 'city': '香港', 'latitude': '22.285521', 'longitude': '114.157692'}