安全分析报告:
安全分数
安全分数 40/100
风险评级
等级
- A
- B
- C
- F
严重性分布 (%)
隐私风险
11
用户/设备跟踪器
调研结果
高危
10
中危
27
信息
2
安全
2
关注
4
高危 基本配置不安全地配置为允许到所有域的明文流量。
Scope: *
高危 域配置不安全地配置为允许明文流量到达范围内的这些域。
Scope: 127.0.0.1
高危 域配置配置为信任用户安装的证书。
Scope: facebook.com
高危 该文件是World Writable。任何应用程序都可以写入文件
该文件是World Writable。任何应用程序都可以写入文件 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#testing-local-storage-for-sensitive-data-mstg-storage-1-and-mstg-storage-2 Files: c7/g.java, line(s) 164 e7/y.java, line(s) 254 z1/c.java, line(s) 115
高危 已启用远程WebView调试
已启用远程WebView调试 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04c-Tampering-and-Reverse-Engineering.md#debugging-and-tracing Files: com/ironsource/sdk/controller/t.java, line(s) 310,23,24 com/onesignal/inAppMessages/internal/display/impl/i.java, line(s) 624,9
高危 如果一个应用程序使用WebView.loadDataWithBaseURL方法来加载一个网页到WebView,那么这个应用程序可能会遭受跨站脚本攻击
如果一个应用程序使用WebView.loadDataWithBaseURL方法来加载一个网页到WebView,那么这个应用程序可能会遭受跨站脚本攻击 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05h-Testing-Platform-Interaction.md#static-analysis-7 Files: c7/g.java, line(s) 149,18,19 com/applive/app/ui/activities/modules/ModuleWebViewActivity.java, line(s) 454,22,23 com/applive/app/ui/activities/youtube/YoutubePlayerFsActivity.java, line(s) 301,15,16 d7/w.java, line(s) 919,26,27 x6/j.java, line(s) 1718,37,38 x6/o.java, line(s) 268,20,21 x6/r.java, line(s) 296,22,23
高危 WebView域控制不严格漏洞
WebView域控制不严格漏洞 Files: com/ironsource/le.java, line(s) 30,25
高危 应用程序使用带PKCS5/PKCS7填充的加密模式CBC。此配置容易受到填充oracle攻击。
应用程序使用带PKCS5/PKCS7填充的加密模式CBC。此配置容易受到填充oracle攻击。 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: c2/a.java, line(s) 45 com/ironsource/mediationsdk/utils/IronSourceAES.java, line(s) 72,140
高危 该文件是World Readable。任何应用程序都可以读取文件
该文件是World Readable。任何应用程序都可以读取文件 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#testing-local-storage-for-sensitive-data-mstg-storage-1-and-mstg-storage-2 Files: com/applive/app/service/modules/mic/MicPostSearchWorker.java, line(s) 221
高危 应用程序包含隐私跟踪程序
此应用程序有多个11隐私跟踪程序。跟踪器可以跟踪设备或用户,是终端用户的隐私问题。
中危 应用程序存在Janus漏洞
应用程序使用了v1签名方案进行签名,如果只使用v1签名方案,那么它就容易受到安卓5.0-8.0上的Janus漏洞的攻击。在安卓5.0-7.0上运行的使用了v1签名方案的应用程序,以及同时使用了v2/v3签名方案的应用程序也同样存在漏洞。
中危 基本配置配置为信任系统证书。
Scope: *
中危 域配置配置为信任系统证书。
Scope: facebook.com
中危 应用程序可以安装在有漏洞的已更新 Android 版本上
Android 6.0-6.0.1, [minSdk=23] 该应用程序可以安装在具有多个未修复漏洞的旧版本 Android 上。这些设备不会从 Google 接收合理的安全更新。支持 Android 版本 => 10、API 29 以接收合理的安全更新。
中危 Activity (com.applive.app.ui.activities.DeepLinkActivity) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此使其对设备上的任何其他应用程序都可访问。
中危 Broadcast Receiver (com.onesignal.notifications.receivers.FCMBroadcastReceiver) 受权限保护, 但是应该检查权限的保护级别。
Permission: com.google.android.c2dm.permission.SEND [android:exported=true] 发现一个 Broadcast Receiver被共享给了设备上的其他应用程序,因此让它可以被设备上的任何其他应用程序访问。它受到一个在分析的应用程序中没有定义的权限的保护。因此,应该在定义它的地方检查权限的保护级别。如果它被设置为普通或危险,一个恶意应用程序可以请求并获得这个权限,并与该组件交互。如果它被设置为签名,只有使用相同证书签名的应用程序才能获得这个权限。
中危 Activity (com.onesignal.notifications.activities.NotificationOpenedActivityHMS) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此使其对设备上的任何其他应用程序都可访问。
中危 Broadcast Receiver (com.onesignal.notifications.receivers.NotificationDismissReceiver) 未被保护。
[android:exported=true] 发现 Broadcast Receiver与设备上的其他应用程序共享,因此使其对设备上的任何其他应用程序都可访问。
中危 Broadcast Receiver (com.onesignal.notifications.receivers.BootUpReceiver) 未被保护。
[android:exported=true] 发现 Broadcast Receiver与设备上的其他应用程序共享,因此使其对设备上的任何其他应用程序都可访问。
中危 Broadcast Receiver (com.onesignal.notifications.receivers.UpgradeReceiver) 未被保护。
[android:exported=true] 发现 Broadcast Receiver与设备上的其他应用程序共享,因此使其对设备上的任何其他应用程序都可访问。
中危 Activity (com.onesignal.notifications.activities.NotificationOpenedActivity) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此使其对设备上的任何其他应用程序都可访问。
中危 Activity (com.onesignal.notifications.activities.NotificationOpenedActivityAndroid22AndOlder) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此使其对设备上的任何其他应用程序都可访问。
中危 Activity (com.facebook.CustomTabActivity) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此使其对设备上的任何其他应用程序都可访问。
中危 Service (androidx.work.impl.background.systemjob.SystemJobService) 受权限保护, 但是应该检查权限的保护级别。
Permission: android.permission.BIND_JOB_SERVICE [android:exported=true] 发现一个 Service被共享给了设备上的其他应用程序,因此让它可以被设备上的任何其他应用程序访问。它受到一个在分析的应用程序中没有定义的权限的保护。因此,应该在定义它的地方检查权限的保护级别。如果它被设置为普通或危险,一个恶意应用程序可以请求并获得这个权限,并与该组件交互。如果它被设置为签名,只有使用相同证书签名的应用程序才能获得这个权限。
中危 Broadcast Receiver (androidx.work.impl.diagnostics.DiagnosticsReceiver) 受权限保护, 但是应该检查权限的保护级别。
Permission: android.permission.DUMP [android:exported=true] 发现一个 Broadcast Receiver被共享给了设备上的其他应用程序,因此让它可以被设备上的任何其他应用程序访问。它受到一个在分析的应用程序中没有定义的权限的保护。因此,应该在定义它的地方检查权限的保护级别。如果它被设置为普通或危险,一个恶意应用程序可以请求并获得这个权限,并与该组件交互。如果它被设置为签名,只有使用相同证书签名的应用程序才能获得这个权限。
中危 Broadcast Receiver (com.google.firebase.iid.FirebaseInstanceIdReceiver) 受权限保护, 但是应该检查权限的保护级别。
Permission: com.google.android.c2dm.permission.SEND [android:exported=true] 发现一个 Broadcast Receiver被共享给了设备上的其他应用程序,因此让它可以被设备上的任何其他应用程序访问。它受到一个在分析的应用程序中没有定义的权限的保护。因此,应该在定义它的地方检查权限的保护级别。如果它被设置为普通或危险,一个恶意应用程序可以请求并获得这个权限,并与该组件交互。如果它被设置为签名,只有使用相同证书签名的应用程序才能获得这个权限。
中危 Broadcast Receiver (androidx.profileinstaller.ProfileInstallReceiver) 受权限保护, 但是应该检查权限的保护级别。
Permission: android.permission.DUMP [android:exported=true] 发现一个 Broadcast Receiver被共享给了设备上的其他应用程序,因此让它可以被设备上的任何其他应用程序访问。它受到一个在分析的应用程序中没有定义的权限的保护。因此,应该在定义它的地方检查权限的保护级别。如果它被设置为普通或危险,一个恶意应用程序可以请求并获得这个权限,并与该组件交互。如果它被设置为签名,只有使用相同证书签名的应用程序才能获得这个权限。
中危 高优先级的Intent (999)
[android:priority] 通过设置一个比另一个Intent更高的优先级,应用程序有效地覆盖了其他请求。
中危 应用程序使用SQLite数据库并执行原始SQL查询。原始SQL查询中不受信任的用户输入可能会导致SQL注入。敏感信息也应加密并写入数据库
应用程序使用SQLite数据库并执行原始SQL查询。原始SQL查询中不受信任的用户输入可能会导致SQL注入。敏感信息也应加密并写入数据库 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04h-Testing-Code-Quality.md#injection-flaws-mstg-arch-2-and-mstg-platform-2 Files: com/ironsource/h3.java, line(s) 6,7,154 com/ironsource/i3.java, line(s) 6,7,20 com/onesignal/session/internal/outcomes/impl/m.java, line(s) 3,4,10 d7/p.java, line(s) 7,81 jf/c.java, line(s) 8,9,10,11,12,365 n9/m.java, line(s) 3,25 n9/p.java, line(s) 5,6,128 n9/w.java, line(s) 4,5,80 p1/c.java, line(s) 5,41 pa/j.java, line(s) 6,7,830 pa/k.java, line(s) 4,5,41 pa/n7.java, line(s) 4,51 pa/s2.java, line(s) 6,7,8,9,158 pa/z6.java, line(s) 17,18,806 r4/c.java, line(s) 6,7,8,9,10,82 x1/d0.java, line(s) 4,39
中危 文件可能包含硬编码的敏感信息,如用户名、密码、密钥等
文件可能包含硬编码的敏感信息,如用户名、密码、密钥等 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#checking-memory-for-sensitive-data-mstg-storage-10 Files: ah/a.java, line(s) 19 com/ironsource/a8.java, line(s) 61 com/ironsource/adapters/admob/AdMobAdapter.java, line(s) 417,216,223,211,63,64,65 com/ironsource/adapters/facebook/FacebookAdapter.java, line(s) 226,235 com/ironsource/adapters/ironsource/IronSourceAdapter.java, line(s) 87,57,56,686,463 com/ironsource/adapters/ironsource/IronSourceLoadParameters.java, line(s) 52,55 com/ironsource/adapters/supersonicads/SupersonicAdsAdapter.java, line(s) 73,205,392 com/ironsource/f2.java, line(s) 91 com/ironsource/mediationsdk/adunit/adapter/utility/AdOptionsPosition.java, line(s) 11 com/ironsource/mediationsdk/c.java, line(s) 118,338 com/ironsource/mediationsdk/p.java, line(s) 3009,2993 com/ironsource/mediationsdk/utils/IronSourceConstants.java, line(s) 94,105 com/onesignal/inAppMessages/internal/display/impl/i.java, line(s) 30,31,32,25 com/onesignal/inAppMessages/internal/prompt/impl/b.java, line(s) 25 com/onesignal/notifications/bridges/a.java, line(s) 19,20 com/onesignal/notifications/internal/c.java, line(s) 449 com/onesignal/notifications/receivers/FCMBroadcastReceiver.java, line(s) 15 dh/f.java, line(s) 22 l7/g.java, line(s) 48 m5/d.java, line(s) 29 n7/f.java, line(s) 37 n7/q.java, line(s) 85 n7/y.java, line(s) 75 t1/a.java, line(s) 109
中危 SHA-1是已知存在哈希冲突的弱哈希
SHA-1是已知存在哈希冲突的弱哈希 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: ba/a.java, line(s) 20 com/ironsource/sdk/utils/SDKUtils.java, line(s) 86 p8/n.java, line(s) 44 ud/b.java, line(s) 65 wc/f.java, line(s) 230 xd/n.java, line(s) 66
中危 应用程序可以读取/写入外部存储器,任何应用程序都可以读取写入外部存储器的数据
应用程序可以读取/写入外部存储器,任何应用程序都可以读取写入外部存储器的数据 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#external-storage Files: com/ironsource/d5.java, line(s) 181,186 com/ironsource/sdk/utils/SDKUtils.java, line(s) 274 com/ironsource/v3.java, line(s) 582,279,451
中危 MD5是已知存在哈希冲突的弱哈希
MD5是已知存在哈希冲突的弱哈希 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: com/ironsource/mediationsdk/utils/IronSourceUtils.java, line(s) 386 com/ironsource/sdk/utils/SDKUtils.java, line(s) 191 p8/h.java, line(s) 13 pa/g7.java, line(s) 232 ze/l.java, line(s) 19
中危 应用程序使用不安全的随机数生成器
应用程序使用不安全的随机数生成器 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#weak-random-number-generators Files: ae/l.java, line(s) 11 ak/c.java, line(s) 20 com/ironsource/e4.java, line(s) 5 com/onesignal/common/AndroidUtils.java, line(s) 20 i2/m0.java, line(s) 4 i7/c.java, line(s) 47 i7/n.java, line(s) 13 i7/u.java, line(s) 16 pa/g7.java, line(s) 34 vi/a.java, line(s) 3 vi/b.java, line(s) 3 wi/a.java, line(s) 3 x1/i0.java, line(s) 6 y1/e.java, line(s) 14 z1/b.java, line(s) 11
中危 不安全的Web视图实现。可能存在WebView任意代码执行漏洞
不安全的Web视图实现。可能存在WebView任意代码执行漏洞 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05h-Testing-Platform-Interaction.md#testing-javascript-execution-in-webviews-mstg-platform-5 Files: com/ironsource/gd.java, line(s) 96,93,95 com/onesignal/inAppMessages/internal/display/impl/i.java, line(s) 965,962 x6/j.java, line(s) 1686,1662 x6/r.java, line(s) 413,397
中危 应用程序创建临时文件。敏感信息永远不应该被写进临时文件
应用程序创建临时文件。敏感信息永远不应该被写进临时文件 Files: ud/c.java, line(s) 47
中危 此应用可能包含硬编码机密信息
从应用程序中识别出以下机密确保这些不是机密或私人信息 "com.google.firebase.crashlytics.mapping_file_id" : "cbee18d9f9b64a3a8271334353389c37" "google_api_key" : "AIzaSyD0-foNos_-JIwjEioXKQC8q_QFSRR4v7M" "google_crash_reporting_api_key" : "AIzaSyD0-foNos_-JIwjEioXKQC8q_QFSRR4v7M" "ironsource_app_key" : "1ddfcec75" "authentication_required" : "認証が必要です" "com_facebook_device_auth_instructions" : "<b>facebook.com/device</b>にアクセスして、上のコードを入力してください。" "authentication_required" : "ต้องมีการตรวจสอบสิทธิ์" "authentication_required" : "പരിശോധിച്ചുറപ്പിക്കേണ്ടതുണ്ട്" "authentication_required" : "តម្រូវឱ្យមានការផ្ទៀងផ្ទាត់" "authentication_required" : "ຕ້ອງມີການພິສູດຢືນຢັນ" "authentication_required" : "需要驗證" "com_facebook_device_auth_instructions" : "前往<b>facebook.com/device</b>,並輸入上方顯示的代碼。" "authentication_required" : "需要进行身份验证" "com_facebook_device_auth_instructions" : "请访问<b>facebook.com/device</b>并输入以上验证码。" "authentication_required" : "必須驗證" "com_facebook_device_auth_instructions" : "前往<b>facebook.com/device</b>,並輸入上方顯示的代碼。" 047e4ff61e1e2c470d3ef1fc7c48ac2d PGh0bWw+PGhlYWQ+CiAgICA8bWV0YSBuYW1lPSJ2aWV3cG9ydCIgY29udGVudD0id2lkdGg9ZGV2aWNlLXdpZHRoLCBpbml0aWFsLXNjYWxlPTEiPgogICAgPHN0eWxlPgogICAgICAgIC5jb250YWluZXIgewogICAgICAgICAgICBmbGV4LWRpcmVjdGlvbjogY29sdW1uOwogICAgICAgIH0KCiAgICAgICAgLmZsZXgtY29udGFpbmVyIHsKICAgICAgICAgICAgZGlzcGxheTogZmxleDsKICAgICAgICAgICAgYWxpZ24taXRlbXM6IGNlbnRlcjsKICAgICAgICAgICAgZmxleC1kaXJlY3Rpb246IGNvbHVtbjsKICAgICAgICAgICAganVzdGlmeS1jb250ZW50OiBmbGV4LWVuZDsKICAgICAgICB9CgogICAgICAgIC5sb2FkaW5nIHsKICAgICAgICAgICAganVzdGlmeS1jb250ZW50OiBzdGFydDsKICAgICAgICB9CgogICAgICAgIC5sZHMtZWxsaXBzaXMgewogICAgICAgICAgICBkaXNwbGF5OiBpbmxpbmUtYmxvY2s7CiAgICAgICAgICAgIHBvc2l0aW9uOiByZWxhdGl2ZTsKICAgICAgICAgICAgd2lkdGg6IDgwcHg7CiAgICAgICAgICAgIGhlaWdodDogODBweDsKICAgICAgICB9CgogICAgICAgIC5sZHMtZWxsaXBzaXMgZGl2IHsKICAgICAgICAgICAgcG9zaXRpb246IGFic29sdXRlOwogICAgICAgICAgICB0b3A6IDMzcHg7CiAgICAgICAgICAgIHdpZHRoOiAxM3B4OwogICAgICAgICAgICBoZWlnaHQ6IDEzcHg7CiAgICAgICAgICAgIGJvcmRlci1yYWRpdXM6IDUwJTsKICAgICAgICAgICAgYmFja2dyb3VuZDogI0E3QTdBNzsKICAgICAgICAgICAgYW5pbWF0aW9uLXRpbWluZy1mdW5jdGlvbjogY3ViaWMtYmV6aWVyKDAsIDEsIDEsIDApOwogICAgICAgIH0KCiAgICAgICAgLmxkcy1lbGxpcHNpcyBkaXY6bnRoLWNoaWxkKDEpIHsKICAgICAgICAgICAgbGVmdDogOHB4OwogICAgICAgICAgICBhbmltYXRpb246IGxkcy1lbGxpcHNpczEgMC42cyBpbmZpbml0ZTsKICAgICAgICB9CgogICAgICAgIC5sZHMtZWxsaXBzaXMgZGl2Om50aC1jaGlsZCgyKSB7CiAgICAgICAgICAgIGxlZnQ6IDhweDsKICAgICAgICAgICAgYW5pbWF0aW9uOiBsZHMtZWxsaXBzaXMyIDAuNnMgaW5maW5pdGU7CiAgICAgICAgfQoKICAgICAgICAubGRzLWVsbGlwc2lzIGRpdjpudGgtY2hpbGQoMykgewogICAgICAgICAgICBsZWZ0OiAzMnB4OwogICAgICAgICAgICBhbmltYXRpb246IGxkcy1lbGxpcHNpczIgMC42cyBpbmZpbml0ZTsKICAgICAgICB9CgogICAgICAgIC5sZHMtZWxsaXBzaXMgZGl2Om50aC1jaGlsZCg0KSB7CiAgICAgICAgICAgIGxlZnQ6IDU2cHg7CiAgICAgICAgICAgIGFuaW1hdGlvbjogbGRzLWVsbGlwc2lzMyAwLjZzIGluZmluaXRlOwogICAgICAgIH0KCiAgICAgICAgQGtleWZyYW1lcyBsZHMtZWxsaXBzaXMxIHsKICAgICAgICAgICAgMCUgewogICAgICAgICAgICAgICAgdHJhbnNmb3JtOiBzY2FsZSgwKTsKICAgICAgICAgICAgfQoKICAgICAgICAgICAgMTAwJSB7CiAgICAgICAgICAgICAgICB0cmFuc2Zvcm06IHNjYWxlKDEpOwogICAgICAgICAgICB9CiAgICAgICAgfQoKICAgICAgICBAa2V5ZnJhbWVzIGxkcy1lbGxpcHNpczMgewogICAgICAgICAgICAwJSB7CiAgICAgICAgICAgICAgICB0cmFuc2Zvcm06IHNjYWxlKDEpOwogICAgICAgICAgICB9CgogICAgICAgICAgICAxMDAlIHsKICAgICAgICAgICAgICAgIHRyYW5zZm9ybTogc2NhbGUoMCk7CiAgICAgICAgICAgIH0KICAgICAgICB9CgogICAgICAgIEBrZXlmcmFtZXMgbGRzLWVsbGlwc2lzMiB7CiAgICAgICAgICAgIDAlIHsKICAgICAgICAgICAgICAgIHRyYW5zZm9ybTogdHJhbnNsYXRlKDAsIDApOwogICAgICAgICAgICB9CgogICAgICAgICAgICAxMDAlIHsKICAgICAgICAgICAgICAgIHRyYW5zZm9ybTogdHJhbnNsYXRlKDI0cHgsIDApOwogICAgICAgICAgICB9CiAgICAgICAgfQogICAgPC9zdHlsZT4KPC9oZWFkPgoKPGJvZHk+CiAgICA8ZGl2IGlkPSJsb2FkaW5nX3dyYXBwZXIiIHN0eWxlPSJkaXNwbGF5OiBmbGV4O2ZsZXgtZGlyZWN0aW9uOiBjb2x1bW47anVzdGlmeS1jb250ZW50OiBzcGFjZS1iZXR3ZWVuO2hlaWdodDogMTAwJTsiPgo8ZGl2IGNsYXNzPSJjb250YWluZXIgZmxleC1jb250YWluZXIiIHN0eWxlPSIKICAgIGZsZXg6IDE7CiI+CiAgICAgICAgPGRpdiBjbGFzcz0iZmxleC1jb250YWluZXIiIHN0eWxlPSIKICAgIGZsZXg6IDE7CiI+CiAgICAgICAgICAgIDxzdmcgd2lkdGg9IjIzNiIgaGVpZ2h0PSI0NCIgdmlld0JveD0iMCAwIDIzNiA0NCIgZmlsbD0ibm9uZSIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIj4KICAgICAgICAgICAgICAgIDxwYXRoIGQ9Ik0zNy44MDYzIDMwLjI4NTRWMTAuNDI4NUwyMC42MTI5IDAuNVY4LjExNjM2TDI3LjM1MDggMTIuMDA5NUMyNy41OTQ1IDEyLjE0NTUgMjcuNjAwMiAxMi41MjUyIDI3LjM1MDggMTIuNjYxMkwxOS4zNDM1IDE3LjI4NTVDMTkuMDk5OCAxNy40MjcxIDE4LjgxNjQgMTcuNDE1OCAxOC41ODk4IDE3LjI4NTVMMTAuNTc2OCAxMi42NjEyQzEwLjMzMzEgMTIuNTI1MiAxMC4zMjc0IDEyLjE0NTUgMTAuNTc2OCAxMi4wMDk1TDE3LjMxNDcgOC4xMjIwMlYwLjUwNTY2OEwwLjExNTY0NiAxMC40Mjg1VjMwLjI4NTRWMzAuMTk0N1YzMC4yODU0TDYuNzExOTMgMjYuNDc3MlYxOC42OTY1QzYuNzA2MjYgMTguNDE4OCA3LjAzNDk0IDE4LjIyMDUgNy4yNzg2MiAxOC4zNzM1TDE1LjI4NiAyMi45OTc3QzE1LjUyOTYgMjMuMTM5NCAxNS42NjU2IDIzLjM4ODcgMTUuNjY1NiAyMy42NDk0VjMyLjg5NzlDMTUuNjcxMyAzMy4xNzU1IDE1LjM0ODMgMzMuMzczOSAxNS4xMDQ2IDMzLjIyNjVMOC4zNjY2NyAyOS4zMzM0TDEuNzcwMzggMzMuMTQxNUwxOC45Njk1IDQzLjA3TDM2LjE2ODUgMzMuMTQxNUwyOS41NjA5IDI5LjMzMzRMMjIuODIyOSAzMy4yMjY1QzIyLjU4NDkgMzMuMzY4MiAyMi4yNTA2IDMzLjE4NjkgMjIuMjU2MyAzMi44OTc5VjIzLjY0OTRDMjIuMjU2MyAyMy4zNzE3IDIyLjQwOTMgMjMuMTI4MSAyMi42MzU5IDIyLjk5NzdMMzAuNjQzMyAxOC4zNzM1QzMwLjg4MTMgMTguMjI2MiAzMS4yMTU2IDE4LjQxMzIgMzEuMjEgMTguNzAyMlYyNi40ODI5TDM3LjgwNjMgMzAuMjg1NFoiIGZpbGw9IiM0RDRENEQiPjwvcGF0aD4KICAgICAgICAgICAgICAgIDxwYXRoIGQ9Ik0xNS4wOTkgMzMuMjI2Mkw4LjM2MTA2IDI5LjMzM0wxLjc2NDc4IDMzLjE0MTJMMTguOTYzOCA0My4wNjk2VjIxLjMwODZMMC4xMTU3MDcgMTAuNDI4MVYzMC4yODVWMzAuMTk0NFYzMC4yODVMNi43MTE5OSAyNi40NzY5VjE4LjY5NjJDNi43MDYzMiAxOC40MTg1IDcuMDM1IDE4LjIyMDEgNy4yNzg2OCAxOC4zNzMxTDE1LjI4NiAyMi45OTc0QzE1LjUyOTcgMjMuMTM5IDE1LjY2NTcgMjMuMzg4NCAxNS42NjU3IDIzLjY0OTFWMzIuODk3NUMxNS42NzE0IDMzLjE3NTIgMTUuMzQyNyAzMy4zNzM1IDE1LjA5OSAzMy4yMjYyWiIgZmlsbD0iIzRDNEM0QyI+PC9wYXRoPgogICAgICAgICAgICAgICAgPHBhdGggZD0iTTE4Ljk2MzcgNDMuMDY5NkwzNi4xNjI4IDMzLjE0MTJMMjkuNTYwOSAyOS4zMzNMMjIuODIyOSAzMy4yMjYyQzIyLjU4NDkgMzMuMzY3OCAyMi4yNTA1IDMzLjE4NjUgMjIuMjU2MiAzMi44OTc1VjIzLjY0OTFDMjIuMjU2MiAyMy4zNzE0IDIyLjQwOTIgMjMuMTI3NyAyMi42MzU5IDIyLjk5NzRMMzAuNjQzMiAxOC4zNzMxQzMwLjg4MTIgMTguMjI1OCAzMS4yMTU2IDE4LjQxMjggMzEuMjA5OSAxOC43MDE4VjI2LjQ4MjVMMzcuODA2MiAzMC4yOTA3VjEwLjQyODFMMTguOTYzNyAyMS4zMDg2VjQzLjA2OTZaIiBmaWxsPSJibGFjayI+PC9wYXRoPgogICAgICAgICAgICAgICAgPHBhdGggZD0iTTIwLjYxMjkgMC41VjguMTE2MzZMMjcuMzUwOCAxMi4wMDk1QzI3LjU5NDUgMTIuMTQ1NSAyNy42MDAyIDEyLjUyNTIgMjcuMzUwOCAxMi42NjEyTDE5LjM0MzUgMTcuMjg1NUMxOS4wOTk4IDE3LjQyNzEgMTguODE2NCAxNy40MTU4IDE4LjU4OTggMTcuMjg1NUwxMC41NzY4IDEyLjY2MTJDMTAuMzMzMSAxMi41MjUyIDEwLjMyNzQgMTIuMTQ1NSAxMC41NzY4IDEyLjAwOTVMMTcuMzE0NyA4LjEyMjAyVjAuNTA1NjY4TDAuMTE1NjQ2IDEwLjQyODVMMTguOTYzOCAyMS4zMDlMMzcuODExOSAxMC40Mjg1TDIwLjYxMjkgMC41WiIgZmlsbD0iIzgwODA4MCI+PC9wYXRoPgogICAgICAgICAgICAgICAgPHBhdGggZD0iTTU5LjY3NDYgMjMuODUyN0M1OS42NzQ2IDI1Ljg1MzIgNTguNTU4MiAyNy4yODEyIDU2LjIxNzggMjcuMjgxMkM1My43MyAyNy4yODEyIDUyLjcwNDMgMjUuOTM4MiA1Mi43MDQzIDIzLjkzNzdWMTEuNzA4NUg0Ny42NDk0VjIzLjc2NzdDNDcuNjQ5NCAyOC41MzkzIDUwLjUwNTUgMzEuMzM4NyA1Ni4yMjM0IDMxLjMzODdDNjEuOTA3NCAzMS4zMzg3IDY0Ljc0MDggMjguNDgyNiA2NC43NDA4IDIzLjc2NzdWMTEuNzA4NUg1OS42ODU5VjIzLjg1MjdINTkuNjc0NloiIGZpbGw9ImJsYWNrIj48L3BhdGg+CiAgICAgICAgICAgICAgICA8cGF0aCBkPSJNNzYuNDcxOSAxNS45MDc4Qzc0LjQ0MzIgMTUuOTA3OCA3My4wNDM1IDE2Ljc2MzUgNzEuOTU1NCAxOC4zMzlINzEuODcwNFYxNi4zMzg1SDY3LjM4MjJWMzAuOTY0OUg3Mi4wNDA0VjIyLjg3ODJDNzIuMDQwNCAyMS4wNzYxIDczLjA3MTggMTkuNzg5NyA3NC42MTMyIDE5Ljc4OTdDNzYuMTI2MyAxOS43ODk3IDc2Ljg5NyAyMC44NDk0IDc2Ljg5NyAyMi4zOTA4VjMwLjk2NDlIODEuNTU1MlYyMS40NTAxQzgxLjU2MDggMTguMTkxNiA3OS42NzM3IDE1LjkwNzggNzYuNDcxOSAxNS45MDc4WiIgZmlsbD0iYmxhY2siPjwvcGF0aD4KICAgICAgICAgICAgICAgIDxwYXRoIGQ9Ik04OC42MjE2IDEwLjUzNjlIODMuOTYzNFYxNC4zMTFIODguNjIxNlYxMC41MzY5WiIgZmlsbD0iYmxhY2siPjwvcGF0aD4KICAgICAgICAgICAgICAgIDxwYXRoIGQ9Ik04OC42MjE1IDE2LjMzOTVIODMuOTYzM1YzMC45NzE1SDg4LjYyMTVWMTYuMzM5NVoiIGZpbGw9ImJsYWNrIj48L3BhdGg+CiAgICAgICAgICAgICAgICA8cGF0aCBkPSJNOTYuODIxNyAxMS43MDg1SDkyLjI3NjhWMTYuMzM4NEg5MC4zMzNWMjAuMTEyNkg5Mi4yNzY4VjI3LjExMTJDOTIuMjc2OCAzMC4yNTY0IDk0LjIyMDYgMzEuMTQwNCA5Ni45MzUgMzEuMTQwNEM5OC4xOTMxIDMxLjE0MDQgOTkuMDc3MSAzMS4wMjcxIDk5LjQ3OTQgMzAuOTEzN1YyNy41MTM2Qzk5LjMwOTQgMjcuNTEzNiA5OC44NTA0IDI3LjU0MTkgOTguNDQ4MSAyNy41NDE5Qzk3LjQ1MDcgMjcuNTQxOSA5Ni44MjE3IDI3LjI1ODYgOTYuODIxNyAyNi4xMTM4VjIwLjExMjZIOTkuNDc5NFYxNi4zMzg0SDk2LjgyMTdWMTEuNzA4NVoiIGZpbGw9ImJsYWNrIj48L3BhdGg+CiAgICAgICAgICAgICAgICA8cGF0aCBkPSJNMTA5LjM5MSAyMi41NjY1QzEwOC45MzIgMjMuOTk0NiAxMDguNTM1IDI1LjkzODMgMTA4LjUzNSAyNS45MzgzSDEwOC40NzlDMTA4LjQ3OSAyNS45MzgzIDEwOC4wMTkgMjMuOTk0NiAxMDcuNTY2IDIyLjU2NjVMMTA1LjU5NCAxNi4zMzg2SDEwMC42ODFMMTA0Ljk5MyAyNy41OTg4QzEwNS41OTQgMjkuMTQwMiAxMDUuODc3IDMwLjAwMTUgMTA1Ljg3NyAzMC42MjQ5QzEwNS44NzcgMzEuNjIyMyAxMDUuMzMzIDMyLjE2NjMgMTAzLjk2MiAzMi4xNjYzSDEwMi4zNjRWMzUuNzkzMUgxMDUuMzlDMTA4LjMzMSAzNS43OTMxIDEwOS43MzEgMzQuNTkxNyAxMTAuOTA0IDMxLjE2MzNMMTE1Ljk1OSAxNi4zMzI5SDExMS4zMDFMMTA5LjM5MSAyMi41NjY1WiIgZmlsbD0iYmxhY2siPjwvcGF0aD4KICAgICAgICAgICAgICAgIDxwYXRoIGQ9Ik0xMjIuNzI1IDMxLjE4MDZWMTIuNjA0MUgxMjUuNTI4VjI4Ljc2NzhIMTMzLjk0NVYzMS4xODA2SDEyMi43MjVaIiBmaWxsPSJibGFjayI+PC9wYXRoPgogICAgICAgICAgICAgICAgPHBhdGggZD0iTTE0Mi45MyAzMS40NjE4QzE0MS41NTcgMzEuNDYxOCAxNDAuMzc1IDMxLjE2ODUgMTM5LjM4MyAzMC41ODE5QzEzOC4zOTcgMjkuOTg5MyAxMzcuNjM1IDI5LjE1NzkgMTM3LjA5NyAyOC4wODc1QzEzNi41NjUgMjcuMDExMiAxMzYuMjk5IDI1Ljc1MDQgMTM2LjI5OSAyNC4zMDUxQzEzNi4yOTkgMjIuODc4IDEzNi41NjUgMjEuNjIwMiAxMzcuMDk3IDIwLjUzMThDMTM3LjYzNSAxOS40NDMzIDEzOC4zODUgMTguNTkzNyAxMzkuMzQ3IDE3Ljk4M0MxNDAuMzE0IDE3LjM3MjIgMTQxLjQ0NSAxNy4wNjY4IDE0Mi43MzkgMTcuMDY2OEMxNDMuNTI1IDE3LjA2NjggMTQ0LjI4NyAxNy4xOTY4IDE0NS4wMjUgMTcuNDU2OUMxNDUuNzYzIDE3LjcxNjkgMTQ2LjQyNSAxOC4xMjUxIDE0Ny4wMTEgMTguNjgxNEMxNDcuNTk4IDE5LjIzNzcgMTQ4LjA2MSAxOS45NjAzIDE0OC4zOTkgMjAuODQ5M0MxNDguNzM4IDIxLjczMjEgMTQ4LjkwNyAyMi44MDU1IDE0OC45MDcgMjQuMDY5M1YyNS4wMzA4SDEzNy44MzJWMjIuOTk5SDE0Ni4yNDlDMTQ2LjI0OSAyMi4yODU0IDE0Ni4xMDQgMjEuNjUzNSAxNDUuODE0IDIxLjEwMzJDMTQ1LjUyNCAyMC41NDY5IDE0NS4xMTYgMjAuMTA4NSAxNDQuNTkgMTkuNzg4QzE0NC4wNjkgMTkuNDY3NSAxNDMuNDU5IDE5LjMwNzMgMTQyLjc1NyAxOS4zMDczQzE0MS45OTUgMTkuMzA3MyAxNDEuMzMgMTkuNDk0NyAxNDAuNzYyIDE5Ljg2OTZDMTQwLjE5OSAyMC4yMzg1IDEzOS43NjQgMjAuNzIyMyAxMzkuNDU2IDIxLjMyMDlDMTM5LjE1MyAyMS45MTM1IDEzOS4wMDIgMjIuNTU3NSAxMzkuMDAyIDIzLjI1MjlWMjQuODQwM0MxMzkuMDAyIDI1Ljc3MTUgMTM5LjE2NSAyNi41NjM3IDEzOS40OTIgMjcuMjE2OEMxMzkuODI0IDI3Ljg2OTkgMTQwLjI4NyAyOC4zNjg3IDE0MC44OCAyOC43MTM0QzE0MS40NzIgMjkuMDUyIDE0Mi4xNjUgMjkuMjIxNCAxNDIuOTU3IDI5LjIyMTRDMTQzLjQ3MSAyOS4yMjE0IDE0My45MzkgMjkuMTQ4OCAxNDQuMzYzIDI5LjAwMzdDMTQ0Ljc4NiAyOC44NTI1IDE0NS4xNTIgMjguNjI4OCAxNDUuNDYgMjguMzMyNUMxNDUuNzY5IDI4LjAzNjEgMTQ2LjAwNSAyNy42NzAzIDE0Ni4xNjggMjcuMjM0OUwxNDguNzM1IDI3LjY5NzVDMTQ4LjUyOSAyOC40NTM0IDE0OC4xNiAyOS4xMTU1IDE0Ny42MjggMjkuNjg0QzE0Ny4xMDIgMzAuMjQ2MyAxNDYuNDQgMzAuNjg0NyAxNDUuNjQyIDMwLjk5OTJDMTQ0Ljg1IDMxLjMwNzYgMTQzLjk0NiAzMS40NjE4IDE0Mi45MyAzMS40NjE4WiIgZmlsbD0iYmxhY2siPjwvcGF0aD4KICAgICAgICAgICAgICAgIDxwYXRoIGQ9Ik0xNjMuNDM2IDE3LjI0ODJMMTU4LjM4MyAzMS4xODA2SDE1NS40ODFMMTUwLjQyIDE3LjI0ODJIMTUzLjMzMUwxNTYuODYgMjcuOTY5NkgxNTcuMDA1TDE2MC41MjQgMTcuMjQ4MkgxNjMuNDM2WiIgZmlsbD0iYmxhY2siPjwvcGF0aD4KICAgICAgICAgICAgICAgIDxwYXRoIGQ9Ik0xNzEuNTE1IDMxLjQ2MThDMTcwLjE0MyAzMS40NjE4IDE2OC45NiAzMS4xNjg1IDE2Ny45NjkgMzAuNTgxOUMxNjYuOTgzIDI5Ljk4OTMgMTY2LjIyMSAyOS4xNTc5IDE2NS42ODMgMjguMDg3NUMxNjUuMTUxIDI3LjAxMTIgMTY0Ljg4NSAyNS43NTA0IDE2NC44ODUgMjQuMzA1MUMxNjQuODg1IDIyLjg3OCAxNjUuMTUxIDIxLjYyMDIgMTY1LjY4MyAyMC41MzE4QzE2Ni4yMjEgMTkuNDQzMyAxNjYuOTcxIDE4LjU5MzcgMTY3LjkzMiAxNy45ODNDMTY4LjkgMTcuMzcyMiAxNzAuMDMxIDE3LjA2NjggMTcxLjMyNSAxNy4wNjY4QzE3Mi4xMTEgMTcuMDY2OCAxNzIuODczIDE3LjE5NjggMTczLjYxMSAxNy40NTY5QzE3NC4zNDggMTcuNzE2OSAxNzUuMDEgMTguMTI1MSAxNzUuNTk3IDE4LjY4MTRDMTc2LjE4NCAxOS4yMzc3IDE3Ni42NDYgMTkuOTYwMyAxNzYuOTg1IDIwLjg0OTNDMTc3LjMyMyAyMS43MzIxIDE3Ny40OTMgMjIuODA1NSAxNzcuNDkzIDI0LjA2OTNWMjUuMDMwOEgxNjYuNDE4VjIyLjk5OUgxNzQuODM1QzE3NC44MzUgMjIuMjg1NCAxNzQuNjkgMjEuNjUzNSAxNzQuNCAyMS4xMDMyQzE3NC4xMDkgMjAuNTQ2OSAxNzMuNzAxIDIwLjEwODUgMTczLjE3NSAxOS43ODhDMTcyLjY1NSAxOS40Njc1IDE3Mi4wNDQgMTkuMzA3MyAxNzEuMzQzIDE5LjMwNzNDMTcwLjU4MSAxOS4zMDczIDE2OS45MTYgMTkuNDk0NyAxNjkuMzQ3IDE5Ljg2OTZDMTY4Ljc4NSAyMC4yMzg1IDE2OC4zNSAyMC43MjIzIDE2OC4wNDEgMjEuMzIwOUMxNjcuNzM5IDIxLjkxMzUgMTY3LjU4OCAyMi41NTc1IDE2Ny41ODggMjMuMjUyOVYyNC44NDAzQzE2Ny41ODggMjUuNzcxNSAxNjcuNzUxIDI2LjU2MzcgMTY4LjA3OCAyNy4yMTY4QzE2OC40MSAyNy44Njk5IDE2OC44NzMgMjguMzY4NyAxNjkuNDY1IDI4LjcxMzRDMTcwLjA1OCAyOS4wNTIgMTcwLjc1IDI5LjIyMTQgMTcxLjU0MyAyOS4yMjE0QzE3Mi4wNTcgMjkuMjIxNCAxNzIuNTI1IDI5LjE0ODggMTcyLjk0OCAyOS4wMDM3QzE3My4zNzIgMjguODUyNSAxNzMuNzM4IDI4LjYyODggMTc0LjA0NiAyOC4zMzI1QzE3NC4zNTQgMjguMDM2MSAxNzQuNTkgMjcuNjcwMyAxNzQuNzUzIDI3LjIzNDlMMTc3LjMyIDI3LjY5NzVDMTc3LjExNSAyOC40NTM0IDE3Ni43NDYgMjkuMTE1NSAxNzYuMjE0IDI5LjY4NEMxNzUuNjg4IDMwLjI0NjMgMTc1LjAyNiAzMC42ODQ3IDE3NC4yMjcgMzAuOTk5MkMxNzMuNDM1IDMxLjMwNzYgMTcyLjUzMSAzMS40NjE4IDE3MS41MTUgMzEuNDYxOFoiIGZpbGw9ImJsYWNrIj48L3BhdGg+CiAgICAgICAgICAgICAgICA8cGF0aCBkPSJNMTgzLjIxNCAxMi42MDQxVjMxLjE4MDZIMTgwLjUwMlYxMi42MDQxSDE4My4yMTRaIiBmaWxsPSJibGFjayI+PC9wYXRoPgogICAgICAgICAgICAgICAgPHBhdGggZD0iTTE4Ny4wOCAzMS4xODA2VjEyLjYwNDFIMTkzLjcwMkMxOTUuMTQ3IDEyLjYwNDEgMTk2LjM0NCAxMi44NjcyIDE5Ny4yOTQgMTMuMzkzM0MxOTguMjQzIDEzLjkxOTQgMTk4Ljk1NCAxNC42MzkgMTk5LjQyNSAxNS41NTIxQzE5OS44OTcgMTYuNDU5MSAyMDAuMTMzIDE3LjQ4MTEgMjAwLjEzMyAxOC42MTc5QzIwMC4xMzMgMTkuNzYwOCAxOTkuODk0IDIwLjc4ODggMTk5LjQxNiAyMS43MDE5QzE5OC45NDUgMjIuNjA4OSAxOTguMjMxIDIzLjMyODUgMTk3LjI3NiAyMy44NjA3QzE5Ni4zMjYgMjQuMzg2OCAxOTUuMTMyIDI0LjY0OTggMTkzLjY5MyAyNC42NDk4SDE4OS4xMzlWMjIuMjczM0gxOTMuNDM5QzE5NC4zNTIgMjIuMjczMyAxOTUuMDkzIDIyLjExNjEgMTk1LjY2MSAyMS44MDE3QzE5Ni4yMjkgMjEuNDgxMiAxOTYuNjQ3IDIxLjA0NTggMTk2LjkxMyAyMC40OTU1QzE5Ny4xNzkgMTkuOTQ1MiAxOTcuMzEyIDE5LjMxOTQgMTk3LjMxMiAxOC42MTc5QzE5Ny4zMTIgMTcuOTE2NCAxOTcuMTc5IDE3LjI5MzYgMTk2LjkxMyAxNi43NDk0QzE5Ni42NDcgMTYuMjA1MSAxOTYuMjI2IDE1Ljc3ODggMTk1LjY1MiAxNS40NzA0QzE5NS4wODQgMTUuMTYyIDE5NC4zMzQgMTUuMDA3OCAxOTMuNDAyIDE1LjAwNzhIMTg5Ljg4M1YzMS4xODA2SDE4Ny4wOFoiIGZpbGw9ImJsYWNrIj48L3BhdGg+CiAgICAgICAgICAgICAgICA8cGF0aCBkPSJNMjA1LjkxMyAxMi42MDQxVjMxLjE4MDZIMjAzLjIwMVYxMi42MDQxSDIwNS45MTNaIiBmaWxsPSJibGFjayI+PC9wYXRoPgogICAgICAgICAgICAgICAgPHBhdGggZD0iTTIxMy42MTYgMzEuNDg5QzIxMi43MzMgMzEuNDg5IDIxMS45MzUgMzEuMzI1NyAyMTEuMjIxIDMwLjk5OTJDMjEwLjUwOCAzMC42NjY2IDIwOS45NDMgMzAuMTg1OSAyMDkuNTI1IDI5LjU1N0MyMDkuMTE0IDI4LjkyODEgMjA4LjkwOSAyOC4xNTcxIDIwOC45MDkgMjcuMjQ0QzIwOC45MDkgMjYuNDU3OSAyMDkuMDYgMjUuODEwOCAyMDkuMzYyIDI1LjMwMjlDMjA5LjY2NCAyNC43OTQ5IDIxMC4wNzMgMjQuMzkyOCAyMTAuNTg3IDI0LjA5NjVDMjExLjEwMSAyMy44MDAyIDIxMS42NzUgMjMuNTc2NSAyMTIuMzEgMjMuNDI1M0MyMTIuOTQ1IDIzLjI3NDEgMjEzLjU5MiAyMy4xNTkyIDIxNC4yNTEgMjMuMDgwNkMyMTUuMDg2IDIyLjk4MzkgMjE1Ljc2MyAyMi45MDUyIDIxNi4yODMgMjIuODQ0OEMyMTYuODAzIDIyLjc3ODMgMjE3LjE4MSAyMi42NzI0IDIxNy40MTcgMjIuNTI3M0MyMTcuNjUyIDIyLjM4MjIgMjE3Ljc3IDIyLjE0NjMgMjE3Ljc3IDIxLjgxOThWMjEuNzU2M0MyMTcuNzcgMjAuOTY0MSAyMTcuNTQ3IDIwLjM1MDQgMjE3LjA5OSAxOS45MTVDMjE2LjY1OCAxOS40Nzk2IDIxNS45OTkgMTkuMjYxOSAyMTUuMTIyIDE5LjI2MTlDMjE0LjIwOSAxOS4yNjE5IDIxMy40ODkgMTkuNDY0NSAyMTIuOTYzIDE5Ljg2OTZDMjEyLjQ0MyAyMC4yNjg3IDIxMi4wODMgMjAuNzEzMiAyMTEuODg0IDIxLjIwM0wyMDkuMzM1IDIwLjYyMjVDMjA5LjYzNyAxOS43NzU5IDIxMC4wNzkgMTkuMDkyNiAyMTAuNjU5IDE4LjU3MjVDMjExLjI0NiAxOC4wNDY1IDIxMS45MiAxNy42NjU1IDIxMi42ODIgMTcuNDI5N0MyMTMuNDQ0IDE3LjE4NzggMjE0LjI0NSAxNy4wNjY4IDIxNS4wODYgMTcuMDY2OEMyMTUuNjQyIDE3LjA2NjggMjE2LjIzMSAxNy4xMzM0IDIxNi44NTQgMTcuMjY2NEMyMTcuNDgzIDE3LjM5MzQgMjE4LjA3IDE3LjYyOTIgMjE4LjYxNCAxNy45NzM5QzIxOS4xNjQgMTguMzE4NiAyMTkuNjE1IDE4LjgxMTQgMjE5Ljk2NSAxOS40NTI0QzIyMC4zMTYgMjAuMDg3MyAyMjAuNDkyIDIwLjkxMjcgMjIwLjQ5MiAyMS45Mjg2VjMxLjE4MDZIMjE3Ljg0M1YyOS4yNzU4SDIxNy43MzRDMjE3LjU1OSAyOS42MjY1IDIxNy4yOTYgMjkuOTcxMiAyMTYuOTQ1IDMwLjMwOThDMjE2LjU5NCAzMC42NDg1IDIxNi4xNDQgMzAuOTI5NyAyMTUuNTkzIDMxLjE1MzRDMjE1LjA0MyAzMS4zNzcxIDIxNC4zODQgMzEuNDg5IDIxMy42MTYgMzEuNDg5Wk0yMTQuMjA2IDI5LjMxMjFDMjE0Ljk1NiAyOS4zMTIxIDIxNS41OTYgMjkuMTYzOSAyMTYuMTI5IDI4Ljg2NzZDMjE2LjY2NyAyOC41NzEzIDIxNy4wNzUgMjguMTg0MyAyMTcuMzUzIDI3LjcwNjZDMjE3LjYzNyAyNy4yMjI4IDIxNy43NzkgMjYuNzA1OCAyMTcuNzc5IDI2LjE1NTVWMjQuMzU5NkMyMTcuNjgzIDI0LjQ1NjMgMjE3LjQ5NSAyNC41NDcgMjE3LjIxNyAyNC42MzE3QzIxNi45NDUgMjQuNzEwMyAyMTYuNjM0IDI0Ljc3OTggMjE2LjI4MyAyNC44NDAzQzIxNS45MzIgMjQuODk0NyAyMTUuNTkgMjQuOTQ2MSAyMTUuMjU4IDI0Ljk5NDVDMjE0LjkyNSAyNS4wMzY4IDIxNC42NDcgMjUuMDczMSAyMTQuNDIzIDI1LjEwMzNDMjEzLjg5NyAyNS4xNjk5IDIxMy40MTcgMjUuMjgxNyAyMTIuOTgxIDI1LjQzODlDMjEyLjU1MiAyNS41OTYyIDIxMi4yMDcgMjUuODIyOSAyMTEuOTQ3IDI2LjExOTJDMjExLjY5MyAyNi40MDk1IDIxMS41NjYgMjYuNzk2NSAyMTEuNTY2IDI3LjI4MDNDMjExLjU2NiAyNy45NTE1IDIxMS44MTQgMjguNDU5NCAyMTIuMzEgMjguODA0MUMyMTIuODA2IDI5LjE0MjggMjEzLjQzOCAyOS4zMTIxIDIxNC4yMDYgMjkuMzEyMVoiIGZpbGw9ImJsYWNrIj48L3BhdGg+CiAgICAgICAgICAgICAgICA8cGF0aCBkPSJNMjI1LjMxOSAzNi40MDUyQzIyNC45MTQgMzYuNDA1MiAyMjQuNTQ1IDM2LjM3MiAyMjQuMjEzIDM2LjMwNTVDMjIzLjg4IDM2LjI0NSAyMjMuNjMyIDM2LjE3ODUgMjIzLjQ2OSAzNi4xMDU5TDIyNC4xMjIgMzMuODgzNkMyMjQuNjE4IDM0LjAxNjcgMjI1LjA1OSAzNC4wNzQxIDIyNS40NDYgMzQuMDU2QzIyNS44MzMgMzQuMDM3OCAyMjYuMTc1IDMzLjg5MjcgMjI2LjQ3MSAzMy42MjA2QzIyNi43NzQgMzMuMzQ4NSAyMjcuMDQgMzIuOTA0IDIyNy4yNjkgMzIuMjg3MkwyMjcuNjA1IDMxLjM2MkwyMjIuNTA3IDE3LjI0ODJIMjI1LjQxTDIyOC45MzggMjguMDYwM0gyMjkuMDg0TDIzMi42MTIgMTcuMjQ4MkgyMzUuNTI0TDIyOS43ODIgMzMuMDQwMUMyMjkuNTE2IDMzLjc2NTcgMjI5LjE3NyAzNC4zNzk1IDIyOC43NjYgMzQuODgxNEMyMjguMzU1IDM1LjM4OTMgMjI3Ljg2NSAzNS43NzAzIDIyNy4yOTcgMzYuMDI0M0MyMjYuNzI4IDM2LjI3ODMgMjI2LjA2OSAzNi40MDUyIDIyNS4zMTkgMzYuNDA1MloiIGZpbGw9ImJsYWNrIj48L3BhdGg+CiAgICAgICAgICAgIDwvc3ZnPgogICAgICAgIDwvZGl2PgogICAgICAgIDxkaXYgY2xhc3M9ImZsZXgtY29udGFpbmVyIGxvYWRpbmciIHN0eWxlPSIKICAgIGZsZXg6IDE7CiI+CiAgICAgICAgICAgIDxkaXYgY2xhc3M9Imxkcy1lbGxpcHNpcyI+CiAgICAgICAgICAgICAgICA8ZGl2PjwvZGl2PgogICAgICAgICAgICAgICAgPGRpdj48L2Rpdj4KICAgICAgICAgICAgICAgIDxkaXY+PC9kaXY+CiAgICAgICAgICAgICAgICA8ZGl2PjwvZGl2PgogICAgICAgICAgICA8L2Rpdj4KICAgICAgICA8L2Rpdj4KICAgIDwvZGl2Pgo8L2Rpdj4KCgo8L2JvZHk+PC9odG1sPg== C38FB23A402222A0C17D34A92F971D1F 9a04f079-9840-4286-ab92-e65be0885f95 2438bce1ddb7bd026d5ff89f598b3b5e5bb824b3 16a09e667f3bcc908b2fb1366ea957d3e3adec17512775099da2f590b0667322a 470fa2b4ae81cd56ecbcda9735803434cec591fa e2719d58-a985-b3c9-781a-b030af78d30e adcf5ac866ce6e82e476b47ff972f42bf6cb9bd8 edef8ba9-79d6-4ace-a3c8-27dcd51d21ed 88a7c6cb5fc9cfdf07ec2006c97c4cf4 c682b8144a8dd52bc1ad63 8a3c4b262d721acd49a4bf97d5213199c86fa2b9 5e8f16062ea3cd2c4a0d547876baa6f38cabf625 df6b721c8b4d3b6eb44c861d4415007e5a35fc95 a4b7452e2ed8f5f191058ca7bbfd26b0d3214bfc 9b8f518b086098de3d77736f9458a3d2f6f95a37 cc2751449a350f668590264ed76692694a80308a
信息 应用程序记录日志信息,不得记录敏感信息
应用程序记录日志信息,不得记录敏感信息 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#logs Files: a/a.java, line(s) 186,178,305,311 a1/c.java, line(s) 403 a4/a.java, line(s) 24,34,29 a4/i0.java, line(s) 27 a5/a.java, line(s) 658,664,713,659,665,714 a8/p.java, line(s) 108,150,199,109,151,200 a8/s.java, line(s) 19,18 a9/a.java, line(s) 42,75,81,133 aa/b.java, line(s) 71,82 ad/a.java, line(s) 78,79 ae/d.java, line(s) 179,231,238,193,206 ak/f.java, line(s) 25,33,39,50 b0/e.java, line(s) 726,147,640 b4/g.java, line(s) 189 b9/a.java, line(s) 48 b9/b.java, line(s) 47,108 b9/d.java, line(s) 164,89,96,117,118,154,181,183,193,196 ba/d.java, line(s) 13 ba/l.java, line(s) 31,30,24 ba/m.java, line(s) 54,66 bd/c.java, line(s) 125 bd/d.java, line(s) 60,73,78,59,72 be/i.java, line(s) 45,64 c0/a.java, line(s) 147,150,151,152,156 c0/b.java, line(s) 233,92 c5/c.java, line(s) 82 c8/b.java, line(s) 65,83,102,121 c9/a.java, line(s) 46 c9/b.java, line(s) 17,28,55,69,76,38 c9/d.java, line(s) 15,25,48,59,37,70 c9/e.java, line(s) 38 c9/f.java, line(s) 15,25,48,58,71,37,83 cd/c.java, line(s) 57,111,53,110 com/applive/app/ui/activities/MyMainActivity.java, line(s) 649 com/bumptech/glide/b.java, line(s) 101,119,124,133,142,195,108,53,100,107,112,118,123,132,139,194,203,113,54 com/bumptech/glide/l.java, line(s) 218,219 com/bumptech/glide/load/data/b.java, line(s) 48,47 com/bumptech/glide/load/data/j.java, line(s) 38,87,153,37,86,90,96,102,152,99,103 com/bumptech/glide/load/data/l.java, line(s) 49,48 com/bumptech/glide/m.java, line(s) 93,87 com/iab/omid/library/ironsrc/utils/d.java, line(s) 17,10 com/ironsource/a.java, line(s) 34,118 com/ironsource/a7.java, line(s) 78 com/ironsource/adapters/admob/AdMobAdapter.java, line(s) 141,181,233,291,315,364,366,370,392,406,417 com/ironsource/adapters/admob/a.java, line(s) 46 com/ironsource/adapters/admob/banner/AdMobBannerAdListener.java, line(s) 73 com/ironsource/adapters/admob/banner/AdMobBannerAdapter.java, line(s) 154,61,176,191,279 com/ironsource/adapters/admob/banner/AdMobNativeBannerAdListener.java, line(s) 74,103 com/ironsource/adapters/admob/interstitial/AdMobInterstitialAdLoadListener.java, line(s) 43,27 com/ironsource/adapters/admob/interstitial/AdMobInterstitialAdShowListener.java, line(s) 56,44 com/ironsource/adapters/admob/interstitial/AdMobInterstitialAdapter.java, line(s) 151,47 com/ironsource/adapters/admob/nativead/AdMobNativeAdAdapter.java, line(s) 69,118 com/ironsource/adapters/admob/nativead/AdMobNativeAdData.java, line(s) 17,24,31,40,49 com/ironsource/adapters/admob/nativead/AdMobNativeAdListener.java, line(s) 56 com/ironsource/adapters/admob/rewardedvideo/AdMobRewardedVideoAdLoadListener.java, line(s) 34,44 com/ironsource/adapters/admob/rewardedvideo/AdMobRewardedVideoAdShowListener.java, line(s) 58,46 com/ironsource/adapters/admob/rewardedvideo/AdMobRewardedVideoAdapter.java, line(s) 81,105 com/ironsource/adapters/facebook/FacebookAdapter.java, line(s) 84,108,130,165,178 com/ironsource/adapters/facebook/banner/FacebookBannerAdListener.java, line(s) 61 com/ironsource/adapters/facebook/banner/FacebookBannerAdapter.java, line(s) 137,113,180 com/ironsource/adapters/facebook/interstitial/FacebookInterstitialAdListener.java, line(s) 55 com/ironsource/adapters/facebook/interstitial/FacebookInterstitialAdapter.java, line(s) 177,50,73,75,89 com/ironsource/adapters/facebook/nativead/FacebookNativeAdAdapter.java, line(s) 44,59,85 com/ironsource/adapters/facebook/nativead/FacebookNativeAdData.java, line(s) 21,28,35,48,58 com/ironsource/adapters/facebook/nativead/FacebookNativeAdListener.java, line(s) 103 com/ironsource/adapters/facebook/rewardedvideo/FacebookRewardedVideoAdListener.java, line(s) 55 com/ironsource/adapters/facebook/rewardedvideo/FacebookRewardedVideoAdapter.java, line(s) 50,128,200 com/ironsource/adapters/ironsource/IronSourceAdapter.java, line(s) 239,301,360,419,530,543,556,570,710,735,171,179,187,232,242,250,262,295,342,449,452,460,465,611,660,686,688,718 com/ironsource/adapters/ironsource/IronSourceInterstitialListener.java, line(s) 24,45,64,83 com/ironsource/adapters/ironsource/IronSourceRewardedVideoListener.java, line(s) 27,49,68,95 com/ironsource/adapters/supersonicads/SupersonicAdsAdapter.java, line(s) 183,184,185,200,202,205,223,235,309,345,354,392,394,419 com/ironsource/b3.java, line(s) 116,192 com/ironsource/de.java, line(s) 40,42,43,59,127,138,140 com/ironsource/eb.java, line(s) 66 com/ironsource/f1.java, line(s) 124 com/ironsource/ga.java, line(s) 106 com/ironsource/ge.java, line(s) 103 com/ironsource/h1.java, line(s) 349,368,387 com/ironsource/h3.java, line(s) 67,101,142 com/ironsource/ie.java, line(s) 160 com/ironsource/j1.java, line(s) 186,199,80,183,189,195,261,296 com/ironsource/j7.java, line(s) 24 com/ironsource/ja.java, line(s) 53,40,44 com/ironsource/k3.java, line(s) 16 com/ironsource/l1.java, line(s) 85,189,74,185,78 com/ironsource/l2.java, line(s) 52 com/ironsource/la.java, line(s) 82,104 com/ironsource/mediationsdk/AbstractAdapter.java, line(s) 415,421 com/ironsource/mediationsdk/IronSourceSegment.java, line(s) 201 com/ironsource/mediationsdk/a.java, line(s) 42,50 com/ironsource/mediationsdk/a0.java, line(s) 149,124,127 com/ironsource/mediationsdk/ads/nativead/LevelPlayNativeAd.java, line(s) 67 com/ironsource/mediationsdk/adunit/adapter/utility/AdInfo.java, line(s) 94 com/ironsource/mediationsdk/b0.java, line(s) 85,110 com/ironsource/mediationsdk/d.java, line(s) 299,322,281,445,448 com/ironsource/mediationsdk/demandOnly/c.java, line(s) 37 com/ironsource/mediationsdk/demandOnly/d.java, line(s) 86,153,354,370,426,61,73,96,99,161,172,183,191,224,237,243,264,322,328,331,345,351,375,436 com/ironsource/mediationsdk/demandOnly/f.java, line(s) 43 com/ironsource/mediationsdk/demandOnly/g.java, line(s) 96,127,392,59,72,100,103,196,216,228,237,261,270,301 com/ironsource/mediationsdk/demandOnly/k.java, line(s) 43 com/ironsource/mediationsdk/demandOnly/l.java, line(s) 99,129,175,60,73,103,106,234,254,291,300,315,324,369,401 com/ironsource/mediationsdk/demandOnly/m.java, line(s) 91 com/ironsource/mediationsdk/demandOnly/r.java, line(s) 24 com/ironsource/mediationsdk/demandOnly/s.java, line(s) 19 com/ironsource/mediationsdk/demandOnly/t.java, line(s) 19 com/ironsource/mediationsdk/demandOnly/u.java, line(s) 19 com/ironsource/mediationsdk/demandOnly/v.java, line(s) 19 com/ironsource/mediationsdk/e.java, line(s) 163,352,367,411 com/ironsource/mediationsdk/h0.java, line(s) 23,39,44 com/ironsource/mediationsdk/impressionData/ImpressionData.java, line(s) 105 com/ironsource/mediationsdk/integration/IntegrationHelper.java, line(s) 20,24,42,62,67,77,223,233,16,31,39,56,57,60,65,96,108,121,131,143,153,237,33 com/ironsource/mediationsdk/j.java, line(s) 61 com/ironsource/mediationsdk/j0.java, line(s) 29,35 com/ironsource/mediationsdk/logger/a.java, line(s) 39,34,32,36 com/ironsource/mediationsdk/m.java, line(s) 34 com/ironsource/mediationsdk/n.java, line(s) 64,90,123 com/ironsource/mediationsdk/o.java, line(s) 63,98 com/ironsource/mediationsdk/p.java, line(s) 584,587,592,601,608,619,643,646,651,660,667,679,1068,1718,1727,3009,582,640,1501,1629,1631,1639,1641,1664,1699,1708,340,402,2995,2999,3001,405,410 com/ironsource/mediationsdk/s.java, line(s) 382 com/ironsource/mediationsdk/t.java, line(s) 70 com/ironsource/mediationsdk/u.java, line(s) 60,81,142 com/ironsource/mediationsdk/utils/IronSourceAES.java, line(s) 77 com/ironsource/mediationsdk/utils/IronSourceUtils.java, line(s) 118,504 com/ironsource/mediationsdk/v.java, line(s) 29,35 com/ironsource/mediationsdk/w.java, line(s) 109,154,313,603,663,737,815,828,876,918,88,95,124,135,211,308,322,553,567,612,629,655,707,724,753,791,818,825,851,874,333,843,862,889,962 com/ironsource/mediationsdk/x.java, line(s) 86,169,230,239,69,127,138,162,166,172,237,294,342,366,415,457,462,482,359,369,420 com/ironsource/mediationsdk/y.java, line(s) 292 com/ironsource/n6.java, line(s) 24,58 com/ironsource/o2.java, line(s) 166,46,47,48,49,90 com/ironsource/q1.java, line(s) 82,144 com/ironsource/q4.java, line(s) 33 com/ironsource/q9.java, line(s) 37,39,40,42,80,112,124,129 com/ironsource/qd.java, line(s) 100 com/ironsource/r1.java, line(s) 117,194,212,95,182,203 com/ironsource/r6.java, line(s) 90 com/ironsource/r8.java, line(s) 41 com/ironsource/r9.java, line(s) 58 com/ironsource/rb.java, line(s) 396,454,617,655 com/ironsource/s1.java, line(s) 255,481,788,816,867,914,937,118,175,183,186,221,242,248,403,479,523,537,701,751,757,766,809,821,838,858,881,918,947 com/ironsource/s4.java, line(s) 54 com/ironsource/s6.java, line(s) 213,271,452,490 com/ironsource/sdk/controller/t.java, line(s) 193,722,801,829,914,936,983,1003,1079,1101,1118,1135,1289,1301,2087,2470,3112,3117,3128,3134,3144,3151,3160,3163,620 com/ironsource/sdk/service/Connectivity/BroadcastReceiverStrategy.java, line(s) 48 com/ironsource/sdk/utils/Logger.java, line(s) 11,17,23,29,39,47,52,58,64,70 com/ironsource/t0.java, line(s) 18 com/ironsource/t4.java, line(s) 62 com/ironsource/u.java, line(s) 15,33,51,63,81,96,108,120 com/ironsource/u1.java, line(s) 29 com/ironsource/v1.java, line(s) 204,245,305,317,593,643,677,683,160,183,193,233,280,570,577,633,662 com/ironsource/w1.java, line(s) 400 com/ironsource/y6.java, line(s) 104,139,161 com/ironsource/z2.java, line(s) 117 com/ironsource/z8.java, line(s) 27,40,52,64 com/onesignal/common/c.java, line(s) 18 com/onesignal/debug/internal/logging/a.java, line(s) 210,220,236,213,207,216 d5/n.java, line(s) 18,25,32,39,46 d7/m.java, line(s) 197,201,195 d7/p.java, line(s) 194,190 d8/i.java, line(s) 536,20,446,459 db/a.java, line(s) 190,223 dd/c.java, line(s) 45,66,54,55 dd/d.java, line(s) 42,85,78,82,41,65,71,84,66,72 dd/e.java, line(s) 18 e/k.java, line(s) 216,123 e5/c.java, line(s) 22,28,34 e5/n0.java, line(s) 468,467 e5/q.java, line(s) 56 e5/q0.java, line(s) 38 e7/c.java, line(s) 86,87,115,116,377 e8/h.java, line(s) 38,96,97,39 e9/b.java, line(s) 221,222 fa/b.java, line(s) 74,92 g/c.java, line(s) 32,39 g0/a0.java, line(s) 110,138,144,182,277,287,309,317,106,137,143,181,276,286,308,316,125,147,176,266 g0/e.java, line(s) 30 g0/f.java, line(s) 61 g0/k.java, line(s) 45 g1/a.java, line(s) 241,842,918,925,983,1075,1097,1110,1117,1340,1552,1605,1625,1639,1673,1690,1749,1796,1799,1843,1871,1875,1890,1911,1925,1960,1979,1987,1992,2052,2081,2095,2098,2163,2168,2174,2199,2230,2233,2236,2316,542,550,599,611,623,635,647,659,671,683,690,701,713,62,696,866,959,969,1545,2144,2187,2190,2256,2265 h0/a.java, line(s) 154 h9/j.java, line(s) 36,39,43,47,79,82,85,88,91 ha/f.java, line(s) 77,88 ha/h.java, line(s) 36 hc/e.java, line(s) 65,385,411,115,118,122,126,148,301 he/b.java, line(s) 30 i1/a.java, line(s) 28,84,93,106 i1/a0.java, line(s) 99,113 i1/a1.java, line(s) 54,82,129,147,156,166,247,255,263,271,297,309,318,355,375,388 i1/b1.java, line(s) 150,149,154 i1/g.java, line(s) 65,57 i1/g0.java, line(s) 1746,1747,1754,1760,397,316,455,952,1117,1209,1219,1240,1258,1288,1347,1389,1412,1419,1434,1447,1509,1686,1693,1799,1805,144,150,257,264,284,291 i1/h.java, line(s) 102 i1/j.java, line(s) 552,712,714,716,718,728,761,1026,1057,1058,1062,1064,1068,1138,1158,1177,1182,1203,1220,1242 i1/j0.java, line(s) 38,63,84,46,57,116,127 i1/l.java, line(s) 40 i1/n.java, line(s) 27,40 i1/n0.java, line(s) 68,82,193,360,404,449,498,580,624,656,669,784,811,816,848,901,1035,1064,349,481,707,932,1017,1111 i1/o.java, line(s) 93,223,234,236,358,366,386 i1/o0.java, line(s) 105,116 i1/p.java, line(s) 416,490,524,300 i1/y0.java, line(s) 12 i2/x.java, line(s) 73 i8/a.java, line(s) 44,45 id/f.java, line(s) 134 j/f.java, line(s) 175 j/i.java, line(s) 64 j/j.java, line(s) 763,780,1332,1682,1684,1686,1171,1180,1190,1199,1217,1226,816,2548,2680,2692,2953,2956,1581 j/k.java, line(s) 57 j/u.java, line(s) 309,310 j/v.java, line(s) 71,85,95,117,129 j/w.java, line(s) 35,47,34,58,107,59 j/x.java, line(s) 28,42,53 j0/f.java, line(s) 198,220,229,138,147 j0/i.java, line(s) 33 j1/c.java, line(s) 47,68 j8/d.java, line(s) 30,50,92,111,119 k0/d.java, line(s) 209,214 k0/e.java, line(s) 45 k0/f.java, line(s) 50 k0/g.java, line(s) 38 k0/h.java, line(s) 47,251 k0/m.java, line(s) 86 k4/j.java, line(s) 529,410 k7/d.java, line(s) 210,238,207,237 k7/e.java, line(s) 91,121,138,90,120,137 k8/a.java, line(s) 40,44 k8/c.java, line(s) 26,39 k9/a.java, line(s) 9,16,8,15 l8/e.java, line(s) 142,187 m7/a.java, line(s) 92,126,165,91,125,164 m8/j.java, line(s) 41,52,59 m8/k.java, line(s) 28 m8/l.java, line(s) 83,86 m9/d.java, line(s) 91,90 mb/b.java, line(s) 318 mj/b.java, line(s) 181 n5/k.java, line(s) 74 n5/s.java, line(s) 61 n5/u.java, line(s) 40 n7/b0.java, line(s) 61,125,60,115,124,116 n7/j.java, line(s) 485,144,187,484,312 n7/k.java, line(s) 136,137 n7/m.java, line(s) 18,149 n7/r.java, line(s) 82 n7/t.java, line(s) 32 n8/d.java, line(s) 114,130 n9/p.java, line(s) 194,193 nb/h.java, line(s) 34 o/f.java, line(s) 115,159,173,181,381 o0/k.java, line(s) 31 o1/a.java, line(s) 157,162,169,173,188,213 o4/a.java, line(s) 62 o7/i.java, line(s) 151,181,152,182 o7/j.java, line(s) 48,63,183,250,47,62,94,97,104,158,195,220,237,249,252,95,105,132,218,238 oa/a.java, line(s) 28,39 p2/i.java, line(s) 87,91 p7/d.java, line(s) 37,69,88,98,38,89,70,101 p7/i.java, line(s) 100,80 p8/a.java, line(s) 103,79 p8/f.java, line(s) 32 p8/k.java, line(s) 58,164 pa/o7.java, line(s) 50 pa/y2.java, line(s) 208 pa/z6.java, line(s) 428,445,427,3099,3357 q0/b.java, line(s) 55,58 q2/g.java, line(s) 68 q2/i.java, line(s) 119,125,131,137 q4/c.java, line(s) 54,58 q7/a.java, line(s) 94,93 qb/d.java, line(s) 113,147 qc/j.java, line(s) 61 r4/d.java, line(s) 87,195 r7/c.java, line(s) 42,41 r7/f.java, line(s) 95,94 r7/t.java, line(s) 65,66 r7/u.java, line(s) 56,64,76,83,57,65,79,86 r7/v.java, line(s) 46,45 ra/a.java, line(s) 92,97,118,138 rb/a.java, line(s) 28 s0/a.java, line(s) 306 s0/b.java, line(s) 40 s0/d0.java, line(s) 1122,1076,1121,472 s0/i0.java, line(s) 45,56 s0/p.java, line(s) 25,38,85,150,195,214,238 s0/y0.java, line(s) 191,210,849,861,868,877,43,182 s1/n.java, line(s) 22,28,34,66,72,78 s4/a.java, line(s) 58 sa/a.java, line(s) 76,99,186,259,268,85,93,106,203 sc/b.java, line(s) 15,16 sc/d.java, line(s) 10 sd/e.java, line(s) 268,510 t7/a.java, line(s) 78,79 tc/c.java, line(s) 51,52 tc/d.java, line(s) 25,44,26,45 te/a0.java, line(s) 24 te/c.java, line(s) 27,32,33 te/u.java, line(s) 37 te/w.java, line(s) 25 tj/h.java, line(s) 84,86 u7/b0.java, line(s) 187,210,251,256,186,209,250,255 u7/c.java, line(s) 54,53,63,93,94 u7/d.java, line(s) 20,21 u7/j.java, line(s) 19,25,20,26 u7/k.java, line(s) 163,170,282,292,307,321,351,392,400,405,414,417,422,431,162,169,281,291,304,320,350,391,395,404,413,416,421,430 u7/m.java, line(s) 95,519,747,94,461,517,559,625,708,724,746,767,778,493,572,626 u7/n.java, line(s) 27,31,28,32 u7/r.java, line(s) 73,78,89,94,112,121,126,74,79,90,95,122,127,113 u7/z.java, line(s) 77,86,100,78,87,101,102,103,106 u8/b.java, line(s) 20 u9/b.java, line(s) 67,80,56 u9/c.java, line(s) 85,102,80,101,128 u9/e.java, line(s) 51,76,117,44,70,111,67,94,133 u9/g.java, line(s) 10,9,9 u9/k.java, line(s) 23 u9/l.java, line(s) 45,101,110,40 u9/m.java, line(s) 42 u9/n.java, line(s) 75 u9/o.java, line(s) 32,71,28,64,82,104,134,154,162,83,105,135,155,163,40 u9/p.java, line(s) 27 u9/r.java, line(s) 31,45,23,37 u9/t.java, line(s) 57,52 u9/u.java, line(s) 25,45 u9/v.java, line(s) 39 ua/g.java, line(s) 41 ub/f.java, line(s) 283 uc/c.java, line(s) 42 uc/d.java, line(s) 32,26,43 ud/b.java, line(s) 58,69 uj/d.java, line(s) 44 v/b.java, line(s) 209,231 v4/a.java, line(s) 36 v9/d0.java, line(s) 31,34,55 v9/e.java, line(s) 70,180,185 v9/f.java, line(s) 104,34,114,154,162,167,171,184,192 v9/j.java, line(s) 30 v9/k.java, line(s) 217,219,117,148,152,214,41 v9/m.java, line(s) 31 v9/u.java, line(s) 43 v9/y.java, line(s) 97,101,39 vc/c.java, line(s) 14,8 vd/c.java, line(s) 263,266,82,92,255,257 w0/k.java, line(s) 18,17 w1/d0.java, line(s) 29,28 w1/t.java, line(s) 104 w4/t.java, line(s) 152,170 wc/b0.java, line(s) 39,63,80,25,28,70,35,57,66,71,76 wc/c0.java, line(s) 96,39,92 wc/e0.java, line(s) 34,45,55,28,39,51 wc/f.java, line(s) 58,89,180,234,177 wc/g0.java, line(s) 44,57,64,75,105,45,58,65,76,106,71,101 wc/i0.java, line(s) 132,41,131,42,97 wc/k.java, line(s) 18,24,27,17 wc/l.java, line(s) 23 wc/m.java, line(s) 59,66,67,141 wc/o.java, line(s) 21 wc/p.java, line(s) 41,25,40,26 wc/q.java, line(s) 110,232,258,298,325,464,697,871,812,838,109,136,231,257,297,319,324,380,416,426,431,463,472,481,696,737,745,752,802,807,840,860,870,137,381,417,427,473,482,738,746,753,803,808,861,294,304,315,430,432,502,524,561,588,799,843 wc/x.java, line(s) 91,115,47,101,120,122,124,72,90,114,73,43,96 wc/y.java, line(s) 35,36 wc/z.java, line(s) 174 x/d.java, line(s) 395 x0/b.java, line(s) 39 x4/d.java, line(s) 231,242 x4/i.java, line(s) 660 x9/b.java, line(s) 493,339,343,347,356,523 x9/b1.java, line(s) 22 x9/e.java, line(s) 65 x9/i0.java, line(s) 61 x9/p0.java, line(s) 110,126 x9/s.java, line(s) 80,83,86,89,92,95,103,106,109,112,150,155 x9/t0.java, line(s) 38,54 x9/v.java, line(s) 20 x9/z.java, line(s) 31,50 x9/z0.java, line(s) 34,41 xc/b.java, line(s) 35,79 xc/d.java, line(s) 111,138,39,110,137,66,117 xc/f.java, line(s) 60,101,112 xd/c0.java, line(s) 139,144,150,123,128,60,60 xd/d0.java, line(s) 40,58,111,177,34,34,55,55,110,171,189,198,213 xd/e.java, line(s) 808,1031,1034,77,88,109,148,188,202,210,218,228,238,254,256,492,699,803 xd/f0.java, line(s) 25,24 xd/g.java, line(s) 109,108,121,70,98,102,104 xd/g0.java, line(s) 47,51,56,71,96,124,146,104,109,128,46,50,55,70,93,123,145 xd/h.java, line(s) 61,60 xd/i.java, line(s) 46,73,82,66,68,85,91,94,45,72 xd/j.java, line(s) 22,21 xd/k.java, line(s) 39,53,38,52,25,50 xd/n.java, line(s) 79,76,107 xd/o.java, line(s) 44,24,27,37,43,38 xd/p.java, line(s) 68,77,67,46,56,74 xd/q.java, line(s) 73,61,92 xd/w.java, line(s) 35,51,34,50 xd/x.java, line(s) 28 xd/y.java, line(s) 40,58,102,98,141,34,34,52,52,101,111,114,120 xd/z.java, line(s) 15 xg/c.java, line(s) 62,87,97,61,86,149,156,162 y7/a.java, line(s) 64,134,141,146,72,135,142,147 y7/i.java, line(s) 40,41 ye/a.java, line(s) 26,29,20,23,18 z/e.java, line(s) 777,822,868
信息 此应用程序将数据复制到剪贴板。敏感数据不应复制到剪贴板,因为其他应用程序可以访问它
此应用程序将数据复制到剪贴板。敏感数据不应复制到剪贴板,因为其他应用程序可以访问它 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04b-Mobile-App-Security-Testing.md#clipboard Files: i2/y.java, line(s) 6,127,157
安全 此应用程序可能具有Root检测功能
此应用程序可能具有Root检测功能 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05j-Testing-Resiliency-Against-Reverse-Engineering.md#testing-root-detection-mstg-resilience-1 Files: w4/t.java, line(s) 114 wc/f.java, line(s) 217,217,220
安全 此应用程序使用SSL Pinning 来检测或防止安全通信通道中的MITM攻击
此应用程序使用SSL Pinning 来检测或防止安全通信通道中的MITM攻击 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05g-Testing-Network-Communication.md#testing-custom-certificate-stores-and-certificate-pinning-mstg-network-4 Files: tj/c.java, line(s) 80,79,78 tj/d.java, line(s) 114,104,124,112,112 tj/g.java, line(s) 83,82,81,81 tj/h.java, line(s) 253,241,251,251
关注 应用程序可能与位于OFAC制裁国家 (China) 的服务器 (googleads.g.doubleclick.net) 通信。
{'ip': '180.163.150.166', 'country_short': 'CN', 'country_long': 'China', 'region': 'Shanghai', 'city': 'Shanghai', 'latitude': '31.224333', 'longitude': '121.469139'}
关注 应用程序可能与位于OFAC制裁国家 (China) 的服务器 (app-measurement.com) 通信。
{'ip': '180.163.150.33', 'country_short': 'CN', 'country_long': 'China', 'region': 'Shanghai', 'city': 'Shanghai', 'latitude': '31.224333', 'longitude': '121.469139'}
关注 应用程序可能与位于OFAC制裁国家 (China) 的服务器 (pagead2.googlesyndication.com) 通信。
{'ip': '180.163.150.166', 'country_short': 'CN', 'country_long': 'China', 'region': 'Shanghai', 'city': 'Shanghai', 'latitude': '31.224333', 'longitude': '121.469139'}
关注 应用程序可能与位于OFAC制裁国家 (China) 的服务器 (firebase-settings.crashlytics.com) 通信。
{'ip': '180.163.150.162', 'country_short': 'CN', 'country_long': 'China', 'region': 'Shanghai', 'city': 'Shanghai', 'latitude': '31.224333', 'longitude': '121.469139'}