安全分析报告:
安全分数
安全分数 33/100
风险评级
等级
- A
- B
- C
- F
严重性分布 (%)
隐私风险
4
用户/设备跟踪器
调研结果
高危
23
中危
40
信息
2
安全
1
关注
13
高危 基本配置不安全地配置为允许到所有域的明文流量。
Scope: *
高危 基本配置配置为信任用户安装的证书。
Scope: *
高危 Activity (com.chance.tianmenbudayang.activity.oneshopping.OneShoppingORecordActivity) 的启动模式不是standard模式
Activity 不应将启动模式属性设置为 "singleTask/singleInstance",因为这会使其成为根 Activity,并可能导致其他应用程序读取调用 Intent 的内容。因此,当 Intent 包含敏感信息时,需要使用 "standard" 启动模式属性。
高危 Activity (com.chance.tianmenbudayang.activity.oneshopping.OneShoppingShopCartActivity) 的启动模式不是standard模式
Activity 不应将启动模式属性设置为 "singleTask/singleInstance",因为这会使其成为根 Activity,并可能导致其他应用程序读取调用 Intent 的内容。因此,当 Intent 包含敏感信息时,需要使用 "standard" 启动模式属性。
高危 Activity (com.chance.tianmenbudayang.wxapi.WXPayEntryActivity) is vulnerable to StrandHogg 2.0
已发现活动存在 StrandHogg 2.0 栈劫持漏洞的风险。漏洞利用时,其他应用程序可以将恶意活动放置在易受攻击的应用程序的活动栈顶部,从而使应用程序成为网络钓鱼攻击的易受攻击目标。可以通过将启动模式属性设置为“singleInstance”并设置空 taskAffinity (taskAffinity="") 来修复此漏洞。您还可以将应用的目标 SDK 版本 (28) 更新到 29 或更高版本以在平台级别修复此问题。
高危 Activity (cn.jpush.android.ui.PopWinActivity) is vulnerable to StrandHogg 2.0
已发现活动存在 StrandHogg 2.0 栈劫持漏洞的风险。漏洞利用时,其他应用程序可以将恶意活动放置在易受攻击的应用程序的活动栈顶部,从而使应用程序成为网络钓鱼攻击的易受攻击目标。可以通过将启动模式属性设置为“singleInstance”并设置空 taskAffinity (taskAffinity="") 来修复此漏洞。您还可以将应用的目标 SDK 版本 (28) 更新到 29 或更高版本以在平台级别修复此问题。
高危 Activity (cn.jpush.android.ui.PushActivity) is vulnerable to StrandHogg 2.0
已发现活动存在 StrandHogg 2.0 栈劫持漏洞的风险。漏洞利用时,其他应用程序可以将恶意活动放置在易受攻击的应用程序的活动栈顶部,从而使应用程序成为网络钓鱼攻击的易受攻击目标。可以通过将启动模式属性设置为“singleInstance”并设置空 taskAffinity (taskAffinity="") 来修复此漏洞。您还可以将应用的目标 SDK 版本 (28) 更新到 29 或更高版本以在平台级别修复此问题。
高危 Activity (cn.jpush.android.service.JNotifyActivity) is vulnerable to StrandHogg 2.0
已发现活动存在 StrandHogg 2.0 栈劫持漏洞的风险。漏洞利用时,其他应用程序可以将恶意活动放置在易受攻击的应用程序的活动栈顶部,从而使应用程序成为网络钓鱼攻击的易受攻击目标。可以通过将启动模式属性设置为“singleInstance”并设置空 taskAffinity (taskAffinity="") 来修复此漏洞。您还可以将应用的目标 SDK 版本 (28) 更新到 29 或更高版本以在平台级别修复此问题。
高危 Activity (com.alipay.sdk.app.PayResultActivity) 的启动模式不是standard模式
Activity 不应将启动模式属性设置为 "singleTask/singleInstance",因为这会使其成为根 Activity,并可能导致其他应用程序读取调用 Intent 的内容。因此,当 Intent 包含敏感信息时,需要使用 "standard" 启动模式属性。
高危 Activity (com.alipay.sdk.app.AlipayResultActivity) 的启动模式不是standard模式
Activity 不应将启动模式属性设置为 "singleTask/singleInstance",因为这会使其成为根 Activity,并可能导致其他应用程序读取调用 Intent 的内容。因此,当 Intent 包含敏感信息时,需要使用 "standard" 启动模式属性。
高危 Activity (com.alipay.sdk.app.AlipayResultActivity) is vulnerable to StrandHogg 2.0
已发现活动存在 StrandHogg 2.0 栈劫持漏洞的风险。漏洞利用时,其他应用程序可以将恶意活动放置在易受攻击的应用程序的活动栈顶部,从而使应用程序成为网络钓鱼攻击的易受攻击目标。可以通过将启动模式属性设置为“singleInstance”并设置空 taskAffinity (taskAffinity="") 来修复此漏洞。您还可以将应用的目标 SDK 版本 (28) 更新到 29 或更高版本以在平台级别修复此问题。
高危 Activity (com.alibaba.baichuan.android.trade.ui.AlibcBackActivity) 的启动模式不是standard模式
Activity 不应将启动模式属性设置为 "singleTask/singleInstance",因为这会使其成为根 Activity,并可能导致其他应用程序读取调用 Intent 的内容。因此,当 Intent 包含敏感信息时,需要使用 "standard" 启动模式属性。
高危 Activity (com.alibaba.baichuan.android.trade.ui.AlibcBackActivity) is vulnerable to StrandHogg 2.0
已发现活动存在 StrandHogg 2.0 栈劫持漏洞的风险。漏洞利用时,其他应用程序可以将恶意活动放置在易受攻击的应用程序的活动栈顶部,从而使应用程序成为网络钓鱼攻击的易受攻击目标。可以通过将启动模式属性设置为“singleInstance”并设置空 taskAffinity (taskAffinity="") 来修复此漏洞。您还可以将应用的目标 SDK 版本 (28) 更新到 29 或更高版本以在平台级别修复此问题。
高危 Activity (cn.sharesdk.tencent.qq.ReceiveActivity) 的启动模式不是standard模式
Activity 不应将启动模式属性设置为 "singleTask/singleInstance",因为这会使其成为根 Activity,并可能导致其他应用程序读取调用 Intent 的内容。因此,当 Intent 包含敏感信息时,需要使用 "standard" 启动模式属性。
高危 Activity (com.tencent.tauth.AuthActivity) 的启动模式不是standard模式
Activity 不应将启动模式属性设置为 "singleTask/singleInstance",因为这会使其成为根 Activity,并可能导致其他应用程序读取调用 Intent 的内容。因此,当 Intent 包含敏感信息时,需要使用 "standard" 启动模式属性。
高危 Activity (com.mob.MobTranActivity) is vulnerable to StrandHogg 2.0
已发现活动存在 StrandHogg 2.0 栈劫持漏洞的风险。漏洞利用时,其他应用程序可以将恶意活动放置在易受攻击的应用程序的活动栈顶部,从而使应用程序成为网络钓鱼攻击的易受攻击目标。可以通过将启动模式属性设置为“singleInstance”并设置空 taskAffinity (taskAffinity="") 来修复此漏洞。您还可以将应用的目标 SDK 版本 (28) 更新到 29 或更高版本以在平台级别修复此问题。
高危 Activity (com.chance.tianmenbudayang.wxapi.WXEntryActivity) is vulnerable to StrandHogg 2.0
已发现活动存在 StrandHogg 2.0 栈劫持漏洞的风险。漏洞利用时,其他应用程序可以将恶意活动放置在易受攻击的应用程序的活动栈顶部,从而使应用程序成为网络钓鱼攻击的易受攻击目标。可以通过将启动模式属性设置为“singleInstance”并设置空 taskAffinity (taskAffinity="") 来修复此漏洞。您还可以将应用的目标 SDK 版本 (28) 更新到 29 或更高版本以在平台级别修复此问题。
高危 如果一个应用程序使用WebView.loadDataWithBaseURL方法来加载一个网页到WebView,那么这个应用程序可能会遭受跨站脚本攻击
如果一个应用程序使用WebView.loadDataWithBaseURL方法来加载一个网页到WebView,那么这个应用程序可能会遭受跨站脚本攻击 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05h-Testing-Platform-Interaction.md#static-analysis-7 Files: com/reactnativecommunity/webview/RNCWebViewManager.java, line(s) 288,22,23
高危 应用程序使用带PKCS5/PKCS7填充的加密模式CBC。此配置容易受到填充oracle攻击。
应用程序使用带PKCS5/PKCS7填充的加密模式CBC。此配置容易受到填充oracle攻击。 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: com/ali/auth/third/core/rpc/a/a.java, line(s) 38 com/ali/auth/third/core/storage/aes/AESCrypt.java, line(s) 63,86 com/hyphenate/chat/adapter/EMAREncryptUtils.java, line(s) 134,137 com/hyphenate/util/CryptoUtils.java, line(s) 92,95
高危 应用程序在加密算法中使用ECB模式。ECB模式是已知的弱模式,因为它对相同的明文块[UNK]产生相同的密文
应用程序在加密算法中使用ECB模式。ECB模式是已知的弱模式,因为它对相同的明文块[UNK]产生相同的密文 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#weak-block-cipher-mode Files: com/hyphenate/chat/adapter/EMAREncryptUtils.java, line(s) 150,153 com/hyphenate/util/CryptoUtils.java, line(s) 70,73 com/iflytek/collector/light/proxy/a.java, line(s) 23
高危 SSL的不安全实现。信任所有证书或接受自签名证书是一个关键的安全漏洞。此应用程序易受MITM攻击
SSL的不安全实现。信任所有证书或接受自签名证书是一个关键的安全漏洞。此应用程序易受MITM攻击 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05g-Testing-Network-Communication.md#android-network-apis Files: com/chance/tianmenbudayang/wxapi/net/sourceforge/simcpux/copy/Util.java, line(s) 141,23,24,25
高危 不安全的Web视图实现。Web视图忽略SSL证书错误并接受任何SSL证书。此应用程序易受MITM攻击
不安全的Web视图实现。Web视图忽略SSL证书错误并接受任何SSL证书。此应用程序易受MITM攻击 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05g-Testing-Network-Communication.md#webview-server-certificate-verification Files: com/ali/auth/third/ui/webview/BaseWebViewClient.java, line(s) 27,40,23
高危 使用弱加密算法
使用弱加密算法 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: com/hyphenate/util/CryptoUtils.java, line(s) 92,95
中危 基本配置配置为信任系统证书。
Scope: *
中危 应用程序已启用明文网络流量
[android:usesCleartextTraffic=true] 应用程序打算使用明文网络流量,例如明文HTTP,FTP协议,DownloadManager和MediaPlayer。针对API级别27或更低的应用程序,默认值为“true”。针对API级别28或更高的应用程序,默认值为“false”。避免使用明文流量的主要原因是缺乏机密性,真实性和防篡改保护;网络攻击者可以窃听传输的数据,并且可以在不被检测到的情况下修改它。
中危 Activity (com.chance.tianmenbudayang.SchemaActivity) 未被保护。
存在一个intent-filter。 发现 Activity与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Activity是显式导出的。
中危 Activity (com.chance.tianmenbudayang.activity.WebViewActivity) 未被保护。
存在一个intent-filter。 发现 Activity与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Activity是显式导出的。
中危 Activity (com.chance.tianmenbudayang.activity.CartActivity) 未被保护。
存在一个intent-filter。 发现 Activity与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Activity是显式导出的。
中危 Activity (com.chance.tianmenbudayang.wxapi.WXPayEntryActivity) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Activity (cn.jpush.android.ui.PopWinActivity) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Activity (cn.jpush.android.ui.PushActivity) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Content Provider (cn.jpush.android.service.DataProvider) 未被保护。
[android:exported=true] 发现 Content Provider与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Content Provider (cn.jpush.android.service.DownloadProvider) 未被保护。
[android:exported=true] 发现 Content Provider与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Service (com.chance.tianmenbudayang.jpush.MyJService) 未被保护。
存在一个intent-filter。 发现 Service与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Service是显式导出的。
中危 Broadcast Receiver (com.chance.tianmenbudayang.jpush.MyWakedResultReceiver) 未被保护。
存在一个intent-filter。 发现 Broadcast Receiver与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Broadcast Receiver是显式导出的。
中危 Activity设置了TaskAffinity属性
(cn.jpush.android.service.JNotifyActivity) 如果设置了 taskAffinity,其他应用程序可能会读取发送到属于另一个任务的 Activity 的 Intent。为了防止其他应用程序读取发送或接收的 Intent 中的敏感信息,请始终使用默认设置,将 affinity 保持为包名
中危 Activity (cn.jpush.android.service.JNotifyActivity) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Service (com.hyphenate.chat.EMChatService) 未被保护。
[android:exported=true] 发现 Service与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Service (com.hyphenate.chat.EMJobService) 受权限保护, 但是应该检查权限的保护级别。
Permission: android.permission.BIND_JOB_SERVICE [android:exported=true] 发现一个 Service被共享给了设备上的其他应用程序,因此让它可以被设备上的任何其他应用程序访问。它受到一个在分析的应用程序中没有定义的权限的保护。因此,应该在定义它的地方检查权限的保护级别。如果它被设置为普通或危险,一个恶意应用程序可以请求并获得这个权限,并与该组件交互。如果它被设置为签名,只有使用相同证书签名的应用程序才能获得这个权限。
中危 Broadcast Receiver (com.hyphenate.chat.EMMonitorReceiver) 未被保护。
存在一个intent-filter。 发现 Broadcast Receiver与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Broadcast Receiver是显式导出的。
中危 Activity (com.alipay.sdk.app.PayResultActivity) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Activity (com.alipay.sdk.app.AlipayResultActivity) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Activity (com.alibaba.wireless.security.open.middletier.fc.ui.ContainerActivity) 未被保护。
存在一个intent-filter。 发现 Activity与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Activity是显式导出的。
中危 Activity (com.alibaba.alibclinkpartner.smartlink.ALPEntranceActivity) 未被保护。
存在一个intent-filter。 发现 Activity与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Activity是显式导出的。
中危 Activity (com.alibaba.baichuan.android.trade.ui.AlibcBackActivity) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Service (com.taobao.sophix.aidl.DownloadService) 未被保护。
[android:exported=true] 发现 Service与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Activity (cn.sharesdk.tencent.qq.ReceiveActivity) 未被保护。
存在一个intent-filter。 发现 Activity与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Activity是显式导出的。
中危 Service (com.mob.guard.MobGuardService) 未被保护。
[android:exported=true] 发现 Service与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Activity (com.mob.MobTranActivity) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Activity-Alias (com.chance.tianmenbudayang.wxapi.WXEntryActivity) 未被保护。
[android:exported=true] 发现 Activity-Alias与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 高优先级的Intent (1000)
[android:priority] 通过设置一个比另一个Intent更高的优先级,应用程序有效地覆盖了其他请求。
中危 应用程序使用不安全的随机数生成器
应用程序使用不安全的随机数生成器 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#weak-random-number-generators Files: com/ali/auth/third/core/rpc/protocol/a.java, line(s) 3 com/chance/tianmenbudayang/activity/luck/LuckCJDetailActivity.java, line(s) 62 com/chance/tianmenbudayang/alipay/AliPayHelper.java, line(s) 20 com/chance/tianmenbudayang/core/http/HttpParams.java, line(s) 27 com/chance/tianmenbudayang/videoplayer/render/effect/DocumentaryEffect.java, line(s) 6 com/chance/tianmenbudayang/videoplayer/render/effect/GrainEffect.java, line(s) 6 com/chance/tianmenbudayang/videoplayer/render/effect/LamoishEffect.java, line(s) 6 com/chance/tianmenbudayang/view/ZanView.java, line(s) 17 com/hyphenate/push/EMPushHelper.java, line(s) 17 mtopsdk/xstate/util/PhoneInfo.java, line(s) 8 org/jboss/netty/util/internal/ThreadLocalRandom.java, line(s) 3 org/kobjects/crypt/Crypt.java, line(s) 5 q/rorbin/badgeview/BadgeAnimator.java, line(s) 12 u/aly/by.java, line(s) 12
中危 文件可能包含硬编码的敏感信息,如用户名、密码、密钥等
文件可能包含硬编码的敏感信息,如用户名、密码、密钥等 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#checking-memory-for-sensitive-data-mstg-storage-10 Files: com/ali/auth/third/core/model/Constants.java, line(s) 21 com/ali/auth/third/core/service/impl/CredentialManager.java, line(s) 30 com/ali/auth/third/login/LoginComponent.java, line(s) 451 com/ali/auth/third/login/LoginConstants.java, line(s) 17 com/ali/auth/third/ui/support/ActivityResultHandler.java, line(s) 10 com/chance/tianmenbudayang/activity/ForumApplyHostActivity.java, line(s) 34 com/chance/tianmenbudayang/activity/NewsdetailsActivity.java, line(s) 58 com/chance/tianmenbudayang/activity/WebViewActivity.java, line(s) 94 com/chance/tianmenbudayang/activity/fragment/IndexMineFragment.java, line(s) 408,376,340,402,309,371,356,326,346,366,351,299,333,361,413,314,304 com/chance/tianmenbudayang/activity/fragment/InfoImagesItemFragment.java, line(s) 14 com/chance/tianmenbudayang/activity/mine/IndexMine1Fragment.java, line(s) 382,394,343,368,352,390,363,348,377,372,338,386 com/chance/tianmenbudayang/activity/mine/IndexMine2Fragment.java, line(s) 380,388,341,366,362,392,357,346,375,370,336,384 com/chance/tianmenbudayang/activity/mine/IndexMine4Fragment.java, line(s) 361,383,328,353,337,379,348,333,371,366,357,323,375 com/chance/tianmenbudayang/activity/mine/IndexMine6Fragment.java, line(s) 310,297,284,292,306,279,302,288 com/chance/tianmenbudayang/activity/mine/IndexMine7Fragment.java, line(s) 334,346,312,330,291,342,302,317,307,326,338 com/chance/tianmenbudayang/activity/oneshopping/OneShoppingOrderPayActivity.java, line(s) 41 com/chance/tianmenbudayang/activity/takeaway/SupermarketSearchActivity.java, line(s) 39,40 com/chance/tianmenbudayang/activity/takeaway/TakeAwayMode1Activity.java, line(s) 79 com/chance/tianmenbudayang/activity/takeaway/TakeAwayMode3Activity.java, line(s) 77 com/chance/tianmenbudayang/activity/takeaway/TakeAwaySearchResultActivity.java, line(s) 37 com/chance/tianmenbudayang/config/AppConfig.java, line(s) 117 com/chance/tianmenbudayang/config/Constant.java, line(s) 699,700,703,706,708,712,713,714,715,716,720,721,723,722,724,725,727,728,733,734,735,736,129,131,196,197,198 com/chance/tianmenbudayang/data/OrderBean.java, line(s) 121 com/chance/tianmenbudayang/data/find/PayAccountBean.java, line(s) 97,97 com/chance/tianmenbudayang/data/helper/GardenHelper.java, line(s) 18 com/chance/tianmenbudayang/data/laddergroup/LadderGroupOrderPaymentBean.java, line(s) 39,39 com/chance/tianmenbudayang/ease/EaseConstant.java, line(s) 6,20,30 com/chance/tianmenbudayang/ease/EaseSmileUtils.java, line(s) 20 com/chance/tianmenbudayang/jpush/ExampleUtil.java, line(s) 17 com/chance/tianmenbudayang/utils/MusicNumberPreferenceUtils.java, line(s) 8 com/chance/tianmenbudayang/wxapi/net/sourceforge/simcpux/copy/Constants.java, line(s) 4 com/chance/tianmenbudayang/zxingscan/decoding/Intents.java, line(s) 45 com/hyphenate/chat/MessageEncoder.java, line(s) 24,27 com/hyphenate/cloud/HttpClientConfig.java, line(s) 38 com/hyphenate/push/EMPushConfig.java, line(s) 209,209 com/hyphenate/util/CryptoUtils.java, line(s) 17 com/taobao/tao/remotebusiness/auth/AuthParam.java, line(s) 13 mtopsdk/a/a/c/e.java, line(s) 93 mtopsdk/a/a/c/f.java, line(s) 49 mtopsdk/mtop/a/a/a.java, line(s) 76,84,90,95 mtopsdk/mtop/a/b/a/a.java, line(s) 93 mtopsdk/mtop/common/MtopNetworkProp.java, line(s) 58 mtopsdk/mtop/global/MtopConfig.java, line(s) 140,123 mtopsdk/mtop/global/SwitchConfig.java, line(s) 145 mtopsdk/mtop/intf/MtopBuilder.java, line(s) 210 mtopsdk/mtop/intf/MtopSetting.java, line(s) 268 mtopsdk/xstate/c.java, line(s) 99
中危 应用程序可以读取/写入外部存储器,任何应用程序都可以读取写入外部存储器的数据
应用程序可以读取/写入外部存储器,任何应用程序都可以读取写入外部存储器的数据 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#external-storage Files: com/ali/auth/third/core/util/CommonUtils.java, line(s) 138,141 com/alibaba/mit/alitts/CommonUtils.java, line(s) 209 com/chance/tianmenbudayang/activity/ShowImageActivity.java, line(s) 211 com/chance/tianmenbudayang/activity/battery/BatteryShareActivity.java, line(s) 235 com/chance/tianmenbudayang/activity/ebusiness/EbussinessImageShareActivity.java, line(s) 177 com/chance/tianmenbudayang/activity/im/RecorderVideoActivity.java, line(s) 466 com/chance/tianmenbudayang/activity/information/VideoPictureBrowseActivity$3.java, line(s) 30 com/chance/tianmenbudayang/activity/rebate/PddShareImgFragment.java, line(s) 140 com/chance/tianmenbudayang/activity/rebate/TaobaoShareImgFragment.java, line(s) 160 com/chance/tianmenbudayang/cache/FileCache.java, line(s) 22 com/chance/tianmenbudayang/cache/FileDeskAllocator.java, line(s) 62,20,21,48,61 com/chance/tianmenbudayang/core/utils/FileUtils.java, line(s) 25,91 com/chance/tianmenbudayang/core/utils/ImageUtils.java, line(s) 162 com/chance/tianmenbudayang/ease/EaseCommonUtils.java, line(s) 24 com/chance/tianmenbudayang/ease/ImageCache.java, line(s) 162,208 com/chance/tianmenbudayang/service/DownLoadService.java, line(s) 51 com/chance/tianmenbudayang/utils/FileSizeUtil.java, line(s) 17,34,42 com/chance/tianmenbudayang/utils/SDCardHelper.java, line(s) 155,325,18,23,60,317 com/chance/tianmenbudayang/videoplayer/utils/FileUtils.java, line(s) 12 com/chance/tianmenbudayang/videoplayer/utils/StorageUtils.java, line(s) 18,33 com/chance/tianmenbudayang/view/popwindow/EBussinessFreeWindow.java, line(s) 221 com/chance/tianmenbudayang/view/popwindow/EBussinessPosterWindow.java, line(s) 194 com/chance/tianmenbudayang/view/popwindow/RecruitJobPosterWindow.java, line(s) 461 com/chance/tianmenbudayang/view/popwindow/RecruitMJobPosterWindow.java, line(s) 468 com/chance/tianmenbudayang/view/popwindow/TakeawayShopPosterWindow.java, line(s) 175 com/danikula/videocache/StorageUtils.java, line(s) 21,38 com/hyphenate/chat/a/a.java, line(s) 228 com/hyphenate/chat/a/b.java, line(s) 171 com/hyphenate/chat/a/d.java, line(s) 81 com/hyphenate/util/EasyUtils.java, line(s) 136 com/hyphenate/util/PathUtil.java, line(s) 86 com/jason/recordlibrary/utils/FileUtil.java, line(s) 12,13 com/tangyx/video/ffmpeg/FileUtils.java, line(s) 10,35 com/tencent/a/a/a/a/b.java, line(s) 19,28,49,51 u/aly/bs.java, line(s) 184 u/aly/j.java, line(s) 55,57
中危 MD5是已知存在哈希冲突的弱哈希
MD5是已知存在哈希冲突的弱哈希 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: com/ali/auth/third/core/storage/aes/MD5.java, line(s) 10 com/chance/tianmenbudayang/core/utils/CipherUtils.java, line(s) 14 com/chance/tianmenbudayang/core/utils/SystemTool.java, line(s) 146 com/chance/tianmenbudayang/ease/ImageCache.java, line(s) 172 com/chance/tianmenbudayang/utils/Util.java, line(s) 189 com/chance/tianmenbudayang/wxapi/net/sourceforge/simcpux/copy/MD5.java, line(s) 12 com/chance/tianmenbudayang/wxapi/net/sourceforge/simcpux/copy/MD5Util.java, line(s) 24 com/common/busi/CustomView.java, line(s) 58 com/danikula/videocache/ProxyCacheUtils.java, line(s) 70 com/hyphenate/chat/adapter/EMAREncryptUtils.java, line(s) 66 com/hyphenate/util/CryptoUtils.java, line(s) 84 com/taobao/tao/remotebusiness/b.java, line(s) 284 com/tencent/mm/a/b.java, line(s) 9 u/aly/cf.java, line(s) 35,52,72
中危 应用程序使用SQLite数据库并执行原始SQL查询。原始SQL查询中不受信任的用户输入可能会导致SQL注入。敏感信息也应加密并写入数据库
应用程序使用SQLite数据库并执行原始SQL查询。原始SQL查询中不受信任的用户输入可能会导致SQL注入。敏感信息也应加密并写入数据库 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04h-Testing-Code-Quality.md#injection-flaws-mstg-arch-2-and-mstg-platform-2 Files: com/chance/tianmenbudayang/base/BaseDBHelper.java, line(s) 4,52,53,56,57,40 com/chance/tianmenbudayang/core/manager/DBManager.java, line(s) 8,9,216 com/danikula/videocache/sourcestorage/DatabaseSourceInfoStorage.java, line(s) 6,7,28 com/hyphenate/chat/a/c.java, line(s) 6,7,438,439,442,443,173 com/hyphenate/chat/a/d.java, line(s) 8,9,91
中危 IP地址泄露
IP地址泄露 Files: com/chance/tianmenbudayang/videoplayer/video/StandardGSYVideoPlayer.java, line(s) 225 com/chance/tianmenbudayang/videoplayer/video/base/GSYVideoView.java, line(s) 487,728 com/danikula/videocache/HttpProxyCacheServer.java, line(s) 29 com/ut/mini/UTHybridHelper.java, line(s) 98,105 mtopsdk/xstate/util/PhoneInfo.java, line(s) 113 u/aly/t.java, line(s) 24
中危 确保用户控制的 URL 永远不会到达 Web 视图。在 WebView 中启用从 URL 访问文件可能会泄漏文件系统中的敏感信息
确保用户控制的 URL 永远不会到达 Web 视图。在 WebView 中启用从 URL 访问文件可能会泄漏文件系统中的敏感信息 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05h-Testing-Platform-Interaction.md#static-analysis-6 Files: com/chance/tianmenbudayang/utils/WebSettingUtils.java, line(s) 19,14
中危 SHA-1是已知存在哈希冲突的弱哈希
SHA-1是已知存在哈希冲突的弱哈希 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: com/ali/auth/third/core/util/SystemUtils.java, line(s) 21 com/chance/tianmenbudayang/wxapi/net/sourceforge/simcpux/copy/Util.java, line(s) 206 com/jg/ids/e/d.java, line(s) 75
中危 应用程序创建临时文件。敏感信息永远不应该被写进临时文件
应用程序创建临时文件。敏感信息永远不应该被写进临时文件 Files: com/hyphenate/util/ImageUtils.java, line(s) 100,141 fr/greweb/reactnativeviewshot/RNViewShotModule.java, line(s) 154
中危 不安全的Web视图实现。可能存在WebView任意代码执行漏洞
不安全的Web视图实现。可能存在WebView任意代码执行漏洞 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05h-Testing-Platform-Interaction.md#testing-javascript-execution-in-webviews-mstg-platform-5 Files: com/ali/auth/third/ui/webview/AuthWebView.java, line(s) 86,44
中危 应用程序包含隐私跟踪程序
此应用程序有多个4隐私跟踪程序。跟踪器可以跟踪设备或用户,是终端用户的隐私问题。
中危 此应用可能包含硬编码机密信息
从应用程序中识别出以下机密确保这些不是机密或私人信息 友盟统计的=> "UMENG_APPKEY" : "5e7c0674570df3b3300001a2" 环信 SDK的=> "EASEMOB_APPKEY" : "1120170314178853#cshlapp" 极光推送的=> "JPUSH_APPKEY" : "830989d3f3b80a30e05b97a4" 友盟统计的=> "UMENG_CHANNEL" : "Umeng" MobTech(袤博科技) 推送SDK的=> "Mob-AppSecret" : "06f3b8befd8304dab9c70ba167167c27" 高德地图的=> "com.amap.api.v2.apikey" : "c2f747893bbae5565ab07d49350d215a" MobTech(袤博科技) 推送SDK的=> "Mob-AppKey" : "12820eba39278" "ssdk_weibo_oauth_regiseter" : "Authorization" "ssdk_instapaper_pwd" : "Password" 9A04F079-9840-4286-AB92-E65BE0885F95 6X8Y4XdM2Vhvn0KfzcEatGnWaNU= C40D94F9BC286B36-5B8C9A915F6493DBC9595EB70DE05ACC 44656C69766572792D646174653A MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCt8H0BF3SquJmk6xIo2bTldgvtazLIeSbR4cle edef8ba9-79d6-4ace-a3c8-27dcd51d21ed nmOYRYZP042vWRcKZ6iQLdLYmyg6tIzjYVfH0f6YX8OLIU7fy0TA/c88rzwIDAQAB DCA6AF145BA3CBA2E5F1195B96F262A9 A2B55680-6F43-11E0-9A3F-0002A5D5C51B
信息 应用程序记录日志信息,不得记录敏感信息
应用程序记录日志信息,不得记录敏感信息 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#logs Files: cn/dreamtobe/percentsmoothhandler/SmoothHandler.java, line(s) 88,130,178 com/ali/auth/third/core/MemberSDK.java, line(s) 72 com/ali/auth/third/core/storage/aes/AESCrypt.java, line(s) 33,39,56,79 com/ali/auth/third/core/trace/SDKLogger.java, line(s) 23,32,41,50,59,118 com/ali/auth/third/core/util/CommonUtils.java, line(s) 132,157 com/ali/auth/third/mtop/rpc/impl/MtopRpcServiceImpl.java, line(s) 29,30 com/ali/auth/third/securityguard/SecurityGuardWrapper.java, line(s) 231 com/ali/auth/third/ui/NQRView.java, line(s) 258 com/chance/tianmenbudayang/MyReactActivity.java, line(s) 95,98,233 com/chance/tianmenbudayang/SchemaActivity.java, line(s) 38 com/chance/tianmenbudayang/SplashActivity.java, line(s) 164,168,570,574 com/chance/tianmenbudayang/activity/EvaluateOrderActivity.java, line(s) 151,160,163 com/chance/tianmenbudayang/activity/GLocationMapActivity.java, line(s) 465 com/chance/tianmenbudayang/activity/LoginActivity.java, line(s) 754,758 com/chance/tianmenbudayang/activity/MainActivity.java, line(s) 203 com/chance/tianmenbudayang/activity/RegisterActivity.java, line(s) 359,363 com/chance/tianmenbudayang/activity/battery/BatteryTaskDetailsActivity$4.java, line(s) 23 com/chance/tianmenbudayang/activity/coupon/CouponMapFragment.java, line(s) 488 com/chance/tianmenbudayang/activity/delivery/RunErrandsVipSendFragment.java, line(s) 204 com/chance/tianmenbudayang/activity/ebusiness/EbussinessActivityProdListActivity.java, line(s) 277 com/chance/tianmenbudayang/activity/ebusiness/EbussinessEvaluateSubmitActivity.java, line(s) 169,172,463 com/chance/tianmenbudayang/activity/ebusiness/EbussinessShopListActivity.java, line(s) 577 com/chance/tianmenbudayang/activity/ebusiness/EbussinessShopListFragment.java, line(s) 615 com/chance/tianmenbudayang/activity/find/FindShopListActivity.java, line(s) 613 com/chance/tianmenbudayang/activity/forum/ForumMyHomePagePersonalDataTabFragment.java, line(s) 150 com/chance/tianmenbudayang/activity/forum/ForumPublishHDActivity.java, line(s) 226,235,238 com/chance/tianmenbudayang/activity/forum/ForumPublishPostActivity.java, line(s) 224,233,236,749 com/chance/tianmenbudayang/activity/forum/ForumPublishVoteActivity.java, line(s) 165,169 com/chance/tianmenbudayang/activity/forum/ForumReplyMainPostActivity.java, line(s) 163,172,175 com/chance/tianmenbudayang/activity/forum/ForumSendTopicActivity.java, line(s) 120,151,160,163 com/chance/tianmenbudayang/activity/forum/ForumTopicDetailsActivity.java, line(s) 222 com/chance/tianmenbudayang/activity/forum/ForumVideoPayActivity.java, line(s) 63,168 com/chance/tianmenbudayang/activity/fragment/IndexNewHomeFragment$18.java, line(s) 43 com/chance/tianmenbudayang/activity/fragment/IndexNewHomeFragment$8.java, line(s) 14,18 com/chance/tianmenbudayang/activity/fragment/IndexNewHomeFragment.java, line(s) 564,567,577,596,600,603 com/chance/tianmenbudayang/activity/fragment/IndexNewHomeFragment1$13.java, line(s) 43 com/chance/tianmenbudayang/activity/fragment/IndexNewHomeFragment1$15.java, line(s) 26 com/chance/tianmenbudayang/activity/fragment/IndexNewHomeFragment1$8.java, line(s) 14,18 com/chance/tianmenbudayang/activity/fragment/IndexNewHomeFragment1.java, line(s) 533,536,546,565,569,572 com/chance/tianmenbudayang/activity/house/HousePublishActivity.java, line(s) 215,224,227 com/chance/tianmenbudayang/activity/im/EaseChatFragment.java, line(s) 218,1236 com/chance/tianmenbudayang/activity/im/EaseConversationListFragment.java, line(s) 371,384 com/chance/tianmenbudayang/activity/im/EaseShowVideoActivity.java, line(s) 59,70 com/chance/tianmenbudayang/activity/im/ImageGridFragment.java, line(s) 240 com/chance/tianmenbudayang/activity/im/NotificationInfoFragment.java, line(s) 440 com/chance/tianmenbudayang/activity/im/RecorderVideoActivity.java, line(s) 401,118,253,332,394,459,260,429,431 com/chance/tianmenbudayang/activity/information/InformationMainFragment.java, line(s) 170 com/chance/tianmenbudayang/activity/information/InformationPublicDetailActivity.java, line(s) 366 com/chance/tianmenbudayang/activity/information/InformationQuickReleaseActivity.java, line(s) 196,199,830 com/chance/tianmenbudayang/activity/information/InformationQuickUpdateActivity.java, line(s) 197,200,737 com/chance/tianmenbudayang/activity/information/ReleaseGuidePagesActivity.java, line(s) 129 com/chance/tianmenbudayang/activity/information/VideoFragment.java, line(s) 43,97 com/chance/tianmenbudayang/activity/information/car/CarSpecificReleaseActivity.java, line(s) 213,216,1199 com/chance/tianmenbudayang/activity/information/car/CarSpecificUpdateActivity.java, line(s) 206,209,1254 com/chance/tianmenbudayang/activity/information/house/BussinessTransferReleaseActivity.java, line(s) 219,222,839 com/chance/tianmenbudayang/activity/information/house/BussinessTransferUpdateActivity.java, line(s) 212,215,1070 com/chance/tianmenbudayang/activity/information/house/HouseLeaseReleaseActivity.java, line(s) 214,217,1085 com/chance/tianmenbudayang/activity/information/house/HouseLeaseUpdateActivity.java, line(s) 207,210,986 com/chance/tianmenbudayang/activity/information/house/HouseSellReleaseActivity.java, line(s) 210,213,1015 com/chance/tianmenbudayang/activity/information/house/HouseSellUpdateActivity.java, line(s) 202,205,948 com/chance/tianmenbudayang/activity/information/house/ShopRentalReleaseActivity.java, line(s) 206,209,946 com/chance/tianmenbudayang/activity/information/house/ShopRentalUpdateActivity.java, line(s) 197,200,855 com/chance/tianmenbudayang/activity/information/house/ShopTransferReleaseActivity.java, line(s) 207,210,951 com/chance/tianmenbudayang/activity/information/house/ShopTransferUpdateActivity.java, line(s) 198,201,881 com/chance/tianmenbudayang/activity/information/secondhand/SecondHandMarketReleaseActivity.java, line(s) 198,201,856 com/chance/tianmenbudayang/activity/information/secondhand/SecondHandMarketUpdateActivity.java, line(s) 189,192,832 com/chance/tianmenbudayang/activity/luck/LuckCJDetailActivity.java, line(s) 626 com/chance/tianmenbudayang/activity/luck/LuckShopListActivity.java, line(s) 431 com/chance/tianmenbudayang/activity/map/RideRouteActivity.java, line(s) 73,71 com/chance/tianmenbudayang/activity/map/RunErrandsRideRouteActivity.java, line(s) 116,120,127 com/chance/tianmenbudayang/activity/news/NewsEpisodeDetailsFragment$20.java, line(s) 26 com/chance/tianmenbudayang/activity/news/NewsEpisodeFragment$13.java, line(s) 26 com/chance/tianmenbudayang/activity/news/NewsMainContentFragment$9.java, line(s) 26 com/chance/tianmenbudayang/activity/news/NewsSearchActivity.java, line(s) 176 com/chance/tianmenbudayang/activity/news/NewsShortVideoDetailsFragment$2.java, line(s) 18 com/chance/tianmenbudayang/activity/news/NewsShortVideoDetailsFragment$24.java, line(s) 26 com/chance/tianmenbudayang/activity/news/NewsShortVideoDetailsFragment$3.java, line(s) 18 com/chance/tianmenbudayang/activity/news/NewsShortVideoDetailsFragment$4.java, line(s) 18 com/chance/tianmenbudayang/activity/news/NewsShortVideoDetailsFragment$5.java, line(s) 18 com/chance/tianmenbudayang/activity/news/NewsShortVideoDetailsFragment$7.java, line(s) 18 com/chance/tianmenbudayang/activity/news/NewsShortVideoDetailsFragment$8.java, line(s) 18 com/chance/tianmenbudayang/activity/news/NewsVideoDetailsFragment$18.java, line(s) 26 com/chance/tianmenbudayang/activity/news/NewsVideoFragment$11.java, line(s) 26 com/chance/tianmenbudayang/activity/oneshopping/OneShoppingPublishCommentActivity.java, line(s) 136,145,148 com/chance/tianmenbudayang/activity/rebate/TaobaoRebateDescriptionActivity.java, line(s) 84,88 com/chance/tianmenbudayang/activity/recruit/RecruitComMainPageActivity.java, line(s) 126,129 com/chance/tianmenbudayang/activity/recruit/RecruitForJobApplyFragment.java, line(s) 146 com/chance/tianmenbudayang/activity/recruit/RecruitForJobCollectFragment.java, line(s) 139 com/chance/tianmenbudayang/activity/recruit/RecruitPersonHuntingInfoActivity.java, line(s) 255 com/chance/tianmenbudayang/activity/recruit/RecruitRechargeMoneyActivity$4.java, line(s) 21 com/chance/tianmenbudayang/activity/recruit/RecruitResumeReceivedActivity.java, line(s) 243 com/chance/tianmenbudayang/activity/secretgarden/GardenMySecretDetailsActivity.java, line(s) 66 com/chance/tianmenbudayang/activity/secretgarden/GardenPutPicsSecretActivity.java, line(s) 152,161,164 com/chance/tianmenbudayang/activity/secretgarden/GardenPutVideoSecretActivity.java, line(s) 326,405 com/chance/tianmenbudayang/activity/secretgarden/GardenVideoOpenFragment.java, line(s) 564,581,617 com/chance/tianmenbudayang/activity/secretgarden/GardenWatchSecretActivity.java, line(s) 93 com/chance/tianmenbudayang/activity/takeaway/TakeAwayMainActivity.java, line(s) 66 com/chance/tianmenbudayang/activity/takeaway/TakeAwayMainFragment.java, line(s) 578 com/chance/tianmenbudayang/activity/takeaway/TakeAwayNewOrderEvaluationActivity.java, line(s) 174,183,186 com/chance/tianmenbudayang/activity/takeaway/TakeAwayNewSalesWebActivity.java, line(s) 128 com/chance/tianmenbudayang/activity/takeaway/TakeAwayWebViewFragment.java, line(s) 232 com/chance/tianmenbudayang/activity/usedinfo/UsedPublishActivity.java, line(s) 182,191,194 com/chance/tianmenbudayang/activity/user/LoginAccountFragment.java, line(s) 257,261 com/chance/tianmenbudayang/activity/user/LoginPhoneFragment.java, line(s) 372,376 com/chance/tianmenbudayang/activity/videoedit/RangeSeekBar.java, line(s) 181,270,296 com/chance/tianmenbudayang/activity/videoedit/RangeSeekBar2.java, line(s) 259,285,334 com/chance/tianmenbudayang/activity/videoedit/VideoEditActivity.java, line(s) 79,99,108,113,124,125,130,131,133,142,147,338,341,342,343,359,370,371,400,439,453,472 com/chance/tianmenbudayang/activity/videoedit/VideoExtractFrameAsyncUtils.java, line(s) 33 com/chance/tianmenbudayang/activity/videosynthesis/VideoSynthesisActivity.java, line(s) 357,362,380,533,537,609,614 com/chance/tianmenbudayang/activity/videosynthesis/VideoSynthesisLongActivity.java, line(s) 358,363,381,537,541,613,618 com/chance/tianmenbudayang/adapter/forum/ForumPublishImgTxtListAdapter.java, line(s) 132,139 com/chance/tianmenbudayang/adapter/news/NewsChannelAdapter.java, line(s) 259 com/chance/tianmenbudayang/adapter/secretgarden/GardenWatchSecretAdapter.java, line(s) 147 com/chance/tianmenbudayang/alipay/AliPayHelper.java, line(s) 57 com/chance/tianmenbudayang/base/BaseActivity.java, line(s) 431,330,480,487,495,502,510,517,455 com/chance/tianmenbudayang/base/BaseApplication.java, line(s) 173,176,180,416 com/chance/tianmenbudayang/base/BaseFragment.java, line(s) 140,147 com/chance/tianmenbudayang/base/SophixStubApplication.java, line(s) 33,35 com/chance/tianmenbudayang/cache/FileCache.java, line(s) 83 com/chance/tianmenbudayang/cache/ImageHelper.java, line(s) 56 com/chance/tianmenbudayang/cache/ThreadPoolManager.java, line(s) 32,43,67,86 com/chance/tianmenbudayang/core/http/CacheDispatcher.java, line(s) 47 com/chance/tianmenbudayang/core/http/DiskCache.java, line(s) 50,63,129,139,148,168,181,190,288 com/chance/tianmenbudayang/core/http/DownloadController.java, line(s) 37 com/chance/tianmenbudayang/core/http/FileRequest.java, line(s) 89,139 com/chance/tianmenbudayang/core/http/FormRequest.java, line(s) 57 com/chance/tianmenbudayang/core/http/HttpParams.java, line(s) 121,283 com/chance/tianmenbudayang/core/http/HttpSoapStack.java, line(s) 72,73 com/chance/tianmenbudayang/core/http/HttpUtils.java, line(s) 36,45 com/chance/tianmenbudayang/core/http/JsonRequest.java, line(s) 61 com/chance/tianmenbudayang/core/http/Network.java, line(s) 57,118,182,191,128 com/chance/tianmenbudayang/core/http/NetworkDispatcher.java, line(s) 62,52 com/chance/tianmenbudayang/core/http/OAsyncTask.java, line(s) 59,273,296 com/chance/tianmenbudayang/core/http/Request.java, line(s) 115,223 com/chance/tianmenbudayang/core/manager/BitmapManager.java, line(s) 641 com/chance/tianmenbudayang/core/manager/DBManager.java, line(s) 185,222,236,423 com/chance/tianmenbudayang/core/manager/HttpManager.java, line(s) 265,285,75 com/chance/tianmenbudayang/core/sharepreference/BaseSharePreference.java, line(s) 86 com/chance/tianmenbudayang/core/ui/SupportFragment.java, line(s) 73,77,82,87,92 com/chance/tianmenbudayang/core/utils/ImageUtils.java, line(s) 259 com/chance/tianmenbudayang/core/utils/OLog.java, line(s) 32,38,50,62,86,80,104,26,68,92,74,98 com/chance/tianmenbudayang/core/utils/PreferenceUtils.java, line(s) 41,82 com/chance/tianmenbudayang/core/utils/Utils.java, line(s) 62,68,78,56 com/chance/tianmenbudayang/data/helper/HttpHelper.java, line(s) 115 com/chance/tianmenbudayang/ease/EaseCommonUtils.java, line(s) 100 com/chance/tianmenbudayang/ease/EaseHelper$1.java, line(s) 15,20,25,28,31,37 com/chance/tianmenbudayang/ease/EaseHelper$3.java, line(s) 20,24 com/chance/tianmenbudayang/ease/EaseHelper$5.java, line(s) 45,64,69,74,75 com/chance/tianmenbudayang/ease/EaseHelper$6.java, line(s) 16,32 com/chance/tianmenbudayang/ease/EaseHelper.java, line(s) 104,174,304,191 com/chance/tianmenbudayang/ease/EaseImageUtils.java, line(s) 10,16 com/chance/tianmenbudayang/ease/EaseVoiceRecorder.java, line(s) 86,132,59,79 com/chance/tianmenbudayang/ease/VoicePlayClickListener.java, line(s) 89 com/chance/tianmenbudayang/jpush/Logger.java, line(s) 17,25,9,13,21 com/chance/tianmenbudayang/reactnative/CommonModule$7.java, line(s) 30 com/chance/tianmenbudayang/reactnative/CommonModule.java, line(s) 228,242,273,306,331,188 com/chance/tianmenbudayang/service/OffMsgService.java, line(s) 110,168,189,201 com/chance/tianmenbudayang/service/UploadImgService.java, line(s) 73,91,110,150,163,167,177,183,265,270,289,295,318,349,354 com/chance/tianmenbudayang/utils/BitmapUtil.java, line(s) 129 com/chance/tianmenbudayang/utils/BitmapUtils.java, line(s) 151 com/chance/tianmenbudayang/utils/DataToServerHelper.java, line(s) 56,60,68,72 com/chance/tianmenbudayang/utils/DateUtils.java, line(s) 1222,740 com/chance/tianmenbudayang/utils/DimenUtils.java, line(s) 20,21,36 com/chance/tianmenbudayang/utils/FileUtils.java, line(s) 385,286 com/chance/tianmenbudayang/utils/IOUtil.java, line(s) 191,80,85 com/chance/tianmenbudayang/utils/LBSUtils.java, line(s) 71,117,128,143,152,216,222,241 com/chance/tianmenbudayang/utils/PermissionUtils.java, line(s) 465,473,515,523,570,578,590,598,642,650,692,700,745,753 com/chance/tianmenbudayang/utils/PriceUtil.java, line(s) 85,125,156 com/chance/tianmenbudayang/utils/RegistJPushTagUtil.java, line(s) 33,38 com/chance/tianmenbudayang/utils/SoftKeyBoardListener.java, line(s) 28 com/chance/tianmenbudayang/utils/TTSController.java, line(s) 35 com/chance/tianmenbudayang/utils/UploadImgTask.java, line(s) 173,206,218,222,227,232,241 com/chance/tianmenbudayang/utils/UploadPicUtil.java, line(s) 149,161,165,179,191,291,292,312,342,220,221,222,268,286,350,365,433,440,441,402,403,417 com/chance/tianmenbudayang/utils/Util.java, line(s) 604,616 com/chance/tianmenbudayang/utils/ViewServer.java, line(s) 67,111,121,225,240,444 com/chance/tianmenbudayang/utils/amap/ToastUtil.java, line(s) 197 com/chance/tianmenbudayang/videoplayer/utils/Debuger.java, line(s) 42,49,55,20,31 com/chance/tianmenbudayang/videoplayer/view/SmallVideoTouch.java, line(s) 50,53,55,58,61 com/chance/tianmenbudayang/view/ExpandTextLayout.java, line(s) 78 com/chance/tianmenbudayang/view/MyRecyclerView.java, line(s) 32 com/chance/tianmenbudayang/view/behavior/VPScrollBehavior.java, line(s) 29,34,40,46,51,57,66,71,77,83,88,94,99,104,109,114,119,128 com/chance/tianmenbudayang/view/dialog/CartBuyNumberDialog.java, line(s) 169 com/chance/tianmenbudayang/view/dialog/RecruitCallPhoneDialog.java, line(s) 42,40 com/chance/tianmenbudayang/view/dialog/TaobaoAuthorizationDialog.java, line(s) 61,65 com/chance/tianmenbudayang/view/dialog/UpgradeVersionsDialog.java, line(s) 67,78 com/chance/tianmenbudayang/view/dialog/YellowPageCallPhoneDialog.java, line(s) 45,43 com/chance/tianmenbudayang/view/dialog/YellowPageCallTwoPhoneDialog.java, line(s) 41,39 com/chance/tianmenbudayang/view/dialog/luck/LuckBuyNumberDialog.java, line(s) 148,167 com/chance/tianmenbudayang/view/dialog/takeaway/TakeawayPlatformSendDialog.java, line(s) 184 com/chance/tianmenbudayang/view/dragsquareimage/DraggableItemView.java, line(s) 318 com/chance/tianmenbudayang/view/imageviewpager/photoview/PhotoViewAttacher.java, line(s) 261,290,324,686,721,738,42 com/chance/tianmenbudayang/view/percent/PercentLayoutHelper.java, line(s) 33,42,47,158,169,174,195,209,245,282,32,41,46,65,75,85,98,108,118,128,138,148,157,168,173,194,208,244,281,66,76,86,99,109,119,129,139,149 com/chance/tianmenbudayang/view/pic/BaseImageView.java, line(s) 86 com/chance/tianmenbudayang/view/popwindow/TopNavMenuWindow.java, line(s) 364 com/chance/tianmenbudayang/view/roundimage/RoundedDrawable.java, line(s) 102 com/chance/tianmenbudayang/view/roundimage/RoundedImageView.java, line(s) 259 com/chance/tianmenbudayang/view/swipe/menu/SwipeMenuLayout.java, line(s) 264 com/chance/tianmenbudayang/view/wheelview/adapter/AbstractWheelTextAdapter.java, line(s) 190 com/chance/tianmenbudayang/widget/LimitChWatcherText.java, line(s) 35 com/chance/tianmenbudayang/widget/SwipeRefreshLayout.java, line(s) 297,302,353 com/chance/tianmenbudayang/widget/ease/EaseChatPrimaryMenu.java, line(s) 113,127 com/chance/tianmenbudayang/widget/ease/chatrow/EaseChatRow.java, line(s) 73 com/chance/tianmenbudayang/widget/ease/chatrow/EaseChatRowVideo.java, line(s) 74,95 com/chance/tianmenbudayang/widget/ease/chatrow/EaseChatRowVoice.java, line(s) 72 com/chance/tianmenbudayang/widget/ease/chatrow/EaseChatRowVoicePlayClickListener.java, line(s) 131,94 com/chance/tianmenbudayang/widget/recyleview/CardSlideLayoutManager.java, line(s) 24 com/chance/tianmenbudayang/widget/recyleview/TanTanCallback.java, line(s) 117,137 com/chance/tianmenbudayang/wxapi/net/sourceforge/simcpux/copy/AppRegister.java, line(s) 14 com/chance/tianmenbudayang/wxapi/net/sourceforge/simcpux/copy/Util.java, line(s) 175,62,68,73,81,92,97,177,181,185,196,161 com/chance/tianmenbudayang/zxingscan/camera/AutoFocusCallback.java, line(s) 26 com/chance/tianmenbudayang/zxingscan/camera/CameraConfigurationManager.java, line(s) 35,38,48,53,84,46,104,121,171,182 com/chance/tianmenbudayang/zxingscan/camera/FlashlightManager.java, line(s) 18,20,60,71,80,83,86 com/chance/tianmenbudayang/zxingscan/camera/PreviewCallback.java, line(s) 36 com/chance/tianmenbudayang/zxingscan/decoding/CaptureActivityHandler.java, line(s) 50,55,67,71 com/chance/tianmenbudayang/zxingscan/decoding/DecodeHandler.java, line(s) 62 com/coder/ffmpeg/utils/FFmpegUtils.java, line(s) 29,35,97,103 com/coremedia/iso/boxes/sampleentry/AudioSampleEntry.java, line(s) 194 com/danikula/videocache/HttpProxyCacheDebuger.java, line(s) 50,57,63,28,39 com/handmark/pulltorefresh/library/OverscrollHelper.java, line(s) 56 com/handmark/pulltorefresh/library/PullToRefreshAdapterViewBase.java, line(s) 88,308,315,320 com/handmark/pulltorefresh/library/PullToRefreshBase.java, line(s) 184,384,465,633,684,706 com/handmark/pulltorefresh/library/PullToRefreshRecyclerView.java, line(s) 84,93 com/handmark/pulltorefresh/library/SoftKeyBoardListener.java, line(s) 28 com/handmark/pulltorefresh/library/internal/Utils.java, line(s) 9 com/hyphenate/a/a.java, line(s) 93,96,98,100,102 com/hyphenate/chat/EMChatManager.java, line(s) 205,219,264,284,380,395,403,410,617,806,820,537 com/hyphenate/chat/EMChatService.java, line(s) 26,38,71,74,33 com/hyphenate/chat/EMClient.java, line(s) 89,92,201,221,409,537,554,585,709,711,721,723,738,818,911,916,922,927,940,983,1059,373,377,696,697,698,99,108,480,494,1017,1025,1029 com/hyphenate/chat/EMConversation.java, line(s) 343 com/hyphenate/chat/EMEncryptUtils.java, line(s) 16,18,20,22,38,40,42,44,48 com/hyphenate/chat/EMExtraService.java, line(s) 40 com/hyphenate/chat/EMGroupManager.java, line(s) 412,975,1144,1308,1331,1338 com/hyphenate/chat/EMHeartBeatReceiver.java, line(s) 19 com/hyphenate/chat/EMMessage.java, line(s) 81,103,130,186,197,227,239,250 com/hyphenate/chat/EMMonitorReceiver.java, line(s) 15,22 com/hyphenate/chat/EMPushManager.java, line(s) 63,68,73,85,88 com/hyphenate/chat/EMSmartHeartBeat.java, line(s) 61,64,68,71,245,272,276,283,298,300,302,309,312,314,331,333,335,351,371,385,391,399,416,427,487,495,505,531,532,545,550,569,601,603,613,323,615 com/hyphenate/chat/EMVideoMessageBody.java, line(s) 73 com/hyphenate/chat/EMVoiceMessageBody.java, line(s) 37 com/hyphenate/chat/MessageEncoder.java, line(s) 53,174 com/hyphenate/chat/a/a.java, line(s) 142,149,155,159,166,175,180,182,184,185,189,203,108 com/hyphenate/chat/a/b.java, line(s) 68,90,94,95,220,221,235,266,231 com/hyphenate/chat/a/c.java, line(s) 102,107,117,169,206,243,280,318,355,372,404,501,509,519,550,612,710,191,227,265,303,339,389,424,602,532 com/hyphenate/chat/a/d.java, line(s) 83,98,112,122 com/hyphenate/chat/adapter/EMACallRtcImpl.java, line(s) 63,66 com/hyphenate/chat/adapter/EMAREncryptUtils.java, line(s) 39,47,90,100,110,120,140,143,156,159 com/hyphenate/chat/adapter/EMARHttpAPI.java, line(s) 87,92,172,209,266,287,348,83,107,113,117,124,175,176,179,181,273,326,331,338,342,351 com/hyphenate/cloud/CustomMultiPartEntity.java, line(s) 73 com/hyphenate/cloud/EMHttpClient.java, line(s) 83,89 com/hyphenate/cloud/HttpClientConfig.java, line(s) 95,117,69 com/hyphenate/cloud/a.java, line(s) 53,94 com/hyphenate/cloud/b.java, line(s) 66,120,122,127,154,214,242,270,282 com/hyphenate/notification/EMNotificationBuilder.java, line(s) 173 com/hyphenate/notification/a.java, line(s) 143 com/hyphenate/notification/a/a.java, line(s) 14 com/hyphenate/notification/a/b.java, line(s) 93 com/hyphenate/push/EMPushConfig.java, line(s) 87,107,110,117,128,139,155 com/hyphenate/push/EMPushHelper.java, line(s) 140,144,202,212,215,218,240,250,252,265,267,281,285,298,300,320,185,195 com/hyphenate/push/a/a.java, line(s) 65,97 com/hyphenate/push/platform/b/a.java, line(s) 22,26,31,35,40,53,59,68 com/hyphenate/push/platform/meizu/EMMzMsgReceiver.java, line(s) 17,21,32 com/hyphenate/push/platform/mi/EMMiMsgReceiver.java, line(s) 17,21,25,32,43 com/hyphenate/util/CryptoUtils.java, line(s) 76,98 com/hyphenate/util/EasyUtils.java, line(s) 92,124,129,188,197 com/hyphenate/util/HanziToPinyin.java, line(s) 55,79 com/hyphenate/util/ImageUtils.java, line(s) 48,93,95,106,118,128,147,157,158,166 com/hyphenate/util/NetUtils.java, line(s) 112,199,219,243,261,85,109 com/hyphenate/util/VoiceRecorder.java, line(s) 108,130,89,101 com/iflytek/collector/light/proxy/e.java, line(s) 10,26,20 com/jason/recordlibrary/RecordThread.java, line(s) 165 com/mp4parser/streaming/rawformats/H264TrackAdapter.java, line(s) 39,59 com/reactnativecommunity/webview/RNCWebViewManager.java, line(s) 138,140 com/reactnativecommunity/webview/RNCWebViewModule.java, line(s) 281 com/swmansion/gesturehandler/react/RNGestureHandlerRootHelper.java, line(s) 44,58 com/tangyx/video/ffmpeg/FFmpegCommands.java, line(s) 17,26,31,36,41,65 com/tangyx/video/ffmpeg/FFmpegRun.java, line(s) 26 com/tangyx/video/ffmpeg/VideoController.java, line(s) 103 com/taobao/tao/remotebusiness/MtopBusiness.java, line(s) 298,323,175,202,215,217,178,179,221,249,250,264,265,290,312,222,258 com/taobao/tao/remotebusiness/auth/RemoteAuth.java, line(s) 34,41,69,88,134,150,24,25,46,47,56,57,74,75,93,94,116,117,126,142 com/taobao/tao/remotebusiness/b.java, line(s) 45,63,85,105,125,141,226,233,247,273,297,41,58,120 com/taobao/tao/remotebusiness/b/c.java, line(s) 71,33,37,42,86,22,23,26,27,66,67,70,77,81 com/taobao/tao/remotebusiness/b/d.java, line(s) 33,37,42,50,22,23,26,27,78,79,90,101 com/taobao/tao/remotebusiness/b/f.java, line(s) 34,60,18,19,22,23,27,28,44,45,48,49,53,54 com/taobao/tao/remotebusiness/js/MtopJSBridge.java, line(s) 194,213,223,235,243,35,39,55,164,204,193,212,222,234,242 com/taobao/tao/remotebusiness/js/b.java, line(s) 28 com/taobao/tao/remotebusiness/js/c.java, line(s) 25 com/taobao/tao/remotebusiness/js/d.java, line(s) 25 com/taobao/tao/remotebusiness/login/RemoteLogin.java, line(s) 24,52,58,39,40,51,57,75,76 com/taobao/tao/remotebusiness/login/a.java, line(s) 46,49,54,57,60,89,95,123,134,149,155,133,148 com/taobao/tao/remotebusiness/login/b.java, line(s) 19,18 com/taobao/tao/remotebusiness/login/c.java, line(s) 39,54,38 com/taobao/tao/remotebusiness/login/d.java, line(s) 59,64,72,79,86,90,105,114,117,58,63,71,78,85,89,113 com/tencent/a/a/a/a/b.java, line(s) 26,32,48,38,56 com/tencent/a/a/a/a/c.java, line(s) 31,45 com/tencent/a/a/a/a/d.java, line(s) 22,31 com/tencent/a/a/a/a/e.java, line(s) 21,30 com/tencent/a/a/a/a/h.java, line(s) 13,39,60,43 com/transitionseverywhere/PathParser.java, line(s) 487,492 com/transitionseverywhere/utils/ReflectionUtils.java, line(s) 56,83,94 com/ut/mini/UTPageHitHelper.java, line(s) 350 com/ut/mini/internal/UTTeamWork.java, line(s) 78,80,89 com/yanzhenjie/permission/DefaultRequest.java, line(s) 178 com/zhy/android/percent/support/PercentLayoutHelper.java, line(s) 51,56,63,68,126,193,402,407,428,442,517,548,50,55,62,67,125,192,201,211,224,260,271,279,287,295,303,313,401,406,427,441,516,547,202,212,225,261,272,280,288,296,304,314 com/zmxv/RNSound/RNSoundModule.java, line(s) 120,144,163,175,189,200,211,222,195,217,380 fr/greweb/reactnativeviewshot/DebugViews.java, line(s) 26 fr/greweb/reactnativeviewshot/RNViewShotModule.java, line(s) 138,97 fr/greweb/reactnativeviewshot/ViewShot.java, line(s) 89,110 me/jessyan/autosize/utils/LogUtils.java, line(s) 23,35,29 mtopsdk/a/a/a/b.java, line(s) 63,64,91,92,106,107,121,122,135,136,148,149,166,167,181,185,186,187,207,208,230,231,242,243,21,134,163,164 mtopsdk/a/a/a/c.java, line(s) 64 mtopsdk/a/a/a/d.java, line(s) 40,28 mtopsdk/a/a/a/e.java, line(s) 38 mtopsdk/a/a/b/b.java, line(s) 28,44 mtopsdk/a/a/c/a.java, line(s) 59,92,36,37,49,50,77,78 mtopsdk/a/a/c/b.java, line(s) 33,37,47,52,85,36,46,51,84 mtopsdk/a/a/c/c.java, line(s) 44,51,26,27 mtopsdk/a/a/c/e.java, line(s) 31,44,62,75,92,101,63,76,93,102 mtopsdk/a/a/c/f.java, line(s) 28,48,29,49 mtopsdk/a/b/a/a.java, line(s) 38,68,27,28,37,41,42,57,58,67,71,72 mtopsdk/common/util/AsyncServiceBinder.java, line(s) 56,34,35,42,43,50,51 mtopsdk/common/util/MtopUtils.java, line(s) 38,61,72,120,137,146,151 mtopsdk/common/util/RemoteConfig.java, line(s) 134,151,154,161,172,194,198,292,83,84,91,92,96,97,101,102,106,107,111,112,116,117,121,122,126,127,137,138,142,143,164,165,175,176,201,202,204,216,222,223,238,239,252,253,278,279,286,287,236,250,265 mtopsdk/common/util/TBSdkLog.java, line(s) 42,47,56,62,81,97,193,213,117,133,153,173,251 mtopsdk/common/util/a.java, line(s) 20,40,41,50,24,51 mtopsdk/common/util/b.java, line(s) 43,62,46,63 mtopsdk/common/util/d.java, line(s) 20 mtopsdk/mtop/a/a/a.java, line(s) 25,76,84,90,95 mtopsdk/mtop/a/b/a/a.java, line(s) 93,128,153,159,167,180,196,210,259 mtopsdk/mtop/antiattack/a.java, line(s) 22,26,62,23,36,70 mtopsdk/mtop/common/DefaultMtopCallback.java, line(s) 14,22,30,11,19,27 mtopsdk/mtop/common/DefaultMtopListener.java, line(s) 14,11 mtopsdk/mtop/common/a/a.java, line(s) 33 mtopsdk/mtop/domain/MtopResponse.java, line(s) 195,182,296,181,194,295 mtopsdk/mtop/features/MtopFeatureManager.java, line(s) 116,117,46 mtopsdk/mtop/global/MtopConfig.java, line(s) 123,140,145,153,122,149,150 mtopsdk/mtop/global/SDKUtils.java, line(s) 24 mtopsdk/mtop/global/SwitchConfig.java, line(s) 145,70,71,82,83,112,113,124,125 mtopsdk/mtop/global/init/OpenMtopInitTask.java, line(s) 43,59,25,26,45,46,53,54,61,62,22 mtopsdk/mtop/intf/Mtop.java, line(s) 113,153,173,177,346,116,117,130,131,156,157,228,235,251,255,354 mtopsdk/mtop/intf/MtopBuilder.java, line(s) 210,426,209 mtopsdk/mtop/intf/MtopSetting.java, line(s) 63,64,76,77,89,90,97,98,105,106,153,154,167,168,176,183,184,198,199,207,208,215,216,224,225,233,234,267,268,300,301,331,332,342,343,353,354 mtopsdk/mtop/intf/a.java, line(s) 29,23 mtopsdk/mtop/intf/b.java, line(s) 17 mtopsdk/mtop/intf/c.java, line(s) 19,22,23,36,37,29 mtopsdk/mtop/intf/f.java, line(s) 61,90,60 mtopsdk/mtop/network/b.java, line(s) 36,50,56 mtopsdk/mtop/stat/b.java, line(s) 27,42,56,69 mtopsdk/mtop/util/MtopConvert.java, line(s) 14,20,28,36,42,49 mtopsdk/mtop/util/MtopSDKThreadPoolExecutorFactory.java, line(s) 61,66,147,163,172 mtopsdk/mtop/util/MtopStatistics.java, line(s) 415,422,457,254,255 mtopsdk/mtop/util/ReflectUtil.java, line(s) 109,133,197,199 mtopsdk/network/AbstractCallImpl.java, line(s) 70,74,113,118,45,55,56 mtopsdk/network/cookie/CookieManager.java, line(s) 32,47 mtopsdk/network/impl/DefaultCallFactory.java, line(s) 19 mtopsdk/network/impl/DefaultCallImpl.java, line(s) 109,149,187,99,203,79,80,81,119,120 mtopsdk/security/c.java, line(s) 40,56,58,60,67,70,87,89,98,103,108,122,125,193,205,218,228,232,237,244,264,267,270,39,63,64,83,84 mtopsdk/xstate/XState.java, line(s) 32,42,60,77,110,135,163,194,222,227,47,48,136,137,142,143,164,165,170,171,195,196,202,203,218,219 mtopsdk/xstate/XStateService.java, line(s) 29,31,49,51,35,36 mtopsdk/xstate/a/a.java, line(s) 20,21 mtopsdk/xstate/a/b.java, line(s) 20 mtopsdk/xstate/c.java, line(s) 93,99,108,23,37,45,58,67,75,41,42,70,71,92,98,107 mtopsdk/xstate/util/PhoneInfo.java, line(s) 35,60,100,125,138,151,164,176 net/simonvt/menudrawer/MenuDrawer.java, line(s) 832,836,840,844,848,851 org/greenrobot/eventbus/BackgroundPoster.java, line(s) 41 org/greenrobot/eventbus/EventBus.java, line(s) 290,428,430,439,172 org/greenrobot/eventbus/util/AsyncExecutor.java, line(s) 98 org/greenrobot/eventbus/util/ErrorDialogConfig.java, line(s) 34 org/greenrobot/eventbus/util/ErrorDialogManager.java, line(s) 185 org/greenrobot/eventbus/util/ExceptionToResourceMapping.java, line(s) 26 org/jboss/netty/channel/socket/nio/NioProviderMetadata.java, line(s) 338,340,341,342 org/jboss/netty/util/Version.java, line(s) 7 org/jboss/netty/util/internal/jzlib/ZStream.java, line(s) 135 org/kobjects/crypt/Crypt.java, line(s) 200 org/kobjects/mime/Decoder.java, line(s) 84 org/kobjects/pim/PimParser.java, line(s) 43,47,58 org/kxml2/io/KXmlParser.java, line(s) 586 u/aly/bt.java, line(s) 37,43,22,28,30,10,16,49,55,61,67,69
信息 此应用程序将数据复制到剪贴板。敏感数据不应复制到剪贴板,因为其他应用程序可以访问它
此应用程序将数据复制到剪贴板。敏感数据不应复制到剪贴板,因为其他应用程序可以访问它 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04b-Mobile-App-Security-Testing.md#clipboard Files: com/chance/tianmenbudayang/activity/rebate/RebateSearchActivity.java, line(s) 4,122,129 com/chance/tianmenbudayang/activity/rebate/TaoBaoHomeFragment.java, line(s) 4,447,454
安全 此应用程序使用SSL Pinning 来检测或防止安全通信通道中的MITM攻击
此应用程序使用SSL Pinning 来检测或防止安全通信通道中的MITM攻击 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05g-Testing-Network-Communication.md#testing-custom-certificate-stores-and-certificate-pinning-mstg-network-4 Files: com/chance/tianmenbudayang/wxapi/net/sourceforge/simcpux/copy/Util.java, line(s) 109,141 com/hyphenate/cloud/HttpClientConfig.java, line(s) 114,70,97,112,112
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (login.waptest.tbsandbox.com) 通信。
{'ip': '140.205.69.8', 'country_short': 'CN', 'country_long': '中国', 'region': '浙江', 'city': '杭州', 'latitude': '30.293650', 'longitude': '120.161583'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (isb.21chance.com) 通信。
{'ip': '221.227.232.106', 'country_short': 'CN', 'country_long': '中国', 'region': '江苏', 'city': '南通', 'latitude': '32.030296', 'longitude': '120.874779'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (taobao.com) 通信。
{'ip': '59.82.29.142', 'country_short': 'CN', 'country_long': '中国', 'region': '浙江', 'city': '杭州', 'latitude': '30.293650', 'longitude': '120.161583'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (lbs.amap.com) 通信。
{'ip': '59.82.29.142', 'country_short': 'CN', 'country_long': '中国', 'region': '广东', 'city': '惠州', 'latitude': '39.509766', 'longitude': '116.693001'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (qrlogin.taobao.com) 通信。
{'ip': '59.82.29.142', 'country_short': 'CN', 'country_long': '中国', 'region': '浙江', 'city': 'to de Campos\x06Humble\x08Humboldt\x05Humby\x04Hume\x07Humenne\x0bHumilladero\tHumlebaek\x06Hummel\tHummelsta\x0bHummelstown\tHummersen\x08Humpo', 'latitude': '30.293650', 'longitude': '120.161583'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (login.wapa.taobao.com) 通信。
{'ip': '59.82.122.140', 'country_short': 'CN', 'country_long': '中国', 'region': '浙江', 'city': '杭州', 'latitude': '30.293650', 'longitude': '120.161583'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (logconf.iflytek.com) 通信。
{'ip': '103.8.33.178', 'country_short': 'CN', 'country_long': '中国', 'region': '安徽', 'city': '合肥', 'latitude': '31.863815', 'longitude': '117.280830'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (www.mob.com) 通信。
{'ip': '104.18.20.237', 'country_short': 'CN', 'country_long': '中国', 'region': '江苏', 'city': '扬州', 'latitude': '32.397221', 'longitude': '119.435600'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (www.p.pinduoduo.com) 通信。
{'ip': '45.113.201.237', 'country_short': 'CN', 'country_long': '中国', 'region': '北京', 'city': '北京', 'latitude': '39.907501', 'longitude': '116.397102'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (www.21chance.com) 通信。
{'ip': '58.215.114.59', 'country_short': 'CN', 'country_long': '中国', 'region': '江苏', 'city': '无锡', 'latitude': '31.569349', 'longitude': '120.288788'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (is.21chance.com) 通信。
{'ip': '58.220.53.82', 'country_short': 'CN', 'country_long': '中国', 'region': '江苏', 'city': '扬州', 'latitude': '32.397221', 'longitude': '119.435600'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (image.21chance.com) 通信。
{'ip': '114.215.78.84', 'country_short': 'CN', 'country_long': '中国', 'region': '山东', 'city': '青岛', 'latitude': '36.098610', 'longitude': '120.371941'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (log.iflytek.com) 通信。
{'ip': '103.8.33.178', 'country_short': 'CN', 'country_long': '中国', 'region': '安徽', 'city': '合肥', 'latitude': '31.863815', 'longitude': '117.280830'}